<?php

/*
 * postLDAPadmin
 *
 * Copyright (C) 2006,2007 DesigNET, INC.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.

 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.

 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 */

/*********************************************************
 * ̴ؿ饤֥
 *
 * $Source: /home/cvsroot/postLDAPadmin/lib/dglibcommon,v $
 * $Revision: 1.1.1.1 $
 * $Date: 2010/04/22 01:52:47 $
 *
 *********************************************************/

/* ե֥ǥ쥯ȥ */
define("ETCDIR", "etc/");

/* ե̾ */
define("WEBCONF", "web.conf");

/* syslog */
define("IDENT", "supportweb");

/* ִե̾ */
define("TABCONF", "tab.conf");

/* ֥եΰԤκʸ */
define("MAX_TAB_LINE", 1024);

/* ڡȥ */
define("MAX_PAGETITLE_LENGTH", 32);

/* Ź沽ե̾ */
define("ADMKEY", "admin.key");

/* 祻å󥿥ॢȻ(24) */
define("MAX_SESSTIME", 86400);

/* ̾ */
define("MAXADMINNAME", 16);

/* ԥѥ */
define("MAXADMINPASS", 8);

/* Ǿԥѥ */
define("MINADMINPASSWD", 3);

/* ݡͥɹ⡼ */
define("SEARCH", 0);
define("READ", 1);

/* ե饰ξ֤ ON:0 OFF:1*/
define("ON", "0");
define("OFF", "1");

/* ʸsyslogȽ */
define("SYSLOG", 'syslog');

/* եƥ */
$facilitynames = array(
                       "auth"     => LOG_AUTH,
                       "authpriv" => LOG_AUTHPRIV,
                       "cron"     => LOG_CRON,
                       "daemon"   => LOG_DAEMON,
                       "kern"     => LOG_KERN,
                       "lpr"      => LOG_LPR,
                       "mail"     => LOG_MAIL,
                       "news"     => LOG_NEWS,
                       "syslog"   => LOG_SYSLOG,
                       "user"     => LOG_USER,
                       "uucp"     => LOG_UUCP,
                       "local0"   => LOG_LOCAL0,
                       "local1"   => LOG_LOCAL1,
                       "local2"   => LOG_LOCAL2,
                       "local3"   => LOG_LOCAL3,
                       "local4"   => LOG_LOCAL4,
                       "local5"   => LOG_LOCAL5,
                       "local6"   => LOG_LOCAL6,
                       "local7"   => LOG_LOCAL7);

/* ե */
$conf_keys["global"] = array(
                    "titlename" => "no_check",
                    "referrerurl" => "no_check",
                    "adminname" => "no_check",
                    "adminpasswd" => "no_check",
                    "sessiontimeout" => "check_sess",
                    "logfile" => "check_logfile",
                    "syslogfacility" => "check_syslog");

/* Υǥե */
$conf_def["global"] = array(
                  "sessiontimeout" => "900",
                  "syslogfacility" => "");

/*********************************************************
 * read_web_conf()
 *
 * եɤ߹ߡϢ $web_conf ˳Ǽ
 *
 * []
 *       $cmp          ɤ߹ߤݡͥ̾ 
 * [֤]
 *       TRUE          
 *       FALSE         ۾
 **********************************************************/
function read_web_conf($cmp)
{
    global $domain;
    global $err_msg;
    global $conf_keys;
    global $conf_def;
    global $web_conf;
    global $tab_conf;
    global $basedir;

    $cmp_name[0] = 'global';
    $mode = SEARCH;

    if (isset($cmp) && $cmp != "") {
        /* $conf_keysꤵƤ饻åȤ */
        if (array_key_exists($cmp, $conf_keys) === TRUE) {
            $cmp_name[1] = $cmp;
        }
    }

    /* ɥᥤե */
    $webconf_file = $basedir .  ETCDIR . $domain . '/' . WEBCONF;

    /* եɤ߹߸å */
    if (is_readable_file($webconf_file) === FALSE) {
        $err_msg = htmlspecialchars($err_msg);
        return FALSE;
    }

    /* ե򥪡ץ */
    $fp = fopen($webconf_file, "r");
    if ($fp === FALSE) {
        $err_msg = "ե뤬ץǤޤ(" .
                   htmlspecialchars($webconf_file) . ")";
        return FALSE;
    }

