PageRenderTime 46ms CodeModel.GetById 8ms RepoModel.GetById 0ms app.codeStats 0ms

/portal/registro/includes/functions.php

https://bitbucket.org/asada03/camino
PHP | 266 lines | 130 code | 44 blank | 92 comment | 25 complexity | 686fdb653e46152af689552f1fbd7e69 MD5 | raw file
Possible License(s): GPL-2.0 
    

  1. <?php
    2. 

  2. 

  3. /*
    4. 

    5. 

  5.  This is free software; you can redistribute it and/or modify
    6. 

  6.  it under the terms of the GNU General Public License as published by
    7. 

  7.  the Free Software Foundation; either version 2 of the License, or
    8. 

  8.  (at your option) any later version.
    9. 

    10. 

  10.  This software is distributed in the hope that it will be useful,
    11. 

  11.  but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13. 

  13.  GNU General Public License for more details.
    14. 

    15. 

  15.  You should have received a copy of the GNU General Public License
    16. 

  16.  along with this software; if not, write to the Free Software
    17. 

  17.  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    18. 

  18.  or visit www.gnu.org
    19. 

  19.  
    20. 

  20.  Code by Lutsen Stellingwerff (www.biepenlu.nl)
    21. 

  21.  
    22. 

  22.  Based on code from evolt.org by jpmaster77
    23. 

  23.  http://evolt.org/php_login_script_with_remember_me_feature
    24. 

    25. 

  25. */
    26. 

  26. 

  27. if ('functions.php' == basename($_SERVER['SCRIPT_FILENAME']))
    28. 

  28. 	exit("You cannot access this file directly");
    29. 

  29. 

  30. // Checks whether or not the given username is in the database,
    31. 

  31. // if so it checks if the given password is the same password in the database for that user.
    32. 

  32. // If the user doesn't exist or if the passwords don't match up, it returns an error code (1 or 2). 
    33. 

  33. // On success it returns 0.
    34. 

  34. function confirmUser($username, $password){
    35. 

  35. 	global $conn;
    36. 

  36. 	/* Add slashes if necessary (for query) */
    37. 

  37. 	if(!get_magic_quotes_gpc()) {
    38. 

  38. 		$username = addslashes($username);
    39. 

  39. 	}
    40. 

  40. 

  41. 	/* Verify that user is in database */
    42. 

  42. 	$q = "select password from ".DB_PREFIX."users where username = '$username' limit 1";
    43. 

  43. 	$result = mysql_query($q,$conn);
    44. 

  44. 	if(!$result || (mysql_numrows($result) < 1)){
    45. 

  45. 		return 1; // Indicates username failure
    46. 

  46. 	}
    47. 

  47. 

  48. 	/* Retrieve password from result, strip slashes */
    49. 

  49. 	$dbarray = mysql_fetch_array($result);
    50. 

  50. 	// combine password in database with key
    51. 

  51. 	$dbarray['password']  = hmac($_SESSION['key'], stripslashes($dbarray['password']));
    52. 

  52. 	$password = stripslashes($password);
    53. 

  53. 

  54. 	/* Validate that password is correct */
    55. 

  55. 	if($password == $dbarray['password']){
    56. 

  56. 		return 0; // Success! Username and password confirmed
    57. 

  57. 	}
    58. 

  58. 	else{
    59. 

  59. 		return 2; // Indicates password failure
    60. 

  60. 	}
    61. 

  61. }
    62. 

  62. 

  63. 

  64. 

  65. // prevent including php or html in a string
    66. 

  66. function cleanString($string, $length) {
    67. 

  67. 	$string = filter_var($string, FILTER_SANITIZE_STRING); // PHP 5
    68. 

  68. 	$string = trim($string);
    69. 

  69. 	$string = stripslashes($string);
    70. 

  70. 	$string = strip_tags($string);
    71. 

  71. 	$string = substr($string, 0, $length);
    72. 

  72. 	return $string;
    73. 

  73. }
    74. 

  74. 

  75. 

  76. 

  77. // Calculate HMAC according to RFC2104
    78. 

  78. // http://www.ietf.org/rfc/rfc2104.txt
    79. 

  79. // From php.net by mina86 at tlen dot pl 19-Sep-2005 10:41
    80. 

  80. function hmac($key, $data, $hash = 'sha1', $blocksize = 64) {
    81. 

  81. 	if (strlen($key)>$blocksize) {
    82. 

  82. 		$key = pack('H*', $hash($key));
    83. 

  83. 	}
    84. 

  84. 	$key  = str_pad($key, $blocksize, chr(0));
    85. 

  85. 	$ipad = str_repeat(chr(0x36), $blocksize);
    86. 

  86. 	$opad = str_repeat(chr(0x5c), $blocksize);
    87. 

  87. 	return $hash(($key^$opad) . pack('H*', $hash(($key^$ipad) . $data)));
    88. 

  88. }
    89. 

