X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fmain.inc;h=7b37055abc60e317c9f64a413eed964d34607ec9;hb=da7df35c61205d0b1af47d286be591b8a3194b0c;hp=170374090c22db04573f5ec844d04c3b3800cbd3;hpb=17aa33a74912114ac4e0f00d830ae149a1e85e50;p=fa-stable.git

diff --git a/includes/main.inc b/includes/main.inc
index 17037409..7b37055a 100644
--- a/includes/main.inc
+++ b/includes/main.inc
@@ -11,33 +11,40 @@
 ***********************************************************************/
 include_once($path_to_root . "/includes/db/connect_db.inc");
 
-include_once($path_to_root . "/includes/errors.inc");
+include_once($path_to_root . "/admin/db/transactions_db.inc");
 include_once($path_to_root . "/includes/types.inc");
-include_once($path_to_root . "/includes/systypes.inc");
 include_once($path_to_root . "/includes/references.inc");
 include_once($path_to_root . "/includes/db/comments_db.inc");
 include_once($path_to_root . "/includes/db/sql_functions.inc");
 include_once($path_to_root . "/includes/db/audit_trail_db.inc");
-//include_once($path_to_root . "/includes/validation.inc");
 
 include_once($path_to_root . "/admin/db/users_db.inc");
 include_once($path_to_root . "/includes/ui/ui_view.inc");
 include_once($path_to_root . "/includes/ui/ui_controls.inc");
-	
+
+$page_nested = -1;
+// static js files path
+$js_path = $path_to_root.'/js/';
+// standard external js scripts included in all files
+$js_static = array('JsHttpRequest.js', 'behaviour.js', 'utils.js', 'inserts.js');
+// additional js source included in header
+$js_lib = $js_userlib = array();
+
 function page($title, $no_menu=false, $is_index=false, $onload="", $js="", $script_only=false, $css='')
 {
 
-   	global $path_to_root, $page_security;
+   	global $path_to_root, $page_security, $page_nested;
 
+	if (++$page_nested) return;
 
    	$hide_menu = $no_menu;
 
-   	include($path_to_root . "/includes/page/header.inc");
+   	include_once($path_to_root . "/includes/page/header.inc");
 
    	page_header($title, $no_menu, $is_index, $onload, $js, $css);
 	check_page_security($page_security);
 //	error_box();
-	if($script_only) {		
+	if($script_only) {
 		echo '<noscript>';
 		echo display_heading(_('This page is usable only with javascript enabled browsers.'));
 		echo '</noscript>';
@@ -47,31 +54,72 @@ function page($title, $no_menu=false, $is_index=false, $onload="", $js="", $scri
 	}
 }
 
-function end_page($no_menu=false, $is_index=false, $hide_back_link=false, $type_no=0, $trans_no=0)
+function end_page($no_menu=false, $is_index=false, $final_screen=false, $type_no=0, $trans_no=0)
 {
-	global $path_to_root;
+	global $path_to_root, $page_nested;
 
-	if (!$is_index && !$hide_back_link && function_exists('hyperlink_back'))
-		hyperlink_back(true, $no_menu, $type_no, $trans_no);
+	if ($page_nested-- > 0) return;
+
+	if (!$is_index && function_exists('hyperlink_back'))
+		hyperlink_back(true, $no_menu, $type_no, $trans_no, $final_screen);
 	div_end();	// end of _page_body section
 
-	include($path_to_root . "/includes/page/footer.inc");
-	page_footer($no_menu, $is_index, $hide_back_link);
+	include_once($path_to_root . "/includes/page/footer.inc");
+	page_footer($no_menu, $is_index);
+}
+
+function css_files_ensure_init() {
+	global $css_files, $path_to_root;
+
+	if (!isset($css_files))
+	{
+		$theme = user_theme();
+		$css_files = array();
+		$css_files[] = $path_to_root . "/themes/$theme/default.css";
+	}
+}
+
+function add_css_file($filename)
+{
+	global $css_files;
+	css_files_ensure_init();
+	$css_files[] = $filename;
 }
 
 function cache_js_file($fpath, $text) 
 {
-	global $go_debug;
+	global $SysPrefs;
 
-	if(!$go_debug) $text = js_compress($text);
+	if (!$SysPrefs->go_debug) $text = js_compress($text);
 
-        $file = fopen($fpath, 'w');
+    $file = force_open($fpath);
 	if (!$file) return false;
 	if (!fwrite($file, $text)) return false;
 	return fclose($file);
 
