source: trunk/FACT++/www/smartfact/index.php@ 17667

Last change on this file since 17667 was 17378, checked in by tbretz, 11 years ago
When sending an interrupt there was some typo in the array index.
File size: 7.6 KB
Line 
1<?PHP
2
3require_once("config.php");
4
5function escape($msg)
6{
7 $msg = str_replace("\\", "\\\\", $msg);
8 $msg = str_replace('\"', '\"', $msg);
9 return $msg;
10}
11
12function login()
13{
14 global $ldaphost;
15 global $baseDN;
16 global $groupDN;
17
18 $username = $_SERVER['PHP_AUTH_USER'];
19 $password = $_SERVER['PHP_AUTH_PW'];
20
21 $con = @ldap_connect($ldaphost);
22 if (!$con)
23 return "ldap_connect failed to ".$ldaphost;
24
25 //------------------ Look for user common name
26 $attributes = array('cn', 'mail');
27 $dn = 'ou=People,'.$baseDN;
28 $filter = '(uid='.$username.')';
29
30 $sr = @ldap_search($con, $dn, $filter, $attributes);
31 if (!$sr)
32 return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
33
34 $srData = @ldap_get_entries($con, $sr);
35 if ($srData["count"]==0)
36 return "No results returned by ldap_get_entries for dn=".$dn.".";
37
38 $email =$srData[0]['mail'][0];
39 $userCommonName=$srData[0]['cn'][0];
40 $userDN =$srData[0]['dn'];
41
42 //------------------ Authenticate user
43 if (!@ldap_bind($con, $userDN, $password))
44 return "ldap_bind failed: ".ldap_error($con);
45
46 //------------------ Check if the user is in FACT ldap group
47 $attributes= array("member");
48 $filter= '(objectClass=*)';
49
50 // Get all members of the group.
51 $sr = @ldap_read($con, $groupDN, $filter, $attributes);
52 if (!$sr)
53 return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
54
55 // retrieve the corresponding data
56 $srData = @ldap_get_entries($con, $sr);
57 if ($srData["count"]==0)
58 return "No results returned by ldap_get_entries for dn=".$dn.".";
59
60 @ldap_unbind($con);
61
62 $found = false;
63 foreach ($srData[0]['member'] as $member)
64 if (strpos($member, "cn=".$userCommonName.",")===0)
65 return "";
66
67 return "Sorry, your credentials don't match!";
68}
69
70function execute($cmd, $out)
71{
72 // Execute
73 $str = exec($cmd, $out, $rc);
74
75 // Logging (mainly for debugging)
76 $d = date("Y/m");
77 $path = "log/".$d;
78
79 if (!file_exists($path))
80 mkdir($path, 0777, true);
81
82 $file = fopen($path."/exec.log", "a");
83
84 fwrite($file, date("Y-m-d H:i:s.u").": ");
85 fwrite($file, $cmd);
86 fwrite($file, "\n");
87 if ($rc>0)
88 fwrite($file, print_r($out,true)."\n");
89 fwrite($file, "\n");
90
91 fclose($file);
92
93 return $rc;
94}
95
96// --------------------------------------------------------------------
97
98if (isset($_GET['load']))
99{
100 require_once('log/Browscap.php');
101
102 $d = date("Y/m");
103
104 $path = "log/".$d;
105
106 if (!file_exists("log/cache"))
107 mkdir("log/cache", 0777, true);
108
109 if (!file_exists($path))
110 mkdir($path, 0777, true);
111
112 $addr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
113 $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : "";
114 $dns = gethostbyaddr($addr);
115
116 $bcap = new phpbrowscap\Browscap('log/cache');
117 $info = $bcap->getBrowser();
118
119 $file = fopen($path."/smartfact.log", "a");
120 fwrite($file,
121 date("Y-m-d H:i:s\t").$addr.
122 "\t".$info->Platform.
123 "\t".$info->Browser.
124 "\t".$info->Version.
125 "\t".($info->isMobileDevice?"mobile":"").
126 "\t".$user.
