WebSVN – oidplus – Blame – /trunk/includes/classes/OIDplus.class.php

Rev	Author	Line No.	Line
2	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
		5	* Copyright 2019 Daniel Marschall, ViaThinkSoft
		6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
112	daniel-mar	20	if (!defined('IN_OIDPLUS')) die();
		21
2	daniel-mar	22	class OIDplus {
61	daniel-mar	23	private static /OIDplusPagePlugin[][]/ $pagePlugins = array();
150	daniel-mar	24	private static /OIDplusObject[]/ $objectTypes = array();
		25	private static /OIDplusObject[]/ $disabledObjectTypes = array();
		26	private static /OIDplusDatabase[]/ $dbPlugins = array();
2	daniel-mar	27
		28	private function __construct() {
		29	}
		30
		31	public static function db() {
150	daniel-mar	32	if (!isset(self::$dbPlugins[OIDPLUS_DATABASE_PLUGIN])) {
		33	throw new Exception("Database plugin '".htmlentities(OIDPLUS_DATABASE_PLUGIN)."' not found. Please check config.inc.php or run <a href=\"setup/\">setup</a> again.");
2	daniel-mar	34	}
150	daniel-mar	35	$obj = self::$dbPlugins[OIDPLUS_DATABASE_PLUGIN];
		36	if (!$obj->isConnected()) $obj->connect();
		37	return $obj;
2	daniel-mar	38	}
		39
		40	public static function config() {
86	daniel-mar	41	static $config = null;
		42	if (is_null($config)) {
		43	$config = new OIDplusConfig();
2	daniel-mar	44	}
86	daniel-mar	45	return $config;
2	daniel-mar	46	}
		47
		48	public static function gui() {
86	daniel-mar	49	static $gui = null;
		50	if (is_null($gui)) {
		51	$gui = new OIDplusGui();
		52	}
		53	return $gui;
2	daniel-mar	54	}
		55
		56	public static function authUtils() {
86	daniel-mar	57	static $authUtils = null;
		58	if (is_null($authUtils)) {
		59	$authUtils = new OIDplusAuthUtils();
		60	}
		61	return $authUtils;
2	daniel-mar	62	}
		63
115	daniel-mar	64	public static function logger() {
		65	static $logger = null;
		66	if (is_null($logger)) {
		67	$logger = new OIDplusLogger();
		68	}
		69	return $logger;
		70	}
		71
86	daniel-mar	72	public static function sesHandler() {
		73	static $sesHandler = null;
		74	if (is_null($sesHandler)) {
		75	$sesHandler = new OIDplusSessionHandler(OIDPLUS_SESSION_SECRET);
		76	}
		77	return $sesHandler;
		78	}
		79
83	daniel-mar	80	public static function system_url($relative=false) {
74	daniel-mar	81	if (!isset($_SERVER["REQUEST_URI"])) return false;
		82
		83	$test_dir = dirname($_SERVER['SCRIPT_FILENAME']);
		84	$c = 0;
		85	while (!file_exists($test_dir.'/oidplus.js')) {
		86	$test_dir = dirname($test_dir);
		87	$c++;
		88	if ($c == 1000) return false;
		89	}
		90
80	daniel-mar	91	$res = dirname($_SERVER['REQUEST_URI'].'xxx');
74	daniel-mar	92
		93	for ($i=1; $i<=$c; $i++) {
76	daniel-mar	94	$res = dirname($res);
74	daniel-mar	95	}
		96
76	daniel-mar	97	$res .= '/';
		98
83	daniel-mar	99	if (!$relative) {
		100	$res = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]" . $res; // TODO: also add port?
