4 rinominare i campi del form
7 duplicare db con campi correnti e campi futuri (lockando i correnti)
10 require_once("Obj/certgate.pho");
12 define(BRDB_USER, "brisk");
13 define(BRDB_NAME, "brisk");
14 define(BRDB_PWD, "whiteshadow");
15 define(BRDB_SELFAUTH, "brisk_selfauth");
16 define(BRDB_ADMIN_ADDRESS, "dbmaster@alternativeoutput.it");
18 function stemplala($fcontents,$arr)
20 foreach ($arr as $key => $value) {
21 $fcontents = str_replace($key,$value,$fcontents);
27 function langcheck(&$lang,$arrl = NULL)
32 /* se non specificato assegna il default */
34 $arrl = $G_main_langs;
36 /* cerca il valore della var $lang nell'array */
38 for ($i = 0 ; $i < $ct ; $i++) {
39 if ($lang == $arrl[$i]) {
47 if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
50 // break up string into pieces (languages and q factors)
51 preg_match_all('/([a-z]{1,8}(-[a-z]{1,8})?)\s*(;\s*q\s*=\s*(1|0\.[0-9]+))?/i', $_SERVER['HTTP_ACCEPT_LANGUAGE'], $lang_parse);
53 if (count($lang_parse[1])) {
54 // create a list like "en" => 0.8
55 $langs = array_combine($lang_parse[1], $lang_parse[4]);
57 // set default to 1 for any without q factor
58 foreach ($langs as $lang => $val) {
59 if ($val === '') $langs[$lang] = 1;
62 // sort list based on value
63 arsort($langs, SORT_NUMERIC);
65 foreach ($langs as $lang_cur => $val) {
66 for ($i = 0 ; $i < $ct ; $i++) {
67 if (strpos($lang_cur, $arrl[$i]) === 0) {
69 return(""); /* caso default */
71 return ("_".$arrl[$i]);
86 $from = array ( '"' );
87 $to = array ( '"' );
89 // return (str_replace($from, $to, $s));
90 return (htmlentities($s, ENT_QUOTES));
95 $from = array ( '\\', '\'' );
96 $to = array ( '\\\\', '\\\'');
98 return (str_replace($from, $to, $s));
104 GLOBAL $SSL_CLIENT_CERT, $SSL_CLIENT_S_DN_CN, $i_action, $i_email, $i_user, $i_pass_private, $lang;
107 $lng = langcheck($lang, array("it", "en"));
108 $nazio = '<a href="index.php?lang=it"><img style="position: relative;" border=0 alt="next" src="/img/it.gif"></a> ';
109 $nazio .= '<a href="index.php?lang=en"><img style="position: relative;" border=0 alt="next" src="/img/uk.gif"></a>';
111 $ret = crgt_certgate($SSL_CLIENT_CERT, TRUE);
113 if ($ret != CRGT_TRUE) {
114 echo "ACCESSO NEGATO".$ret;
118 // Verify preview existence of the user into the db
119 $pg = pg_connect("dbname=".BRDB_NAME." host=127.0.0.1 user=".BRDB_USER." password='".BRDB_PWD."'");
121 // FIXME: show error page
122 echo "No conn<br>\n";
126 if ($SSL_CLIENT_S_DN_CN != "") {
127 $cf_hash = bin2hex(mhash(MHASH_MD5, ereg_replace("/.*", "", $SSL_CLIENT_S_DN_CN)));
132 $que = sprintf("SELECT * FROM %s WHERE %s='%s';", BRDB_SELFAUTH, "cf_hash", $cf_hash);
133 $rec = pg_query($pg, $que);
135 if (pg_num_rows($rec) > 0) {
136 $row = pg_fetch_object($rec);
138 $new_action = "modify";
140 $new_action = "show";
143 $new_action = "insert";
146 if ($new_action != "show") {
147 if ($i_action == "insert" && $cf_hash != "") {
148 $que = sprintf("INSERT INTO %s VALUES ( '%s', '%s', '%s', '%s', %d );",
149 BRDB_SELFAUTH, xcape($cf_hash), xcape($i_email), xcape($i_user), xcape($i_pass_private), 0);
150 $notify_arr = array( 'it' => 'L\'inserimento dei dati è andato a buon fine.',
151 'en' => 'Data inserted correctly.' );
152 $notify = $notify_arr[$lang];
154 else if ($i_action == "modify" && $cf_hash != "") {
155 if ($i_pass_private == "") {
156 $que = sprintf("UPDATE %s SET \"email\"='%s',\"user\"='%s' where \"cf_hash\"='%s';",
157 BRDB_SELFAUTH, xcape($i_email), xcape($i_user), xcape($cf_hash));
158 $notify_arr = array( 'it' => 'La modifica dei dati è andata a buon fine, la password non è stata aggiornata.',
159 'en' => 'Data updated correctly, password not changed.' );
160 $notify = $notify_arr[$lang];
163 $que = sprintf("UPDATE %s SET \"email\"='%s',\"user\"='%s',\"password\"='%s' where \"cf_hash\"='%s';",
