require_once "../layout/class.layout";
require_once "../auth.php";
require_once "../class.xptlib.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Display customer/autonomous system information");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($search, $expr, $block, $ipplanParanoid) = myRegister("S:search S:expr I:block I:ipplanParanoid");
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// what is the additional search SQL?
$sql = $ds->mySearchSql("custdescrip", $expr, $search, FALSE);
$result = $ds->GetCustomer($sql);
insert($w, heading(3, my_("All customer/autonomous system info")));
// draw the search box
$srch = new mySearch($w, array(), $search, "search");
$srch->legend = my_("Refine Search on Description");
$srch->expr = $expr;
$srch->expr_disp = TRUE;
$srch->Search();
// draw the sucker!
$totcnt = 0;
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("DNS Domain Zones");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($action, $dataid, $cust, $serialdate, $serialnum, $domain, $hname, $responsiblemail, $ttl, $refresh, $retry, $expire, $minimum, $zonepath, $seczonepath, $descrip, $slaveonly, $block, $server, $expr, $ipplanParanoid, $clone) = myRegister("S:action I:dataid I:cust I:serialdate I:serialnum S:domain A:hname S:responsiblemail I:ttl I:refresh I:retry I:expire I:minimum S:zonepath S:seczonepath S:descrip S:slaveonly I:block S:server S:expr I:ipplanParanoid S:clone");
list($userfld) = myRegister("A:userfld");
// for template fields
list($createyear, $createmonth, $createday, $expireyear, $expiremonth, $expireday, $regyear, $regmonth, $regday) = myRegister("I:createyear I:createmonth I:createday I:expireyear I:expiremonth I:expireday I:regyear I:regmonth I:regday");
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
$formerror = "";
$muldomains = "";
if ($slaveonly == "on") {
$slaveonly = "Y";
} else {
if ($slaveonly != "Y" or $slaveonly != "N") {
$slaveonly = "N";
}
}
//if (!$_GET) {
// myError($w,$p, my_("You cannot reload or bookmark this page!"));
//}
require_once "../class.dbflib.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Change user password");
newhtml($p);
$w = myheading($p, $title);
// explicitly cast variables as security measure against SQL injection
list($user, $password1, $password2) = myRegister("S:user S:password1 S:password2");
$formerror = "";
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
if ($_POST) {
$password1 = trim($password1);
$password2 = trim($password2);
if (strlen($password1) < 5 or strlen($password2) < 5) {
$formerror .= my_("The password entered must be at least five characters") . "\n";
}
if ($password1 != $password2) {
$formerror .= my_("The passwords entered do not match") . "\n";
}
if (!$formerror) {
if ($user and getAuthUsername() == ADMINUSER) {
$userid = $user;
} else {
require_once "../auth.php";
require_once "../class.xptlib.php";
$auth = new BasicAuthenticator(ADMINREALM, REALMERROR);
$auth->addUser(ADMINUSER, ADMINPASSWD);
// And now perform the authentication
$auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Display Audit Log");
newhtml($p);
$w = myheading($p, $title);
// explicitly cast variables as security measure against SQL injection
list($descrip, $block, $expr) = myRegister("S:descrip I:block S:expr");
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// display opening text
insert($w, heading(3, "{$title}."));
$srch = new mySearch($w, $_GET, $descrip, "descrip");
//$srch->legend=my_("Refine Search on Domain");
$srch->expr = $expr;
$srch->expr_disp = TRUE;
$srch->Search();
// draw the sucker!
// what is the additional search SQL?
