PageRenderTime 44ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/lib.php

https://bitbucket.org/riyogarta/bams
PHP | 575 lines | 348 code | 41 blank | 186 comment | 52 complexity | 9404a590af4d134b8f7edd68f634cec9 MD5 | raw file
  1. <?php
  2. function b_getmicrotime() {
  3. list($usec, $sec) = explode(' ', microtime());
  4. return ((float)$usec + (float)$sec);
  5. }
  6. /**
  7. * Digunakan untuk melakukan validasi terhadap format sebuah email
  8. *
  9. * @param string $cemail
  10. * @return TRUE/FALSE
  11. */
  12. function b_emailcheck($cemail) {
  13. return (eregi('^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$',$cemail));
  14. }
  15. /**
  16. * Digunakan untuk melakukan validasi atas hak seorang user untuk menggunakan sebuah modul
  17. *
  18. * @param integer $nid
  19. * @param string $modulsname
  20. * @return TRUE/FALSE
  21. */
  22. function b_modulgranted($nid_user, $modul) {
  23. include('./../connect.php');
  24. $breturn=true;
  25. if($nid_user!=1) {
  26. $csql='select a.nid
  27. from '.PREFIX.'granted as a
  28. inner join '.PREFIX.'moduls as b on a.nid_moduls=b.nid
  29. where a.nid_users=\''.$nid_user.'\' and b.nid=\''.$modul.'\'';
  30. $nresult=mysql_query($csql);
  31. if(!mysql_num_rows($nresult)==1) $breturn=false;
  32. }
  33. return $breturn;
  34. }
  35. /**
  36. * Fungsi penerjemah
  37. *
  38. * @param string $string
  39. */
  40. function b_echo($string) {
  41. include('translate.php');
  42. if(array_key_exists($string, $atranslate)) echo $atranslate[$string];
  43. else echo $string;
  44. }
  45. /**
  46. * Mendapatkan list file dari suatu direktori
  47. * default: ekstension
  48. *
  49. * @param string $cdir
  50. * @return Array
  51. */
  52. function b_getlistfile($cdir='./extensions') {
  53. if($dirhandle=opendir($cdir)) {
  54. while ($cfile = readdir($dirhandle)) {
  55. if ($cfile != '.' && $cfile != '..') {
  56. if(is_dir($cdir.'/'.$cfile)) {
  57. $alistfiletemp=b_getlistfile($cdir.'/'.$cfile);
  58. if(count($alistfiletemp)>0)
  59. foreach($alistfiletemp as $cfiletemp) $alistfile[]=$cfiletemp;
  60. } else {
  61. $alistfile[]=$cdir.'/'.$cfile;
  62. }
  63. }
  64. }
  65. }
  66. return $alistfile;
  67. }
  68. /**
  69. * Mendapatkan extension file
  70. *
  71. * @param string $cfilename
  72. * @return string
  73. */
  74. function b_getextension($cfilename) {
  75. return substr(strrchr($cfilename, '.'), 1);
  76. }
  77. /**
  78. * Mendapatkan nilai dari querry
  79. *
  80. * @param string $csql
  81. * @return string
  82. */
  83. function b_fetch($csql,$becho=false) {
  84. include('connect.php');
  85. $csql=str_replace('from',' as xxxxxxxxxx from ',$csql);
  86. if($becho) echo $csql;
  87. $nresult=mysql_query($csql);
  88. $oreturn=mysql_fetch_object($nresult);
  89. return $oreturn->xxxxxxxxxx;
  90. }
  91. /*
  92. * Cek apakah sebuah table ada dalam database
  93. *
  94. * @ param char $ctable
  95. * @return boolean
  96. */
  97. function b_checktableexist($ctable) {
  98. include('connect.php');
  99. $breturn=false;
  100. $csql='show tables from '.DATABASE.' where tables_in_'.DATABASE.'="'.$ctable.'"';
  101. $nresult=mysql_query($csql);
  102. if(mysql_num_rows($nresult)>0) {
  103. $breturn=true;
  104. }
  105. return $breturn;
  106. }
  107. /**
  108. * Cek apakah user memiliki akses GOD level
  109. *
  110. * @param integer $nid
  111. * @return boolean
  112. */
  113. function b_god($nid=1) {
  114. include('connect.php');
  115. $csql='select nstatus from '.PREFIX.'users where nid=\''.$nid.'\'';
  116. (b_fetch($csql)==4)?$breturn=true:$breturn=false;
  117. return $breturn;
