X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=html%2Fmain.php;h=3e1363f1a42bbc0f170eae3e8c8bcab118b6f2f4;hb=2cadbceebc3ef4ef66b05c0989c3d389aae76073;hp=7b0f3f61f31dba36f80648d5524a80bb11ac68ba;hpb=990296b6cd6c1b663589de0788f752c677918739;p=gosa.git diff --git a/html/main.php b/html/main.php index 7b0f3f61f..3e1363f1a 100644 --- a/html/main.php +++ b/html/main.php @@ -19,6 +19,7 @@ */ /* Basic setup, remove eventually registered sessions */ +$start = microtime(); $timing= array(); require_once ("../include/php_setup.inc"); require_once ("functions.inc"); @@ -32,9 +33,22 @@ $domain = 'messages'; bindtextdomain($domain, "$BASE_DIR/locale"); textdomain($domain); +/* Set cookie lifetime to one day (The parameter is in seconds ) */ +session_set_cookie_params(24*60*60); + +/* Set cache limter to one day (parameter is minutes !!)*/ +session_cache_expire(60*24); // default is 180 + +/* Set session max lifetime, to prevent the garbage collector to delete session before timeout. + !! The garbage collector is a cron job on debian systems, the cronjob will fetch the timeout from + the php.ini, so if you use debian, you must hardcode session.gc_maxlifetime in your php.ini */ +ini_set("session.gc_maxlifetime",24*60*60); + /* Remember everything we did after the last click */ -session_set_cookie_params(2*60*60); session_start (); + +$_SESSION['limit_exceeded'] =FALSE; + if ($_SERVER["REQUEST_METHOD"] == "POST"){ @DEBUG (DEBUG_POST, __LINE__, __FUNCTION__, __FILE__, $_POST, "_POST"); } @@ -48,7 +62,9 @@ if (!isset($_SESSION['config'])){ } /* Reset errors */ -$_SESSION['errors']= ""; +$_SESSION['errors'] = ""; +$_SESSION['errorsAlreadyPosted']= array(); +$_SESSION['LastError'] = ""; /* Check for uniqe ip address */ $ui= $_SESSION["ui"]; @@ -59,6 +75,35 @@ if ($_SERVER['REMOTE_ADDR'] != $ui->ip){ } $config= $_SESSION['config']; + +/* Check for invalid sessions */ +if(empty($_SESSION['_LAST_PAGE_REQUEST'])){ + $_SESSION['_LAST_PAGE_REQUEST']= time(); +}else{ + + /* check GOsa.conf for defined session lifetime */ + if(isset($config->data['MAIN']['SESSION_LIFETIME'])){ + $max_life = $config->data['MAIN']['SESSION_LIFETIME']; + }else{ + $max_life = 60*60*2; + } + + /* get time difference between last page reload */ + $request_time = (time()-$_SESSION['_LAST_PAGE_REQUEST']); + + /* If page wasn't reloaded for more than max_life seconds + * kill session + */ + if($request_time > $max_life){ + session_unset(); + gosa_log ("main.php called without session - logging out"); + header ("Location: logout.php"); + exit; + } + $_SESSION['_LAST_PAGE_REQUEST'] = time(); +} + + @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config"); /* Set template compile directory */ @@ -90,6 +135,11 @@ if ($config->data['MAIN']['LANG'] == ""){ $lang= $config->data['MAIN']['LANG']; } +/* Preset current main base */ +if(!isset($_SESSION['CurrentMainBase'])){ + $_SESSION['CurrentMainBase']= get_base_from_people($ui->dn); +} + $lang.=".UTF-8"; putenv("LANGUAGE="); putenv("LANG=$lang"); @@ -111,8 +161,7 @@ $plist= $_SESSION['plist']; /* Check for register globals */ if (isset($global_check) && $config->data['MAIN']['FORCEGLOBALS'] == 'true'){ - print_red (_("Register globals is on. GOsa will refuse to login unless this is fixed by an administrator.")); - echo $_SESSION['errors']; + echo _("FATAL: Register globals is on. GOsa will refuse to login unless this is fixed by an administrator."); gosa_log ("Register globals is on. For security reasons, this should be turned off."); session_destroy (); exit (); @@ -194,8 +243,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST"){ /* Load department list when plugin has changed. That is some kind of compromise between speed and beeing up to date */ if (isset($_GET['reset'])){ - $config->departments= get_departments(); - $config->make_idepartments (); if (isset($_SESSION['objectinfo'])){ unset ($_SESSION['objectinfo']); } @@ -250,7 +297,6 @@ $smarty->assign ("plug", "$plug"); $header= "".