    /* եå */
    $ret = flock($fp, LOCK_EX);
    if ($ret === FALSE) {
        $err_msg = "եΥå˼Ԥޤ(" .
                   htmlspecialchars($webconf_file) . ")";
        fclose($fp);
        return FALSE;
    }

    /* $cmp_name */
    $i = 0;

    /* ݡ֥ͥ̾롼 */
    while (isset($cmp_name["$i"]) && $cmp_name["$i"] != "") {
        /* եݥ󥿤Ƭذư */
        $ret = fseek($fp, 0);
        if ($ret == -1) {
            flock($fp, LOCK_UN);
            fclose($fp);
            $err_msg = "եݥ󥿤ΰư˼Ԥޤ(" .
                       htmlspecialchars($webconf_file) . ")";
            return FALSE;
        }

        /* Ԥν */
        $line = 0;

        /* ݡͥ˥롼פƥեɤ߹ */
        while (feof($fp) === FALSE) {
            /* ʬХåե˳Ǽ */
            $buf = fgets($fp);
            if ($buf === FALSE) {
                break;
            }
            /* ζȲԤ */
            $buf = rtrim($buf);
            $line++;

            /* ԤƬ#ΥȹԤǤ̵ */
             if (substr($buf, 0, 1) == "#") {
                continue;
            }
            /* ԤǤ̵ */
            if (strlen($buf) == 0) {
                continue;
            }
            /* ݡͥ̾ɤ */
            if ($buf == '[' . $cmp_name[$i] . ']') {
                /* õƤɤǤ */
                if ($mode == SEARCH) {
                    /* õƤäɤߥ⡼ɤˤƼιԤɤ */
                    $mode = READ;
                    continue;
                }
                /* ݡͥ̾ʣ顼 */
                $err_msg = "ݡͥ̾ʣƤޤ(" .
                           htmlspecialchars($webconf_file) . ": {$line})";
                flock($fp, LOCK_UN);
                fclose($fp);
                return FALSE;
                
            }
            /* ݡͥ̾[ʳλ */
            if ($mode == SEARCH) {
                continue;
            }
            /* READ˼Υݡͥ̾ȯ */
            if (strstr($buf, '[')) {
                break;
            }

            /* ԤλϤζڤʸʬ */
            $data = explode("=", $buf, 2);

            /* ͤnull,ѥ᡼ƬǤС顼 */
            if (($data[0] == "") || ($data[1] == "") ||
                                     substr("$data[1]", 0, 1) == " ") {
                flock($fp, LOCK_UN);
                fclose($fp);
                set_error($webconf_file, $line);
                return FALSE;
            }

            /* ̾ʸƳǼ */
            $key = strtolower($data[0]);
            /* 줿ܤΥå */
            if(is_null($conf_keys["$cmp_name[$i]"][$key]) === TRUE) {
                flock($fp, LOCK_UN);
                fclose($fp);
                set_error($webconf_file, $line);
                return FALSE;
            }

            /* ܤˤå */
            if ($conf_keys[$cmp_name[$i]][$key]($data[1]) === FALSE) {
                flock($fp, LOCK_UN);
                fclose($fp);
                set_error($webconf_file, $line);
                return FALSE;
            }

            /* ʣå */
            if (isset($web_conf["$cmp_name[$i]"][$key]) === TRUE) {
                $err_msg = "{$key}ʣƤޤ(" .
                htmlspecialchars($webconf_file) . ": {$line})";
                flock ($fp, LOCK_UN);
                fclose($fp);
                return FALSE;
            }

            /* ldapפ֤ */ 
            if ($key == "ldapscope") {
                $data[1] = set_ldapscope($data[1]);
            }

            /* ͤǼ */
            $web_conf["$cmp_name[$i]"][$key] = $data[1];
        }
        /* ݡͥ̾פʤä饨顼 */
        if ($mode == SEARCH && is_null($web_conf["$cmp_name[$i]"])) {
            $err_msg = "[" . $cmp_name[$i] . "]꤬¸ߤޤ(" .
                       htmlspecialchars($webconf_file) . ")";
            flock($fp, LOCK_UN);
            fclose($fp);
            return FALSE;
        }

        /* ̾ */
        $keys = array_keys($conf_keys["$cmp_name[$i]"]);

