[qtadmin.git] / lib / utils.inc.php

<?php
/* vim: set ts=4 tw=0 sw=4 noet: */
require_once $CFG->root .'config.php';

class Utils implements Serializable {

    private static $_instance = null;
    private $server;
    private $user;
    private $is_admin;
    private $loginStatus;
    private $timeout;
    private $header = '<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <link rel="stylesheet" href="css/styles.css">
    <script>
        var timeout = __TIMEOUT__;
    </script>
    <script src="__ROOT__js/timer.js"></script>
    <script src="__ROOT__js/checkbox.js"></script>
    <title>__TITLE__</title>
</head>
<body>';
    private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
            title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
    private $heading = '<p id="time" class="time">Session timeout:
            <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';

    private function __construct() {
        global $CFG;

        $this->server = $_SERVER;

        $this->user = null;
        $this->is_admin = false;
        $this->loginStatus = 'Not logged in';

        $this->startSession();

        if (isset($_SESSION['user'])) {
            $this->user = $_SESSION['user'];
            $this->loginStatus = 'OK';
            $this->is_admin = $_SESSION['is_admin'];
        } else {
            if ($CFG->auth_method == 'HTTP_AUTH') {
                if (isset($this->server['PHP_AUTH_USER'])) {
                    $this->user = $this->server['PHP_AUTH_USER'];
                    $this->loginStatus = 'OK';
                    if ($CFG->admin_user == $this->user)
                        $this->is_admin = true;
                }
            }
        }
        $_SESSION['user'] = $this->user;
        $_SESSION['is_admin'] = $this->is_admin;
        $_SESSION['Utils'] = serialize($this);
    }

    private function __clone() {}

    public function serialize() {
        file_put_contents('/tmp/dump', 'Serialize called: '.var_export($this, true), FILE_APPEND);
        return serialize(get_object_vars($this));
    }

    public function unserialize($data) {
        $values = unserialize($data);
        foreach ($values as $key=>$value) {
            $this->$key = $value;
        }
    }

    private function startSession() {
        global $CFG;

        session_unset();
        session_destroy();
        if (isset($CFG->session_timeout)) {
            $this->timeout = $CFG->session_timeout * 60;
        } else {
            $this->timeout = 20 * 60;
        }

        if (ini_get('session.gc_maxlifetime') != $this->timeout)
            ini_set('session.gc_maxlifetime', $this->timeout);
        if (ini_get('session.cookie_lifetime') != $this->timeout)
            ini_set('session.cookie_lifetime', $this->timeout);

        session_start();

        //echo ini_get('session.gc_maxlifetime').':'.ini_get('session.cookie_lifetime');
    }

    public static function getInstance() {
        global $CFG;

        session_start();
        if (!is_object(self::$_instance)) {
            if (isset($_SESSION['Utils'])) {
                self::$_instance = unserialize($_SESSION['Utils']);
                file_put_contents('/tmp/dump', 'Unserialize called: '.var_export(self::$_instance, true), FILE_APPEND);
            } else {
                self::$_instance = new Utils();
            }
        }

        $time = $_SERVER['REQUEST_TIME'];
        if (isset($_SESSION['LAST_ACTIVITY']) &&
                ($time - $_SESSION['LAST_ACTIVITY']) >= self::$_instance->timeout) {
            echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
            exit;
            session_unset();
            session_destroy();
            self::$_instance->user = null;
            self::$_instance->is_admin = false;
            $_SESSION['Utils'] = serialize(self::$_instance);
        } else {
            $_SESSION['LAST_ACTIVITY'] = $time;
        }

        return self::$_instance;
    }

    public function logout() {
        $_SESSION = array();
        if (ini_get('session.use_cookies')) {
            $params = session_get_cookie_params();
            setcookie(session_name(), '', time() - 42000,
                $params['path'], $params['domain'],
                $params['secure'], $params['httponly']);
        }
        session_unset();
        session_destroy();
        $this->user = null;
        $this->is_admin = false;
    }

    public function isAdmin() {
        //file_put_contents('/tmp/login.txt', var_export($this, true));
        return $this->is_admin;
    }

    public function login($user, $pw) {
        global $CFG;
        $result = false;

        unset($_SESSION['user']);
        unset($_SESSION['is_admin']);
        $this->user = null;
        $this->is_admin = false;

