ip){ new log("security","login","",array(),"main.php called with session which has a changed IP address.") ; header ("Location: logout.php"); exit; } $config= session::global_get('config'); $config->check_and_reload(); /* Enable compressed output */ if ($config->get_cfg_value("sendCompressedOutput") == "true"){ ob_start("ob_gzhandler"); } /* Check for invalid sessions */ if(session::global_get('_LAST_PAGE_REQUEST') == ""){ session::global_set('_LAST_PAGE_REQUEST',time()); }else{ /* check GOsa.conf for defined session lifetime */ $max_life= $config->get_cfg_value("sessionLifetime", 60*60*2); /* get time difference between last page reload */ $request_time = (time()- session::global_get('_LAST_PAGE_REQUEST')); /* If page wasn't reloaded for more than max_life seconds * kill session */ if($request_time > $max_life){ session::destroy(); new log("security","login","",array(),"main.php called without session - logging out") ; header ("Location: logout.php"); exit; } session::global_set('_LAST_PAGE_REQUEST',time()); } @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config"); /* Set template compile directory */ $smarty->compile_dir= $config->get_cfg_value("templateCompileDirectory", '/var/spool/gosa'); /* Set default */ $reload_navigation = false; /* Set last initialised language to current, browser settings */ if(!session::global_is_set('Last_init_lang')){ $reload_navigation = true; session::global_set('Last_init_lang',get_browser_language()); } /* If last language != current force navi reload */ $lang= get_browser_language(); if(session::global_get('Last_init_lang') != $lang){ $reload_navigation = true; } /* Language setup */ session::global_set('Last_init_lang',$lang); /* Preset current main base */ if(!session::global_is_set('CurrentMainBase')){ session::global_set('CurrentMainBase',get_base_from_people($ui->dn)); } putenv("LANGUAGE="); putenv("LANG=$lang"); setlocale(LC_ALL, $lang); $GLOBALS['t_language']= $lang; $GLOBALS['t_gettext_message_dir'] = $BASE_DIR.'/locale/'; /* Check if the config is up to date */ $config->check_config_version(); /* Set the text domain as 'messages' */ $domain = 'messages'; bindtextdomain($domain, LOCALE_DIR); textdomain($domain); @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to"); /* Prepare plugin list */ if (!session::global_is_set('plist')){ /* Initially load all classes */ $class_list= get_declared_classes(); foreach ($class_mapping as $class => $path){ if (!in_array($class, $class_list)){ if (is_readable("$BASE_DIR/$path")){ require_once("$BASE_DIR/$path"); } else { msg_dialog::display(_("Fatal error"), sprintf(_("Cannot locate file '%s' - please run '%s' to fix this"), "$BASE_DIR/$path", "update-gosa"), FATAL_ERROR_DIALOG); exit; } } } session::global_set('plist', new pluglist($config, $ui)); /* Load ocMapping into userinfo */ $tmp= new acl($config, NULL, $ui->dn); $ui->ocMapping= $tmp->ocMapping; session::global_set('ui',$ui); } $plist= session::global_get('plist'); /* Check for register globals */ if (isset($global_check) && $config->get_cfg_value("forceglobals") == "true"){ msg_dialog::display( _("PHP configuration"), _("FATAL: Register globals is on. GOsa will refuse to login unless this is fixed by an administrator."), FATAL_ERROR_DIALOG); new log("security","login","",array(),"Register globals is on. For security reasons, this should be turned off.") ; session::destroy (); exit; } /* Check Plugin variable */ if (session::global_is_set('plugin_dir')){ $old_plugin_dir= session::global_get('plugin_dir'); } else { $old_plugin_dir= ""; } if (isset($_GET['plug']) && $plist->plugin_access_allowed($_GET['plug'])){ $plug= validate($_GET['plug']); $plugin_dir= $plist->get_path($plug); session::global_set('plugin_dir',$plugin_dir); if ($plugin_dir == ""){ new log("security","gosa","",array(),"main.php called with invalid plug parameter \"$plug\"") ; header ("Location: logout.php"); exit; } } else { /* set to welcome page as default plugin */ session::global_set('plugin_dir',"welcome"); $plugin_dir= "$BASE_DIR/plugins/generic/welcome"; } /* Handle plugin locks. - Remove the plugin from session if we switched to another. (cleanup) - Remove all created locks if "reset" was posted. - Remove all created locks if we switched to another plugin. */ $cleanup = FALSE; $remove_lock= FALSE; /* Check if we have changed the selected plugin */ if($old_plugin_dir != $plugin_dir && $old_plugin_dir != ""){ if (is_file("$old_plugin_dir/main.inc")){ $cleanup = $remove_lock = TRUE; require ("$old_plugin_dir/main.inc"); $cleanup = $remove_lock = FALSE; } }else // elseif /* Reset was posted, remove all created locks for the current plugin */ if((isset($_GET['reset']) && $_GET['reset'] == 1) || isset($_POST['delete_lock'])){ $remove_lock = TRUE; } /* Check for sizelimits */ eval_sizelimit(); /* Check for memory */ if (function_exists("memory_get_usage")){ if (memory_get_usage() > (to_byte(ini_get('memory_limit')) - 2048000 )){ msg_dialog::display(_("Configuration error"), _("Running out of memory!"), WARNING_DIALOG); } } /* Redirect on back event */ if ($_SERVER["REQUEST_METHOD"] == "POST"){ /* Look for button events that match /^back[0-9]+$/, extract the number and step the correct plugin. */ foreach ($_POST as $key => $value){ if (preg_match("/^back[0-9]+$/", $key)){ $back= substr($key, 4); header ("Location: main.php?plug=$back"); exit; } } } /* Redirect on password back event */ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['password_back'])){ header ("Location: main.php"); exit; } /* Check for multiple windows logout */ if ($_SERVER["REQUEST_METHOD"] == "POST"){ if (isset($_POST['reset_session'])){ header ("Location: logout.php"); exit; } } /* Load department list when plugin has changed. That is some kind of compromise between speed and beeing up to date */ if (isset($_GET['reset'])){ set_object_info(); } /* show web frontend */ $smarty->assign ("logo", "