ここの情報は古いです。ご理解頂いた上でお取り扱いください。

source: OpenPNE/branches/stable-2.8.x/webapp/modules/admin/init.inc @ 3692

Last change on this file since 3692 was 3692, checked in by ogawa, 12 years ago

#1023:管理画面からの監視機能の強化

File size: 7.7 KB
Line 
1<?php
2/**
3 * @copyright 2005-2007 OpenPNE Project
4 * @license   http://www.php.net/license/3_01.txt PHP License 3.01
5 */
6
7// admin モジュール initialize 処理
8
9// auth関連設定
10session_name('OpenPNEadmin');
11isset($GLOBALS['OpenPNE']['admin']['session_lifetime'])
12    or $GLOBALS['OpenPNE']['admin']['session_lifetime'] = 0;
13isset($GLOBALS['OpenPNE']['admin']['session_idletime'])
14    or $GLOBALS['OpenPNE']['admin']['session_idletime'] = 0;
15
16// ライブラリ読み込み
17$module_lib_dir = dirname(__FILE__) . '/lib';
18require_once $module_lib_dir . '/db_admin.php';
19require_once $module_lib_dir . '/etc_admin.php';
20require_once $module_lib_dir . '/hash_admin.php';
21
22// デフォルトページ
23$GLOBALS['__Framework']['default_page'] = 'top';
24
25// ハッシュから action名を取得
26$hash_tbl =& AdminHashTable::singleton();
27$action = $hash_tbl->action($action, $type);
28
29// ホワイトリスト
30$GLOBALS['_OPENPNE_ADMIN_AUTH_ACTIONS'] = array(
31// SNS設定のみ
32'normal_type' => array(
33
34'page_delete_c_banner_confirm',
35'page_delete_c_cmd_confirm',
36'page_delete_c_free_page_confirm',
37'page_delete_c_profile',
38'page_delete_c_rank_confirm',
39'page_edit_admin_password',
40'page_edit_c_admin_config',
41'page_edit_c_admin_info',
42'page_edit_c_banner',
43'page_edit_c_holiday',
44'page_edit_c_navi',
45'page_edit_c_profile',
46'page_edit_c_sns_config',
47'page_edit_category',
48'page_edit_entry_point',
49'page_edit_mail_send',
50'page_edit_mail',
51'page_edit_skin_image',
52'page_insert_c_banner',
53'page_insert_c_free_page',
54'page_insert_c_profile',
55'page_insert_html',
56'page_limit_domain',
57'page_list_c_api',
58'page_list_c_cmd',
59'page_list_c_free_page',
60'page_list_c_rank',
61'page_login',
62'page_manage_c_commu',
63'page_top',
64'page_update_c_banner',
65'page_update_c_free_page',
66'page_update_c_profile',
67'page_update_c_rank',
68'do_delete_c_banner',
69'do_delete_c_cmd',
70'do_delete_c_commu_category_parent',
71'do_delete_c_commu_category',
72'do_delete_c_free_page',
73'do_delete_c_holiday',
74'do_delete_c_navi',
75'do_delete_c_profile_option',
76'do_delete_c_profile',
77'do_delete_c_rank',
78'do_delete_mail',
79'do_delete_skin_image',
80'do_edit_c_admin_info',
81'do_insert_c_banner',
82'do_insert_c_commu_category_parent',
83'do_insert_c_commu_category',
84'do_insert_c_free_page',
85'do_insert_c_holiday',
86'do_insert_c_profile_option',
87'do_insert_c_profile',
88'do_insert_c_rank',
89'do_insert_html',
90'do_login',
91'do_logout',
92'do_update_c_action',
93'do_update_c_admin_config',
94'do_update_c_admin_user_password',
95'do_update_c_api',
96'do_update_c_banner',
97'do_update_c_cmd',
98'do_update_c_commu_category_parent',
99'do_update_c_commu_category',
100'do_update_c_commu_is_regist_join',
101'do_update_c_free_page',
102'do_update_c_holiday',
103'do_update_c_navi',
104'do_update_c_profile_option',
105'do_update_c_profile',
106'do_update_c_rank',
107'do_update_c_siteadmin_css',
108'do_update_c_sns_config',
109'do_update_entry_point',
110'do_update_limit_domain',
111'do_update_mail_send',
112'do_update_mail',
113'do_update_profile_sort_order',
114'do_update_side_banner_html',
115'do_update_skin_image',
116'do_update_skin_version',
117'do_update_top_banner_html',
118),
119
120// メンバーリスト以外
121'_type' => array(
122
123'page_access_analysis_day',
124'page_access_analysis_member',
125'page_access_analysis_month',
126'page_access_analysis_page',
127'page_access_analysis_target_commu',
128'page_access_analysis_target_diary',
129'page_access_analysis_target_member',
130'page_access_analysis_target_topic',
131'page_delete_c_banner_confirm',
132'page_delete_c_cmd_confirm',
133'page_delete_c_file_confirm',
134'page_delete_c_free_page_confirm',
135'page_delete_c_image_confirm',
136'page_delete_c_profile',
137'page_delete_c_rank_confirm',
138'page_delete_diary_comment',
139'page_delete_diary',
140'page_delete_review',
141'page_delete_topic_comment',
142'page_delete_topic',
143'page_delete_commu',
144'page_diary_comment_list',
145'page_diary_list',
146'page_edit_admin_password',
147'page_edit_c_admin_config',
148'page_edit_c_admin_info',
149'page_edit_c_banner',
150'page_edit_c_holiday',