127 "\t".$dns."\n");
128 fclose($file);
129
130 // http://ip-address-lookup-v4.com/ip/92.205.118.219
131
132 print($user);
133
134 return;
135}
136
137if (isset($_GET['sourcelist']))
138{
139 $server = mysql_connect($dbhost, $dbuser, $dbpass);
140 if (!$server)
141 die(mysql_error());
142
143 if (!mysql_select_db($dbname, $server))
144 die(mysql_error());
145
146 $result = mysql_query("SELECT fSourceName AS name FROM source", $server);
147 if (!$result)
148 die(mysql_error());
149
150
151// var res = db.query("SELECT fSourceName, fRightAscension, fDeclination ",
152// "FROM source");
153
154 // store the record of the "example" table into $row
155
156 // Print out the contents of the entry
157
158 while ($row=mysql_fetch_array($result, MYSQL_NUM))
159 print("'".$row[0]."'\n");
160
161 mysql_close($server);
162
163 return;
164}
165
166if (isset($_GET['source']) && isset($_GET['time']))
167{
168 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
169 $cmd = $path.'/makedata '.escapeshellarg($_GET['source']).' '.escapeshellarg($_GET['time']);
170
171 // Execute
172 passthru($cmd, $str);
173
174 // Logging (mainly for debugging)
175 $d = date("Y/m");
176 $path = "log/".$d;
177 if (!file_exists($path))
178 mkdir($path, 0777, true);
179 $file = fopen($path."/exec.log", "a");
180 fwrite($file, $cmd."\n".$str."\n\n");
181 fclose($file);
182
183 print_r($str);
184
185 return;
186}
187
188if (isset($_GET['logout']))
189{
190 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
191 return;
192
193 return header('HTTP/1.0 401 Successfull logout!');
194}
195
196// --------------------------------------------------------------------
197
198if (!isset($_GET['start']) && !isset($_GET['stop']) && !isset($_GET['interrupt']))
199 return header('HTTP/1.0 400 Command not supported');
200
201// --------------------------------------------------------------------
202
203if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
204{
205 header('WWW-Authenticate: Basic realm="SmartFACT++"');
206 header('HTTP/1.0 401 Unauthorized');
207 return;
208}
209
210$rc = login();
211if ($rc!="")
212 return header('HTTP/1.0 401 '.$rc);
213
214// --------------------------------------------------------------------
215
216$out = array();
217
218if (isset($_GET['stop']))
219{
220 unset($_GET['stop']);
221
222 $cmd = $path."/dimctrl --no-log --user '".$_SERVER['PHP_AUTH_USER']."' --stop 2>&1";
223
224 $rc = execute($cmd, $out);
225}
226
227if (isset($_GET['start']))
228{
229 // Filename
230 $script = '"scripts/'.$_GET['start'].'"';
231
232 unset($_GET['start']);
233
234 /*
235 $args = "";
236 foreach ($_GET as $key => $value)
237 $args .= " --arg:".$key."=".$value;
238 $str = exec($path."/dimctrl --exec ".$args, $out, $rc);
239 */
240
241 // Label
242 if (isset($_GET['label']))
243 {
244 if ($_GET['label']>=0)
245 $script .= ":".$_GET['label'];
246 unset($_GET['label']);
247 }
248
249 $msg = "";
250 if (isset($_GET['msg']))
251 {
252 $msg = $_GET['msg'];
253 unset($_GET['msg']);
254 }
255
256 // Arguments
257 if (!empty($script) && empty($msg))
258 {
259 //foreach ($_GET as $key => $value)
260 // $args .= ' --arg:"'.$key.'='.escape($value).'"';
261
262 $args = "";
263 foreach ($_GET as $key => $value)
264 $args .= ' "'.$key.'"="'.$value.'"';
265
266 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
267 $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --start '.escapeshellarg($script.$args). " 2>&1";
268
269 $rc = execute($cmd, $out);
270 }
271
272 if (!empty($msg))
273 {
274 $msg = escape($msg);
275
276 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
277 $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --msg '.escapeshellarg($msg)." 2>&1";
278
279 $rc = execute($cmd, $out);
280 }
281
282 // -------------------------------------------
283}
284
285if (isset($_GET['interrupt']))
286{
287 unset($_GET['interrupt']);
288
289 $irq = "";
290 if (isset($_GET['irq']))
291 {
292 $irq = $_GET['irq'];
293 unset($_GET['irq']);
294 }
295
296 $args = "";
297 foreach ($_GET as $key => $value)
298 $args .= ' "'.$key.'"="'.$value.'"';
299
300 $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --interrupt '.escapeshellarg($irq.$args)." 2>&1";
301
302 $rc = execute($cmd, $out);
303}
304
305if ($rc>1)
306 return header('HTTP/1.0 500 Execution failed [rc='.$rc."]");
307if ($rc==1)
308 return header('HTTP/1.0 500 Sending command failed.');
309
310print($_SERVER['PHP_AUTH_USER']);
311
312if (isset($_GET['debug']))
313{
314 print("\n");
315 print_r($out);
316}
317
318?>
Note: See TracBrowser for help on using the repository browser.