' . $GLOBALS["site"]['name'] . " - " . $GLOBALS["language"]['name'] . '
';
}
function get_translation($_key) {
$translation = \DynCom\mysyde\common\classes\Registry::get('translation');
return $translation->get($_key);
}
// Gibt den Datenbankeintrag des aktuellen Frontend-Menübereichs zurück
function frontend_navigation_get() {
if(isset($_GET["frontend_nav"])) {
$pdoHost = getenv('MAIN_MYSQL_DB_HOST');
$pdoPort = getenv('MAIN_MYSQL_DB_PORT');
$pdoUser = getenv('MAIN_MYSQL_DB_USER');
$pdoPass = getenv('MAIN_MYSQL_DB_PASS');
$pdoSchema = getenv('MAIN_MYSQL_DB_SCHEMA');
$pdo = new \DynCom\mysyde\common\classes\PDOQueryWrapper($pdoHost, $pdoPort, $pdoSchema, $pdoUser, $pdoPass);
$prepStatement = "SELECT * FROM main_navigation WHERE id = : id ";
$params = [
[':id', $_GET["frontend_nav"], PDO::PARAM_STR],
];
$pdo->setQuery($prepStatement);
$pdo->prepareQuery();
$pdo->bindParameters($params);
$pdo->executePreparedStatement();
$result = $pdo->getResultArray();
if(count($result) == 1) {
return $result[0];
}
}
}
// Titel der Seite zusammenstellen
function admin_site_title() {
$setup = setup_get();
$title = $GLOBALS["site"]['name'];
$menuname = '';
$adminMenu = \DynCom\mysyde\common\classes\Adminmenu::get();
if($_GET["level_1"] != "") {
$menuname = $adminMenu[$_GET["level_1"]]['name'];
}
if($_GET["level_2"] != "") {
$menuname = $adminMenu[$_GET["level_1"]]['subsites'][$_GET["level_2"]]['name'];
}
if($menuname<>'') {
$title .= " - " . $menuname;
}
return $title;
}
function admin_navigation_menu($site, $language, $admin_navigation, $from_level, $to_level) {
admin_navigation_menu_rek($site, $language, $admin_navigation, 0, 1, "", $from_level, $to_level);
echo "\n";
return true;
}
function admin_navigation_menu_rek($site, $language, $navigation, $parent_id, $level, $navcode, $from_level, $to_level) {
switch ($level) {
case 1: $levelcode = $_GET["level_1"];break;
case 2: $levelcode = $_GET["level_2"];break;
case 3: $levelcode = $_GET["level_3"];break;
}
$spaces = " ";
$count = 0;
while($count <= $level) {
$spaces .= " ";
$count++;
}
$parent_id_query = ($parent_id == 0) ? "parent_id IS NULL" : "parent_id = '".$parent_id."'";
$query = "SELECT * FROM main_admin_navigation WHERE " . $parent_id_query . " ORDER BY sorting ASC";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$show_level = (($level >= $from_level) && ($level <= $to_level)) ? true : false;
if(@mysqli_num_rows($result) > 0) {
if($show_level) { echo "\n" . $spaces . "" : "\n" . $spaces . ""; }
while ($nav = @mysqli_fetch_array($result)) {
$newnavcode = $navcode . $nav["code"] . "/";
if($show_level) { echo "\n" . $spaces . " - " . htmlentities($nav["menu_name"], ENT_COMPAT, "UTF-8") . ""; }
navigation_treemenu_rek($site, $language, $navigation, $nav["id"], ($level+1), $from_level, $to_level, false);
if($show_level) { echo "
"; }
$count++;
}
if($show_level) { echo "\n" . $spaces . "
"; }
}
return true;
}
// Prüft Login eines Admin-User
function check_admin_user_login() {
$passwordOptions = get_password_options();
if($_GET["action"]=="admin_logout") {
$visitor = get_visitor_small(session_id());
if((int)$visitor["id"]>0) {
$select_query = "SELECT main_admin_user_id FROM main_visitor WHERE id = " . $visitor['id'] . " LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'],$select_query);
$res = @mysqli_fetch_assoc($result);
$query = "UPDATE main_visitor SET admin_login = FALSE, main_admin_user_id = NULL WHERE id = " . $visitor["id"] . " LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'],$query);
// redirect
header('Location: /mysyde/');
