Subversion Repositories ALCASAR

Compare Revisions

No changes between revisions

Ignore whitespace Rev 2167 → Rev 2168

/CHANGELOG
1,11 → 1,15
# $Id$
 
************ ALCASAR CHANGELOG ***********
 
-----------------------3.1.1----------------
NEWS
- Linux Kernel (4.4.59)
- Migratation of FPDF to wkhtmltopdf (user/vouncher tickets & user file import). (FPDF is removed)
BUGS
- The users can change their password
SECU
- Fix vulnerabilities in the public part (1 SQL injection & 2 XSS).
- The users can change their password
 
-----------------------3.1-------------------
NEWS
/web/acc/manager/htdocs/import_file.php
1,83 → 1,57
<?php
require('../lib/fpdf/fpdf.php');
/**
* Print credentials of imported users
*
* @author Tom Houdayer
* @copyright Copyright (C) ALCASAR (http://www.alcasar.net)
* @license GPL-3.0
* @version $Id$
*/
 
class fichePDF extends FPDF {
if ((!isset($_GET['file'])) || (empty($_GET['file']))) {
exit();
}
 
function Header()
{
$filename = $_GET['file'];
$format = ((isset($_GET['format'])) ? $_GET['format'] : 'txt');
 
}
function Footer()
{
//Positionnement à 1,5 cm du bas
$this->SetY(-15);
//Arial italique 8
$this->SetFont('Arial','I',8);
//Couleur du texte en gris
$this->SetTextColor(128);
//Numéro de page
$this->Cell(0,10,'Page '.$this->PageNo(),0,0,'C');
}
if (($format !== 'txt') && ($format !== 'pdf')) {
exit();
}
 
function lirefichier($fichier)
{
$this->AddPage();
//Lecture des lignes du fichier
$lines = file($fichier);
$n = 1;
foreach($lines as $line){
//Times 12
$this->SetFont('Times','',10);
//Sortie du texte justifié
$this->Cell(0,5,utf8_decode($line));
$this->Ln();
++$n;
if ($n > (50)){ // on affiche 50 ligne par page soit 5 fiches usagers
$this->AddPage();
$n = 1;
}
}
}
$filePath = '/tmp/'.$filename.'.pwd';
if ((!is_file($filePath)) || (!is_readable($filePath))) {
exit('FILE_NOT_FOUND');
}
 
function getImportFile($importFileName, $format = "txt"){
$importFile = "/tmp/$importFileName.pwd";
if(is_file($importFile)&&is_readable($importFile)){
if ($format=="txt"){
//telechargement
$taille=filesize($importFile);
header("Content-Type: application/x-download");
header("Content-Length: $taille");
header("Content-Disposition: attachment; filename=\"$importFileName.txt\"");
header("Cache-Control: private, max-age=0, must-revalidate");
header("Pragma: public");
header("Content-Type: application/force-download; filename=\"$importFileName.txt\"");
ini_set("zlib.output_compression","0");
readfile($importFile);
exit();
}elseif ($format=="pdf"){
$pdf=new fichePDF();
$pdf->lirefichier($importFile);
$pdf->Output($importFileName.".pdf","D");
}else{
getImportFile($importFileName,"txt");
}
} else {
return false;
}
if ($format === 'txt') {
header('Content-Type: application/x-download');
header('Content-Length: '.filesize($filePath));
header('Content-Disposition: attachment; filename="'.$filename.'.txt"');
header('Content-Type: application/force-download; filename="'.$filename.'.txt"');
header('Cache-Control: private, max-age=0, must-revalidate');
header('Pragma: public');
ini_set('zlib.output_compression', '0');
readfile($filePath);
} else if ($format === 'pdf') {
// Convert to PDF
$html = '<!doctype html><html><head><meta charset="utf-8"></head><body><pre>';
$html .= file_get_contents($filePath);
$html .= '</pre></body></html>';
file_put_contents("$filePath.pdf.html", $html);
 
$command = 'wkhtmltopdf' . ' --quiet --disable-smart-shrinking --footer-font-size 8 --footer-left "ALCASAR" --footer-center "[page] / [toPage]" --footer-right "' . date('Y-m-d H:i:s') . '" ' . escapeshellarg("$filePath.pdf.html") . ' ' . escapeshellarg("$filePath.pdf");
$output;
$exitCode;
exec($command, $output, $exitCode);
 
header('Content-Type: application/pdf');
header('Content-Length: '.filesize("$filePath.pdf"));
header('Content-Disposition: attachment; filename="'.$filename.'.pdf"');
header('Cache-Control: private, max-age=0, must-revalidate');
header('Pragma: public');
readfile("$filePath.pdf");
 
