X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;ds=sidebyside;f=html%2Fmain.php;h=3eb9acca9018e381244149093d967b2cfc044607;hb=67a1bb7081e963ea17e0be2e8935d61abbfeb053;hp=66470b3571c6e333730d4420d4ca0d34e0decf9b;hpb=81a469d1d40dce4ff169568bf157c318aea81212;p=gosa.git

diff --git a/html/main.php b/html/main.php
index 66470b357..3eb9acca9 100644
--- a/html/main.php
+++ b/html/main.php
@@ -19,6 +19,7 @@
  */
 
 /* Basic setup, remove eventually registered sessions */
+$start = microtime();
 $timing= array();
 require_once ("../include/php_setup.inc");
 require_once ("functions.inc");
@@ -32,9 +33,22 @@ $domain = 'messages';
 bindtextdomain($domain, "$BASE_DIR/locale");
 textdomain($domain);
 
+/* Set cookie lifetime to one day (The parameter is in seconds ) */
+session_set_cookie_params(24*60*60);
+
+/* Set cache limter to one day (parameter is minutes !!)*/
+session_cache_expire(60*24);  // default is 180
+
+/* Set session max lifetime, to prevent the garbage collector to delete session before timeout.
+    !! The garbage collector is a cron job on debian systems, the cronjob will fetch the timeout from 
+    the php.ini, so if you use debian, you must hardcode session.gc_maxlifetime in your php.ini */
+ini_set("session.gc_maxlifetime",24*60*60);
+
 /* Remember everything we did after the last click */
-session_set_cookie_params(2*60*60);
 session_start ();
+
+$_SESSION['limit_exceeded'] =FALSE;
+
 if ($_SERVER["REQUEST_METHOD"] == "POST"){
   @DEBUG (DEBUG_POST, __LINE__, __FUNCTION__, __FILE__, $_POST, "_POST");
 }
@@ -42,13 +56,15 @@ if ($_SERVER["REQUEST_METHOD"] == "POST"){
 
 /* Logged in? Simple security check */
 if (!isset($_SESSION['config'])){
-  gosa_log ("main.php called without session");
-  header ("Location: index.php");
+  gosa_log ("main.php called without session - logging out");
+  header ("Location: logout.php");
   exit;
 } 
 
 /* Reset errors */
-$_SESSION['errors']= "";
+$_SESSION['errors']             = "";
+$_SESSION['errorsAlreadyPosted']= array();
+$_SESSION['LastError']          = "";
 
 /* Check for uniqe ip address */
 $ui= $_SESSION["ui"];
@@ -59,6 +75,35 @@ if ($_SERVER['REMOTE_ADDR'] != $ui->ip){
 }
 $config= $_SESSION['config'];
 
+
+/* Check for invalid sessions */
+if(empty($_SESSION['_LAST_PAGE_REQUEST'])){
+  $_SESSION['_LAST_PAGE_REQUEST']= time();
+}else{
+
+  /* check GOsa.conf for defined session lifetime */
+  if(isset($config->data['MAIN']['SESSION_LIFETIME'])){
+    $max_life = $config->data['MAIN']['SESSION_LIFETIME'];
+  }else{
+    $max_life = 60*60*2;
+  }
+
+  /* get time difference between last page reload */
+  $request_time = (time()-$_SESSION['_LAST_PAGE_REQUEST']);
+
+  /* If page wasn't reloaded for more than max_life seconds 
+   * kill session
+   */
+  if($request_time > $max_life){
+    session_unset();
+    gosa_log ("main.php called without session - logging out");
+    header ("Location: logout.php");
+    exit;
+  }
+  $_SESSION['_LAST_PAGE_REQUEST'] = time();
+}
+
+
 @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
 
 /* Set template compile directory */
@@ -77,20 +122,13 @@ if((!isset($_SESSION['Last_init_lang']))){
   $_SESSION['Last_init_lang'] = get_browser_language();
 }
 
-/* Language setup */
-if ($config->data['MAIN']['LANG'] == ""){
-  
-  /* If last language != current force navi reload */
-  if($_SESSION['Last_init_lang'] != get_browser_language()){
-    $reload_navigation = true;
-  }
-  $lang= get_browser_language();
-  $_SESSION['Last_init_lang'] = $lang;
-} else {
-  $lang= $config->data['MAIN']['LANG'];
+/* If last language != current force navi reload */
+if($_SESSION['Last_init_lang'] != get_browser_language()){
+  $reload_navigation = true;
 }
+$lang= get_browser_language();
+$_SESSION['Last_init_lang'] = $lang;
 
-$lang.=".UTF-8";
 putenv("LANGUAGE=");
 putenv("LANG=$lang");
 setlocale(LC_ALL, $lang);
@@ -103,6 +141,11 @@ bindtextdomain($domain, "$BASE_DIR/locale");
 textdomain($domain);
 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to");
 