createMySydeLog('main_admin_user', $res['main_admin_user_id'], 'LOGOUT');
}
}
if(($_GET["action"]=="admin_login" ) && ($_POST["input_login"]<>'') && ($_POST["input_password"]<>'')) {
$user_language = (isset($GLOBALS["admin_user"]['main_language']) ? $GLOBALS["admin_user"]['main_language'] : 'de');
\DynCom\mysyde\common\classes\Registry::set('translation', new \DynCom\mysyde\common\classes\Translate($user_language));
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$visitor = get_visitor_small(session_id());
if(!(int)$visitor['id'] > 0) {
$visitor = get_visitor();
}
/*$query = "SELECT * FROM main_admin_user WHERE UPPER(login) = UPPER('" . $_POST["input_login"] . "') LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) == 1) {
$row = mysqli_fetch_assoc($result);*/
$prepStatement = 'SELECT * FROM main_admin_user WHERE UPPER(login) = UPPER(:input_login) LIMIT 1';
$dbHost = getenv('MAIN_MYSQL_DB_HOST');
$dbPort = (int)getenv('MAIN_MYSQL_DB_PORT');
$dbUser = getenv('MAIN_MYSQL_DB_USER');
$dbSchema = getenv('MAIN_MYSQL_DB_SCHEMA');
$dbPass = getenv('MAIN_MYSQL_DB_PASS');
try {
$pdo = new \DynCom\mysyde\common\classes\PDOQueryWrapper($dbHost, $dbPort, $dbSchema, $dbUser, $dbPass);
$params = [
[':input_login', $_POST["input_login"], PDO::PARAM_STR],
];
$pdo->setQuery($prepStatement);
$pdo->prepareQuery();
$pdo->bindParameters($params);
$pdo->executePreparedStatement();
$resArray = $pdo->getResultArray();
} catch (Exception $e) {
//Do noting
}
if (\count($resArray) === 1) {
$row = $resArray[0];
$rowID = $row['id'];
$dbPasswordHash = $row['password'];
$inputPassword = filter_input(INPUT_POST,'input_password',FILTER_SANITIZE_STRING);
$validOldHash = md5($inputPassword) === $dbPasswordHash;;
if ($validOldHash || password_verify($inputPassword,$dbPasswordHash)) {
if ($validOldHash || password_needs_rehash($dbPasswordHash,PASSWORD_DEFAULT,$passwordOptions)) {
$newPasswordHash = password_hash($inputPassword,PASSWORD_DEFAULT,$passwordOptions);
$upadateQuery = 'UPDATE main_admin_user SET password = \'' . $newPasswordHash . '\' WHERE id = ' . $rowID;
mysqli_query($GLOBALS['mysql_con'],$upadateQuery);
}
$admin_user = $row;
$query = "UPDATE main_visitor SET admin_login = TRUE, main_admin_user_id = " . $admin_user["id"] . " WHERE id = " . $visitor["id"] . " LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'],$query);
delete_false_admin_password_loign_counter(md5(getAdminUserIP()) , md5($_POST["input_login"]));
// redirect
header('Location: /mysyde/');
createMySydeLog('main_admin_user', $admin_user['id'], 'LOGIN');
}
else
{
$_SESSION['status_message'] = $translation->get("invalid_login");
add_false_password_admin_loign_counter(md5(getAdminUserIP()), md5($_POST["input_login"]), 1, time());
}
}else{
$_SESSION['status_message'] = $translation->get("invalid_login");
}
}
if($_GET['action'] == "forget_password" && $_POST["input_login"]<>'' ){
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$email = $_POST["input_login"];
$query = "SELECT * FROM main_admin_user WHERE email = '".$email."' LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if(@mysqli_num_rows($result) < 1){
$_SESSION['forget_error'] = 'Falsche E-Mail/Benutzername';
} else{
unset($_SESSION['forget_error']);
$user = @mysqli_fetch_assoc($result);
$randomString = time().$user['id'].strtoupper(str_replace(" ", "-",$user['login'])).rand(1,1000);
$queryUpd = "UPDATE main_admin_user SET
password_recovery_code = '" . $randomString . "'
WHERE id = '" . $user["id"] . "'
LIMIT 1";
$message = ' Hallo '.$user['name'].',
Unten ist Ihr Passwort-Wiederherstellungscode
';
$message .= "".$randomString."