        /* ٤ƤιܤͤåȤƤ뤫γǧ */
        foreach ($keys as $key) {
            /* åȤƤ餺ǥեͤꤵƤ硢 */
            if (!isset($web_conf["$cmp_name[$i]"][$key]) && 
                 isset($conf_def["$cmp_name[$i]"][$key])) {
                $web_conf["$cmp_name[$i]"][$key] = $conf_def["$cmp_name[$i]"][$key];
            }
            if (!isset($web_conf["$cmp_name[$i]"][$key]) === TRUE) {
                $err_msg = "" . $key . "ꤵƤޤ(" .
                           htmlspecialchars($webconf_file) . ")";
                return FALSE;
            }
        }
        $i++;
        $mode = SEARCH;
    }
    /* syslogweb.confꤵ줺logfilesyslogȤƤ */
    if ($web_conf["global"]["logfile"] == SYSLOG && 
        $web_conf["global"]["syslogfacility"] == "") {
        $err_msg = "SyslogFacilityꤵƤޤ";
        return FALSE;
    }
    flock($fp, LOCK_UN);
    fclose($fp);
    return TRUE;
}

/*********************************************************
 * is_readable_file()
 * եɤ߹߸å
 *
 * []
 *      $filename    åоݥե
 * [֤]
 *      TRUE         
 *      FALSE        ۾
 **********************************************************/
function is_readable_file($filename)
{
    global $err_msg;

    /* STATΥå奯ꥢ */
    clearstatcache();

    /* ¸ߤΥå */
    if (file_exists($filename) === FALSE) {
        $err_msg = "ե뤬¸ߤޤ($filename)";
        return FALSE;
    }

    /* ǥ쥯ȥ꤫Υå */
    if (is_dir($filename) === TRUE) {
        $err_msg = "ꤵ줿եϥǥ쥯ȥǤ($filename)";
        return FALSE;
    }

    /*  եɤ߹߸å */
    if (is_readable($filename) === FALSE) {
        $err_msg = "եɤ߹߸ޤ($filename)";
        return FALSE;
    }

    return TRUE;
}

/***********************************************************
 * is_writable_file()
 *
 * եν߸å
 *
 * []
 *      $filename       åоݥե
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 ************************************************************/
function is_writable_file($filename)
{
    global $err_msg;

    /* STATΥå奯ꥢ */
    clearstatcache();

    /* ¸ߥå */
    if (file_exists($filename) === FALSE) {
        if (is_writable(dirname($filename)) === FALSE) {
            $err_msg = "ǥ쥯ȥ˽߸ޤ($filename)";
            return FALSE;
        }
        return TRUE;
    }

    /*  ǥ쥯ȥå */
    if (is_dir($filename) === TRUE) {
        $err_msg = "ꤵ줿եϥǥ쥯ȥǤ($filename)";
        return FALSE;
    }

    /*  եν߸å */
    if (is_writable($filename) === FALSE) {
        $err_msg = "ե˽߸ޤ($filename)";
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * no_check()
 *
 * ߡؿ
 *
 * []
 *       ʤ
 * [֤]
 *       TRUE            
 **********************************************************/
function no_check()
{
    return TRUE;
}

/*********************************************************
 * check_sess()
 *
 * å󥿥ॢȻ֥åؿ
 *
 * []
 *       $sess           å󥿥ॢȻ 
 * [֤]
 *       TRUE            
 *       FALSE           ۾
 **********************************************************/
function check_sess($sess)
{
    /* ȾѿΤߵ */
    $num = "0123456789";
    if (strspn($sess, $num) != strlen($sess)) {
        return FALSE;
    }

    /* 1á24֤ޤǤʤOK */
    if ($sess < 1 || $sess > MAX_SESSTIME){ 
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * check_logfile()
 *
 * Υå 
 *
 * []
 *      $logfile        ե 
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 **********************************************************/
function check_logfile($logfile)
{
    global $web_conf;
    global $err_msg;

    /* $web_confsyslogͤ뤫Ĵ٤ */
    if (isset($web_conf["global"]["syslogfacility"])) {

        /* logfileˤsyslogˤ꤬ä */
        if ($logfile != SYSLOG && 
            $web_conf["global"]["syslogfacility"] != "") {
            /* syslogǤʤХ顼ǼTRUE */
            $err_msg = "SyslogFacilityꤵƤޤ̵ˤʤޤ"; 
            return TRUE;
        }
    }

