Added basic support for X-Forwarded-For. Will need improving upon
Added basic support for X-Forwarded-For. Will need improving upon

<?php <?php
/** BTMain Class /** BTMain Class
* *
* System's central class, contains often used resources * System's central class, contains often used resources
* *
* Copyright (C) 2012 Ben Tasker * Copyright (C) 2012 Ben Tasker
* Released under GNU AGPL V3 * Released under GNU AGPL V3
* See LICENSE * See LICENSE
* *
*/ */
   
   
defined('_CREDLOCK') or die; defined('_CREDLOCK') or die;
   
define('_BTFrameWork',1); define('_BTFrameWork',1);
   
require_once 'lib/Framework/db_common.php'; require_once 'lib/Framework/db_common.php';
   
class BTMain{ class BTMain{
   
/** Identify whether the connection is over HTTPS /** Identify whether the connection is over HTTPS
* *
*/ */
function getConnTypeSSL(){ function getConnTypeSSL(){
return $_SERVER['HTTPS']; return $_SERVER['HTTPS'];
} }
   
   
/** Return the Framework Version /** Return the Framework Version
* *
*/ */
function getFrameWorkVers(){ function getFrameWorkVers(){
include_once(dirname(__FILE__)."/.version.php"); include_once(dirname(__FILE__)."/.version.php");
$vers = $versionmaj; $vers = $versionmaj;
   
if (!empty($versionmin)){ if (!empty($versionmin)){
   
$vers .= ".$versionmin"; $vers .= ".$versionmin";
} }
   
   
if (!empty($status)){ if (!empty($status)){
$vers .= ".$status"; $vers .= ".$status";
} }
   
return $vers; return $vers;
   
   
} }
   
   
   
   
/** Get version identifier for the software /** Get version identifier for the software
* *
* To work, the version identification must be stored in lib/.version.php * To work, the version identification must be stored in lib/.version.php
* *
*/ */
function getSoftVersion(){ function getSoftVersion(){
include_once 'lib/.version.php'; include_once 'lib/.version.php';
   
$vers = $versionmaj; $vers = $versionmaj;
   
if (!empty($versionmin)){ if (!empty($versionmin)){
   
$vers .= ".$versionmin"; $vers .= ".$versionmin";
} }
   
   
if (!empty($status)){ if (!empty($status)){
$vers .= ".$status"; $vers .= ".$status";
} }
   
return $vers; return $vers;
   
} }
   
   
   
   
/** Load in the system config and return as an object /** Load in the system config and return as an object
* *
* @return object * @return object
* *
*/ */
function getConf(){ function getConf(){
   
include 'conf/config.php'; include 'conf/config.php';
return $conf; return $conf;
   
} }
   
   
/** Set the name of the current user /** Set the name of the current user
* *
* @arg user - username * @arg user - username
* *
*/ */
function setUser($user){ function setUser($user){
$GLOBALS['curruser']->name = $user; $GLOBALS['curruser']->name = $user;
} }
   
   
/** Get details of current user /** Get details of current user
* *
* @return object * @return object
*/ */
function getUser(){ function getUser(){
return $GLOBALS['curruser']; return $GLOBALS['curruser'];
} }
   
   
/** Set details for the current user /** Set details for the current user
* *
* @arg detail - the element of the user object to set * @arg detail - the element of the user object to set
* @arg value - the value to set for that element * @arg value - the value to set for that element
* *
*/ */
function setUserDetails($detail,$value){ function setUserDetails($detail,$value){
$GLOBALS['curruser']->$detail = $value; $GLOBALS['curruser']->$detail = $value;
} }
   
   
   
/** Get the IP of the currently connected client /** Get the IP of the currently connected client
* *
* @return string * @return string
*/ */
function getip(){ function getip(){
  if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])){
return $_SERVER['REMOTE_ADDR']; return $_SERVER['REMOTE_ADDR'];
  }else{
  return $_SERVER['HTTP_X_FORWARDED_FOR'];
  }
   
