X-Git-Url: http://git.datanom.net/qtadmin.git/blobdiff_plain/5c7b972ed26570d2bf4e092d937b81578e84c124..c2dcc74158c005dd12770f25be5a3d059dbc4efd:/lib/utils.inc.php?ds=inline
diff --git a/lib/utils.inc.php b/lib/utils.inc.php
index e59cf8c..89f226d 100644
--- a/lib/utils.inc.php
+++ b/lib/utils.inc.php
@@ -1,14 +1,14 @@
root .'config.php';
+require_once $CFG->root . 'lib/session_handler.inc.php';
class Utils {
- private static $_instance = null;
- private $server;
- private $user;
- private $is_admin;
- private $loginStatus;
+ private $timeout = false;
+ private $settings;
+ private $log_level;
+ private $log_method;
private $header = '
@@ -19,6 +19,7 @@ class Utils {
+
__TITLE__
';
@@ -27,182 +28,314 @@ class Utils {
private $heading = 'Session timeout:
__TITLE__
';
- private function __construct() {
+ public function __construct() {
global $CFG;
- $this->server = $_SERVER;
- session_start();
-
- $this->user = null;
- $this->is_admin = false;
- $this->loginStatus = 'Not logged in';
+ if (isset($CFG->log_level)) {
+ $this->log_level = $CFG->log_level;
+ } else {
+ $this->log_level = 1;
+ }
- if (isset($_SESSION['user'])) {
- $this->user = $_SESSION['user'];
- $this->loginStatus = 'OK';
- $this->is_admin = $_SESSION['is_admin'];
+ if (isset($CFG->log_method)) {
+ $this->log_method = $CFG->log_method;
} else {
- if ($CFG->auth_method == 'HTTP_AUTH') {
- if (isset($this->server['PHP_AUTH_USER'])) {
- $this->user = $this->server['PHP_AUTH_USER'];
- $this->loginStatus = 'OK';
- if ($CFG->admin_user == $this->user)
- $this->is_admin = true;
- }
+ $this->log_level = 'syslog';
+ }
+
+ $this->log("Init Utils", 4);
+
+ $this->log("__construct[1]: user ".var_export($this->settings['user'], true), 3);
+ $this->startSession();
+ $this->log("__construct[2]: user ".var_export($this->settings['user'], true), 3);
+
+ if (! isset($_SESSION['settings'])) {
+ $this->initSettings();
+ }
+ $this->log("__construct[3]: user ".var_export($this->settings['user'], true), 3);
+ $this->settings = $_SESSION['settings'];
+ $this->log("__construct[4]: user ".var_export($this->settings['user'], true), 3);
+
+ if ($CFG->auth_method == 'HTTP_AUTH') {
+ if (isset($_SERVER['PHP_AUTH_USER'])) {
+ $this->settings['user'] = $_SERVER['PHP_AUTH_USER'];
+ $this->settings['loginStatus'] = 'OK';
+ if ($CFG->admin_user == $this->settings['user'])
+ $this->settings['admin'] = true;
}
}
- $_SESSION['user'] = $this->user;
- $_SESSION['is_admin'] = $this->is_admin;
}
- private function __clone() {}
-
- public static function getInstance() {
+ private function log($message, $level = 1) {
global $CFG;
- if (!is_object(self::$_instance)) {
- self::$_instance = new Utils();
+ if ($level > $this->log_level)
+ return;
+
+ $time = date('c');
+
+ $priority = LOG_INFO;
+ switch ($level) {
+ case 1: $priority = LOG_ERR; break;
+ case 2: $priority = LOG_WARNING; break;
+ case 3: $priority = LOG_INFO; break;
+ case 4: $priority = LOG_DEBUG; break;
}
- // Session timeout handler
- if ('' == session_id())
- session_start();
+
+ switch ($this->log_method) {
+ case 'file':
+ if (isset($CFG->log_file)) {
+ if ($CFG->log_file[0] == '/') {
+ $file = $CFG->log_file;
+ } else {
+ $file = $CFG->root.$CFG->log_file;
+ }
+ } else {
+ $file = $CFG->root.'qtadmin.log';
+ }
+ file_put_contents($file, "[$time]: $message\n", FILE_APPEND | LOCK_EX);
+ chmod($file, 0600);
+ break;
+ case 'stderr':
+ file_put_contents('php://stderr', "[$time]: $message\n");
+ break;
+ case 'syslog':
+ syslog($priority, $message);
+ break;
+ }
+ }
+
+ private function initSettings() {
+ $this->log("InitSettings", 4);
+
+ if ('' == session_id()) {
+ $this->startSession();
+ }
+
+ if (false !== $this->timeout) {
