[qtadmin.git] / lib / utils.inc.php

<?php
/* vim: set ts=4 tw=0 sw=4 noet: */
require_once $CFG->root .'config.php';

class Utils {

    private static $_instance = null;
    private $server;
    private $user;
    private $is_admin;
    private $loginStatus;
    private $header = '<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <link rel="stylesheet" href="css/styles.css">
    <script>
        var timeout = __TIMEOUT__;
    </script>
    <script src="__ROOT__js/timer.js"></script>
    <script src="__ROOT__js/checkbox.js"></script>
    <title>__TITLE__</title>
</head>
<body>';
    private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
            title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
    private $heading = '<p id="time" class="time">Session timeout:
            <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';

    private function __construct() {
        global $CFG;

        $this->server = $_SERVER;
        session_start();

        $this->user = null;
        $this->is_admin = false;
        $this->loginStatus = 'Not logged in';

        if (isset($_SESSION['user'])) {
            $this->user = $_SESSION['user'];
            $this->loginStatus = 'OK';
            $this->is_admin = $_SESSION['is_admin'];
        } else {
            if ($CFG->auth_method == 'HTTP_AUTH') {
                if (isset($this->server['PHP_AUTH_USER'])) {
                    $this->user = $this->server['PHP_AUTH_USER'];
                    $this->loginStatus = 'OK';
                    if ($CFG->admin_user == $this->user)
                        $this->is_admin = true;
                }
            }
        }
        $_SESSION['user'] = $this->user;
        $_SESSION['is_admin'] = $this->is_admin;
    }

    private function __clone() {}

    public static function getInstance() {
        global $CFG;

        if (!is_object(self::$_instance)) {
            self::$_instance = new Utils();
        }
        // Session timeout handler
        if ('' == session_id())
            session_start();
        if (isset($CFG->session_timeout)) {
            $timeout = $CFG->session_timeout * 60;
        } else {
            $timeout = 20 * 60;
        }

        if (ini_get('session.gc_maxlifetime') != $timeout)
            ini_set('session.gc_maxlifetime', $timeout);
        if (ini_get('session.cookie_lifetime') != $timeout)
            ini_set('session.cookie_lifetime', $timeout);
        $time = $_SERVER['REQUEST_TIME'];
        if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
            session_unset();
            session_destroy();
            session_start();
            self::$_instance->user = null;
            self::$_instance->is_admin = false;
        }
        $_SESSION['LAST_ACTIVITY'] = $time;

        return self::$_instance;
    }

    public function logout() {
        $_SESSION = array();
        if (ini_get('session.use_cookies')) {
            $params = session_get_cookie_params();
            setcookie(session_name(), '', time() - 42000,
                $params['path'], $params['domain'],
                $params['secure'], $params['httponly']);
        }
        session_unset();
        session_destroy();
        $this->user = null;
        $this->is_admin = false;
    }

    public function isAdmin() {
        //file_put_contents('/tmp/login.txt', var_export($this, true));
        return $this->is_admin;
    }

    public function login($user, $pw) {
        global $CFG;
        $result = false;

        unset($_SESSION['user']);
        unset($_SESSION['is_admin']);
        $this->user = null;
        $this->is_admin = false;

        $p = explode('@', $user);
        if (count($p) != 2) {
            $this->loginStatus = 'Bad username';
            return false;
        }
        $domain = $p[1];
        $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
        $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
        $ds = @ldap_connect($CFG->ldap_dsn);
        if ($ds) {
            @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
            $r = @ldap_bind($ds, $dn, $pw);
            if ($r) {
                $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
                $info = @ldap_get_entries($ds, $sr); // array
                if ($info['count'] > 0) {
                    $_SESSION['user'] = $user;
                    $this->user = $user;
                    $result = true;
                    $this->loginStatus = 'OK';
                    $admin = 'NO';
                    if (isset($info[0]['domainglobaladmin'])) {
                        $admin = $info[0]['domainglobaladmin'][0];
                        $admin = strtoupper($admin);
                    }
                    $this->is_admin = ($admin == 'YES') ? true : false;
                    $_SESSION['is_admin'] = $this->is_admin;
                } else {
                    $this->loginStatus = 'Login failed';
                }
            } else {
                $this->loginStatus = ldap_error($ds);
            }
            @ldap_close($ds);
        } else {
            $this->loginStatus = 'Connect to LDAP server failed';
        }

        return $result;
    }

    public function getLoginStatus() {
        return $this->loginStatus;
    }

    public function isLoggedIn() {
        global $CFG;
        $loggedIn = false;

