File: /home/mckernan/public_html/iJournal/includes/functions.php
<?php
/* included file */
function includePath()
{
return "/home/mckernan/public_html/iJournal/includes/";
}
function clientPath()
{
return "/home/mckernan/ijournalstore/clients/";
}
function whitelist_request($type, $mode, $action = null)
{
// whitelists
$allowed_modes = array('session', 'file', 'client', 'journal', 'fixed', 'payroll', 'payments', 'tracker', 'notes', 'config');
$allowed_acts = array(
'session' => array('start', 'login', 'logout', 'kill'),
'file' => array('clientlist', 'open', 'newclient', 'close', 'report', 'openclientlist', 'forceclose'),
'client' => array('period', 'setper', 'info', 'updinfo', 'inccats', 'expcats', 'updinccats', 'updexpcats',
'loadconvert', 'convert', 'rptinfo', 'rptcats', 'contactlist', 'newcontact', 'updcontact',
'contactdtl', 'delcontact'),
'journal' => array('cats', 'entry', 'savedata', 'genstatement', 'statementlist', 'viewstatement'),
'fixed' => array('assetlist', 'new', 'upd', 'del', 'report', 'dtl'),
/*'payroll' => array('employees', 'payrolllist', 'newemployee'),
'payments' => array('recipients', 'paymentlist', 'newrecipient'),*/
'tracker' => array('list', 'newtracker', 'updtracker', 'deltracker', 'rptsummary', 'rptitem', 'dtl', 'entrylist',
'entrydtl', 'saventry'),
'notes' => array('internallist', 'clientlist', 'newinternal', 'newclient', 'rptinternal', 'rptclient',
'dtlinternal', 'dtlclient', 'updinternal', 'updclient', 'delinternal', 'delclient'),
'config' => array('workstation', 'profile')
);
// return whitelisted value
$rv = '';
if ($type == 'mode')
{
if ( in_array($mode, $allowed_modes) ) $rv = $mode;
}
else if ($type == 'action')
{
if ( in_array($action, $allowed_acts[$mode]) ) $rv = $action;
}
return $rv;
}
function getRawSID()
{
$rv = '';
// get sid
if (isset($_POST['sid'])) $rv = $_POST['sid'];
if (isset($_GET['sid'])) $rv = $_GET['sid'];
return $rv;
}
function getvar($dbo, $var, $type = 'string') // string, int, float
{
$rv = ($type == 'string') ? '' : 0;
if ( isset($_GET[$var]) ) $rv = $_GET[$var];
if ( isset($_POST[$var]) ) $rv = $_POST[$var];
switch ($type)
{
case 'string': $rv = $dbo->real_escape_string($rv); break;
case 'int': $rv = intval($rv); break;
case 'float': $rv = floatval($rv); break;
}
return $rv;
}
function getvarRawString($var)
{
$rv = '';
if ( isset($_GET[$var]) ) $rv = $_GET[$var];
if ( isset($_POST[$var]) ) $rv = $_POST[$var];
return $rv;
}
function hashUserPwd($pwd)
{
$tmp = "ijnlusrpwd::&dJu43^!!qwLubG" . $pwd . "jJbn8%6#==aGm";
return hash('sha384', $tmp);
}
function flipDate($date)
{
return date('Y/m/d', strtotime($date));
}
function humanDate($date)
{
return date('m/d/Y', strtotime($date));
}
?>