$where = $ds->mySearchSql("action", $expr, $descrip, FALSE);
if ($where) {
$where = "WHERE " . $where;
}
$sqllastmod = $ds->ds->SQLDate("M d Y H:i:s", 'dt');
require_once "../class.dbflib.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Delete a range or supernet/summary");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $rangeindex) = myRegister("I:cust I:rangeindex");
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
if ($_GET) {
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
// check if user belongs to customer admin group
$result = $ds->GetCustomerGrp($cust);
// can only be one row - does not matter if nothing is
// found as array search will return false
$row = $result->FetchRow();
if (!in_array($row["admingrp"], $grps)) {
myError($w, $p, my_("You may not delete an area for this customer as you are not a member of the customers admin group"));
}
if ($rangeindex > 0) {
$result = $ds->GetRange($cust, $rangeindex);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
if ($action == 'add') {
$title = my_("Create DNS Zones");
} else {
$title = my_("Edit DNS Zones");
}
newhtml($p);
insert($p, $h = wheader("IPPlan - {$title}"));
insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js")));
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $dataid, $action, $domain, $responsiblemail, $serialdate, $serialnum, $ttl, $retry, $refresh, $expire, $minimum, $slaveonly, $zonepath, $seczonepath) = myRegister("I:cust I:dataid S:action S:domain S:responsiblemail I:serialdate I:serialnum I:ttl I:retry I:refresh I:expire I:minimum S:slaveonly S:zonepath S:seczonepath");
if (!$_GET) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
insert($w, $f = form(array("name" => "ENTRY", "method" => "post", "action" => "modifydns.php")));
// Use the same form for adding or editing. Setup page & variables based on action.
if ($action == 'add') {
$now = getdate();
$serialdate = $now["year"] . str_pad($now["mon"], 2, '0', STR_PAD_LEFT) . str_pad($now["mday"], 2, '0', STR_PAD_LEFT);
$serialnum = 0;
$zone = "";
$ttl = DNSTTL;
$refresh = DNSREFRESH;
}
}
}
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Results of your search");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust1, $cust2, $block) = myRegister("A:cust1 A:cust2 I:block");
// could be array!
//$cust1=floor($cust1);
//$cust2=floor($cust2);
if (!$_GET) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
insert($w, heading(3, my_("Search for overlapping subnets between customers/autonomous systems")));
// reduce the two arrays to a single array, removing all duplicates
$arr = array_unique(array_merge($cust1, $cust2));
sort($arr);
if (count($arr) <= 1) {
myError($w, $p, my_("Both customers selected are the same - all subnets will overlap!"));
}
require_once "../ipplanlib.php";
require_once "../adodb/adodb.inc.php";
require_once "../class.dbflib.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
// explicitly cast variables as security measure against SQL injection
list($cust, $areaindex, $rangeindex, $action, $size, $ipaddr, $descrip) = myRegister("I:cust I:areaindex I:rangeindex S:action I:size S:ipaddr S:descrip");
$formerror = "";
if ($action == "modify") {
$title = my_("Modify a range or supernet/summary");
} else {
$title = my_("Create a new range or supernet/summary");
}
newhtml($p);
$w = myheading($p, $title, true);
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
if ($_POST) {
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
if ($action == "modify") {
$result = $ds->GetRange($cust, $rangeindex);
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$auth->authenticate();
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Results of your search");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $areaindex, $rangeindex, $start, $end, $showused, $size_from, $size_to) = myRegister("I:cust I:areaindex I:rangeindex S:start S:end I:showused I:size_from I:size_to");
if (!$_GET) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// set start and end address according to range
$site = "";
if ($rangeindex) {
// should only return one row here!
$result = $ds->GetRange($cust, $rangeindex);
$row = $result->FetchRow();
$start = inet_ntoa($row["rangeaddr"]);
$end = inet_ntoa($row["rangeaddr"] + $row["rangesize"] - 1);
$site = " (" . $row["descrip"] . ")";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Results of your search");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $areaindex, $rangeindex, $ipaddr, $descrip, $filename, $ntnameopt) = myRegister("I:cust I:areaindex I:rangeindex S:ipaddr S:descrip S:filename I:ntnameopt");
// extra protection on filename passed!