+/* Preset current main base */
+if(!isset($_SESSION['CurrentMainBase'])){
+  $_SESSION['CurrentMainBase']= get_base_from_people($ui->dn);
+}
+
 /* Prepare plugin list */
 if (!isset($_SESSION['plist'])){
   $_SESSION['plist']= new pluglist($config, $ui);
@@ -111,8 +154,7 @@ $plist= $_SESSION['plist'];
 
 /* Check for register globals */
 if (isset($global_check) && $config->data['MAIN']['FORCEGLOBALS'] == 'true'){
-  print_red (_("Register globals is on. GOsa will refuse to login unless this is fixed by an administrator."));
-  echo $_SESSION['errors'];
+  echo _("FATAL: Register globals is on. GOsa will refuse to login unless this is fixed by an administrator.");
   gosa_log ("Register globals is on. For security reasons, this should be turned off.");
   session_destroy ();
   exit ();
@@ -124,8 +166,22 @@ if (isset($_SESSION['plugin_dir'])){
 } else {
   $old_plugin_dir= "";
 }
+
+/* reload navigation if language changed*/  
+if($reload_navigation){
+  $plist->menu="";;
+}
+$plist->gen_headlines();
+$plist->gen_menu();
+
+
 if (isset($_GET['plug'])){
   $plug= validate($_GET['plug']);
+
+  if(!in_array_ics($plug,$plist->allowed_plug_ids)){
+    $plug = key($plist->allowed_plug_ids);
+  }
+
   $plugin_dir= $plist->get_path($plug);
   $_SESSION['plugin_dir']= $plugin_dir;
   if ($plugin_dir == ""){
@@ -194,23 +250,14 @@ if ($_SERVER["REQUEST_METHOD"] == "POST"){
 /* Load department list when plugin has changed. That is some kind of
    compromise between speed and beeing up to date */
 if (isset($_GET['reset'])){
-  $config->departments= get_departments();
-  $config->make_idepartments ();
   if (isset($_SESSION['objectinfo'])){
     unset ($_SESSION['objectinfo']);
   }
 }
 
-/* Install eGOsa hooks, convert _POST to _SESSION['POST'] */
-if(isset($_GET['explorer'])){
-  $_SESSION{'eGosa'}=1;
-}
-if(isset($_SESSION['POST'])){
-  $_SERVER["REQUEST_METHOD"] = "POST";
-  foreach ($_SESSION['POST'] as $key => $dummy){
-    $_POST[$key]=$_SESSION['POST'][$key];
-  }
-  unset($_SESSION['POST']);
+/* Place IE workaround */
+if (isset($config->data['MAIN']['IE_PNG_WORKAROUND']) && preg_match("/true/i",$config->data['MAIN']['IE_PNG_WORKAROUND'])){
+  $smarty->assign('ieworkaround', 1);
 }
 
 /* show web frontend */
@@ -223,7 +270,7 @@ if (isset($plug)){
 }
 if ($_SESSION['js']==FALSE){
   $smarty->assign("javascript", "false");
-  $smarty->assign("help_method", "href='helpviewer.php$plug' target='_new'");
+  $smarty->assign("help_method", "href='helpviewer.php$plug' target='_blank'");
 } else {
   $smarty->assign("javascript", "true");
   $smarty->assign("help_method"," onclick=\"return popup('helpviewer.php$plug','GOsa help');\"");
@@ -239,17 +286,11 @@ $smarty->assign ("go_corner", get_template_path('images/go_corner.png'));
 $smarty->assign ("go_left", get_template_path('images/go_left.png'));
 $smarty->assign ("go_help", get_template_path('images/help.png'));
 
-/* reload navigation if language changed*/  
-if($reload_navigation){
-  $plist->menu="";;
-}
-$plist->gen_menu();
 $smarty->assign ("menu", $plist->menu);
 $smarty->assign ("plug", "$plug");
 
 $header= "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
 
-
 /* React on clicks */
 if ($_SERVER["REQUEST_METHOD"] == "POST"){
 
@@ -257,6 +298,14 @@ if ($_SERVER["REQUEST_METHOD"] == "POST"){
      lock at this point globally. Plugins do not need to remove it. */
   if (isset($_POST['delete_lock']) && isset($_SESSION['dn'])){
     del_lock ($_SESSION['dn']);
+
+    /* Set old Post data */
+    if(isset($_SESSION['LOCK_VARS_USED'])){
+      foreach($_SESSION['LOCK_VARS_USED'] as $name => $value){
+        $_GET[$name]  = $value;
+        $_POST[$name] = $value;
+      } 
+    }
     sess_del ('dn');
   }
 
@@ -283,47 +332,87 @@ if (isset ($_SESSION['post_cnt'])){
 if (is_file("$plugin_dir/main.inc")){
   require_once ("$plugin_dir/main.inc");
 } else {
-  print_red(sprintf(_("Can't find any plugin definitions for plugin '%s'!"), $plug));
-  echo $_SESSION['errors'];
+  echo sprintf(_("FATAL: Can't find any plugin definitions for plugin '%s'!"), $plug);
   exit();
 }
 
