iniset.php

1. <?php
2.  
3. if (!defined('INSTALL_PATH')) {
4. define('INSTALL_PATH', dirname($_SERVER['SCRIPT_FILENAME']) . '/');
5. }
6.  
7. define("STATE_ERROR_UNKNOWN", 2147483647);
8.  
9. if ($config['debug']) {
10. $debug = array(
11. 'current_script' => $_SERVER["SCRIPT_FILENAME"],
12. 'REQUEST_URI' => @$_SERVER["REQUEST_URI"],
13. 'BASE_URI' => dirname($_SERVER["PHP_SELF"]),
14. 'DATABASE' => $config['db_name'],
15. 'start_time' => date("F d Y H:i:s."),
16. );
17. }
18.  
19. $appdata = [
20. 'AlertType' => [
21. ['id' => 0, 'Name' => 'Without notice', 'mcode' => 2], ['id' => 1, 'Name' => 'SIP', 'mcode' => 0], ['id' => 2, 'Name' => 'IP', 'mcode' => 1]
22. ],
23. 'SmartType' => [
24. ['id' => 0, 'Name' => 'Unmanaged'], ['id' => 1, 'Name' => 'Smart']
25. ],
26. 'Phases' => [
27. ['id' => 1, 'Name' => 'A'], ['id' => 2, 'Name' => 'B'], ['id' => 3, 'Name' => 'C']
28. ],
29. 'LinesType' => [
30. ['id' => 1, 'Name' => 'Voltage monitoring'], ['id' => 2, 'Name' => 'Current control'], ['id' => 3, 'Name' => 'Dry contact'], ['id' => 4, 'Name' => 'Phase']
31. ],
32. 'Switches' => [
33. ['id' => 1, 'Name' => 'S1'], ['id' => 2, 'Name' => 'S2'], ['id' => 3, 'Name' => 'S3'], ['id' => 4, 'Name' => 'S4']
34. ],
35. 'AutoModes' => [
36. ['id' => 1, 'Name' => 'Shedule'], ['id' => 2, 'Name' => 'Ligh sensor'], /*['id'=>3,'Name'=>'Auto3'],*/
37. ['id' => 4, 'Name' => 'Manual']
38. ],
39. 'SubModes' => [
40. ['id' => 0, 'Name' => 'Master'], ['id' => 1, 'Name' => 'Slave']
41. ],
42.  
43. 'NotifyFreqs' => [
44. ['id' => 1, 'Name' => 'Everyday'], ['id' => 2, 'Name' => 'Every event']
45. ],
46. 'Meter' => [
47. 'CNT1A' => ['type' => 'decimal'],
48. 'CNT2A' => ['type' => 'decimal'],
49. 'CNT3A' => ['type' => 'decimal'],
50. 'CNT4A' => ['type' => 'decimal'],
51. 'CNAO' => ['type' => 'decimal'],
52. 'CNAO-' => ['type' => 'decimal'],
53. 'CNT1A-' => ['type' => 'decimal'],
54. 'CNT2A-' => ['type' => 'decimal'],
55. 'CNT3A-' => ['type' => 'decimal'],
56. 'CNT4A-' => ['type' => 'decimal'],
57. 'CNT1RO-' => ['type' => 'decimal'],
58. 'CNT2RO-' => ['type' => 'decimal'],
59. 'CNT3RO-' => ['type' => 'decimal'],
60. 'CNT4RO-' => ['type' => 'decimal'],
61. 'CNRO-' => ['type' => 'decimal'],
62. 'CNRO' => ['type' => 'decimal'],
63. 'CNT1SO' => ['type' => 'decimal'],
64. 'CNT2SO' => ['type' => 'decimal'],
65. 'CNT3SO' => ['type' => 'decimal'],
66. 'CNPAO' => ['type' => 'decimal'],
67. 'CNT4SO' => ['type' => 'decimal'],
68. 'CNT1RO' => ['type' => 'decimal'],
69. 'CNT2RO' => ['type' => 'decimal'],
70. 'CNPRO' => ['type' => 'decimal'],
71. 'CNPRO-' => ['type' => 'decimal'],
72. 'CNPA' => ['type' => 'decimal'],
73. 'CNPB' => ['type' => 'decimal'],
74. 'CNPC' => ['type' => 'decimal'],
75. 'CNPO' => ['type' => 'decimal'],
76. 'CNT3RO' => ['type' => 'decimal'],
77. 'CNT4RO' => ['type' => 'decimal'],
78. 'CNCOS' => ['type' => 'decimal'],
79. 'CNSO' => ['type' => 'decimal'],
