diff --git a/.vs/slnx.sqlite b/.vs/slnx.sqlite new file mode 100644 index 00000000..b4d33896 Binary files /dev/null and b/.vs/slnx.sqlite differ diff --git a/Ajax.php b/Ajax.php index cd2a7ebc..aac9063b 100644 --- a/Ajax.php +++ b/Ajax.php @@ -27,8 +27,10 @@ # #*************************************************************************************** -include("functions/ParamLibFnc.php"); +session_start(); +isset($_SESSION['login']) or die('Access denied!'); +include "functions/ParamLibFnc.php"; echo ''; echo ''; echo ''; @@ -164,7 +166,6 @@ // For Eligibility 'eligibility/Student.php' ); - // echo "
";print_r($_REQUEST);echo "
"; if ($count_student_RET[1]['NUM'] > 1) { $title_set = 'y'; @@ -258,7 +259,8 @@ if (Preferences('SEARCH') != 'Y' && substr(clean_param($modname, PARAM_NOTAGS), 0, 6) != 'users/') $_REQUEST['search_modfunc'] = 'list'; - include('modules/' . $modname); + if (preg_match('/\.\./', $modname) !== 1) + include 'modules/' . $modname; } else { if (User('USERNAME')) { diff --git a/Ajax_url_encode.php b/Ajax_url_encode.php index 6f770f48..1ce60445 100644 --- a/Ajax_url_encode.php +++ b/Ajax_url_encode.php @@ -1,7 +1,36 @@ . +# +#*************************************************************************************** + require_once 'functions/UrlFnc.php'; $encoded_url = encode_url($_REQUEST['link_url']); -echo $encoded_url; -?> +echo htmlentities($encoded_url); + +?> \ No newline at end of file diff --git a/ForExport.php b/ForExport.php index 1ef831cc..4192048c 100644 --- a/ForExport.php +++ b/ForExport.php @@ -25,10 +25,13 @@ # along with this program. If not, see . # #*************************************************************************************** -include("functions/ParamLibFnc.php"); + +session_start(); +isset($_SESSION['login']) or die('Access denied!'); +include "functions/ParamLibFnc.php"; //include("functions/UrlFnc.php"); -include('RedirectRootInc.php'); -// include('functions/SqlSecurityFnc.php'); +include 'RedirectRootInc.php'; + //$url=validateQueryString(curPageURL()); //if($url===FALSE) // { @@ -123,7 +126,9 @@ { if(Preferences('SEARCH')!='Y') $_REQUEST['search_modfunc'] = 'list'; - include('modules/'.$modname); + + if (preg_match('/\.\./', $modname) !== 1) + include 'modules/' . $modname; } else { diff --git a/ForWindow.php b/ForWindow.php index ee7cb87a..0006e1d4 100644 --- a/ForWindow.php +++ b/ForWindow.php @@ -26,16 +26,23 @@ # along with this program. If not, see . # #*************************************************************************************** +session_start(); +isset($_SESSION['login']) or die('Access denied!'); +include "functions/ParamLibFnc.php"; -include("functions/ParamLibFnc.php"); $url = validateQueryString(curPageURL()); if ($url === FALSE) { header('Location: index.php'); } -include('RedirectRootInc.php'); + +include 'RedirectRootInc.php'; + error_reporting(E_ERROR); + $start_time = time(); + include 'Warehouse.php'; + array_rwalk($_REQUEST, 'strip_tags'); $css = getCSS(); @@ -109,7 +116,9 @@ if ($allowed) { if (Preferences('SEARCH') != 'Y') $_REQUEST['search_modfunc'] = 'list'; - include('modules/' . $modname); + + if (preg_match('/\.\./', $modname) !== 1) + include 'modules/' . $modname; } else { if (User('USERNAME')) { diff --git a/Modules.php b/Modules.php index b39e28db..d6b1f8c6 100644 --- a/Modules.php +++ b/Modules.php @@ -26,10 +26,14 @@ # along with this program. If not, see . # #*************************************************************************************** + error_reporting(0); +session_start(); +isset($_SESSION['login']) or die('Access denied!'); + +include 'RedirectRootInc.php'; +include "functions/ParamLibFnc.php"; -include('RedirectRootInc.php'); -include("functions/ParamLibFnc.php"); $url = validateQueryString(curPageURL()); if ($url === FALSE) { header('Location: index.php'); @@ -1046,7 +1050,9 @@ if (Preferences('SEARCH') != 'Y' && substr(clean_param($modname, PARAM_NOTAGS), 0, 6) != 'users/') $_REQUEST['search_modfunc'] = 'list'; - include('modules/' . $modname); + + if (preg_match('/\.\./', $modname) !== 1) + include 'modules/' . $modname; } else { if (User('USERNAME')) { diff --git a/functions/HackingLogFnc.php b/functions/HackingLogFnc.php index 57199b0d..316e0018 100644 --- a/functions/HackingLogFnc.php +++ b/functions/HackingLogFnc.php @@ -25,7 +25,8 @@ # along with this program. If not, see . # #*************************************************************************************** - +session_start(); +isset($_SESSION['login']) or die('Access denied!'); function HackingLog() { echo ""._youReNotAllowedToUseThisProgram."! "._thisAttemptedViolationHasBeenLoggedAndYourIpAddressWasCaptured."."; diff --git a/install/Ins4.php b/install/Ins4.php index 36b0791f..536267b2 100644 --- a/install/Ins4.php +++ b/install/Ins4.php @@ -25,27 +25,35 @@ # along with this program. If not, see . # #*************************************************************************************** + error_reporting(0); session_start(); + $_SESSION['admin_name'] = $_POST['auname']; $_SESSION['admin_pwd'] = md5($_POST['apassword']); - -require_once("../functions/PragRepFnc.php"); +require_once "../functions/PragRepFnc.php"; //mysql_select_db($_SESSION['db']); $dbconn = new mysqli($_SESSION['server'],$_SESSION['username'],$_SESSION['password'],$_SESSION['db'],$_SESSION['port']); if($dbconn->connect_errno!=0) - { - echo "

