/** * Set the given identity * * @trigger onBeforeSetIdentity * @trigger onAfterSetIdentify * @param stdClass $identity Identity data */ public function setIdentity($identity) { $this->getEventManager()->dispatch(iMSCP_Events::onBeforeSetIdentity, array('context' => $this, 'identity' => $identity)); session_regenerate_id(); $lastAccess = time(); exec_query('INSERT INTO login (session_id, ipaddr, lastaccess, user_name) VALUES (?, ?, ?, ?)', array(session_id(), getIpAddr(), $lastAccess, $identity->admin_name)); $_SESSION['user_logged'] = $identity->admin_name; $_SESSION['user_type'] = $identity->admin_type; $_SESSION['user_id'] = $identity->admin_id; $_SESSION['user_email'] = $identity->email; $_SESSION['user_created_by'] = $identity->created_by; $_SESSION['user_login_time'] = $lastAccess; $_SESSION['user_identity'] = $identity; $this->getEventManager()->dispatch(iMSCP_Events::onAfterSetIdentity, array('context' => $this)); }
/** * Constructor * * @throws iMSCP_Plugin_Exception * @param iMSCP_Plugin_Manager $pluginManager * @param string $type Bruteforce detection type (login|captcha) (defaulted to login) * @çeturn void */ public function __construct(iMSCP_Plugin_Manager $pluginManager, $type = 'login') { /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); $this->sessionId = session_id(); $this->type = $type; $this->ipAddr = getIpAddr(); if ($type == 'login') { $this->maxAttempts = $cfg['BRUTEFORCE_MAX_LOGIN']; } elseif ($type == 'captcha') { $this->maxAttempts = $cfg['BRUTEFORCE_MAX_CAPTCHA']; } else { throw new iMSCP_Plugin_Exception(tr('Unknown bruteforce detection type: %s', $type)); } $this->blockTime = $cfg['BRUTEFORCE_BLOCK_TIME']; $this->waitTime = $cfg['BRUTEFORCE_BETWEEN_TIME']; $this->maxAttemptsBeforeWait = $cfg['BRUTEFORCE_MAX_ATTEMPTS_BEFORE_WAIT']; $this->unblock(); parent::__construct($pluginManager); }
/** * Writes a log message in the database and notify administrator if needed * * @param string $msg Message * @param int $logLevel Log level * @return void */ function write_log($msg, $logLevel = E_USER_WARNING) { if (defined('IMSCP_SETUP')) { return; } $cfg = iMSCP_Registry::get('config'); $clientIp = getIpAddr() ? getIpAddr() : 'unknown'; $msg = replace_html($msg . '<br><small>User IP: ' . $clientIp . '</small>'); exec_query('INSERT INTO `log` (`log_time`,`log_message`) VALUES(NOW(), ?)', $msg); if (!isset($cfg['DEFAULT_ADMIN_ADDRESS']) || $cfg['DEFAULT_ADMIN_ADDRESS'] == '' || $logLevel > $cfg['LOG_LEVEL']) { return; } $msg = strip_tags(preg_replace('/<br\\s*\\/?>/', "\n", $msg)); $hostname = isset($cfg['SERVER_HOSTNAME']) ? $cfg['SERVER_HOSTNAME'] : 'unknown'; $baseServerIp = isset($cfg['BASE_SERVER_PUBLIC_IP']) ? $cfg['BASE_SERVER_PUBLIC_IP'] : 'unknown'; $version = isset($cfg['Version']) ? $cfg['Version'] : 'unknown'; $buildDate = !empty($cfg['BuildDate']) ? $cfg['BuildDate'] : 'unavailable'; $subject = "i-MSCP {$version} on {$hostname} ({$baseServerIp})"; if ($logLevel == E_USER_NOTICE) { $severity = 'Notice (You can ignore this message)'; } elseif ($logLevel == E_USER_WARNING) { $severity = 'Warning'; } elseif ($logLevel == E_USER_ERROR) { $severity = 'Error'; } else { $severity = 'Unknown'; } $message = <<<AUTO_LOG_MSG i-MSCP Log Server : {$hostname} ({$baseServerIp}) Version: {$version} Build : {$buildDate} Message severity: {$severity} Message: ----------------[BEGIN]-------------------------- {$msg} Message: ----------------[END]---------------------------- _________________________ i-MSCP Log Mailer Note: If you want no longer receive messages for this log level, you can change it via the settings page. AUTO_LOG_MSG; $headers = "From: \"i-MSCP Logging Mailer\" <" . $cfg['DEFAULT_ADMIN_ADDRESS'] . ">\n"; $headers .= "MIME-Version: 1.0\nContent-Type: text/plain; charset=utf-8\n"; $headers .= "Content-Transfer-Encoding: 7bit\n"; $headers .= "X-Mailer: i-MSCP Mailer"; mail($cfg['DEFAULT_ADMIN_ADDRESS'], $subject, $message, $headers); }