X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=html%2Fmain.php;h=5a7261cb9e7ee7516d8b95e3dcffdacc649b0982;hb=e1dbbb4a55cb759059cdd8b0f83a5ca0428b7d2a;hp=dd02c0f7a215657231d1df21072c5ebc691872ac;hpb=e0e3672f3ddfdc74b5c4131133f9eef5b7bd2dbb;p=gosa.git diff --git a/html/main.php b/html/main.php index dd02c0f7a..5a7261cb9 100644 --- a/html/main.php +++ b/html/main.php @@ -18,11 +18,15 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* Basic setup, remove eventually registered sessions */ +/* Save start time */ $start = microtime(); -$timing= array(); + +/* Basic setup, remove eventually registered sessions */ require_once ("../include/php_setup.inc"); require_once ("functions.inc"); +require_once ("functions_FAI.inc"); + +/* Set header */ header("Content-type: text/html; charset=UTF-8"); /* Find all class files and include them */ @@ -33,12 +37,21 @@ $domain = 'messages'; bindtextdomain($domain, "$BASE_DIR/locale"); textdomain($domain); -/* Set cookie lifetime to one day */ +/* Set cookie lifetime to one day (The parameter is in seconds ) */ session_set_cookie_params(24*60*60); +/* Set cache limter to one day (parameter is minutes !!)*/ +session_cache_expire(60*24); // default is 180 + +/* Set session max lifetime, to prevent the garbage collector to delete session before timeout. + !! The garbage collector is a cron job on debian systems, the cronjob will fetch the timeout from + the php.ini, so if you use debian, you must hardcode session.gc_maxlifetime in your php.ini */ +ini_set("session.gc_maxlifetime",24*60*60); + /* Remember everything we did after the last click */ session_start (); +$_SESSION['limit_exceeded'] =FALSE; if ($_SERVER["REQUEST_METHOD"] == "POST"){ @DEBUG (DEBUG_POST, __LINE__, __FUNCTION__, __FILE__, $_POST, "_POST"); @@ -47,24 +60,25 @@ if ($_SERVER["REQUEST_METHOD"] == "POST"){ /* Logged in? Simple security check */ if (!isset($_SESSION['config'])){ - gosa_log ("main.php called without session - logging out"); + new log("security","login","",array(),"main.php called without session - logging out") ; header ("Location: logout.php"); exit; } /* Reset errors */ -$_SESSION['errors']= ""; +$_SESSION['errors'] = ""; +$_SESSION['errorsAlreadyPosted']= array(); +$_SESSION['LastError'] = ""; /* Check for uniqe ip address */ $ui= $_SESSION["ui"]; if ($_SERVER['REMOTE_ADDR'] != $ui->ip){ - gosa_log ("main.php called with session which has a changed IP address.", 3); + new log("security","login","",array(),"main.php called with session which has a changed IP address.") ; header ("Location: logout.php"); exit; } $config= $_SESSION['config']; - /* Check for invalid sessions */ if(empty($_SESSION['_LAST_PAGE_REQUEST'])){ $_SESSION['_LAST_PAGE_REQUEST']= time(); @@ -85,11 +99,10 @@ if(empty($_SESSION['_LAST_PAGE_REQUEST'])){ */ if($request_time > $max_life){ session_unset(); - gosa_log ("main.php called without session - logging out"); + new log("security","login","",array(),"main.php called without session - logging out") ; header ("Location: logout.php"); exit; } -// echo "Session was ".$request_time." s inactive"; $_SESSION['_LAST_PAGE_REQUEST'] = time(); } @@ -125,7 +138,11 @@ if ($config->data['MAIN']['LANG'] == ""){ $lang= $config->data['MAIN']['LANG']; } -$lang.=".UTF-8"; +/* Preset current main base */ +if(!isset($_SESSION['CurrentMainBase'])){ + $_SESSION['CurrentMainBase']= get_base_from_people($ui->dn); +} + putenv("LANGUAGE="); putenv("LANG=$lang"); setlocale(LC_ALL, $lang); @@ -141,14 +158,18 @@ textdomain($domain); /* Prepare plugin list */ if (!isset($_SESSION['plist'])){ $_SESSION['plist']= new pluglist($config, $ui); + + /* Load ocMapping into userinfo */ + $tmp= new acl($config, NULL, $ui->dn); + $ui->ocMapping= $tmp->ocMapping; + $_SESSION['ui']= $ui; } $plist= $_SESSION['plist']; /* Check for register globals */ if (isset($global_check) && $config->data['MAIN']['FORCEGLOBALS'] == 'true'){ - print_red (_("Register globals is on. GOsa will refuse to login unless this is fixed by an administrator.")); - echo $_SESSION['errors']; - gosa_log ("Register globals is on. For security reasons, this should be turned off."); + echo _("FATAL: Register globals is on. GOsa will refuse to login unless this is fixed by an administrator."); + new