164 BRDB_SELFAUTH, xcape($i_email), xcape($i_user), xcape($i_pass_private), xcape($cf_hash));
166 $notify_arr = array( 'it' => 'La modifica dei dati è andata a buon fine, la password è stata aggiornata.',
167 'en' => 'Data and password updated correctly.' );
168 $notify = $notify_arr[$lang];
171 if (($res = pg_query($pg, $que)) == FALSE) {
172 $notify_arr = array( 'it' => 'E\' occorso un qualche errore durante il processamento dei dati; se la cosa persiste contattare l\'<a href=\'mailto:'.BRDB_ADMIN_ADDRESS.'\'>amministratore</a>.\n',
173 'en' => 'Some error has occurred during data processing; if the problem persists contact the <a href=\'mailto:'.BRDB_ADMIN_ADDRESS.'\'>administrator</a>.\n' );
174 $notify = $notify_arr[$lang];
177 $que = sprintf("SELECT * FROM %s WHERE %s='%s';", BRDB_SELFAUTH, "cf_hash", xcape($cf_hash));
178 $rec = pg_query($pg, $que);
180 if (pg_num_rows($rec) > 0) {
181 $row = pg_fetch_object($rec);
183 $new_action = "modify";
185 $new_action = "show";
188 $new_action = "insert";
192 $i_action = $new_action;
196 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
197 <title>#PAGE_TITLE#</title>
198 <script type="text/javascript" src="probrowser.js"></script>
199 <script type="text/javascript" src="commons.js"></script>
200 <script type="text/javascript" src="md5.js"></script>
201 <script type="text/javascript" src="room.js"></script>
202 <link rel="stylesheet" type="text/css" href="threegates.css">
203 <link rel="stylesheet" type="text/css" href="room.css">
204 <SCRIPT type="text/javascript"><!--
206 var g_withflash = false;
207 var topbanner_sfx, topbanner_dx;
209 var sess = "not_connected";
211 window.onload = function() {
212 // alert(window.onbeforeunload);
213 g_brow = get_browser_agent();
216 // alert($("selfauth_formid").elements[\'i_action\'].value);
218 if ($("selfauth_formid").elements[\'i_action\'].value != "show")
219 $("i_emailid").focus();
225 <body style="text-align: center;">
226 <div id="header" class="header">
227 <table width="100%" border="0" cols="3"><tr>
228 <td align="left"><div style="padding-left: 8px;"></div></td>
229 <td align="center"><div style="text-align: center;">
230 <h1>ThreeGates Example</h1>
232 <td align="right"><div style="padding-right: 8px;">
238 <div style="text-align: justify; width: 800px; margin: auto; padding: 4px; display: block;">#NAZIO#<br></div>
239 <div style="text-align: justify; font-size: 14px; width: 800px; margin: auto; padding: 16px; border: 1px solid gray; background-color: #f0f0f0;">
242 <form id="selfauth_formid" accept-charset="utf-8" method="post" action="" onsubmit="return j_selfauth_manager(this,\'#LANG#\');">
243 <input id="i_actionid" name="i_action" type="hidden" value="#ACTION#">
244 <input id="i_pass_privateid" name="i_pass_private" type="hidden" value="">
245 <table class="login">
250 <tr><td>#USER_LABEL#:</td>
264 $tmpl_page_tit = array ( 'it' => 'Brisk: auto-garanzia',
265 'en' => 'Brisk: self-guarantee' );
267 $tmpl_title = array ( 'it' => 'Procedura di auto-garanzia.',
268 'en' => 'Self-guarantee procedure.' );
270 $tmpl_hili = array ( 'it' => 'briscola chiamata in salsa ajax',
271 'en' => 'declaration briscola in ajax sauce' );
273 $tmpl_user_label = array ( 'it' => 'utente',
276 $tmpl_pass_confirm = array ('it' => 'conferma<br>password',
277 'en' => 'confirm<br>password' );
279 $tmpl_well_ins = array ( 'it' => '<b>Benvenuto e complimenti per essere arrivato/a fin qui.</b><br><br>
280 Sei quasi alla fine della <b>procedura di auto-garanzia</b>: riempi i campi della maschera qui sotto e clicca "invia" per terminarla.<br><br>
281 Ti ricordo che sul server non verrà memorizzato nessun dato sensibile che ti riguarda ma soltanto un codice univoco calcolata a partire dal tuo codice fiscale e dal quale è impossibile risalire al codice fiscale stesso.',
