a1b8a768b04ec8c46daa2a764b6f996fb27b1122
1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /* Basic setup, remove eventually registered sessions */
22 $start = microtime();
23 $timing= array();
24 require_once ("../include/php_setup.inc");
25 require_once ("functions.inc");
26 require_once ("functions_FAI.inc");
27 header("Content-type: text/html; charset=UTF-8");
29 /* Find all class files and include them */
30 get_dir_list("$BASE_DIR/plugins");
32 /* Set the text domain as 'messages' */
33 $domain = 'messages';
34 bindtextdomain($domain, "$BASE_DIR/locale");
35 textdomain($domain);
37 /* Set cookie lifetime to one day (The parameter is in seconds ) */
38 session_set_cookie_params(24*60*60);
40 /* Set cache limter to one day (parameter is minutes !!)*/
41 session_cache_expire(60*24); // default is 180
43 /* Set session max lifetime, to prevent the garbage collector to delete session before timeout.
44 !! The garbage collector is a cron job on debian systems, the cronjob will fetch the timeout from
45 the php.ini, so if you use debian, you must hardcode session.gc_maxlifetime in your php.ini */
46 ini_set("session.gc_maxlifetime",24*60*60);
48 /* Remember everything we did after the last click */
49 session_start ();
51 $_SESSION['limit_exceeded'] =FALSE;
53 if ($_SERVER["REQUEST_METHOD"] == "POST"){
54 @DEBUG (DEBUG_POST, __LINE__, __FUNCTION__, __FILE__, $_POST, "_POST");
55 }
56 @DEBUG (DEBUG_POST, __LINE__, __FUNCTION__, __FILE__, $_SESSION, "_SESSION");
58 /* Logged in? Simple security check */
59 if (!isset($_SESSION['config'])){
60 gosa_log ("main.php called without session - logging out");
61 header ("Location: logout.php");
62 exit;
63 }
65 /* Reset errors */
66 $_SESSION['errors'] = "";
67 $_SESSION['errorsAlreadyPosted']= array();
68 $_SESSION['LastError'] = "";
70 /* Check for uniqe ip address */
71 $ui= $_SESSION["ui"];
72 if ($_SERVER['REMOTE_ADDR'] != $ui->ip){
73 gosa_log ("main.php called with session which has a changed IP address.", 3);
74 header ("Location: logout.php");
75 exit;
76 }
77 $config= $_SESSION['config'];
79 /* Check for invalid sessions */
80 if(empty($_SESSION['_LAST_PAGE_REQUEST'])){
81 $_SESSION['_LAST_PAGE_REQUEST']= time();
82 }else{
84 /* check GOsa.conf for defined session lifetime */
85 if(isset($config->data['MAIN']['SESSION_LIFETIME'])){
86 $max_life = $config->data['MAIN']['SESSION_LIFETIME'];
87 }else{
88 $max_life = 60*60*2;
89 }
91 /* get time difference between last page reload */
92 $request_time = (time()-$_SESSION['_LAST_PAGE_REQUEST']);
94 /* If page wasn't reloaded for more than max_life seconds
95 * kill session
96 */
97 if($request_time > $max_life){
98 session_unset();
99 gosa_log ("main.php called without session - logging out");
100 header ("Location: logout.php");
101 exit;
102 }
103 $_SESSION['_LAST_PAGE_REQUEST'] = time();
104 }
107 @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
109 /* Set template compile directory */
110 if (isset ($config->data['MAIN']['COMPILE'])){
111 $smarty->compile_dir= $config->data['MAIN']['COMPILE'];
112 } else {
113 $smarty->compile_dir= '/var/spool/gosa/';
114 }
116 /* Set default */
117 $reload_navigation = false;
119 /* Set last initialised language to current, browser settings */
120 if((!isset($_SESSION['Last_init_lang']))){
121 $reload_navigation = true;
122 $_SESSION['Last_init_lang'] = get_browser_language();
123 }
125 /* Language setup */
126 if ($config->data['MAIN']['LANG'] == ""){
