gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -48,6 +48,9 @@
			private $_wb;
			private $_loaded_classes = array();
			private $_conf;
			private $_security_config;

			public $loaded_plugins = array();

			public function __construct() {
			global $conf;
			@@ -55,7 +58,7 @@
			if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']) \|\| isset($_REQUEST['s']) \|\| isset($_REQUEST['s_old']) \|\| isset($_REQUEST['conf'])) {
			die('Internal Error: var override attempt detected');
			}


			$this->_conf = $conf;
			if($this->_conf['start_db'] == true) {
			$this->load('db_'.$this->_conf['db_type']);
			@@ -66,12 +69,31 @@
			if($this->_conf['start_session'] == true) {

			$this->uses('session');
			$tmp = $this->db->queryOneRecord("SELECT `value` FROM sys_config WHERE `config_id` = 2 AND `group` = 'interface' AND `name` = 'session_timeout'");
			if($tmp && $tmp['value'] > 0) {
			$this->session->set_timeout($tmp['value']);
			session_set_cookie_params(($tmp['value'] * 60) + 300); // make the cookie live 5 minutes longer
			$sess_timeout = $this->conf('interface', 'session_timeout');
			$cookie_domain = (isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HTTP_HOST']);
			$cookie_secure = ($_SERVER["HTTPS"] == 'on')?true:false;
			if($sess_timeout) {
			/* check if user wants to stay logged in */
			if(isset($_POST['s_mod']) && isset($_POST['s_pg']) && $_POST['s_mod'] == 'login' && $_POST['s_pg'] == 'index' && isset($_POST['stay']) && $_POST['stay'] == '1') {
			/* check if staying logged in is allowed */
			$this->uses('ini_parser');
			$tmp = $this->db->queryOneRecord('SELECT config FROM sys_ini WHERE sysini_id = 1');
			$tmp = $this->ini_parser->parse_ini_string(stripslashes($tmp['config']));
			if(!isset($tmp['misc']['session_allow_endless']) \|\| $tmp['misc']['session_allow_endless'] != 'y') {
			$this->session->set_timeout($sess_timeout);
			session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
			} else {
			// we are doing login here, so we need to set the session data
			$this->session->set_permanent(true);
			$this->session->set_timeout(365 * 24 * 3600,'/',$cookie_domain,$cookie_secure,true); // one year
			session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
			}
			} else {
			$this->session->set_timeout($sess_timeout);
			session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
			}
			} else {
			session_set_cookie_params(0); // until browser is closed
			session_set_cookie_params(0,'/',$cookie_domain,$cookie_secure,true); // until browser is closed
			}

			session_set_save_handler( array($this->session, 'open'),
			@@ -90,9 +112,18 @@
			}

			$this->uses('functions'); // we need this before all others!
			$this->uses('auth,plugin');
			$this->uses('auth,plugin,ini_parser,getconf');

			}

			public function __get($prop) {
			if(property_exists($this, $prop)) return $this->{$prop};

			$this->uses($prop);
			if(property_exists($this, $prop)) return $this->{$prop};
			else return null;
			}

			public function __destruct() {
			session_write_close();
			}
			@@ -103,7 +134,7 @@
			foreach($cl as $classname) {
			$classname = trim($classname);
			//* Class is not loaded so load it
			if(!array_key_exists($classname, $this->_loaded_classes)) {
			if(!array_key_exists($classname, $this->_loaded_classes) && is_file(ISPC_CLASS_PATH."/$classname.inc.php")) {
			include_once ISPC_CLASS_PATH."/$classname.inc.php";
			$this->$classname = new $classname();
			$this->_loaded_classes[$classname] = true;
			@@ -121,6 +152,22 @@
			}
			}
			}

			public function conf($plugin, $key, $value = null) {
			if(is_null($value)) {
			$tmpconf = $this->db->queryOneRecord("SELECT `value` FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
			if($tmpconf) return $tmpconf['value'];
			else return null;
			} else {
			if($value === false) {
			$this->db->query("DELETE FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
			return null;
			} else {
			$this->db->query("REPLACE INTO `sys_config` (`group`, `name`, `value`) VALUES (?, ?, ?)", $plugin, $key, $value);
			return $value;
			}
			}
			}

			/** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */

			@@ -132,8 +179,8 @@
			$server_id = 0;
			$priority = $this->functions->intval($priority);
			$tstamp = time();
			$msg = $this->db->quote('[INTERFACE]: '.$msg);
			$this->db->query("INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES ($server_id,0,$priority,$tstamp,'$msg')");
			$msg = '[INTERFACE]: '.$msg;
			$this->db->query("INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES (?, 0, ?, ?, ?)", $server_id, $priority,$tstamp,$msg);
			/*
			if (is_writable($this->_conf['log_file'])) {
			if (!$fp = fopen ($this->_conf['log_file'], 'a')) {
			@@ -193,7 +240,7 @@
			}
			$this->_language_inc = 1;
			}
			if(!empty($this->_wb[$text])) {
			if(isset($this->_wb[$text]) && $this->wb[$text] !== '') {
			$text = $this->_wb[$text];
			} else {
			if($this->_conf['debug_language']) {
			@@ -284,4 +331,13 @@
			//* possible future = new app($conf);
			$app = new app();

			// load and enable PHP Intrusion Detection System (PHPIDS)
			$ids_security_config = $app->getconf->get_security_config('ids');

			if(is_dir(ISPC_CLASS_PATH.'/IDS') && $ids_security_config['ids_enabled'] == 'yes') {
			$app->uses('ids');
			$app->ids->start();
			}
			unset($ids_security_config);

			?>