function exec_fichier_sql($fichier, $link) { global $l; $db_file = $fichier; $dbf_handle = @fopen($db_file, "r"); echo "<br>"; if (!$dbf_handle) { msg_error($l->g(2112) . " : " . $fichier); return true; } else { if (filesize($db_file) > 0) { $sql_query = fread($dbf_handle, filesize($db_file)); fclose($dbf_handle); $data_sql = explode(";", $sql_query); foreach ($data_sql as $k => $v) { if (trim($v) != "") { echo "."; ob_flush(); flush(); mysql2_query_secure($v, $link); } } return false; } return true; } }
function add_update_key($form_values, $update = false) { global $l; foreach ($form_values as $key => $value) { if (trim($value) == "") { msg_error($l->g(988)); return FALSE; } } if ($update) { $req = "UPDATE regconfig SET " . "NAME='%s'," . "REGTREE='%s'," . "REGKEY='%s'," . "REGVALUE='%s' " . "where ID='%s'"; $arg_req = array($form_values["NAME"], $form_values["REGTREE"], $form_values["REGKEY"], $form_values["REGVALUE"], $update); } else { $sql_verif = "select ID from regconfig \n\t\t\t\t\t\twhere REGTREE='%s' \n\t\t\t\t\t\t\tand REGKEY='%s'\n\t\t\t\t\t\t\tand REGVALUE='%s'"; $arg_verif = array($form_values["REGTREE"], $form_values["REGKEY"], $form_values["REGVALUE"]); $res = mysql2_query_secure($sql_verif, $_SESSION['OCS']["readServer"], $arg_verif); $row = mysql_fetch_object($res); if (!is_numeric($row->ID)) { $req = "INSERT INTO regconfig (NAME,REGTREE,REGKEY,REGVALUE)\n\t\t\t\t\tVALUES('%s','%s','%s','%s')"; $arg_req = array($form_values["NAME"], $form_values["REGTREE"], $form_values["REGKEY"], $form_values["REGVALUE"]); } else { msg_error($l->g(987)); return FALSE; } } if (isset($req)) { mysql2_query_secure($req, $_SESSION['OCS']["writeServer"], $arg_req); if ($update) { msg_success($l->g(1185)); } else { msg_success($l->g(1184)); } return TRUE; } }
function remove_profile($profile_id) { global $l; if (!is_writable(DOCUMENT_REAL_ROOT . '/config/profiles')) { msg_error($l->g(2116)); } else { unlink(DOCUMENT_REAL_ROOT . '/config/profiles/' . $profile_id . '.xml'); } }
/** * @param unknown $name : PluginName * @param unknown $action : Possible actions => delete (0) and install (1) */ function exec_plugin_soap_client($name, $action) { global $l; $champs = array('OCS_SERVER_ADDRESS' => 'OCS_SERVER_ADDRESS'); $values = look_config_default_values($champs); $address = $values['tvalue']['OCS_SERVER_ADDRESS']; if (class_exists('SoapClient')) { plugin_soap_client($name, $action); } else { msg_error($l->g(6006)); } }
function exist_server($list_id) { global $l; $sql = "SELECT count(hardware_id) c,group_id,name \n\t\t FROM download_servers,hardware\n\t\t\twhere hardware.id=download_servers.group_id\n\t\t\tand hardware_id in "; $arg = mysql2_prepare($sql, array(), $list_id); $res = mysql2_query_secure($arg['SQL'] . " group by group_id ", $_SESSION['OCS']["readServer"], $arg['ARG']); $msg = ""; while ($val = mysql_fetch_array($res)) { $msg .= $val['c'] . " " . $l->g(1135) . " " . $val['name'] . "<br>"; } if ($msg != "") { msg_error($l->g(877) . " <br>" . $msg . " " . $l->g(878)); } }
function migrate_profiles_2_2() { if (!file_exists(DOCUMENT_REAL_ROOT . '/config/profiles')) { mkdir(DOCUMENT_REAL_ROOT . '/config/profiles'); } if (!is_writable(DOCUMENT_REAL_ROOT . '/config/profiles')) { msg_error($l->g(2116)); exit; } $txt_serializer = new TxtProfileSerializer(); $xml_serializer = new XMLProfileSerializer(); foreach (scandir($_SESSION['OCS']['CONF_PROFILS_DIR']) as $file) { if (preg_match('/^(.+)_config\\.txt$/', $file, $matches) and $matches[1] != '4all') { $profile_name = $matches[1]; $profile_data = read_profil_file($profile_name); $profile = $txt_serializer->unserialize($profile_name, $profile_data); $xml = $xml_serializer->serialize($profile); file_put_contents(DOCUMENT_REAL_ROOT . '/config/profiles/' . $profile_name . '.xml', $xml); } } }
function exec_fichier_sql($fichier) { $db_file = $fichier; $dbf_handle = @fopen($db_file, "r"); if (!$dbf_handle) { msg_error($l->g(2112) . " : " . $fichier); return true; } else { if (filesize($db_file) > 0) { $sql_query = fread($dbf_handle, filesize($db_file)); fclose($dbf_handle); $data_sql = explode(";", $sql_query); foreach ($data_sql as $k => $v) { if (trim($v) != "") { mysql2_query_secure($v, $_SESSION['OCS']["writeServer"]); } } return false; } return true; } }
