]>
Commit | Line | Data |
---|---|---|
6df4b805 MR |
1 | <?php |
2 | /* vim: set ts=4 tw=0 sw=4 noet: */ | |
3 | require_once $CFG->root .'config.php'; | |
4 | ||
5 | class Utils { | |
6 | ||
b95d1cdb MR |
7 | private static $_instance = null; |
8 | private $server; | |
9 | private $user; | |
10 | private $is_admin; | |
11 | private $loginStatus; | |
7d9c7fe2 | 12 | private $timeout; |
b95d1cdb | 13 | private $header = '<!DOCTYPE html> |
6df4b805 MR |
14 | <html> |
15 | <head> | |
b95d1cdb MR |
16 | <meta charset="utf-8"> |
17 | <link rel="stylesheet" href="css/styles.css"> | |
18 | <script> | |
19 | var timeout = __TIMEOUT__; | |
20 | </script> | |
21 | <script src="__ROOT__js/timer.js"></script> | |
5c7b972e | 22 | <script src="__ROOT__js/checkbox.js"></script> |
b95d1cdb | 23 | <title>__TITLE__</title> |
6df4b805 MR |
24 | </head> |
25 | <body>'; | |
bb06f172 | 26 | private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net" |
b706c65f | 27 | title="Goto QtAdmin homepage">QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>'; |
b95d1cdb MR |
28 | private $heading = '<p id="time" class="time">Session timeout: |
29 | <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>'; | |
30 | ||
31 | private function __construct() { | |
32 | global $CFG; | |
33 | ||
34 | $this->server = $_SERVER; | |
b95d1cdb MR |
35 | |
36 | $this->user = null; | |
37 | $this->is_admin = false; | |
38 | $this->loginStatus = 'Not logged in'; | |
39 | ||
a675b383 MR |
40 | $this->startSession(); |
41 | ||
b95d1cdb MR |
42 | if (isset($_SESSION['user'])) { |
43 | $this->user = $_SESSION['user']; | |
44 | $this->loginStatus = 'OK'; | |
45 | $this->is_admin = $_SESSION['is_admin']; | |
46 | } else { | |
47 | if ($CFG->auth_method == 'HTTP_AUTH') { | |
48 | if (isset($this->server['PHP_AUTH_USER'])) { | |
49 | $this->user = $this->server['PHP_AUTH_USER']; | |
50 | $this->loginStatus = 'OK'; | |
51 | if ($CFG->admin_user == $this->user) | |
52 | $this->is_admin = true; | |
53 | } | |
54 | } | |
55 | } | |
56 | $_SESSION['user'] = $this->user; | |
57 | $_SESSION['is_admin'] = $this->is_admin; | |
58 | } | |
59 | ||
60 | private function __clone() {} | |
61 | ||
a675b383 | 62 | private function startSession() { |
b95d1cdb MR |
63 | global $CFG; |
64 | ||
b95d1cdb | 65 | if (isset($CFG->session_timeout)) { |
7d9c7fe2 | 66 | $this->timeout = $CFG->session_timeout * 60; |
b95d1cdb | 67 | } else { |
7d9c7fe2 | 68 | $this->timeout = 20 * 60; |
b95d1cdb MR |
69 | } |
70 | ||
7d9c7fe2 MR |
71 | if (ini_get('session.gc_maxlifetime') != $this->timeout) |
72 | ini_set('session.gc_maxlifetime', $this->timeout); | |
73 | if (ini_get('session.cookie_lifetime') != $this->timeout) | |
74 | ini_set('session.cookie_lifetime', $this->timeout); | |
a675b383 MR |
75 | |
76 | session_start(); | |
77 | ||
7d9c7fe2 MR |
78 | //echo ini_get('session.gc_maxlifetime').':'.ini_get('session.cookie_lifetime'); |
79 | } | |
80 | ||
81 | public static function getInstance() { | |
82 | global $CFG; | |
83 | ||
84 | if (!is_object(self::$_instance)) { | |
85 | self::$_instance = new Utils(); | |
86 | } | |
87 | ||
b95d1cdb | 88 | $time = $_SERVER['REQUEST_TIME']; |
7d9c7fe2 MR |
89 | if (isset($_SESSION['LAST_ACTIVITY']) && |
90 | ($time - $_SESSION['LAST_ACTIVITY']) >= self::$_instance->timeout) { | |
c0519296 | 91 | echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); |
2a577047 | 92 | exit; |
b95d1cdb MR |
93 | session_unset(); |
94 | session_destroy(); | |
b95d1cdb MR |
95 | self::$_instance->user = null; |
96 | self::$_instance->is_admin = false; | |
a675b383 MR |
97 | } else { |
98 | $_SESSION['LAST_ACTIVITY'] = $time; | |
99 | } | |
b95d1cdb MR |
100 | |
101 | return self::$_instance; | |
102 | } | |
103 | ||
104 | public function logout() { | |
105 | $_SESSION = array(); | |
106 | if (ini_get('session.use_cookies')) { | |
107 | $params = session_get_cookie_params(); | |
108 | setcookie(session_name(), '', time() - 42000, | |
109 | $params['path'], $params['domain'], | |
110 | $params['secure'], $params['httponly']); | |
111 | } | |
112 | session_unset(); | |
113 | session_destroy(); | |
114 | $this->user = null; | |
115 | $this->is_admin = false; | |
116 | } | |
117 | ||
118 | public function isAdmin() { | |
