PageRenderTime 26ms CodeModel.GetById 22ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/utility.inc.php

https://github.com/awriel/s3st15_matoa
PHP | 297 lines | 170 code | 32 blank | 95 comment | 51 complexity | 4f847a186f8cdc35caad2d52796008b8 MD5 | raw file
    

  1. <?php

    2. 

  2. /**

    3. 

  3.  * utility class

    4. 

  4.  * A Collection of static utility methods

    5. 

  5.  *

    6. 

  6.  * Copyright (C) 2007,2008  Arie Nugraha (dicarve@yahoo.com)

    7. 

  7.  *

    8. 

  8.  * This program is free software; you can redistribute it and/or modify

    9. 

  9.  * it under the terms of the GNU General Public License as published by

    10. 

  10.  * the Free Software Foundation; either version 2 of the License, or

    11. 

  11.  * (at your option) any later version.

    12. 

  12.  *

    13. 

  13.  * This program is distributed in the hope that it will be useful,

    14. 

  14.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

    15. 

  15.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

    16. 

  16.  * GNU General Public License for more details.

    17. 

  17.  *

    18. 

  18.  * You should have received a copy of the GNU General Public License

    19. 

  19.  * along with this program; if not, write to the Free Software

    20. 

  20.  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA

    21. 

  21.  *

    22. 

  22.  */

    23. 

  23. 

    24. 

  24. // be sure that this file not accessed directly

    25. 

  25. if (!defined('INDEX_AUTH')) {

    26. 

  26.     die("can not access this file directly");

    27. 

  27. } elseif (INDEX_AUTH != 1) {

    28. 

  28.     die("can not access this file directly");

    29. 

  29. }

    30. 

  30. 

    31. 

  31. class utility

    32. 

  32. {

    33. 

  33.     /**

    34. 

  34.      * Static Method to send out javascript alert

    35. 

  35.      *

    36. 

  36.      * @param   string  $str_message

    37. 

  37.      * @return  void

    38. 

  38.      */

    39. 

  39.     public static function jsAlert($str_message)

    40. 

  40.     {

    41. 

  41.         if (!$str_message) {

    42. 

  42.             return;

    43. 

  43.         }

    44. 

  44. 

    45. 

  45.         // replace newline with javascripts newline

    46. 

  46.         $str_message = str_replace("\n", '\n', $str_message);

    47. 

  47.         echo '<script type="text/javascript">'."\n";

    48. 

  48.         echo 'alert("'.addslashes($str_message).'")'."\n";

    49. 

  49.         echo '</script>'."\n";

    50. 

  50.     }

    51. 

  51. 

    52. 

  52. 

    53. 

  53.     /**

    54. 

  54.      * Static Method to load application settings from database

    55. 

  55.      *

    56. 

  56.      * @param   object  $obj_db

    57. 

  57.      * @return  void

    58. 

  58.      */

    59. 

  59.     public static function loadSettings($obj_db)

    60. 

  60.     {

    61. 

  61.         global $sysconf;

    62. 

  62.         $_setting_query = $obj_db->query('SELECT * FROM setting');

    63. 

  63.         if (!$obj_db->errno) {

    64. 

  64.             while ($_setting_data = $_setting_query->fetch_assoc()) {

    65. 

  65.                 $_value = unserialize($_setting_data['setting_value']);

    66. 

  66.                 if (is_array($_value)) {

    67. 

  67.                     foreach ($_value as $_idx=>$_curr_value) {

    68. 

  68.                         $sysconf[$_setting_data['setting_name']][$_idx] = $_curr_value;

    69. 

  69.                     }

    70. 

  70.                 } else {

    71. 

  71.                     $sysconf[$_setting_data['setting_name']] = $_value;

    72. 

  72.                 }

    73. 

  73.             }

    74. 

  74.         }

    75. 

  75.     }

    76. 

  76. 

    77. 

  77. 

    78. 

  78.     /**

    79. 

  79.      * Static Method to check privileges of application module form current user

    80. 

  80.      *

    81. 

  81.      * @param   string  $str_module_name

    82. 

  82.      * @param   string  $str_privilege_type

    83. 

  83.      * @return  boolean

    84. 

  84.      */

    85. 