" . $dbconn->error . "

\n"; - exit; - } -$sql="update staff set first_name='$_POST[fname]',last_name='$_POST[lname]',middle_name='$_POST[mname]', profile_id=0 where staff_id=1 "; +{ + echo "

" . $dbconn->error . "

\n"; + exit; +} + +$_POST['fname'] = strip_tags(urldecode($_POST['fname'])); +$_POST['lname'] = strip_tags(urldecode($_POST['lname'])); +$_POST['mname'] = strip_tags(urldecode($_POST['mname'])); + +$sql = "UPDATE staff SET first_name = '" . $_POST['fname'] . "', last_name = '" . $_POST['lname'] . "', middle_name = '" . $_POST['mname'] . "', profile_id = 0 WHERE staff_id = 1"; $result = $dbconn->query($sql); -$sql="update login_authentication set username='".$_SESSION['admin_name']."', password='".$_SESSION['admin_pwd']."' WHERE user_id=1 AND profile_id=0"; + +$sql = "UPDATE login_authentication SET username='".$_SESSION['admin_name']."', password='".$_SESSION['admin_pwd']."' WHERE user_id=1 AND profile_id=0"; $dbconn->query($sql); + $dbconn->close(); //mysqli_close($dbconn); - header('Location: Step5.php'); -?> + +?> \ No newline at end of file diff --git a/install/Step5.php b/install/Step5.php index ae58f7eb..d279da95 100644 --- a/install/Step5.php +++ b/install/Step5.php @@ -116,11 +116,13 @@ if ($fh == TRUE) { - $THIS_server = sqlSecurityFilterIns($_SESSION['server']); - $THIS_username = sqlSecurityFilterIns($_SESSION['username']); - $THIS_password = sqlSecurityFilterIns($_SESSION['password']); - $THIS_db = sqlSecurityFilterIns($_SESSION['db']); - $THIS_port = sqlSecurityFilterIns($_SESSION['port']); + include '../functions/SqlSecurityFnc.php'; + + $THIS_server = sqlSecurityFilter($_SESSION['server'], 'no'); + $THIS_username = sqlSecurityFilter($_SESSION['username'], 'no'); + $THIS_password = sqlSecurityFilter($_SESSION['password'], 'no'); + $THIS_db = sqlSecurityFilter($_SESSION['db'], 'no'); + $THIS_port = sqlSecurityFilter($_SESSION['port'], 'no'); $string .= "<" . "?php \n"; $string .= "$" . "DatabaseType = 'mysqli'; \n"; @@ -229,106 +231,8 @@ "; } + session_unset(); session_destroy(); -function sqlSecurityFilterIns($variableName = '') -{ - $variable = $variableName; - $check_stream = array('union ', 'select ', 'concat', 'concat_ws', 'create ', 'update ', 'insert ', 'delete ', 'extract ', 'drop ', 'truncate ', 'where ', 'trim ', 'format ', 'union%20', 'select%20', 'create%20', 'update%20', 'insert%20', 'delete%20', 'extract%20', 'drop%20', 'truncate%20', 'where%20', 'trim%20', 'format%20', ';', '\'', '--', '../', '..%2f', 'skip-grant-tables'); - - if ($variable != '') { - $checker = 0; - $checker_k = 0; - $checker_v = 0; - if (is_array($variable)) { - - $filter_data = array(); - $neat_key = ''; - $neat_val = ''; - - foreach ($variable as $onekey => $oneval) { - - $k_check_1 = strip_tags($onekey); - $k_check_2 = addslashes($k_check_1); - // $k_check_3 = mysqli_real_escape_string($connection, $k_check_2); - $k_check_4 = strtolower($k_check_2); - - $v_check_1 = strip_tags($oneval); - $v_check_2 = addslashes($v_check_1); - // $v_check_3 = mysqli_real_escape_string($connection, $v_check_2); - $v_check_4 = strtolower($v_check_2); - - foreach ($check_stream as $one_check) { - if (strpos($k_check_4, $one_check) !