if (trim($protectedPost['MOTIF'])) { if ($protectedPost["ACTION"] == "again") { //delete all info of specific teledeploy desactive_download_option($systemid, $protectedGet['affect_again']); active_option('DOWNLOAD', $systemid, $protectedGet['affect_again']); } elseif ($protectedPost["ACTION"] == "reset") { desactive_packet($systemid, $protectedGet['affect_reset']); } mysql2_query_secure($sql, $_SESSION['OCS']["writeServer"], $arg); if (mysql_affected_rows() != 0) { $sql = "INSERT INTO itmgmt_comments (hardware_id,comments,user_insert,date_insert,action) \n\t\t\t\t\tvalues ('%s','%s','%s',%s,'%s => %s')"; $arg = array($systemid, $protectedPost['MOTIF'], $_SESSION['OCS']["loggeduser"], "sysdate()", $protectedPost["ACTION"], $protectedPost['NAME_PACK']); mysql2_query_secure($sql, $_SESSION['OCS']["writeServer"], $arg); } } else { msg_error($l->g(903)); } } if ($protectedPost['Reset_modif_x']) { unset($protectedGet['affect_again'], $protectedGet['affect_reset']); } if ($protectedGet['affect_again'] or $protectedGet['affect_reset']) { if ($protectedGet['affect_again']) { $id_pack_affect = $protectedGet['affect_again']; $hidden_action = 'again'; $title_action = $l->g(904); $lbl_action = $l->g(905); } else { $id_pack_affect = $protectedGet['affect_reset']; $hidden_action = 'reset'; $title_action = $l->g(906);
$sql_rules = "select distinct rule,rule_name from download_affect_rules order by 1"; $res_rules = mysql_query($sql_rules, $_SESSION['OCS']["readServer"]) or die(mysql_error($_SESSION['OCS']["readServer"])); $nb_rule = 0; while ($val_rules = mysql_fetch_array($res_rules)) { $first = $val_rules['rule']; $list_rules[$val_rules['rule']] = $val_rules['rule_name']; $nb_rule++; } if ($nb_rule > 1) { $select_choise = $l->g(668) . show_modif($list_rules, 'rule_choise', 2, $form_name); echo $select_choise; } elseif ($nb_rule == 1) { $protectedPost['rule_choise'] = $first; echo "<input type=hidden value='" . $first . "' name='rule_choise' id='rule_choise'>"; } elseif ($nb_rule == 0) { msg_error($l->g(982)); } } if ($protectedPost['onglet'] == 'MACH') { echo $l->g(1292) . show_modif(array('NO' => $l->g(454), 'YES' => $l->g(455)), 'DWL_OPT', 2, $form_name); } if ($protectedPost['onglet'] == 'MACH' and $protectedPost['DWL_OPT'] != '' or $protectedPost['onglet'] == 'SERV_GROUP' and $protectedPost['rule_choise'] != '') { //recherche de toutes les r�gles pour les serveurs de redistribution $list_fields = array('FILE_ID' => 'e.FILEID', 'INFO_LOC' => 'e.INFO_LOC', 'CERT_FILE' => 'e.CERT_FILE', 'CERT_PATH' => 'e.CERT_PATH', $l->g(1037) => 'a.NAME', $l->g(1039) => 'a.PRIORITY', $l->g(51) => 'a.COMMENT', $l->g(274) => 'a.OSNAME', $l->g(953) . " (KB)" => 'a.SIZE'); if (!isset($nb_rule) or $nb_rule > 0) { if ($protectedPost['onglet'] != 'SERV_GROUP') { $list_fields['PACK_LOC'] = 'e.PACK_LOC'; $list_fields['ACTIVE_ID'] = 'e.ID'; $list_fields['MODIF'] = 'e.ID'; } else { $list_fields['ACTIVE_ID'] = 'e.FILEID';
// OCS INVENTORY REPORTS // Copyleft Erwan GOALOU 2010 (erwan(at)ocsinventory-ng(pt)org) // Web: http://www.ocsinventory-ng.org // // This code is open source and may be copied and modified as long as the source // code is always made freely available. // Please refer to the General Public Licence http://www.gnu.org/ or Licence.txt //==================================================================================== global $l; if (!AJAX) { require_once 'views/users_views.php'; require_once 'views/profile_create_form.php'; show_users_left_menu('ms_add_profile'); echo '<div class="right-content">'; if (!is_writable(DOCUMENT_REAL_ROOT . '/config/profiles')) { msg_error($l->g(2116)); } else { show_profile_create_form(); } echo '</div>'; } else { require_once 'lib/profile_functions.php'; if (!is_writable(DOCUMENT_REAL_ROOT . '/config/profiles')) { $response = array('status' => 'error', 'message' => $l->g(2116)); } else { if ($errors = validate_profile_create_form($_POST)) { $response = array('status' => 'error', 'message' => $l->g(1404), 'errors' => $errors); } else { if ($profile_id = create_profile($_POST)) { $response = array('status' => 'success', 'message' => $l->g(1405), 'profile_id' => $profile_id); } else {
} else { echo '<div class="plugin-frame plugin-name-' . $plugin->getId() . '">'; require $plugin_file; echo '</div>'; } } } } } else { if (isset($protectedGet['option']) and isset($plugins[$protectedGet['option']])) { // If specific plugin $plugin = $plugins[$protectedGet['option']]; $plugin_file = PLUGINS_DIR . "computer_detail/" . $plugin->getId() . "/" . $plugin->getId() . ".php"; if (file_exists($plugin_file)) { if (!$ajax) { echo '<div class="plugin-frame plugin-name-' . $plugin->getId() . '">'; } require $plugin_file; if (!$ajax) { echo '</div>'; } } } else { // Else error msg_error('Page not found'); } } echo '</div>'; if ($ajax) { ob_end_clean(); }
