2017-08-04 16:28:16 +02:00
|
|
|
<?php
|
2020-09-07 15:04:06 +02:00
|
|
|
/*
|
|
|
|
* OpenSTAManager: il software gestionale open source per l'assistenza tecnica e la fatturazione
|
2021-01-20 15:08:51 +01:00
|
|
|
* Copyright (C) DevCode s.r.l.
|
2020-09-07 15:04:06 +02:00
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
*/
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2020-09-22 20:28:37 +02:00
|
|
|
/*
|
2018-07-17 12:05:21 +02:00
|
|
|
* Funzioni fondamentali per il corretto funzionamento del nucleo del progetto.
|
|
|
|
*
|
|
|
|
* @since 2.3
|
|
|
|
*/
|
2020-09-22 20:28:37 +02:00
|
|
|
|
|
|
|
use HTMLBuilder\HTMLBuilder;
|
2019-08-28 16:58:47 +02:00
|
|
|
use Models\OperationLog;
|
2021-10-18 10:24:02 +02:00
|
|
|
use Symfony\Component\Filesystem\Exception\IOException;
|
|
|
|
use Symfony\Component\Filesystem\Filesystem as SymfonyFilesystem;
|
|
|
|
use Symfony\Component\Finder\Finder;
|
|
|
|
use Util\FileSystem;
|
2019-08-28 16:58:47 +02:00
|
|
|
|
2017-08-04 16:28:16 +02:00
|
|
|
/**
|
|
|
|
* Esegue il redirect.
|
|
|
|
*
|
|
|
|
* @param string $url
|
|
|
|
* @param string $type
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
function redirect($url, $type = 'php')
|
|
|
|
{
|
|
|
|
switch ($type) {
|
|
|
|
case 'php':
|
|
|
|
header('Location: '.$url);
|
|
|
|
break;
|
|
|
|
case 'js':
|
|
|
|
echo '<script type="text/javascript">location.href="'.$url.'";</script>';
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Verifica e corregge il nome di un file.
|
|
|
|
*
|
2018-03-19 15:30:16 +01:00
|
|
|
* @param string $filename
|
2017-08-04 16:28:16 +02:00
|
|
|
*
|
|
|
|
* @return mixed
|
|
|
|
*/
|
|
|
|
function sanitizeFilename($filename)
|
|
|
|
{
|
|
|
|
$filename = str_replace(' ', '-', $filename);
|
|
|
|
$filename = preg_replace("/[^A-Za-z0-9_\-\.?!]/", '', $filename);
|
|
|
|
|
|
|
|
return $filename;
|
|
|
|
}
|
|
|
|
|
2018-07-17 12:05:21 +02:00
|
|
|
/**
|
|
|
|
* Elimina i file indicati.
|
|
|
|
*
|
2020-09-23 11:47:59 +02:00
|
|
|
* @param array|string $files
|
2018-07-17 12:05:21 +02:00
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
2017-09-11 17:49:03 +02:00
|
|
|
function delete($files)
|
2017-08-04 16:28:16 +02:00
|
|
|
{
|
2017-09-11 17:49:03 +02:00
|
|
|
// Filesystem Symfony
|
2021-10-18 10:24:02 +02:00
|
|
|
$fs = new SymfonyFilesystem();
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2017-09-11 17:49:03 +02:00
|
|
|
// Eliminazione
|
|
|
|
try {
|
|
|
|
$fs->remove($files);
|
2021-10-18 10:24:02 +02:00
|
|
|
} catch (IOException $e) {
|
2017-09-11 17:49:03 +02:00
|
|
|
return false;
|
|
|
|
}
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2017-09-11 17:49:03 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2018-07-17 12:05:21 +02:00
|
|
|
/**
|
|
|
|
* Controlla l'esistenza e i permessi di scrittura sul percorso indicato.
|
|
|
|
*
|
|
|
|
* @param string $path
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
2017-09-11 17:49:03 +02:00
|
|
|
function directory($path)
|
|
|
|
{
|
2019-02-09 14:44:30 +01:00
|
|
|
return Util\FileSystem::directory($path);
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Copy a file, or recursively copy a folder and its contents.
