public function start()
{
$authenticator = new Auth();
if ($authenticator->auth()) {
$this->startDownload();
}
}
public function start()
{
global $projectTmpDir, $php_errormsg;
$authenticator = new Auth();
if ($authenticator->auth()) {
ob_start();
if (!empty($_GET['a'])) {
$action = $_GET['a'];
$interval = empty($_GET['delay']) ? 5 : (int) $_GET['delay'];
$fileScanner = new FileList();
$fileScanner->setInterval($interval);
if ($action === 'cleanUp') {
$this->removeTempFiles();
print json_encode(array('type' => 'cleanUp', 'status' => 'ok', 'phpError' => $php_errormsg));
} else {
if ($action === 'getFileList') {
echo $fileScanner->performScanning();
} else {
if ($action === 'getSignatureScanResult') {
$this->detector = new MalwareDetector();
$this->detector->setRequestDelay($interval);
print $this->detector->malwareScanRound();
} else {
if ($action === 'getWebsiteLog') {
//REPORTING
$xmlLog = $this->getXMLReport();
$logFilename = $projectTmpDir . '/scan_log.xml';
file_put_contents2($logFilename, $xmlLog);
print json_encode(array('type' => 'getWebsiteLog', 'status' => 'ok', 'phpError' => $php_errormsg));
}
}
}
}
} else {
//GENERATE INTERFACE
$fileScanner = new FileList();
define('PS_ARCHIVE_DOWNLOAD_URL', $_SERVER['PHP_SELF'] . '?controller=download&f=report');
$this->templateOutput($fileScanner->getInterval());
}
}
}
<?php
include "admin_header.php";
$auth = new Auth("se");
$auth->auth("admin", 3, "admin_login.php", $_SERVER['PHP_SELF']);
?>
<h2>Administration</h2>
<form method="post" action="admin_users_action.php">
<h4>Användarnamn/email</h4>
<input type="text" name="username">
<br/>
<h4>Lösenord</h4>
<input name="password" type="password"><br/>
<h4>Upprepa lösenord</h4>
<input name="password2" type="password"><br/>
<h4>Adminlevel </h4>
<select name="admin_level">
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
</select> (1: lägst, 2: mellan, 3:huvudadmin)
<br><br>
public function start()
{
$authenticator = new Auth();
if ($authenticator->auth()) {
$this->startExecutor();
}
}
public static function login()
{
$_SESSION['Auth'] = true;
self::$auth = true;
RouterLite::executeActionName("MainController", "action_index");
}
public function __construct(&$DB, &$SESSION)
{
self::$auth = $this;
$this->DB =& $DB;
$this->SESSION =& $SESSION;
$this->SYSLOG = SYSLOG::getInstance();
//$this->_revision = preg_replace('/^.Revision: ([0-9.]+).*/', '\1', $this->_revision);
$this->_revision = '';
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$this->ip = str_replace('::ffff:', '', $ip);
if (isset($_GET['override'])) {
$loginform = $_GET['loginform'];
} elseif (isset($_POST['loginform'])) {
$loginform = $_POST['loginform'];
}
$this->SESSION->restore('session_login', $this->login);
if ($this->login) {
$this->islogged = TRUE;
} elseif (isset($loginform)) {
$this->login = $loginform['login'];
$this->passwd = $loginform['pwd'];
writesyslog('Login attempt by ' . $this->login, LOG_INFO);
} elseif ($this->DB->GetOne('SELECT COUNT(id) FROM users') == 0) {
$this->islogged = TRUE;
$this->nousers = TRUE;
$_GET['m'] = 'useradd';
return TRUE;
}
if ($this->islogged || $this->login && $this->VerifyUser()) {
$this->SESSION->restore('session_passwdrequiredchange', $this->passwdrequiredchange);
if (empty($this->last)) {
$this->SESSION->restore('session_last', $this->last);
$this->SESSION->restore('session_lastip', $this->lastip);
}
$this->logname = $this->logname ? $this->logname : $this->SESSION->get('session_logname');
$this->id = $this->id ? $this->id : $this->SESSION->get('session_id');
if (isset($loginform)) {
$this->DB->Execute('UPDATE users SET lastlogindate=?, lastloginip=? WHERE id=?', array(time(), $this->ip, $this->id));
writesyslog('User ' . $this->login . ' logged in.', LOG_INFO);
if ($this->SYSLOG) {
$this->SYSLOG->NewTransaction('auth', $this->id);
$this->SYSLOG->AddMessage(SYSLOG::RES_USER, SYSLOG::OPER_USERLOGIN, array(SYSLOG::RES_USER => $this->id, 'ip' => $this->ip, 'useragent' => $_SERVER['HTTP_USER_AGENT']));
}
}
$this->SESSION->save('session_id', $this->id);
$this->SESSION->save('session_login', $this->login);
$this->SESSION->restore_user_settings();
$this->SESSION->save('session_logname', $this->logname);
$this->SESSION->save('session_last', $this->last);
$this->SESSION->save('session_lastip', $this->lastip);
} else {
if (isset($loginform)) {
if ($this->id) {
if (!$this->hostverified) {
writesyslog('Bad host (' . $this->ip . ') for ' . $this->login, LOG_WARNING);
}
if (!$this->passverified) {
writesyslog('Bad password for ' . $this->login, LOG_WARNING);
}
$this->DB->Execute('UPDATE users SET failedlogindate=?, failedloginip=? WHERE id = ?', array(time(), $this->ip, $this->id));
if ($this->SYSLOG) {
$this->SYSLOG->NewTransaction('auth', $this->id);
$this->SYSLOG->AddMessage(SYSLOG::RES_USER, SYSLOG::OPER_USERLOGFAIL, array(SYSLOG::RES_USER => $this->id, 'ip' => $this->ip, 'useragent' => $_SERVER['HTTP_USER_AGENT']));
}
} else {
writesyslog('Unknown login ' . $this->login . ' from ' . $this->ip, LOG_WARNING);
}
}
if (!$this->error) {
$this->error = trans('Please login.');
}
$this->LogOut();
}
}
