]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | /* vim: set ts=4 tw=0 sw=4 noet: */ | |
3 | require_once $CFG->root .'config.php'; | |
4 | ||
5 | class Utils implements Serializable { | |
6 | ||
7 | private static $_instance = null; | |
8 | private $server; | |
9 | private $user; | |
10 | private $is_admin; | |
11 | private $loginStatus; | |
12 | private $timeout; | |
13 | private $header = '<!DOCTYPE html> | |
14 | <html> | |
15 | <head> | |
16 | <meta charset="utf-8"> | |
17 | <link rel="stylesheet" href="css/styles.css"> | |
18 | <script> | |
19 | var timeout = __TIMEOUT__; | |
20 | </script> | |
21 | <script src="__ROOT__js/timer.js"></script> | |
22 | <script src="__ROOT__js/checkbox.js"></script> | |
23 | <title>__TITLE__</title> | |
24 | </head> | |
25 | <body>'; | |
26 | private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net" | |
27 | title="Goto QtAdmin homepage">QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>'; | |
28 | private $heading = '<p id="time" class="time">Session timeout: | |
29 | <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>'; | |
30 | ||
31 | private function __construct() { | |
32 | global $CFG; | |
33 | ||
34 | $this->server = $_SERVER; | |
35 | ||
36 | $this->user = null; | |
37 | $this->is_admin = false; | |
38 | $this->loginStatus = 'Not logged in'; | |
39 | ||
40 | $this->startSession(); | |
41 | ||
42 | if (isset($_SESSION['user'])) { | |
43 | $this->user = $_SESSION['user']; | |
44 | $this->loginStatus = 'OK'; | |
45 | $this->is_admin = $_SESSION['is_admin']; | |
46 | } else { | |
47 | if ($CFG->auth_method == 'HTTP_AUTH') { | |
48 | if (isset($this->server['PHP_AUTH_USER'])) { | |
49 | $this->user = $this->server['PHP_AUTH_USER']; | |
50 | $this->loginStatus = 'OK'; | |
51 | if ($CFG->admin_user == $this->user) | |
52 | $this->is_admin = true; | |
53 | } | |
54 | } | |
55 | } | |
56 | $_SESSION['user'] = $this->user; | |
57 | $_SESSION['is_admin'] = $this->is_admin; | |
58 | $_SESSION['Utils'] = serialize($this); | |
59 | } | |
60 | ||
61 | private function __clone() {} | |
62 | ||
63 | public function serialize() { | |
64 | file_put_contents('/tmp/dump', 'Serialize called: '.var_export($this, true), FILE_APPEND); | |
65 | return serialize(get_object_vars($this)); | |
66 | } | |
67 | ||
68 | public function unserialize($data) { | |
69 | $values = unserialize($data); | |
70 | foreach ($values as $key=>$value) { | |
71 | $this->$key = $value; | |
72 | } | |
73 | } | |
74 | ||
75 | private function startSession() { | |
76 | global $CFG; | |
77 | ||
78 | session_unset(); | |
79 | session_destroy(); | |
80 | if (isset($CFG->session_timeout)) { | |
81 | $this->timeout = $CFG->session_timeout * 60; | |
82 | } else { | |
83 | $this->timeout = 20 * 60; | |
84 | } | |
85 | ||
86 | if (ini_get('session.gc_maxlifetime') != $this->timeout) | |
87 | ini_set('session.gc_maxlifetime', $this->timeout); | |
88 | if (ini_get('session.cookie_lifetime') != $this->timeout) | |
89 | ini_set('session.cookie_lifetime', $this->timeout); | |
90 | ||
91 | session_start(); | |
92 | ||
93 | //echo ini_get('session.gc_maxlifetime').':'.ini_get('session.cookie_lifetime'); | |
94 | } | |
95 | ||
96 | public static function getInstance() { | |
97 | global $CFG; | |
98 | ||
99 | session_start(); | |
100 | if (!is_object(self::$_instance)) { | |
101 | if (isset($_SESSION['Utils'])) { | |
102 | self::$_instance = unserialize($_SESSION['Utils']); | |
103 | file_put_contents('/tmp/dump', 'Unserialize called: '.var_export(self::$_instance, true), FILE_APPEND); | |
104 | } else { | |
105 | self::$_instance = new Utils(); | |
106 | } | |
107 | } | |
108 | ||
109 | $time = $_SERVER['REQUEST_TIME']; | |
110 | if (isset($_SESSION['LAST_ACTIVITY']) && | |
111 | ($time - $_SESSION['LAST_ACTIVITY']) >= self::$_instance->timeout) { | |
112 | echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); | |
113 | exit; | |
114 | session_unset(); | |
115 | session_destroy(); | |
116 | self::$_instance->user = null; | |
117 | self::$_instance->is_admin = false; | |
118 | $_SESSION['Utils'] = serialize(self::$_instance); | |
119 | } else { | |
120 | $_SESSION['LAST_ACTIVITY'] = $time; | |
121 | } | |
122 | ||
123 | return self::$_instance; | |
124 | } | |
125 | ||
126 | public function logout() { | |
127 | $_SESSION = array(); | |
128 | if (ini_get('session.use_cookies')) { | |
129 | $params = session_get_cookie_params(); | |
130 | setcookie(session_name(), '', time() - 42000, | |
131 | $params['path'], $params['domain'], | |
