1.1 --- a/php/heslo/lib/funkce.inc.php	Tue May 05 17:08:09 2009 +0200
     1.2 +++ b/php/heslo/lib/funkce.inc.php	Tue May 05 17:29:29 2009 +0200
     1.3 @@ -12,13 +12,6 @@
     1.4  
     1.5  set_exception_handler('exception_handler');
     1.6  
     1.7 -session_set_cookie_params(0, $NASTAVENI['cookie_cesta']);
     1.8 -session_start();
     1.9 -
    1.10 -
    1.11 -$strankaP = split('/', $_SERVER['REQUEST_URI']);
    1.12 -$stranka = $strankaP[count($strankaP)-1];
    1.13 -
    1.14  
    1.15  if (empty($_SERVER['HTTP_ACCEPT'])) {
    1.16  	$mimeTyp = 'application/xhtml+xml';
    1.17 @@ -26,15 +19,10 @@
    1.18  	$mimeTyp = (( stristr( $_SERVER['HTTP_ACCEPT'], 'application/xhtml+xml' ) && !preg_match("/application\/xhtml\+xml;\s*q=0(\.0)?\s*(,|$)/",$_SERVER['HTTP_ACCEPT']) ) ? 'application/xhtml+xml' : 'text/html' );
    1.19  }
    1.20  header("Content-Type: $mimeTyp");
    1.21 -//header("Content-Type: text/html");
    1.22 -//header("Content-Type: application/xhtml+xml");
    1.23  
    1.24  /** $nadpis = titulek stránky + h1 */
    1.25 -function zahlavi($nadpis, $autorizace = true) {
    1.26 +function zahlavi($nadpis) {
    1.27  	global $mimeTyp;
    1.28 -	if ($autorizace) {
    1.29 -		overPristup();
    1.30 -	}
    1.31  	
    1.32  	html('<?xml version="1.0" encoding="UTF-8"?>
    1.33  <!DOCTYPE html SYSTEM "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    1.34 @@ -51,44 +39,12 @@
    1.35    </head>
    1.36    <body>  
    1.37  <h1>' . $nadpis . '</h1>');
    1.38 -if ($autorizace) {
    1.39 -html('<p id="prihlasenyUzivatel">Uživatel: ' . $_SESSION['login']  . '</p>');
    1.40 -}
    1.41  }
    1.42  
    1.43 -/** $zobrazitNabidku = zobrazí postranní menu */
    1.44 -function zapati($zobrazitNabidku = true) {
    1.45 -	if ($zobrazitNabidku) {
    1.46 -		html('<h2 id="skrytyNadpisObsahu">Obsah</h2>
    1.47 -<ul id="obsah">
    1.48 -<li>
    1.49 -<a href="index.php">Přehled</a>
    1.50 -</li>
    1.51 -<li>
    1.52 -<a href="moje_bugy.php">Moje bugy</a>
    1.53 -</li>
    1.54 -<li>
    1.55 -<a href="nahlasit_bug.php">Nahlásit bug</a>
    1.56 -</li>
    1.57 -<li>
    1.58 -<a href="hledani.php">Hledání</a>
    1.59 -</li>
    1.60 -<li>
    1.61 -<a href="sprava.php">Správa</a>
    1.62 -</li>
    1.63 -<li>
    1.64 -<a href="odhlaseni.php">Odhlášení</a>
    1.65 -</li>	
    1.66 -</ul>
    1.67 -</body>');
    1.68 -htmlInfoKomentar();
    1.69 -html('</html>');
    1.70 -	} else {
    1.71 -		html('</body>');
    1.72 -		htmlInfoKomentar();
    1.73 -		html('</html>');
    1.74 -	}
    1.75 -
    1.76 +function zapati() {
    1.77 +    html('</body>');
    1.78 +    htmlInfoKomentar();
    1.79 +    html('</html>');
    1.80  }
    1.81  
    1.82  function htmlInfoKomentar() {	
    1.83 @@ -126,61 +82,6 @@
    1.84  	html('<form action="' . $url . '"><fieldset><button>' . $text . '</button></fieldset></form>');
    1.85  }
    1.86  
    1.87 -function escapuj($text, $delka = 256) {
    1.88 -	$text = str_replace("\n", "[br]", $text);
    1.89 -	$text = substr(mysql_escape_string(htmlspecialchars($text)), 0, $delka);
    1.90 -	$text = str_replace("[br]", "<br>", $text);
    1.91 -	//$retezec = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]", "<a href=\"\\0\">\\0</a>", $retezec);
    1.92 -	return $text;
