*
* @version 0.5.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
// Verify if Stats are enabled and get last update
if ($SUMO['config']['accesspoints']['stats']['enabled'] != 'on' && !$_SESSION['accesspoints']['stats']['col_sql']) {
$query = "SELECT MAX(updated) FROM " . SUMO_TABLE_ACCESSPOINTS_STATS;
$rs = $SUMO['DB']->Execute($query);
$tab = $rs->FetchRow();
$updated = sumo_get_human_date($tab[0], true, true);
$enable = "<input type='button' class='button' value='" . $language['EnableStatistics'] . "' " . "onclick='sumo_ajax_get(\"settings\",\"?module=settings&action=edit&AccessPointOptions_visibility=1\");'>";
$tpl['MESSAGE:M'] = sumo_get_message('StatisticsDisabled', array($updated, $enable));
}
sumo_set_table_settings();
// Create search query
$search = '';
if ($_SESSION['search_accesspoints_stats']) {
$field['path'] = sumo_search_composer($_SESSION['search_accesspoints_stats'], 'a.path');
$field['name'] = sumo_search_composer($_SESSION['search_accesspoints_stats'], 'a.name');
$search = $field['path'][0] && $field['name'][0] ? " WHERE (" . $field['path'][0] . " OR " . $field['name'][0] . ") " : '';
}
// Create sql query to select only groups of user
$group_query = sumo_get_group_query($search);
$operand = $search || $group_query ? ' AND ' : ' WHERE ';
$query1 = "SELECT b.node AS node, b.id_page AS id_page, a.name AS name, a.path AS path, b.access AS access, \n\t\t\t\t b.activity AS activity, b.last_login AS last_login, b.updated AS updated\n\t\t FROM " . SUMO_TABLE_ACCESSPOINTS . " a, " . SUMO_TABLE_ACCESSPOINTS_STATS . " b \n\t\t " . $search . $group_query . $operand . "\n\t\t a.id = b.id_page";
$query2 = $query1 . " ORDER BY " . $_SESSION['accesspoints']['stats']['col_sql'] . " " . $_SESSION['accesspoints']['stats']['mode_sql'];
$rs = $SUMO['DB']->CacheExecute(15, $query1);
*/
$validate[0] = TRUE;
// verify group name
if (!sumo_validate_group_name(trim($_POST['groupname']))) {
$validate = array(FALSE, $language['InvalidGroupName']);
}
// verify group description
if ($_POST['groupdesc'] && $validate[0]) {
if (!sumo_validate_group_desc(trim($_POST['groupdesc']))) {
$validate = array(FALSE, $language['InvalidGroupDesc']);
}
}
// verify if group already exist
if ($validate[0]) {
if (sumo_verify_group_exist(trim($_POST['groupname']))) {
$validate = array(FALSE, sumo_get_message('GroupAlreadyExist', $_POST['groupname']));
}
}
if (!$validate[0]) {
$tpl['MESSAGE:H'] = $language['GroupNotAdded'] . ": " . $validate[1];
} else {
$insert = sumo_add_group(array('usergroup' => $_POST['groupname'], 'groupdesc' => $_POST['groupdesc']));
if ($insert) {
$tpl['MESSAGE:L'] = sumo_get_message('GroupAdded', $_POST['groupname']);
$tpl['GET:WindowScripts'] = "sumo_ajax_get('groups.content','?module=groups&action=list&decoration=false');";
} else {
$tpl['MESSAGE:H'] = $language['GroupNotAdded'];
}
}
$_SESSION['action'] = 'new';
require "action.new.php";
<?php
/**
* SUMO MODULE: Network | Modify Local IP Address
*
* @version 0.2.10
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$data = array(array('id', $_GET['id'], 1), array('iptype', $_POST['type'], 1), array('iprange', $_POST['ip'], 1));
$validate = sumo_validate_data_network($data, TRUE);
if (!$validate[0]) {
$tpl['MESSAGE:M'] = sumo_get_message('LocalIPNotUpdated') . ":<br>" . $validate[1];
} else {
$update = sumo_update_intranet_ip_data(array('id' => $_GET['id'], 'type' => $_POST['type'], 'ip' => $_POST['ip']));
if ($update) {
$tpl['MESSAGE:L'] = sumo_get_message('LocalIPUpdated', $_POST['ip']);
} else {
$tpl['MESSAGE:H'] = sumo_get_message('LocalIPNotUpdated');
}
}
require "action.edit_localip.php";
* SUMO MODULE: Users | Delete User Image
*
* @version 0.3.4
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$tab = sumo_get_user_info($_GET['id'], 'id', FALSE);
if (sumo_verify_permissions(4, $tab['group'])) {
if ($SUMO['user']['id'] == $_GET['id'] || $SUMO['user']['user'] == 'sumo') {
$validate[0] = '';
// If id not exist
if (!$tab['id']) {
$tpl['MESSAGE:H'] = sumo_get_message('W00001C', $_GET['id']);
} else {
sumo_delete_user_image($_GET['id']);
}
if ($validate[0]) {
$tpl['MESSAGE:M'] = $validate[1];
}
$tpl['GET:UpdateForm'] = "<form action='?module=users&action=editimg&id=" . $tab['id'] . "' " . "name='UpdateUserImg' method='POST' enctype='multipart/form-data'>";
$tpl['IMG:User'] = "******" . $tab['id'] . "' alt='" . $tab['username'] . "' class='user'>";
$tpl['PUT:UserImage'] = "<input type='hidden' name='MAX_FILE_SIZE' value='30720'>" . "<input type='file' size='20' class='file' name='user_image' >";
$tpl['GET:DeleteForm'] = "<form action='?module=users&action=deleteimg&id=" . $tab['id'] . "' name='DeleteUserImg' method='POST'>\n" . "<input type='submit' class='button' value='" . $language['Delete'] . "'>\n" . "</form>";
// Note: not using sumo_show_window() function
// because for this event a window is external
$tpl_file = SUMO_PATH_MODULE . '/templates/editimg.tpl';
if (sumo_verify_file($tpl_file)) {
$content = implode('', file($tpl_file));
<?php
/**
* SUMO MODULE: Groups | Delete Group
*
* @version 0.4.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$tab = sumo_get_group_info($_GET['id']);
$delete = sumo_delete_group($_GET['id']);
//if($delete)
$tpl['MESSAGE:L'] = sumo_get_message('GroupDeleted', $_POST['usergroup']);
//else
//$tpl['MESSAGE:H'] = $language['GroupNotDeleted'];
$_SESSION['action'] = 'list';
require "action.list.php";
}
// If registration enabled require reg_group
$reg_group = $_POST['registration'] ? 1 : 0;
$data = array(array('id', $_GET['id'], 1), array('node', $_POST['node'], 1), array('name', $_POST['name'], 1), array('path', $_POST['path'], 1), array('usergroup', $_POST['group'], 1), array('reg_group', $_POST['reg_group'], $reg_group), array('boolean', $_POST['http_auth'], 1), array('boolean', $_POST['filtering'], 1), array('boolean', $_POST['pwd_encrypt'], 1), array('boolean', $_POST['change_pwd'], 1), array('boolean', $_POST['registration'], 1), array('theme', $_POST['theme']));
$validate = sumo_validate_accesspoint_data($data, TRUE);
// verify if accesspoint already exist
//if(sumo_verify_accesspoint_exist($_POST['node'], $_POST['path'])) $validate = array(FALSE, sumo_get_message('I07002C', $_POST['path']));
// Verify submittedd groups with current user group
if ($validate[0]) {
