]> git.datanom.net - qtadmin.git/blob - lib/utils.inc.php
projects / qtadmin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add check for valid session
[qtadmin.git] / lib / utils.inc.php
1 <?php
2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once $CFG->root .'config.php';
4
5 class Utils {
6
7 private $timeout = false;
8 private $settings;
9 private $log_level;
10 private $log_method;
11 private $header = '<!DOCTYPE html>
12 <html>
13 <head>
14 <meta charset="utf-8">
15 <link rel="stylesheet" href="css/styles.css">
16 <script>
17 var timeout = __TIMEOUT__;
18 </script>
19 <script src="__ROOT__js/timer.js"></script>
20 <script src="__ROOT__js/checkbox.js"></script>
21 <title>__TITLE__</title>
22 </head>
23 <body>';
24 private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
25 title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
26 private $heading = '<p id="time" class="time">Session timeout:
27 <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
28
29 public function __construct() {
30 global $CFG;
31
32 if (isset($CFG->log_level)) {
33 $this->log_level = $CFG->log_level;
34 } else {
35 $this->log_level = 1;
36 }
37
38 if (isset($CFG->log_method)) {
39 $this->log_method = $CFG->log_method;
40 } else {
41 $this->log_level = 'syslog';
42 }
43
44 $this->log("Init Utils", 4);
45
46 $this->log("__construct[1]: user ".var_export($this->settings['user'], true), 3);
47 $this->startSession();
48 $this->log("__construct[2]: user ".var_export($this->settings['user'], true), 3);
49
50 if (! isset($_SESSION['settings'])) {
51 $this->initSettings();
52 }
53 $this->log("__construct[3]: user ".var_export($this->settings['user'], true), 3);
54 $this->settings = $_SESSION['settings'];
55 $this->log("__construct[4]: user ".var_export($this->settings['user'], true), 3);
56
57 if ($CFG->auth_method == 'HTTP_AUTH') {
58 if (isset($_SERVER['PHP_AUTH_USER'])) {
59 $this->settings['user'] = $_SERVER['PHP_AUTH_USER'];
60 $this->settings['loginStatus'] = 'OK';
61 if ($CFG->admin_user == $this->settings['user'])
62 $this->settings['admin'] = true;
63 }
64 }
65 }
66
67 private function log($message, $level = 1) {
68 global $CFG;
69
70 if ($level > $this->log_level)
71 return;
72
73 $time = date('c');
74
75 $priority = LOG_INFO;
76 switch ($level) {
77 case 1: $priority = LOG_ERR; break;
78 case 2: $priority = LOG_WARNING; break;
79 case 3: $priority = LOG_INFO; break;
80 case 4: $priority = LOG_DEBUG; break;
81 }
82
83 switch ($this->log_method) {
84 case 'file':
85 case 'stderr':
86 case 'syslog':
87 syslog($priority, $message);
88 break;
89 }
90 }
91
92 private function initSettings() {
93 $this->log("InitSettings", 4);
94
95 if ('' == session_id()) {
96 $this->startSession();
97 }
98
99 if (false !== $this->timeout) {
100 $timeout = $this->timeout;
101 } else {
102 $timeout = 0;
103 }
104
105 $this->settings = array(
106 'user' => null,
107 'admin' => false,
108 'loginStatus' => 'Not logged in',
109 'timeout' => $timeout
110 );
111
112 $_SESSION['settings'] = $this->settings;
113 }
114
115 private function startSession() {
116 global $CFG;
117
118 $this->log("startSession", 4);
119
120 if (isset($CFG->session_timeout)) {
121 $this->timeout = $CFG->session_timeout * 60;
122 } else {
123 $this->timeout = 20 * 60;
124 }
125
126 if (ini_get('session.gc_maxlifetime') != $this->timeout)
127 ini_set('session.gc_maxlifetime', $this->timeout);
128 if (ini_get('session.cookie_lifetime') != $this->timeout)
129 ini_set('session.cookie_lifetime', $this->timeout);
130
131 session_start();
132 }
133
134 private function checkSession() {
135 global $CFG;
136
137 $this->log("checkSession", 4);
138
139 if ('' == session_id()) {
140 $this->startSession();
141 }
142
143 $time = $_SERVER['REQUEST_TIME'];
144 if (isset($_SESSION['LAST_ACTIVITY']) &&
145 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
146 echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
147 $this->logout();
148 } else {
149 $_SESSION['LAST_ACTIVITY'] = $time;
150 }
151 }
152
153 public function logout() {
154 $this->log("logout", 4);
155
156 if (ini_get('session.use_cookies')) {
157 $params = session_get_cookie_params();
158 setcookie(session_name(), '', time() - 42000,
159 $params['path'], $params['domain'],
160 $params['secure'], $params['httponly']);
161 }
162
163 if ('' != session_id()) {
164 $_SESSION = array();
165 session_unset();
166 session_destroy();
167 }
168 $this->settings = array();
169 }
170