} }
   
   
   
/** Create a URI string containing Session ID and Hash /** Create a URI string containing Session ID and Hash
* *
* @return string * @return string
*/ */
function embedSessionURI(){ function embedSessionURI(){
   
return "sess=" . BTMain::getVar('sess') . "&hsh=" . BTMain::getVar('hsh'); return "sess=" . BTMain::getVar('sess') . "&hsh=" . BTMain::getVar('hsh');
   
} }
   
   
/** Take the User's groups and turn into part of a WHERE statement /** Take the User's groups and turn into part of a WHERE statement
* *
*/ */
function buildACLQuery($tbl = false){ function buildACLQuery($tbl = false){
$groups = BTMain::getUser()->groups; $groups = BTMain::getUser()->groups;
$tab =''; $tab ='';
if ($tbl){ if ($tbl){
$tab = "$tbl."; $tab = "$tbl.";
} }
   
   
if (BTMain::getUser()->PortalLogin == '1'){ if (BTMain::getUser()->PortalLogin == '1'){
return "$tab.cust = '".BTMain::getUser()->PortalID."' "; return "$tab.cust = '".BTMain::getUser()->PortalID."' ";
   
} }
   
   
   
   
if (!in_array("-1",$groups)){ if (!in_array("-1",$groups)){
return "$tab`Group`=" . implode(" OR $tab`Group`=",$groups) ; return "$tab`Group`=" . implode(" OR $tab`Group`=",$groups) ;
}else{ }else{
return "$tab`Group` LIKE \"%\" "; return "$tab`Group` LIKE \"%\" ";
} }
   
   
   
   
   
} }
   
   
   
function FixPostVars(){ function FixPostVars(){
$postdata = file_get_contents("php://input"); $postdata = file_get_contents("php://input");
   
   
if (strpos($postdata,"%80") !== false){ if (strpos($postdata,"%80") !== false){
   
$pairs = explode("&", file_get_contents("php://input")); $pairs = explode("&", file_get_contents("php://input"));
$vars = array(); $vars = array();
foreach ($pairs as $pair) { foreach ($pairs as $pair) {
$nv = explode("=", $pair); $nv = explode("=", $pair);
$name = urldecode($nv[0]); $name = urldecode($nv[0]);
//$value = urldecode(str_replace("%0D","",$nv[1])); //$value = urldecode(str_replace("%0D","",$nv[1]));
   
if (strpos($nv[1],"%80") !== false){ if (strpos($nv[1],"%80") !== false){
$field = explode("[",$name); $field = explode("[",$name);
$field = str_replace("]","",$field[1]); $field = str_replace("]","",$field[1]);
   
$GLOBALS['_POST']['fields'][$field] = urldecode(str_replace("%80","&euro;",$nv[1])); $GLOBALS['_POST']['fields'][$field] = urldecode(str_replace("%80","&euro;",$nv[1]));
} }
   
   
   
   
   
} }
$GLOBALS['POSTDATAFIXED'] = 1; $GLOBALS['POSTDATAFIXED'] = 1;
} }
   
   
   
   
   
   
} }
   
   
   
   
/** Retrieve a variable from the request /** Retrieve a variable from the request
* *
* May return an array if one was submitted by a form, usually a string though * May return an array if one was submitted by a form, usually a string though
* *
* @return string/array * @return string/array
*/ */
function getVar($req){ function getVar($req){
   
if (!$GLOBALS['POSTDATAFIXED']){ if (!$GLOBALS['POSTDATAFIXED']){
BTMain::FixPostVars(); BTMain::FixPostVars();
} }
   
   
if (isset($_POST[$req])){ if (isset($_POST[$req])){
   
return $_POST[$req]; return $_POST[$req];
} }
   
return $_GET[$req]; return $_GET[$req];
   
   
} }
   
/** Push a value to a global used by getVar /** Push a value to a global used by getVar
* *
*/ */
function setVar($name,$value){ function setVar($name,$value){
$GLOBALS['_POST'][$name] = $value; $GLOBALS['_POST'][$name] = $value;
   
