/**
 * Check if custom session timeout has been reached for server $ldapserver.
 * If it has:
 * 	- automatically log out user by calling $ldapserver->unsetLoginDN()
 *	- if $server_id is equal to right frame $server_id, load timeout.php page in the right frame
 *	- return true
 *
 * @param object $ldapserver The LDAPServer object of the server which the user has logged in.
 * @return bool true on success, false on failure.
 */
function session_timed_out($ldapserver)
{
    if (DEBUG_ENABLED) {
        debug_log('session_timed_out(): Entered with (%s)', 1, $ldapserver->server_id);
    }
    # If session hasn't expired yet
    if (isset($_SESSION['activity']['server'][$ldapserver->server_id])) {
        # If $session_timeout not defined, use (session_cache_expire() - 1)
        if (!isset($ldapserver->session_timeout)) {
            $session_timeout = session_cache_expire() - 1;
        } else {
            $session_timeout = $ldapserver->session_timeout;
        }
        # Get the $last_activity and $rightframe_server_id value
        $last_activity = $_SESSION['activity']['server'][$ldapserver->server_id];
        # If diff between current time and last activity greater than $session_timeout, log out user
        if (time() - $last_activity > $session_timeout * 60) {
            if (in_array($ldapserver->auth_type, array('cookie', 'session'))) {
                syslog_notice('Logout for ' . $ldapserver->getLoggedInDN());
                $ldapserver->unsetLoginDN() or pla_error(_('Could not logout.'));
            }
            return true;
        } else {
            return false;
        }
    }
}
Example #2
0
/**
 * Runs procedures attached to a hook.
 *
 * @param hook_name	Name of hook to run.
 * @param args		Array of optional arguments set by
 *			phpldapadmin.  It is normally in a form known
 *			by call_user_func_array() :
 * <pre>[ 'server_id' => 0,
 *   'dn' => 'uid=epoussa,ou=tech,o=corp,o=fr' ]</pre>
 *
 * @return true if all procedures returned true, false otherwise.
 */
function run_hook($hook_name, $args)
{
    global $hooks;
    $debug = 0;
    syslog_debug("Running hook {$hook_name}.");
    if (!array_key_exists($hook_name, $hooks)) {
        syslog_notice("Hook '{$hook_name}' not defined !\n");
        return true;
    }
    unset($rollbacks);
    $rollbacks = array();
    reset($hooks[$hook_name]);
    /** Execution of procedures attached is done using a numeric order
     * since all procedures have been attached to the hook with a
     * numerical weight. */
    while (list($key, $hook) = each($hooks[$hook_name])) {
        array_push($rollbacks, $hook['rollback_function']);
        syslog_debug("Calling " . $hook['hook_function'] . "\n");
        $result = call_user_func_array($hook['hook_function'], $args);
        syslog_notice("Called " . $hook['hook_function'] . "\n");
        /** If a procedure fails, its optional rollback is executed with
         * the same arguments.  After that, all rollbacks from
         * previously executed procedures are executed in the reverse
         * order.  */
        if ($result != true) {
            syslog_debug("Function " . $hook['hook_function'] . " returned {$result}\n");
            while ($rollbacks) {
                $rollback = array_pop($rollbacks);
                if ($rollback != false) {
                    syslog_debug("Executing rollback {$rollback}\n");
                    call_user_func_array($rollback, $args);
                }
            }
            return false;
        }
    }
    return true;
}
Example #3
0
 * For servers whose auth_type is set to 'cookie' or 'session'. Pass me
 * the server_id and I will log out the user (delete the cookie)
 *
 * Variables that come in via common.php
 *  - server_id
 *
 * @package phpLDAPadmin
 */
/**
 */
require './common.php';
if (!$ldapserver->haveAuthInfo()) {
    pla_error(_('No one is logged in to that server.'));
}
if (in_array($ldapserver->auth_type, array('cookie', 'session'))) {
    syslog_notice(sprintf('Logout for %s', $ldapserver->getLoggedInDN()));
    $ldapserver->unsetLoginDN() or pla_error(_('Could not logout.'));
    unset_lastactivity($ldapserver);
    if (isset($_SESSION['cache'][$ldapserver->server_id]['tree'])) {
        unset($_SESSION['cache'][$ldapserver->server_id]['tree']);
    }
    pla_session_close();
} else {
    pla_error(sprintf(_('Unknown auth_type: %s'), htmlspecialchars($ldapserver->auth_type)));
}
include './header.php';
?>

<body>
<script type="text/javascript" language="javascript">
	parent.left_frame.location.reload();
Example #4
0
/**
 * Debug Logging to Syslog
 *
 * The global debug level is turned on in your configuration file by setting:
 * <code>
 *	$config->custom->debug['level'] = 255;
 * </code>
 * together with atleast one output direction (currently file and syslog are supported).
