/**
 * Kill user session.
 *
 * @return void
 */
function kill_session()
{
    if (isset($_GET['kill']) && $_GET['kill'] !== '' && isset($_GET['username'])) {
        $username = clean_input($_GET['username']);
        $sessionId = clean_input($_GET['kill']);
        // Getting current session id
        $currentSessionId = session_id();
        // Closing current session
        session_write_close();
        // Switch to session to handle
        session_id($sessionId);
        session_start();
        if (isset($_GET['logout_only'])) {
            iMSCP_Authentication::getInstance()->unsetIdentity();
            session_write_close();
            $message = tr('User successfully disconnected.');
        } else {
            iMSCP_Authentication::getInstance()->unsetIdentity();
            session_destroy();
            $message = tr('User session successfully destroyed.');
        }
        // Restore session
        session_id($currentSessionId);
        session_start();
        set_page_message($message, 'success');
        write_log($_SESSION['user_logged'] . ": has disconnected {$username} or destroyed its session", E_USER_NOTICE);
    } elseif (isset($_GET['own'])) {
        set_page_message(tr("You are not allowed to act on your own session."), 'warning');
    }
}
Exemple #2
0
 /**
  * Implements singleton design pattern
  *
  * @return iMSCP_Authentication Provides a fluent interface, returns self
  */
 public static function getInstance()
 {
     if (null === self::$instance) {
         self::$instance = new self();
     }
     return self::$instance;
 }
 /**
  * onAfterAddDomainAlias listener
  *
  * @throws iMSCP_Exception
  * @throws iMSCP_Exception_Database
  * @param iMSCP_Events_Event $event
  * @throws Exception
  */
 public function onAfterAddDomainAlias(iMSCP_Events_Event $event)
 {
     $userIdentity = iMSCP_Authentication::getInstance()->getIdentity();
     if ($userIdentity->admin_type == 'user') {
         $disallowedDomains = (array) $this->getConfigParam('ignored_domains', array());
         $domainAliasNameAscii = $event->getParam('domainAliasName');
         # Only domain aliases which are not listed in the ignored_domains list are auto-approved
         if (!in_array(decode_idna($domainAliasNameAscii), $disallowedDomains)) {
             $username = decode_idna($userIdentity->admin_name);
             $approvalRule = $this->getConfigParam('approval_rule', true);
             $userAccounts = (array) $this->getConfigParam('user_accounts', array());
             if ($approvalRule) {
                 # Only domain aliases added by user accounts which are listed in the user_accounts list are
                 # auto-approved
                 if (!in_array($username, $userAccounts)) {
                     $username = false;
                 }
             } elseif (in_array($username, $userAccounts)) {
                 # Only domain aliases added by user accounts which are not listed in the user_accounts list are
                 # auto-approved
                 $username = false;
             }
             if ($username !== false) {
                 $db = iMSCP_Database::getInstance();
                 try {
                     $db->beginTransaction();
                     $domainAliasId = $event->getParam('domainAliasId');
                     exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE alias_id = ?', array('toadd', $domainAliasId));
                     if (iMSCP_Registry::get('config')->CREATE_DEFAULT_EMAIL_ADDRESSES) {
                         if ($userIdentity->email) {
                             client_mail_add_default_accounts(get_user_domain_id($userIdentity->admin_id), $userIdentity->email, $domainAliasNameAscii, 'alias', $domainAliasId);
                         }
                     }
                     $db->commit();
                     send_request();
                     $domainAliasName = decode_idna($domainAliasNameAscii);
                     $username = decode_idna($username);
                     write_log(sprintf('DomainAutoApproval: The %s domain alias has been auto-approved', $domainAliasName), E_USER_NOTICE);
                     write_log(sprintf('DomainAutoApproval: %s scheduled addition of domain alias: %s', $username, $domainAliasName), E_USER_NOTICE);
                     set_page_message(tr('Domain alias successfully scheduled for addition.'), 'success');
                     redirectTo('domains_manage.php');
                 } catch (iMSCP_Exception $e) {
                     $db->rollBack();
                     throw $e;
                 }
             }
         }
     }
 }
Exemple #4
0
 /**
  * Delete an Ftp user account
  *
  * @return void
  */
 public function deleteFtpUserAction()
 {
     $request = $this->_request();
     $ftpUserId = intval($request->getParam('ftpUserId', null));
     // We want deal with an FTP user entity so we must first get the entity manager instance
     try {
         // Getting current user identify
         $user = iMSCP_Authentication::getInstance()->getIdentity();
         // Entity manager instance
         $em = iMSCP_Api_EntityManager::getInstance();
         // We want delete an FTP user so we retrieve it from the datastore by using our API
         $ftpUser = $em->findBy(array('id' => $ftpUserId, 'owner_id' => $user->id));
         if (!$ftpUser) {
             // Ftp account not found - Probably a wrong request...
             setPageMessage(tr('Unable to found Ftp user with Id %s', $ftpUserId), 'error');
             iMSCP_Registry::get('Log')->warn(sprintf('%s tried to deleted an inexistent Ftp account', $user->username));
         } else {
             // Here, we get the API proxy instance and will call the method ftp() on it that return an ftp dispatcheableAction
             // object (ftp) on which we dispatch the deleteFtpUser action over all declared servers that manage the Ftp service.