== false) - { - $checker_k++; - } - - if(strpos($v_check_4, $one_check) !== false) - { - $checker_v++; - } - } - - if(is_array($oneval)) - { - $get_child_ret = sqlSecurityFilterIns($oneval); // being recursive - - $filter_data[$k_check_3] = $get_child_ret; - } - else - { - if($checker_k != 0 || $checker_v != 0) - { - unset($variable[$onekey]); - } - else - { - unset($variable[$onekey]); - - // if(is_array($oneval)) - // { - // $get_child_ret = sqlSecurityFilter($oneval); // being recursive - - // $filter_data[$k_check_3] = $get_child_ret; - // } - // else - // { - $filter_data[$k_check_3] = $v_check_3; - // } - } - } - - // $filter_data[] = $variable; - } - - return $filter_data; - - unset($checker); - unset($checker_k); - unset($checker_v); - } else { - $check_1 = strip_tags($variable); - $check_2 = addslashes($check_1); - // $check_3 = mysqli_real_escape_string($connection, $check_2); - $check_4 = strtolower($check_2); - - foreach ($check_stream as $one_check) { - if (strpos($check_4, $one_check) !== false) { - $checker++; - } - } - - if ($checker == 0) { - return $check_2; - } else { - return ''; - } - } - } else { - return $variableName; - } -} - ?> diff --git a/modules/messaging/Inbox.php b/modules/messaging/Inbox.php index ca7949a1..3e7a8275 100644 --- a/modules/messaging/Inbox.php +++ b/modules/messaging/Inbox.php @@ -29,14 +29,14 @@ include('../../RedirectModulesInc.php'); require_once('libraries/htmlpurifier/library/HTMLPurifier.auto.php'); -DrawBC(""._messaging." > " . ProgramTitle()); +DrawBC("" . _messaging . " > " . ProgramTitle()); - //echo'
Message body cannot be empty
'; +//echo'
Message body cannot be empty
'; if (isset($_REQUEST['del']) && $_REQUEST['del'] == 'true') { - echo'
'._messageDeletedSucessfully.'
'; + echo '
' . _messageDeletedSucessfully . '
'; } if ($_REQUEST['failed_user'] == 'Y') - echo '
'._messageNotSentAsNoUsersWereFound.'.
'; + echo '
' . _messageNotSentAsNoUsersWereFound . '.
'; if ($_REQUEST['button'] == 'Send') { if (User('PROFILE') == 'teacher' && $_REQUEST['cp_id'] != '') { if ($_REQUEST['list_gpa_student'] == 'Y') { @@ -58,8 +58,7 @@ $_REQUEST['txtToUser'] = $_REQUEST['txtToUser'] . ',' . implode(',', $sch_p_arr); elseif (count($sch_stu_arr) == 0 && count($sch_p_arr) > 0) $_REQUEST['txtToUser'] = implode(',', $sch_p_arr); - } - else { + } else { echo ""; } } @@ -318,7 +317,7 @@ } else { $trash_user = $userName; } - $query = 'update msg_inbox set to_user="'.$update_to_user.'",istrash="'.$trash_user.'" where mail_id IN ("'.$mail_id.'")'; + $query = 'update msg_inbox set to_user="' . $update_to_user . '",istrash="' . $trash_user . '" where mail_id IN ("' . $mail_id . '")'; $fetch_ex = DBQuery($query); } @@ -362,15 +361,16 @@ } else { echo '
'; PopTable('header', _alertMessage); - echo "

"._pleaseSelectAtleastOneMessageToDelete."


