lib/utils.inc.php

   1 <?php
   2 /* vim: set ts=4 tw=0 sw=4 noet: */
   3 require_once $CFG->root .'config.php';
   4
   5 class Utils {
   6
   7     private static $_instance = null;
   8     private $server;
   9     private $user;
  10     private $is_admin;
  11     private $loginStatus;
  12     private $header = '<!DOCTYPE html>
  13 <html>
  14 <head>
  15     <meta charset="utf-8">
  16     <link rel="stylesheet" href="css/styles.css">
  17     <script>
  18         var timeout = __TIMEOUT__;
  19     </script>
  20     <script src="__ROOT__js/timer.js"></script>
  21     <script src="__ROOT__js/checkbox.js"></script>
  22     <title>__TITLE__</title>
  23 </head>
  24 <body>';
  25     private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
  26             title="Goto QtAdmin homepage">QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
  27     private $heading = '<p id="time" class="time">Session timeout:
  28             <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
  29
  30     private function __construct() {
  31         global $CFG;
  32
  33         $this->server = $_SERVER;
  34
  35         $this->user = null;
  36         $this->is_admin = false;
  37         $this->loginStatus = 'Not logged in';
  38
  39         $this->startSession();
  40
  41         if (isset($_SESSION['user'])) {
  42             $this->user = $_SESSION['user'];
  43             $this->loginStatus = 'OK';
  44             $this->is_admin = $_SESSION['is_admin'];
  45         } else {
  46             if ($CFG->auth_method == 'HTTP_AUTH') {
  47                 if (isset($this->server['PHP_AUTH_USER'])) {
  48                     $this->user = $this->server['PHP_AUTH_USER'];
  49                     $this->loginStatus = 'OK';
  50                     if ($CFG->admin_user == $this->user)
  51                         $this->is_admin = true;
  52                 }
  53             }
  54         }
  55         $_SESSION['user'] = $this->user;
  56         $_SESSION['is_admin'] = $this->is_admin;
  57     }
  58
  59     private function __clone() {}
  60
  61     private function startSession() {
  62         global $CFG;
  63
  64         if (isset($CFG->session_timeout)) {
  65             $timeout = $CFG->session_timeout * 60;
  66         } else {
  67             $timeout = 20 * 60;
  68         }
  69
  70         if (ini_get('session.gc_maxlifetime') != $timeout)
  71             ini_set('session.gc_maxlifetime', $timeout);
  72         if (ini_get('session.cookie_lifetime') != $timeout)
  73             ini_set('session.cookie_lifetime', $timeout);
  74
  75         session_start();
  76
  77         $time = $_SERVER['REQUEST_TIME'];
  78         if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
  79             session_unset();
  80             session_destroy();
  81             self::$_instance->user = null;
  82             self::$_instance->is_admin = false;
  83         } else {
  84             $_SESSION['LAST_ACTIVITY'] = $time;
  85         }
  86     }
  87
  88     public static function getInstance() {
  89         if (!is_object(self::$_instance)) {
  90             self::$_instance = new Utils();
  91         }
  92
  93         return self::$_instance;
  94     }
  95
  96     public function logout() {
  97         $_SESSION = array();
  98         if (ini_get('session.use_cookies')) {
  99             $params = session_get_cookie_params();
 100             setcookie(session_name(), '', time() - 42000,
 101                 $params['path'], $params['domain'],
 102                 $params['secure'], $params['httponly']);
 103         }
 104         session_unset();
 105         session_destroy();
 106         $this->user = null;
 107         $this->is_admin = false;
 108     }
 109
 110     public function isAdmin() {
 111         //file_put_contents('/tmp/login.txt', var_export($this, true));
 112         return $this->is_admin;
 113     }
 114
 115     public function login($user, $pw) {
 116         global $CFG;
 117         $result = false;
 118
 119         unset($_SESSION['user']);
 120         unset($_SESSION['is_admin']);
 121         $this->user = null;
 122         $this->is_admin = false;
 123
 124         $p = explode('@', $user);
 125         if (count($p) != 2) {
 126             $this->loginStatus = 'Bad username';
 127             return false;
 128         }
 129         $domain = $p[1];
 130         $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
 131         $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
 132         $ds = @ldap_connect($CFG->ldap_dsn);
 133         if ($ds) {
 134             @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
 135             $r = @ldap_bind($ds, $dn, $pw);
 136             if ($r) {
 137                 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
 138                 $info = @ldap_get_entries($ds, $sr); // array
 139                 if ($info['count'] > 0) {
 140                     $_SESSION['user'] = $user;
 141                     $this->user = $user;
 142                     $result = true;
 143                     $this->loginStatus = 'OK';
 144                     $admin = 'NO';
 145                     if (isset($info[0]['domainglobaladmin'])) {
 146                         $admin = $info[0]['domainglobaladmin'][0];
 147                         $admin = strtoupper($admin);
 148                     }
 149                     $this->is_admin = ($admin == 'YES') ? true : false;
 150                     $_SESSION['is_admin'] = $this->is_admin;
 151                 } else {
 152                     $this->loginStatus = 'Login failed';
 153                 }
 154             } else {
 155                 $this->loginStatus = ldap_error($ds);
 156             }
 157             @ldap_close($ds);
 158         } else {
 159             $this->loginStatus = 'Connect to LDAP server failed';
 160         }
 161
 162         return $result;
 163     }
 164
 165     public function getLoginStatus() {
 166         return $this->loginStatus;
 167     }
 168
 169     public function isLoggedIn() {
 170         global $CFG;
 171         $loggedIn = false;
 172
 173         if ($this->user) {
 174             $loggedIn = true;
 175         } else if (isset($_SESSION['user'])) {
 176             $this->user = $_SESSION['user'];
 177             $loggedIn = true;
 178         } else {
 179             if ($CFG->auth_method == 'HTTP_AUTH') {
 180                 if (isset($this->server['PHP_AUTH_USER'])) {
 181                     $this->user = $this->server['PHP_AUTH_USER'];
 182                     $loggedIn = true;
 183                 }
 184             }
 185         }
 186
 187         return $loggedIn;
 188     }
 189
 190     public function getUser() {
 191         $this->isLoggedIn();
 192         return $this->user;
 193     }
 194
 195     public function getHeader() {
 196         return $this->header;
 197     }
 198
 199     public function getFooter() {
 200         return $this->footer;
 201     }
 202
 203     public function getHeading() {
 204         return $this->heading;
 205     }
 206
 207     public function setHeading($heading) {
 208         global $CFG;
 209
 210         $timeout = $CFG->session_timeout * 60 * 1000;
 211         $this->heading = str_replace('__TITLE__', $heading, $this->heading);
 212         $this->header = str_replace('__TITLE__', $heading, $this->header);
 213         $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
 214         $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
 215     }
 216
 217     public function convertContent($code) {
 218         $table = array(
 219             'V' => 'Virus',
 220             'B' => 'Banned',
 221             'U' => 'Unchecked',
 222             'S' => 'Spam',
 223             'Y' => 'Spammy',
 224             'M' => 'Bad Mime',
 225             'H' => 'Bad Header',
 226             'O' => 'Over sized',
 227             'T' => 'MTA err',
 228             'C' => 'Clean'
 229         );
 230
 231         $string = $table[$code];
 232         if (empty($string))
 233             $string = 'Unknown';
 234
 235         return $string;
 236     }
 237
 238 }