source: trunk/FACT++/www/smartfact/index.php@ 14783

Last change on this file since 14783 was 14783, checked in by tbretz, 13 years ago
Added an option which allows to retrieve a complete list of all sources from the db.
File size: 6.6 KB
Line 
1<?PHP
2
3require_once("config.php");
4
5function escape($msg)
6{
7 $msg = str_replace("\\", "\\\\", $msg);
8 $msg = str_replace('\"', '\"', $msg);
9 return $msg;
10}
11
12function login()
13{
14 global $ldaphost;
15 global $baseDN;
16 global $groupDN;
17
18 $username = $_SERVER['PHP_AUTH_USER'];
19 $password = $_SERVER['PHP_AUTH_PW'];
20
21 $con = @ldap_connect($ldaphost);
22 if (!$con)
23 return "ldap_connect failed to ".$ldaphost;
24
25 //------------------ Look for user common name
26 $attributes = array('cn', 'mail');
27 $dn = 'ou=People,'.$baseDN;
28 $filter = '(uid='.$username.')';
29
30 $sr = @ldap_search($con, $dn, $filter, $attributes);
31 if (!$sr)
32 return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
33
34 $srData = @ldap_get_entries($con, $sr);
35 if ($srData["count"]==0)
36 return "No results returned by ldap_get_entries for dn=".$dn.".";
37
38 $email =$srData[0]['mail'][0];
39 $userCommonName=$srData[0]['cn'][0];
40 $userDN =$srData[0]['dn'];
41
42 //------------------ Authenticate user
43 if (!@ldap_bind($con, $userDN, $password))
44 return "ldap_bind failed: ".ldap_error($con);
45
46 //------------------ Check if the user is in FACT ldap group
47 $attributes= array("member");
48 $filter= '(objectClass=*)';
49
50 // Get all members of the group.
51 $sr = @ldap_read($con, $groupDN, $filter, $attributes);
52 if (!$sr)
53 return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
54
55 // retrieve the corresponding data
56 $srData = @ldap_get_entries($con, $sr);
57 if ($srData["count"]==0)
58 return "No results returned by ldap_get_entries for dn=".$dn.".";
59
60 @ldap_unbind($con);
61
62 $found = false;
63 foreach ($srData[0]['member'] as $member)
64 if (strpos($member, "cn=".$userCommonName.",")===0)
65 return "";
66
67 return "Sorry, your credentials don't match!";
68}
69// --------------------------------------------------------------------
70
71if (isset($_GET['load']))
72{
73 require_once('log/Browscap.php');
74
75 $d = date("Y/m");
76
77 $path = "log/".$d;
78
79 if (!file_exists("log/cache"))
80 mkdir("log/cache", 0777, true);
81
82 if (!file_exists($path))
83 mkdir($path, 0777, true);
84
85 $addr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
86 $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : "";
87 $dns = gethostbyaddr($addr);
88
89 $bcap = new phpbrowscap\Browscap('log/cache');
90 $info = $bcap->getBrowser();
91
92 $file = fopen($path."/smartfact.log", "a");
93 fwrite($file,
94 date("Y-m-d H:i:s\t").$addr.
95 "\t".$info->Platform.
96 "\t".$info->Browser.
97 "\t".$info->Version.
98 "\t".($info->isMobileDevice?"mobile":"").
99 "\t".$user.
