source: trunk/FACT++/www/smartfact/index.php@ 17373

Last change on this file since 17373 was 17373, checked in by tbretz, 11 years ago
Unified all exec calls, suppress logging (actually only a warning message) when dimctrl is called
File size: 7.6 KB
Line 
1<?PHP
2
3require_once("config.php");
4
5function escape($msg)
6{
7 $msg = str_replace("\\", "\\\\", $msg);
8 $msg = str_replace('\"', '\"', $msg);
9 return $msg;
10}
11
12function login()
13{
14 global $ldaphost;
15 global $baseDN;
16 global $groupDN;
17
18 $username = $_SERVER['PHP_AUTH_USER'];
19 $password = $_SERVER['PHP_AUTH_PW'];
20
21 $con = @ldap_connect($ldaphost);
22 if (!$con)
23 return "ldap_connect failed to ".$ldaphost;
24
25 //------------------ Look for user common name
26 $attributes = array('cn', 'mail');
27 $dn = 'ou=People,'.$baseDN;
28 $filter = '(uid='.$username.')';
29
30 $sr = @ldap_search($con, $dn, $filter, $attributes);
31 if (!$sr)
32 return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
33
34 $srData = @ldap_get_entries($con, $sr);
35 if ($srData["count"]==0)
36 return "No results returned by ldap_get_entries for dn=".$dn.".";
37
38 $email =$srData[0]['mail'][0];
39 $userCommonName=$srData[0]['cn'][0];
40 $userDN =$srData[0]['dn'];
41
42 //------------------ Authenticate user
43 if (!@ldap_bind($con, $userDN, $password))
44 return "ldap_bind failed: ".ldap_error($con);
45
46 //------------------ Check if the user is in FACT ldap group
47 $attributes= array("member");
48 $filter= '(objectClass=*)';
49
50 // Get all members of the group.
51 $sr = @ldap_read($con, $groupDN, $filter, $attributes);
52 if (!$sr)
53 return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
54
55 // retrieve the corresponding data
56 $srData = @ldap_get_entries($con, $sr);
57 if ($srData["count"]==0)
58 return "No results returned by ldap_get_entries for dn=".$dn.".";
59
60 @ldap_unbind($con);
61
62 $found = false;
63 foreach ($srData[0]['member'] as $member)
64 if (strpos($member, "cn=".$userCommonName.",")===0)
65 return "";
66
67 return "Sorry, your credentials don't match!";
68}
69
70function execute($cmd, $out)
71{
72 // Execute
73 $str = exec($cmd, $out, $rc);
74
75 // Logging (mainly for debugging)
76 $d = date("Y/m");
77 $path = "log/".$d;
78
79 if (!file_exists($path))
80 mkdir($path, 0777, true);
81
82 $file = fopen($path."/exec.log", "a");
83
84 fwrite($file, $cmd);
85 fwrite($file, "\n");
86 if ($rc>0)
87 fwrite($file, print_r($out,true)."\n");
88 fwrite($file, "\n");
89
90 fclose($file);
91
92 return $rc;
93}
94
95// --------------------------------------------------------------------
96
97if (isset($_GET['load']))
98{
99 require_once('log/Browscap.php');
100
101 $d = date("Y/m");
102
103 $path = "log/".$d;
104
105 if (!file_exists("log/cache"))
106 mkdir("log/cache", 0777, true);
107
108 if (!file_exists($path))
109 mkdir($path, 0777, true);
110
111 $addr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
112 $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : "";
113 $dns = gethostbyaddr($addr);
114
115 $bcap = new phpbrowscap\Browscap('log/cache');
116 $info = $bcap->getBrowser();
117
118 $file = fopen($path."/smartfact.log", "a");
119 fwrite($file,
120 date("Y-m-d H:i:s\t").$addr.
121 "\t".$info->Platform.
122 "\t".$info->Browser.
123 "\t".$info->Version.
124 "\t".($info->isMobileDevice?"mobile":"").
125 "\t".$user.
