]> git.datanom.net - qtadmin.git/blame - lib/utils.inc.php
projects / qtadmin.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add check for valid session
[qtadmin.git] / lib / utils.inc.php
CommitLineData
6df4b805
MR		 1<?php
2/* vim: set ts=4 tw=0 sw=4 noet: */
3require_once $CFG->root .'config.php';
4
3056d117
MR		 5class Utils {
6
2b6294e9 7 private $timeout = false;
3056d117 8 private $settings;
01cc21cf
MR		 9 private $log_level;
10 private $log_method;
b95d1cdb 11 private $header = '<!DOCTYPE html>
6df4b805
MR		 12<html>
13<head>
b95d1cdb
MR		 14 <meta charset="utf-8">
15 <link rel="stylesheet" href="css/styles.css">
16 <script>
17 var timeout = __TIMEOUT__;
18 </script>
19 <script src="__ROOT__js/timer.js"></script>
5c7b972e 20 <script src="__ROOT__js/checkbox.js"></script>
b95d1cdb 21 <title>__TITLE__</title>
6df4b805
MR		 22</head>
23<body>';
bb06f172 24 private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
b706c65f 25 title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
b95d1cdb
MR		 26 private $heading = '<p id="time" class="time">Session timeout:
27 <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
28
3056d117 29 public function __construct() {
b95d1cdb
MR		 30 global $CFG;
31
01cc21cf
MR		 32 if (isset($CFG->log_level)) {
33 $this->log_level = $CFG->log_level;
34 } else {
35 $this->log_level = 1;
36 }
37
38 if (isset($CFG->log_method)) {
39 $this->log_method = $CFG->log_method;
40 } else {
41 $this->log_level = 'syslog';
42 }
43
519a15b5
MR		 44 $this->log("Init Utils", 4);
45
a675b383
MR		 46 $this->startSession();
47
3056d117
MR		 48 if (! isset($_SESSION['settings'])) {
49 $this->initSettings();
50 }
51 $this->settings = $_SESSION['settings'];
52
53 if ($CFG->auth_method == 'HTTP_AUTH') {
54 if (isset($this->server['PHP_AUTH_USER'])) {
55 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
56 $this->settings['loginStatus'] = 'OK';
57 if ($CFG->admin_user == $this->settings['user'])
58 $this->settings['admin'] = true;
b95d1cdb
MR		 59 }
60 }
b95d1cdb
MR		 61 }
62
01cc21cf
MR		 63 private function log($message, $level = 1) {
64 global $CFG;
65
66 if ($level > $this->log_level)
67 return;
68
69 $time = date('c');
01cc21cf
MR		 70
71 $priority = LOG_INFO;
72 switch ($level) {
73 case 1: $priority = LOG_ERR; break;
74 case 2: $priority = LOG_WARNING; break;
75 case 3: $priority = LOG_INFO; break;
76 case 4: $priority = LOG_DEBUG; break;
77 }
78
79 switch ($this->log_method) {
80 case 'file':
81 case 'stderr':
82 case 'syslog':
2dd58fe8 83 syslog($priority, $message);
01cc21cf 84 break;
d6be2d1a 85 }
01cc21cf
MR		 86 }
87
3056d117 88 private function initSettings() {
2dd58fe8
MR		 89 $this->log("InitSettings", 4);
90
3056d117
MR		 91 if ('' == session_id()) {
92 $this->startSession();
93 }
b95d1cdb 94
2b6294e9
MR		 95 if (false !== $this->timeout) {
96 $timeout = $this->timeout;
97 } else {
98 $timeout = 0;
99 }
100
3056d117
MR		 101 $this->settings = array(
102 'server' => $_SERVER,
103 'user' => null,
104 'admin' => false,
105 'loginStatus' => 'Not logged in',
2b6294e9 106 'timeout' => $timeout
3056d117 107 );
6072c905 108
3056d117 109 $_SESSION['settings'] = $this->settings;
6072c905
MR		 110 }
111
a675b383 112 private function startSession() {
b95d1cdb
MR		 113 global $CFG;
