-
Lucio Zambon authored0d9b36c6
admin.php 7.75 KiB
<!-- NOTICE! this file depend on Elettra authentication system, in other institutes please skip call to function check_admin_access() or replace it -->
<!doctype html>
<html lang="en">
<head>
<title>PAnTHer admin</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="../lib/bootstrap/bootstrap.min.css">
<script src="../lib/bootstrap/jquery.js"></script>
<script src="../lib/bootstrap/bootstrap.min.js"></script>
</head>
<body>
<?php
define('ELETTRA_LDAP_SERVER', 'ldap.elettra.eu');
define('ELETTRA_LDAP_DN', 'ou=People,dc=elettra,dc=eu');
require_once("../conf.php");
$timediff = $dbtype == "pg"? "EXTRACT(EPOCH FROM NOW()-date)": "TIMESTAMPDIFF(SECOND,date,NOW())";
$old_error_reporting = error_reporting(E_ALL);
require_once("../lib/sql_interface.php");
error_reporting($old_error_reporting);
// ----------------------------------------------------------------
// open_db
if (!function_exists('open_db')) {
function open_db() {
global $dbtype;
// instance SQL interface class
$sql = new SqlInterface($dbtype);
// connect to database
$db = $sql->sql_connect(HOST, USERNAME, PASSWORD, DB);
// if connection has failed emit a warnig and auto-retry
if ($db === FALSE) {
echo "<html>\n <head>";
echo " <meta http-equiv='refresh' content='5;url=#'>\n";
echo " </head>\n <body>\n <H1>Please wait</H1>Waiting for database connection<br />\n";
exit();
}
// select db
if ($dbtype!="pg") {$sql->sql_select_db(DB, $db);}
return $sql;
}
}
$sql = open_db();
$username = '';
//-----------------------------------------------------------------------------
function elettra_ldap_auth($_username, $_password) {
$elettra_ldap_error = false;
$ldap_url = 'ldaps://'.ELETTRA_LDAP_SERVER.':636/';
if (!function_exists('ldap_connect')) {
$elettra_ldap_error = "LDAP module not installed in PHP";
return $elettra_ldap_error;
}
$ldap = ldap_connect($ldap_url);
$elettra_ldap_error = "$ldap_url\n";
if (!$ldap) {
$elettra_ldap_error = "Could not connect to $ldap_url";
return $elettra_ldap_error;
}
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
$password = trim(stripslashes($_password));
$username = trim(stripslashes($_username));
if (empty($password)) {
@ldap_close($ldap);
$elettra_ldap_error = "empty password";
return $elettra_ldap_error;
}
if ($ldap) {
$user_search = ldap_search($ldap, ELETTRA_LDAP_DN, "(uid=$username)"); if (!$user_search) {
$elettra_ldap_error ="Error in search query ($ldap_url): ".ldap_error($ldap);
return $elettra_ldap_error;
}
$user_get = ldap_get_entries($ldap, $user_search);
if (!$user_get) {
$elettra_ldap_error = 'user not found';
@ldap_close($ldap);
return $elettra_ldap_error;
}
$user_entry = ldap_first_entry($ldap, $user_search);
if (!$user_entry) {
$elettra_ldap_error = 'user not found';
@ldap_close($ldap);
return $elettra_ldap_error;
}
$user_dn = ldap_get_dn($ldap, $user_entry);
if (!$user_dn) {
$elettra_ldap_error = 'user not found';
@ldap_close($ldap);
return $elettra_ldap_error;
}
if (@ldap_bind($ldap, $user_dn, $password)) {
$elettra_ldap_error = 'alias';
if ($user_get && $user_get['count']) {
// $login = array('realname' => $user_get[0]['cn'][0]);
$elettra_ldap_error = 'Login OK';
}
@ldap_close($ldap);
}
else {
$elettra_ldap_error = 'Attention! Wrong password, please try again';
@ldap_close($ldap);
return $elettra_ldap_error;
}
}
else {
$elettra_ldap_error = 'ldap connection';
}
return $elettra_ldap_error;
}
$comp = "available components <table style='width: 360px;'>
<tr><td style='width: 120px;'>elettra</td><td style='width: 120px;'><a href='./magnet.php?machine=elettra'>3D</a></td><td style='width: 120px;'><a href='./magnet.php?svg&machine=elettra'>2D</a></td></tr>
<tr><td>fermi</td><td><a href='./magnet.php?machine=fermi'>3D</a></td><td><a href='./magnet.php?svg&machine=fermi'>2D</a></td></tr>
