2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once $CFG->root
.'config.php';
4 require_once $CFG->root
. 'lib/session_handler.inc.php';
8 private $timeout = false;
12 private $header = '<!DOCTYPE html>
15 <meta charset="utf-8">
16 <link rel="stylesheet" href="css/styles.css">
18 var timeout = __TIMEOUT__;
20 <script src="__ROOT__js/timer.js"></script>
21 <script src="__ROOT__js/checkbox.js"></script>
22 <script src="__ROOT__js/forms.js"></script>
23 <title>__TITLE__</title>
25 <body><div id="container">';
26 private $footer = '</div><div id="footer"><p>Powered by <a href="https://qtadmin.datanom.net"
27 title="Goto QtAdmin homepage">QtAdmin</a>. © 2015 by Michael Rasmussen</p>
28 </div></body></html>';
29 private $heading = '<p id="time" class="time">Session timeout:
30 <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
32 public function __construct() {
35 if (isset($CFG->log_level
)) {
36 $this->log_level
= $CFG->log_level
;
41 if (isset($CFG->log_method
)) {
42 $this->log_method
= $CFG->log_method
;
44 $this->log_level
= 'syslog';
47 $this->log("Init Utils", 4);
49 $this->log("__construct[1]: user ".var_export($this->settings
['user'], true), 3);
50 $this->startSession();
51 $this->log("__construct[2]: user ".var_export($this->settings
['user'], true), 3);
53 if (! isset($_SESSION['settings'])) {
54 $this->initSettings();
56 $this->log("__construct[3]: user ".var_export($this->settings
['user'], true), 3);
57 $this->settings
= $_SESSION['settings'];
58 $this->log("__construct[4]: user ".var_export($this->settings
['user'], true), 3);
60 if ($CFG->auth_method
== 'HTTP_AUTH') {
61 if (isset($_SERVER['PHP_AUTH_USER'])) {
62 $this->settings
['user'] = $_SERVER['PHP_AUTH_USER'];
63 $this->settings
['loginStatus'] = 'OK';
64 if ($CFG->admin_user
== $this->settings
['user'])
65 $this->settings
['admin'] = true;
70 private function log($message, $level = 1) {
73 if ($level > $this->log_level
)
80 case 1: $priority = LOG_ERR
; break;
81 case 2: $priority = LOG_WARNING
; break;
82 case 3: $priority = LOG_INFO
; break;
83 case 4: $priority = LOG_DEBUG
; break;
86 switch ($this->log_method
) {
88 if (isset($CFG->log_file
)) {
89 if ($CFG->log_file
[0] == '/') {
90 $file = $CFG->log_file
;
92 $file = $CFG->root
.$CFG->log_file
;
95 $file = $CFG->root
.'qtadmin.log';
97 file_put_contents($file, "[$time]: $message\n", FILE_APPEND | LOCK_EX
);
101 file_put_contents('php://stderr', "[$time]: $message\n");
104 syslog($priority, $message);
109 private function initSettings() {
110 $this->log("InitSettings", 4);
112 if ('' == session_id()) {
113 $this->startSession();
116 if (false !== $this->timeout
) {
117 $timeout = $this->timeout
;
122 $this->settings
= array(
125 'loginStatus' => 'Not logged in',
126 'timeout' => $timeout
129 $_SESSION['settings'] = $this->settings
;
132 private function startSession() {
135 $this->log("startSession", 4);
137 if (isset($CFG->session_timeout
)) {
138 $this->timeout
= $CFG->session_timeout
* 60;
140 $this->timeout
= 20 * 60;
143 if (ini_get('session.gc_maxlifetime') != $this->timeout
)
144 ini_set('session.gc_maxlifetime', $this->timeout
);
145 //if (ini_get('session.cookie_lifetime') != $this->timeout)
146 // ini_set('session.cookie_lifetime', $this->timeout);
147 ini_set('session.cookie_lifetime', 0);
152 private function checkSession() {
155 $this->log("checkSession", 4);
157 if ('' == session_id()) {
158 $this->startSession();
161 $time = $_SERVER['REQUEST_TIME'];
162 if (isset($_SESSION['LAST_ACTIVITY']) &&
163 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings
['timeout']) {
164 $this->log('R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY'].
