source: branches/dev/data/downloads/module/security/security.php @ 12095

<?php
/**
 * 
 * @copyright   2000-2006 LOCKON CO.,LTD. All Rights Reserved.
 * @version CVS: $Id: ebis_tag.php,v 1.0 2006/10/26 04:02:40 naka Exp $
 * @link        http://www.lockon.co.jp/
 *
 */
 
//¥Ú¡¼¥¸´ÉÍý¥¯¥é¥¹
class LC_Page {
    //¥³¥ó¥¹¥È¥é¥¯¥¿
    function LC_Page() {
        //¥á¥¤¥ó¥Æ¥ó¥×¥ì¡¼¥È¤Î»ØÄê
        $this->tpl_mainpage = MODULE_PATH . 'security/security.tpl';
        $this->tpl_subtitle = '¥»¥­¥å¥ê¥Æ¥£¥Á¥§¥Ã¥¯';
    }
}

$objPage = new LC_Page();
$objView = new SC_AdminView();


$arrList[] = sfCheckOpenData();
$arrList[] = sfCheckInstall();
$arrList[] = sfCheckIDPass('admin', 'password');

$objPage->arrList = $arrList;

$objView->assignobj($objPage);                  //ÊÑ¿ô¤ò¥Æ¥ó¥×¥ì¡¼¥È¤Ë¥¢¥µ¥¤¥ó¤¹¤ë
$objView->display($objPage->tpl_mainpage);      //¥Æ¥ó¥×¥ì¡¼¥È¤Î½ÐÎÏ
//-------------------------------------------------------------------------------------------------------
// ÀßÄê¥Õ¥¡¥¤¥ë(data)¤Î¥Ñ¥¹¤¬¸ø³«¥Ñ¥¹¤Ç¤Ê¤¤¤«³Îǧ¤¹¤ë
function sfCheckOpenData() {
    // ¥É¥­¥å¥á¥ó¥È¥ë¡¼¥È¤Î¥Ñ¥¹¤ò¿ä¬¤¹¤ë¡£
    $doc_root = ereg_replace(URL_DIR . "$","/",HTML_PATH);
    $data_path = realpath(DATA_PATH);
    
    // data¤Î¥Ñ¥¹¤¬¥É¥­¥å¥á¥ó¥È¥ë¡¼¥È°Ê²¼¤Ë¤¢¤ë¤«È½Äê
    if(ereg("^".$doc_root, $data_path)) {
        $arrResult['result'] = "¡ß";
        $arrResult['detail'] = "ÀßÄê¥Õ¥¡¥¤¥ë¤¬¡¢¸ø³«¤µ¤ì¤Æ¤¤¤ë²ÄǽÀ­¤¬¤¢¤ê¤Þ¤¹¡£<br>";
        $arrResult['detail'].= "/data/¥Ç¥£¥ì¥¯¥È¥ê¤Ï¡¢Èó¸ø³«¤Î¥Ñ¥¹¤ËÀßÃÖ¤·¤Æ²¼¤µ¤¤¡£";
    } else {
        $arrResult['result'] = "¡û";
        $arrResult['detail'] = "ÀßÄê¥Õ¥¡¥¤¥ë¤Ï¡¢¸ø³«¥Ñ¥¹ÇÛ²¼¤Ë¸ºß¤·¤Þ¤»¤ó¡£";        
    }
    
    $arrResult['title'] = "ÀßÄê¥Õ¥¡¥¤¥ë¤ÎÊݸ¥Ñ¥¹";
    return $arrResult;
}

// ¥¤¥ó¥¹¥È¡¼¥ë¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤¹¤ë¤«³Îǧ¤¹¤ë
function sfCheckInstall() {
    // ¥¤¥ó¥¹¥È¡¼¥ë¥Õ¥¡¥¤¥ë¤Î¸ºß¥Á¥§¥Ã¥¯
    $inst_path = HTML_PATH . "install/index.php";
    
    if(file_exists($inst_path)) {
        $arrResult['result'] = "¡ß";
        $arrResult['detail'] = "/install/index.php¤Ï¡¢¥¤¥ó¥¹¥È¡¼¥ë´°Î»¸å¤Ë¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£";            
    } else {
        $arrResult['result'] = "¡û";
        $arrResult['detail'] = "/install/index.php¤Ï¡¢¸«¤Ä¤«¤ê¤Þ¤»¤ó¤Ç¤·¤¿¡£";    
    }
    
    $arrResult['title'] = "¥¤¥ó¥¹¥È¡¼¥ë¥Õ¥¡¥¤¥ë¤Î¥Á¥§¥Ã¥¯";
    return $arrResult;
}

// ´ÉÍý¼Ô¥æ¡¼¥¶¤ÎID/¥Ñ¥¹¥ï¡¼¥É¥Á¥§¥Ã¥¯
function sfCheckIDPass($user, $password) {
    $objQuery = new SC_Query();
    $sql = "SELECT password FROM dtb_member WHERE login_id = ?";
    // DB¤«¤é°Å¹æ²½¥Ñ¥¹¥ï¡¼¥É¤ò¼èÆÀ¤¹¤ë¡£
    $arrRet = $objQuery->getAll($sql ,$user); 
    // ¥æ¡¼¥¶ÆþÎϥѥ¹¥ï¡¼¥É¤ÎȽÄê
    $ret = sha1($password . ":" . AUTH_MAGIC);
    
    if($ret == $arrRet[0]['password']) {
        $arrResult['result'] = "¡ß";
        $arrResult['detail'] = "Èó¾ï¤Ë¿ä¬¤Î¤·¤ä¤¹¤¤´ÉÍý¼ÔID¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£¸Ä¿Í¾ðÊóϳ±Ì¤Î´í¸±À­¤¬¹â¤¤¤Ç¤¹¡£";       
    } else {
        if(count($arrRet) > 0) {
            $arrResult['result'] = "¢¤";
            $arrResult['detail'] = "´ÉÍý¼Ô̾¤Ë¡Öadmin¡×¤òÍøÍѤ·¤Ê¤¤¤è¤¦¤Ë¤·¤Æ²¼¤µ¤¤¡£";               
        } else {
            $arrResult['result'] = "¡û";
            $arrResult['detail'] = "Æȼ«¤ÎID¡¢¥Ñ¥¹¥ï¡¼¥É¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¤è¤¦¤Ç¤¹¡£";               
        }
    }
    
    $arrResult['title'] = "ID/¥Ñ¥¹¥ï¡¼¥É¤Î¥Á¥§¥Ã¥¯";
    return $arrResult;
}
?>