Decrypt a string
| static public decrypt ( $string, $key ) : decrypted | ||
| $string | string to decrypt | |
| $key | string key used to decrypt | |
| 리턴 | decrypted | string |
/**
* Constructor
*
**/
function __construct()
{
global $CFG_GLPI;
$this->WordWrap = 80;
$this->CharSet = "utf-8";
// Comes from config
$this->SetLanguage("en", Config::getLibraryDir("PHPMailer") . "/language/");
if ($CFG_GLPI['smtp_mode'] != MAIL_MAIL) {
$this->Mailer = "smtp";
$this->Host = $CFG_GLPI['smtp_host'] . ':' . $CFG_GLPI['smtp_port'];
if ($CFG_GLPI['smtp_username'] != '') {
$this->SMTPAuth = true;
$this->Username = $CFG_GLPI['smtp_username'];
$this->Password = Toolbox::decrypt($CFG_GLPI['smtp_passwd'], GLPIKEY);
}
if ($CFG_GLPI['smtp_mode'] == MAIL_SMTPSSL) {
$this->SMTPSecure = "ssl";
}
if ($CFG_GLPI['smtp_mode'] == MAIL_SMTPTLS) {
$this->SMTPSecure = "tls";
}
if (!$CFG_GLPI['smtp_check_certificate']) {
$this->SMTPOptions = array('ssl' => array('verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true));
}
}
if ($_SESSION['glpi_use_mode'] == Session::DEBUG_MODE) {
$this->do_debug = 3;
}
}
/**
* Constructor
*
**/
function __construct()
{
global $CFG_GLPI;
$this->WordWrap = 80;
$this->CharSet = "utf-8";
// Comes from config
$this->SetLanguage("en", GLPI_PHPMAILER_DIR . "/language/");
if ($CFG_GLPI['smtp_mode'] != MAIL_MAIL) {
$this->Mailer = "smtp";
$this->Host = $CFG_GLPI['smtp_host'] . ':' . $CFG_GLPI['smtp_port'];
if ($CFG_GLPI['smtp_username'] != '') {
$this->SMTPAuth = true;
$this->Username = $CFG_GLPI['smtp_username'];
$this->Password = Toolbox::decrypt($CFG_GLPI['smtp_passwd'], GLPIKEY);
}
if ($CFG_GLPI['smtp_mode'] == MAIL_SMTPSSL) {
$this->SMTPSecure = "ssl";
}
if ($CFG_GLPI['smtp_mode'] == MAIL_SMTPTLS) {
$this->SMTPSecure = "tls";
}
}
if ($_SESSION['glpi_use_mode'] == Session::DEBUG_MODE) {
$this->do_debug = 3;
}
}
static function cURLData($options)
{
global $CFG_GLPI;
if (!function_exists('curl_init')) {
return __('Curl PHP package not installed', 'manufacturersimports') . "\n";
}
$data = '';
$timeout = 10;
$proxy_host = $CFG_GLPI["proxy_name"] . ":" . $CFG_GLPI["proxy_port"];
// host:port
$proxy_ident = $CFG_GLPI["proxy_user"] . ":" . Toolbox::decrypt($CFG_GLPI["proxy_passwd"], GLPIKEY);
// username:password
$ch = curl_init($options["url"]);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
if (preg_match('`^https://`i', $options["url"])) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
}
if (!$options["download"]) {
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
}
// Activation de l'utilisation d'un serveur proxy
if (!empty($CFG_GLPI["proxy_name"])) {
//curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, true);
// Définition de l'adresse du proxy
curl_setopt($ch, CURLOPT_PROXY, $proxy_host);
// Définition des identifiants si le proxy requiert une identification
if ($proxy_ident) {
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxy_ident);
}
}
if ($options["download"]) {
$fp = fopen($options["file"], "w");
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_exec($ch);
} else {
$data = curl_exec($ch);
}
curl_close($ch);
if ($options["download"]) {
fclose($fp);
}
if (!$options["download"] && $data) {
return $data;
}
}
function __construct($options = array())
{
global $CFG_GLPI;
if (!isset($options['exceptions'])) {
$options['exceptions'] = false;
}
$options['features'] = SOAP_SINGLE_ELEMENT_ARRAYS;
if (!empty($CFG_GLPI["proxy_name"])) {
$options['proxy_host'] = $CFG_GLPI["proxy_name"];
$options['proxy_port'] = intval($CFG_GLPI["proxy_port"]);
$options['proxy_login'] = $CFG_GLPI["proxy_user"];
