function get_user_info($link, $user, $config)
{
    if ($link && $config[sql_use_user_info_table] == 'true') {
        $user = da_sql_escape_string($user);
        $res = @da_sql_query($link, $config, "SELECT name FROM {$config['sql_user_info_table']} WHERE username = '******';");
        if ($res) {
            $row = @da_sql_fetch_array($res, $config);
            if ($row) {
                return $row[name];
            }
        }
    }
}
}
if ($acct_attrs['fl'][9] != '') {
    echo "<th>" . $acct_attrs['fl'][9] . "</th>\n";
}
unset($sql_extra_query);
if ($config[sql_accounting_extra_query] != '') {
    $sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config);
    $sql_extra_query = da_sql_escape_string($sql_extra_query);
}
?>
	</tr>

<?php 
$link = @da_sql_pconnect($config);
if ($link) {
    $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " acctstoptime,username,nasipaddress,nasportid,acctterminatecause,callingstationid\n\tFROM {$config['sql_accounting_table']}\n\tWHERE acctstoptime <= '{$now_str}' AND acctstoptime >= '{$prev_str}'\n\tAND (acctterminatecause LIKE 'Login-Incorrect%' OR\n\tacctterminatecause LIKE 'Invalid-User%' OR\n\tacctterminatecause LIKE 'Multiple-Logins%') {$callerid_str} {$server_str} {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY acctstoptime {$order} " . da_sql_limit($limit, 2, $config) . " ;");
    if ($search) {
        while ($row = @da_sql_fetch_array($search, $config)) {
            $num++;
            $acct_login = $row[username];
            if ($acct_login == '') {
                $acct_login = '******';
            } else {
                $acct_login = "******"user_admin.php?login={$acct_login}\" title=\"Edit user {$acct_login}\">{$acct_login}</a>";
            }
            $acct_time = $row[acctstoptime];
            $acct_server = $row[nasipaddress];
            if ($acct_server != '') {
                $acct_server = $da_name_cache[$acct_server];
                if (!isset($acct_server)) {
                    $acct_server = $row[nasipaddress];
<?php

if (is_file("../lib/sql/drivers/{$config['sql_type']}/functions.php")) {
    include_once "../lib/sql/drivers/{$config['sql_type']}/functions.php";
} else {
    echo "<b>Could not include SQL library</b><br>\n";
    exit;
}
$link = @da_sql_pconnect($config);
if ($link) {
    $res = @da_sql_query($link, $config, "DELETE FROM {$config['sql_groupreply_table']} WHERE groupname = '{$login}';");
    if ($res) {
        $res = @da_sql_query($link, $config, "DELETE FROM {$config['sql_groupcheck_table']} WHERE groupname = '{$login}';");
        if ($res) {
            $res = @da_sql_query($link, $config, "DELETE FROM {$config['sql_usergroup_table']} WHERE groupname = '{$login}';");
            if ($res) {
                echo "<b>Group {$login} deleted successfully</b><br>\n";
            } else {
                echo "<b>Error deleting group {$login} from usergroup table: " . da_sql_error($link, $config) . "</b><br>\n";
            }
        } else {
            echo "<b>Error deleting group {$login} from group check table: " . da_sql_error($link, $config) . "</b><br>\n";
        }
    } else {
        echo "<b>Error deleting group {$login} from group reply table: " . da_sql_error($link, $config) . "</b><br>\n";
    }
} else {
    echo "<b>Could not connect to SQL database</b><br>\n";
}
            $del = da_sql_escape_string($del);
            $res = @da_sql_query($link, $config, "DELETE FROM {$config['sql_usergroup_table']} WHERE username = '******' AND groupname = '{$login}';");
            if (!$res) {
                echo "<b>Could not delete user {$del} from group: " . da_sql_error($link, $config) . "</b><br>\n";
            }
        }
    }
    if ($new_members != '') {
        $Members = preg_split("/[\n\\s]+/", $new_members, -1, PREG_SPLIT_NO_EMPTY);
        if (!empty($Members)) {
            foreach ($Members as $new_member) {
                $new_member = da_sql_escape_string($new_member);
                $res = @da_sql_query($link, $config, "SELECT username FROM {$config['sql_usergroup_table']} WHERE\n\t\t\t\tusername = '******' AND groupname = '{$login}';");
                if ($res) {
                    if (@da_sql_num_rows($res, $config)) {
                        echo "<b>User {$new_member} already is a member of the group</b><br>\n";
                    } else {
                        $res = @da_sql_query($link, $config, "INSERT INTO {$config['sql_usergroup_table']} (groupname,username)\n\t\t\t\t\t\tVALUES ('{$login}','{$new_member}');");
                        if (!$res) {
                            echo "<b>Error while adding user {$new_member} to group: " . da_sql_error($link, $config) . "</b><br>\n";
                        }