128 /* If last language != current force navi reload */
129 if($_SESSION['Last_init_lang'] != get_browser_language()){
130 $reload_navigation = true;
131 }
132 $lang= get_browser_language();
133 $_SESSION['Last_init_lang'] = $lang;
134 } else {
135 $lang= $config->data['MAIN']['LANG'];
136 }
138 /* Preset current main base */
139 if(!isset($_SESSION['CurrentMainBase'])){
140 $_SESSION['CurrentMainBase']= get_base_from_people($ui->dn);
141 }
143 $lang.=".UTF-8";
144 putenv("LANGUAGE=");
145 putenv("LANG=$lang");
146 setlocale(LC_ALL, $lang);
147 $GLOBALS['t_language']= $lang;
148 $GLOBALS['t_gettext_message_dir'] = $BASE_DIR.'/locale/';
150 /* Set the text domain as 'messages' */
151 $domain = 'messages';
152 bindtextdomain($domain, "$BASE_DIR/locale");
153 textdomain($domain);
154 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to");
156 /* Prepare plugin list */
157 if (!isset($_SESSION['plist'])){
158 $_SESSION['plist']= new pluglist($config, $ui);
160 /* Load ocMapping into userinfo */
161 $tmp= new acl($config, NULL, $ui->dn);
162 $ui->ocMapping= $tmp->ocMapping;
163 $_SESSION['ui']= $ui;
164 }
165 $plist= $_SESSION['plist'];
167 /* Check for register globals */
168 if (isset($global_check) && $config->data['MAIN']['FORCEGLOBALS'] == 'true'){
169 echo _("FATAL: Register globals is on. GOsa will refuse to login unless this is fixed by an administrator.");
170 gosa_log ("Register globals is on. For security reasons, this should be turned off.");
171 session_destroy ();
172 exit ();
173 }
175 /* Check Plugin variable */
176 if (isset($_SESSION['plugin_dir'])){
177 $old_plugin_dir= $_SESSION['plugin_dir'];
178 } else {
179 $old_plugin_dir= "";
180 }
181 if (isset($_GET['plug'])){
182 $plug= validate($_GET['plug']);
183 $plugin_dir= $plist->get_path($plug);
184 $_SESSION['plugin_dir']= $plugin_dir;
185 if ($plugin_dir == ""){
186 gosa_log ("main.php called with invalid plug parameter \"$plug\"", 3);
187 header ("Location: logout.php");
188 exit;
189 }
190 } else {
191 /* set to welcome page as default plugin */
192 $_SESSION['plugin_dir']= "welcome";
193 $plugin_dir= "$BASE_DIR/plugins/generic/welcome";
194 }
196 /* Check if we need to delete a lock */
197 if ($old_plugin_dir != $plugin_dir){
198 if (is_file("$old_plugin_dir/main.inc")){
199 $remove_lock= true;
200 require_once ("$old_plugin_dir/main.inc");
201 }
202 }
203 $remove_lock= false;
205 /* Check for sizelimits */
206 eval_sizelimit();
208 /* Check for memory */
209 if (function_exists("memory_get_usage")){
210 if (memory_get_usage() > (to_byte(ini_get('memory_limit')) - 2048000 )){
211 print_red(_("Warning: memory is getting low - please increase the memory_limit!"));
212 }
213 }
215 /* Redirect on back event */
216 if ($_SERVER["REQUEST_METHOD"] == "POST"){
218 /* Look for button events that match /^back[0-9]+$/,
219 extract the number and step the correct plugin. */
220 foreach ($_POST as $key => $value){
221 if (preg_match("/^back[0-9]+$/", $key)){
222 $back= substr($key, 4);
223 header ("Location: main.php?plug=$back");
224 exit;
225 }
226 }
227 }
229 /* Redirect on password back event */
230 if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['password_back'])){
231 header ("Location: main.php");
232 exit;
233 }
235 /* Check for multiple windows logout */
236 if ($_SERVER["REQUEST_METHOD"] == "POST"){
237 if (isset($_POST['reset_session'])){
238 header ("Location: logout.php");
239 exit;