unlink("$filePath.pdf");
unlink("$filePath.pdf.html");
}
if (isset($_GET['file']) && $_GET['file']){
if (isset($_GET['format'])){
$format = $_GET['format'];
} else {
$format = "txt";
}
if (getImportFile($_GET['file'], $format)){
//fichier en cour de téléchargement
} else {
echo "erreur 2 ";
}
} else {
echo "erreur 1 ";
}
?>
Property changes:
Added: svn:keywords
+Id
\ No newline at end of property
/web/acc/manager/htdocs/ticket_user.php
1,54 → 1,42
<?php
require_once('/var/www/html/acc/manager/lib/alcasar/ticketspdf.class.php');
// ticket d'impression (thank's to Geoffroy MUSITELLI)
//--recupération des variables provenant du formulaire
$langue_imp=utf8_decode($_POST["langue_imp"]);
$log_imp=$_POST["log_imp"];
$passwd_imp=$_POST["passwd_imp"];
$exp_imp=utf8_decode($_POST["exp_imp"]);
$sto_imp=utf8_decode($_POST["sto_imp"]);
$mas_imp=utf8_decode($_POST["mas_imp"]);
$mds_imp=utf8_decode($_POST["mds_imp"]);
$mms_imp=utf8_decode($_POST["mms_imp"]);
// Langue du Ticket d'impression en fonction de la liste déroulante
if (isset($_POST["langue_imp"])) { $langue_imp = $_POST["langue_imp"]; } else { $langue_imp = "en"; };
if (is_file("../lib/langues_imp.php")) include("../lib/langues_imp.php") ;
// Si les valeurs de durée ne sont pas définies, on les remplace par la valeur 'Illimitée'
if (($sto_imp=='') or ($sto_imp=='-')){ $sto_imp=$l_unlimited;}
if (($mas_imp=='') or ($mas_imp=='-')){ $mas_imp=$l_unlimited;}
if (($mds_imp=='') or ($mds_imp=='-')){ $mds_imp=$l_unlimited;}
if (($mms_imp=='') or ($mms_imp=='-')){ $mms_imp=$l_unlimited;}
//création de la classe PDF pour faire l'entête et pieds de page
$pdf = new ticketsPDF(2,3);
$pdf->setTicketsTitle($l_title_imp);
$pdf->setTicketsFooter($l_footer_imp);
$pdf->newTickets();
$pdf->Ln(5);
$pdf->addInfos($l_login_imp, $log_imp);
$pdf->addInfos($l_password_imp, $passwd_imp);
$pdf->Ln(5);
$pdf->addInfos($l_max_all_session_imp, $mas_imp);
$pdf->addInfos($l_session_timeout_imp, $sto_imp);
$pdf->addInfos($l_max_daily_session_imp, $mds_imp);
$pdf->addInfos($l_expiration_imp, $exp_imp);
$pdf->Ln(10);
$pdf->addComment($l_explain);
 
// Création du duplicata
$pdf->newTickets();
$pdf->Ln(5);
$pdf->addInfos($l_login_imp, $log_imp);
$pdf->addInfos($l_password_imp, $passwd_imp);
$pdf->Ln(5);
$pdf->addInfos($l_max_all_session_imp, $mas_imp);
$pdf->addInfos($l_session_timeout_imp, $sto_imp);
$pdf->addInfos($l_max_daily_session_imp, $mds_imp);
$pdf->addInfos($l_expiration_imp, $exp_imp);
$pdf->Ln(10);
$pdf->addComment($l_duplicate,'C');//à mettre en rouge
 
// envoie du document au navigateur
$ticket_name="ticket_".$log_imp.".pdf";
$pdf->Output($ticket_name);
header ('Location: '.$ticket_name);
?>
<?php
/**
* Print tickets of the new user
*
* @author Tom Houdayer
* @copyright Copyright (C) ALCASAR (http://www.alcasar.net)
* @license GPL-3.0
* @version $Id$
*/
 
require_once __DIR__ . '/../lib/alcasar/TicketsGenerator.php';
$langue_imp = ((isset($_POST['langue_imp'])) ? $_POST['langue_imp'] : 'en');
require_once __DIR__ . '/../lib/langues_imp.php';
 
// Get datas from form
if ((!isset($_POST['log_imp'])) || (!isset($_POST['passwd_imp'])) || (!isset($_POST['exp_imp'])) || (!isset($_POST['sto_imp'])) || (!isset($_POST['mas_imp'])) || (!isset($_POST['mds_imp']))) {
exit();
}
$log_imp = $_POST['log_imp'];
$passwd_imp = $_POST['passwd_imp'];
$exp_imp = ((($_POST['exp_imp'] === '') || ($_POST['exp_imp'] === '-')) ? $l_without : utf8_decode($_POST['exp_imp']));
$sto_imp = ((($_POST['sto_imp'] === '') || ($_POST['sto_imp'] === '-')) ? $l_unlimited : utf8_decode($_POST['sto_imp']));
$mas_imp = ((($_POST['mas_imp'] === '') || ($_POST['mas_imp'] === '-')) ? $l_unlimited : utf8_decode($_POST['mas_imp']));
$mds_imp = ((($_POST['mds_imp'] === '') || ($_POST['mds_imp'] === '-')) ? $l_unlimited : utf8_decode($_POST['mds_imp']));
 
// Generate tickets
$ticketsGenerator = new TicketsGenerator(['language' => $langue_imp]);
 
// Add user
$ticketsGenerator->addTicket([
'username' => $log_imp,
'password' => $passwd_imp,
'maxAllSession' => $mas_imp,
'sessionTimeout' => $sto_imp,
'maxDailySession' => $mds_imp,
'expiration' => $exp_imp
]);
 
// Save the PDF and redirect user to it
$filename = 'ticket_' . $log_imp . '.pdf';
$ticketsGenerator->saveAs($filename);
header('Location: ' . $filename);
Property changes:
Added: svn:keywords
+Id
\ No newline at end of property
/web/acc/manager/htdocs/ticket_voucher.php
1,200 → 1,137
<?php
CONST ROOT = '/';
require_once(ROOT.'/var/www/html/acc/manager/lib/alcasar/ticketspdf.class.php');
/**
* Print tickets of new users
*
* @author Tom Houdayer
* @copyright Copyright (C) ALCASAR (http://www.alcasar.net)
* @license GPL-3.0
* @version $Id$
*/
 
/*
TODO :
- refonte de GenRandUsersName()
- traiter si $nbfailuser (nombre de ticket non créé pour cause de doublon)
*/
require_once __DIR__ . '/../lib/alcasar/TicketsGenerator.php';
require_once '/etc/freeradius-web/config.php';
require_once '../lib/sql/drivers/'.$config['sql_type'].'/functions.php';;
require_once '../lib/attrshow.php';
require_once '../lib/defaults.php';
require_once '../lib/functions.php';
if ($config['sql_use_operators'] === 'true') {
require_once '../lib/operators.php';
}
 
// POUR LES BESOINS DU DEVELOPPEMENT
// BUFFERISATION DES DONNEES ENVOYEES AU CLIENT (compatibilité avec les fichiers existants)
ob_start();
//Common Functions
function sec_imp($time)
/* Formatage des secondes avant l'impression */
{
$jour = 0;$heure = 0;$minute = 0;$seconde = 0;
$jour = floor($time/86400);
$reste = $time%86400;
if ($jour!=0) $result = $jour.' J ';
$heure = floor($reste/3600);
$reste = $reste%3600;
if ($heure!=0) $result = $result.$heure.' H ';
$minute = floor($reste/60);
if ($minute!=0) $result = $result.$minute.' min ';
$seconde = $reste%60;
if ($seconde!=0) $result = $result.$seconde.' s ';
return $result;
 
// Get datas from form
if ((!isset($_POST['nbtickets'])) || (!is_numeric($_POST['nbtickets']))){
header('Location: voucher_new.php');
exit();
}
function GenPassword($nb_car="8")
{
/* generation aléatoire du mot de passe */
$password = "";
$chaine = "aAzZeErRtTyYuUIopP152346897mMLkK";
$chaine .= "jJhHgGfFdDsSqQwWxXcCvVbBnN152346897";
while($nb_car != 0)
{
$i = rand(0,71);
$password = $password.$chaine[$i];
$nb_car --;
}
return $password ;
}
function GenRandUsersName()
{
$nb_car= 12;
$chaine = "AZE489RTYU2PML5KJ35HGF9DSQWXCV3BN267";
//$i = rand(0,25);
//$j = rand(0,25);
//$k = rand(0,25);
$userName = "";
while($nb_car != 0)
{
$i = rand(0,35);
$userName .= $chaine[$i];
$nb_car --;
}
//return "T".$chaine[$i].substr(time(),4).$chaine[$j].$chaine[$k];
return $userName;
}
$nbTickets = (int)$_POST['nbtickets'];
$langue_imp = ((isset($_POST['langue_imp'])) ? $_POST['langue_imp'] : 'en');
require_once __DIR__ . '/../lib/langues_imp.php';
 
if (isset($_POST['nbtickets'])&& is_numeric($_POST['nbtickets'])){
$nbtickets = (int)$_POST['nbtickets'];
if ($config['general_lib_type'] === 'sql' && $config['sql_use_operators'] === 'true') {
$show_ops = 1;
$colspan = 2;
} else {
header("Location: voucher_new.php");
exit;
$show_ops = 0;
$colspan = 1;
}
if ($config['sql_use_operators'] === 'true') {
$text = ',op';
$passwd_op = ",':='";
}
 
// Langue du Ticket d'impression en fonction de la liste déroulante
if (isset($_POST["langue_imp"])) { $langue_imp = $_POST["langue_imp"]; } else { $langue_imp = "en"; };
if (is_file("../lib/langues_imp.php")) include("../lib/langues_imp.php") ;
 
require(ROOT.'etc/freeradius-web/config.php');
require('../lib/attrshow.php');
require('../lib/defaults.php');
if ($config[general_lib_type] == 'sql' && $config[sql_use_operators] == 'true'){
$colspan=2;
$show_ops=1;
}else{
$show_ops = 0;
$colspan=1;
// Connect to database
$link = da_sql_pconnect($config);
if (!$link) {
exit('ERR_DATABASE_CONNECT');
}
 
$LIBpath = "../lib/";
require(ROOT.'etc/freeradius-web/config.php');
if (is_file($LIBpath."sql/drivers/$config[sql_type]/functions.php"))
{
include_once($LIBpath."sql/drivers/$config[sql_type]/functions.php");
$nbFailUsers = 0;
 
 
 
// Generate tickets
$ticketsGenerator = new TicketsGenerator(['language' => $langue_imp]);
 
 
for ($i = 0; $i < $nbTickets; $i++) {
// Generate username and password
$login = generateRandomString(8);
$passwd = generateRandomString(12);
$password = $passwd;
// Check user exist
require '../lib/'.$config['general_lib_type'].'/user_info.php';
if ($user_exists === 'yes') {
$nbFailUsers++;
continue;
}
else
{
echo "<b>Could not include SQL library</b><br>\n";
exit();
 
// Create user in database
require '../lib/'.$config['general_lib_type'].'/create_user.php';
 
// Get group infos
if ((isset($group)) && ($group !== '')) {
$loginUser = $login;
$login = $group;
require '../lib/sql/group_info.php';
$login = $loginUser;
}
include_once($LIBpath.'functions.php');
if ($config['sql_use_operators'] == 'true')
{
include_once($LIBpath."operators.php");
$text = ',op';
$passwd_op = ",':='";
}
$link = @da_sql_pconnect($config);
 
$nbfailuser = 0;
// Format datas
$sto_imp = (($sto_imp === '') ? $l_unlimited : formatTime($sto_imp));
$mas_imp = (($mas_imp === '') ? $l_unlimited : formatTime($mas_imp));
$mds_imp = (($mds_imp === '') ? $l_unlimited : formatTime($mds_imp));
$mms_imp = (($mms_imp === '') ? $l_unlimited : formatTime($mms_imp));
$exp_imp = (($Expiration === '') ? $l_without : date('d - m - Y', strtotime($Expiration)));
 
// Préparation de la fiche PDF
$pdf = new ticketsPDF(2,3);
$pdf->setTicketsTitle($l_title_imp);
$pdf->setTicketsFooter($l_footer_imp);
// Add user
$ticketsGenerator->addTicket([
'username' => $login,
'password' => $password,
'maxAllSession' => $mas_imp,
'sessionTimeout' => $sto_imp,
'maxDailySession' => $mds_imp,
'expiration' => $exp_imp
]);
}
 
if ($link)
 
// Generate the PDF
$ticketsGenerator->output();
 
 
/**
* Format time in seconds to days/hours/minutes/secondes.
*
* @param int $time Time in seconds.
*
* @return string Formated time.
*/
function formatTime($time)
{
if (is_file($LIBpath."crypt/$config[general_encryption_method].php"))
{
include($LIBpath."crypt/$config[general_encryption_method].php");
// ajout des comptes (mêmes attributs pour tous sauf login + mdp)
$days = floor($time / 86400); $reste = $time % 86400;
$hours = floor($reste / 3600); $reste = $reste % 3600;
$minutes = floor($reste / 60);
$secondes = $reste % 60;
 
for ($i = 1; $i <= $nbtickets; $i++)
{
// effacement des variables
$login = "";
$passwd = "";
// création des données uniques
$login = GenRandUsersName();
$passwd = GenPassword();
// création des variables d'impression
$login_imp = $login;
$passwd1_imp = $passwd;
// encryption du mot de passe (pas besoins, déjà présent dans le fichier create_user.php)
//$passwd = da_encrypt($passwd);
// test si l'usager existe
if (is_file("../lib/$config[general_lib_type]/user_info.php"))
include("../lib/$config[general_lib_type]/user_info.php");
if ($user_exists == "no"){
// Création de l'usager
if (is_file("../lib/$config[general_lib_type]/create_user.php"))
include("../lib/$config[general_lib_type]/create_user.php");
/* Petit traitement pré-impression pour la lisibilité */
/* Récupération des attributs du groupe le cas échéant */
if ($group!=''){
$saved_login = $login;
$login = $group;
if (is_file("../lib/sql/group_info.php"))
include("../lib/sql/group_info.php");
$login = $saved_login;}
/* Si les valeurs de durée sont vide remplissage avec la valeur 'Illimitée'*/
/* et formatage des secondes sous le format Heure min ses*/
if ($sto_imp==''){ $sto_imp=$l_unlimited;}
else { $sto_imp=sec_imp($sto_imp);}
if ($mas_imp==''){ $mas_imp=$l_unlimited;}
else { $mas_imp=sec_imp($mas_imp);}
if ($mds_imp==''){ $mds_imp=$l_unlimited;}
else { $mds_imp=sec_imp($mds_imp);}
if ($mms_imp==''){ $mms_imp=$l_unlimited;}
else { $mms_imp=sec_imp($mms_imp);}
/*Formatage de la date afin d'être lisible dans toute les langues 'jj mm yyyy'*/
$exp_imp = $Expiration;
if ($exp_imp!=''){ $exp_imp=date("d - m - Y",strtotime($exp_imp));}
else { $exp_imp=$l_without;}
// Ajout d'un ticket sur la fiche PDF
$pdf->newTickets();
$pdf->Ln(5);
$pdf->addInfos($l_login_imp, $login_imp);
$pdf->addInfos($l_password_imp, $passwd1_imp);
$pdf->Ln(5);
$pdf->addInfos($l_max_all_session_imp, $mas_imp);
$pdf->addInfos($l_session_timeout_imp, $sto_imp);
$pdf->addInfos($l_max_daily_session_imp, $mds_imp);
$pdf->addInfos($l_expiration_imp, $exp_imp);
$pdf->Ln(10);
$pdf->addComment($l_explain);
return "$days J $hours H $minutes min $secondes s";
}
 
// Création du duplicata
$pdf->newTickets();
$pdf->Ln(5);
$pdf->addInfos($l_login_imp, $login_imp);
$pdf->addInfos($l_password_imp, $passwd1_imp);
$pdf->Ln(5);
$pdf->addInfos($l_max_all_session_imp, $mas_imp);
$pdf->addInfos($l_session_timeout_imp, $sto_imp);
$pdf->addInfos($l_max_daily_session_imp, $mds_imp);
$pdf->addInfos($l_expiration_imp, $exp_imp);
$pdf->Ln(10);
$pdf->addComment($l_duplicate,'C');//à mettre en rouge
} else {
$nbfailuser++;
}# if user
} # end for
} # end if (is file)
} # end if (link)
 
//Affichage de la fiche de tickets
ob_end_clean();
$pdf->Output();
?>
/**
* Generate a random string.
*
* @param int $length Length of the string.
*
* @return string Random string.
*/
function generateRandomString($length = 8)
{
$string = '';
$chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randoms = openssl_random_pseudo_bytes($length);
for ($i = 0; $i < $length; $i++) {
$string .= $chars[ord($randoms[$i]) % 62];
}
return $string;
}
Property changes:
Added: svn:keywords
+Id
\ No newline at end of property
/web/acc/manager/lib/fpdf/license.txt
File deleted
\ No newline at end of file
Property changes:
Deleted: svn:eol-style
-native
\ No newline at end of property
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/fpdf.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/timesbi.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/zapfdingbats.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/helveticai.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/helveticabi.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/courieri.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/times.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/courierbi.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/timesb.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/helvetica.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/symbol.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/helveticab.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/courier.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/courierb.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/font/timesi.php
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/fpdf/fpdf.css
File deleted
Property changes:
Deleted: svn:executable
-*
\ No newline at end of property
/web/acc/manager/lib/alcasar/ticketspdf.class.php
File deleted
\ No newline at end of file
/web/acc/manager/lib/alcasar/TicketsGenerator.php
0,0 → 1,178
<?php
/**
* ALCASAR tickets generator
*
* Generate tickets of users.
* Use wkhtmltopdf to convert HTML to PDF.
*
* @author Tom Houdayer
* @copyright Copyright (C) ALCASAR (http://www.alcasar.net)
* @license GPL-3.0
* @version $Id$
*/
 
class TicketsGenerator
{
/**
* @var string Path to wkhtmltopdf executable.
*/
private $wkhtmltopdfPath = 'wkhtmltopdf';
 
/**
* @var object[] Tickets of users.
*/
private $tickets = [];
 
/**
* @var string Language of tickets.
*/
private $language = 'en';
 
/**
* @var string HTML template filename.
*/
private $template = __DIR__ . '/' . 'tickets.template.php';
 
/**
* @var string|null HTML generated filename (null if not generated).
*/
private $htmlGeneratedFilename;
 
/**
* Constructor.
*
* @param array $options Options of the instance.
*/
public function __construct($options = [])
{
if (isset($options['wkhtmltopdfPath'])) {
$this->wkhtmltopdfPath = $options['wkhtmltopdfPath'];
}
if (isset($options['language'])) {
$this->language = $options['language'];
}
if (isset($options['template'])) {
$this->template = $options['template'];
}
}
 
/**
* Add a ticket.
*
* @param array $user User.
* @param bool $duplicate Print a duplicated ticket if true.
*/
public function addTicket($user, $duplicate = true)
{
$this->tickets[] = (object) [
'username' => $user['username'],
'password' => $user['password'],
'maxAllSession' => $user['maxAllSession'],
'sessionTimeout' => $user['sessionTimeout'],
'maxDailySession' => $user['maxDailySession'],
'expiration' => ((isset($user['expiration'])) ? $user['expiration'] : '-'),
'isDuplicate' => false
];
if ($duplicate) {
$this->tickets[] = (object) [
'username' => $user['username'],
'password' => $user['password'],
'maxAllSession' => $user['maxAllSession'],
'sessionTimeout' => $user['sessionTimeout'],
'maxDailySession' => $user['maxDailySession'],
'expiration' => ((isset($user['expiration'])) ? $user['expiration'] : '-'),
'isDuplicate' => true
];
}
}
 
/**
* Generate and save the PDF to the filesystem.
*
* @param string $filename File name of the generated PDF.
*
* @return bool Result of the convertion (true if success).
*/
public function saveAs($filename)
{
if (file_exists($filename)) {
return false;
}
 
// TODO: Regex validation of $filename
 
if (!$this->generateHtml("$filename.html")) {
return false;
}
 
$command = $this->wkhtmltopdfPath . ' --quiet --disable-smart-shrinking --footer-font-size 8 --footer-left "ALCASAR" --footer-center "[page] / [toPage]" --footer-right "' . date('Y-m-d H:i:s') . '" ' . escapeshellarg("$filename.html") . ' ' . escapeshellarg($filename);
$output;
$exitCode;
exec($command, $output, $exitCode);
 
unlink("$filename.html");
 
if ($exitCode !== 0) {
return false;
}
 
return true;
}
 
/**
* Send the PDF to the browser.
*
* @return bool Result of the convertion (true if success).
*/
public function output()
{
$filename = tempnam('/tmp', 'ALCASAR-PDF_');
unlink($filename);
 
if (!$this->saveAs($filename)) {
return false;
}
 
header('Content-Type: application/pdf');
header('Content-Disposition: inline; filename="tickets.pdf"');
header('Cache-Control: private, max-age=0, must-revalidate');
header('Pragma: public');
readfile($filename);
 
unlink($filename);
 
return true;
}
 
/**
* Generate HTML document from the template.
*
* @param string $output File name of the generated template.
*
* @return bool Result of the generation (true if success).
*/
private function generateHtml($output)
{
if (file_exists($output)) {
return false;
}
 
if (!file_exists($this->template)) {
return false;
}
 
$language = $this->language;
$users = $this->tickets;
 
ob_start();
require($this->template);
$content = ob_get_clean();
 
$ret = file_put_contents($output, $content);
if ($ret === false) {
return false;
}
 
return true;
}
}
Property changes:
Added: svn:keywords
+Id
\ No newline at end of property
/web/acc/manager/lib/alcasar/tickets.template.php
0,0 → 1,134
<?php
/**
* Tickets template for TicketsGenerator
*
* @author Tom Houdayer
* @copyright Copyright (C) ALCASAR (http://www.alcasar.net)
* @license GPL-3.0
* @version $Id$
*/
 
$langue_imp = $language;
require __DIR__ . '/../langues_imp.php';
 
$img_logoAlcasar = __DIR__ . '/../../../../images/logo-alcasar.png';
$img_logoOrganization = __DIR__ . '/../../../../images/organisme.png';
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<style>
body {
margin: 0;
}
.ticket {
margin: 20px 0;
width: 50%;
display: inline-block;
font-family: Arial;
font-size: 10px;
line-height: 20px;
}
.ticket-header {
min-height: 40px;
line-height: 40px;
font-size: 12px;
text-align: center;
}
.ticket-header > .ticket-title {
color: red;
font-weight: bold;
}
.ticket-box {
position: relative;
border: 1px solid black;
border-radius: 10px;
width: 275px;
margin: 0 auto;
}
.ticket-box > .logo {
position: absolute;
display: inline-block;
width: 80px;
height: 80px;
text-align: center;
}
.ticket-box > .logo img {
max-width: 100%;
max-height: 100%;
}
.ticket-box > .logo-alcasar {
top: -40px;
left: -40px;
}
.ticket-box > .logo-organization {
top: -40px;
right: -40px;
}
.ticket-body {
position: relative;
z-index: 10;
padding: 5px;
}
.ticket-body > div > span {
display: inline-block;
}
.ticket-body > div.spacer {
height: 12px;
}
.ticket-body > div > span.key {
width: 50%;
text-align: right;
}
.ticket-body > div > span.value {
width: 50%;
font-weight: bold;
}
.ticket-footer > .infos {
font-size: 9px;
height: 70px;
}
.center {
text-align: center;
}
</style>
</head>
<body>
<?php foreach ($users as $user):
?><div class="ticket">
<div class="ticket-header">
<span class="ticket-title"><?= $l_title_imp ?></span>
</div>
<div class="ticket-box">
<div class="logo logo-alcasar"><img src="<?= $img_logoAlcasar ?>" alt=""></div>
<div class="logo logo-organization"><img src="<?= $img_logoOrganization ?>" alt=""></div>
<div class="ticket-body">
<div class="spacer"></div>
<div><span class="key"><?= $l_login_imp ?>&nbsp;</span><span class="value"><?= $user->username ?></span></div>
<div><span class="key"><?= $l_password_imp ?>&nbsp;</span><span class="value"><?= $user->password ?></span></div>
<div class="spacer"></div>
<div><span class="key"><?= $l_max_all_session_imp ?>&nbsp;</span><span class="value"><?= $user->maxAllSession ?></span></div>
<div><span class="key"><?= $l_session_timeout_imp ?>&nbsp;</span><span class="value"><?= $user->sessionTimeout ?></span></div>
<div><span class="key"><?= $l_max_daily_session_imp ?>&nbsp;</span><span class="value"><?= $user->maxDailySession ?></span></div>
<div><span class="key"><?= $l_expiration_imp ?>&nbsp;</span><span class="value"><?= $user->expiration ?></span></div>
<div class="spacer"></div>
</div>
</div>
<div class="ticket-footer">
<?php if ($user->isDuplicate): ?>
<div class="infos center">
<p><?= $l_duplicate ?></p>
</div>
<?php else: ?>
<div class="infos">
<p><?= nl2br($l_explain, false) ?></p>
</div>
<?php endif; ?>
<div class="credits center"><?= $l_footer_imp ?></div>
</div>
</div><?php
endforeach; ?>
</body>
</html>
 
Property changes:
Added: svn:keywords
+Id
\ No newline at end of property
/web/acc/manager/lib/langues_imp.php
1,155 → 1,166
<?php
/*******************
* READ CONF FILE *
********************/
$CONF_FILE="/usr/local/etc/alcasar.conf";
if (!file_exists($CONF_FILE)){
exit("Requested file ".$CONF_FILE." isn't present");}
if (!is_readable($CONF_FILE)){
exit("Can't read the file ".$CONF_FILE);}
$ouvre=fopen($CONF_FILE,"r");
if ($ouvre){
while (!feof ($ouvre))
{
/**
* Translations of users tickets
*
* @copyright Copyright (C) ALCASAR (http://www.alcasar.net)
* @license GPL-3.0
* @version $Id$
*/
 
