function GenMapMenu($table, $field, $order)
 {
     global $defined;
     $db = new dbConn();
     $val = new ValidateStrings();
     if (empty($table) || empty($field)) {
         return -1;
     }
     $conn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     if (empty($order)) {
         $query = "SELECT {$field} FROM `{$table}`";
     } else {
         $query = "SELECT {$field} FROM `{$table}` ORDER BY `{$order}`";
     }
     $query = $val->ValidateSQL($query, $conn);
     if (($value = $db->dbQuery($query, $conn)) === -1) {
         return -1;
     }
     if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
         return -1;
     } else {
         $list = "<form method=\"get\" action=\"{$_SERVER['PHP_SELF']}\"><b>Existing rides:</b> <select name=\"mapper\" onChange=\"jumpMenu('parent',this,0)\"><option value=\"NULL\">Select Map / Route...</option>";
         $list .= "<option>------------------------------</option>";
         foreach ($db->dbArrayResultsAssoc($value) as $key => $val) {
             $url = $_SERVER['PHP_SELF'] . "?lat=" . $val['lat'] . "&lon=" . $val['lon'] . "&z=" . $val['zoom'] . "&mType=" . $val['type'] . "&driveFrom=" . $val['from'] . "&driveTo=" . $val['to'] . "&driveVia=" . $val['via'] . "&locale=en";
             $list .= "<option name=\"{$url}\" value=\"{$url}\">" . $val['name'] . "</option>";
         }
         $list .= "</select></form>";
         $data = $list;
     }
     $db->dbFreeData($conn);
     $db->dbCloseConn($conn);
     return $data;
 }
 function ChkLevel($token)
 {
     global $defined;
     if (empty($token)) {
         $level->value = -1;
     } else {
         $auth = new Encryption();
         $db = new dbConn();
         $val = new ValidateStrings();
         $array = $auth->DecodeAuthToken($token);
         $data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
         $query = "SELECT `level` FROM `auth_users` WHERE `level` = \"" . base64_decode($array[2]) . "\"";
         $value = $db->dbQuery($val->ValidateSQL($query, $data), $data);
         $array = $db->dbArrayResults($value);
         $level->value = $array[0]['level'];
         $db->dbFreeData($query);
         $db->dbCloseConn($data);
     }
     return $level->value;
 }
 // ensure we are being called from our configured host
 if ($defined['hostname'] === $_SERVER['SERVER_NAME']) {
     // Initialize classes
     $db = new dbConn();
     $err = new GenerateErrors();
     $tpl = new Template();
     $skin = new PageSkinner();
     $val = new ValidateStrings();
     $menu = new GenerateNavMenu();
     $auth = new Authenticate();
     $encrypt = new Encryption();
     $level = new AccessLevels();
     $misc = new MiscFunctions();
     $debug = new DebugData();
     // initialize a db connection handle
     $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     // ensure our sessions are present
     if (empty($_SESSION['token'])) {
         $sessions = new dbSession();
     }
     //define the template and cache directories
     $tpl->strTemplateDir = $defined['virpath'] . 'templates';
     $tpl->strCacheDir = '/tmp';
     if (!empty($_GET) || !empty($_POST)) {
         $flag = "TRUE";
     } else {
         $flag = "FALSE";
     }
     // setup our template style data
     if ($val->ValidateString($_GET['skin']) === -1 || empty($_GET['skin'])) {
         $style = $defined['templates'] . "/black";
Beispiel #4
0
if (!empty($_POST)) {
    // make sure we have a complete form submission
    if (!empty($_POST['mysql_root_user']) && !empty($_POST['mysql_root_passwd']) && !empty($_POST['defined_hostname']) && !empty($_POST['mysql_server_address']) && !empty($_POST['mysql_server_username']) && !empty($_POST['mysql_server_password']) && !empty($_POST['configuration_path']) && !empty($_POST['admin_email'])) {
        // ensure nothing screwy is going on in regards to input
