gitlabFork/ISPConfig3.git - Solinfo Gitblit

Marius Burkard

2016-04-20 4569cae57f127afd093794310ccd290d2d9fdf36

commit \| author \| age
6fa2f1	1	<?php
T	2
	3	/*
44d2a7	4	Copyright (c) 2007 - 2009, Till Brehm, projektfarm Gmbh
6fa2f1	5	All rights reserved.
T	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
8cf78b	31	//* Enable gzip compression for the interface
T	32	ob_start('ob_gzhandler');
	33
	34	//* Set timezone
	35	if(isset($conf['timezone']) && $conf['timezone'] != '') date_default_timezone_set($conf['timezone']);
	36
	37	//* Set error reporting level when we are not on a developer system
	38	if(DEVSYSTEM == 0) {
	39	@ini_set('error_reporting', E_ALL & ~E_NOTICE & ~E_DEPRECATED);
	40	}
	41
6fa2f1	42	/*
T	43	Application Class
	44	*/
	45	class app {
	46
	47	private $_language_inc = 0;
	48	private $_wb;
	49	private $_loaded_classes = array();
	50	private $_conf;
cb1221	51	private $_security_config;
357679	52
MC	53	public $loaded_plugins = array();
6fa2f1	54
ae3a8a	55	public function __construct() {
6fa2f1	56	global $conf;
ae3a8a	57
6fa2f1	58	if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']) \|\| isset($_REQUEST['s']) \|\| isset($_REQUEST['s_old']) \|\| isset($_REQUEST['conf'])) {
T	59	die('Internal Error: var override attempt detected');
	60	}
357679	61
6fa2f1	62	$this->_conf = $conf;
T	63	if($this->_conf['start_db'] == true) {
	64	$this->load('db_'.$this->_conf['db_type']);
	65	$this->db = new db;
	66	}
ae3a8a	67
6fa2f1	68	//* Start the session
T	69	if($this->_conf['start_session'] == true) {
7fe908	70
a2d572	71	$this->uses('session');
e20f18	72	$sess_timeout = $this->conf('interface', 'session_timeout');
97f28b	73	$cookie_domain = (isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HTTP_HOST']);
ca9ac3	74
TB	75	// Workaround for Nginx servers
	76	if($cookie_domain == '_') {
	77	$tmp = explode(':',$_SERVER["HTTP_HOST"]);
	78	$cookie_domain = $tmp[0];
	79	unset($tmp);
	80	}
97f28b	81	$cookie_secure = ($_SERVER["HTTPS"] == 'on')?true:false;
e20f18	82	if($sess_timeout) {
de0256	83	/* check if user wants to stay logged in */
MC	84	if(isset($_POST['s_mod']) && isset($_POST['s_pg']) && $_POST['s_mod'] == 'login' && $_POST['s_pg'] == 'index' && isset($_POST['stay']) && $_POST['stay'] == '1') {
	85	/* check if staying logged in is allowed */
9540ba	86	$this->uses('ini_parser');
TB	87	$tmp = $this->db->queryOneRecord('SELECT config FROM sys_ini WHERE sysini_id = 1');
	88	$tmp = $this->ini_parser->parse_ini_string(stripslashes($tmp['config']));
de0256	89	if(!isset($tmp['misc']['session_allow_endless']) \|\| $tmp['misc']['session_allow_endless'] != 'y') {
e20f18	90	$this->session->set_timeout($sess_timeout);
97f28b	91	session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
de0256	92	} else {
MC	93	// we are doing login here, so we need to set the session data
	94	$this->session->set_permanent(true);
97f28b	95	$this->session->set_timeout(365 * 24 * 3600,'/',$cookie_domain,$cookie_secure,true); // one year
TB	96	session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
de0256	97	}
MC	98	} else {
e20f18	99	$this->session->set_timeout($sess_timeout);
97f28b	100	session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
de0256	101	}
a2d572	102	} else {
97f28b	103	session_set_cookie_params(0,'/',$cookie_domain,$cookie_secure,true); // until browser is closed
c951bb	104	}
MC	105
7fe908	106	session_set_save_handler( array($this->session, 'open'),
MC	107	array($this->session, 'close'),
	108	array($this->session, 'read'),
	109	array($this->session, 'write'),
	110	array($this->session, 'destroy'),
	111	array($this->session, 'gc'));
	112
6fa2f1	113	session_start();
a2d572	114
6fa2f1	115	//* Initialize session variables
T	116	if(!isset($_SESSION['s']['id']) ) $_SESSION['s']['id'] = session_id();
	117	if(empty($_SESSION['s']['theme'])) $_SESSION['s']['theme'] = $conf['theme'];
	118	if(empty($_SESSION['s']['language'])) $_SESSION['s']['language'] = $conf['language'];
	119	}
ae3a8a	120
7fe908	121	$this->uses('functions'); // we need this before all others!
