Subversion Repositories slis

Rev

Rev 3445 | Rev 6922 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
426 xav 1
<?
2
/* $Id: proxy.php 1 2004-09-17 07:53:09Z xav $
3
 
4
This script has been written by Xavier Langlois
5
Copyright (C) 2004 Xavier Langlois <x.langlois@iwall.fr>
6
 
7
This script is released under GNU Public Licence (GPL)
8
http://www.gnu.org/licenses/gpl.html
9
 
10
This script is part of the SLIS Project initiated by
11
the CARMI-Internet (Academie de Grenoble - France 38).
12
 
13
SLIS : Serveur de communications Linux pour l'Internet Scolaire.
14
Copyright (C) 1998-2001 Bruno Bzeznik
15
 
16
--------------------------------------------------------------*/
17
// hidden_name = slis interface
18
// hidden_desc = slis interface access via php proxy
19
 
20
include_once("general.php");
21
include_once("tools/proxy.php");
22
 
23
include_once("objects/Slis.php");
24
 
603 xav 25
//*************************************************
426 xav 26
function get_hadmin_pass($slis) // return http password for slis managment interface
27
  {
28
                $pass= get_passwd($slis->name,"hadmin",$err);
29
                return $pass;
30
        }      
603 xav 31
//*************************************************
426 xav 32
function get_hadmin_url($slis) // return url for slis managment interface
3445 plb 33
  {
34
    global $hadmin_url,$hadmin_domain,$hadmin_port;
35
                # the "s" of "https", for versions > 3.1
36
                $version=$slis->version;
37
                if ($version == "1.3" || $version == "2.0" || $version == "2.1" || $version == "3.0") {
38
                        $s="";
39
                }       else {
40
                        $s="s";
41
                        //$s="";
42
                }      
43
                return "http{$s}://{$slis->name}.{$hadmin_domain}:{$hadmin_port}";
426 xav 44
}
603 xav 45
//*************************************************
6102 plb 46
function get_hadmin_url_with_pass($slis)
47
{
48
    global $hadmin_superuser,$hadmin_url,$hadmin_domain,$hadmin_port;
49
                $pass= get_passwd($slis->name,"hadmin",$err);
50
                return "https://$hadmin_superuser:$pass@{$slis->name}.{$hadmin_domain}:{$hadmin_port}";
51
}
52
//*************************************************
53
function lcs_remote_ip()                                              
54
{                  
55
  if(getenv("HTTP_CLIENT_IP")) {
56
    $ip = getenv("HTTP_CLIENT_IP");
57
  } elseif (getenv("HTTP_X_FORWARDED_FOR")) {
58
    $ip = getenv("HTTP_X_FORWARDED_FOR");
59
  } else {
60
    $ip = getenv("REMOTE_ADDR");
61
  }
62
    $ip = getenv("REMOTE_ADDR");
63
  return $ip;
64
}
426 xav 65
 
66
 
6102 plb 67
function log_to_lcs($slis) {
68
    global $hadmin_superuser,$hadmin_domain;
69
                $pass= get_passwd($slis->name,"lcs_admin",$err);
603 xav 70
 
6102 plb 71
    $slis_dns = $slis->name.".".$hadmin_domain;
72
 
73
echo "
74
<?xml version='1.0' encoding='utf-8'?>
75
 <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN\ http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
76
<html xmlns='http://www.w3.org/1999/xhtml'>
77
<body>
78
<script type='text/javascript' src='http://".$slis_dns."/lcs/crypto.js'></script>
79
<script type='text/javascript' src='http://".$slis_dns."/lcs/public_key.js'></script>
80
<script type='text/javascript'>
81
<!--
82
    // Input data
83
    var login = '".$hadmin_superuser."';
84
    var pass = '".$pass."';
85
    var user_ip = '".lcs_remote_ip()."';
86
    var lcs_ip = '".$slis_dns."';
87
 
88
    // Data generated by the javascript
89
    // now.getTime() returns a time 1000x greater than the real timestamp
90
    // in seconds since javascript returns a value in milliseconds but at
91
    // least it avoids login failures due to login delay elapsed...
92
    var now = new Date();
93
    var encode = pass + '|' + user_ip + '|' + now.getTime() + '|10';
94
    var string_auth = rsaEncode(public_key_e, public_key_pq, encode);
95
 
96
    // Option 2: standard LCS login form
97
    document.write(\"<form name='formlcs' method='post' action='http://\" + '".$slis_dns. "' + \"/lcs/auth.php'>\");
98
    document.write(\"<input type='hidden' name='login' value='\" + login + \"'/>\");
99
    document.write(\"<input type='hidden' name='string_auth' value='\" + string_auth.replace(\"'\", \"&apos;\") + \"'/>\");
100
    //document.write(\"<input type='submit' value='Login to LCS via usal form'/>\");
101
    document.write(\"</form>\");
102
 
103
    document.forms['formlcs'].submit()
104
 
105
-->
106
</script>
107
 
108
</body>
109
</html>
110
";
111
}
112
//*************************************************
113
 
114
 
115
 
426 xav 116
if ($loc){
117
        if (substr($loc,0,4)!="http"){
118
                $loc=base64_decode($loc);
119
        }
120
        $parsed_url=parse_url("$loc");         
121
        $name=substr( $parsed_url["host"],0 ,strpos($parsed_url["host"],".{$hadmin_domain}"));
122
 
123
}
124
 
557 xav 125
//echo "loc = ".$loc."<br>";
126
//exit();
127
 
128
 
426 xav 129
if ($name){
130
        $slis = $Slis->select_by_key($name);
131
}
132
 
133
if ($slis && $slim_user->has_slis_right("log_to_hadmin_slis", $slis->name)){
1116 xav 134
 
6102 plb 135
  if ( isset ($goLCS)) {
136
    // Log to LCS
137
    log_to_lcs($slis);
138
  } else {
139
    // Log to SLIS
140
    $passwd = get_hadmin_pass($slis);
141
 
142
    if ($passwd) {
143
      //                $log_pass="$hadmin_superuser:".get_hadmin_pass($slis);
144
      $log_pass="$hadmin_superuser:$passwd";
145
      //echo "logpass=".$log_pass;exit();
146
      if ($loc) {
147
        $url=$loc;
148
      } else {
149
        $url= get_hadmin_url($slis);
150
      }
151
      //        syslog(LOG_ERR, "hop url : $url");
152
 
153
      //print getPage($slis->name ,$url ,$log_pass ,    get_defined_vars());
154
      if ( preg_match("/^(1|2|3)\..*/",$slis->version) ) {
155
        print getPage($slis->name ,$url ,$log_pass ,    get_defined_vars());
156
      } else {
157
        header('Location: ' . get_hadmin_url_with_pass($slis));
158
      }  
159
 
160
 
161
      //print ("url=".get_hadmin_url($slis).  " login= $hadmin_superuser:".get_hadmin_pass($slis));
162
    }
163
    else {
164
      print "No passwd!";
165
    }
426 xav 166
        }
167
}else {
168
        html_error("Operation not allowed");
169
}
170
 
171
?>