/**
* Check if custom session timeout has been reached for server $ldapserver.
* If it has:
* - automatically log out user by calling $ldapserver->unsetLoginDN()
* - if $server_id is equal to right frame $server_id, load timeout.php page in the right frame
* - return true
*
* @param object $ldapserver The LDAPServer object of the server which the user has logged in.
* @return bool true on success, false on failure.
*/
function session_timed_out($ldapserver)
{
if (DEBUG_ENABLED) {
debug_log('session_timed_out(): Entered with (%s)', 1, $ldapserver->server_id);
}
# If session hasn't expired yet
if (isset($_SESSION['activity']['server'][$ldapserver->server_id])) {
# If $session_timeout not defined, use (session_cache_expire() - 1)
if (!isset($ldapserver->session_timeout)) {
$session_timeout = session_cache_expire() - 1;
} else {
$session_timeout = $ldapserver->session_timeout;
}
# Get the $last_activity and $rightframe_server_id value
$last_activity = $_SESSION['activity']['server'][$ldapserver->server_id];
# If diff between current time and last activity greater than $session_timeout, log out user
if (time() - $last_activity > $session_timeout * 60) {
if (in_array($ldapserver->auth_type, array('cookie', 'session'))) {
syslog_notice('Logout for ' . $ldapserver->getLoggedInDN());
$ldapserver->unsetLoginDN() or pla_error(_('Could not logout.'));
}
return true;
} else {
return false;
}
}
}
/**
* Runs procedures attached to a hook.
*
* @param hook_name Name of hook to run.
* @param args Array of optional arguments set by
* phpldapadmin. It is normally in a form known
* by call_user_func_array() :
* <pre>[ 'server_id' => 0,
* 'dn' => 'uid=epoussa,ou=tech,o=corp,o=fr' ]</pre>
*
* @return true if all procedures returned true, false otherwise.
*/
function run_hook($hook_name, $args)
{
global $hooks;
$debug = 0;
syslog_debug("Running hook {$hook_name}.");
if (!array_key_exists($hook_name, $hooks)) {
syslog_notice("Hook '{$hook_name}' not defined !\n");
return true;
}
unset($rollbacks);
$rollbacks = array();
reset($hooks[$hook_name]);
/** Execution of procedures attached is done using a numeric order
* since all procedures have been attached to the hook with a
* numerical weight. */
while (list($key, $hook) = each($hooks[$hook_name])) {
array_push($rollbacks, $hook['rollback_function']);
syslog_debug("Calling " . $hook['hook_function'] . "\n");
$result = call_user_func_array($hook['hook_function'], $args);
syslog_notice("Called " . $hook['hook_function'] . "\n");
/** If a procedure fails, its optional rollback is executed with
* the same arguments. After that, all rollbacks from
* previously executed procedures are executed in the reverse
* order. */
if ($result != true) {
syslog_debug("Function " . $hook['hook_function'] . " returned {$result}\n");
while ($rollbacks) {
$rollback = array_pop($rollbacks);
if ($rollback != false) {
syslog_debug("Executing rollback {$rollback}\n");
call_user_func_array($rollback, $args);
}
}
return false;
}
}
return true;
}
* For servers whose auth_type is set to 'cookie' or 'session'. Pass me
* the server_id and I will log out the user (delete the cookie)
*
* Variables that come in via common.php
* - server_id
*
* @package phpLDAPadmin
*/
/**
*/
require './common.php';
if (!$ldapserver->haveAuthInfo()) {
pla_error(_('No one is logged in to that server.'));
}
if (in_array($ldapserver->auth_type, array('cookie', 'session'))) {
syslog_notice(sprintf('Logout for %s', $ldapserver->getLoggedInDN()));
$ldapserver->unsetLoginDN() or pla_error(_('Could not logout.'));
unset_lastactivity($ldapserver);
if (isset($_SESSION['cache'][$ldapserver->server_id]['tree'])) {
unset($_SESSION['cache'][$ldapserver->server_id]['tree']);
}
pla_session_close();
} else {
pla_error(sprintf(_('Unknown auth_type: %s'), htmlspecialchars($ldapserver->auth_type)));
}
include './header.php';
?>
<body>
<script type="text/javascript" language="javascript">
parent.left_frame.location.reload();
/**
* Debug Logging to Syslog
*
* The global debug level is turned on in your configuration file by setting:
* <code>
* $config->custom->debug['level'] = 255;
* </code>
* together with atleast one output direction (currently file and syslog are supported).