119 | //file_put_contents('/tmp/login.txt', var_export($this, true)); | |
120 | return $this->is_admin; | |
121 | } | |
122 | ||
123 | public function login($user, $pw) { | |
124 | global $CFG; | |
125 | $result = false; | |
126 | ||
127 | unset($_SESSION['user']); | |
128 | unset($_SESSION['is_admin']); | |
129 | $this->user = null; | |
130 | $this->is_admin = false; | |
131 | ||
132 | $p = explode('@', $user); | |
133 | if (count($p) != 2) { | |
134 | $this->loginStatus = 'Bad username'; | |
135 | return false; | |
136 | } | |
137 | $domain = $p[1]; | |
138 | $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn"; | |
6df4b805 MR |
139 | $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))"; |
140 | $ds = @ldap_connect($CFG->ldap_dsn); | |
141 | if ($ds) { | |
b95d1cdb | 142 | @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); |
6df4b805 MR |
143 | $r = @ldap_bind($ds, $dn, $pw); |
144 | if ($r) { | |
145 | $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin')); | |
146 | $info = @ldap_get_entries($ds, $sr); // array | |
147 | if ($info['count'] > 0) { | |
b95d1cdb MR |
148 | $_SESSION['user'] = $user; |
149 | $this->user = $user; | |
150 | $result = true; | |
151 | $this->loginStatus = 'OK'; | |
152 | $admin = 'NO'; | |
153 | if (isset($info[0]['domainglobaladmin'])) { | |
154 | $admin = $info[0]['domainglobaladmin'][0]; | |
155 | $admin = strtoupper($admin); | |
156 | } | |
157 | $this->is_admin = ($admin == 'YES') ? true : false; | |
158 | $_SESSION['is_admin'] = $this->is_admin; | |
6df4b805 MR |
159 | } else { |
160 | $this->loginStatus = 'Login failed'; | |
161 | } | |
162 | } else { | |
163 | $this->loginStatus = ldap_error($ds); | |
164 | } | |
165 | @ldap_close($ds); | |
166 | } else { | |
167 | $this->loginStatus = 'Connect to LDAP server failed'; | |
168 | } | |
169 | ||
b95d1cdb MR |
170 | return $result; |
171 | } | |
172 | ||
173 | public function getLoginStatus() { | |
174 | return $this->loginStatus; | |
175 | } | |
176 | ||
177 | public function isLoggedIn() { | |
178 | global $CFG; | |
179 | $loggedIn = false; | |
180 | ||
cd212b17 | 181 | echo '$this->user: '.$this->user.' $_SESSION[\'user\']: '.$_SESSION['user']; |
b95d1cdb MR |
182 | if ($this->user) { |
183 | $loggedIn = true; | |
184 | } else if (isset($_SESSION['user'])) { | |
185 | $this->user = $_SESSION['user']; | |
186 | $loggedIn = true; | |
187 | } else { | |
188 | if ($CFG->auth_method == 'HTTP_AUTH') { | |
189 | if (isset($this->server['PHP_AUTH_USER'])) { | |
190 | $this->user = $this->server['PHP_AUTH_USER']; | |
191 | $loggedIn = true; | |
192 | } | |
193 | } | |
194 | } | |
195 | ||
1e354d20 | 196 | if ($loggedIn == false) { |
18d80742 MR |
197 | echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); |
198 | exit; | |
199 | } | |
b95d1cdb MR |
200 | return $loggedIn; |
201 | } | |
202 | ||
203 | public function getUser() { | |
204 | $this->isLoggedIn(); | |
205 | return $this->user; | |
206 | } | |
207 | ||
208 | public function getHeader() { | |
209 | return $this->header; | |
210 | } | |
211 | ||
212 | public function getFooter() { | |
213 | return $this->footer; | |
214 | } | |
215 | ||
216 | public function getHeading() { | |
217 | return $this->heading; | |
218 | } | |
219 | ||
220 | public function setHeading($heading) { | |
221 | global $CFG; | |
222 | ||
223 | $timeout = $CFG->session_timeout * 60 * 1000; | |
224 | $this->heading = str_replace('__TITLE__', $heading, $this->heading); | |
225 | $this->header = str_replace('__TITLE__', $heading, $this->header); | |
226 | $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header); | |
227 | $this->header = str_replace('__TIMEOUT__', $timeout, $this->header); | |
228 | } | |
229 | ||
230 | public function convertContent($code) { | |
231 | $table = array( | |
232 | 'V' => 'Virus', | |
233 | 'B' => 'Banned', | |
234 | 'U' => 'Unchecked', | |
235 | 'S' => 'Spam', | |
236 | 'Y' => 'Spammy', | |
237 | 'M' => 'Bad Mime', | |
238 | 'H' => 'Bad Header', | |
239 | 'O' => 'Over sized', | |
240 | 'T' => 'MTA err', | |
241 | 'C' => 'Clean' | |
242 | ); | |
243 | ||
244 | $string = $table[$code]; | |
245 | if (empty($string)) | |
246 | $string = 'Unknown'; | |
247 | ||
248 | return $string; | |
249 | } | |
6df4b805 | 250 | |
6df4b805 | 251 | } |