1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10:
11:
12: 13: 14: 15: 16:
17: $session = 1;
18:
19:
20:
21:
22:
23: 24: 25:
26: function local_session_sql() {
27: $sql = <<<EOSQL
28: SELECT session.*, usr.*, principal.*
29: FROM session JOIN usr USING(user_no) JOIN principal USING(user_no)
30: EOSQL;
31: return $sql;
32: }
33:
34: 35: 36:
37: require('Session.php');
38: include_once('DAVResource.php');
39:
40:
41: @Session::_CheckLogout();
42:
43: 44: 45: 46: 47:
48: class DAViCalSession extends Session
49: {
50:
51: public $principal_id;
52: private $privilege_resources = array();
53:
54: 55: 56: 57: 58: 59: 60: 61:
62: function __construct( $sid='' ) {
63: $this->principal_id = null;
64: $this->Session($sid);
65: }
66:
67:
68: 69: 70: 71:
72: function AssignSessionDetails( $u ) {
73: if ( !isset($u->principal_id) ) {
74:
75: $qry = new AwlQuery('SELECT * FROM dav_principal WHERE username = :username', array(':username' => $u->username) );
76: if ( $qry->Exec() && $qry->rows() == 1 ) {
77: $u = $qry->Fetch();
78: }
79: }
80:
81: parent::AssignSessionDetails( $u );
82: $this->GetRoles();
83: if ( function_exists('awl_set_locale') && isset($this->locale) && $this->locale != '' ) {
84: awl_set_locale($this->locale);
85: }
86: }
87:
88:
89: 90: 91:
92: function GetRoles () {
93: $this->roles = array();
94: $sql = 'SELECT role_name FROM roles JOIN role_member ON roles.role_no=role_member.role_no WHERE user_no = '.$this->user_no;
95: $qry = new AwlQuery( $sql );
96: if ( $qry->Exec('DAViCalSession') && $qry->rows() > 0 ) {
97: while( $role = $qry->Fetch() ) {
98: $this->roles[$role->role_name] = 1;
99: }
100: }
101: }
102:
103:
104: 105: 106: 107: 108: 109: 110:
111: function HavePrivilegeTo( $do_what, $path, $any = null ) {
112: if ( $this->AllowedTo('Admin') ) return true;
113: if ( !isset($this->privilege_resources[$path]) ) {
114: $this->privilege_resources[$path] = new DAVResource($path);
115: }
116: $resource = $this->privilege_resources[$path];
117: if ( isset($resource) && $resource->Exists() ) {
118: return $resource->HavePrivilegeTo($do_what,$any);
119: }
120: return false;
121: }
122:
123:
124:
125: 126: 127: 128: 129: 130: 131: 132: 133:
134: function LoginRequired( $roles = '' ) {
135: global $c, $session, $main_menu, $sub_menu, $tab_menu;
136:
137: $current_domain = (isset($_SERVER['SERVER_NAME'])?$_SERVER['SERVER_NAME']:$_SERVER['SERVER_ADDR']);
138: if ( (isset($c->restrict_admin_domain) && $c->restrict_admin_domain != $current_domain)
139: || (isset($c->restrict_admin_port) && $c->restrict_admin_port != $_SERVER['SERVER_PORT'] ) ) {
140: header('Location: caldav.php');
141: dbg_error_log( 'LOG WARNING', 'Access to "%s" via "%s:%d" rejected.', $_SERVER['REQUEST_URI'], $current_domain, $_SERVER['SERVER_PORT'] );
142: @ob_flush(); exit(0);
143: }
144: if ( isset($c->restrict_admin_roles) && $roles == '' ) $roles = $c->restrict_admin_roles;
145: if ( $this->logged_in && $roles == '' ) return;
146:
147: 148: 149:
150: if ( isset($_SERVER['PHP_AUTH_USER']) && !$this->logged_in && $_SERVER['PHP_AUTH_USER'] != "" && $_SERVER['PHP_AUTH_PW'] != "" && ! $_COOKIE['NoAutoLogin'] ) {
151: if ( $this->Login($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW'],false)) {
152: setcookie('NoAutoLogin',1,0);
153: return;
154: }
155: }
156: if ( ! $this->logged_in ) {
157: $c->messages[] = i18n('You must log in to use this system.');
158: include_once('page-header.php');
159: if ( function_exists('local_index_not_logged_in') ) {
160: local_index_not_logged_in();
161: }
162: else {
163: if ( $this->login_failed ) {
164: $c->messages[] = i18n('Invalid user name or password.');
165: }
166: echo '<h1>'.translate('Log On Please')."</h1>\n";
167: echo '<p>'.translate('For access to the')
168: .' '.translate($c->system_name).' '
169: .translate('you should log on with the username and password that have been issued to you.')
170: ."</p>\n";
171: echo '<p>'.translate('If you would like to request access, please e-mail').' '.$c->admin_email."</p>\n";
172: echo $this->RenderLoginPanel();
173: }
174: }
175: else {
176: $valid_roles = explode(',', $roles);
177: foreach( $valid_roles AS $k => $v ) {
178: if ( $this->AllowedTo($v) ) return;
179: }
180: $c->messages[] = i18n('You are not authorised to use this function.');
181: include_once('page-header.php');
182: }
183:
184: include('page-footer.php');
185: @ob_flush(); exit(0);
186: }
187: }
188:
189: $session = new DAViCalSession();
190: $session->_CheckLogin();
191:
192: