1 | <?PHP
|
---|
2 |
|
---|
3 | require_once("config.php");
|
---|
4 |
|
---|
5 | function escape($msg)
|
---|
6 | {
|
---|
7 | $msg = str_replace("\\", "\\\\", $msg);
|
---|
8 | $msg = str_replace('\"', '\"', $msg);
|
---|
9 | return $msg;
|
---|
10 | }
|
---|
11 |
|
---|
12 | function login()
|
---|
13 | {
|
---|
14 | global $ldaphost;
|
---|
15 | global $baseDN;
|
---|
16 | global $groupDN;
|
---|
17 |
|
---|
18 | $username = $_SERVER['PHP_AUTH_USER'];
|
---|
19 | $password = $_SERVER['PHP_AUTH_PW'];
|
---|
20 |
|
---|
21 | $con = @ldap_connect($ldaphost);
|
---|
22 | if (!$con)
|
---|
23 | return "ldap_connect failed to ".$ldaphost;
|
---|
24 |
|
---|
25 | //------------------ Look for user common name
|
---|
26 | $attributes = array('cn', 'mail');
|
---|
27 | $dn = 'ou=People,'.$baseDN;
|
---|
28 | $filter = '(uid='.$username.')';
|
---|
29 |
|
---|
30 | $sr = @ldap_search($con, $dn, $filter, $attributes);
|
---|
31 | if (!$sr)
|
---|
32 | return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
|
---|
33 |
|
---|
34 | $srData = @ldap_get_entries($con, $sr);
|
---|
35 | if ($srData["count"]==0)
|
---|
36 | return "No results returned by ldap_get_entries for dn=".$dn.".";
|
---|
37 |
|
---|
38 | $email =$srData[0]['mail'][0];
|
---|
39 | $userCommonName=$srData[0]['cn'][0];
|
---|
40 | $userDN =$srData[0]['dn'];
|
---|
41 |
|
---|
42 | //------------------ Authenticate user
|
---|
43 | if (!@ldap_bind($con, $userDN, $password))
|
---|
44 | return "ldap_bind failed: ".ldap_error($con);
|
---|
45 |
|
---|
46 | //------------------ Check if the user is in FACT ldap group
|
---|
47 | $attributes= array("member");
|
---|
48 | $filter= '(objectClass=*)';
|
---|
49 |
|
---|
50 | // Get all members of the group.
|
---|
51 | $sr = @ldap_read($con, $groupDN, $filter, $attributes);
|
---|
52 | if (!$sr)
|
---|
53 | return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
|
---|
54 |
|
---|
55 | // retrieve the corresponding data
|
---|
56 | $srData = @ldap_get_entries($con, $sr);
|
---|
57 | if ($srData["count"]==0)
|
---|
58 | return "No results returned by ldap_get_entries for dn=".$dn.".";
|
---|
59 |
|
---|
60 | @ldap_unbind($con);
|
---|
61 |
|
---|
62 | $found = false;
|
---|
63 | foreach ($srData[0]['member'] as $member)
|
---|
64 | if (strpos($member, "cn=".$userCommonName.",")===0)
|
---|
65 | return "";
|
---|
66 |
|
---|
67 | return "Sorry, your credentials don't match!";
|
---|
68 | }
|
---|
69 |
|
---|
70 | function execute($cmd, $out)
|
---|
71 | {
|
---|
72 | // Execute
|
---|
73 | $str = exec($cmd, $out, $rc);
|
---|
74 |
|
---|
75 | // Logging (mainly for debugging)
|
---|
76 | $d = date("Y/m");
|
---|
77 | $path = "log/".$d;
|
---|
78 |
|
---|
79 | if (!file_exists($path))
|
---|
80 | mkdir($path, 0777, true);
|
---|
81 |
|
---|
82 | $file = fopen($path."/exec.log", "a");
|
---|
83 |
|
---|
84 | fwrite($file, $cmd);
|
---|
85 | fwrite($file, "\n");
|
---|
86 | if ($rc>0)
|
---|
87 | fwrite($file, print_r($out,true)."\n");
|
---|
88 | fwrite($file, "\n");
|
---|
89 |
|
---|
90 | fclose($file);
|
---|
91 |
|
---|
92 | return $rc;
|
---|
93 | }
|
---|
94 |
|
---|
95 | // --------------------------------------------------------------------
|
---|
96 |
|
---|
97 | if (isset($_GET['load']))
|
---|
98 | {
|
---|
99 | require_once('log/Browscap.php');
|
---|
100 |
|
---|
101 | $d = date("Y/m");
|
---|
102 |
|
---|
103 | $path = "log/".$d;
|
---|
104 |
|
---|
105 | if (!file_exists("log/cache"))
|
---|
106 | mkdir("log/cache", 0777, true);
|
---|
107 |
|
---|
108 | if (!file_exists($path))
|
---|
109 | mkdir($path, 0777, true);
|
---|
110 |
|
---|
111 | $addr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
|
---|
112 | $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : "";
|
---|
113 | $dns = gethostbyaddr($addr);
|
---|
114 |
|
---|
115 | $bcap = new phpbrowscap\Browscap('log/cache');
|
---|
116 | $info = $bcap->getBrowser();
|
---|
117 |
|
---|
118 | $file = fopen($path."/smartfact.log", "a");
|
---|
119 | fwrite($file,
|
---|
120 | date("Y-m-d H:i:s\t").$addr.
