Esempio n. 1
0
 /**
  * the function "__construct()" automatically starts whenever an object of this class is created,
  * you know, when you do "$auth = new Auth();"
  */
 public function __construct(User $userRepo)
 {
     $this->userRepo = $userRepo;
     // create/read session, absolutely necessary
     $this->session = new SecureSessionHandler('adsr');
     if (!$this->session->isValid(60)) {
         $this->session->forget();
     }
     setupSession($this->session);
     $this->session->start();
 }
Esempio n. 2
0
<?php

require_once "inc/functions.inc.php";
if (!loggedIn()) {
    setupSession();
}
echo "<?xml version=\"1.0\"?>\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php 
echo $PageName;
?>
</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0" style="table-layout:fixed">
    <tr>
        <td nowrap="nowrap" valign="top" align="left">
            <img src="icons/logo_large.png" alt="Logo" />
        </td>
        <td nowrap="nowrap" valign="bottom" align="right">
            <?php 
echo $_SESSION["user"]->loginname . "<br />";
echo "<a href=\"logout.php\">Abmelden</a>";
?>
        </td>
Esempio n. 3
0
function initGlobals()
{
    global $mode, $user, $remoteIP, $authed, $oldmode, $viewmode, $semid;
    global $semislocked, $days, $phpVer, $keys, $pemkey, $AUTHERROR;
    global $passwdArray, $skin, $contdata, $lastmode, $inContinuation;
    global $totalQueries, $ERRORS, $queryTimes, $actions;
    define("SECINDAY", 86400);
    define("SECINWEEK", 604800);
    define("SECINMONTH", 2678400);
    define("SECINYEAR", 31536000);
    $mode = processInputVar("mode", ARG_STRING, 'main');
    $totalQueries = 0;
    $inContinuation = 0;
    $contdata = array();
    $queryTimes = array();
    $contuserid = '';
    $continuation = processInputVar('continuation', ARG_STRING);
    if (!empty($continuation)) {
        # TODO handle AJ errors
        $tmp = getContinuationsData($continuation);
        if (empty($tmp)) {
            abort(11);
        } elseif (array_key_exists('error', $tmp)) {
            $mode = "continuationsError";
            $contdata = $tmp;
        } else {
            $inContinuation = 1;
            $contuserid = $tmp['userid'];
            $lastmode = $tmp['frommode'];
            $mode = $tmp['nextmode'];
            $contdata = $tmp['data'];
        }
    }
    $submitErr = 0;
    $submitErrMsg = array();
    $remoteIP = $_SERVER["REMOTE_ADDR"];
    $days = array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday');
    $phpVerArr = explode('.', phpversion());
    $phpVer = $phpVerArr[0];
    if ($phpVer == 5) {
        require_once ".ht-inc/php5extras.php";
    }
    $passwdArray = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0');
    if (array_key_exists('VCLAUTH', $_COOKIE) || $mode == 'submitLogin') {
        // open keys
        $fp = fopen(".ht-inc/keys.pem", "r");
        $key = fread($fp, 8192);
        fclose($fp);
        $keys["private"] = openssl_pkey_get_private($key, $pemkey);
        if (!$keys['private']) {
            abort(6);
        }
        $fp = fopen(".ht-inc/pubkey.pem", "r");
        $key = fread($fp, 8192);
        fclose($fp);
        $keys["public"] = openssl_pkey_get_public($key);
        if (!$keys['public']) {
            abort(7);
        }
    }
    # USING A SINGLE USER WITHOUT LOGGING IN:
    # to automatically log in to vcl with the same user
    # every time, comment out from this comment block to
    # the 'end auth check' comment, then, right after
    # that, set $authed = 1 and $userid to the id from
    # the user table corresponding to the user you want
    # logged in
    # start auth check
    $authed = 0;
    if (array_key_exists("VCLAUTH", $_COOKIE)) {
        $userid = readAuthCookie();
        if (!is_null($userid)) {
            $authed = 1;
        }
    } elseif (preg_match('/_shibsession/', join(',', array_keys($_COOKIE)))) {
        # redirect to shibauth directory
        header('Location: ' . BASEURL . "/shibauth/");
        dbDisconnect();
        exit;
    }
    # end auth check
    if ($authed && $mode == 'selectauth') {
        $mode = 'home';
    }
    if (!$authed) {
        # set $skin based on cookie (so it gets set before user logs in
        #   later, we set it by affiliation (helps with 'view as user')
