root .'config.php';
require_once $CFG->root . 'lib/session_handler.inc.php';
class Utils {
private $timeout = false;
private $settings;
private $log_level;
private $log_method;
private $header = '
__TITLE__
';
private $footer = '';
private $heading = 'Session timeout:
__TITLE__
';
public function __construct() {
global $CFG;
if (isset($CFG->log_level)) {
$this->log_level = $CFG->log_level;
} else {
$this->log_level = 1;
}
if (isset($CFG->log_method)) {
$this->log_method = $CFG->log_method;
} else {
$this->log_level = 'syslog';
}
$this->log("Init Utils", 4);
$this->log("__construct[1]: user ".var_export($this->settings['user'], true), 3);
$this->startSession();
$this->log("__construct[2]: user ".var_export($this->settings['user'], true), 3);
if (! isset($_SESSION['settings'])) {
$this->initSettings();
}
$this->log("__construct[3]: user ".var_export($this->settings['user'], true), 3);
$this->settings = $_SESSION['settings'];
$this->log("__construct[4]: user ".var_export($this->settings['user'], true), 3);
if ($CFG->auth_method == 'HTTP_AUTH') {
if (isset($_SERVER['PHP_AUTH_USER'])) {
$this->settings['user'] = $_SERVER['PHP_AUTH_USER'];
$this->settings['loginStatus'] = 'OK';
if ($CFG->admin_user == $this->settings['user'])
$this->settings['admin'] = true;
}
}
}
private function log($message, $level = 1) {
global $CFG;
if ($level > $this->log_level)
return;
$time = date('c');
$priority = LOG_INFO;
switch ($level) {
case 1: $priority = LOG_ERR; break;
case 2: $priority = LOG_WARNING; break;
case 3: $priority = LOG_INFO; break;
case 4: $priority = LOG_DEBUG; break;
}
switch ($this->log_method) {
case 'file':
if (isset($CFG->log_file)) {
if ($CFG->log_file[0] == '/') {
$file = $CFG->log_file;
} else {
$file = $CFG->root.$CFG->log_file;
}
} else {
$file = $CFG->root.'qtadmin.log';
}
file_put_contents($file, "[$time]: $message\n", FILE_APPEND | LOCK_EX);
chmod($file, 0600);
break;
case 'stderr':
file_put_contents('php://stderr', "[$time]: $message\n");
break;
case 'syslog':
syslog($priority, $message);
break;
}
}
private function initSettings() {
$this->log("InitSettings", 4);
if ('' == session_id()) {
$this->startSession();
}
if (false !== $this->timeout) {
$timeout = $this->timeout;
} else {
$timeout = 0;
}
$this->settings = array(
'user' => null,
'admin' => false,
'loginStatus' => 'Not logged in',
'timeout' => $timeout
);
$_SESSION['settings'] = $this->settings;
}
private function startSession() {
global $CFG;
$this->log("startSession", 4);
if (isset($CFG->session_timeout)) {
$this->timeout = $CFG->session_timeout * 60;
} else {
$this->timeout = 20 * 60;
}
if (ini_get('session.gc_maxlifetime') != $this->timeout)
ini_set('session.gc_maxlifetime', $this->timeout);
//if (ini_get('session.cookie_lifetime') != $this->timeout)
// ini_set('session.cookie_lifetime', $this->timeout);
ini_set('session.cookie_lifetime', 0);
session_start();
}
private function checkSession() {
global $CFG;
$this->log("checkSession", 4);
if ('' == session_id()) {
$this->startSession();
}
$time = $_SERVER['REQUEST_TIME'];
if (isset($_SESSION['LAST_ACTIVITY']) &&
($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
$this->log('R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY'].