* <code>
* $config->custom->debug['file'] = '/tmp/pla_debug.log';
* $config->custom->debug['syslog'] = true;
* </code>
*
* The debug level is turned into binary, then if the message levels bit is on
* the message will be sent to the debug log. (Thus setting your debug level to 255,
* all bits on, will results in all messages being printed.)
*
* The message level bits are defined here.
* 0( 1) = Entry/Return results from function calls.
* 1( 2) = Configuration Processing
* 2( 4) = Template Processing
* 3( 8) = Schema Processing
* 4( 16) = LDAP Server Communication
* 5( 32) = Tree Processing
* 7( 64) = Other non generic messages
* @param string $msg Message to send to syslog
* @param int $level Log bit number for this message.
* @see syslog.php
*/
function debug_log($msg, $level = 0)
{
global $config, $debug_file, $timer;
# In case we are called before we are fully initialised or if debugging is not set.
if (!isset($config) || !($config->GetValue('debug', 'file') || $config->GetValue('debug', 'syslog'))) {
return false;
}
$debug_level = $config->GetValue('debug', 'level');
if (!$debug_level || !($level & $debug_level)) {
return;
}
$caller = basename($_SERVER['PHP_SELF']);
if (func_num_args() > 2) {
$args = func_get_args();
array_shift($args);
array_shift($args);
$fargs = array();
foreach ($args as $key) {
if (is_array($key) || is_object($key)) {
array_push($fargs, serialize($key));
} else {
array_push($fargs, $key);
}
}
$msg = vsprintf($msg, array_values($fargs));
}
if (function_exists('stopwatch')) {
$timer = stopwatch();
} else {
$timer = null;
}
$debug_message = sprintf('[%2.3f] %s(%s): %s', $timer, basename($_SERVER['PHP_SELF']), $level, substr($msg, 0, 200));
if ($debug_file || $config->GetValue('debug', 'file')) {
if (!$debug_file) {
$debug_file = fopen($config->GetValue('debug', 'file'), 'a');
}
fwrite($debug_file, $debug_message . "\n");
}
if ($config->GetValue('debug', 'syslog')) {
syslog_notice($debug_message);
}
return syslog_notice(sprintf('%s(%s): %s', $caller, $level, $msg));
}
/**
* Debug Logging
*
* The global debug level is turned on in your configuration file by setting:
* <code>
* $config->custom->debug['level'] = 255;
* </code>
* together with atleast one output direction (currently file and syslog are supported).
* <code>
* $config->custom->debug['file'] = '/tmp/app_debug.log';
* $config->custom->debug['syslog'] = true;
* </code>
*
* The debug level is turned into binary, then if the message levels bit is on
* the message will be sent to the debug log. (Thus setting your debug level to 255,
* all bits on, will results in all messages being printed.)
*
* The message level bits are defined here.
* 0( 1) = Entry/Return results from function calls.
* 1( 2) = Configuration Processing
* 2( 4) = Template Processing
* 3( 8) = Schema Processing
* 4( 16) = LDAP Server Communication
* 5( 32) = Tree Processing
* 7( 64) = Other non generic messages
* 8(128) = Page Processing
* 9(256) = Hooks Processing
* @param string Message to send to syslog
* @param int Log bit number for this message.