100 "\t".$dns."\n");
101 fclose($file);
102
103 // http://ip-address-lookup-v4.com/ip/92.205.118.219
104
105 print($user);
106
107 return;
108}
109
110if (isset($_GET['sourcelist']))
111{
112 $server = mysql_connect($dbhost, $dbuser, $dbpass);
113 if (!$server)
114 die(mysql_error());
115
116 if (!mysql_select_db($dbname, $server))
117 die(mysql_error());
118
119 $result = mysql_query("SELECT fSourceName AS name FROM source", $server);
120 if (!$result)
121 die(mysql_error());
122
123
124// var res = db.query("SELECT fSourceName, fRightAscension, fDeclination ",
125// "FROM source");
126
127 // store the record of the "example" table into $row
128
129 // Print out the contents of the entry
130
131 while ($row=mysql_fetch_array($result, MYSQL_NUM))
132 print("'".$row[0]."'\n");
133
134 mysql_close($server);
135
136 return;
137
138}
139
140if (isset($_GET['logout']))
141{
142 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
143 return;
144
145 return header('HTTP/1.0 401 Successfull logout!');
146}
147
148// --------------------------------------------------------------------
149
150if (!isset($_GET['start']) && !isset($_GET['stop']))
151 return header('HTTP/1.0 400 Command not supported');
152
153// --------------------------------------------------------------------
154
155if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
156{
157 header('WWW-Authenticate: Basic realm="SmartFACT++"');
158 header('HTTP/1.0 401 Unauthorized');
159 return;
160}
161
162$rc = login();
163if ($rc!="")
164 return header('HTTP/1.0 401 '.$rc);
165
166// --------------------------------------------------------------------
167
168$out = array();
169
170if (isset($_GET['stop']))
171 $str = exec($path."/dimctrl --user '".$_SERVER['PHP_AUTH_USER']."' --stop", $out, $rc);
172
173if (isset($_GET['start']))
174{
175 // Filename
176 $script = '"scripts/'.$_GET['start'].'"';
177
178 unset($_GET['start']);
179
180 /*
181 $args = "";
182 foreach ($_GET as $key => $value)
183 $args .= " --arg:".$key."=".$value;
184 $str = exec($path."/dimctrl --exec ".$args, $out, $rc);
185 */
186
187 // Label
188 if (isset($_GET['label']))
189 {
190 if ($_GET['label']>=0)
191 $script .= ":".$_GET['label'];
192 unset($_GET['label']);
193 }
194
195 $msg = "";
196 if (isset($_GET['msg']))
197 {
198 if ($_GET['msg']>=0)
199 $msg = $_GET['msg'];
200 unset($_GET['msg']);
201 }
202
203 // Arguments
204 if (!empty($script) && empty($msg))
205 {
206 //foreach ($_GET as $key => $value)
207 // $args .= ' --arg:"'.$key.'='.escape($value).'"';
208
209 $args = "";
210 foreach ($_GET as $key => $value)
211 $args .= ' "'.$key.'"="'.$value.'"';
212
213 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
214 $cmd = $path.'/dimctrl --user "'.$_SERVER['PHP_AUTH_USER'].'" --batch '.escapeshellarg($script.$args);
215
216 // Execute
217 $str = exec($cmd, $out, $rc);
218
219 // Logging (mainly for debugging)
220 $d = date("Y/m");
221 $path = "log/".$d;
222 if (!file_exists($path))
223 mkdir($path, 0777, true);
224 $file = fopen($path."/exec.log", "a");
225 fwrite($file, $cmd."\n".$str."\n\n");
226 fclose($file);
227 }
228
229 if (!empty($msg))
230 {
231 $msg = escape($msg);
232
233 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
234 $cmd = $path.'/dimctrl --user "'.$_SERVER['PHP_AUTH_USER'].'" --msg '.escapeshellarg($msg);
235
236 // Execute
237 $str = exec($cmd, $out, $rc);
238
239 // Logging (mainly for debugging)
240 $d = date("Y/m");
241 $path = "log/".$d;
242 if (!file_exists($path))
243 mkdir($path, 0777, true);
244 $file = fopen($path."/exec.log", "a");
245 fwrite($file, $cmd."\n".$str."\n\n");
246 fclose($file);
247 }
248
249 // -------------------------------------------
250}
251
252if ($rc!=1 && $rc!=2)
253 return header('HTTP/1.0 500 Execution failed [rc='.$rc."]");
254
255print($_SERVER['PHP_AUTH_USER']."\n".$rc);
256
257if (isset($_GET['debug']))
258{
259 print("\n");
260 print_r($out);
261}
262
263?>
Note: See TracBrowser for help on using the repository browser.