        if ($val->ValidateString($_POST['mysql_root_user']) !== -1 && $val->ValidateParagraph($_POST['mysql_root_passwd']) !== -1 && $val->ValidateDomain($_POST['defined_hostname']) !== -1 && $val->ValidateDomain($_POST['mysql_server_address']) !== -1 && $val->ValidateParagraph($_POST['mysql_server_username']) !== -1 && $val->ValidateParagraph($_POST['mysql_server_password']) !== -1 && $val->ValidateParagraph($_POST['configuration_path']) !== -1 && $val->ValidateEmail($_POST['admin_email']) !== -1) {
            // ensure our root username & password is correct
            $dbconn = $db->dbConnectOnly($_POST['mysql_server_address'], $_POST['mysql_root_user'], $_POST['mysql_root_passwd']);
            echo $db->dbCatchError();
            if ($dbconn === -1) {
                $error = $err->GenerateErrorLink("../help/help.html", "#app_setup", '../templates/images/error.jpg', "Error connecting to the database during initial connection. Wrong username/password combination", NULL, NULL);
            } else {
                // perform our .sql file import (this fails if it exists already)
                $cmd = "mysql -u " . $_POST['mysql_root_user'] . " --password="******" < phpDHCPAdmin.sql";
                `{$cmd}`;
                // create a default user based on the form input
                $dbconn = $db->dbConnect($_POST['mysql_server_address'], $_POST['mysql_root_user'], $_POST['mysql_root_passwd'], 'phpDHCPAdmin');
                if ($dbconn === -1) {
                    $error = $err->GenerateErrorLink("../help/help.html", "#app_setup", '../templates/images/error.jpg', "Error connecting to the database. Wrong username/password combination", NULL, NULL);
                } else {
                    $query = "GRANT SELECT,INSERT,UPDATE,DELETE,INDEX,REFERENCES ON phpDHCPAdmin.* TO '" . $_POST['mysql_server_username'] . "'@'" . $_POST['mysql_server_address'] . "' IDENTIFIED BY '" . $_POST['mysql_server_password'] . "'";
                    if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) {
                        $error = $err->GenerateErrorLink("../help/help.html", "#create_admin_user", '../templates/images/error.jpg', "There was a problem when creating the default user that the phpDHCPAdmin application will use to keep persistant connections to the database", NULL, NULL);
                    } else {
                        $query = "FLUSH PRIVILEGES";
                        if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) {
                            $error = $err->GenerateErrorLink("../help/help.html", "#create_admin_user", '../templates/images/error.jpg', "There was an error when flushing the priveleges table", NULL, NULL);
                        } else {
                            $error = $err->GenerateErrorLink("../help/help.html", "#create_admin_user", '../templates/images/good.jpg', "Permissions have been set on the database 'phpDHCPAdmin' for the user '" . $_POST['mysql_server_username'] . "'", NULL, NULL);
                        }
                    }
                }
 function gc($maxlifetime)
 {
     // some var and classes
     global $defined;
     $db = new dbConn();
     $val = new ValidateStrings();
     // initialize a db connection handle
     $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     $query = "DELETE FROM `" . $this->tableName . "` WHERE `session_expire` < \"" . mysql_real_escape_string(time() - $maxlifetime) . "\"";
     $result = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn);
 }
 function ProcessAdapterDetails($array)
 {
     global $defined;
     $db = new dbConn();
     $val = new ValidateStrings();
     $lib = new MiscFunctions();
     $insert = '';
     $update = '';
     $key = '';
     $value = array();
     // initialize a db connection handle
     $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     // begin loop
     foreach ($array as $key => $value) {
         // sql statements
         $insert = "INSERT INTO `conf_adapters` ( `name`, `encap`, `hwaddr`, `ipv4`, `broadcast`, `mask`, `ipv6`, `flags`, `rx_packets`, `rx_errors`, `rx_dropped`, `rx_overruns`, `rx_frame`, `tx_packets`, `tx_errors`, `tx_dropped`, `tx_overruns`, `tx_carrier`, `rx_bytes`, `tx_bytes` ) VALUES ( \"" . $key . "\", \"" . $value['encap'] . "\", \"" . $value['hwaddr'] . "\", \"" . $value['ipv4'] . "\", \"" . $value['broadcast'] . "\", \"" . $value['mask'] . "\", \"" . $value['ipv6'] . "\", \"" . $value['flags'] . "\", \"" . $value['RX_packets'] . "\", \"" . $value['RX_errors'] . "\", \"" . $value['RX_dropped'] . "\", \"" . $value['RX_overruns'] . "\", \"" . $value['RX_frame'] . "\", \"" . $value['TX_packets'] . "\", \"" . $value['TX_errors'] . "\", \"" . $value['TX_dropped'] . "\", \"" . $value['TX_overruns'] . "\", \"" . $value['TX_carrier'] . "\", \"" . $value['RX_total'] . "\", \"" . $value['TX_total'] . "\" )";
         $update = "UPDATE `conf_adapters_details` SET `name` = \"" . $key . "\", `encap` = \"" . $value['encap'] . "\", `hwaddr` = \"" . $value['hwaddr'] . "\", `ipv4` = \"" . $value['ipv4'] . "\", `broadcast` = \"" . $value['broadcast'] . "\", `mask` = \"" . $value['mask'] . "\", `ipv6` = \"" . $value['ipv6'] . "\", `flags` = \"" . $value['flags'] . "\", `rx_packets` = \"" . $value['RX_packets'] . "\", `rx_errors` = \"" . $value['RX_errors'] . "\", `rx_dropped` = \"" . $value['RX_dropped'] . "\", `rx_overruns` = \"" . $value['RX_overruns'] . "\", `rx_frame` = \"" . $value['RX_frame'] . "\", `tx_packets` = \"" . $value['TX_packets'] . "\", `tx_errors` = \"" . $value['TX_errors'] . "\", `tx_dropped` = \"" . $value['TX_dropped'] . "\", `tx_overruns` = \"" . $value['TX_overruns'] . "\", `tx_carrier` = \"" . $value['TX_carrier'] . "\", `rx_bytes` = \"" . $value['RX_total'] . "\", `tx_bytes` = \"" . $value['TX_total'] . "\" WHERE `name` = \"" . $key . "\" LIMIT 1";
         // determine if an traffic table update should occur
         if ($value['RX_total'] !== 0) {
             // time machine calcs
             // (only run once an hour)
             $now = $this->GenTime();
             // grab some current traffic data
             $res = $db->dbQuery($val->ValidateSQL("SELECT `time` FROM `conf_traffic` WHERE `time` < \"" . $now . "\" AND `bytes` > 0 AND `interface` = \"" . $key . "\" LIMIT 1", $dbconn), $dbconn);
             $times = $db->dbArrayResults($res);
             // get a value we can compare against an hour
             $test = abs($now - $times[0]['time']);
             // insert some data
             if ($test > 3600 && !empty($value['RX_total'])) {
                 $traffic = "INSERT INTO `conf_traffic` ( `interface`, `bytes`, `time` ) VALUES ( \"" . $key . "\", \"" . $value['RX_total'] . "\", UNIX_TIMESTAMP() )";
                 $db->dbQuery($val->ValidateSQL($traffic, $dbconn), $dbconn);
             }
         }
         // do the db stuff for our adapters
         if ($db->dbQuery($val->ValidateSQL($insert, $dbconn), $dbconn) !== 0) {
             if (eregi("duplicate", $db->dbCatchError())) {
                 $db->dbQuery($val->ValidateSQL($update, $dbconn), $dbconn);
             }
         }
     }
 }
 function GetAvailableIPAddresses($value, $subnet)
 {
     //echo "<pre>"; print_r( $value ); echo "</pre>";
     global $defined;
     $db = new dbConn();
     $val = new ValidateStrings();
     // initialize a db connection handle
     $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     // process available scope IP's minus IP's engaged in `conf_leases` table
     preg_match('/([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\.([0-9]{1,3})/', $value['scope-range-1'], $start);
     preg_match('/([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\.([0-9]{1,3})/', $value['scope-range-2'], $end);
     // populate a range of valid octets to use
     for ($x = $start[2]; $x < $end[2]; $x++) {
         $tmp[] = $start[1] . "." . $x;
     }
     // mathmatica bitch
     $x = 1;
     for ($i = $start[2]; $i < $end[2]; $i++) {
         $total[$key] = $x;
