function get_user_info($link, $user, $config) { if ($link && $config[sql_use_user_info_table] == 'true') { $user = da_sql_escape_string($user); $res = @da_sql_query($link, $config, "SELECT name FROM {$config['sql_user_info_table']} WHERE username = '******';"); if ($res) { $row = @da_sql_fetch_array($res, $config); if ($row) { return $row[name]; } } } }
} if ($acct_attrs['fl'][9] != '') { echo "<th>" . $acct_attrs['fl'][9] . "</th>\n"; } unset($sql_extra_query); if ($config[sql_accounting_extra_query] != '') { $sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config); $sql_extra_query = da_sql_escape_string($sql_extra_query); } ?> </tr> <?php $link = @da_sql_pconnect($config); if ($link) { $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " acctstoptime,username,nasipaddress,nasportid,acctterminatecause,callingstationid\n\tFROM {$config['sql_accounting_table']}\n\tWHERE acctstoptime <= '{$now_str}' AND acctstoptime >= '{$prev_str}'\n\tAND (acctterminatecause LIKE 'Login-Incorrect%' OR\n\tacctterminatecause LIKE 'Invalid-User%' OR\n\tacctterminatecause LIKE 'Multiple-Logins%') {$callerid_str} {$server_str} {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY acctstoptime {$order} " . da_sql_limit($limit, 2, $config) . " ;"); if ($search) { while ($row = @da_sql_fetch_array($search, $config)) { $num++; $acct_login = $row[username]; if ($acct_login == '') { $acct_login = '******'; } else { $acct_login = "******"user_admin.php?login={$acct_login}\" title=\"Edit user {$acct_login}\">{$acct_login}</a>"; } $acct_time = $row[acctstoptime]; $acct_server = $row[nasipaddress]; if ($acct_server != '') { $acct_server = $da_name_cache[$acct_server]; if (!isset($acct_server)) { $acct_server = $row[nasipaddress];
<?php if (is_file("../lib/sql/drivers/{$config['sql_type']}/functions.php")) { include_once "../lib/sql/drivers/{$config['sql_type']}/functions.php"; } else { echo "<b>Could not include SQL library</b><br>\n"; exit; } $link = @da_sql_pconnect($config); if ($link) { $res = @da_sql_query($link, $config, "DELETE FROM {$config['sql_groupreply_table']} WHERE groupname = '{$login}';"); if ($res) { $res = @da_sql_query($link, $config, "DELETE FROM {$config['sql_groupcheck_table']} WHERE groupname = '{$login}';"); if ($res) { $res = @da_sql_query($link, $config, "DELETE FROM {$config['sql_usergroup_table']} WHERE groupname = '{$login}';"); if ($res) { echo "<b>Group {$login} deleted successfully</b><br>\n"; } else { echo "<b>Error deleting group {$login} from usergroup table: " . da_sql_error($link, $config) . "</b><br>\n"; } } else { echo "<b>Error deleting group {$login} from group check table: " . da_sql_error($link, $config) . "</b><br>\n"; } } else { echo "<b>Error deleting group {$login} from group reply table: " . da_sql_error($link, $config) . "</b><br>\n"; } } else { echo "<b>Could not connect to SQL database</b><br>\n"; }
$del = da_sql_escape_string($del); $res = @da_sql_query($link, $config, "DELETE FROM {$config['sql_usergroup_table']} WHERE username = '******' AND groupname = '{$login}';"); if (!$res) { echo "<b>Could not delete user {$del} from group: " . da_sql_error($link, $config) . "</b><br>\n"; } } } if ($new_members != '') { $Members = preg_split("/[\n\\s]+/", $new_members, -1, PREG_SPLIT_NO_EMPTY); if (!empty($Members)) { foreach ($Members as $new_member) { $new_member = da_sql_escape_string($new_member); $res = @da_sql_query($link, $config, "SELECT username FROM {$config['sql_usergroup_table']} WHERE\n\t\t\t\tusername = '******' AND groupname = '{$login}';"); if ($res) { if (@da_sql_num_rows($res, $config)) { echo "<b>User {$new_member} already is a member of the group</b><br>\n"; } else { $res = @da_sql_query($link, $config, "INSERT INTO {$config['sql_usergroup_table']} (groupname,username)\n\t\t\t\t\t\tVALUES ('{$login}','{$new_member}');"); if (!$res) { echo "<b>Error while adding user {$new_member} to group: " . da_sql_error($link, $config) . "</b><br>\n"; } } } else { echo "<b>Could not add new member {$new_member}: " . da_sql_error($link, $config) . "</b><br>\n"; } } } } } else { echo "<b>Could not connect to SQL database</b><br>\n"; }