        $p = explode('@', $user);
        if (count($p) != 2) {
            $this->loginStatus = 'Bad username';
            return false;
        }
        $domain = $p[1];
        $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
        $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
        $ds = @ldap_connect($CFG->ldap_dsn);
        if ($ds) {
            @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
            $r = @ldap_bind($ds, $dn, $pw);
            if ($r) {
                $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
                $info = @ldap_get_entries($ds, $sr); // array
                if ($info['count'] > 0) {
                    $_SESSION['user'] = $user;
                    $this->user = $user;
                    $result = true;
                    $this->loginStatus = 'OK';
                    $admin = 'NO';
                    if (isset($info[0]['domainglobaladmin'])) {
                        $admin = $info[0]['domainglobaladmin'][0];
                        $admin = strtoupper($admin);
                    }
                    $this->is_admin = ($admin == 'YES') ? true : false;
                    $_SESSION['is_admin'] = $this->is_admin;
                } else {
                    $this->loginStatus = 'Login failed';
                }
            } else {
                $this->loginStatus = ldap_error($ds);
            }
            @ldap_close($ds);
        } else {
            $this->loginStatus = 'Connect to LDAP server failed';
        }

        $_SESSION['Utils'] = serialize($this);

        return $result;
    }

    public function getLoginStatus() {
        return $this->loginStatus;
    }

    public function isLoggedIn() {
        global $CFG;
        $loggedIn = false;

        if ($this->user) {
            $loggedIn = true;
        } else if (isset($_SESSION['user'])) {
            $this->user = $_SESSION['user'];
            $loggedIn = true;
        } else {
            if ($CFG->auth_method == 'HTTP_AUTH') {
                if (isset($this->server['PHP_AUTH_USER'])) {
                    $this->user = $this->server['PHP_AUTH_USER'];
                    $loggedIn = true;
                }
            }
        }

        if ($loggedIn == false) {
            echo '$this->user: '.$this->user.' $_SESSION[\'user\']: '.$_SESSION['user'];
            echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
            exit;
        }

        $_SESSION['Utils'] = serialize($this);

        return $loggedIn;
    }

    public function getUser() {
        $this->isLoggedIn();
        return $this->user;
    }

    public function getHeader() {
        return $this->header;
    }

    public function getFooter() {
        return $this->footer;
    }

    public function getHeading() {
        return $this->heading;
    }

    public function setHeading($heading) {
        global $CFG;

        $timeout = $CFG->session_timeout * 60 * 1000;
        $this->heading = str_replace('__TITLE__', $heading, $this->heading);
        $this->header = str_replace('__TITLE__', $heading, $this->header);
        $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
        $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);

        $_SESSION['Utils'] = serialize($this);
    }

    public function convertContent($code) {
        $table = array(
            'V' => 'Virus',
            'B' => 'Banned',
            'U' => 'Unchecked',
            'S' => 'Spam',
            'Y' => 'Spammy',
            'M' => 'Bad Mime',
            'H' => 'Bad Header',
            'O' => 'Over sized',
            'T' => 'MTA err',
            'C' => 'Clean'
        );

        $string = $table[$code];
        if (empty($string))
            $string = 'Unknown';

        return $string;
    }

}
Commit	Line	Data
6df4b805 MR	1	<?php
	2	/* vim: set ts=4 tw=0 sw=4 noet: */
	3	require_once $CFG->root .'config.php';
	4
6072c905	5	class Utils implements Serializable {
6df4b805	6
b95d1cdb MR	7	private static $_instance = null;
	8	private $server;
	9	private $user;
	10	private $is_admin;
	11	private $loginStatus;
7d9c7fe2	12	private $timeout;
b95d1cdb	13	private $header = '<!DOCTYPE html>
6df4b805 MR	14	<html>
6df4b805 MR	15	<head>
b95d1cdb MR	16	<meta charset="utf-8">
	17	<link rel="stylesheet" href="css/styles.css">
	18	<script>
	19	var timeout = __TIMEOUT__;
	20	</script>
	21	<script src="__ROOT__js/timer.js"></script>
5c7b972e	22	<script src="__ROOT__js/checkbox.js"></script>
b95d1cdb	23	<title>__TITLE__</title>
6df4b805 MR	24	</head>
6df4b805 MR	25	<body>';
bb06f172	26	private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
b706c65f	27	title="Goto QtAdmin homepage">QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>';
b95d1cdb MR	28	private $heading = '<p id="time" class="time">Session timeout:
	29	<span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
	30
	31	private function __construct() {
	32	global $CFG;
	33
	34	$this->server = $_SERVER;
b95d1cdb MR	35
	36	$this->user = null;
	37	$this->is_admin = false;
	38	$this->loginStatus = 'Not logged in';
	39
a675b383 MR	40	$this->startSession();
a675b383 MR	41
b95d1cdb MR	42	if (isset($_SESSION['user'])) {
	43	$this->user = $_SESSION['user'];
	44	$this->loginStatus = 'OK';
	45	$this->is_admin = $_SESSION['is_admin'];
	46	} else {
	47	if ($CFG->auth_method == 'HTTP_AUTH') {
	48	if (isset($this->server['PHP_AUTH_USER'])) {
	49	$this->user = $this->server['PHP_AUTH_USER'];
	50	$this->loginStatus = 'OK';
	51	if ($CFG->admin_user == $this->user)
	52	$this->is_admin = true;
	53	}
	54	}
	55	}
	56	$_SESSION['user'] = $this->user;
	57	$_SESSION['is_admin'] = $this->is_admin;
6072c905	58	$_SESSION['Utils'] = serialize($this);
b95d1cdb MR	59	}
	60
	61	private function __clone() {}
	62
6072c905 MR	63	public function serialize() {
	64	file_put_contents('/tmp/dump', 'Serialize called: '.var_export($this, true), FILE_APPEND);
	65	return serialize(get_object_vars($this));
	66	}
	67
	68	public function unserialize($data) {
	69	$values = unserialize($data);
	70	foreach ($values as $key=>$value) {
	71	$this->$key = $value;
	72	}
	73	}
	74
a675b383	75	private function startSession() {
b95d1cdb MR	76	global $CFG;
b95d1cdb MR	77
6847a881 MR	78	session_unset();
6847a881 MR	79	session_destroy();
b95d1cdb	80	if (isset($CFG->session_timeout)) {
7d9c7fe2	81	$this->timeout = $CFG->session_timeout * 60;
b95d1cdb	82	} else {
7d9c7fe2	83	$this->timeout = 20 * 60;
b95d1cdb MR	84	}
b95d1cdb MR	85
7d9c7fe2 MR	86	if (ini_get('session.gc_maxlifetime') != $this->timeout)
	87	ini_set('session.gc_maxlifetime', $this->timeout);
	88	if (ini_get('session.cookie_lifetime') != $this->timeout)
	89	ini_set('session.cookie_lifetime', $this->timeout);
a675b383 MR	90
	91	session_start();
	92
7d9c7fe2 MR	93	//echo ini_get('session.gc_maxlifetime').':'.ini_get('session.cookie_lifetime');
	94	}
	95
	96	public static function getInstance() {
	97	global $CFG;
	98
6847a881	99	session_start();
7d9c7fe2	100	if (!is_object(self::$_instance)) {
6072c905 MR	101	if (isset($_SESSION['Utils'])) {
6072c905 MR	102	self::$_instance = unserialize($_SESSION['Utils']);
0f9549a5	103	file_put_contents('/tmp/dump', 'Unserialize called: '.var_export(self::$_instance, true), FILE_APPEND);
6072c905 MR	104	} else {
	105	self::$_instance = new Utils();
	106	}
7d9c7fe2 MR	107	}
7d9c7fe2 MR	108
b95d1cdb	109	$time = $_SERVER['REQUEST_TIME'];
7d9c7fe2 MR	110	if (isset($_SESSION['LAST_ACTIVITY']) &&
7d9c7fe2 MR	111	($time - $_SESSION['LAST_ACTIVITY']) >= self::$_instance->timeout) {
c0519296	112	echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
2a577047	113	exit;
b95d1cdb MR	114	session_unset();
b95d1cdb MR	115	session_destroy();
cb950b16	116	self::$_instance->user = null;
b95d1cdb	117	self::$_instance->is_admin = false;
6e081c5f	118	$_SESSION['Utils'] = serialize(self::$_instance);
a675b383 MR	119	} else {
	120	$_SESSION['LAST_ACTIVITY'] = $time;
	121	}
b95d1cdb MR	122
	123	return self::$_instance;
	124	}
	125
