]> git.datanom.net - qtadmin.git/blob - lib/utils.inc.php
projects / qtadmin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add check for valid session
[qtadmin.git] / lib / utils.inc.php
1 <?php
2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once $CFG->root .'config.php';
4
5 class Utils {
6
7 private $timeout = false;
8 private $settings;
9 private $log_level;
10 private $log_method;
11 private $header = '<!DOCTYPE html>
12 <html>
13 <head>
14 <meta charset="utf-8">
15 <link rel="stylesheet" href="css/styles.css">
16 <script>
17 var timeout = __TIMEOUT__;
18 </script>
19 <script src="__ROOT__js/timer.js"></script>
20 <script src="__ROOT__js/checkbox.js"></script>
21 <title>__TITLE__</title>
22 </head>
23 <body>';
24 private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
25 title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
26 private $heading = '<p id="time" class="time">Session timeout:
27 <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
28
29 public function __construct() {
30 global $CFG;
31
32 $this->log("Init Utils", 4);
33
34 if (isset($CFG->log_level)) {
35 $this->log_level = $CFG->log_level;
36 } else {
37 $this->log_level = 1;
38 }
39
40 if (isset($CFG->log_method)) {
41 $this->log_method = $CFG->log_method;
42 } else {
43 $this->log_level = 'syslog';
44 }
45
46 $this->startSession();
47
48 if (! isset($_SESSION['settings'])) {
49 $this->initSettings();
50 }
51 $this->settings = $_SESSION['settings'];
52
53 if ($CFG->auth_method == 'HTTP_AUTH') {
54 if (isset($this->server['PHP_AUTH_USER'])) {
55 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
56 $this->settings['loginStatus'] = 'OK';
57 if ($CFG->admin_user == $this->settings['user'])
58 $this->settings['admin'] = true;
59 }
60 }
61 }
62
63 private function log($message, $level = 1) {
64 global $CFG;
65
66 if ($level > $this->log_level)
67 return;
68
69 $time = date('c');
70 $msg = "[$time] $message";
71
72 $priority = LOG_INFO;
73 switch ($level) {
74 case 1: $priority = LOG_ERR; break;
75 case 2: $priority = LOG_WARNING; break;
76 case 3: $priority = LOG_INFO; break;
77 case 4: $priority = LOG_DEBUG; break;
78 }
79
80 switch ($this->log_method) {
81 case 'file':
82 case 'stderr':
83 case 'syslog':
84 syslog($priority,$msg);
85 break;
86 }
87
88 private function initSettings() {
89 if ('' == session_id()) {
90 $this->startSession();
91 }
92
93 if (false !== $this->timeout) {
94 $timeout = $this->timeout;
95 } else {
96 $timeout = 0;
97 }
98
99 $this->settings = array(
100 'server' => $_SERVER,
101 'user' => null,
102 'admin' => false,
103 'loginStatus' => 'Not logged in',
104 'timeout' => $timeout
105 );
106
107 $_SESSION['settings'] = $this->settings;
108 }
109
110 private function startSession() {
111 global $CFG;
112
113 if (isset($CFG->session_timeout)) {
114 $this->timeout = $CFG->session_timeout * 60;
115 } else {
116 $this->timeout = 20 * 60;
117 }
118
119 if (ini_get('session.gc_maxlifetime') != $this->timeout)
120 ini_set('session.gc_maxlifetime', $this->timeout);
121 if (ini_get('session.cookie_lifetime') != $this->timeout)
122 ini_set('session.cookie_lifetime', $this->timeout);
123
124 session_start();
125 }
126
127 private function checkSession() {
128 global $CFG;
129
130 if ('' == session_id()) {
131 $this->startSession();
132 }
133
134 $time = $_SERVER['REQUEST_TIME'];
135 if (isset($_SESSION['LAST_ACTIVITY']) &&
136 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
137 echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
138 $this->logout();
139 } else {
140 $_SESSION['LAST_ACTIVITY'] = $time;
141 }
142 }
143
144 public function logout() {
145 if (ini_get('session.use_cookies')) {
146 $params = session_get_cookie_params();
147 setcookie(session_name(), '', time() - 42000,
148 $params['path'], $params['domain'],
149 $params['secure'], $params['httponly']);
150 }
151
152 if ('' != session_id()) {
153 $_SESSION = array();
154 session_unset();
