1.1 --- a/php/heslo/html/hlavicka.html Tue May 05 16:49:30 2009 +0200
1.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000
1.3 @@ -1,15 +0,0 @@
1.4 -<?xml version="1.0" encoding="UTF-8"?>
1.5 -<!DOCTYPE html SYSTEM "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
1.6 -<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs">
1.7 - <head>
1.8 - <meta http-equiv="content-language" content="cs"/>
1.9 - <meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8"/>
1.10 - <meta name="GOOGLEBOT" content="NOINDEX, NOFOLLOW"/>
1.11 - <meta name="ROBOTS" content="NOINDEX, NOFOLLOW"/>
1.12 - <link href="styl.css" type="text/css" rel="StyleSheet"/>
1.13 - <title>Změna hesla – Veverka.ch</title>
1.14 - </head>
1.15 - <body>
1.16 - <h1>Změna hesla – Veverka.ch</h1>
1.17 -
1.18 -
1.19 \ No newline at end of file
2.1 --- a/php/heslo/html/paticka.html Tue May 05 16:49:30 2009 +0200
2.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000
2.3 @@ -1,3 +0,0 @@
2.4 -
2.5 -</body>
2.6 -</html>
3.1 --- a/php/heslo/index.php Tue May 05 16:49:30 2009 +0200
3.2 +++ b/php/heslo/index.php Tue May 05 17:08:09 2009 +0200
3.3 @@ -1,9 +1,9 @@
3.4 <?php
3.5 +require('lib/funkce.inc.php');
3.6 +zahlavi('Změna hesla');
3.7
3.8 -/** Jednoduchý skript sloužící ke změně hesla */
3.9
3.10 -include("html/hlavicka.html");
3.11 +htmlZnacka('p','tady si můžeš změnit heslo :-)"/>');
3.12
3.13 -include("html/paticka.html");
3.14 -
3.15 -?>
3.16 \ No newline at end of file
3.17 +zapati();
3.18 +?>
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
4.2 +++ b/php/heslo/lib/funkce.inc.php Tue May 05 17:08:09 2009 +0200
4.3 @@ -0,0 +1,325 @@
4.4 +<?php
4.5 +
4.6 +require('nastaveni.php');
4.7 +
4.8 +$zacatek = getMicrotime();
4.9 +
4.10 +function exception_handler($exception) {
4.11 + html("Došlo k chybě: " . $exception->getMessage());
4.12 + //header("Location: chyba_db.php");
4.13 + exit();
4.14 +}
4.15 +
4.16 +set_exception_handler('exception_handler');
4.17 +
4.18 +session_set_cookie_params(0, $NASTAVENI['cookie_cesta']);
4.19 +session_start();
4.20 +
4.21 +
4.22 +$strankaP = split('/', $_SERVER['REQUEST_URI']);
4.23 +$stranka = $strankaP[count($strankaP)-1];
4.24 +
4.25 +
4.26 +if (empty($_SERVER['HTTP_ACCEPT'])) {
4.27 + $mimeTyp = 'application/xhtml+xml';
4.28 +} else {
4.29 + $mimeTyp = (( stristr( $_SERVER['HTTP_ACCEPT'], 'application/xhtml+xml' ) && !preg_match("/application\/xhtml\+xml;\s*q=0(\.0)?\s*(,|$)/",$_SERVER['HTTP_ACCEPT']) ) ? 'application/xhtml+xml' : 'text/html' );
4.30 +}
4.31 +header("Content-Type: $mimeTyp");
4.32 +//header("Content-Type: text/html");
4.33 +//header("Content-Type: application/xhtml+xml");
4.34 +
4.35 +/** $nadpis = titulek stránky + h1 */
4.36 +function zahlavi($nadpis, $autorizace = true) {