114
2dd58fe8
MR		 115 $this->log("startSession", 4);
116
b95d1cdb 117 if (isset($CFG->session_timeout)) {
2b6294e9 118 $this->timeout = $CFG->session_timeout * 60;
b95d1cdb 119 } else {
2b6294e9 120 $this->timeout = 20 * 60;
b95d1cdb
MR		 121 }
122
2b6294e9
MR		 123 if (ini_get('session.gc_maxlifetime') != $this->timeout)
124 ini_set('session.gc_maxlifetime', $this->timeout);
125 if (ini_get('session.cookie_lifetime') != $this->timeout)
126 ini_set('session.cookie_lifetime', $this->timeout);
a675b383
MR		 127
128 session_start();
7d9c7fe2
MR		 129 }
130
3056d117 131 private function checkSession() {
7d9c7fe2
MR		 132 global $CFG;
133
2dd58fe8
MR		 134 $this->log("checkSession", 4);
135
39023189
MR		 136 if ('' == session_id()) {
137 $this->startSession();
138 }
139
b95d1cdb 140 $time = $_SERVER['REQUEST_TIME'];
7d9c7fe2 141 if (isset($_SESSION['LAST_ACTIVITY']) &&
3056d117 142 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
c0519296 143 echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
3056d117 144 $this->logout();
a675b383
MR		 145 } else {
146 $_SESSION['LAST_ACTIVITY'] = $time;
147 }
b95d1cdb
MR		 148 }
149
150 public function logout() {
2dd58fe8
MR		 151 $this->log("logout", 4);
152
b95d1cdb
MR		 153 if (ini_get('session.use_cookies')) {
154 $params = session_get_cookie_params();
155 setcookie(session_name(), '', time() - 42000,
156 $params['path'], $params['domain'],
157 $params['secure'], $params['httponly']);
158 }
39023189
MR		 159
160 if ('' != session_id()) {
161 $_SESSION = array();
162 session_unset();
163 session_destroy();
164 }
3056d117 165 $this->settings = array();
b95d1cdb
MR		 166 }
167
168 public function isAdmin() {
3056d117
MR		 169 $admin = false;
170
2dd58fe8
MR		 171 $this->log("isAdmin", 4);
172
3056d117
MR		 173 if (isset($this->settings['admin'])) {
174 $admin = $this->settings['admin'];
175 }
176
177 return $admin;
b95d1cdb
MR		 178 }
179
180 public function login($user, $pw) {
181 global $CFG;
182 $result = false;
183
2dd58fe8
MR		 184 $this->log("login", 4);
185
3056d117
MR		 186 if ('' == session_id()) {
187 $this->startSession();
188 }
189
190 $this->settings['user'] = null;
191 $this->settings['admin'] = false;
b95d1cdb
MR		 192
193 $p = explode('@', $user);
194 if (count($p) != 2) {
3056d117
MR		 195 $this->settings['loginStatus'] = 'Bad username';
196 } else {
197 $domain = $p[1];
198 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
199 $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
200 $ds = @ldap_connect($CFG->ldap_dsn);
201 if ($ds) {
202 @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
203 $r = @ldap_bind($ds, $dn, $pw);
204 if ($r) {
205 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
206 $info = @ldap_get_entries($ds, $sr); // array
207 if ($info['count'] > 0) {
208 $this->settings['user'] = $user;
209 $result = true;
210 $this->settings['loginStatus'] = 'OK';
211 $admin = 'NO';
212 if (isset($info[0]['domainglobaladmin'])) {
213 $admin = $info[0]['domainglobaladmin'][0];
214 $admin = strtoupper($admin);
215 }
216 $this->settings['admin'] = ($admin == 'YES') ? true : false;
217 } else {
218 $this->settings['loginStatus'] = 'Login failed';
b95d1cdb 219 }
6df4b805 220 } else {
3056d117 221 $this->settings['loginStatus'] = ldap_error($ds);