|
---|
121 | "\t".$info->Platform.
|
---|
122 | "\t".$info->Browser.
|
---|
123 | "\t".$info->Version.
|
---|
124 | "\t".($info->isMobileDevice?"mobile":"").
|
---|
125 | "\t".$user.
|
---|
126 | "\t".$dns."\n");
|
---|
127 | fclose($file);
|
---|
128 |
|
---|
129 | // http://ip-address-lookup-v4.com/ip/92.205.118.219
|
---|
130 |
|
---|
131 | print($user);
|
---|
132 |
|
---|
133 | return;
|
---|
134 | }
|
---|
135 |
|
---|
136 | if (isset($_GET['sourcelist']))
|
---|
137 | {
|
---|
138 | $server = mysql_connect($dbhost, $dbuser, $dbpass);
|
---|
139 | if (!$server)
|
---|
140 | die(mysql_error());
|
---|
141 |
|
---|
142 | if (!mysql_select_db($dbname, $server))
|
---|
143 | die(mysql_error());
|
---|
144 |
|
---|
145 | $result = mysql_query("SELECT fSourceName AS name FROM source", $server);
|
---|
146 | if (!$result)
|
---|
147 | die(mysql_error());
|
---|
148 |
|
---|
149 |
|
---|
150 | // var res = db.query("SELECT fSourceName, fRightAscension, fDeclination ",
|
---|
151 | // "FROM source");
|
---|
152 |
|
---|
153 | // store the record of the "example" table into $row
|
---|
154 |
|
---|
155 | // Print out the contents of the entry
|
---|
156 |
|
---|
157 | while ($row=mysql_fetch_array($result, MYSQL_NUM))
|
---|
158 | print("'".$row[0]."'\n");
|
---|
159 |
|
---|
160 | mysql_close($server);
|
---|
161 |
|
---|
162 | return;
|
---|
163 | }
|
---|
164 |
|
---|
165 | if (isset($_GET['source']) && isset($_GET['time']))
|
---|
166 | {
|
---|
167 | // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
|
---|
168 | $cmd = $path.'/makedata '.escapeshellarg($_GET['source']).' '.escapeshellarg($_GET['time']);
|
---|
169 |
|
---|
170 | // Execute
|
---|
171 | passthru($cmd, $str);
|
---|
172 |
|
---|
173 | // Logging (mainly for debugging)
|
---|
174 | $d = date("Y/m");
|
---|
175 | $path = "log/".$d;
|
---|
176 | if (!file_exists($path))
|
---|
177 | mkdir($path, 0777, true);
|
---|
178 | $file = fopen($path."/exec.log", "a");
|
---|
179 | fwrite($file, $cmd."\n".$str."\n\n");
|
---|
180 | fclose($file);
|
---|
181 |
|
---|
182 | print_r($str);
|
---|
183 |
|
---|
184 | return;
|
---|
185 | }
|
---|
186 |
|
---|
187 | if (isset($_GET['logout']))
|
---|
188 | {
|
---|
189 | if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
|
---|
190 | return;
|
---|
191 |
|
---|
192 | return header('HTTP/1.0 401 Successfull logout!');
|
---|
193 | }
|
---|
194 |
|
---|
195 | // --------------------------------------------------------------------
|
---|
196 |
|
---|
197 | if (!isset($_GET['start']) && !isset($_GET['stop']) && !isset($_GET['interrupt']))
|
---|
198 | return header('HTTP/1.0 400 Command not supported');
|
---|
199 |
|
---|
200 | // --------------------------------------------------------------------
|
---|
201 |
|
---|
202 | if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
|
---|
203 | {
|
---|
204 | header('WWW-Authenticate: Basic realm="SmartFACT++"');
|
---|
205 | header('HTTP/1.0 401 Unauthorized');
|
---|
206 | return;
|
---|
207 | }
|
---|
208 |
|
---|
209 | $rc = login();
|
---|
210 | if ($rc!="")
|
---|
211 | return header('HTTP/1.0 401 '.$rc);
|
---|
212 |
|
---|
213 | // --------------------------------------------------------------------
|
---|
214 |
|
---|
215 | $out = array();