$options['proxy_password'] = Toolbox::decrypt($CFG_GLPI["proxy_passwd"], GLPIKEY);
}
parent::__construct(self::ADDR, $options);
}
function connect()
{
$PluginSccmConfig = new PluginSccmConfig();
$PluginSccmConfig->getFromDB(1);
$host = $PluginSccmConfig->getField('sccmdb_host');
$dbname = $PluginSccmConfig->getField('sccmdb_dbname');
$user = $PluginSccmConfig->getField('sccmdb_user');
$password = $PluginSccmConfig->getField('sccmdb_password');
$password = Toolbox::decrypt($password, GLPIKEY);
$this->dbconn = mssql_connect($host, $user, $password) or die('Connection error : ' . mssql_get_last_message());
if (!mssql_select_db($dbname, $this->dbconn)) {
die('Unable to connect do DB!' . mssql_get_last_message());
}
return true;
}
/**
* Connect to the mail box
**/
function connect()
{
if (version_compare(PHP_VERSION, '5.3.2', '<') || $this->fields['use_kerberos']) {
$this->marubox = @imap_open($this->fields['host'], $this->fields['login'], Toolbox::decrypt($this->fields['passwd'], GLPIKEY), CL_EXPUNGE, 1);
} else {
$this->marubox = @imap_open($this->fields['host'], $this->fields['login'], Toolbox::decrypt($this->fields['passwd'], GLPIKEY), CL_EXPUNGE, 1, array('DISABLE_AUTHENTICATOR' => 'GSSAPI'));
}
// Reset errors
if ($this->marubox) {
// call this to avoid the mailbox is empty error message
if (imap_num_msg($this->marubox) == 0) {
$errors = imap_errors();
}
if ($this->fields['errors'] > 0) {
$this->update(array('id' => $this->getID(), 'errors' => 0));
}
} else {
$this->update(array('id' => $this->getID(), 'errors' => $this->fields['errors'] + 1));
}
}
/**
* Manage use authentication and initialize the session
*
* @param $login_name string
* @param $login_password string
* @param $noauto boolean (false by default)
*
* @return boolean (success)
*/
function Login($login_name, $login_password, $noauto = false)
{
global $DB, $CFG_GLPI;
$this->getAuthMethods();
$this->user_present = 1;
$this->auth_succeded = false;
//In case the user was deleted in the LDAP directory
$user_deleted_ldap = false;
// Trim login_name : avoid LDAP search errors
$login_name = trim($login_name);
if (!$noauto && ($authtype = self::checkAlternateAuthSystems())) {
if ($this->getAlternateAuthSystemsUserLogin($authtype) && !empty($this->user->fields['name'])) {
// Used for log when login process failed
$login_name = $this->user->fields['name'];
$this->auth_succeded = true;
$this->extauth = 1;
$this->user_present = $this->user->getFromDBbyName(addslashes($login_name));
$this->user->fields['authtype'] = $authtype;
$user_dn = false;
$ldapservers = '';
//if LDAP enabled too, get user's infos from LDAP
if (Toolbox::canUseLdap()) {
$ldapservers = array();
//User has already authenticate, at least once : it's ldap server if filled
if (isset($this->user->fields["auths_id"]) && $this->user->fields["auths_id"] > 0) {
$authldap = new AuthLdap();
//If ldap server is enabled
if ($authldap->getFromDB($this->user->fields["auths_id"]) && $authldap->fields['is_active']) {
$ldapservers[] = $authldap->fields;
}
//User has never beeen authenticated : try all active ldap server to find the right one
} else {
foreach (getAllDatasFromTable('glpi_authldaps', "`is_active`='1'") as $ldap_config) {
$ldapservers[] = $ldap_config;
}
}
foreach ($ldapservers as $ldap_method) {
$ds = AuthLdap::connectToServer($ldap_method["host"], $ldap_method["port"], $ldap_method["rootdn"], Toolbox::decrypt($ldap_method["rootdn_passwd"], GLPIKEY), $ldap_method["use_tls"], $ldap_method["deref_option"]);
if ($ds) {
$params['method'] = AuthLdap::IDENTIFIER_LOGIN;
