- private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net">
- QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>';
- private $heading = '<p id="time" class="time">Session timeout:
- <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
-
- private function __construct() {
- global $CFG;
-
- $this->server = $_SERVER;
- session_start();
-
- $this->user = null;
- $this->is_admin = false;
- $this->loginStatus = 'Not logged in';
-
- if (isset($_SESSION['user'])) {
- $this->user = $_SESSION['user'];
- $this->loginStatus = 'OK';
- $this->is_admin = $_SESSION['is_admin'];
- } else {
- if ($CFG->auth_method == 'HTTP_AUTH') {
- if (isset($this->server['PHP_AUTH_USER'])) {
- $this->user = $this->server['PHP_AUTH_USER'];
- $this->loginStatus = 'OK';
- if ($CFG->admin_user == $this->user)
- $this->is_admin = true;
- }
- }
- }
- $_SESSION['user'] = $this->user;
- $_SESSION['is_admin'] = $this->is_admin;
- }
-
- private function __clone() {}
-
- public static function getInstance() {
- global $CFG;
-
- if (!is_object(self::$_instance)) {
- self::$_instance = new Utils();
- }
- // Session timeout handler
- if ('' == session_id())
- session_start();
- if (isset($CFG->session_timeout)) {
- $timeout = $CFG->session_timeout * 60;
- } else {
- $timeout = 20 * 60;
- }
-
- if (ini_get('session.gc_maxlifetime') != $timeout)
- ini_set('session.gc_maxlifetime', $timeout);
- if (ini_get('session.cookie_lifetime') != $timeout)
- ini_set('session.cookie_lifetime', $timeout);
- $time = $_SERVER['REQUEST_TIME'];
- if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
- session_unset();
- session_destroy();
- session_start();
- self::$_instance->user = null;
- self::$_instance->is_admin = false;
- }
- $_SESSION['LAST_ACTIVITY'] = $time;
-
- return self::$_instance;
- }
-
- public function logout() {
- $_SESSION = array();
- if (ini_get('session.use_cookies')) {
- $params = session_get_cookie_params();
- setcookie(session_name(), '', time() - 42000,
- $params['path'], $params['domain'],
- $params['secure'], $params['httponly']);
- }
- session_unset();
- session_destroy();
- $this->user = null;
- $this->is_admin = false;
- }
-
- public function isAdmin() {
- //file_put_contents('/tmp/login.txt', var_export($this, true));
- return $this->is_admin;
- }
-
- public function login($user, $pw) {
- global $CFG;
- $result = false;
-
- unset($_SESSION['user']);
- unset($_SESSION['is_admin']);
- $this->user = null;
- $this->is_admin = false;
-
- $p = explode('@', $user);
- if (count($p) != 2) {
- $this->loginStatus = 'Bad username';
- return false;
- }
- $domain = $p[1];
- $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
- $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
- $ds = @ldap_connect($CFG->ldap_dsn);
- if ($ds) {
- @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
- $r = @ldap_bind($ds, $dn, $pw);
- if ($r) {
- $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
- $info = @ldap_get_entries($ds, $sr); // array
- if ($info['count'] > 0) {
- $_SESSION['user'] = $user;
- $this->user = $user;
- $result = true;
- $this->loginStatus = 'OK';
- $admin = 'NO';
- if (isset($info[0]['domainglobaladmin'])) {
- $admin = $info[0]['domainglobaladmin'][0];
- $admin = strtoupper($admin);
- }
- $this->is_admin = ($admin == 'YES') ? true : false;
- $_SESSION['is_admin'] = $this->is_admin;
+ private $footer = '<p class="footer">Powered by <a href="https://qtadmin.datanom.net"