   
   
} }
   
   
/** Retrieve a variable from the session /** Retrieve a variable from the session
* *
* May return an array if one was submitted by a form, usually a string though * May return an array if one was submitted by a form, usually a string though
* *
* @return string/array * @return string/array
*/ */
function getSessVar($req){ function getSessVar($req){
   
if (isset($_SESSION[$req])){ if (isset($_SESSION[$req])){
   
return $_SESSION[$req]; return $_SESSION[$req];
} }
   
return false; return false;
   
   
} }
   
   
/** Push a variable from the session /** Push a variable from the session
* *
*/ */
function setSessVar($req,$val){ function setSessVar($req,$val){
   
   
   
$_SESSION[$req] = $val; $_SESSION[$req] = $val;
   
   
   
} }
   
   
/** Unset a session variable /** Unset a session variable
* *
*/ */
function unsetSessVar($req){ function unsetSessVar($req){
   
   
   
unset($_SESSION[$req]); unset($_SESSION[$req]);
   
   
   
} }
   
   
   
/** Check the user is an Admin /** Check the user is an Admin
* If not, output an error and stop output * If not, output an error and stop output
* *
*/ */
function checkAdmin(){ function checkAdmin(){
$user = BTMain::getUser()->Role; $user = BTMain::getUser()->Role;
   
if (substr($user,0,1) != "A"){ if (substr($user,0,1) != "A"){
   
echo "Access Denied"; echo "Access Denied";
die; die;
   
} }
   
   
   
   
} }
   
   
   
   
   
/** Check the user is an Admin /** Check the user is an Admin
* If not, output an error and stop output * If not, output an error and stop output
* *
* @return boolean * @return boolean
* *
*/ */
function checkisAdmin(){ function checkisAdmin(){
$user = BTMain::getUser()->Role; $user = BTMain::getUser()->Role;
   
if (substr($user,0,1) == "A"){ if (substr($user,0,1) == "A"){
   
return true; return true;
   
} }
   
return false; return false;
   
   
   
   
} }
   
   
/** Check the user is an Admin /** Check the user is an Admin
* If not, output an error and stop output * If not, output an error and stop output
* *
* @return boolean * @return boolean
* *
*/ */
function checkSuperAdmin(){ function checkSuperAdmin(){
$groups = BTMain::getUser()->groups; $groups = BTMain::getUser()->groups;
   
if (!in_array("-1",$groups)){ if (!in_array("-1",$groups)){
   
echo 'Access Denied'; echo 'Access Denied';
die; die;
   
} }
   
   
   
   
   
   
} }
   
   
/** Check the user is an Admin /** Check the user is an Admin
* If not, output an error and stop output * If not, output an error and stop output
* *
* @return boolean * @return boolean
* *
*/ */
function checkisSuperAdmin(){ function checkisSuperAdmin(){
$groups = BTMain::getUser()->groups; $groups = BTMain::getUser()->groups;
   
if (in_array("-1",$groups)){ if (in_array("-1",$groups)){
return true; return true;
   
} }
   
return false; return false;
   
   
   
   
} }
   
   
/** Return the Request URI /** Return the Request URI
* *
*/ */
function getEntryPoint(){ function getEntryPoint(){
   
return $_SERVER['REQUEST_URI']; return $_SERVER['REQUEST_URI'];
} }
   
   
/** Remove characters that may cause issues in URLs /** Remove characters that may cause issues in URLs
* *
* @arg str - String to be processed * @arg str - String to be processed
* *
* @return string * @return string
*/ */
function stripDodgyChars($str){ function stripDodgyChars($str){
   
return str_replace(" ","",str_replace("&","",str_replace("?","",$str))); return str_replace(" ","",str_replace("&","",str_replace("?","",$str)));
   
   
   
} }
   
   
   
   
   
   
   
   
   
   
} }
   
   
   
   
   
   
?> ?>