function GenMapMenu($table, $field, $order)
{
global $defined;
$db = new dbConn();
$val = new ValidateStrings();
if (empty($table) || empty($field)) {
return -1;
}
$conn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
if (empty($order)) {
$query = "SELECT {$field} FROM `{$table}`";
} else {
$query = "SELECT {$field} FROM `{$table}` ORDER BY `{$order}`";
}
$query = $val->ValidateSQL($query, $conn);
if (($value = $db->dbQuery($query, $conn)) === -1) {
return -1;
}
if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
return -1;
} else {
$list = "<form method=\"get\" action=\"{$_SERVER['PHP_SELF']}\"><b>Existing rides:</b> <select name=\"mapper\" onChange=\"jumpMenu('parent',this,0)\"><option value=\"NULL\">Select Map / Route...</option>";
$list .= "<option>------------------------------</option>";
foreach ($db->dbArrayResultsAssoc($value) as $key => $val) {
$url = $_SERVER['PHP_SELF'] . "?lat=" . $val['lat'] . "&lon=" . $val['lon'] . "&z=" . $val['zoom'] . "&mType=" . $val['type'] . "&driveFrom=" . $val['from'] . "&driveTo=" . $val['to'] . "&driveVia=" . $val['via'] . "&locale=en";
$list .= "<option name=\"{$url}\" value=\"{$url}\">" . $val['name'] . "</option>";
}
$list .= "</select></form>";
$data = $list;
}
$db->dbFreeData($conn);
$db->dbCloseConn($conn);
return $data;
}
function ChkLevel($token)
{
global $defined;
if (empty($token)) {
$level->value = -1;
} else {
$auth = new Encryption();
$db = new dbConn();
$val = new ValidateStrings();
$array = $auth->DecodeAuthToken($token);
$data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT `level` FROM `auth_users` WHERE `level` = \"" . base64_decode($array[2]) . "\"";
$value = $db->dbQuery($val->ValidateSQL($query, $data), $data);
$array = $db->dbArrayResults($value);
$level->value = $array[0]['level'];
$db->dbFreeData($query);
$db->dbCloseConn($data);
}
return $level->value;
}
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "root" || $level->ChkLevel($_SESSION['token'] === "user")) {
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// Get array of subnets to assign hosts to
if ($group === "admin") {
$query = "SELECT * FROM `conf_subnets` ORDER BY `subnet-name` ASC";
} else {
$query = "SELECT * FROM `conf_subnets` WHERE `group` = \"" . $group . "\" ORDER BY `subnet-name` ASC";
}
if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) !== -1) {
$subdata = $db->dbArrayResults($value);
}
// are there subnets? if so populate sql queries to look up hosts per subnet
if (count($subdata)) {
foreach ($subdata as $key => $value) {
if ($group === "admin") {
$sql[$value['subnet-name']] = "SELECT * FROM `conf_hosts` WHERE `subnet-name` = \"" . $value['subnet-name'] . "\"{$filter}";
} else {
$sql[$value['subnet-name']] = "SELECT * FROM `conf_hosts` WHERE `subnet-name` = \"" . $value['subnet-name'] . "\" AND `group` = \"" . $group . "\"";
}
}
// execute as many database queries as we need for our host to subnet assignment
foreach ($sql as $key => $value) {
if (($res = $db->dbQuery($val->ValidateSQL($value, $dbconn), $dbconn)) !== -1) {
$hostdata[$key] = $db->dbArrayResults($res);
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
if ($level->ChkLevel($_SESSION['token']) === "admin" && $group === "admin") {
// define some variables for the template etc.
$JS = NULL;
$FILE = "admin.manage.groups.tpl";
$group_name_err = "*";
$group_manager_err = "*";
$group_contact_err = "*";
$group_description_err = "*";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// Look for a GET id post to edit existing dnssec keys
if (!empty($_GET['id'])) {
if ($val->ValidateInteger($_GET['id']) === -1) {
$message = $err->GenerateErrorLink("help/help.html", "#group_edit", $defined['error'], $errors['val_num'], NULL, NULL);
} else {
// populate the form with database information if already configured
$query = "SELECT * FROM `auth_groups` WHERE `id` = \"" . $_GET['id'] . "\" LIMIT 1";
if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) {
echo $query;
$message = $err->GenerateErrorLink("help/help.html", "#group_edit", $defined['error'], $errors['db_select'], NULL, NULL);
} else {
$data = $db->dbArrayResultsAssoc($value);
$group_id = $data[0]['id'];
$group_name = $data[0]['group'];
$ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL);
// error in database query
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin") {
// define some variables for the template etc.
