lib/utils.inc.php

   1 <?php
   2 /* vim: set ts=4 tw=0 sw=4 noet: */
   3 require_once $CFG->root .'config.php';
   4
   5 class Utils {
   6
   7         private static $_instance = null;
   8         private $server;
   9         private $user;
  10         private $is_admin;
  11         private $loginStatus;
  12         private $header = '<!DOCTYPE html>
  13 <html>
  14 <head>
  15         <meta charset="utf-8">
  16         <link rel="stylesheet" href="css/styles.css">
  17         <script>
  18                 var timeout = __TIMEOUT__;
  19         </script>
  20         <script src="__ROOT__js/timer.js"></script>
  21         <title>__TITLE__</title>
  22 </head>
  23 <body>';
  24         private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net">
  25                         QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p></body></html>';
  26         private $heading = '<p id="time" class="time">Session timeout:
  27                         <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
  28
  29         private function __construct() {
  30                 global $CFG;
  31
  32                 $this->server = $_SERVER;
  33                 session_start();
  34
  35                 $this->user = null;
  36                 $this->is_admin = false;
  37                 $this->loginStatus = 'Not logged in';
  38
  39                 if (isset($_SESSION['user'])) {
  40                         $this->user = $_SESSION['user'];
  41                         $this->loginStatus = 'OK';
  42                         $this->is_admin = $_SESSION['is_admin'];
  43                 } else {
  44                         if ($CFG->auth_method == 'HTTP_AUTH') {
  45                                 if (isset($this->server['PHP_AUTH_USER'])) {
  46                                         $this->user = $this->server['PHP_AUTH_USER'];
  47                                         $this->loginStatus = 'OK';
  48                                         if ($CFG->admin_user == $this->user)
  49                                                 $this->is_admin = true;
  50                                 }
  51                         }
  52                 }
  53                 $_SESSION['user'] = $this->user;
  54                 $_SESSION['is_admin'] = $this->is_admin;
  55         }
  56
  57         private function __clone() {}
  58
  59         public static function getInstance() {
  60                 global $CFG;
  61
  62                 if (!is_object(self::$_instance)) {
  63                         self::$_instance = new Utils();
  64                 }
  65                 // Session timeout handler
  66                 if ('' == session_id())
  67                         session_start();
  68                 if (isset($CFG->session_timeout)) {
  69                         $timeout = $CFG->session_timeout * 60;
  70                 } else {
  71                         $timeout = 20 * 60;
  72                 }
  73
  74                 if (ini_get('session.gc_maxlifetime') != $timeout)
  75                         ini_set('session.gc_maxlifetime', $timeout);
  76                 if (ini_get('session.cookie_lifetime') != $timeout)
  77                         ini_set('session.cookie_lifetime', $timeout);
  78                 $time = $_SERVER['REQUEST_TIME'];
  79                 if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
  80                         session_unset();
  81                         session_destroy();
  82                         session_start();
  83                         self::$_instance->user = null;
  84                         self::$_instance->is_admin = false;
  85                 }
  86                 $_SESSION['LAST_ACTIVITY'] = $time;
  87
  88                 return self::$_instance;
  89         }
  90
  91         public function logout() {
  92                 $_SESSION = array();
  93                 if (ini_get('session.use_cookies')) {
  94                         $params = session_get_cookie_params();
  95                         setcookie(session_name(), '', time() - 42000,
  96                                 $params['path'], $params['domain'],
  97                                 $params['secure'], $params['httponly']);
  98                 }
  99                 session_unset();
 100                 session_destroy();
 101                 $this->user = null;
 102                 $this->is_admin = false;
 103         }
 104
 105         public function isAdmin() {
 106                 //file_put_contents('/tmp/login.txt', var_export($this, true));
 107                 return $this->is_admin;
 108         }
 109
 110         public function login($user, $pw) {
 111                 global $CFG;
 112                 $result = false;
 113
 114                 unset($_SESSION['user']);
 115                 unset($_SESSION['is_admin']);
 116                 $this->user = null;
 117                 $this->is_admin = false;
 118
