RELEASE 1.1.0.2
This commit is contained in:
Deon George
204
lib/common.php
204
lib/common.php
@@ -1,23 +1,33 @@
|
||||
<?php
|
||||
// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/common.php,v 1.80 2007/12/15 07:50:32 wurley Exp $
|
||||
// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/common.php,v 1.80.2.7 2007/12/30 02:05:16 wurley Exp $
|
||||
|
||||
/**
|
||||
* Contains code to be executed at the top of each phpLDAPadmin page.
|
||||
* Contains code to be executed at the top of each application page.
|
||||
* include this file at the top of every PHP file.
|
||||
*
|
||||
* This file will "pre-initialise" a PLA environment so that any PHP file will have a consistent
|
||||
* environment with other PLA PHP files.
|
||||
* This file will "pre-initialise" an application environment so that any PHP file will have a consistent
|
||||
* environment with other application PHP files.
|
||||
*
|
||||
* This code WILL NOT check that all required functions are usable/readable, etc. This process has
|
||||
* been moved to index.php (which really is only called once when a browser hits PLA for the first time).
|
||||
* been moved to index.php (which really is only called once when a browser hits the application for the first time).
|
||||
*
|
||||
* The list of ADDITIONAL function files is now defined in functions.php.
|
||||
*
|
||||
* @package phpLDAPadmin
|
||||
*/
|
||||
|
||||
# Catch any scripts that are called directly.
|
||||
foreach (array('cmd.php','index.php','view_jpeg_photo.php','entry_chooser.php','password_checker.php', 'download_binary_attr.php') as $script) {
|
||||
# The index we will store our config in $_SESSION
|
||||
define('APPCONFIG','plaConfig');
|
||||
|
||||
/**
|
||||
* Catch any scripts that are called directly.
|
||||
* If they are called directly, then they should be routed back through index.php
|
||||
*/
|
||||
$app['direct_scripts'] = array('cmd.php','index.php',
|
||||
'view_jpeg_photo.php','entry_chooser.php',
|
||||
'password_checker.php','download_binary_attr.php');
|
||||
|
||||
foreach ($app['direct_scripts'] as $script) {
|
||||
$scriptOK = false;
|
||||
|
||||
if (preg_match('/'.$script.'$/',$_SERVER['SCRIPT_NAME'])) {
|
||||
@@ -27,7 +37,7 @@ foreach (array('cmd.php','index.php','view_jpeg_photo.php','entry_chooser.php','
|
||||
}
|
||||
|
||||
if (! $scriptOK) {
|
||||
if ($_REQUEST['server_id'])
|
||||
if (isset($_REQUEST['server_id']))
|
||||
header(sprintf('Location: index.php?server_id=%s',$_REQUEST['server_id']));
|
||||
else
|
||||
header('Location: index.php');
|
||||
@@ -35,7 +45,7 @@ if (! $scriptOK) {
|
||||
}
|
||||
|
||||
/**
|
||||
* Timer stopwatch, used to instrument PLA
|
||||
* Timer stopwatch, used to instrument the application
|
||||
*/
|
||||
if (! function_exists('stopwatch')) {
|
||||
function stopwatch() {
|
||||
@@ -55,15 +65,19 @@ if (! function_exists('stopwatch')) {
|
||||
}
|
||||
}
|
||||
|
||||
# For compatability - if common has been sourced, then return to the calling script.
|
||||
# For compatability - if common has been sourced a second time, then return to the calling script.
|
||||
} else {
|
||||
return;
|
||||
}
|
||||
|
||||
if (function_exists('date_default_timezone_set'))
|
||||
# Set the defualt time zone, if it isnt set in php.ini
|
||||
if (function_exists('date_default_timezone_set') && ! ini_get('date.timezone'))
|
||||
date_default_timezone_set('UTC');
|
||||
|
||||
# Start out instrumentation
|
||||
$timer = stopwatch();
|
||||
|
||||
# If we are called from index.php, LIBDIR will be set, all other calls to common.php dont need to set it.
|
||||
if (! defined('LIBDIR'))
|
||||
define('LIBDIR','../lib/');
|
||||
|
||||
@@ -74,112 +88,86 @@ if (! defined('E_STRICT'))
|
||||
# General functions needed to proceed.
|
||||
ob_start();
|
||||
require_once realpath(LIBDIR.'functions.php');
|
||||
if (ob_get_level()) ob_end_clean();
|
||||
if (ob_get_level())
|
||||
ob_end_clean();
|
||||
|
||||
/* Turn on all notices and warnings. This helps us write cleaner code (we hope at least)
|
||||
/**
|
||||
* Turn on all notices and warnings. This helps us write cleaner code (we hope at least)
|
||||
* Our custom error handler receives all error notices that pass the error_reporting()
|
||||
* level set above.