";
$contactform_header["subject"] = "E-Mail zur Passwortwiederherstellung";
// $contactform_header["sender_email"] = 'support@'.$_SERVER['HTTP_HOST'].'.com';
$contactform_header["sender_email"] = 'support@breadcrumb-solutions.de.com';
$contactform_header["recipient_email"] = $user['email'];
$contactform_header["sender_name"] = "Support Team";
$contactform_header["recipient_name"] = $user['name'];
if (mail_create( $contactform_header["subject"],
$message,
$contactform_header["sender_email"],
$contactform_header["recipient_email"],
$contactform_header["sender_name"],
$contactform_header["recipient_name"],
TRUE,
"")) {
mail_send();
@mysqli_query($GLOBALS['mysql_con'], $queryUpd);
$_SESSION['user_email'] = $email;
}else{
$_SESSION['forget_error'] = "Unbekannter Fehler aufgetreten, versuchen Sie es erneut";
}
}
}
if($_GET['action'] == "forget_password" && $_POST["password_recovery_code"]<>'' ){
$email = $_SESSION['user_email'];
$code = $_POST['password_recovery_code'];
$query = "SELECT * FROM main_admin_user WHERE email = '".$email."' AND password_recovery_code = '".$code."' LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if(@mysqli_num_rows($result) < 1){
$_SESSION['forget_error'] = 'Falsche E-Mail/Benutzername Und Code';
}else{
unset($_SESSION['forget_error']);
$user = @mysqli_fetch_assoc($result);
$queryUpd = "UPDATE main_admin_user SET
password_recovery_code = ''
WHERE id = '" . $user["id"] . "'
LIMIT 1";
if(@mysqli_query($GLOBALS['mysql_con'], $queryUpd)){
$_GET['action'] = 'set_password';
$_SESSION['code_set'] = 1;
header('Location: /mysyde/?action='.$_GET['action'] );
}else{
$_SESSION['forget_error'] = "Unbekannter Fehler aufgetreten, versuchen Sie es erneut";
}
}
}
if($_GET['action'] == 'set_password' && $_POST['input_password'] <> '' && $_POST['input_password2'] <> ''){
require_once("../common/classes/Registry.php");
$email = $_SESSION['user_email'];
$code = $_POST['password_recovery_code'];
$query = "SELECT * FROM main_admin_user WHERE email = '".$email."' LIMIT 1";
$user_language = (isset($GLOBALS["admin_user"]['main_language']) ? $GLOBALS["admin_user"]['main_language'] : 'de');
\DynCom\mysyde\common\classes\Registry::set('translation', new \DynCom\mysyde\common\classes\Translate($user_language));
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
if ($_POST["input_password"] <> $_POST["input_password2"]) {
$_SESSION['forget_error'] = $translation->get("user_error2");
}else if (strlen($_POST["input_password"]) < 6) {
$_SESSION['forget_error'] = $translation->get("user_error3");
}else{
unset($_SESSION['forget_error']);
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if(@mysqli_num_rows($result) < 1){
$_SESSION['forget_error'] = 'Falsche E-Mail/Benutzername Und Code';
}else{
unset($_SESSION['forget_error']);
$user = @mysqli_fetch_assoc($result);
$passwordOptions = get_password_options();
$hashedPassword = password_hash(filter_input(INPUT_POST,'input_password'),PASSWORD_DEFAULT,$passwordOptions);
$queryUpd = "UPDATE main_admin_user SET
password = '".$hashedPassword."'
