Location: PHPKode > projects > phpMyOrdering > phpMyOrdering-0.1.7-alpha/scripts/classes/class.configuration.php
<?PHP
/*
 * phpMyPurchasing - All rights reserved.
 * Jason Gerfen [hide@address.com]
 *
 * class.configuration.php - Application configuration options
 *
 */

class configuration
{

 function process($token,$get,$post,$server)
 {
  global $errors, $handles, $defined;

  $post = array_merge($post,$this->genAllErrors($post));

		if((!empty($post['txtOptionsEmail']))||(!empty($post['txtOptionsTimeout']))||(!empty($post['txtGMapAPIKey']))) {
   if($this->handleOptions($post)===0) {
    $sql['main'] = $this->defOpts($post);
   } else {
    $post = array_merge($post,$this->handleOptions($post));
   }
		}
		if((!empty($post['txtAuthDomain']))||(!empty($post['txtAuthServers']))||(!empty($post['txtAuthServerPort']))||(!empty($post['txtAuthUsername']))||(!empty($post['txtAuthBindDN']))||(!empty($post['txtAuthBaseDN']))) {
	  if($this->handleAuthOptions($post)===0) { 
    $sql['main'] = $this->authOpts($post);
   } else {
    $post = array_merge($post,$this->handleAuthOptions($post));
   }
		}
		if((!empty($post['txtAccessAllow']))||(!empty($post['txtAccessDeny']))) {
	  if($this->handleAccessList($post)===0) {
    $sql['main'] = $this->accessOpts($post);
   } else {
    $post = array_merge($post,$this->handleAccessList($post));
   }
		}

  if(count($sql)>0) {
   $result = $this->execute($sql);
   if($result==='-1'){
    $x = $defined['error']; $class = "error";
    $message = "A database error occured when saving configuration options.";
   } else {
    $x = $defined['good']; $class = "good";
    $message = "Changes to configuration options were successful.";
   }

   $post['error'] = '<div class="' . $class . '">' . $handles['err']->GenerateErrorImg($x,"help/help.html",NULL,'800','800') . '&nbsp;' . $message . '</div>';
  }

  $post = array_merge($post, $this->GenAllValues($post));

  return $post;
 }

 function handleOptions($post)
 {
  global $defined,$handles;
		if((!empty($post['txtOptionsEmail']))&&(!empty($post['txtOptionsEmail']))&&(!empty($post['txtOptionsTimeout']))&&(!empty($post['txtGMapAPIKey']))) {
			if(($handles['val']->ValidateEmail($post['txtOptionsEmail'])!==-1)&&($handles['val']->ValidateInteger($post['txtOptionsTimeout'])!==-1)&&($handles['val']->ValidateParagraph($post['txtGMapAPIKey'])!==-1)) {
    return 0;
			} else {
				$erlink = $handles['err']->GenerateErrorImg( $defined['error'], "help/help.html", "", '800', '800' );
    $list = "<ul>";
    if($handles['val']->ValidateEmail($post['txtOptionsEmail'])===-1){ $list .= "<li>Email field is invalid. Allowed: [_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,5})</li>"; $post['txtOptionsEmailErr'] = $erlink; }
				if($handles['val']->ValidateInteger($post['txtOptionsTimeout'])===-1){ $list .= "<li>Timeout field is invalid. Allowed: [0-9]{1,5}</li>"; $post['txtOptionsTimeoutErr'] = $erlink; }
    if($handles['val']->ValidateParagraph($post['txtGMapAPIKey'])===-1){ $list .= "<li>Google&trade; map API key field is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtGMapAPIKeyErr'] = $erlink; }
				$list .= "</ul>";
				$post['error'] = '<div class="error">' . $list . '</div>';
			}
		} else {
			$erlink = $handles['err']->GenerateErrorImg( $defined['error'], "help/help.html", "", '800', '800' );
   $list = "<ul>";
			if(empty($post['txtOptionsEmail'])){ $list .= "<li>Email field is missing</li>"; $post['txtOptionsEmailErr'] = $erlink; }
   if(empty($post['txtOptionsTimeout'])){ $list .= "<li>Timeout field is missing</li>"; $post['txtOptionsTimeoutErr'] = $erlink; }
			$list .= "</ul>";
			$post['error'] = '<div class="error">' . $list . '</div>';
		}
  $post = array_merge($post,$this->GenAllErrors($post));
  return $post;
 }

