/**
* Get an EasySCP_Update_Database instance
*
* @return EasySCP_Update_Database An EasySCP_Update_Database instance
*/
public static function getInstance()
{
if (is_null(self::$_instance)) {
self::$_instance = new self();
}
return self::$_instance;
}
/**
* @param EasySCP_TemplateEngine $tpl
* @return void
*/
function get_update_infos($tpl)
{
$cfg = EasySCP_Registry::get('Config');
if (EasySCP_Update_Database::getInstance()->checkUpdateExists()) {
$tpl->assign(array('DATABASE_UPDATE' => '<a href="easyscp_updates.php" class="link">' . tr('A database update is available') . '</a>', 'DATABASE_MSG_TYPE' => 'info'));
}
if (!$cfg->CHECK_FOR_UPDATES) {
$tpl->assign(array('UPDATE' => tr('Update checking is disabled!'), 'UPDATE_TYPE' => 'info'));
return false;
}
if (EasyUpdate::checkUpdate()) {
$tpl->assign(array('UPDATE' => '<a href="easyscp_updates.php" class="link">' . tr('New EasySCP update is now available') . '</a>', 'UPDATE_TYPE' => 'info'));
} else {
if (EasySCP_Update_Version::getInstance()->getErrorMessage() != "") {
$tpl->assign(array('UPDATE' => EasySCP_Update_Version::getInstance()->getErrorMessage(), 'UPDATE_TYPE' => 'error'));
}
}
}
if (isset($_POST['uname']) && !empty($_POST['uname']) && isset($_POST['upass']) && !empty($_POST['upass'])) {
check_input(trim($_POST['uname']));
check_input(trim($_POST['upass']));
$uname = encode_idna($_POST['uname']);
if (register_user($uname, $_POST['upass'])) {
redirect_to_level_page();
}
user_goto('index.php');
}
if (check_user_login() && !redirect_to_level_page()) {
unset_user_login_data();
}
shall_user_wait();
$theme_color = isset($_SESSION['user_theme']) ? $_SESSION['user_theme'] : $cfg->USER_INITIAL_THEME;
$tpl = EasySCP_TemplateEngine::getInstance();
if (($cfg->MAINTENANCEMODE || EasySCP_Update_Database::getInstance()->checkUpdateExists()) && !isset($_POST['admin'])) {
$template = 'maintenancemode.tpl';
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP a Virtual Hosting Control System'), 'TR_MESSAGE' => nl2br(tohtml($cfg->MAINTENANCEMODE_MESSAGE)), 'TR_ADMINLOGIN' => tr('Administrator login'), 'TR_SSL_LINK' => isset($_SERVER['HTTPS']) ? 'http://' . htmlentities($_SERVER['HTTP_HOST']) : 'https://' . htmlentities($_SERVER['HTTP_HOST']), 'TR_WEBMAIL_SSL_LINK' => "webmail", 'TR_FTP_SSL_LINK' => "ftp", 'TR_PMA_SSL_LINK' => "pma", 'TR_SSL_IMAGE' => isset($_SERVER['HTTPS']) ? 'lock.png' : 'unlock.png', 'TR_SSL_DESCRIPTION' => !isset($_SERVER['HTTPS']) ? tr('Secure Connection') : tr('Normal Connection')));
} else {
$template = 'index.tpl';
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP a Virtual Hosting Control System'), 'TR_LOGIN' => tr('Login'), 'TR_USERNAME' => tr('Username'), 'TR_PASSWORD' => tr('Password'), 'TR_LOGIN_INFO' => tr('Please enter your login information'), 'TR_SSL_LINK' => isset($_SERVER['HTTPS']) ? 'http://' . htmlentities($_SERVER['HTTP_HOST']) : 'https://' . htmlentities($_SERVER['HTTP_HOST']), 'TR_WEBMAIL_SSL_LINK' => "webmail", 'TR_FTP_SSL_LINK' => "ftp", 'TR_PMA_SSL_LINK' => "pma", 'TR_SSL_IMAGE' => isset($_SERVER['HTTPS']) ? 'lock.png' : 'unlock.png', 'TR_SSL_DESCRIPTION' => !isset($_SERVER['HTTPS']) ? tr('Secure Connection') : tr('Normal Connection')));
}
if ($cfg->LOSTPASSWORD) {
$tpl->assign('TR_LOSTPW', tr('Lost password'));
} else {
$tpl->assign('TR_LOSTPW', '');
}
gen_page_message($tpl);
if ($cfg->DUMP_GUI_DEBUG) {
dump_gui_debug($tpl);
}
/**
* @param EasySCP_TemplateEngine $tpl
* @param EasySCP_Update_Database $dbUpdate
* @return void
*/
function get_db_update_infos($tpl, $dbUpdate)
{
if ($dbUpdate->checkUpdateExists()) {
$tpl->assign(array('DB_UPDATE' => tr('New Database update is now available'), 'DB_INFOS' => tr('Do you want to execute the Updates now?')));
} else {
$tpl->assign(array('DB_UPDATE_MESSAGE' => tr('No database updates available'), 'DB_UPDATE_MSG_TYPE' => 'info'));
}
}
/**
* Check user login
*
* @return boolean
*/
function check_user_login()
{
$cfg = EasySCP_Registry::get('Config');
$sess_id = session_id();
// kill timed out sessions
do_session_timeout();
$user_logged = isset($_SESSION['user_logged']) ? $_SESSION['user_logged'] : false;
if (!$user_logged) {
return false;
}
$sql_param = array(':admin_name' => $user_logged, ':admin_pass' => $_SESSION['user_pass'], ':admin_type' => $_SESSION['user_type'], ':admin_id' => $_SESSION['user_id'], ':session_id' => $sess_id);
// verify session data with database
$sql_query = "\n\t\tSELECT\n\t\t\t*\n\t\tFROM\n\t\t\tadmin, login\n\t\tWHERE\n\t\t\tadmin.admin_name = :admin_name\n\t\tAND\n\t\t\tadmin.admin_pass = :admin_pass\n\t\tAND\n\t\t\tadmin.admin_type = :admin_type\n\t\tAND\n\t\t\tadmin.admin_id = :admin_id\n\t\tAND\n\t\t\tlogin.session_id = :session_id;\n\t";
DB::prepare($sql_query);
$rs = DB::execute($sql_param);
if ($rs->rowCount() != 1) {
write_log("Detected session manipulation on " . $user_logged . "'s session!");
unset_user_login_data();
return false;
}
if ((EasySCP_Update_Database::getInstance()->checkUpdateExists() || $cfg->MAINTENANCEMODE) && $_SESSION['user_type'] != 'admin') {
unset_user_login_data();
write_log("System is currently in maintenance mode. Logging out <strong><em>" . $user_logged . "</em></strong>");
user_goto('/index.php');
}
// if user login data correct - update session and lastaccess
$_SESSION['user_login_time'] = time();
$sql_param = array(':lastaccess' => time(), ':session_id' => $sess_id);
$sql_query = "\n\t\tUPDATE\n\t\t\tlogin\n\t\tSET\n\t\t\tlastaccess = :lastaccess\n\t\tWHERE\n\t\t\tsession_id = :session_id\n\t;";
DB::prepare($sql_query);
DB::execute($sql_param);
return true;
}
