health_html/inc/util.php

<?php
        $ME = "http".($HTTPS?"s":"")."://".$HTTP_HOST.$PHP_SELF;

        function MyQuote($str) {
                global $dbh;
                if (!$dbh) return "'$str'";
                return $dbh->quote($str);
        }

        function MyMove($src, $dest) {
                $cmd = "mv -f '".EscapeShellCmd($src)."' '".EscapeShellCmd($dest)."'";
                return exec($cmd);
        }

        function MyDelete($src) {
                # @unlink($src);
        }

        function PicSize($pic, $dir = "") {
                $ret = array(0, 0);
                if ($pic) {
                        if (!$dir) {
                                global $syspicdir;
                                $dir = $syspicdir;
                        }
                        @$size = GetImageSize("$dir/$pic");
                        $ret = array($size[0], $size[1]);
                }
                return $ret;
        }

        function PicResize($w, $h, $maxsize = 80) {
                if ($w && $h && $w > $maxsize) {
                        $ratio = ($w / $h);
                        $w = intval($maxsize);
                        $h = intval($w / $ratio);
                }
                return array($w, $h);
        }

        function GetLinks($read, $more, $more_title, $id, $cat, $name, $edit, $updown = false, $up = false, $down = false) {
                $t = new Smarty();
                global $section, $section_menu, $spec;
                $t->assign("section", $section);
                $t->assign("section_menu", $section_menu);
                $t->assign("spec", $spec);
                $t->assign("id", $id);
                $t->assign("cat", $cat);
                $t->assign("name", $name);
                $t->assign("read", $read && !strstr($more, "?"));
                $t->assign("more", /* $more */ strstr($more, "?") ? $more : "");
                $t->assign("more_new", strstr($more, "://") ? true : false);
                $t->assign("more_title", $more_title);
                $t->assign("edit", $edit);
                $t->assign("updown", $updown);
                $t->assign("up", $up);
                $t->assign("down", $down);
                return $t->fetch("links.tpl");
        }

        function GetHighlight($hl) {
                $tp = new Smarty();
                $tp->assign("hl", $hl);
                return $tp->fetch("highlight.tpl");
        }

        function GenerateUsername($ime, $prezime) {
                global $dbh;
                $replace_from = "¹ðèæ¾©ÐÈÆ® ";
                $replace_to = "ssdcczzSSDCCZZ_";
                $ime = strtolower(ereg_replace('[^A-Za-z0-9]', "",
                        strtr($ime, $replace_from, $replace_to)));
                $prezime = strtolower(ereg_replace('[^A-Za-z0-9]', "",
                        strtr($prezime, $replace_from, $replace_to)));
                $cnt = 1;
                while ($cnt <= strlen($ime)) {
                        $username = substr($ime, 0, $cnt++).$prezime;
                        $sql = "SELECT username FROM users WHERE username = '$username'";
                        $sth = $dbh->prepare($sql);
                        if (!$sth) error("Cannot prepare query: \"$sql\"");
                        if (!$sth->execute()) error("Cannot execute query: \"$sql\"");
                        $row = $sth->fetchrow_array();
                        $sth->finish();
                        if (!$row) break;
                }
                if ($cnt > strlen($ime)) {
                        $username2 = $username;
                        $cnt = 1;
                        while (true) {
                                $username = $username.($cnt++);
                                $sql = "SELECT username FROM users WHERE username = '$username'";
                                $sth = $dbh->prepare($sql);
                                if (!$sth) error("Cannot prepare query: \"$sql\"");
                                if (!$sth->execute()) error("Cannot execute query: \"$sql\"");
                                $row = $sth->fetchrow_array();
                                $sth->finish();
                                if (!$row) break;
                        }
                }
                return $username;
        }

        function GeneratePassword($length = 8) {
                $chars = preg_split('//', "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
                array_shift($chars);
                array_pop($chars);
                $password = "";
                for ($i = 0; $i < $length; $i++) $password .= $chars[rand(0, count($chars))];
                return $password;
        }