$smarty->fetch(get_template_path('headers.tpl')); - /* React on clicks */ if ($_SERVER["REQUEST_METHOD"] == "POST"){ @@ -258,6 +304,14 @@ if ($_SERVER["REQUEST_METHOD"] == "POST"){ lock at this point globally. Plugins do not need to remove it. */ if (isset($_POST['delete_lock']) && isset($_SESSION['dn'])){ del_lock ($_SESSION['dn']); + + /* Set old Post data */ + if(isset($_SESSION['LOCK_VARS_USED'])){ + foreach($_SESSION['LOCK_VARS_USED'] as $name => $value){ + $_GET[$name] = $value; + $_POST[$name] = $value; + } + } sess_del ('dn'); } @@ -284,13 +338,30 @@ if (isset ($_SESSION['post_cnt'])){ if (is_file("$plugin_dir/main.inc")){ require_once ("$plugin_dir/main.inc"); } else { - print_red(sprintf(_("Can't find any plugin definitions for plugin '%s'!"), $plug)); - echo $_SESSION['errors']; + echo sprintf(_("FATAL: Can't find any plugin definitions for plugin '%s'!"), $plug); exit(); } /* Close div/tables */ + + /* check if we are using account expiration */ + + if((isset($config->data['MAIN']['ACCOUNT_EXPIRATION'])) && + preg_match('/true/i', $config->data['MAIN']['ACCOUNT_EXPIRATION'])){ + + $expired= ldap_expired_account($config, $ui->dn, $ui->username); + + if ($expired == 2){ + gosa_log ("password for user \"$ui->username\" is about to expire"); + print_red(_("Your password is about to expire, please change your password")); + } + } + +/* Print_out last ErrorMessage repeated string. */ +print_red(NULL); + $smarty->assign("contents", $display); + if (isset($_SESSION['errors'])){ $smarty->assign("errors", $_SESSION['errors']); } @@ -301,44 +372,42 @@ if ($error_collector != ""){ } $display= $header.$smarty->fetch(get_template_path('framework.tpl')); -/*if (isset($config->data['MAIN']['W3CTEST']) && preg_match('/true/i', $config->data['MAIN']['W3CTEST'])) { - $tidy = new tidy(); - $config = array('indent' => TRUE, - 'output-xhtml' => TRUE, - 'wrap' => 200); - $display = tidy_parse_string($display, $config, 'UTF8'); - tidy_clean_repair($display); - $cnt = (tidy_error_count($display))+(tidy_warning_count($display)); - if($cnt != 0){ - echo "
\"W3C\" "._("Generating this page caused the W3C conformance checker to raise some errors!")."
"; - } - tidy_clean_repair($display); -} -*/ - -if ((isset($config->data['MAIN']['W3CTEST']) && preg_match('/true/i', $config->data['MAIN']['W3CTEST']))&&(!empty($display))) { +if ((isset($config->data['MAIN']['W3CTEST']) && preg_match('/true/i', $config->data['MAIN']['W3CTEST']))&&(!empty($display))&&(is_callable("tidy_parse_string"))) { tidy_parse_string(utf8_decode($display)); $err = nl2br(htmlentities(tidy_get_error_buffer())); if($err){ echo "
\"W3C\" "._("Generating this page caused the W3C conformance checker to raise some errors!")."
"; } - echo $err.""; tidy_clean_repair($display); } /* Show page... */ -$f = fopen("/tmp/OgerMonokel.html","w+"); -fwrite($f,$display); -fclose($f); - echo $display; -/* Save plist */ +/* Save plist and config */ $_SESSION['plist']= $plist; +$_SESSION['config']= $config; + +/* Echo compilation time * / +$r = split(" ",$start); +$ms = $r[0]; +$s= $r[1]; + +$re = split(" ",microtime()); +$mse = $re[0]; +$se= $re[1]; + +$add = 0; +if(($mse -$ms)<0){ + $se --; + $add = 1; +} +echo ($se -$s).","; +echo (int)(($add+($mse -$ms))*1000)." s"; +*/ // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>