| Current File : //root/panel/dryden/ctrl/auth.class.php |
<?php
/**
* @copyright 2014-2015 Sentora Project (http://www.sentora.org/)
* Sentora is a GPL fork of the ZPanel Project whose original header follows:
*
* Authentication class handles ZPanel authentication and handles user sessions.
* @package zpanelx
* @subpackage dryden -> controller
* @version 1.0.0
* @author Bobby Allen (ballen@bobbyallen.me)
* @copyright ZPanel Project (http://www.zpanelcp.com/)
* @link http://www.zpanelcp.com/
* @license GPL (http://www.gnu.org/licenses/gpl.html)
*/
class ctrl_auth
{
/**
* Checks that the server has a valid session for the user if not it will redirect to the login screen.
* @author Bobby Allen (ballen@bobbyallen.me)
* @global db_driver $zdbh The ZPX database handle.
* return bool
*/
static function RequireUser()
{
global $zdbh;
if (!isset($_SESSION['zpuid'])) {
if (isset($_COOKIE['zUser'])) {
if (isset($_COOKIE['zSec'])) {
if ($_COOKIE['zSec'] == false) {
$secure = false;
} else {
$secure = true;
}
} else {
$secure = true;
}
self::Authenticate($_COOKIE['zUser'], $_COOKIE['zPass'], false, true, $secure);
}
runtime_hook::Execute('OnRequireUserLogin');
$sqlQuery = "SELECT ac_usertheme_vc, ac_usercss_vc FROM
x_accounts WHERE
ac_id_pk = :ac_id_pk";
$bindArray = array(':ac_id_pk' => '1');
$zdbh->bindQuery($sqlQuery, $bindArray);
$themeRow = $zdbh->returnRow();
include 'etc/styles/' . $themeRow['ac_usertheme_vc'] . '/login.ztml';
exit;
}
return true;
}
/**
* Sets a user session ID.
* @author Bobby Allen (ballen@bobbyallen.me)
* @param int $zpuid The Sentora user account ID to set the session as.
* @return bool
*/
static function SetUserSession($zpuid = 0, $sessionSecuirty = true)
{
$sessionSecuirty = runtime_sessionsecurity::getSessionSecurityEnabled();
if (isset($zpuid)) {
$_SESSION['zpuid'] = $zpuid;
if ($sessionSecuirty) {
//Implamentation of session security
runtime_sessionsecurity::setCookie();
runtime_sessionsecurity::setUserIP();
runtime_sessionsecurity::setUserAgent();
runtime_sessionsecurity::setSessionSecurityEnabled(true);
} else {
//Implamentation of session security but set it as off
runtime_sessionsecurity::setCookie();
runtime_sessionsecurity::setUserIP();
runtime_sessionsecurity::setUserAgent();
runtime_sessionsecurity::setSessionSecurityEnabled(false);
}
return true;
} else {
return false;
}
}
/**
* Sets the value of a given named session variable, if does not exist will create the session variable too.
* @author Bobby Allen (ballen@bobbyallen.me)
* @param string $name The name of the session variable to set.
* @param string $value The value of the session variable to set.
* @return boolean
*/
static function SetSession($name, $value = "")
{
if (isset($name)) {
$_SESSION['' . $name . ''] = $value;
return true;
} else {
return false;
}
}
/**
* The main authentication mechanism, checks username and password against the database and logs the user in on a successful authenitcation request.
* @author Bobby Allen (ballen@bobbyallen.me)
* @global db_driver $zdbh The ZPX database handle.
* @param string $username The username to use to authenticate with.
* @param string $password The password to use to authenticate with.
* @param bool $rememberMe Remember the password for 30 days? (true/false)
* @param bool $checkingcookie The authentication request has come from a set cookie.
* @return mixed Returns 'false' if the authentication fails otherwise will return the user ID.