    1.93 -}
    1.94 -
    1.95 -function htmlIkonaKontrolyIP () {
    1.96 -	global $NASTAVENI;
    1.97 -	if ($NASTAVENI['kontrolovatIPadresu']) {
    1.98 -		html('<img src="kontrola_ip.png" alt="Kontrola IP" title="Kontroluje se IP adresa"/>');
    1.99 -	}
   1.100 -}
   1.101 -
   1.102 -/** volá se na všech strákách, které vyžadují autorizaci (všechny kromě  prihlaseni.php) */
   1.103 -function overPristup() {
   1.104 -	global $NASTAVENI;
   1.105 -	
   1.106 -	if ($_SESSION['login'] == null || !isset($_SESSION['login']) || ($NASTAVENI['kontrolovatIPadresu'] && $_SERVER['REMOTE_ADDR'] != $_SESSION['ip_adresa_klienta'])) {
   1.107 -		header("Location: prihlaseni.php");
   1.108 -		exit();
   1.109 -	}
   1.110 -}
   1.111 -
   1.112 -/** volá se v prihlaseni.php */
   1.113 -function zkontrolujUzivatele($jmeno, $heslo) {
   1.114 -	global $db, $NASTAVENI;
   1.115 -	
   1.116 -	if ($NASTAVENI['hashovatHesla']) {
   1.117 -		$dotaz = $db->prepare("SELECT * FROM bg_uzivatel WHERE login = ? AND sha1(concat(?, heslo)) = ?");
   1.118 -		$dotaz->bindParam(1, $jmeno);
   1.119 -		$dotaz->bindParam(2, $_SESSION['hesloBordel']);
   1.120 -		$dotaz->bindParam(3, $heslo);
   1.121 -		$dotaz->execute();	
   1.122 -		$r = $dotaz->fetchAll();
   1.123 -	} else {
   1.124 -		$dotaz = $db->prepare("SELECT * FROM bg_uzivatel WHERE login = ? AND heslo = sha1(?)");
   1.125 -		$dotaz->bindParam(1, $jmeno);		
   1.126 -		$dotaz->bindParam(2, $heslo);
   1.127 -		$dotaz->execute();	
   1.128 -		$r = $dotaz->fetchAll();		
   1.129 -	}
   1.130 -	
   1.131 -	foreach ($r as $x) {
   1.132 -		$_SESSION['login'] = $x['login'];
   1.133 -		$_SESSION['ip_adresa_klienta'] = $_SERVER['REMOTE_ADDR'];
   1.134 -		return true;
   1.135 -	}
   1.136 -	
   1.137 -	$_SESSION['login'] = null;
   1.138 -	return false;
   1.139 -}
   1.140 -
   1.141 -
   1.142  function sqlZjistiHodnotu($dotaz, $parametry = null) {
   1.143  	global $db;
   1.144  	
   1.145 @@ -201,123 +102,11 @@
   1.146  	return null;
   1.147  }
   1.148  
   1.149 -function sqlDotaz($dotaz, $parametry = null) {
   1.150 -	global $db;
   1.151 -	try {
   1.152 -		$dotaz = $db->prepare($dotaz);
   1.153 -	
   1.154 -		if ($parametry != null) {
   1.155 -			for($i = 0; $i < count($parametry); $i++) {
   1.156 -				$dotaz->bindParam($i+1, $parametry[$i]);
   1.157 -			}
   1.158 -		}
   1.159 -	
   1.160 -		$dotaz->execute();
   1.161 -		$r = $dotaz->fetchAll();
   1.162 -	
   1.163 -		return $r;
   1.164 -	} catch (PDOException $e) {
   1.165 -		logujChybu("sqlDotaz($dotaz)");		
   1.166 -	}
   1.167 -}
   1.168 -
   1.169  function getMicrotime(){
   1.170     list($usec, $sec) = explode(" ",microtime());
   1.171     return ((float)$usec + (float)$sec);
   1.172  } 
   1.173  
   1.174 -function sqlHtmlTabulka($dotaz, $hlavicky = null, $parametry = null, $htmlID = null) {
   1.175 -	global $db;
   1.176 -	
   1.177 -	$dotaz = $db->prepare($dotaz);
   1.178 -	
   1.179 -	if ($parametry != null) {
   1.180 -		for($i = 0; $i < count($parametry); $i++) {
   1.181 -			$dotaz->bindParam($i+1, $parametry[$i]);
   1.182 -		}
   1.183 -	}
   1.184 -	
   1.185 -	$dotaz->execute();
   1.186 -	$r = $dotaz->fetchAll();
   1.187 -	
   1.188 -	if ($htmlID == null) {
   1.189 -		$htmlID = getMicrotime();
   1.190 -	}
   1.191 -	