126 "\t".$dns."\n");
127 fclose($file);
128
129 // http://ip-address-lookup-v4.com/ip/92.205.118.219
130
131 print($user);
132
133 return;
134}
135
136if (isset($_GET['sourcelist']))
137{
138 $server = mysql_connect($dbhost, $dbuser, $dbpass);
139 if (!$server)
140 die(mysql_error());
141
142 if (!mysql_select_db($dbname, $server))
143 die(mysql_error());
144
145 $result = mysql_query("SELECT fSourceName AS name FROM source", $server);
146 if (!$result)
147 die(mysql_error());
148
149
150// var res = db.query("SELECT fSourceName, fRightAscension, fDeclination ",
151// "FROM source");
152
153 // store the record of the "example" table into $row
154
155 // Print out the contents of the entry
156
157 while ($row=mysql_fetch_array($result, MYSQL_NUM))
158 print("'".$row[0]."'\n");
159
160 mysql_close($server);
161
162 return;
163}
164
165if (isset($_GET['source']) && isset($_GET['time']))
166{
167 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
168 $cmd = $path.'/makedata '.escapeshellarg($_GET['source']).' '.escapeshellarg($_GET['time']);
169
170 // Execute
171 passthru($cmd, $str);
172
173 // Logging (mainly for debugging)
174 $d = date("Y/m");
175 $path = "log/".$d;
176 if (!file_exists($path))
177 mkdir($path, 0777, true);
178 $file = fopen($path."/exec.log", "a");
179 fwrite($file, $cmd."\n".$str."\n\n");
180 fclose($file);
181
182 print_r($str);
183
184 return;
185}
186
187if (isset($_GET['logout']))
188{
189 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
190 return;
191
192 return header('HTTP/1.0 401 Successfull logout!');
193}
194
195// --------------------------------------------------------------------
196
197if (!isset($_GET['start']) && !isset($_GET['stop']) && !isset($_GET['interrupt']))
198 return header('HTTP/1.0 400 Command not supported');
199
200// --------------------------------------------------------------------
201
202if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
203{
204 header('WWW-Authenticate: Basic realm="SmartFACT++"');
205 header('HTTP/1.0 401 Unauthorized');
206 return;
207}
208
209$rc = login();
210if ($rc!="")
211 return header('HTTP/1.0 401 '.$rc);
212
213// --------------------------------------------------------------------
214
215$out = array();
216
217if (isset($_GET['stop']))
218{
219 unset($_GET['stop']);
220
221 $cmd = $path."/dimctrl --no-log --user '".$_SERVER['PHP_AUTH_USER']."' --stop 2>&1";
222
223 $rc = execute($cmd, $out);
224}
225
226if (isset($_GET['start']))
227{
228 // Filename
229 $script = '"scripts/'.$_GET['start'].'"';
230
231 unset($_GET['start']);
232
233 /*
234 $args = "";
235 foreach ($_GET as $key => $value)
236 $args .= " --arg:".$key."=".$value;
237 $str = exec($path."/dimctrl --exec ".$args, $out, $rc);
238 */
239
240 // Label
241 if (isset($_GET['label']))
242 {
243 if ($_GET['label']>=0)
244 $script .= ":".$_GET['label'];
245 unset($_GET['label']);
246 }
247
248 $msg = "";
249 if (isset($_GET['msg']))
250 {
251 $msg = $_GET['msg'];
252 unset($_GET['msg']);
253 }
254
255 // Arguments
256 if (!empty($script) && empty($msg))
257 {
258 //foreach ($_GET as $key => $value)
259 // $args .= ' --arg:"'.$key.'='.escape($value).'"';
260
261 $args = "";
262 foreach ($_GET as $key => $value)
263 $args .= ' "'.$key.'"="'.$value.'"';
264
265 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
266 $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --start '.escapeshellarg($script.$args). " 2>&1";
267
268 $rc = execute($cmd, $out);
269 }
270
271 if (!empty($msg))
272 {
273 $msg = escape($msg);
274
275 // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
276 $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --msg '.escapeshellarg($msg)." 2>&1";
277
278 $rc = execute($cmd, $out);
279 }
280
281 // -------------------------------------------
282}
283
284if (isset($_GET['interrupt']))
285{
286 unset($_GET['interrupt']);
287
288 $irq = "";
289 if (isset($_GET['interrupt']))
290 {
291 $irq = $_GET['irq'];
292 unset($_GET['interrupt']);
293 }
294
295 $args = "";
296 foreach ($_GET as $key => $value)
297 $args .= ' "'.$key.'"="'.$value.'"';
298
299 $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --interrupt '.escapeshellarg($irq.$args)." 2>&1";
300
301 $rc = execute($cmd, $out);
302}
303
304if ($rc>1)
305 return header('HTTP/1.0 500 Execution failed [rc='.$rc."]");
306if ($rc==1)
307 return header('HTTP/1.0 500 Sending command failed.');
308
309print($_SERVER['PHP_AUTH_USER']);
310
311if (isset($_GET['debug']))
312{
313 print("\n");
314 print_r($out);
315}
316
317?>
Note: See TracBrowser for help on using the repository browser.