+ title="Goto QtAdmin homepage">QtAdmin</a>. © 2015 by Michael Rasmussen</p></body></html>';
+ private $heading = '<p id="time" class="time">Session timeout:
+ <span id="timer"></span></p><h1 class="h1">__TITLE__</h1>';
+
+ public function __construct() {
+ global $CFG;
+
+ $this->startSession();
+
+ if (! isset($_SESSION['settings'])) {
+ $this->initSettings();
+ }
+ $this->settings = $_SESSION['settings'];
+
+ if ($CFG->auth_method == 'HTTP_AUTH') {
+ if (isset($this->server['PHP_AUTH_USER'])) {
+ $this->settings['user'] = $this->server['PHP_AUTH_USER'];
+ $this->settings['loginStatus'] = 'OK';
+ if ($CFG->admin_user == $this->settings['user'])
+ $this->settings['admin'] = true;
+ }
+ }
+ }
+
+ private function initSettings() {
+ if ('' == session_id()) {
+ $this->startSession();
+ }
+
+ $this->settings = array(
+ 'server' => $_SERVER,
+ 'user' => null,
+ 'admin' => false,
+ 'loginStatus' => 'Not logged in',
+ 'timeout' => 0
+ );
+
+ $_SESSION['settings'] = $this->settings;
+ }
+
+ private function startSession() {
+ global $CFG;
+
+ if (isset($CFG->session_timeout)) {
+ $this->timeout = $CFG->session_timeout * 60;
+ } else {
+ $this->timeout = 20 * 60;
+ }
+
+ if (ini_get('session.gc_maxlifetime') != $this->timeout)
+ ini_set('session.gc_maxlifetime', $this->timeout);
+ if (ini_get('session.cookie_lifetime') != $this->timeout)
+ ini_set('session.cookie_lifetime', $this->timeout);
+
+ session_start();
+ }
+
+ private function checkSession() {
+ global $CFG;
+
+ if ('' == session_id()) {
+ $this->startSession();
+ }
+
+ $time = $_SERVER['REQUEST_TIME'];
+ if (isset($_SESSION['LAST_ACTIVITY']) &&
+ ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
+ echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
+ $this->logout();
+ } else {
+ $_SESSION['LAST_ACTIVITY'] = $time;
+ }
+ }
+
+ public function logout() {
+ if (ini_get('session.use_cookies')) {
+ $params = session_get_cookie_params();
+ setcookie(session_name(), '', time() - 42000,
+ $params['path'], $params['domain'],
+ $params['secure'], $params['httponly']);
+ }
+
+ if ('' != session_id()) {
+ $_SESSION = array();
+ session_unset();
+ session_destroy();
+ }
+ $this->settings = array();
+ }
+
+ public function isAdmin() {
+ $admin = false;
+
+ if (isset($this->settings['admin'])) {
+ $admin = $this->settings['admin'];
+ }
+
+ return $admin;
+ }
+
+ public function login($user, $pw) {
+ global $CFG;
+ $result = false;
+
+ if ('' == session_id()) {
+ $this->startSession();
+ }
+
+ $this->settings['user'] = null;
+ $this->settings['admin'] = false;
+
+ $p = explode('@', $user);
+ if (count($p) != 2) {
+ $this->settings['loginStatus'] = 'Bad username';
+ } else {
+ $domain = $p[1];
+ $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
+ $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
+ $ds = @ldap_connect($CFG->ldap_dsn);
+ if ($ds) {
+ @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+ $r = @ldap_bind($ds, $dn, $pw);
+ if ($r) {
+ $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
+ $info = @ldap_get_entries($ds, $sr); // array
+ if ($info['count'] > 0) {
+ $this->settings['user'] = $user;
+ $result = true;
+ $this->settings['loginStatus'] = 'OK';
+ $admin = 'NO';
+ if (isset($info[0]['domainglobaladmin'])) {
+ $admin = $info[0]['domainglobaladmin'][0];
+ $admin = strtoupper($admin);
+ }
+ $this->settings['admin'] = ($admin == 'YES') ? true : false;
+ } else {
+ $this->settings['loginStatus'] = 'Login failed';
+ }