$params['fields'][AuthLdap::IDENTIFIER_LOGIN] = $ldap_method["login_field"];
$user_dn = AuthLdap::searchUserDn($ds, array('basedn' => $ldap_method["basedn"], 'login_field' => $ldap_method['login_field'], 'search_parameters' => $params, 'user_params' => array('method' => AuthLDAP::IDENTIFIER_LOGIN, 'value' => $login_name), 'condition' => $ldap_method["condition"]));
if ($user_dn) {
$this->user->fields['auths_id'] = $ldap_method['id'];
$this->user->getFromLDAP($ds, $ldap_method, $user_dn['dn'], $login_name, !$this->user_present);
break;
}
}
}
}
if (count($ldapservers) == 0 && $authtype == self::EXTERNAL) {
// Case of using external auth and no LDAP servers, so get data from external auth
$this->user->getFromSSO();
} else {
//If user is set as present in GLPI but no LDAP DN found : it means that the user
//is not present in an ldap directory anymore
if (!$user_dn && $this->user_present) {
$user_deleted_ldap = true;
$this->user_deleted_ldap = true;
}
}
// Reset to secure it
$this->user->fields['name'] = $login_name;
$this->user->fields["last_login"] = $_SESSION["glpi_currenttime"];
} else {
$this->addToError(__('Empty login or password'));
}
}
// If not already auth
if (!$this->auth_succeded) {
if (empty($login_name) || strstr($login_name, "") || empty($login_password) || strstr($login_password, "")) {
$this->addToError(__('Empty login or password'));
} else {
// exists=0 -> user doesn't yet exist
// exists=1 -> user is present in DB with password
// exists=2 -> user is present in DB but without password
$exists = $this->userExists(array('name' => addslashes($login_name)));
// Pas en premier car sinon on ne fait pas le blankpassword
// First try to connect via le DATABASE
if ($exists == 1) {
// Without UTF8 decoding
if (!$this->auth_succeded) {
$this->auth_succeded = $this->connection_db(addslashes($login_name), $login_password);
if ($this->auth_succeded) {
$this->extauth = 0;
$this->user_present = $this->user->getFromDBbyName(addslashes($login_name));
$this->user->fields["authtype"] = self::DB_GLPI;
$this->user->fields["password"] = $login_password;
}
}
} else {
if ($exists == 2) {
//The user is not authenticated on the GLPI DB, but we need to get information about him
//to find out his authentication method
$this->user->getFromDBbyName(addslashes($login_name));
//If the user has already been logged, the method_auth and auths_id are already set
//so we test this connection first
switch ($this->user->fields["authtype"]) {
case self::CAS:
case self::EXTERNAL:
case self::LDAP:
if (Toolbox::canUseLdap()) {
AuthLdap::tryLdapAuth($this, $login_name, $login_password, $this->user->fields["auths_id"], $this->user->fields["user_dn"]);
if (!$this->auth_succeded && $this->user_deleted_ldap) {
$user_deleted_ldap = true;
}
}
break;
case self::MAIL:
if (Toolbox::canUseImapPop()) {
AuthMail::tryMailAuth($this, $login_name, $login_password, $this->user->fields["auths_id"]);
}
break;
case self::NOT_YET_AUTHENTIFIED:
break;
}
} else {
if (!$exists) {
//test all ldap servers only is user is not present in glpi's DB
if (!$this->auth_succeded && Toolbox::canUseLdap()) {
AuthLdap::tryLdapAuth($this, $login_name, $login_password, 0, false, false);
}
//test all imap/pop servers
if (!$this->auth_succeded && Toolbox::canUseImapPop()) {
AuthMail::tryMailAuth($this, $login_name, $login_password, 0, false);
}
}
}
}
// Fin des tests de connexion
}
}
if ($user_deleted_ldap) {
User::manageDeletedUserInLdap($this->user->fields["id"]);
}
// Ok, we have gathered sufficient data, if the first return false the user
// is not present on the DB, so we add him.
