[qtadmin.git] / lib / utils.inc.php

<?php
/* vim: set ts=4 tw=0 sw=4 noet: */
require_once $CFG->root .'config.php';

class Utils {

	private static $_instance = null;
	private $server;
	private $user;
	private $is_admin;
	private $loginStatus;
	private $header = '<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<link rel="stylesheet" href="css/styles.css">
	<script>
		var timeout = __TIMEOUT__;
	</script>
	<script src="__ROOT__js/timer.js"></script>
	<title>__TITLE__</title>
</head>
<body>';
	private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net">
			QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
	private $heading = '<p id="time" class="time">Session timeout: 
			<span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';

	private function __construct() {
		global $CFG;

		$this->server = $_SERVER;
		session_start();
                
		$this->user = null;
		$this->is_admin = false;
		$this->loginStatus = 'Not logged in';

		if (isset($_SESSION['user'])) {
			$this->user = $_SESSION['user'];
			$this->loginStatus = 'OK';
			$this->is_admin = $_SESSION['is_admin'];
		} else {
			if ($CFG->auth_method == 'HTTP_AUTH') {
				if (isset($this->server['PHP_AUTH_USER'])) {
					$this->user = $this->server['PHP_AUTH_USER'];
					$this->loginStatus = 'OK';
					if ($CFG->admin_user == $this->user)
						$this->is_admin = true;
				}
			}
		}
		$_SESSION['user'] = $this->user;
		$_SESSION['is_admin'] = $this->is_admin;
	}

	private function __clone() {}

	public static function getInstance() {
		global $CFG;

		if (!is_object(self::$_instance)) {
			self::$_instance = new Utils();
		}
		// Session timeout handler
		if ('' == session_id())
			session_start();
		if (isset($CFG->session_timeout)) {
			$timeout = $CFG->session_timeout * 60;
		} else {
			$timeout = 20 * 60;
		}
		
		if (ini_get('session.gc_maxlifetime') != $timeout)
			ini_set('session.gc_maxlifetime', $timeout);
		if (ini_get('session.cookie_lifetime') != $timeout)
			ini_set('session.cookie_lifetime', $timeout);
		$time = $_SERVER['REQUEST_TIME'];
		if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
			session_unset();
			session_destroy();
			session_start();
			self::$_instance->user = null;
			self::$_instance->is_admin = false;
		}
		$_SESSION['LAST_ACTIVITY'] = $time;

		return self::$_instance; 
	}

	public function logout() {
		$_SESSION = array();
		if (ini_get('session.use_cookies')) {
			$params = session_get_cookie_params();
			setcookie(session_name(), '', time() - 42000,
				$params['path'], $params['domain'],
				$params['secure'], $params['httponly']);
		}
		session_unset();
		session_destroy();
		$this->user = null;
		$this->is_admin = false;
	}

	public function isAdmin() {
		//file_put_contents('/tmp/login.txt', var_export($this, true));
		return $this->is_admin;
	}

	public function login($user, $pw) {
		global $CFG;
		$result = false;

		unset($_SESSION['user']);
		unset($_SESSION['is_admin']);
		$this->user = null;
		$this->is_admin = false;
		
		$p = explode('@', $user);
		if (count($p) != 2) {
			$this->loginStatus = 'Bad username';
			return false;
		}
		$domain = $p[1];
		$dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
        $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
        $ds = @ldap_connect($CFG->ldap_dsn);
        if ($ds) {
			@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
            $r = @ldap_bind($ds, $dn, $pw);
            if ($r) {
                $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
                $info = @ldap_get_entries($ds, $sr); // array
                if ($info['count'] > 0) {
					$_SESSION['user'] = $user;
        			$this->user = $user;
					$result = true;
					$this->loginStatus = 'OK';
					$admin = 'NO';
					if (isset($info[0]['domainglobaladmin'])) {
						$admin = $info[0]['domainglobaladmin'][0];
						$admin = strtoupper($admin);
					} 
					$this->is_admin = ($admin == 'YES') ? true : false;
					$_SESSION['is_admin'] = $this->is_admin;
                } else {
                    $this->loginStatus = 'Login failed';
                }
            } else {
                $this->loginStatus = ldap_error($ds);
            }
            @ldap_close($ds);
        } else {
            $this->loginStatus = 'Connect to LDAP server failed';
        }

