<?php

/* 
 * postLDAPadmin
 *
 * Copyright (C) 2006,2007 DesigNET, INC.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.

 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.

 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 */

/*********************************************************
 * ̴ؿ饤֥
 *
 * $Source$
 * $Revision$
 * $Date$
 *
 *********************************************************/

/* ե֥ǥ쥯ȥ */
define("ETCDIR", "etc/");

/* ե̾ */
define("WEBCONF", "web.conf");

/* syslog */
define("IDENT", "postLDAPadmin");

/* ִե̾ */
define("ADMINTABCONF", "tab.conf");
define("USERTABCONF", "user_tab.conf");

/* åե̾ */
define("MESSAGEFILE", "msg_file");

/* åǼϢΥ */
define("SCREEN_MSG", "screen");
define("LOG_MSG", "log");

/* ֥եΰԤκʸ */
define("MAX_TAB_LINE", 1024);

/* ڡȥ */
define("MAX_PAGETITLE_LENGTH", 32);

/* Ź沽ե̾ */
define("ADMKEY", "admin.key");

/* 祻å󥿥ॢȻ(24) */
define("MAX_SESSTIME", 86400);

/* ̾ */
define("MAXADMINNAME", 16);

/* ԥѥ */
define("MAXADMINPASSWD", 512);

/* Ǿԥѥ */
define("MINADMINPASSWD", 0);

/* ݡͥɹ⡼ */
define("SEARCH", 0);
define("READ", 1);

/* ե饰ξ֤ ON:0 OFF:1*/
define("ON", "0");
define("OFF", "1");

/* ʸsyslogȽ */
define("SYSLOG", 'syslog');

/* եƥ */
$facilitynames = array(
                       "auth"     => LOG_AUTH,
                       "authpriv" => LOG_AUTHPRIV,
                       "cron"     => LOG_CRON,
                       "daemon"   => LOG_DAEMON,
                       "kern"     => LOG_KERN,
                       "lpr"      => LOG_LPR,
                       "mail"     => LOG_MAIL,
                       "news"     => LOG_NEWS,
                       "syslog"   => LOG_SYSLOG,
                       "user"     => LOG_USER,
                       "uucp"     => LOG_UUCP,
                       "local0"   => LOG_LOCAL0,
                       "local1"   => LOG_LOCAL1,
                       "local2"   => LOG_LOCAL2,
                       "local3"   => LOG_LOCAL3,
                       "local4"   => LOG_LOCAL4,
                       "local5"   => LOG_LOCAL5,
                       "local6"   => LOG_LOCAL6,
                       "local7"   => LOG_LOCAL7);

/* ե */
$conf_keys["global"] = array(
                    "titlename"         => "no_check",
                    "referrerurl"       => "no_check",
                    "adminname"         => "no_check",
                    "adminpasswd"       => "no_check",
                    "sessiontimeout"    => "check_sess",
                    "logfile"           => "check_logfile",
                    "syslogfacility"    => "check_syslog",
                    "maxpasswordlength" => "is_positive_number",
                    "minpasswordlength" => "is_integer_number",
                    "passwordencrypt"   => "check_encrypt_type");

/* Υǥե */
$conf_def["global"] = array(
                  "sessiontimeout"    => "900",
                  "syslogfacility"    => "local1",
                  "maxpasswordlength" => "8",
                  "minpasswordlength" => "3",
                  "passwordencrypt"   => "CRYPT");

$pass_enc["CRYPT"]["name"] = "CRYPT";
$pass_enc["CRYPT"]["schema"] = "{CRYPT}";
$pass_enc["CRYPT"]["make_func"] = "my_crypt";
$pass_enc["MD5"]["name"] = "MD5";
$pass_enc["MD5"]["schema"] = "{MD5}";
$pass_enc["MD5"]["make_func"] = "my_md5";

/*********************************************************
 * escape_html()
 *
 * Adaptation to noncompatible deviation of htmlspecialchars() from PHP 5.3 to PHP5.4
 *
 * [return value]
 *       HTML escaped string of $str
 **********************************************************/
function escape_html($str, $flags=ENT_COMPAT, $encoding = "EUC-JP") 
{
    return htmlspecialchars($str, $flags, $encoding);
}

/*********************************************************
 * read_web_conf()
 *
 * եɤ߹ߡϢ $web_conf ˳Ǽ
 *
 * []
 *       $cmp          ɤ߹ߤݡͥ̾ 
 * [֤]
 *       TRUE          
 *       FALSE         ۾
 **********************************************************/
function read_web_conf($cmp)
{
    global $domain;
    global $msgarr;
    global $err_msg;
    global $log_msg;
    global $conf_keys;
    global $conf_def;
    global $web_conf;
    global $tab_conf;
    global $basedir;

    $cmp_name[0] = 'global';
    $mode = SEARCH;
    $web_conf["$cmp_name[0]"] = array();

    if (isset($cmp) && $cmp != "") {
        /* $conf_keysꤵƤ饻åȤ */
        if (array_key_exists($cmp, $conf_keys) === TRUE) {
            $cmp_name[1] = $cmp;
        }
    }
    /* ɥᥤե */
    $webconf_file = $basedir .  ETCDIR . $domain . '/' . WEBCONF;

    /* եɤ߹߸å */
    if (is_readable_file($webconf_file) === FALSE) {
        $err_msg = escape_html($err_msg);
        return FALSE;
    }

    /* ե򥪡ץ */
    $fp = fopen($webconf_file, "r");
    if ($fp === FALSE) {
        $err_msg = "ե뤬ץǤޤ(" .
                   escape_html($webconf_file) . ")";
        $log_msg = "Cannot open file.(" . escape_html($webconf_file) . ")";
        return FALSE;
    }

    /* եå */
    $ret = flock($fp, LOCK_EX);
    if ($ret === FALSE) {
        $err_msg = "եΥå˼Ԥޤ(" .
                   escape_html($webconf_file) . ")";
        $log_msg = "Failed to lock file.(" . escape_html($webconf_file) . ")";
        fclose($fp);
        return FALSE;
    }

    /* $cmp_name */
    $i = 0;