cb1221	122	$this->uses('auth,plugin,ini_parser,getconf');
TB	123
6fa2f1	124	}
7fe908	125
357679	126	public function __get($prop) {
MC	127	if(property_exists($this, $prop)) return $this->{$prop};
	128
	129	$this->uses($prop);
	130	if(property_exists($this, $prop)) return $this->{$prop};
	131	else return null;
	132	}
	133
b55e2b	134	public function __destruct() {
T	135	session_write_close();
	136	}
6fa2f1	137
ae3a8a	138	public function uses($classes) {
V	139	$cl = explode(',', $classes);
6fa2f1	140	if(is_array($cl)) {
ae3a8a	141	foreach($cl as $classname) {
6fa2f1	142	$classname = trim($classname);
ae3a8a	143	//* Class is not loaded so load it
357679	144	if(!array_key_exists($classname, $this->_loaded_classes) && is_file(ISPC_CLASS_PATH."/$classname.inc.php")) {
7fe908	145	include_once ISPC_CLASS_PATH."/$classname.inc.php";
6fa2f1	146	$this->$classname = new $classname();
T	147	$this->_loaded_classes[$classname] = true;
	148	}
	149	}
	150	}
	151	}
	152
ae3a8a	153	public function load($files) {
6fa2f1	154	$fl = explode(',', $files);
T	155	if(is_array($fl)) {
ae3a8a	156	foreach($fl as $file) {
6fa2f1	157	$file = trim($file);
7fe908	158	include_once ISPC_CLASS_PATH."/$file.inc.php";
6fa2f1	159	}
T	160	}
	161	}
e20f18	162
MC	163	public function conf($plugin, $key, $value = null) {
	164	if(is_null($value)) {
cc7a82	165	$tmpconf = $this->db->queryOneRecord("SELECT `value` FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
e20f18	166	if($tmpconf) return $tmpconf['value'];
MC	167	else return null;
	168	} else {
	169	if($value === false) {
cc7a82	170	$this->db->query("DELETE FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
e20f18	171	return null;
MC	172	} else {
cc7a82	173	$this->db->query("REPLACE INTO `sys_config` (`group`, `name`, `value`) VALUES (?, ?, ?)", $plugin, $key, $value);
e20f18	174	return $value;
MC	175	}
	176	}
	177	}
6fa2f1	178
T	179	/** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */
7fe908	180
MC	181
ae3a8a	182	public function log($msg, $priority = 0) {
da1da4	183	global $conf;
6fa2f1	184	if($priority >= $this->_conf['log_priority']) {
da1da4	185	// $server_id = $conf["server_id"];
T	186	$server_id = 0;
65ea2e	187	$priority = $this->functions->intval($priority);
da1da4	188	$tstamp = time();
cc7a82	189	$msg = '[INTERFACE]: '.$msg;
MC	190	$this->db->query("INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES (?, 0, ?, ?, ?)", $server_id, $priority,$tstamp,$msg);
da1da4	191	/*
6fa2f1	192	if (is_writable($this->_conf['log_file'])) {
T	193	if (!$fp = fopen ($this->_conf['log_file'], 'a')) {
	194	$this->error('Unable to open logfile.');
	195	}
	196	if (!fwrite($fp, date('d.m.Y-H:i').' - '. $msg."\r\n")) {
	197	$this->error('Unable to write to logfile.');
	198	}
	199	fclose($fp);
	200	} else {
	201	$this->error('Unable to write to logfile.');
	202	}
da1da4	203	*/
ae3a8a	204	}
V	205	}
6fa2f1	206
ae3a8a	207	/** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */
V	208	public function error($msg, $next_link = '', $stop = true, $priority = 1) {
6fa2f1	209	//$this->uses("error");
T	210	//$this->error->message($msg, $priority);
ae3a8a	211	if($stop == true) {
903ede	212	/*
V	213	* We always have a error. So it is better not to use any more objects like
	214	* the template or so, because we don't know why the error occours (it could be, that
	215	* the error occours in one of these objects..)