132 | $params['secure'], $params['httponly']); | |
133 | } | |
134 | session_unset(); | |
135 | session_destroy(); | |
136 | $this->user = null; | |
137 | $this->is_admin = false; | |
138 | } | |
139 | ||
140 | public function isAdmin() { | |
141 | //file_put_contents('/tmp/login.txt', var_export($this, true)); | |
142 | return $this->is_admin; | |
143 | } | |
144 | ||
145 | public function login($user, $pw) { | |
146 | global $CFG; | |
147 | $result = false; | |
148 | ||
149 | unset($_SESSION['user']); | |
150 | unset($_SESSION['is_admin']); | |
151 | $this->user = null; | |
152 | $this->is_admin = false; | |
153 | ||
154 | $p = explode('@', $user); | |
155 | if (count($p) != 2) { | |
156 | $this->loginStatus = 'Bad username'; | |
157 | return false; | |
158 | } | |
159 | $domain = $p[1]; | |
160 | $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn"; | |
161 | $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))"; | |
162 | $ds = @ldap_connect($CFG->ldap_dsn); | |
163 | if ($ds) { | |
164 | @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); | |
165 | $r = @ldap_bind($ds, $dn, $pw); | |
166 | if ($r) { | |
167 | $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin')); | |
168 | $info = @ldap_get_entries($ds, $sr); // array | |
169 | if ($info['count'] > 0) { | |
170 | $_SESSION['user'] = $user; | |
171 | $this->user = $user; | |
172 | $result = true; | |
173 | $this->loginStatus = 'OK'; | |
174 | $admin = 'NO'; | |
175 | if (isset($info[0]['domainglobaladmin'])) { | |
176 | $admin = $info[0]['domainglobaladmin'][0]; | |
177 | $admin = strtoupper($admin); | |
178 | } | |
179 | $this->is_admin = ($admin == 'YES') ? true : false; | |
180 | $_SESSION['is_admin'] = $this->is_admin; | |
181 | } else { | |
182 | $this->loginStatus = 'Login failed'; | |
183 | } | |
184 | } else { | |
185 | $this->loginStatus = ldap_error($ds); | |
186 | } | |
187 | @ldap_close($ds); | |
188 | } else { | |
189 | $this->loginStatus = 'Connect to LDAP server failed'; | |
190 | } | |
191 | ||
192 | $_SESSION['Utils'] = serialize($this); | |
193 | ||
194 | return $result; | |
195 | } | |
196 | ||
197 | public function getLoginStatus() { | |
198 | return $this->loginStatus; | |
199 | } | |
200 | ||
201 | public function isLoggedIn() { | |
202 | global $CFG; | |
203 | $loggedIn = false; | |
204 | ||
205 | if ($this->user) { | |
206 | $loggedIn = true; | |
207 | } else if (isset($_SESSION['user'])) { | |
208 | $this->user = $_SESSION['user']; | |
209 | $loggedIn = true; | |
210 | } else { | |
211 | if ($CFG->auth_method == 'HTTP_AUTH') { | |
212 | if (isset($this->server['PHP_AUTH_USER'])) { | |
213 | $this->user = $this->server['PHP_AUTH_USER']; | |
214 | $loggedIn = true; | |
215 | } | |
216 | } | |
217 | } | |
218 | ||
219 | if ($loggedIn == false) { | |
220 | echo '$this->user: '.$this->user.' $_SESSION[\'user\']: '.$_SESSION['user']; | |
221 | echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); | |
222 | exit; | |
223 | } | |
224 | ||
225 | $_SESSION['Utils'] = serialize($this); | |
226 | ||
227 | return $loggedIn; | |
228 | } | |
229 | ||
230 | public function getUser() { | |
231 | $this->isLoggedIn(); | |
232 | return $this->user; | |
233 | } | |
234 | ||
235 | public function getHeader() { | |
236 | return $this->header; | |
237 | } | |
238 | ||
239 | public function getFooter() { | |
240 | return $this->footer; | |
241 | } | |
242 | ||
243 | public function getHeading() { | |
244 | return $this->heading; | |
245 | } | |
246 | ||
247 | public function setHeading($heading) { | |
248 | global $CFG; | |
249 | ||
250 | $timeout = $CFG->session_timeout * 60 * 1000; | |
251 | $this->heading = str_replace('__TITLE__', $heading, $this->heading); | |
252 | $this->header = str_replace('__TITLE__', $heading, $this->header); | |
253 | $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header); | |
254 | $this->header = str_replace('__TIMEOUT__', $timeout, $this->header); | |
255 | ||
256 | $_SESSION['Utils'] = serialize($this); | |
257 | } | |
258 | ||
259 | public function convertContent($code) { | |
260 | $table = array( | |
261 | 'V' => 'Virus', | |
262 | 'B' => 'Banned', | |
263 | 'U' => 'Unchecked', | |
264 | 'S' => 'Spam', | |
265 | 'Y' => 'Spammy', | |
266 | 'M' => 'Bad Mime', | |
267 | 'H' => 'Bad Header', | |
268 | 'O' => 'Over sized', | |
269 | 'T' => 'MTA err', | |
270 | 'C' => 'Clean' | |
271 | ); | |
272 | ||
273 | $string = $table[$code]; | |
274 | if (empty($string)) | |
275 | $string = 'Unknown'; | |
276 | ||
277 | return $string; | |
278 | } | |
279 | ||
280 | } |