WHERE id = '" . $user["id"] . "'
LIMIT 1";
if(@mysqli_query($GLOBALS['mysql_con'], $queryUpd)){
$_SESSION['success_status'] = $translation->get("user_msg_success2");
unset($_SESSION['user_email']);
unset($_SESSION['code_set']);
header('Location: /mysyde/');
}else{
$_SESSION['forget_error'] = 'Das Passwort kann nicht aktualisiert werden. Versuchen Sie es nochmal.';
}
}
}
}
$visitor = get_visitor_small(session_id());
}
// Erzeugt Drop-Down aller Siteparts
function sitepart_select($selectname = "input_sitepart_id") {
$query = "SELECT * FROM main_modul WHERE installed = 1 ORDER BY id ASC";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$modules = array();
$i = 0;
WHILE ($row = @mysqli_fetch_assoc($result)) {
$modules[$i] = $row;
$i++;
}
FOR ($k = 0; $k < count($modules); $k++) {
$query = "SELECT * FROM main_sitepart WHERE main_modul_id = '" .$modules[$k]['id']."'";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$i = 0;
WHILE ($row = @mysqli_fetch_assoc($result)) {
$modules[$k]['siteparts'][$i] = $row;
$i++;
}
}
$l = 1;
FOR ($i = 0; $i < count($modules); $i++) {
echo ("\n\t");
FOR ($j = 0; $j < count($modules[$i]["siteparts"]); $j++) {
echo (" \n\t\t");
echo ("");
echo (" \n\t");
}
echo (" |
\n");
$l++;
}
}
function sitepart_select_dd($name,$selectname = "input_sitepart_id", $value = 1, $disabled = FALSE) {
$disabled_text = ($disabled) ? " disabled=\"disabled\"" : "";
echo "";
echo "";
}
// Erzeugt Drop-Down der Seiten/Mandanten
function site_select($name,$selectname = "input_site_id", $value = NULL, $disabled = FALSE, $chooseText = FALSE, $onchange = "") {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$disabled_text = ($disabled) ? " disabled=\"disabled\"" : "";
echo "";
echo "";
}
// Erzeugt Drop-Down der Layouts
function layout_select($name,$selectname = "input_layout_id", $value = NULL, $disabled = FALSE) {
$disabled_text = ($disabled) ? " disabled=\"disabled\"" : "";
echo "";
echo "";
}
// Entpacken einer ZIP-Datei
function extract_zip_file($zipfile,$path) {
if (function_exists('zip_open'))
{
/* Absolute Pfadangabe ist hier erforderlich! */
$zip_datei = $zipfile;
echo $zip_datei;
/* relative Pfadangabe mit abschließendem Slash " / " */
$ziel_ordner = $path;
if (file_exists($zip_datei) && ($zip = zip_open($zip_datei)))
{
while($zip_entry = zip_read($zip))
{
$file_name = zip_entry_name($zip_entry);
$file_size = zip_entry_filesize($zip_entry);
$comp_meth = zip_entry_compressionmethod($zip_entry);
if (zip_entry_open($zip, $zip_entry, 'rb'))
{
$buffer = zip_entry_read($zip_entry, $file_size);
if (preg_match('/\/$/', $file_name) && ($comp_meth == 'stored'))
{
if (!is_dir($ziel_ordner . $file_name))
@mkdir($ziel_ordner . $file_name, 0777);
}
else
{
$fp = fopen($ziel_ordner . $file_name, 'wb');
fwrite($fp, $buffer);
fclose($fp);
}
zip_entry_close($zip_entry);
}
}
zip_close($zip);
}
else
echo 'Konnte die Datei ' . basename($zip_datei) . ' nicht öffnen!';
}
else
echo 'Bitte aktivieren Sie in der php.ini die Extensions '
. 'php_zip.dll in dem sie '
. 'das Semikolon vor dieser Zeile ;'
. 'extension=php_zip.dll entfernen.';
}
// Layout Area integration - 10. August 2009 MH
function layout_area_select($name,$selectname = "input_layout_area_id", $value = NULL, $disabled = FALSE) {
$disabled_text = ($disabled) ? " disabled=\"disabled\"" : "";
echo "";
echo "";
}
function layout_class_select($name,$selectname = "input_layout_class_id", $value = NULL, $disabled = FALSE) {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$disabled_text = ($disabled) ? " disabled=\"disabled\"" : "";
echo "";
echo "";
}
// Gibt den Datenbankeintrag des aktuellen Admin-Menübereichs zurück
function admin_navigation_get() {
if($_GET["level_1"] <> '') { $levelcode = $_GET["level_1"]; }
if($_GET["level_2"] <> '') { $levelcode = $_GET["level_2"]; }
if($_GET["level_3"] <> '') { $levelcode = $_GET["level_3"]; }
if($levelcode=="") { $levelcode = "Inhalte"; }
