X-Git-Url: http://git.datanom.net/qtadmin.git/blobdiff_plain/034f5c5964c4a92a293a40ed9ed044cfcc46a91e..24c77b7b310aefcb3c1b1ce4d02099e6f0cbfe84:/lib/utils.inc.php diff --git a/lib/utils.inc.php b/lib/utils.inc.php index 5c3a0cd..5832d29 100644 --- a/lib/utils.inc.php +++ b/lib/utils.inc.php @@ -1,6 +1,7 @@ root .'config.php'; +require_once $CFG->root . 'lib/session_handler.inc.php'; class Utils { @@ -18,11 +19,13 @@ class Utils { + __TITLE__ -'; - private $footer = ''; +
'; + private $footer = '
'; private $heading = '

Session timeout:

__TITLE__

'; @@ -43,16 +46,20 @@ class Utils { $this->log("Init Utils", 4); + $this->log("__construct[1]: user ".var_export($this->settings['user'], true), 3); $this->startSession(); + $this->log("__construct[2]: user ".var_export($this->settings['user'], true), 3); if (! isset($_SESSION['settings'])) { $this->initSettings(); } + $this->log("__construct[3]: user ".var_export($this->settings['user'], true), 3); $this->settings = $_SESSION['settings']; + $this->log("__construct[4]: user ".var_export($this->settings['user'], true), 3); if ($CFG->auth_method == 'HTTP_AUTH') { - if (isset($this->server['PHP_AUTH_USER'])) { - $this->settings['user'] = $this->server['PHP_AUTH_USER']; + if (isset($_SERVER['PHP_AUTH_USER'])) { + $this->settings['user'] = $_SERVER['PHP_AUTH_USER']; $this->settings['loginStatus'] = 'OK'; if ($CFG->admin_user == $this->settings['user']) $this->settings['admin'] = true; @@ -78,7 +85,21 @@ class Utils { switch ($this->log_method) { case 'file': + if (isset($CFG->log_file)) { + if ($CFG->log_file[0] == '/') { + $file = $CFG->log_file; + } else { + $file = $CFG->root.$CFG->log_file; + } + } else { + $file = $CFG->root.'qtadmin.log'; + } + file_put_contents($file, "[$time]: $message\n", FILE_APPEND | LOCK_EX); + chmod($file, 0600); + break; case 'stderr': + file_put_contents('php://stderr', "[$time]: $message\n"); + break; case 'syslog': syslog($priority, $message); break; @@ -99,7 +120,6 @@ class Utils { } $this->settings = array( - 'server' => $_SERVER, 'user' => null, 'admin' => false, 'loginStatus' => 'Not logged in', @@ -122,8 +142,9 @@ class Utils { if (ini_get('session.gc_maxlifetime') != $this->timeout) ini_set('session.gc_maxlifetime', $this->timeout); - if (ini_get('session.cookie_lifetime') != $this->timeout) - ini_set('session.cookie_lifetime', $this->timeout); + //if (ini_get('session.cookie_lifetime') != $this->timeout) + // ini_set('session.cookie_lifetime', $this->timeout); + ini_set('session.cookie_lifetime', 0); session_start(); } @@ -140,7 +161,8 @@ class Utils { $time = $_SERVER['REQUEST_TIME']; if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) { - echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); + $this->log('R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']. + 'Test: '.($time - $_SESSION['LAST_ACTIVITY'])).' >= '.$this->settings['timeout'], 3); $this->logout(); } else { $_SESSION['LAST_ACTIVITY'] = $time; @@ -247,23 +269,23 @@ class Utils { global $CFG; $loggedIn = false; - $this->log("isLoggedIn[1]\n".var_export($this->settings, true), 3); + $this->log("isLoggedIn[1]: user ".var_export($this->settings['user'], true), 3); if ('' == session_id()) { $this->startSession(); } - $this->log("isLoggedIn[2]\n".var_export($this->settings, true), 3); + $this->log("isLoggedIn[2]: user ".var_export($this->settings['user'], true), 3); $this->checkSession(); - $this->log("isLoggedIn[3]\n".var_export($this->settings, true), 3); + $this->log("isLoggedIn[3]: user ".var_export($this->settings['user'], true), 3); if (isset($this->settings['user'])) { if ($this->settings['user'] != null) { $loggedIn = true; } else { if ($CFG->auth_method == 'HTTP_AUTH') { - if (isset($this->server['PHP_AUTH_USER'])) { - $this->settings['user'] = $this->server['PHP_AUTH_USER']; + if (isset($_SERVER['PHP_AUTH_USER'])) { + $this->settings['user'] = $_SERVER['PHP_AUTH_USER']; $loggedIn = true; } } @@ -271,9 +293,8 @@ class Utils { } if ($loggedIn == false) { - echo '$this->settings: '.var_export($this->settings, true); - echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); - //exit; + $this->log('$this->settings: '.var_export($this->settings, true), 3); + $this->log('R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']), 3); } $_SESSION['settings'] = $this->settings; @@ -293,6 +314,20 @@ class Utils { return $user; } + public function authorized($recipient) { + $authorized = false; + + $this->log("authorized '$recipient'", 3); + + if ($this->isAdmin() || $this->getUser() == $recipient) { + $authorized = true; + } + $msg = ($authorized) ? 'authorize' : 'not authorize'; + $this->log("$msg '".$this->getUser()."' rcpt '$recipient'", 3); + + return $authorized; + } + public function getHeader() { $this->log("getHeader", 4);