        if (preg_match('/^152\\.9\\./', $_SERVER['REMOTE_ADDR']) || array_key_exists('VCLSKIN', $_COOKIE) && $_COOKIE['VCLSKIN'] == 'EXAMPLE1') {
            $skin = 'example1';
        } elseif (array_key_exists('VCLSKIN', $_COOKIE)) {
            switch ($_COOKIE['VCLSKIN']) {
                case 'EXAMPLE2':
                    $skin = 'example2';
                    break;
                default:
                    $skin = 'default';
                    break;
            }
        } else {
            $skin = 'default';
        }
        if ($mode != 'selectauth' && $mode != 'submitLogin') {
            require_once "themes/{$skin}/page.php";
        }
        require_once ".ht-inc/requests.php";
        if ($mode != "logout" && $mode != "shiblogout" && $mode != "vcldquery" && $mode != "xmlrpccall" && $mode != "xmlrpcaffiliations" && $mode != "selectauth" && $mode != "submitLogin") {
            $oldmode = $mode;
            $mode = "auth";
        }
        if ($mode == "vcldquery" || $mode == 'xmlrpccall' || $mode == 'xmlrpcaffiliations') {
            // get the semaphore id
            if (!($semid = sem_get(SEMKEY, 1, 0666, 1))) {
                abort(2);
            }
            $semislocked = 0;
            require_once ".ht-inc/xmlrpcWrappers.php";
            require_once ".ht-inc/requests.php";
            require_once ".ht-inc/groups.php";
            setupSession();
        }
        return;
    }
    setupSession();
    if (array_key_exists('user', $_SESSION)) {
        $user = $_SESSION['user'];
        if (!empty($contuserid) && $user['id'] != $contuserid) {
            abort(51);
        }
    } else {
        # get info about user
        if (!($user = getUserInfo($userid))) {
            $ERRORS[1] = "Failed to get user info from database.  userid was {$userid}";
            abort(1);
        }
        if ($user['adminlevel'] == 'developer' && array_key_exists('VCLTESTUSER', $_COOKIE)) {
            $userid = $_COOKIE['VCLTESTUSER'];
            if ($userid != "{$user['unityid']}@{$user['affiliation']}") {
                if ($testuser = getUserInfo($userid)) {
                    $user = $testuser;
                }
            }
        }
        if (!empty($contuserid) && $user['id'] != $contuserid) {
            abort(51);
        }
        $_SESSION['user'] = $user;
    }
    $viewmode = getViewMode($user);
    $affil = $user['affiliation'];
    # setskin
    switch ($affil) {
        case 'EXAMPLE1':
            $skin = 'example1';
            require_once 'themes/example1/page.php';
            break;
        case 'EXAMPLE2':
            $skin = 'example1';
            require_once 'themes/example2/page.php';
            break;
        default:
            $skin = 'default';
            require_once 'themes/default/page.php';
            break;
    }
    $_SESSION['mode'] = $mode;
    // check for and possibly clear dirty permission cache
    $dontClearModes = array('AJchangeUserPrivs', 'AJchangeUserGroupPrivs', 'AJchangeResourcePrivs');
    if (!in_array($mode, $dontClearModes) && array_key_exists('dirtyprivs', $_SESSION) && $_SESSION['dirtyprivs']) {
        clearPrivCache();
        $_SESSION['dirtyprivs'] = 0;
    }
    // get the semaphore id
    if (!($semid = sem_get(SEMKEY, 1, 0666, 1))) {
        abort(2);
    }
    $semislocked = 0;
    # include appropriate files
    switch ($actions['pages'][$mode]) {
        case 'manageComputers':
            require_once ".ht-inc/computers.php";
            break;
        case 'managementNodes':
            require_once ".ht-inc/managementnodes.php";
            break;
        case 'manageImages':
            require_once ".ht-inc/images.php";
            require_once ".ht-inc/requests.php";
            break;
        case 'manageSchedules':
            require_once ".ht-inc/schedules.php";
            break;
        case 'help':
            require_once ".ht-inc/help.php";
            break;
        case 'userPreferences':
            require_once ".ht-inc/userpreferences.php";
            break;
        case 'statistics':
            require_once ".ht-inc/statistics.php";
            break;
        case 'manageGroups':
            require_once ".ht-inc/groups.php";
            break;
        case 'privileges':
        case 'userLookup':
            require_once ".ht-inc/privileges.php";
            break;