240 }
242 if (isset($_POST['cancel_lock'])){
243 unset ($_SESSION['dn']);
244 }
245 }
248 /* Load department list when plugin has changed. That is some kind of
249 compromise between speed and beeing up to date */
250 if (isset($_GET['reset'])){
251 if (isset($_SESSION['objectinfo'])){
252 unset ($_SESSION['objectinfo']);
253 }
254 }
256 /* Install eGOsa hooks, convert _POST to _SESSION['POST'] */
257 if(isset($_GET['explorer'])){
258 $_SESSION{'eGosa'}=1;
259 }
260 if(isset($_SESSION['POST'])){
261 $_SERVER["REQUEST_METHOD"] = "POST";
262 foreach ($_SESSION['POST'] as $key => $dummy){
263 $_POST[$key]=$_SESSION['POST'][$key];
264 }
265 unset($_SESSION['POST']);
266 }
268 /* show web frontend */
269 $smarty->assign ("date", date("l, dS F Y H:i:s O"));
270 $smarty->assign ("must", "<font class=\"must\">*</font>");
271 if (isset($plug)){
272 $plug= "?plug=$plug";
273 } else {
274 $plug= "";
275 }
276 if ($_SESSION['js']==FALSE){
277 $smarty->assign("javascript", "false");
278 $smarty->assign("help_method", "href='helpviewer.php$plug' target='_blank'");
279 } else {
280 $smarty->assign("javascript", "true");
281 $smarty->assign("help_method"," onclick=\"return popup('helpviewer.php$plug','GOsa help');\"");
282 }
284 $smarty->assign ("username", $ui->username);
285 $smarty->assign ("go_logo", get_template_path('images/go_logo.png'));
286 $smarty->assign ("go_base", get_template_path('images/dtree.png'));
287 $smarty->assign ("go_home", get_template_path('images/gohome.png'));
288 $smarty->assign ("go_out", get_template_path('images/stop.png'));
289 $smarty->assign ("go_top", get_template_path('images/go_top.png'));
290 $smarty->assign ("go_corner", get_template_path('images/go_corner.png'));
291 $smarty->assign ("go_left", get_template_path('images/go_left.png'));
292 $smarty->assign ("go_help", get_template_path('images/help.png'));
294 /* reload navigation if language changed*/
295 if($reload_navigation){
296 $plist->menu="";;
297 }
298 $plist->gen_headlines();
299 $plist->gen_menu();
300 $smarty->assign ("menu", $plist->menu);
301 $smarty->assign ("plug", "$plug");
303 $header= "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
305 /* React on clicks */
306 if ($_SERVER["REQUEST_METHOD"] == "POST"){
308 /* 'delete_lock' is set by the lock removal dialog. We should remove the
309 lock at this point globally. Plugins do not need to remove it. */
310 if (isset($_POST['delete_lock']) && isset($_SESSION['dn'])){
311 del_lock ($_SESSION['dn']);
313 /* Set old Post data */
314 if(isset($_SESSION['LOCK_VARS_USED'])){
315 foreach($_SESSION['LOCK_VARS_USED'] as $name => $value){
316 $_GET[$name] = $value;
317 $_POST[$name] = $value;
318 }
319 }
320 sess_del ('dn');
321 }
324 /* I don't want multiple browser windows open. One way to check it is
325 to count a hidden field and warn the user if SESSION and INPUT count
326 differ. */
327 if (isset($_POST['session_cnt'])){
328 if ($_POST['session_cnt'] != $_SESSION['session_cnt']){
329 $smarty->display(get_template_path('conflict.tpl'));
330 exit ();
331 }
332 $_SESSION['session_cnt']= $_SESSION['session_cnt'] + 1;
333 $_SESSION['post_cnt']= validate($_POST['session_cnt']) + 1;
334 }
335 }
337 /* Only generate hidden click counter, if post_cnt is defined */
338 if (isset ($_SESSION['post_cnt'])){
339 echo "<input type=\"hidden\" name=\"session_cnt\" value=\"".$_SESSION['post_cnt']."\">\n";
340 }
342 $start = microtime();