 /* Close div/tables */
+
+  /* check if we are using account expiration */
+
+  if((isset($config->data['MAIN']['ACCOUNT_EXPIRATION'])) &&
+      preg_match('/true/i', $config->data['MAIN']['ACCOUNT_EXPIRATION'])){
+    
+      $expired= ldap_expired_account($config, $ui->dn, $ui->username);
+
+      if ($expired == 2){
+        gosa_log ("password for user \"$ui->username\" is about to expire");
+        print_red(_("Your password is about to expire, please change your password"));
+      }
+  }
+  
+/* Print_out last ErrorMessage repeated string. */
+print_red(NULL);
+
 $smarty->assign("contents", $display);
+
 if (isset($_SESSION['errors'])){
   $smarty->assign("errors", $_SESSION['errors']);
 }
+
 if ($error_collector != ""){
-  $smarty->assign("php_errors", $error_collector."</div>");
+  $smarty->assign("php_errors", preg_replace("/%BUGBODY%/",$error_collector_mailto,$error_collector)."</div>");
 } else {
   $smarty->assign("php_errors", "");
 }
-$display= $header.$smarty->fetch(get_template_path('framework.tpl'));
 
-/* For development, perform a W3C conformance check if specified in gosa.conf */
-if (isset($config->data['MAIN']['W3CTEST']) && preg_match('/true/i', $config->data['MAIN']['W3CTEST'])) {
+/* Set focus to the error button if we've an error message */
+$focus= "";
+if (isset($_SESSION['errors']) && $_SESSION['errors'] != ""){
+  $focus= '<script language="JavaScript" type="text/javascript">';
+  $focus.= 'document.forms[0].error_accept.focus();';
+  $focus.= '</script>';
+}
+$smarty->assign("focus", $focus);
 
-  /* Use PHP tidy for debugging */
-  $tidy = new tidy();
-  $config = array('indent' => TRUE,
-               'output-xhtml' => TRUE,
-               'wrap' => 200);
-  $display = tidy_parse_string($display, $config, 'UTF8');
-  tidy_clean_repair($display);
-  $cnt =  (tidy_error_count($display))+(tidy_warning_count($display));
-  if($cnt != 0){
-    echo "<table summary=\"\" width=\"100%\" style='background-color:#E0E0E0;border-bottom:1px solid black'><tr><td><img alt=\"W3C\" align=\"middle\" src='images/warning.png'>&nbsp;<font style='font-size:14px;font-weight:bold'>"._("Generating this page caused the W3C conformance checker to raise some errors!")."</font></td><td align=right><button onClick='toggle(\"w3cbox\")'>"._("Toggle information")."</button></td></tr></table><div id='w3cbox' style='width:100%; position:absolute; z-index:0; visibility: hidden; background-color:white; border-bottom:1px solid black;'>";
+$display= $header.$smarty->fetch(get_template_path('framework.tpl'));
 
-    echo nl2br(htmlentities($display->errorBuffer))."</div>";
+if ((isset($config->data['MAIN']['W3CTEST']) && preg_match('/true/i', $config->data['MAIN']['W3CTEST']))&&(!empty($display))&&(is_callable("tidy_parse_string"))) {
+  tidy_parse_string(utf8_decode($display));
+  $err = nl2br(htmlentities(tidy_get_error_buffer()));
+  
+  if($err){
+    echo "<table summary=\"\" width=\"100%\" style='background-color:#E0E0E0;border-bottom:1px solid black'><tr><td><img alt=\"W3C\"            align=\"middle\" src='images/warning.png'>&nbsp;<font style='font-size:14px;font-weight:bold'>"._("Generating this page caused the W3C          conformance checker to raise some errors!")."</font></td><td align=right><button onClick='toggle(\"w3cbox\")'>"._("Toggle information")."</     button></td></tr></table><div id='w3cbox' style='width:100%; position:absolute; z-index:0; visibility: hidden; background-color:white; border-  bottom:1px solid black;'>";
+    echo $err."</div>";
   }
+
   tidy_clean_repair($display);
 }
 
 /* Show page... */
 echo $display;
 
-/* Save plist */
+/* Save plist and config */
 $_SESSION['plist']= $plist;
+$_SESSION['config']= $config;
+
 
+/* Echo compilation time * /
+$r = split(" ",$start);
+$ms = $r[0];
+$s= $r[1];
+
+$re = split(" ",microtime());
+$mse = $re[0];
+$se= $re[1];
+
+$add = 0;
+if(($mse -$ms)<0){
+  $se --;
+  $add = 1;
+}
+echo ($se -$s).",";
+echo (int)(($add+($mse -$ms))*1000)." s";
+*/
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
 ?>