	216	*/
	217	/*
	218	* Use the template inside the user-template - Path. If it is not found, fallback to the
	219	* default-template (the "normal" behaviour of all template - files)
	220	*/
	221	if (file_exists(dirname(__FILE__) . '/../web/themes/' . $_SESSION['s']['theme'] . '/templates/error.tpl.htm')) {
	222	$content = file_get_contents(dirname(__FILE__) . '/../web/themes/' . $_SESSION['s']['theme'] . '/templates/error.tpl.htm');
	223	} else {
	224	$content = file_get_contents(dirname(__FILE__) . '/../web/themes/default/templates/error.tpl.htm');
	225	}
6fa2f1	226	if($next_link != '') $msg .= '<a href="'.$next_link.'">Next</a>';
ae3a8a	227	$content = str_replace('###ERRORMSG###', $msg, $content);
V	228	die($content);
6fa2f1	229	} else {
T	230	echo $msg;
	231	if($next_link != '') echo "<a href='$next_link'>Next</a>";
	232	}
	233	}
	234
ae3a8a	235	/** Translates strings in current language */
V	236	public function lng($text) {
c161ea	237	global $conf;
6fa2f1	238	if($this->_language_inc != 1) {
e83dd1	239	$language = (isset($_SESSION['s']['language']))?$_SESSION['s']['language']:$conf['language'];
2eff06	240	//* loading global Wordbook
e83dd1	241	$this->load_language_file('lib/lang/'.$language.'.lng');
2eff06	242	//* Load module wordbook, if it exists
e83dd1	243	if(isset($_SESSION['s']['module']['name'])) {
T	244	$lng_file = 'web/'.$_SESSION['s']['module']['name'].'/lib/lang/'.$language.'.lng';
1ca823	245	if(!file_exists(ISPC_ROOT_PATH.'/'.$lng_file)) $lng_file = '/web/'.$_SESSION['s']['module']['name'].'/lib/lang/en.lng';
44d2a7	246	$this->load_language_file($lng_file);
6fa2f1	247	}
T	248	$this->_language_inc = 1;
ae3a8a	249	}
86e699	250	if(isset($this->_wb[$text]) && $this->wb[$text] !== '') {
6fa2f1	251	$text = $this->_wb[$text];
ef3719	252	} else {
T	253	if($this->_conf['debug_language']) {
	254	$text = '#'.$text.'#';
	255	}
6fa2f1	256	}
T	257	return $text;
	258	}
ae3a8a	259
44d2a7	260	//** Helper function to load the language files.