$filename = basename($filename);
if (!$_GET) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// check if user belongs to customer admin group
$result = $ds->GetCustomerGrp($cust);
// can only be one row - does not matter if nothing is
// found as array search will return false
$row = $result->FetchRow();
if (!in_array($row["admingrp"], $grps)) {
myError($w, $p, my_("You may not send a registrar update for this customer as you are not a member of the customers admin group"));
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$auth->authenticate();
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Results of your search for areas");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $ipplanParanoid) = myRegister("I:cust I:ipplanParanoid");
if (!$_GET) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
$custdescrip = $ds->GetCustomerDescrip($cust);
insert($w, heading(3, sprintf(my_("Search for areas and ranges for customer '%s'"), $custdescrip)));
$result =& $ds->ds->Execute("SELECT area.areaaddr, area.descrip AS adescrip, \n netrange.rangeaddr,\n netrange.rangesize, netrange.descrip AS rdescrip,\n netrange.rangeindex, area.areaindex\n FROM netrange\n LEFT JOIN area\n ON netrange.areaindex=area.areaindex\n WHERE netrange.customer={$cust}\n ORDER BY area.areaaddr, netrange.rangeaddr, netrange.rangesize");
// create a table
insert($w, $t = table(array("cols" => "8", "class" => "outputtable")));
// draw heading
setdefault("cell", array("class" => "heading"));
insert($t, $c = cell());
insert($c, text(my_("Area address")));
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Search for user info");
newhtml($p);
insert($p, $h = wheader("IPPlan - {$title}"));
insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js")));
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $areaindex, $field, $tmplfield, $rangeindex) = myRegister("I:cust I:areaindex S:field S:tmplfield I:rangeindex");
// display opening text
insert($w, heading(3, "{$title}."));
insert($w, textbrbr(my_("Search for user info searches the individual IP address records.")));
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// start form
insert($w, $f1 = form(array("name" => "THISFORM", "method" => "post", "action" => $_SERVER["PHP_SELF"])));
// ugly kludge with global variable!
$displayall = TRUE;
$cust = myCustomerDropDown($ds, $f1, $cust, $grps) or myError($w, $p, my_("No customers"));
$areaindex = myAreaDropDown($ds, $f1, $cust, $areaindex);
$rangeindex = searchRangeDropDown($ds, $f1, $cust, $areaindex, $rangeindex);
//$rangeindex=myRangeDropDown($ds, $f1, $cust, $areaindex);
insert($f1, block("<p>"));
insert($f1, $con2 = container("fieldset", array("class" => "fieldset")));
insert($con2, $legend = container("legend", array("class" => "legend")));
//setdefault("text",array("size"=>"2"));
$title = my_("Results of your search");
newhtml($p);
list($close) = myRegister("I:close");
// from modifyipform - close the popup?
$w = myheading($p, $title, $close ? false : true);
// explicitly cast variables as security measure against SQL injection
list($baseindex, $block, $showactive, $showdns, $action) = myRegister("I:baseindex I:block I:showactive I:showdns S:action");
list($userfld) = myRegister("A:userfld");
// from modifyipform - need to add rest flds
list($hname) = myRegister("S:hname");
// from modifyipformmul - need to add rest flds
list($search, $expr) = myRegister("S:search S:expr");
// search fields
list($user, $location, $descrip, $telno, $macaddr) = myRegister("S:user S:location S:descrip S:telno S:macaddr");
list($request) = myRegister("I:request");
// from modifyipform - dummy variable entered
// from displayrequestip.php
$formerror = "";
// $ip can be array or string or undefined!