 function handleAuthOptions($post)
 {
  global $defined,$handles;
		if((!empty($post['txtAuthDomain']))&&(!empty($post['txtAuthServers']))&&(!empty($post['txtAuthPort']))&&(!empty($post['txtAuthUsername']))&&(!empty($post['txtAuthPassword']))&&(!empty($post['txtAuthBindDN']))&&(!empty($post['txtAuthBaseDN']))&&(!empty($post['key']))&&(!empty($post['salt']))) {
			if(($handles['val']->ValidateParagraph($post['txtAuthDomain'])!==-1)&&($handles['val']->ValidateParagraph($post['txtAuthServers'])!==-1)&&($handles['val']->ValidateInteger($post['txtAuthPort'])!==-1)&&($handles['val']->ValidateParagraph($post['txtAuthUsername'])!==-1)&&($handles['val']->ValidateParagraph($post['txtAuthPassword'])!==-1)&&($handles['val']->ValidateParagraph($post['txtAuthBindDN'])!==-1)&&($handles['val']->ValidateParagraph($post['txtAuthBaseDN'])!==-1)) {
    return 0;
			} else {
				$erlink = $handles['err']->GenerateErrorImg( $defined['error'], "help/help.html", "", '800', '800' );
    $list = "<ul>";
    if($handles['val']->ValidateParagraph($post['txtAuthDomain'])===-1){ $list .= "<li>Domain name is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtAuthDomainErr'] = $erlink; }
				if($handles['val']->ValidateParagraph($post['txtAuthServers'])===-1){ $list .= "<li>Server list is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtAuthServersErr'] = $erlink; }
    if($handles['val']->ValidateInteger($post['txtAuthPort'])===-1){ $list .= "<li>Server port is invalid. Allowed: [0-9]</li>"; $post['txtAuthPortErr'] = $erlink; }
    if($handles['val']->ValidateParagraph($post['txtAuthUsername'])===-1){ $list .= "<li>Username is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtAuthUsernameErr'] = $erlink; }
    if($handles['val']->ValidateParagraph($post['txtAuthPassword'])===-1){ $list .= "<li>Password is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtAuthPasswordErr'] = $erlink; }
    if($handles['val']->ValidateParagraph($post['txtAuthBindDN'])===-1){ $list .= "<li>Bind DN is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtBindDNErr'] = $erlink; }
    if($handles['val']->ValidateParagraph($post['txtAuthBaseDN'])===-1){ $list .= "<li>Base DN is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtBaseDNErr'] = $erlink; }
				$list .= "</ul>";
				$post['error'] = '<div class="error">' . $list . '</div>';
			}
		} else {
			$erlink = $handles['err']->GenerateErrorImg( $defined['error'], "help/help.html", "", '800', '800' );
   $list = "<ul>";
			if(empty($post['txtAuthDomain'])){ $list .= "<li>Domain name is missing</li>"; $post['txtAuthDomainErr'] = $erlink; }
   if(empty($post['txtAuthServers'])){ $list .= "<li>Server list is missing</li>"; $post['txtServerListErr'] = $erlink; }
   if(empty($post['txtAuthPort'])){ $list .= "<li>Server port is missing</li>"; $post['txtAuthPortErr'] = $erlink; }
   if(empty($post['txtAuthUsername'])){ $list .= "<li>Username is missing</li>"; $post['txtAuthUsernameErr'] = $erlink; }
   if(empty($post['txtAuthPassword'])){ $list .= "<li>Password is missing</li>"; $post['txtAuthPasswordErr'] = $erlink; }
   if(empty($post['txtAuthBindDN'])){ $list .= "<li>Bind DN is missing</li>"; $post['txtAuthBindDNErr'] = $erlink; }
   if(empty($post['txtAuthBaseDN'])){ $list .= "<li>Base DN is missing</li>"; $post['txtAuthBaseDNErr'] = $erlink; }
			$list .= "</ul>";
			$post['error'] = '<div class="error">' . $list . '</div>';
		}
  return $post;
 }