    /* web_confsyslogʤäTRUE */
    return TRUE;
}

/*********************************************************
 * check_syslog()
 *
 * Υå 
 *
 * []
 *      $syslog         եƥ 
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 **********************************************************/
function check_syslog($syslog)
{
    global $web_conf;
    global $err_msg;
    global $facilitynames;

    /* $web_conflogfileͤ뤫Ĵ٤ */
    /* ޤsyslogˤͤ뤫Ĵ٤ */
    if (isset($web_conf["global"]["logfile"]) && isset($syslog)) {

        /* 줿ܤΥå */
        if(is_null($facilitynames[$syslog]) === TRUE) {
            return FALSE;
        }

        /* logfileͤsyslogĴ٤ */
        if ($web_conf["global"]["logfile"] == SYSLOG) {
            /* syslogäTRUE */
            return TRUE;
        }
        /* logfileˤsyslogˤ꤬ä */
        if ($web_conf["global"]["logfile"] != SYSLOG) {
            /* syslogͤä饨顼ǼTRUE */
            $err_msg = "SyslogFacilityꤵƤޤȿǤޤ"; 
            return TRUE;
        }
    }            
    /* $web_conflogfileͤʤäTRUE */
    /* ޤsyslogͤʤäTRUE */
    return TRUE;
}

/*********************************************************
 * check_passwd()
 *
 * ѥɥå
 *
 * []
 *      $passwd      ѥ
 *      $minlen      Ǿʸ
 *      $maxlen      ʸ
 * [֤]
 *      TRUE         
 *      FALSE        ۾
 **********************************************************/
function check_passwd($passwd, $minlen, $maxlen)
{
    global $err_msg;

    /* ʸå */
    $letters = strlen($passwd);
    if ($letters < $minlen || $letters > $maxlen) {
        $err_msg = "ѥɤηǤ";
        return FALSE;
    }

    /* Ⱦѱ羮ʸ국Τߵ */
    $num = "0123456789";
    $sl = "abcdefghijklmnopqrstuvwxyz";
    $ll = strtoupper($sl);
    $sym = "!\"#$%&'()=-~^|@`[{;+:*]},<.>\/?_";
    $allow_letter = $num . $sl . $ll . $sym;
    if (strspn($passwd, $allow_letter) != $letters) {
        $err_msg = "ѥɤηǤ";
        return FALSE;
    }

    return TRUE;
}

/*********************************************************
 * check_admin_uname()
 *
 * ̾å
 *
 * []
 *      $admin_name Ϥ줿̾
 *      $maxlen     ʸ
 * [֤]
 *      TRUE         
 *      FALSE        ۾
 **********************************************************/
function check_admin_uname($admin_name, $maxlen)
{
    global $err_msg;

    if ($admin_name == "") {
        $err_msg = "̾ϤƤޤ";
        return FALSE;
    }

    $letters = strlen($admin_name);
    if ($letters > $maxlen) {
        $err_msg = "̾ηǤ";
        return FALSE;
    }

    /* ȾѱѾʸ[-_]Τߵ */
    /* ƬϿޤȾѱʸ */
    $num = "0123456789";
    $sl = "abcdefghijklmnopqrstuvwxyz";
    $sym = "-_";
    $allow_letter = $num . $sl . $sym;

    if (strspn($admin_name, $allow_letter) != $letters) {
        $err_msg = "̾ηǤ";
        return FALSE;
    }

    return TRUE;
}

/***********************************************************
 * check_flg()
 *
 * ͤONOFFΤŤ줫Ǥ뤳Ȥå
 *
 * []
 *      $flg         ե饰
 * [֤]
 *      TRUE         
 *      FALSE        ۾
 **********************************************************/
function check_flg ($flg)
{
    if ($flg != ON && $flg != OFF) {
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * set_error()
 *
 * եɤ߹߻Υ顼å򥻥åȤ롣
 *
 * []
 *      $filename       󤬳Ǽ줿ե
 *      $line           ʥǡĤä
 * [֤]
 *      ʤ
 **********************************************************/
function set_error($filename, $line)
{
    global $err_msg;
    $err_msg = "ηǤ (" .
               htmlspecialchars($filename) . " : {$line})";
}