// if not, we update him.
if ($this->auth_succeded) {
//Set user an not deleted from LDAP
$this->user->fields['is_deleted_ldap'] = 0;
// Prepare data
$this->user->fields["last_login"] = $_SESSION["glpi_currenttime"];
if ($this->extauth) {
$this->user->fields["_extauth"] = 1;
}
if ($DB->isSlave()) {
if (!$this->user_present) {
// Can't add in slave mode
$this->addToError(__('User not authorized to connect in GLPI'));
$this->auth_succeded = false;
}
} else {
if ($this->user_present) {
// First stripslashes to avoid double slashes
$input = Toolbox::stripslashes_deep($this->user->fields);
// Then ensure addslashes
$input = Toolbox::addslashes_deep($input);
// update user and Blank PWD to clean old database for the external auth
$this->user->update($input);
if ($this->extauth) {
$this->user->blankPassword();
}
} else {
if ($CFG_GLPI["is_users_auto_add"]) {
// Auto add user
// First stripslashes to avoid double slashes
$input = Toolbox::stripslashes_deep($this->user->fields);
// Then ensure addslashes
$input = Toolbox::addslashes_deep($input);
unset($this->user->fields);
$this->user->add($input);
} else {
// Auto add not enable so auth failed
$this->addToError(__('User not authorized to connect in GLPI'));
$this->auth_succeded = false;
}
}
}
}
// Log Event (if possible)
if (!$DB->isSlave()) {
// GET THE IP OF THE CLIENT
$ip = getenv("HTTP_X_FORWARDED_FOR") ? getenv("HTTP_X_FORWARDED_FOR") : getenv("REMOTE_ADDR");
if ($this->auth_succeded) {
if (GLPI_DEMO_MODE) {
// not translation in GLPI_DEMO_MODE
Event::log(-1, "system", 3, "login", $login_name . " log in from " . $ip);
} else {
//TRANS: %1$s is the login of the user and %2$s its IP address
Event::log(-1, "system", 3, "login", sprintf(__('%1$s log in from IP %2$s'), $login_name, $ip));
}
} else {
if (GLPI_DEMO_MODE) {
Event::log(-1, "system", 1, "login", "login", "Connection failed for " . $login_name . " ({$ip})");
} else {
//TRANS: %1$s is the login of the user and %2$s its IP address
Event::log(-1, "system", 1, "login", sprintf(__('Failed login for %1$s from IP %2$s'), $login_name, $ip));
}
}
}
Session::init($this);
if ($noauto) {
$_SESSION["noAUTO"] = 1;
}
return $this->auth_succeded;
}
/**
* @param $authldap AuthLDAP object
**/
static function searchUser(AuthLDAP $authldap)
{
if (self::connectToServer($authldap->getField('host'), $authldap->getField('port'), $authldap->getField('rootdn'), Toolbox::decrypt($authldap->getField('rootdn_passwd'), GLPIKEY), $authldap->getField('use_tls'), $authldap->getField('deref_option'))) {
self::showLdapUsers();
} else {
echo "<div class='center b firstbloc'>" . __('Unable to connect to the LDAP directory');
}
}
/**
* Get a specific RSS feed
*
* @param $url string/array URL of the feed or array of URL
* @param $cache_duration timestamp cache duration (default DAY_TIMESTAMP)
*
* @return feed object
**/
static function getRSSFeed($url, $cache_duration = DAY_TIMESTAMP)
{
global $CFG_GLPI;
$feed = new SimplePie();
$feed->set_cache_location(GLPI_RSS_DIR);
$feed->set_cache_duration($cache_duration);
// proxy support
if (!empty($CFG_GLPI["proxy_name"])) {
$prx_opt = array();
$prx_opt[CURLOPT_PROXY] = $CFG_GLPI["proxy_name"];
$prx_opt[CURLOPT_PROXYPORT] = $CFG_GLPI["proxy_port"];
if (!empty($CFG_GLPI["proxy_user"])) {
$prx_opt[CURLOPT_HTTPAUTH] = CURLAUTH_ANYSAFE;
$prx_opt[CURLOPT_PROXYUSERPWD] = $CFG_GLPI["proxy_user"] . ":" . Toolbox::decrypt($CFG_GLPI["proxy_passwd"], GLPIKEY);
}
$feed->set_curl_options($prx_opt);
}
$feed->enable_cache(true);
$feed->set_feed_url($url);
$feed->force_feed(true);
// Initialize the whole SimplePie object. Read the feed, process it, parse it, cache it, and
// all that other good stuff. The feed's information will not be available to SimplePie before
// this is called.