$link = @da_sql_pconnect($config); if ($link) { $auth_user = $_SERVER["PHP_AUTH_USER"]; $extra = ''; if (isset($mappings[$auth_user][nasdb])) { $NAS_ARR = array(); $NAS_ARR = preg_split('/,/', $mappings[$auth_user][nasdb]); $extra = 'WHERE nasname IN ('; foreach ($NAS_ARR as $nas) { $extra .= "'{$nasname}',"; } unset($NAS_ARR); $extra = rtrim($extra, ","); $extra .= ')'; } $search = @da_sql_query($link, $config, "SELECT * FROM {$config['sql_nas_table']} {$extra};"); if ($search) { while ($row = @da_sql_fetch_array($search, $config)) { $num = 0; $my_nas_name = $row['nasname']; if ($my_nas_name != '') { $nas_list[$my_nas_name]['name'] = $my_nas_name; $nas_server = $da_name_cache[$my_nas_name]; if (!isset($nas_server)) { if (!check_ip($my_nas_name)) { $nas_server = @gethostbyname($my_nas_name); } else { $nas_server = $my_nas_name; } if (!isset($da_name_cache) && $config[general_use_session] == 'yes') { $da_name_cache[$my_nas_name] = $nas_server;
$res = @da_sql_query($link, $config, "SELECT " . da_sql_limit($max, 0, $config) . " username FROM {$config['sql_user_info_table']} WHERE\n\t\tlower({$search_IN}) LIKE '%{$search}%' " . da_sql_limit($max, 1, $config) . " " . da_sql_limit($max, 2, $config) . " ;"); if ($res) { while ($row = @da_sql_fetch_array($res, $config)) { $found_users[] = $row[username]; } } else { "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n"; } } else { if ($search_IN == 'radius' && $radius_attr != '') { require "../lib/sql/attrmap.php"; if ($attrmap["{$radius_attr}"] == '') { $attrmap["{$radius_attr}"] = $radius_attr; $attr_type["{$radius_attr}"] = 'replyItem'; } $table = $attr_type[$radius_attr] == 'checkItem' ? $config[sql_check_table] : $config[sql_reply_table]; $attr = $attrmap[$radius_attr]; $attr = da_sql_escape_string($attr); $res = @da_sql_query($link, $config, "SELECT " . da_sql_limit($max, 0, $config) . " username FROM {$table} WHERE attribute = '{$attr}'\n\t\tAND value LIKE '%{$search}%' " . da_sql_limit($max, 1, $config) . " " . da_sql_limit($max, 2, $config) . " ;"); if ($res) { while ($row = @da_sql_fetch_array($res, $config)) { $found_users[] = $row[username]; } } else { "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n"; } } } } else { echo "<b>Could not connect to SQL database</b><br>\n"; }
$nasportnum = da_sql_escape_string($nasportnum); $nassecret = da_sql_escape_string($nassecret); $nascommunity = da_sql_escape_string($nascommunity); $nasdescription = da_sql_escape_string($nasdescription); $nasname = da_sql_escape_string($nasname); $res = @da_sql_query($link, $config, "UPDATE {$config['sql_nas_table']} SET\n\t\t\t\t\tshortname = '{$nasshortname}',\n\t\t\t\t\ttype = '{$nastype}',\n\t\t\t\t\tports = '{$nasportnum}',\n\t\t\t\t\tsecret = '{$nassecret}',\n\t\t\t\t\tcommunity = '{$nascommunity}',\n\t\t\t\t\tdescription = '{$nasdescription}' WHERE nasname = '{$nasname}';"); if ($res) { $msg = "<b>NAS '{$nasname}' was updated successfully</b><br>\n"; } else { $msg = "<b>Error updating NAS '{$selected_nas}' " . da_sql_error($link, $config) . "</b><br>\n"; } } break; } } $search = @da_sql_query($link, $config, "SELECT * FROM {$config['sql_nas_table']} ORDER BY nasname;"); if ($search) { $num = 0; unset($my_nas_list); while ($row = @da_sql_fetch_array($search, $config)) { $my_nas_name = $row['nasname']; if ($my_nas_name != '') { $num++; $my_nas_list[$my_nas_name]['name'] = $my_nas_name; $my_nas_list[$my_nas_name]['shortname'] = $row['shortname']; $my_nas_list[$my_nas_name]['type'] = $row['type']; if ($clear_fields == 0 && $selected_nas == $my_nas_name) { $selected[$my_nas_name] = 'selected'; $selected[$my_nas_list[$my_nas_name]['type']] = 'selected'; } $my_nas_list[$my_nas_name]['ports'] = $row['ports'];
} else { if ($attr_type["{$key}"] == 'replyItem') { $table = "{$config['sql_groupreply_table']}"; $type = 2; } } $val = ${$attrmap}["{$key}"]; $val = da_sql_escape_string($val); $op_name = $attrmap["{$key}"] . '_op'; $op_val = ${$op_name}; if ($op_val != '') { $op_val = da_sql_escape_string($op_val); if (check_operator($op_val, $type) == -1) { echo "<b>Invalid operator ({$op_val}) for attribute {$key}</b><br>\n"; coninue; } $op_val2 = ",'{$op_val}'"; } if ($val == '' || check_defaults($val, $op_val, $default_vals["{$key}"])) { continue; } $res = @da_sql_query($link, $config, "INSERT INTO {$table} (attribute,value,groupname {$text})\n\t\t\tVALUES ('{$attrmap[$key]}','{$val}','{$login}' {$op_val2});"); if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Query failed for attribute {$key}: " . da_sql_error($link, $config) . "</b><br>\n"; } } echo "<b>Group created successfully</b><br>\n"; } } else { echo "<b>Could not connect to SQL database</b><br>\n"; }
if ($res) { if (@da_sql_num_rows($res, $config)) { $user_exists = 'yes'; } while ($row = @da_sql_fetch_array($res, $config)) { $attr = $row[attribute]; $val = $row[value]; if ($use_op) { $oper = $row[op]; $tmp["{$attr}"][operator][] = "{$oper}"; } $tmp["{$attr}"][] = "{$val}"; $tmp["{$attr}"][count]++; } if ($config[sql_use_user_info_table] == 'true') { $res = @da_sql_query($link, $config, "SELECT * FROM {$config['sql_user_info_table']} WHERE username = '******';"); if ($res) { if (@da_sql_num_rows($res, $config)) { $user_exists = 'yes'; $user_info = 1; } if ($row = @da_sql_fetch_array($res, $config)) { $cn = $row[name] != '' ? $row[name] : '-'; $telephonenumber = $row[workphone] != '' ? $row[workphone] : '-'; $homephone = $row[homephone] != '' ? $row[homephone] : '-'; $ou = $row[department] != '' ? $row[department] : '-'; $mail = $row[mail] != '' ? $row[mail] : '-'; $mobile = $row[mobile] != '' ? $row[mobile] : '-'; } } else { echo "<b>Database query failed partially: " . da_sql_error($link, $config) . "</b><br>\n";
// if value is the same as that in the sql database do nothing if ($val == $item_vals["{$key}"][$j]) { continue; } else { if ((check_defaults($val, $op_val, $default_vals["{$key}"]) || $val == '') && isset($item_vals["{$key}"][$j])) { $res = @da_sql_query($link, $config, "DELETE FROM {$table} WHERE {$query_key} = '{$login}' AND attribute = '{$sql_attr}';"); if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Delete failed for attribute {$key}: " . da_sql_error($link, $config) . "</b><br>\n"; } } else { if ($val == '' || check_defaults($val, $op_val, $default_vals["{$key}"])) { continue; } else { if (isset($item_vals["{$key}"][$j])) { $old_val = $item_vals["{$key}"][$j]; $old_val = da_sql_escape_string($old_val); $res = @da_sql_query($link, $config, "UPDATE {$table} SET value = '{$val}' WHERE {$query_key} = '{$login}' AND\n\t\t\t\t\tattribute = '{$sql_attr}' AND value = '{$old_val}';"); } else { $res = @da_sql_query($link, $config, "INSERT INTO {$table} ({$query_key},attribute,value {$text2})\n\t\t\t\t\tVALUES ('{$login}','{$sql_attr}','{$val}' {$op_val2});"); } if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Change failed for attribute {$key}: " . da_sql_error($link, $config) . "</b><br>\n"; } } } } } } } else { echo "<b>Could not connect to SQL database</b><br>\n"; }