$submitted_group = sumo_get_grouplevel($_POST['group'], TRUE);
$available_group = sumo_get_available_group();
for ($g = 0; $g < count($submitted_group); $g++) {
if (!in_array($submitted_group[$g], $available_group) && $submitted_group[$g]) {
//$validate = array(false, sumo_get_message('GroupNotAvailable', $submitted_group[$g]));
$validate[0] = true;
$warning = sumo_get_message('GroupNotAvailable', $submitted_group[$g]);
break;
}
}
}
if (!$validate[0]) {
$tpl['MESSAGE:H'] = $language['AccessPointNotUpdated'] . ": " . $validate[1];
} else {
$update = sumo_update_accesspoint_data(array('id' => $_GET['id'], 'node' => $_POST['node'], 'path' => $_POST['path'], 'name' => $_POST['name'], 'group' => $_POST['group'], 'reg_group' => $_POST['reg_group'], 'http_auth' => $_POST['http_auth'], 'filtering' => $_POST['filtering'], 'pwd_encrypt' => $_POST['pwd_encrypt'], 'change_pwd' => $_POST['change_pwd'], 'registration' => $_POST['registration'], 'theme' => $_POST['theme']));
if ($update && !$warning) {
$tpl['MESSAGE:L'] = $language['AccessPointUpdated'];
} elseif ($update && $warning) {
$tpl['MESSAGE:M'] = $language['AccessPointUpdated'] . " " . $warning;
} else {
$tpl['MESSAGE:H'] = $language['AccessPointNotUpdated'];
}
/**
* Validate network data
*
* Note: see also sumo_validate_data() in libs/lib.core.php
*/
function sumo_validate_data_network($data = array(), $message = FALSE)
{
$elements = count($data);
$err = FALSE;
if ($elements > 0) {
for ($d = 0; $d < $elements; $d++) {
if ($data[$d][2] == 1 || $data[$d][2] == 0 && $data[$d][1]) {
switch ($data[$d][0]) {
case 'id':
// INT = 256^4-1
if ($data[$d][1] < 1 || $data[$d][1] > 4294967296) {
$err = 'W00029C';
}
break;
case 'node_name':
if (!preg_match("/^[a-z0-9" . SUMO_REGEXP_ALLOWED_CHARS . "\\-\\_\\.\\=\\&\\/\\\\'\\ ]{4,50}\$/i", $data[$d][1])) {
$err = 'W09015C';
}
break;
case 'dsname':
if (!preg_match("/^[a-z0-9" . SUMO_REGEXP_ALLOWED_CHARS . "\\-\\_\\.\\=\\&\\/\\\\'\\ ]{4,128}\$/i", $data[$d][1])) {
$err = 'W09001C';
}
break;
case 'type':
if (!in_array($data[$d][1], sumo_get_available_datasources())) {
$err = 'W09002C';
}
break;
case 'port':
if ($data[$d][1] < 1 || $data[$d][1] > 65535) {
$err = 'W09004C';
}
break;
case 'protocol':
$protocols = array('http', 'https');
if (!in_array($data[$d][1], $protocols)) {
$err = 'W09017C';
}
break;
case 'username':
if (!preg_match('/^[a-z0-9]{3,32}$/i', $data[$d][1])) {
$err = 'W09005C';
}
break;
case 'password':
if (!preg_match('/[a-z0-9\\.\\,\\:\\;\\_\\-\\$\\!\\"\'\\/\\\\£\\%\\&\\(\\)\\=\\?\\^\\+\\*\\ ' . SUMO_REGEXP_ALLOWED_CHARS . ']{3,255}$/i', $data[$d][1])) {
$err = 'W09006C';
}
break;
case 'db_name':
if (!preg_match('/^[a-z0-9\\_]{3,32}$/i', $data[$d][1])) {
$err = 'W09007C';
}
break;
case 'db_table':
if (!preg_match('/[a-z0-9\\_]{3,255}$/i', $data[$d][1])) {
$err = 'W09008C';
}
break;
case 'enctype':
$enctype = sumo_get_datasource_enctype();
if (!in_array($data[$d][1], $enctype)) {
$err = 'W09018C';
}
break;
case 'ldap_base':
if (!preg_match('/^[a-z0-9\\.\\,\\:\\;\\_\\-\\=\\\\/\\+\\*\\ ' . SUMO_REGEXP_ALLOWED_CHARS . ']{4,255}$/i', $data[$d][1])) {
$err = 'W00027C';
}
break;
case 'iptype':
$type = array('L', 'P');
if (!in_array($data[$d][1], $type)) {
$err = 'W09010C';
}
break;
case 'host':
if (!sumo_validate_ip($data[$d][1], FALSE) && !preg_match('/[a-z0-9\\.\\_\\-]{3,128}$/i', $data[$d][1])) {
$err = 'W09011C';
}
break;
case 'hostname':
if (!preg_match('/[a-z0-9\\.\\_\\-]{3,128}$/i', $data[$d][1])) {
$err = 'W09003C';
}
break;
case 'iprange':
if (!sumo_validate_iprange($data[$d][1], FALSE)) {
$err = 'W09009C';
}
break;
case 'status':
if ($data[$d][1] != 0 && $data[$d][1] != 1) {
$err = 'W09012C';
}
break;
case 'sumo_path':
if (!preg_match("/^\\/[a-z0-9\\-\\_\\.\\/]{1,253}\\/\$/i", $data[$d][1])) {
$err = 'W09014C';
}
break;
default:
$err = 'W00019C';
break;
}
if ($err) {
break;
}
}
}
if ($message) {
return !$err ? array(TRUE, '') : array(FALSE, sumo_get_message($err));
} else {
return !$err ? true : false;
}
} else {
return false;
}
}
*
* @version 0.4.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$data = array(array('id', $_GET['id'], 1), array('dsname', $_POST['name'], 1), array('type', $_POST['type'], 1), array('hostname', $_POST['host']), array('port', $_POST['port']), array('username', $_POST['username']), array('password', $_POST['password']), array('db_name', $_POST['db_name']), array('db_table', $_POST['db_table']), array('username', $_POST['db_field_user']), array('password', $_POST['db_field_password']), array('enctype', $_POST['enctype']), array('ldap_base', $_POST['ldap_base']));
$validate = sumo_validate_data_network($data, TRUE);
if ($validate[0]) {
//
if (($_POST['type'] == 'MySQL' || $_POST['type'] == 'MySQLUsers' || $_POST['type'] == 'Postgres') && (!$_POST['db_name'] || !$_POST['db_table'] || !$_POST['db_field_user'] || !$_POST['db_field_password'])) {
$validate = array(FALSE, sumo_get_message('I09004C', $_POST['db_name']));
}
// LDAP/LDAPS
if (($_POST['type'] == 'LDAP' || $_POST['type'] == 'LDAPS' || $_POST['type'] == 'ADAM') && !$_POST['ldap_base']) {
$validate = array(FALSE, sumo_get_message('I09005C'));
}
}
if (!$validate[0]) {
$tpl['MESSAGE:H'] = sumo_get_message('DataSourceNotAdded', $_POST['name']) . ":<br>" . $validate[1];
} else {
$update = sumo_update_datasource_data(array('id' => $_GET['id'], 'name' => $_POST['name'], 'type' => $_POST['type'], 'host' => $_POST['host'], 'port' => $_POST['port'], 'username' => $_POST['username'], 'password' => $_POST['password'], 'db_name' => $_POST['db_name'], 'db_table' => $_POST['db_table'], 'db_field_user' => $_POST['db_field_user'], 'db_field_password' => $_POST['db_field_password'], 'enctype' => $_POST['enctype'], 'ldap_base' => $_POST['ldap_base']));
if ($update) {
$tpl['MESSAGE:L'] = sumo_get_message('DataSourceUpdated', $_POST['name']);
} else {
$tpl['MESSAGE:H'] = sumo_get_message('DataSourceNotUpdated', $_POST['name']);
}
}
require "action.edit_datasource.php";
$tpl['MESSAGE:A'] = 1;
}
break;
case 'GET_USERS_LOGOUT':
/**
* Get users logout
*/
$query = "SELECT message FROM " . SUMO_TABLE_LOG_ACCESS . "\n\t\t\t\t WHERE code='I00201X'\n\t\t\t\t \tAND\ttime >= " . ($SUMO['server']['time'] - 65);
$rs = $SUMO['DB']->Execute($query);
$users = array();
while ($tab = $rs->FetchRow()) {
// Very BAD solution (for now)!!!
