Ejemplo n.º 1
0
 function GenMapMenu($table, $field, $order)
 {
     global $defined;
     $db = new dbConn();
     $val = new ValidateStrings();
     if (empty($table) || empty($field)) {
         return -1;
     }
     $conn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     if (empty($order)) {
         $query = "SELECT {$field} FROM `{$table}`";
     } else {
         $query = "SELECT {$field} FROM `{$table}` ORDER BY `{$order}`";
     }
     $query = $val->ValidateSQL($query, $conn);
     if (($value = $db->dbQuery($query, $conn)) === -1) {
         return -1;
     }
     if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
         return -1;
     } else {
         $list = "<form method=\"get\" action=\"{$_SERVER['PHP_SELF']}\"><b>Existing rides:</b> <select name=\"mapper\" onChange=\"jumpMenu('parent',this,0)\"><option value=\"NULL\">Select Map / Route...</option>";
         $list .= "<option>------------------------------</option>";
         foreach ($db->dbArrayResultsAssoc($value) as $key => $val) {
             $url = $_SERVER['PHP_SELF'] . "?lat=" . $val['lat'] . "&lon=" . $val['lon'] . "&z=" . $val['zoom'] . "&mType=" . $val['type'] . "&driveFrom=" . $val['from'] . "&driveTo=" . $val['to'] . "&driveVia=" . $val['via'] . "&locale=en";
             $list .= "<option name=\"{$url}\" value=\"{$url}\">" . $val['name'] . "</option>";
         }
         $list .= "</select></form>";
         $data = $list;
     }
     $db->dbFreeData($conn);
     $db->dbCloseConn($conn);
     return $data;
 }
Ejemplo n.º 2
0
 function ChkLevel($token)
 {
     global $defined;
     if (empty($token)) {
         $level->value = -1;
     } else {
         $auth = new Encryption();
         $db = new dbConn();
         $val = new ValidateStrings();
         $array = $auth->DecodeAuthToken($token);
         $data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
         $query = "SELECT `level` FROM `auth_users` WHERE `level` = \"" . base64_decode($array[2]) . "\"";
         $value = $db->dbQuery($val->ValidateSQL($query, $data), $data);
         $array = $db->dbArrayResults($value);
         $level->value = $array[0]['level'];
         $db->dbFreeData($query);
         $db->dbCloseConn($data);
     }
     return $level->value;
 }
Ejemplo n.º 3
0
                $tpl->assign('broadcast_address_err', $broadcast_address_err, NULL, NULL);
                $tpl->assign('netbios_servers_err', $netbios_servers_err, NULL, NULL);
                $tpl->assign('ntp_servers_err', $ntp_servers_err, NULL, NULL);
                $tpl->assign('default_lease_err', $default_lease_err, NULL, NULL);
                $tpl->assign('max_lease_err', $max_lease_err, NULL, NULL);
                $tpl->assign('min_lease_err', $min_lease_err, NULL, NULL);
                $tpl->assign('pools_err', $pools_err, NULL, NULL);
                $tpl->assign('list_err', $list_err, NULL, NULL);
                $tpl->assign('select_groups_err', $select_groups_err, NULL, NULL);
                // Do some cleaning before leaving
                $misc->CleanUpVars($_POST, NULL);
                // Perform analyze, repair and optimize on used tables
                $db->dbFixTable("conf_pools", $dbconn);
                $db->dbFixTable("auth_groups_perms", $dbconn);
                // Free db handle and close connection(s)
                $db->dbFreeData($dbconn);
                $db->dbCloseConn($dbconn);
            } else {
                // page view restricted by access level
                $ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['level'], NULL, NULL);
            }
        } else {
            // general authentication error
            $ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['auth_n'], NULL, NULL);
        }
    } else {
        // Possible XSS attack
        $ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['xss_config'], NULL, NULL);
    }
} else {
    // File is missing for configuration params
 function GenUserList($user)
 {
     global $defined;
     $db = new dbConn();
     $conn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     $query = "SELECT * FROM `users` WHERE `username` = \"{$user}\" LIMIT 1";
     if (($value = $db->dbQuery($query, $conn)) === -1) {
         return -1;
     }
     if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
         return -1;
     } else {
         $data = $db->dbArrayResults($value);
     }
     $db->dbFreeData($conn);
     $db->dbCloseConn($conn);
     return $data;
 }
 function GetAvailableIPAddresses($value, $subnet)
 {
     //echo "<pre>"; print_r( $value ); echo "</pre>";
     global $defined;
     $db = new dbConn();
     $val = new ValidateStrings();
     // initialize a db connection handle
     $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     // process available scope IP's minus IP's engaged in `conf_leases` table
     preg_match('/([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\.([0-9]{1,3})/', $value['scope-range-1'], $start);
     preg_match('/([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\.([0-9]{1,3})/', $value['scope-range-2'], $end);
     // populate a range of valid octets to use
     for ($x = $start[2]; $x < $end[2]; $x++) {
         $tmp[] = $start[1] . "." . $x;
     }
     // mathmatica bitch
     $x = 1;
     for ($i = $start[2]; $i < $end[2]; $i++) {
         $total[$key] = $x;
         $x++;
     }
     // now get list of IP's in use as noted by the `conf_leases` table
     $sql = "SELECT `ip` FROM `conf_leases` WHERE `ip` LIKE \"" . $start[1] . "%\"";
     if (($return = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) !== -1) {
         if ($db->dbNumRows($return) !== 0) {
             $leases = $db->dbArrayResultsAssoc($return);
         }
     }
     // mathmatics
     $amnt = $total[$key];
     $in_use = count($leases);
     $unused = $amnt - $in_use;
     // populate empty list
     if (count($tmp) !== 0) {
         $x = 0;
         foreach ($tmp as $key => $value) {
             for ($i = 0; $i < count($leases); $i++) {
                 if (!in_array($value, $leases[$i])) {
                     $empty[$x][] = $value;
                     $x++;
                 }
             }
         }
         $empty = $this->EliminiateDuplicates($empty);
     }
     // put everything in a simple array, wuka wuka
     $ip_counts[$subnet]['total'] = $amnt;
     $ip_counts[$subnet]['total_used'] = $in_use;
     $ip_counts[$subnet]['total_unused'] = $unused;
     $ip_counts[$subnet]['detail_used'] = $leases;
     $ip_counts[$subnet]['detail_unused'] = $empty;
     // Free db handle and close connection(s)
     $db->dbFreeData($dbconn);
     $db->dbCloseConn($dbconn);
     // give it to them raw, raw
     return $ip_counts;
 }
 function AuthUser($user, $pass, $token)
 {
     // our global config opts
     global $defined;
     // initialize classes
     $db = new dbConn();
     $val = new ValidateStrings();
     $lib = new Authenticate();
     $auth = new Encryption();
     $sess = new Sessions();
     $misc = new MiscFunctions();
     $exit = new ExitApp();
     // check our authentication requirements
     if (empty($user) && empty($pass) && empty($token)) {
         return -1;
     }
     // we have an existing authentication token present
     if (!empty($token) && empty($user) && empty($pass)) {
         $array = $auth->DecodeAuthToken($token);
         $user = base64_decode($array[0]);
         $pass = base64_decode($array[1]);
         $time = $array[4];
         $current = $misc->GenTime();
         if ($lib->AuthTimeOut($defined['timeout'], $time, $current) === -1) {
             return -2;
         }
     }
     // perform validation on username and password
     if ($val->ValidateAlphaChar($user) === -1 || $val->ValidateParagraph($pass) === -1) {
         return -3;
     }
     // see if the user exists for authenticaiton
     $data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
     $query = "SELECT * FROM `auth_users` WHERE `username` = \"{$user}\" AND `password` = sha1( \"{$pass}\" )";
     $query = $val->ValidateSQL($query, $data);
     // database problem
     if (($value = $db->dbQuery($query, $data)) === -1) {
         return -5;
     }
     // check user match
     if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
         return -4;
     } else {
         $return = 0;
     }
     // create our authentication session token
     if (empty($token)) {
         $array = $db->dbArrayResults($value);
         $x = $auth->GeneratePrivateKey($defined['enckeygen']);
         $access_date = $misc->GenDate();
         $access_time = $misc->GenTimeRead();
         $query = "UPDATE `auth_users` SET `access_date` = \"" . $access_date . "\", `access_time` = \"" . $access_time . "\", `session` = \"{$x}\" WHERE `id` = \"" . $array[0]['id'] . "\"";
         $value = $val->ValidateSQL($query, $data);
         if (($value = $db->dbQuery($value, $data)) === -1) {
             return -5;
         }
         $x = $auth->EncodePrivToHex($x);
         if (($token = $auth->EncodeAuthToken($array[0]['username'], $pass, $array[0]['level'], $array[0]['group'], $misc->GenTime(), $x)) !== -1) {
             $sess->RegisterSession("token", $token);
             $return = 0;
         }
     }
     $db->dbFreeData($query);
     $db->dbCloseConn($data);
     return $return;
 }