]> git.datanom.net - qtadmin.git/blob - lib/utils.inc.php
projects / qtadmin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add check for valid session
[qtadmin.git] / lib / utils.inc.php
1 <?php
2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once $CFG->root .'config.php';
4
5 class Utils {
6
7 private $timeout = false;
8 private $settings;
9 private $log_level;
10 private $log_method;
11 private $header = '<!DOCTYPE html>
12 <html>
13 <head>
14 <meta charset="utf-8">
15 <link rel="stylesheet" href="css/styles.css">
16 <script>
17 var timeout = __TIMEOUT__;
18 </script>
19 <script src="__ROOT__js/timer.js"></script>
20 <script src="__ROOT__js/checkbox.js"></script>
21 <title>__TITLE__</title>
22 </head>
23 <body>';
24 private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
25 title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
26 private $heading = '<p id="time" class="time">Session timeout:
27 <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
28
29 public function __construct() {
30 global $CFG;
31
32 if (isset($CFG->log_level)) {
33 $this->log_level = $CFG->log_level;
34 } else {
35 $this->log_level = 1;
36 }
37
38 if (isset($CFG->log_method)) {
39 $this->log_method = $CFG->log_method;
40 } else {
41 $this->log_level = 'syslog';
42 }
43
44 $this->log("Init Utils", 4);
45
46 $this->startSession();
47
48 if (! isset($_SESSION['settings'])) {
49 $this->initSettings();
50 }
51 $this->settings = $_SESSION['settings'];
52
53 if ($CFG->auth_method == 'HTTP_AUTH') {
54 if (isset($this->server['PHP_AUTH_USER'])) {
55 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
56 $this->settings['loginStatus'] = 'OK';
57 if ($CFG->admin_user == $this->settings['user'])
58 $this->settings['admin'] = true;
59 }
60 }
61 }
62
63 private function log($message, $level = 1) {
64 global $CFG;
65
66 if ($level > $this->log_level)
67 return;
68
69 $time = date('c');
70 $msg = "[$time] $message";
71
72 $priority = LOG_INFO;
73 switch ($level) {
74 case 1: $priority = LOG_ERR; break;
75 case 2: $priority = LOG_WARNING; break;
76 case 3: $priority = LOG_INFO; break;
77 case 4: $priority = LOG_DEBUG; break;
78 }
79
80 switch ($this->log_method) {
81 case 'file':
82 case 'stderr':
83 case 'syslog':
84 syslog($priority,$msg);
85 break;
86 }
87 }
88
89 private function initSettings() {
90 if ('' == session_id()) {
91 $this->startSession();
92 }
93
94 if (false !== $this->timeout) {
95 $timeout = $this->timeout;
96 } else {
97 $timeout = 0;
98 }
99
100 $this->settings = array(
101 'server' => $_SERVER,
102 'user' => null,
103 'admin' => false,
104 'loginStatus' => 'Not logged in',
105 'timeout' => $timeout
106 );
107
108 $_SESSION['settings'] = $this->settings;
109 }
110
111 private function startSession() {
112 global $CFG;
113
114 if (isset($CFG->session_timeout)) {
115 $this->timeout = $CFG->session_timeout * 60;
116 } else {
117 $this->timeout = 20 * 60;
118 }
119
120 if (ini_get('session.gc_maxlifetime') != $this->timeout)
121 ini_set('session.gc_maxlifetime', $this->timeout);
122 if (ini_get('session.cookie_lifetime') != $this->timeout)
123 ini_set('session.cookie_lifetime', $this->timeout);
124
125 session_start();
126 }
127
128 private function checkSession() {
129 global $CFG;
130
131 if ('' == session_id()) {
132 $this->startSession();
133 }
134
135 $time = $_SERVER['REQUEST_TIME'];
136 if (isset($_SESSION['LAST_ACTIVITY']) &&
137 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
138 echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
139 $this->logout();
140 } else {
141 $_SESSION['LAST_ACTIVITY'] = $time;
142 }
143 }
144
145 public function logout() {
146 if (ini_get('session.use_cookies')) {
147 $params = session_get_cookie_params();
148 setcookie(session_name(), '', time() - 42000,
149 $params['path'], $params['domain'],
150 $params['secure'], $params['httponly']);
151 }
152
153 if ('' != session_id()) {
154 $_SESSION = array();
155 session_unset();