|
|
|
|
*
|
2020-05-18 09:33:43 +02:00
|
|
|
* @param array|string $source Source path
|
2018-07-17 12:05:21 +02:00
|
|
|
* @param string $dest Destination path
|
|
|
|
* @param array|string $ignores Paths to ingore
|
2017-08-04 16:28:16 +02:00
|
|
|
*
|
|
|
|
* @return bool Returns TRUE on success, FALSE on failure
|
|
|
|
*/
|
2017-09-08 13:24:48 +02:00
|
|
|
function copyr($source, $destination, $ignores = [])
|
2017-08-04 16:28:16 +02:00
|
|
|
{
|
2018-09-19 16:51:37 +02:00
|
|
|
if (!directory($destination)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2021-10-18 10:24:02 +02:00
|
|
|
$files = Finder::create()
|
2017-09-08 13:24:48 +02:00
|
|
|
->files()
|
|
|
|
->exclude((array) $ignores['dirs'])
|
2018-09-19 16:51:37 +02:00
|
|
|
->ignoreDotFiles(false)
|
2017-09-08 13:24:48 +02:00
|
|
|
->ignoreVCS(true)
|
|
|
|
->in($source);
|
2017-09-06 12:50:44 +02:00
|
|
|
|
2017-09-08 13:24:48 +02:00
|
|
|
foreach ((array) $ignores['files'] as $value) {
|
2018-09-19 16:51:37 +02:00
|
|
|
$files->notName($value);
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
2017-09-06 12:50:44 +02:00
|
|
|
|
2018-09-19 16:51:37 +02:00
|
|
|
$result = true;
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2018-09-19 16:51:37 +02:00
|
|
|
// Filesystem Symfony
|
2021-10-18 10:24:02 +02:00
|
|
|
$fs = new SymfonyFilesystem();
|
|
|
|
|
2021-12-13 16:24:40 +01:00
|
|
|
try {
|
|
|
|
$fs->chmod($destination, 0777, 0000, true);
|
|
|
|
} catch (\Exception $e) {}
|
2021-10-18 10:24:02 +02:00
|
|
|
|
2018-09-19 16:51:37 +02:00
|
|
|
foreach ($files as $file) {
|
|
|
|
$filename = rtrim($destination, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR.$file->getRelativePathname();
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2021-10-18 10:24:02 +02:00
|
|
|
// Copia effettiva del file
|
2017-09-11 17:49:03 +02:00
|
|
|
try {
|
2021-10-18 10:24:02 +02:00
|
|
|
$fs->copy($file, $filename, true);
|
|
|
|
} catch (IOException $e) {
|
2018-09-19 16:51:37 +02:00
|
|
|
$result = false;
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-01-02 14:15:16 +01:00
|
|
|
return $result;
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Recupera informazioni sistema operativo dell'utente.
|
|
|
|
*
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function getOS()
|
|
|
|
{
|
|
|
|
$os = [
|
|
|
|
'Windows NT 6.1' => 'Windows 7',
|
|
|
|
'Windows NT 6.0' => 'Windows Vista',
|
|
|
|
'Windows NT 5.1' => 'Windows XP',
|
|
|
|
'Windows NT 5.0' => 'Windows 2000',
|
|
|
|
'Windows NT 4.90' => 'Windows ME',
|
|
|
|
'Win95' => 'Windows 95',
|
|
|
|
'Win98' => 'Windows 98',
|
|
|
|
'Windows NT 5.2' => 'Windows NET',
|
|
|
|
'WinNT4.0' => 'Windows NT',
|
|
|
|
'Mac' => 'Mac',
|
|
|
|
'PPC' => 'Mac',
|
|
|
|
'Linux' => 'Linux',
|
|
|
|
'FreeBSD' => 'FreeBSD',
|
|
|
|
'SunOS' => 'SunOS',
|
|
|
|
'Irix' => 'Irix',
|
|
|
|
'BeOS' => 'BeOS',
|
|
|
|
'OS/2' => 'OS/2',
|
|
|
|
'AIX' => 'AIX',
|
|
|
|
];
|
2018-03-03 15:03:28 +01:00
|
|
|
|
2017-08-04 16:28:16 +02:00
|
|
|
foreach ($os as $key => $value) {
|
|
|
|
if (strpos($_SERVER['HTTP_USER_AGENT'], $key)) {
|
|
|
|
return $value;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-09-04 12:02:29 +02:00
|
|
|
return tr('Altro');
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Ottiene l'indirizzo IP del client.
