aboutsummaryrefslogtreecommitdiff
path: root/h-source/admin/Config
diff options
context:
space:
mode:
authorYuchen Pei <me@ypei.me>2021-07-29 14:17:20 +1000
committerYuchen Pei <me@ypei.me>2021-07-29 14:17:20 +1000
commit3ff03dc4f0a72432b34c00da620272cf011e4ddd (patch)
tree5746711ba17a91aed56c6529ea8cceb06c3ad16a /h-source/admin/Config
parentcd4534aa10ba3b122963992741721289fa50d0ab (diff)
Publishing h-node.org code.
- this is the h-node.org code, except - removed a js file (3x copies at three different locations) without license / copyright headers - /Js/linkToForm.js - /Public/Js/linkToForm.js - /admin/Public/Js/linkToForm.js - removed config files containing credentials - /Application/Include/params.php - /Config/Config.php - /admin/Application/Include/params.php - /admin/Config/Config.php - added license and copyright header to one php file - /admin/Library/ErrorReporting.php (almost identical to /Library/ErrorReporting.php which has the headers)
Diffstat (limited to 'h-source/admin/Config')
-rw-r--r--h-source/admin/Config/Autoload.php23
-rwxr-xr-xh-source/admin/Config/Reporting.php41
-rwxr-xr-xh-source/admin/Config/Restricted.php94
-rw-r--r--h-source/admin/Config/Route.php50
4 files changed, 208 insertions, 0 deletions
diff --git a/h-source/admin/Config/Autoload.php b/h-source/admin/Config/Autoload.php
new file mode 100644
index 0000000..56bb9f6
--- /dev/null
+++ b/h-source/admin/Config/Autoload.php
@@ -0,0 +1,23 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+
+//class containing all the PHP files that have to be loaded at the beginning of the EasyGiant execution
+//the files have to be saved in Application/Include
+//all the files have to be PHP files!!
+class Autoload
+{
+
+ public static $files = array(
+ 'params.php',
+ 'distributions.php',
+ 'myFunctions.php',
+ 'hardware.php',
+ 'languages.php',
+ );
+
+} \ No newline at end of file
diff --git a/h-source/admin/Config/Reporting.php b/h-source/admin/Config/Reporting.php
new file mode 100755
index 0000000..3f8d858
--- /dev/null
+++ b/h-source/admin/Config/Reporting.php
@@ -0,0 +1,41 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+
+//ERROR REPORTING DIRECTIVES
+
+//set RUNTIME_CONFIGURATION to true if you can't access the php.ini file of your PHP installation and you need to modify some PHP directives
+//set RUNTIME_CONFIGURATION to false if you can access the php.ini file. In this case, modify the PHP directives in the php.ini file.
+define ('RUNTIME_CONFIGURATION',true);
+
+// !!! the following four directives will be applied only if RUNTIME_CONFIGURATION has been set to true !!!
+
+//set the php.ini error_reporting directive
+define ('ERROR_REPORTING_DIRECTIVE',E_ALL);
+
+//set the php.ini display_errors directive
+//set to On or Off
+define ('DISPLAY_ERRORS','Off');
+
+//set if the error file (see the next directive) has to be created or not
+//set ERROR_REPORTING_FILE to true if you want that EasyGiant saves the errors in the LOG_ERROR_FILE (next), otherwise set ERROR_REPORTING_FILE to false
+define ('ERROR_REPORTING_FILE',false);
+
+//only if ERROR_REPORTING_FILE has been set to true
+//set the file where the errors will be saved
+//default: EasyGiant_root/Logs/Errors.log
+//check that the LOG_ERROR_FILE is writeble (by the apache user if you are using mod_apache)
+define ('LOG_ERROR_FILE','default');
+
+
+//max length of each $_POST element
+//set MAX_POST_LENGTH equal to 0 if you don't want any checks upon the $_POST elements
+define ('MAX_POST_LENGTH',50000);
+
+//max length of the REQUEST_URI
+//set MAX_REQUEST_URI_LENGTH equal to 0 if you don't want to set an upper limit in the length of the REQUEST_URI
+define ('MAX_REQUEST_URI_LENGTH',200);
diff --git a/h-source/admin/Config/Restricted.php b/h-source/admin/Config/Restricted.php
new file mode 100755
index 0000000..9684f08
--- /dev/null
+++ b/h-source/admin/Config/Restricted.php
@@ -0,0 +1,94 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+
+
+//RESRICTED ACCESS PARAMETERS
+
+//define the hash algoritm to be used in order to protect your password
+//only md5 and sha1 are supported
+define('PASSWORD_HASH','sha1');
+
+
+
+//ADMINISTRATOR USERS LOGIN DIRECTIVES:
+
+//time that has to pass after a login failure before the user is allowed to try to login another time (in seconds)
+define('ADMIN_TIME_AFTER_FAILURE','5');
+
+//redirect to panel when successfully logged in:
+define('ADMIN_PANEL_CONTROLLER', 'panel');