|
||||
*/
|
||||
set_error_handler('pla_error_handler');
|
||||
|
||||
# Call our custom defined error handler, if it is defined in functions.php
|
||||
if (function_exists('pla_error_handler'))
|
||||
set_error_handler('pla_error_handler');
|
||||
|
||||
# Disable error reporting until all our required functions are loaded.
|
||||
error_reporting(0);
|
||||
|
||||
/*
|
||||
* functions.php should have defined our pla_function_files array, listing all our
|
||||
/**
|
||||
* functions.php should have defined our $app['function_files'] array, listing all our
|
||||
* required functions (order IS important).
|
||||
* index.php should have checked they exist and are usable - we'll assume that the user
|
||||
* has been via index.php, and fixed any problems already.
|
||||
*/
|
||||
ob_start();
|
||||
foreach ($pla_function_files as $file_name) {
|
||||
require_once realpath ($file_name);
|
||||
}
|
||||
if (isset($app['function_files']) && is_array($app['function_files']))
|
||||
foreach ($app['function_files'] as $file_name) {
|
||||
require_once realpath ($file_name);
|
||||
}
|
||||
|
||||
# Now read in config_default.php
|
||||
require_once realpath(LIBDIR.'config_default.php');
|
||||
if (ob_get_level()) ob_end_clean();
|
||||
if (ob_get_level())
|
||||
ob_end_clean();
|
||||
|
||||
# We are now ready for error reporting.
|
||||
error_reporting(E_ALL);
|
||||
|
||||
# Start our session.
|
||||
pla_session_start();
|
||||
|
||||
# Check we have the correct version of the SESSION cache
|
||||
if (isset($_SESSION['cache'])) {
|
||||
if (!is_array($_SESSION[pla_session_id_init])) $_SESSION[pla_session_id_init] = array();
|
||||
|
||||
if (!isset($_SESSION[pla_session_id_init]['version']) || !isset($_SESSION[pla_session_id_init]['config'])
|
||||
|| $_SESSION[pla_session_id_init]['version'] !== pla_version()
|
||||
|| $_SESSION[pla_session_id_init]['config'] != filemtime(CONFDIR.'config.php')) {
|
||||
|
||||
$_SESSION[pla_session_id_init]['version'] = pla_version();
|
||||
$_SESSION[pla_session_id_init]['config'] = filemtime(CONFDIR.'config.php');
|
||||
|
||||
unset($_SESSION['cache']);
|
||||
unset($_SESSION['plaConfig']);
|
||||
|
||||
# Our configuration information has changed, so we'll redirect to index.php to get it reloaded again.
|
||||
system_message(array(
|
||||
'title'=>_('Configuration cache stale.'),
|
||||
'body'=>_('Your configuration has been automatically refreshed.'),
|
||||
'type'=>'info'));
|
||||
|
||||
$config_file = CONFDIR.'config.php';
|
||||
check_config($config_file);
|
||||
|
||||
} else {
|
||||
# Sanity check, specially when upgrading from a previous release.
|
||||
foreach (array_keys($_SESSION['cache']) as $id)
|
||||
if (isset($_SESSION['cache'][$id]['tree']['null']) && ! is_object($_SESSION['cache'][$id]['tree']['null']))
|
||||
unset($_SESSION['cache'][$id]);
|
||||
}
|
||||
}
|
||||
|
||||
# If we came via index.php, then set our $config.
|
||||
if (! isset($_SESSION['plaConfig']) && isset($config))
|
||||
$_SESSION['plaConfig'] = $config;
|
||||
|
||||
# If we get here, and plaConfig is not set, then redirect the user to the index.
|
||||
if (! isset($_SESSION['plaConfig'])) {
|
||||
header('Location: index.php');