  118. }
  119. /**
  120. * Mendapatkan info user
  121. *
  122. * @return aray (name,user,email)
  123. */
  124. function b_userinfo() {
  125. if(b_logged()) {
  126. $csql='select cname, cuser, cemail
  127. from '.PREFIX.'users where nid=\''.$_SESSION['nid_login'].'\'';
  128. $nresult=mysql_query($csql);
  129. $ouser=mysql_fetch_object($nresult);
  130. $auser['name']=$ouser->cname;
  131. $auser['user']=$ouser->cuser;
  132. $auser['email']=$ouser->cemail;
  133. $csql='select max(nid) from '.PREFIX.'history where nid_users=\''.$_SESSION['nid_login'].'\'';
  134. $nid_histtory=b_fetch($csql);
  135. $csql='select date_format(dlogin,\'%W, %M %D, %Y %T\') as dlogin_now
  136. from '.PREFIX.'history where nid=\''.$nid_histtory.'\'';
  137. $nresult=mysql_query($csql);
  138. $ouser=mysql_fetch_object($nresult);
  139. $auser['logged']=$ouser->dlogin_now;
  140. $csql='select max(nid) from '.PREFIX.'history where nid_users=\''.$_SESSION['nid_login'].'\' and nid<>\''.$nid_histtory.'\'';
  141. $nid_histtory=b_fetch($csql);
  142. $csql='select date_format(dlogin,\'%W, %M %D, %Y %T\') as dlogin_last,
  143. date_format(dlogout,\'%W, %M %D, %Y %T\') as dlogout_last, cip
  144. from '.PREFIX.'history where nid=\''.$nid_histtory.'\'';
  145. $nresult=mysql_query($csql);
  146. $ouser=mysql_fetch_object($nresult);
  147. $auser['lastlogin']=$ouser->dlogin_last;
  148. $auser['lastlogout']=$ouser->dlogout_last;
  149. $auser['ip']=$ouser->cip;
  150. return $auser;
  151. }
  152. }
  153. /**
  154. * Baca keterangan dari file init
  155. *
  156. * @param string $cfile
  157. */
  158. function b_readinit($cfile) {
  159. if(file_exists($cfile)){
  160. $handle=fopen($cfile,'r');
  161. $cread = fread($handle, filesize($cfile));
  162. fclose($handle);
  163. $aline=explode("\n",$cread);
  164. foreach($aline as $craw) {
  165. $araw=explode('::',$craw);
  166. if(trim($araw[0])=='*/') break;
  167. else if(trim($araw[0])<>'/*')
  168. $ainfo[strtolower(trim($araw[0]))]=trim($araw[1]);
  169. }
  170. return $ainfo;
  171. }
  172. }
  173. /**
  174. * Mengembalikan parameter index.php (admin)
  175. *
  176. * @return string
  177. */
  178. function b_urlact() {
  179. /*
  180. if(INDEXMODEL=='A')
  181. $creturn=$_SERVER['PHP_SELF'].'?cact='.$_GET['cact'].'&csub='.$_GET['csub'];
  182. else if(INDEXMODEL=='F') {
  183. $creturn=$_SERVER['PHP_SELF'].'?page='.$_GET['page'];
  184. }
  185. */
  186. $cprotocol=strpos(strtolower($_SERVER['SERVER_PROTOCOL']),'https')=== FALSE ?'http':'https';
  187. $chost=$_SERVER['HTTP_HOST'];
  188. $cscript=$_SERVER['SCRIPT_NAME'];
  189. $cparams=$_SERVER['QUERY_STRING'];
  190. return $cprotocol.'://'.$chost.$cscript.'?'.$cparams;
  191. }
  192. /**
  193. * Menghancurkan cookies
  194. *
  195. */
  196. function b_cookies_destroy() {
  197. setcookie('a','',time()-3600);
  198. setcookie('b','',time()-3600);
  199. setcookie('c','',time()-3600);
  200. setcookie('d','',time()-3600);
  201. }
  202. /**
  203. * Membuat cookies
  204. *
  205. */
  206. function b_cookies_create() {
  207. b_include('config.php');
  208. if(REMEMBER) {
  209. setcookie('a',base64_encode($_POST['cpass']),time()+60*60*24*30);
  210. setcookie('b',base64_encode($_POST['cuser']),time()+60*60*24*30);
  211. setcookie('c',md5($_POST['cpass']),time()+60*60*24*30);
  212. setcookie('d',md5($_POST['cuser']),time()+60*60*24*30);
  213. }
  214. }
  215. /**
  216. * Cek keberadaan cookies
  217. *
  218. * @return boolean
  219. *
  220. */
  221. function b_cookies_check() {
  222. b_include('config.php');
  223. if(REMEMBER) {
  224. if(isset($_COOKIE['a']) and isset($_COOKIE['b']) and isset($_COOKIE['c']) and isset($_COOKIE['d'])) {