    /* ݡ֥ͥ̾롼 */
    while (isset($cmp_name["$i"]) && $cmp_name["$i"] != "") {
        /* եݥ󥿤Ƭذư */
        $ret = fseek($fp, 0);
        if ($ret == -1) {
            flock($fp, LOCK_UN);
            fclose($fp);
            $err_msg = "եݥ󥿤ΰư˼Ԥޤ(" .
                       escape_html($webconf_file) . ")";
            $log_msg = "Failed to move filepointer.(" .
                       escape_html($webconf_file) . ")";
            return FALSE;
        }

        /* Ԥν */
        $line = 0;

        /* ݡͥ˥롼פƥեɤ߹ */
        while (feof($fp) === FALSE) {
            /* ʬХåե˳Ǽ */
            $buf = fgets($fp);
            if ($buf === FALSE) {
                break;
            }
            /* ζȲԤ */
            $buf = rtrim($buf);
            $line++;

            /* ԤƬ#ΥȹԤǤ̵ */
             if (substr($buf, 0, 1) == "#") {
                continue;
            }
            /* ԤǤ̵ */
            if (strlen($buf) == 0) {
                continue;
            }
            /* ݡͥ̾ɤ */
            if ($buf == '[' . $cmp_name[$i] . ']') {
                /* õƤɤǤ */
                if ($mode == SEARCH) {
                    /* õƤäɤߥ⡼ɤˤƼιԤɤ */
                    $mode = READ;
                    continue;
                }
                /* ݡͥ̾ʣ顼 */
                $err_msg = "ݡͥ̾ʣƤޤ(" .
                           escape_html($webconf_file) . ": {$line})";
                $log_msg = "Duplicate component name.(" .
                           escape_html($webconf_file) . ": line {$line})";
                flock($fp, LOCK_UN);
                fclose($fp);
                return FALSE;
                
            }
            /* ݡͥ̾[ʳλ */
            if ($mode == SEARCH) {
                continue;
            }
            /* READ˼Υݡͥ̾ȯ */
            if (strstr($buf, '[')) {
                break;
            }

            /* ԤλϤζڤʸʬ */
            $data = explode("=", $buf, 2);

            /* ͤnull,ѥ᡼ƬǤС顼 */
            if (($data[0] == "") || ($data[1] == "") ||
                                     substr("$data[1]", 0, 1) == " ") {
                flock($fp, LOCK_UN);
                fclose($fp);
                set_error($webconf_file, $line);
                return FALSE;
            }

            /* ̾ʸƳǼ */
            $key = strtolower($data[0]);
            /* 줿ܤΥå */
            if(is_null($conf_keys["$cmp_name[$i]"][$key]) === TRUE) {
                flock($fp, LOCK_UN);
                fclose($fp);
                set_error($webconf_file, $line);
                return FALSE;
            }

            /* ܤˤå */
            if ($conf_keys[$cmp_name[$i]][$key]($data[1]) === FALSE) {
                flock($fp, LOCK_UN);
                fclose($fp);
                set_error($webconf_file, $line);
                return FALSE;
            }

            /* ʣå */
            if (isset($web_conf["$cmp_name[$i]"][$key]) === TRUE) {
                $err_msg = "{$key}ʣƤޤ(" .
                escape_html($webconf_file) . ": {$line})";
                $log_msg = "{$key} is duplicated.(" .
                escape_html($webconf_file) . ": line {$line})";
                flock ($fp, LOCK_UN);
                fclose($fp);
                return FALSE;
            }

            /* ldapפ֤ */ 
            if ($key == "ldapscope") {
                $data[1] = set_ldapscope($data[1]);
            }

            /* ͤǼ */
            $web_conf["$cmp_name[$i]"][$key] = $data[1];
        }
        /* ݡͥ̾פʤä饨顼 */
        if ($mode == SEARCH && is_null($web_conf["$cmp_name[$i]"])) {
            $err_msg = "[" . $cmp_name[$i] . "]꤬¸ߤޤ(" .
                       escape_html($webconf_file) . ")";
            $log_msg = "Settings of [" . $cmp_name[$i] . "] do not exist.(" .
                       escape_html($webconf_file) . ")";
            flock($fp, LOCK_UN);
            fclose($fp);
            return FALSE;
        }

        /* ̾ */
        $keys = array_keys($conf_keys["$cmp_name[$i]"]);

        /* ٤ƤιܤͤåȤƤ뤫γǧ */
        foreach ($keys as $key) {
            /* åȤƤ餺ǥեͤꤵƤ硢 */
            if (!isset($web_conf["$cmp_name[$i]"][$key]) && 
                 isset($conf_def["$cmp_name[$i]"][$key])) {
                $web_conf["$cmp_name[$i]"][$key] = $conf_def["$cmp_name[$i]"][$key];
            }
            if (!isset($web_conf["$cmp_name[$i]"][$key]) === TRUE) {
                $err_msg = "" . $key . "ꤵƤޤ(" .
                           escape_html($webconf_file) . ")";
                $log_msg = $key . " is not setted.(" .
                           escape_html($webconf_file) . ")";
                return FALSE;
            }
        }
        $i++;
        $mode = SEARCH;
    }

    /*check valid maxpasswordlength and minpasswordlength */
    if($web_conf["global"]["minpasswordlength"] > $web_conf["global"]["maxpasswordlength"]) {
        $err_msg = "MaxPasswordLength⤷MinPasswordLengthͤǤ(" . 
                   escape_html($webconf_file) . ")";
        $log_msg = "Invalid value of MaxPasswordLength or MinPasswordLength.(" .
                   escape_html($webconf_file) . ")";
        return FALSE;
    }

    /* syslogweb.confꤵ줺logfilesyslogȤƤ */
    if ($web_conf["global"]["logfile"] == SYSLOG && 
        $web_conf["global"]["syslogfacility"] == "") {
        $err_msg = "SyslogFacilityꤵƤޤ";
        $log_msg = "SyslogFacility is not setted.";
        return FALSE;
    }
    flock($fp, LOCK_UN);
    fclose($fp);
    return TRUE;
}


/*********************************************************
 * make_msgarr()
 *
 * åեϢ $msgarr ɤ߹ؿ
 *
 * []
 *       $prefix     åե̾Υץեå
 * [֤]
 *       TRUE
 *       ۾FALSE
 **********************************************************/
function make_msgarr($prefix)
{
    global $domain;
    global $basedir;
    global $msgarr;
    global $err_msg;
    global $log_msg;

