X-Git-Url: http://git.datanom.net/qtadmin.git/blobdiff_plain/6df4b8055a0e63b554ed211760ab1aa5cb431306..1e354d2079b77adb249465d86e86fa8a59f9dc4e:/lib/utils.inc.php diff --git a/lib/utils.inc.php b/lib/utils.inc.php index ec842b8..0bae909 100644 --- a/lib/utils.inc.php +++ b/lib/utils.inc.php @@ -4,145 +4,158 @@ require_once $CFG->root .'config.php'; class Utils { - private static $_instance = null; - private $server; - private $user; - private $is_admin; - private $loginStatus; - private $header = ' + private static $_instance = null; + private $server; + private $user; + private $is_admin; + private $loginStatus; + private $timeout; + private $header = ' - - - - - __TITLE__ + + + + + + __TITLE__ '; - private $footer = ''; - private $heading = '

Session timeout: -

__TITLE__

'; - - private function __construct() { - global $CFG; - - $this->server = $_SERVER; - session_start(); - - $this->user = null; - $this->is_admin = false; - $this->loginStatus = 'Not logged in'; - - if (isset($_SESSION['user'])) { - $this->user = $_SESSION['user']; - $this->loginStatus = 'OK'; - $this->is_admin = $_SESSION['is_admin']; - } else { - if ($CFG->auth_method == 'HTTP_AUTH') { - if (isset($this->server['PHP_AUTH_USER'])) { - $this->user = $this->server['PHP_AUTH_USER']; - $this->loginStatus = 'OK'; - if ($CFG->admin_user == $this->user) - $this->is_admin = true; - } - } - } - $_SESSION['user'] = $this->user; - $_SESSION['is_admin'] = $this->is_admin; - } - - private function __clone() {} - - public static function getInstance() { - global $CFG; - - if (!is_object(self::$_instance)) { - self::$_instance = new Utils(); - } - // Session timeout handler - if ('' == session_id()) - session_start(); - if (isset($CFG->session_timeout)) { - $timeout = $CFG->session_timeout * 60; - } else { - $timeout = 20 * 60; - } - - if (ini_get('session.gc_maxlifetime') != $timeout) - ini_set('session.gc_maxlifetime', $timeout); - if (ini_get('session.cookie_lifetime') != $timeout) - ini_set('session.cookie_lifetime', $timeout); - $time = $_SERVER['REQUEST_TIME']; - if (isset($_SESSION['LAST_ACTIVITY']) && ($time - $_SESSION['LAST_ACTIVITY']) >= $timeout) { - session_unset(); - session_destroy(); - session_start(); - self::$_instance->user = null; - self::$_instance->is_admin = false; - } - $_SESSION['LAST_ACTIVITY'] = $time; - - return self::$_instance; - } - - public function logout() { - $_SESSION = array(); - if (ini_get('session.use_cookies')) { - $params = session_get_cookie_params(); - setcookie(session_name(), '', time() - 42000, - $params['path'], $params['domain'], - $params['secure'], $params['httponly']); - } - session_unset(); - session_destroy(); - $this->user = null; - $this->is_admin = false; - } - - public function isAdmin() { - //file_put_contents('/tmp/login.txt', var_export($this, true)); - return $this->is_admin; - } - - public function login($user, $pw) { - global $CFG; - $result = false; - - unset($_SESSION['user']); - unset($_SESSION['is_admin']); - $this->user = null; - $this->is_admin = false; - - $p = explode('@', $user); - if (count($p) != 2) { - $this->loginStatus = 'Bad username'; - return false; - } - $domain = $p[1]; - $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn"; + private $footer = ''; + private $heading = '

