]> git.datanom.net - qtadmin.git/blob - lib/utils.inc.php
projects / qtadmin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add check for valid session
[qtadmin.git] / lib / utils.inc.php
1 <?php
2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once $CFG->root .'config.php';
4
5 class Utils {
6
7 private $timeout = false;
8 private $settings;
9 private $log_level;
10 private $log_method;
11 private $header = '<!DOCTYPE html>
12 <html>
13 <head>
14 <meta charset="utf-8">
15 <link rel="stylesheet" href="css/styles.css">
16 <script>
17 var timeout = __TIMEOUT__;
18 </script>
19 <script src="__ROOT__js/timer.js"></script>
20 <script src="__ROOT__js/checkbox.js"></script>
21 <title>__TITLE__</title>
22 </head>
23 <body>';
24 private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
25 title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
26 private $heading = '<p id="time" class="time">Session timeout:
27 <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
28
29 public function __construct() {
30 global $CFG;
31
32 if (isset($CFG->log_level)) {
33 $this->log_level = $CFG->log_level;
34 } else {
35 $this->log_level = 1;
36 }
37
38 if (isset($CFG->log_method)) {
39 $this->log_method = $CFG->log_method;
40 } else {
41 $this->log_level = 'syslog';
42 }
43
44 $this->log("Init Utils", 4);
45
46 $this->log("__construct[1]: user ".var_export($this->settings['user'], true), 3);
47 $this->startSession();
48 $this->log("__construct[2]: user ".var_export($this->settings['user'], true), 3);
49
50 if (! isset($_SESSION['settings'])) {
51 $this->initSettings();
52 }
53 $this->log("__construct[3]: user ".var_export($this->settings['user'], true), 3);
54 $this->settings = $_SESSION['settings'];
55 $this->log("__construct[4]: user ".var_export($this->settings['user'], true), 3);
56
57 if ($CFG->auth_method == 'HTTP_AUTH') {
58 if (isset($this->server['PHP_AUTH_USER'])) {
59 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
60 $this->settings['loginStatus'] = 'OK';
61 if ($CFG->admin_user == $this->settings['user'])
62 $this->settings['admin'] = true;
63 }
64 }
65 }
66
67 private function log($message, $level = 1) {
68 global $CFG;
69
70 if ($level > $this->log_level)
71 return;
72
73 $time = date('c');
74
75 $priority = LOG_INFO;
76 switch ($level) {
77 case 1: $priority = LOG_ERR; break;
78 case 2: $priority = LOG_WARNING; break;
79 case 3: $priority = LOG_INFO; break;
80 case 4: $priority = LOG_DEBUG; break;
81 }
82
83 switch ($this->log_method) {
84 case 'file':
85 case 'stderr':
86 case 'syslog':
87 syslog($priority, $message);
88 break;
89 }
90 }
91
92 private function initSettings() {
93 $this->log("InitSettings", 4);
94
95 if ('' == session_id()) {
96 $this->startSession();
97 }
98
99 if (false !== $this->timeout) {
100 $timeout = $this->timeout;
101 } else {
102 $timeout = 0;
103 }
104
105 $this->settings = array(
106 'server' => $_SERVER,
107 'user' => null,
108 'admin' => false,
109 'loginStatus' => 'Not logged in',
110 'timeout' => $timeout
111 );
112
113 $_SESSION['settings'] = $this->settings;
114 }
115
116 private function startSession() {
117 global $CFG;
118
119 $this->log("startSession", 4);
120
121 if (isset($CFG->session_timeout)) {
122 $this->timeout = $CFG->session_timeout * 60;
123 } else {
124 $this->timeout = 20 * 60;
125 }
126
127 if (ini_get('session.gc_maxlifetime') != $this->timeout)
128 ini_set('session.gc_maxlifetime', $this->timeout);
129 if (ini_get('session.cookie_lifetime') != $this->timeout)
130 ini_set('session.cookie_lifetime', $this->timeout);
131
132 session_start();
133 }
134
135 private function checkSession() {
136 global $CFG;
137
138 $this->log("checkSession", 4);
139
140 if ('' == session_id()) {
141 $this->startSession();
142 }
143
144 $time = $_SERVER['REQUEST_TIME'];
145 if (isset($_SESSION['LAST_ACTIVITY']) &&
146 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
147 echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
148 $this->logout();
149 } else {
150 $_SESSION['LAST_ACTIVITY'] = $time;
151 }
152 }
153
154 public function logout() {
155 $this->log("logout", 4);
156
157 if (ini_get('session.use_cookies')) {
158 $params = session_get_cookie_params();
159 setcookie(session_name(), '', time() - 42000,
160 $params['path'], $params['domain'],
161 $params['secure'], $params['httponly']);
162 }
163
164 if ('' != session_id()) {
165 $_SESSION = array();
166 session_unset();
167 session_destroy();
168 }
169 $this->settings = array();