if (!isset($ip)) {
$ip = 0;
}
if (is_array($ip)) {
foreach ($ip as $key => $value) {
$ip[$key] = floor($value);
}
} else {
$ip = floor($ip);
}
if (!$_GET and !$_POST) {
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Modify/Copy/Move subnet details");
newhtml($p);
insert($p, $h = wheader("IPPlan - {$title}"));
insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js")));
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($baseindex, $cust, $descrip, $grp, $origcust, $dhcp) = myRegister("I:baseindex I:cust S:descrip S:grp S:origcust I:dhcp");
// additional vars for Location: header
list($areaindex, $rangeindex, $search, $ipaddr) = myRegister("I:areaindex I:rangeindex S:search S:ipaddr");
list($userfld) = myRegister("A:userfld");
// for template fields
$formerror = "";
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// remember original customer
if (!$origcust) {
$origcust = $cust;
}
if ($_POST) {
// check if user belongs to customer admin group
$result = $ds->GetCustomerGrp($cust);
// can only be one row - does not matter if nothing is
// found as array search will return false
$row = $result->FetchRow();
if (!in_array($row["admingrp"], $grps)) {
myError($w, $p, my_("You may not modify this subnet for this customer as you are not a member of the new customers admin group"));
require_once "../class.templib.php";
// maximum number of outstanding IP address requests allowed - this is to prevent
// denial of service on the database as this feature is not authenticated
define("MAXREQUESTS", "100");
// disable or enable drop down menu on request page - default disabled
define("MENU", FALSE);
if (!REQUESTENABLED) {
die("IP address request system has been disabled by the administrator.");
}
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
// explicitly cast variables as security measure against SQL injection
list($cust, $request, $user, $location, $descrip, $hname, $telno, $macaddr, $ipplanCustomer) = myRegister("I:cust S:request S:user S:location S:descrip S:hname S:telno S:macaddr I:ipplanCustomer");
$formerror = "";
$title = my_("Request an IP address");
newhtml($p);
$w = myheading($p, $title, MENU);
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
if ($_POST) {
$request = trim($request);
$descrip = trim($descrip);
if (strlen($request) == 0) {
$formerror .= my_("You need to enter request details for the ip address request") . "\n";
}
if (strlen($user) == 0) {
$formerror .= my_("You need to enter user details for the request") . "\n";
}
if (strlen($location) == 0) {
function parseDeleteBounds($w, $ds)
{
list($grp, $boundsaddr) = myRegister("S:grp S:boundsaddr");
$result =& $ds->ds->Execute("DELETE FROM bounds\n WHERE grp=" . $ds->ds->qstr($grp) . " AND boundsaddr={$boundsaddr}");
if ($result) {
$ds->DbfTransactionEnd();
insert($w, text(my_("Boundary deleted")));
} else {
insert($w, text(my_("Boundary could not be deleted")));
}
insertEditGroupForm($w, $ds);
}
$result = '';
while (!feof($fp)) {
$result .= fgets($fp, 128);
}
fclose($fp);
}
return $result;
}
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
$title = my_("WHOIS results");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($lookup) = myRegister("S:lookup");
if (!$_GET) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
//$data = $whois->lookup($lookup);
$data = whois(WHOISSERVER, $lookup);
if (!$data) {
myError($w, $p, my_("Whois query failed - are you behind a firewall?"));
} else {
/* $data = preg_replace("/\((.*?)\)/",
"<a href='whois.php?lookup=\\1'>(\\1)</a>",
$data);
*/
insert($w, block("<pre>" . htmlspecialchars($data) . "</pre>"));
}
printhtml($p);
require_once "../ipplanlib.php";
require_once "../adodb/adodb.inc.php";
require_once "../class.dbflib.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Display/Modify/Delete area information");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($ipplanCustomer) = myRegister("I:ipplanCustomer");
// display opening text
insert($w, heading(3, my_("Display/Modify/Delete areas and ranges.")));
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// start form
insert($w, $f2 = form(array("name" => "ENTRY", "method" => "get", "action" => "modifyarearange.php")));
// ugly kludge with global variable!
$cust = floor($ipplanCustomer);
$displayall = TRUE;
$cust = myCustomerDropDown($ds, $f2, $cust, $grps, FALSE) or myError($w, $p, my_("No customers"));
insert($f2, generic("br"));
insert($f2, submit(array("value" => my_("Submit"))));
insert($f2, freset(array("value" => my_("Clear"))));
printhtml($p);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Create a new subnet");
newhtml($p);
insert($p, $h = wheader("IPPlan - {$title}"));
insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js")));
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $size, $ipplanGroup, $dhcp) = myRegister("I:cust I:size S:ipplanGroup I:dhcp");
// display opening text
insert($w, heading(3, "{$title}."));
insert($w, text(my_("Create a new subnet by entering the base (network) address of the subnet. Subnets are the building blocks of all networks, and are all that is required for small networks.")));
insert($w, block("<p>"));
insert($w, text(my_("Unused subnets can be pre-allocated with a description of either 'free' or 'spare'. These can be searched for at a later stage using the 'Find Free' function.")));
insert($w, block("<p>"));
insert($w, textbr(my_("It may also be beneficial to give ASE (Autonomous System External, networks not local to yours) a special handle like EXTERNAL so that they can be searched for at a later stage. These networks often appear in routing tables as static routes to third parties (not via the Internet).")));
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// start form
insert($w, $f = form(array("name" => "ENTRY", "method" => "post", "action" => "createsubnet.php")));
$cust = myCustomerDropDown($ds, $f, $cust, $grps, FALSE) or myError($w, $p, my_("No customers"));
$result = $ds->GetGrps();
$lst = array();
while ($row = $result->FetchRow()) {
$col = $row["grp"];
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Registrar information sent");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($baseindex, $ntnameopt, $cust, $filename) = myRegister("A:baseindex I:ntnameopt I:cust S:filename");
// extra protection on filename passed!
$filename = basename($filename);
if (!$_POST) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
if (empty($baseindex)) {
myError($w, $p, my_("No registrar updates selected to send"));
}
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// check if user belongs to customer admin group
$result = $ds->GetCustomerGrp($cust);
// can only be one row - does not matter if nothing is
// found as array search will return false
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Results of your search");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $areaindex, $rangeindex, $searchin, $ipaddr, $jump, $block, $descrip, $expr, $size, $subnetsize) = myRegister("I:cust I:areaindex I:rangeindex I:searchin S:ipaddr I:jump I:block S:descrip S:expr I:size I:subnetsize");
if (!$_GET) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new Base() or myError($w, $p, my_("Could not connect to database"));
$ds->SetGrps($grps);
$ds->SetIPaddr($ipaddr);
$ds->SetSubnetSize($subnetsize);
// set from findfree.php
$ds->SetSearchIn($searchin);
$ds->SetDescrip($descrip);
// set search type
if (empty($expr) and !empty($descrip)) {
$expr = "RLIKE";
// Modify capabilities added by Denes Magyar (fat@poison.hu) 22/02/05
require_once "../ipplanlib.php";
require_once "../adodb/adodb.inc.php";
require_once "../class.dbflib.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
// explicitly cast variables as security measure against SQL injection
list($cust, $areaindex, $ipaddr, $action, $descrip) = myRegister("I:cust I:areaindex S:ipaddr S:action S:descrip");
$formerror = "";
if ($action == "modify") {
$title = my_("Modify a network area");
} else {
$title = my_("Create a new network area");
}
newhtml($p);
$w = myheading($p, $title, true);
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
if ($_POST) {
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
$descrip = trim($descrip);
if (strlen($descrip) == 0) {
require_once "../auth.php";
require_once "../xmllib.php";
$auth = new BasicAuthenticator(ADMINREALM, REALMERROR);
$auth->addUser(ADMINUSER, ADMINPASSWD);
// And now perform the authentication
$auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Import IP details result");
newhtml($p);
$w = myheading($p, $title);
