1 | <?php
|
---|
2 |
|
---|
3 | /************************************************************************/
|
---|
4 | /* Eleonline - Raccolta e diffusione dei dati elettorali */
|
---|
5 | /* by Luciano Apolito & Roberto Gigli */
|
---|
6 | /* http://www.eleonline.it */
|
---|
7 | /* info@eleonline.it luciano@aniene.net rgigli@libero.it */
|
---|
8 | /************************************************************************/
|
---|
9 |
|
---|
10 | define('MODULE_FILE', true);
|
---|
11 |
|
---|
12 | // Additional security (Union, CLike, XSS)
|
---|
13 | // We want to use the function stripos,
|
---|
14 | // but thats only available since PHP5.
|
---|
15 | // So we cloned the function...
|
---|
16 | if(!function_exists('stripos')) {
|
---|
17 | function stripos_clone($haystack, $needle, $offset=0) {
|
---|
18 | return strpos(strtoupper($haystack), strtoupper($needle), $offset);
|
---|
19 | }
|
---|
20 | } else {
|
---|
21 | // But when this is PHP5, we use the original function
|
---|
22 | function stripos_clone($haystack, $needle, $offset=0) {
|
---|
23 | return stripos($haystack, $needle, $offset=0);
|
---|
24 | }
|
---|
25 | }
|
---|
26 |
|
---|
27 | if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") || !stripos_clone($_SERVER['QUERY_STRING'], "url"))) {
|
---|
28 | $queryString = $_SERVER['QUERY_STRING'];
|
---|
29 | if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'..') OR stripos_clone($queryString,'+') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {
|
---|
30 | die('Operazione non consentita');
|
---|
31 | }
|
---|
32 | }
|
---|
33 |
|
---|
34 | foreach ($_GET as $sec_key => $secvalue) {
|
---|
35 | if ((preg_match("/<[^>]*script*\"?[^>]*>/i",$secvalue)) ||
|
---|
36 | (preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) ||
|
---|
37 | (preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) ||
|
---|
38 | (preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) ||
|
---|
39 | (preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue)) ||
|
---|
40 | (preg_match("/<[^>]*style*\"?[^>]*>/i", $secvalue)) ||
|
---|
41 | (preg_match("/<[^>]*form*\"?[^>]*>/i", $secvalue)) ||
|
---|
42 | (preg_match("/<[^>]*img*\"?[^>]*>/i", $secvalue)) ||
|
---|
43 | (preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) ||
|
---|
44 | (preg_match("/<[^>]*body*\"?[^>]*>/i", $secvalue)) ||
|
---|
45 | (preg_match("/\([^>]*\"?[^)]*\)/", $secvalue)) ||
|
---|
46 | (preg_match("/\"/", $secvalue)) ||
|
---|
47 | (preg_match("/inside_mod/i", $sec_key))) {
|
---|
48 | die ("Operazione non consentita");
|
---|
49 | }
|
---|
50 | }
|
---|
51 |
|
---|
52 | foreach ($_POST as $secvalue) {
|
---|
53 | if ((preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]script*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*body*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]style*\"?[^>]*>/i", $secvalue))) {
|
---|
54 | die ($htmltags);
|
---|
55 | }
|
---|
56 | }
|
---|
57 |
|
---|
58 | // Posting from other servers in not allowed
|
---|
59 | // Fix by Quake
|
---|
60 | // Bug found by PeNdEjO
|
---|
61 | if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
---|
62 | if (isset($_SERVER['HTTP_REFERER'])) {
|
---|
63 | if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
|
---|