/***********************************************************
 * my_crypt()
 *
 * ѥɤŹ沽
 *
 * []
 *       $passwd           ѥ
 * [֤]
 *       $crypt_passwd     Ź沽줿ѥ
 ************************************************************/
function my_crypt($passwd)
{
    $salts = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L",
                   "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X",
                   "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j",
                   "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v",
                   "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7",
                   "8", "9", ".", "/" );

    $rand_key = array_rand($salts, 2);

    $salt = $salts[$rand_key[0]] . $salts[$rand_key[1]];

    $crypt_passwd = crypt($passwd, $salt);

    return $crypt_passwd;
}

/*********************************************************
 * write_web_conf()
 *
 * եƤ񤭹
 *
 * []
 *       $conf_file    ե
 *       $moddata      ѹ
 * [֤]
 *       TRUE          
 *       FALSE         ۾
 **********************************************************/
function write_web_conf($conf_file, $moddata)
{
    global $domain;
    global $err_msg;
    global $web_conf;

    $tmp_file = $conf_file . time() . getmypid();

    /* եɹå */
    if (is_readable_file($conf_file) === FALSE) {
        return FALSE;
    }

    /* եνå */
    if (is_writable_file($tmp_file) === FALSE) {
        return FALSE;
    }

    /* ե򥪡ץ */
    $conf_fp = fopen($conf_file, "r");
    if ($conf_fp === FALSE) {
        $err_msg = "ե뤬ץǤޤ(" . $conf_file . ")";
        return FALSE;
    }

    /* եå */
    $ret = flock($conf_fp, LOCK_EX);
    if ($ret === FALSE) {
        $err_msg = "եΥå˼Ԥޤ(" . $conf_file . ")";
        fclose($conf_fp);
        return FALSE;
    }

    /* ե򥪡ץ */
    $tmp_fp = fopen($tmp_file, "x");
    if ($tmp_fp === FALSE) {
        $err_msg = "ե򥪡ץ󤹤뤳ȤǤޤ(" .
                   $tmp_file . ")";
        flock($conf_fp, LOCK_UN);
        fclose($conf_fp);
        return FALSE;
    }

    $keys = array_keys($moddata);

    while(feof($conf_fp) === FALSE) {
        /* Ԥbuf˳Ǽ */
        $buf = fgets($conf_fp);
        if ($buf === FALSE) {
            break;
        }
         
        /* оݹԤ򸫤Ĥ񤭴 */
        foreach ($keys as $key) {
            if (strncasecmp($buf, $key, strlen($key)) == 0) {
                $data = explode("=", $buf, 2);
                $buf = $data[0] . "=" . $moddata[$key] . "\n";
            }
        }

        /* ե˽񤭹 */
        $ret = fwrite($tmp_fp, $buf);
        if ($ret === FALSE) {
            $err_msg = "եؤν񤭹ߤ˼Ԥޤ(" . $tmp_file
                       . ")";
            flock($conf_fp, LOCK_UN);
            fclose($conf_fp);
            fclose($tmp_fp);
            unlink($tmp_file);
            return FALSE;
        }
    } 
    flock($conf_fp, LOCK_UN);

    fclose($conf_fp);
    fclose($tmp_fp);

    /* ե֤ */
    $ret = rename($tmp_file, $conf_file);
    if ($ret === FALSE) {
        $err_msg = "եΥ͡˼Ԥޤ(" . $tmp_file . ")";
        unlink($tmp_file);
        return FALSE;
    }
        
    return TRUE;
}
/***********************************************************
 * result_log()
 *
 * եФ顼ϤԤ
 *
 * []
 *      $resultlog      顼å
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 ************************************************************/
function result_log($resultlog)
{
    global $env;
    global $err_log;
    global $web_conf;
    global $facilitynames;

   /* syslogꤵƤ */
    if ($web_conf['global']['logfile'] == SYSLOG) {
        /* ̾ */
        $syslog = $facilitynames[$web_conf['global']['syslogfacility']];

        /* 񤭹ߤƤ˥ɽ̾桼̾硣*/
        $msg = $_SERVER['LOGNAME'] . " " .
               $env['loginuser'] . " " . $resultlog . "\n";

        /* ץ */
        $ret = openlog(IDENT, LOG_PID, $syslog);
        if ($ret === FALSE) {
            $err_msg .= "եΥץ˼Ԥޤ";
            return FALSE;
        }