$JS = " hidediv('extras'); hidediv('perms');";
$FILE = "manage.subnets.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
// get an array of subnets the ISC DHCPD service may listen on
$query = "SELECT `name`, `broadcast` FROM `conf_adapters` ORDER BY `broadcast` ASC";
if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) {
$error = $err->GenerateErrorLink("help/help.html", "#config_subnets", $defined['error'], $errors['db_select'], NULL, NULL);
} else {
$tmp = $db->dbArrayResultsAssoc($value);
// filter for empty stuff
if (count($tmp) > 0) {
for ($x = 0; $x < count($tmp); $x++) {
if (!empty($tmp[$x]['broadcast'])) {
$interface_list[$tmp[$x]['name']] = $tmp[$x]['broadcast'];
$ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL);
// error in database query
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin") {
// define some variables for the template etc.
$JS = NULL;
$FILE = "config.dns.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
// Look for a GET id post to edit existing dnssec keys
if (!empty($_GET['id'])) {
if ($val->ValidateInteger($_GET['id']) === -1) {
$error = $err->GenerateErrorLink("help/help.html", "#config_dnssec", $defined['error'], $errors['val_num'], NULL, NULL);
} else {
// populate the form with database information if already configured
//if( $group === "admin" ) {
$query = "SELECT * FROM `conf_dns_opts` WHERE `id` = \"" . $_GET['id'] . "\" LIMIT 1";
//} else {
// $query = "SELECT * FROM `conf_dns_opts` WHERE `id` = \"" . $_GET['id'] . "\" AND `group` = \"" . $group . "\" LIMIT 1";
//}
function AuthUser($user, $pass, $token)
{
// our global config opts
global $defined;
// initialize classes
$db = new dbConn();
$val = new ValidateStrings();
$lib = new Authenticate();
$auth = new Encryption();
$sess = new Sessions();
$misc = new MiscFunctions();
$exit = new ExitApp();
// check our authentication requirements
if (empty($user) && empty($pass) && empty($token)) {
return -1;
}
// we have an existing authentication token present
if (!empty($token) && empty($user) && empty($pass)) {
$array = $auth->DecodeAuthToken($token);
$user = base64_decode($array[0]);
$pass = base64_decode($array[1]);
$time = $array[4];
$current = $misc->GenTime();
if ($lib->AuthTimeOut($defined['timeout'], $time, $current) === -1) {
return -2;
}
}
// perform validation on username and password
if ($val->ValidateAlphaChar($user) === -1 || $val->ValidateParagraph($pass) === -1) {
return -3;
}
// see if the user exists for authenticaiton
$data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT * FROM `auth_users` WHERE `username` = \"{$user}\" AND `password` = sha1( \"{$pass}\" )";
$query = $val->ValidateSQL($query, $data);
// database problem
if (($value = $db->dbQuery($query, $data)) === -1) {
return -5;
}
// check user match
if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
return -4;
} else {
$return = 0;
}
// create our authentication session token
if (empty($token)) {
$array = $db->dbArrayResults($value);
$x = $auth->GeneratePrivateKey($defined['enckeygen']);
$access_date = $misc->GenDate();
$access_time = $misc->GenTimeRead();
$query = "UPDATE `auth_users` SET `access_date` = \"" . $access_date . "\", `access_time` = \"" . $access_time . "\", `session` = \"{$x}\" WHERE `id` = \"" . $array[0]['id'] . "\"";
$value = $val->ValidateSQL($query, $data);
if (($value = $db->dbQuery($value, $data)) === -1) {
return -5;
}
$x = $auth->EncodePrivToHex($x);
if (($token = $auth->EncodeAuthToken($array[0]['username'], $pass, $array[0]['level'], $array[0]['group'], $misc->GenTime(), $x)) !== -1) {
$sess->RegisterSession("token", $token);
$return = 0;
}
}
$db->dbFreeData($query);
$db->dbCloseConn($data);
return $return;
}
$query = $insert;
$db_msg_good = $errors['db_insert'];
$db_msg_err = $errors['db_insert_err'];
}
if (!empty($_POST['EditFailOverOpts'])) {
$query = $update;
$db_msg_good = $errors['db_edit'];
$db_msg_err = $errors['db_edit_err'];
}
if (!empty($_POST['DelFailOverOpts'])) {
$query = $delete;
$db_msg_good = $errors['db_del'];
$db_msg_err = $errors['db_del_err'];
}
// process our query