        function Auth($user = "", $pwd = "") {
                global $ME,$HTTP_USER_AGENT,$REMOTE_ADDR;
                // DEBUG:
                if (stristr($ME, "test.plivamed.net")) return 0;
                // User-Agent: should be mnoGoSearch, but in version 3.1.19
                // it's UdmSearch so we match just search
                if (strstr($HTTP_USER_AGENT, "Search") && strstr($REMOTE_ADDR, "10.254.1.")) return 0;
                global $PMusername, $PMpassword;
                if (!$user) $user = $PMusername;
                if (!$pwd) $pwd = $PMpassword;
                if (!$user) return 1;
                global $dbh;
                $connected = $dbh ? true : false;
                if (!$connected) include("inc/conn.php");
                $sql = "SELECT username, password FROM users WHERE (username = '$user')";
                $sth = $dbh->prepare($sql);
                if (!$sth) return 4;
                if (!$sth->execute()) return 5;
                $row = $sth->fetchrow_array();
                $sth->finish();
                if (!$connected) $dbh->disconnect();
                list($u, $p) = $row;
                if ($u != $user) return 2;
                if ($p != $pwd) return 3;
                return 0;
        }

        Header("Content-Type: text/html; charset=ISO-8859-2");
        $isEdit = stristr($ME, "/edit/") ? true : false;
        $isMed = stristr($ME, "med") || stristr($ME, "pm") ? true : false;
        if ($isEdit) {
                if ($PHP_AUTH_USER != "test" && $PHP_AUTH_PW != "test") {
                        Header("WWW-Authenticate: Basic realm=\"PLIVA".($isMed?"med.net":"zdravlje.hr")."\"");
                        Header("HTTP/1.0 401 Unauthorized");
                        echo "Sorry, you are not allowed to edit the site.\n";
                        exit;
                }
        }
        $isReg = $isMed ? false : true;
        if (!$isReg) $isReg = (Auth() == 0) ? true : false;
?>
1	ravilov	1.1	<?php
2	ravilov	1.4	$ME = "http".($HTTPS?"s":"")."://".$HTTP_HOST.$PHP_SELF;
3
4	ravilov	1.1	function MyQuote($str) {
5			global $dbh;
6			if (!$dbh) return "'$str'";
7			return $dbh->quote($str);
8			}
9
10			function MyMove($src, $dest) {
11			$cmd = "mv -f '".EscapeShellCmd($src)."' '".EscapeShellCmd($dest)."'";
12			return exec($cmd);
13			}
14
15			function MyDelete($src) {
16	ravilov	1.4	# @unlink($src);
17	ravilov	1.1	}
18
19	ravilov	1.2	function PicSize($pic, $dir = "") {
20	ravilov	1.1	$ret = array(0, 0);
21			if ($pic) {
22	ravilov	1.2	if (!$dir) {
23			global $syspicdir;
24			$dir = $syspicdir;
25			}
26	ravilov	1.3	@$size = GetImageSize("$dir/$pic");
27	ravilov	1.1	$ret = array($size[0], $size[1]);
28			}
29			return $ret;
30			}
31
32	ravilov	1.3	function PicResize($w, $h, $maxsize = 80) {
33			if ($w && $h && $w > $maxsize) {
34			$ratio = ($w / $h);
35			$w = intval($maxsize);
36			$h = intval($w / $ratio);
37			}
38			return array($w, $h);
39			}
40
41			function GetLinks($read, $more, $more_title, $id, $cat, $name, $edit, $updown = false, $up = false, $down = false) {
42			$t = new Smarty();
43			global $section, $section_menu, $spec;
44			$t->assign("section", $section);
45			$t->assign("section_menu", $section_menu);
46			$t->assign("spec", $spec);
47			$t->assign("id", $id);
48			$t->assign("cat", $cat);
49			$t->assign("name", $name);
50			$t->assign("read", $read && !strstr($more, "?"));
51			$t->assign("more", /* $more */ strstr($more, "?") ? $more : "");
52			$t->assign("more_new", strstr($more, "://") ? true : false);
53			$t->assign("more_title", $more_title);