for ($i = 1; $i <= 9; $i++) { if ($acct_attrs['ua']["{$i}"] != '') { echo "<th>" . $acct_attrs['ua']["{$i}"] . "</th>\n"; } } $sql_extra_query = ''; if ($config[sql_accounting_extra_query] != '') { $sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config); } ?> </tr> <?php $link = @da_sql_pconnect($config); if ($link) { $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_accounting_table']}\n\tWHERE username = '******' AND acctstarttime <= '{$now_str}'\n\tAND acctstarttime >= '{$prev_str}' {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY acctstarttime {$order} " . da_sql_limit($limit, 2, $config) . " ;"); if ($search) { while ($row = @da_sql_fetch_array($search, $config)) { $tr_color = 'white'; $num++; $acct_type = "{$row['framedprotocol']}/{$row['nasporttype']}"; if ($acct_type == '') { $acct_type = '-'; } $acct_logedin = $row[acctstarttime]; $acct_sessiontime = $row[acctsessiontime]; $acct_sessiontime_sum += $acct_sessiontime; $acct_sessiontime = time2str($acct_sessiontime); $acct_ip = $row[framedipaddress]; if ($acct_ip == '') { $acct_ip = '-';
echo "<b>Could not connect to SQL database</b><br>\n"; } } echo <<<EOM </td></tr> </table> </tr> </table> </body> </html> EOM; exit; } else { $link = @da_sql_pconnect($config); if ($link) { $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS counter FROM {$config['sql_accounting_table']}\n\t\tWHERE username = '******' AND acctstoptime IS NULL {$sql_extra_query};"); if ($search) { if ($row = @da_sql_fetch_array($search, $config)) { $open_sessions = $row[counter]; } } else { echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n"; } } else { echo "<b>Could not connect to SQL database</b><br>\n"; } } ?> <form method=post> <input type=hidden name=login value=<?php print $login;
\t</table> </td></tr> <tr bgcolor="black" valign=top><td colspan=2> \t<table border=0 width=100% cellpadding=12 cellspacing=0 bgcolor="#ffffd0" valign=top> \t<tr><td> <p> \t<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top> \t<tr bgcolor="#d0ddb0"> \t</tr> EOM; foreach ($accounting_show_attrs as $val) { $desc = $sql_attrs[$val][desc]; echo "<th>{$desc}</th>\n"; } echo "</tr>\n"; $search = @da_sql_query($link, $config, $query); if ($search) { while ($row = @da_sql_fetch_array($search, $config)) { $num++; echo "<tr align=center>\n"; foreach ($accounting_show_attrs as $val) { $info = $row[$val]; if ($info == '') { $info = '-'; } $info = $sql_attrs[$val][func]($info); if ($val == 'username') { $Info = urlencode($info); $info = "<a href=\"user_admin.php?login={$Info}\" title=\"Edit user {$info}\">{$info}<a/>"; } echo <<<EOM
$res = @da_sql_query($link, $config, "SELECT username FROM {$config['sql_user_info_table']} WHERE\n\t\tusername = '******';"); if ($res) { $Fcn = da_sql_escape_string($Fcn); $Fmail = da_sql_escape_string($Fmail); $Fou = da_sql_escape_string($Fou); $Ftelephonenumber = da_sql_escape_string($Ftelephonenumber); $Fhomephone = da_sql_escape_string($Fhomephone); $Fmobile = da_sql_escape_string($Fmobile); if (!