// $result = @mysqli_query($GLOBALS['mysql_con'],"SELECT * FROM main_admin_navigation WHERE code = '" . $levelcode . "'");
// if(@mysqli_num_rows($result) == 1) {
// return @mysqli_fetch_array($result);
// }
}
//Inhalt eines Select-Feldes über Navigationseinträge mit Rückgabe als String statt Ausgabe per echo
function navigation_select_noecho($navigation_id, $site_id, $language_id, $from_level = 1, $to_level = 5) {
global $nav;
$nav = '';
$nav .= navigation_select_rek_noecho($site_id,$language_id,navigation_getbyid($navigation_id), 0, 1, "", $from_level, $to_level);
return $nav;
}
function navigation_select_rek_noecho($site_id, $language_id, $navigation, $parent_id, $level, $navcode, $from_level, $to_level) {
global $nav_1;
$spaces = "";
$count = 1;
while($count < $level) {
$spaces .= " ";
$count++;
}
$parent_id_query = ($parent_id == 0) ? " AND parent_id IS NULL" : " AND parent_id = '" . $parent_id."'";
$query = "SELECT * FROM main_navigation WHERE main_site_id = '" . $site_id . "' AND main_language_id = '" . $language_id."'" . $parent_id_query . " ORDER BY sorting ASC";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$show_level = (($level >= $from_level) && ($level <= $to_level)) ? true : false;
if(@mysqli_num_rows($result) > 0) {
while ($nav = @mysqli_fetch_array($result)) {
$newnavcode = $navcode . $nav["code"] . "/";
$active = "";
if ($show_level) {
if ($nav["id"] == $navigation["id"]) {
$nav_1 .= "\n";
} else {
$nav_1 .= "\n";
}
navigation_select_rek_noecho($site_id, $language_id, $navigation, $nav["id"], ($level+1),$newnavcode, $from_level, $to_level );
}
}
} else {
if ($level == 1) {
$nav_1 .= "\n";
}
}
return $nav_1;
}
// Ezreugt eingerücktes Drop-Down eines Navigation-Menü-Baums
function navigation_select($name,$selectname = "input_forward_navigation_id", $navigation_id, $site_id, $language_id, $from_level = 1, $to_level = 5, $disabled = FALSE) {
$disabled_text = ($disabled) ? " disabled=\"disabled\"" : "";
echo "";
echo "";
}
function navigation_select_rek($site_id, $language_id, $navigation, $parent_id, $level, $navcode, $from_level, $to_level) {
$spaces = "";
$count = 1;
while($count < $level) {
$spaces .= " ";
$count++;
}
$parent_id_query = ($parent_id == 0) ? " AND parent_id IS NULL" : " AND parent_id = '" . $parent_id."'";
$result = @mysqli_query($GLOBALS['mysql_con'],"SELECT * FROM main_navigation WHERE main_site_id = '" . $site_id . "' AND main_language_id = '" . $language_id."'" . $parent_id_query . " ORDER BY sorting ASC");
$show_level = (($level >= $from_level) && ($level <= $to_level)) ? true : false;
if(@mysqli_num_rows($result) > 0) {
while ($nav = @mysqli_fetch_array($result)) {
$newnavcode = $navcode . $nav["code"] . "/";
$active = "";
if ($show_level) {
if ($nav["id"] == $navigation["id"]) {
echo "\n";
} else {
echo "\n";
}
navigation_select_rek($site_id, $language_id, $navigation, $nav["id"], ($level+1),$newnavcode, $from_level, $to_level );
}
}
} else {
if ($level == 1) {
echo "\n";
}
}
return true;
}
function page_select($name,$selectname = "input_forward_page_id", $main_navigation, $disabled = FALSE) {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$disabled_text = ($disabled) ? " disabled=\"disabled\"" : "";
echo "";
echo "";
}
// Erzeugt Drop-Down der Sprachen
function language_select($name,$selectname = "input_language_id", $value = NULL, $disabled = FALSE, $site = FALSE, $chooseText = FALSE, $onchange = "", $chooseAll = false) {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$disabled_text = ($disabled) ? " disabled=\"disabled\"" : "";
echo "";
echo "";
}
// Gibt den Namen des Benutzers benutzers anhand seiner id zurück
function navigation_get_modified_admin_user($admin_user_id){
$query = "SELECT name FROM main_admin_user WHERE id = '".$admin_user_id."' LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
if($result){
$val = @mysqli_fetch_array($result);
return $val['name'];
}
}
function cleanFilename($name) {
$nameLower = strtolower($name);
