[qtadmin.git] / lib / utils.inc.php

<?php
/* vim: set ts=4 tw=0 sw=4 noet: */
require_once $CFG->root .'config.php';

class Utils {

    private static $_instance = null;
    private $server;
    private $user;
    private $is_admin;
    private $loginStatus;
    private $header = '<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <link rel="stylesheet" href="css/styles.css">
    <script>
        var timeout = __TIMEOUT__;
    </script>
    <script src="__ROOT__js/timer.js"></script>
    <title>__TITLE__</title>
</head>
<body>';
    private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net">
            QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
    private $heading = '<p id="time" class="time">Session timeout:
            <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';

    private function __construct() {
        global $CFG;

        $this->server = $_SERVER;
        session_start();

        $this->user = null;
        $this->is_admin = false;
        $this->loginStatus = 'Not logged in';

        if (isset($_SESSION['user'])) {
            $this->user = $_SESSION['user'];
            $this->loginStatus = 'OK';
            $this->is_admin = $_SESSION['is_admin'];
        } else {
            if ($CFG->auth_method == 'HTTP_AUTH') {
                if (isset($this->server['PHP_AUTH_USER'])) {
                    $this->user = $this->server['PHP_AUTH_USER'];
                    $this->loginStatus = 'OK';
                    if ($CFG->admin_user == $this->user)
                        $this->is_admin = true;
                }
            }
        }
        $_SESSION['user'] = $this->user;
        $_SESSION['is_admin'] = $this->is_admin;
    }

    private function __clone() {}

    public static function getInstance() {
        global $CFG;

        if (!is_object(self::$_instance)) {
            self::$_instance = new Utils();
        }
        // Session timeout handler
        if ('' == session_id())
            session_start();
        if (isset($CFG->session_timeout)) {
            $timeout = $CFG->session_timeout * 60;
        } else {
            $timeout = 20 * 60;
        }

        if (ini_get('session.gc_maxlifetime') != $timeout)
            ini_set('session.gc_maxlifetime', $timeout);
        if (ini_get('session.cookie_lifetime') != $timeout)
            ini_set('session.cookie_lifetime', $timeout);
        $time = $_SERVER['REQUEST_TIME'];
        if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
            session_unset();
            session_destroy();
            session_start();
            self::$_instance->user = null;
            self::$_instance->is_admin = false;
        }
        $_SESSION['LAST_ACTIVITY'] = $time;

        return self::$_instance;
    }

    public function logout() {
        $_SESSION = array();
        if (ini_get('session.use_cookies')) {
            $params = session_get_cookie_params();
            setcookie(session_name(), '', time() - 42000,
                $params['path'], $params['domain'],
                $params['secure'], $params['httponly']);
        }
        session_unset();
        session_destroy();
        $this->user = null;
        $this->is_admin = false;
    }

    public function isAdmin() {
        //file_put_contents('/tmp/login.txt', var_export($this, true));
        return $this->is_admin;
    }

    public function login($user, $pw) {
        global $CFG;
        $result = false;

        unset($_SESSION['user']);
        unset($_SESSION['is_admin']);
        $this->user = null;
        $this->is_admin = false;

        $p = explode('@', $user);
        if (count($p) != 2) {
            $this->loginStatus = 'Bad username';
            return false;
        }
        $domain = $p[1];
        $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
        $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
        $ds = @ldap_connect($CFG->ldap_dsn);
        if ($ds) {
            @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
            $r = @ldap_bind($ds, $dn, $pw);
            if ($r) {
                $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
                $info = @ldap_get_entries($ds, $sr); // array
                if ($info['count'] > 0) {
                    $_SESSION['user'] = $user;
                    $this->user = $user;
                    $result = true;
                    $this->loginStatus = 'OK';
                    $admin = 'NO';
                    if (isset($info[0]['domainglobaladmin'])) {
                        $admin = $info[0]['domainglobaladmin'][0];
                        $admin = strtoupper($admin);
                    }
                    $this->is_admin = ($admin == 'YES') ? true : false;
                    $_SESSION['is_admin'] = $this->is_admin;
                } else {
                    $this->loginStatus = 'Login failed';
                }
            } else {
                $this->loginStatus = ldap_error($ds);
            }
            @ldap_close($ds);
        } else {
            $this->loginStatus = 'Connect to LDAP server failed';
        }

        return $result;
    }

    public function getLoginStatus() {
        return $this->loginStatus;
    }

    public function isLoggedIn() {
        global $CFG;
        $loggedIn = false;

