diff options
Diffstat (limited to 'h-source/Config')
-rw-r--r-- | h-source/Config/Autoload.php | 23 | ||||
-rwxr-xr-x | h-source/Config/Config.php | 41 | ||||
-rwxr-xr-x | h-source/Config/Reporting.php | 41 | ||||
-rwxr-xr-x | h-source/Config/Restricted.php | 94 | ||||
-rw-r--r-- | h-source/Config/Route.php | 106 |
5 files changed, 305 insertions, 0 deletions
diff --git a/h-source/Config/Autoload.php b/h-source/Config/Autoload.php new file mode 100644 index 0000000..56bb9f6 --- /dev/null +++ b/h-source/Config/Autoload.php @@ -0,0 +1,23 @@ +<?php + +// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. +// See COPYRIGHT.txt and LICENSE.txt. + +if (!defined('EG')) die('Direct access not allowed!'); + + +//class containing all the PHP files that have to be loaded at the beginning of the EasyGiant execution +//the files have to be saved in Application/Include +//all the files have to be PHP files!! +class Autoload +{ + + public static $files = array( + 'params.php', + 'distributions.php', + 'myFunctions.php', + 'hardware.php', + 'languages.php', + ); + +}
\ No newline at end of file diff --git a/h-source/Config/Config.php b/h-source/Config/Config.php new file mode 100755 index 0000000..e5c1e02 --- /dev/null +++ b/h-source/Config/Config.php @@ -0,0 +1,41 @@ +<?php + +// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. +// See COPYRIGHT.txt and LICENSE.txt. + +if (!defined('EG')) die('Direct access not allowed!'); + + +define('DB', ''); +define('USER', ''); +define('PWD', ''); +define('HOST', ''); + +/*default controller name*/ +define('DEFAULT_CONTROLLER','home'); + +/*default action*/ +define('DEFAULT_ACTION','index'); + +/*website parameters*/ +define('DOMAIN_NAME','h-source'); + +/*type of database.*/ +//it can be: Mysql, Mysqli or None (first letter in uppercase) +define('DATABASE_TYPE','Mysqli'); + +/*error controller*/ +/*if you set ERROR_CONTROLLER to false, than EasyGiant will set ERROR_CONTROLLER equal to DEFAULT_CONTROLLER*/ +define('ERROR_CONTROLLER','home'); + +/*error action*/ +/*if you set ERROR_ACTION to false, than EasyGiant will set ERROR_ACTION equal to DEFAULT_ACTION*/ +define('ERROR_ACTION','index'); + +/*charset*/ +// set the charset used by all the functions that manage multi byte strings (mb_string functions, htmlentitites, etc) +define('DEFAULT_CHARSET','UTF-8'); + +/*rewrite settings*/ +//set MOD_REWRITE_MODULE to true if you have installed the mod_rewrite module of the server, otherwise MOD_REWRITE_MODULE to false +define('MOD_REWRITE_MODULE',true);
\ No newline at end of file diff --git a/h-source/Config/Reporting.php b/h-source/Config/Reporting.php new file mode 100755 index 0000000..56acc1d --- /dev/null +++ b/h-source/Config/Reporting.php @@ -0,0 +1,41 @@ +<?php + +// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. +// See COPYRIGHT.txt and LICENSE.txt. + +if (!defined('EG')) die('Direct access not allowed!'); + + +//ERROR REPORTING DIRECTIVES + +//set RUNTIME_CONFIGURATION to true if you can't access the php.ini file of your PHP installation and you need to modify some PHP directives +//set RUNTIME_CONFIGURATION to false if you can access the php.ini file. In this case, modify the PHP directives in the php.ini file. +define ('RUNTIME_CONFIGURATION',true); + +// !!! the following four directives will be applied only if RUNTIME_CONFIGURATION has been set to true !!! + +//set the php.ini error_reporting directive +define ('ERROR_REPORTING_DIRECTIVE',E_ALL); + +//set the php.ini display_errors directive +//set to On or Off +define ('DISPLAY_ERRORS','On'); + +//set if the error file (see the next directive) has to be created or not +//set ERROR_REPORTING_FILE to true if you want that EasyGiant saves the errors in the LOG_ERROR_FILE (next), otherwise set ERROR_REPORTING_FILE to false +define ('ERROR_REPORTING_FILE',true); + +//only if ERROR_REPORTING_FILE has been set to true +//set the file where the errors will be saved +//default: EasyGiant_root/Logs/Errors.log +//check that the LOG_ERROR_FILE is writeble (by the apache user if you are using mod_apache) +define ('LOG_ERROR_FILE','default'); + + +//max length of each $_POST element +//set MAX_POST_LENGTH equal to 0 if you don't want any checks upon the $_POST elements +define ('MAX_POST_LENGTH',50000); + +//max length of the REQUEST_URI +//set MAX_REQUEST_URI_LENGTH equal to 0 if you don't want to set an upper limit in the length of the REQUEST_URI +define ('MAX_REQUEST_URI_LENGTH',200);
\ No newline at end of file diff --git a/h-source/Config/Restricted.php b/h-source/Config/Restricted.php new file mode 100755 index 0000000..9684f08 --- /dev/null +++ b/h-source/Config/Restricted.php @@ -0,0 +1,94 @@ +<?php + +// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. +// See COPYRIGHT.txt and LICENSE.txt. + +if (!defined('EG')) die('Direct access not allowed!'); + + + +//RESRICTED ACCESS PARAMETERS + +//define the hash algoritm to be used in order to protect your password +//only md5 and sha1 are supported +define('PASSWORD_HASH','sha1'); + + + +//ADMINISTRATOR USERS LOGIN DIRECTIVES: + +//time that has to pass after a login failure before the user is allowed to try to login another time (in seconds) +define('ADMIN_TIME_AFTER_FAILURE','5'); + +//redirect to panel when successfully logged in: +define('ADMIN_PANEL_CONTROLLER', 'panel'); +define('ADMIN_PANEL_MAIN_ACTION', 'main'); + +//redirect to login form if access not allowed: +define('ADMIN_USERS_CONTROLLER', 'adminusers'); +define('ADMIN_USERS_LOGIN_ACTION', 'login'); + +//admin cookie: +define('ADMIN_COOKIE_NAME','uid'); +define('ADMIN_SESSION_EXPIRE', '3600'); +define('ADMIN_COOKIE_PATH', '/'); +define('ADMIN_COOKIE_DOMAIN', ''); +define('ADMIN_COOKIE_SECURE', false); + +//tables: +define('ADMIN_USERS_TABLE','adminusers'); +define('ADMIN_GROUPS_TABLE','admingroups'); +define('ADMIN_SESSIONS_TABLE','adminsessions'); +define('ADMIN_MANYTOMANY_TABLE','adminusers_groups'); +define('ADMIN_ACCESSES_TABLE','accesses'); + +//hijacking checks +define('ADMIN_HIJACKING_CHECK',true); //can be true or false +//session hijacking +//set ADMIN_ON_HIJACKING_EVENT equal to 'forceout' if you want to cause the logout of the user if there is the suspect of a session hijacking +//set ADMIN_ON_HIJACKING_EVENT equal to 'redirect' if you want to redirect the user to the ADMIN_HIJACKING_ACTION (see later) if there is the suspect of a session hijacking +define('ADMIN_ON_HIJACKING_EVENT','forceout'); //it can be 'forceout' or 'redirect' +//only if ADMIN_ON_HIJACKING_EVENT = 'redirect' +//redirect the user to ADMIN_USERS_CONTROLLER/ADMIN_HIJACKING_ACTION if there is the suspect of a session hijacking +define('ADMIN_HIJACKING_ACTION','retype'); + + + + +//REGISTERED USERS LOGIN DIRECTIVES: + +//time that has to pass after a login failure before the user is allowed to try to login another time (in seconds) +define('REG_TIME_AFTER_FAILURE','5'); + +//redirect to home when successfully logged in: +define('REG_PANEL_CONTROLLER', 'home'); +define('REG_PANEL_MAIN_ACTION', 'index'); + +//redirect to login form if access not allowed: +define('REG_USERS_CONTROLLER', 'users'); +define('REG_USERS_LOGIN_ACTION', 'login'); + +//registered cookie: +//NB: REG_COOKIE_NAME must be different from