'Test: '.($time - $_SESSION['LAST_ACTIVITY'])).' >= '.$this->settings['timeout'], 3);
$this->logout();
} else {
$_SESSION['LAST_ACTIVITY'] = $time;
}
}
public function logout() {
$this->log("logout", 4);
if (ini_get('session.use_cookies')) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params['path'], $params['domain'],
$params['secure'], $params['httponly']);
}
if ('' != session_id()) {
$_SESSION = array();
session_unset();
session_destroy();
}
$this->settings = array();
}
public function isAdmin() {
$admin = false;
$this->log("isAdmin", 4);
if (isset($this->settings['admin'])) {
$admin = $this->settings['admin'];
}
return $admin;
}
public function login($user, $pw) {
global $CFG;
$result = false;
$this->log("login", 4);
if ('' == session_id()) {
$this->startSession();
}
$this->settings['user'] = null;
$this->settings['admin'] = false;
$p = explode('@', $user);
if (count($p) != 2) {
$this->settings['loginStatus'] = 'Bad username';
} else {
$domain = $p[1];
$dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
$filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
$ds = @ldap_connect($CFG->ldap_dsn);
if ($ds) {
@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
$r = @ldap_bind($ds, $dn, $pw);
if ($r) {
$sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
$info = @ldap_get_entries($ds, $sr); // array
if ($info['count'] > 0) {
$this->settings['user'] = $user;
$result = true;
$this->settings['loginStatus'] = 'OK';
$admin = 'NO';
if (isset($info[0]['domainglobaladmin'])) {
$admin = $info[0]['domainglobaladmin'][0];
$admin = strtoupper($admin);
}
$this->settings['admin'] = ($admin == 'YES') ? true : false;
} else {
$this->settings['loginStatus'] = 'Login failed';
}
} else {
$this->settings['loginStatus'] = ldap_error($ds);
}
@ldap_close($ds);
} else {
$this->settings['loginStatus'] = 'Connect to LDAP server failed';
}
}
$_SESSION['settings'] = $this->settings;
return $result;
}
public function getLoginStatus() {
$status = 'Not logged in';
$this->log("getLoginStatus", 4);
if (isset($this->settings['loginStatus'])) {
$status = $this->settings['loginStatus'];
}
return $status;
}
public function isLoggedIn() {
global $CFG;
$loggedIn = false;
$this->log("isLoggedIn[1]: user ".var_export($this->settings['user'], true), 3);
if ('' == session_id()) {
$this->startSession();
}
$this->log("isLoggedIn[2]: user ".var_export($this->settings['user'], true), 3);
$this->checkSession();
$this->log("isLoggedIn[3]: user ".var_export($this->settings['user'], true), 3);
if (isset($this->settings['user'])) {
if ($this->settings['user'] != null) {
$loggedIn = true;
} else {
if ($CFG->auth_method == 'HTTP_AUTH') {
if (isset($_SERVER['PHP_AUTH_USER'])) {
$this->settings['user'] = $_SERVER['PHP_AUTH_USER'];
$loggedIn = true;
}
}
}
}
if ($loggedIn == false) {
$this->log('$this->settings: '.var_export($this->settings, true), 3);
$this->log('R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']), 3);
}
$_SESSION['settings'] = $this->settings;
return $loggedIn;
}
public function getUser() {
$user = null;
$this->log("getUser", 4);
if ($this->isLoggedIn()) {
$user = $this->settings['user'];
}
return $user;
}
public function getHeader() {
$this->log("getHeader", 4);
return $this->header;
}
public function getFooter() {
$this->log("getFooter", 4);
return $this->footer;
}
public function getHeading() {
$this->log("getHeading", 4);
return $this->heading;
}
public function setHeading($heading) {
global $CFG;
$this->log("setHeading", 4);
$timeout = $CFG->session_timeout * 60 * 1000;
$this->heading = str_replace('__TITLE__', $heading, $this->heading);
$this->header = str_replace('__TITLE__', $heading, $this->header);
$this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header);
$this->header = str_replace('__TIMEOUT__', $timeout, $this->header);
}
public function convertContent($code) {
$this->log("convertContent", 4);
$table = array(
'V' => 'Virus',
'B' => 'Banned',
'U' => 'Unchecked',
'S' => 'Spam',
'Y' => 'Spammy',
'M' => 'Bad Mime',
'H' => 'Bad Header',
'O' => 'Over sized',
'T' => 'MTA err',
'C' => 'Clean'
);
$string = $table[$code];
if (empty($string))
$string = 'Unknown';
return $string;
}
}