* @see syslog.php
*/
function debug_log($msg, $level, $indent)
{
static $debug_file;
# In case we are called before we are fully initialised or if debugging is not set.
if (!isset($_SESSION[APPCONFIG]) || !($_SESSION[APPCONFIG]->getValue('debug', 'file') || $_SESSION[APPCONFIG]->getValue('debug', 'syslog'))) {
return;
}
$debug_level = $_SESSION[APPCONFIG]->getValue('debug', 'level');
if (!$debug_level || !($level & $debug_level)) {
return;
}
if ($_SESSION[APPCONFIG]->getValue('debug', 'addr')) {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] == $_SESSION[APPCONFIG]->getValue('debug', 'addr')) {
$debugaddr = true;
} elseif ($_SERVER['REMOTE_ADDR'] == $_SESSION[APPCONFIG]->getValue('debug', 'addr')) {
$debugaddr = true;
} else {
$debugaddr = false;
}
} else {
$debugaddr = true;
}
if (!$debugaddr) {
return;
}
# If we are limiting debug to a browser, then check that
$caller = basename($_SERVER['PHP_SELF']);
$args = func_get_args();
# Discard our first three arguments.
array_shift($args);
array_shift($args);
array_shift($args);
# Pull the file/line/method
if (is_string($args[0]) && preg_match('/.php$/', $args[0])) {
$file = preg_replace('/.php$/', '', array_shift($args));
$line = array_shift($args);
$method = array_shift($args);
} else {
$file = 'UNKNOWN';
$line = 'UNKNOWN';
$method = 'UNKNOWN';
}
# TEMP: New debuglog format
if (preg_match('/%%/', $msg) && $args[0] != 'NOARGS') {
$args = array_shift($args);
}
$fargs = array();
foreach ($args as $key) {
if (is_array($key)) {
array_push($fargs, serialize($key));
} elseif (is_object($key)) {
array_push($fargs, sprintf('OBJECT:%s', get_class($key)));
} else {
array_push($fargs, $key);
}
}
if (preg_match('/%%/', $msg)) {
$msg = preg_replace('/%%/', join('|', $fargs), $msg);
} else {
$msg = vsprintf($msg, array_values($fargs));
}
if (function_exists('stopwatch')) {
$timer = stopwatch();
} else {
$timer = null;
}
$debug_message = sprintf('[%2.3f] %15s(%04s-%03s): %s%s: %s', $timer, basename($file), $line, $level, str_repeat('.', $indent), $method, substr($msg, 0, 200));
if ($debug_file || $_SESSION[APPCONFIG]->getValue('debug', 'file')) {
if (!$debug_file) {
$debug_file = fopen($_SESSION[APPCONFIG]->getValue('debug', 'file'), $_SESSION[APPCONFIG]->getValue('debug', 'append') ? 'a' : 'w');
}
fwrite($debug_file, $debug_message . "\n");
}
if ($_SESSION[APPCONFIG]->getValue('debug', 'syslog') && function_exists('syslog_notice')) {
syslog_notice($debug_message);
}
}
if (DEBUG_ENABLED) {
debug_log('Connection returned [%s]', 64, $ds);
}
if (!is_resource($ds)) {
if ($anon_bind) {
pla_error(_('Could not bind anonymously to server.'), null, null, true);
} else {
pla_error(_('Bad username or password. Please try again.'), null, null, true);
}
syslog_notice("Authentification FAILED for {$dn}");
}
$ldapserver->auth_type = $save_auth_type;
$ldapserver->setLoginDN($dn, $pass, $anon_bind) or pla_error(_('Could not set cookie.'));
set_lastactivity($ldapserver);
if (!$anon_bind) {
syslog_notice("Authentification successful for {$dn}");
}
pla_session_close();
include './header.php';
echo '<body>';
echo '<script type="text/javascript" language="javascript">';
if ($anon_bind && $config->GetValue('appearance', 'anonymous_bind_redirect_no_tree')) {
printf("parent.location.href='search.php?server_id=%s'", $ldapserver->server_id);
} else {
echo 'parent.left_frame.location.reload();';
}
echo '</script>';
echo '<center><br /><br /><br />';
printf(_('Successfully logged into server <b>%s</b>') . '<br />', htmlspecialchars($ldapserver->name));
if ($anon_bind) {
printf('(%s)', _('Anonymous Bind'));