    $list = glob($basedir . ETCDIR . $domain . "/" . $prefix. "*");
    if ($list === False || count($list) == 0) {
        $err_msg = "åե뤬Ĥޤ(" .
                   escape_html($prefix) . "*)";
        $log_msg = "Cannot open dir .(" .
                   escape_html($prefix) . "*)";
        result_log($log_msg);
        return FALSE;
    }

    $msgarr = array();
    foreach ($list as $msgfile) {
        /* եɤ߹߸å */
        if (is_readable_file($msgfile) === FALSE) {
            $err_msg = escape_html($err_msg);
            result_log($log_msg);
            return FALSE;
        }
    
        /* ե򥪡ץ */
        $fp = fopen($msgfile, 'r');
        if ($fp === FALSE) {
            $err_msg = "åե뤬ץǤޤ(" .
                       escape_html($msgfile) . ")";
            $log_msg = "Cannot open message file.(" .
                       escape_html($msgfile) . ")";
            result_log($log_msg);
            return FALSE;
        }
    
    
        /* üޤǰԤɤ߹ */
        for ($i = 1; TRUE; $i++) {
    
            $line = fgets($fp);
    
            /* ԥɤζ */
            $line = rtrim($line);
    
            /* ե뽪üã */
            if (feof($fp)) {
                break;
            /* fgets()˼Ԥ */
            } else if ($line === FALSE) {
                $err_msg = "åեɤ߹ߤ˼Ԥޤ(" .
                           escape_html($msgfile) . ")";
                $log_msg = "Failed to read message file.(" .
                           escape_html($msgfile) . ")";
                result_log($log_msg);
                fclose($fp);
                return FALSE;
            /* ,#ϤޤԤ̵ */
            } else if ($line == "" || substr($line, 0, 1) == "#") {
                continue;
            }
    
            /* ڤʸǹԤʬ䤹 */
            $tmparr = explode('$', $line);
            if (count($tmparr) !== 3) {
                $err_msg = "åե˷ʹԤޤ(" .
                           $msgfile . ":" . $i . ")";
                $log_msg = "Invalid form of line on message file.(" .
                           $msgfile . ": line " . $i . ")";
                result_log($log_msg);
                fclose($fp);
                return FALSE;
            }
    
            /* Ƭå(5ο) */
            if (strlen($tmparr[0]) != 5 || is_num_check($tmparr[0]) === FALSE) {
                $err_msg = "åե˼ֹ椬ʹԤޤ(" .
                           $msgfile . ":" . $i . ")";
                $log_msg = "Invalid serial number on message file.(" .
                           $msgfile . ": line " . $i . ")";
                result_log($log_msg);
                fclose($fp);
                return FALSE;
            }
    
            /* ̽,ϤΥåξäƤʤ */
            if ($tmparr[1] == "" && $tmparr[2] == "") {
                $err_msg = "åե˥åιԤޤ(" .
                           $msgfile . ":" . $i . ")";
                $log_msg = "Empty message line on message file.(" .
                           $msgfile . ": line " . $i . ")";
                result_log($log_msg);
                fclose($fp);
                return FALSE;
            }
    
            /* ֹ椬ʣԤ */
            if (isset($msgarr[$tmparr[0]])) {
                $err_msg = "åե˼ֹ椬ʣԤޤ(" .
                           $msgfile . ":" . $i . ")";
                $log_msg = "Duplicate serial number on message file.(" .
                           $msgfile . ": line " . $i . ")";
                result_log($log_msg);
                fclose($fp);
                return FALSE;
            }
    
            /* ˳Ǽ */
            $msgarr[$tmparr[0]][SCREEN_MSG] = $tmparr[1];
            $msgarr[$tmparr[0]][LOG_MSG] = $tmparr[2];
        }
    
        /* ե򥯥 */
        fclose($fp);
    }

    return TRUE;
}


/*********************************************************
 * is_readable_file()
 * եɤ߹߸å
 *
 * []
 *      $filename    åоݥե
 * [֤]
 *      TRUE         
 *      FALSE        ۾
 **********************************************************/
function is_readable_file($filename)
{
    global $msgarr;
    global $err_msg;
    global $log_msg;

    /* STATΥå奯ꥢ */
    clearstatcache();

    /* ¸ߤΥå */
    if (file_exists($filename) === FALSE) {
        $err_msg = "ե뤬¸ߤޤ($filename)";
        $log_msg = "The file does not exist.($filename)";
        return FALSE;
    }

    /* ǥ쥯ȥ꤫Υå */
    if (is_dir($filename) === TRUE) {
        $err_msg = "ꤵ줿եϥǥ쥯ȥǤ($filename)";
        $log_msg = "Designated file is a directory.($filename)";
        return FALSE;
    }

    /*  եɤ߹߸å */
    if (is_readable($filename) === FALSE) {
        $err_msg = "եɤ߹߸ޤ($filename)";
        $log_msg = "No read permission on the file.($filename)";
        return FALSE;
    }

    return TRUE;
}

/***********************************************************
 * is_writable_file()
 *
 * եν߸å
 *
 * []
 *      $filename       åоݥե
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 ************************************************************/
function is_writable_file($filename)
{
    global $msgarr;
    global $err_msg;
    global $log_msg;

    /* STATΥå奯ꥢ */
    clearstatcache();

    /* ¸ߥå */
    if (file_exists($filename) === FALSE) {
        if (is_writable(dirname($filename)) === FALSE) {
            $err_msg = sprintf($msgarr['22012'][SCREEN_MSG], $filename);
            $log_msg = sprintf($msgarr['22012'][LOG_MSG], $filename);
            return FALSE;
        }
        return TRUE;
    }

    /*  ǥ쥯ȥå */
    if (is_dir($filename) === TRUE) {
        $err_msg = sprintf($msgarr['22010'][SCREEN_MSG], $filename);
        $log_msg = sprintf($msgarr['22010'][LOG_MSG], $filename);
        return FALSE;
    }