4.37 + global $mimeTyp;
4.38 + if ($autorizace) {
4.39 + overPristup();
4.40 + }
4.41 +
4.42 + html('<?xml version="1.0" encoding="UTF-8"?>
4.43 +<!DOCTYPE html SYSTEM "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
4.44 +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs">
4.45 + <head>
4.46 + <meta http-equiv="content-language" content="cs"/>
4.47 + <meta http-equiv="content-type" content="' . $mimeTyp . '; charset=UTF-8"/>
4.48 + <meta name="GOOGLEBOT" content="NOINDEX, NOFOLLOW"/>
4.49 + <meta name="ROBOTS" content="NOINDEX, NOFOLLOW"/>
4.50 + <link href="styl.css" type="text/css" rel="StyleSheet"/>
4.51 + <script type="text/javaScript" src="hlavni.js"></script>
4.52 + <script type="text/javaScript" src="tridenitabulky.js"></script>
4.53 + <title>' . $nadpis . '</title>
4.54 + </head>
4.55 + <body>
4.56 +<h1>' . $nadpis . '</h1>');
4.57 +if ($autorizace) {
4.58 +html('<p id="prihlasenyUzivatel">Uživatel: ' . $_SESSION['login'] . '</p>');
4.59 +}
4.60 +}
4.61 +
4.62 +/** $zobrazitNabidku = zobrazí postranní menu */
4.63 +function zapati($zobrazitNabidku = true) {
4.64 + if ($zobrazitNabidku) {
4.65 + html('<h2 id="skrytyNadpisObsahu">Obsah</h2>
4.66 +<ul id="obsah">
4.67 +<li>
4.68 +<a href="index.php">Přehled</a>
4.69 +</li>
4.70 +<li>
4.71 +<a href="moje_bugy.php">Moje bugy</a>
4.72 +</li>
4.73 +<li>
4.74 +<a href="nahlasit_bug.php">Nahlásit bug</a>
4.75 +</li>
4.76 +<li>
4.77 +<a href="hledani.php">Hledání</a>
4.78 +</li>
4.79 +<li>
4.80 +<a href="sprava.php">Správa</a>
4.81 +</li>
4.82 +<li>
4.83 +<a href="odhlaseni.php">Odhlášení</a>
4.84 +</li>
4.85 +</ul>
4.86 +</body>');
4.87 +htmlInfoKomentar();
4.88 +html('</html>');
4.89 + } else {
4.90 + html('</body>');
4.91 + htmlInfoKomentar();
4.92 + html('</html>');
4.93 + }
4.94 +
4.95 +}
4.96 +
4.97 +function htmlInfoKomentar() {
4.98 + global $zacatek, $mimeTyp, $NASTAVENI;
4.99 + if ($NASTAVENI['ladiciKomentare']) {
4.100 + $konec = getMicrotime();
4.101 + html('<!--');
4.102 + html('Stránka: ' . $_SERVER['REQUEST_URI']);
4.103 + html('Klient: ' . $_SERVER['REMOTE_ADDR']);
4.104 + html('MIME: ' . $mimeTyp);
4.105 + html("Začátek zpracování: $zacatek");
4.106 + html("Konec zpracování: $konec");
4.107 + html('Doba zpracování: ' . ($konec - $zacatek) . 's');
4.108 + html('-->');
4.109 + }
4.110 +}
4.111 +
4.112 +function htmlOdstavec($text) {
4.113 + html("<p>\n$text\n</p>");
4.114 +}
4.115 +
4.116 +function html($text) {
4.117 + global $stranka;
4.118 + /** Odstraníme odkazy, které vedou na tutéž stránku */
4.119 + $text = str_replace(' href="' . $stranka . '"', '', $text);
4.120 +
4.121 + echo("$text\n");
4.122 +}
4.123 +
4.124 +function htmlZnacka($znacka, $text) {
4.125 + html("<$znacka>$text</$znacka>");
4.126 +}
4.127 +