 * <code>
 *	$config->custom->debug['file'] = '/tmp/pla_debug.log';
 *	$config->custom->debug['syslog'] = true;
 * </code>
 *
 * The debug level is turned into binary, then if the message levels bit is on
 * the message will be sent to the debug log. (Thus setting your debug level to 255,
 * all bits on, will results in all messages being printed.)
 *
 * The message level bits are defined here.
 *  0(  1) = Entry/Return results from function calls.
 *  1(  2) = Configuration Processing
 *  2(  4) = Template Processing
 *  3(  8) = Schema Processing
 *  4( 16) = LDAP Server Communication
 *  5( 32) = Tree Processing
 *  7( 64) = Other non generic messages
 * @param string $msg Message to send to syslog
 * @param int $level Log bit number for this message.
 * @see syslog.php
 */
function debug_log($msg, $level = 0)
{
    global $config, $debug_file, $timer;
    # In case we are called before we are fully initialised or if debugging is not set.
    if (!isset($config) || !($config->GetValue('debug', 'file') || $config->GetValue('debug', 'syslog'))) {
        return false;
    }
    $debug_level = $config->GetValue('debug', 'level');
    if (!$debug_level || !($level & $debug_level)) {
        return;
    }
    $caller = basename($_SERVER['PHP_SELF']);
    if (func_num_args() > 2) {
        $args = func_get_args();
        array_shift($args);
        array_shift($args);
        $fargs = array();
        foreach ($args as $key) {
            if (is_array($key) || is_object($key)) {
                array_push($fargs, serialize($key));
            } else {
                array_push($fargs, $key);
            }
        }
        $msg = vsprintf($msg, array_values($fargs));
    }
    if (function_exists('stopwatch')) {
        $timer = stopwatch();
    } else {
        $timer = null;
    }
    $debug_message = sprintf('[%2.3f] %s(%s): %s', $timer, basename($_SERVER['PHP_SELF']), $level, substr($msg, 0, 200));
    if ($debug_file || $config->GetValue('debug', 'file')) {
        if (!$debug_file) {
            $debug_file = fopen($config->GetValue('debug', 'file'), 'a');
        }
        fwrite($debug_file, $debug_message . "\n");
    }
    if ($config->GetValue('debug', 'syslog')) {
        syslog_notice($debug_message);
    }
    return syslog_notice(sprintf('%s(%s): %s', $caller, $level, $msg));
}
Example #5
0
/**
 * Debug Logging
 *
 * The global debug level is turned on in your configuration file by setting:
 * <code>
 *	$config->custom->debug['level'] = 255;
 * </code>
 * together with atleast one output direction (currently file and syslog are supported).
 * <code>
 *	$config->custom->debug['file'] = '/tmp/app_debug.log';
 *	$config->custom->debug['syslog'] = true;
 * </code>
 *
 * The debug level is turned into binary, then if the message levels bit is on
 * the message will be sent to the debug log. (Thus setting your debug level to 255,
 * all bits on, will results in all messages being printed.)
 *
 * The message level bits are defined here.
 *  0(  1) = Entry/Return results from function calls.
 *  1(  2) = Configuration Processing
 *  2(  4) = Template Processing
 *  3(  8) = Schema Processing
 *  4( 16) = LDAP Server Communication
 *  5( 32) = Tree Processing
 *  7( 64) = Other non generic messages
 *  8(128) = Page Processing
 *  9(256) = Hooks Processing
 * @param string Message to send to syslog
 * @param int Log bit number for this message.