    /*  եν߸å */
    if (is_writable($filename) === FALSE) {
        $err_msg = sprintf($msgarr['22032'][SCREEN_MSG], $filename);
        $log_msg = sprintf($msgarr['22032'][LOG_MSG], $filename);
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * no_check()
 *
 * ߡؿ
 *
 * []
 *       ʤ
 * [֤]
 *       TRUE            
 **********************************************************/
function no_check()
{
    return TRUE;
}

/*********************************************************
 * check_sess()
 *
 * å󥿥ॢȻ֥åؿ
 *
 * []
 *       $sess           å󥿥ॢȻ 
 * [֤]
 *       TRUE            
 *       FALSE           ۾
 **********************************************************/
function check_sess($sess)
{
    /* ȾѿΤߵ */
    $num = "0123456789";
    if (strspn($sess, $num) != strlen($sess)) {
        return FALSE;
    }

    /* 1á24֤ޤǤʤOK */
    if ($sess < 1 || $sess > MAX_SESSTIME){ 
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * check_logfile()
 *
 * Υå 
 *
 * []
 *      $logfile        ե 
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 **********************************************************/
function check_logfile($logfile)
{
    global $web_conf;
    global $msgarr;
    global $err_msg;
    global $log_msg;

    /* $web_confsyslogͤ뤫Ĵ٤ */
    if (isset($web_conf["global"]["syslogfacility"])) {

        /* logfileˤsyslogˤ꤬ä */
        if ($logfile != SYSLOG && 
            $web_conf["global"]["syslogfacility"] != "") {
            /* syslogǤʤХ顼ǼTRUE */
            $err_msg = "SyslogFacilityꤵƤޤ̵ˤʤޤ"; 
            $log_msg = "SyslogFacility become invalid Althogh SyslogFacility is setted.";
            return TRUE;
        }
    }

    /* web_confsyslogʤäTRUE */
    return TRUE;
}

/*********************************************************
 * check_syslog()
 *
 * Υå 
 *
 * []
 *      $syslog         եƥ 
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 **********************************************************/
function check_syslog($syslog)
{
    global $web_conf;
    global $msgarr;
    global $err_msg;
    global $log_msg;
    global $facilitynames;

    /* $web_conflogfileͤ뤫Ĵ٤ */
    /* ޤsyslogˤͤ뤫Ĵ٤ */
    if (isset($web_conf["global"]["logfile"]) && isset($syslog)) {

        /* 줿ܤΥå */
        if(is_null($facilitynames[$syslog]) === TRUE) {
            return FALSE;
        }

        /* logfileͤsyslogĴ٤ */
        if ($web_conf["global"]["logfile"] == SYSLOG) {
            /* syslogäTRUE */
            return TRUE;
        }
        /* logfileˤsyslogˤ꤬ä */
        if ($web_conf["global"]["logfile"] != SYSLOG) {
            /* syslogͤä饨顼ǼTRUE */
            $err_msg = "SyslogFacilityꤵƤޤȿǤޤ"; 
            $log_msg = "SyslogFacility is not reflected Althogh SyslogFacility is setted.";
            return TRUE;
        }
    }            
    /* $web_conflogfileͤʤäTRUE */
    /* ޤsyslogͤʤäTRUE */
    return TRUE;
}

/*********************************************************
 * check_passwd()
 *
 * ѥɥå
 *
 * []
 *      $passwd      ѥ
 *      $minlen      Ǿʸ
 *      $maxlen      ʸ
 * [֤]
 *      TRUE         
 *      FALSE        ۾
 **********************************************************/
function check_passwd($passwd, $minlen, $maxlen)
{
    global $msgarr;
    global $err_msg;
    global $log_msg;

    /* ʸå */
    $letters = strlen($passwd);
    if ($letters < $minlen || $letters > $maxlen) {
        $err_msg = "ѥɤηǤ";
        $log_msg = "Invalid form of password.";
        return FALSE;
    }

    /* Ⱦѱ羮ʸ국Τߵ */
    $num = "0123456789";
    $sl = "abcdefghijklmnopqrstuvwxyz";
    $ll = strtoupper($sl);
    $sym = "!\"#$%&'()=-~^|@`[{;+:*]},<.>\/?_";
    $allow_letter = $num . $sl . $ll . $sym;
    if (strspn($passwd, $allow_letter) != $letters) {
        $err_msg = "ѥɤηǤ";
        $log_msg = "Invalid form of password.";
        return FALSE;
    }

    return TRUE;
}

/*********************************************************
 * check_admin_uname()
 *
 * ̾å
 *
 * []
 *      $admin_name Ϥ줿̾
 *      $maxlen     ʸ
 * [֤]
 *      TRUE         
 *      FALSE        ۾
 **********************************************************/
function check_admin_uname($admin_name, $maxlen)
{
    global $msgarr;
    global $err_msg;
    global $log_msg;

    if ($admin_name == "") {
        $err_msg = "̾ϤƤޤ";
        $log_msg = "No administrator name is inputed.";
        return FALSE;
    }

    $letters = strlen($admin_name);
    if ($letters > $maxlen) {
        $err_msg = "̾ηǤ";
        $log_msg = "Invalid form of administrator name.";
        return FALSE;
    }

    /* ȾѱѾʸ[-_]Τߵ */
    /* ƬϿޤȾѱʸ */
    $num = "0123456789";
    $sl = "abcdefghijklmnopqrstuvwxyz";
    $sym = "-_";
    $allow_letter = $num . $sl . $sym;

    if (strspn($admin_name, $allow_letter) != $letters) {
        $err_msg = "̾ηǤ";
        $log_msg = "Invalid form of administrator name.";
        return FALSE;
    }

    return TRUE;
}

/***********************************************************
 * check_flg()
 *
 * ͤONOFFΤŤ줫Ǥ뤳Ȥå
 *
 * []
 *      $flg         ե饰
 * [֤]
 *      TRUE         
 *      FALSE        ۾
 **********************************************************/
function check_flg ($flg)
{
    if ($flg != ON && $flg != OFF) {
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * set_error()
 *
 * եɤ߹߻Υ顼å򥻥åȤ롣
 *
 * []
 *      $filename       󤬳Ǽ줿ե
 *      $line           ʥǡĤä
 * [֤]
 *      ʤ
 **********************************************************/
function set_error($filename, $line)
{
    global $msgarr;
    global $err_msg;
    global $log_msg;
    $err_msg = "ηǤ (" .
               escape_html($filename) . " : {$line})";
    $log_msg = "Invalid form of column.(" .
               escape_html($filename) . " : {$line})";
}