// Read conf file
$CONF_FILE = '/usr/local/etc/alcasar.conf';
if (!file_exists($CONF_FILE)) {
exit("Requested file $CONF_FILE isn't present");
}
if (!is_readable($CONF_FILE)) {
exit("Can't read the file $CONF_FILE");
}
$ouvre = fopen($CONF_FILE, 'r');
if ($ouvre) {
while (!feof($ouvre)) {
$tampon = fgets($ouvre, 4096);
if (strpos($tampon,"=")!==false){
$tmp = explode("=",$tampon);
if (strpos($tampon, '=') !== false) {
$tmp = explode('=', $tampon);
$conf[$tmp[0]] = $tmp[1];
}
}
fclose($ouvre);
}
//Langue du Ticket d'impression en fonction de la liste déroulante
switch ($langue_imp){
case 'fr':
$l_title_imp = "TICKET D'ACCÈS";
$l_login_imp = "Utilisateur :";
$l_password_imp = "Mot de passe :";
$l_max_all_session_imp="Période autorisée :";
$l_session_timeout_imp="Durée d'une session :";
$l_max_daily_session_imp="Durée quotidienne :";
$l_max_monthly_session_imp ="Durée mensuelle :";
$l_expiration_imp="Date d'expiration :";
$l_unlimited="Illimitée";
$l_without="Aucune";
$l_duplicate="Duplicata";
$l_explain = "Entrer 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' dans votre navigateur pour gérer votre compte (mot de passe, certificat, etc.).
Entrer 'http://logout' dans votre navigateur pour vous déconnecter.";
$l_footer_imp = "Généré par ALCASAR";
break;
case 'de':
$l_title_imp = "ZUGANG TICKET";
$l_login_imp = "Login :";
$l_password_imp = "Passwort :";
$l_max_all_session_imp="Autorisierte Zeitraum :";
$l_session_timeout_imp="Dauer der Sitzung :";
$l_max_daily_session_imp="Stunden t&auml;glich :";
$l_max_monthly_session_imp ="monatlich Dauer :";
$l_expiration_imp="Verfallsdatum :";
$l_unlimited="Unbegrentz";
$l_without="Ohne";
$l_duplicate="Duplikat";
$l_explain = "Geben Sie 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' in Ihrem Browser, um Ihr Konto zu verwalten (kennwort, zertifikat, etc.).
Geben Sie 'http://logout' in Ihrem Browser zu trennen.
";
$l_footer_imp = "Präsentiert von ALCASAR";
break;
case 'nl':
$l_title_imp = "TOERANG TICKET";
$l_login_imp = "Gebruikers :";
$l_password_imp = "Wachtwoord :";
$l_max_all_session_imp="toegestane duur :";
$l_session_timeout_imp="Sessieduur :";
$l_max_daily_session_imp="Dagelijkse uren :";
$l_max_monthly_session_imp ="Maandelijkse duur :";
$l_expiration_imp="Vervaldatum :";
$l_unlimited="Onbeperkte";
$l_without="Ohne";
$l_duplicate="Duplicaat";
$l_explain = "Voer 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' in uw browser om uw account te beheren (wachtwoord, certificaat, etc.).
Voer 'http://logout' in uw browser de verbinding te verbreken.";
$l_footer_imp = "Powered by ALCASAR";
break;
case 'es':
$l_title_imp = "TURISTICA ACCESO";
$l_login_imp = "Usuario :";
$l_password_imp = "Contraseña :";
$l_max_all_session_imp="periodo autorizado :";
$l_session_timeout_imp="Duración de Sesión :";
$l_max_daily_session_imp="Duración diario :";
$l_max_monthly_session_imp ="Duraci&oacute;n mensual :";
$l_expiration_imp="Fecha de caducidad :";
$l_unlimited="Ilimitado";
$l_without="Sin";
$l_duplicate="Duplicado";
$l_explain = "Escribe 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' de su navegador para administrar su cuenta (contraseña, certificado, etc.).
Escribe 'http://logout' de su navegador para desconectar.";
$l_footer_imp = "Desarrollado por ALCASAR";
break;
case 'it':
$l_title_imp = "TICKET D'ACCESSO";
$l_login_imp = "Utenti :";
$l_password_imp = "Password :";
$l_max_all_session_imp="periodo autorizzato :";
$l_session_timeout_imp="Durata della sessione :";
$l_max_daily_session_imp="Durata quotidiano :";
$l_max_monthly_session_imp ="Durata mensile :";
$l_expiration_imp="Data di scadenza :";
$l_unlimited="Illimitato";
$l_without="Senza";
$l_duplicate="Duplicato";
$l_explain = "Inserisci 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' nel tuo browser per gestire il tuo account (password, certificato, ecc).
Inserisci 'http://logout' nel tuo browser per disconnettersi.";
$l_footer_imp = "Powered by ALCASAR";
break;
case 'pt':
$l_title_imp = "BILHETE DE ACESSO";
$l_login_imp = "Usuário :";
$l_password_imp = "Senha :";
$l_max_all_session_imp="Período autorizado :";
$l_session_timeout_imp="duração de uma sessão :";
$l_max_daily_session_imp="Duração diária :";
$l_max_monthly_session_imp ="Duração Mensal :";
$l_expiration_imp="Data de validade :";
$l_unlimited="Ilimitado";
$l_without="Sem";
$l_duplicate="Duplicado";
$l_explain = "Digite 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' no seu navegador para gerenciar sua conta (senha, certidão, etc).
Digite 'http://logout' no seu navegador para desligar.";
$l_footer_imp = "Desenvolvido por ALCASAR";
break;
case 'ar':
$l_title_imp = "وصول التذاكر";
$l_login_imp = "مستخدم:";
$l_password_imp = "كلمه السر:";
$l_max_all_session_imp = "فترة أذن:";
$l_session_timeout_imp = "مهلة جلسة:";
$l_max_daily_session_imp = "جلسة اليومية القصوى:";
 
// Translations
switch ($langue_imp) {
case 'fr': // French
$l_title_imp = "TICKET D'ACCÈS";
$l_login_imp = "Utilisateur :";
$l_password_imp = "Mot de passe :";
$l_max_all_session_imp = "Période autorisée :";
$l_session_timeout_imp = "Durée d'une session :";
$l_max_daily_session_imp = "Durée quotidienne :";
$l_max_monthly_session_imp = "Durée mensuelle :";
$l_expiration_imp = "Date d'expiration :";
$l_unlimited = "Illimitée";
$l_without = "Aucune";
$l_duplicate = "Duplicata";
$l_explain = "Entrer 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' dans votre navigateur pour gérer votre compte (mot de passe, certificat, etc.).
Entrer 'http://logout' dans votre navigateur pour vous déconnecter.";
$l_footer_imp = "Généré par ALCASAR";
break;
 
case 'de': // German
$l_title_imp = "ZUGANG TICKET";
$l_login_imp = "Login :";
$l_password_imp = "Passwort :";
$l_max_all_session_imp = "Autorisierte Zeitraum :";
$l_session_timeout_imp = "Dauer der Sitzung :";
$l_max_daily_session_imp = "Stunden t&auml;glich :";
$l_max_monthly_session_imp = "monatlich Dauer :";
$l_expiration_imp = "Verfallsdatum :";
$l_unlimited = "Unbegrentz";
$l_without = "Ohne";
$l_duplicate = "Duplikat";
$l_explain = "Geben Sie 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' in Ihrem Browser, um Ihr Konto zu verwalten (kennwort, zertifikat, etc.).
Geben Sie 'http://logout' in Ihrem Browser zu trennen.";
$l_footer_imp = "Präsentiert von ALCASAR";
break;
 
case 'nl': // Dutch
$l_title_imp = "TOERANG TICKET";
$l_login_imp = "Gebruikers :";
$l_password_imp = "Wachtwoord :";
$l_max_all_session_imp = "toegestane duur :";
$l_session_timeout_imp = "Sessieduur :";
$l_max_daily_session_imp = "Dagelijkse uren :";
$l_max_monthly_session_imp = "Maandelijkse duur :";
$l_expiration_imp = "Vervaldatum :";
$l_unlimited = "Onbeperkte";
$l_without = "Ohne";
$l_duplicate = "Duplicaat";
$l_explain = "Voer 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' in uw browser om uw account te beheren (wachtwoord, certificaat, etc.).
Voer 'http://logout' in uw browser de verbinding te verbreken.";
$l_footer_imp = "Powered by ALCASAR";
break;
 