170 }
171
172 public function isAdmin() {
173 $admin = false;
174
175 $this->log("isAdmin", 4);
176
177 if (isset($this->settings['admin'])) {
178 $admin = $this->settings['admin'];
179 }
180
181 return $admin;
182 }
183
184 public function login($user, $pw) {
185 global $CFG;
186 $result = false;
187
188 $this->log("login", 4);
189
190 if ('' == session_id()) {
191 $this->startSession();
192 }
193
194 $this->settings['user'] = null;
195 $this->settings['admin'] = false;
196
197 $p = explode('@', $user);
198 if (count($p) != 2) {
199 $this->settings['loginStatus'] = 'Bad username';
200 } else {
201 $domain = $p[1];
202 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
203 $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
204 $ds = @ldap_connect($CFG->ldap_dsn);
205 if ($ds) {
206 @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
207 $r = @ldap_bind($ds, $dn, $pw);
208 if ($r) {
209 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
210 $info = @ldap_get_entries($ds, $sr); // array
211 if ($info['count'] > 0) {
212 $this->settings['user'] = $user;
213 $result = true;
214 $this->settings['loginStatus'] = 'OK';
215 $admin = 'NO';
216 if (isset($info[0]['domainglobaladmin'])) {
217 $admin = $info[0]['domainglobaladmin'][0];
218 $admin = strtoupper($admin);
219 }
220 $this->settings['admin'] = ($admin == 'YES') ? true : false;
221 } else {
222 $this->settings['loginStatus'] = 'Login failed';
223 }
224 } else {
225 $this->settings['loginStatus'] = ldap_error($ds);
226 }
227 @ldap_close($ds);
228 } else {
229 $this->settings['loginStatus'] = 'Connect to LDAP server failed';
230 }
231 }
232
233 $_SESSION['settings'] = $this->settings;
234
235 return $result;
236 }
237
238 public function getLoginStatus() {
239 $status = 'Not logged in';
240
241 $this->log("getLoginStatus", 4);
242
243 if (isset($this->settings['loginStatus'])) {
244 $status = $this->settings['loginStatus'];
245 }
246
247 return $status;
248 }
249
250 public function isLoggedIn() {
251 global $CFG;
252 $loggedIn = false;
253
254 $this->log("isLoggedIn[1]: user ".var_export($this->settings['user'], true), 3);
255
256 if ('' == session_id()) {
257 $this->startSession();
258 }
259
260 $this->log("isLoggedIn[2]: user ".var_export($this->settings['user'], true), 3);
261 $this->checkSession();
262 $this->log("isLoggedIn[3]: user ".var_export($this->settings['user'], true), 3);
263
264 if (isset($this->settings['user'])) {
265 if ($this->settings['user'] != null) {
266 $loggedIn = true;
267 } else {
268 if ($CFG->auth_method == 'HTTP_AUTH') {
269 if (isset($this->server['PHP_AUTH_USER'])) {
270 $this->settings['user'] = $this->server['PHP_AUTH_USER'];
271 $loggedIn = true;
272 }
273 }
274 }
275 }
276
277 if ($loggedIn == false) {
278 echo '$this->settings: '.var_export($this->settings, true);
279 echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
280 //exit;
281 }
282
283 $_SESSION['settings'] = $this->settings;
284
285 return $loggedIn;
286 }
287
288 public function getUser() {
289 $user = null;
290
291 $this->log("getUser", 4);
292
293 if ($this->isLoggedIn()) {
294 $user = $this->settings['user'];
295 }
296
297 return $user;
298 }
299
300 public function getHeader() {
301 $this->log("getHeader", 4);
302
303 return $this->header;
304 }
305
306 public function getFooter() {
307 $this->log("getFooter", 4);
308
309 return $this->footer;
310 }
311
312 public function getHeading() {
313 $this->log("getHeading", 4);
314
315 return $this->heading;
316 }
317
318 public function setHeading($heading) {
319 global $CFG;
320
321 $this->log("setHeading", 4);
322
323 $timeout = $CFG->session_timeout * 60 * 1000;
324 $this->heading = str_replace('__TITLE__', $heading, $this->heading);
325 $this->header = str_replace('__TITLE__', $heading, $this->header);
326 $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
327 $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
328 }
329
330 public function convertContent($code) {
331 $this->log("convertContent", 4);
332
333 $table = array(
334 'V' => 'Virus',
335 'B' => 'Banned',
336 'U' => 'Unchecked',
337 'S' => 'Spam',
338 'Y' => 'Spammy',
339 'M' => 'Bad Mime',
340 'H' => 'Bad Header',
341 'O' => 'Over sized',
342 'T' => 'MTA err',
343 'C' => 'Clean'
344 );
345
346 $string = $table[$code];
347 if (empty($string))
348 $string = 'Unknown';
349
350 return $string;
351 }
352
353 }
An Amavisd qurantine administration interface
This page took 0.109605 seconds and 6 git commands to generate.