|
|
|
|
*
|
2018-03-19 15:30:16 +01:00
|
|
|
* @return string
|
2017-08-04 16:28:16 +02:00
|
|
|
*/
|
|
|
|
function get_client_ip()
|
|
|
|
{
|
|
|
|
$ipaddress = '';
|
2018-06-26 14:30:26 +02:00
|
|
|
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
2017-08-04 16:28:16 +02:00
|
|
|
$ipaddress = $_SERVER['HTTP_CLIENT_IP'];
|
|
|
|
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
|
|
|
$ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
|
|
|
} elseif (!empty($_SERVER['HTTP_X_FORWARDED'])) {
|
|
|
|
$ipaddress = $_SERVER['HTTP_X_FORWARDED'];
|
|
|
|
} elseif (!empty($_SERVER['HTTP_FORWARDED_FOR'])) {
|
|
|
|
$ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
|
|
|
|
} elseif (!empty($_SERVER['HTTP_FORWARDED'])) {
|
|
|
|
$ipaddress = $_SERVER['HTTP_FORWARDED'];
|
2018-06-26 14:30:26 +02:00
|
|
|
} elseif (!empty($_SERVER['REMOTE_ADDR']) and $_SERVER['REMOTE_ADDR'] != '127.0.0.1') {
|
2017-08-04 16:28:16 +02:00
|
|
|
$ipaddress = $_SERVER['REMOTE_ADDR'];
|
2018-06-26 14:30:26 +02:00
|
|
|
} elseif (!empty(gethostbyname(gethostname()))) {
|
|
|
|
$ipaddress = gethostbyname(gethostname());
|
2017-08-04 16:28:16 +02:00
|
|
|
} else {
|
|
|
|
$ipaddress = 'UNKNOWN';
|
|
|
|
}
|
|
|
|
|
2021-08-23 17:30:33 +02:00
|
|
|
return strip_tags($ipaddress);
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Traduce il template semplificato in componenti HTML.
|
|
|
|
*
|
|
|
|
* @since 2.3
|
|
|
|
*/
|
|
|
|
function translateTemplate()
|
|
|
|
{
|
2018-07-10 12:07:48 +02:00
|
|
|
$id_record = filter('id_record');
|
|
|
|
$id_parent = filter('id_parent');
|
2018-09-19 10:44:32 +02:00
|
|
|
|
2020-09-22 20:28:37 +02:00
|
|
|
$module = Modules::getCurrent();
|
|
|
|
$plugin = Plugins::getCurrent();
|
|
|
|
$id_module = $module ? $module['id'] : null;
|
|
|
|
$id_plugin = $plugin ? $plugin['id'] : null;
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2018-09-28 16:17:10 +02:00
|
|
|
$template = ob_get_clean();
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2019-08-28 16:58:47 +02:00
|
|
|
$replaces = [
|
|
|
|
'$id_module$' => $id_module,
|
|
|
|
'$id_plugin$' => $id_plugin,
|
|
|
|
'$id_record$' => $id_record,
|
|
|
|
];
|
2019-07-10 11:53:35 +02:00
|
|
|
|
2019-08-28 16:58:47 +02:00
|
|
|
$template = replace($template, $replaces);
|
2020-09-22 20:28:37 +02:00
|
|
|
$template = HTMLBuilder::replace($template);
|
2019-08-28 16:58:47 +02:00
|
|
|
$template = replace($template, $replaces);
|
2018-07-10 12:07:48 +02:00
|
|
|
|
|
|
|
// Informazioni estese sulle azioni dell'utente
|
2019-08-28 16:58:47 +02:00
|
|
|
$op = post('op');
|
|
|
|
if (!empty($op)) {
|
|
|
|
OperationLog::setInfo('id_module', $id_module);
|
|
|
|
OperationLog::setInfo('id_plugin', $id_plugin);
|
|
|
|
OperationLog::setInfo('id_record', $id_record);
|
|
|
|
|
|
|
|
OperationLog::build($op);
|
2017-09-15 15:52:40 +02:00
|
|
|
}
|
|
|
|
|
2018-07-19 12:47:28 +02:00
|
|
|
// Retrocompatibilità
|
|
|
|
if (!empty($_SESSION['infos'])) {
|
|
|
|
foreach ($_SESSION['infos'] as $message) {
|
2018-07-19 17:29:21 +02:00
|
|
|
flash()->info($message);
|
2018-07-19 12:47:28 +02:00
|
|
|
}
|
2018-07-07 13:56:22 +02:00
|
|
|
}