+define('ADMIN_PANEL_MAIN_ACTION', 'main');
+
+//redirect to login form if access not allowed:
+define('ADMIN_USERS_CONTROLLER', 'adminusers');
+define('ADMIN_USERS_LOGIN_ACTION', 'login');
+
+//admin cookie:
+define('ADMIN_COOKIE_NAME','uid');
+define('ADMIN_SESSION_EXPIRE', '3600');
+define('ADMIN_COOKIE_PATH', '/');
+define('ADMIN_COOKIE_DOMAIN', '');
+define('ADMIN_COOKIE_SECURE', false);
+
+//tables:
+define('ADMIN_USERS_TABLE','adminusers');
+define('ADMIN_GROUPS_TABLE','admingroups');
+define('ADMIN_SESSIONS_TABLE','adminsessions');
+define('ADMIN_MANYTOMANY_TABLE','adminusers_groups');
+define('ADMIN_ACCESSES_TABLE','accesses');
+
+//hijacking checks
+define('ADMIN_HIJACKING_CHECK',true); //can be true or false
+//session hijacking
+//set ADMIN_ON_HIJACKING_EVENT equal to 'forceout' if you want to cause the logout of the user if there is the suspect of a session hijacking
+//set ADMIN_ON_HIJACKING_EVENT equal to 'redirect' if you want to redirect the user to the ADMIN_HIJACKING_ACTION (see later) if there is the suspect of a session hijacking
+define('ADMIN_ON_HIJACKING_EVENT','forceout'); //it can be 'forceout' or 'redirect'
+//only if ADMIN_ON_HIJACKING_EVENT = 'redirect'
+//redirect the user to ADMIN_USERS_CONTROLLER/ADMIN_HIJACKING_ACTION if there is the suspect of a session hijacking
+define('ADMIN_HIJACKING_ACTION','retype');
+
+
+
+
+//REGISTERED USERS LOGIN DIRECTIVES:
+
+//time that has to pass after a login failure before the user is allowed to try to login another time (in seconds)
+define('REG_TIME_AFTER_FAILURE','5');
+
+//redirect to home when successfully logged in:
+define('REG_PANEL_CONTROLLER', 'home');
+define('REG_PANEL_MAIN_ACTION', 'index');
+
+//redirect to login form if access not allowed:
+define('REG_USERS_CONTROLLER', 'users');
+define('REG_USERS_LOGIN_ACTION', 'login');
+
+//registered cookie:
+//NB: REG_COOKIE_NAME must be different from ADMIN_COOKIE_NAME!!!
+define('REG_COOKIE_NAME','uidr');
+define('REG_SESSION_EXPIRE', '3600');
+define('REG_COOKIE_PATH', '/');
+define('REG_COOKIE_DOMAIN', '');
+define('REG_COOKIE_SECURE', false);
+
+//tables:
+define('REG_USERS_TABLE','regusers');
+define('REG_GROUPS_TABLE','reggroups');
+define('REG_SESSIONS_TABLE','regsessions');
+define('REG_MANYTOMANY_TABLE','regusers_groups');
+define('REG_ACCESSES_TABLE','regaccesses');
+
+//hijacking checks
+define('REG_HIJACKING_CHECK',true); //can be true or false
+//session hijacking
+//set ADMIN_ON_HIJACKING_EVENT equal to 'forceout' if you want to cause the logout of the user if there is the suspect of a session hijacking
+//set ADMIN_ON_HIJACKING_EVENT equal to 'redirect' if you want to redirect the user to the ADMIN_HIJACKING_ACTION (see later) if there is the suspect of a session hijacking
+define('REG_ON_HIJACKING_EVENT','forceout'); //it can be 'forceout' or 'redirect'
+//only if ADMIN_ON_HIJACKING_EVENT = 'redirect'
+//redirect the user to ADMIN_USERS_CONTROLLER/ADMIN_HIJACKING_ACTION if there is the suspect of a session hijacking
+define('REG_HIJACKING_ACTION','retype');
diff --git a/h-source/admin/Config/Route.php b/h-source/admin/Config/Route.php
new file mode 100644
index 0000000..ac9748e
--- /dev/null
+++ b/h-source/admin/Config/Route.php
@@ -0,0 +1,50 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Route
+{
+
+ //controller,action couples that can be reached by the browser
+ //set 'all' if you want that all the controller,action couples can be reached by the browser
+ public static $allowed = array(
+ 'adminissues,main',
+ 'adminissues,form',
+ 'adminpassword,form',
+ 'adminusers,login',
+ 'adminusers,logout',
+ 'adminusers,forceout',
+ 'adminusers,retype',
+ 'adminusers,main',
+ 'adminusers,form',
+ 'adminusers,associate',
+ 'admintalk,main',
+ 'admintalk,form',
+ 'adminregusers,main',
+ 'adminregusers,associate',
+ 'adminhardware,main',
+ 'adminhardware,ask',
+ 'adminhardware,form',
+ 'admindeletion,main',
+ 'adminparams,form',
+ 'adminnews,main',
+ 'adminnews,form',
+ 'adminboxes,main',
+ 'adminboxes,form',
+ 'adminmessages,main',
+ 'adminmessages,form',
+ 'adminhistory,main',
+ );
+
+ //it can be 'yes' or 'no'
+ //set $rewrite to 'yes' if you want that EasyGiant rewrites the URLs according to what specified in $map
+ public static $rewrite = 'no';
+
+ //define the urls of your website
+ //you have to set $rewrite to 'yes'
+ public static $map = array();
+
+} \ No newline at end of file