64 | die('Posting da un altro server non consentito!');
|
---|
65 | } else {
|
---|
66 | # die('<b>Attenzione:</b> il tuo browser non puo inviare gli header HTTP_REFERER al website.<br/>');
|
---|
67 | }
|
---|
68 | }
|
---|
69 | }
|
---|
70 |
|
---|
71 |
|
---|
72 | function jsexist(){ // controlla javascript by l.apolito 2008
|
---|
73 | global $op,$name;
|
---|
74 | if(!isset($_GET['js'])){
|
---|
75 | $querystring= @preg_replace('/'.$_SERVER['DOCUMENT_ROOT'].'/i','http://'.$_SERVER['HTTP_HOST'].'/',$_SERVER['SCRIPT_FILENAME']);
|
---|
76 | if (preg_match("/modules.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="name=$name"; // reindirizza
|
---|
77 | if (preg_match("/admin.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="op=$op"; // reindirizza
|
---|
78 | echo "<noscript><meta http-equiv=\"refresh\" content=\"0; url=".$querystring."?js=b&$pagina\"/></noscript>";
|
---|
79 | }
|
---|
80 | $js=$_GET['js'];
|
---|
81 | return $js;
|
---|
82 | }
|
---|
83 |
|
---|
84 |
|
---|
85 |
|
---|
86 |
|
---|
87 |
|
---|
88 |
|
---|
89 | session_start();//MODIFICHE PER GESTIONE SESSIONI
|
---|
90 | if (!count($_SESSION)) $_SESSION['op']='gruppo';
|
---|
91 | // apre database
|
---|
92 | ////////////////////////
|
---|
93 | if (file_exists("config.php")) { @require_once("config.php");$install="";}else{ $install="1";}
|
---|
94 |
|
---|
95 |
|
---|
96 |
|
---|
97 | # verifica se effettuata la configurazione
|
---|
98 | if(empty($dbname) || $install=="1") {
|
---|
99 | die("<html><body><div style=\"text-align:center\"><br /><br /><img src=\"modules/Elezioni/images/logo.jpg\" alt=\"Eleonline\" title=\"Eleonline\"><br /><br /><strong>Sembra che <a href='http://www.eleonline.it' title='Eleonline'>Eleonline</a> non sia stato ancora installato.<br /><br />Puoi procedere <a href='../install/index.php'>cliccando qui</a> per iniziare l'installazione</strong></div></body></html>");
|
---|
100 | }
|
---|
101 |
|
---|
102 |
|
---|
103 | $dbi = new PDO("mysql:host=$dbhost;charset=utf8", $dbuname, $dbpass, array(PDO::ATTR_EMULATE_PREPARES => false,
|
---|
104 | PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION));
|
---|
105 | $sql = "use $dbname";
|
---|
106 | $dbi->exec($sql);
|
---|
107 | $sth = $dbi->prepare("SET SESSION character_set_connection = 'utf8' ");
|
---|
108 | $sth->execute();
|
---|
109 | $sth = $dbi->prepare("SET SESSION character_set_client = 'utf8' ");
|
---|
110 | $sth->execute();
|
---|
111 | $sth = $dbi->prepare("SET SESSION character_set_database = 'utf8' ");
|
---|
112 | $sth->execute();
|
---|
113 | $sth = $dbi->prepare("SET CHARACTER SET utf8");
|
---|
114 | $sth->execute();
|
---|
115 |
|
---|
116 | $sth = $dbi->prepare("SET NAMES 'utf8'");
|
---|
117 | $sth->execute();
|
---|
118 |
|
---|
119 | # protezione csrf ottobre 2012 - by l.apolito
|
---|
120 | if (file_exists("inc/csrf-magic/csrf-magic.php")) {
|
---|
121 | include_once 'inc/csrf-magic/csrf-magic.php';
|
---|
122 | }
|
---|
123 |
|
---|
124 |
|
---|
125 | $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
|
---|
126 | if (isset($param['id_comune'])) $id_comune=intval($param['id_comune']); #else $id_comune=$siteistat;
|
---|
127 | if (isset($param['id_cons_gen'])) $id_cons_gen=intval($param['id_cons_gen']);
|
---|
128 |
|
---|
129 | # carica i parametri di default sulla tabella