if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) {
echo $db->dbCatchError();
$error = $err->GenerateErrorLink("help/help.html", "#config_failover", $defined['error'], $db_msg_err, NULL, NULL);
// attempt to update if record exists
if (eregi("duplicate", $db->dbCatchError()) || !empty($id)) {
if (($value = $db->dbQuery($val->ValidateSQL($update, $dbconn), $dbconn)) === -1) {
$error = $err->GenerateErrorLink("help/help.html", "#config_failover", $defined['error'], $errors['db_edit_err'], NULL, NULL);
} else {
$error = $err->GenerateErrorLink("help/help.html", "#config_failover", $defined['good'], $errors['db_edit'], NULL, NULL);
}
}
} else {
$error = $err->GenerateErrorLink("help/help.html", "#config_failover", $defined['good'], $db_msg_good, NULL, NULL);
}
} else {
// find validation errors
$ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL);
// error in database query
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin" || $level->ChkLevel($_SESSION['token']) === "user") {
// define some variables for the template etc.
$JS = " hidediv('perms');";
$FILE = "manage.hosts.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
// Look for a GET id post to edit existing host records
if (!empty($_GET['id'])) {
if ($val->ValidateInteger($_GET['id']) === -1) {
$error = $err->GenerateErrorLink("help/help.html", "#host_search", $defined['error'], $errors['val_num'], NULL, NULL);
} else {
// populate the form with database information if already configured
if ($group === "admin" || !empty($_GET['allow']) && $val->ValidateInteger($_GET['allow']) === 0) {
$query = "SELECT * FROM `conf_hosts` WHERE `id` = \"" . $_GET['id'] . "\" LIMIT 1";
} else {
$query = "SELECT * FROM `conf_hosts` WHERE `group` = \"" . $group . "\" AND `id` = \"" . $_GET['id'] . "\" LIMIT 1";
}
} else {
$style = $skin->SelectSkin($defined['templates'], $_GET['skin'], $_COOKIE['skin']);
}
// call our header file and pass it some variables
$tpl->assign('TITLE', $defined['title'] . " >> Main Page", NULL, NULL);
$tpl->assign('DESCRIPTION', $defined['description'], NULL, NULL);
$tpl->assign('STYLE', $style, NULL, NULL);
// javascript to set focus on login form
$JS = " document.login.user.focus();";
// authentication template
$FILE = "auth.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// default is no error just diplay login form
if ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -1) {
// well looks like at least one login attempt has been processed, show empty field error
if ($_SESSION['x']++ >= 1) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#missing", $defined['error'], $errors['auth_e'], NULL, NULL);
}
// timeout with authentication token
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -2) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#timeout", $defined['error'], $errors['auth_to'], NULL, NULL);
$misc->ExitApplication($_SESSION['token']);
// error in validation of authentication data
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -3) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#alphanum", $defined['error'], $errors['val_alp'], NULL, NULL);
// authentication data not found in database
function gc($maxlifetime)
{
// some var and classes
global $defined;
$db = new dbConn();
$val = new ValidateStrings();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "DELETE FROM `" . $this->tableName . "` WHERE `session_expire` < \"" . mysql_real_escape_string(time() - $maxlifetime) . "\"";
$result = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn);
}
function ProcessAdapterDetails($array)
{
global $defined;
$db = new dbConn();
$val = new ValidateStrings();
$lib = new MiscFunctions();
$insert = '';
$update = '';
$key = '';
$value = array();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// begin loop
foreach ($array as $key => $value) {
// sql statements