Session timeout: +

__TITLE__

'; + + private function __construct() { + global $CFG; + + $this->server = $_SERVER; + + $this->user = null; + $this->is_admin = false; + $this->loginStatus = 'Not logged in'; + + $this->startSession(); + + if (isset($_SESSION['user'])) { + $this->user = $_SESSION['user']; + $this->loginStatus = 'OK'; + $this->is_admin = $_SESSION['is_admin']; + } else { + if ($CFG->auth_method == 'HTTP_AUTH') { + if (isset($this->server['PHP_AUTH_USER'])) { + $this->user = $this->server['PHP_AUTH_USER']; + $this->loginStatus = 'OK'; + if ($CFG->admin_user == $this->user) + $this->is_admin = true; + } + } + } + $_SESSION['user'] = $this->user; + $_SESSION['is_admin'] = $this->is_admin; + } + + private function __clone() {} + + private function startSession() { + global $CFG; + + if (isset($CFG->session_timeout)) { + $this->timeout = $CFG->session_timeout * 60; + } else { + $this->timeout = 20 * 60; + } + + if (ini_get('session.gc_maxlifetime') != $this->timeout) + ini_set('session.gc_maxlifetime', $this->timeout); + if (ini_get('session.cookie_lifetime') != $this->timeout) + ini_set('session.cookie_lifetime', $this->timeout); + + session_start(); + + //echo ini_get('session.gc_maxlifetime').':'.ini_get('session.cookie_lifetime'); + } + + public static function getInstance() { + global $CFG; + + if (!is_object(self::$_instance)) { + self::$_instance = new Utils(); + } + + $time = $_SERVER['REQUEST_TIME']; + if (isset($_SESSION['LAST_ACTIVITY']) && + ($time - $_SESSION['LAST_ACTIVITY']) >= self::$_instance->timeout) { + echo 'R_TIME: '.date('c', $time).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); + exit; + session_unset(); + session_destroy(); + self::$_instance->user = null; + self::$_instance->is_admin = false; + } else { + $_SESSION['LAST_ACTIVITY'] = $time; + } + + return self::$_instance; + } + + public function logout() { + $_SESSION = array(); + if (ini_get('session.use_cookies')) { + $params = session_get_cookie_params(); + setcookie(session_name(), '', time() - 42000, + $params['path'], $params['domain'], + $params['secure'], $params['httponly']); + } + session_unset(); + session_destroy(); + $this->user = null; + $this->is_admin = false; + } + + public function isAdmin() { + //file_put_contents('/tmp/login.txt', var_export($this, true)); + return $this->is_admin; + } + + public function login($user, $pw) { + global $CFG; + $result = false; + + unset($_SESSION['user']); + unset($_SESSION['is_admin']); + $this->user = null; + $this->is_admin = false; + + $p = explode('@', $user); + if (count($p) != 2) { + $this->loginStatus = 'Bad username'; + return false; + } + $domain = $p[1]; + $dn = "mail=$user,ou=Users,domainName=$domain,$CFG->ldap_base_dn"; $filter = "(&(objectclass=mailUser)(accountStatus=active)(mail=$user))"; $ds = @ldap_connect($CFG->ldap_dsn); if ($ds) { - @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); $r = @ldap_bind($ds, $dn, $pw); if ($r) { $sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin')); $info = @ldap_get_entries($ds, $sr); // array if ($info['count'] > 0) { - $_SESSION['user'] = $user; - $this->user = $user; - $result = true; - $this->loginStatus = 'OK'; - $admin = 'NO'; - if (isset($info[0]['domainglobaladmin'])) { - $admin = $info[0]['domainglobaladmin'][0]; - $admin = strtoupper($admin); - } - $this->is_admin = ($admin == 'YES') ? true : false; - $_SESSION['is_admin'] = $this->is_admin; + $_SESSION['user'] = $user; + $this->user = $user; + $result = true; + $this->loginStatus = 'OK'; + $admin = 'NO'; + if (isset($info[0]['domainglobaladmin'])) { + $admin = $info[0]['domainglobaladmin'][0]; + $admin = strtoupper($admin); + } + $this->is_admin = ($admin == 'YES') ? true : false; + $_SESSION['is_admin'] = $this->is_admin; } else { $this->loginStatus = 'Login failed'; } @@ -154,79 +167,85 @@ class Utils { $this->loginStatus = 'Connect to LDAP server failed'; } - return $result; - } - - public function getLoginStatus() { - return $this->loginStatus; - } - - public function isLoggedIn() { - global $CFG; - $loggedIn = false; - - if ($this->user) { - $loggedIn = true; - } else if (isset($_SESSION['user'])) { - $this->user = $_SESSION['user']; - $loggedIn = true; - } else { - if ($CFG->auth_method == 'HTTP_AUTH') { - if (isset($this->server['PHP_AUTH_USER'])) { - $this->user = $this->server['PHP_AUTH_USER']; - $loggedIn = true; - } - } - } - - return $loggedIn; - } - - public function getUser() { - $this->isLoggedIn(); - return $this->user; - } - - public function getHeader() { - return $this->header; - } - - public function getFooter() { - return $this->footer; - } + return $result; + } - public function getHeading() { - return $this->heading; - } + public function getLoginStatus() { + return $this->loginStatus; + } + + public function isLoggedIn() { + global $CFG; + $loggedIn = false; - public function setHeading($heading) { - global $CFG; + echo '$this->user: '.$this->user.' $_SESSION['user']: '.$_SESSION['user']; + if ($this->user) { + $loggedIn = true; + } else if (isset($_SESSION['user'])) { + $this->user = $_SESSION['user']; + $loggedIn = true; + } else { + if ($CFG->auth_method == 'HTTP_AUTH') { + if (isset($this->server['PHP_AUTH_USER'])) { + $this->user = $this->server['PHP_AUTH_USER']; + $loggedIn = true; + } + } + } - $timeout = $CFG->session_timeout * 60 * 1000; - $this->heading = str_replace('__TITLE__', $heading, $this->heading); - $this->header = str_replace('__TITLE__', $heading, $this->header); - $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header); - $this->header = str_replace('__TIMEOUT__', $timeout, $this->header); + if ($loggedIn == false) { + echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']); + exit; } + return $loggedIn; + } + + public function getUser() { + $this->isLoggedIn(); + return $this->user; + } + + public function getHeader() { + return $this->header; + } + + public function getFooter() { + return $this->footer; + } + + public function getHeading() { + return $this->heading; + } + + public function setHeading($heading) { + global $CFG; + + $timeout = $CFG->session_timeout * 60 * 1000; + $this->heading = str_replace('__TITLE__', $heading, $this->heading); + $this->header = str_replace('__TITLE__', $heading, $this->header); + $this->header = str_replace('__ROOT__', $CFG->wwwroot, $this->header); + $this->header = str_replace('__TIMEOUT__', $timeout, $this->header); + } + + public function convertContent($code) { + $table = array( + 'V' => 'Virus', + 'B' => 'Banned', + 'U' => 'Unchecked', + 'S' => 'Spam', + 'Y' => 'Spammy', + 'M' => 'Bad Mime', + 'H' => 'Bad Header', + 'O' => 'Over sized', + 'T' => 'MTA err', + 'C' => 'Clean' + ); + + $string = $table[$code]; + if (empty($string)) + $string = 'Unknown'; + + return $string; + } - public function convertContent($code) { - $table = array( - 'V' => 'Virus', - 'B' => 'Banned', - 'U' => 'Unchecked', - 'S' => 'Spam', - 'Y' => 'Spammy', - 'M' => 'Bad Mime', - 'H' => 'Bad Header', - 'O' => 'Over sized', - 'T' => 'MTA err', - 'C' => 'Clean' - ); - - $string = $table[$code]; - if (empty($string)) - $string = 'Unknown'; - - return $string; - } }