00001 <?php
00002
00005
00006 require_once('Smarty.class.php');
00007 require_once('error.php');
00008 require_once 'const.php';
00009 require_once('config.php');
00010 require_once('sql.php');
00011
00012
00029 #
00030
00031 function check_input( $user_input, $validation_info, $strict_mode = TRUE ) {
00032
00033 global $debug_level;
00034
00035 $err_info = array();
00036
00037 foreach ($validation_info as $k => $dummy) {
00038 if (!isset($user_input[$k])) {
00039 $user_input[$k] = "";
00040 }
00041 }
00042
00043
00044 if ($debug_level > 20) {
00045 print "<hr><pre>";
00046 print "check_input():\n\n";
00047 }
00048
00049 foreach ($user_input as $k => $v) {
00050
00051 $type = gettype($v);
00052
00053 switch($type) {
00054
00055 case "string":
00056
00057 if (isset($validation_info[$k])) {
00058 $ok = preg_match($validation_info[$k], $v);
00059 } else {
00060 $ok = ($strict_mode) ? FALSE : TRUE;
00061 }
00062 break;
00063
00064 case "array":
00065 $ok = TRUE;
00066 break;
00067
00068 default:
00069 $ok = FALSE;
00070 }
00071
00072
00073 if ($debug_level > 20) {
00074 print "key: $k\n" ;
00075 print "value: $v\n" ;
00076 print "regexp: " . $validation_info[$k]. "\n";
00077 print "ok: " ;
00078 print (($ok) ? "yes" : "no" ) . "\n\n";
00079 }
00080
00081
00082 if (!$ok) {
00083 $err_info[] = $k;
00084 }
00085 }
00086
00087 if ($debug_level > 20) {
00088 print "</pre></hr>";
00089 }
00090
00091 return $err_info;
00092 }
00093
00094
00110
00111 function do_template($smarty, $template, $kw, $remember_me = FALSE ) {
00112
00113 global $_SESSION, $_SERVER, $debug_level;
00114
00115 $smarty->compile_check = TRUE;
00116
00117 # turn on debugging if so requested
00118
00119 if ($debug_level > 5) {
00120 $smarty->debugging = true;
00121 }
00122
00123 # assign smarty variables
00124
00125 foreach ($kw as $k => $v) {
00126 $smarty->assign($k, $v);
00127 }
00128
00129 # add a header and a footer
00130
00131 $smarty->display('header.tpl');
00132 $smarty->display($template);
00133 $smarty->display('footer.tpl');
00134
00135 # clean up
00136
00137 foreach ($kw as $k => $v) {
00138 $smarty->clear_assign($k, $v);
00139 }
00140
00141 # remember current page
00142
00143 if ($remember_me) {
00144 $_SESSION['last_page'] = $_SERVER['REQUEST_URI'];
00145 }
00146 }
00147
00148
00149 # XXX the purpose of this function cannot be easily described, sorry.
00150 # Use the source, luke.
00151
00152 function get_html_options($tables, $db, $key = "id" , $value = "description",
00153 $order_by = "description", $default = array() ) {
00154
00155 $options = array ();
00156
00157 foreach ($tables as $t) {
00158
00159 $options[$t] = $default;
00160
00161 $param = array ( "tables" => $t,
00162 "order" => "$order_by asc"
00163 );
00164
00165 $ans = sql_query('select', $param, $db);
00166
00167 if (empty($ans)){
00168 user_error("database query failed for table $t" ,
00169 E_USER_ERROR);
00170 }
00171
00172 foreach ($ans as $a) {
00173 $k = $a[$key];
00174 $v = $a[$value];
00175 $options[$t][$k] = $v;
00176 }
00177 }
00178
00179 return $options;
00180 }
00181
00189
00190 function get_item_owner($item, $id, $db ) {
00191
00192 switch($item) {
00193
00194 case "user":
00195 $p = array ( tables => "user,degree",
00196 columns => "user.*,degree.description AS degree_description",
00197 cond => "user.id = $id AND degree.id = user.degree_id");
00198 $ans = sql_query('select',$p, $db);
00199
00200 if (empty($ans)) {
00201 user_error("database query failed" ,
00202 E_USER_ERROR);
00203 }
00204
00205 $user = $ans[0];
00206
00207 break;
00208
00209 case "collection":
00210
00211 $p = array (tables => "collection",cond => "id = $id");
00212 $ans = sql_query('select',$p, $db);
00213
00214 if (empty($ans)) {
00215 user_error("database query failed" ,
00216 E_USER_ERROR);
00217 }
00218
00219 $user = get_item_owner("user", $ans[0]['user_id'], $db);
00220 break;
00221
00222 case "email":
00223
00224 $p = array (tables => "email", cond => "id = $id");
00225 $ans = sql_query('select',$p, $db);
00226
00227 $user = get_item_owner("document",
00228 $ans[0]['document_id'], $db);
00229 break;
00230
00231 default:
00232 $p = array (tables => "document",cond => "id = $id");
00233 $ans = sql_query('select', $p, $db);
00234
00235 if (empty($ans)) {
00236 user_error("database query failed" ,
00237 E_USER_ERROR);
00238 }
00239
00240 $user = get_item_owner("collection",
00241 $ans[0]['collection_id'], $db);
00242 break;
00243 }
00244
00245 return $user;
00246 }
00247
00257
00258 function send_email($smarty, $template, $kw, $email_to ) {
00259
00260 global $_SESSION, $default_email_from, $default_email_subject;
00261
00262 $email_from = $default_email_from;
00263
00264 if (isset($_SESSION['user'])) {
00265
00266 $u = $_SESSION['user'];
00267 $email_from = $u['forename'] . " " . $u['surname'] .