		return $result;
	}

	public function getLoginStatus() {
		return $this->loginStatus;
	}

	public function isLoggedIn() {
		global $CFG;
		$loggedIn = false;

		if ($this->user) {
			$loggedIn = true;
		} else if (isset($_SESSION['user'])) {
			$this->user = $_SESSION['user'];
			$loggedIn = true;
		} else {
			if ($CFG->auth_method == 'HTTP_AUTH') {
				if (isset($this->server['PHP_AUTH_USER'])) {
					$this->user = $this->server['PHP_AUTH_USER'];
					$loggedIn = true;
				}
			}
		}

		return $loggedIn;
	}

	public function getUser() {
		$this->isLoggedIn();
		return $this->user;
	}

	public function getHeader() {
		return $this->header;
	}

        public function getFooter() {
                return $this->footer;
        }

        public function getHeading() {
                return $this->heading;
        }

        public function setHeading($heading) {
			global $CFG;

			$timeout = $CFG->session_timeout * 60 * 1000;
            $this->heading = str_replace('__TITLE__', $heading, $this->heading);
			$this->header = str_replace('__TITLE__', $heading, $this->header);
			$this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
			$this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
        }

		public function convertContent($code) {
			$table = array(
				'V' => 'Virus',
				'B' => 'Banned',
				'U' => 'Unchecked',
				'S' => 'Spam',
				'Y' => 'Spammy',
				'M' => 'Bad Mime',
				'H' => 'Bad Header',
				'O' => 'Over sized',
				'T' => 'MTA err',
				'C' => 'Clean'
			);
			
			$string = $table[$code];
			if (empty($string))
				$string = 'Unknown';