"; + echo "

" . _pleaseSelectAtleastOneMessageToDelete . "


"; PopTable('footer'); return false; } } -if (count($toArray) > 1) - CheckAuthenticMail($userName, $_REQUEST["txtToUser"], $_REQUEST["txtToCCUser"], $_REQUEST["txtToBCCUser"]); -else { +if (count($toArray) > 1) { + $txtToUser = sqlSecurityFilter($_REQUEST["txtToUser"]); + CheckAuthenticMail($userName, $txtToUser, $_REQUEST["txtToCCUser"], $_REQUEST["txtToBCCUser"]); +} else { if (count($toArray) == 1) { if ($_SESSION['course_period_id'] != '') { if (User('PROFILE') == 'teacher') { @@ -404,9 +404,8 @@ if ($finalList != "") CheckAuthenticMail($userName, $finalList, $_REQUEST["txtToCCUser"], $_REQUEST["txtToBCCUser"]); } - } - else { - $to = str_replace("'", "\'", trim($_REQUEST["txtToUser"])); + } else { + $to = sqlSecurityFilter(str_replace("'", "\'", trim($_REQUEST["txtToUser"]))); $q = "SELECT mail_group.*, GROUP_CONCAT(gm.user_name) AS members FROM mail_group INNER JOIN mail_groupmembers gm ON(mail_group.group_id = gm.group_id) where mail_group.user_name='$userName' AND group_name ='$to' GROUP BY gm.group_id"; $group_list = DBGet(DBQuery($q)); if (count($group_list) != 0) { @@ -419,7 +418,8 @@ } } else { if (trim($_REQUEST["txtToUser"]) != "") { - CheckAuthenticMail($userName, $_REQUEST["txtToUser"], $_REQUEST["txtToCCUser"], $_REQUEST["txtToBCCUser"]); + $txtToUser = sqlSecurityFilter($_REQUEST["txtToUser"]); + CheckAuthenticMail($userName, $txtToUser, $_REQUEST["txtToCCUser"], $_REQUEST["txtToBCCUser"]); } } } @@ -442,7 +442,7 @@ if (in_array($userName, $read_unread_Arr)) { $user_name = $mail_body_info[1]['MAIL_READ_UNREAD']; } else { - $mail_body_info[1]['MAIL_READ_UNREAD'].=',' . $userName; + $mail_body_info[1]['MAIL_READ_UNREAD'] .= ',' . $userName; $user_name = $mail_body_info[1]['MAIL_READ_UNREAD']; } } @@ -451,18 +451,13 @@ foreach ($mail_body_info as $k => $v) { $fromUser = $v['FROM_USER']; - if($fromUser!='') - $login_authentication=DBGet(DBQuery('SELECT * FROM login_authentication WHERE username=\''.$fromUser.'\' ')); - $profile=DBGet(DBQuery('SELECT * FROM user_profiles WHERE ID='.$login_authentication[1]['PROFILE_ID'])); - if($profile[1]['PROFILE']!='parent') - { - if($profile[1]['PROFILE']=='student') - { - $stu_img_info = DBGet(DBQuery('SELECT * FROM user_file_upload WHERE USER_ID=' . $login_authentication[1]['USER_ID']. ' AND PROFILE_ID=3 AND SCHOOL_ID=' . UserSchool() . ' AND SYEAR=' . UserSyear() . ' AND FILE_INFO=\'stuimg\'')); - - } - else - { + if ($fromUser != '') + $login_authentication = DBGet(DBQuery('SELECT * FROM login_authentication WHERE username=\'' . $fromUser . '\' ')); + $profile = DBGet(DBQuery('SELECT * FROM user_profiles WHERE ID=' . $login_authentication[1]['PROFILE_ID'])); + if ($profile[1]['PROFILE'] != 'parent') { + if ($profile[1]['PROFILE'] == 'student') { + $stu_img_info = DBGet(DBQuery('SELECT * FROM user_file_upload WHERE USER_ID=' . $login_authentication[1]['USER_ID'] . ' AND PROFILE_ID=3 AND SCHOOL_ID=' . UserSchool() . ' AND SYEAR=' . UserSyear() . ' AND FILE_INFO=\'stuimg\'')); + } else { $staff = DBGet(DBQuery('SELECT * FROM staff WHERE STAFF_ID=' . $login_authentication[1]['USER_ID'])); } } @@ -470,12 +465,12 @@ echo '
'; echo '
'; - if($stu_img_info[1]['CONTENT']!='') - echo '
'; - elseif($staff[1]['IMG_NAME']!='') - echo '
'; + if ($stu_img_info[1]['CONTENT'] != '') + echo '
'; + elseif ($staff[1]['IMG_NAME'] != '') + echo '
'; else - echo '
'; + echo '
'; echo '
'; echo '
'; echo ' ' . $v['MAIL_DATETIME'] . ''; @@ -503,62 +498,59 @@ } echo '
' . str_replace(''; - if($v['MAIL_ATTACHMENT']!='') - { - echo " - "._attachment.": "; -// $attach=explode(',',$v['MAIL_ATTACHMENT']); - $attach= DBGet(DBQuery('SELECT * FROM user_file_upload WHERE ID IN ('.substr($v['MAIL_ATTACHMENT'],0,-1).')')); - foreach($attach as $user=>$img) - { -// $img_pos=strrpos($img,'/'); -// $img_name[]=substr($img,$img_pos+1,strlen($img)); -// $pos=strpos($img,'_'); -// -// $img_src[]=substr($img,$pos+1,strlen($img)); -// for($i=0;$i<(count($img_src));$i++) -// { -// $img1=$img_src[$i]; -// $m=array_keys(str_word_count($img1, 2)); -// $a=$m[0]; -// $img3[$i]=substr($img1,$a,strlen($img1)); -// } -// -// } -// for($i=0;$i<(count($attach));$i++) -// { - echo "".$img['NAME'].""; - - echo '
   