00268 " <" . $u['email'] . ">";
00269
00270 }
00271
00272 foreach ($kw as $k => $v) {
00273 $smarty->assign($k, $v);
00274 }
00275
00276 $email_txt = $smarty->fetch($template);
00277
00278
00279 foreach ($kw as $k => $v) {
00280 $smarty->clear_assign($k, $v);
00281 }
00282
00283 $headers = "From: $email_from\r\n\r\n";
00284 mail( $email_to, $default_email_subject, $email_txt, $headers);
00285 }
00286
00297
00298 function get_new_expiry_date() {
00299
00300 # At TU Braunschweig, the semester ends on March and September, so
00301 # we choose the beginning of the next semester as an expiration date.
00302
00303 $t = getdate();
00304
00305 $t['mday'] = 1;
00306
00307 if ($t['mon'] <= 2) {
00308 $t['mon'] = 4;
00309 } else if ($t['mon'] <= 7) {
00310 $t['mon'] = 10;
00311 } else {
00312 $t['mon'] = 4;
00313 $t['year']++;
00314 }
00315
00316 $ans = sprintf("%04d%02d%02d", $t['year'] , $t['mon'] , $t['mday']);
00317
00318 return $ans;
00319
00320 }
00321
00386
00387 function check_acl($acl_list, $item, $id, $db) {
00388 global $_SESSION;
00389
00390 if (isset($acl_list[$item])) {
00391 $acl = $acl_list[$item];
00392 } else if (isset($acl_list['any'])) {
00393 $acl = $acl_list['any'];
00394 } else {
00395 return FALSE;
00396 }
00397
00398 foreach (split(',', $acl) as $a) {
00399
00400 list($k, $v) = split('=', $a);
00401
00402 $inverse = false;
00403
00404 switch($k) {
00405 case "!owner":
00406 $inverse = TRUE;
00407 case "owner":
00408
00409 if ($id != "") {
00410 $u = $_SESSION['user'];
00411 $o = get_item_owner($item, $id, $db);
00412 $ok = ($u['id'] == $o['id']);
00413 }
00414
00415 break;
00416
00417 case "!role":
00418 $inverse = TRUE;
00419 case "role":
00420 $u = $_SESSION['user'];
00421 $ok = ($u['role_name'] == $v);
00422 break;
00423
00424 case "!any":
00425 $inverse = TRUE;
00426 case "any":
00427 $ok = TRUE;
00428 break;
00429 default:
00430 user_error("acl syntax error: $k" ,
00431 E_USER_ERROR);
00432 }
00433
00434 if ($inverse) {
00435 $ok = (!$ok);
00436 }
00437
00438 if ($ok) {
00439 break;
00440 }
00441 }
00442
00443 return $ok;
00444 }
00445
00453
00454 function set_random_pw($uid, $dblink) {
00455
00456 $keychars = "abcdefghijklmnopqrstuvwxyz0123456789";
00457 $length = 6;
00458
00459 $passwd = "";
00460 $max=strlen($keychars)-1;
00461
00462 for ($i=0 ; $i<=$length ; $i++) {
00463 $passwd .= substr($keychars, rand(0, $max), 1);
00464 }
00465
00466 $pw_crypt = "{SHA1}" . sha1($passwd);
00467
00468 # set login / password
00469
00470 $param = array (
00471 "tables" => "user" ,
00472 "data" => array ( "password" => $pw_crypt ),
00473 cond => "id = " . $uid,
00474 );
00475
00476
00477 sql_query('update', $param, $dblink);
00478
00479 return $passwd;
00480 }
00481
00484
00485 function smarty_init() {
00486 global $templates_compile_dir;
00487
00488 $smarty =& new Smarty;
00489 $smarty->compile_check = true;
00490 #$smarty->debugging = true;
00491
00492 # set paths
00493 $smarty->template_dir = "../templates";
00494 $smarty->compile_dir = $templates_compile_dir;
00495 $smarty->config_dir = "../configs";
00496
00497 return $smarty;
00498 }
00499
00505
00506 function guess_mime_type($fn) {
00507 global $mime_types;
00508
00509 #normalize filename
00510
00511 $fn = strtolower(basename(strtolower($fn)));
00512
00513 $mime_type='application/octet-stream'; # catch-all
00514
00515 foreach ($mime_types as $preg => $value ) {
00516 if (preg_match($preg, $fn) > 0) {
00517 $mime_type = $value;
00518 break;
00519 }
00520 }
00521
00522 return $mime_type;
00523 }
00524
00525 ?>