/***********************************************************
 * my_md5()
 *
 * MD5ǥѥɤŹ沽
 *
 * []
 *       $passwd           ѥ
 * [֤]                Ź沽줿ѥ
 ************************************************************/
function my_md5($passwd)
{
    return base64_encode(md5($passwd, TRUE));
}

/***********************************************************
 * my_crypt()
 *
 * ѥɤŹ沽
 *
 * []
 *       $passwd           ѥ
 * [֤]
 *       $crypt_passwd     Ź沽줿ѥ
 ************************************************************/
function my_crypt($passwd)
{
    $salts = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L",
                   "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X",
                   "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j",
                   "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v",
                   "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7",
                   "8", "9", ".", "/" );

    $rand_key = array_rand($salts, 2);

    $salt = $salts[$rand_key[0]] . $salts[$rand_key[1]];

    $crypt_passwd = crypt($passwd, $salt);

    return $crypt_passwd;
}

/*********************************************************
 * write_web_conf()
 *
 * եƤ񤭹
 *
 * []
 *       $conf_file    ե
 *       $moddata      ѹ
 * [֤]
 *       TRUE          
 *       FALSE         ۾
 **********************************************************/
function write_web_conf($conf_file, $moddata)
{
    global $domain;
    global $msgarr;
    global $err_msg;
    global $log_msg;
    global $web_conf;

    $tmp_file = $conf_file . time() . getmypid();

    /* եɹå */
    if (is_readable_file($conf_file) === FALSE) {
        return FALSE;
    }

    /* եνå */
    if (is_writable_file($tmp_file) === FALSE) {
        return FALSE;
    }

    /* ե򥪡ץ */
    $conf_fp = fopen($conf_file, "r");
    if ($conf_fp === FALSE) {
        $err_msg = sprintf($msgarr['22001'][SCREEN_MSG], $conf_file);
        $log_msg = sprintf($msgarr['22001'][LOG_MSG], $conf_file);
        return FALSE;
    }

    /* եå */
    $ret = flock($conf_fp, LOCK_EX);
    if ($ret === FALSE) {
        $err_msg = sprintf($msgarr['22002'][SCREEN_MSG], $conf_file);
        $log_msg = sprintf($msgarr['22002'][LOG_MSG], $conf_file);
        fclose($conf_fp);
        return FALSE;
    }

    /* ե򥪡ץ */
    $tmp_fp = fopen($tmp_file, "x");
    if ($tmp_fp === FALSE) {
        $err_msg = sprintf($msgarr['22019'][SCREEN_MSG], $tmp_file);
        $log_msg = sprintf($msgarr['22019'][LOG_MSG], $tmp_file);
        flock($conf_fp, LOCK_UN);
        fclose($conf_fp);
        return FALSE;
    }

    $keys = array_keys($moddata);

    while(feof($conf_fp) === FALSE) {
        /* Ԥbuf˳Ǽ */
        $buf = fgets($conf_fp);
        if ($buf === FALSE) {
            break;
        }
         
        /* оݹԤ򸫤Ĥ񤭴 */
        foreach ($keys as $key) {
            if (strncasecmp($buf, $key, strlen($key)) == 0) {
                $data = explode("=", $buf, 2);
                $buf = $data[0] . "=" . $moddata[$key] . "\n";
            }
        }

        /* ե˽񤭹 */
        $ret = fwrite($tmp_fp, $buf);
        if ($ret === FALSE) {
            $err_msg = sprintf($msgarr['22020'][SCREEN_MSG], $tmp_file);
            $log_msg = sprintf($msgarr['22020'][LOG_MSG], $tmp_file);
            flock($conf_fp, LOCK_UN);
            fclose($conf_fp);
            fclose($tmp_fp);
            unlink($tmp_file);
            return FALSE;
        }
    } 
    flock($conf_fp, LOCK_UN);

    fclose($conf_fp);
    fclose($tmp_fp);


    /* ե֤ */
    $ret = rename($tmp_file, $conf_file);
    if ($ret === FALSE) {
        $err_msg = sprintf($msgarr['22021'][SCREEN_MSG], $tmp_file);
        $log_msg = sprintf($msgarr['22021'][LOG_MSG], $tmp_file);
        unlink($tmp_file);
        return FALSE;
    }
        
    return TRUE;
}
/***********************************************************
 * result_log()
 *
 * եФ顼ϤԤ
 *
 * []
 *      $resultlog      顼å
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 ************************************************************/
function result_log($resultlog)
{
    global $env;
    global $err_log;
    global $web_conf;
    global $facilitynames;
    global $msgarr;
    global $err_msg;
    global $log_msg;
    

   /* syslogꤵƤ */
    if (isset($web_conf['global']['logfile']) === TRUE &&
        $web_conf['global']['logfile'] == SYSLOG) {
        /* ̾ */
        $syslog = $facilitynames[$web_conf['global']['syslogfacility']];

        /* 񤭹ߤƤ˥ɽ̾桼̾硣*/
        if (isset($env['loginuser']) === FALSE) {
            $env['loginuser'] = "";
        }
        $msg = $_SERVER['LOGNAME'] . " " .
               $env['loginuser'] . " " . $resultlog;

        /* ץ */
        $ret = openlog(IDENT, LOG_PID, $syslog);
        if ($ret === FALSE) {
            $err_msg .= "եΥץ˼Ԥޤ";
            return FALSE;
        }

        /*  */
        $ret = syslog(LOG_ERR, $msg);
        if ($ret === FALSE) {
            $err_msg .= "νϤ˼Ԥޤ";
            return FALSE;
        }

        closelog();
        return TRUE;
    }

    /* syslogꤵƤʤä */
    $log_time = date ('Ymd His');