 function handleAccessList($post)
 {
  global $defined,$handles;
		if((!empty($post['txtDepartmentName']))&&(!empty($post['txtDepartmentManager']))&&(!empty($post['txtDepartmentAddress']))&&(!empty($post['txtDepartmentPhone']))&&(!empty($post['txtDepartmentEmail']))) {
			if(($handles['val']->ValidateParagraph($post['txtDeparmentName'])!==-1)&&($handles['val']->ValidateParagraph($post['txtDepartmentManager'])!==-1)&&($handles['val']->ValidateParagraph($post['txtDepartmentAddress'])!==-1)&&($handles['val']->ValidateParagraph($post['txtDepartmentPhone'])!==-1)&&($handles['val']->ValidateParagraph($post['txtDepartmentEmail'])!==-1)) {
    return 0;
			} else {
				$erlink = $handles['err']->GenerateErrorImg( $defined['error'], "help/help.html", "", '800', '800' );
    $list = "<ul>";
    if($handles['val']->ValidateParagraph($post['txtUDepartmentName'])===-1){ $list .= "<li>Department name field is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtDepartmentNameErr'] = $erlink; }
				if($handles['val']->ValidateParagraph($post['txtDepartmentManager'])===-1){ $list .= "<li>Department manager field is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtDepartmentManagerErr'] = $erlink; }
    if($handles['val']->ValidateParagraph($post['txtDepartmentAddress'])===-1){ $list .= "<li>Department address field is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtDepartmentAddressErr'] = $erlink; }
    if($handles['val']->ValidatePhone($post['txtDepartmentPhone'])===-1){ $list .= "<li>Department phone number is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtDepartmentPhoneErr'] = $erlink; }
    if($handles['val']->ValidateParagraph($post['txtDepartmentEmail'])===-1){ $list .= "<li>Department email is invalid. Allowed: [ -?!#$&+0-9=?A-Z^_.,]</li>"; $post['txtDepartmentEmailErr'] = $erlink; }
				$list .= "</ul>";
				$post['error'] = '<div class="error">' . $list . '</div>';
			}
		} else {
			$erlink = $handles['err']->GenerateErrorImg( $defined['error'], "help/help.html", "", '800', '800' );
   $list = "<ul>";
			if(empty($post['txtDepartmentName'])){ $list .= "<li>Department name is missing</li>"; $post['txtDepartmentNameErr'] = $erlink; }
   if(empty($post['txtDepartmentManager'])){ $list .= "<li>Department manager is missing</li>"; $post['txtDepartmentManagerErr'] = $erlink; }
   if(empty($post['txtDepartmentAddress'])){ $list .= "<li>Department address is missing</li>"; $post['txtDepartmentAddressErr'] = $erlink; }
   if(empty($post['txtDepartmentPhone'])){ $list .= "<li>Department phone is missing</li>"; $post['txtDepartmentPhoneErr'] = $erlink; }
   if(empty($post['txtDepartmentEmail'])){ $list .= "<li>Department email is missing</li>"; $post['txtDepartmentEmailErr'] = $erlink; }
			$list .= "</ul>";
			$post['error'] = '<div class="error">' . $list . '</div>';
		}
  return $post;
 }

 function genAllValues($post)
 {
  $post['txtOptionsEmail'] = (!empty($post['txtOptionsEmail'])) ? $post['txtOptionsEmail'] : $this->getAppOptions('txtOptionsEmail');
  $post['txtOptionsTimeout'] = (!empty($post['txtOptionsTimeout'])) ? $post['txtOptionsTimeout'] : $this->getAppOptions('txtOptionsTimeout');
  $post['txtGMapAPIKey'] = (!empty($post['txtGMapAPIKey'])) ? $post['txtGMapAPIKey'] : $this->getAppOptions('txtGMapAPIKey');
  $post['txtAuthDomain'] = (!empty($post['txtAuthDomain'])) ? $post['txtAuthDomain'] : $this->getAuthOptions('txtAuthDomain');
  $post['txtAuthServers'] = (!empty($post['txtAuthServers'])) ? $post['txtAuthServers'] : $this->getAuthOptions('txtAuthServers');
  $post['txtAuthPort'] = (!empty($post['txtAuthPort'])) ? $post['txtAuthPort'] : $this->getAuthOptions('txtAuthPort');
  $post['txtAuthUsername'] = (!empty($post['txtAuthUsername'])) ? $post['txtAuthUsername'] : $this->getAuthOptions('txtAuthUsername');
  $post['txtAuthPassword'] = '';//(!empty($post['txtAuthPassword'])) ? $post['txtAuthPassword'] : $this->getAuthOptions('txtAuthPassword');
  $post['txtAuthBindDN'] = (!empty($post['txtAuthBindDN'])) ? $post['txtAuthBindDN'] : $this->getAuthOptions('txtAuthBindDN');
  $post['txtAuthBaseDN'] = (!empty($post['txtAuthBaseDN'])) ? $post['txtAuthBaseDN'] : $this->getAuthOptions('txtAuthBaseDN');
  $post['txtAccessAllow'] = (!empty($post['txtAccessAllow'])) ? $post['txtAccessAllow'] : $this->getAccessOptions('txtAccessAllow');
  $post['txtAccessDeny'] = (!empty($post['txtAccessDeny'])) ? $post['txtAccessDeny'] : $this->getAccessOptions('txtAccessDeny');
  if(function_exists("mcrypt_encrypt")) {
   if ((empty($post['key']))||(empty($post['salt']))) {
    $post['key'] = $this->genPrivateKey();
    $post['salt'] = $this->genSalt();
   }
  }
  return $post;
 }