$nameNoSpaces = str_replace(' ','_',$nameLower);
$stringAlNum = preg_replace('/[^a-zA-Z-_.]/','',$nameNoSpaces);
return $stringAlNum;
}
function addhttp($url) {
if($url == "") {
return "";
}
// pruefen ob es sich um eine externe domain handelt
$hostname = getHost($url);
if($hostname == "") {
return $url;
}
// keinen domain namen gefunden, also setze http davor
if (!preg_match("@^https?://@i", $url) && !preg_match("@^ftps?://@i", $url)) {
$url = "http://" . $url;
}
return $url;
}
function getHost($Address) {
$parseUrl = parse_url(trim($Address));
return trim($parseUrl["host"] ? $parseUrl["host"] : array_shift(explode('/', $parseUrl["path"], 2)));
}
function show_changed_on($_id, $_table) {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query = "SELECT modified_date FROM " . $_table . " WHERE id = '" . $_id. "'";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$val = @mysqli_fetch_array($result);
text($translation->get("changed_on") . ":", date("d.m.Y H:i", $val['modified_date']));
}
function show_changed_by($_id, $_table) {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query = "SELECT modified_user FROM " . $_table . " WHERE id = " . $_id;
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$val = @mysqli_fetch_array($result);
$query = "SELECT name from main_admin_user where id = '" . $val['modified_user']."'";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$val = @mysqli_fetch_array($result);
text($translation->get("changed_by") . ":", $val['name']);
}
function get_user_site_id() {
if((int)$GLOBALS["admin_user"]['main_site_id'] > 0) {
// pruefen ob seite existiert
$query = "SELECT id FROM main_site where id = '" . $GLOBALS["admin_user"]['main_site_id']."'";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
if(@mysqli_num_rows($result) > 0) {
return $GLOBALS["admin_user"]['main_site_id'];
}
}
// keine seite zugeordnet order nicht gefunden
$query = "SELECT id FROM main_site order by id limit 1";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$val = @mysqli_fetch_array($result);
return $val['id'];
}
function setup_get_allowed_site() {
$setup = array();
$query = "SELECT main_site_id FROM main_site_admin_user_link where main_admin_user_id = '" . (int)$GLOBALS["admin_user"]['id'] . "' LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$row = @mysqli_fetch_array($result);
$query = "SELECT id from main_site WHERE id = '" . $row['main_site_id']."'";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$row = @mysqli_fetch_array($result);
$setup['std_main_site_id'] = $row['id'];
return $setup;
}
function collection_exists() {
$query = "SELECT count(*) as anzahl FROM main_collection_setup WHERE (main_language_id = " . (int)$GLOBALS["language"]['id'] . " OR all_languages = 1)";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
$val = @mysqli_fetch_array($result);
if($val['anzahl'] > 0) {
return true;
} else {
return false;
}
}
function count_all_files() {
// WICHTIG:
// resolveUrl() muss irgendwo definiert sein als leere funktion.
$config = array();
$not_include = true;
include CMS_PATH . '../plugins/ckfinder/config.php';
$resources = $config['ResourceType'];
$filecount = 0;
foreach($resources as $res) {
$path = rtrim($_SERVER['DOCUMENT_ROOT'],'/') . $res['directory'] . DIRECTORY_SEPARATOR;
$path = str_replace(['\\','/','\\\\','//'],DIRECTORY_SEPARATOR,$path);
$Directory = new RecursiveDirectoryIterator($path);
$Iterator = new RecursiveIteratorIterator($Directory, RecursiveIteratorIterator::SELF_FIRST);
$Iterator->rewind();
while($Iterator->valid()) {
if ($Iterator->isDir() || $Iterator->isDot() || !$Iterator->isFile()) {
$Iterator->next();
continue;
}
$filecount++;
$Iterator->next();
}
}
return $filecount;
}
/**
* Wird aufgerufen bevor headers gesetzt sind z.b. fuer redirects
*/
function before_header() {
if(isset($_GET['preview_page'])){
$input_page_id = $_GET['input_page_id'];
// pruefen ob menupunkt existiert
$page_navigation = array();