  89. 

  90. function displayAlert($alertArr) {
    91. 

  91. 	if (count($alertArr) > 0) {
    92. 

  92. 		$string = '';
    93. 

  93. 		foreach ($alertArr as $val) {
    94. 

  94. 			$string .= "*".$val."<br />\n";
    95. 

  95. 		}
    96. 

  96. 		return $string;
    97. 

  97. 	} else {
    98. 

  98. 		return false;
    99. 

  99. 	}
    100. 

  100. }
    101. 

  101. 

  102. 

  103. 

  104. // email validation
    105. 

  105. // (original: Chris Williams, cwilliams@aerospace.state.al.us, www.php.net)
    106. 

  106. /*function emailValid($email) {
    107. 

  107. 	// Do the basic Reg Exp Matching for simple validation
    108. 

  108. 	if (eregi("^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$", $email)) {
    109. 

    110. 

  110. 		// split the Email Up for Server validation
    111. 

  111. 		list($Username, $Domain) = split("@",$email);
    112. 

    113. 

  113. 		// If you get an mx record then this is a valid email domain
    114. 

  114. 		if(@getmxrr($Domain, $MXHost)) {
    115. 

  115. 			return TRUE;
    116. 

  116. 		} else {
    117. 

  117. 			// else use the domain given to try and connect on port 25
    118. 

  118. 			// if you can connect then it's a valid domain and that's good enough
    119. 

  119. 			if(@fsockopen($Domain, 25, $errno, $errstr, 30)) {
    120. 

  120. 				return TRUE; 
    121. 

  121. 			} else {
    122. 

  122. 				return FALSE; 
    123. 

  123. 			}
    124. 

  124. 		}
    125. 

  125. 	} else {
    126. 

  126. 		return FALSE;
    127. 

  127. 	}
    128. 

  128. }*/
    129. 

  129. // Update: use PHP 5 filter function instead
    130. 

  130. function emailValid($email) {
    131. 

  131. 	return filter_var($email, FILTER_VALIDATE_EMAIL);
    132. 

  132. }
    133. 

  133. 

  134. 

  135. /* 
    136. 

  136. Author: Peter Mugane Kionga-Kamau
    137. 

  137. http://www.pmkmedia.com
    138. 

    139. 

  139. Description: string str_makerand(int $minlength, int $maxlength, bool $useupper, bool $usespecial, bool $usenumbers) 
    140. 

  140. returns a randomly generated string of length between $minlength and $maxlength inclusively.
    141. 

    142. 

  142. Notes: 
    143. 

  143. - If $useupper is true uppercase characters will be used; if false they will be excluded.
    144. 

  144. - If $usespecial is true special characters will be used; if false they will be excluded.
    145. 

  145. - If $usenumbers is true numerical characters will be used; if false they will be excluded.
    146. 

  146. - If $minlength is equal to $maxlength a string of length $maxlength will be returned.
    147. 

  147. - Not all special characters are included since they could cause parse errors with queries. 
    148. 

    149. 

  149. Modify at will.
    150. 

    151. 

  151. (original function name: str_makerand)
    152. 

  152. */
    153. 

  153. function randString($minlength = 6, $maxlength = 30, $useupper = true, $usespecial = false, $usenumbers = true)
    154. 

  154. {
    155. 

  155. 	$charset = "abcdefghijklmnopqrstuvwxyz";
    156. 

  156. 	if ($useupper)   $charset .= "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
    157. 

  157. 	if ($usenumbers) $charset .= "0123456789";
    158. 

  158. 	if ($usespecial) $charset .= "~@#%^*()_+-=|][";   // Note: using all special characters this reads: "~!@#$%^&*()_+`-={}|\\]?[\":;'><,./";
    159. 

  159. 	if ($minlength > $maxlength) $length = mt_rand ($maxlength, $minlength);
    160. 

  160. 	else                         $length = mt_rand ($minlength, $maxlength);
    161. 

  161. 	for ($i=0; $i<$length; $i++) $key .= $charset[(mt_rand(0,(strlen($charset)-1)))];
    162. 

  162. 	return $key;
    163. 

  163. }
    164. 

  164. 

  165. 

  166. 

  167. // Returns corresponding username if the email address exists, false otherwise.
    168. 

  168. function emailExist($email){
    169. 

  169. 	global $conn;
    170. 

  170. 	if(!get_magic_quotes_gpc()){
    171. 

  171. 		$email = addslashes($email);
    172. 

  172. 	}
    173. 

  173. 	$q = "select username from ".DB_PREFIX."users where email = '$email' limit 1";
    174. 

  174. 	$result = mysql_query($q,$conn);
    175. 

  175. 	if (mysql_numrows($result) > 0) {
    176. 

  176. 		$dbarray = mysql_fetch_array($result);
    177. 

  177. 		return $dbarray['username'];
    178. 

  178. 	} else {
    179. 

