source: trunk/FACT++/www/smartfact/index.php@ 16336

Last change on this file since 16336 was 15164, checked in by tbretz, 12 years ago
Added missing output of user name in case of a successfull login (how did it disappear?)
File size: 7.2 KB
Line 
1<?PHP
2
3require_once("config.php");
4
5function escape($msg)
6{
7 $msg = str_replace("\\", "\\\\", $msg);
8 $msg = str_replace('\"', '\"', $msg);
9 return $msg;
10}
11
12function login()
13{
14 global $ldaphost;
15 global $baseDN;
16 global $groupDN;
17
18 $username = $_SERVER['PHP_AUTH_USER'];
19 $password = $_SERVER['PHP_AUTH_PW'];
20
21 $con = @ldap_connect($ldaphost);
22 if (!$con)
23 return "ldap_connect failed to ".$ldaphost;
24
25 //------------------ Look for user common name
26 $attributes = array('cn', 'mail');
27 $dn = 'ou=People,'.$baseDN;
28 $filter = '(uid='.$username.')';
29
30 $sr = @ldap_search($con, $dn, $filter, $attributes);
31 if (!$sr)
32 return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
33
34 $srData = @ldap_get_entries($con, $sr);
35 if ($srData["count"]==0)
36 return "No results returned by ldap_get_entries for dn=".$dn.".";
37
38 $email =$srData[0]['mail'][0];
39 $userCommonName=$srData[0]['cn'][0];
40 $userDN =$srData[0]['dn'];
41
42 //------------------ Authenticate user
43 if (!@ldap_bind($con, $userDN, $password))
44 return "ldap_bind failed: ".ldap_error($con);
45
46 //------------------ Check if the user is in FACT ldap group
47 $attributes= array("member");
48 $filter= '(objectClass=*)';
49
50 // Get all members of the group.
51 $sr = @ldap_read($con, $groupDN, $filter, $attributes);
52 if (!$sr)
53 return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
54
55 // retrieve the corresponding data
56 $srData = @ldap_get_entries($con, $sr);
57 if ($srData["count"]==0)
58 return "No results returned by ldap_get_entries for dn=".$dn.".";
59
60 @ldap_unbind($con);
61
62 $found = false;
63 foreach ($srData[0]['member'] as $member)
64 if (strpos($member, "cn=".$userCommonName.",")===0)
65 return "";
66
67 return "Sorry, your credentials don't match!";
68}
69// --------------------------------------------------------------------
70
71if (isset($_GET['load']))
72{
73 require_once('log/Browscap.php');
74
75 $d = date("Y/m");
76
77 $path = "log/".$d;
78
79 if (!file_exists("log/cache"))
80 mkdir("log/cache", 0777, true);
81
82 if (!file_exists($path))
83 mkdir($path, 0777, true);
84
85 $addr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
86 $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : "";
87 $dns = gethostbyaddr($addr);
88
89 $bcap = new phpbrowscap\Browscap('log/cache');
90 $info = $bcap->getBrowser();
91
92 $file = fopen($path."/smartfact.log", "a");
93 fwrite($file,
94 date("Y-m-d H:i:s\t").$addr.
95 "\t".$info->Platform.
96 "\t".$info->Browser.
97 "\t".$info->Version.
98 "\t".($info->isMobileDevice?"mobile":"").
99 "\t".$user.