'; - - } - echo ""; - } - -// if ($v['MAIL_ATTACHMENT'] != '') { -// echo '
'; -// echo '
Attachments
'; -// $attach = explode(',', $v['MAIL_ATTACHMENT']); -// foreach ($attach as $user => $img) { -// $img_pos = strrpos($img, '/'); -// $img_name[] = substr($img, $img_pos + 1, strlen($img)); -// $pos = strpos($img, '_'); -// -// $img_src[] = substr($img, $pos + 1, strlen($img)); -// for ($i = 0; $i < (count($img_src)); $i++) { -// $img1 = $img_src[$i]; -// $m = array_keys(str_word_count($img1, 2)); -// $a = $m[0]; -// $img3[$i] = substr($img1, $a, strlen($img1)); -// } -// } -// for ($i = 0; $i < (count($attach)); $i++) { -// -// $img_name[$i] = urlencode($img_name[$i]); -// $img4[$i] = urlencode($img3[$i]); -// echo (($i>0)?', ':'')."" . $img3[$i] . ""; -// } -// } + if ($v['MAIL_ATTACHMENT'] != '') { + echo " + " . _attachment . ": "; + // $attach=explode(',',$v['MAIL_ATTACHMENT']); + $attach = DBGet(DBQuery('SELECT * FROM user_file_upload WHERE ID IN (' . substr($v['MAIL_ATTACHMENT'], 0, -1) . ')')); + foreach ($attach as $user => $img) { + // $img_pos=strrpos($img,'/'); + // $img_name[]=substr($img,$img_pos+1,strlen($img)); + // $pos=strpos($img,'_'); + // + // $img_src[]=substr($img,$pos+1,strlen($img)); + // for($i=0;$i<(count($img_src));$i++) + // { + // $img1=$img_src[$i]; + // $m=array_keys(str_word_count($img1, 2)); + // $a=$m[0]; + // $img3[$i]=substr($img1,$a,strlen($img1)); + // } + // + // } + // for($i=0;$i<(count($attach));$i++) + // { + echo "" . $img['NAME'] . ""; + + echo '
   