<tr><td>all</td><td><a href='./magnet.php'>3D</a></td><td><a href='./magnet.php?svg'>2D</a></td></tr>
</table><br><br>Go to <a href='../starter.php'>starter</a><br><br> <a href='https://puma-01.elettra.eu/stat.php?json=diff'>monitor data connection status</a><br><br>
";
// ----------------------------------------------------------------
// check access as administrator
function check_admin_access() {
global $debug, $sql, $username, $comp;
$remote = $_SERVER['REMOTE_ADDR'];
$forwarded = isset($_SERVER['HTTP_X_FORWARDED_FOR'])? $_SERVER['HTTP_X_FORWARDED_FOR']: 0;
session_start();
$yy = date('Y');
if (isset($_REQUEST['logout'])) {
$_SESSION['token'] = '';
die("<script>document.location='./panther.php';</script>");
}
else if (empty($_REQUEST['elettra_ldap_email']) && isset($_SESSION['token'])) {
$webtokenExpirationSeconds = 36000; // 10 hh
$data = $sql->sql_secure("SELECT * FROM userlog_$yy WHERE webtoken=$1 AND EXTRACT(EPOCH FROM NOW()-date)<$webtokenExpirationSeconds ORDER BY date DESC LIMIT 1", array($_SESSION['token']));
if (empty($data)) {sleep(2); if (isset($_REQUEST['debug'])) echo "IP: $remote<br>"; emit_nav(''); die("<form method='post' action='?'>username <input type='text' name='elettra_ldap_email'><br><br>password <input type='password' name='elettra_ldap_password'> <input type='submit'></form></div></body></html>\n");}
$username = $data[0]['username'];
return;
}
if (isset($_REQUEST['elettra_ldap_email']) and isset($_REQUEST['elettra_ldap_password'])) {
$email = $_REQUEST['elettra_ldap_email'];
$password = $_REQUEST['elettra_ldap_password']; $r = elettra_ldap_auth($email, $password);
if ($r != "Login OK") {emit_nav(''); die("login failed<br>$r<br>");}
for ($i=0,$token=""; $i<5; $i++) {
$token .= sprintf("%02x", rand(0, 256));
}
$_SESSION['token'] = $token;
$data = $sql->sql_secure("INSERT INTO userlog_$yy (date,webtoken,username,ip) VALUES (NOW(),$1,$2,$3)", array($token, $email, $_SERVER['REMOTE_ADDR']));
$username = $email;
}
else {
emit_nav('');
die("$comp<br><br><br>Please enter Elettra credentials<br><br><form method='post' action='?'>username <input type='text' name='elettra_ldap_email'><br><br>password <input type='password' name='elettra_ldap_password'><br><br><input type='submit' value='submit'></form><br /></div></body></html>\n");
}
}
function emit_nav($username) {
// <span style='color: black; margin-right: 1em;'>welcome lucio.zambon</span><a class='btn btn-primary' href='?logout'>logout</a>
$u = empty($username)? '': "<span style='color: black; margin-right: 6em;right: 1em; top: 1em; position: fixed;'>welcome $username</span><a class='btn btn-primary' href='?logout' style='right: 1em; top: 0.5em; position: fixed;'>logout</a>";
echo " <nav class='navbar navbar-expand-sm bg-dark navbar-dark justify-content-end' style='background-color: #d9edf7 !important;'>
<ul class='navbar-nav ms-auto' id='text'><table><tr>
<td><a href='./panther.php' border='0'><img src='../img/logo.png' class='media-object' style='width:40px;height:40px; margin-left: -12px;'></a>
<td><a href='./admin.php'><h2 style='color: black;'>PAnTHer Admin</a></td>
</tr></table></ul> $u
</nav>
<div style='margin: 10px;'>\n";
}
check_admin_access();
emit_nav($username);
echo "$comp
<a href='./elettra_lattice.php?json=diff'>elettra lattice diff</a><br>
<a href='./elettra_lattice.php?json'>elettra lattice</a><br>
<a href='./elettra_lattice.php?src'>elettra lattice sources</a><br>
<a href='./component.php'>elettra components bundle (preview)</a><br>
<a href='./component.php?save'>elettra components bundle (save)</a><br>
<a href='./panther.php?envelope=debug'>elettra envelope (generate pulse at configurable index 'envelopeDebug')</a>";
?>