4.128 +function htmlTlacitkovyOdkaz($url, $text) {
4.129 + html('<form action="' . $url . '"><fieldset><button>' . $text . '</button></fieldset></form>');
4.130 +}
4.131 +
4.132 +function escapuj($text, $delka = 256) {
4.133 + $text = str_replace("\n", "[br]", $text);
4.134 + $text = substr(mysql_escape_string(htmlspecialchars($text)), 0, $delka);
4.135 + $text = str_replace("[br]", "<br>", $text);
4.136 + //$retezec = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]", "<a href=\"\\0\">\\0</a>", $retezec);
4.137 + return $text;
4.138 +}
4.139 +
4.140 +function htmlIkonaKontrolyIP () {
4.141 + global $NASTAVENI;
4.142 + if ($NASTAVENI['kontrolovatIPadresu']) {
4.143 + html('<img src="kontrola_ip.png" alt="Kontrola IP" title="Kontroluje se IP adresa"/>');
4.144 + }
4.145 +}
4.146 +
4.147 +/** volá se na všech strákách, které vyžadují autorizaci (všechny kromě prihlaseni.php) */
4.148 +function overPristup() {
4.149 + global $NASTAVENI;
4.150 +
4.151 + if ($_SESSION['login'] == null || !isset($_SESSION['login']) || ($NASTAVENI['kontrolovatIPadresu'] && $_SERVER['REMOTE_ADDR'] != $_SESSION['ip_adresa_klienta'])) {
4.152 + header("Location: prihlaseni.php");
4.153 + exit();
4.154 + }
4.155 +}
4.156 +
4.157 +/** volá se v prihlaseni.php */
4.158 +function zkontrolujUzivatele($jmeno, $heslo) {
4.159 + global $db, $NASTAVENI;
4.160 +
4.161 + if ($NASTAVENI['hashovatHesla']) {
4.162 + $dotaz = $db->prepare("SELECT * FROM bg_uzivatel WHERE login = ? AND sha1(concat(?, heslo)) = ?");
4.163 + $dotaz->bindParam(1, $jmeno);
4.164 + $dotaz->bindParam(2, $_SESSION['hesloBordel']);
4.165 + $dotaz->bindParam(3, $heslo);
4.166 + $dotaz->execute();
4.167 + $r = $dotaz->fetchAll();
4.168 + } else {
4.169 + $dotaz = $db->prepare("SELECT * FROM bg_uzivatel WHERE login = ? AND heslo = sha1(?)");
4.170 + $dotaz->bindParam(1, $jmeno);
4.171 + $dotaz->bindParam(2, $heslo);
4.172 + $dotaz->execute();
4.173 + $r = $dotaz->fetchAll();
4.174 + }
4.175 +
4.176 + foreach ($r as $x) {
4.177 + $_SESSION['login'] = $x['login'];
4.178 + $_SESSION['ip_adresa_klienta'] = $_SERVER['REMOTE_ADDR'];
4.179 + return true;
4.180 + }
4.181 +
4.182 + $_SESSION['login'] = null;
4.183 + return false;
4.184 +}
4.185 +
4.186 +
4.187 +function sqlZjistiHodnotu($dotaz, $parametry = null) {
4.188 + global $db;
4.189 +
4.190 + $dotaz = $db->prepare($dotaz);
4.191 +
4.192 + if ($parametry != null) {
4.193 + for($i = 0; $i < count($parametry); $i++) {
4.194 + $dotaz->bindParam($i+1, $parametry[$i]);
4.195 + }
4.196 + }
4.197 +
4.198 + $dotaz->execute();
4.199 + $r = $dotaz->fetchAll();
4.200 +
4.201 + foreach ($r as $x) {
4.202 + return $x[0];
4.203 + }
4.204 + return null;
4.205 +}
4.206 +
4.207 +function sqlDotaz($dotaz, $parametry = null) {
4.208 + global $db;