@da_sql_num_rows($res, $config)) { $res = @da_sql_query($link, $config, "INSERT INTO {$config['sql_user_info_table']}\n\t\t\t\t(username,name,mail,department,homephone,workphone,mobile) VALUES\n\t\t\t\t('{$login}','{$Fcn}','{$Fmail}','{$Fou}','{$Ftelephonenumber}','{$Fhomephone}','{$Fmobile}');"); if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Could not add user information in user info table: " . da_sql_error($link, $config) . "</b><br>\n"; $fail = 1; } } else { $res = @da_sql_query($link, $config, "UPDATE {$config['sql_user_info_table']} SET name = '{$Fcn}',Mail = '{$Fmail}',\n\t\t\t\tdepartment = '{$Fou}', homephone = '{$Fhomephone}', workphone = '{$Ftelephonenumber}',\n\t\t\t\tmobile = '{$Fmobile}' WHERE username = '******';"); if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Could not update user information in user info table: " . da_sql_error($link, $config) . "</b><br>\n"; $fail = 1; } } } else { echo "<b>Could not find user in user info table: " . da_sql_error($link, $config) . "</b><br>\n"; $fail = 1; } if ($fail == 0) { echo "<b>User information updated successfully</b><br>\n"; } } else { echo "<b>Cannot use the user info table. Check the sql_use_user_info_table directive in admin.conf</b><br>\n"; }
function da_sql_list_fields($table, $link, $config) { $res = @da_sql_query($link, $config, "SELECT * from {$table} WHERE ROWNUM <=1"); if ($res) { $fields[res] = array(); for ($i = 1; $i <= ocinumcols($res); $i++) { array_push($fields[res], strtolower(OCIColumnName($res, $i))); } $fields[num] = @ocinumcols($res); } else { return NULL; } return $fields; }
$text3 = ''; } $link = @da_sql_pconnect($config); if ($link) { if (is_file("../lib/crypt/{$config['general_encryption_method']}.php")) { include "../lib/crypt/{$config['general_encryption_method']}.php"; $passwd = da_encrypt($passwd); $passwd = da_sql_escape_string($passwd); $res = @da_sql_query($link, $config, "SELECT value FROM {$config['sql_check_table']} WHERE username = '******'\n\t\t\tAND attribute = '{$config['sql_password_attribute']}';"); if ($res) { $row = @da_sql_fetch_array($res, $config); if ($row) { $res = @da_sql_query($link, $config, "UPDATE {$config['sql_check_table']} SET value = '{$passwd}' {$text3} WHERE\n\t\t\t\tattribute = '{$config['sql_password_attribute']}' AND username = '******';"); if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Error while changing password: "******"</b><br>\n"; } } else { $res = @da_sql_query($link, $config, "INSERT INTO {$config['sql_check_table']} (attribute,value,username {$text1})\n\t\t\t\t\tVALUES ('{$config['sql_password_attribute']}','{$passwd}','{$login}' {$text2});"); if (!$res || !@da_sql_affected_rows($link, $res, $config)) { echo "<b>Error while changing password: "******"</b><br>\n"; } } } else { echo "<b>Error while executing query: " . da_sql_error($link, $config) . "</b><br>\n"; } } else { echo "<b>Could not open encryption library file</b><br>\n"; } } else { echo "<b>Could not connect to SQL database</b><br>\n"; }
if ($times == 2) { $login = $saved_login; $member_groups = $saved_member_groups; $stop = 1; } } else { echo "<b>Could not connect to SQL database</b><br>\n"; } } while ($stop == 0); } else { if (is_file("../lib/sql/drivers/{$config['sql_type']}/functions.php")) { include_once "../lib/sql/drivers/{$config['sql_type']}/functions.php"; } else { echo "<b>Could not include SQL library</b><br>\n"; exit; } unset($member_groups); $link = @da_sql_pconnect($config); if ($link) { $res = @da_sql_query($link, $config, "SELECT DISTINCT groupname FROM {$config['sql_usergroup_table']};"); if ($res) { while ($row = @da_sql_fetch_array($res, $config)) { $member_groups[] = $row[groupname]; } } else { echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n"; } } else { echo "<b>Could not connect to SQL database</b><br>\n"; } }