// explicitly cast variables as security measure against SQL injection
list($cust, $format, $append) = myRegister("I:cust S:format S:append");
if (!$_POST) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
if (empty($_FILES)) {
$tmp = get_cfg_var("file_uploads");
if (empty($tmp)) {
insert($w, block("<b>" . my_("File uploads may have been disabled in the php.ini configuration file") . "</b><p>"));
}
} else {
if ($_FILES['userfile']['size'] == 0) {
myError($w, $p, my_("Possible file size exceeded php.ini or webserver limit of 2meg - break file into smaller parts"));
}
if (!is_uploaded_file($_FILES['userfile']['tmp_name'])) {
myError($w, $p, my_("Possible file upload attack"));
}
require_once "../auth.php";
require_once "../class.xptlib.php";
$auth = new BasicAuthenticator(ADMINREALM, REALMERROR);
$auth->addUser(ADMINUSER, ADMINPASSWD);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("IPplan Maintenance");
newhtml($p);
$w = myheading($p, $title);
// explicitly cast variables as security measure against SQL injection
list($action, $cust, $block, $requestindex, $requestdesc) = myRegister("S:action I:cust I:block I:requestindex S:requestdesc");
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
if ($action == "deletecustomer") {
if (DBF_TYPE == "mysql" or DBF_TYPE == "maxsql") {
$version = $ds->ds->GetOne("SELECT version() AS version");
if ($version < "4.0.0") {
myError($w, $p, my_("You need MySQL v4.0.0 or higher for this function!"));
}
}
$ds->DbfTransactionStart();
$result =& $ds->ds->Execute("DELETE FROM customer\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM custinfo\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM ipaddr \n WHERE baseindex IN (SELECT baseindex FROM base WHERE customer={$cust})") and $result =& $ds->ds->Execute("DELETE FROM ipaddradd\n WHERE baseindex IN (SELECT baseindex FROM base WHERE customer={$cust})") and $result =& $ds->ds->Execute("DELETE FROM base\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM custadd\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM revdns\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM area\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM netrange\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM fwdzone\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM fwdzoneadd\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM fwdzonerec\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM zones\n WHERE customer={$cust}") and $ds->AuditLog(array("event" => 182, "action" => "delete customer", "user" => getAuthUsername(), "cust" => $cust));
if ($result) {
$ds->DbfTransactionEnd();
insert($w, text(my_("Customer deleted")));
} else {
insert($w, text(my_("Customer could not be deleted")));
require_once "../class.dbflib.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Modify IP address details (range)");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($baseindex, $block, $ip, $search, $expr, $ipplanParanoid) = myRegister("I:baseindex I:block A:ip S:search S:expr I:ipplanParanoid");
//$ip=array($ip); // type array
if (!$_POST) {
myError($w, $p, my_("You cannot reload or bookmark this page!"));
}
// basic sequence is connect, search, interpret search
// result, close connection
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// save md5str for check in displaysubnet.php to see if info has
// been modified since start of edit
$md5str = $ds->GetMD5($ip, $baseindex);
insert($w, block("<h3>"));
insert($w, text(my_("IP Addresses to modify: ")));
foreach ($ip as $value) {
insert($w, text(inet_ntoa($value) . " "));
}
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
require_once "../config.php";
require_once "../ipplanlib.php";
require_once "../adodb/adodb.inc.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// explicitly cast variables as security measure against SQL injection
list($paranoid, $ipplanParanoid, $poll, $ipplanPoll, $lang) = myRegister("I:paranoid I:ipplanParanoid I:poll I:ipplanPoll S:lang");
// set language
if ($lang) {
myLanguage($lang . ":" . dirname(dirname(__FILE__)));
} else {
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
}
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Change display settings");
newhtml($p);
$results = "";
if ($_POST) {
setcookie("ipplanTheme", $theme, time() + 10000000, "/");
// Make change immediate.
