]> git.datanom.net - qtadmin.git/blob - lib/utils.inc.php
projects / qtadmin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix bug in session handler
[qtadmin.git] / lib / utils.inc.php
1 <?php
2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once $CFG->root .'config.php';
4
5 class Utils implements Serializable {
6
7 private static $_instance = null;
8 private $server;
9 private $user;
10 private $is_admin;
11 private $loginStatus;
12 private $timeout;
13 private $header = '<!DOCTYPE html>
14 <html>
15 <head>
16 <meta charset="utf-8">
17 <link rel="stylesheet" href="css/styles.css">
18 <script>
19 var timeout = __TIMEOUT__;
20 </script>
21 <script src="__ROOT__js/timer.js"></script>
22 <script src="__ROOT__js/checkbox.js"></script>
23 <title>__TITLE__</title>
24 </head>
25 <body>';
26 private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
27 title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
28 private $heading = '<p id="time" class="time">Session timeout:
29 <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
30
31 private function __construct() {
32 global $CFG;
33
34 $this->server = $_SERVER;
35
36 $this->user = null;
37 $this->is_admin = false;
38 $this->loginStatus = 'Not logged in';
39
40 $this->startSession();
41
42 if (isset($_SESSION['user'])) {
43 $this->user = $_SESSION['user'];
44 $this->loginStatus = 'OK';
45 $this->is_admin = $_SESSION['is_admin'];
46 } else {
47 if ($CFG->auth_method == 'HTTP_AUTH') {
48 if (isset($this->server['PHP_AUTH_USER'])) {
49 $this->user = $this->server['PHP_AUTH_USER'];
50 $this->loginStatus = 'OK';
51 if ($CFG->admin_user == $this->user)
52 $this->is_admin = true;
53 }
54 }
55 }
56 $_SESSION['user'] = $this->user;
57 $_SESSION['is_admin'] = $this->is_admin;
58 $_SESSION['Utils'] = serialize($this);
59 }
60
61 private function __clone() {}
62
63 public function serialize() {
64 file_put_contents('/tmp/dump', 'Serialize called: '.var_export($this, true), FILE_APPEND);
65 return serialize(get_object_vars($this));
66 }
67
68 public function unserialize($data) {
69 $values = unserialize($data);
70 foreach ($values as $key=>$value) {
71 $this->$key = $value;
72 }
73 }
74
75 private function startSession() {
76 global $CFG;
77
78 session_unset();
79 session_destroy();
80 if (isset($CFG->session_timeout)) {
81 $this->timeout = $CFG->session_timeout * 60;
82 } else {
83 $this->timeout = 20 * 60;
84 }
85
86 if (ini_get('session.gc_maxlifetime') != $this->timeout)
87 ini_set('session.gc_maxlifetime', $this->timeout);
88 if (ini_get('session.cookie_lifetime') != $this->timeout)
89 ini_set('session.cookie_lifetime', $this->timeout);
90
91 session_start();
92
93 //echo ini_get('session.gc_maxlifetime').':'.ini_get('session.cookie_lifetime');
94 }
95
96 public static function getInstance() {
97 global $CFG;
98
99 session_start();
100 if (!is_object(self::$_instance)) {
101 if (isset($_SESSION['Utils'])) {
102 self::$_instance = unserialize($_SESSION['Utils']);
103 file_put_contents('/tmp/dump', 'Unserialize called: '.var_export(self::$_instance, true), FILE_APPEND);
104 } else {
105 self::$_instance = new Utils();
106 }
107 }
108
109 $time = $_SERVER['REQUEST_TIME'];
110 if (isset($_SESSION['LAST_ACTIVITY']) &&
111 ($time - $_SESSION['LAST_ACTIVITY']) >= self::$_instance->timeout) {
112 echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
113 exit;
114 session_unset();
115 session_destroy();
116 self::$_instance->user = null;
117 self::$_instance->is_admin = false;
118 $_SESSION['Utils'] = serialize(self::$_instance);
119 } else {
120 $_SESSION['LAST_ACTIVITY'] = $time;
121 }
122
123 return self::$_instance;
124 }
125
126 public function logout() {
127 $_SESSION = array();
128 if (ini_get('session.use_cookies')) {
129 $params = session_get_cookie_params();
130 setcookie(session_name(), '', time() - 42000,