        /*  */
        $ret = syslog(LOG_ERR, $msg);
        if ($ret === FALSE) {
            $err_msg .= "νϤ˼Ԥޤ";
            return FALSE;
        }

        closelog();
        return TRUE;
    }

    /* syslogꤵƤʤä */
    $log_time = date ('Ymd His');

    /* 񤭹ߤƤաɽ̾桼̾硣*/
    $msg = $log_time . " " . $_SERVER['LOGNAME'] . " " .
           $env['loginuser'] . " " . $resultlog . "\n";

    if (is_writable_file($web_conf['global']['logfile']) === FALSE) {
        return FALSE;
    }

    if (($fp = fopen ($web_conf['global']['logfile'], 'a')) === FALSE) {
        $err_msg .= "եΥץ˼Ԥޤ(" .
                     $web_conf['global']['logfile'] .")";
        return FALSE;
    }

    $ret = flock($fp, LOCK_EX);
    if ($ret === FALSE){
        $err_msg .= "եΥå˼Ԥޤ(" .
                     $web_conf['global']['logfile'] .")";
        fclose($fp);
        return FALSE;
    }

    $ret = fwrite ($fp, $msg);
    if ($ret === FALSE) {
        $err_msg .= "νϤ˼Ԥޤ(" .
                     $web_conf['global']['logfile'] .")";
        flock($fp, LOCK_UN);
        fclose($fp);

        return FALSE;
    }
    flock($fp, LOCK_UN);
    fclose($fp);

    return TRUE;

}

/*********************************************************
 * is_num_check()
 *
 * å
 *
 * []
 *      $num            
 * [֤]
 *      TRUE            
 *      FALSE           ۾
 **********************************************************/
function is_num_check($num)
{

    if (($num < 0) || ($num > 4294967295) ||
        (!preg_match("/^[0-9]+$/", $num))) {
        return FALSE;
    }
    return TRUE;
}

/*********************************************************
 * read_tab_conf()
 * 
 * ִեɤ߹ߡ
 * Ϣ $tab_conf$menu_conf ˳Ǽ
 *
 * $tab_conf["ץ̾"][ֽ][̾] = ȥ
 * $menu_conf["ץ̾"][̾][˥塼][˥塼̾]
 *                                                 = ȥ
 * []
 *       ʤ
 * [֤]
 *       TRUE         
 *       FALSE        ۾
 **********************************************************/
function read_tab_conf()
{
    global $domain;
    global $tab_conf;
    global $menu_conf;
    global $err_msg;
    global $basedir;

    /* ִե */
    $tabconf_file = $basedir . ETCDIR . $domain . "/" . TABCONF;

    /* եɤ߹߸å */
    if (is_readable_file($tabconf_file) === FALSE) {
        $err_msg = htmlspecialchars($err_msg);
        result_log($err_msg);
        return FALSE;
    }

    /* ե뤬ʤ饨顼 */
    if (filesize($tabconf_file) == 0) {
        $err_msg = "ִեƤޤ(" .
                   htmlspecialchars($tabconf_file) . ")";
        result_log($err_msg);
        return FALSE;
    }

    /* ե򥪡ץ */
    $fp = fopen($tabconf_file, "r");
    if ($fp === FALSE) {
        $err_msg = "ִե뤬ץǤޤ(" .
                   htmlspecialchars($tabconf_file) . ")";
        result_log($err_msg);
        return FALSE;
    }

    $line_count = 0;

    /* ֤ɹ */
    while (!feof($fp)) {
        /* Ԥɤ߹ */
        $buf = fgets($fp, MAX_TAB_LINE);
        if ($buf === FALSE) {
            continue;
        }
        $buf = rtrim($buf);
        $line_count++;

        /* ԤƬ#ΥȹԤǤ̵ */
        if (substr($buf, 0, 1) == "#") {
            continue;
        }

        /* ԤǤ̵ */
        if (strlen($buf) == 0) {
            continue;
        }

        /* Ƭ/ʤ饨顼 */
        if (substr($buf, 0, 1) == '/') {
            $err_msg = "ִեʹԤ¸ߤޤ(".
                       htmlspecialchars($tabconf_file) ." : ".
                       $line_count .")";
            result_log($err_msg);
            fclose($fp);
            return FALSE;
        }