 function genAllErrors($post)
 {
  $post['error'] = '';
  $post['aerror'] = '';
  $post['berror'] = '';
  $post['txtOptionsEmailErr'] = '*';
  $post['txtOptionsTimeoutErr'] = '*';
  $post['txtGMapAPIKeyErr'] = '';
  $post['txtAuthDomainErr'] = '';
  $post['txtAuthServersErr'] = '';
  $post['txtAuthPortErr'] = '';
  $post['txtAuthUsernameErr'] = '';
  $post['txtAuthPasswordErr'] = '';
  $post['txtAuthBindDNErr'] = '';
  $post['txtAuthBaseDNErr'] = '';
  $post['txtAccessAllowErr'] = '';
  $post['txtAccessDenyErr'] = '';
  return $post;
 }

 function genPrivateKey()
 {
  global $handles,$defined;
  return $handles['encrypt']->EncodePrivToHex($handles['encrypt']->GeneratePrivateKey($defined['enckeygen']));
 }

 function genSalt()
 {
  global $handles;
  if(function_exists("mcrypt_encrypt")) {
   $cipher = new Cipher(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
   $cipher->setIV();
   $sessioniv = $cipher->getIV();
  } else {
   $sessioniv = rand(microtime(),microtime());
  }
  return $sessioniv;
 }

 function getAppOptions($filter)
 {
  global $defined,$handles;
  $dbconn = $handles['db']->dbConnect( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] );
  $lvl = (!empty($filter)) ? "SELECT `" . $filter . "` FROM `configuration`" :  $lvl = "SELECT * FROM `configuration`";
		if(($return = $handles['db']->dbQuery($handles['val']->ValidateSQL($lvl,$dbconn),$dbconn))!==-1) {
   if($handles['db']->dbNumRows($return)>0) {
  	 $data = $handles['db']->dbArrayResultsAssoc($return);
   }
		}
  $handles['db']->dbFixTable("configuration", $dbconn);
  $handles['db']->dbFreeData($dbconn);
  $handles['db']->dbCloseConn($dbconn);
  return (!empty($filter)) ? $data[0][$filter] : $data[0];
 }

 function getAuthOptions($filter)
 {
  global $defined,$handles;
  $dbconn = $handles['db']->dbConnect( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] );
  $lvl = (!empty($filter)) ? "SELECT `" . $filter . "` FROM `authentication`" :  $lvl = "SELECT * FROM `authentication`";
  if(($return = $handles['db']->dbQuery($handles['val']->ValidateSQL($lvl,$dbconn),$dbconn))!==-1) {
   if($handles['db']->dbNumRows($return)>0) {
  	 $data = $handles['db']->dbArrayResultsAssoc($return);
   }
		}
  $handles['db']->dbFixTable("authentication", $dbconn);
  $handles['db']->dbFreeData($dbconn);
  $handles['db']->dbCloseConn($dbconn);
  return (!empty($filter)) ? $data[0][$filter] : $data[0];
 }

