]> git.datanom.net - qtadmin.git/blame - lib/utils.inc.php
Add check for valid session
[qtadmin.git] / lib / utils.inc.php
CommitLineData
6df4b805
MR
1<?php
2/* vim: set ts=4 tw=0 sw=4 noet: */
3require_once $CFG->root .'config.php';
4
3056d117
MR
5class Utils {
6
2b6294e9 7 private $timeout = false;
3056d117 8 private $settings;
b95d1cdb 9 private $header = '<!DOCTYPE html>
6df4b805
MR
10<html>
11<head>
b95d1cdb
MR
12 <meta charset="utf-8">
13 <link rel="stylesheet" href="css/styles.css">
14 <script>
15 var timeout = __TIMEOUT__;
16 </script>
17 <script src="__ROOT__js/timer.js"></script>
5c7b972e 18 <script src="__ROOT__js/checkbox.js"></script>
b95d1cdb 19 <title>__TITLE__</title>
6df4b805
MR
20</head>
21<body>';
bb06f172 22 private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
b706c65f 23 title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
b95d1cdb
MR
24 private $heading = '<p id="time" class="time">Session timeout:
25 <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
26
3056d117 27 public function __construct() {
b95d1cdb
MR
28 global $CFG;
29
a675b383
MR
30 $this->startSession();
31
3056d117
MR
32 if (! isset($_SESSION['settings'])) {
33 $this->initSettings();
34 }
35 $this->settings = $_SESSION['settings'];
36
37 if ($CFG->auth_method == 'HTTP_AUTH') {
38 if (isset($this->server['PHP_AUTH_USER'])) {
39 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
40 $this->settings['loginStatus'] = 'OK';
41 if ($CFG->admin_user == $this->settings['user'])
42 $this->settings['admin'] = true;
b95d1cdb
MR
43 }
44 }
b95d1cdb
MR
45 }
46
3056d117
MR
47 private function initSettings() {
48 if ('' == session_id()) {
49 $this->startSession();
50 }
b95d1cdb 51
2b6294e9
MR
52 if (false !== $this->timeout) {
53 $timeout = $this->timeout;
54 } else {
55 $timeout = 0;
56 }
57
3056d117
MR
58 $this->settings = array(
59 'server' => $_SERVER,
60 'user' => null,
61 'admin' => false,
62 'loginStatus' => 'Not logged in',
2b6294e9 63 'timeout' => $timeout
3056d117 64 );
6072c905 65
3056d117 66 $_SESSION['settings'] = $this->settings;
6072c905
MR
67 }
68
a675b383 69 private function startSession() {
b95d1cdb
MR
70 global $CFG;
71
b95d1cdb 72 if (isset($CFG->session_timeout)) {
2b6294e9 73 $this->timeout = $CFG->session_timeout * 60;
b95d1cdb 74 } else {
2b6294e9 75 $this->timeout = 20 * 60;
b95d1cdb
MR
76 }
77
2b6294e9
MR
78 if (ini_get('session.gc_maxlifetime') != $this->timeout)
79 ini_set('session.gc_maxlifetime', $this->timeout);
80 if (ini_get('session.cookie_lifetime') != $this->timeout)
81 ini_set('session.cookie_lifetime', $this->timeout);
a675b383
MR
82
83 session_start();
7d9c7fe2
MR
84 }
85
3056d117 86 private function checkSession() {
7d9c7fe2
MR
87 global $CFG;
88
39023189
MR
89 if ('' == session_id()) {
90 $this->startSession();
91 }
92
b95d1cdb 93 $time = $_SERVER['REQUEST_TIME'];
7d9c7fe2 94 if (isset($_SESSION['LAST_ACTIVITY']) &&
3056d117 95 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
c0519296 96 echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
3056d117 97 $this->logout();
a675b383
MR
98 } else {
99 $_SESSION['LAST_ACTIVITY'] = $time;
100 }
b95d1cdb
MR
101 }
102
103 public function logout() {
b95d1cdb
MR
104 if (ini_get('session.use_cookies')) {
105 $params = session_get_cookie_params();
106 setcookie(session_name(), '', time() - 42000,
107 $params['path'], $params['domain'],
108 $params['secure'], $params['httponly']);
109 }
39023189
MR
110
111 if ('' != session_id()) {
112 $_SESSION = array();
113 session_unset();
114 session_destroy();
115 }
3056d117 116 $this->settings = array();
b95d1cdb
MR
117 }
118
119 public function isAdmin() {
3056d117
MR
120 $admin = false;
121
122 if (isset($this->settings['admin'])) {
123 $admin = $this->settings['admin'];
124 }
125
126 return $admin;
b95d1cdb
MR
127 }
128
129 public function login($user, $pw) {
130 global $CFG;
131 $result = false;
132
3056d117
MR