    /* 񤭹ߤƤաɽ̾桼̾硣*/
    $msg = $log_time . " " . $_SERVER['LOGNAME'] . " " .
           $env['loginuser'] . " " . $resultlog . "\n";

    if (isset($web_conf['global']['logfile']) === FALSE ||
        is_writable_file($web_conf['global']['logfile']) === FALSE) {
        return FALSE;
    }

    if (($fp = fopen ($web_conf['global']['logfile'], 'a')) === FALSE) {
        $err_msg .= "եΥץ˼Ԥޤ(" .
                     $web_conf['global']['logfile'] .")";
        return FALSE;
    }

    $ret = flock($fp, LOCK_EX);
    if ($ret === FALSE){
        $err_msg .= "եΥå˼Ԥޤ(" .
                     $web_conf['global']['logfile'] .")";
        fclose($fp);
        return FALSE;
    }

    $ret = fwrite ($fp, $msg);
    if ($ret === FALSE) {
        $err_msg .= "νϤ˼Ԥޤ(" .
                     $web_conf['global']['logfile'] .")";
        flock($fp, LOCK_UN);
        fclose($fp);

        return FALSE;
    }
    flock($fp, LOCK_UN);
    fclose($fp);

    return TRUE;

}

/*********************************************************
 * is_num_check()
 *
 * å
 *
 * []
 *      $num            
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 **********************************************************/
function is_num_check($num)
{

    if (($num < 0) || ($num > 4294967295) ||
        (!preg_match("/^[0-9]+$/", $num))) {
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * read_tab_conf()
 * 
 * ִեɤ߹ߡ
 * Ϣ $tab_conf$menu_conf ˳Ǽ
 *
 * $tab_conf["ץ̾"][ֽ][̾] = ȥ
 * $menu_conf["ץ̾"][̾][˥塼][˥塼̾]
 *                                                 = ȥ
 * []
 *       $tab_file    ִե̾
 * [֤]
 *       TRUE         
 *       FALSE        ۾
 **********************************************************/
function read_tab_conf($tab_file)
{
    global $domain;
    global $tab_conf;
    global $menu_conf;
    global $msgarr;
    global $err_msg;
    global $log_msg;
    global $basedir;

    /* ִե */
    $tabconf_file = $basedir . ETCDIR . $domain . "/" . $tab_file;

    /* եɤ߹߸å */
    if (is_readable_file($tabconf_file) === FALSE) {
        $err_msg = escape_html($err_msg);
        result_log($log_msg);
        return FALSE;
    }

    /* ե뤬ʤ饨顼 */
    if (filesize($tabconf_file) == 0) {
        $err_msg = "ִեƤޤ(" .
                   escape_html($tabconf_file) . ")";
        $log_msg = "No contents on tab management file.(" .
                   escape_html($tabconf_file) . ")";
        result_log($log_msg);
        return FALSE;
    }

    /* ե򥪡ץ */
    $fp = fopen($tabconf_file, "r");
    if ($fp === FALSE) {
        $err_msg = "ִե뤬ץǤޤ(" .
                   escape_html($tabconf_file) . ")";
        $log_msg = "Cannot open tab management file.(" .
                   escape_html($tabconf_file) . ")";
        result_log($log_msg);
        return FALSE;
    }

    $line_count = 0;

    /* ֤ɹ */
    while (!feof($fp)) {
        /* Ԥɤ߹ */
        $buf = fgets($fp, MAX_TAB_LINE);
        if ($buf === FALSE) {
            continue;
        }
        $buf = rtrim($buf);
        $line_count++;

        /* ԤƬ#ΥȹԤǤ̵ */
        if (substr($buf, 0, 1) == "#") {
            continue;
        }

        /* ԤǤ̵ */
        if (strlen($buf) == 0) {
            continue;
        }

        /* Ƭ/ʤ饨顼 */
        if (substr($buf, 0, 1) == '/') {
            $err_msg = "ִեʹԤ¸ߤޤ(".
                       escape_html($tabconf_file) ." : ".
                       $line_count .")";
            $log_msg = "Invalid line on tab management file.(".
                       escape_html($tabconf_file) ." : line ".
                       $line_count .")";
            result_log($log_msg);
            fclose($fp);
            return FALSE;
        }

        /* ܤ̵Х顼 */
        $tmp = explode(":", $buf, 2);
        if (strlen($tmp[0]) == 0 || strlen($tmp[1]) == 0) {
            $err_msg = "ִեʹԤ¸ߤޤ(".
                       escape_html($tabconf_file) ." : ".
                       $line_count .")";
            $log_msg = "Invalid line on tab management file.(".
                       escape_html($tabconf_file) ." : line ".
                       $line_count .")";
            result_log($log_msg);
            fclose($fp);
            return FALSE;
        }

        /* ڡȥ뤬Ĺȥ顼 */
        if (strlen($tmp[1]) > MAX_PAGETITLE_LENGTH) {
            $err_msg = "ڡȥ뤬Ĺޤ(".
                       escape_html($tabconf_file) ." : ".
                       $line_count .")";
            $log_msg = "Too long tilte of page.(".
                       escape_html($tabconf_file) ." : line ".
                       $line_count .")";
            result_log($log_msg);
            fclose($fp);
            return FALSE;
        }

        /* ѥ/Ϣ³ƤΤ/ִ */
        $tmp[0] = preg_replace("/\/+/", '/', $tmp[0]);

        /* Ǹ夬/ʤ饨顼 */
        if (substr($tmp[0], -1) == '/') {
            $err_msg = "ִեʹԤ¸ߤޤ(".
                       escape_html($tabconf_file) ." : ".
                       $line_count .")";
            $log_msg = "Invalid line on tab management file.(".
                       escape_html($tabconf_file) ." : line ".
                       $line_count .")";
            result_log($log_msg);
            fclose($fp);
            return FALSE;
        }

        /* /οǥ֤˥塼Ƚ */
        $re = substr_count($tmp[0], "/");
        if ($re == 1) {
            /* ֤˳Ǽ */
            $path = explode("/", $tmp[0], 2);