282 'en' => '<b>Wellcome and congratulation to be arrived here.</b><br><br>
283 You are near the end of the <b>self guarantee procedure</b>: fill fields of the form below and click "send" to finish.<br><br>
284 I remember you that on the server will not stored any sensible data about you but only a uniq code computed starting from your fiscal code and that from this uniq code is never possible traced back to your fiscal code.' ) ;
286 $tmpl_well_mod = array ( 'it' => '<b>Ciao #USER_NAME#,</b><br><br>
287 i tuoi dati non sono ancora stati processati e inseriti in Brisk; se vuoi modificarli aggiorna i campi qui di seguito.<br>Se lasci in bianco i campi per la password verrà mantenuta quella precedente.<br>',
288 'en' => '<b>Hi #USER_NAME#,</b><br><br>
289 your data have not yet been processed and inserted into Brisk; if you want to change them update fields below.<br> If left blank passwords fields, will be mantained the previous version.<br>' );
291 $tmpl_well_def = array ( 'it' => '<b>Ciao #USER_NAME#,</b><br><br>
292 i tuoi dati sono già stati processati e inseriti in Brisk; se vuoi modificarli segnalalo all\'amministratore attraverso il menù <b>azioni</b> del sito, provvederà a sospendere temporaneamente il tuo account e rendere di nuovo modificabili queste informazioni.<br>',
293 'en' => '<b>Hi #USER_NAME#,</b><br><br>
294 your data has already been processed and inserted into Brisk; if you want to edit them you must contact the administrator using the <b>actions</b> menu item of the site, he will temporarily suspend your account and make this informations editable again.<br>' );
296 $pass_var_full = '<tr><td>password:</td>
298 <input id="i_passwordid" class="input_text" name="i_password" type="password" size="24" maxlength="64" value="">
300 <tr><td>#PASS_CONFIRM_LABEL#:</td>
302 <input id="i_confpassid" class="input_text" name="i_confpass" type="password" size="24" maxlength="64" value="">
304 <tr><td style="text-align: center;" colspan="2"><input id="sub" value="#SUBMIT_LABEL#" type="submit" class="button"></td></tr>';
308 if ($i_action == "insert") {
309 $tmpl_well = $tmpl_well_ins[$lang];
311 else if ($i_action == "modify") {
312 $well_vars = array( '#USER_NAME#' => $row->user );
313 $tmpl_well = stemplala( $tmpl_well_mod[$lang], $well_vars );
316 $well_vars = array( '#USER_NAME#' => $row->user );
317 $tmpl_well = stemplala( $tmpl_well_def[$lang], $well_vars );
321 $noti_var = sprintf("<b>%s</b>", $notify);
325 if ($i_action != "show") {
326 $email_var = sprintf("<input id='i_emailid' class='input_text' name='i_email' type='text' size='24' maxlength='256' value='%s'>",
327 ($i_action == "modify" ? dexcape($row->email) : "") );
330 $email_var = sprintf("<div style='background-color: white;'>%s</div>", $row->email);
333 if ($i_action != "show") {
334 $user_var = sprintf("<input id='i_userid' class='input_text' name='i_user' type='text' size='24' maxlength='12' value='%s'>",
335 ($i_action == "modify" ? dexcape($row->user) : "") );
338 $user_var = sprintf("<div style='background-color: white;'>%s</div>", $row->user);
341 if ($i_action != "show") {
342 $submit_arr = array ( 'it' => 'invia',
344 $pass_arr = array ( '#SUBMIT_LABEL#' => $submit_arr[$lang],
345 '#PASS_CONFIRM_LABEL#'=> $tmpl_pass_confirm[$lang]
347 $pass_var = stemplala( $pass_var_full, $pass_arr );
353 '#PAGE_TITLE#' => $tmpl_page_tit[$lang],
354 '#HILI#' => $tmpl_hili[$lang],
355 '#TITLE#' => $tmpl_title[$lang],
357 '#WELLCOME#' => $tmpl_well,
358 '#NOTIFY#' => $noti_var,
359 '#ACTION#' => $i_action,
360 '#EMAIL#' => $email_var,
361 '#USER_LABEL#' => $tmpl_user_label[$lang],
362 '#USER#' => $user_var,
363 '#PASS#' => $pass_var,
368 echo stemplala($tmpl_page, $page_vars);