|
2018-07-19 12:47:28 +02:00
|
|
|
if (!empty($_SESSION['warnings'])) {
|
|
|
|
foreach ($_SESSION['warnings'] as $message) {
|
2018-07-19 17:29:21 +02:00
|
|
|
flash()->warning($message);
|
2018-07-19 12:47:28 +02:00
|
|
|
}
|
2018-07-07 13:56:22 +02:00
|
|
|
}
|
2018-07-19 12:47:28 +02:00
|
|
|
if (!empty($_SESSION['errors'])) {
|
|
|
|
foreach ($_SESSION['errors'] as $message) {
|
2018-07-19 17:29:21 +02:00
|
|
|
flash()->error($message);
|
2018-07-19 12:47:28 +02:00
|
|
|
}
|
2018-07-07 13:56:22 +02:00
|
|
|
}
|
|
|
|
|
2017-08-04 16:28:16 +02:00
|
|
|
// Annullo le notifiche (AJAX)
|
|
|
|
if (isAjaxRequest()) {
|
2019-07-05 17:10:20 +02:00
|
|
|
//flash()->clearMessage('info');
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
echo $template;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2018-04-09 09:42:03 +02:00
|
|
|
* Restituisce il percorso del filesystem in modo indipendente dal sistema operativo.
|
2017-08-04 16:28:16 +02:00
|
|
|
*
|
|
|
|
* @param string $string Percorso da correggere
|
|
|
|
*
|
|
|
|
* @since 2.3
|
|
|
|
*
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function slashes($string)
|
|
|
|
{
|
|
|
|
return str_replace(['\\', '/'], DIRECTORY_SEPARATOR, $string);
|
|
|
|
}
|
|
|
|
|
2017-09-04 12:12:48 +02:00
|
|
|
/**
|
|
|
|
* Controlla se è in corso una richiesta AJAX generata dal progetto.
|
|
|
|
*
|
2017-09-15 09:48:56 +02:00
|
|
|
* @since 2.3
|
|
|
|
*
|
2017-09-04 12:12:48 +02:00
|
|
|
* @return bool
|
|
|
|
*/
|
2017-08-04 16:28:16 +02:00
|
|
|
function isAjaxRequest()
|
|
|
|
{
|
2019-01-15 19:01:25 +01:00
|
|
|
return \Whoops\Util\Misc::isAjaxRequest() && filter('ajax') !== null;
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
2017-09-15 09:48:56 +02:00
|
|
|
/**
|
|
|
|
* Effettua le operazioni automatiche di redirect tra le pagine.
|
|
|
|
*
|
|
|
|
* @param int $id_module
|
|
|
|
* @param int $id_record
|
|
|
|
*
|
|
|
|
* @since 2.3
|
|
|
|
*/
|
2017-09-08 13:24:48 +02:00
|
|
|
function redirectOperation($id_module, $id_record)
|
2017-09-07 16:54:58 +02:00
|
|
|
{
|
2017-09-07 16:51:14 +02:00
|
|
|
$backto = filter('backto');
|
2017-09-15 16:37:19 +02:00
|
|
|
|
2017-09-07 16:51:14 +02:00
|
|
|
// Scelta del redirect dopo un submit
|
|
|
|
if (!empty($backto)) {
|
|
|
|
$hash = filter('hash');
|
2020-10-29 16:48:37 +01:00
|
|
|
$hash = !string_starts_with($hash, '#') ? '#'.$hash : $hash;
|
2019-07-25 15:48:28 +02:00
|
|
|
$hash = $hash == '#tab_0' ? '' : $hash;
|
2017-09-15 16:37:19 +02:00
|
|
|
|
2017-09-07 16:51:14 +02:00
|
|
|
if ($backto == 'record-edit') {
|
2020-09-23 17:53:19 +02:00
|
|
|
redirect(base_path().'/editor.php?id_module='.$id_module.'&id_record='.$id_record.$hash);
|
2017-09-07 16:51:14 +02:00
|
|
|
} elseif ($backto == 'record-list') {
|
2020-09-23 17:53:19 +02:00
|
|
|
redirect(base_path().'/controller.php?id_module='.$id_module.$hash);
|
2017-09-07 16:51:14 +02:00
|
|
|
}
|
2017-09-15 16:37:19 +02:00
|
|
|
|
|
|
|
exit();
|
2017-09-07 16:51:14 +02:00
|
|
|
}
|
|
|
|
}
|
2017-09-15 09:48:56 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Predispone un testo per l'inserimento all'interno di un attributo HTML.
