]>
Commit | Line | Data |
---|---|---|
6df4b805 MR |
1 | <?php |
2 | /* vim: set ts=4 tw=0 sw=4 noet: */ | |
3 | require_once $CFG->root .'config.php'; | |
4 | ||
5 | class Utils { | |
6 | ||
b95d1cdb MR |
7 | private static $_instance = null; |
8 | private $server; | |
9 | private $user; | |
10 | private $is_admin; | |
11 | private $loginStatus; | |
12 | private $header = '<!DOCTYPE html> | |
6df4b805 MR |
13 | <html> |
14 | <head> | |
b95d1cdb MR |
15 | <meta charset="utf-8"> |
16 | <link rel="stylesheet" href="css/styles.css"> | |
17 | <script> | |
18 | var timeout = __TIMEOUT__; | |
19 | </script> | |
20 | <script src="__ROOT__js/timer.js"></script> | |
5c7b972e | 21 | <script src="__ROOT__js/checkbox.js"></script> |
b95d1cdb | 22 | <title>__TITLE__</title> |
6df4b805 MR |
23 | </head> |
24 | <body>'; | |
bb06f172 | 25 | private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net" |
b706c65f | 26 | title="Goto QtAdmin homepage">QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>'; |
b95d1cdb MR |
27 | private $heading = '<p id="time" class="time">Session timeout: |
28 | <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>'; | |
29 | ||
30 | private function __construct() { | |
31 | global $CFG; | |
32 | ||
33 | $this->server = $_SERVER; | |
b95d1cdb MR |
34 | |
35 | $this->user = null; | |
36 | $this->is_admin = false; | |
37 | $this->loginStatus = 'Not logged in'; | |
38 | ||
a675b383 MR |
39 | $this->startSession(); |
40 | ||
b95d1cdb MR |
41 | if (isset($_SESSION['user'])) { |
42 | $this->user = $_SESSION['user']; | |
43 | $this->loginStatus = 'OK'; | |
44 | $this->is_admin = $_SESSION['is_admin']; | |
45 | } else { | |
46 | if ($CFG->auth_method == 'HTTP_AUTH') { | |
47 | if (isset($this->server['PHP_AUTH_USER'])) { | |
48 | $this->user = $this->server['PHP_AUTH_USER']; | |
49 | $this->loginStatus = 'OK'; | |
50 | if ($CFG->admin_user == $this->user) | |
51 | $this->is_admin = true; | |
52 | } | |
53 | } | |
54 | } | |
55 | $_SESSION['user'] = $this->user; | |
56 | $_SESSION['is_admin'] = $this->is_admin; | |
57 | } | |
58 | ||
59 | private function __clone() {} | |
60 | ||
a675b383 | 61 | private function startSession() { |
b95d1cdb MR |
62 | global $CFG; |
63 | ||
b95d1cdb MR |
64 | if (isset($CFG->session_timeout)) { |
65 | $timeout = $CFG->session_timeout * 60; | |
66 | } else { | |
67 | $timeout = 20 * 60; | |
68 | } | |
69 | ||
70 | if (ini_get('session.gc_maxlifetime') != $timeout) | |
71 | ini_set('session.gc_maxlifetime', $timeout); | |
72 | if (ini_get('session.cookie_lifetime') != $timeout) | |
73 | ini_set('session.cookie_lifetime', $timeout); | |
a675b383 MR |
74 | |
75 | session_start(); | |
76 | ||
b95d1cdb MR |
77 | $time = $_SERVER['REQUEST_TIME']; |
78 | if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) { | |
79 | session_unset(); | |
80 | session_destroy(); | |
b95d1cdb MR |
81 | self::$_instance->user = null; |
82 | self::$_instance->is_admin = false; | |
a675b383 MR |
83 | } else { |
84 | $_SESSION['LAST_ACTIVITY'] = $time; | |
85 | } | |
86 | } | |
87 | ||
88 | public static function getInstance() { | |
89 | if (!is_object(self::$_instance)) { | |
90 | self::$_instance = new Utils(); | |
b95d1cdb | 91 | } |
b95d1cdb MR |
92 | |
93 | return self::$_instance; | |
94 | } | |
95 | ||
96 | public function logout() { | |
97 | $_SESSION = array(); | |
98 | if (ini_get('session.use_cookies')) { | |
99 | $params = session_get_cookie_params(); | |
100 | setcookie(session_name(), '', time() - 42000, | |
101 | $params['path'], $params['domain'], | |
102 | $params['secure'], $params['httponly']); | |
103 | } | |
104 | session_unset(); | |
105 | session_destroy(); | |
106 | $this->user = null; | |
107 | $this->is_admin = false; | |
108 | } | |
109 | ||
110 | public function isAdmin() { | |
111 | //file_put_contents('/tmp/login.txt', var_export($this, true)); | |
112 | return $this->is_admin; | |