  225. if(md5(base64_decode($_COOKIE['a']))==$_COOKIE['d'] and md5(base64_decode($_COOKIE['b']))==$_COOKIE['d'])
  226. $bcookies=true;
  227. else {
  228. b_cookies_destroy();
  229. $bcookies=false;
  230. }
  231. }
  232. }
  233. return $bcookies;
  234. }
  235. /**
  236. * Login
  237. *
  238. * @param string $cuser
  239. * @param string $cuser
  240. * @param boolean $bcookies
  241. *
  242. * @return boolean
  243. *
  244. */
  245. function b_login($cuser, $cpass) {
  246. $breturn=false;
  247. if(b_antisqlinjection($cuser) and b_antisqlinjection($cpass)) {
  248. if(b_cookies_check())
  249. $csql='select nid from '.PREFIX .'users where cuser=\''.base64_decode($_COOKIE['b']).'\' and cpass=password(\''.base64_decode($_COOKIE['a']).'\')';
  250. else
  251. $csql='select nid from '.PREFIX .'users where cuser=\''.$cuser.'\' and cpass=\''.md5($cpass).'\'';
  252. $nid=b_fetch($csql);
  253. if(trim($nid)<>'') {
  254. if(isset($_SESSION['nid_login'])) unset($_SESSION['nid_login']);
  255. $_SESSION['nid_login']=$nid;
  256. $csql='insert into '.PREFIX.'history (nid_users, dlogin, cip)
  257. values
  258. (\''.$nid.'\', now(), \''.$_SERVER['REMOTE_ADDR'].'\')';
  259. mysql_query($csql);
  260. $breturn=true;
  261. }
  262. if(REMEMBER) b_cookies_create();
  263. }
  264. return $breturn;
  265. }
  266. /**
  267. * logout
  268. *
  269. */
  270. function b_logout() {
  271. b_include('config.php');
  272. $csql='select max(nid) from '.PREFIX.'history where nid_users=\''.$_SESSION['nid_login'].'\'';
  273. $nid_histtory=b_fetch($csql);
  274. $csql='update '.PREFIX.'history set dlogout=now() where nid=\''.$nid_histtory.'\'';
  275. mysql_query($csql);
  276. unset($_SESSION['nid_login']);
  277. unset($_SESSION['ctoken']);
  278. if(REMEMBER) b_cookies_destroy();
  279. }
  280. /**
  281. * Cek apakah sudah login atau belum
  282. *
  283. * @return boolean
  284. *
  285. */
  286. function b_logged() {
  287. return isset($_SESSION['nid_login']);
  288. }
  289. /**
  290. * Sama dengan fungsi Include, tetapi melakukan pengecekan file exist terlebih dahulu
  291. *
  292. * @param string $cfile
  293. */
  294. function b_include($cfile) {
  295. if(file_exists($cfile))
  296. include($cfile);
  297. }
  298. /**
  299. * Mendapatkan ID user yang sedang login
  300. *
  301. * @return number ID
  302. *
  303. */
  304. function b_getuserlogin() {
  305. if(b_logged())
  306. $nreturn=$_SESSION['nid_login'];
  307. else
  308. $nreturn=0;
  309. return $nreturn;
  310. }
  311. /**
  312. * Anti SQL Injection
  313. *
  314. * @param string $csql
  315. * @return boolean
  316. */
  317. function b_antisqlinjection($input) {
  318. // daftarkan perintah-perintah SQL yang tidak boleh ada
  319. // dalam query dimana SQL Injection mungkin dilakukan
  320. $aforbidden = array (
  321. 'insert', 'select', 'update', 'delete', 'truncate',
  322. 'replace', 'drop', ' or ', ';', '#', '--', '=' );
  323. // lakukan cek, input tidak mengandung perintah yang tidak boleh
  324. $breturn=true;
  325. foreach($aforbidden as $cforbidden) {
  326. if(strrpos($input, strtolower($cforbidden))) {
  327. $breturn=false;
  328. break;
  329. }
  330. }
  331. return $breturn;
  332. }
  333. /**
  334. * Mengambil path directory tempat sebuah extension aktif berada
  335. *
  336. * @param string $cfileinclude
  337. */
  338. function b_pathinclude($cfileinclude){
  339. $csql='select cpath from '.PREFIX.'moduls where nid=\''.$_GET['csub'].'\'';
  340. include(dirname(b_fetch($csql)).'/'.$cfileinclude);
  341. }
  342. /**
  343. * Mengambil konfigurasi