+ $timeout = $this->timeout;
+ } else {
+ $timeout = 0;
+ }
+
+ $this->settings = array(
+ 'user' => null,
+ 'admin' => false,
+ 'loginStatus' => 'Not logged in',
+ 'timeout' => $timeout
+ );
+
+ $_SESSION['settings'] = $this->settings;
+ }
+
+ private function startSession() {
+ global $CFG;
+
+ $this->log("startSession", 4);
+
if (isset($CFG->session_timeout)) {
- $timeout = $CFG->session_timeout * 60;
+ $this->timeout = $CFG->session_timeout * 60;
} else {
- $timeout = 20 * 60;
+ $this->timeout = 20 * 60;
}
- if (ini_get('session.gc_maxlifetime') != $timeout)
- ini_set('session.gc_maxlifetime', $timeout);
- if (ini_get('session.cookie_lifetime') != $timeout)
- ini_set('session.cookie_lifetime', $timeout);
- $time = $_SERVER['REQUEST_TIME'];
- if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) {
- session_unset();
- session_destroy();
- session_start();
- self::$_instance->user = null;
- self::$_instance->is_admin = false;
+ if (ini_get('session.gc_maxlifetime') != $this->timeout)
+ ini_set('session.gc_maxlifetime', $this->timeout);
+ //if (ini_get('session.cookie_lifetime') != $this->timeout)
+ // ini_set('session.cookie_lifetime', $this->timeout);
+ ini_set('session.cookie_lifetime', 0);
+
+ session_start();
+ }
+
+ private function checkSession() {
+ global $CFG;
+
+ $this->log("checkSession", 4);
+
+ if ('' == session_id()) {
+ $this->startSession();
}
- $_SESSION['LAST_ACTIVITY'] = $time;
- return self::$_instance;
+ $time = $_SERVER['REQUEST_TIME'];
+ if (isset($_SESSION['LAST_ACTIVITY']) &&
+ ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
+ $this->log('R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY'].
+ 'Test: '.($time - $_SESSION['LAST_ACTIVITY'])).' >= '.$this->settings['timeout'], 3);
+ $this->logout();
+ } else {
+ $_SESSION['LAST_ACTIVITY'] = $time;
+ }
}
public function logout() {
- $_SESSION = array();
+ $this->log("logout", 4);
+
if (ini_get('session.use_cookies')) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params['path'], $params['domain'],
$params['secure'], $params['httponly']);
}
- session_unset();
- session_destroy();
- $this->user = null;
- $this->is_admin = false;
+
+ if ('' != session_id()) {
+ $_SESSION = array();
+ session_unset();
+ session_destroy();
+ }
+ $this->settings = array();
}
public function isAdmin() {
- //file_put_contents('/tmp/login.txt', var_export($this, true));
- return $this->is_admin;
+ $admin = false;
+
+ $this->log("isAdmin", 4);
+
+ if (isset($this->settings['admin'])) {
+ $admin = $this->settings['admin'];
+ }
+
+ return $admin;
}
public function login($user, $pw) {
global $CFG;
$result = false;
- unset($_SESSION['user']);
- unset($_SESSION['is_admin']);
- $this->user = null;
- $this->is_admin = false;
+ $this->log("login", 4);
+
+ if ('' == session_id()) {
+ $this->startSession();
+ }
+
+ $this->settings['user'] = null;
+ $this->settings['admin'] = false;
$p = explode('@', $user);
if (count($p) != 2) {
- $this->loginStatus = 'Bad username';
- return false;
- }
- $domain = $p[1];
- $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
- $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
- $ds = @ldap_connect($CFG->ldap_dsn);
- if ($ds) {
- @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
- $r = @ldap_bind($ds, $dn, $pw);
- if ($r) {
- $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
- $info = @ldap_get_entries($ds, $sr); // array
- if ($info['count'] > 0) {
- $_SESSION['user'] = $user;
- $this->user = $user;
- $result = true;
- $this->loginStatus = 'OK';
- $admin = 'NO';
- if (isset($info[0]['domainglobaladmin'])) {
- $admin = $info[0]['domainglobaladmin'][0];
- $admin = strtoupper($admin);
+ $this->settings['loginStatus'] = 'Bad username';
