$res = @da_sql_query($link, $config, "SELECT " . da_sql_limit($max, 0, $config) . " username FROM {$config['sql_user_info_table']} WHERE\n\t\tlower({$search_IN}) LIKE '%{$search}%' " . da_sql_limit($max, 1, $config) . " " . da_sql_limit($max, 2, $config) . " ;");
if ($res) {
while ($row = @da_sql_fetch_array($res, $config)) {
$found_users[] = $row[username];
}
} else {
"<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
}
} else {
if ($search_IN == 'radius' && $radius_attr != '') {
require "../lib/sql/attrmap.php";
if ($attrmap["{$radius_attr}"] == '') {
$attrmap["{$radius_attr}"] = $radius_attr;
$attr_type["{$radius_attr}"] = 'replyItem';
}
$table = $attr_type[$radius_attr] == 'checkItem' ? $config[sql_check_table] : $config[sql_reply_table];
$attr = $attrmap[$radius_attr];
$attr = da_sql_escape_string($attr);
$res = @da_sql_query($link, $config, "SELECT " . da_sql_limit($max, 0, $config) . " username FROM {$table} WHERE attribute = '{$attr}'\n\t\tAND value LIKE '%{$search}%' " . da_sql_limit($max, 1, $config) . " " . da_sql_limit($max, 2, $config) . " ;");
if ($res) {
while ($row = @da_sql_fetch_array($res, $config)) {
$found_users[] = $row[username];
}
} else {
"<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
}
}
}
} else {
echo "<b>Could not connect to SQL database</b><br>\n";
}
$lastlog_input = bytes2str($lastlog_input);
} else {
$lastlog_input = 'not available';
}
$lastlog_output = $row['acctoutputoctets'];
if ($lastlog_output) {
$lastlog_output = bytes2str($lastlog_output);
} else {
$lastlog_output = 'not available';
}
}
} else {
echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
}
if (!$logged_now) {
$search = @da_sql_query($link, $config, "SELECT " . da_sql_limit(1, 0, $config) . " * FROM {$config['sql_accounting_table']}\n\t\tWHERE username = '******' AND acctsessiontime != '0' " . da_sql_limit(1, 1, $config) . "\n\t\t ORDER BY acctstoptime DESC " . da_sql_limit(1, 2, $config) . " ;");
if ($search) {
if (@da_sql_num_rows($search, $config)) {
$row = @da_sql_fetch_array($search, $config);
$lastlog_time = $row['acctstarttime'];
$lastlog_server_ip = $row['nasipaddress'];
$lastlog_server_port = $row['nasportid'];
$lastlog_session_time = time2str($row['acctsessiontime']);
$lastlog_client_ip = $row['framedipaddress'];
$lastlog_server_name = $lastlog_server_ip != '' ? @gethostbyaddr($lastlog_server_ip) : '-';
$lastlog_client_name = $lastlog_client_ip != '' ? @gethostbyaddr($lastlog_client_ip) : '-';
$lastlog_callerid = $row['callingstationid'];
if ($lastlog_callerid == '') {
$lastlog_callerid = 'not available';
}
$lastlog_input = $row['acctinputoctets'];
<p>
<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
<tr bgcolor="#d0ddb0">
<th>#</th><th>user</th><th>date</th><th>admin</th><th>reason</th><th>administrator action</th>
</tr>
<?php
$auth_user = $_SERVER["PHP_AUTH_USER"];
if ($config[general_restrict_badusers_access] == 'yes') {
$auth_user = da_sql_escape_string($auth_user);
$extra_query = "AND admin == '{$auth_user}'";
}
$link = @da_sql_pconnect($config);
if ($link) {
$search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_badusers_table']}\n\tWHERE username {$usercheck} {$extra_query} AND incidentdate <= '{$now_str}'\n\tAND incidentdate >= '{$prev_str}' " . da_sql_limit($limit, 1, $config) . " ORDER BY incidentdate {$order} " . da_sql_limit($limit, 2, $config) . " ;");
if ($search) {
while ($row = @da_sql_fetch_array($search, $config)) {
$num++;
$id = $row[id];
$user = "******";
$User = urlencode($user);
$date = "{$row['incidentdate']}";
$reason = "{$row['reason']}";
$admin = "{$row['admin']}";
if ($admin == $auth_user || $admin == '-') {
$action = "<td><input type=submit class=button value=\"Delete\" OnClick=\"this.form.do_delete.value=1;this.form.row_id.value={$id}\"></td>";
} else {
$action = "<td>-</td>";
}
if ($admin == '') {
for ($i = 1; $i <= 9; $i++) {
if ($acct_attrs['ua']["{$i}"] != '') {
echo "<th>" . $acct_attrs['ua']["{$i}"] . "</th>\n";
}
}
$sql_extra_query = '';
if ($config[sql_accounting_extra_query] != '') {
$sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config);
}
?>
</tr>
<?php
$link = @da_sql_pconnect($config);
if ($link) {
$search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_accounting_table']}\n\tWHERE username = '******' AND acctstarttime <= '{$now_str}'\n\tAND acctstarttime >= '{$prev_str}' {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY acctstarttime {$order} " . da_sql_limit($limit, 2, $config) . " ;");
if ($search) {
while ($row = @da_sql_fetch_array($search, $config)) {
$tr_color = 'white';
$num++;
$acct_type = "{$row['framedprotocol']}/{$row['nasporttype']}";
if ($acct_type == '') {
$acct_type = '-';
}
$acct_logedin = $row[acctstarttime];
$acct_sessiontime = $row[acctsessiontime];
$acct_sessiontime_sum += $acct_sessiontime;
$acct_sessiontime = time2str($acct_sessiontime);
$acct_ip = $row[framedipaddress];
if ($acct_ip == '') {
$acct_ip = '-';
die("ORDER BY pattern is illegal. Exiting abnornally.");
}
if (!is_numeric($maxresults)) {
die("Max Results is not in numeric form. Exiting abnormally.");
}
unset($query_view);
foreach ($accounting_show_attrs as $val) {
$query_view .= $val . ',';
}
$query_view = preg_replace('/,$/', '', $query_view);
unset($sql_extra_query);
if ($config[sql_accounting_extra_query] != '') {
$sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config);
}
$sql_extra_query = da_sql_escape_string($sql_extra_query);
$query = "SELECT " . da_sql_limit($maxresults, 0, $config) . " {$query_view} FROM {$config['sql_accounting_table']}\n\t{$where} {$sql_extra_query} " . da_sql_limit($maxresults, 1, $config) . " ORDER BY {$order} " . da_sql_limit($maxresults, 2, $config) . ";";
echo <<<EOM
<html>
<head>
<link rel="stylesheet" href="style.css">
</head>
<body>
<br>
<table border=0 width=940 cellpadding=1 cellspacing=1>
<tr valign=top>
<td width=740></td>
<td bgcolor="black" width=200>
\t<table border=0 width=100% cellpadding=2 cellspacing=0>
\t<tr bgcolor="#907030" align=right valign=top><th>
\t<font color="white">Accounting Report Generator</font>
\t</th></tr>
}
if ($acct_attrs['fl'][9] != '') {
echo "<th>" . $acct_attrs['fl'][9] . "</th>\n";
}
unset($sql_extra_query);
if ($config[sql_accounting_extra_query] != '') {
$sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config);
$sql_extra_query = da_sql_escape_string($sql_extra_query);
}
?>
</tr>
<?php
$link = @da_sql_pconnect($config);
if ($link) {
$search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " acctstoptime,username,nasipaddress,nasportid,acctterminatecause,callingstationid\n\tFROM {$config['sql_accounting_table']}\n\tWHERE acctstoptime <= '{$now_str}' AND acctstoptime >= '{$prev_str}'\n\tAND (acctterminatecause LIKE 'Login-Incorrect%' OR\n\tacctterminatecause LIKE 'Invalid-User%' OR\n\tacctterminatecause LIKE 'Multiple-Logins%') {$callerid_str} {$server_str} {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY acctstoptime {$order} " . da_sql_limit($limit, 2, $config) . " ;");
if ($search) {
while ($row = @da_sql_fetch_array($search, $config)) {
$num++;
$acct_login = $row[username];
if ($acct_login == '') {
$acct_login = '******';
} else {
$acct_login = "******"user_admin.php?login={$acct_login}\" title=\"Edit user {$acct_login}\">{$acct_login}</a>";
}
$acct_time = $row[acctstoptime];
$acct_server = $row[nasipaddress];
if ($acct_server != '') {
$acct_server = $da_name_cache[$acct_server];
if (!isset($acct_server)) {
$acct_server = $row[nasipaddress];
<?php
echo <<<EOM
<b>{$start}</b> up to <b>{$stop}</b>
EOM;
?>
<p>
<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
<tr bgcolor="#d0ddb0">
<th>#</th><th>login</th><th>date</th><th>server</th><th>connections number</th><th>connections duration</th><th>upload</th><th>download</th>
</tr>
<?php
$link = @da_sql_pconnect($config);
if ($link) {
$search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_total_accounting_table']}\n\tWHERE acctdate >= '{$start}' AND acctdate <= '{$stop}' {$server_str} {$login_str} {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY {$order_attr} {$order} " . da_sql_limit($limit, 2, $config) . " ;");
if ($search) {
while ($row = @da_sql_fetch_array($search, $config)) {
$num++;
$acct_login = $row[username];
if ($acct_login == '') {
$acct_login = '******';
} else {
$Acct_login = urlencode($acct_login);
$acct_login = "******"user_admin.php?login={$Acct_login}\" title=\"Edit user {$acct_login}\">{$acct_login}</a>";
}
$acct_time = $row[conntotduration];
$acct_time = time2str($acct_time);
$acct_conn_num = $row[connnum];
$acct_date = $row[acctdate];
$acct_upload = $row[inputoctets];