        case 'vm':
            require_once ".ht-inc/vm.php";
            break;
        default:
            require_once ".ht-inc/requests.php";
    }
}
Esempio n. 4
0
function initGlobals()
{
    global $mode, $user, $remoteIP, $authed, $oldmode, $semid;
    global $days, $phpVer, $keys, $pemkey, $AUTHERROR;
    global $passwdArray, $skin, $contdata, $lastmode, $inContinuation;
    global $ERRORS, $actions;
    global $affilValFunc, $addUserFunc, $updateUserFunc, $addUserFuncArgs;
    global $uniqid;
    define("SECINDAY", 86400);
    define("SECINWEEK", 604800);
    define("SECINMONTH", 2678400);
    define("SECINYEAR", 31536000);
    # TODO validate security of this
    if (array_key_exists("PATH_INFO", $_SERVER)) {
        $pathdata = explode("/", $_SERVER["PATH_INFO"]);
        $tmp = explode('.', $pathdata[1]);
        $_GET["mode"] = $tmp[0];
    }
    $mode = processInputVar("mode", ARG_STRING, 'main');
    $inContinuation = 0;
    $contdata = array();
    $contuserid = '';
    $continuation = processInputVar('continuation', ARG_STRING);
    if (!empty($continuation)) {
        $tmp = getContinuationsData($continuation);
        if (empty($tmp)) {
            abort(11);
        } elseif (array_key_exists('error', $tmp)) {
            $mode = "continuationsError";
            $contdata = $tmp;
        } else {
            $inContinuation = 1;
            $contuserid = $tmp['userid'];
            $lastmode = $tmp['frommode'];
            $mode = $tmp['nextmode'];
            $contdata = $tmp['data'];
        }
    }
    $submitErr = 0;
    $submitErrMsg = array();
    $remoteIP = $_SERVER["REMOTE_ADDR"];
    $days = array(i('Sunday'), i('Monday'), i('Tuesday'), i('Wednesday'), i('Thursday'), i('Friday'), i('Saturday'));
    $phpVerArr = explode('.', phpversion());
    $phpVer = $phpVerArr[0];
    $uniqid = uniqid($_SERVER['HTTP_HOST'] . "-" . getmypid() . "-");
    $passwdArray = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0');
    if (array_key_exists('VCLAUTH', $_COOKIE) || $mode == 'submitLogin') {
        // open keys
        $fp = fopen(".ht-inc/keys.pem", "r");
        $key = fread($fp, 8192);
        fclose($fp);
        $keys["private"] = openssl_pkey_get_private($key, $pemkey);
        if (!$keys['private']) {
            abort(6);
        }
        $fp = fopen(".ht-inc/pubkey.pem", "r");
        $key = fread($fp, 8192);
        fclose($fp);
        $keys["public"] = openssl_pkey_get_public($key);
        if (!$keys['public']) {
            abort(7);
        }
    }
    # USING A SINGLE USER WITHOUT LOGGING IN:
    # to automatically log in to vcl with the same user
    # every time, comment out from this comment block to
    # the 'end auth check' comment, then, right after
    # that, set $authed = 1 and $userid to the id from
    # the user table corresponding to the user you want
    # logged in
    # start auth check
    $authed = 0;
    if (array_key_exists("VCLAUTH", $_COOKIE)) {
        $userid = readAuthCookie();
        if (!is_null($userid)) {
            $authed = 1;
        }
    } elseif (preg_match('/_shibsession/', join(',', array_keys($_COOKIE)))) {
        # redirect to shibauth directory
        header('Location: ' . BASEURL . "/shibauth/");
        dbDisconnect();
        exit;
    }
    # end auth check
    if ($authed && $mode == 'selectauth') {
        $mode = 'home';
    }
    if (!$authed) {
        # set $skin based on cookie (so it gets set before user logs in
        #   later, we set it by affiliation (helps with 'view as user')
        if (preg_match('/^152\\.9\\./', $_SERVER['REMOTE_ADDR']) || array_key_exists('VCLSKIN', $_COOKIE) && $_COOKIE['VCLSKIN'] == 'EXAMPLE1') {
            $skin = 'example1';
        } elseif (array_key_exists('VCLSKIN', $_COOKIE)) {
            switch ($_COOKIE['VCLSKIN']) {
                case 'EXAMPLE2':
                    $skin = 'example2';
                    break;
                default:
                    $skin = DEFAULTTHEME;
                    break;
            }
        } else {
            $skin = DEFAULTTHEME;
        }
        if ($mode != 'selectauth' && $mode != 'submitLogin') {
            require_once "themes/{$skin}/page.php";
        }
        require_once ".ht-inc/requests.php";