        if ($this->user) {
            $loggedIn = true;
        } else if (isset($_SESSION['user'])) {
            $this->user = $_SESSION['user'];
            $loggedIn = true;
        } else {
            if ($CFG->auth_method == 'HTTP_AUTH') {
                if (isset($this->server['PHP_AUTH_USER'])) {
                    $this->user = $this->server['PHP_AUTH_USER'];
                    $loggedIn = true;
                }
            }
        }

        return $loggedIn;
    }

    public function getUser() {
        $this->isLoggedIn();
        return $this->user;
    }

    public function getHeader() {
        return $this->header;
    }

    public function getFooter() {
        return $this->footer;
    }

    public function getHeading() {
        return $this->heading;
    }

    public function setHeading($heading) {
        global $CFG;

        $timeout = $CFG->session_timeout * 60 * 1000;
        $this->heading = str_replace('__TITLE__', $heading, $this->heading);
        $this->header = str_replace('__TITLE__', $heading, $this->header);
        $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
        $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
    }

    public function convertContent($code) {
        $table = array(
            'V' => 'Virus',
            'B' => 'Banned',
            'U' => 'Unchecked',
            'S' => 'Spam',
            'Y' => 'Spammy',
            'M' => 'Bad Mime',
            'H' => 'Bad Header',
            'O' => 'Over sized',
            'T' => 'MTA err',
            'C' => 'Clean'
        );

        $string = $table[$code];
        if (empty($string))
            $string = 'Unknown';