$feed->init();
// We'll make sure that the right content type and character encoding gets set automatically.
// This function will grab the proper character encoding, as well as set the content type to text/html.
$feed->handle_content_type();
if ($feed->error()) {
return false;
}
return $feed;
}
static function cURLData($options)
{
global $CFG_GLPI;
if (!function_exists('curl_init')) {
return __('Curl PHP package not installed', 'manufacturersimports') . "\n";
}
$data = '';
$timeout = 10;
$proxy_host = $CFG_GLPI["proxy_name"] . ":" . $CFG_GLPI["proxy_port"];
// host:port
$proxy_ident = $CFG_GLPI["proxy_user"] . ":" . Toolbox::decrypt($CFG_GLPI["proxy_passwd"], GLPIKEY);
// username:password
$url = $options["url"];
$ch = curl_init();
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
if (preg_match('`^https://`i', $options["url"])) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
}
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookiefile");
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookiefile");
# SAME cookiefile
//Do we have post field to send?
if (!empty($options["post"])) {
//curl_setopt($ch, CURLOPT_POST,true);
$post = '';
foreach ($options['post'] as $key => $value) {
$post .= $key . '=' . $value . '&';
}
rtrim($post, '&');
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type:application/x-www-form-urlencoded"));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTREDIR, 2);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
if (!$options["download"]) {
//curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
}
// Activation de l'utilisation d'un serveur proxy
if (!empty($CFG_GLPI["proxy_name"])) {
//curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, true);
// Définition de l'adresse du proxy
curl_setopt($ch, CURLOPT_PROXY, $proxy_host);
// Définition des identifiants si le proxy requiert une identification
if ($proxy_ident) {
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxy_ident);
}
}
if ($options["download"]) {
$fp = fopen($options["file"], "w");
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_exec($ch);
} else {
$data = curl_exec($ch);
}
if (!$options["download"] && !$data) {
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
// make sure we closeany current curl sessions
//die($http_code.' Unable to connect to server. Please come back later.');
} else {
curl_close($ch);
}
if ($options["download"]) {
fclose($fp);
}
if (!$options["download"] && $data) {
return $data;
}
}
// Check session dir (usefull when NFS mounted))
if (is_dir(GLPI_SESSION_DIR) && is_writable(GLPI_SESSION_DIR)) {
echo "GLPI_SESSION_DIR_OK\n";
} else {
echo "GLPI_SESSION_DIR_PROBLEM\n";
$ok = false;
}
// Reestablished DB connection
if (($ok_master || $ok_slave) && DBConnection::establishDBConnection(false, false, false)) {
// Check LDAP Auth connections
$ldap_methods = getAllDatasFromTable('glpi_authldaps', '`is_active`=1');
if (count($ldap_methods)) {
echo "Check LDAP servers:";
foreach ($ldap_methods as $method) {
echo " " . $method['name'];
if (AuthLDAP::tryToConnectToServer($method, $method["rootdn"], Toolbox::decrypt($method["rootdn_passwd"], GLPIKEY))) {
echo "_OK";
} else {
echo "_PROBLEM";
$ok = false;
}
echo "\n";
}
} else {
echo "No LDAP server\n";
}
// Check IMAP Auth connections
$imap_methods = getAllDatasFromTable('glpi_authmails', '`is_active`=1');
if (count($imap_methods)) {