6df4b805 222 }
3056d117 223 @ldap_close($ds);
6df4b805 224 } else {
3056d117 225 $this->settings['loginStatus'] = 'Connect to LDAP server failed';
6df4b805 226 }
6df4b805
MR		 227 }
228
3056d117 229 $_SESSION['settings'] = $this->settings;
6e081c5f 230
b95d1cdb
MR		 231 return $result;
232 }
233
234 public function getLoginStatus() {
3056d117
MR		 235 $status = 'Not logged in';
236
2dd58fe8
MR		 237 $this->log("getLoginStatus", 4);
238
3056d117
MR		 239 if (isset($this->settings['loginStatus'])) {
240 $status = $this->settings['loginStatus'];
241 }
242
243 return $status;
b95d1cdb
MR		 244 }
245
246 public function isLoggedIn() {
247 global $CFG;
248 $loggedIn = false;
249
2dd58fe8
MR		 250 $this->log("isLoggedIn", 4);
251
3056d117
MR		 252 if ('' == session_id()) {
253 $this->startSession();
254 }
255
39023189
MR		 256 $this->checkSession();
257
3056d117
MR		 258 if (isset($this->settings['user'])) {
259 if ($this->settings['user'] != null) {
260 $loggedIn = true;
261 } else {
262 if ($CFG->auth_method == 'HTTP_AUTH') {
263 if (isset($this->server['PHP_AUTH_USER'])) {
264 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
265 $loggedIn = true;
266 }
b95d1cdb
MR		 267 }
268 }
269 }
270
85ec6a84 271 if ($loggedIn == false) {
258fa280 272 echo '$this->settings: '.var_export($this->settings, true);
18d80742 273 echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
d3c4a10f 274 //exit;
18d80742 275 }
6e081c5f 276
3056d117 277 $_SESSION['settings'] = $this->settings;
6e081c5f 278
b95d1cdb
MR		 279 return $loggedIn;
280 }
281
282 public function getUser() {
3056d117
MR		 283 $user = null;
284
2dd58fe8
MR		 285 $this->log("getUser", 4);
286
3056d117
MR		 287 if ($this->isLoggedIn()) {
288 $user = $this->settings['user'];
289 }
290
291 return $user;
b95d1cdb
MR		 292 }
293
294 public function getHeader() {
2dd58fe8
MR		 295 $this->log("getHeader", 4);
296
b95d1cdb
MR		 297 return $this->header;
298 }
299
300 public function getFooter() {
2dd58fe8
MR		 301 $this->log("getFooter", 4);
302
b95d1cdb
MR		 303 return $this->footer;
304 }
305
306 public function getHeading() {
2dd58fe8
MR		 307 $this->log("getHeading", 4);
308
b95d1cdb
MR		 309 return $this->heading;
310 }
311
312 public function setHeading($heading) {
313 global $CFG;
314
2dd58fe8
MR		 315 $this->log("setHeading", 4);
316
b95d1cdb
MR		 317 $timeout = $CFG->session_timeout * 60 * 1000;
318 $this->heading = str_replace('__TITLE__', $heading, $this->heading);
319 $this->header = str_replace('__TITLE__', $heading, $this->header);
320 $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
321 $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
322 }
323
324 public function convertContent($code) {
2dd58fe8
MR		 325 $this->log("convertContent", 4);
326
b95d1cdb
MR		 327 $table = array(
328 'V' => 'Virus',
329 'B' => 'Banned',
330 'U' => 'Unchecked',
331 'S' => 'Spam',
332 'Y' => 'Spammy',
333 'M' => 'Bad Mime',
334 'H' => 'Bad Header',
335 'O' => 'Over sized',
336 'T' => 'MTA err',
337 'C' => 'Clean'
338 );
339
340 $string = $table[$code];
341 if (empty($string))
342 $string = 'Unknown';
343
344 return $string;
345 }
6df4b805 346
6df4b805 347}
An Amavisd qurantine administration interface
This page took 0.286481 seconds and 5 git commands to generate.