} $date = date($config[sql_full_date_format]); $lockmsg_name = $attrmap['Dialup-Lock-Msg'] . '0'; $msg = ${$lockmsg_name}; $admin = '-'; if ($_SERVER["PHP_AUTH_USER"] != '') { $admin = $_SERVER["PHP_AUTH_USER"]; } if ($msg == '') { echo "<b>Lock Message should not be empty</b><br>\n"; } else { $sql_servers = array(); if ($config[sql_extra_servers] != '') { $sql_servers = explode(' ', $config[sql_extra_servers]); } $sql_servers[] = $config[sql_server]; foreach ($sql_servers as $server) { $link = @da_sql_host_connect($server, $config); if ($link) { $r = da_sql_query($link, $config, "INSERT INTO {$config['sql_badusers_table']} (username,incidentdate,admin,reason)\n\t\t\tVALUES ('{$login}','{$date}','{$admin}','{$msg}');"); if (!$r) { echo "<b>SQL Error:" . da_sql_error($link, $config) . "</b><br>\n"; } else { echo "<b>User added to badusers table</b><br>\n"; } da_sql_close($link, $config); } else { echo "<b>SQL Error: Could not connect to SQL database: {$server}</b><br>\n"; } } }
<?php require 'password.php'; if (is_file("../lib/sql/drivers/{$config['sql_type']}/functions.php")) { include_once "../lib/sql/drivers/{$config['sql_type']}/functions.php"; } else { echo "<b>Could not include SQL library</b><br>\n"; exit; } if ($action == 'checkpass') { $link = @da_sql_pconnect($config); if ($link) { $res = @da_sql_query($link, $config, "SELECT attribute,value FROM {$config['sql_check_table']} WHERE username = '******'\n\t\t\tAND attribute = '{$config['sql_password_attribute']}';"); if ($res) { $row = @da_sql_fetch_array($res, $config); if (is_file("../lib/crypt/{$config['general_encryption_method']}.php")) { include "../lib/crypt/{$config['general_encryption_method']}.php"; $enc_passwd = $row[value]; $passwd = da_encrypt($passwd, $enc_passwd); if ($passwd == $enc_passwd) { $msg = '<font color=blue><b>YES It is that</b></font>'; } else { $msg = '<font color=red><b>NO It is wrong</b></font>'; } } else { echo "<b>Could not open encryption library file</b><br>\n"; } } } echo "<tr><td colspan=3 align=center>{$msg}</td></tr>\n"; }
$group_exists = 'yes'; } while ($row = @da_sql_fetch_array($res, $config)) { $attr = $row[attribute]; $val = $row[value]; if ($use_op) { $oper = $row[op]; $tmp["{$attr}"][operator][] = "{$oper}"; } $tmp["{$attr}"][] = "{$val}"; $tmp["{$attr}"][count]++; } } else { echo "<b>Database query failed partially: " . da_sql_error($link, $config) . "</b><br>\n"; } $res = @da_sql_query($link, $config, "SELECT username FROM {$config['sql_usergroup_table']} WHERE groupname = '{$login}' ORDER BY username;"); if ($res) { if (@da_sql_num_rows($res, $config)) { $group_exists = 'yes'; } while ($row = @da_sql_fetch_array($res, $config)) { $member = $row[username]; $group_members[] = "{$member}"; } } else { echo "<b>Database query failed partially: " . da_sql_error($link, $config) . "</b><br>\n"; } if (isset($tmp)) { foreach (array_keys($tmp) as $val) { if ($val == '') { continue;
if ($server != 'all' && $server != '') { $server = da_sql_escape_string($server); $s = "AND nasipaddress = '{$server}'"; } $sql_extra_query = ''; if ($config[sql_accounting_extra_query] != '') { $sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config); } $link = @da_sql_pconnect($config); if ($link) { for ($i = $num_days; $i > -1; $i--) { $day = "{$days[$i]}"; if ($config[general_stats_use_totacct] == 'yes') { $search = @da_sql_query($link, $config, "SELECT {$res['1']},{$res['2']},{$res['3']} FROM {$config['sql_total_accounting_table']}\n\t\t\t{$sql_val['user']} AND acctdate = '{$day}' {$s} {$sql_extra_query};"); } else { $search = @da_sql_query($link, $config, "SELECT {$res['1']},{$res['2']},{$res['3']} FROM {$config['sql_accounting_table']}\n\t\t\t{$sql_val['user']} AND acctstoptime >= '{$day} 00:00:00'\n\t\t\tAND acctstoptime <= '{$day} 23:59:59' {$s} {$sql_extra_query};"); } if ($search) { $row = @da_sql_fetch_array($search, $config); $data[$day][1] = $row[res_1]; $data[sum][1] += $row[res_1]; $stats_num[1] = $data[$day][1] ? $stats_num[1] + 1 : $stats_num[1]; $data[$day][2] = $row[res_2]; $data[sum][2] += $row[res_2]; $stats_num[2] = $data[$day][2] ? $stats_num[2] + 1 : $stats_num[2]; $data[$day][3] = $row[res_3]; $data[sum][3] += $row[res_3]; $stats_num[3] = $data[$day][3] ? $stats_num[3] + 1 : $stats_num[3]; } else { echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n"; }
if ($link) { $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS counter, sum(acctsessiontime) AS sum_sess_time FROM {$config['sql_accounting_table']} WHERE\n\tusername = '******' AND acctstoptime >= '{$week_str}' AND\n\tacctstoptime <= '{$now_str}';"); if ($search) { if ($row = @da_sql_fetch_array($search, $config)) { $weekly_used = time2strclock($row[sum_sess_time]); $weekly_conns = $row[counter]; } } $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS counter,sum(acctsessiontime) AS sum_sess_time FROM {$config['sql_accounting_table']} WHERE\n\tusername = '******' AND acctstoptime >= '{$today} 00:00:00'\n\tAND acctstoptime <= '{$today} 23:59:59';"); if ($search) { if ($row = @da_sql_fetch_array($search, $config)) { $daily_used = time2strclock($row[sum_sess_time]); $daily_conns = $row[counter]; } } $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS counter, unix_timestamp() - unix_timestamp(acctstarttime) as diff FROM\n\t{$config['sql_accounting_table']} WHERE acctstoptime is null AND username = '******'\n\tGROUP BY username;"); if ($search) { if ($row = @da_sql_fetch_array($search, $config)) { $open_conns = $row[counter]; $online_time = $row[diff]; $weekly_used += $online_time; $daily_used += $online_time; $daily_conns += $open_conns; $weekly_conns += $open_conns; $online_time = time2strclock($online_time); } } $weekly_used = time2strclock($weekly_used); $daily_used = time2strclock($daily_used); } foreach ($vars as $val) {
if ($config[general_realm_format] == 'prefix') { $match = "'[^']+" . $config[general_realm_delimiter]; } else { $match = $config[general_realm_delimiter] . "[^']+'"; } $extra = preg_replace("/{$match}/", "'", $extra); } } } $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS onlineusers FROM {$config['sql_accounting_table']} WHERE\n\t\tacctstoptime IS NULL AND nasipaddress = '{$name_data}' {$extra} {$sql_extra_query};"); if ($search) { if ($row = @da_sql_fetch_array($search, $config)) { $num = $row[onlineusers]; } } $search = @da_sql_query($link, $config, "SELECT DISTINCT username,acctstarttime,framedipaddress,callingstationid\n\t\tFROM {$config['sql_accounting_table']} WHERE\n\t\tacctstoptime IS NULL AND nasipaddress = '{$name_data}' {$extra} {$sql_extra_query}\n\t\tGROUP BY username,acctstarttime,framedipaddress,callingstationid\n\t\tORDER BY acctstarttime;"); if ($search) { $now = time(); while ($row = @da_sql_fetch_array($search, $config)) { $j++; $h += 21; $user = $row['username']; $finger_info[$servers_num][$j]['ip'] = $row['framedipaddress']; if ($finger_info[$servers_num][$j]['ip'] == '') { $finger_info[$servers_num][$j]['ip'] = '-'; } $session_time = $row['acctstarttime']; $session_time = date2timediv($session_time, $now); $finger_info[$servers_num][$j]['session_time'] = time2strclock($session_time); $finger_info[$servers_num][$j]['user'] = $user; $finger_info[$servers_num][$j]['callerid'] = $row['callingstationid'];