echo "Check IMAP servers:";
foreach ($imap_methods as $method) {
public function __construct($url, $timeout = 10, $redirects = 5, $headers = null, $useragent = null, $force_fsockopen = false)
{
/// Patch GLPI
global $CFG_GLPI;
if (class_exists('idna_convert')) {
$idn = new idna_convert();
$parsed = SimplePie_Misc::parse_url($url);
$url = SimplePie_Misc::compress_parse_url($parsed['scheme'], $idn->encode($parsed['authority']), $parsed['path'], $parsed['query'], $parsed['fragment']);
}
$this->url = $url;
$this->useragent = $useragent;
if (preg_match('/^http(s)?:\\/\\//i', $url)) {
if ($useragent === null) {
$useragent = ini_get('user_agent');
$this->useragent = $useragent;
}
if (!is_array($headers)) {
$headers = array();
}
if (!$force_fsockopen && function_exists('curl_exec')) {
$this->method = SIMPLEPIE_FILE_SOURCE_REMOTE | SIMPLEPIE_FILE_SOURCE_CURL;
$fp = curl_init();
$headers2 = array();
foreach ($headers as $key => $value) {
$headers2[] = "{$key}: {$value}";
}
if (version_compare(SimplePie_Misc::get_curl_version(), '7.10.5', '>=')) {
curl_setopt($fp, CURLOPT_ENCODING, '');
}
curl_setopt($fp, CURLOPT_URL, $url);
curl_setopt($fp, CURLOPT_HEADER, 1);
curl_setopt($fp, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($fp, CURLOPT_TIMEOUT, $timeout);
curl_setopt($fp, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($fp, CURLOPT_REFERER, $url);
curl_setopt($fp, CURLOPT_USERAGENT, $useragent);
curl_setopt($fp, CURLOPT_HTTPHEADER, $headers2);
/// Patch GLPI
if (!empty($CFG_GLPI["proxy_name"])) {
curl_setopt($fp, CURLOPT_PROXY, $CFG_GLPI["proxy_name"]);
curl_setopt($fp, CURLOPT_PROXYPORT, $CFG_GLPI["proxy_port"]);
if (!empty($CFG_GLPI["proxy_user"])) {
curl_setopt($fp, CURLOPT_HTTPAUTH, CURLAUTH_ANYSAFE);
curl_setopt($fp, CURLOPT_PROXYUSERPWD, $CFG_GLPI["proxy_user"] . ":" . Toolbox::decrypt($CFG_GLPI["proxy_passwd"], GLPIKEY));
}
}
if (!ini_get('open_basedir') && !ini_get('safe_mode') && version_compare(SimplePie_Misc::get_curl_version(), '7.15.2', '>=')) {
curl_setopt($fp, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($fp, CURLOPT_MAXREDIRS, $redirects);
}
$this->headers = curl_exec($fp);
if (curl_errno($fp) === 23 || curl_errno($fp) === 61) {
curl_setopt($fp, CURLOPT_ENCODING, 'none');
$this->headers = curl_exec($fp);
}
if (curl_errno($fp)) {
$this->error = 'cURL error ' . curl_errno($fp) . ': ' . curl_error($fp);
$this->success = false;
} else {
$info = curl_getinfo($fp);
curl_close($fp);
$this->headers = explode("\r\n\r\n", $this->headers, $info['redirect_count'] + 1);
$this->headers = array_pop($this->headers);
$parser = new SimplePie_HTTP_Parser($this->headers);
if ($parser->parse()) {
$this->headers = $parser->headers;
$this->body = $parser->body;
$this->status_code = $parser->status_code;
if ((in_array($this->status_code, array(300, 301, 302, 303, 307)) || $this->status_code > 307 && $this->status_code < 400) && isset($this->headers['location']) && $this->redirects < $redirects) {
$this->redirects++;
$location = SimplePie_Misc::absolutize_url($this->headers['location'], $url);
return $this->__construct($location, $timeout, $redirects, $headers, $useragent, $force_fsockopen);
}
}
}
} else {
$this->method = SIMPLEPIE_FILE_SOURCE_REMOTE | SIMPLEPIE_FILE_SOURCE_FSOCKOPEN;
$url_parts = parse_url($url);
$socket_host = $url_parts['host'];
if (isset($url_parts['scheme']) && strtolower($url_parts['scheme']) === 'https') {