|
||||
# If we get here, and $_SESSION[APPCONFIG] is not set, then redirect the user to the index.
|
||||
if (! isset($_SESSION[APPCONFIG])) {
|
||||
if (isset($_REQUEST['server_id']))
|
||||
header(sprintf('Location: index.php?server_id=%s',$_REQUEST['server_id']));
|
||||
else
|
||||
header('Location: index.php');
|
||||
die();
|
||||
|
||||
} else {
|
||||
# Check our custom variables.
|
||||
# @todo: Change this so that we dont process a cached session.
|
||||
$_SESSION['plaConfig']->CheckCustom();
|
||||
$_SESSION[APPCONFIG]->CheckCustom();
|
||||
}
|
||||
|
||||
# If we are here, $_SESSION is set - so enabled DEBUGing if it has been configured.
|
||||
if (($_SESSION['plaConfig']->GetValue('debug','syslog') || $_SESSION['plaConfig']->GetValue('debug','file'))
|
||||
&& $_SESSION['plaConfig']->GetValue('debug','level'))
|
||||
if (($_SESSION[APPCONFIG]->GetValue('debug','syslog') || $_SESSION[APPCONFIG]->GetValue('debug','file'))
|
||||
&& $_SESSION[APPCONFIG]->GetValue('debug','level'))
|
||||
define('DEBUG_ENABLED',1);
|
||||
else
|
||||
define('DEBUG_ENABLED',0);
|
||||
|
||||
# Since DEBUG_ENABLED is set later, as $config may not be set, we'll
|
||||
if (DEBUG_ENABLED)
|
||||
debug_log('PLA (%s) initialised and starting with (%s).',1,pla_version(),$_REQUEST);
|
||||
debug_log('Application (%s) initialised and starting with (%s).',1,__FILE__,__LINE__,__METHOD__,
|
||||
pla_version(),$_REQUEST);
|
||||
|
||||
# Set our PHP timelimit.
|
||||
if ($_SESSION['plaConfig']->GetValue('session','timelimit'))
|
||||
set_time_limit($_SESSION['plaConfig']->GetValue('session','timelimit'));
|
||||
if ($_SESSION[APPCONFIG]->GetValue('session','timelimit'))
|
||||
set_time_limit($_SESSION[APPCONFIG]->GetValue('session','timelimit'));
|
||||
|
||||
# If debug mode is set, increase the time_limit, since we probably need it.
|
||||
if (DEBUG_ENABLED && $_SESSION['plaConfig']->GetValue('session','timelimit'))
|
||||
set_time_limit($_SESSION['plaConfig']->GetValue('session','timelimit') * 5);
|
||||
if (DEBUG_ENABLED && $_SESSION[APPCONFIG]->GetValue('session','timelimit'))
|
||||
set_time_limit($_SESSION[APPCONFIG]->GetValue('session','timelimit') * 5);
|
||||
|
||||
# @todo: Change this so that we dont process a cached session.
|
||||
$_SESSION['plaConfig']->friendly_attrs = process_friendly_attr_table();
|
||||
|
||||
/*
|
||||
/**
|
||||
* Language configuration. Auto or specified?
|
||||
* Shall we attempt to auto-determine the language?
|
||||
*/
|
||||
|
||||
$language = $_SESSION['plaConfig']->GetValue('appearance','language');
|
||||
$language = $_SESSION[APPCONFIG]->GetValue('appearance','language');
|
||||
|
||||
if ($language == 'auto') {
|
||||
|
||||
# Make sure their browser correctly reports language. If not, skip this.
|
||||
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
|
||||
|
||||
@@ -201,11 +189,10 @@ if ($language == 'auto') {
|
||||
$HTTP_LANGS = array_unique($HTTP_LANGS);
|
||||
|
||||
foreach ($HTTP_LANGS as $HTTP_LANG) {
|
||||
# Try to grab one after the other the language file
|
||||
$language_file = LANGDIR.$HTTP_LANG;
|
||||
$language_dir = LANGDIR.$HTTP_LANG;
|
||||
|
||||
if ((substr($HTTP_LANG,0,2) == 'en') ||
|
||||
(file_exists($language_file) && is_readable($language_file))) {
|
||||
(file_exists($language_dir) && is_readable($language_dir))) {
|
||||
|
||||
# Set language
|
||||
putenv('LANG='.$HTTP_LANG); # e.g. LANG=de_DE
|
||||
@@ -218,16 +205,16 @@ if ($language == 'auto') {
|
||||
break;
|
||||
}
|
||||
}
|
||||
#todo: Generate an error if language doesnt exist.