165 'Test: '.($time - $_SESSION['LAST_ACTIVITY'])).' >= '.$this->settings
['timeout'], 3);
168 $_SESSION['LAST_ACTIVITY'] = $time;
172 private function getCSRFPreventionToken($ticket) {
173 return array('CSRFPreventionToken: ' . $ticket->CSRFPreventionToken
);
176 private function getRestTicket($username, $password) {
178 $url = $CFG->wblistadm_url
. '/ticket';
180 $data = "username=$username&password=$password";
181 $response = $this->RESTCall($url, $data, $cookiesIn = '');
182 if ($response['http_code'] >= 200 && $response['http_code'] <= 204) {
183 $data = json_decode($response['content']);
184 $_SESSION['ticket'] = $data->data
;
185 $_SESSION['cookies'] = $response['cookies'];
192 public function makeRestCall($method, $data = null) {
195 $url = $CFG->wblistadm_url
. "/$method";
196 $token = $this->getCSRFPreventionToken($_SESSION['ticket']);
197 $response = $this->RESTCall($url, $data, $_SESSION['cookies'], $token);
199 if ($response['http_code'] >= 200 && $response['http_code'] <= 204) {
205 $data = json_decode($response['content']);
206 $result = $data->data
;
209 $result = ($data) ?
false : array();
215 private function RESTCall($url, $data = null, $cookiesIn = '', $headers = null) {
217 CURLOPT_RETURNTRANSFER
=> true, // return web page
218 CURLOPT_HEADER
=> true, //return headers in addition to content
219 CURLOPT_FOLLOWLOCATION
=> true, // follow redirects
220 CURLOPT_ENCODING
=> "", // handle all encodings
221 CURLOPT_AUTOREFERER
=> true, // set referer on redirect
222 CURLOPT_CONNECTTIMEOUT
=> 120, // timeout on connect
223 CURLOPT_TIMEOUT
=> 120, // timeout on response
224 CURLOPT_MAXREDIRS
=> 10, // stop after 10 redirects
225 CURLINFO_HEADER_OUT
=> true,
226 CURLOPT_SSL_VERIFYPEER
=> false, // Disabled SSL Cert checks
227 CURLOPT_HTTP_VERSION
=> CURL_HTTP_VERSION_1_1
,
228 CURLOPT_COOKIE
=> $cookiesIn
232 $options[CURLOPT_POST
] = 1;
233 $options[CURLOPT_POSTFIELDS
] = $data;
237 $options[CURLOPT_HTTPHEADER
] = $headers;
240 $ch = curl_init($url);
241 curl_setopt_array($ch, $options);
242 $rough_content = curl_exec($ch);
243 $err = curl_errno($ch);
244 $errmsg = curl_error($ch);
245 $header = curl_getinfo($ch);
248 $header_content = substr($rough_content, 0, $header['header_size']);
249 $body_content = trim(str_replace($header_content, '', $rough_content));
250 $pattern = "#Set-Cookie:\\s+(?<cookie>[^=]+=[^;]+)#m";
251 preg_match_all($pattern, $header_content, $matches);
252 $cookiesOut = implode("; ", $matches['cookie']);
254 $header['errno'] = $err;
255 $header['errmsg'] = $errmsg;
256 $header['headers'] = $header_content;
257 $header['content'] = $body_content;
258 $header['cookies'] = $cookiesOut;
263 public function logout() {
264 $this->log("logout", 4);
266 if (ini_get('session.use_cookies')) {
267 $params = session_get_cookie_params();
268 setcookie(session_name(), '', time() - 42000,
269 $params['path'], $params['domain'],
270 $params['secure'], $params['httponly']);
273 if ('' != session_id()) {
278 $this->settings
= array();
281 public function isAdmin() {
284 $this->log("isAdmin", 4);
286 if (isset($this->settings
['admin'])) {
287 $admin = $this->settings
['admin'];
293 public function login($user, $pw) {
297 $this->log("login", 4);
299 if ('' == session_id()) {
300 $this->startSession();
303 $this->settings
['user'] = null;
304 $this->settings
['admin'] = false;
306 $p = explode('@', $user);
307 if (count($p) != 2) {
308 $this->settings
['loginStatus'] = 'Bad username';
311 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
312 $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
313 $ds = @ldap_connect
($CFG->ldap_dsn
);
315 @ldap_set_option
($ds, LDAP_OPT_PROTOCOL_VERSION
, 3);
316 $r = @ldap_bind
($ds, $dn, $pw);
318 $sr = @ldap_search
($ds, $CFG->ldap_base_dn
, $filter, array('mail','domainglobaladmin'));
319 $info = @ldap_get_entries
($ds, $sr); // array
320 if ($info['count'] > 0) {
321 // Log in to wblistadm server and get CSRFPreventionToken
322 if ($this->getRestTicket($user, $pw)) {
323 $this->settings
['user'] = $user;
325 $this->settings
['loginStatus'] = 'OK';
327 if (isset($info[0]['domainglobaladmin'])) {
328 $admin = $info[0]['domainglobaladmin'][0];
329 $admin = strtoupper($admin);
331 $this->settings
['admin'] = ($admin == 'YES') ?
