source: trunk/FACT++/www/smartfact/index.php@ 14139

Last change on this file since 14139 was 14121, checked in by tbretz, 13 years ago
Added some access logging.
File size: 4.1 KB
Line 
1<?PHP
2
3require_once("config.php");
4
5function login()
6{
7 global $ldaphost;
8 global $baseDN;
9 global $groupDN;
10
11 $username = $_SERVER['PHP_AUTH_USER'];
12 $password = $_SERVER['PHP_AUTH_PW'];
13
14 $con = @ldap_connect($ldaphost);
15 if (!$con)
16 return "ldap_connect failed to ".$ldaphost;
17
18 //------------------ Look for user common name
19 $attributes = array('cn', 'mail');
20 $dn = 'ou=People,'.$baseDN;
21 $filter = '(uid='.$username.')';
22
23 $sr = @ldap_search($con, $dn, $filter, $attributes);
24 if (!$sr)
25 return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
26
27 $srData = @ldap_get_entries($con, $sr);
28 if ($srData["count"]==0)
29 return "No results returned by ldap_get_entries for dn=".$dn.".";
30
31 $email =$srData[0]['mail'][0];
32 $userCommonName=$srData[0]['cn'][0];
33 $userDN =$srData[0]['dn'];
34
35 //------------------ Authenticate user
36 if (!@ldap_bind($con, $userDN, $password))
37 return "ldap_bind failed: ".ldap_error($con);
38
39 //------------------ Check if the user is in FACT ldap group
40 $attributes= array("member");
41 $filter= '(objectClass=*)';
42
43 // Get all members of the group.
44 $sr = @ldap_read($con, $groupDN, $filter, $attributes);
45 if (!$sr)
46 return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
47
48 // retrieve the corresponding data
49 $srData = @ldap_get_entries($con, $sr);
50 if ($srData["count"]==0)
51 return "No results returned by ldap_get_entries for dn=".$dn.".";
52
53 @ldap_unbind($con);
54
55 $found = false;
56 foreach ($srData[0]['member'] as $member)
57 if (strpos($member, "cn=".$userCommonName.",")===0)
58 return "";
59
60 return "Sorry, your credentials don't match!";
61}
62// --------------------------------------------------------------------
63
64if (isset($_GET['load']))
65{
66 $d = date("Y/m");
67
68 $path = "log/".$d;
69
70 if (!file_exists($path))
71 mkdir($path, 0777, true);
72
73 $addr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "-";
74 $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : "-";
75 $dns = gethostbyaddr($addr);
76
77 $file = fopen($path."/smartfact.log", "a");
78 fwrite($file, date("Y/m/d H:i:s ").$addr." ".$dns." ".$user."\n");
79 fclose($file);
80
81 return;
82}
83
84if (isset($_GET['logout']))
85{
86 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
87 return;
88
89 return header('HTTP/1.0 401 Successfull logout!');
90}
91
92// --------------------------------------------------------------------
93
94if (!isset($_GET['start']) && !isset($_GET['stop']))
95 return header('HTTP/1.0 400 Command not supported');
96
97// --------------------------------------------------------------------
98
99if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
100{
101 header('WWW-Authenticate: Basic realm="SmartFACT++"');
102 header('HTTP/1.0 401 Unauthorized');
103 return;
104}
105
106$rc = login();
107if ($rc!="")
108 return header('HTTP/1.0 401 '.$rc);
109
110// --------------------------------------------------------------------
111
112$out = array();
113
114if (isset($_GET['stop']))
115 $str = exec($path."/dimctrl --user '".$_SERVER['PHP_AUTH_USER']."' --stop", $out, $rc);
116
117if (isset($_GET['start']))
118{
119 // Filename
120 $args = '"scripts/'.$_GET['start'].'"';
121
122 unset($_GET['start']);
123
124 /*
125 $args = "";
126 foreach ($_GET as $key => $value)
127 $args .= " --arg:".$key."=".$value;
128 $str = exec($path."/dimctrl --exec ".$args, $out, $rc);
129 */
130
131 // Label
132 if (isset($_GET['label']))
133 {
134 if ($_GET['label']>=0)
135 $args .= ":".$_GET['label'];
136 unset($_GET['label']);
137 }
138
139 // Arguments
140 foreach ($_GET as $key => $value)
141 $args .= ' --arg:"'.$key.'='.$value.'"';
142
143 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
144 $cmd = $path.'/dimctrl --user "'.$_SERVER['PHP_AUTH_USER'].'" --start '.$args;
145
146 // Execute
147 $str = exec($cmd, $out, $rc);
148}
149
150if ($rc!=1 && $rc!=2)
151 return header('HTTP/1.0 500 Execution failed [rc='.$rc."]");
152
153print($rc);
154
155if (isset($_GET['debug']))
156{
157 print("\n");
158 print_r($out);
159}
160
161?>
Note: See TracBrowser for help on using the repository browser.