|
---|
216 |
|
---|
217 | if (isset($_GET['stop']))
|
---|
218 | {
|
---|
219 | unset($_GET['stop']);
|
---|
220 |
|
---|
221 | $cmd = $path."/dimctrl --no-log --user '".$_SERVER['PHP_AUTH_USER']."' --stop 2>&1";
|
---|
222 |
|
---|
223 | $rc = execute($cmd, $out);
|
---|
224 | }
|
---|
225 |
|
---|
226 | if (isset($_GET['start']))
|
---|
227 | {
|
---|
228 | // Filename
|
---|
229 | $script = '"scripts/'.$_GET['start'].'"';
|
---|
230 |
|
---|
231 | unset($_GET['start']);
|
---|
232 |
|
---|
233 | /*
|
---|
234 | $args = "";
|
---|
235 | foreach ($_GET as $key => $value)
|
---|
236 | $args .= " --arg:".$key."=".$value;
|
---|
237 | $str = exec($path."/dimctrl --exec ".$args, $out, $rc);
|
---|
238 | */
|
---|
239 |
|
---|
240 | // Label
|
---|
241 | if (isset($_GET['label']))
|
---|
242 | {
|
---|
243 | if ($_GET['label']>=0)
|
---|
244 | $script .= ":".$_GET['label'];
|
---|
245 | unset($_GET['label']);
|
---|
246 | }
|
---|
247 |
|
---|
248 | $msg = "";
|
---|
249 | if (isset($_GET['msg']))
|
---|
250 | {
|
---|
251 | $msg = $_GET['msg'];
|
---|
252 | unset($_GET['msg']);
|
---|
253 | }
|
---|
254 |
|
---|
255 | // Arguments
|
---|
256 | if (!empty($script) && empty($msg))
|
---|
257 | {
|
---|
258 | //foreach ($_GET as $key => $value)
|
---|
259 | // $args .= ' --arg:"'.$key.'='.escape($value).'"';
|
---|
260 |
|
---|
261 | $args = "";
|
---|
262 | foreach ($_GET as $key => $value)
|
---|
263 | $args .= ' "'.$key.'"="'.$value.'"';
|
---|
264 |
|
---|
265 | // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
|
---|
266 | $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --start '.escapeshellarg($script.$args). " 2>&1";
|
---|
267 |
|
---|
268 | $rc = execute($cmd, $out);
|
---|
269 | }
|
---|
270 |
|
---|
271 | if (!empty($msg))
|
---|
272 | {
|
---|
273 | $msg = escape($msg);
|
---|
274 |
|
---|
275 | // $args = "filename":label --arg:"key1=value" --arg:"key2=value"
|
---|
276 | $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --msg '.escapeshellarg($msg)." 2>&1";
|
---|
277 |
|
---|
278 | $rc = execute($cmd, $out);
|
---|
279 | }
|
---|
280 |
|
---|
281 | // -------------------------------------------
|
---|
282 | }
|
---|
283 |
|
---|
284 | if (isset($_GET['interrupt']))
|
---|
285 | {
|
---|
286 | unset($_GET['interrupt']);
|
---|
287 |
|
---|
288 | $irq = "";
|
---|
289 | if (isset($_GET['interrupt']))
|
---|
290 | {
|
---|
291 | $irq = $_GET['irq'];
|
---|
292 | unset($_GET['interrupt']);
|
---|
293 | }
|
---|
294 |
|
---|
295 | $args = "";
|
---|
296 | foreach ($_GET as $key => $value)
|
---|
297 | $args .= ' "'.$key.'"="'.$value.'"';
|
---|
298 |
|
---|
299 | $cmd = $path.'/dimctrl --no-log --user "'.$_SERVER['PHP_AUTH_USER'].'" --interrupt '.escapeshellarg($irq.$args)." 2>&1";
|
---|
300 |
|
---|
301 | $rc = execute($cmd, $out);
|
---|
302 | }
|
---|
303 |
|
---|
304 | if ($rc>1)
|
---|
305 | return header('HTTP/1.0 500 Execution failed [rc='.$rc."]");
|
---|
306 | if ($rc==1)
|
---|
307 | return header('HTTP/1.0 500 Sending command failed.');
|
---|
308 |
|
---|
309 | print($_SERVER['PHP_AUTH_USER']);
|
---|
310 |
|
---|
311 | if (isset($_GET['debug']))
|
---|
312 | {
|
---|
313 | print("\n");
|
---|
314 | print_r($out);
|
---|
315 | }
|
---|
316 |
|
---|
317 | ?>
|
---|