  344. *
  345. * @return unknown
  346. * @param variant $config
  347. */
  348. function b_getconfig($config) {
  349. $csql='select * from '.PREFIX.'config where cname=\''.$config.'\'';
  350. $nreturn=mysql_query($csql);
  351. $oconfig=mysql_fetch_object($nreturn);
  352. if(strtolower(substr($config,0,1))=='c') $return=$oconfig->cconfig;
  353. if(strtolower(substr($config,0,1))=='n') $return=$oconfig->nconfig;
  354. if(strtolower(substr($config,0,1))=='d') $return=$oconfig->dconfig;
  355. return $return;
  356. }
  357. /**
  358. * Menyimpan config
  359. *
  360. * @param string $config
  361. * @param variant $value
  362. */
  363. function b_writeconfig($config, $value) {
  364. $csql='select * from '.PREFIX.'config where cname=\''.$config.'\'';
  365. $nresult=mysql_query($csql);
  366. if(mysql_num_rows($nresult)==0) {
  367. switch(strtolower(substr($config,0,1))) {
  368. case 'c' : $csql='insert into '.PREFIX.'config (cname, cconfig) values (\''.$config.'\',\''.$value.'\')';
  369. break;
  370. case 'n' : $csql='insert into '.PREFIX.'config (cname, nconfig) values (\''.$config.'\',\''.$value.'\')';
  371. break;
  372. case 'd' : $csql='insert into '.PREFIX.'config (cname, dconfig) values (\''.$config.'\',\''.$value.'\')';
  373. break;
  374. }
  375. } else {
  376. switch(strtolower(substr($config,0,1))) {
  377. case 'c' : $csql='update '.PREFIX.'config set cconfig=\''.$value.'\' where cname=\''.$config.'\'';
  378. break;
  379. case 'n' : $csql='update '.PREFIX.'config set nconfig=\''.$value.'\' where cname=\''.$config.'\'';
  380. break;
  381. case 'd' : $csql='update '.PREFIX.'config set dconfig=\''.$value.'\' where cname=\''.$config.'\'';
  382. break;
  383. }
  384. }
  385. mysql_query($csql);
  386. }
  387. /**
  388. * hapus config
  389. *
  390. * @param string $config
  391. */
  392. function b_deleteconfig($config) {
  393. $csql='delete from '.PREFIX.'config where cname=\''.$config.'\'';
  394. mysql_query($csql);
  395. }
  396. /**
  397. * Check apakah sebuah extension bisa di aktifkan dilihat dari dependency-nya
  398. *
  399. * @param unknown_type $cpath
  400. */
  401. function b_checkenabledependency($cpath) {
  402. $breturn=true;
  403. $ainfo=b_readinit(str_replace('.php','.init.php',strtolower($cpath)));
  404. if(trim($ainfo['dependency'])<>'') {
  405. $adependency=explode(',',$ainfo['dependency']);
  406. $csql='select cpath from '.PREFIX.'moduls';
  407. $nresult=mysql_query($csql);
  408. while($opath=mysql_fetch_object($nresult)) {
  409. $ainfo=b_readinit(str_replace('.php','.init.php',strtolower($opath->cpath)));
  410. $amoduls[]=trim(strtolower($ainfo['name']));
  411. }
  412. foreach($adependency as $cmodul)
  413. if(in_array(trim(strtolower($cmodul)), $amoduls)) $nexist++;
  414. if($nexist<>count($adependency)) $breturn=false;
  415. }
  416. return $breturn;
  417. }
  418. /**
  419. * Check apakah sebuah extension bisa di nonaktifkan dilihat dari dependency-nya
  420. *
  421. * @param unknown_type $cpath
  422. */
  423. function b_checkdisabledependency($cpath) {
  424. $breturn=true;
  425. $ainfo=b_readinit(str_replace('.php','.init.php',strtolower($cpath)));
  426. $cmodul=trim(strtolower($ainfo['name']));
  427. $csql='select cpath from '.PREFIX.'moduls where cpath<>\''.$cpath.'\'';
  428. $nresult=mysql_query($csql);
  429. while($opath=mysql_fetch_object($nresult)) {
  430. $ainfo=b_readinit(str_replace('.php','.init.php',strtolower($opath->cpath)));
  431. if(trim($ainfo['dependency'])<>'')
  432. $adependecy[]=trim(strtolower($ainfo['dependency']));
  433. }
  434. if(count($adependecy)>0) {
  435. foreach($adependecy as $cdependecy) {