        /* ܤ̵Х顼 */
        $tmp = explode(":", $buf, 2);
        if (strlen($tmp[0]) == 0 || strlen($tmp[1]) == 0) {
            $err_msg = "ִեʹԤ¸ߤޤ(".
                       htmlspecialchars($tabconf_file) ." : ".
                       $line_count .")";
            result_log($err_msg);
            fclose($fp);
            return FALSE;
        }

        /* ڡȥ뤬Ĺȥ顼 */
        if (strlen($tmp[1]) > MAX_PAGETITLE_LENGTH) {
            $err_msg = "ڡȥ뤬Ĺޤ(".
                       htmlspecialchars($tabconf_file) ." : ".
                       $line_count .")";
            result_log($err_msg);
            fclose($fp);
            return FALSE;
        }

        /* ѥ/Ϣ³ƤΤ/ִ */
        $tmp[0] = ereg_replace("/+", '/', $tmp[0]);

        /* Ǹ夬/ʤ饨顼 */
        if (substr($tmp[0], -1) == '/') {
            $err_msg = "ִեʹԤ¸ߤޤ(".
                       htmlspecialchars($tabconf_file) ." : ".
                       $line_count .")";
            result_log($err_msg);
            fclose($fp);
            return FALSE;
        }

        /* /οǥ֤˥塼Ƚ */
        $re = substr_count($tmp[0], "/");
        if ($re == 1) {
            /* ֤˳Ǽ */
            $path = explode("/", $tmp[0], 2);

           
            /* ̾ʣå */
            if (isset($tab_conf[$path[0]][0])) {
                for($j = 0; $j < count($tab_conf[$path[0]]); $j++) {
                    if (key($tab_conf[$path[0]][$j]) == $path[1]) {
                        $err_msg = "ִեΥ֤ʣƤޤ(".
                        htmlspecialchars($tabconf_file) ." : ".
                        $line_count .")";
                        result_log($err_msg);
                        fclose($fp);
                        return FALSE;
                    }
                }
            }
            /* ƥåȤϽ֤0 */
            if (!isset($tab_conf[$path[0]])) {
                $i = 0;
            } else {
                $i = count($tab_conf[$path[0]]);
            }
            $tab_conf[$path[0]][$i][$path[1]] =
                                   htmlspecialchars($tmp[1]);

        } else if ($re == 2) {
            /* ̵֤˥塼ϥ顼ˤ뤿ǳǼ */
            continue;
        } else {
            $err_msg = "ִեʹԤ¸ߤޤ(".
                       htmlspecialchars($tabconf_file) ." : ".
                       $line_count .")";
            result_log($err_msg);
            fclose($fp);
            return FALSE;
        }
    }

    /* ֥ե˥̵֤Х顼 */
    if (!isset($tab_conf)) {
        $err_msg = "ִե˥֤¸ߤޤ(".
                   htmlspecialchars($tabconf_file) .")";
        result_log($err_msg);
        return FALSE;
    }

    /* Ƭ᤹ */
    fseek($fp, 0);

    $line_count = 0;

    /* ˥塼ɹ */
    while (!feof($fp)) {
        /* Ԥɤ߹ */
        $buf = fgets($fp, MAX_TAB_LINE);
        if ($buf === FALSE) {
            continue;
        }
        $buf = rtrim($buf);
        $line_count++;

        /* ԤƬ#ΥȹԤǤ̵ */
        if (substr($buf, 0, 1) == "#") {
            continue;
        }

        /* ԤǤ̵ */
        if (strlen($buf) == 0) {
            continue;
        }

        /* /οƥ֤˥塼Ƚ */
        $tmp = explode(":", $buf, 2);

        /* ѥ/Ϣ³ƤΤ/ִ */
        $tmp[0] = ereg_replace("/+", '/', $tmp[0]);

        $re = substr_count($tmp[0], "/");
        if ($re == 1) {
            continue;
        } else if ($re == 2) {
            /* ˥塼˳Ǽ  */
            $path = explode("/", $tmp[0], 3);

            $tab_exists = FALSE;
            for($j = 0; $j < count($tab_conf[$path[0]]); $j++) {
                /* ̾¸ߤOK  */
                if (isset($tab_conf[$path[0]][$j][$path[1]])) {
                    $tab_exists = TRUE;
                }
            }