131 $params['path'], $params['domain'],
132 $params['secure'], $params['httponly']);
133 }
134 session_unset();
135 session_destroy();
136 $this->user = null;
137 $this->is_admin = false;
138 }
139
140 public function isAdmin() {
141 //file_put_contents('/tmp/login.txt', var_export($this, true));
142 return $this->is_admin;
143 }
144
145 public function login($user, $pw) {
146 global $CFG;
147 $result = false;
148
149 unset($_SESSION['user']);
150 unset($_SESSION['is_admin']);
151 $this->user = null;
152 $this->is_admin = false;
153
154 $p = explode('@', $user);
155 if (count($p) != 2) {
156 $this->loginStatus = 'Bad username';
157 return false;
158 }
159 $domain = $p[1];
160 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
161 $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
162 $ds = @ldap_connect($CFG->ldap_dsn);
163 if ($ds) {
164 @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
165 $r = @ldap_bind($ds, $dn, $pw);
166 if ($r) {
167 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
168 $info = @ldap_get_entries($ds, $sr); // array
169 if ($info['count'] > 0) {
170 $_SESSION['user'] = $user;
171 $this->user = $user;
172 $result = true;
173 $this->loginStatus = 'OK';
174 $admin = 'NO';
175 if (isset($info[0]['domainglobaladmin'])) {
176 $admin = $info[0]['domainglobaladmin'][0];
177 $admin = strtoupper($admin);
178 }
179 $this->is_admin = ($admin == 'YES') ? true : false;
180 $_SESSION['is_admin'] = $this->is_admin;
181 } else {
182 $this->loginStatus = 'Login failed';
183 }
184 } else {
185 $this->loginStatus = ldap_error($ds);
186 }
187 @ldap_close($ds);
188 } else {
189 $this->loginStatus = 'Connect to LDAP server failed';
190 }
191
192 $_SESSION['Utils'] = serialize($this);
193
194 return $result;
195 }
196
197 public function getLoginStatus() {
198 return $this->loginStatus;
199 }
200
201 public function isLoggedIn() {
202 global $CFG;
203 $loggedIn = false;
204
205 if ($this->user) {
206 $loggedIn = true;
207 } else if (isset($_SESSION['user'])) {
208 $this->user = $_SESSION['user'];
209 $loggedIn = true;
210 } else {
211 if ($CFG->auth_method == 'HTTP_AUTH') {
212 if (isset($this->server['PHP_AUTH_USER'])) {
213 $this->user = $this->server['PHP_AUTH_USER'];
214 $loggedIn = true;
215 }
216 }
217 }
218
219 if ($loggedIn == false) {
220 echo '$this->user: '.$this->user.' $_SESSION[\'user\']: '.$_SESSION['user'];
221 echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
222 exit;
223 }
224
225 $_SESSION['Utils'] = serialize($this);
226
227 return $loggedIn;
228 }
229
230 public function getUser() {
231 $this->isLoggedIn();
232 return $this->user;
233 }
234
235 public function getHeader() {
236 return $this->header;
237 }
238
239 public function getFooter() {
240 return $this->footer;
241 }
242
243 public function getHeading() {
244 return $this->heading;
245 }
246
247 public function setHeading($heading) {
248 global $CFG;
249
250 $timeout = $CFG->session_timeout * 60 * 1000;
251 $this->heading = str_replace('__TITLE__', $heading, $this->heading);
252 $this->header = str_replace('__TITLE__', $heading, $this->header);
253 $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
254 $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
255
256 $_SESSION['Utils'] = serialize($this);
257 }
258
259 public function convertContent($code) {
260 $table = array(
261 'V' => 'Virus',
262 'B' => 'Banned',
263 'U' => 'Unchecked',
264 'S' => 'Spam',
265 'Y' => 'Spammy',
266 'M' => 'Bad Mime',
267 'H' => 'Bad Header',
268 'O' => 'Over sized',
269 'T' => 'MTA err',
270 'C' => 'Clean'
271 );
272
273 $string = $table[$code];
274 if (empty($string))
275 $string = 'Unknown';
276
277 return $string;
278 }
279
280 }
An Amavisd qurantine administration interface
This page took 0.186639 seconds and 6 git commands to generate.