151'page_edit_c_image',
152'page_edit_c_navi',
153'page_edit_c_profile',
154'page_edit_c_sns_config',
155'page_edit_category',
156'page_edit_entry_point',
157'page_edit_mail_send',
158'page_edit_mail',
159'page_edit_skin_image',
160'page_import_c_member',
161'page_insert_c_banner',
162'page_insert_c_free_page',
163'page_insert_c_profile',
164'page_insert_html',
165'page_limit_domain',
166'page_list_c_api',
167'page_list_c_cmd',
168'page_list_c_file',
169'page_list_c_free_page',
170'page_list_c_image',
171'page_list_c_rank',
172'page_login',
173'page_manage_c_commu',
174'page_review_list',
175'page_send_invites_confirm',
176'page_send_invites',
177'page_top',
178'page_topic_comment_list',
179'page_topic_list',
180'page_update_c_banner',
181'page_update_c_free_page',
182'page_update_c_profile',
183'page_update_c_rank',
184'page_user_analysis_date_day',
185'page_user_analysis_date_month',
186'page_user_analysis_generation',
187'do_delete_c_banner',
188'do_delete_c_cmd',
189'do_delete_c_commu_category_parent',
190'do_delete_c_commu_category',
191'do_delete_c_file4c_file_id',
192'do_delete_c_free_page',
193'do_delete_c_holiday',
194'do_delete_c_image',
195'do_delete_c_image4c_image_id',
196'do_delete_c_navi',
197'do_delete_c_profile_option',
198'do_delete_c_profile',
199'do_delete_c_rank',
200'do_delete_kakikomi_c_commu_topic_comment',
201'do_delete_kakikomi_c_commu_topic',
202'do_delete_kakikomi_c_commu',
203'do_delete_kakikomi_c_diary_comment',
204'do_delete_kakikomi_c_diary',
205'do_delete_kakikomi_c_review',
206'do_delete_mail',
207'do_delete_skin_image',
208'do_edit_c_admin_info',
209'do_import_c_member',
210'do_insert_c_banner',
211'do_insert_c_commu_category_parent',
212'do_insert_c_commu_category',
213'do_insert_c_free_page',
214'do_insert_c_holiday',
215'do_insert_c_image',
216'do_insert_c_profile_option',
217'do_insert_c_profile',
218'do_insert_c_rank',
219'do_insert_html',
220'do_login',
221'do_logout',
222'do_send_invites',
223'do_update_c_action',
224'do_update_c_admin_config',
225'do_update_c_admin_user_password',
226'do_update_c_api',
227'do_update_c_banner',
228'do_update_c_cmd',
229'do_update_c_commu_category_parent',
230'do_update_c_commu_category',
231'do_update_c_commu_is_regist_join',
232'do_update_c_free_page',
233'do_update_c_holiday',
234'do_update_c_navi',
235'do_update_c_profile_option',
236'do_update_c_profile',
237'do_update_c_rank',
238'do_update_c_siteadmin_css',
239'do_update_c_sns_config',
240'do_update_entry_point',
241'do_update_limit_domain',
242'do_update_mail_send',
243'do_update_mail',
244'do_update_profile_sort_order',
245'do_update_side_banner_html',
246'do_update_skin_image',
247'do_update_skin_version',
248'do_update_top_banner_html',
249),
250);
251
252function init_admin_page(&$smarty)
253{
254    $is_secure = $GLOBALS['__Framework']['is_secure'];
255    $smarty->assign('inc_header', admin_fetch_inc_header($is_secure));
256    $smarty->assign('inc_footer', admin_fetch_inc_footer($is_secure));
257    $v['module_name'] = ADMIN_MODULE_NAME;
258    $smarty->assign($v);
259    $smarty->assign_by_ref('hash_tbl', AdminHashTable::singleton());
260
261    if ($is_secure) {
262        @session_start();
263        $smarty->assign('PHPSESSID', md5(session_id()));
264
265        $auth_type = admin_get_auth_type();
266        $smarty->assign('auth_type', $auth_type);
267        $act = sprintf('page_%s', $GLOBALS['__Framework']['current_action']);
268        if ($auth_type != 'all' && !in_array($act, $GLOBALS['_OPENPNE_ADMIN_AUTH_ACTIONS'][$auth_type.'_type'])) {
269            admin_client_redirect('top', '指定されたページにはアクセスできません');
270        }
271    }
272}
273
274function init_admin_do()
275{
276    $is_secure = $GLOBALS['__Framework']['is_secure'];
277
278    if ($is_secure) {
279        @session_start();
280        if ($_REQUEST['sessid'] !== md5(session_id())) {
281            openpne_display_error('前の画面を再読み込みして、操作をやり直してください');
282        }
283        $auth_type = admin_get_auth_type();
284        $act = sprintf('do_%s', $GLOBALS['__Framework']['current_action']);
285        if ($auth_type != 'all' && !in_array($act, $GLOBALS['_OPENPNE_ADMIN_AUTH_ACTIONS'][$auth_type.'_type'])) {
286            admin_client_redirect('top', '指定されたページにはアクセスできません');
287        }
288    }
289}
290
291?>
Note: See TracBrowser for help on using the repository browser.