+ } else {
+ $domain = $p[1];
+ $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn";
+ $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))";
+ $ds = @ldap_connect($CFG->ldap_dsn);
+ if ($ds) {
+ @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+ $r = @ldap_bind($ds, $dn, $pw);
+ if ($r) {
+ $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
+ $info = @ldap_get_entries($ds, $sr); // array
+ if ($info['count'] > 0) {
+ $this->settings['user'] = $user;
+ $result = true;
+ $this->settings['loginStatus'] = 'OK';
+ $admin = 'NO';
+ if (isset($info[0]['domainglobaladmin'])) {
+ $admin = $info[0]['domainglobaladmin'][0];
+ $admin = strtoupper($admin);
+ }
+ $this->settings['admin'] = ($admin == 'YES') ? true : false;
+ } else {
+ $this->settings['loginStatus'] = 'Login failed';
}
- $this->is_admin = ($admin == 'YES') ? true : false;
- $_SESSION['is_admin'] = $this->is_admin;
} else {
- $this->loginStatus = 'Login failed';
+ $this->settings['loginStatus'] = ldap_error($ds);
}
+ @ldap_close($ds);
} else {
- $this->loginStatus = ldap_error($ds);
+ $this->settings['loginStatus'] = 'Connect to LDAP server failed';
}
- @ldap_close($ds);
- } else {
- $this->loginStatus = 'Connect to LDAP server failed';
}
+ $_SESSION['settings'] = $this->settings;
+
return $result;
}
public function getLoginStatus() {
- return $this->loginStatus;
+ $status = 'Not logged in';
+
+ $this->log("getLoginStatus", 4);
+
+ if (isset($this->settings['loginStatus'])) {
+ $status = $this->settings['loginStatus'];
+ }
+
+ return $status;
}
public function isLoggedIn() {
global $CFG;
$loggedIn = false;
- if ($this->user) {
- $loggedIn = true;
- } else if (isset($_SESSION['user'])) {
- $this->user = $_SESSION['user'];
- $loggedIn = true;
- } else {
- if ($CFG->auth_method == 'HTTP_AUTH') {
- if (isset($this->server['PHP_AUTH_USER'])) {
- $this->user = $this->server['PHP_AUTH_USER'];
- $loggedIn = true;
+ $this->log("isLoggedIn[1]: user ".var_export($this->settings['user'], true), 3);
+
+ if ('' == session_id()) {
+ $this->startSession();
+ }
+
+ $this->log("isLoggedIn[2]: user ".var_export($this->settings['user'], true), 3);
+ $this->checkSession();
+ $this->log("isLoggedIn[3]: user ".var_export($this->settings['user'], true), 3);
+
+ if (isset($this->settings['user'])) {
+ if ($this->settings['user'] != null) {
+ $loggedIn = true;
+ } else {
+ if ($CFG->auth_method == 'HTTP_AUTH') {
+ if (isset($_SERVER['PHP_AUTH_USER'])) {
+ $this->settings['user'] = $_SERVER['PHP_AUTH_USER'];
+ $loggedIn = true;
+ }
}
}
}
+ if ($loggedIn == false) {
+ $this->log('$this->settings: '.var_export($this->settings, true), 3);
+ $this->log('R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']), 3);
+ }
+
+ $_SESSION['settings'] = $this->settings;
+
return $loggedIn;
}
public function getUser() {
- $this->isLoggedIn();
- return $this->user;
+ $user = null;
+
+ $this->log("getUser", 4);
+
+ if ($this->isLoggedIn()) {
+ $user = $this->settings['user'];
+ }
+
+ return $user;
}
public function getHeader() {
+ $this->log("getHeader", 4);
+
return $this->header;
}
public function getFooter() {
+ $this->log("getFooter", 4);
+
return $this->footer;
}
public function getHeading() {
+ $this->log("getHeading", 4);
+
return $this->heading;
}
public function setHeading($heading) {
global $CFG;
+ $this->log("setHeading", 4);
+
$timeout = $CFG->session_timeout * 60 * 1000;
$this->heading = str_replace('__TITLE__', $heading, $this->heading);
$this->header = str_replace('__TITLE__', $heading, $this->header);
@@ -211,6 +344,8 @@ class Utils {
}
public function convertContent($code) {
+ $this->log("convertContent", 4);
+
$table = array(
'V' => 'Virus',
'B' => 'Banned',