diff --git a/html/main.php b/html/main.php
index 8743d378c3ce95928156212ba1c7d0ef2c08fd71..f9c2cc6e7d93e4517ce3ad36fb592389b0ad034e 100644 (file)
--- a/html/main.php
+++ b/html/main.php
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+/* Save start time */
+$start = microtime();
+
/* Basic setup, remove eventually registered sessions */
/* Basic setup, remove eventually registered sessions */
-$timing= array();
require_once ("../include/php_setup.inc");
require_once ("functions.inc");
require_once ("../include/php_setup.inc");
require_once ("functions.inc");
-header("Content-type: text/html; charset=UTF-8");
+require_once ("functions_FAI.inc");
-/* Find all class files and include them */
-get_dir_list("$BASE_DIR/plugins");
+/* Set header */
+header("Content-type: text/html; charset=UTF-8");
/* Set the text domain as 'messages' */
$domain = 'messages';
bindtextdomain($domain, "$BASE_DIR/locale");
textdomain($domain);
/* Set the text domain as 'messages' */
$domain = 'messages';
bindtextdomain($domain, "$BASE_DIR/locale");
textdomain($domain);
+/* Set cookie lifetime to one day (The parameter is in seconds ) */
+session_set_cookie_params(24*60*60);
+
+/* Set cache limter to one day (parameter is minutes !!)*/
+session_cache_expire(60*24); // default is 180
+
+/* Set session max lifetime, to prevent the garbage collector to delete session before timeout.
+ !! The garbage collector is a cron job on debian systems, the cronjob will fetch the timeout from
+ the php.ini, so if you use debian, you must hardcode session.gc_maxlifetime in your php.ini */
+ini_set("session.gc_maxlifetime",24*60*60);
+
/* Remember everything we did after the last click */
session_start ();
/* Remember everything we did after the last click */
session_start ();
+
+$_SESSION['limit_exceeded'] =FALSE;
+
if ($_SERVER["REQUEST_METHOD"] == "POST"){
@DEBUG (DEBUG_POST, __LINE__, __FUNCTION__, __FILE__, $_POST, "_POST");
}
if ($_SERVER["REQUEST_METHOD"] == "POST"){
@DEBUG (DEBUG_POST, __LINE__, __FUNCTION__, __FILE__, $_POST, "_POST");
}
/* Logged in? Simple security check */
if (!isset($_SESSION['config'])){
/* Logged in? Simple security check */
if (!isset($_SESSION['config'])){
- gosa_log ("main.php called without session");
- header ("Location: index.php");
+ new log("security","login","",array(),"main.php called without session - logging out") ;
+ header ("Location: logout.php");
exit;
}
/* Reset errors */
exit;
}
/* Reset errors */
-$_SESSION['errors']= "";
+$_SESSION['errors'] = "";
+$_SESSION['errorsAlreadyPosted']= array();
+$_SESSION['LastError'] = "";
/* Check for uniqe ip address */
$ui= $_SESSION["ui"];
if ($_SERVER['REMOTE_ADDR'] != $ui->ip){
/* Check for uniqe ip address */
$ui= $_SESSION["ui"];
if ($_SERVER['REMOTE_ADDR'] != $ui->ip){
- gosa_log ("main.php called with session which has a changed IP address.", 3);
+ new log("security","login","",array(),"main.php called with session which has a changed IP address.") ;
header ("Location: logout.php");
exit;
}
$config= $_SESSION['config'];
header ("Location: logout.php");
exit;
}
$config= $_SESSION['config'];
+
+/* Check for invalid sessions */
+if(empty($_SESSION['_LAST_PAGE_REQUEST'])){
+ $_SESSION['_LAST_PAGE_REQUEST']= time();
+}else{
+
+ /* check GOsa.conf for defined session lifetime */
+ if(isset($config->data['MAIN']['SESSION_LIFETIME'])){
+ $max_life = $config->data['MAIN']['SESSION_LIFETIME'];
+ }else{
+ $max_life = 60*60*2;
+ }
+
+ /* get time difference between last page reload */
+ $request_time = (time()-$_SESSION['_LAST_PAGE_REQUEST']);
+