'; + } + echo ""; + } + + // if ($v['MAIL_ATTACHMENT'] != '') { + // echo '
'; + // echo '
Attachments
'; + // $attach = explode(',', $v['MAIL_ATTACHMENT']); + // foreach ($attach as $user => $img) { + // $img_pos = strrpos($img, '/'); + // $img_name[] = substr($img, $img_pos + 1, strlen($img)); + // $pos = strpos($img, '_'); + // + // $img_src[] = substr($img, $pos + 1, strlen($img)); + // for ($i = 0; $i < (count($img_src)); $i++) { + // $img1 = $img_src[$i]; + // $m = array_keys(str_word_count($img1, 2)); + // $a = $m[0]; + // $img3[$i] = substr($img1, $a, strlen($img1)); + // } + // } + // for ($i = 0; $i < (count($attach)); $i++) { + // + // $img_name[$i] = urlencode($img_name[$i]); + // $img4[$i] = urlencode($img3[$i]); + // echo (($i>0)?', ':'')."" . $img3[$i] . ""; + // } + // } echo '
'; echo '
'; } @@ -600,7 +592,6 @@ if (in_array($userName, $arr) || in_array($userName, $arr_cc) || in_array($userName, $arr_bcc)) { array_push($id, $value['MAIL_ID']); } else { - } } $count = count($id); @@ -631,9 +622,10 @@ } echo '
'; - $columns = array('FROM_USER' => _from, - 'MAIL_SUBJECT' => _subject, - 'MAIL_DATETIME' => _dateTime, + $columns = array( + 'FROM_USER' => _from, + 'MAIL_SUBJECT' => _subject, + 'MAIL_DATETIME' => _dateTime, ); $extra['SELECT'] = ",Concat(NULL) AS CHECKBOX"; $extra['LO_group'] = array('MAIL_ID'); @@ -654,10 +646,10 @@ $inbox_info[$id] = $extra['columns_before'] + $value; } if (count($inbox_info) != 0) { - $custom_header = '
'._inbox.'
'; + $custom_header = '
' . _inbox . '
'; } - ListOutput($inbox_info, $columns, '', '', $link, array(), array('search' =>false), TRUE, $custom_header); + ListOutput($inbox_info, $columns, '', '', $link, array(), array('search' => false), TRUE, $custom_header); echo "
"; //PopTable('footer'); @@ -665,7 +657,8 @@ echo ''; } -function SendMail($to, $userName, $subject, $mailBody, $attachment, $toCC, $toBCCs, $grpName) { +function SendMail($to, $userName, $subject, $mailBody, $attachment, $toCC, $toBCCs, $grpName) +{ $mailBody = singleQuoteReplace('', '', $mailBody); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); @@ -675,16 +668,13 @@ function SendMail($to, $userName, $subject, $mailBody, $attachment, $toCC, $toBC $grpName = str_replace("'", "\'", $grpName); $attachment = str_replace("'", "\'", $attachment); - if($mailBody=="") - { - $_SESSION['BODY_EMPTY']='1'; + if ($mailBody == "") { + $_SESSION['BODY_EMPTY'] = '1'; echo ''; - return false; - } - else if($mailBody!="") - { - $inbox_query = DBQuery('INSERT INTO msg_inbox(to_user,from_user,mail_Subject,mail_body,isdraft,mail_attachment,to_multiple_users,to_cc_multiple,to_cc,to_bcc,to_bcc_multiple,mail_datetime) VALUES(\'' . $to . '\',\'' . $userName . '\',\'' . $subject . '\',\'' . $mailBody . '\',\'' . $isdraft . '\',\'' . $attachment . '\',\'' . $to . '\',\'' . $toCC . '\',\'' . $toCC . '\',\'' . $toBCCs . '\',\'' . $toBCCs . '\',now())'); + return false; + } else if ($mailBody != "") { + $inbox_query = DBQuery('INSERT INTO msg_inbox(to_user,from_user,mail_Subject,mail_body,isdraft,mail_attachment,to_multiple_users,to_cc_multiple,to_cc,to_bcc,to_bcc_multiple,mail_datetime) VALUES(\'' . $to . '\',\'' . $userName . '\',\'' . $subject . '\',\'' . $mailBody . '\',\'' . $isdraft . '\',\'' . $attachment . '\',\'' . $to . '\',\'' . $toCC . '\',\'' . $toCC . '\',\'' . $toBCCs . '\',\'' . $toBCCs . '\',now())'); } if ($grpName == 'false') $outbox_query = DBQuery('INSERT INTO msg_outbox(to_user,from_user,mail_Subject,mail_body,mail_attachment,to_cc,to_bcc,mail_datetime) VALUES(\'' . $to . '\',\'' . $userName . '\',\'' . $subject . '\',\'' . $mailBody . '\',\'' . $attachment . '\',\'' . $toCC . '\',\'' . $toBCCs . '\',NOW())'); @@ -693,15 +683,17 @@ function SendMail($to, $userName, $subject, $mailBody, $attachment, $toCC, $toBC $outbox_query = DBQuery($q); } - echo '
'._yourMessageHasBeenSent.'.
'; + echo '
' . _yourMessageHasBeenSent . '.