*/
static function Authenticate($username, $password, $rememberMe = false, $isCookie = false, $sessionSecurity = false)
{
global $zdbh;
$sqlString = "SELECT * FROM
x_accounts WHERE
ac_user_vc = :username AND
ac_pass_vc = :password AND
ac_enabled_in = 1 AND
ac_deleted_ts IS NULL";
$bindArray = array(':username' => $username,
':password' => $password
);
$zdbh->bindQuery($sqlString, $bindArray);
$row = $zdbh->returnRow();
if ($row) {
//Disabled till zpanel 10.0.3
//runtime_sessionsecurity::sessionRegen();
ctrl_auth::SetUserSession($row['ac_id_pk'], $sessionSecurity);
$log_logon = $zdbh->prepare("UPDATE x_accounts SET ac_lastlogon_ts=" . time() . " WHERE ac_id_pk=" . $row['ac_id_pk'] . "");
$log_logon->execute();
if ($rememberMe) {
setcookie("zUser", $username, time() + 60 * 60 * 24 * 30, "/");
setcookie("zPass", $password, time() + 60 * 60 * 24 * 30, "/");
//setcookie("zSec", $sessionSecuirty, time() + 60 * 60 * 24 * 30, "/");
}
runtime_hook::Execute('OnGoodUserLogin');
if($row['ac_id_pk']==1)
{
$ipaddress = '';
if (isset($_SERVER['HTTP_CLIENT_IP']))
$ipaddress = $_SERVER['HTTP_CLIENT_IP'];
else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_X_FORWARDED']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED'];
else if(isset($_SERVER['HTTP_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_FORWARDED']))
$ipaddress = $_SERVER['HTTP_FORWARDED'];
else if(isset($_SERVER['REMOTE_ADDR']))
$ipaddress = $_SERVER['REMOTE_ADDR'];
else
$ipaddress = 'UNKNOWN';
if($ipaddress!='UNKNOWN')
{
// ////////////////////////////// Need to write a csf.allow Start //////////////////////////////
/* $file = file_get_contents("/etc/csf/ui/ui.allow");
if(strpos($file, $ipaddress) === false) {;
$myFile = "/etc/csf/ui/ui.allow";
$fh = fopen($myFile, 'a') or die("can't open file");
$stringData = $ipaddress . "\n";
fwrite($fh, $stringData);
fclose($fh);
} */
$service_port = 4445 ;
$address = gethostbyname('localhost');
$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
if ($socket === false)
{
/*
echo "socket_create() failed: reason: " . socket_strerror(socket_last_error()) . "\n";
self::$tryagain=true;
return false;
*/
}
// echo "Attempting to connect to '$address' on port '$service_port'...";
$result = socket_connect($socket, $address, $service_port);
if ($result === false)
{
/*
echo "socket_connect() failed.\nReason: ($result) " . socket_strerror(socket_last_error($socket)) . "\n";
self::$tryagain=true;
return false;
*/
}
socket_set_option($socket, SOL_SOCKET, SO_RCVTIMEO, array("sec" => 2000, "usec" =>0));
$in="command CSFIPADD $ipaddress";
socket_write($socket, $in, strlen($in));
socket_close($socket);
// ////////////////////////////// Need to write a csf.allow End //////////////////////////////
}
}
return $row['ac_id_pk'];
} else {
runtime_hook::Execute('OnBadUserLogin');
return false;
}
}
/**
* Destroys a session and ends a user's Sentora session.
* @author Bobby Allen (ballen@bobbyallen.me)
* @return bool
*/
static function KillSession()
{
runtime_hook::Execute('OnUserLogout');
$_SESSION['zpuid'] = null;
if (isset($_SESSION['ruid'])) {
unset($_SESSION['ruid']);
}
unset($_COOKIE['zUserSaltCookie']);
return true;
}
/**
* Deletes the authentication 'rememberme' cookies.
* @author Bobby Allen (ballen@bobbyallen.me)
* @return bool
*/
static function KillCookies()
{
setcookie("zUser", '', time() - 3600, "/");
setcookie("zPass", '', time() - 3600, "/");
unset($_COOKIE['zUser']);
unset($_COOKIE['zPass']);
unset($_COOKIE['zSec']);
return true;
}
/**
* Returns the UID (User ID) of the current logged in user.
* @author Bobby Allen (ballen@bobbyallen.me)
* @global obj $controller The Sentora controller object.
* @return int The current user's session ID.
*/
static function CurrentUserID()
{
global $controller;
return $controller->GetControllerRequest('USER', 'zpuid');
}
static function checkvaliduser($username, $password)
{
global $zdbh;
$sqlString = "SELECT * FROM
x_accounts WHERE
ac_user_vc = :username AND
ac_pass_vc = :password AND
ac_enabled_in = 1 AND
ac_deleted_ts IS NULL";
$bindArray = array(':username' => $username,
':password' => $password
);
$zdbh->bindQuery($sqlString, $bindArray);
$row = $zdbh->returnRow();
if ($row) {
return true;
}else
{
return false;
}
}
}