+ /* If page wasn't reloaded for more than max_life seconds
+ * kill session
+ */
+ if($request_time > $max_life){
+ session_unset();
+ new log("security","login","",array(),"main.php called without session - logging out") ;
+ header ("Location: logout.php");
+ exit;
+ }
+ $_SESSION['_LAST_PAGE_REQUEST'] = time();
+}
+
+
@DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
/* Set template compile directory */
@DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
/* Set template compile directory */
$smarty->compile_dir= '/var/spool/gosa/';
}
$smarty->compile_dir= '/var/spool/gosa/';
}
+/* Set default */
+$reload_navigation = false;
+
+/* Set last initialised language to current, browser settings */
+if((!isset($_SESSION['Last_init_lang']))){
+ $reload_navigation = true;
+ $_SESSION['Last_init_lang'] = get_browser_language();
+}
+
+/* If last language != current force navi reload */
+$lang= get_browser_language();
+if($_SESSION['Last_init_lang'] != $lang){
+ $reload_navigation = true;
+}
+
/* Language setup */
/* Language setup */
-if ($config->data['MAIN']['LANG'] == ""){
- $lang= get_browser_language();
-} else {
- $lang= $config->data['MAIN']['LANG'];
+$_SESSION['Last_init_lang'] = $lang;
+
+/* Preset current main base */
+if(!isset($_SESSION['CurrentMainBase'])){
+ $_SESSION['CurrentMainBase']= get_base_from_people($ui->dn);
}
}
-$lang.=".UTF-8";
+
putenv("LANGUAGE=");
putenv("LANG=$lang");
setlocale(LC_ALL, $lang);
putenv("LANGUAGE=");
putenv("LANG=$lang");
setlocale(LC_ALL, $lang);
/* Prepare plugin list */
if (!isset($_SESSION['plist'])){
/* Prepare plugin list */
if (!isset($_SESSION['plist'])){
+ /* Initially load all classes */
+ $class_list= get_declared_classes();
+ foreach ($class_mapping as $class => $path){
+ if (!in_array($class, $class_list)){
+ require_once("$BASE_DIR/$path");
+ }
+ }
+
$_SESSION['plist']= new pluglist($config, $ui);
$_SESSION['plist']= new pluglist($config, $ui);
+
+ /* Load ocMapping into userinfo */
+ $tmp= new acl($config, NULL, $ui->dn);
+ $ui->ocMapping= $tmp->ocMapping;
+ $_SESSION['ui']= $ui;
}
$plist= $_SESSION['plist'];
/* Check for register globals */
if (isset($global_check) && $config->data['MAIN']['FORCEGLOBALS'] == 'true'){
}
$plist= $_SESSION['plist'];
/* Check for register globals */
if (isset($global_check) && $config->data['MAIN']['FORCEGLOBALS'] == 'true'){
- print_red (_("Register globals is on. GOsa will refuse to login unless this is fixed by an administrator."));
- echo $_SESSION['errors'];
- gosa_log ("Register globals is on. For security reasons, this should be turned off.");
+ echo _("FATAL: Register globals is on. GOsa will refuse to login unless this is fixed by an administrator.");
+ new log("security","login","",array(),"Register globals is on. For security reasons, this should be turned off.") ;
session_destroy ();
exit ();
}
session_destroy ();
exit ();
}
$plugin_dir= $plist->get_path($plug);
$_SESSION['plugin_dir']= $plugin_dir;
if ($plugin_dir == ""){
$plugin_dir= $plist->get_path($plug);
$_SESSION['plugin_dir']= $plugin_dir;
if ($plugin_dir == ""){
- gosa_log ("main.php called with invalid plug parameter \"$plug\"", 3);
+ new log("security","gosa","",array(),"main.php called with invalid plug parameter \"$plug\"") ;
header ("Location: logout.php");
exit;
}
header ("Location: logout.php");
exit;
}
/* Load department list when plugin has changed. That is some kind of
compromise between speed and beeing up to date */
if (isset($_GET['reset'])){
/* Load department list when plugin has changed. That is some kind of