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Modify/Copy/Move/Delete/Split/Join subnets");
newhtml($p);
insert($p, $h = wheader("IPPlan - {$title}"));
insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js")));
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($cust, $areaindex) = myRegister("I:cust I:areaindex");
// display opening text
insert($w, heading(3, "{$title}."));
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
// start form
insert($w, $f1 = form(array("name" => "THISFORM", "method" => "post", "action" => $_SERVER["PHP_SELF"])));
$cust = myCustomerDropDown($ds, $f1, $cust, $grps) or myError($w, $p, my_("No customers"));
$areaindex = myAreaDropDown($ds, $f1, $cust, $areaindex);
insert($w, $f2 = form(array("name" => "ENTRY", "method" => "get", "action" => "modifybase.php")));
// save customer name for actual post of data
insert($f2, hidden(array("name" => "cust", "value" => "{$cust}")));
insert($f2, hidden(array("name" => "areaindex", "value" => "{$areaindex}")));
myRangeDropDown($ds, $f2, $cust, $areaindex);
insert($f2, block("<p>"));
insert($f2, $con = container("fieldset", array("class" => "fieldset")));
insert($con, $legend = container("legend", array("class" => "legend")));
$auth->addUser(ADMINUSER, ADMINPASSWD);
// And now perform the authentication
$auth->authenticate();
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Import subnet results");
newhtml($p);
$w = myheading($p, $title);
// explicitly cast variables as security measure against SQL injection
list($cust, $admingrp) = myRegister("I:cust S:admingrp");
if (empty($_FILES)) {
$tmp = get_cfg_var("file_uploads");
if (empty($tmp)) {
insert($w, block("<b>" . my_("File uploads may have been disabled in the php.ini configuration file") . "</b><p>"));
}
} else {
if ($_FILES['userfile']['size'] == 0) {
myError($w, $p, my_("Possible file size exceeded php.ini or webserver limit of 2meg - break file into smaller parts"));
}
if (!is_uploaded_file($_FILES['userfile']['tmp_name'])) {
myError($w, $p, my_("Possible file upload attack"));
}
}
$filename = $_FILES['userfile']['tmp_name'];
// basic sequence is connect, search, interpret search
require_once "../ipplanlib.php";
require_once "../adodb/adodb.inc.php";
require_once "../class.dbflib.php";
require_once "../auth.php";
require_once "../class.templib.php";
$auth = new BasicAuthenticator(ADMINREALM, REALMERROR);
$auth->addUser(ADMINUSER, ADMINPASSWD);
// And now perform the authentication
$auth->authenticate();
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
// basic sequence is connect, search, interpret search
// result, close connection
// explicitly cast variables as security measure against SQL injection
list($cust) = myRegister("I:cust");
$ds = new IPplanDbf() or die(my_("Could not connect to database"));
// force file download due to bad mime type
header("Content-Type: bad/type");
header("Content-Disposition: attachment; filename=base.txt");
header("Pragma: no-cache");
header("Expires: 0");
$startnum = inet_aton(DEFAULTROUTE);
$endnum = inet_aton(ALLNETS);
// if a specific network template exists, use that, else use generic template
$template = new IPplanIPTemplate("basetemplate", $cust);
$err = $template->is_error();
$result = $ds->GetBase($startnum, $endnum, '', $cust);
while ($row = $result->FetchRow()) {
echo inet_ntoa($row["baseaddr"]) . FIELDS_TERMINATED_BY . $row["descrip"] . FIELDS_TERMINATED_BY . inet_ntoa(inet_aton(ALLNETS) + 1 - $row["subnetsize"]) . FIELDS_TERMINATED_BY;
if (!$err) {
require_once "../layout/class.layout";
require_once "../auth.php";
require_once "../class.xptlib.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("DNS Reverse Zones");
newhtml($p);
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
list($action, $zoneid, $serialdate, $serialnum, $cust, $zone, $zoneip, $size, $hname, $responsiblemail, $ttl, $refresh, $retry, $expire, $minimum, $zonepath, $seczonepath, $slaveonly, $descrip, $block, $server, $expr, $ipplanParanoid) = myRegister("S:action I:zoneid I:serialdate I:serialnum I:cust S:zone S:zoneip I:size A:hname S:responsiblemail I:ttl I:refresh I:retry I:expire I:minimum S:zonepath S:seczonepath S:slaveonly S:descrip I:block S:server S:expr I:ipplanParanoid");
// save the last customer used
// must set path else Netscape gets confused!
setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/");
$formerror = "";
if ($slaveonly == "on") {
$slaveonly = "Y";
} else {
if ($slaveonly != "Y" or $slaveonly != "N") {
$slaveonly = "N";
}
}
//if (!$_GET) {
// myError($w,$p, my_("You cannot reload or bookmark this page!"));
//}
// basic sequence is connect, search, interpret search
