sessionTimeout)) > time()) { // ok, update time $_SESSION['sec_sessionTime'] = time(); } else { // session expired, logoff user logoffAndBackToLoginPage(); } } /** * Checks if the client's IP address is on the list of allowed IPs. * The script is stopped if the host is not valid. * */ function checkClientIP() { } /** * Checks if the user is allowed to access LAM at this time. * The script is stopped if time is exceeded. * * @param unknown_type $dn */ function checkUserTime($dn) { } /** * Returns a list of DNs of valid LAM users. * * @param string $dn configuration DN * @return array $dn user list */ function getValidUserDNs($dn) { return array("uid=test,o=test", "uid=test2,o=test"); } /** * Logs off the user and displays the login page. * */ function logoffAndBackToLoginPage() { // log message $ldapUser = $_SESSION['ldap']->decrypt_login(); logNewMessage(LOG_WARNING, 'Session of user ' . $ldapUser[0] . ' expired.'); // delete key and iv in cookie if (function_exists('mcrypt_create_iv')) { setcookie("Key", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 0, "/"); setcookie("IV", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 0, "/"); } // close LDAP connection @$_SESSION["ldap"]->destroy(); // link back to login page $paths = array('./', '../', '../../', '../../../'); $page = 'login.php'; for ($i = 0; $i < sizeof($paths); $i++) { if (file_exists($paths[$i] . $page)) { $page = $paths[$i] . $page; break; } } echo $_SESSION['header']; echo "\n"; echo "\n"; echo "\n"; // print JavaScript refresh echo "\n"; // print link if refresh does not work echo "

\n"; echo "" . _("Your session expired, click here to go back to the login page.") . "\n"; echo "

\n"; echo "\n"; echo "\n"; // destroy session session_destroy(); unset($_SESSION); die(); } /** * Puts a new message in the log file. * * @param string $level log level (LOG_NOTICE, LOG_WARNING, LOG_ERR) * @param string $message log message */ function logNewMessage($level, $message) { $possibleLevels = array(LOG_NOTICE => 'NOTICE', LOG_WARNING => 'WARNING', LOG_ERR => 'ERROR'); if (!in_array($level, array_keys($possibleLevels))) StatusMessage('ERROR', 'Invalid log level!', $level); if (isset($_SESSION['cfgMain'])) $cfg = $_SESSION['cfgMain']; else $cfg = new CfgMain(); // check if logging is disabled if ($cfg->logDestination == 'NONE') return; // check if log level is high enough elseif ($cfg->logLevel < $level) return; // ok to log, build log message $prefix = "LDAP Account Manager - " . $possibleLevels[$level] . ": "; $message = $prefix . $message; // Syslog logging if ($cfg->logDestination == 'SYSLOG') { syslog($level, $message); } // log to file else { touch($cfg->logDestination); if (is_writable($cfg->logDestination)) { $file = fopen($cfg->logDestination, 'a'); if ($file) { fwrite($file, $message . "\n"); fclose($file); } } else { StatusMessage('ERROR', 'Unable to write to log file!', $cfg->logDestination); } } } ?>