        return $string;
    }

}
Commit	Line	Data
6df4b805 MR	1	<?php
	2	/* vim: set ts=4 tw=0 sw=4 noet: */
	3	require_once $CFG->root .'config.php';
	4
	5	class Utils {
	6
b95d1cdb MR	7	private static $_instance = null;
	8	private $server;
	9	private $user;
	10	private $is_admin;
	11	private $loginStatus;
	12	private $header = '<!DOCTYPE html>
6df4b805 MR	13	<html>
6df4b805 MR	14	<head>
b95d1cdb MR	15	<meta charset="utf-8">
	16	<link rel="stylesheet" href="css/styles.css">
	17	<script>
	18	var timeout = __TIMEOUT__;
	19	</script>
	20	<script src="__ROOT__js/timer.js"></script>
	21	<title>__TITLE__</title>
6df4b805 MR	22	</head>
6df4b805 MR	23	<body>';
b95d1cdb MR	24	private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net">
	25	QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>';
	26	private $heading = '<p id="time" class="time">Session timeout:
	27	<span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
	28
	29	private function __construct() {
	30	global $CFG;
	31
	32	$this->server = $_SERVER;
	33	session_start();
	34
	35	$this->user = null;
	36	$this->is_admin = false;
	37	$this->loginStatus = 'Not logged in';
	38
	39	if (isset($_SESSION['user'])) {
	40	$this->user = $_SESSION['user'];
	41	$this->loginStatus = 'OK';
	42	$this->is_admin = $_SESSION['is_admin'];
	43	} else {
	44	if ($CFG->auth_method == 'HTTP_AUTH') {
	45	if (isset($this->server['PHP_AUTH_USER'])) {
	46	$this->user = $this->server['PHP_AUTH_USER'];
	47	$this->loginStatus = 'OK';
	48	if ($CFG->admin_user == $this->user)
	49	$this->is_admin = true;
	50	}
	51	}
	52	}
	53	$_SESSION['user'] = $this->user;
	54	$_SESSION['is_admin'] = $this->is_admin;
	55	}
	56
	57	private function __clone() {}
	58
	59	public static function getInstance() {
	60	global $CFG;
	61
	62	if (!is_object(self::$_instance)) {
	63	self::$_instance = new Utils();
	64	}
	65	// Session timeout handler
	66	if ('' == session_id())
	67	session_start();
	68	if (isset($CFG->session_timeout)) {
	69	$timeout = $CFG->session_timeout * 60;
	70	} else {
	71	$timeout = 20 * 60;
	72	}
	73
	74	if (ini_get('session.gc_maxlifetime') != $timeout)
	75	ini_set('session.gc_maxlifetime', $timeout);
	76	if (ini_get('session.cookie_lifetime') != $timeout)
	77	ini_set('session.cookie_lifetime', $timeout);
	78	$time = $_SERVER['REQUEST_TIME'];
	79	if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
	80	session_unset();
	81	session_destroy();
	82	session_start();
	83	self::$_instance->user = null;
	84	self::$_instance->is_admin = false;
	85	}
	86	$_SESSION['LAST_ACTIVITY'] = $time;
	87
88	return self::$_instance;
89	}
90
91	public function logout() {
92	$_SESSION = array();
93	if (ini_get('session.use_cookies')) {
94	$params = session_get_cookie_params();
95	setcookie(session_name(), '', time() - 42000,
96	$params['path'], $params['domain'],
97	$params['secure'], $params['httponly']);
98	}
99	session_unset();
100	session_destroy();
101	$this->user = null;
102	$this->is_admin = false;
103	}
104
105	public function isAdmin() {
106	//file_put_contents('/tmp/login.txt', var_export($this, true));
107	return $this->is_admin;
108	}
109
110	public function login($user, $pw) {
111	global $CFG;
112	$result = false;
113
114	unset($_SESSION['user']);
115	unset($_SESSION['is_admin']);
116	$this->user = null;
117	$this->is_admin = false;
118
119	$p = explode('@', $user);
120	if (count($p) != 2) {
121	$this->loginStatus = 'Bad username';
122	return false;
123	}
124	$domain = $p[1];
125	$dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
6df4b805 MR	126	$filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
	127	$ds = @ldap_connect($CFG->ldap_dsn);
	128	if ($ds) {
b95d1cdb	129	@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
6df4b805 MR	130	$r = @ldap_bind($ds, $dn, $pw);
	131	if ($r) {
	132	$sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
	133	$info = @ldap_get_entries($ds, $sr); // array
	134	if ($info['count'] > 0) {
b95d1cdb MR	135	$_SESSION['user'] = $user;
	136	$this->user = $user;
	137	$result = true;
	138	$this->loginStatus = 'OK';
	139	$admin = 'NO';
	140	if (isset($info[0]['domainglobaladmin'])) {
	141	$admin = $info[0]['domainglobaladmin'][0];
	142	$admin = strtoupper($admin);
	143	}
	144	$this->is_admin = ($admin == 'YES') ? true : false;
	145	$_SESSION['is_admin'] = $this->is_admin;
6df4b805 MR	146	} else {
	147	$this->loginStatus = 'Login failed';
	148	}
	149	} else {
	150	$this->loginStatus = ldap_error($ds);
	151	}
	152	@ldap_close($ds);
	153	} else {
	154	$this->loginStatus = 'Connect to LDAP server failed';
	155	}
	156
b95d1cdb MR	157	return $result;
	158	}
	159
	160	public function getLoginStatus() {
	161	return $this->loginStatus;
	162	}
	163
	164	public function isLoggedIn() {
	165	global $CFG;
	166	$loggedIn = false;
	167
	168	if ($this->user) {
	169	$loggedIn = true;
	170	} else if (isset($_SESSION['user'])) {
	171	$this->user = $_SESSION['user'];
	172	$loggedIn = true;
	173	} else {
	174	if ($CFG->auth_method == 'HTTP_AUTH') {
	175	if (isset($this->server['PHP_AUTH_USER'])) {
	176	$this->user = $this->server['PHP_AUTH_USER'];
	177	$loggedIn = true;
	178	}
	179	}
	180	}
	181
	182	return $loggedIn;
	183	}
	184
	185	public function getUser() {
	186	$this->isLoggedIn();
	187	return $this->user;
	188	}
	189
	190	public function getHeader() {
	191	return $this->header;
	192	}
	193
	194	public function getFooter() {
	195	return $this->footer;
	196	}
	197
	198	public function getHeading() {
	199	return $this->heading;
	200	}
	201
	202	public function setHeading($heading) {
	203	global $CFG;
	204
	205	$timeout = $CFG->session_timeout * 60 * 1000;
	206	$this->heading = str_replace('__TITLE__', $heading, $this->heading);
	207	$this->header = str_replace('__TITLE__', $heading, $this->header);
	208	$this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
	209	$this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
	210	}
	211
	212	public function convertContent($code) {
	213	$table = array(
	214	'V' => 'Virus',
	215	'B' => 'Banned',
	216	'U' => 'Unchecked',
	217	'S' => 'Spam',
	218	'Y' => 'Spammy',
	219	'M' => 'Bad Mime',
	220	'H' => 'Bad Header',
221	'O' => 'Over sized',
222	'T' => 'MTA err',
223	'C' => 'Clean'
224	);
225
226	$string = $table[$code];
227	if (empty($string))
228	$string = 'Unknown';
229
230	return $string;
231	}
6df4b805	232
6df4b805	233	}