compromise between speed and beeing up to date */
if (isset($_GET['reset'])){
- $config->departments= get_departments();
- $config->make_idepartments ();
if (isset($_SESSION['objectinfo'])){
unset ($_SESSION['objectinfo']);
}
if (isset($_SESSION['objectinfo'])){
unset ($_SESSION['objectinfo']);
}
}
if ($_SESSION['js']==FALSE){
$smarty->assign("javascript", "false");
}
if ($_SESSION['js']==FALSE){
$smarty->assign("javascript", "false");
- $smarty->assign("help_method", "href='helpviewer.php$plug' target='_new'");
+ $smarty->assign("help_method", "href='helpviewer.php$plug' target='_blank'");
} else {
$smarty->assign("javascript", "true");
$smarty->assign("help_method"," onclick=\"return popup('helpviewer.php$plug','GOsa help');\"");
} else {
$smarty->assign("javascript", "true");
$smarty->assign("help_method"," onclick=\"return popup('helpviewer.php$plug','GOsa help');\"");
$smarty->assign ("go_corner", get_template_path('images/go_corner.png'));
$smarty->assign ("go_left", get_template_path('images/go_left.png'));
$smarty->assign ("go_help", get_template_path('images/help.png'));
$smarty->assign ("go_corner", get_template_path('images/go_corner.png'));
$smarty->assign ("go_left", get_template_path('images/go_left.png'));
$smarty->assign ("go_help", get_template_path('images/help.png'));
+
+/* reload navigation if language changed*/
+if($reload_navigation){
+ $plist->menu="";;
+}
+$plist->gen_headlines();
$plist->gen_menu();
$smarty->assign ("menu", $plist->menu);
$smarty->assign ("plug", "$plug");
$header= "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
$plist->gen_menu();
$smarty->assign ("menu", $plist->menu);
$smarty->assign ("plug", "$plug");
$header= "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
-
/* React on clicks */
if ($_SERVER["REQUEST_METHOD"] == "POST"){
/* React on clicks */
if ($_SERVER["REQUEST_METHOD"] == "POST"){
lock at this point globally. Plugins do not need to remove it. */
if (isset($_POST['delete_lock']) && isset($_SESSION['dn'])){
del_lock ($_SESSION['dn']);
lock at this point globally. Plugins do not need to remove it. */
if (isset($_POST['delete_lock']) && isset($_SESSION['dn'])){
del_lock ($_SESSION['dn']);
+
+ /* Set old Post data */
+ if(isset($_SESSION['LOCK_VARS_USED'])){
+ foreach($_SESSION['LOCK_VARS_USED'] as $name => $value){
+ $_GET[$name] = $value;
+ $_POST[$name] = $value;
+ }
+ }
sess_del ('dn');
}
sess_del ('dn');
}
echo "<input type=\"hidden\" name=\"session_cnt\" value=\"".$_SESSION['post_cnt']."\">\n";
}
echo "<input type=\"hidden\" name=\"session_cnt\" value=\"".$_SESSION['post_cnt']."\">\n";
}
+/* check if we are using account expiration */
+if((isset($config->data['MAIN']['ACCOUNT_EXPIRATION'])) &&
+ preg_match('/true/i', $config->data['MAIN']['ACCOUNT_EXPIRATION'])){
+
+ $expired= ldap_expired_account($config, $ui->dn, $ui->username);
+
+ if ($expired == 2){
+ new log("security","gosa","",array(),"password for user \"$ui->username\" is about to expire") ;
+ print_red(_("Your password is about to expire, please change your password"));
+ }
+}
+
/* Load plugin */
if (is_file("$plugin_dir/main.inc")){
require_once ("$plugin_dir/main.inc");
} else {
/* Load plugin */
if (is_file("$plugin_dir/main.inc")){
require_once ("$plugin_dir/main.inc");
} else {
- print_red(sprintf(_("Can't find any plugin definitions for plugin '%s'!"), $plug));
- echo $_SESSION['errors'];
+ echo sprintf(_("FATAL: Can't find any plugin definitions for plugin '%s'!"), $plug);
exit();
}
exit();
}
-/* Close div/tables */
+
+/* Print_out last ErrorMessage repeated string. */
+if(isset($_GET['add'])){