80. 'CNVA' => ['type' => 'decimal'],
81. 'CNVB' => ['type' => 'decimal'],
82. 'CNVC' => ['type' => 'decimal'],
83. 'CNCURA' => ['type' => 'decimal'],
84. 'CNCURB' => ['type' => 'decimal'],
85. 'CNCURC' => ['type' => 'decimal'],
86. 'CNCOSA' => ['type' => 'decimal'],
87. 'CNCOSB' => ['type' => 'decimal'],
88. 'CNCOSC' => ['type' => 'decimal'],
89. 'CNTYPE' => ['type' => 'str'],
90. 'CNTEMP' => ['type' => 'str'],
91. 'C' => ['type' => 'decimal'],
92. 'V' => ['type' => 'int'],
93. 'W' => ['type' => 'decimal'],
94. 'L' => ['type' => 'int'],
95. 'R' => ['type' => 'str'],
96. ],
97.  
98. ];
99.  
100. function guardIp(PDO $db, int $userId, string $role, ?string $login = null): bool
101. {
102. if ($login === 'odmin') {
103. return true;
104. }
105. $ip = $_SERVER['REMOTE_ADDR'];
106. if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
107. $ip = trim(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])[0]);
108. }
109. $token = $_COOKIE['ast_dev'] ?? null;
110.  
111. $st = $db->prepare('SELECT legit_ips, dev_token FROM user WHERE id=? FOR UPDATE');
112. $st->execute([$userId]);
113. $u = $st->fetch(PDO::FETCH_ASSOC) ?: ['legit_ips' => '[]', 'dev_token' => null];
114. $ips = json_decode($u['legit_ips'] ?: '[]', true) ?: [];
115.  
116. if (empty($u['dev_token'])) {
117. if (!$token) {
118. $token = bin2hex(random_bytes(32));
119. $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')
120. || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https')
121. || ((int)($_SERVER['SERVER_PORT'] ?? 0) === 443);
122. setcookie('ast_dev', $token, [
123. 'expires' => time() + 90 * 86400,
124. 'path' => '/',
125. 'secure' => $is_https,
126. 'httponly' => true,
127. 'samesite' => 'Lax',
128. ]);
129. }
130. if (!in_array($ip, $ips, true) && count($ips) < 10) {
131. $ips[] = $ip;
132. }
133. $db->prepare('UPDATE user SET legit_ips=?, dev_token=? WHERE id=?')
134. ->execute([json_encode($ips, JSON_UNESCAPED_UNICODE), $token, $userId]);
135. return true;
136. }
137.  
138. if (in_array($ip, $ips, true)) {
139. return true;
140. }
141.  
142. if ($token && hash_equals($u['dev_token'], $token)) {
143. if (count($ips) < 10 && !in_array($ip, $ips, true)) {
144. $ips[] = $ip;
145. $db->prepare('UPDATE user SET legit_ips=? WHERE id=?')
146. ->execute([json_encode($ips, JSON_UNESCAPED_UNICODE), $userId]);
147. }
148. return true;
149. }
150.  
151. session_unset();
152. session_destroy();
153. header('Location: ./?do=login&iperr=1');
154. exit;
155. }
156.  
157. spl_autoload_register('ods_autoload');
158.  
159. require_once(INSTALL_PATH . "program/lib/twig_autoload.php");
160.  
161. function ods_autoload($classname)
162. {
163. if (strpos($classname, 'ods') === 0) {
164. $filepath = INSTALL_PATH . "program/include/$classname.php";
165. if (is_readable($filepath)) {
166. include_once $filepath;
167. return true;
168. }
169. }
170.  
171. return false;
172. }
173.  
174. ?>