|
||||
}
|
||||
|
||||
} else {
|
||||
# Grab the language file configured in config.php
|
||||
#todo: Generate an error if language doesnt exist.
|
||||
if ($language != null) {
|
||||
if (strcmp($language,'english') == 0)
|
||||
$language = 'en_GB';
|
||||
|
||||
$language_file = LANGDIR.$language;
|
||||
|
||||
# Set language
|
||||
putenv('LANG='.$language); # e.g. LANG=de_DE
|
||||
$language .= '.UTF-8';
|
||||
@@ -239,7 +226,7 @@ if ($language == 'auto') {
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
/**
|
||||
* Strip slashes from GET, POST, and COOKIE variables if this
|
||||
* PHP install is configured to automatically addslashes()
|
||||
*/
|
||||
@@ -251,34 +238,43 @@ if (get_magic_quotes_gpc() && (! isset($slashes_stripped) || ! $slashes_stripped
|
||||
$slashes_stripped = true;
|
||||
}
|
||||
|
||||
if (isset($_REQUEST['server_id'])) {
|
||||
$ldapserver = $_SESSION['plaConfig']->ldapservers->Instance($_REQUEST['server_id']);
|
||||
} else {
|
||||
$ldapserver = $_SESSION['plaConfig']->ldapservers->Instance(null);
|
||||
}
|
||||
|
||||
# Test to see if we should log out the user due to the timeout.
|
||||
if ($ldapserver->haveAuthInfo() && $ldapserver->auth_type != 'config') {
|
||||
/* If time out value has been reached:
|
||||
- log out user
|
||||
- put $server_id in array of recently timed out servers */
|
||||
if (session_timed_out($ldapserver)) {
|
||||
$timeout_url = 'cmd.php?cmd=timeout&server_id='.$ldapserver->server_id;
|
||||
echo '<script type="text/javascript" language="javascript">location.href=\''.$timeout_url.'\'</script>';
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Update $_SESSION['activity']
|
||||
* for timeout and automatic logout feature
|
||||
/**
|
||||
* Create our application repository variable.
|
||||
*/
|
||||
if ($ldapserver->haveAuthInfo())
|
||||
set_lastactivity($ldapserver);
|
||||
if (isset($_REQUEST['server_id'])) {
|
||||
$ldapserver = $_SESSION[APPCONFIG]->ldapservers->Instance($_REQUEST['server_id']);
|
||||
} else {
|
||||
if (isset($_SESSION[APPCONFIG]->ldapservers) && is_object($_SESSION[APPCONFIG]->ldapservers))
|
||||
$ldapserver = $_SESSION[APPCONFIG]->ldapservers->Instance(null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Look/evaluate our timeout
|
||||
*/
|
||||
if (isset($ldapserver) && is_object($ldapserver) && method_exists($ldapserver,'haveAuthInfo')) {
|
||||
if ($ldapserver->haveAuthInfo() && isset($ldapserver->auth_type) && $ldapserver->auth_type != 'config') {
|
||||
/**
|
||||
* If time out value has been reached:
|
||||
* - log out user
|
||||
* - put $server_id in array of recently timed out servers
|
||||
*/
|
||||
if (function_exists('session_timed_out') && session_timed_out($ldapserver)) {
|
||||
$app['url_timeout'] = sprintf('cmd.php?cmd=timeout&server_id=%s',$_REQUEST['server_id']);
|
||||
printf('<script type="text/javascript" language="javascript">location.href=\'%s\'</script>',
|
||||
htmlspecialchars($app['url_timeout']));
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
||||
# Update $_SESSION['activity'] for timeout and automatic logout feature
|
||||
if ($ldapserver->haveAuthInfo() && function_exists('set_lastactivity'))
|
||||
set_lastactivity($ldapserver);
|
||||
}
|
||||
|
||||
/**
|
||||
* At this point we have read all our additional function PHP files and our configuration.
|
||||
* If we are using hooks, run the session_init hook.
|
||||
*/
|
||||
run_hook('post_session_init',array());
|
||||
|
||||
if (function_exists('run_hook'))
|
||||
run_hook('post_session_init',array());
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user