345 /* Check if the user has used the browsers back button,
346 and display a warning, because using the back button could cause strange things
347 like tagging twice, moving an object twice ... */
348 if(!isset($_SESSION['back_button_test'])){
349 $_SESSION['back_button_test'] = 0;
350 }
351 if(isset($_POST['back_button_test']) && $_POST['back_button_test'] != $_SESSION['back_button_test']){
352 print_red(_("Please do not use the browsers 'back' or 'reload' button, use the GOsa interface to reload the user interface. This causes GOsa to perform your last request again and this could lead into some strange situations."));
353 }
356 /* check if we are using account expiration */
357 if((isset($config->data['MAIN']['ACCOUNT_EXPIRATION'])) &&
358 preg_match('/true/i', $config->data['MAIN']['ACCOUNT_EXPIRATION'])){
360 $expired= ldap_expired_account($config, $ui->dn, $ui->username);
362 if ($expired == 2){
363 gosa_log ("password for user \"$ui->username\" is about to expire");
364 print_red(_("Your password is about to expire, please change your password"));
365 }
366 }
368 /* Load plugin */
369 if (is_file("$plugin_dir/main.inc")){
370 require_once ("$plugin_dir/main.inc");
371 } else {
372 echo sprintf(_("FATAL: Can't find any plugin definitions for plugin '%s'!"), $plug);
373 exit();
374 }
377 /* Print_out last ErrorMessage repeated string. */
378 print_red(NULL);
380 /* Second part of browser 'back button used' check */
381 $_SESSION['back_button_test'] ++;
382 $bb = "<input type='hidden' name='back_button_test' value='".$_SESSION['back_button_test']."'>";
383 $smarty->assign("contents", $bb.$display.get_MicroTimeDiff($start,microtime()));
385 /* Assign erros to smarty */
386 if (isset($_SESSION['errors'])){
387 $smarty->assign("errors", $_SESSION['errors']);
388 }
389 if ($error_collector != ""){
390 $smarty->assign("php_errors", $error_collector."</div>");
391 } else {
392 $smarty->assign("php_errors", "");
393 }
394 $display= $header.$smarty->fetch(get_template_path('framework.tpl'));
396 if ((isset($config->data['MAIN']['W3CTEST']) && preg_match('/true/i', $config->data['MAIN']['W3CTEST']))&&(!empty($display))&&(is_callable("tidy_parse_string"))) {
397 tidy_parse_string(utf8_decode($display));
398 $err = nl2br(htmlentities(tidy_get_error_buffer()));
400 if($err){
401 echo "<table summary=\"\" width=\"100%\" style='background-color:#E0E0E0;border-bottom:1px solid black'><tr><td><img alt=\"W3C\" align=\"middle\" src='images/warning.png'> <font style='font-size:14px;font-weight:bold'>"._("Generating this page caused the W3C conformance checker to raise some errors!")."</font></td><td align=right><button onClick='toggle(\"w3cbox\")'>"._("Toggle information")."</ button></td></tr></table><div id='w3cbox' style='width:100%; position:absolute; z-index:0; visibility: hidden; background-color:white; border- bottom:1px solid black;'>";
402 echo $err."</div>";
403 }
405 tidy_clean_repair($display);
406 }
408 /* Show page... */
409 echo $display;
411 /* Save plist and config */
412 $_SESSION['plist']= $plist;
413 $_SESSION['config']= $config;
415 /* Echo compilation time * /
416 $r = split(" ",$start);
417 $ms = $r[0];
418 $s= $r[1];
420 $re = split(" ",microtime());
421 $mse = $re[0];
422 $se= $re[1];
424 $add = 0;
425 if(($mse -$ms)<0){
426 $se --;
427 $add = 1;
428 }
429 echo ($se -$s).",";
430 echo (int)(($add+($mse -$ms))*1000)." s";
431 */
432 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
433 ?>