113 | } | |
114 | ||
115 | public function login($user, $pw) { | |
116 | global $CFG; | |
117 | $result = false; | |
118 | ||
119 | unset($_SESSION['user']); | |
120 | unset($_SESSION['is_admin']); | |
121 | $this->user = null; | |
122 | $this->is_admin = false; | |
123 | ||
124 | $p = explode('@', $user); | |
125 | if (count($p) != 2) { | |
126 | $this->loginStatus = 'Bad username'; | |
127 | return false; | |
128 | } | |
129 | $domain = $p[1]; | |
130 | $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn"; | |
6df4b805 MR |
131 | $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))"; |
132 | $ds = @ldap_connect($CFG->ldap_dsn); | |
133 | if ($ds) { | |
b95d1cdb | 134 | @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); |
6df4b805 MR |
135 | $r = @ldap_bind($ds, $dn, $pw); |
136 | if ($r) { | |
137 | $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin')); | |
138 | $info = @ldap_get_entries($ds, $sr); // array | |
139 | if ($info['count'] > 0) { | |
b95d1cdb MR |
140 | $_SESSION['user'] = $user; |
141 | $this->user = $user; | |
142 | $result = true; | |
143 | $this->loginStatus = 'OK'; | |
144 | $admin = 'NO'; | |
145 | if (isset($info[0]['domainglobaladmin'])) { | |
146 | $admin = $info[0]['domainglobaladmin'][0]; | |
147 | $admin = strtoupper($admin); | |
148 | } | |
149 | $this->is_admin = ($admin == 'YES') ? true : false; | |
150 | $_SESSION['is_admin'] = $this->is_admin; | |
6df4b805 MR |
151 | } else { |
152 | $this->loginStatus = 'Login failed'; | |
153 | } | |
154 | } else { | |
155 | $this->loginStatus = ldap_error($ds); | |
156 | } | |
157 | @ldap_close($ds); | |
158 | } else { | |
159 | $this->loginStatus = 'Connect to LDAP server failed'; | |
160 | } | |
161 | ||
b95d1cdb MR |
162 | return $result; |
163 | } | |
164 | ||
165 | public function getLoginStatus() { | |
166 | return $this->loginStatus; | |
167 | } | |
168 | ||
169 | public function isLoggedIn() { | |
170 | global $CFG; | |
171 | $loggedIn = false; | |
172 | ||
173 | if ($this->user) { | |
174 | $loggedIn = true; | |
175 | } else if (isset($_SESSION['user'])) { | |
176 | $this->user = $_SESSION['user']; | |
177 | $loggedIn = true; | |
178 | } else { | |
179 | if ($CFG->auth_method == 'HTTP_AUTH') { | |
180 | if (isset($this->server['PHP_AUTH_USER'])) { | |
181 | $this->user = $this->server['PHP_AUTH_USER']; | |
182 | $loggedIn = true; | |
183 | } | |
184 | } | |
185 | } | |
186 | ||
187 | return $loggedIn; | |
188 | } | |
189 | ||
190 | public function getUser() { | |
191 | $this->isLoggedIn(); | |
192 | return $this->user; | |
193 | } | |
194 | ||
195 | public function getHeader() { | |
196 | return $this->header; | |
197 | } | |
198 | ||
199 | public function getFooter() { | |
200 | return $this->footer; | |
201 | } | |
202 | ||
203 | public function getHeading() { | |
204 | return $this->heading; | |
205 | } | |
206 | ||
207 | public function setHeading($heading) { | |
208 | global $CFG; | |
209 | ||
210 | $timeout = $CFG->session_timeout * 60 * 1000; | |
211 | $this->heading = str_replace('__TITLE__', $heading, $this->heading); | |
212 | $this->header = str_replace('__TITLE__', $heading, $this->header); | |
213 | $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header); | |
214 | $this->header = str_replace('__TIMEOUT__', $timeout, $this->header); | |
215 | } | |
216 | ||
217 | public function convertContent($code) { | |
218 | $table = array( | |
219 | 'V' => 'Virus', | |
220 | 'B' => 'Banned', | |
221 | 'U' => 'Unchecked', | |
222 | 'S' => 'Spam', | |
223 | 'Y' => 'Spammy', | |
224 | 'M' => 'Bad Mime', | |
225 | 'H' => 'Bad Header', | |
226 | 'O' => 'Over sized', | |
227 | 'T' => 'MTA err', | |
228 | 'C' => 'Clean' | |
229 | ); | |
230 | ||
231 | $string = $table[$code]; | |
232 | if (empty($string)) | |
233 | $string = 'Unknown'; | |
234 | ||
235 | return $string; | |
236 | } | |
6df4b805 | 237 | |
6df4b805 | 238 | } |