$message = explode(" ", $tab['message']);
$users[] = $message[1];
}
if (!empty($users)) {
$message = sumo_get_message('UserLogout', implode(", ", $users));
$l = 'l';
$tpl['MESSAGE:A'] = 1;
}
break;
// Unknow command
// Unknow command
default:
echo "E00121X";
break;
}
// Create message
if ($message != "") {
echo "<SCRIPT>sumo_show_message('msg{$m}', '{$message}', '{$l}', \n\t\t\t\t\t\t\t\t\t'{$tpl['MESSAGE:A']}',\n\t\t\t\t\t\t\t\t\t'" . base64_encode($tpl['MESSAGE:F']) . "',\n\t\t\t\t\t\t\t\t\t'" . base64_encode($tpl['BUTTON:1']) . "',\n\t\t\t\t\t\t\t\t\t'" . base64_encode($tpl['BUTTON:2']) . "',\n\t\t\t\t\t\t\t\t\t'" . base64_encode($tpl['BUTTON:3']) . "');";
}
<?php
/**
* SUMO MODULE: Users | Erase
*
* @version 0.4.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$tab = sumo_get_user_info($_GET['id'], 'id', FALSE);
if (sumo_verify_permissions(5, $tab['group'])) {
$delete = sumo_delete_user($_GET['id']);
require "action.list.php";
if ($delete) {
$tpl['MESSAGE:L'] = sumo_get_message('UserDeleted', $tab['username']);
} else {
$tpl['MESSAGE:H'] = sumo_get_message('UserNotDeleted', $tab['username']);
}
} else {
$action_error = true;
$tpl['MESSAGE:H'] = $language['AccessDenied'];
}
*
* @version 0.5.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
if ($_POST['host'] == '127.0.0.1') {
$_POST['host'] = 'localhost';
}
$data = array(array('node_name', $_POST['name'], 1), array('host', $_POST['host'], 1), array('port', $_POST['port'], 1), array('status', $_POST['status'], 1), array('protocol', $_POST['protocol'], 1), array('sumo_path', $_POST['sumo_path'], 1));
$validate = sumo_validate_data_network($data, TRUE);
// verify if node already exist
if (sumo_verify_node_exist($_POST)) {
$validate = array(FALSE, sumo_get_message('W09016C'));
}
if (!$validate[0]) {
$tpl['MESSAGE:H'] = sumo_get_message('NodeNotAdded') . ":<br>" . $validate[1];
} else {
$insert = sumo_add_node(array('name' => $_POST['name'], 'host' => $_POST['host'], 'port' => $_POST['port'], 'active' => $_POST['status'], 'protocol' => $_POST['protocol'], 'sumo_path' => $_POST['sumo_path']));
if ($insert) {
$tpl['MESSAGE:L'] = sumo_get_message('NodeAdded');
$tpl['GET:WindowScripts'] = "sumo_ajax_get('network.content','?module=network&action=nlist&decoration=false');";
} else {
$tpl['MESSAGE:H'] = sumo_get_message('NodeNotAdded');
}
}
require "action.new_node.php";
?>
/**
* Validate data accesspoint
* See also sumo_validate_data() in libs/lib.core.php
*
* @author Alberto Basso
*/
function sumo_validate_accesspoint_data($data = array(), $message = FALSE)
{
$elements = count($data);
$err = FALSE;
if ($elements > 0) {
for ($d = 0; $d < $elements; $d++) {
if ($data[$d][2] == 1 || $data[$d][2] == 0 && $data[$d][1]) {
switch ($data[$d][0]) {
case 'id':
// INT = 256^4-1
if ($data[$d][1] < 1 || $data[$d][1] > 4294967296) {
$err = 'W00029C';
}
break;
case 'path':
if (!preg_match("/^(\\/)+[_\\.\\/a-z0-9-]{1,}(\\.){1}(php|php4|php5|html|htm|asp|pl|jsp){1}\$/i", $data[$d][1])) {
$err = 'W07003C';
}
break;
case 'node':
if ($data[$d][1] < 1 || $data[$d][1] > 4294967296) {
$err = 'W07004C';
}
break;
case 'name':
$languages = sumo_get_available_languages();
for ($l = 0; $l < count($languages); $l++) {
if (!preg_match("/^[-a-z0-9_\\.\\=\\&\\/\\'" . SUMO_REGEXP_ALLOWED_CHARS . " ]{5,128}\$/i", $data[$d][1][$languages[$l]])) {
$err = 'W00031C';
}
}
break;
case 'usergroup':
if (!sumo_validate_group($data[$d][1], FALSE)) {
$err = 'W07002C';
}
break;
case 'reg_group':
if (!sumo_validate_group($data[$d][1], FALSE)) {
$err = 'W07005C';
}
break;
case 'boolean':
if ($data[$d][1] != 0 && $data[$d][1] != 1) {
$err = 'W00032C';
}
break;
case 'theme':
if (!in_array($data[$d][1], sumo_get_available_themes())) {
$err = 'W00033C';
}
break;
default:
$err = 'W00019C';
break;
}
if ($err) {
break;
}
}
}
if ($message) {
return !$err ? array(TRUE, '') : array(FALSE, sumo_get_message($err));
} else {
return !$err ? TRUE : FALSE;
}
} else {
return FALSE;
}
}
*/
// Create group string
if ($_POST['group']) {
$_POST['group'] = sumo_get_normalized_group(implode(";", $_POST['group']), TRUE);
}
$_POST['path'] = sumo_get_normalized_accesspoint($_POST['path']);
// If new group exist add it
if ($_POST['newgroup']) {
$_POST['group'] = sumo_get_normalized_group($_POST['newgroup'] . ";" . $_POST['group'], TRUE);
}
// If registration enabled require reg_group
$reg_group = $_POST['registration'] ? 1 : 0;
$data = array(array('node', $_POST['node'], 1), array('name', $_POST['name'], 1), array('path', $_POST['path'], 1), array('usergroup', $_POST['group'], 1), array('reg_group', $_POST['reg_group'], $reg_group), array('boolean', $_POST['http_auth'], 1), array('boolean', $_POST['filtering'], 1), array('boolean', $_POST['pwd_encrypt'], 1), array('boolean', $_POST['change_pwd'], 1), array('boolean', $_POST['registration'], 1), array('theme', $_POST['theme']));
$validate = sumo_validate_accesspoint_data($data, TRUE);
// verify if accesspoint already exist
if (sumo_verify_accesspoint_exist($_POST['node'], $_POST['path'])) {
$validate = array(FALSE, sumo_get_message('I07002C', $_POST['path']));
}
if (!$validate[0]) {
$tpl['MESSAGE:H'] = $language['AccessPointNotAdded'] . ": " . $validate[1];
} else {
$update = sumo_add_accesspoint(array('name' => $_POST['name'], 'node' => $_POST['node'], 'path' => $_POST['path'], 'usergroup' => $_POST['group'], 'reg_group' => $_POST['reg_group'], 'http_auth' => $_POST['http_auth'], 'filtering' => $_POST['filtering'], 'pwd_encrypt' => $_POST['pwd_encrypt'], 'change_pwd' => $_POST['change_pwd'], 'registration' => $_POST['registration'], 'theme' => $_POST['theme']));
if ($update) {
$tpl['MESSAGE:L'] = $language['AccessPointAdded'];
$tpl['GET:WindowScripts'] = "sumo_ajax_get('accesspoints.content','?module=accesspoints&action=list&decoration=false');";
} else {
$tpl['MESSAGE:H'] = $language['AccessPointNotAdded'];
}
}
$_SESSION['action'] = 'new';
require "action.new.php";
<?php
/**
* SUMO MODULE: Network | Erase Local IP address
*
* @version 0.4.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$tab = sumo_get_intranet_ip_info($_GET['id'], FALSE);
$delete = sumo_delete_intranet_ip($tab['id']);
if ($delete) {
$tpl['MESSAGE:L'] = sumo_get_message('LocalIPDeleted', $tab['ip']);
} else {
$tpl['MESSAGE:H'] = sumo_get_message('LocalIPNotDeleted', $tab['ip']);
}
$tpl['GET:MenuModule'] = sumo_get_module_menu($menu['ilist'], 'ilist');
require "action.ilist.php";
<?php
/**
* SUMO MODULE: Messages | Main
*
* @version 0.4.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$m = intval($_GET['m']);
$msg = $_GET['msg'];
$data = explode("_", $_GET['data']);
$onclick = array('ErrorsMessages' => 'sumo_ajax_get(\'security\',\'?module=security&action=errors_list\');' . 'sumo_remove_window(\'messages' . $m . '\')', 'BannedUsers' => 'sumo_ajax_get(\'security\',\'?module=security&action=banned\');' . 'sumo_remove_window(\'messages' . $m . '\')', 'ChangePassword' => 'sumo_ajax_get(\'users\',\'?module=users&action=view&id=' . $data[0] . '\');' . 'sumo_remove_window(\'messages' . $m . '\')', 'SQLiteError' => '', 'IP2CountryEmpty' => 'sumo_ajax_get(\'settings\',\'?module=settings&action=edit\');' . 'sumo_remove_window(\'messages' . $m . '\')', 'RemoveExamplesDir' => '', 'RemoveInstallDir' => '', 'UserLogin' => 'sumo_remove_window(\'messages' . $m . '\')', 'UserLogout' => 'sumo_remove_window(\'messages' . $m . '\')', $language['Undefined'] => 'sumo_remove_window(\'messages' . $m . '\')');
$msg = in_array($msg, array_keys($onclick)) ? $msg : $language['Undefined'];
$tpl = array('GET:PageTheme' => $SUMO['page']['theme'], 'GET:WindowElement' => 'messages' . $m, 'MESSAGE' => sumo_get_message($msg, $data), 'GET:Cancel' => '<input type="button" class="button" value="' . $language['Cancel'] . '" ' . 'onclick="javascript:sumo_remove_window(\'messages' . $m . '\');">', 'GET:Ok' => '<input type="button" class="button" value="' . $language['Ok'] . '" ' . 'onclick="javascript:' . $onclick[$msg] . ';">', 'GET:Close' => '<input type="button" class="button" value="' . $language['Close'] . '" ' . 'onclick="javascript:sumo_remove_window(\'messages' . $m . '\');">');
$tpl_file = $service[$_GET['cmd']]['template'];
if ($validate[0]) {
// Verify submittedd groups with current user group
$available_group = sumo_get_available_group();
$newgroup = explode(":", $_POST['newgroup']);
if (!in_array($newgroup[0], $available_group)) {
$validate = array(FALSE, sumo_get_message('GroupNotAvailable', $newgroup[0]));
}
if (!in_array('sumo', $SUMO['user']['group']) || $newgroup[0] == 'sumo') {
if ($SUMO['user']['group_level'][$newgroup[0]] < $newgroup[1]) {
$validate = array(FALSE, sumo_get_message('WrongLevel', $newgroup[1]));
}
}
}
if (!$validate[0]) {
$tpl['MESSAGE:H'] = sumo_get_message('UserNotAdded', $_POST['user']) . ": " . $validate[1];
} else {
$insert = sumo_add_user(array('username' => $_POST['user'], 'firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'active' => $_POST['active'], 'email' => $_POST['email'], 'language' => $_POST['language'], 'group' => $_POST['newgroup'], 'ip' => $_POST['ip'], 'day_limit' => $_POST['day_limit'], 'password' => $_POST['new_password'], 'datasource_id' => $_POST['datasource_id']));
if ($insert) {
$tpl['MESSAGE:L'] = sumo_get_message('UserAdded', $_POST['user']);
$tpl['BUTTON:Back'] = "<input type='button' class='button-red' value='" . $language['Back'] . "' onClick='javascript:history.go(-2);'>";
$tpl['GET:WindowScripts'] = "sumo_ajax_get('users.content','?module=users&action=list&decoration=false');";
} else {
$tpl['MESSAGE:H'] = sumo_get_message('UserNotAdded', $_POST['user']);
}
}
$_SESSION['action'] = 'new';
require "action.new.php";
} else {
$action_error = true;
$tpl['MESSAGE:H'] = $language['AccessDenied'];
}
<?php
/**
* SUMO MODULE: Network | Erase Node
*
* @version 0.4.2
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$tab = sumo_get_node_info($_GET['id'], 'id', FALSE);
$tpl['GET:DeleteForm'] = sumo_get_form_req('', 'erase_node', 'id=' . $tab['id']);
if ($_GET['id'] == 1) {
$tpl['MESSAGE:H'] = $language['CannotDeleteNode'];
} else {
$delete = sumo_delete_node($_GET['id']);
if ($delete) {
$tpl['MESSAGE:L'] = sumo_get_message('NodeDeleted', $tab['name']);
} else {
$tpl['MESSAGE:H'] = sumo_get_message('NodeNotDeleted', $tab['name']);
}
}
$tpl['GET:MenuModule'] = sumo_get_module_menu($menu['nlist'], 'nlist');
require "action.nlist.php";
/**
* Update user data
*/
function sumo_update_user_data($data = array())
{
if (!empty($data)) {
global $SUMO;
$id = intval($data['id']);
$day_limit = intval($data['day_limit']);
$active = $data['active'] !== '' ? intval($data['active']) : FALSE;
$firstname = ucwords(preg_replace('/[\\s\\,]+/', ' ', $data['firstname']));
$lastname = ucwords(preg_replace('/[\\s\\,]+/', ' ', $data['lastname']));
$ip = str_replace(";;", ";", str_replace(",", ";", preg_replace('/[\\s\\,]+/', ';', $data['ip'])));
$email = strtolower($data['email']);
$language = $data['language'];
$sumogroup = sumo_verify_sumogroup($data['usergroup']);
$group = $sumogroup ? $sumogroup : $data['usergroup'];
$group = sumo_get_normalized_group($group);
if ($day_limit > 0) {
$daylimit[0] = 'day_limit=' . $day_limit . ', ';
$daylimit[1] = 'day_limit=' . $day_limit . ' AND ';
} else {
$daylimit[0] = 'day_limit=NULL, ';
$daylimit[1] = 'day_limit IS NULL AND ';
}
// Get user data
$userdata = sumo_get_user_info($id, 'id', FALSE);
$sumouser = sumo_get_user_info($SUMO['user']['user']);
$datasource = sumo_get_datasource_info($data['datasource_id'], FALSE);
// Change password
if ($data['password'] && ($SUMO['user']['id'] == $id || $SUMO['user']['id'] == $userdata['owner_id'] || $SUMO['user']['user'] == 'sumo')) {
switch ($datasource['type']) {
case 'Unix':
case 'SUMO':
$record['password'] = "******" . $data['password'] . "'";
sumo_update_password_date($id, $data['password']);
break;
case 'MySQLUsers':
require SUMO_PATH . '/libs/lib.datasource.mysql_users.php';
$sumo_update_password($userdata['username'], $data['password']);
break;
case 'Joomla15':
require SUMO_PATH . '/libs/lib.datasource.joomla15.php';
$sumo_update_password($userdata['username'], $data['password']);
break;
default:
$record['password'] = "";
break;
}
}
if ($group) {
$record['usergroup'] = "usergroup='{$group}'";
}
// group
if ($sumouser['id'] != $id) {
$record['active'] = "active=" . $active;
}
// active
// verify if user can change some parameters...
if ($SUMO['user']['id'] == $id || in_array('sumo', $SUMO['user']['group']) || $SUMO['user']['id'] == $userdata['owner_id']) {
$firstname = get_magic_quotes_gpc() ? $firstname : addslashes($firstname);
$lastname = get_magic_quotes_gpc() ? $lastname : addslashes($lastname);
$record['firstname'] = "firstname='" . $firstname . "'";
$record['lastname'] = "lastname='" . $lastname . "'";
$record['email'] = "email='{$email}'";
$record['language'] = "language='{$language}'";
} else {
$record['firstname'] = "";
$record['lastname'] = "";
$record['email'] = "";
$record['language'] = "";
}
//... to change IP address
if (in_array('sumo', $SUMO['user']['group']) || $SUMO['user']['id'] == $userdata['owner_id']) {
$record['ip'] = "ip='" . $ip . "'";
} else {
$record['ip'] = "";
}
// Data source
$record['datasource_id'] = "datasource_id=" . $data['datasource_id'];
// modified
$record['modified'] = "modified=" . $SUMO['server']['time'];
// Create fields for query
$new_record = array_values($record);
for ($r = 0; $r < count($new_record); $r++) {
if ($new_record[$r]) {
$records[$r] = $new_record[$r];
}
}
$update = implode(', ', $records);
$select = implode(' AND ', $records);
// create query for update
$query = "UPDATE " . SUMO_TABLE_USERS . "\n\t\t SET " . $daylimit[0] . " " . $update . "\n\t\t WHERE id=" . $id;
$SUMO['DB']->Execute($query);
if ($select || $day_limit[1]) {
$select = $select . " AND ";
}
// verify query success
$query = "SELECT * FROM " . SUMO_TABLE_USERS . "\n\t\t WHERE " . $daylimit[1] . "\n\t\t " . $select . "\n\t\t id=" . $id;
$rs = $SUMO['DB']->Execute($query);
$tab = $rs->FetchRow();
$upd = $rs->PO_RecordCount();
// if updated:
if ($upd == 1) {
$SUMO['DB']->CacheFlush();
if ($record['password']) {
// ...to change current session password
if ($id == $SUMO['user']['id']) {
$_SESSION['user']['password'] = sumo_get_hex_hmac_sha1($SUMO['connection']['security_string'], $data['password']);
$_SESSION['pwd_changed'] = $SUMO['server']['time'];
} else {
sumo_delete_session(NULL, NULL, $data['user']);
}
}
sumo_write_log('I01000X', array($tab['username'], $SUMO['user']['user']), 3, 3, 'system', FALSE);
// Send user notify
if ($SUMO['config']['accounts']['notify']['updates'] && $email) {
if (!$SUMO['config']['server']['admin']['email']) {
sumo_write_log('E06000X', '', '0,1', 2, 'system', FALSE);
} else {
$object = sumo_get_message("I00001M", $SUMO['server']['name']);
$message = sumo_get_message("I00106M", array($firstname . " " . $lastname, $SUMO['server']['name'], $SUMO['user']['user']));
$m = new Mail();
$m->From($SUMO['config']['server']['admin']['email']);
$m->To($email);
$m->Subject($object);
$m->Body($message, SUMO_CHARSET);
$m->Priority(1);
$m->Send();
}
}
return TRUE;
} else {
return FALSE;
}
} else {
return FALSE;
}
}
/**
* Validate data settings
* See also sumo_settings_data() in libs/lib.core.php
*/
function sumo_validate_data_settings($data = array(), $message = FALSE)
{
$elements = count($data);
$err = FALSE;
if ($elements > 0) {
for ($d = 0; $d < $elements; $d++) {
if ($data[$d][2] == 1 || $data[$d][2] == 0 && $data[$d][1]) {
switch ($data[$d][0]) {
case 'date_format':
if (!ereg("[BdDFjlLmMnrStTwWYyz:\\./\\-]+", $data[$d][1])) {
$err = 'W06011C';
}
break;
case 'time_format':
if (!ereg("[aABgGhHiIOrsTU.:-]+", $data[$d][1])) {
$err = 'W06010C';
}
break;
case 'admin_name':
if (!preg_match('/^[a-z0-9' . SUMO_REGEXP_ALLOWED_CHARS . '\'\\/\\\\_\\-\\ ]{0,50}$/i', $data[$d][1])) {
$err = 'W06012C';
}
break;
case 'accounts.life':
if ($data[$d][1] < 0) {
$err = 'W06001C';
}
break;
case 'accounts.registration.life':
if ($data[$d][1] < 1) {
$err = 'W06007C';
}
break;
// see also sumo_validate_data_accesspoint()
// see also sumo_validate_data_accesspoint()
case 'accesspoints.name':
$languages = sumo_get_available_languages();
for ($l = 0; $l < count($languages); $l++) {
if (!preg_match("/^[a-z0-9\\-\\_\\.\\=\\&\\/\\\\'\\ " . SUMO_REGEXP_ALLOWED_CHARS . "]{5,128}\$/i", $data[$d][1][$languages[$l]])) {
$err = 'W00031C';
}
}
break;
// see also sumo_validate_data_accesspoint()
// see also sumo_validate_data_accesspoint()
case 'accesspoints.group':
if (!sumo_validate_group($data[$d][1], FALSE)) {
$err = 'W07002C';
}
break;
// see also sumo_validate_data_accesspoint()
// see also sumo_validate_data_accesspoint()
case 'accesspoints.theme':
if (!in_array($data[$d][1], sumo_get_available_themes())) {
$err = 'W00033C';
}
break;
case 'security.banned_time':
if ($data[$d][1] < 5) {
$err = 'W06002C';
}
break;
case 'security.max_login_attempts':
if ($data[$d][1] < 3) {
$err = 'W06004C';
}
break;
case 'connections.timeout':
if ($data[$d][1] < 10) {
$err = 'W06005C';
}
break;
case 'sessions.timeout':
if ($data[$d][1] < 60) {
$err = 'W06006C';
}
break;
case 'database.optimize_hits':
if ($data[$d][1] < 100) {
$err = 'W06008C';
}
break;
case 'logs.life':
if ($data[$d][1] < 0) {
$err = 'W06003C';
}
break;
case 'logs.file.size':
if ($data[$d][1] < 32) {
$err = 'W06005C';
}
break;
case 'language':
if (!in_array($data[$d][1], sumo_get_available_languages())) {
$err = 'W00021C';
}
break;
case 'email':
if (!sumo_validate_email($data[$d][1])) {
$err = 'W00007C';
}
break;
case 'boolean':
if ($data[$d][1] != 0 && $data[$d][1] != 1) {
$err = 'W00032C';
}
break;
default:
$err = 'W00019C';
break;
}
if ($err) {
break;
}
}
}
if ($message) {
if (!$err) {
return array(TRUE, '');
} else {
return array(FALSE, sumo_get_message($err) . "<br>[expect:" . $data[$d][0] . "]");
}
} else {
if (!$err) {
return TRUE;
} else {
return FALSE;
}
}
} else {
return FALSE;
}
}
if ($validate[0]) {
$submitted_group_level = sumo_get_grouplevel($_POST['group']);
$submitted_group = sumo_get_grouplevel($_POST['group'], true);
$available_group = sumo_get_available_group();
for ($g = 0; $g < count($submitted_group); $g++) {
if (!in_array($submitted_group[$g], $available_group) && $submitted_group[$g]) {
$validate = array(false, sumo_get_message('GroupNotAvailable', $submitted_group[$g]));
break;
}
if (!in_array('sumo', $SUMO['user']['group']) || $submitted_group[$g] == 'sumo') {
if ($SUMO['user']['group_level'][$submitted_group[$g]] < $submitted_group_level[$submitted_group[$g]] || $SUMO['user']['group_level'][$submitted_group[$g]] < $tab['group_level'][$submitted_group[$g]]) {
$submitted_group_level[$submitted_group[$g]] = $tab['group_level'][$submitted_group[$g]];
}
// User can't change his group level
if ($_GET['id'] == $SUMO['user']['id'] && $submitted_group_level[$submitted_group[$g]] != $SUMO['user']['group_level'][$submitted_group[$g]]) {
$validate = array(false, sumo_get_message('WrongLevel', $submitted_group_level[$submitted_group[$g]]));
}
}
}
}
if (!$validate[0]) {
$tpl['MESSAGE:H'] = $language['UserNotUpdated'] . ": " . $validate[1];
} else {
$update = sumo_update_user_data(array('id' => $_GET['id'], 'username' => $_POST['user'], 'firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'active' => $_POST['active'], 'email' => $_POST['email'], 'language' => $_POST['language'], 'datasource_id' => $_POST['datasource_id'], 'usergroup' => $_POST['group'], 'ip' => $_POST['ip'], 'day_limit' => $_POST['day_limit'], 'password' => $_POST['new_password']));
if ($update) {
$tpl['MESSAGE:L'] = $language['UserUpdated'];
} else {
$tpl['MESSAGE:H'] = $language['UserNotUpdated'];
}
}
require "action.edit.php";
case 'L':
$tab['type'] = $language['Locale'];
break;
case 'P':
$tab['type'] = $language['Proxy'];
break;
default:
$tab['type'] = $language['Unknow'];
break;
}
// verify permission to delete node
// NOTE: NOT use sumo_verify_permissions() for best performance!
$delete = '';
if ($SUMO['user']['group_level']['sumo'] > 4) {
$msg = sumo_get_simple_rand_string(4, "123456789");
$delete = "<a href=\"javascript:" . "sumo_show_message('msg{$msg}', '" . htmlspecialchars(sumo_get_message('AreYouSureDeleteLocalIP', array($tab['ip'], $tab['type']))) . "', \n\t\t\t\t\t\t\t\t\t 'h', 0,\n\t\t\t\t\t\t\t\t\t '" . base64_encode(sumo_get_form_req('', 'erase_localip', 'id=' . $tab['id'])) . "',\n\t\t\t\t\t\t\t\t\t '" . base64_encode('') . "',\n\t\t\t\t\t\t\t\t\t '" . base64_encode("<input type='button' value='" . $language['Cancel'] . "' onclick='javascript:sumo_remove_window(\"msg{$msg}\");' class='button'>") . "',\n\t\t\t\t\t\t\t\t\t '" . base64_encode("<input type='submit' value='" . $language['Ok'] . "' onclick='javascript:sumo_remove_window(\"msg{$msg}\");' class='button'>") . "'\n\t\t\t\t\t\t\t\t\t);\">" . "<img src='themes/" . $SUMO['page']['theme'] . "/images/modules/network/remove.gif'></a> ";
}
$list .= "<tr>\n";
if ($col[3]) {
$list .= "<td class='" . $style . "'>" . $delete . "<a href='javascript:sumo_ajax_get(\"network\",\"?module=network&action=view_localip&id=" . $tab['id'] . "\");' title='" . $language['View'] . "'>" . $tab['type'] . "</a></td>\n";
}
if ($col[2]) {
$list .= "<td class='" . $style . "' align='right'>" . "<a href='javascript:sumo_ajax_get(\"network\",\"?module=network&action=view_localip&id=" . $tab['id'] . "\");' title='" . $language['View'] . "'>" . $tab['ip'] . "</a></td>\n";
}
$list .= "</tr>\n";
}
$list .= "</table>";
$searched = $search ? $_SESSION['search_network_ilist'] : '';
// Template Data
$tpl = array('MESSAGE:H' => $tpl['MESSAGE:H'], 'MESSAGE:M' => $tpl['MESSAGE:M'], 'MESSAGE:L' => $tpl['MESSAGE:L'], 'GET:Theme' => $SUMO['page']['theme'], 'GET:MenuModule' => $tpl['GET:MenuModule'], 'GET:LocalNetworkList' => $list, 'GET:TotalRows' => number_format($tot, 0, "", "."), 'GET:StartRow' => number_format($_SESSION['start_network_ilist'], 0, "", "."), 'GET:EndRow' => number_format($_SESSION['start_network_ilist'] + $vis, 0, "", "."), 'GET:PagingResults' => sumo_paging_results($tot, $vis, $_SESSION['rows_network_ilist'], 5, $_SESSION['start_network_ilist'], 'start_network_ilist'), 'GET:TableSettings' => sumo_get_table_settings($table['data']['ilist']), 'GET:SearchForm' => sumo_get_form_search($searched), 'GET:ExportData' => '');
$tpl['GET:Pagination'] = $tot > 0 ? $tpl['GET:StartRow'] . "..." . $tpl['GET:EndRow'] . " " . $language['of'] . " <b>" . $tpl['GET:TotalRows'] . "</b>" : "";
sumo_delete_session();
sumo_add_banned();
}
}
}
// Create SSO
if ($sumo_access == 'LOGIN' && SUMO_SESSIONS_REPLICA) {
sumo_create_session_id();
}
// Display Login or Message box
if ($sumo_access != 'CONTINUE' && $sumo_access != 'LOGIN') {
$SUMO['connection'] = sumo_get_connection_info();
// HTTP Basic Authentication
if (!empty($SUMO['page']['http_auth'])) {
$sumo_template = 'message';
$sumo_message = $sumo_access == 'LOGOUT' ? sumo_get_message('I00006C') : sumo_get_message('W00100C');
$sumo_page_name = sumo_get_accesspoint_name($SUMO['page']['name'], $SUMO['config']['server']['language']);
header('WWW-Authenticate: Basic realm="' . $sumo_page_name . '"');
header('HTTP/1.0 401 Unauthorized');
header('status: 401 unauthorized');
header('Content/Type: text/html; charset=' . SUMO_CHARSET);
}
// Load base Template Library
$tpl_lib = SUMO_PATH . "/libs/lib.template.login.php";
$tpl_lib_ext = SUMO_PATH . "/libs/lib.template.login." . $SUMO['page']['theme'] . ".php";
$tpl_file = SUMO_PATH . "/themes/" . $SUMO['page']['theme'] . "/" . $sumo_template . ".tpl";
if (sumo_verify_file($tpl_lib)) {
require $tpl_lib;
}
if (file_exists($tpl_lib_ext)) {
require $tpl_lib_ext;
<?php
/**
* SUMO MODULE: Network | Modify Node
*
* @version 0.4.2
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$data = array(array('id', $_GET['id'], 1), array('node_name', $_POST['name'], 1), array('host', $_POST['host'], 1), array('port', $_POST['port'], 1), array('status', $_POST['status'], 1), array('protocol', $_POST['protocol'], 1), array('sumo_path', $_POST['sumo_path'], 1));
$validate = sumo_validate_data_network($data, TRUE);
if (!$validate[0]) {
$tpl['MESSAGE:H'] = sumo_get_message('NodeNotUpdated') . ":<br>" . $validate[1];
} else {
$update = sumo_update_node_data(array('id' => $_GET['id'], 'name' => $_POST['name'], 'host' => $_POST['host'], 'port' => $_POST['port'], 'active' => $_POST['status'], 'protocol' => $_POST['protocol'], 'sumo_path' => $_POST['sumo_path']));
if ($update) {
$tpl['MESSAGE:L'] = sumo_get_message('NodeUpdated');
} else {
$tpl['MESSAGE:H'] = sumo_get_message('NodeNotUpdated');
}
}
require "action.edit_node.php";
<?php
/**
* SUMO MODULE: Network | Add Local IP address
*
* @version 0.4.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$data = array(array('iptype', $_POST['type'], 1), array('iprange', $_POST['ip'], 1));
$validate = sumo_validate_data_network($data, TRUE);
if (!$validate[0]) {
$tpl['MESSAGE:H'] = sumo_get_message('LocalIPNotAdded') . ":<br>" . $validate[1];
} else {
$insert = sumo_add_intranet_ip(array('type' => $_POST['type'], 'ip' => $_POST['ip']));
if ($insert) {
$tpl['MESSAGE:L'] = sumo_get_message('LocalIPAdded', $_POST['ip']);
} else {
$tpl['MESSAGE:H'] = sumo_get_message('LocalIPNotAdded');
}
}
require "action.new_localip.php";
/**
* Erase Account
*
* @author Alberto Basso
*/
function sumo_delete_account($reg_code = '')
{
global $SUMO, $sumo_reg_data;
if (!$reg_code) {
$reg_code = $sumo_reg_data['reg_code'];
}
$query1 = "SELECT * FROM " . SUMO_TABLE_USERS_TEMP . " \r\n\t\t\t WHERE reg_code='" . $reg_code . "' \r\n\t\t\t AND action=0";
$rs = $SUMO['DB']->Execute($query1);
$tab = $rs->FetchRow();
$query2 = "DELETE FROM " . SUMO_TABLE_USERS . " \r\n\t\t\t WHERE email='" . $tab['email'] . "' \r\n\t\t\t AND username='******'username'] . "'\r\n\t\t\t AND username<>'sumo'";
$query3 = "DELETE FROM " . SUMO_TABLE_USERS_TEMP . " \r\n\t\t\t WHERE email='" . $tab['email'] . "' \r\n\t\t\t AND username='******'username'] . "' \r\n\t\t\t AND reg_code='" . $reg_code . "' \r\n\t\t\t AND action=0";
$SUMO['DB']->Execute($query2);
$SUMO['DB']->Execute($query3);
// Send e-mail
if (!$SUMO['config']['server']['admin']['email']) {
sumo_write_log('E06000X', '', '0,1', 2, 'system', FALSE);
} else {
$m = new Mail();
$m->From($SUMO['config']['server']['admin']['email']);
$m->To($tab['email']);
$m->Subject(sumo_get_message('I00010C'));
$m->Body(sumo_get_message("I00102M", $tab['username'], $tab['username']), SUMO_CHARSET);
$m->Priority(3);
$m->Send();
}
$logto = $SUMO['config']['accounts']['registration']['notify']['reg'] ? 3 : '0,1';
sumo_write_log('I104', array($tab['username'], $tab['email']), $logto, 2);
}
/**
* Dynamic hits counter
*
* type = FALSE return hits value
* type = TRUE return if count=hits
*
* @author Alberto Basso <*****@*****.**>
*/
function sumo_hits_count($count = 100, $type = false)
{
if (intval($count) > 0) {
$file = SUMO_PATH . '/tmp/hits/hits.' . $count;
$hits = 0;
// Read hits
if (file_exists($file)) {
$fp = fopen($file, 'r+') or die(sumo_get_message('E00105X', $file));
$hits = fgets($fp, 4096);
fclose($fp);
}
$hits++;
// Write hits
$fp = fopen($file, 'w+') or die(sumo_get_message('E00106X', $file));
if ($hits == $count) {
fwrite($fp, '0');
} else {
fwrite($fp, $hits);
}
fclose($fp);
if (!$type) {
return $hits;
} else {
return $hits == $count ? true : false;
}
} else {
return false;
}
}
$module['file']['action'] = SUMO_PATH_MODULE . '/actions/action.' . $action . '.php';
if (isset($_GET['decoration'])) {
$decoration = $_GET['decoration'] == 'false' ? false : true;
}
// Verify if exist required action file
if (!file_exists($module['file']['action'])) {
$tpl['MESSAGE:H'] = sumo_get_message('UnknowAction', htmlentities($action));
} else {
// Verify action permissions
if (!empty($ma[$action]['level']) && $action_error != true) {
$level = $ma[$action]['level'];
$group = $ma[$action]['group'] ? $ma[$action]['group'] : $SUMO['user']['group'];
$user = $ma[$action]['user'] ? $ma[$action]['user'] : $SUMO['user']['user'];
if (!sumo_verify_permissions($level, $group, $user)) {
$action_error = true;
$tpl['MESSAGE:H'] = sumo_get_message('AccessDeniedDetails', array($user, $group, $level));
}
}
}
if (!$action_error) {
// Load module file if exist
if (file_exists($module['file']['module'])) {
require $module['file']['module'];
}
// Load action file
require $module['file']['action'];
}
// export data on file
// NOTE: no window is necessary, but not display permission error
if ($action == 'export') {
exit;
} else {
$sumo_message = sumo_get_message('I00011C');
sumo_request_pwdlost();
}
session_destroy();
break;
case 'CHANGEPWD':
if ($SUMO['page']['change_pwd']) {
if (!sumo_validate_reg_code($sumo_reg_data['reg_code'])) {
$sumo_message = sumo_get_message('W00014C');
} else {
sumo_activate_new_password($sumo_reg_data['reg_code']);
$sumo_message = sumo_get_message('I00012C');
}
} else {
$sumo_message = sumo_get_message('W00015C');
}
session_destroy();
break;
case 'CONTINUE':
$_SESSION['loggedin'] = TRUE;
// don't update sess data when refresh a window
// see: sumo_refresh_window on scripts/
if (!$_GET['refresh']) {
/**
* Regenerate session id approximately every 10 page loads.
