source: branches/dev/data/downloads/module/security/security.php @ 12111

Revision 12111, 4.7 KB checked in by naka, 19 years ago (diff)
Line 
1<?php
2/**
3 *
4 * @copyright   2000-2006 LOCKON CO.,LTD. All Rights Reserved.
5 * @version CVS: $Id: ebis_tag.php,v 1.0 2006/10/26 04:02:40 naka Exp $
6 * @link        http://www.lockon.co.jp/
7 *
8 */
9 
10//¥Ú¡¼¥¸´ÉÍý¥¯¥é¥¹
11class LC_Page {
12    //¥³¥ó¥¹¥È¥é¥¯¥¿
13    function LC_Page() {
14        //¥á¥¤¥ó¥Æ¥ó¥×¥ì¡¼¥È¤Î»ØÄê
15        $this->tpl_mainpage = MODULE_PATH . 'security/security.tpl';
16        $this->tpl_subtitle = '¥»¥­¥å¥ê¥Æ¥£¥Á¥§¥Ã¥¯';
17    }
18}
19
20$objPage = new LC_Page();
21$objView = new SC_AdminView();
22
23switch($_POST['mode']) {
24case 'edit':
25    $inst_inc = DATA_PATH . 'install.inc';
26    // install.inc¤Î±£ÊÃ
27    $hidden_inc = MODULE_PATH . 'security/install_inc.php';
28    if(sfIsNormalInstallInc()) {
29        if(copy($inst_inc, $hidden_inc)) {
30            $require = "<?php\n".
31                       "    require_once($hidden_inc);\n".
32                       "?>";
33            if($fp = fopen($inst_inc,"w")) {
34                fwrite($fp, $require);
35                fclose($fp);
36            }
37        }
38    }
39    break;
40default:
41    break;
42}
43
44$arrList[] = sfCheckOpenData();
45$arrList[] = sfCheckInstall();
46$arrList[] = sfCheckIDPass('admin', 'password');
47$arrList[] = sfCheckInstallInc();
48
49$objPage->arrList = $arrList;
50
51$objView->assignobj($objPage);                  //ÊÑ¿ô¤ò¥Æ¥ó¥×¥ì¡¼¥È¤Ë¥¢¥µ¥¤¥ó¤¹¤ë
52$objView->display($objPage->tpl_mainpage);      //¥Æ¥ó¥×¥ì¡¼¥È¤Î½ÐÎÏ
53//-------------------------------------------------------------------------------------------------------
54// ÀßÄê¥Õ¥¡¥¤¥ë(data)¤Î¥Ñ¥¹¤¬¸ø³«¥Ñ¥¹¤Ç¤Ê¤¤¤«³Îǧ¤¹¤ë
55function sfCheckOpenData() {
56    // ¥É¥­¥å¥á¥ó¥È¥ë¡¼¥È¤Î¥Ñ¥¹¤ò¿ä¬¤¹¤ë¡£
57    $doc_root = ereg_replace(URL_DIR . "$","/",HTML_PATH);
58    $data_path = realpath(DATA_PATH);
59   
60    // data¤Î¥Ñ¥¹¤¬¥É¥­¥å¥á¥ó¥È¥ë¡¼¥È°Ê²¼¤Ë¤¢¤ë¤«È½Äê
61    if(ereg("^".$doc_root, $data_path)) {
62        $arrResult['result'] = "¡ß";
63        $arrResult['detail'] = "ÀßÄê¥Õ¥¡¥¤¥ë¤¬¡¢¸ø³«¤µ¤ì¤Æ¤¤¤ë²ÄǽÀ­¤¬¤¢¤ê¤Þ¤¹¡£<br>";
64        $arrResult['detail'].= "/data/¥Ç¥£¥ì¥¯¥È¥ê¤Ï¡¢Èó¸ø³«¤Î¥Ñ¥¹¤ËÀßÃÖ¤·¤Æ²¼¤µ¤¤¡£";
65    } else {
66        $arrResult['result'] = "¡û";
67        $arrResult['detail'] = "ÀßÄê¥Õ¥¡¥¤¥ë¤Ï¡¢¸ø³«¥Ñ¥¹ÇÛ²¼¤Ë¸ºß¤·¤Þ¤»¤ó¡£";       
68    }
69   
70    $arrResult['title'] = "ÀßÄê¥Õ¥¡¥¤¥ë¤ÎÊݸ¥Ñ¥¹";
71    return $arrResult;
72}
73
74// ¥¤¥ó¥¹¥È¡¼¥ë¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤¹¤ë¤«³Îǧ¤¹¤ë
75function sfCheckInstall() {
76    // ¥¤¥ó¥¹¥È¡¼¥ë¥Õ¥¡¥¤¥ë¤Î¸ºß¥Á¥§¥Ã¥¯
77    $inst_path = HTML_PATH . "install/index.php";
78   