4.209 + try {
4.210 + $dotaz = $db->prepare($dotaz);
4.211 +
4.212 + if ($parametry != null) {
4.213 + for($i = 0; $i < count($parametry); $i++) {
4.214 + $dotaz->bindParam($i+1, $parametry[$i]);
4.215 + }
4.216 + }
4.217 +
4.218 + $dotaz->execute();
4.219 + $r = $dotaz->fetchAll();
4.220 +
4.221 + return $r;
4.222 + } catch (PDOException $e) {
4.223 + logujChybu("sqlDotaz($dotaz)");
4.224 + }
4.225 +}
4.226 +
4.227 +function getMicrotime(){
4.228 + list($usec, $sec) = explode(" ",microtime());
4.229 + return ((float)$usec + (float)$sec);
4.230 +}
4.231 +
4.232 +function sqlHtmlTabulka($dotaz, $hlavicky = null, $parametry = null, $htmlID = null) {
4.233 + global $db;
4.234 +
4.235 + $dotaz = $db->prepare($dotaz);
4.236 +
4.237 + if ($parametry != null) {
4.238 + for($i = 0; $i < count($parametry); $i++) {
4.239 + $dotaz->bindParam($i+1, $parametry[$i]);
4.240 + }
4.241 + }
4.242 +
4.243 + $dotaz->execute();
4.244 + $r = $dotaz->fetchAll();
4.245 +
4.246 + if ($htmlID == null) {
4.247 + $htmlID = getMicrotime();
4.248 + }
4.249 +
4.250 +
4.251 + html('<table class="sortable" id="tabulka' . $htmlID . '">');
4.252 + if ($hlavicky != null) {
4.253 + html('<thead><tr>');
4.254 + foreach ($hlavicky as $h) {
4.255 + htmlZnacka('td', $h);
4.256 + }
4.257 + html('</tr></thead>');
4.258 + $pocet = count($hlavicky);
4.259 + } else {
4.260 + $pocet = null;
4.261 + }
4.262 + html('<tbody>');
4.263 +
4.264 + foreach ($r as $x) {
4.265 + html('<tr>');
4.266 + if ($pocet == null) {
4.267 + /** děleno 2 protože jsou tam číselné i řetězcové klíče */
4.268 + $pocet = count($x) / 2;
4.269 + }
4.270 +
4.271 + for ($i = 0; $i < $pocet; $i++) {
4.272 + htmlZnacka('td', $x[$i]);
4.273 + }
4.274 + html('</tr>');
4.275 + }
4.276 + html('</tbody></table>');
4.277 +}
4.278 +
4.279 +
4.280 +function htmlTabulkaUzivatelu() {
4.281 + sqlHtmlTabulka('SELECT concat(concat(concat(concat(\'<a href="uzivatel.php?login=\',login),\'">\'),login),\'</a>\'), jmeno, prijmeni, email FROM bg_uzivatel', array('Login', 'Jméno', 'Příjmení', 'e-mail'));
4.282 +}
4.283 +
4.284 +function htmlTabulkaProduktu() {
4.285 + sqlHtmlTabulka('SELECT kod, nazev, popis FROM bg_produkt', array('Kód', 'Název', 'Popis'));
4.286 +}
4.287 +
4.288 +
4.289 +function sqlHtmlTabulkaBugu($r) {
4.290 + if (count($r) > 0) {
4.291 + $htmlID = getMicrotime();
4.292 + html('<table class="sortable" id="tabulka' . $htmlID . '">');
4.293 + html('<thead><tr>');
4.294 + htmlZnacka('td', 'Číslo');
4.295 + htmlZnacka('td', 'Název');
4.296 + htmlZnacka('td', 'Zadavatel');
4.297 + htmlZnacka('td', 'Řešitel');
4.298 + //htmlZnacka('td', 'Datum');
4.299 + html('</tr></thead><tbody>');
4.300 +
4.301 + foreach ($r as $x) {
4.302 + html('<tr>');