$insert = "INSERT INTO `conf_adapters` ( `name`, `encap`, `hwaddr`, `ipv4`, `broadcast`, `mask`, `ipv6`, `flags`, `rx_packets`, `rx_errors`, `rx_dropped`, `rx_overruns`, `rx_frame`, `tx_packets`, `tx_errors`, `tx_dropped`, `tx_overruns`, `tx_carrier`, `rx_bytes`, `tx_bytes` ) VALUES ( \"" . $key . "\", \"" . $value['encap'] . "\", \"" . $value['hwaddr'] . "\", \"" . $value['ipv4'] . "\", \"" . $value['broadcast'] . "\", \"" . $value['mask'] . "\", \"" . $value['ipv6'] . "\", \"" . $value['flags'] . "\", \"" . $value['RX_packets'] . "\", \"" . $value['RX_errors'] . "\", \"" . $value['RX_dropped'] . "\", \"" . $value['RX_overruns'] . "\", \"" . $value['RX_frame'] . "\", \"" . $value['TX_packets'] . "\", \"" . $value['TX_errors'] . "\", \"" . $value['TX_dropped'] . "\", \"" . $value['TX_overruns'] . "\", \"" . $value['TX_carrier'] . "\", \"" . $value['RX_total'] . "\", \"" . $value['TX_total'] . "\" )";
$update = "UPDATE `conf_adapters_details` SET `name` = \"" . $key . "\", `encap` = \"" . $value['encap'] . "\", `hwaddr` = \"" . $value['hwaddr'] . "\", `ipv4` = \"" . $value['ipv4'] . "\", `broadcast` = \"" . $value['broadcast'] . "\", `mask` = \"" . $value['mask'] . "\", `ipv6` = \"" . $value['ipv6'] . "\", `flags` = \"" . $value['flags'] . "\", `rx_packets` = \"" . $value['RX_packets'] . "\", `rx_errors` = \"" . $value['RX_errors'] . "\", `rx_dropped` = \"" . $value['RX_dropped'] . "\", `rx_overruns` = \"" . $value['RX_overruns'] . "\", `rx_frame` = \"" . $value['RX_frame'] . "\", `tx_packets` = \"" . $value['TX_packets'] . "\", `tx_errors` = \"" . $value['TX_errors'] . "\", `tx_dropped` = \"" . $value['TX_dropped'] . "\", `tx_overruns` = \"" . $value['TX_overruns'] . "\", `tx_carrier` = \"" . $value['TX_carrier'] . "\", `rx_bytes` = \"" . $value['RX_total'] . "\", `tx_bytes` = \"" . $value['TX_total'] . "\" WHERE `name` = \"" . $key . "\" LIMIT 1";
// determine if an traffic table update should occur
if ($value['RX_total'] !== 0) {
// time machine calcs
// (only run once an hour)
$now = $this->GenTime();
// grab some current traffic data
$res = $db->dbQuery($val->ValidateSQL("SELECT `time` FROM `conf_traffic` WHERE `time` < \"" . $now . "\" AND `bytes` > 0 AND `interface` = \"" . $key . "\" LIMIT 1", $dbconn), $dbconn);
$times = $db->dbArrayResults($res);
// get a value we can compare against an hour
$test = abs($now - $times[0]['time']);
// insert some data
if ($test > 3600 && !empty($value['RX_total'])) {
$traffic = "INSERT INTO `conf_traffic` ( `interface`, `bytes`, `time` ) VALUES ( \"" . $key . "\", \"" . $value['RX_total'] . "\", UNIX_TIMESTAMP() )";
$db->dbQuery($val->ValidateSQL($traffic, $dbconn), $dbconn);
}
}
// do the db stuff for our adapters
if ($db->dbQuery($val->ValidateSQL($insert, $dbconn), $dbconn) !== 0) {
if (eregi("duplicate", $db->dbCatchError())) {
$db->dbQuery($val->ValidateSQL($update, $dbconn), $dbconn);
}
}
}
}
function GetAvailableIPAddresses($value, $subnet)
{
//echo "<pre>"; print_r( $value ); echo "</pre>";
global $defined;
$db = new dbConn();
$val = new ValidateStrings();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// process available scope IP's minus IP's engaged in `conf_leases` table
preg_match('/([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\.([0-9]{1,3})/', $value['scope-range-1'], $start);
preg_match('/([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\.([0-9]{1,3})/', $value['scope-range-2'], $end);
// populate a range of valid octets to use
for ($x = $start[2]; $x < $end[2]; $x++) {
$tmp[] = $start[1] . "." . $x;
}
// mathmatica bitch
$x = 1;
for ($i = $start[2]; $i < $end[2]; $i++) {
$total[$key] = $x;
$x++;
}
// now get list of IP's in use as noted by the `conf_leases` table
$sql = "SELECT `ip` FROM `conf_leases` WHERE `ip` LIKE \"" . $start[1] . "%\"";
if (($return = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) !== -1) {
if ($db->dbNumRows($return) !== 0) {
$leases = $db->dbArrayResultsAssoc($return);
}
}
// mathmatics
$amnt = $total[$key];
$in_use = count($leases);
$unused = $amnt - $in_use;
// populate empty list
if (count($tmp) !== 0) {
$x = 0;
foreach ($tmp as $key => $value) {
for ($i = 0; $i < count($leases); $i++) {
if (!in_array($value, $leases[$i])) {
$empty[$x][] = $value;
$x++;
}
}
}
$empty = $this->EliminiateDuplicates($empty);
}
// put everything in a simple array, wuka wuka