|
---|
130 | $sql = $dbi->prepare("SELECT * FROM ".$prefix."_config");
|
---|
131 | $sql->execute();
|
---|
132 | while($riga = $sql->fetchAll(PDO::FETCH_ASSOC)){$row=$riga[0];
|
---|
133 | $sitename = stripslashes($row['sitename']);
|
---|
134 | $siteurl = $row['siteurl'];
|
---|
135 | $site_logo = $row['site_logo'];
|
---|
136 | $startdate = $row['startdate'];
|
---|
137 | $adminmail = $row['adminmail'];
|
---|
138 | $tema = $row['tema'];
|
---|
139 | $language = $row['language'];
|
---|
140 | $blocco = intval($row['blocco']);
|
---|
141 | $fileout = intval($row['fileout']);
|
---|
142 | $copyright = $row['copyright'];
|
---|
143 | $Versione = $row['versione'];
|
---|
144 | $patch = $row['patch'];
|
---|
145 | $siteistat = intval($row['siteistat']);
|
---|
146 | $multicomune = intval($row['multicomune']);
|
---|
147 | $flash = intval($row['flash']);
|
---|
148 | $displayerrors = $row['displayerrors'];
|
---|
149 | $gkey = $row['gkey'];
|
---|
150 | $googlemaps = intval($row['googlemaps']);
|
---|
151 | $editor = intval($row['editor']);
|
---|
152 | $tema_on = intval($row['tema_on']);
|
---|
153 | $ed_user = $row['ed_user'];
|
---|
154 | #tema mobile
|
---|
155 | }
|
---|
156 |
|
---|
157 |
|
---|
158 |
|
---|
159 | # altre config
|
---|
160 | $sql = $dbi->prepare("SELECT * FROM ".$prefix."_ele_comuni where id_comune='$siteistat' ");
|
---|
161 | $sql->execute();
|
---|
162 | $riga = $sql->fetchAll(PDO::FETCH_ASSOC);
|
---|
163 | $row=$riga[0];
|
---|
164 | $id_cons_pred = intval($row['id_cons']);
|
---|
165 | if($id_cons_pred=='0')$id_cons_pred='';
|
---|
166 | if(!isset($id_cons_gen)) $id_cons_gen=$id_cons_pred;
|
---|
167 | # carica il metodo d'hontd
|
---|
168 | ##$sql = $dbi->prepare("SELECT * FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' ");
|
---|
169 | ##$sql->execute();
|
---|
170 |
|
---|
171 | $param=strip_tags(strtolower($_SERVER['REQUEST_METHOD'])) == 'get' ? $_GET : $_POST;
|
---|
172 | ////////////////////
|
---|
173 | #funzione di backup
|
---|
174 | if (isset($param['op']) and $param['op']=='backup')
|
---|
175 | {
|
---|
176 | $id_cons_bak=intval($param['id_cons_gen']);
|
---|
177 | if (isset($param['id_comune'])) $id_combak=intval($param['id_comune']); else $id_combak=$_SESSION['id_comune'];
|
---|
178 | $sql = $dbi->prepare("SELECT id_cons,id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_bak' and id_comune='$id_combak'");
|
---|
179 | $sql->execute();
|
---|
180 | list($id_cons,$hondt) = $sql->fetch(PDO::FETCH_NUM);
|
---|
181 |
|
---|
182 | // incluso in consiglieri.php, ma io carico le vecchie variabili per compatibilit'a all'indietro
|
---|
183 | if($hondt>=1){
|
---|
184 | # proiezione consiglio
|
---|
185 | $res2 = $dbi->prepare("SELECT * FROM ".$prefix."_ele_conf where id_conf='$hondt'");
|
---|
186 | $res2->execute();
|
---|
187 | $row=$res2->fetch(PDO::FETCH_ASSOC);
|
---|
188 |
|
---|
189 | $descrizione_consiglio = $row['descrizione'];
|
---|
190 | $LIMITE = intval($row['limite']);
|
---|
191 | $CONSIN = intval($row['consin']);
|
---|
192 | $INFPREMIO=intval($row['infpremio']);
|
---|
193 | $SUPSBARRAMENTO=intval($row['supsbarramento']);
|
---|
194 | $SUPMINPREMIO=intval($row['supminpremio']);
|
---|
195 | $SUPPREMIO=intval($row['suppremio']);
|
---|