        if ($this->user) {
            $loggedIn = true;
        } else if (isset($_SESSION['user'])) {
            $this->user = $_SESSION['user'];
            $loggedIn = true;
        } else {
            if ($CFG->auth_method == 'HTTP_AUTH') {
                if (isset($this->server['PHP_AUTH_USER'])) {
                    $this->user = $this->server['PHP_AUTH_USER'];
                    $loggedIn = true;
                }
            }
        }

        return $loggedIn;
    }

    public function getUser() {
        $this->isLoggedIn();
        return $this->user;
    }

    public function getHeader() {
        return $this->header;
    }

    public function getFooter() {
        return $this->footer;
    }

    public function getHeading() {
        return $this->heading;
    }

    public function setHeading($heading) {
        global $CFG;

        $timeout = $CFG->session_timeout * 60 * 1000;
        $this->heading = str_replace('__TITLE__', $heading, $this->heading);
        $this->header = str_replace('__TITLE__', $heading, $this->header);
        $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
        $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
    }

    public function convertContent($code) {
        $table = array(
            'V' => 'Virus',
            'B' => 'Banned',
            'U' => 'Unchecked',
            'S' => 'Spam',
            'Y' => 'Spammy',
            'M' => 'Bad Mime',
            'H' => 'Bad Header',
            'O' => 'Over sized',
            'T' => 'MTA err',
            'C' => 'Clean'
        );

        $string = $table[$code];
        if (empty($string))
            $string = 'Unknown';