		101	}
82	daniel-mar	102
74	daniel-mar	103	return $res;
2	daniel-mar	104	}
		105
150	daniel-mar	106	public static function registerDatabasePlugin(OIDplusDatabase $plugin) {
		107	$name = $plugin->name();
		108	if ($name === false) return false;
		109
		110	self::$dbPlugins[$name] = $plugin;
		111
		112	return true;
		113	}
		114
		115	public static function getDatabasePlugins() {
		116	return self::$dbPlugins;
		117	}
		118
61	daniel-mar	119	public static function registerPagePlugin(OIDplusPagePlugin $plugin) {
		120	$type = $plugin->type();
		121	if ($type === false) return false;
		122
		123	$prio = $plugin->priority();
		124	if ($prio === false) return false;
		125
		126	if (!isset(self::$pagePlugins[$type])) self::$pagePlugins[$type] = array();
		127	self::$pagePlugins[$type][$prio] = $plugin;
		128
		129	return true;
		130	}
		131
		132	public static function getPagePlugins($type) {
		133	if ($type == '*') {
		134	$res = array();
		135	foreach (self::$pagePlugins as $data) {
		136	$res = array_merge($res, $data);
		137	}
		138	} else {
104	daniel-mar	139	$res = isset(self::$pagePlugins[$type]) ? self::$pagePlugins[$type] : array();
61	daniel-mar	140	}
		141	ksort($res);
		142	return $res;
		143	}
		144
		145	public static function registerObjectType($ot) {
66	daniel-mar	146	$ns = $ot::ns();
		147
		148	if (empty($ns)) die("Attention: Empty NS at $ot\n");
		149
		150	$ns_found = false;
		151	foreach (OIDplus::getRegisteredObjectTypes() as $test_ot) {
		152	if ($test_ot::ns() == $ns) {
		153	$ns_found = true;
		154	break;
		155	}
		156	}
		157	if ($ns_found) {
		158	throw new Exception("Attention: Two objectType plugins use the same namespace \"$ns\"!");
		159	}
		160
		161	$init = OIDplus::config()->getValue("objecttypes_initialized");
		162	$init_ary = empty($init) ? array() : explode(';', $init);
70	daniel-mar	163	$init_ary = array_map('trim', $init_ary);
66	daniel-mar	164
		165	$enabled = OIDplus::config()->getValue("objecttypes_enabled");
		166	$enabled_ary = empty($enabled) ? array() : explode(';', $enabled);
70	daniel-mar	167	$enabled_ary = array_map('trim', $enabled_ary);
66	daniel-mar	168
79	daniel-mar	169	$do_enable = false;
		170	if (in_array($ns, $enabled_ary)) {
		171	$do_enable = true;
		172	} else {
		173	if (!OIDplus::config()->getValue('registration_done')) {
		174	$do_enable = $ns == 'oid';
		175	} else {
		176	$do_enable = !in_array($ns, $init_ary);
		177	}
		178	}
		179
		180	if ($do_enable) {
66	daniel-mar	181	self::$objectTypes[] = $ot;
		182	usort(self::$objectTypes, function($a, $b) {
		183	$enabled = OIDplus::config()->getValue("objecttypes_enabled");
		184	$enabled_ary = explode(';', $enabled);
		185
		186	$idx_a = array_search($a::ns(), $enabled_ary);
		187	$idx_b = array_search($b::ns(), $enabled_ary);
		188
		189	if ($idx_a == $idx_b) {
		190	return 0;
		191	}
		192	return ($idx_a > $idx_b) ? +1 : -1;
		193	});
74	daniel-mar	194	} else {
		195	self::$disabledObjectTypes[] = $ot;
66	daniel-mar	196	}
		197
		198	if (!in_array($ns, $init_ary)) {
		199	// Was never initialized before, so we add it to the list of enabled object types once
		200
79	daniel-mar	201	if ($do_enable) {
		202	$enabled_ary[] = $ns;
		203	OIDplus::config()->setValue("objecttypes_enabled", implode(';', $enabled_ary));
		204	}
66	daniel-mar	205
		206	$init_ary[] = $ns;
		207	OIDplus::config()->setValue("objecttypes_initialized", implode(';', $init_ary));
		208	}
61	daniel-mar	209	}
		210
		211	public static function getRegisteredObjectTypes() {
		212	return self::$objectTypes;
		213	}
		214
74	daniel-mar	215	public static function getDisabledObjectTypes() {
		216	return self::$disabledObjectTypes;
		217	}
		218
139	daniel-mar	219	private static $system_id_cache = null;
74	daniel-mar	220	public static function system_id($oid=false) {
139	daniel-mar	221	if (!is_null(self::$system_id_cache)) {
		222	$out = self::$system_id_cache;
		223	} else {
		224	$out = false;
		225
		226	if (self::pkiStatus(true)) {