  85.     public static function havePrivilege($str_module_name, $str_privilege_type = 'r')

    86. 

  86.     {

    87. 

  87.         // checking checksum

    88. 

  88.         $server_addr = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : $_SERVER['LOCAL_ADDR'];

    89. 

  89.         $_checksum = defined('UCS_BASE_DIR')?md5($server_addr.UCS_BASE_DIR.'admin'):md5($server_addr.SENAYAN_BASE_DIR.'admin');

    90. 

  90.         if ($_SESSION['checksum'] != $_checksum) {

    91. 

  91.             return false;

    92. 

  92.         }

    93. 

  93.         // check privilege type

    94. 

  94.         if (!in_array($str_privilege_type, array('r', 'w'))) {

    95. 

  95.             return false;

    96. 

  96.         }

    97. 

  97.         if (isset($_SESSION['priv'][$str_module_name][$str_privilege_type]) AND $_SESSION['priv'][$str_module_name][$str_privilege_type]) {

    98. 

  98.             return true;

    99. 

  99.         }

    100. 

  100.         return false;

    101. 

  101.     }

    102. 

  102. 

    103. 

  103. 

    104. 

  104.     /**

    105. 

  105.      * Static Method to write application activities logs

    106. 

  106.      *

    107. 

  107.      * @param   object  $obj_db

    108. 

  108.      * @param   string  $str_log_type

    109. 

  109.      * @param   string  $str_value_id

    110. 

  110.      * @param   string  $str_location

    111. 

  111.      * @param   string  $str_log_msg

    112. 

  112.      * @return  void

    113. 

  113.      */

    114. 

  114.     public static function writeLogs($obj_db, $str_log_type, $str_value_id, $str_location, $str_log_msg)

    115. 

  115.     {

    116. 

  116.         if (!$obj_db->error) {

    117. 

  117.             // log table

    118. 

  118.             $_log_date = date('Y-m-d H:i:s');

    119. 

  119.             $_log_table = 'system_log';

    120. 

  120.             // filter input

    121. 

  121.             $str_log_type = $obj_db->escape_string(trim($str_log_type));

    122. 

  122.             $str_value_id = $obj_db->escape_string(trim($str_value_id));

    123. 

  123.             $str_location = $obj_db->escape_string(trim($str_location));

    124. 

  124.             $str_log_msg = $obj_db->escape_string(trim($str_log_msg));

    125. 

  125.             // insert log data to database

    126. 

  126.             @$obj_db->query('INSERT INTO '.$_log_table.'

    127. 

  127.             VALUES (NULL, \''.$str_log_type.'\', \''.$str_value_id.'\', \''.$str_location.'\', \''.$str_log_msg.'\', \''.$_log_date.'\')');

    128. 

  128.         }

    129. 

  129.     }

    130. 

  130. 

    131. 

  131. 

    132. 

  132.     /**

    133. 

  133.      * Static Method to get an ID of database table record

    134. 

  134.      *

    135. 

  135.      * @param   object  $obj_db

    136. 

  136.      * @param   string  $str_table_name

    137. 

  137.      * @param   string  $str_id_field

    138. 

  138.      * @param   string  $str_value_field

    139. 

  139.      * @param   string  $str_value

    140. 

  140.      * @param   array   $arr_cache

    141. 

  141.      * @return  mixed

    142. 

  142.      */

    143. 

  143.     public static function getID($obj_db, $str_table_name, $str_id_field, $str_value_field, $str_value, &$arr_cache = false)

    144. 

  144.     {

    145. 

  145.         $str_value = trim($str_value);

    146. 

  146.         if ($arr_cache) {

    147. 

  147.             if (isset($arr_cache[$str_value])) {

    148. 

  148.                 return $arr_cache[$str_value];

    149. 

  149.             }

    150. 

  150.         }

    151. 

  151.         if (!$obj_db->error) {

    152. 

  152.             $id_q = $obj_db->query('SELECT '.$str_id_field.' FROM '.$str_table_name.' WHERE '.$str_value_field.'=\''.$obj_db->escape_string($str_value).'\'');

    153. 

  153.             if ($id_q->num_rows > 0) {

    154. 

  154.                 $id_d = $id_q->fetch_row();

    155. 

  155.                 unset($id_q);

    156. 

