Subversion Repositories slis

Rev

Rev 3445 | Rev 6922 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

<?
/* $Id: proxy.php 1 2004-09-17 07:53:09Z xav $

This script has been written by Xavier Langlois
Copyright (C) 2004 Xavier Langlois <x.langlois@iwall.fr>

This script is released under GNU Public Licence (GPL)
http://www.gnu.org/licenses/gpl.html

This script is part of the SLIS Project initiated by
the CARMI-Internet (Academie de Grenoble - France 38).

SLIS : Serveur de communications Linux pour l'Internet Scolaire.
Copyright (C) 1998-2001 Bruno Bzeznik

--------------------------------------------------------------*/

// hidden_name = slis interface
// hidden_desc = slis interface access via php proxy

include_once("general.php");
include_once("tools/proxy.php");

include_once("objects/Slis.php");

//*************************************************
function get_hadmin_pass($slis) // return http password for slis managment interface
  {
                $pass= get_passwd($slis->name,"hadmin",$err);
                return $pass;
        }      
//*************************************************
function get_hadmin_url($slis) // return url for slis managment interface
  {
    global $hadmin_url,$hadmin_domain,$hadmin_port;
                # the "s" of "https", for versions > 3.1
                $version=$slis->version;
                if ($version == "1.3" || $version == "2.0" || $version == "2.1" || $version == "3.0") {
                        $s="";
                }       else {
                        $s="s";
                        //$s="";
                }      
                return "http{$s}://{$slis->name}.{$hadmin_domain}:{$hadmin_port}";
}
//*************************************************
function get_hadmin_url_with_pass($slis)
{
    global $hadmin_superuser,$hadmin_url,$hadmin_domain,$hadmin_port;
                $pass= get_passwd($slis->name,"hadmin",$err);
                return "https://$hadmin_superuser:$pass@{$slis->name}.{$hadmin_domain}:{$hadmin_port}";
}
//*************************************************
function lcs_remote_ip()                                              
{                  
  if(getenv("HTTP_CLIENT_IP")) {
    $ip = getenv("HTTP_CLIENT_IP");
  } elseif (getenv("HTTP_X_FORWARDED_FOR")) {
    $ip = getenv("HTTP_X_FORWARDED_FOR");
  } else {
    $ip = getenv("REMOTE_ADDR");
  }
    $ip = getenv("REMOTE_ADDR");
  return $ip;
}


function log_to_lcs($slis) {
    global $hadmin_superuser,$hadmin_domain;
                $pass= get_passwd($slis->name,"lcs_admin",$err);

    $slis_dns = $slis->name.".".$hadmin_domain;

echo "
<?xml version='1.0' encoding='utf-8'?>
 <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN\ http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<body>
<script type='text/javascript' src='http://"
.$slis_dns."/lcs/crypto.js'></script>
<script type='text/javascript' src='http://"
.$slis_dns."/lcs/public_key.js'></script>
<script type='text/javascript'>
<!--
    // Input data
    var login = '"
.$hadmin_superuser."';
    var pass = '"
.$pass."';
    var user_ip = '"
.lcs_remote_ip()."';
    var lcs_ip = '"
.$slis_dns."';

    // Data generated by the javascript
    // now.getTime() returns a time 1000x greater than the real timestamp
    // in seconds since javascript returns a value in milliseconds but at
    // least it avoids login failures due to login delay elapsed...
    var now = new Date();
    var encode = pass + '|' + user_ip + '|' + now.getTime() + '|10';
    var string_auth = rsaEncode(public_key_e, public_key_pq, encode);

    // Option 2: standard LCS login form
    document.write(\"<form name='formlcs' method='post' action='http://\" + '"
.$slis_dns. "' + \"/lcs/auth.php'>\");
    document.write(\"<input type='hidden' name='login' value='\" + login + \"'/>\");
    document.write(\"<input type='hidden' name='string_auth' value='\" + string_auth.replace(\"'\", \"&apos;\") + \"'/>\");
    //document.write(\"<input type='submit' value='Login to LCS via usal form'/>\");
    document.write(\"</form>\");

    document.forms['formlcs'].submit()

-->
</script>

</body>
</html>
"
;
}
//*************************************************



if ($loc){
        if (substr($loc,0,4)!="http"){
                $loc=base64_decode($loc);
        }
        $parsed_url=parse_url("$loc");         
        $name=substr( $parsed_url["host"],0 ,strpos($parsed_url["host"],".{$hadmin_domain}"));

}

//echo "loc = ".$loc."<br>";
//exit();
       

if ($name){
        $slis = $Slis->select_by_key($name);
}

if ($slis && $slim_user->has_slis_right("log_to_hadmin_slis", $slis->name)){

  if ( isset ($goLCS)) {
    // Log to LCS
    log_to_lcs($slis);
  } else {
    // Log to SLIS
    $passwd = get_hadmin_pass($slis);

    if ($passwd) {
      //                $log_pass="$hadmin_superuser:".get_hadmin_pass($slis);
      $log_pass="$hadmin_superuser:$passwd";
      //echo "logpass=".$log_pass;exit();
      if ($loc) {
        $url=$loc;
      } else {
        $url= get_hadmin_url($slis);
      }
      //        syslog(LOG_ERR, "hop url : $url");

      //print getPage($slis->name ,$url ,$log_pass ,    get_defined_vars());
      if ( preg_match("/^(1|2|3)\..*/",$slis->version) ) {
        print getPage($slis->name ,$url ,$log_pass ,    get_defined_vars());
      } else {
        header('Location: ' . get_hadmin_url_with_pass($slis));
      }  


      //print ("url=".get_hadmin_url($slis).  " login= $hadmin_superuser:".get_hadmin_pass($slis));
    }
    else {
      print "No passwd!";
    }
        }
}else {
        html_error("Operation not allowed");
}

?>