 119                 $p = explode('@', $user);
 120                 if (count($p) != 2) {
 121                         $this->loginStatus = 'Bad username';
 122                         return false;
 123                 }
 124                 $domain = $p[1];
 125                 $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
 126         $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
 127         $ds = @ldap_connect($CFG->ldap_dsn);
 128         if ($ds) {
 129                         @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
 130             $r = @ldap_bind($ds, $dn, $pw);
 131             if ($r) {
 132                 $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
 133                 $info = @ldap_get_entries($ds, $sr); // array
 134                 if ($info['count'] > 0) {
 135                                         $_SESSION['user'] = $user;
 136                                 $this->user = $user;
 137                                         $result = true;
 138                                         $this->loginStatus = 'OK';
 139                                         $admin = 'NO';
 140                                         if (isset($info[0]['domainglobaladmin'])) {
 141                                                 $admin = $info[0]['domainglobaladmin'][0];
 142                                                 $admin = strtoupper($admin);
 143                                         }
 144                                         $this->is_admin = ($admin == 'YES') ? true : false;
 145                                         $_SESSION['is_admin'] = $this->is_admin;
 146                 } else {
 147                     $this->loginStatus = 'Login failed';
 148                 }
 149             } else {
 150                 $this->loginStatus = ldap_error($ds);
 151             }
 152             @ldap_close($ds);
 153         } else {
 154             $this->loginStatus = 'Connect to LDAP server failed';
 155         }
 156
 157                 return $result;
 158         }
 159
 160         public function getLoginStatus() {
 161                 return $this->loginStatus;
 162         }
 163
 164         public function isLoggedIn() {
 165                 global $CFG;
 166                 $loggedIn = false;
 167
 168                 if ($this->user) {
 169                         $loggedIn = true;
 170                 } else if (isset($_SESSION['user'])) {
 171                         $this->user = $_SESSION['user'];
 172                         $loggedIn = true;
 173                 } else {
 174                         if ($CFG->auth_method == 'HTTP_AUTH') {
 175                                 if (isset($this->server['PHP_AUTH_USER'])) {
 176                                         $this->user = $this->server['PHP_AUTH_USER'];
 177                                         $loggedIn = true;
 178                                 }
 179                         }
 180                 }
 181
 182                 return $loggedIn;
 183         }
 184
 185         public function getUser() {
 186                 $this->isLoggedIn();
 187                 return $this->user;
 188         }
 189
 190         public function getHeader() {
 191                 return $this->header;
 192         }
 193
 194         public function getFooter() {
 195                 return $this->footer;
 196         }
 197
 198         public function getHeading() {
 199                 return $this->heading;
 200         }
 201
 202         public function setHeading($heading) {
 203                         global $CFG;
 204
 205                         $timeout = $CFG->session_timeout * 60 * 1000;
 206             $this->heading = str_replace('__TITLE__', $heading, $this->heading);
 207                         $this->header = str_replace('__TITLE__', $heading, $this->header);
 208                         $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
 209                         $this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
 210         }
 211
 212                 public function convertContent($code) {
 213                         $table = array(
 214                                 'V' => 'Virus',
 215                                 'B' => 'Banned',
 216                                 'U' => 'Unchecked',
 217                                 'S' => 'Spam',
 218                                 'Y' => 'Spammy',
 219                                 'M' => 'Bad Mime',
 220                                 'H' => 'Bad Header',
 221                                 'O' => 'Over sized',
 222                                 'T' => 'MTA err',
 223                                 'C' => 'Clean'
 224                         );
 225
 226                         $string = $table[$code];
 227                         if (empty($string))
 228                                 $string = 'Unknown';
 229
 230                         return $string;
 231                 }
 232 }