		227	$pubKey = OIDplus::config()->getValue('oidplus_public_key');
		228	if (preg_match('@BEGIN PUBLIC KEY\-+(.+)\-+END PUBLIC KEY@ismU', $pubKey, $m)) {
		229	$out = smallhash(base64_decode($m[1]));
		230	}
		231	}
		232	self::$system_id_cache = $out;
74	daniel-mar	233	}
139	daniel-mar	234	return ($oid ? '1.3.6.1.4.1.37476.30.9.' : '').$out;
74	daniel-mar	235	}
		236
		237	public static function pkiStatus($try_generate=true) {
		238	if (!function_exists('openssl_pkey_new')) return false;
		239
		240	$privKey = OIDplus::config()->getValue('oidplus_private_key');
		241	$pubKey = OIDplus::config()->getValue('oidplus_public_key');
		242
		243	if ($try_generate && !verify_private_public_key($privKey, $pubKey)) {
		244	$config = array(
		245	"digest_alg" => "sha512",
		246	"private_key_bits" => 2048,
		247	"private_key_type" => OPENSSL_KEYTYPE_RSA,
		248	);
		249
		250	// Create the private and public key
		251	$res = openssl_pkey_new($config);
		252
		253	// Extract the private key from $res to $privKey
		254	openssl_pkey_export($res, $privKey);
		255
		256	OIDplus::config()->setValue('oidplus_private_key', $privKey);
		257
		258	// Extract the public key from $res to $pubKey
		259	$pubKey = openssl_pkey_get_details($res);
		260	$pubKey = $pubKey["key"];
		261
		262	OIDplus::config()->setValue('oidplus_public_key', $pubKey);
		263	}
		264
		265	return verify_private_public_key($privKey, $pubKey);
		266	}
		267
2	daniel-mar	268	public static function init($html=true) {
42	daniel-mar	269	define('OIDPLUS_HTML_OUTPUT', $html);
		270
2	daniel-mar	271	// Include config file
74	daniel-mar	272
2	daniel-mar	273	if (file_exists(__DIR__ . '/../config.inc.php')) {
		274	include_once __DIR__ . '/../config.inc.php';
		275	} else {
		276	if ($html) {
74	daniel-mar	277	if (!is_dir('setup')) {
2	daniel-mar	278	echo 'Error: Setup directory missing.';
		279	} else {
42	daniel-mar	280	header('Location:setup/');
2	daniel-mar	281	}
		282	} else {
		283	echo 'Error: Setup directory missing!';
		284	}
		285	die();
		286	}
		287
		288	// Auto-fill non-existing config values
74	daniel-mar	289
2	daniel-mar	290	if (!defined('OIDPLUS_CONFIG_VERSION')) define('OIDPLUS_CONFIG_VERSION', 0.0);
		291	if (!defined('OIDPLUS_ADMIN_PASSWORD')) define('OIDPLUS_ADMIN_PASSWORD', '');
150	daniel-mar	292	if (!defined('OIDPLUS_DATABASE_PLUGIN')) define('OIDPLUS_DATABASE_PLUGIN', 'MySQL');
2	daniel-mar	293	if (!defined('OIDPLUS_MYSQL_HOST')) define('OIDPLUS_MYSQL_HOST', 'localhost');
		294	if (!defined('OIDPLUS_MYSQL_USERNAME')) define('OIDPLUS_MYSQL_USERNAME', 'root');
150	daniel-mar	295	if (!defined('OIDPLUS_MYSQL_PASSWORD')) define('OIDPLUS_MYSQL_PASSWORD', ''); // base64 encoded
2	daniel-mar	296	if (!defined('OIDPLUS_MYSQL_DATABASE')) define('OIDPLUS_MYSQL_DATABASE', 'oidplus');
		297	if (!defined('OIDPLUS_TABLENAME_PREFIX')) define('OIDPLUS_TABLENAME_PREFIX', '');
		298	if (!defined('OIDPLUS_SESSION_SECRET')) define('OIDPLUS_SESSION_SECRET', '');
27	daniel-mar	299	if (!defined('RECAPTCHA_ENABLED')) define('RECAPTCHA_ENABLED', false);
		300	if (!defined('RECAPTCHA_PUBLIC')) define('RECAPTCHA_PUBLIC', '');
		301	if (!defined('RECAPTCHA_PRIVATE')) define('RECAPTCHA_PRIVATE', '');
111	daniel-mar	302	if (!defined('OIDPLUS_ENFORCE_SSL')) define('OIDPLUS_ENFORCE_SSL', 2 /* Auto */);
2	daniel-mar	303
		304	// Check version of the config file
74	daniel-mar	305
76	daniel-mar	306	if (OIDPLUS_CONFIG_VERSION != 2.0) {
2	daniel-mar	307	if ($html) {
		308	echo '<h1>Error</h1><p>The information located in <b>includes/config.inc.php</b> is outdated.</p><p>Please run <a href="setup/">setup</a> again.</p>';
		309	} else {
		310	echo 'The information located in includes/config.inc.php is outdated. Please run setup again.';
		311	}
		312	die();
		313	}
42	daniel-mar	314
150	daniel-mar	315	// Register database types (highest priority)
		316
		317	$ary = glob(__DIR__ . '/../../plugins/database/'.'*'.'/plugin.inc.php');
		318	foreach ($ary as $a) include $a;
		319
42	daniel-mar	320	// Do redirect stuff etc.
74	daniel-mar	321
42	daniel-mar	322	define('OIDPLUS_SSL_AVAILABLE', self::isSslAvailable());
61	daniel-mar	323
66	daniel-mar	324	// System config settings
		325
75	daniel-mar	326	OIDplus::config()->prepareConfigKey('objecttypes_initialized', 'List of object type plugins that were initialized once', '', 1, 1);
		327	OIDplus::config()->prepareConfigKey('objecttypes_enabled', 'Enabled object types and their order, separated with a semicolon (please reload the page so that the change is applied)', '', 0, 1);
66	daniel-mar	328
75	daniel-mar	329	OIDplus::config()->prepareConfigKey('oidplus_private_key', 'Private key for this system', '', 1, 0);
80	daniel-mar	330	OIDplus::config()->prepareConfigKey('oidplus_public_key', 'Public key for this system. If you "clone" your system, you must delete this key (e.g. using phpMyAdmin), so that a new one is created.', '', 1, 1);
74	daniel-mar	331
		332	// Initialize public / private keys
		333
		334	OIDplus::pkiStatus(true);
		335
61	daniel-mar	336	// Register plugins
74	daniel-mar	337
150	daniel-mar	338	$ary = glob(__DIR__ . '/../../plugins/objectTypes/'.''.'/.class.php');
		339	foreach ($ary as $a) include $a;
		340
61	daniel-mar	341	$ary = glob(__DIR__ . '/../../plugins/publicPages/'.'*'.'/plugin.inc.php');
		342	foreach ($ary as $a) include $a;
		343	$ary = glob(__DIR__ . '/../../plugins/raPages/'.'*'.'/plugin.inc.php');
		344	foreach ($ary as $a) include $a;
		345	$ary = glob(__DIR__ . '/../../plugins/adminPages/'.'*'.'/plugin.inc.php');
		346	foreach ($ary as $a) include $a;
74	daniel-mar	347
		348	// Initialize plugins
		349
		350	foreach (OIDplus::getPagePlugins('*') as $plugin) {
		351	$plugin->init($html);
		352	}
2	daniel-mar	353	}
42	daniel-mar	354
111	daniel-mar	355	public static function getVersion() {
		356	$status = @shell_exec('svnversion '.realpath(__FILE__));
		357	if (preg_match('/\d+/', $status, $match)) {
		358	return 'svn-'.$match[0];
		359	} else {
		360	return false;
		361	}
		362	}
		363
42	daniel-mar	364	private static function isSslAvailable() {
49	daniel-mar	365	$timeout = 2;
80	daniel-mar	366	$already_ssl = isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == "on");
		367	$ssl_port = 443;
83	daniel-mar	368	$cookie_path = OIDplus::system_url(true);
		369	if (empty($cookie_path)) $cookie_path = '/';
42	daniel-mar	370
54	daniel-mar	371	if (php_sapi_name() == 'cli') return false;
		372
80	daniel-mar	373	if (OIDPLUS_ENFORCE_SSL == 0) {
		374	// No SSL available
		375	return $already_ssl;
		376	}
		377
		378	if (OIDPLUS_ENFORCE_SSL == 1) {
		379	// Force SSL
		380	if ($already_ssl) {
		381	return true;
42	daniel-mar	382	} else {
80	daniel-mar	383	$location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
		384	header('Location:'.$location);
111	daniel-mar	385	die('Redirect to HTTPS');
80	daniel-mar	386	return true;
		387	}
		388	}
		389
		390	if (OIDPLUS_ENFORCE_SSL == 2) {
		391	// Automatic SSL detection
		392
		393	if ($already_ssl) {
		394	// we are already on HTTPS
83	daniel-mar	395	setcookie('SSL_CHECK', '1', 0, $cookie_path, '', false, true);
80	daniel-mar	396	return true;
		397	} else {
		398	if (isset($_COOKIE['SSL_CHECK'])) {
		399	// We already had the HTTPS detection done before.
		400	if ($_COOKIE['SSL_CHECK']) {
		401	// HTTPS was detected before, but we are HTTP. Redirect now
		402	$location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
		403	header('Location:'.$location);
		404	die('Redirect to HTTPS');
		405	return true;
		406	} else {
		407	// No HTTPS available. Do nothing.
		408	return false;
		409	}
49	daniel-mar	410	} else {
80	daniel-mar	411	// This is our first check (or the browser didn't accept the SSL_CHECK cookie)
		412	if (@fsockopen($_SERVER['HTTP_HOST'], $ssl_port, $errno, $errstr, $timeout)) {
		413	// HTTPS detected. Redirect now, and remember that we had detected HTTPS
83	daniel-mar	414	setcookie('SSL_CHECK', '1', 0, $cookie_path, '', false, true);
80	daniel-mar	415	$location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
		416	header('Location:'.$location);
111	daniel-mar	417	die('Redirect to HTTPS');
80	daniel-mar	418	return true;
		419	} else {
		420	// No HTTPS detected. Do nothing, and next time, don't try to detect HTTPS again.
83	daniel-mar	421	setcookie('SSL_CHECK', '0', 0, $cookie_path, '', false, true);
80	daniel-mar	422	return false;
		423	}
49	daniel-mar	424	}
42	daniel-mar	425	}
		426	}
		427	}
2	daniel-mar	428	}

Subversion Repositories oidplus

oidplus/trunk/includes/classes/OIDplus.class.php @ 1127 – Rev 150