4.303 + htmlZnacka('td', '<a href="bug.php?id=' . $x['id'] . '">' . $x['id'] . '</a>');
4.304 + htmlZnacka('td', $x['nazev']);
4.305 + htmlZnacka('td', odkazNaUzivatele($x['zadavatel']));
4.306 + htmlZnacka('td', odkazNaUzivatele($x['resitel']));
4.307 + //htmlZnacka('td', $x['datum']);
4.308 + html('</tr>');
4.309 + }
4.310 + html('</tbody></table>');
4.311 + } else {
4.312 + htmlOdstavec('Nic nenalezeno.');
4.313 + }
4.314 +}
4.315 +
4.316 +function odkazNaUzivatele($uzivatel) {
4.317 + if ($uzivatel == '-') {
4.318 + return '-';
4.319 + } else {
4.320 + return '<a href="uzivatel.php?login=' . $uzivatel . '">' . $uzivatel . '</a>';
4.321 + }
4.322 +}
4.323 +
4.324 +function logujChybu($popis, $chyba = null) {
4.325 + htmlOdstavec($popis);
4.326 +}
4.327 +
4.328 +?>
5.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
5.2 +++ b/php/heslo/lib/nastaveni.php Tue May 05 17:08:09 2009 +0200
5.3 @@ -0,0 +1,11 @@
5.4 +<?php
5.5 +
5.6 +$db = new PDO("mysql:host=localhost;dbname=xkucf03;unix_socket=/var/lib/mysql/mysql.sock", "xkucf03", "********HESLO********");
5.7 +$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
5.8 +
5.9 +$NASTAVENI['cookie_cesta'] = '/~xkucf03/bg/'; // aby nám někdo nekradl koláčky
5.10 +$NASTAVENI['hashovatHesla'] = true; // aby hesla neputovala nezahashovaná po HTTP
5.11 +$NASTAVENI['kontrolovatIPadresu'] = true; // aby nešlo krást session
5.12 +$NASTAVENI['ladiciKomentare'] = true; // vypíše na konec stránky HTML komentář (mime, doba zpracování, IP klienta...)
5.13 +
5.14 +?>
6.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
6.2 +++ b/php/heslo/styl.css Tue May 05 17:08:09 2009 +0200
6.3 @@ -0,0 +1,183 @@
6.4 +/** žádné rámečky kolem obrázků */
6.5 +a img {
6.6 + border: none;
6.7 +}
6.8 +/** odkazy vedoucí mimo stránky budou označené ikonkou */
6.9 +a[href^='http:'] {
6.10 + padding-right: 11px;
6.11 + background: transparent url('externi_odkaz.png') right top no-repeat scroll;
6.12 +}
6.13 +
6.14 +/** písmo, okraje a obrázek nahoře */
6.15 +html {
6.16 + background: #ded6a3;
6.17 + color:black;
6.18 + background-image: url('navigace.gif');
6.19 + background-repeat: repeat-x;
6.20 +
6.21 +}
6.22 +body {
6.23 + font-family: Verdana, "Arial CE", Arial, Helvetica, sans-serif;
6.24 + margin-top: 40px;
6.25 + margin-left: 14em;
6.26 + margin-right: 40px;
6.27 + margin-bottom: 40px;
6.28 + /** aby řádky nebyly příliš dlouhé */
6.29 + max-width: 50em;
6.30 +}
6.31 +/** H2, která se má zobrazovat jen v textových prohlížečích */
6.32 +#skrytyNadpisObsahu {
6.33 + display:none;
6.34 +}
6.35 +/** seznam s obsahem */
6.36 +#obsah {
6.37 + position:absolute;
6.38 + top: 40px;
6.39 + left: 0px;
6.40 +}
6.41 +/** položka nabídky */
6.42 +#obsah li {
6.43 + list-style-image: url("odrazka.png");
6.44 + padding-top: 4px;