$ip_counts[$subnet]['total'] = $amnt;
$ip_counts[$subnet]['total_used'] = $in_use;
$ip_counts[$subnet]['total_unused'] = $unused;
$ip_counts[$subnet]['detail_used'] = $leases;
$ip_counts[$subnet]['detail_unused'] = $empty;
// Free db handle and close connection(s)
$db->dbFreeData($dbconn);
$db->dbCloseConn($dbconn);
// give it to them raw, raw
return $ip_counts;
}
// load our config data
if (file_exists('../scripts/inc.config.php')) {
require '../scripts/inc.config.php';
global $defined;
// open up some handles
$db = new dbConn();
$val = new ValidateStrings();
$misc = new MiscFunctions();
// attempt to get a list of networks the net adapter(s) are listening on
$misc->GetAdapters();
// process lease data
$misc->GetCurrentLeases($defined['leases']);
// look to see if we need to recreate the leases file
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT `recreate` FROM `conf_leases_properties` WHERE `id` = \"1\"";
if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === 0) {
$data = $db->dbArrayResults($value);
}
// do we recreate?
if ($data[0]['recreate'] === "TRUE") {
echo "LEASES: We are going to recreate the current " . $defined['leases'] . "file. Please wait...\n";
}
// Check for file that flags a restart
if (file_exists($defined['virpath'] . "conf/restart")) {
// make sure we have a configuration file to use
if (file_exists($defined['virpath'] . "conf/dhcpd.conf")) {
// use the $defined[dhcpd_cmd] var to restart the service with our config file
system('/usr/bin/killall dhcpd');
system("rm " . $defined['virpath'] . "conf/restart");
system($defined['dhcpd_cmd']);
echo "RESTART: The ISC DHCPD service has been restarted.\n";
$ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL);
// error in database query
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin" || $level->ChkLevel($_SESSION['token']) === "user") {
// define some variables for the template etc.
$JS = " hidediv('extras'); hidediv('perms');";
$FILE = "manage.leases.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
// attempt to process leases if file changed
$misc->GetCurrentLeases($defined['leases']);
// Look for a GET id post to edit existing dnssec keys
if (!empty($_GET['id'])) {
if ($val->ValidateInteger($_GET['id']) === -1) {
$error = $err->GenerateErrorLink("help/help.html", "#lease_search", $defined['error'], $errors['val_num'], NULL, NULL);
} else {
// populate the form with database information if already configured
if ($group === "admin") {
$query = "SELECT * FROM `conf_leases` WHERE `id` = \"" . $_GET['id'] . "\" LIMIT 1";
} else {
$ERROR = $err->GenerateErrorLink("help/help.html", "#alphanum", $defined['error'], $errors['val_alp'], NULL, NULL);
// authentication data not found in database
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -4) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL);
// error in database query
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "root" || $level->ChkLevel($_SESSION['token'] === "user")) {
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// generate array of interfaces to assign leases to
$sql = "SELECT `subnet`,`scope-range-1`,`scope-range-2`,`subnet-name` FROM `conf_subnets`";
if (($value = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) !== -1) {
$subnets = $db->dbArrayResults($value);
}
// loop over results and create nested array of leases per subnet
foreach ($subnets as $key => $value) {
// ensure we are looking at a subnet with a scope defined
if (!empty($value['scope-range-1']) && !empty($value['scope-range-2'])) {
$ip = $value['subnet'];
$name = $value['subnet-name'];
// aquire the total number of leases available in scope
preg_match('/[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.([0-9]{1,3})/', $value['scope-range-1'], $start);
preg_match('/[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.([0-9]{1,3})/', $value['scope-range-2'], $end);
// begin counting
$total = 1;
for ($x = $start[1]; $x < $end[1]; $x++) {
$total = $total + 1;
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin") {
// define some variables for the template etc.