        return $string;
    }

}
Commit	Line	Data
6df4b805 MR	1	<?php
	2	/* vim: set ts=4 tw=0 sw=4 noet: */
	3	require_once $CFG->root .'config.php';
	4
	5	class Utils {
	6
b95d1cdb MR	7	private static $_instance = null;
	8	private $server;
	9	private $user;
	10	private $is_admin;
	11	private $loginStatus;
	12	private $header = '<!DOCTYPE html>
6df4b805 MR	13	<html>
6df4b805 MR	14	<head>
b95d1cdb MR	15	<meta charset="utf-8">
	16	<link rel="stylesheet" href="css/styles.css">
	17	<script>
	18	var timeout = __TIMEOUT__;
	19	</script>
	20	<script src="__ROOT__js/timer.js"></script>
5c7b972e	21	<script src="__ROOT__js/checkbox.js"></script>
b95d1cdb	22	<title>__TITLE__</title>
6df4b805 MR	23	</head>
6df4b805 MR	24	<body>';
bb06f172	25	private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
b706c65f	26	title="Goto QtAdmin homepage">QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>';
b95d1cdb MR	27	private $heading = '<p id="time" class="time">Session timeout:
	28	<span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
	29
	30	private function __construct() {
	31	global $CFG;
	32
	33	$this->server = $_SERVER;
	34	session_start();
	35
	36	$this->user = null;
	37	$this->is_admin = false;
	38	$this->loginStatus = 'Not logged in';
	39
	40	if (isset($_SESSION['user'])) {
	41	$this->user = $_SESSION['user'];
	42	$this->loginStatus = 'OK';
	43	$this->is_admin = $_SESSION['is_admin'];
	44	} else {
	45	if ($CFG->auth_method == 'HTTP_AUTH') {
	46	if (isset($this->server['PHP_AUTH_USER'])) {
	47	$this->user = $this->server['PHP_AUTH_USER'];
	48	$this->loginStatus = 'OK';
	49	if ($CFG->admin_user == $this->user)
	50	$this->is_admin = true;
	51	}
	52	}
	53	}
	54	$_SESSION['user'] = $this->user;
	55	$_SESSION['is_admin'] = $this->is_admin;
	56	}
	57
	58	private function __clone() {}
	59
	60	public static function getInstance() {
	61	global $CFG;
	62
	63	if (!is_object(self::$_instance)) {
	64	self::$_instance = new Utils();
	65	}
	66	// Session timeout handler
	67	if ('' == session_id())
	68	session_start();
	69	if (isset($CFG->session_timeout)) {
	70	$timeout = $CFG->session_timeout * 60;
	71	} else {
	72	$timeout = 20 * 60;
	73	}
	74
	75	if (ini_get('session.gc_maxlifetime') != $timeout)
	76	ini_set('session.gc_maxlifetime', $timeout);
	77	if (ini_get('session.cookie_lifetime') != $timeout)
	78	ini_set('session.cookie_lifetime', $timeout);
	79	$time = $_SERVER['REQUEST_TIME'];
	80	if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
	81	session_unset();
	82	session_destroy();
	83	session_start();
	84	self::$_instance->user = null;
	85	self::$_instance->is_admin = false;
	86	}
	87	$_SESSION['LAST_ACTIVITY'] = $time;
	88
	89	return self::$_instance;
	90	}
91
92	public function logout() {
93	$_SESSION = array();
94	if (ini_get('session.use_cookies')) {
95	$params = session_get_cookie_params();
96	setcookie(session_name(), '', time() - 42000,
97	$params['path'], $params['domain'],
98	$params['secure'], $params['httponly']);
99	}
100	session_unset();
101	session_destroy();
102	$this->user = null;
103	$this->is_admin = false;
104	}
105
106	public function isAdmin() {
107	//file_put_contents('/tmp/login.txt', var_export($this, true));
108	return $this->is_admin;
109	}
110
111	public function login($user, $pw) {
112	global $CFG;
113	$result = false;
114
115	unset($_SESSION['user']);
116	unset($_SESSION['is_admin']);
117	$this->user = null;
118	$this->is_admin = false;
119
120	$p = explode('@', $user);
121	if (count($p) != 2) {
122	$this->loginStatus = 'Bad username';
123	return false;
124	}
125	$domain = $p[1];
126	$dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
6df4b805 MR	127	$filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
	128	$ds = @ldap_connect($CFG->ldap_dsn);
	129	if ($ds) {
b95d1cdb	130	@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
6df4b805 MR	131	$r = @ldap_bind($ds, $dn, $pw);
	132	if ($r) {
	133	$sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
	134	$info = @ldap_get_entries($ds, $sr); // array
	135	if ($info['count'] > 0) {
b95d1cdb MR	136	$_SESSION['user'] = $user;
	137	$this->user = $user;
	138	$result = true;
	139	$this->loginStatus = 'OK';
	140	$admin = 'NO';
	141	if (isset($info[0]['domainglobaladmin'])) {
	142	$admin = $info[0]['domainglobaladmin'][0];
	143	$admin = strtoupper($admin);
	144	}
	145	$this->is_admin = ($admin == 'YES') ? true : false;
	146	$_SESSION['is_admin'] = $this->is_admin;
6df4b805 MR	147	} else {
	148	$this->loginStatus = 'Login failed';
	149	}
	150	} else {
	151	$this->loginStatus = ldap_error($ds);
	152	}
	153	@ldap_close($ds);
	154	} else {
	155	$this->loginStatus = 'Connect to LDAP server failed';
	156	}
	157
b95d1cdb MR	158	return $result;
	159	}
	160
	161	public function getLoginStatus() {
	162	return $this->loginStatus;
	163	}
	164
	165	public function isLoggedIn() {
	166	global $CFG;
	167	$loggedIn = false;
	168
	169	if ($this->user) {
	170	$loggedIn = true;
	171	} else if (isset($_SESSION['user'])) {
	172	$this->user = $_SESSION['user'];
	173	$loggedIn = true;
	174	} else {
	175	if ($CFG->auth_method == 'HTTP_AUTH') {
	176	if (isset($this->server['PHP_AUTH_USER'])) {
	177	$this->user = $this->server['PHP_AUTH_USER'];
	178	$loggedIn = true;
	179	}
	180	}
	181	}
	182
	183	return $loggedIn;
	184	}
	185
	186	public function getUser() {
	187	$this->isLoggedIn();
	188	return $this->user;
	189	}
	190
	191	public function getHeader() {
	192	return $this->header;
	193	}
	194
	195	public function getFooter() {
	196	return $this->footer;
	197	}
	198
	199	public function getHeading() {
	200	return $this->heading;
	201	}
	202
	203	public function setHeading($heading) {
	204	global $CFG;
	205
	206	$timeout = $CFG->session_timeout * 60 * 1000;
	207	$this->heading = str_replace('__TITLE__', $heading, $this->heading);
	208	$this->header = str_replace('__TITLE__', $heading, $this->header);
	209	$this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
	210	$this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
	211	}
	212
	213	public function convertContent($code) {
	214	$table = array(
	215	'V' => 'Virus',
	216	'B' => 'Banned',
	217	'U' => 'Unchecked',
	218	'S' => 'Spam',
	219	'Y' => 'Spammy',
	220	'M' => 'Bad Mime',
	221	'H' => 'Bad Header',
222	'O' => 'Over sized',
223	'T' => 'MTA err',
224	'C' => 'Clean'
225	);
226
227	$string = $table[$code];
228	if (empty($string))
229	$string = 'Unknown';
230
231	return $string;
232	}
6df4b805	233
6df4b805	234	}