  156.                 // cache

    157. 

  157.                 if ($arr_cache) {

    158. 

  158.                     $arr_cache[$str_value] = $id_d[0];

    159. 

  159.                 }

    160. 

  160.                 return $id_d[0];

    161. 

  161.             } else {

    162. 

  162.                 $_curr_date = date('Y-m-d');

    163. 

  163.                 // if not found then we insert it as new value

    164. 

  164.                 $obj_db->query('INSERT IGNORE INTO '.$str_table_name.' ('.$str_value_field.', input_date, last_update)

    165. 

  165.                     VALUES (\''.$obj_db->escape_string($str_value).'\', \''.$_curr_date.'\', \''.$_curr_date.'\')');

    166. 

  166.                 if (!$obj_db->error) {

    167. 

  167.                     // cache

    168. 

  168.                     if ($arr_cache) {

    169. 

  169.                         $arr_cache[$str_value] = $obj_db->insert_id;

    170. 

  170.                     }

    171. 

  171.                     return $obj_db->insert_id;

    172. 

  172.                 }

    173. 

  173.             }

    174. 

  174.         }

    175. 

  175.     }

    176. 

  176. 

    177. 

  177. 

    178. 

  178.     /**

    179. 

  179.      * Static method to detect mobile browser

    180. 

  180.      * Some Patches by Indra Sutriadi

    181. 

  181.      *

    182. 

  182.      * @return  boolean

    183. 

  183.      * this script is taken from http://mobiforge.com/developing/story/lightweight-device-detection-php

    184. 

  184.      **/

    185. 

  185.     public static function isMobileBrowser()

    186. 

  186.     {

    187. 

  187.         $_is_mobile_browser = '0';

    188. 

  188. 

    189. 

  189.         if(preg_match('/(up.browser|up.link|mmp|symbian|smartphone|midp|wap|phone)/i', strtolower(@$_SERVER['HTTP_USER_AGENT']))) {

    190. 

  190.             $_is_mobile_browser++;

    191. 

  191.         }

    192. 

  192. 

    193. 

  193.         if((strpos(strtolower(@$_SERVER['HTTP_ACCEPT']),'application/vnd.wap.xhtml+xml')>0) or ((isset($_SERVER['HTTP_X_WAP_PROFILE']) or isset($_SERVER['HTTP_PROFILE'])))) {

    194. 

  194.             $_is_mobile_browser++;

    195. 

  195.         }

    196. 

  196. 

    197. 

  197.         $_mobile_ua = strtolower(substr(@$_SERVER['HTTP_USER_AGENT'],0,4));

    198. 

  198.         $_mobile_agents = array(

    199. 

  199.             'w3c ','acs-','alav','alca','amoi','audi','avan','benq','bird','blac',

    200. 

  200.             'blaz','brew','cell','cldc','cmd-','dang','doco','eric','hipt','inno',

    201. 

  201.             'ipaq','java','jigs','kddi','keji','leno','lg-c','lg-d','lg-g','lge-',

    202. 

  202.             'maui','maxo','midp','mits','mmef','mobi','mot-','moto','mwbp','nec-',

    203. 

  203.             'newt','noki','palm','pana','pant','phil','play','port','prox',

    204. 

  204.             'qwap','sage','sams','sany','sch-','sec-','send','seri','sgh-','shar',

    205. 

  205.             'sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-',

    206. 

  206.             'tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp',

    207. 

  207.             'wapr','webc','winw','winw','xda','xda-');

    208. 

  208. 

    209. 

  209.         if(in_array($_mobile_ua, $_mobile_agents)) {

    210. 

  210.             $_is_mobile_browser++;

    211. 

  211.         }

    212. 

  212. 

    213. 

  213.         if (isset($_SERVER['ALL_HTTP']) && strpos(strtolower($_SERVER['ALL_HTTP']),'operamini')>0) {

    214. 

  214.             $_is_mobile_browser++;

    215. 

  215.         }

    216. 

  216. 

    217. 

  217.         if (strpos(strtolower(@$_SERVER['HTTP_USER_AGENT']),' ppc;')>0) {

    218. 

  218.             $_is_mobile_browser++;

    219. 

  219.         }

    220. 

  220. 

    221. 