           
            /* ̾ʣå */
            if (isset($tab_conf[$path[0]][0])) {
                for($j = 0; $j < count($tab_conf[$path[0]]); $j++) {
                    if (key($tab_conf[$path[0]][$j]) == $path[1]) {
                        $err_msg = "ִեΥ֤ʣƤޤ(".
                                   escape_html($tabconf_file) ." : ".
                                   $line_count .")";
                        $log_msg = "Duplicate tab exists on tab management file.(".
                                   escape_html($tabconf_file) ." : line ".
                                   $line_count .")";
                        result_log($log_msg);
                        fclose($fp);
                        return FALSE;
                    }
                }
            }
            /* ƥåȤϽ֤0 */
            if (!isset($tab_conf[$path[0]])) {
                $i = 0;
            } else {
                $i = count($tab_conf[$path[0]]);
            }
            $tab_conf[$path[0]][$i][$path[1]] =
                                   escape_html($tmp[1]);

        } else if ($re == 2) {
            /* ̵֤˥塼ϥ顼ˤ뤿ǳǼ */
            continue;
        } else {
            $err_msg = "ִեʹԤ¸ߤޤ(".
                       escape_html($tabconf_file) ." : ".
                       $line_count .")";
            $log_msg = "Invalid line on tab management file.(".
                       escape_html($tabconf_file) ." : line ".
                       $line_count .")";
            result_log($log_msg);
            fclose($fp);
            return FALSE;
        }
    }

    /* ֥ե˥̵֤Х顼 */
    if (!isset($tab_conf)) {
        $err_msg = "ִե˥֤¸ߤޤ(".
                   escape_html($tabconf_file) .")";
        $log_msg = "No tab exists on tab management file.(".
                   escape_html($tabconf_file) .")";
        result_log($log_msg);
        return FALSE;
    }

    /* Ƭ᤹ */
    fseek($fp, 0);

    $line_count = 0;

    /* ˥塼ɹ */
    while (!feof($fp)) {
        /* Ԥɤ߹ */
        $buf = fgets($fp, MAX_TAB_LINE);
        if ($buf === FALSE) {
            continue;
        }
        $buf = rtrim($buf);
        $line_count++;

        /* ԤƬ#ΥȹԤǤ̵ */
        if (substr($buf, 0, 1) == "#") {
            continue;
        }

        /* ԤǤ̵ */
        if (strlen($buf) == 0) {
            continue;
        }

        /* /οƥ֤˥塼Ƚ */
        $tmp = explode(":", $buf, 2);

        /* ѥ/Ϣ³ƤΤ/ִ */
        $tmp[0] = preg_replace("/\/+/", '/', $tmp[0]);

        $re = substr_count($tmp[0], "/");
        if ($re == 1) {
            continue;
        } else if ($re == 2) {
            /* ˥塼˳Ǽ  */
            $path = explode("/", $tmp[0], 3);

            $tab_exists = FALSE;
            if (isset($tab_conf[$path[0]])) {
                for($j = 0; $j < count($tab_conf[$path[0]]); $j++) {
                    /* ̾¸ߤOK  */
                    if (isset($tab_conf[$path[0]][$j][$path[1]])) {
                        $tab_exists = TRUE;
                    }
                }
            }

            /* ̾¸ߤʤ票顼  */
            if (!$tab_exists) {
                    $err_msg = "". escape_html($tmp[1]) . 
                               "ץ˥塼Υ֤ޤ(".
                               escape_html($tabconf_file) ." : ".
                               $line_count .")";
                    $log_msg = "[". escape_html($tmp[1]) . 
                               "] menu tab does not exists on tab management file.(".
                               escape_html($tabconf_file) ." : line ".
                               $line_count . ")";
                    result_log($log_msg);
                    fclose($fp);
                    return FALSE;
            }

            /* ƥåȤϽ֤0 */
            if (!isset($menu_conf[$path[0]][$path[1]][0])) {
                $c = 0;
            } else {
                $c = count($menu_conf[$path[0]][$path[1]]);
            }
            $menu_conf[$path[0]][$path[1]][$c][$path[2]] = 
                                 escape_html($tmp[1]);
        }
    }
    fclose($fp);

    return TRUE;
}

/*********************************************************
 * url_search()
 * 
 * ߤξΥץ̾,̾,˥塼֤̾ 
 *
 * []
 *       ʤ
 * [֤]
 *       ʤ
 **********************************************************/
function url_search()
{
    global $basedir;
    global $topdir;
    global $url_data;

    /*  */
    $url_data["menu"] = "";
    $url_data["tab"] = "";
    $url_data["script"] = "";
    $basedir = "";
    $topdir = "";

    /* phpinclude_path */
    $php_path = get_include_path();

    /* ߤΥեѥ  */
    $full_path = $_SERVER["SCRIPT_FILENAME"];

    /* include_path:Ƕڤä˳Ǽ */
    $url = explode(':', $php_path);

    /* supportwebäƤѥθ */
    foreach ($url as $value) {
        $check = strpos($value, 'postldapadmin');
        if ($check !== FALSE) {
            $include_dir = $value;
            break;
        }
    }

    /* եѥinclude_pathΤѥκ */
    $tmp_dir = str_replace($include_dir, "", $full_path);

    /* ѥڤä˳Ǽ */
    $path_comp = explode('/', $tmp_dir);

    /* ߤγؤĴ٤ */
    $dir_count = count($path_comp) - 1;

    /* եȥ饤֥ޤǤХѥ */
    $basedir = $include_dir;

    switch ($dir_count) {
        /* login̤ˤν */
        case 2:
            $url_data["script"] = $path_comp[$dir_count - 1];
            break;
        /* ֤ˤν */
        case 4:
            $url_data["tab"] = $path_comp[$dir_count - 1];
            $url_data["script"] = $path_comp[$dir_count - 2];
            /* ݡͥȤޤǤХѥ */
            $topdir = "../../";
            break;
        /* ˥塼ˤν */
        case 5:
            $url_data["menu"] = $path_comp[$dir_count - 1];
            $url_data["tab"] = $path_comp[$dir_count - 2];
            $url_data["script"] = $path_comp[$dir_count - 3];
            /* ݡͥȤޤǤХѥ */
            $topdir = "../../../";
            break;
        /* ɤˤ⳺ʤäȤ */
        default:
    }
}