			return $string;
		}
}
Commit	Line	Data
6df4b805 MR	1	<?php
	2	/* vim: set ts=4 tw=0 sw=4 noet: */
	3	require_once $CFG->root .'config.php';
	4
	5	class Utils {
	6
	7	private static $_instance = null;
	8	private $server;
	9	private $user;
	10	private $is_admin;
	11	private $loginStatus;
	12	private $header = '<!DOCTYPE html>
	13	<html>
	14	<head>
	15	<meta charset="utf-8">
	16	<link rel="stylesheet" href="css/styles.css">
	17	<script>
	18	var timeout = __TIMEOUT__;
	19	</script>
	20	<script src="__ROOT__js/timer.js"></script>
	21	<title>__TITLE__</title>
	22	</head>
	23	<body>';
	24	private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net">
	25	QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>';
	26	private $heading = '<p id="time" class="time">Session timeout:
	27	<span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
	28
	29	private function __construct() {
	30	global $CFG;
	31
	32	$this->server = $_SERVER;
	33	session_start();
	34
	35	$this->user = null;
	36	$this->is_admin = false;
	37	$this->loginStatus = 'Not logged in';
	38
	39	if (isset($_SESSION['user'])) {
	40	$this->user = $_SESSION['user'];
	41	$this->loginStatus = 'OK';
	42	$this->is_admin = $_SESSION['is_admin'];
	43	} else {
	44	if ($CFG->auth_method == 'HTTP_AUTH') {
	45	if (isset($this->server['PHP_AUTH_USER'])) {
	46	$this->user = $this->server['PHP_AUTH_USER'];
	47	$this->loginStatus = 'OK';
	48	if ($CFG->admin_user == $this->user)
	49	$this->is_admin = true;
	50	}
	51	}
	52	}
	53	$_SESSION['user'] = $this->user;
	54	$_SESSION['is_admin'] = $this->is_admin;
	55	}
	56
	57	private function __clone() {}
	58
	59	public static function getInstance() {
	60	global $CFG;
	61
	62	if (!is_object(self::$_instance)) {
	63	self::$_instance = new Utils();
	64	}
65	// Session timeout handler
66	if ('' == session_id())
67	session_start();
68	if (isset($CFG->session_timeout)) {
69	$timeout = $CFG->session_timeout * 60;
70	} else {
71	$timeout = 20 * 60;
72	}
73
74	if (ini_get('session.gc_maxlifetime') != $timeout)
75	ini_set('session.gc_maxlifetime', $timeout);
76	if (ini_get('session.cookie_lifetime') != $timeout)
77	ini_set('session.cookie_lifetime', $timeout);
78	$time = $_SERVER['REQUEST_TIME'];
79	if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
80	session_unset();
81	session_destroy();
82	session_start();
83	self::$_instance->user = null;
84	self::$_instance->is_admin = false;
85	}
86	$_SESSION['LAST_ACTIVITY'] = $time;
87
88	return self::$_instance;
89	}
90
91	public function logout() {
92	$_SESSION = array();
93	if (ini_get('session.use_cookies')) {
94	$params = session_get_cookie_params();
95	setcookie(session_name(), '', time() - 42000,
96	$params['path'], $params['domain'],
97	$params['secure'], $params['httponly']);
98	}
99	session_unset();
100	session_destroy();
101	$this->user = null;
102	$this->is_admin = false;
103	}
104
105	public function isAdmin() {
106	//file_put_contents('/tmp/login.txt', var_export($this, true));
107	return $this->is_admin;
108	}
109
110	public function login($user, $pw) {
111	global $CFG;
112	$result = false;
113
114	unset($_SESSION['user']);
115	unset($_SESSION['is_admin']);
116	$this->user = null;
117	$this->is_admin = false;
118
119	$p = explode('@', $user);
120	if (count($p) != 2) {
121	$this->loginStatus = 'Bad username';
122	return false;
123	}
124	$domain = $p[1];
125	$dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
126	$filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
127	$ds = @ldap_connect($CFG->ldap_dsn);
128	if ($ds) {
129	@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
130	$r = @ldap_bind($ds, $dn, $pw);
131	if ($r) {
132	$sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
133	$info = @ldap_get_entries($ds, $sr); // array
134	if ($info['count'] > 0) {
135	$_SESSION['user'] = $user;
136	$this->user = $user;
137	$result = true;
138	$this->loginStatus = 'OK';
139	$admin = 'NO';
140	if (isset($info[0]['domainglobaladmin'])) {
141	$admin = $info[0]['domainglobaladmin'][0];
142	$admin = strtoupper($admin);
143	}
144	$this->is_admin = ($admin == 'YES') ? true : false;
145	$_SESSION['is_admin'] = $this->is_admin;
146	} else {
147	$this->loginStatus = 'Login failed';
148	}
149	} else {
150	$this->loginStatus = ldap_error($ds);
151	}
152	@ldap_close($ds);
153	} else {
154	$this->loginStatus = 'Connect to LDAP server failed';
155	}
156
157	return $result;
158	}
159
160	public function getLoginStatus() {
161	return $this->loginStatus;
162	}
163
164	public function isLoggedIn() {
165	global $CFG;
166	$loggedIn = false;
167
168	if ($this->user) {
169	$loggedIn = true;
170	} else if (isset($_SESSION['user'])) {
171	$this->user = $_SESSION['user'];
172	$loggedIn = true;
173	} else {
174	if ($CFG->auth_method == 'HTTP_AUTH') {
175	if (isset($this->server['PHP_AUTH_USER'])) {
176	$this->user = $this->server['PHP_AUTH_USER'];
177	$loggedIn = true;
178	}
179	}
180	}
181
182	return $loggedIn;
183	}
184
185	public function getUser() {
186	$this->isLoggedIn();
187	return $this->user;
188	}
189
190	public function getHeader() {
191	return $this->header;
192	}
193
194	public function getFooter() {
195	return $this->footer;
196	}
197
198	public function getHeading() {
199	return $this->heading;
200	}
201
202	public function setHeading($heading) {
203	global $CFG;
204
205	$timeout = $CFG->session_timeout * 60 * 1000;
206	$this->heading = str_replace('__TITLE__', $heading, $this->heading);
207	$this->header = str_replace('__TITLE__', $heading, $this->header);
208	$this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
209	$this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
210	}
211
212	public function convertContent($code) {
213	$table = array(
214	'V' => 'Virus',
215	'B' => 'Banned',
216	'U' => 'Unchecked',
217	'S' => 'Spam',
218	'Y' => 'Spammy',
219	'M' => 'Bad Mime',
220	'H' => 'Bad Header',
221	'O' => 'Over sized',
222	'T' => 'MTA err',
223	'C' => 'Clean'
224	);
225
226	$string = $table[$code];
227	if (empty($string))
228	$string = 'Unknown';
229
230	return $string;
231	}
232	}