 }
 
+/*
+	Open file for writing with creration of subfolders if needed.
+*/
+function force_open($fname)
+{
+	$file = pathinfo($fname);
+
+	$path = $fname[0] == '/' ? '/' : '';
+	$tree = explode('/', $file['dirname']);
+	foreach($tree as $level) {
+		$path .= $level;
+		if (!file_exists($path)) {
+			if (!mkdir($path)) {
+				return null;
+			}
+		}
+		$path .= '/';
+	}
+	return fopen($fname, 'w');
+}
+
 function add_js_file($filename) 
 {
 	  global $js_static;
@@ -93,7 +141,7 @@ function add_js_ufile($filename)
 function add_js_source($text) 
 {
 	  global $js_lib;
-	  
+
 	  $search = array_search($text, $js_lib);
 	  if ($search === false || $search === null) // php>4.2.0 returns null
 		$js_lib[] = $text;
@@ -257,9 +305,9 @@ function check_write($path)
 {
 	if ($path == ''//|| $path == '.' || $path == '..'
 	) return 0;
-	
+
 	return is_writable($path) ? (is_dir($path) ? 1 : -1) 
-		: (is_file($path) ? 0 : ($path == '.' ? 0 : check_write(dirname($path))));
+		: (is_file($path) ? 0 : ($path == '.' || $path == '..' ? 0 : check_write(dirname($path))));
 }
 
 /*
@@ -270,11 +318,12 @@ function check_write($path)
 function copy_files($flist, $from, $to, $strict=false)
 {
 	foreach ($flist as $file) {
-		if (file_exists($from.'/'.$file))
+		if (file_exists($from.'/'.$file)) {
 			if (!copy_file($file, $from, $to))
 				return false;
-		if ($strict && !is_file($from.'/'.$file)) // if 
+		} else if ($strict) {
 				unlink($to.'/'.$file);
+		}
 	}
 	return true;
 }
@@ -302,19 +351,21 @@ function copy_file($file, $from, $to)
 /*
 	Search for file, looking first for company specific version, then for 
 	version provided by any extension module, finally in main FA directory.
-	Also adds include path for any related files.
+	Also adds include path for any related files, and sets $local_path_to_root 
+	to enable local translation domains.
 	
 	Returns found file path or null.
 */
 function find_custom_file($rep)
 {
-	global $installed_extensions, $path_to_root;
+	global $installed_extensions, $path_to_root, $local_path_to_root;
 
 	// customized per company version
 	$path = company_path();
 	$file = $path.$rep;
 	if (file_exists($file)) {
 		// add local include path
+		$local_path_to_root = $path;
 		set_include_path(dirname($file).PATH_SEPARATOR.get_include_path());
 		return $file;
 	}
@@ -328,6 +379,7 @@ function find_custom_file($rep)
 				$file = $path.$rep;
 				if (file_exists($file)) {
 					set_include_path($path.PATH_SEPARATOR.get_include_path());
+					$local_path_to_root = $path;
 					return $file;
 				}
 			}
@@ -339,5 +391,55 @@ function find_custom_file($rep)
 
 	return null;
 }
+/*
+	
+	Protect against directory traversal.
+	Changes all not POSIX compatible chars to underscore.
+*/
+function clean_file_name($filename) {
+    $filename = str_replace(chr(0), '', $filename);
+    return preg_replace('/[^a-zA-Z0-9.\-_]/', '_', $filename);
+}
+
+/*
+	Simple random password generator.
+*/
+function generate_password()
+{
+	if (PHP_VERSION >= '5.3')
+		$bytes = openssl_random_pseudo_bytes(8, $cstrong);
+	else
+		$bytes = sprintf("08%x", mt_rand(0,0xffffffff));
+
+	return  base64_encode($bytes);
+}
+
+if (!function_exists('array_fill_keys')) // since 5.2
+{
+	function array_fill_keys($keys, $value)
+	{
+		return (object)array_combine($keys, array_fill(count($keys), $value));
+	}
+}
+
+/*
+	This function aims to generate cryptographically strong random identifier.
+	Result identifier has length 4[strength/8/3] 
+*/
+function random_id($strength = 128)
+{
+	$n = ceil($strength/8);
+
+	if (function_exists('openssl_random_pseudo_bytes'))
+		$bin = openssl_random_pseudo_bytes($n, $cstrong); 	// openssl on php 5.3 and up
+	else if (file_exists('/dev/urandom'))
+		$bin = file_get_contents('/dev/urandom', false, null, -1, $n);  // linux std random device
+	else {
+		$bin = '';
+		for($i=0; $i < $n; $i++)
+			$bin .= chr(mt_rand(0, 255));	// Mersene Twister generator
+	}
+	$id = strtr(base64_encode($bin), '+/=', '-_x');	// see RFC 4648 Section 5
 
-?>
\ No newline at end of file
+	return $id;
+}