155 session_destroy();
156 }
157 $this->settings = array();
158 }
159
160 public function isAdmin() {
161 $admin = false;
162
163 if (isset($this->settings['admin'])) {
164 $admin = $this->settings['admin'];
165 }
166
167 return $admin;
168 }
169
170 public function login($user, $pw) {
171 global $CFG;
172 $result = false;
173
174 if ('' == session_id()) {
175 $this->startSession();
176 }
177
178 $this->settings['user'] = null;
179 $this->settings['admin'] = false;
180
181 $p = explode('@', $user);
182 if (count($p) != 2) {
183 $this->settings['loginStatus'] = 'Bad username';
184 } else {
185 $domain = $p[1];
186 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
187 $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
188 $ds = @ldap_connect($CFG->ldap_dsn);
189 if ($ds) {
190 @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
191 $r = @ldap_bind($ds, $dn, $pw);
192 if ($r) {
193 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
194 $info = @ldap_get_entries($ds, $sr); // array
195 if ($info['count'] > 0) {
196 $this->settings['user'] = $user;
197 $result = true;
198 $this->settings['loginStatus'] = 'OK';
199 $admin = 'NO';
200 if (isset($info[0]['domainglobaladmin'])) {
201 $admin = $info[0]['domainglobaladmin'][0];
202 $admin = strtoupper($admin);
203 }
204 $this->settings['admin'] = ($admin == 'YES') ? true : false;
205 } else {
206 $this->settings['loginStatus'] = 'Login failed';
207 }
208 } else {
209 $this->settings['loginStatus'] = ldap_error($ds);
210 }
211 @ldap_close($ds);
212 } else {
213 $this->settings['loginStatus'] = 'Connect to LDAP server failed';
214 }
215 }
216
217 $_SESSION['settings'] = $this->settings;
218
219 return $result;
220 }
221
222 public function getLoginStatus() {
223 $status = 'Not logged in';
224
225 if (isset($this->settings['loginStatus'])) {
226 $status = $this->settings['loginStatus'];
227 }
228
229 return $status;
230 }
231
232 public function isLoggedIn() {
233 global $CFG;
234 $loggedIn = false;
235
236 if ('' == session_id()) {
237 $this->startSession();
238 }
239
240 $this->checkSession();
241
242 if (isset($this->settings['user'])) {
243 if ($this->settings['user'] != null) {
244 $loggedIn = true;
245 } else {
246 if ($CFG->auth_method == 'HTTP_AUTH') {
247 if (isset($this->server['PHP_AUTH_USER'])) {
248 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
249 $loggedIn = true;
250 }
251 }
252 }
253 }
254
255 if ($loggedIn == false) {
256 echo '$this->settings: '.var_export($this->settings, true);
257 echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
258 //exit;
259 }
260
261 $_SESSION['settings'] = $this->settings;
262
263 return $loggedIn;
264 }
265
266 public function getUser() {
267 $user = null;
268
269 if ($this->isLoggedIn()) {
270 $user = $this->settings['user'];
271 }
272
273 return $user;
274 }
275
276 public function getHeader() {
277 return $this->header;
278 }
279
280 public function getFooter() {
281 return $this->footer;
282 }
283
284 public function getHeading() {
285 return $this->heading;
286 }
287
288 public function setHeading($heading) {
289 global $CFG;
290
291 $timeout = $CFG->session_timeout * 60 * 1000;
292 $this->heading = str_replace('__TITLE__', $heading, $this->heading);
293 $this->header = str_replace('__TITLE__', $heading, $this->header);
294 $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
295 $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
296 }
297
298 public function convertContent($code) {
299 $table = array(
300 'V' => 'Virus',
301 'B' => 'Banned',
302 'U' => 'Unchecked',
303 'S' => 'Spam',
304 'Y' => 'Spammy',
305 'M' => 'Bad Mime',
306 'H' => 'Bad Header',
307 'O' => 'Over sized',
308 'T' => 'MTA err',
309 'C' => 'Clean'
310 );
311
312 $string = $table[$code];
313 if (empty($string))
314 $string = 'Unknown';
315
316 return $string;
317 }
318
319 }
An Amavisd qurantine administration interface
This page took 0.090261 seconds and 6 git commands to generate.