$JS = NULL;
$error_template = NULL;
//$FILE = "admin.import.hosts.tpl";
$FILE = "notfinished.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// begin our validation on submitted data
if (!empty($_POST)) {
// re-assign vars for processing and template assignment
$file_name = $_FILES['file_name']['name'];
$uploaded = $_FILES['file_name']['tmp_name'];
$type = $_FILES['file_name']['type'];
$size = $_FILES['file_name']['size'];
// check each post element
if (!empty($file_name)) {
// begin validation of uploaded file
if ($val->ValidateUploadedFile($file_name, $uploaded, $type, $size, "xml|csv", "application/octet-stream", "1024") === 0) {
// copy file to directory and process further
$upload_path = "conf/uploads/" . basename($file_name);
if (@move_uploaded_file($uploaded, $upload_path)) {
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin" || $level->ChkLevel($_SESSION['token']) === "user") {
// define some variables for the template etc.
$JS = NULL;
$FILE = "restart.dhcpd.tpl";
$err_chk = 0;
$list = "<ol>";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// fix unlinked pxe group host records
$db->dbQuery($val->ValidateSQl("UPDATE `conf_hosts` SET `pxe-group` = '' WHERE `pxe-group` = \"---------------\"", $dbconn), $dbconn);
// begin with global configuration options including dns and dnssec
$sql['global'] = "SELECT * FROM `conf_global_opts`";
$sql['gpxe'] = "SELECT * FROM `conf_pxe_opts`";
$sql['dns'] = "SELECT * FROM `conf_dns_opts`";
$sql['failover'] = "SELECT * FROM `conf_failover`";
$sql['dnssec'] = "SELECT * FROM `conf_dnssec_opts`";
$sql['classes'] = "SELECT * FROM `conf_classes`";
$sql['pools'] = "SELECT * FROM `conf_pools`";
$sql['shared'] = "SELECT * FROM `conf_shared_networks`";
$sql['subnets'] = "SELECT * FROM `conf_subnets`";
$sql['pxe'] = "SELECT * FROM `conf_pxe_groups`";
// process our sql array and place values in assoc array
$ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL);
// error in database query
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin") {
// define some variables for the template etc.
$JS = " hidediv('extras'); hidediv('perms');";
$FILE = "manage.pools.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
// get an array of subnets the ISC DHCPD service may listen on
$query = "SELECT `name`, `broadcast` FROM `conf_adapters` ORDER BY `broadcast` ASC";
if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) {
$error = $err->GenerateErrorLink("help/help.html", "#config_subnets", $defined['error'], $errors['db_select'], NULL, NULL);
} else {
$tmp = $db->dbArrayResultsAssoc($value);
// filter for empty stuff
for ($x = 0; $x < count($tmp); $x++) {
if (!empty($tmp[$x]['broadcast'])) {
$interface_list[$tmp[$x]['name']] = $tmp[$x]['broadcast'];
}
$ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL);
// error in database query
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) {
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin") {
// define some variables for the template etc.
$JS = " hidediv('perms');";
$FILE = "manage.classes.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
// create list of class options
$optsquery = "DESCRIBE `conf_classes_opts`";
if (($current = $db->dbQuery($val->ValidateSQL($optsquery, $dbconn), $dbconn)) !== -1) {
$optslist = $db->dbArrayResultsAssoc($current);
}
if (count($optslist) === 0) {
$class_option = "Class Options table missing";
} else {
foreach ($optslist as $key => $value) {
if ($value['Field'] !== "id") {
$encoded[$value['Field']] = $value['Type'];