171 public function isAdmin() {
172 $admin = false;
173
174 $this->log("isAdmin", 4);
175
176 if (isset($this->settings['admin'])) {
177 $admin = $this->settings['admin'];
178 }
179
180 return $admin;
181 }
182
183 public function login($user, $pw) {
184 global $CFG;
185 $result = false;
186
187 $this->log("login", 4);
188
189 if ('' == session_id()) {
190 $this->startSession();
191 }
192
193 $this->settings['user'] = null;
194 $this->settings['admin'] = false;
195
196 $p = explode('@', $user);
197 if (count($p) != 2) {
198 $this->settings['loginStatus'] = 'Bad username';
199 } else {
200 $domain = $p[1];
201 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
202 $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
203 $ds = @ldap_connect($CFG->ldap_dsn);
204 if ($ds) {
205 @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
206 $r = @ldap_bind($ds, $dn, $pw);
207 if ($r) {
208 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
209 $info = @ldap_get_entries($ds, $sr); // array
210 if ($info['count'] > 0) {
211 $this->settings['user'] = $user;
212 $result = true;
213 $this->settings['loginStatus'] = 'OK';
214 $admin = 'NO';
215 if (isset($info[0]['domainglobaladmin'])) {
216 $admin = $info[0]['domainglobaladmin'][0];
217 $admin = strtoupper($admin);
218 }
219 $this->settings['admin'] = ($admin == 'YES') ? true : false;
220 } else {
221 $this->settings['loginStatus'] = 'Login failed';
222 }
223 } else {
224 $this->settings['loginStatus'] = ldap_error($ds);
225 }
226 @ldap_close($ds);
227 } else {
228 $this->settings['loginStatus'] = 'Connect to LDAP server failed';
229 }
230 }
231
232 $_SESSION['settings'] = $this->settings;
233
234 return $result;
235 }
236
237 public function getLoginStatus() {
238 $status = 'Not logged in';
239
240 $this->log("getLoginStatus", 4);
241
242 if (isset($this->settings['loginStatus'])) {
243 $status = $this->settings['loginStatus'];
244 }
245
246 return $status;
247 }
248
249 public function isLoggedIn() {
250 global $CFG;
251 $loggedIn = false;
252
253 $this->log("isLoggedIn[1]: user ".var_export($this->settings['user'], true), 3);
254
255 if ('' == session_id()) {
256 $this->startSession();
257 }
258
259 $this->log("isLoggedIn[2]: user ".var_export($this->settings['user'], true), 3);
260 $this->checkSession();
261 $this->log("isLoggedIn[3]: user ".var_export($this->settings['user'], true), 3);
262
263 if (isset($this->settings['user'])) {
264 if ($this->settings['user'] != null) {
265 $loggedIn = true;
266 } else {
267 if ($CFG->auth_method == 'HTTP_AUTH') {
268 if (isset($_SERVER['PHP_AUTH_USER'])) {
269 $this->settings['user'] = $_SERVER['PHP_AUTH_USER'];
270 $loggedIn = true;
271 }
272 }
273 }
274 }
275
276 if ($loggedIn == false) {
277 echo '$this->settings: '.var_export($this->settings, true);
278 echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
279 //exit;
280 }
281
282 $_SESSION['settings'] = $this->settings;
283
284 return $loggedIn;
285 }
286
287 public function getUser() {
288 $user = null;
289
290 $this->log("getUser", 4);
291
292 if ($this->isLoggedIn()) {
293 $user = $this->settings['user'];
294 }
295
296 return $user;
297 }
298
299 public function getHeader() {
300 $this->log("getHeader", 4);
301
302 return $this->header;
303 }
304
305 public function getFooter() {
306 $this->log("getFooter", 4);
307
308 return $this->footer;
309 }
310
311 public function getHeading() {
312 $this->log("getHeading", 4);
313
314 return $this->heading;
315 }
316
317 public function setHeading($heading) {
318 global $CFG;
319
320 $this->log("setHeading", 4);
321
322 $timeout = $CFG->session_timeout * 60 * 1000;
323 $this->heading = str_replace('__TITLE__', $heading, $this->heading);
324 $this->header = str_replace('__TITLE__', $heading, $this->header);
325 $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
326 $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
327 }
328
329 public function convertContent($code) {
330 $this->log("convertContent", 4);
331
332 $table = array(
333 'V' => 'Virus',
334 'B' => 'Banned',
335 'U' => 'Unchecked',
336 'S' => 'Spam',
337 'Y' => 'Spammy',
338 'M' => 'Bad Mime',
339 'H' => 'Bad Header',
340 'O' => 'Over sized',
341 'T' => 'MTA err',
342 'C' => 'Clean'
343 );
344
345 $string = $table[$code];
346 if (empty($string))
347 $string = 'Unknown';
348
349 return $string;
350 }
351
352 }
An Amavisd qurantine administration interface
This page took 0.108329 seconds and 6 git commands to generate.