54			$t->assign("edit", $edit);
55			$t->assign("updown", $updown);
56			$t->assign("up", $up);
57			$t->assign("down", $down);
58			return $t->fetch("links.tpl");
59			}
60
61			function GetHighlight($hl) {
62			$tp = new Smarty();
63			$tp->assign("hl", $hl);
64			return $tp->fetch("highlight.tpl");
65			}
66
67	ravilov	1.4	function GenerateUsername($ime, $prezime) {
68			global $dbh;
69			$replace_from = "¹ðèæ¾©ÐÈÆ® ";
70			$replace_to = "ssdcczzSSDCCZZ_";
71			$ime = strtolower(ereg_replace('[^A-Za-z0-9]', "",
72			strtr($ime, $replace_from, $replace_to)));
73			$prezime = strtolower(ereg_replace('[^A-Za-z0-9]', "",
74			strtr($prezime, $replace_from, $replace_to)));
75			$cnt = 1;
76			while ($cnt <= strlen($ime)) {
77			$username = substr($ime, 0, $cnt++).$prezime;
78			$sql = "SELECT username FROM users WHERE username = '$username'";
79			$sth = $dbh->prepare($sql);
80			if (!$sth) error("Cannot prepare query: \"$sql\"");
81			if (!$sth->execute()) error("Cannot execute query: \"$sql\"");
82			$row = $sth->fetchrow_array();
83			$sth->finish();
84			if (!$row) break;
85			}
86			if ($cnt > strlen($ime)) {
87			$username2 = $username;
88			$cnt = 1;
89			while (true) {
90			$username = $username.($cnt++);
91			$sql = "SELECT username FROM users WHERE username = '$username'";
92			$sth = $dbh->prepare($sql);
93			if (!$sth) error("Cannot prepare query: \"$sql\"");
94			if (!$sth->execute()) error("Cannot execute query: \"$sql\"");
95			$row = $sth->fetchrow_array();
96			$sth->finish();
97			if (!$row) break;
98			}
99			}
100			return $username;
101			}
102
103			function GeneratePassword($length = 8) {
104			$chars = preg_split('//', "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
105			array_shift($chars);
106			array_pop($chars);
107			$password = "";
108			for ($i = 0; $i < $length; $i++) $password .= $chars[rand(0, count($chars))];
109			return $password;
110			}
111
112	ravilov	1.3	function Auth($user = "", $pwd = "") {
113	ravilov	1.4	global $ME,$HTTP_USER_AGENT,$REMOTE_ADDR;
114			// DEBUG:
115			if (stristr($ME, "test.plivamed.net")) return 0;
116			// User-Agent: should be mnoGoSearch, but in version 3.1.19
117			// it's UdmSearch so we match just search
118			if (strstr($HTTP_USER_AGENT, "Search") && strstr($REMOTE_ADDR, "10.254.1.")) return 0;
119	ravilov	1.3	global $PMusername, $PMpassword;
120			if (!$user) $user = $PMusername;
121			if (!$pwd) $pwd = $PMpassword;
122			if (!$user) return 1;
123			global $dbh;
124			$connected = $dbh ? true : false;
125			if (!$connected) include("inc/conn.php");
126			$sql = "SELECT username, password FROM users WHERE (username = '$user')";
127			$sth = $dbh->prepare($sql);
128			if (!$sth) return 4;
129			if (!$sth->execute()) return 5;
130			$row = $sth->fetchrow_array();
131			$sth->finish();
132			if (!$connected) $dbh->disconnect();
133			list($u, $p) = $row;
134			if ($u != $user) return 2;
135			if ($p != $pwd) return 3;
136			return 0;
137			}
138
139			Header("Content-Type: text/html; charset=ISO-8859-2");
140			$isEdit = stristr($ME, "/edit/") ? true : false;
141			$isMed = stristr($ME, "med") \|\| stristr($ME, "pm") ? true : false;
142			if ($isEdit) {
143			if ($PHP_AUTH_USER != "test" && $PHP_AUTH_PW != "test") {
144			Header("WWW-Authenticate: Basic realm=\"PLIVA".($isMed?"med.net":"zdravlje.hr")."\"");
145			Header("HTTP/1.0 401 Unauthorized");
146			echo "Sorry, you are not allowed to edit the site.\n";
147			exit;
148			}
149			}
150			$isReg = $isMed ? false : true;
151			if (!$isReg) $isReg = (Auth() == 0) ? true : false;
152	ravilov	1.1	?>