|
|
|
|
*
|
|
|
|
* @param string $string
|
|
|
|
*
|
2018-11-23 15:17:52 +01:00
|
|
|
* @since 2.3
|
|
|
|
*
|
2017-09-15 09:48:56 +02:00
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function prepareToField($string)
|
|
|
|
{
|
|
|
|
return str_replace('"', '"', $string);
|
|
|
|
}
|
2017-09-15 16:52:59 +02:00
|
|
|
|
2017-11-14 17:42:09 +01:00
|
|
|
/**
|
2017-12-22 10:39:17 +01:00
|
|
|
* Restituisce se l'user-agent (browser web) è una versione mobile.
|
2017-11-14 17:42:09 +01:00
|
|
|
*
|
2018-11-23 15:17:52 +01:00
|
|
|
* @since 2.3
|
|
|
|
*
|
2017-11-14 17:42:09 +01:00
|
|
|
* @return bool
|
|
|
|
*/
|
2017-12-22 10:39:17 +01:00
|
|
|
function isMobile()
|
|
|
|
{
|
|
|
|
return preg_match("/(android|avantgo|blackberry|bolt|boost|cricket|docomo|fone|hiptop|mini|mobi|palm|phone|pie|tablet|up\.browser|up\.link|webos|wos)/i", $_SERVER['HTTP_USER_AGENT']);
|
2017-11-14 17:42:09 +01:00
|
|
|
}
|
2017-12-22 11:44:27 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Restituisce il percorso derivante dal file in esecuzione.
|
|
|
|
*
|
2018-11-23 15:17:52 +01:00
|
|
|
* @since 2.4.1
|
|
|
|
*
|
2017-12-22 11:44:27 +01:00
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function getURLPath()
|
|
|
|
{
|
|
|
|
$path = $_SERVER['SCRIPT_FILENAME'];
|
2018-01-03 13:24:04 +01:00
|
|
|
$prefix = rtrim($_SERVER['DOCUMENT_ROOT'], '/\\');
|
2017-12-22 11:44:27 +01:00
|
|
|
|
|
|
|
if (substr($path, 0, strlen($prefix)) == $prefix) {
|
|
|
|
$path = substr($path, strlen($prefix));
|
2017-12-31 16:00:23 +01:00
|
|
|
} else {
|
2020-09-23 17:53:19 +02:00
|
|
|
$path = str_replace(base_dir(), base_path(), $path);
|
2017-12-22 11:44:27 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return slashes($path);
|
|
|
|
}
|
2018-09-27 10:15:04 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Sostituisce i caratteri speciali per la ricerca attraverso le tabelle Datatables.
|
|
|
|
*
|
2018-11-23 15:17:52 +01:00
|
|
|
* @since 2.4.2
|
|
|
|
*
|
2018-09-27 10:15:04 +02:00
|
|
|
* @param string $field
|
|
|
|
*
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function searchFieldName($field)
|
|
|
|
{
|
|
|
|
return str_replace([' ', '.'], ['-', ''], $field);
|
|
|
|
}
|
2018-11-23 15:17:52 +01:00
|
|
|
|
2019-01-31 02:19:05 +01:00
|
|
|
/**
|
|
|
|
* Rimuove spazi e caratteri speciali da una stringa.