133 if ('' == session_id()) {
134 $this->startSession();
135 }
136
137 $this->settings['user'] = null;
138 $this->settings['admin'] = false;
b95d1cdb
MR
139
140 $p = explode('@', $user);
141 if (count($p) != 2) {
3056d117
MR
142 $this->settings['loginStatus'] = 'Bad username';
143 } else {
144 $domain = $p[1];
145 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
146 $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
147 $ds = @ldap_connect($CFG->ldap_dsn);
148 if ($ds) {
149 @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
150 $r = @ldap_bind($ds, $dn, $pw);
151 if ($r) {
152 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
153 $info = @ldap_get_entries($ds, $sr); // array
154 if ($info['count'] > 0) {
155 $this->settings['user'] = $user;
156 $result = true;
157 $this->settings['loginStatus'] = 'OK';
158 $admin = 'NO';
159 if (isset($info[0]['domainglobaladmin'])) {
160 $admin = $info[0]['domainglobaladmin'][0];
161 $admin = strtoupper($admin);
162 }
163 $this->settings['admin'] = ($admin == 'YES') ? true : false;
164 } else {
165 $this->settings['loginStatus'] = 'Login failed';
b95d1cdb 166 }
6df4b805 167 } else {
3056d117 168 $this->settings['loginStatus'] = ldap_error($ds);
6df4b805 169 }
3056d117 170 @ldap_close($ds);
6df4b805 171 } else {
3056d117 172 $this->settings['loginStatus'] = 'Connect to LDAP server failed';
6df4b805 173 }
6df4b805
MR
174 }
175
3056d117 176 $_SESSION['settings'] = $this->settings;
6e081c5f 177
b95d1cdb
MR
178 return $result;
179 }
180
181 public function getLoginStatus() {
3056d117
MR
182 $status = 'Not logged in';
183
184 if (isset($this->settings['loginStatus'])) {
185 $status = $this->settings['loginStatus'];
186 }
187
188 return $status;
b95d1cdb
MR
189 }
190
191 public function isLoggedIn() {
192 global $CFG;
193 $loggedIn = false;
194
3056d117
MR
195 if ('' == session_id()) {
196 $this->startSession();
197 }
198
39023189
MR
199 $this->checkSession();
200
3056d117
MR
201 if (isset($this->settings['user'])) {
202 if ($this->settings['user'] != null) {
203 $loggedIn = true;
204 } else {
205 if ($CFG->auth_method == 'HTTP_AUTH') {
206 if (isset($this->server['PHP_AUTH_USER'])) {
207 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
208 $loggedIn = true;
209 }
b95d1cdb
MR
210 }
211 }
212 }
213
85ec6a84 214 if ($loggedIn == false) {
258fa280 215 echo '$this->settings: '.var_export($this->settings, true);
18d80742 216 echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
d3c4a10f 217 //exit;
18d80742 218 }
6e081c5f 219
3056d117 220 $_SESSION['settings'] = $this->settings;
6e081c5f 221
b95d1cdb
MR
222 return $loggedIn;
223 }
224
225 public function getUser() {
3056d117
MR
226 $user = null;
227
228 if ($this->isLoggedIn()) {
229 $user = $this->settings['user'];
230 }
231
232 return $user;
b95d1cdb
MR
233 }
234
235 public function getHeader() {
236 return $this->header;
237 }
238
239 public function getFooter() {
240 return $this->footer;
241 }
242
243 public function getHeading() {
244 return $this->heading;
245 }
246
247 public function setHeading($heading) {
248 global $CFG;
249
250 $timeout = $CFG->session_timeout * 60 * 1000;
251 $this->heading = str_replace('__TITLE__', $heading, $this->heading);
252 $this->header = str_replace('__TITLE__', $heading, $this->header);
253 $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
254 $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
255 }
256
257 public function convertContent($code) {
258 $table = array(
259 'V' => 'Virus',
260 'B' => 'Banned',
261 'U' => 'Unchecked',
262 'S' => 'Spam',
263 'Y' => 'Spammy',
264 'M' => 'Bad Mime',
265 'H' => 'Bad Header',
266 'O' => 'Over sized',
267 'T' => 'MTA err',
268 'C' => 'Clean'
269 );
270
271 $string = $table[$code];
272 if (empty($string))
273 $string = 'Unknown';
274
275 return $string;
276 }
6df4b805 277
6df4b805 278}
This page took 0.079796 seconds and 5 git commands to generate.