+msg_dialog::display("Error" ,"Kann datei nicht schreiben, bla",ERROR_DIALOG);
+msg_dialog::display("Warning" ,"Kann datei nicht schreiben, bla",WARNING_DIALOG);
+msg_dialog::display("Info" ,"Kann datei nicht schreiben, bla",INFO_DIALOG);
+msg_dialog::display("Confirm" ,"Kann datei nicht schreiben, bla",CONFIRM_DIALOG);
+}
+
+$smarty->assign("msg_dialogs", msg_dialog::get_dialogs());
$smarty->assign("contents", $display);
$smarty->assign("contents", $display);
+
+/* Assign erros to smarty */
if (isset($_SESSION['errors'])){
$smarty->assign("errors", $_SESSION['errors']);
}
if ($error_collector != ""){
if (isset($_SESSION['errors'])){
$smarty->assign("errors", $_SESSION['errors']);
}
if ($error_collector != ""){
- $smarty->assign("php_errors", $error_collector."</div>");
+ $smarty->assign("php_errors", preg_replace("/%BUGBODY%/",$error_collector_mailto,$error_collector)."</div>");
} else {
$smarty->assign("php_errors", "");
}
} else {
$smarty->assign("php_errors", "");
}
+
+/* Set focus to the error button if we've an error message */
+$focus= "";
+if (isset($_SESSION['errors']) && $_SESSION['errors'] != ""){
+ $focus= '<script language="JavaScript" type="text/javascript">';
+ $focus.= 'document.forms[0].error_accept.focus();';
+ $focus.= '</script>';
+}
+
+ $focus= '<script language="JavaScript" type="text/javascript">';
+ $focus.= 'next_msg_dialog();';
+ $focus.= '</script>';
+
+
+$smarty->assign("focus", $focus);
+
$display= $header.$smarty->fetch(get_template_path('framework.tpl'));
$display= $header.$smarty->fetch(get_template_path('framework.tpl'));
-/* For development, perform a W3C conformance check if specified in gosa.conf */
-if (isset($config->data['MAIN']['W3CTEST']) && preg_match('/true/i', $config->data['MAIN']['W3CTEST'])) {
-
- /* Use PHP tidy for debugging */
- $tidy = new tidy();
- $config = array('indent' => TRUE,
- 'output-xhtml' => TRUE,
- 'wrap' => 200);
- $display = tidy_parse_string($display, $config, 'UTF8');
- tidy_clean_repair($display);
- $cnt = (tidy_error_count($display))+(tidy_warning_count($display));
- if($cnt != 0){
- echo "<table width=\"100%\" style='background-color:#E0E0E0;border-bottom:1px solid black'><tr><td><img alt=\"\" align=\"middle\" src='images/warning.png'> <font style='font-size:14px;font-weight:bold'>"._("Generating this page caused the W3C conformance checker to raise some errors!")."</font></td><td align=right><button onClick='toggle(\"w3cbox\")'>"._("Toggle information")."</button></td></tr></table><div id='w3cbox' style='width:100%; position:absolute; z-index:0; visibility: hidden; background-color:white; border-bottom:1px solid black;'>";
-
- echo nl2br(htmlentities($display->errorBuffer))."</div>";
+/* Save dialog filters and selected base in a cookie.
+ So we may be able to restore the filter an base settings on reload.
+*/
+if(isset($config->data['MAIN']['SAVE_FILTER']) && preg_match("/true/",$config->data['MAIN']['SAVE_FILTER'])){
+ $cookie_vars = array("MultiDialogFilters","CurrentMainBase");
+ foreach($cookie_vars as $var){
+ if(isset($_SESSION[$var])){
+ @setcookie($var,base64_encode(serialize($_SESSION[$var])),time()+ 60*60*24*30);
+ }
}
}
- tidy_clean_repair($display);
}
/* Show page... */
echo $display;
}
/* Show page... */
echo $display;
-/* Save plist */
+/* Save plist and config */
$_SESSION['plist']= $plist;
$_SESSION['plist']= $plist;
+$_SESSION['config']= $config;
+
+/* Echo compilation time */
+#echo "<p align='right'>".get_MicroTimeDiff($start,microtime())."</p>";
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>