100 "\t".$dns."\n");
101 fclose($file);
102
103 // http://ip-address-lookup-v4.com/ip/92.205.118.219
104
105 print($user);
106
107 return;
108}
109
110if (isset($_GET['sourcelist']))
111{
112 $server = mysql_connect($dbhost, $dbuser, $dbpass);
113 if (!$server)
114 die(mysql_error());
115
116 if (!mysql_select_db($dbname, $server))
117 die(mysql_error());
118
119 $result = mysql_query("SELECT fSourceName AS name FROM source", $server);
120 if (!$result)
121 die(mysql_error());
122
123
124// var res = db.query("SELECT fSourceName, fRightAscension, fDeclination ",
125// "FROM source");
126
127 // store the record of the "example" table into $row
128
129 // Print out the contents of the entry
130
131 while ($row=mysql_fetch_array($result, MYSQL_NUM))
132 print("'".$row[0]."'\n");
133
134 mysql_close($server);
135
136 return;
137}
138
139if (isset($_GET['source']) && isset($_GET['time']))
140{
141 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
142 $cmd = $path.'/makedata '.escapeshellarg($_GET['source']).' '.escapeshellarg($_GET['time']);
143
144 // Execute
145 passthru($cmd, $str);
146
147 // Logging (mainly for debugging)
148 $d = date("Y/m");
149 $path = "log/".$d;
150 if (!file_exists($path))
151 mkdir($path, 0777, true);
152 $file = fopen($path."/exec.log", "a");
153 fwrite($file, $cmd."\n".$str."\n\n");
154 fclose($file);
155
156 print_r($str);
157
158 return;
159}
160
161if (isset($_GET['logout']))
162{
163 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
164 return;
165
166 return header('HTTP/1.0 401 Successfull logout!');
167}
168
169// --------------------------------------------------------------------
170
171if (!isset($_GET['start']) && !isset($_GET['stop']))
172 return header('HTTP/1.0 400 Command not supported');
173
174// --------------------------------------------------------------------
175
176if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
177{
178 header('WWW-Authenticate: Basic realm="SmartFACT++"');
179 header('HTTP/1.0 401 Unauthorized');
180 return;
181}
182
183$rc = login();
184if ($rc!="")
185 return header('HTTP/1.0 401 '.$rc);
186
187// --------------------------------------------------------------------
188
189$out = array();
190
191if (isset($_GET['stop']))
192 $str = exec($path."/dimctrl --user '".$_SERVER['PHP_AUTH_USER']."' --stop", $out, $rc);
193
194if (isset($_GET['start']))
195{
196 // Filename
197 $script = '"scripts/'.$_GET['start'].'"';
198
199 unset($_GET['start']);
200
201 /*
202 $args = "";
203 foreach ($_GET as $key => $value)
204 $args .= " --arg:".$key."=".$value;
205 $str = exec($path."/dimctrl --exec ".$args, $out, $rc);
206 */
207
208 // Label
209 if (isset($_GET['label']))
210 {
211 if ($_GET['label']>=0)
212 $script .= ":".$_GET['label'];
213 unset($_GET['label']);
214 }
215
216 $msg = "";
217 if (isset($_GET['msg']))
218 {
219 if ($_GET['msg']>=0)
220 $msg = $_GET['msg'];
221 unset($_GET['msg']);
222 }
223
224 // Arguments
225 if (!empty($script) && empty($msg))
226 {
227 //foreach ($_GET as $key => $value)
228 // $args .= ' --arg:"'.$key.'='.escape($value).'"';
229
230 $args = "";
231 foreach ($_GET as $key => $value)
232 $args .= ' "'.$key.'"="'.$value.'"';
233
234 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
235 $cmd = $path.'/dimctrl --user "'.$_SERVER['PHP_AUTH_USER'].'" --start '.escapeshellarg($script.$args);
236
237 // Execute
238 $str = exec($cmd, $out, $rc);
239
240 // Logging (mainly for debugging)
241 $d = date("Y/m");
242 $path = "log/".$d;
243 if (!file_exists($path))
244 mkdir($path, 0777, true);
245 $file = fopen($path."/exec.log", "a");
246 fwrite($file, $cmd."\n".$str."\n\n");
247 fclose($file);
248 }
249
250 if (!empty($msg))
251 {
252 $msg = escape($msg);
253
254 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
255 $cmd = $path.'/dimctrl --user "'.$_SERVER['PHP_AUTH_USER'].'" --msg '.escapeshellarg($msg);
256
257 // Execute
258 $str = exec($cmd, $out, $rc);
259
260 // Logging (mainly for debugging)
261 $d = date("Y/m");
262 $path = "log/".$d;
263 if (!file_exists($path))
264 mkdir($path, 0777, true);
265 $file = fopen($path."/exec.log", "a");
266 fwrite($file, $cmd."\n".$str."\n\n");
267 fclose($file);
268 }
269
270 // -------------------------------------------
271}
272
273if ($rc>1)
274 return header('HTTP/1.0 500 Execution failed [rc='.$rc."]");
275if ($rc==1)
276 return header('HTTP/1.0 500 Sending command failed.');
277
278print($_SERVER['PHP_AUTH_USER']);
279
280if (isset($_GET['debug']))
281{
282 print("\n");
283 print_r($out);
284}
285
286?>
Note: See TracBrowser for help on using the repository browser.