true : false;
333 $this->settings
['loginStatus'] = 'Login failed';
336 $this->settings
['loginStatus'] = 'Login failed';
339 $this->settings
['loginStatus'] = ldap_error($ds);
343 $this->settings
['loginStatus'] = 'Connect to LDAP server failed';
347 $_SESSION['settings'] = $this->settings
;
352 public function getLoginStatus() {
353 $status = 'Not logged in';
355 $this->log("getLoginStatus", 4);
357 if (isset($this->settings
['loginStatus'])) {
358 $status = $this->settings
['loginStatus'];
364 public function isLoggedIn() {
368 $this->log("isLoggedIn[1]: user ".var_export($this->settings
['user'], true), 3);
370 if ('' == session_id()) {
371 $this->startSession();
374 $this->log("isLoggedIn[2]: user ".var_export($this->settings
['user'], true), 3);
375 $this->checkSession();
376 $this->log("isLoggedIn[3]: user ".var_export($this->settings
['user'], true), 3);
378 if (isset($this->settings
['user'])) {
379 if ($this->settings
['user'] != null) {
382 if ($CFG->auth_method
== 'HTTP_AUTH') {
383 if (isset($_SERVER['PHP_AUTH_USER'])) {
384 $this->settings
['user'] = $_SERVER['PHP_AUTH_USER'];
391 if ($loggedIn == false) {
392 $this->log('$this->settings: '.var_export($this->settings
, true), 3);
393 $this->log('R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']), 3);
396 $_SESSION['settings'] = $this->settings
;
401 public function getUser() {
404 $this->log("getUser", 4);
406 if ($this->isLoggedIn()) {
407 $user = $this->settings
['user'];
413 public function authorized($recipient) {
416 $this->log("authorized '$recipient'", 3);
418 if ($this->isAdmin() ||
$this->getUser() == $recipient) {
421 $msg = ($authorized) ?
'authorize' : 'not authorize';
422 $this->log("$msg '".$this->getUser()."' rcpt '$recipient'", 3);
427 public function getHeader() {
428 $this->log("getHeader", 4);
430 return $this->header
;
433 public function getFooter() {
434 $this->log("getFooter", 4);
436 return $this->footer
;
439 public function getHeading() {
440 $this->log("getHeading", 4);
442 return $this->heading
;
445 public function setHeading($heading) {
448 $this->log("setHeading", 4);
450 $timeout = $CFG->session_timeout
* 60 * 1000;
451 $this->heading
= str_replace('__TITLE__', $heading, $this->heading
);
452 $this->header
= str_replace('__TITLE__', $heading, $this->header
);
453 $this->header
= str_replace('__ROOT__', $CFG->wwwroot
, $this->header
);
454 $this->header
= str_replace('__TIMEOUT__', $timeout, $this->header
);
457 public function convertContent($code) {
458 $this->log("convertContent", 4);
473 $string = $table[$code];