X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fmain.inc;h=18e51c56a0219d7fe1368de001e26ba4bbba1bff;hb=4e6811018489ed5d9e4c029342c958e266d7b298;hp=c20ae74909cc3aa04a06627413c0851327e9db04;hpb=d23ee699ca01df5ef6daa78fd3af6605c2ab9852;p=fa-stable.git
diff --git a/includes/main.inc b/includes/main.inc
index c20ae749..18e51c56 100644
--- a/includes/main.inc
+++ b/includes/main.inc
@@ -11,53 +11,31 @@
***********************************************************************/
include_once($path_to_root . "/includes/db/connect_db.inc");
-include_once($path_to_root . "/includes/reserved.inc");
-include_once($path_to_root . "/includes/errors.inc");
include_once($path_to_root . "/includes/types.inc");
include_once($path_to_root . "/includes/systypes.inc");
include_once($path_to_root . "/includes/references.inc");
-include_once($path_to_root . "/includes/prefs/sysprefs.inc");
include_once($path_to_root . "/includes/db/comments_db.inc");
include_once($path_to_root . "/includes/db/sql_functions.inc");
+include_once($path_to_root . "/includes/db/audit_trail_db.inc");
+//include_once($path_to_root . "/includes/validation.inc");
include_once($path_to_root . "/admin/db/users_db.inc");
include_once($path_to_root . "/includes/ui/ui_view.inc");
include_once($path_to_root . "/includes/ui/ui_controls.inc");
-include_once($path_to_root . "/installed_extensions.php");
-function page($title, $no_menu=false, $is_index=false, $onload="", $js="", $script_only=false)
+function page($title, $no_menu=false, $is_index=false, $onload="", $js="", $script_only=false, $css='')
{
global $path_to_root, $page_security;
+
$hide_menu = $no_menu;
include($path_to_root . "/includes/page/header.inc");
- if (!$_SESSION["wa_current_user"]->check_user_access())
- {
- echo "";
- echo "" . _("Security settings have not been defined for your user account.");
- echo " ";
-
- kill_login();
- exit;
- }
-
- if (!$_SESSION["wa_current_user"]->can_access_page($page_security))
- {
- page_header(_("Access denied"), $no_menu);
- echo "";
- echo _("The security settings on your account do not permit you to access this function");
- echo " ";
- echo "';
echo display_heading(_('This page is usable only with javascript enabled browsers.'));
@@ -68,26 +46,16 @@ function page($title, $no_menu=false, $is_index=false, $onload="", $js="", $scri
}
}
-function end_page($no_menu=false, $is_index=false)
+function end_page($no_menu=false, $is_index=false, $final_screen=false, $type_no=0, $trans_no=0)
{
- global $path_to_root, $Ajax;
- $hide_menu = $no_menu;
- div_end(); // _page_body section
- include($path_to_root . "/includes/page/footer.inc");
- page_footer($no_menu, $is_index);
-}
+ global $path_to_root;
-function flush_dir($path)
-{
- $dir = opendir($path);
- while(false !== ($fname = readdir($dir))) {
- if($fname=='.' || $fname=='..' || $fname=='index.php') continue;
- if(is_dir($path.'/'.$fname)) {
- flush_dir($path.'/'.$fname);
- @rmdir($path.'/'.$fname);
- } else
- @unlink($path.'/'.$fname);
- }
+ if (!$is_index && function_exists('hyperlink_back'))
+ hyperlink_back(true, $no_menu, $type_no, $trans_no, $final_screen);
+ div_end(); // end of _page_body section
+
+ include($path_to_root . "/includes/page/footer.inc");
+ page_footer($no_menu, $is_index);
}
function cache_js_file($fpath, $text)
@@ -161,10 +129,11 @@ function js_compress($sJS)
$inNormalComment = false;
//loop through line's characters and take out any literal strings, replace them with ___i___ where i is the index of this string
- for($j=0;$j $el) {
- if(is_int($key))
- $array[] = $el;
- else
- $array[$key] = $el;
+ global $installed_extensions, $path_to_root, $local_path_to_root;
+
+ // customized per company version
+ $path = company_path();
+ $file = $path.$rep;
+ if (file_exists($file)) {
+ // add local include path
+ $local_path_to_root = $path;
+ set_include_path(dirname($file).PATH_SEPARATOR.get_include_path());
+ return $file;
+ }
+ // file added by active extension modules
+ if (count($installed_extensions) > 0)
+ {
+ $extensions = $installed_extensions;
+ foreach ($extensions as $ext)
+ if (($ext['active'] && $ext['type'] == 'extension')) {
+ $path = $path_to_root.'/'.$ext['path'];
+ $file = $path.$rep;
+ if (file_exists($file)) {
+ set_include_path($path.PATH_SEPARATOR.get_include_path());
+ $local_path_to_root = $path;
+ return $file;
+ }
+ }
}
+ // standard location
+ $file = $path_to_root.$rep;
+ if (file_exists($file))
+ return $file;
+
+ return null;
+}
+/*
+
+ Protect against directory traversal.
+ Changes all not POSIX compatible chars to underscore.
+*/
+function clean_file_name($filename) {
+ $filename = str_replace(chr(0), '', $filename);
+ return preg_replace('/[^a-zA-Z0-9.\-_]/', '_', $filename);
}
-?>
\ No newline at end of file
+/*
+ This function aims to generate cryptographically strong random identifier.
+ Result identifier has length 4[strength/8/3]
+*/
+function random_id($strength = 128)
+{
+ $n = ceil($strength/8);
+
+ if (function_exists('openssl_random_pseudo_bytes'))
+ $bin = openssl_random_pseudo_bytes($n, $cstrong); // openssl on php 5.3 and up
+ else if (file_exists('/dev/urandom'))
+ $bin = file_get_contents('/dev/urandom', false, null, -1, $n); // linux std random device
+ else {
+ $bin = '';
+ for($i=0; $i < $n; $i++)
+ $bin .= chr(mt_rand(0, 255)); // Mersene Twister generator
+ }
+ $id = strtr(base64_encode($bin), '+/=', '-_x'); // see RFC 4648 Section 5
+
+ return $id;
+}