             $response = iMSCP_Registry::get('api')->ftp->deleteFtpUser($ftpUser);
             // TIMEOUT for response can be customized here
             ############################################
             // Alternate way for the code line above is:
             $ftpApi = new iMSCP_Api_Modules_Ftp_Api();
             $response = $ftpApi->deleteFtpUser($ftpUser);
             ############################################
             if ($response->isSuccess()) {
                 setPageMessage(tr('Ftp account successfully deleted'), 'success');
                 iMSCP_Registry::get('Log')->info(sprintf('%s deleted Ftp account with id %s', $user->username, $ftpUserId));
             } else {
                 setPageMessage(tr('Ftp account deletion failed.'));
                 iMSCP_Registry::get('Log')->error(sprintf('%s was unable to delete Ftp account with id %s', $user->username, $ftpUserId));
             }
         }
     } catch (Exception $e) {
         setPageMessage(tr('Ftp account creation failed.'));
         iMSCP_Registry::get('Log')->error($e->toString);
     }
     $this->_redirect('ftp/list');
 }
 /**
  * onAfterAddDomainAlias listener
  *
  * @throws iMSCP_Exception
  * @throws iMSCP_Exception_Database
  * @param iMSCP_Events_Event $event
  * @throws Exception
  * @return void
  */
 public function onAfterAddDomainAlias(iMSCP_Events_Event $event)
 {
     $userIdentity = iMSCP_Authentication::getInstance()->getIdentity();
     // 1. Do not act if the logged-in user is not the real client (due to changes in i-MSCP v1.2.12)
     // 2. Do not act if the event has been triggered from reseller interface
     if (isset($_SESSION['logged_from_type']) || $userIdentity->admin_type == 'reseller') {
         return;
     }
     $disallowedDomains = (array) $this->getConfigParam('ignored_domains', array());
     $domainAliasNameAscii = $event->getParam('domainAliasName');
     if (in_array(decode_idna($domainAliasNameAscii), $disallowedDomains)) {
         return;
         # Only domain aliases which are not listed in the ignored_domains list are auto-approved
     }
     $username = decode_idna($userIdentity->admin_name);
     $approvalRule = $this->getConfigParam('approval_rule', true);
     $userAccounts = (array) $this->getConfigParam('user_accounts', array());
     # 1. Only domain aliases added by user which are listed in the 'user_accounts' list are auto-approved
     # 2. Only domain aliases added by user which are not listed in the 'user_accounts' list are auto-approved
     if ($approvalRule && !in_array($username, $userAccounts) || in_array($username, $userAccounts)) {
         return;
     }
     $db = iMSCP_Database::getInstance();
     try {
         $db->beginTransaction();
         $domainAliasId = $event->getParam('domainAliasId');
         exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE alias_id = ?', array('toadd', $domainAliasId));
         $config = iMSCP_Registry::get('config');
         if ($config['CREATE_DEFAULT_EMAIL_ADDRESSES'] && $userIdentity->email !== '') {
             client_mail_add_default_accounts(get_user_domain_id($userIdentity->admin_id), $userIdentity->email, $domainAliasNameAscii, 'alias', $domainAliasId);
         }
         $db->commit();
         send_request();
         write_log(sprintf('DomainAutoApproval plugin: The `%s` domain alias has been auto-approved', decode_idna($domainAliasNameAscii)), E_USER_NOTICE);
         set_page_message(tr('Domain alias auto-approved.'), 'success');
     } catch (iMSCP_Exception $e) {
         $db->rollBack();
         throw $e;
     }
 }
Exemple #6
0
/**
 * Redirects to user ui level
 *
 * @throws iMSCP_Exception in case ui level is unknow
 * @param string $actionScript Action script on which user should be redirected
 * @return void
 */
function redirectToUiLevel($actionScript = 'index.php')
{
    $auth = iMSCP_Authentication::getInstance();
    if ($auth->hasIdentity()) {
        $userType = $auth->getIdentity()->admin_type;
        switch ($userType) {
            case 'user':
            case 'admin':
            case 'reseller':
                // Prevents display of any old message when switching to another user level
                Zend_Session::namespaceUnset('pageMessages');
                redirectTo('/' . ($userType == 'user' ? 'client' : $userType . '/' . $actionScript));
                exit;
            default:
                throw new iMSCP_Exception('Unknown UI level');
        }
    }
}
Exemple #7
0
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 */
// Include core library
require 'imscp-lib.php';
$eventManager = iMSCP_Events_Aggregator::getInstance();
$eventManager->dispatch(iMSCP_Events::onLoginScriptStart);
if (isset($_REQUEST['action'])) {
    init_login($eventManager);
    $auth = iMSCP_Authentication::getInstance();
    switch ($_REQUEST['action']) {
        case 'logout':
            if ($auth->hasIdentity()) {
                $adminName = $auth->getIdentity()->admin_name;
                $auth->unsetIdentity();
                set_page_message(tr('You have been successfully logged out.'), 'success');
                write_log(sprintf("%s logged out", decode_idna($adminName)), E_USER_NOTICE);
            }
            break;
        case 'login':
            $authResult = $auth->authenticate();
            if ($authResult->isValid()) {
                write_log(sprintf("%s logged in", $authResult->getIdentity()->admin_name), E_USER_NOTICE);
            } elseif ($messages = $authResult->getMessages()) {
                $messages = format_message($messages);