<p> <table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top> <tr bgcolor="#d0ddb0"> <th>#</th><th>user</th><th>date</th><th>admin</th><th>reason</th><th>administrator action</th> </tr> <?php $auth_user = $_SERVER["PHP_AUTH_USER"]; if ($config[general_restrict_badusers_access] == 'yes') { $auth_user = da_sql_escape_string($auth_user); $extra_query = "AND admin == '{$auth_user}'"; } $link = @da_sql_pconnect($config); if ($link) { $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_badusers_table']}\n\tWHERE username {$usercheck} {$extra_query} AND incidentdate <= '{$now_str}'\n\tAND incidentdate >= '{$prev_str}' " . da_sql_limit($limit, 1, $config) . " ORDER BY incidentdate {$order} " . da_sql_limit($limit, 2, $config) . " ;"); if ($search) { while ($row = @da_sql_fetch_array($search, $config)) { $num++; $id = $row[id]; $user = "******"; $User = urlencode($user); $date = "{$row['incidentdate']}"; $reason = "{$row['reason']}"; $admin = "{$row['admin']}"; if ($admin == $auth_user || $admin == '-') { $action = "<td><input type=submit class=button value=\"Delete\" OnClick=\"this.form.do_delete.value=1;this.form.row_id.value={$id}\"></td>"; } else { $action = "<td>-</td>"; } if ($admin == '') {
$lastlog_input = bytes2str($lastlog_input); } else { $lastlog_input = 'not available'; } $lastlog_output = $row['acctoutputoctets']; if ($lastlog_output) { $lastlog_output = bytes2str($lastlog_output); } else { $lastlog_output = 'not available'; } } } else { echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n"; } if (!$logged_now) { $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit(1, 0, $config) . " * FROM {$config['sql_accounting_table']}\n\t\tWHERE username = '******' AND acctsessiontime != '0' " . da_sql_limit(1, 1, $config) . "\n\t\t ORDER BY acctstoptime DESC " . da_sql_limit(1, 2, $config) . " ;"); if ($search) { if (@da_sql_num_rows($search, $config)) { $row = @da_sql_fetch_array($search, $config); $lastlog_time = $row['acctstarttime']; $lastlog_server_ip = $row['nasipaddress']; $lastlog_server_port = $row['nasportid']; $lastlog_session_time = time2str($row['acctsessiontime']); $lastlog_client_ip = $row['framedipaddress']; $lastlog_server_name = $lastlog_server_ip != '' ? @gethostbyaddr($lastlog_server_ip) : '-'; $lastlog_client_name = $lastlog_client_ip != '' ? @gethostbyaddr($lastlog_client_ip) : '-'; $lastlog_callerid = $row['callingstationid']; if ($lastlog_callerid == '') { $lastlog_callerid = 'not available'; } $lastlog_input = $row['acctinputoctets'];
<?php echo <<<EOM <b>{$start}</b> up to <b>{$stop}</b> EOM; ?> <p> <table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top> <tr bgcolor="#d0ddb0"> <th>#</th><th>login</th><th>date</th><th>server</th><th>connections number</th><th>connections duration</th><th>upload</th><th>download</th> </tr> <?php $link = @da_sql_pconnect($config); if ($link) { $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_total_accounting_table']}\n\tWHERE acctdate >= '{$start}' AND acctdate <= '{$stop}' {$server_str} {$login_str} {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY {$order_attr} {$order} " . da_sql_limit($limit, 2, $config) . " ;"); if ($search) { while ($row = @da_sql_fetch_array($search, $config)) { $num++; $acct_login = $row[username]; if ($acct_login == '') { $acct_login = '******'; } else { $Acct_login = urlencode($acct_login); $acct_login = "******"user_admin.php?login={$Acct_login}\" title=\"Edit user {$acct_login}\">{$acct_login}</a>"; } $acct_time = $row[conntotduration]; $acct_time = time2str($acct_time); $acct_conn_num = $row[connnum]; $acct_date = $row[acctdate]; $acct_upload = $row[inputoctets];