$socket_host = "ssl://{$url_parts['host']}";
$url_parts['port'] = 443;
}
if (!isset($url_parts['port'])) {
$url_parts['port'] = 80;
}
$fp = @fsockopen($socket_host, $url_parts['port'], $errno, $errstr, $timeout);
if (!$fp) {
$this->error = 'fsockopen error: ' . $errstr;
$this->success = false;
} else {
stream_set_timeout($fp, $timeout);
if (isset($url_parts['path'])) {
if (isset($url_parts['query'])) {
$get = "{$url_parts['path']}?{$url_parts['query']}";
} else {
$get = $url_parts['path'];
}
} else {
$get = '/';
}
$out = "GET {$get} HTTP/1.1\r\n";
$out .= "Host: {$url_parts['host']}\r\n";
$out .= "User-Agent: {$useragent}\r\n";
if (extension_loaded('zlib')) {
$out .= "Accept-Encoding: x-gzip,gzip,deflate\r\n";
}
if (isset($url_parts['user']) && isset($url_parts['pass'])) {
$out .= "Authorization: Basic " . base64_encode("{$url_parts['user']}:{$url_parts['pass']}") . "\r\n";
}
foreach ($headers as $key => $value) {
$out .= "{$key}: {$value}\r\n";
}
$out .= "Connection: Close\r\n\r\n";
fwrite($fp, $out);
$info = stream_get_meta_data($fp);
$this->headers = '';
while (!$info['eof'] && !$info['timed_out']) {
$this->headers .= fread($fp, 1160);
$info = stream_get_meta_data($fp);
}
if (!$info['timed_out']) {
$parser = new SimplePie_HTTP_Parser($this->headers);
if ($parser->parse()) {
$this->headers = $parser->headers;
$this->body = $parser->body;
$this->status_code = $parser->status_code;
if ((in_array($this->status_code, array(300, 301, 302, 303, 307)) || $this->status_code > 307 && $this->status_code < 400) && isset($this->headers['location']) && $this->redirects < $redirects) {
$this->redirects++;
$location = SimplePie_Misc::absolutize_url($this->headers['location'], $url);
return $this->__construct($location, $timeout, $redirects, $headers, $useragent, $force_fsockopen);
}
if (isset($this->headers['content-encoding'])) {
// Hey, we act dumb elsewhere, so let's do that here too
switch (strtolower(trim($this->headers['content-encoding'], "\t\n\r "))) {
case 'gzip':
case 'x-gzip':
$decoder = new SimplePie_gzdecode($this->body);
if (!$decoder->parse()) {
$this->error = 'Unable to decode HTTP "gzip" stream';
$this->success = false;
} else {
$this->body = $decoder->data;
}
break;
case 'deflate':
if (($decompressed = gzinflate($this->body)) !== false) {
$this->body = $decompressed;
} else {
if (($decompressed = gzuncompress($this->body)) !== false) {
$this->body = $decompressed;
} else {
if (function_exists('gzdecode') && ($decompressed = gzdecode($this->body)) !== false) {
$this->body = $decompressed;
} else {
$this->error = 'Unable to decode HTTP "deflate" stream';
$this->success = false;
}
}
}
break;
default:
$this->error = 'Unknown content coding';
$this->success = false;
}
}
}
} else {
$this->error = 'fsocket timed out';
$this->success = false;
}
fclose($fp);
}
}
} else {
$this->method = SIMPLEPIE_FILE_SOURCE_LOCAL | SIMPLEPIE_FILE_SOURCE_FILE_GET_CONTENTS;
if (!($this->body = file_get_contents($url))) {
$this->error = 'file_get_contents could not read the file';
$this->success = false;
}
}
}
/**
* This method return GLPI status (same as status.php)
*
* @param $params array of option : ignored
* @param $protocol the communication protocol used
*
* @return an response ready to be encode
**/
static function methodStatus($params, $protocol)
{
global $DB;
if (isset($params['help'])) {
return array('help' => 'bool,optional');