         $x++;
     }
     // now get list of IP's in use as noted by the `conf_leases` table
     $sql = "SELECT `ip` FROM `conf_leases` WHERE `ip` LIKE \"" . $start[1] . "%\"";
     if (($return = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) !== -1) {
         if ($db->dbNumRows($return) !== 0) {
             $leases = $db->dbArrayResultsAssoc($return);
         }
     }
     // mathmatics
     $amnt = $total[$key];
     $in_use = count($leases);
     $unused = $amnt - $in_use;
     // populate empty list
     if (count($tmp) !== 0) {
         $x = 0;
         foreach ($tmp as $key => $value) {
             for ($i = 0; $i < count($leases); $i++) {
                 if (!in_array($value, $leases[$i])) {
                     $empty[$x][] = $value;
                     $x++;
                 }
             }
         }
         $empty = $this->EliminiateDuplicates($empty);
     }
     // put everything in a simple array, wuka wuka
     $ip_counts[$subnet]['total'] = $amnt;
     $ip_counts[$subnet]['total_used'] = $in_use;
     $ip_counts[$subnet]['total_unused'] = $unused;
     $ip_counts[$subnet]['detail_used'] = $leases;
     $ip_counts[$subnet]['detail_unused'] = $empty;
     // Free db handle and close connection(s)
     $db->dbFreeData($dbconn);
     $db->dbCloseConn($dbconn);
     // give it to them raw, raw
     return $ip_counts;
 }
 function AuthUser($user, $pass, $token)
 {
     // our global config opts
     global $defined;
     // initialize classes
     $db = new dbConn();
     $val = new ValidateStrings();
     $lib = new Authenticate();
     $auth = new Encryption();
     $sess = new Sessions();
     $misc = new MiscFunctions();
     $exit = new ExitApp();
     // check our authentication requirements
     if (empty($user) && empty($pass) && empty($token)) {
         return -1;
     }
     // we have an existing authentication token present
     if (!empty($token) && empty($user) && empty($pass)) {
         $array = $auth->DecodeAuthToken($token);
         $user = base64_decode($array[0]);
         $pass = base64_decode($array[1]);
         $time = $array[4];
         $current = $misc->GenTime();
         if ($lib->AuthTimeOut($defined['timeout'], $time, $current) === -1) {
             return -2;
         }
     }
     // perform validation on username and password
     if ($val->ValidateAlphaChar($user) === -1 || $val->ValidateParagraph($pass) === -1) {
         return -3;
     }
     // see if the user exists for authenticaiton
     $data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     $query = "SELECT * FROM `auth_users` WHERE `username` = \"{$user}\" AND `password` = sha1( \"{$pass}\" )";
     $query = $val->ValidateSQL($query, $data);
     // database problem
     if (($value = $db->dbQuery($query, $data)) === -1) {
         return -5;
     }
     // check user match
     if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
         return -4;
     } else {
         $return = 0;
     }
     // create our authentication session token
     if (empty($token)) {
         $array = $db->dbArrayResults($value);
         $x = $auth->GeneratePrivateKey($defined['enckeygen']);
         $access_date = $misc->GenDate();
         $access_time = $misc->GenTimeRead();
         $query = "UPDATE `auth_users` SET `access_date` = \"" . $access_date . "\", `access_time` = \"" . $access_time . "\", `session` = \"{$x}\" WHERE `id` = \"" . $array[0]['id'] . "\"";
         $value = $val->ValidateSQL($query, $data);
         if (($value = $db->dbQuery($value, $data)) === -1) {
             return -5;
         }
         $x = $auth->EncodePrivToHex($x);
         if (($token = $auth->EncodeAuthToken($array[0]['username'], $pass, $array[0]['level'], $array[0]['group'], $misc->GenTime(), $x)) !== -1) {
             $sess->RegisterSession("token", $token);
             $return = 0;
         }
     }
     $db->dbFreeData($query);
     $db->dbCloseConn($data);
     return $return;
 }