6.45 + padding-bottom: 4px;
6.46 + padding-left: 1ex;
6.47 +}
6.48 +/** položka nabídky pod myší */
6.49 +#obsah li:hover {
6.50 + list-style-image: url("odrazka_pod_mysi.png");
6.51 +}
6.52 +
6.53 +#prihlasenyUzivatel {
6.54 + text-align: right;
6.55 + color: gray;
6.56 + position: absolute;
6.57 + position: relative;
6.58 + top: -3em;
6.59 +}
6.60 +
6.61 +table {
6.62 + border-collapse:collapse;
6.63 + margin-left: 2em;
6.64 + margin-right: auto;
6.65 + width: 33em;
6.66 +}
6.67 +td {
6.68 + border: 1px solid;
6.69 + padding-top: 4px;
6.70 + padding-bottom: 4px;
6.71 + padding-left: 6px;
6.72 + padding-right: 6px;
6.73 +}
6.74 +thead tr {
6.75 + background: #9B9672;
6.76 + color:black;
6.77 +}
6.78 +thead a {
6.79 + text-decoration:none;
6.80 + color:black;
6.81 + /** kopie hodnoty z thead tr */
6.82 + background: #9B9672;
6.83 +}
6.84 +tbody tr:hover {
6.85 + background-color: #c1c1a1;
6.86 + color:black;
6.87 +}
6.88 +
6.89 +
6.90 +/** HTML Formuláře */
6.91 +button {
6.92 + border:gray solid 1px;
6.93 + background: silver;
6.94 + background-image: url('navigace.gif');
6.95 + color: white;
6.96 + margin: 2px;
6.97 + margin-top: 4px;
6.98 + padding-left:4px;
6.99 + padding-right:4px;
6.100 +}
6.101 +
6.102 +fieldset {
6.103 + border: none;
6.104 +}
6.105 +
6.106 +form {
6.107 + text-align: right;
6.108 + max-width: 22em;
6.109 +}
6.110 +
6.111 +form.siroky {
6.112 + max-width: 30em;
6.113 +}
6.114 +
6.115 +input {
6.116 + border:silver solid 1px;
6.117 + background: white;
6.118 + color: black;
6.119 + margin: 2px;
6.120 + padding: 2px;
6.121 + width:200px;
6.122 +}
6.123 +
6.124 +select {
6.125 + border:silver solid 1px;
6.126 + background: white;
6.127 + color: black;
6.128 + margin: 2px;
6.129 + padding: 2px;
6.130 + width:206px;
6.131 +}
6.132 +
6.133 +textarea{
6.134 + border:silver solid 1px;
6.135 + background: white;
6.136 + color: black;
6.137 + margin: 2px;
6.138 + padding-left: 2px;
6.139 +
6.140 +}
6.141 +
6.142 +
6.143 +p.komentar {
6.144 + border: gray solid 1px;
6.145 + padding: 5px;
6.146 +}
6.147 +
6.148 +div.komentarZahlavi {
6.149 + margin-bottom: 4px;
6.150 +}
6.151 +
6.152 +div.komentarZahlavi {
6.153 +
6.154 +}
6.155 +
6.156 +span.komentarOdpovedet {
6.157 +
6.158 +}
6.159 +
6.160 +
6.161 +
6.162 +
6.163 +
6.164 +
6.165 +/** přejaté z Firefoxu */
6.166 +h1 {
6.167 + display: block;
6.168 + font-size: 2em;
6.169 + font-weight: bold;
6.170 + margin: .67em 0;
6.171 +}
6.172 +/** přejaté z Firefoxu */
6.173 +h2 {
6.174 + display: block;
6.175 + font-size: 1.5em;
6.176 + font-weight: bold;
6.177 + margin: .83em 0;
6.178 +}
6.179 +/** přejaté z Firefoxu */
6.180 +h3 {
6.181 + display: block;
6.182 + font-size: 1.17em;
6.183 + font-weight: bold;
6.184 + margin: 1em 0;
6.185 +}
6.186 +