79    if(file_exists($inst_path)) {
80        $arrResult['result'] = "¡ß";
81        $arrResult['detail'] = "/install/index.php¤Ï¡¢¥¤¥ó¥¹¥È¡¼¥ë´°Î»¸å¤Ë¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£";           
82    } else {
83        $arrResult['result'] = "¡û";
84        $arrResult['detail'] = "/install/index.php¤Ï¡¢¸«¤Ä¤«¤ê¤Þ¤»¤ó¤Ç¤·¤¿¡£";   
85    }
86   
87    $arrResult['title'] = "¥¤¥ó¥¹¥È¡¼¥ë¥Õ¥¡¥¤¥ë¤Î¥Á¥§¥Ã¥¯";
88    return $arrResult;
89}
90
91// ´ÉÍý¼Ô¥æ¡¼¥¶¤ÎID/¥Ñ¥¹¥ï¡¼¥É¥Á¥§¥Ã¥¯
92function sfCheckIDPass($user, $password) {
93    $objQuery = new SC_Query();
94    $sql = "SELECT password FROM dtb_member WHERE login_id = ?";
95    // DB¤«¤é°Å¹æ²½¥Ñ¥¹¥ï¡¼¥É¤ò¼èÆÀ¤¹¤ë¡£
96    $arrRet = $objQuery->getAll($sql, array($user));
97    // ¥æ¡¼¥¶ÆþÎϥѥ¹¥ï¡¼¥É¤ÎȽÄê
98    $ret = sha1($password . ":" . AUTH_MAGIC);
99   
100    if($ret == $arrRet[0]['password']) {
101        $arrResult['result'] = "¡ß";
102        $arrResult['detail'] = "Èó¾ï¤Ë¿ä¬¤Î¤·¤ä¤¹¤¤´ÉÍý¼ÔID¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£¸Ä¿Í¾ðÊóϳ±Ì¤Î´í¸±À­¤¬¹â¤¤¤Ç¤¹¡£";       
103    } else {
104        if(count($arrRet) > 0) {
105            $arrResult['result'] = "¢¤";
106            $arrResult['detail'] = "´ÉÍý¼Ô̾¤Ë¡Öadmin¡×¤òÍøÍѤ·¤Ê¤¤¤è¤¦¤Ë¤·¤Æ²¼¤µ¤¤¡£";               
107        } else {
108            $arrResult['result'] = "¡û";
109            $arrResult['detail'] = "Æȼ«¤ÎID¡¢¥Ñ¥¹¥ï¡¼¥É¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¤è¤¦¤Ç¤¹¡£";               
110        }
111    }
112   
113    $arrResult['title'] = "ID/¥Ñ¥¹¥ï¡¼¥É¤Î¥Á¥§¥Ã¥¯";
114    return $arrResult;
115}
116
117
118// install.inc¤Î¥Õ¥¡¥¤¥ë¤ò¥Á¥§¥Ã¥¯¤¹¤ë
119function sfCheckInstallInc() {
120    // install.inc¤¬±£Êøå¤Î¤â¤Î¤«È½Äꤹ¤ë
121    if(sfIsNormalInstallInc()) {
122        $arrResult['result'] = "¡ß";
123        $arrResult['detail'] = "install.inc¤ÎÆâÍƤò±£Êä·¤Þ¤¹¤«¡©";
124        $arrResult['detail'].= "<input type='submit' value='±£Ê乤ë'>";       
125    } else {
126        $arrResult['result'] = "¡û";
127        $arrResult['detail'] = "install.inc¤Î±£ÊÃÂкö¤¬¤È¤é¤ì¤Æ¤¤¤Þ¤¹¡£";                       
128    }
129    $arrResult['title'] = "install.inc¤Î¥Á¥§¥Ã¥¯";
130    return $arrResult;
131}
132
133// install.inc¤¬±£Êøå¤Î¤â¤Î¤«È½Äꤹ¤ë
134function sfIsNormalInstallInc() {
135    // install.inc¤Î¥Ñ¥¹¤ò¼èÆÀ¤¹¤ë
136    $inst_inc = DATA_PATH . 'install.inc';
137    if(file_exists($inst_inc)) {
138        if($fp = fopen($inst_inc, "r")) {
139            $data = fread($fp, filesize($inst_inc));
140            fclose($fp);
141        }
142        if(ereg("DB_PASSWORD", $data)) {
143            return true;
144        }
145    }
146    return false;
147}
148
149?>
Note: See TracBrowser for help on using the repository browser.