 * @see syslog.php
 */
function debug_log($msg, $level, $indent)
{
    static $debug_file;
    # In case we are called before we are fully initialised or if debugging is not set.
    if (!isset($_SESSION[APPCONFIG]) || !($_SESSION[APPCONFIG]->getValue('debug', 'file') || $_SESSION[APPCONFIG]->getValue('debug', 'syslog'))) {
        return;
    }
    $debug_level = $_SESSION[APPCONFIG]->getValue('debug', 'level');
    if (!$debug_level || !($level & $debug_level)) {
        return;
    }
    if ($_SESSION[APPCONFIG]->getValue('debug', 'addr')) {
        if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] == $_SESSION[APPCONFIG]->getValue('debug', 'addr')) {
            $debugaddr = true;
        } elseif ($_SERVER['REMOTE_ADDR'] == $_SESSION[APPCONFIG]->getValue('debug', 'addr')) {
            $debugaddr = true;
        } else {
            $debugaddr = false;
        }
    } else {
        $debugaddr = true;
    }
    if (!$debugaddr) {
        return;
    }
    # If we are limiting debug to a browser, then check that
    $caller = basename($_SERVER['PHP_SELF']);
    $args = func_get_args();
    # Discard our first three arguments.
    array_shift($args);
    array_shift($args);
    array_shift($args);
    # Pull the file/line/method
    if (is_string($args[0]) && preg_match('/.php$/', $args[0])) {
        $file = preg_replace('/.php$/', '', array_shift($args));
        $line = array_shift($args);
        $method = array_shift($args);
    } else {
        $file = 'UNKNOWN';
        $line = 'UNKNOWN';
        $method = 'UNKNOWN';
    }
    # TEMP: New debuglog format
    if (preg_match('/%%/', $msg) && $args[0] != 'NOARGS') {
        $args = array_shift($args);
    }
    $fargs = array();
    foreach ($args as $key) {
        if (is_array($key)) {
            array_push($fargs, serialize($key));
        } elseif (is_object($key)) {
            array_push($fargs, sprintf('OBJECT:%s', get_class($key)));
        } else {
            array_push($fargs, $key);
        }
    }
    if (preg_match('/%%/', $msg)) {
        $msg = preg_replace('/%%/', join('|', $fargs), $msg);
    } else {
        $msg = vsprintf($msg, array_values($fargs));
    }
    if (function_exists('stopwatch')) {
        $timer = stopwatch();
    } else {
        $timer = null;
    }
    $debug_message = sprintf('[%2.3f] %15s(%04s-%03s): %s%s: %s', $timer, basename($file), $line, $level, str_repeat('.', $indent), $method, substr($msg, 0, 200));
    if ($debug_file || $_SESSION[APPCONFIG]->getValue('debug', 'file')) {
        if (!$debug_file) {
            $debug_file = fopen($_SESSION[APPCONFIG]->getValue('debug', 'file'), $_SESSION[APPCONFIG]->getValue('debug', 'append') ? 'a' : 'w');
        }
        fwrite($debug_file, $debug_message . "\n");
    }
    if ($_SESSION[APPCONFIG]->getValue('debug', 'syslog') && function_exists('syslog_notice')) {
        syslog_notice($debug_message);
    }
}
Example #6
0
if (DEBUG_ENABLED) {
    debug_log('Connection returned [%s]', 64, $ds);
}
if (!is_resource($ds)) {
    if ($anon_bind) {
        pla_error(_('Could not bind anonymously to server.'), null, null, true);
    } else {
        pla_error(_('Bad username or password. Please try again.'), null, null, true);
    }
    syslog_notice("Authentification FAILED for {$dn}");
}
$ldapserver->auth_type = $save_auth_type;
$ldapserver->setLoginDN($dn, $pass, $anon_bind) or pla_error(_('Could not set cookie.'));
set_lastactivity($ldapserver);
if (!$anon_bind) {
    syslog_notice("Authentification successful for {$dn}");
}
pla_session_close();
include './header.php';
echo '<body>';
echo '<script type="text/javascript" language="javascript">';
if ($anon_bind && $config->GetValue('appearance', 'anonymous_bind_redirect_no_tree')) {
    printf("parent.location.href='search.php?server_id=%s'", $ldapserver->server_id);
} else {
    echo 'parent.left_frame.location.reload();';
}
echo '</script>';
echo '<center><br /><br /><br />';
printf(_('Successfully logged into server <b>%s</b>') . '<br />', htmlspecialchars($ldapserver->name));
if ($anon_bind) {
    printf('(%s)', _('Anonymous Bind'));