log("security","login","",array(),"Register globals is on. For security reasons, this should be turned off.") ; session_destroy (); exit (); } @@ -164,7 +185,7 @@ if (isset($_GET['plug'])){ $plugin_dir= $plist->get_path($plug); $_SESSION['plugin_dir']= $plugin_dir; if ($plugin_dir == ""){ - gosa_log ("main.php called with invalid plug parameter \"$plug\"", 3); + new log("security","gosa","",array(),"main.php called with invalid plug parameter \"$plug\"") ; header ("Location: logout.php"); exit; } @@ -229,11 +250,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST"){ /* Load department list when plugin has changed. That is some kind of compromise between speed and beeing up to date */ if (isset($_GET['reset'])){ - if (!isset($_SESSION['cached_departments'])){ - $_SESSION['cached_departments']= get_departments(); - } - $config->departments= $_SESSION['cached_departments']; - $config->make_idepartments (); if (isset($_SESSION['objectinfo'])){ unset ($_SESSION['objectinfo']); } @@ -288,7 +304,6 @@ $smarty->assign ("plug", "$plug"); $header= "".$smarty->fetch(get_template_path('headers.tpl')); - /* React on clicks */ if ($_SERVER["REQUEST_METHOD"] == "POST"){ @@ -296,6 +311,14 @@ if ($_SERVER["REQUEST_METHOD"] == "POST"){ lock at this point globally. Plugins do not need to remove it. */ if (isset($_POST['delete_lock']) && isset($_SESSION['dn'])){ del_lock ($_SESSION['dn']); + + /* Set old Post data */ + if(isset($_SESSION['LOCK_VARS_USED'])){ + foreach($_SESSION['LOCK_VARS_USED'] as $name => $value){ + $_GET[$name] = $value; + $_POST[$name] = $value; + } + } sess_del ('dn'); } @@ -318,61 +341,61 @@ if (isset ($_SESSION['post_cnt'])){ echo "\n"; } +/* check if we are using account expiration */ +if((isset($config->data['MAIN']['ACCOUNT_EXPIRATION'])) && + preg_match('/true/i', $config->data['MAIN']['ACCOUNT_EXPIRATION'])){ + + $expired= ldap_expired_account($config, $ui->dn, $ui->username); + + if ($expired == 2){ + new log("security","gosa","",array(),"password for user \"$ui->username\" is about to expire") ; + print_red(_("Your password is about to expire, please change your password")); + } +} + /* Load plugin */ if (is_file("$plugin_dir/main.inc")){ require_once ("$plugin_dir/main.inc"); } else { - print_red(sprintf(_("Can't find any plugin definitions for plugin '%s'!"), $plug)); - echo $_SESSION['errors']; + echo sprintf(_("FATAL: Can't find any plugin definitions for plugin '%s'!"), $plug); exit(); } -/* Close div/tables */ + +/* Print_out last ErrorMessage repeated string. */ + $smarty->assign("contents", $display); + +/* Assign erros to smarty */ if (isset($_SESSION['errors'])){ $smarty->assign("errors", $_SESSION['errors']); } if ($error_collector != ""){ - $smarty->assign("php_errors", $error_collector.""); + $smarty->assign("php_errors", preg_replace("/%BUGBODY%/",$error_collector_mailto,$error_collector).""); } else { $smarty->assign("php_errors", ""); } -$display= $header.$smarty->fetch(get_template_path('framework.tpl')); -if ((isset($config->data['MAIN']['W3CTEST']) && preg_match('/true/i', $config->data['MAIN']['W3CTEST']))&&(!empty($display))&&(is_callable("tidy_parse_string"))) { - tidy_parse_string(utf8_decode($display)); - $err = nl2br(htmlentities(tidy_get_error_buffer())); - - if($err){ - echo "
\"W3C\" "._("Generating this page caused the W3C conformance checker to raise some errors!")."
"; - } - - tidy_clean_repair($display); +/* Set focus to the error button if we've an error message */ +$focus= ""; +if (isset($_SESSION['errors']) && $_SESSION['errors'] != ""){ + $focus= ''; } +$smarty->assign("focus", $focus); + +$display= $header.$smarty->fetch(get_template_path('framework.tpl')); /* Show page... */ echo $display; -/* Save plist */ +/* Save plist and config */ $_SESSION['plist']= $plist; +$_SESSION['config']= $config; -/* Echo compilation time * / -$r = split(" ",$start); -$ms = $r[0]; -$s= $r[1]; - -$re = split(" ",microtime()); -$mse = $re[0]; -$se= $re[1]; +/* Echo compilation time */ +//echo "

".get_MicroTimeDiff($start,microtime())."

"; -$add = 0; -if(($mse -$ms)<0){ - $se --; - $add = 1; -} -echo ($se -$s).","; -echo (int)(($add+($mse -$ms))*1000)." s"; -*/ // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>