} /*if ($protectedPost['NB_COMPUTERS'] === 1) $protectedPost['NB_COMPUTERS']='';*/ $i = 0; while ($i < $protectedPost['NB_COMPUTERS']) { $id_computer = insert_manual_computer($protectedPost, $protectedPost['NB_COMPUTERS']); if (!is_array($fields)) { $fields[] = 'TAG'; $values_fields[] = ''; } insertinfo_computer($id_computer, $fields, $values_fields); $i++; } msg_success($l->g(881)); } else { msg_error($l->g(684) . "<br>" . $error); } } $i = 0; $info_form['FIELDS']['name_field'][$i] = 'NB_COMPUTERS'; $info_form['FIELDS']['type_field'][$i] = 0; $info_form['FIELDS']['value_field'][$i] = $protectedPost['NB_COMPUTERS'] != '' ? $protectedPost['NB_COMPUTERS'] : '1'; $info_form['FIELDS']['tab_name'][$i] = $l->g(28); $config[$i]['CONFIG']['SIZE'] = 4; $config[$i]['CONFIG']['MAXLENGTH'] = 4; $other_data['COMMENT_BEHING'][$i] = ''; $config[$i]['CONFIG']['JAVASCRIPT'] = $chiffres; foreach ($form_fields_typeinput as $key => $value) { $i++; $info_form['FIELDS']['name_field'][$i] = $key; $info_form['FIELDS']['type_field'][$i] = 0;
function add_rule($RULE_NAME, $RULE_VALUES, $ID_RULE = '') { global $l, $protectedPost; $rule_exist = verify_name($RULE_NAME); if ($rule_exist == 'NAME_NOT_EXIST') { //verify this id is new $sql = "select id from download_affect_rules where id='%s'"; $arg = $ID_RULE; $result_id = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg); $id_exist = mysqli_fetch_object($result_id); //generate id if (!is_numeric($ID_RULE) or $ID_RULE == '' or isset($id_exist->id)) { $sql_new_id = "select max(RULE) as ID_RULE from download_affect_rules"; $result_new_id = mysql2_query_secure($sql_new_id, $_SESSION['OCS']["readServer"]); $new_id = mysqli_fetch_object($result_new_id); $ID_RULE = $new_id->ID_RULE; $ID_RULE++; } //insert new rule $i = 1; while ($RULE_VALUES['PRIORITE_' . $i]) { if ($RULE_VALUES['CFIELD_' . $i] != "") { $sql_insert_rule = "insert into download_affect_rules (RULE,RULE_NAME,PRIORITY,CFIELD,OP,COMPTO,SERV_VALUE) \n\t\t\t\tvalue (%s,'%s',%s,'%s','%s','%s','%s')"; $arg = array($ID_RULE, $protectedPost['RULE_NAME'], $RULE_VALUES['PRIORITE_' . $i], $RULE_VALUES['CFIELD_' . $i], $RULE_VALUES['OP_' . $i], $RULE_VALUES['COMPTO_' . $i], $RULE_VALUES['COMPTO_TEXT_' . $i]); mysql2_query_secure($sql_insert_rule, $_SESSION['OCS']["writeServer"], $arg); } $i++; } } else { echo msg_error($l->g(670)); } }
$year_mouth['Sep'] = 9; $year_mouth['Aug'] = 8; $year_mouth['Jul'] = 7; $year_mouth['Jun'] = 6; $year_mouth['May'] = 5; $year_mouth['Apr'] = 4; $year_mouth['Mar'] = 3; $year_mouth['Feb'] = 2; $year_mouth['Jan'] = 1; $sql = "select count(*) c from devices d,\n\t\t\t\t\t\t\tdownload_enable d_e,download_available d_a\n\t\t\t\t\t\twhere d.name='DOWNLOAD'\n\t\t\t\t\t\t\tand d_e.id=d.ivalue\n\t\t\t\t\t\t\tand d_a.fileid=d_e.fileid\n\t\t\t\t\t\t\tand d_e.fileid='%s'"; $arg = $protectedGet['stat']; $result = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg); $item = mysql_fetch_object($result); $total_mach = $item->c; if ($total_mach <= 0) { msg_error($l->g(837)); require_once FOOTER_HTML; die; } $sql = "select d.hardware_id as id,d.comments as date_valid \n\t\t\t\t\tfrom devices d,download_enable d_e,download_available d_a\n\t\t\twhere d.name='DOWNLOAD' \n\t\t\t\tand tvalue='%s' \n\t\t\t\tand comments is not null\n\t\t\t\tand d_e.id=d.ivalue\n\t\t\t\tand d_a.fileid=d_e.fileid\n\t\t\t\tand d_e.fileid='%s'"; $arg = array(urldecode($protectedGet['ta']), $protectedGet['stat']); $result = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg); $nb_4_hour = array(); //$total_mach=0; while ($item = mysql_fetch_object($result)) { //echo $item->date_valid."<br>"; unset($data_temp, $day, $year, $hour_temp, $hour); $data_temp = explode(' ', $item->date_valid); if ($data_temp[2] != '') { $day = $data_temp[2]; } else {
if (!preg_match("/^[a-zA-Z0-9._-]+\$/", $user)) { $msg = _gameserver_user_invalid . "<br>"; $error = true; } if (exists_entry("name", "backup_server", "name", $name) == true) { $error = true; $msg = _template_exists; } if ($error == false) { $stmt = $mysqli->prepare("INSERT INTO backup_server(name,type,ip,port,user,password) VALUES (?,?,?,?,?,?)"); $stmt->bind_param('sssiss', $name, $type, $ip, $port, $user, $password); $stmt->execute(); $stmt->close(); msg_okay(_backup_message_added); } else { msg_error('Something went wrong, ' . $msg); } } } ?> <form class="form-horizontal" action="index.php?page=backup?add" method="post"> <div class="form-group"> <label class="control-label col-sm-2">Name:</label> <div class="col-sm-6"> <input type="text" class="form-control input-sm" name="name" placeholder="Chewbacca"> </div> </div> <div class="form-group"> <label class="control-label col-sm-2">IP/Port:</label> <div class="col-sm-3">
//==================================================================================== // OCS INVENTORY REPORTS // Copyleft Erwan GOALOU 2010 (erwan(at)ocsinventory-ng(pt)org) // Web: http://www.ocsinventory-ng.org // // This code is open source and may be copied and modified as long as the source // code is always made freely available. // Please refer to the General Public Licence http://www.gnu.org/ or Licence.txt //==================================================================================== require_once 'require/function_admininfo.php'; $form_name = 'admin_info_computer'; $table_name = $form_name; //search all admininfo for this computer $info_account_id = admininfo_computer($systemid); if (!is_array($info_account_id)) { msg_error($info_account_id); } else { if (isset($protectedPost['ADMIN']) and $protectedPost['ADMIN'] == 'ADMIN' and !isset($_SESSION['OCS']['ADMIN']['ACCOUNTINFO'])) { $_SESSION['OCS']['ADMIN']['ACCOUNTINFO'] = true; } elseif (isset($protectedPost['ADMIN']) and $protectedPost['ADMIN'] == 'ADMIN' and isset($_SESSION['OCS']['ADMIN']['ACCOUNTINFO'])) { unset($_SESSION['OCS']['ADMIN']['ACCOUNTINFO']); } if ($_SESSION['OCS']['profile']->getConfigValue('ACCOUNTINFO') == 'YES' and isset($_SESSION['OCS']['ADMIN']['ACCOUNTINFO'])) { $admin_accountinfo = true; } $list_tab = find_all_account_tab('TAB_ACCOUNTAG', 'COMPUTERS', 1); if ($list_tab != '') { if ($protectedPost['Valid_modif'] != "" && $protectedPost['NOTE'] == "" && $protectedPost['NOTE_MODIF'] == "") { if (!isset($protectedPost['onglet']) or $protectedPost['onglet'] == '' or !is_numeric($protectedPost['onglet'])) { $protectedPost['onglet'] = $list_tab['FIRST']; }
function dde_conf($form_name) { global $l, $protectedPost, $protectedGet, $pages_refs, $infos_status; if ($_SESSION['OCS']['CONFIGURATION']['TELEDIFF_WK'] == 'YES') { //sous onglets if ($infos_status['NIV_BIS'] != '') { $conf_value['GENERAL'] = $l->g(107); $conf_value['GUI'] = $l->g(84); } $conf_value['STATUS'] = $l->g(1095); //$conf_value['ADMIN']='Administration'; onglet($conf_value, $form_name, "conf", 7); if ($protectedPost['Valid'] == $l->g(103)) { $etat = verif_champ(); if ($etat == "") { $MAJ = update_default_value($protectedPost); } else { $msg = ""; foreach ($etat as $name => $value) { $msg .= $name . " " . $l->g(759) . " " . $value . "<br>"; } msg_error($msg); } } if (!isset($protectedPost['conf']) or $protectedPost['conf'] == "GENERAL") { pageTELEDIFF_WK($form_name); } if ($protectedPost['conf'] == "GUI") { //mise a jour des données demandée par l'utilisateur if ($protectedPost['Valid_fields_x'] != "") { //si la mise a jour est limitée à certain champs if (isset($protectedPost['DEFAULT_FIELD'])) { $fields = explode(',', $protectedPost['DEFAULT_FIELD']); } else { $fields = array('type', 'field', 'lbl', 'must_completed', 'value', 'restricted', 'link_status'); //si le type est TEXTAREA, il faut aussi changer le type de la colonne en longtext if ($protectedPost['type'] == 1) { $type_modif = "longtext"; } else { $type_modif = "varchar(255)"; } $sql_modify_type = 'ALTER TABLE downloadwk_pack change fields_%1$s fields_%1$s ' . $type_modif . ' default null;'; $arg = array($protectedPost['FIELDS']); mysql2_query_secure($sql_modify_type, $_SESSION['OCS']["writeServer"], $arg); //echo $sql_modify_type; } //création de la requête $sql_update = 'UPDATE downloadwk_fields set '; $arg = array(); foreach ($fields as $key => $value) { $sql_update .= $value . "='%s' ,"; $arg[] = $protectedPost[$value]; } $sql_update = substr($sql_update, 0, -1) . "where id='%s'"; $arg[] = $protectedPost['FIELDS']; mysql2_query_secure($sql_update, $_SESSION['OCS']["writeServer"], $arg); //print_r //echo $sql_update; } $sql_service = "select id,field,value,lbl,default_field \n\t\t\t\t\t\t\t FROM downloadwk_tab_values"; $resultSERV = mysql2_query_secure($sql_service, $_SESSION['OCS']["readServer"]); $List_tab[] = ''; while ($item = mysql_fetch_object($resultSERV)) { $lbl = define_lbl($item->lbl, $item->default_field); $List_tab[$item->id] = $lbl; } $name_field = array("TAB"); //$oblig_field['INFO_VALID']=$name_field['INFO_VALID']; $tab_name = array($l->g(1097) . ":"); $type_field = array(2); $value_field = array($List_tab); if (isset($protectedPost['TAB']) and $protectedPost['TAB'] != 0) { $sql_service = "select id,lbl,default_field \n\t\t\t\t\t\t\t\t FROM downloadwk_fields \n\t\t\t\t\t\t\t\t where TAB='%s'"; $arg = array($protectedPost['TAB']); $resultSERV = mysql2_query_secure($sql_service, $_SESSION['OCS']["readServer"], $arg); $List_fields[] = ''; while ($item = mysql_fetch_object($resultSERV)) { $lbl = define_lbl($item->lbl, $item->default_field); $List_fields[$item->id] = $lbl; $default_field[$item->id] = $item->default_field; } array_push($name_field, "FIELDS"); array_push($tab_name, $l->g(1096) . ":"); array_push($type_field, 2); array_push($value_field, $List_fields); } $tab_typ_champ = show_field($name_field, $type_field, $value_field); $tab_typ_champ[0]['COMMENT_BEHING'] = "<a href=# onclick=window.open(\"index.php?" . PAG_INDEX . "=" . $pages_refs['ms_admin_management'] . "&head=1&admin=tab&value=TAB&form=" . $form_name . "\",\"admin_management\",\"location=0,status=0,scrollbars=0,menubar=0,resizable=0,width=550,height=450\")><img src=image/plus.png></a>"; $tab_typ_champ[0]['RELOAD'] = $form_name; $tab_typ_champ[1]['RELOAD'] = $form_name; $tab_typ_champ[1]['COMMENT_BEHING'] = "<a href=# onclick=window.open(\"index.php?" . PAG_INDEX . "=" . $pages_refs['ms_admin_management'] . "&head=1&admin=fields&value=" . $protectedPost['TAB'] . "&form=" . $form_name . "\",\"admin_management\",\"location=0,status=0,scrollbars=0,menubar=0,resizable=0,width=700,height=650\")><img src=image/plus.png></a>"; tab_modif_values($tab_name, $tab_typ_champ, $tab_hidden, $title = "", $comment = "", $name_button = "modif", $showbutton = false, $form_name = 'NO_FORM'); if (isset($protectedPost['FIELDS']) and $protectedPost['FIELDS'] != 0) { echo "<br>"; $sql_status = "SELECT id,lbl FROM downloadwk_statut_request"; $res_status = mysql2_query_secure($sql_status, $_SESSION['OCS']["readServer"]); $status['0'] = $l->g(454); while ($val_status = mysql_fetch_array($res_status)) { $status[$val_status['id']] = $val_status['lbl']; } //print_r($status); $list_type = array('TEXT', 'TEXTAREA', 'SELECT', 'SHOW DATA', 'PASSWORD', 'CHECKBOX', 'LIST', 'HIDDEN', 'BLOB (FILE)', 'LINK LIST', 'TABLE'); $yes_no = array($l->g(454), $l->g(455)); $sql_detailField = "select type,field,lbl,must_completed,\n\t\t\t\t\t\t\t\t\t\tvalue,restricted,link_status \n\t\t\t\t\t\t\t\t\t FROM downloadwk_fields \n\t\t\t\t\t\t\t\t\t where id='%s' and tab='%s' "; $arg = array($protectedPost['FIELDS'], $protectedPost['TAB']); $result_detailField = mysql2_query_secure($sql_detailField, $_SESSION['OCS']["readServer"], $arg); $item_detailField = mysql_fetch_object($result_detailField); //if there is no result or more than 1, don't show update table $num_row = mysql_numrows($result_detailField); if ($num_row == 1) { $protectedPost['type'] = $item_detailField->type; $protectedPost['must_completed'] = $item_detailField->must_completed; $protectedPost['restricted'] = $item_detailField->restricted; $protectedPost['link_status'] = $item_detailField->link_status; $name_field = array('type', 'field', 'lbl', 'must_completed', 'value', 'restricted', 'link_status'); $tab_name = array($l->g(1071) . ':', $l->g(1098) . ':', $l->g(1063) . ':', $l->g(1064) . ':', $l->g(1099) . ':', $l->g(1065) . ':', $l->g(1066) . ':'); if ($default_field[$protectedPost['FIELDS']]) { $title = $l->g(1101); //$showbutton=false; $type_field = array(3, 3, 3, 3, 0, 3, 3, 7); $value_field = array($list_type[$item_detailField->type], $item_detailField->field, $l->g($item_detailField->lbl), $yes_no[$item_detailField->must_completed], $item_detailField->value, $yes_no[$item_detailField->restricted], $status[$item_detailField->link_status], 'value'); if ($item_detailField->field == "STATUS") { $type_field[4] = 2; unset($status[0]); $value_field[4] = $status; $protectedPost['value'] = $item_detailField->value; } $name_field[7] = 'DEFAULT_FIELD'; $tab_name[7] = ''; } else { $title = ""; //$showbutton=true; $type_field = array(2, 0, 0, 2, 0, 2, 2); $value_field = array($list_type, $item_detailField->field, $item_detailField->lbl, $yes_no, $item_detailField->value, $yes_no, $status); } $tab_typ_champ = show_field($name_field, $type_field, $value_field); tab_modif_values($tab_name, $tab_typ_champ, $tab_hidden, $title, $comment = "", $name_button = "fields", $showbutton = true, $form_name = 'NO_FORM'); } } } elseif ($protectedPost['conf'] == "STATUS") { //mise à jour des valeurs de statuts if ($protectedPost['Valid_fields_x'] != '') { if (trim($protectedPost['lbl']) != '') { $sql_update = "UPDATE downloadwk_statut_request\n\t\t\t\t\t\t\t\t\t\tset LBL='%s' , ACTIF='%s'\n\t\t\t\t\t\t\t\t\t\twhere ID='%s'"; $arg = array($protectedPost['lbl'], $protectedPost['actif'], $protectedPost['id']); mysql2_query_secure($sql_update, $_SESSION['OCS']["writeServer"], $arg); msg_success($l->g(1121)); } else { msg_error($l->g(988)); } } $infos_status = list_status(false); $name_field = array("STATUS"); $tab_name = array($l->g(1100) . ":"); $type_field = array(2); $value_field = array($infos_status['STAT']); if (isset($protectedPost['STATUS']) and $protectedPost['STATUS'] != 0) { //delete old post if you change status if (isset($protectedPost['OLD_STATUS']) and $protectedPost['OLD_STATUS'] != $protectedPost['STATUS']) { unset($protectedPost['actif'], $protectedPost['lbl'], $protectedPost['name']); } $yes_no = array($l->g(454), $l->g(455)); if (!isset($protectedPost['actif'])) { $protectedPost['actif'] = $infos_status['ACTIF'][$protectedPost['STATUS']]; } if (!isset($protectedPost['lbl'])) { $protectedPost['lbl'] = $infos_status['STAT_BIS'][$protectedPost['STATUS']]; } if (!isset($protectedPost['name'])) { $protectedPost['name'] = $infos_status['NIV'][$protectedPost['STATUS']]; } $protectedPost['id'] = $protectedPost['STATUS']; array_push($name_field, 'actif', 'id', 'lbl', 'name', 'OLD_STATUS'); array_push($tab_name, $l->g(1102) . ':', $l->g(1103) . ':', $l->g(1063) . ':', $l->g(1064) . ':', ''); array_push($type_field, 2, 3, 0, 3, 7); array_push($value_field, $yes_no, $protectedPost['id'], $protectedPost['lbl'], $protectedPost['name'], $protectedPost['STATUS']); $showbutton = true; } else { $showbutton = false; } $tab_typ_champ = show_field($name_field, $type_field, $value_field); $tab_typ_champ[0]['RELOAD'] = $form_name; tab_modif_values($tab_name, $tab_typ_champ, $tab_hidden, $title, $comment = "", $name_button = "fields", $showbutton, $form_name = 'NO_FORM'); } } }
$data_on[1] = $l->g(95); $data_on[2] = $l->g(36); $data_on[3] = $l->g(2005); $data_on[4] = $l->g(116); if (isset($protectedPost['enre'])) { if ($protectedPost['BLACK_CHOICE'] == 1) { $ok = add_mac_add($protectedPost); } if ($protectedPost['BLACK_CHOICE'] == 3) { $ok = add_subnet_add($protectedPost); } if ($protectedPost['BLACK_CHOICE'] == 2) { $ok = add_serial_add($protectedPost); } if ($ok) { msg_error($ok); } else { unset($_SESSION['OCS']['DATA_CACHE'], $_SESSION['OCS']['NUM_ROW']); } } echo open_form($form_name); show_tabs($data_on, $form_name, "onglet", 10); echo '<div class="right-content mlt_bordure" >'; if ($protectedPost['onglet'] == 1) { $table_name = "blacklist_macaddresses"; $tab_options['form_name'] = $form_name; $tab_options['table_name'] = $table_name; $list_fields = array('ID' => 'ID', 'MACADDRESS' => 'MACADDRESS', 'SUP' => 'ID', 'CHECK' => 'ID'); $list_col_cant_del = $list_fields; $default_fields = $list_fields; $tab_options['FILTRE'] = array('MACADDRESS' => 'MACADDRESS');
} //ADD new rule if ($protectedPost['ADD_RULE']) { add_rule($protectedPost['RULE_NAME'], $protectedPost); $tab_options['CACHE'] = 'RESET'; } //modif rule if ($protectedPost['MODIF_RULE']) { $name_exist = verify_name($protectedPost['RULE_NAME'], "and rule != " . $protectedPost['OLD_MODIF']); if ($name_exist == 'NAME_NOT_EXIST') { delete_rule($protectedPost['OLD_MODIF']); add_rule($protectedPost['RULE_NAME'], $protectedPost, $protectedPost['OLD_MODIF']); echo msg_success($l->g(711)); $tab_options['CACHE'] = 'RESET'; } else { msg_error($l->g(670)); } } //form name $form_name = "rules"; //show all rules echo open_form($form_name); $list_fields = array('ID_RULE' => 'RULE', 'RULE_NAME' => 'RULE_NAME', 'SUP' => 'RULE', 'MODIF' => 'RULE'); $table_name = "DOWNLOAD_AFFECT_RULES"; $default_fields = array('ID_RULE' => 'ID_RULE', 'RULE_NAME' => 'RULE_NAME', 'SUP' => 'SUP', 'MODIF' => 'MODIF'); $list_col_cant_del = array('ID_RULE' => 'ID_RULE', 'SUP' => 'SUP', 'MODIF' => 'MODIF'); $sql = prepare_sql_tab($list_fields, array('SUP')); $sql['SQL'] .= " from download_affect_rules "; $tab_options['ARG_SQL'] = $sql['ARG']; $result_exist = tab_req($table_name, $list_fields, $default_fields, $list_col_cant_del, $sql['SQL'], $form_name, 80, $tab_options); echo "<br>";
function creat_temp_file($directory, $dir_FILES) { if (!file_exists($directory . "/tmp")) { if (!@mkdir($directory) or !copy($dir_FILES, $directory . "/tmp")) { msg_error("ERROR: can't create or write in " . $directory . " folder, please refresh when fixed.<br>(or try disabling php safe mode)"); } } }
$msg = _users_email_invalid; $error = true; } if (strlen($password) <= 8) { $error = true; $msg = _users_password_toshort; } if ($error == false) { $hash = password_hash($password, PASSWORD_DEFAULT); $stmt = $mysqli->prepare("INSERT INTO users(name,email,password,rank) VALUES (?, ?, ?, ?)"); $stmt->bind_param('sssi', $name, $email, $hash, $rank); $stmt->execute(); $stmt->close(); msg_okay(_users_user_created); } else { msg_error($msg); } } } ?> <form class="form-horizontal" action="index.php?page=users?add" method="post"> <div class="form-group"> <label class="control-label col-sm-2"><?php echo _users_name; ?> :</label> <div class="col-sm-8"> <input type="text" class="form-control input-sm" name="name" placeholder="Enter Name"> </div> <div class="col-sm-2">
function lbl_column($list_fields) { //p($list_rest); require_once 'maps.php'; $return_fields = array(); $return_default = array(); foreach ($list_fields as $poub => $table) { if (isset($lbl_column[$table])) { foreach ($lbl_column[$table] as $field => $lbl) { //echo $field; if (isset($alias_table[$table])) { $return_fields[$lbl] = $alias_table[$table] . '.' . $field; if (isset($default_column[$table])) { foreach ($default_column[$table] as $poub2 => $default_field) { $return_default[$lbl_column[$table][$default_field]] = $lbl_column[$table][$default_field]; } } else { msg_error($table . ' DEFAULT VALUES NOT DEFINE IN MAPS.PHP'); return false; } } else { msg_error($table . ' ALIAS NOT DEFINE IN MAPS.PHP'); return false; } } } else { msg_error($table . ' NOT DEFINE IN MAPS.PHP'); return false; } } ksort($return_fields); return array('FIELDS' => $return_fields, 'DEFAULT_FIELDS' => $return_default); }
$mycomputers = computer_list_by_tag(); if ($mycomputers == "ERROR") { msg_error($l->g(893)); require_once FOOTER_HTML; die; } } //View for all profils? if (isset($protectedPost['CONFIRM_CHECK']) and $protectedPost['CONFIRM_CHECK'] != "") { $result = group_4_all($protectedPost['CONFIRM_CHECK']); } //if delete group if ($protectedPost['SUP_PROF'] != "") { $result = delete_group($protectedPost['SUP_PROF']); if ($result['RESULT'] == "ERROR") { msg_error($result['LBL']); } $tab_options['CACHE'] = 'RESET'; } $form_name = 'groups'; echo open_form($form_name); //view all groups if ($_SESSION['OCS']['CONFIGURATION']['GROUPS'] == "YES") { $def_onglets['DYNA'] = $l->g(810); //Dynamic group $def_onglets['STAT'] = $l->g(809); //Static group centraux if ($_SESSION['OCS']["use_redistribution"] == 1) { $def_onglets['SERV'] = mb_strtoupper($l->g(651)); } if ($protectedPost['onglet'] == "") {
$i = 0; while ($data[$i]) { $toBeWritten .= "\r\n"; foreach ($data[$i] as $field_name => $donnee) { $toBeWritten .= $donnee . $separator; } $i++; } $filename = "export.csv"; } if ($toBeWritten != "") { // iexplorer problem if (ini_get("zlib.output-compression")) { ini_set("zlib.output-compression", "Off"); } header("Pragma: public"); header("Expires: 0"); header("Cache-control: must-revalidate, post-check=0, pre-check=0"); header("Cache-control: private", false); header("Content-type: application/force-download"); header("Content-Disposition: attachment; filename=\"" . $filename . "\""); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . strlen($toBeWritten)); echo $toBeWritten, die; } else { $ban_head = 'no'; require_once HEADER_HTML; msg_error($l->g(920)); require_once FOOTER_HTML; die; }
msg_error("<big>" . $l->g(1263) . "</big><br>" . $msg_tooltip, "top_msg_alert"); } //warning are detected if ($msg_header_warning != array()) { msg_warning(implode('<br>', $msg_header_warning), "top_msg_warning"); } } if (isset($_SESSION['OCS']['TRUE_USER'])) { msg_info($_SESSION['OCS']['TRUE_USER'] . " " . $l->g(889) . " " . $_SESSION['OCS']["loggeduser"]); } if (isset($_SESSION['OCS']["TRUE_mesmachines"])) { msg_info($l->g(890)); } echo "</td></tr></table></td></tr>"; if (!isset($_SESSION['OCS']["loggeduser"])) { echo "<tr><td colspan=20 align=right>"; require_once 'plugins/language/language.php'; echo "</td></tr>"; } echo "</table>"; echo "<div class='fond'>"; if ($_SESSION['OCS']["mesmachines"] == "NOTAG" and !(array_search('ms_debug', $_SESSION['OCS']['TRUE_PAGES']['ms_debug']) and $protectedGet[PAG_INDEX] == $pages_refs['ms_debug'])) { if (isset($LIST_ERROR)) { $msg_error = $LIST_ERROR; } else { $msg_error = $l->g(893); } msg_error($msg_error); require_once FOOTER_HTML; die; }
die; } if ($url_name) { //CSRF security if ($_SERVER['REQUEST_METHOD'] == 'POST') { $csrf = true; if (isset($_SESSION['OCS']['CSRF'])) { foreach ($_SESSION['OCS']['CSRF'] as $k => $v) { if ($v == $protectedPost['CSRF_' . $k]) { $csrf = false; } } } //Here we parse the form if ($csrf) { msg_error("<big>CSRF ATTACK!!!</big>"); require_once FOOTER_HTML; die; } //Do the rest of the processing here } if ($urls->getDirectory($url_name)) { $rep = $urls->getDirectory($url_name); } require MAIN_SECTIONS_DIR . $rep . "/" . $url_name . ".php"; } else { $default_first_page = MAIN_SECTIONS_DIR . "ms_console/ms_console.php"; if (isset($protectedGet['first'])) { require MAIN_SECTIONS_DIR . "ms_console/ms_console.php"; } else { if ($profile->hasPage('ms_console')) {
if (count($groupListServers) == 0) { msg_error($l->g(660)); } else { $tab_name = array($l->g(651), $l->g(470)); $name_field = array("FILE_SERV_REDISTRIB", "HTTPS_SERV"); $type_field = array(2, 0); $value_field = array($groupListServers, $protectedPost['HTTPS_SERV']); } } if (isset($name_field)) { $tab_typ_champ = show_field($name_field, $type_field, $value_field); foreach ($tab_typ_champ as $id => $values) { $tab_typ_champ[$id]['CONFIG']['SIZE'] = 30; if ($tab_typ_champ[$id]['INPUT_TYPE'] == 0) { $tab_typ_champ[$id]['COMMENT_AFTER'] = '/' . $protectedGet["active"]; if ($id == 0) { $tab_typ_champ[$id]['COMMENT_BEFORE'] = 'http://'; } else { $tab_typ_champ[$id]['COMMENT_BEFORE'] = 'https://'; } } } tab_modif_values($tab_name, $tab_typ_champ, $tab_hidden, array('title' => $l->g(465) . ' => ' . $info_id['NAME'] . " (" . $protectedGet["active"] . ")")); } } //var_dump($tab_typ_champ); //fermeture du formulaire. echo close_form(); } else { msg_error($info_id['ERROR']); }
foreach ($list_name_msg as $k => $v) { if ($v == $i) { $i++; } } } else { $i = 1; } $tab_options = $protectedPost; if (trim($protectedPost['GROUP']) != "" and is_numeric($protectedPost['GROUP']) and trim($protectedPost['MESSAGE']) != "") { $sql = "insert into config (NAME,IVALUE,TVALUE) values ('%s',%s,'%s')"; $arg = array("GUI_REPORT_MSG" . $i, $protectedPost['GROUP'], $protectedPost['MESSAGE']); mysql2_query_secure($sql, $_SESSION['OCS']["writeServer"], $arg); $tab_options['CACHE'] = 'RESET'; } else { msg_error($l->g(239)); } } else { $tab_options = $protectedPost; } $table_name = $protectedPost['onglet']; $tab_options['table_name'] = $table_name; $tab_options['form_name'] = $form_name; $list_fields = array('GROUP_NAME' => 'h.NAME', $l->g(915) => 'tvalue', 'SUP' => 'CNAME'); $sql = prepare_sql_tab($list_fields, array('SUP')); $list_col_cant_del = $list_fields; $default_fields = $list_fields; $sql['SQL'] = $sql['SQL'] . ",c.name as CNAME,ID FROM %s WHERE (c.name like '%s')"; $sql['ARG'][] = 'config c left join hardware h on c.ivalue=h.id'; $sql['ARG'][] = 'GUI_REPORT_MSG%'; $tab_options['ARG_SQL'] = $sql['ARG'];
$field_value_complement[$i] = " AND NAME = '" . $field_value_complement[$i] . "' "; break; case "DEVICES": $field_value_complement[$i] = " AND IVALUE " . $field_value_complement[$i] . $tvalue; break; default: $ERROR = $l->g(5015) . $table[$i]; } } if ($_SESSION['OCS']['DEBUG'] == 'ON') { msg_success($l->g(5016) . $table[$i] . "<br>" . $l->g(5017) . $field[$i] . "<br>" . $l->g(5018) . $field_compar[$i] . "<br>" . $l->g(5019) . $field_value[$i] . "<br>" . $l->g(5020) . $field_value_complement[$i] . "<br>" . $l->g(5021) . $field_and_or[$i]); } //si une erreur a été rencontrée //le traitement est arrêté (gain de temps) if (isset($ERROR)) { msg_error($ERROR); break; } //si on est dans le cas d'une recherche sur "différent", //on va créer les requêtes dans le tableau $sql_seach['DIFF'] if ($field_compar_origine[$i] == "diff") { $operation = "DIFF"; } else { //autremant dans les autres cas, on va créer le tableau de requête dans $sql_seach['NORMAL'] $operation = "NORMAL"; } //recherche du dernier index de la derniere requete sur la table if (isset($sql_seach[$operation][$table[$i]])) { foreach ($sql_seach[$operation][$table[$i]] as $index => $poub) { $k = $index; }
require_once 'require/function_telediff.php'; require_once 'require/function_computers.php'; $form_name = 'packlist'; //show or not stats on the table $show_stats = true; echo open_form($form_name); PrintEnTete($l->g(465)); if ($_SESSION['OCS']['profile']->getRestriction('TELEDIFF_ACTIVATE') == 'NO') { $cant_active = false; } else { $cant_active = true; } if ($_SESSION['OCS']['profile']->getRestriction('GUI') == 'YES') { $restrict_computers = computer_list_by_tag('', 'ARRAY'); if ($restrict_computers == "ERROR") { msg_error($l->g(893)); require_once FOOTER_HTML; die; } } $tab_options = $protectedPost; //only for profils who can activate packet if (!$cant_active) { if ($protectedPost["SUP_PROF"] != "") { del_pack($protectedPost["SUP_PROF"]); $tab_options['CACHE'] = 'RESET'; } //delete more than one packet if ($protectedPost['del_check'] != '') { foreach (explode(",", $protectedPost['del_check']) as $key) { del_pack($key);