|
|
|
|
*
|
|
|
|
* @param string $string
|
|
|
|
* @param string $permitted
|
|
|
|
*
|
|
|
|
* @since 2.4.6
|
|
|
|
*
|
|
|
|
* @return string
|
|
|
|
*/
|
2019-02-09 14:44:30 +01:00
|
|
|
function clean($string, $permitted = '')
|
|
|
|
{
|
|
|
|
return preg_replace('/[^A-Za-z0-9'.$permitted.']/', '', $string); // Removes special chars.
|
2019-01-31 02:19:05 +01:00
|
|
|
}
|
2019-09-24 10:09:29 +02:00
|
|
|
|
|
|
|
function check_query($query)
|
|
|
|
{
|
|
|
|
$query = mb_strtoupper($query);
|
|
|
|
|
|
|
|
$blacklist = ['INSERT', 'UPDATE', 'TRUNCATE', 'DELETE', 'DROP', 'GRANT', 'CREATE', 'REVOKE'];
|
|
|
|
foreach ($blacklist as $value) {
|
|
|
|
if (preg_match("/\b".preg_quote($value)."\b/", $query)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
2020-09-22 20:28:37 +02:00
|
|
|
|
2020-09-23 17:53:19 +02:00
|
|
|
/**
|
|
|
|
* Restituisce il valore corrente di un parametro della sessione.
|
|
|
|
*
|
|
|
|
* @param string $name Nome del parametro in dot-notation
|
|
|
|
* @param mixed|null $default
|
|
|
|
*
|
|
|
|
* @return array|mixed|null
|
|
|
|
*/
|
|
|
|
function session_get($name, $default = null)
|
2020-09-22 20:28:37 +02:00
|
|
|
{
|
|
|
|
$session = &$_SESSION;
|
|
|
|
if (empty($name)) {
|
2020-09-23 17:53:19 +02:00
|
|
|
return $default;
|
2020-09-22 20:28:37 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
$pieces = explode('.', $name);
|
|
|
|
foreach ($pieces as $piece) {
|
|
|
|
if (!isset($session[$piece])) {
|
2020-09-23 17:53:19 +02:00
|
|
|
return $default;
|
2020-09-22 20:28:37 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
$session = &$session[$piece];
|
|
|
|
}
|
|
|
|
|
2020-09-23 17:53:19 +02:00
|
|
|
return isset($session) ? $session : $default;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Imposta un parametro nella sessione secondo un nome indicato.
|
|
|
|
*
|
|
|
|
* @param string $name Nome del parametro in dot-notation
|
|
|
|
* @param mixed $value Valore da impostare
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
function session_set($name, $value)
|
|
|
|
{
|
|
|
|
$session = &$_SESSION;
|
|
|
|
|
|
|
|
if (!empty($name)) {
|
|
|
|
$pieces = explode('.', $name);
|
|
|
|
foreach ($pieces as $piece) {
|
|
|
|
if (!isset($session[$piece])) {
|
|
|
|
$session[$piece] = [];
|
|
|
|
}
|
|
|
|
|
|
|
|
$session = &$session[$piece];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$session = $value;
|
2020-09-22 20:28:37 +02:00
|
|
|
}
|
2020-09-23 13:36:37 +02:00
|
|
|
|
|
|
|
/**
|
2020-09-23 17:53:19 +02:00
|
|
|
* Restituisce l'URL completo per il gestionale.
|
|
|
|
*
|
2020-09-23 13:36:37 +02:00
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function base_url()
|
|
|
|
{
|
|
|
|
return App::$baseurl;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-09-23 17:53:19 +02:00
|
|
|
* Restituisce l'URL parziale per il gestionale.
|
|
|
|
*
|
2020-09-23 13:36:37 +02:00
|
|
|
* @return string
|
|
|
|
*/
|
2020-09-23 17:53:19 +02:00
|
|
|
function base_path()
|
2020-09-23 13:36:37 +02:00
|
|
|
{
|
|
|
|
return App::$rootdir;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-09-23 17:53:19 +02:00
|
|
|
* Restituisce il percorso per la cartella principale del gestionale.
|
|
|
|
*
|
2020-09-23 13:36:37 +02:00
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function base_dir()
|
|
|
|
{
|
|
|
|
return App::$docroot;
|
|
|
|
}
|