  221.         if (strpos(strtolower(@$_SERVER['HTTP_USER_AGENT']),'windows ce')>0) {

    222. 

  222.             $_is_mobile_browser++;

    223. 

  223.         }

    224. 

  224. 

    225. 

  225.         if (strpos(strtolower(@$_SERVER['HTTP_USER_AGENT']),'windows')>0) {

    226. 

  226.             $_is_mobile_browser=0;

    227. 

  227.         }

    228. 

  228. 

    229. 

  229.         if (strpos(strtolower(@$_SERVER['HTTP_USER_AGENT']),'iemobile')>0) {

    230. 

  230.             $_is_mobile_browser++;

    231. 

  231.         }

    232. 

  232. 

    233. 

  233.         if (strpos(strtolower(@$_SERVER['HTTP_ACCEPT']),'j2me')>0 || strpos(strtolower(@$_SERVER['HTTP_ACCEPT']),'midp')>0) {

    234. 

  234.             $_is_mobile_browser++;

    235. 

  235.         }

    236. 

  236. 

    237. 

  237.         if (isset($_SERVER['HTTP_X_OPERAMINI_PHONE'])) {

    238. 

  238.             $_is_mobile_browser++;

    239. 

  239.         }

    240. 

  240. 

    241. 

  241.         if ($_is_mobile_browser > 0) {

    242. 

  242.             return true;

    243. 

  243.         }

    244. 

  244.         return false;

    245. 

  245.     }

    246. 

  246. 

    247. 

  247. 

    248. 

  248.     /**

    249. 

  249.      * Static method to check if member already logged in or not

    250. 

  250.      *

    251. 

  251.      * @return  boolean

    252. 

  252.      **/

    253. 

  253.     public static function isMemberLogin()

    254. 

  254.     {

    255. 

  255.         $_logged_in = false;

    256. 

  256.         $_logged_in = isset($_SESSION['mid']) && isset($_SESSION['m_name']) && isset($_SESSION['m_email']);

    257. 

  257.         return $_logged_in;

    258. 

  258.     }

    259. 

  259. 

    260. 

  260. 

    261. 

  261.     /**

    262. 

  262.      * Static method to filter data

    263. 

  263.      *

    264. 

  264.      * @param   mixed   $mix_input: input data

    265. 

  265.      * @param   string  $str_input_type: input type

    266. 

  266.      * @param   boolean $bool_trim: are input string trimmed

    267. 

  267.      *

    268. 

  268.      * @return  mixed

    269. 

  269.      **/

    270. 

  270.     public static function filterData($mix_input, $str_input_type = 'get', $bool_escape_sql = true, $bool_trim = true, $bool_strip_html = false) {

    271. 

  271.         global $dbs;

    272. 

  272. 

    273. 

  273.         if (extension_loaded('filter')) {

    274. 

  274.             if ($str_input_type == 'var') {

    275. 

  275.                 $mix_input = filter_var($mix_input, FILTER_SANITIZE_STRING);

    276. 

  276.             } else if ($str_input_type == 'post') {

    277. 

  277.                 $mix_input = filter_input(INPUT_POST, $mix_input);

    278. 

  278.             } else if ($str_input_type == 'cookie') {

    279. 

  279.                 $mix_input = filter_input(INPUT_COOKIE, $mix_input);

    280. 

  280.             } else if ($str_input_type == 'session') {

    281. 

  281.                 $mix_input = filter_input(INPUT_SESSION, $mix_input);

    282. 

  282.             } else {

    283. 

  283.                 $mix_input = filter_input(INPUT_GET, $mix_input);

    284. 

  284.             }

    285. 

  285.         }

    286. 

  286.         

    287. 

  287.         // trim whitespace on string

    288. 

  288.         if ($bool_trim) { $mix_input = trim($mix_input); }

    289. 

  289.         // strip html

    290. 

  290.         if ($bool_strip_html) { $mix_input = strip_tags($mix_input); }

    291. 

  291.         // escape SQL string

    292. 

  292.         if ($bool_escape_sql) { $mix_input = $dbs->escape_string($mix_input); }

    293. 

  293. 

    294. 

  294.         return $mix_input;

    295. 

  295.     }

    296. 

  296. }

    297. 

  297. ?>

    298. 

  298.