196 | $LISTINFSBAR=intval($row['listinfsbar']);
|
---|
197 | $LISTINFCONTA=intval($row['listinfconta']);
|
---|
198 | $LISTSUPCONTA=intval($row['listsupconta']);
|
---|
199 | $SUPMINPREMIO=intval($row['supminpremio']);
|
---|
200 | $INFMINPREMIO=intval($row['infminpremio']);
|
---|
201 | }
|
---|
202 |
|
---|
203 |
|
---|
204 | include("modules/Elezioni/backup.php");
|
---|
205 | die();
|
---|
206 | }
|
---|
207 | ///////////////////
|
---|
208 | // lingua x demo
|
---|
209 | if (isset($param['newl'])){
|
---|
210 | $newl=$param['newl'];
|
---|
211 | if (file_exists("modules/Elezioni/language/lang-$newl.php")){ $lang=$newl;$_SESSION['newl']="$lang";
|
---|
212 | }
|
---|
213 | }
|
---|
214 |
|
---|
215 | // seesioni per flash, blocco e linguaggio, tour
|
---|
216 |
|
---|
217 | if (isset($param['block'])){
|
---|
218 | $blocco=$param['block'];
|
---|
219 | $_SESSION['newblock']="$blocco";
|
---|
220 | }
|
---|
221 | if (isset($_SESSION['newblock'])) $blocco=$_SESSION['newblock'];
|
---|
222 |
|
---|
223 |
|
---|
224 |
|
---|
225 | // linguaggio
|
---|
226 | if (isset($_SESSION['newl'])) $lang=$_SESSION['newl'];
|
---|
227 | //else $lang=$lang;
|
---|
228 | if (! isset($lang)) $lang=$language;
|
---|
229 | if (strlen($lang)!=2) $lang=$language;
|
---|
230 |
|
---|
231 | // flash x demo
|
---|
232 | if (isset($param['flash'])){
|
---|
233 | $flash=$param['flash'];
|
---|
234 | $_SESSION['newflash']="$flash";
|
---|
235 | }
|
---|
236 | if (isset($_SESSION['newflash'])) $flash=$_SESSION['newflash'];
|
---|
237 |
|
---|
238 | if (isset($param['tema'])){
|
---|
239 | $tema=$param['tema'];
|
---|
240 | $tema=htmlentities($tema); // evita xss
|
---|
241 | if(preg_match("/%/i", $tema)) $tema="default";// evita xss
|
---|
242 | $_SESSION['newtema']="$tema";
|
---|
243 |
|
---|
244 | }
|
---|
245 | if (isset($_SESSION['newtema'])) {
|
---|
246 | $tema=$_SESSION['newtema'];
|
---|
247 | if (preg_match("/%/i",$_SESSION['newtema'])) $_SESSION['newtema']="default"; // xss
|
---|
248 | }
|
---|
249 |
|
---|
250 | //ritorno disabilita tema cellulare dal file backtoapp e dal footer lo riattiva
|
---|
251 | if (isset($param['nocell'])){
|
---|
252 | $nocell=$param['nocell'];
|
---|
253 | $_SESSION['newcell']="$nocell";
|
---|
254 | }
|
---|
255 | if (isset($_SESSION['newcell'])) $nocell=$_SESSION['newcell'];
|
---|
256 |
|
---|
257 |
|
---|
258 |
|
---|
259 |
|
---|
260 | $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
|
---|
261 | $PHP_SELF=$_SERVER['PHP_SELF'];
|
---|
262 | $file=(isset($param['file'])) ? htmlentities($param['file']):"index";
|
---|
263 | $name=(isset($param['name'])) ? htmlentities($param['name']):"Elezioni";
|
---|
264 | $op=(isset($param['op'])) ? htmlentities($param['op']):"gruppo";
|
---|
265 | $id_comune=(isset($param['id_comune'])) ? intval($param['id_comune']): $siteistat;
|
---|
266 | $op=(isset($param['id_cons_gen'])) ? intval($param['id_cons_gen']):$id_cons_pred;
|
---|
267 |
|
---|
268 | $modpath = "modules/$name/$file.php";
|
---|
269 | if (file_exists($modpath)) {
|
---|
270 | include($modpath);
|
---|
271 | } else {
|
---|
272 | die ("Sorry, such file doesn't exist...:$modpath");
|
---|
273 | }
|
---|
274 |
|
---|
275 |
|
---|
276 |
|
---|
277 |
|
---|
278 |
|
---|
279 |
|
---|
280 |
|
---|
281 | ?>
|
---|