   1.192 -	
   1.193 -	html('<table class="sortable" id="tabulka' . $htmlID . '">');	
   1.194 -	if ($hlavicky != null) {
   1.195 -		html('<thead><tr>');
   1.196 -		foreach ($hlavicky as $h) {
   1.197 -			htmlZnacka('td', $h);
   1.198 -		}
   1.199 -		html('</tr></thead>');
   1.200 -		$pocet = count($hlavicky);
   1.201 -	} else {
   1.202 -		$pocet = null;
   1.203 -	}
   1.204 -	html('<tbody>');	
   1.205 -		
   1.206 -	foreach ($r as $x) {
   1.207 -		html('<tr>');
   1.208 -		if ($pocet == null) {
   1.209 -			/** děleno 2 protože jsou tam číselné i řetězcové klíče */
   1.210 -			$pocet = count($x) / 2;
   1.211 -		}
   1.212 -		
   1.213 -		for ($i = 0; $i < $pocet; $i++) {			
   1.214 -			htmlZnacka('td', $x[$i]);
   1.215 -		}
   1.216 -		html('</tr>');
   1.217 -	}	
   1.218 -	html('</tbody></table>');
   1.219 -}
   1.220 -
   1.221 -
   1.222 -function htmlTabulkaUzivatelu() {
   1.223 -	sqlHtmlTabulka('SELECT concat(concat(concat(concat(\'<a href="uzivatel.php?login=\',login),\'">\'),login),\'</a>\'), jmeno, prijmeni, email FROM bg_uzivatel', array('Login', 'Jméno', 'Příjmení', 'e-mail'));
   1.224 -}
   1.225 -
   1.226 -function htmlTabulkaProduktu() {
   1.227 -	sqlHtmlTabulka('SELECT kod, nazev, popis FROM bg_produkt', array('Kód', 'Název', 'Popis'));
   1.228 -}
   1.229 -
   1.230 -
   1.231 -function sqlHtmlTabulkaBugu($r) {		
   1.232 -	if (count($r) > 0) {
   1.233 -		$htmlID = getMicrotime();
   1.234 -		html('<table class="sortable" id="tabulka' . $htmlID . '">');	
   1.235 -		html('<thead><tr>');
   1.236 -		htmlZnacka('td', 'Číslo');
   1.237 -		htmlZnacka('td', 'Název');
   1.238 -		htmlZnacka('td', 'Zadavatel');
   1.239 -		htmlZnacka('td', 'Řešitel');
   1.240 -		//htmlZnacka('td', 'Datum');
   1.241 -		html('</tr></thead><tbody>');	
   1.242 -		
   1.243 -		foreach ($r as $x) {
   1.244 -			html('<tr>');		
   1.245 -			htmlZnacka('td', '<a href="bug.php?id=' . $x['id'] . '">' . $x['id'] . '</a>');
   1.246 -			htmlZnacka('td', $x['nazev']);
   1.247 -			htmlZnacka('td', odkazNaUzivatele($x['zadavatel']));
   1.248 -			htmlZnacka('td', odkazNaUzivatele($x['resitel']));
   1.249 -			//htmlZnacka('td', $x['datum']);
   1.250 -			html('</tr>');
   1.251 -		}	
   1.252 -		html('</tbody></table>');
   1.253 -	} else {
   1.254 -		htmlOdstavec('Nic nenalezeno.');
   1.255 -	}
   1.256 -}
   1.257 -
   1.258 -function odkazNaUzivatele($uzivatel) {
   1.259 -	if ($uzivatel == '-') {
   1.260 -		return '-';
   1.261 -	} else {
   1.262 -		return '<a href="uzivatel.php?login=' . $uzivatel . '">' . $uzivatel . '</a>';
   1.263 -	}
   1.264 -}
   1.265 -
   1.266  function logujChybu($popis, $chyba = null) {
   1.267  	htmlOdstavec($popis);
   1.268  }

     2.1 --- a/php/heslo/lib/nastaveni.php	Tue May 05 17:08:09 2009 +0200
     2.2 +++ b/php/heslo/lib/nastaveni.php	Tue May 05 17:29:29 2009 +0200
     2.3 @@ -1,6 +1,6 @@
     2.4  <?php
     2.5  
     2.6 -$db = new PDO("mysql:host=localhost;dbname=xkucf03;unix_socket=/var/lib/mysql/mysql.sock", "xkucf03", "********HESLO********");
     2.7 +$db = new PDO("pgsql:host=localhost;dbname=veverka", "php_zmena_hesla", "*****************");
     2.8  $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
     2.9  
    2.10  $NASTAVENI['cookie_cesta']  = '/~xkucf03/bg/'; 	// aby nám někdo nekradl koláčky