  436. $cmoduls.=b_removeallspaces($cdependecy).',';
  437. }
  438. $amoduls=explode(',',$cmoduls);
  439. if(in_array(b_removeallspaces($cmodul),$amoduls)) $breturn=false;
  440. }
  441. return $breturn;
  442. }
  443. /**
  444. * Fungsi untuk memanggil fungsi-fungsi start-up
  445. *
  446. */
  447. function b_startup() {
  448. $afunction=get_defined_functions();
  449. foreach($afunction['user'] as $cfunction) {
  450. if(strtolower(substr($cfunction,0,2))=='s_') {
  451. if(function_exists($cfunction))
  452. $ctempath=PATHEXTENSION;
  453. $ctemp=substr($cfunction,2,strlen($cfunction)-2);
  454. $csql='select cpath from '.PREFIX.'moduls where cpath like \'%'.substr($ctemp,0,strpos($ctemp,'_')).'.php\'';
  455. $initfile=str_replace('./','./admin/',str_replace('.php','.init.php',strtolower(b_fetch($csql))));
  456. $GLOBALS['bv_pathextension']=dirname($initfile).'/';
  457. define('PATHEXTENSION_STARTUP',dirname($initfile).'/');
  458. call_user_func($cfunction, '');
  459. }
  460. }
  461. }
  462. function b_size2byte($nsize) {
  463. if ($nsize >= '1099511627776'){
  464. $cfinalsize = sprintf ('%01.7f',$nsize/'1099511627776') . ' TB ';
  465. } elseif ($nsize >= '1073741824') {
  466. $cfinalsize = sprintf ('%01.5f',$nsize/'1073741824') . ' GB ';
  467. } elseif ($nsize >= '1048576') {
  468. $cfinalsize = sprintf ('%01.3f',$nsize/'1048576') . ' MB ';
  469. } elseif ($nsize >= '1024') {
  470. $cfinalsize = sprintf ('%01.1f',$nsize/'1024') . ' KB ';
  471. } else{
  472. $cfinalsize = $nsize . ' B ';
  473. }
  474. return $cfinalsize;
  475. }
  476. /**
  477. * Fungsi untuk mengaktifkan tombol sesuai level user
  478. *
  479. * @param unknown_type $nminlevel_action
  480. * @param unknown_type $creturn
  481. */
  482. function b_levelaction($nminlevel_action,$creturn='disabled') {
  483. return (USERLEVEL>=$nminlevel_action)?'':'$creturn';
  484. }
  485. /**
  486. * Fungsi untuk menghilangkan seluruh space yang ada dalam sebuah string
  487. *
  488. * @param string $cstring
  489. * @param boolean $btoonlyonespace
  490. * @return string
  491. */
  492. function b_removeallspaces($cstring, $btoonlyonespace=false) {
  493. return preg_replace('/\s*/m',($btoonlyonespace)?' ':'',$cstring);
  494. }
  495. function b_foradmin($bother=true) {
  496. if(USERLEVEL<BC_ADMIN and !b_god(b_getuserlogin()) and $bother) echo 'disabled';
  497. }
  498. function b_forsuperuser($bother=true) {
  499. if(USERLEVEL<BC_SUPERUSER and !b_god(b_getuserlogin()) and $bother) echo 'disabled';
  500. }
  501. function b_foruser($bother=true) {
  502. if(USERLEVEL<BC_USER and !b_god(b_getuserlogin()) and $bother) echo 'disabled';
  503. }
  504. function b_ufirsteachwords($ctext) {
  505. $amustupper=array('pt', 'cv');
  506. $ctemp=strtolower($ctext);
  507. $ctemp=ucwords($ctemp);
  508. foreach($amustupper as $searchreplace) {
  509. $ctemp=str_replace(ucwords($searchreplace), strtoupper($searchreplace), $ctemp);
  510. }
  511. return $ctemp;
  512. }
  513. // Baca Library tambahan
  514. include('connect.php');
  515. $csql='select * from '.PREFIX.'moduls';
  516. $nresult=mysql_query($csql);
  517. while($omoduls=mysql_fetch_object($nresult)) {
  518. $cfile=str_replace('.php','.lib.php',strtolower($omoduls->cpath));
  519. /*
  520. if(file_exists($cfile)) {
  521. include($cfile);
  522. } else {
  523. $cfile2=str_replace("./","./admin/",$cfile);
  524. if(file_exists($cfile2))
  525. include($cfile2);
  526. else {
  527. */
  528. $cfile3=str_replace('./',ADMIN_LOCATION,$cfile);
  529. if(file_exists($cfile3))
  530. include($cfile3);
  531. // }
  532. //}
  533. }
  534. ?>