ADMIN_COOKIE_NAME!!! +define('REG_COOKIE_NAME','uidr'); +define('REG_SESSION_EXPIRE', '3600'); +define('REG_COOKIE_PATH', '/'); +define('REG_COOKIE_DOMAIN', ''); +define('REG_COOKIE_SECURE', false); + +//tables: +define('REG_USERS_TABLE','regusers'); +define('REG_GROUPS_TABLE','reggroups'); +define('REG_SESSIONS_TABLE','regsessions'); +define('REG_MANYTOMANY_TABLE','regusers_groups'); +define('REG_ACCESSES_TABLE','regaccesses'); + +//hijacking checks +define('REG_HIJACKING_CHECK',true); //can be true or false +//session hijacking +//set ADMIN_ON_HIJACKING_EVENT equal to 'forceout' if you want to cause the logout of the user if there is the suspect of a session hijacking +//set ADMIN_ON_HIJACKING_EVENT equal to 'redirect' if you want to redirect the user to the ADMIN_HIJACKING_ACTION (see later) if there is the suspect of a session hijacking +define('REG_ON_HIJACKING_EVENT','forceout'); //it can be 'forceout' or 'redirect' +//only if ADMIN_ON_HIJACKING_EVENT = 'redirect' +//redirect the user to ADMIN_USERS_CONTROLLER/ADMIN_HIJACKING_ACTION if there is the suspect of a session hijacking +define('REG_HIJACKING_ACTION','retype'); diff --git a/h-source/Config/Route.php b/h-source/Config/Route.php new file mode 100644 index 0000000..cc0dcaf --- /dev/null +++ b/h-source/Config/Route.php @@ -0,0 +1,106 @@ +<?php + +// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. +// See COPYRIGHT.txt and LICENSE.txt. + +if (!defined('EG')) die('Direct access not allowed!'); + +class Route +{ + + //controller,action couples that can be reached by the browser + //set 'all' if you want that all the controller,action couples can be reached by the browser + public static $allowed = array( + 'contact,index', + 'credits,index', + 'hardware,catalogue', + 'help,index', + 'home,index', + 'image,captcha', + 'issues,viewall', + 'issues,view', + 'my,home', + 'my,password', + 'my,email', + 'my,profile', + 'my,goodbye', + 'notebooks,catalogue', + 'notebooks,view', + 'notebooks,history', + 'notebooks,revision', + 'notebooks,insert', + 'notebooks,update', + 'notebooks,differences', + 'notebooks,climb', + 'notebooks,talk', + 'project,index', + 'users,login', + 'users,logout', + 'users,add', + 'users,confirm', + 'users,change', + 'users,forgot', + 'users,notice', + 'users,meet', + 'users,contributions', + 'wifi,catalogue', + 'wifi,view', + 'wifi,history', + 'wifi,revision', + 'wifi,insert', + 'wifi,update', + 'wifi,differences', + 'wifi,climb', + 'wifi,talk', + 'videocards,catalogue', + 'videocards,view', + 'videocards,history', + 'videocards,revision', + 'videocards,insert', + 'videocards,update', + 'videocards,differences', + 'videocards,climb', + 'videocards,talk', + 'printers,catalogue', + 'printers,view', + 'printers,history', + 'printers,revision', + 'printers,insert', + 'printers,update', + 'printers,differences', + 'printers,climb', + 'printers,talk', + 'scanners,catalogue', + 'scanners,view', + 'scanners,history', + 'scanners,revision', + 'scanners,insert', + 'scanners,update', + 'scanners,differences', + 'scanners,climb', + 'scanners,talk', + 'search,form', + 'search,results', + 'generic,del', + 'news,index', + 'download,index', + 'download,all', + 'download,notebooks', + 'download,wifi', + 'download,videocards', + 'download,printers', + 'download,scanners', + 'history,hide', + 'history,show', + 'history,viewall', + ); + + //it can be 'yes' or 'no' + //set $rewrite to 'yes' if you want that EasyGiant rewrites the URLs according to what specified in $map + public static $rewrite = 'no'; + + //define the urls of your website + //you have to set $rewrite to 'yes' + public static $map = array(); + +}
\ No newline at end of file |