case 'es': // Spanish
$l_title_imp = "TURISTICA ACCESO";
$l_login_imp = "Usuario :";
$l_password_imp = "Contraseña :";
$l_max_all_session_imp = "periodo autorizado :";
$l_session_timeout_imp = "Duración de Sesión :";
$l_max_daily_session_imp = "Duración diario :";
$l_max_monthly_session_imp = "Duraci&oacute;n mensual :";
$l_expiration_imp = "Fecha de caducidad :";
$l_unlimited = "Ilimitado";
$l_without = "Sin";
$l_duplicate = "Duplicado";
$l_explain = "Escribe 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' de su navegador para administrar su cuenta (contraseña, certificado, etc.).
Escribe 'http://logout' de su navegador para desconectar.";
$l_footer_imp = "Desarrollado por ALCASAR";
break;
 
case 'it': // Italian
$l_title_imp = "TICKET D'ACCESSO";
$l_login_imp = "Utenti :";
$l_password_imp = "Password :";
$l_max_all_session_imp = "periodo autorizzato :";
$l_session_timeout_imp = "Durata della sessione :";
$l_max_daily_session_imp = "Durata quotidiano :";
$l_max_monthly_session_imp = "Durata mensile :";
$l_expiration_imp = "Data di scadenza :";
$l_unlimited = "Illimitato";
$l_without = "Senza";
$l_duplicate = "Duplicato";
$l_explain = "Inserisci 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' nel tuo browser per gestire il tuo account (password, certificato, ecc).
Inserisci 'http://logout' nel tuo browser per disconnettersi.";
$l_footer_imp = "Powered by ALCASAR";
break;
 
case 'pt': // Portuguese
$l_title_imp = "BILHETE DE ACESSO";
$l_login_imp = "Usuário :";
$l_password_imp = "Senha :";
$l_max_all_session_imp = "Período autorizado :";
$l_session_timeout_imp = "Duração de uma sessão :";
$l_max_daily_session_imp = "Duração diária :";
$l_max_monthly_session_imp = "Duração Mensal :";
$l_expiration_imp = "Data de validade :";
$l_unlimited = "Ilimitado";
$l_without = "Sem";
$l_duplicate = "Duplicado";
$l_explain = "Digite 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' no seu navegador para gerenciar sua conta (senha, certidão, etc).
Digite 'http://logout' no seu navegador para desligar.";
$l_footer_imp = "Desenvolvido por ALCASAR";
break;
 
case 'ar': // Arabic
$l_title_imp = "وصول التذاكر";
$l_login_imp = "مستخدم:";
$l_password_imp = "كلمه السر:";
$l_max_all_session_imp = "فترة أذن:";
$l_session_timeout_imp = "مهلة جلسة:";
$l_max_daily_session_imp = "جلسة اليومية القصوى:";
$l_max_monthly_session_imp = "جلسة الشهرية القصوى:";
$l_expiration_imp = "تاريخ إنتهاء الصلاحية:";
$l_unlimited = "غير محدود:";
$l_without = "بدون";
$l_duplicate = "مكرر";
$l_explain_url_conn = "http://". trim($conf["HOSTNAME"]) . "." . trim($conf["DOMAIN"]);
$l_explain_url_logout = "http://logout";
$l_explain = " في المتصفح الخاص بك لخروج." . $l_explain_url_logout . "في المستعرض الخاص بك لإدارة حسابك (كلمه السر, شهادة, ...). يكتب " . $l_explain_url . "يكتب";
$l_footer_imp = "مشغل بواسطة ALCASAR";
break;
default:
$l_title_imp = "ACCESS TICKET";
$l_login_imp = "Login :";
$l_password_imp = "Password :";
$l_max_all_session_imp="Authorized period :";
$l_session_timeout_imp="Session timeout :";
$l_max_daily_session_imp="Max daily session :";
$l_max_monthly_session_imp ="Max monthly session :";
$l_expiration_imp="Expiration date :";
$l_unlimited="Unlimited";
$l_without="Without";
$l_duplicate="Duplicate";
$l_explain = "Enter 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' in your browser to manage your account (password, certificate, etc.).
Enter 'http://logout' in your browser to disconnect.";
$l_footer_imp = "Powered by ALCASAR";
break;
}
?>
$l_expiration_imp = "تاريخ إنتهاء الصلاحية:";
$l_unlimited = "غير محدود:";
$l_without = "بدون";
$l_duplicate = "مكرر";
$l_explain = " في المتصفح الخاص بك لخروج.'http://logout' في المستعرض الخاص بك لإدارة حسابك (كلمه السر, شهادة, ...). يكتب 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' يكتب";
$l_footer_imp = "مشغل بواسطة ALCASAR";
break;
 
default: // English
$l_title_imp = "ACCESS TICKET";
$l_login_imp = "Login :";
$l_password_imp = "Password :";
$l_max_all_session_imp = "Authorized period :";
$l_session_timeout_imp = "Session timeout :";
$l_max_daily_session_imp = "Max daily session :";
$l_max_monthly_session_imp = "Max monthly session :";
$l_expiration_imp = "Expiration date :";
$l_unlimited = "Unlimited";
$l_without = "Without";
$l_duplicate = "Duplicate";
$l_explain = "Enter 'http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"])."' in your browser to manage your account (password, certificate, etc.).
Enter 'http://logout' in your browser to disconnect.";
$l_footer_imp = "Powered by ALCASAR";
break;
}
Property changes:
Added: svn:keywords
+Id
\ No newline at end of property