 function getAccessOptions()
 {
  global $defined,$handles;
  $dbconn = $handles['db']->dbConnect( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] );
  $lvl = (!empty($filter)) ? "SELECT `" . $filter . "` FROM `access-list`" :  $lvl = "SELECT * FROM `access-list`";
		if(($return = $handles['db']->dbQuery($handles['val']->ValidateSQL($lvl,$dbconn),$dbconn))!==-1) {
   if($handles['db']->dbNumRows($return)>0) {
  	 $data = $handles['db']->dbArrayResultsAssoc($return);
   }
		}
  $handles['db']->dbFixTable("authentication", $dbconn);
  $handles['db']->dbFreeData($dbconn);
  $handles['db']->dbCloseConn($dbconn);
  return (!empty($filter)) ? $data[0][$filter] : $data[0];
 }

 function defOpts($post)
 {
  return "INSERT INTO `configuration` (`txtOptionsEmail`,`txtOptionsTimeout`,`txtGMapAPIKey`) VALUES (\"" . $post['txtOptionsEmail'] . "\",\"" . $post['txtOptionsTimeout'] . "\",\"" . $post['txtGMapAPIKey'] . "\") ON DUPLICATE KEY UPDATE `txtOptionsEmail` = \"" . $post['txtOptionsEmail'] . "\",`txtOptionsTimeout` = \"" . $post['txtOptionsTimeout'] . "\",`txtGMapAPIKey` = \"" . $post['txtGMapAPIKey'] . "\"";
 }

 function authOpts($post)
 {
  global $defined,$handles;
  if(function_exists("mcrypt_encrypt")) {
   $cipher = new Cipher(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
   $iv = $cipher->setIV($post['salt']);
   $post['txtAuthPassword'] = $cipher->encrypt($post['txtAuthPassword'],$post['key'],$iv);
  }
  return "INSERT INTO `authentication` (`key`,`salt`,`txtAuthDomain`,`txtAuthServers`,`txtAuthPort`,`txtAuthUsername`,`txtAuthPassword`,`txtAuthBindDN`,`txtAuthBaseDN`) VALUES (\"" . $post['key'] . "\",\"" . $post['salt'] . "\",\"" . $post['txtAuthDomain'] . "\",\"" . $post['txtAuthServers'] . "\",\"" . $post['txtAuthPort'] . "\",\"" . $post['txtAuthUsername'] . "\",\"" . $post['txtAuthPassword'] . "\",\"" . $post['txtAuthBindDN'] . "\",\"" . $post['txtAuthBaseDN'] . "\") ON DUPLICATE KEY UPDATE `key` = \"" . $post['key'] . "\", `salt` = \"" . $post['salt'] . "\", `txtAuthDomain` = \"" . $post['txtAuthDomain'] . "\",`txtAuthServers` = \"" . $post['txtAuthServers'] . "\",`txtAuthPort` = \"" . $post['txtAuthPort'] . "\",`txtAuthUsername` = \"" . $post['txtAuthUsername'] . "\",`txtAuthPassword` = \"" . $post['txtAuthPassword'] . "\",`txtAuthBindDN` = \"" . $post['txtAuthBindDN'] . "\",`txtAuthBaseDN` = \"" . $post['txtAuthBaseDN'] . "\"";
 }

 function accessOpts($post)
 {
  return "INSERT INTO `access-list` (`txtAccessAllow`,`txtAccessDeny`) VALUES (\"" . $post['txtAccessAllow'] . "\",\"" . $post['txtAccessDeny'] . "\") ON DUPLICATE KEY UPDATE `txtAccessAllow` = \"" . $post['txtAccessAllow'] . "\",`txtAccessDeny` = \"" . $post['txtAccessDeny'] . "\"";
 }

 function execute($sql)
 {
  global $defined, $handles;
  if(count($sql)>0) {
   $dbconn = $handles['db']->dbConnect( $defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname'] );
   foreach($sql as $key => $value) {
    if(($res = $handles['db']->dbQuery($handles['val']->ValidateSQL($value, $dbconn), $dbconn))!==-1) {
     if(($a=$handles['db']->dbNumRowsAffected($dbconn))>0) {
      $a++;
      $return = $a;
			  }
		  } else {
     $return = '-1';
    }
   }
   echo $handles['db']->dbCatchError($res);
   $handles['db']->dbFixTable("departments", $dbconn);
   $handles['db']->dbFixTable("resources", $dbconn);
   $handles['db']->dbFixTable("gresources", $dbconn);
   $handles['db']->dbFixTable("uresources", $dbconn);
   $handles['db']->dbFreeData($dbconn);
   $handles['db']->dbCloseConn($dbconn);
  }
  return $return;
 }

}

?>
Return current item: phpMyOrdering