/*********************************************************
 * init()
 * 
 * եɹִեɹååԤ  
 * (admin)
 *
 * []
 *        ʤ 
 * [֤]
 *        TRUE        
 *        FALSE       ۾ 
 **********************************************************/
function init()
{	
    global $sesskey;
    global $msgarr;
    global $err_msg;
    global $log_msg;
    global $domain;
    global $url_data;

    /* $basedirΥå */
    /* $topdirΥå */
    url_search();    

    if (isset($_POST["sk"])) {
        $sesskey = $_POST["sk"];
    }

    /* ɥᥤμ */
    $domain = $_SERVER["DOMAIN"];

    /* ݡͥ̾μ */
    $cmp = $url_data["script"];

    /* եɹ */
    if (read_web_conf($cmp) === FALSE) {
        return FALSE;
    }

    /* ִեɹ */
    if (read_tab_conf(ADMINTABCONF) === FALSE) {
        return FALSE;
    }

    /* åեɹ */
    if (make_msgarr(MESSAGEFILE) === FALSE) {
        return FALSE;
    }
       
    /* å */
    if (isset($sesskey) === FALSE) {
        err_location("index.php?e=2");
        exit (1);
    }

    /* åå */
    if (is_sysadm($sesskey) !== TRUE) {
        err_location("index.php?e=1");
        exit (1);
    }
    if (isset($_POST["msg"])) {
        $err_msg = $_POST["msg"];
    } else {
        $err_msg = "";
    }
    return TRUE;
}

/*********************************************************
 * init_user()
 *
 * եɹִեɹååԤ
 * (桼)
 *
 * []
 *        ʤ
 * [֤]
 *        TRUE        
 *        FALSE       ۾
 **********************************************************/
function user_init()
{
    global $sesskey;
    global $msgarr;
    global $err_msg;
    global $log_msg;
    global $domain;
    global $url_data;
    global $env;

    /* $basedirΥå */
    /* $topdirΥå */
    url_search();

    if (isset($_POST["sk"]) === TRUE) {
        $sesskey = $_POST["sk"];
    }

    /* ɥᥤμ */
    $domain = $_SERVER["DOMAIN"];

    /* ݡͥ̾μ */
    $cmp = $url_data["script"];

    /* եɹ */
    if (read_web_conf($cmp) === FALSE) {
        return FALSE;
    }

    /* ִեɹ */
    if (read_tab_conf(USERTABCONF) === FALSE) {
        return FALSE;
    }

    /* åեɹ */
    if (make_msgarr(MESSAGEFILE) === FALSE) {
        return FALSE;
    }

    /* å */
    if (isset($sesskey) === FALSE) {
        err_location("index.php?e=2");
        exit (1);
    }

    /* åå */
    if (is_user($sesskey) !== TRUE) {
        /* ̤ */
        if (isset ($env["ldap_server_down"])) {
            result_log("NULL LDAP CONNECTION:NG:" . $log_msg);
            err_location("index.php?e=3");
        } else {
            err_location("index.php?e=1");
        }
        exit (1);
    }
    return TRUE;
}

/*********************************************************
 * is_positive_number()
 *
 * å
 *
 * []
 *       $number            
 * [֤]
 *       TRUE            
 *       FALSE           ۾
 **********************************************************/
function is_positive_number($number)
{
    global $err_msg;
    global $log_msg;
    /*å*/
    if (preg_match('/^[1-9][0-9]*$/', $number) !== 1) {
        $err_msg .= "ǤϤޤǤ(" . $number . ")";
        $log_msg .= "Not a positive integer.(" . $number . ")";
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * is_integer_number()
 *
 * å
 *
 * []
 *       $number            
 * [֤]
 *       TRUE            
 *       FALSE           ۾
 **********************************************************/
function is_integer_number($number)
{
    /*å*/
    if (preg_match('/^[0-9]+$/', $number) !== 1) {
        $err_msg = "ǤϤޤ(" . $number . ")";
        $log_msg = "Not a integer.(" . $number . ")";
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * check_encrypt_type()
 *
 * Ź沽¸ߥå
 *
 * []
 *       $val            Ź沽
 * [֤]
 *       TRUE            
 *       FALSE           ۾
 **********************************************************/
function check_encrypt_type($val)
{

    global $pass_enc;
    /*Ź沽¸ߤ뤳ȥå*/
    if (isset($pass_enc[$val]) === FALSE) {
        $err_msg = "ѥɥ󥳡꤬Ǥ(" . $val . ")";
        $log_msg = "Invalid Password Encrypt.(" . $val . ")";
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * check_boolean()
 *
 * ͤ0/1å
 *
 * []
 *       $val            
 * [֤]
 *       TRUE            
 *       FALSE           ۾
 **********************************************************/
function check_boolean($val)
{
    /* 1ʸǤʤʤ饨顼 */
    $len = strlen($val);
    if ($len != 1) {
        return FALSE;
    }

    /* ͤΤߤǤʤХ顼 */
    if (is_num_check($val) === FALSE) {
        return FALSE;
    }

    /* 01ʤХ顼 */
    if (($val != 0) && ($val != 1)) {
        return FALSE;
    }
    return TRUE;
}

/***********************************************************
 * is_executable_file()
 *
 * եμ¹Ըå
 *
 * []
 *      $filename       åоݥե
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 ************************************************************/
function is_executable_file($filename)
{
    global $msgarr;
    global $err_msg;
    global $log_msg;

    /* STATΥå奯ꥢ */
    clearstatcache();

    /* ¸ߥå */
    if (file_exists($filename) === FALSE) {
        $err_msg = sprintf($msgarr['22009'][SCREEN_MSG], $filename);
        $log_msg = sprintf($msgarr['22009'][LOG_MSG], $filename);
        return FALSE;
    }

    /*  ǥ쥯ȥå */
    if (is_dir($filename) === TRUE) {
        $err_msg = sprintf($msgarr['22010'][SCREEN_MSG], $filename);
        $log_msg = sprintf($msgarr['22010'][LOG_MSG], $filename);
        return FALSE;
    }

    /*  եμ¹Ըå */
    if (is_executable($filename) === FALSE) {
        $err_msg = sprintf($msgarr['22033'][SCREEN_MSG], $filename);
        $log_msg = sprintf($msgarr['22033'][LOG_MSG], $filename);
        return FALSE;
    }
    return TRUE;
}

?>