* NOTE: don't work if sessions replica is enabled
* WARNING: maybe don't work on system with heavy load !!!
*/
if ($SUMO['config']['sessions']['auto_regenerate_id']) {
if (!SUMO_SESSIONS_REPLICA && rand() % 10 == 0) {
*/
$tab = sumo_get_node_info($_GET['id'], 'id', FALSE);
$tpl['GET:UpdateForm'] = sumo_get_form_req('', 'modify_node', 'id=' . $tab['id']);
$tpl['PUT:Protocol'] = sumo_put_node_protocol($tab['protocol']);
$tpl['PUT:NodeName'] = "<input type='text' size='25' name='name' value='" . $tab['name'] . "'>";
$tpl['PUT:Host'] = "<input type='text' size='25' name='host' value='" . $tab['host'] . "'>";
$tpl['PUT:Port'] = "<input type='text' size='7' name='port' value='" . $tab['port'] . "'>";
$tpl['PUT:SumoPath'] = "<input type='text' size='25' name='sumo_path' value='" . $tab['sumo_path'] . "'>";
$tpl['BUTTON:Back'] = "<input type='button' class='button-red' value='" . $language["Back"] . "' onclick='javascript:sumo_ajax_get(\"network\",\"?module=network&action=view_node&id=" . $tab['id'] . "\");'>";
$tpl['LINK:Add'] = sumo_verify_permissions(4, 'sumo') ? sumo_get_action_icon("network", "add_node", "network.content", "?module=network&action=new_node&decoration=false") : sumo_get_action_icon("", "add_node");
$tpl['LINK:Edit'] = sumo_get_action_icon("", "edit_node");
// Change status
if ($tab['active']) {
$tpl['GET:Status'] = "<font class='status-green'>" . $language['Active'] . "</font>";
$tpl['PUT:Status'] = "<select name='status'>\n<option value='1'>" . $language['Enable'] . "</option>\n<option value='0'>" . $language['Disable'] . "</option>\n</select>";
} else {
$tpl['GET:Status'] = "<font class='status-red'>" . $language['Disabled'] . "</font>";
$tpl['PUT:Status'] = "<select name='status'>\n<option value='0'>" . $language['Disable'] . "</option>\n<option value='1'>" . $language['Enable'] . "</option>\n</select>";
}
// if it's current node
if ($tab['ip'] == $SUMO['server']['ip']) {
$tpl['MESSAGE:M'] = $language['NodeWarning'];
$tpl['PUT:Host'] = $tab['ip'] . "<input type='hidden' name='host' value='" . $tab['host'] . "'>";
$tpl['PUT:Status'] = "";
}
if (sumo_verify_permissions(7, 'sumo') && $tab['id'] > 1) {
$msg = sumo_get_simple_rand_string(4, "123456789");
$tpl['LINK:Remove'] = "<div class='sub-module-icon' " . "onmouseover='this.style.outline=\"1px solid #999999\";this.style.background=\"#FFFFFF\"' " . "onmouseout='this.style.outline=\"\";this.style.background=\"\"'>" . "<a href=\"javascript:" . "sumo_show_message('msg{$msg}', '" . htmlspecialchars(sumo_get_message('AreYouSureDeleteNode', $tab['name'])) . "', \n\t\t\t\t\t\t\t\t 'h', 0, \n\t\t\t\t\t\t\t\t '" . base64_encode(sumo_get_form_req('', 'erase_node', 'id=' . $tab['id'])) . "',\n\t\t\t\t\t\t\t\t '" . base64_encode('') . "',\n\t\t\t\t\t\t\t\t '" . base64_encode("<input type='button' value='" . $language['Cancel'] . "' onclick='javascript:sumo_remove_window(\"msg{$msg}\");' class='button'>") . "',\n\t\t\t\t\t\t\t\t '" . base64_encode("<input type='submit' value='" . $language['Ok'] . "' onclick='javascript:sumo_remove_window(\"msg{$msg}\");' class='button'>") . "'\n\t\t\t\t\t\t\t\t);\">" . "<img src='themes/" . $SUMO['page']['theme'] . "/images/modules/network/remove_node.png' vspace='4'><br>" . $language['Remove'] . "</a>" . "</div>";
} else {
$tpl['LINK:Remove'] = sumo_get_action_icon("", "remove_node");
}
<?php
/**
* SUMO MODULE: Network | Datasource Erase
*
* @version 0.4.0
* @link http://sumoam.sourceforge.net SUMO Access Manager
* @author Alberto Basso <*****@*****.**>
* @copyright Copyright © 2003-2009, Alberto Basso
* @package SUMO
* @category Console
*/
$tab = sumo_get_datasource_info($_GET['id'], FALSE);
if ($_GET['id'] == 1) {
$tpl['MESSAGE:M'] = $language['CannotDeleteDataSource'];
} else {
$delete = sumo_delete_datasource($_GET['id']);
if ($delete) {
$tpl['MESSAGE:L'] = sumo_get_message('DataSourceDeleted', $tab['name']);
} else {
$tpl['MESSAGE:H'] = sumo_get_message('DataSourceNotDeleted', $tab['name']);
}
}
$tpl['GET:MenuModule'] = sumo_get_module_menu($menu['dlist'], 'dlist');
require "action.dlist.php";