}
$resp = array();
$ok_master = true;
$ok_slave = true;
$ok = true;
// Check slave server connection
if (DBConnection::isDBSlaveActive()) {
$DBslave = DBConnection::getDBSlaveConf();
if (is_array($DBslave->dbhost)) {
$hosts = $DBslave->dbhost;
} else {
$hosts = array($DBslave->dbhost);
}
foreach ($hosts as $num => $name) {
$diff = DBConnection::getReplicateDelay($num);
if ($diff > 1000000000) {
$resp['slavedb_' . $num] = "offline";
$ok_slave = false;
} else {
if ($diff) {
$resp['slavedb_' . $num] = $diff;
if ($diff > HOUR_TIMESTAMP) {
$ok_slave = false;
}
} else {
$resp['slavedb_' . $num] = "ok";
}
}
}
} else {
$resp['slavedb'] = "not configured";
}
// Check main server connection
if (DBConnection::establishDBConnection(false, true, false)) {
$resp['maindb'] = "ok";
} else {
$resp['slavedb'] = "offline";
$ok_master = false;
}
// Slave and master ok;
$ok = $ok_slave && $ok_master;
// Check session dir (usefull when NFS mounted))
if (is_dir(GLPI_SESSION_DIR) && is_writable(GLPI_SESSION_DIR)) {
$resp['sessiondir'] = "ok";
} else {
$resp['sessiondir'] = "not writable";
$ok = false;
}
// Reestablished DB connection
if (($ok_master || $ok_slave) && DBConnection::establishDBConnection(false, false, false)) {
// Check Auth connections
$auth = new Auth();
$auth->getAuthMethods();
$ldap_methods = $auth->authtypes["ldap"];
if (count($ldap_methods)) {
foreach ($ldap_methods as $method) {
if ($method['is_active']) {
if (AuthLdap::tryToConnectToServer($method, $method["rootdn"], Toolbox::decrypt($method["rootdn_passwd"], GLPIKEY))) {
$resp['LDAP_' . $method['name']] = "ok";
} else {
$resp['LDAP_' . $method['name']] = "offline";
$ok = false;
}
}
}
}
}
if ($ok) {
$resp['glpi'] = "ok";
} else {
$resp['glpi'] = "error";
}
return $resp;
}
/**
* Connect to the mail box
**/
function connect()
{
if ($this->fields['use_kerberos']) {
$this->marubox = @imap_open($this->fields['host'], $this->fields['login'], Toolbox::decrypt($this->fields['passwd'], GLPIKEY), CL_EXPUNGE, 1);
} else {
$try_options = array(array('DISABLE_AUTHENTICATOR' => 'GSSAPI'), array('DISABLE_AUTHENTICATOR' => 'PLAIN'));
foreach ($try_options as $option) {
$this->marubox = @imap_open($this->fields['host'], $this->fields['login'], Toolbox::decrypt($this->fields['passwd'], GLPIKEY), CL_EXPUNGE, 1, $option);
if (is_resource($this->marubox)) {
break;
}
}
}
// Reset errors
if ($this->marubox) {
// call this to avoid the mailbox is empty error message
if (imap_num_msg($this->marubox) == 0) {
$errors = imap_errors();
}
if ($this->fields['errors'] > 0) {
$this->update(array('id' => $this->getID(), 'errors' => 0));
}
} else {
$this->update(array('id' => $this->getID(), 'errors' => $this->fields['errors'] + 1));
}
}
}
// Reestablished DB connection
if (($ok_master || $ok_slave )
&& DBConnection::establishDBConnection(false, false, false)) {
// Check LDAP Auth connections
$ldap_methods = getAllDatasFromTable('glpi_authldaps', '`is_active`=1');
if (count($ldap_methods)) {
echo "Check LDAP servers:";
foreach ($ldap_methods as $method) {
echo " ".$method['name'];
if (AuthLDAP::tryToConnectToServer($method, $method["rootdn"],
Toolbox::decrypt($method["rootdn_passwd"],
GLPIKEY))) {
echo "_OK";
} else {
echo "_PROBLEM";
$ok = false;
}
echo "\n";
}
} else {
echo "No LDAP server\n";
}
// Check IMAP Auth connections
$imap_methods = getAllDatasFromTable('glpi_authmails', '`is_active`=1');
