root .'config.php'; class Utils implements Serializable { private static $_instance = null; private $server; private $user; private $is_admin; private $loginStatus; private $timeout; private $header = ' __TITLE__ '; private $footer = '

Powered by QtAdmin. © 2015 by Michael Rasmussen

'; private $heading = '

Session timeout:

__TITLE__

'; private function __construct() { global $CFG; $this->server = $_SERVER; $this->user = null; $this->is_admin = false; $this->loginStatus = 'Not logged in'; $this->startSession(); if (isset($_SESSION['user'])) { $this->user = $_SESSION['user']; $this->loginStatus = 'OK'; $this->is_admin = $_SESSION['is_admin']; } else { if ($CFG->auth_method == 'HTTP_AUTH') { if (isset($this->server['PHP_AUTH_USER'])) { $this->user = $this->server['PHP_AUTH_USER']; $this->loginStatus = 'OK'; if ($CFG->admin_user == $this->user) $this->is_admin = true; } } } $_SESSION['user'] = $this->user; $_SESSION['is_admin'] = $this->is_admin; $_SESSION['Utils'] = serialize($this); } private function __clone() {} public function serialize() { file_put_contents('/tmp/dump', 'Serialize called: '.var_export($this, true), FILE_APPEND); return serialize(get_object_vars($this)); } public function unserialize($data) { $values = unserialize($data); foreach ($values as $key=>$value) { $this->$key = $value; } } private function startSession() { global $CFG; if (isset($CFG->session_timeout)) { $this->timeout = $CFG->session_timeout * 60; } else { $this->timeout = 20 * 60; } if (ini_get('session.gc_maxlifetime') != $this->timeout) ini_set('session.gc_maxlifetime', $this->timeout); if (ini_get('session.cookie_lifetime') != $this->timeout) ini_set('session.cookie_lifetime', $this->timeout); session_start(); //echo ini_get('session.gc_maxlifetime').':'.ini_get('session.cookie_lifetime'); } public static function getInstance() { global $CFG; if (!is_object(self::$_instance)) { if (isset($_SESSION['Utils'])) { self::$_instance = unserialize($_SESSION['Utils']); file_put_contents('/tmp/dump', 'Unserialize called: '.var_export($this, true), FILE_APPEND); } else { self::$_instance = new Utils(); } } $time = $_SERVER['REQUEST_TIME']; if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= self::$_instance->timeout) { echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); exit; session_unset(); session_destroy(); self::$_instance->user = null; self::$_instance->is_admin = false; } else { $_SESSION['LAST_ACTIVITY'] = $time; } return self::$_instance; } public function logout() { $_SESSION = array(); if (ini_get('session.use_cookies')) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']); } session_unset(); session_destroy(); $this->user = null; $this->is_admin = false; } public function isAdmin() { //file_put_contents('/tmp/login.txt', var_export($this, true)); return $this->is_admin; } public function login($user, $pw) { global $CFG; $result = false; unset($_SESSION['user']); unset($_SESSION['is_admin']); $this->user = null; $this->is_admin = false; $p = explode('@', $user); if (count($p) != 2) { $this->loginStatus = 'Bad username'; return false; } $domain = $p[1]; $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn"; $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))"; $ds = @ldap_connect($CFG->ldap_dsn); if ($ds) { @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); $r = @ldap_bind($ds, $dn, $pw); if ($r) { $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin')); $info = @ldap_get_entries($ds, $sr); // array if ($info['count'] > 0) { $_SESSION['user'] = $user; $this->user = $user; $result = true; $this->loginStatus = 'OK'; $admin = 'NO'; if (isset($info[0]['domainglobaladmin'])) { $admin = $info[0]['domainglobaladmin'][0]; $admin = strtoupper($admin); } $this->is_admin = ($admin == 'YES') ? true : false; $_SESSION['is_admin'] = $this->is_admin; } else { $this->loginStatus = 'Login failed'; } } else { $this->loginStatus = ldap_error($ds); } @ldap_close($ds); } else { $this->loginStatus = 'Connect to LDAP server failed'; } return $result; } public function getLoginStatus() { return $this->loginStatus; } public function isLoggedIn() { global $CFG; $loggedIn = false; if ($this->user) { $loggedIn = true; } else if (isset($_SESSION['user'])) { $this->user = $_SESSION['user']; $loggedIn = true; } else { if ($CFG->auth_method == 'HTTP_AUTH') { if (isset($this->server['PHP_AUTH_USER'])) { $this->user = $this->server['PHP_AUTH_USER']; $loggedIn = true; } } } if ($loggedIn == false) { echo '$this->user: '.$this->user.' $_SESSION[\'user\']: '.$_SESSION['user']; echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); exit; } return $loggedIn; } public function getUser() { $this->isLoggedIn(); return $this->user; } public function getHeader() { return $this->header; } public function getFooter() { return $this->footer; } public function getHeading() { return $this->heading; } public function setHeading($heading) { global $CFG; $timeout = $CFG->session_timeout * 60 * 1000; $this->heading = str_replace('__TITLE__', $heading, $this->heading); $this->header = str_replace('__TITLE__', $heading, $this->header); $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header); $this->header = str_replace('__TIMEOUT__', $timeout, $this->header); } public function convertContent($code) { $table = array( 'V' => 'Virus', 'B' => 'Banned', 'U' => 'Unchecked', 'S' => 'Spam', 'Y' => 'Spammy', 'M' => 'Bad Mime', 'H' => 'Bad Header', 'O' => 'Over sized', 'T' => 'MTA err', 'C' => 'Clean' ); $string = $table[$code]; if (empty($string)) $string = 'Unknown'; return $string; } }