  179. 		return false;
    180. 

  180. 	}
    181. 

  181. }
    182. 

  182. 

  183. 

  184. 

  185. // Returns true if the username has been taken by another user, false otherwise.
    186. 

  186. function usernameTaken($username){
    187. 

  187. 	global $conn;
    188. 

  188. 	if(!get_magic_quotes_gpc()){
    189. 

  189. 		$username = addslashes($username);
    190. 

  190. 	}
    191. 

  191. 	$q = "select username from ".DB_PREFIX."users where username = '$username' limit 1";
    192. 

  192. 	$result = mysql_query($q,$conn);
    193. 

  193. 	return (mysql_numrows($result) > 0);
    194. 

  194. }
    195. 

  195. 

  196. 

  197. 

  198. // put already submitted data back in form
    199. 

  199. function printField($fieldname) {
    200. 

  200. 	if ($_POST[$fieldname] && strlen($_POST[$fieldname]) > 0) {
    201. 

  201. 		print $_POST[$fieldname];
    202. 

  202. 	}
    203. 

  203. }
    204. 

  204. 

  205. // create directory for a personalized prospecting webpage
    206. 

  206. function createDirectory($username)
    207. 

  207. {
    208. 

  208. 

  209. 				// Let's create the directory and files				
    210. 

  210. 				// Create directory
    211. 

  211. 				$myFileName = "../../" . $username;
    212. 

  212. 				if (!mkdir($myFileName,0755))
    213. 

  213. 					return "No se pudo crear el directorio ".$username;
    214. 

  214. 	
    215. 

  215. 				// Create index.html
    216. 

  216. 				$myFileName = "../../" . $username . "/index.html";
    217. 

  217. 			   $myFile = fopen($myFileName,"w"); 
    218. 

  218. 			   
    219. 

  219. 			   if (!$myFile) return "No se pudeo crear el archivo index.html";
    220. 

  220. 			   
    221. 

  221. 			fwrite ($myFile,"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n");
    222. 

  222. 			fwrite ($myFile,"<html xmlns=\"http://www.w3.org/1999/xhtml\">\n");
    223. 

  223. 			fwrite ($myFile,"<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-1\" />\n");
    224. 

  224. 			fwrite ($myFile,"<title>Untitled Document</title>\n");
    225. 

  225. 			$myString = "<meta HTTP-EQUIV=\"REFRESH\" content=\"0; url=http://www.caminoaserlibre.com/index.php?userunet=" . $username . "\">\n";
    226. 

  226. 			fwrite ($myFile,$myString);
    227. 

  227. 			fwrite ($myFile,"</head><body></body></html>\n");
    228. 

  228. 					   
    229. 

  229. 			   fclose($myFile);
    230. 

  230. 					
    231. 

  231. 		
    232. 

  232. 				// Create todalainformacion.html 
    233. 

  233. 				$myFileName = "../../" . $username . "/todalainformacion.html";
    234. 

  234. 			   $myFile = fopen($myFileName,"w"); 
    235. 

  235. 				   if (!$myFile) return "No se pudeo crear el archivo todalainformacion.html";
    236. 

  236. 			   
    237. 

  237. 		   
    238. 

  238. 			fwrite ($myFile,"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n");
    239. 

  239. 			fwrite ($myFile,"<html xmlns=\"http://www.w3.org/1999/xhtml\">\n");
    240. 

  240. 			fwrite ($myFile,"<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-1\" />\n");
    241. 

  241. 			fwrite ($myFile,"<title>Untitled Document</title>\n");
    242. 

  242. 			$myString = "<meta HTTP-EQUIV=\"REFRESH\" content=\"0; url=http://www.caminoaserlibre.com/html/todalainformacion.php?userunet=" . $username . "\">\n";
    243. 

  243. 			fwrite ($myFile,$myString);
    244. 

  244. 			fwrite ($myFile,"</head><body></body></html>\n");
    245. 

  245. 					   
    246. 

  246. 			   fclose($myFile);
    247. 

  247. 			   
    248. 

  248. 	return "success";		   
    249. 

  249. }	
    250. 

  250. 

  251. function dateDiff($startDate, $endDate) 
    252. 

  252. { 
    253. 

  253.     // Parse dates for conversion 
    254. 

  254.     $startArry = date_parse($startDate); 
    255. 

  255.     $endArry = date_parse($endDate); 
    256. 

  256. 

  257.     // Convert dates to Julian Days 
    258. 

  258.     $start_date = gregoriantojd($startArry["month"], $startArry["day"], $startArry["year"]); 
    259. 

  259.     $end_date = gregoriantojd($endArry["month"], $endArry["day"], $endArry["year"]); 
    260. 

  260. 

  261.     // Return difference 
    262. 

  262.     return round(($end_date - $start_date), 0); 
    263. 

  263. } 
    264. 

  264. 

  265. 

  266. // NOTHING after ?>
    267.