T	261	public function load_language_file($filename) {
	262	$filename = ISPC_ROOT_PATH.'/'.$filename;
7fe908	263	if(substr($filename, -4) != '.lng') $this->error('Language file has wrong extension.');
44d2a7	264	if(file_exists($filename)) {
7fe908	265	@include $filename;
44d2a7	266	if(is_array($wb)) {
T	267	if(is_array($this->_wb)) {
7fe908	268	$this->_wb = array_merge($this->_wb, $wb);
44d2a7	269	} else {
T	270	$this->_wb = $wb;
	271	}
	272	}
	273	}
	274	}
6fa2f1	275
ae3a8a	276	public function tpl_defaults() {
6fa2f1	277	$this->tpl->setVar('app_title', $this->_conf['app_title']);
b09c9a	278	if(isset($_SESSION['s']['user'])) {
T	279	$this->tpl->setVar('app_version', $this->_conf['app_version']);
7fe908	280	// get pending datalog changes
MC	281	$datalog = $this->db->datalogStatus();
	282	$this->tpl->setVar('datalog_changes_txt', $this->lng('datalog_changes_txt'));
	283	$this->tpl->setVar('datalog_changes_end_txt', $this->lng('datalog_changes_end_txt'));
	284	$this->tpl->setVar('datalog_changes_count', $datalog['count']);
	285	$this->tpl->setLoop('datalog_changes', $datalog['entries']);
b09c9a	286	} else {
T	287	$this->tpl->setVar('app_version', '');
	288	}
6fa2f1	289	$this->tpl->setVar('app_link', $this->_conf['app_link']);
02bf99	290	/*
ae3a8a	291	if(isset($this->_conf['app_logo']) && $this->_conf['app_logo'] != '' && @is_file($this->_conf['app_logo'])) {
6fa2f1	292	$this->tpl->setVar('app_logo', '<img src="'.$this->_conf['app_logo'].'">');
T	293	} else {
	294	$this->tpl->setVar('app_logo', ' ');
	295	}
02bf99	296	*/
T	297	$this->tpl->setVar('app_logo', $this->_conf['logo']);
6fa2f1	298
T	299	$this->tpl->setVar('phpsessid', session_id());
	300
	301	$this->tpl->setVar('theme', $_SESSION['s']['theme']);
	302	$this->tpl->setVar('html_content_encoding', $this->_conf['html_content_encoding']);
	303
	304	$this->tpl->setVar('delete_confirmation', $this->lng('delete_confirmation'));
ae3a8a	305	//print_r($_SESSION);
6fa2f1	306	if(isset($_SESSION['s']['module']['name'])) {
T	307	$this->tpl->setVar('app_module', $_SESSION['s']['module']['name']);
	308	}
	309	if(isset($_SESSION['s']['user']) && $_SESSION['s']['user']['typ'] == 'admin') {
	310	$this->tpl->setVar('is_admin', 1);
	311	}
	312	if(isset($_SESSION['s']['user']) && $this->auth->has_clients($_SESSION['s']['user']['userid'])) {
	313	$this->tpl->setVar('is_reseller', 1);
	314	}
955391	315	/* Show username */
V	316	if(isset($_SESSION['s']['user'])) {
	317	$this->tpl->setVar('cpuser', $_SESSION['s']['user']['username']);
8cf78b	318	$this->tpl->setVar('logout_txt', $this->lng('logout_txt'));
5c4200	319	/* Show search field only for normal users, not mail users */
7fe908	320	if(stristr($_SESSION['s']['user']['username'], '@')){
5c4200	321	$this->tpl->setVar('usertype', 'mailuser');
F	322	} else {
	323	$this->tpl->setVar('usertype', 'normaluser');
	324	}
955391	325	}
7fe908	326
59118c	327	/* Global Search */
F	328	$this->tpl->setVar('globalsearch_resultslimit_of_txt', $this->lng('globalsearch_resultslimit_of_txt'));
	329	$this->tpl->setVar('globalsearch_resultslimit_results_txt', $this->lng('globalsearch_resultslimit_results_txt'));
	330	$this->tpl->setVar('globalsearch_noresults_text_txt', $this->lng('globalsearch_noresults_text_txt'));
	331	$this->tpl->setVar('globalsearch_noresults_limit_txt', $this->lng('globalsearch_noresults_limit_txt'));
	332	$this->tpl->setVar('globalsearch_searchfield_watermark_txt', $this->lng('globalsearch_searchfield_watermark_txt'));
ae3a8a	333	}
V	334
6fa2f1	335	} // end class
T	336
	337	//** Initialize application (app) object
	338	//* possible future = new app($conf);
	339	$app = new app();
	340
cb1221	341	// load and enable PHP Intrusion Detection System (PHPIDS)
TB	342	$ids_security_config = $app->getconf->get_security_config('ids');
	343
	344	if(is_dir(ISPC_CLASS_PATH.'/IDS') && $ids_security_config['ids_enabled'] == 'yes') {
	345	$app->uses('ids');
	346	$app->ids->start();
	347	}
	348	unset($ids_security_config);
	349
f5b0ca	350	?>