'; } -function array_push_assoc($array, $key, $value) { +function array_push_assoc($array, $key, $value) +{ $array[$key] = $value; return $array; } -function CheckAuthenticMail($userName, $toUsers, $toCCUsers, $toBCCUsers, $grpName = 'false') { +function CheckAuthenticMail($userName, $toUsers, $toCCUsers, $toBCCUsers, $grpName = 'false') +{ if ($toUsers != '') $to_array = explode(',', $toUsers); @@ -799,52 +791,45 @@ function CheckAuthenticMail($userName, $toUsers, $toCCUsers, $toBCCUsers, $grpNa if ($subject == '') $subject = 'No Subject'; - - $mailBody = $_POST['txtBody']; - - - - + $mailBody = sqlSecurityFilter($_POST['txtBody']); $uploaded_file_count = count($_FILES['f']['name']); for ($i = 0; $i < $uploaded_file_count; $i++) { - - if($_FILES['f']['name'][$i]!=''){ - -// $name = $_FILES['f']['name'][$i]; -// if ($name) { -// $path = $userName . '_' . time() . rand(00, 99) . $name; -// $folder = "./assets/" . $path; -// $temp = $_FILES['f']['tmp_name'][$i]; -// move_uploaded_file($temp, $folder); -// $arr[$i] = $folder; -// } else -// $attachment = ""; - $fileName=$_FILES['f']['name'][$i]; - $tmpName = $_FILES['f']['tmp_name'][$i]; - $fileSize = $_FILES['f']['size'][$i]; - $fileType = $_FILES['f']['type'][$i]; - $fp = fopen($tmpName, 'r'); - $content = fread($fp, filesize($tmpName)); - $content = addslashes($content); - fclose($fp); - - if(!get_magic_quotes_gpc()) - { - $fileName = addslashes($fileName); - } - if(User('PROFILE')=='student') - DBQuery('INSERT INTO user_file_upload (USER_ID,PROFILE_ID,SCHOOL_ID,SYEAR,NAME, SIZE, TYPE, CONTENT,FILE_INFO) VALUES ('.UserStudentID().',\'3\','.UserSchool().','.UserSyear().',\''.$fileName.'\', \''.$fileSize.'\', \''.$fileType.'\', \''.$content.'\',\'intmsg\')'); - else - DBQuery('INSERT INTO user_file_upload (USER_ID,PROFILE_ID,SCHOOL_ID,SYEAR,NAME, SIZE, TYPE, CONTENT,FILE_INFO) VALUES ('.User('STAFF_ID').','.User('PROFILE_ID').','.UserSchool().','.UserSyear().',\''.$fileName.'\', \''.$fileSize.'\', \''.$fileType.'\', \''.$content.'\',\'intmsg\')'); - - $file_id= DBGet(DBQuery('SELECT MAX(ID) AS ID FROM user_file_upload WHERE FILE_INFO =\'intmsg\'')); - if(count($file_id)>0) - $attachment.=$file_id[1]['ID'].','; - } - + + if ($_FILES['f']['name'][$i] != '') { + + // $name = $_FILES['f']['name'][$i]; + // if ($name) { + // $path = $userName . '_' . time() . rand(00, 99) . $name; + // $folder = "./assets/" . $path; + // $temp = $_FILES['f']['tmp_name'][$i]; + // move_uploaded_file($temp, $folder); + // $arr[$i] = $folder; + // } else + // $attachment = ""; + $fileName = $_FILES['f']['name'][$i]; + $tmpName = $_FILES['f']['tmp_name'][$i]; + $fileSize = $_FILES['f']['size'][$i]; + $fileType = $_FILES['f']['type'][$i]; + $fp = fopen($tmpName, 'r'); + $content = fread($fp, filesize($tmpName)); + $content = addslashes($content); + fclose($fp); + + if (!get_magic_quotes_gpc()) { + $fileName = addslashes($fileName); + } + if (User('PROFILE') == 'student') + DBQuery('INSERT INTO user_file_upload (USER_ID,PROFILE_ID,SCHOOL_ID,SYEAR,NAME, SIZE, TYPE, CONTENT,FILE_INFO) VALUES (' . UserStudentID() . ',\'3\',' . UserSchool() . ',' . UserSyear() . ',\'' . $fileName . '\', \'' . $fileSize . '\', \'' . $fileType . '\', \'' . $content . '\',\'intmsg\')'); + else + DBQuery('INSERT INTO user_file_upload (USER_ID,PROFILE_ID,SCHOOL_ID,SYEAR,NAME, SIZE, TYPE, CONTENT,FILE_INFO) VALUES (' . User('STAFF_ID') . ',' . User('PROFILE_ID') . ',' . UserSchool() . ',' . UserSyear() . ',\'' . $fileName . '\', \'' . $fileSize . '\', \'' . $fileType . '\', \'' . $content . '\',\'intmsg\')'); + + $file_id = DBGet(DBQuery('SELECT MAX(ID) AS ID FROM user_file_upload WHERE FILE_INFO =\'intmsg\'')); + if (count($file_id) > 0) + $attachment .= $file_id[1]['ID'] . ','; + } } -// $attachment = implode(',', $arr); + // $attachment = implode(',', $arr); $multipleUser = implode(",", $to_av_user); @@ -861,23 +846,23 @@ function CheckAuthenticMail($userName, $toUsers, $toCCUsers, $toBCCUsers, $grpNa SendMail($multipleUser, $userName, $subject, $mailBody, $attachment, $multipleCCUser, $multipleBCCUser, $grpName); if (count($to_uav_user) > 0) - echo '
'._messageNotSentTo.' ' . implode(',', $to_uav_user) . ' '._asTheyDonTExist.'.