        if ($mode != "logout" && $mode != "shiblogout" && $mode != "xmlrpccall" && $mode != "xmlrpcaffiliations" && $mode != "selectauth" && $mode != "submitLogin" && $mode != "changeLocale") {
            $oldmode = $mode;
            $mode = "auth";
        }
        if ($mode == 'xmlrpccall' || $mode == 'xmlrpcaffiliations') {
            require_once ".ht-inc/xmlrpcWrappers.php";
            require_once ".ht-inc/requests.php";
            require_once ".ht-inc/serverprofiles.php";
            require_once ".ht-inc/groups.php";
            setupSession();
        }
        return;
    }
    setupSession();
    if (array_key_exists('user', $_SESSION)) {
        $user = $_SESSION['user'];
        if (!empty($contuserid) && $user['id'] != $contuserid) {
            abort(51);
        }
    } else {
        # get info about user
        if (!($user = getUserInfo($userid))) {
            // if first call to getUserInfo fails, try calling with $noupdate set
            if (!($user = getUserInfo($userid, 1))) {
                $ERRORS[1] = i("Failed to get user info from database. userid was ") . "{$userid}";
                abort(1);
            }
        }
        if (!empty($contuserid) && $user['id'] != $contuserid) {
            abort(51);
        }
        $_SESSION['user'] = $user;
    }
    # setskin
    $skin = getAffiliationTheme($user['affiliationid']);
    require_once "themes/{$skin}/page.php";
    $_SESSION['mode'] = $mode;
    // check for and possibly clear dirty permission cache
    $dontClearModes = array('AJchangeUserPrivs', 'AJchangeUserGroupPrivs', 'AJchangeResourcePrivs');
    if (!in_array($mode, $dontClearModes) && array_key_exists('dirtyprivs', $_SESSION) && $_SESSION['dirtyprivs']) {
        clearPrivCache();
        $_SESSION['dirtyprivs'] = 0;
    }
    # set up $affilValFunc, $addUserFunc, $updateUserFunc for any shibonly affiliations
    $query = "SELECT id FROM affiliation WHERE shibonly = 1";
    $qh = doQuery($query);
    while ($row = mysql_fetch_assoc($qh)) {
        $id = $row['id'];
        if (!array_key_exists($id, $affilValFunc)) {
            if (ALLOWADDSHIBUSERS) {
                $affilValFunc[$id] = create_function('', 'return 1;');
            } else {
                $affilValFunc[$id] = create_function('', 'return 0;');
            }
        }
        if (!array_key_exists($id, $addUserFunc)) {
            if (ALLOWADDSHIBUSERS) {
                $addUserFunc[$id] = 'addShibUserStub';
                $addUserFuncArgs[$id] = $id;
            } else {
                $addUserFunc[$id] = create_function('', 'return 0;');
            }
        }
        if (!array_key_exists($id, $updateUserFunc)) {
            $updateUserFunc[$id] = create_function('', 'return NULL;');
        }
    }
    # include appropriate files
    switch ($actions['pages'][$mode]) {
        case 'blockAllocations':
            require_once ".ht-inc/blockallocations.php";
            break;
        case 'help':
            require_once ".ht-inc/help.php";
            break;
        case 'userPreferences':
            require_once ".ht-inc/userpreferences.php";
            break;
        case 'statistics':
            require_once ".ht-inc/statistics.php";
            break;
        case 'manageGroups':
            require_once ".ht-inc/groups.php";
            break;
        case 'privileges':
        case 'userLookup':
            require_once ".ht-inc/privileges.php";
            break;
        case 'sitemaintenance':
            require_once ".ht-inc/sitemaintenance.php";
            break;
        case 'vm':
            require_once ".ht-inc/vm.php";
            break;
        case 'dashboard':
            require_once ".ht-inc/dashboard.php";
            break;
        case 'siteconfig':
            require_once ".ht-inc/siteconfig.php";
            break;
        case 'resource':
        case 'config':
        case 'image':
        case 'computer':
        case 'managementnode':
        case 'schedule':
            require_once ".ht-inc/resource.php";
            break;
        case 'storebackend':
            require_once ".ht-inc/storebackend.php";
            break;
        case 'serverProfiles':
            require_once ".ht-inc/serverprofiles.php";
            require_once ".ht-inc/requests.php";
            break;
        default:
            require_once ".ht-inc/requests.php";
    }
}