156 session_destroy();
157 }
158 $this->settings = array();
159 }
160
161 public function isAdmin() {
162 $admin = false;
163
164 if (isset($this->settings['admin'])) {
165 $admin = $this->settings['admin'];
166 }
167
168 return $admin;
169 }
170
171 public function login($user, $pw) {
172 global $CFG;
173 $result = false;
174
175 if ('' == session_id()) {
176 $this->startSession();
177 }
178
179 $this->settings['user'] = null;
180 $this->settings['admin'] = false;
181
182 $p = explode('@', $user);
183 if (count($p) != 2) {
184 $this->settings['loginStatus'] = 'Bad username';
185 } else {
186 $domain = $p[1];
187 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
188 $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
189 $ds = @ldap_connect($CFG->ldap_dsn);
190 if ($ds) {
191 @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
192 $r = @ldap_bind($ds, $dn, $pw);
193 if ($r) {
194 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
195 $info = @ldap_get_entries($ds, $sr); // array
196 if ($info['count'] > 0) {
197 $this->settings['user'] = $user;
198 $result = true;
199 $this->settings['loginStatus'] = 'OK';
200 $admin = 'NO';
201 if (isset($info[0]['domainglobaladmin'])) {
202 $admin = $info[0]['domainglobaladmin'][0];
203 $admin = strtoupper($admin);
204 }
205 $this->settings['admin'] = ($admin == 'YES') ? true : false;
206 } else {
207 $this->settings['loginStatus'] = 'Login failed';
208 }
209 } else {
210 $this->settings['loginStatus'] = ldap_error($ds);
211 }
212 @ldap_close($ds);
213 } else {
214 $this->settings['loginStatus'] = 'Connect to LDAP server failed';
215 }
216 }
217
218 $_SESSION['settings'] = $this->settings;
219
220 return $result;
221 }
222
223 public function getLoginStatus() {
224 $status = 'Not logged in';
225
226 if (isset($this->settings['loginStatus'])) {
227 $status = $this->settings['loginStatus'];
228 }
229
230 return $status;
231 }
232
233 public function isLoggedIn() {
234 global $CFG;
235 $loggedIn = false;
236
237 if ('' == session_id()) {
238 $this->startSession();
239 }
240
241 $this->checkSession();
242
243 if (isset($this->settings['user'])) {
244 if ($this->settings['user'] != null) {
245 $loggedIn = true;
246 } else {
247 if ($CFG->auth_method == 'HTTP_AUTH') {
248 if (isset($this->server['PHP_AUTH_USER'])) {
249 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
250 $loggedIn = true;
251 }
252 }
253 }
254 }
255
256 if ($loggedIn == false) {
257 echo '$this->settings: '.var_export($this->settings, true);
258 echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
259 //exit;
260 }
261
262 $_SESSION['settings'] = $this->settings;
263
264 return $loggedIn;
265 }
266
267 public function getUser() {
268 $user = null;
269
270 if ($this->isLoggedIn()) {
271 $user = $this->settings['user'];
272 }
273
274 return $user;
275 }
276
277 public function getHeader() {
278 return $this->header;
279 }
280
281 public function getFooter() {
282 return $this->footer;
283 }
284
285 public function getHeading() {
286 return $this->heading;
287 }
288
289 public function setHeading($heading) {
290 global $CFG;
291
292 $timeout = $CFG->session_timeout * 60 * 1000;
293 $this->heading = str_replace('__TITLE__', $heading, $this->heading);
294 $this->header = str_replace('__TITLE__', $heading, $this->header);
295 $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
296 $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
297 }
298
299 public function convertContent($code) {
300 $table = array(
301 'V' => 'Virus',
302 'B' => 'Banned',
303 'U' => 'Unchecked',
304 'S' => 'Spam',
305 'Y' => 'Spammy',
306 'M' => 'Bad Mime',
307 'H' => 'Bad Header',
308 'O' => 'Over sized',
309 'T' => 'MTA err',
310 'C' => 'Clean'
311 );
312
313 $string = $table[$code];
314 if (empty($string))
315 $string = 'Unknown';
316
317 return $string;
318 }
319
320 }
An Amavisd qurantine administration interface
This page took 0.100409 seconds and 6 git commands to generate.