1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192:
<?php
$session = 1;
function local_session_sql() {
$sql = <<<EOSQL
SELECT session.*, usr.*, principal.*
FROM session JOIN usr USING(user_no) JOIN principal USING(user_no)
EOSQL;
return $sql;
}
require('Session.php');
include_once('DAVResource.php');
@Session::_CheckLogout();
class DAViCalSession extends Session
{
public $principal_id;
private $privilege_resources = array();
function __construct( $sid='' ) {
$this->principal_id = null;
$this->Session($sid);
}
function AssignSessionDetails( $u ) {
if ( !isset($u->principal_id) ) {
$qry = new AwlQuery('SELECT * FROM dav_principal WHERE username = :username', array(':username' => $u->username) );
if ( $qry->Exec() && $qry->rows() == 1 ) {
$u = $qry->Fetch();
}
}
parent::AssignSessionDetails( $u );
$this->GetRoles();
if ( function_exists('awl_set_locale') && isset($this->locale) && $this->locale != '' ) {
awl_set_locale($this->locale);
}
}
function GetRoles () {
$this->roles = array();
$sql = 'SELECT role_name FROM roles JOIN role_member ON roles.role_no=role_member.role_no WHERE user_no = '.$this->user_no;
$qry = new AwlQuery( $sql );
if ( $qry->Exec('DAViCalSession') && $qry->rows() > 0 ) {
while( $role = $qry->Fetch() ) {
$this->roles[$role->role_name] = 1;
}
}
}
function HavePrivilegeTo( $do_what, $path, $any = null ) {
if ( $this->AllowedTo('Admin') ) return true;
if ( !isset($this->privilege_resources[$path]) ) {
$this->privilege_resources[$path] = new DAVResource($path);
}
$resource = $this->privilege_resources[$path];
if ( isset($resource) && $resource->Exists() ) {
return $resource->HavePrivilegeTo($do_what,$any);
}
return false;
}
function LoginRequired( $roles = '' ) {
global $c, $session, $main_menu, $sub_menu, $tab_menu;
$current_domain = (isset($_SERVER['SERVER_NAME'])?$_SERVER['SERVER_NAME']:$_SERVER['SERVER_ADDR']);
if ( (isset($c->restrict_admin_domain) && $c->restrict_admin_domain != $current_domain)
|| (isset($c->restrict_admin_port) && $c->restrict_admin_port != $_SERVER['SERVER_PORT'] ) ) {
header('Location: caldav.php');
dbg_error_log( 'LOG WARNING', 'Access to "%s" via "%s:%d" rejected.', $_SERVER['REQUEST_URI'], $current_domain, $_SERVER['SERVER_PORT'] );
@ob_flush(); exit(0);
}
if ( isset($c->restrict_admin_roles) && $roles == '' ) $roles = $c->restrict_admin_roles;
if ( $this->logged_in && $roles == '' ) return;
if ( isset($_SERVER['PHP_AUTH_USER']) && !$this->logged_in && $_SERVER['PHP_AUTH_USER'] != "" && $_SERVER['PHP_AUTH_PW'] != "" && ! $_COOKIE['NoAutoLogin'] ) {
if ( $this->Login($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW'],false)) {
setcookie('NoAutoLogin',1,0);
return;
}
}
if ( ! $this->logged_in ) {
$c->messages[] = i18n('You must log in to use this system.');
include_once('page-header.php');
if ( function_exists('local_index_not_logged_in') ) {
local_index_not_logged_in();
}
else {
if ( $this->login_failed ) {
$c->messages[] = i18n('Invalid user name or password.');
}
echo '<h1>'.translate('Log On Please')."</h1>\n";
echo '<p>'.translate('For access to the')
.' '.translate($c->system_name).' '
.translate('you should log on with the username and password that have been issued to you.')
."</p>\n";
echo '<p>'.translate('If you would like to request access, please e-mail').' '.$c->admin_email."</p>\n";
echo $this->RenderLoginPanel();
}
}
else {
$valid_roles = explode(',', $roles);
foreach( $valid_roles AS $k => $v ) {
if ( $this->AllowedTo($v) ) return;
}
$c->messages[] = i18n('You are not authorised to use this function.');
include_once('page-header.php');
}
include('page-footer.php');
@ob_flush(); exit(0);
}
}
$session = new DAViCalSession();
$session->_CheckLogin();