$query = "SELECT id FROM main_navigation WHERE forward_type = 1 and forward_page_id = '" . $input_page_id . "' LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
if(@mysqli_num_rows($result) == 1) {
$page_navigation = @mysqli_fetch_array($result);
$targetUrl = "http://" . $_SERVER['HTTP_HOST'] . get_link_to_navigation($page_navigation['id']);
header("Location: " . $targetUrl);
exit();
}
}
return;
}
function is_site_allowed($siteId) {
$query = "SELECT * FROM main_site_admin_user_link where main_admin_user_id = '" . (int)$GLOBALS["admin_user"]['id']."'";
$result = @mysqli_query($GLOBALS['mysql_con'],$query);
if(@mysqli_num_rows($result) == 0) {
return true;
}
while($row = mysqli_fetch_array($result)) {
if($row['main_site_id'] == $siteId) {
return true;
}
}
return false;
}
function get_false_password_admin_login_counter($ipHash,$loginHash)
{
$pdoHost = getenv('MAIN_MYSQL_DB_HOST');
$pdoPort = getenv('MAIN_MYSQL_DB_PORT');
$pdoUser = getenv('MAIN_MYSQL_DB_USER');
$pdoPass = getenv('MAIN_MYSQL_DB_PASS');
$pdoSchema = getenv('MAIN_MYSQL_DB_SCHEMA');
$pdo = new \DynCom\mysyde\common\classes\PDOQueryWrapper($pdoHost, $pdoPort, $pdoSchema, $pdoUser, $pdoPass);
$prepStatement = "
SELECT
false_login.*
FROM
false_login
WHERE
( false_login.ip_hash = :ip_hash OR false_login.login_hash = :login_hash )
";
$params = [
[':ip_hash', $ipHash, PDO::PARAM_STR],
[':login_hash', $loginHash, PDO::PARAM_STR],
];
$pdo->setQuery($prepStatement);
$pdo->prepareQuery();
$pdo->bindParameters($params);
$pdo->executePreparedStatement();
$result = $pdo->getResultArray();
return $result;
}
function add_false_password_admin_loign_counter($ipHash,$loginHash, $counter = 1, $nextLoginTime, $blockCounter = 0 )
{
$pdoHost = getenv('MAIN_MYSQL_DB_HOST');
$pdoPort = getenv('MAIN_MYSQL_DB_PORT');
$pdoUser = getenv('MAIN_MYSQL_DB_USER');
$pdoPass = getenv('MAIN_MYSQL_DB_PASS');
$pdoSchema = getenv('MAIN_MYSQL_DB_SCHEMA');
$pdo = new \DynCom\mysyde\common\classes\PDOQueryWrapper($pdoHost, $pdoPort, $pdoSchema, $pdoUser, $pdoPass);
$prepStatement = "
INSERT INTO `false_login`
(`ip_hash`, `login_hash`, `total_counter`, `next_login_time`, block_counter)
VALUES
(:ip_hash ,:login_hash, :counter, :next_login_time, 0)
ON DUPLICATE KEY UPDATE block_counter = :block_counter , next_login_time = :next_login_time
";
if($counter == 1)
{
$prepStatement = "
INSERT INTO `false_login`
(`ip_hash`, `login_hash`, `total_counter`, `next_login_time`, block_counter)
VALUES
(:ip_hash ,:login_hash, :counter, :next_login_time, :block_counter)
ON DUPLICATE KEY UPDATE total_counter = total_counter + 1 , next_login_time = :next_login_time
";
}
$params = [
[':ip_hash', $ipHash, PDO::PARAM_STR],
[':login_hash', $loginHash, PDO::PARAM_STR],
[':counter', $counter, PDO::PARAM_STR],
[':next_login_time', $nextLoginTime, PDO::PARAM_STR],
[':block_counter', $blockCounter, PDO::PARAM_STR],
];
$pdo->setQuery($prepStatement);
$pdo->prepareQuery();
$pdo->bindParameters($params);
$pdo->executePreparedStatement();
}
function delete_false_admin_password_loign_counter($ipHash,$loginhash)
{
$pdoHost = getenv('MAIN_MYSQL_DB_HOST');
$pdoPort = getenv('MAIN_MYSQL_DB_PORT');
$pdoUser = getenv('MAIN_MYSQL_DB_USER');
$pdoPass = getenv('MAIN_MYSQL_DB_PASS');
$pdoSchema = getenv('MAIN_MYSQL_DB_SCHEMA');
$pdo = new \DynCom\mysyde\common\classes\PDOQueryWrapper($pdoHost, $pdoPort, $pdoSchema, $pdoUser, $pdoPass);
$prepStatement = "
Delete From `false_login` where ip_hash = :ip_hash or login_hash = :login_hash
";
$params = [
[':ip_hash', $ipHash, PDO::PARAM_STR],
[':login_hash', $loginhash, PDO::PARAM_STR],
];
$pdo->setQuery($prepStatement);
$pdo->prepareQuery();
$pdo->bindParameters($params);
$pdo->executePreparedStatement();
}
function getAdminUserIP()
{
$client = @$_SERVER['HTTP_CLIENT_IP'];
$forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP))
{
$ip = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP))
{
$ip = $forward;
}
else
{
$ip = $remote;
}
return $ip;
}