	126	public function logout() {
	127	$_SESSION = array();
	128	if (ini_get('session.use_cookies')) {
	129	$params = session_get_cookie_params();
	130	setcookie(session_name(), '', time() - 42000,
	131	$params['path'], $params['domain'],
	132	$params['secure'], $params['httponly']);
	133	}
	134	session_unset();
	135	session_destroy();
	136	$this->user = null;
	137	$this->is_admin = false;
	138	}
	139
	140	public function isAdmin() {
	141	//file_put_contents('/tmp/login.txt', var_export($this, true));
	142	return $this->is_admin;
	143	}
	144
	145	public function login($user, $pw) {
	146	global $CFG;
	147	$result = false;
	148
	149	unset($_SESSION['user']);
	150	unset($_SESSION['is_admin']);
	151	$this->user = null;
	152	$this->is_admin = false;
	153
	154	$p = explode('@', $user);
	155	if (count($p) != 2) {
	156	$this->loginStatus = 'Bad username';
	157	return false;
	158	}
	159	$domain = $p[1];
	160	$dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
6df4b805 MR	161	$filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
	162	$ds = @ldap_connect($CFG->ldap_dsn);
	163	if ($ds) {
b95d1cdb	164	@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
6df4b805 MR	165	$r = @ldap_bind($ds, $dn, $pw);
	166	if ($r) {
	167	$sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
	168	$info = @ldap_get_entries($ds, $sr); // array
	169	if ($info['count'] > 0) {
b95d1cdb MR	170	$_SESSION['user'] = $user;
	171	$this->user = $user;
	172	$result = true;
	173	$this->loginStatus = 'OK';
	174	$admin = 'NO';
	175	if (isset($info[0]['domainglobaladmin'])) {
	176	$admin = $info[0]['domainglobaladmin'][0];
	177	$admin = strtoupper($admin);
	178	}
	179	$this->is_admin = ($admin == 'YES') ? true : false;
	180	$_SESSION['is_admin'] = $this->is_admin;
6df4b805 MR	181	} else {
	182	$this->loginStatus = 'Login failed';
	183	}
	184	} else {
	185	$this->loginStatus = ldap_error($ds);
	186	}
	187	@ldap_close($ds);
	188	} else {
	189	$this->loginStatus = 'Connect to LDAP server failed';
	190	}
	191
6e081c5f MR	192	$_SESSION['Utils'] = serialize($this);
6e081c5f MR	193
b95d1cdb MR	194	return $result;
	195	}
	196
	197	public function getLoginStatus() {
	198	return $this->loginStatus;
	199	}
	200
	201	public function isLoggedIn() {
	202	global $CFG;
	203	$loggedIn = false;
	204
	205	if ($this->user) {
	206	$loggedIn = true;
	207	} else if (isset($_SESSION['user'])) {
	208	$this->user = $_SESSION['user'];
	209	$loggedIn = true;
	210	} else {
	211	if ($CFG->auth_method == 'HTTP_AUTH') {
	212	if (isset($this->server['PHP_AUTH_USER'])) {
	213	$this->user = $this->server['PHP_AUTH_USER'];
	214	$loggedIn = true;
	215	}
	216	}
	217	}
	218
85ec6a84	219	if ($loggedIn == false) {
3679a8af	220	echo '$this->user: '.$this->user.' $_SESSION[\'user\']: '.$_SESSION['user'];
18d80742 MR	221	echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
	222	exit;
	223	}
6e081c5f MR	224
	225	$_SESSION['Utils'] = serialize($this);
	226
b95d1cdb MR	227	return $loggedIn;
	228	}
	229
	230	public function getUser() {
	231	$this->isLoggedIn();
	232	return $this->user;
	233	}
	234
	235	public function getHeader() {
	236	return $this->header;
	237	}
	238
	239	public function getFooter() {
	240	return $this->footer;
	241	}
	242
	243	public function getHeading() {
	244	return $this->heading;
	245	}
	246
	247	public function setHeading($heading) {
	248	global $CFG;
	249
	250	$timeout = $CFG->session_timeout * 60 * 1000;
	251	$this->heading = str_replace('__TITLE__', $heading, $this->heading);
	252	$this->header = str_replace('__TITLE__', $heading, $this->header);
	253	$this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
	254	$this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
6e081c5f MR	255
6e081c5f MR	256	$_SESSION['Utils'] = serialize($this);
b95d1cdb MR	257	}
	258
	259	public function convertContent($code) {
	260	$table = array(
	261	'V' => 'Virus',
	262	'B' => 'Banned',
	263	'U' => 'Unchecked',
	264	'S' => 'Spam',
	265	'Y' => 'Spammy',
	266	'M' => 'Bad Mime',
	267	'H' => 'Bad Header',
	268	'O' => 'Over sized',
	269	'T' => 'MTA err',
	270	'C' => 'Clean'
	271	);
	272
	273	$string = $table[$code];
	274	if (empty($string))
	275	$string = 'Unknown';
	276
	277	return $string;
	278	}
6df4b805	279
6df4b805	280	}