            /* ̾¸ߤʤ票顼  */
            if (!$tab_exists) {
                    $err_msg = "". htmlspecialchars($tmp[1]) . 
                               "ץ˥塼Υ֤ޤ(".
                               htmlspecialchars($tabconf_file) ." : ".
                               $line_count .")";
                    result_log($err_msg);
                    fclose($fp);
                    return FALSE;
            }

            /* ƥåȤϽ֤0 */
            if (!isset($menu_conf[$path[0]][$path[1]][0])) {
                $c = 0;
            } else {
                $c = count($menu_conf[$path[0]][$path[1]]);
            }
            $menu_conf[$path[0]][$path[1]][$c][$path[2]] = 
                                 htmlspecialchars($tmp[1]);
        }
    }
    fclose($fp);

    return TRUE;
}

/*********************************************************
 * url_search()
 * 
 * ߤξΥץ̾,̾,˥塼֤̾ 
 *
 * []
 *       ʤ
 * [֤]
 *       ʤ
 **********************************************************/
function url_search()
{
    global $basedir;
    global $topdir;
    global $url_data;

    /*  */
    $url_data["menu"] = "";
    $url_data["tab"] = "";
    $url_data["script"] = "";
    $basedir = "";
    $topdir = "";

    /* phpinclude_path */
    $php_path = get_include_path();

    /* ߤΥեѥ  */
    $full_path = $_SERVER["SCRIPT_FILENAME"];

    /* include_path:Ƕڤä˳Ǽ */
    $url = explode(':', $php_path);

    /* supportwebäƤѥθ */
    foreach ($url as $value) {
        $check = strpos($value, 'postldapadmin');
        if ($check !== FALSE) {
            $include_dir = $value;
            break;
        }
    }

    /* եѥinclude_pathΤѥκ */
    $tmp_dir = str_replace($include_dir, "", $full_path);

    /* ѥڤä˳Ǽ */
    $path_comp = explode('/', $tmp_dir);

    /* ߤγؤĴ٤ */
    $dir_count = count($path_comp) - 1;

    /* եȥ饤֥ޤǤХѥ */
    $basedir = $include_dir;

    switch ($dir_count) {
        /* login̤ˤν */
        case 2:
            $url_data["script"] = $path_comp[$dir_count - 1];
            break;
        /* ֤ˤν */
        case 4:
            $url_data["tab"] = $path_comp[$dir_count - 1];
            $url_data["script"] = $path_comp[$dir_count - 2];
            /* ݡͥȤޤǤХѥ */
            $topdir = "../../";
            break;
        /* ˥塼ˤν */
        case 5:
            $url_data["menu"] = $path_comp[$dir_count - 1];
            $url_data["tab"] = $path_comp[$dir_count - 2];
            $url_data["script"] = $path_comp[$dir_count - 3];
            /* ݡͥȤޤǤХѥ */
            $topdir = "../../../";
            break;
        /* ɤˤ⳺ʤäȤ */
        default:
    }
}

/*********************************************************
 * init()
 * 
 * եɹִեɹååԤ  
 *
 * []
 *        ʤ 
 * [֤]
 *        TRUE        
 *        FALSE       ۾ 
 **********************************************************/
function init()
{	
    global $sesskey;
    global $err_msg;
    global $domain;
    global $url_data;

    /* $basedirΥå */
    /* $topdirΥå */
    url_search();    

    if (isset($_POST["sk"])) {
        $sesskey = $_POST["sk"];
    }

    /* ɥᥤμ */
    $domain = $_SERVER["DOMAIN"];

    /* ݡͥ̾μ */
    $cmp = $url_data["script"];

    /* եɹ */
    if (read_web_conf($cmp) === FALSE) {
        return FALSE;
    }

    /* ִեɹ */
    if (read_tab_conf() === FALSE) {
        return FALSE;
    }
       
    /* å */
    if (isset($sesskey) === FALSE) {
        err_location("index.php?e=2");
        exit (1);
    }

    /* åå */
    if (is_sysadm($sesskey) !== TRUE) {
        err_location("index.php?e=1");
        exit (1);
    }
    if (isset($_POST["msg"])) {
        $err_msg = $_POST["msg"];
    } else {
        $err_msg = "";
    }
    return TRUE;
}

?>