'; + echo '
' . _messageNotSentTo . ' ' . implode(',', $to_uav_user) . ' ' . _asTheyDonTExist . '.

'; if (count($to_uav_cc) > 0) - echo '
'._messageNotSentTo.' ' . implode(',', $to_uav_cc) . ' '._asTheyDonTExist.'.

'; + echo '
' . _messageNotSentTo . ' ' . implode(',', $to_uav_cc) . ' ' . _asTheyDonTExist . '.

'; if (count($to_uav_bcc) > 0) - echo '
'._messageNotSentTo.' ' . implode(',', $to_uav_bcc) . ' '._asTheyDonTExist.'.

'; - } - else { + echo '
' . _messageNotSentTo . ' ' . implode(',', $to_uav_bcc) . ' ' . _asTheyDonTExist . '.

'; + } else { if (count($to_uav_user) > 0) - echo '
'._messageNotSentAs.' ' . implode(',', $to_uav_user) . ' '._doesnTExist.'.

'; + echo '
' . _messageNotSentAs . ' ' . implode(',', $to_uav_user) . ' ' . _doesnTExist . '.

'; elseif ($toUsers == '') - echo '
'._messageNotSent.'.

'; + echo '
' . _messageNotSent . '.

'; } } -function output_file($file, $name, $mime_type = '', $mod_file) { +function output_file($file, $name, $mime_type = '', $mod_file) +{ if (!is_readable($file)) - die(''._fileNotFoundOrInaccessible.'!'); + die('' . _fileNotFoundOrInaccessible . '!'); $size = filesize($file); $name = rawurldecode($name); @@ -944,9 +929,10 @@ function output_file($file, $name, $mime_type = '', $mod_file) { if (isset($_SERVER['HTTP_RANGE'])) fseek($file, $range); - while (!feof($file) && - (!connection_aborted()) && - ($bytes_send < $new_length) + while ( + !feof($file) && + (!connection_aborted()) && + ($bytes_send < $new_length) ) { $buffer = fread($file, $chunksize); print($buffer); @@ -958,5 +944,3 @@ function output_file($file, $name, $mime_type = '', $mod_file) { die('Error - can not open file.'); die(); } - -?> diff --git a/modules/users/Staff.php b/modules/users/Staff.php index e3ecdd76..d131754b 100644 --- a/modules/users/Staff.php +++ b/modules/users/Staff.php @@ -26,6 +26,8 @@ # along with this program. If not, see . # #*************************************************************************************** +session_start(); +isset($_SESSION['login']) or die('Access denied!'); include('../../RedirectModulesInc.php'); if ($_SESSION['staff_id']== '' && $_REQUEST['staff_id'] != 'new') diff --git a/modules/users/User.php b/modules/users/User.php index c55361be..5815f5fb 100644 --- a/modules/users/User.php +++ b/modules/users/User.php @@ -26,6 +26,8 @@ # along with this program. If not, see . # #*************************************************************************************** +session_start(); +isset($_SESSION['login']) or die('Access denied!'); include('../../RedirectModulesInc.php'); if (isset($_REQUEST['custom_date_id']) && count($_REQUEST['custom_date_id']) > 0) { foreach ($_REQUEST['custom_date_id'] as $custom_id) {