                    }
                } else {
                    echo "<b>Could not add new member {$new_member}: " . da_sql_error($link, $config) . "</b><br>\n";
                }
            }
        }
    }
} else {
    echo "<b>Could not connect to SQL database</b><br>\n";
}
 $link = @da_sql_pconnect($config);
 if ($link) {
     $auth_user = $_SERVER["PHP_AUTH_USER"];
     $extra = '';
     if (isset($mappings[$auth_user][nasdb])) {
         $NAS_ARR = array();
         $NAS_ARR = preg_split('/,/', $mappings[$auth_user][nasdb]);
         $extra = 'WHERE nasname IN (';
         foreach ($NAS_ARR as $nas) {
             $extra .= "'{$nasname}',";
         }
         unset($NAS_ARR);
         $extra = rtrim($extra, ",");
         $extra .= ')';
     }
     $search = @da_sql_query($link, $config, "SELECT * FROM {$config['sql_nas_table']} {$extra};");
     if ($search) {
         while ($row = @da_sql_fetch_array($search, $config)) {
             $num = 0;
             $my_nas_name = $row['nasname'];
             if ($my_nas_name != '') {
                 $nas_list[$my_nas_name]['name'] = $my_nas_name;
                 $nas_server = $da_name_cache[$my_nas_name];
                 if (!isset($nas_server)) {
                     if (!check_ip($my_nas_name)) {
                         $nas_server = @gethostbyname($my_nas_name);
                     } else {
                         $nas_server = $my_nas_name;
                     }
                     if (!isset($da_name_cache) && $config[general_use_session] == 'yes') {
                         $da_name_cache[$my_nas_name] = $nas_server;
        $res = @da_sql_query($link, $config, "SELECT " . da_sql_limit($max, 0, $config) . " username FROM {$config['sql_user_info_table']} WHERE\n\t\tlower({$search_IN}) LIKE '%{$search}%' " . da_sql_limit($max, 1, $config) . " " . da_sql_limit($max, 2, $config) . " ;");
        if ($res) {
            while ($row = @da_sql_fetch_array($res, $config)) {
                $found_users[] = $row[username];
            }
        } else {
            "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
        }
    } else {
        if ($search_IN == 'radius' && $radius_attr != '') {
            require "../lib/sql/attrmap.php";
            if ($attrmap["{$radius_attr}"] == '') {
                $attrmap["{$radius_attr}"] = $radius_attr;
                $attr_type["{$radius_attr}"] = 'replyItem';
            }
            $table = $attr_type[$radius_attr] == 'checkItem' ? $config[sql_check_table] : $config[sql_reply_table];
            $attr = $attrmap[$radius_attr];
            $attr = da_sql_escape_string($attr);
            $res = @da_sql_query($link, $config, "SELECT " . da_sql_limit($max, 0, $config) . " username FROM {$table} WHERE attribute = '{$attr}'\n\t\tAND value LIKE '%{$search}%' " . da_sql_limit($max, 1, $config) . " " . da_sql_limit($max, 2, $config) . " ;");
            if ($res) {
                while ($row = @da_sql_fetch_array($res, $config)) {
                    $found_users[] = $row[username];
                }
            } else {
                "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
            }
        }
    }
} else {
    echo "<b>Could not connect to SQL database</b><br>\n";
}
                 $nasportnum = da_sql_escape_string($nasportnum);
                 $nassecret = da_sql_escape_string($nassecret);
                 $nascommunity = da_sql_escape_string($nascommunity);
                 $nasdescription = da_sql_escape_string($nasdescription);
                 $nasname = da_sql_escape_string($nasname);
                 $res = @da_sql_query($link, $config, "UPDATE {$config['sql_nas_table']} SET\n\t\t\t\t\tshortname = '{$nasshortname}',\n\t\t\t\t\ttype = '{$nastype}',\n\t\t\t\t\tports = '{$nasportnum}',\n\t\t\t\t\tsecret = '{$nassecret}',\n\t\t\t\t\tcommunity = '{$nascommunity}',\n\t\t\t\t\tdescription = '{$nasdescription}' WHERE nasname = '{$nasname}';");
                 if ($res) {
                     $msg = "<b>NAS '{$nasname}' was updated successfully</b><br>\n";
                 } else {
                     $msg = "<b>Error updating NAS '{$selected_nas}' " . da_sql_error($link, $config) . "</b><br>\n";
                 }
             }
             break;
     }
 }
 $search = @da_sql_query($link, $config, "SELECT * FROM {$config['sql_nas_table']} ORDER BY nasname;");
 if ($search) {
     $num = 0;
     unset($my_nas_list);
     while ($row = @da_sql_fetch_array($search, $config)) {
         $my_nas_name = $row['nasname'];
         if ($my_nas_name != '') {
             $num++;
             $my_nas_list[$my_nas_name]['name'] = $my_nas_name;
             $my_nas_list[$my_nas_name]['shortname'] = $row['shortname'];
             $my_nas_list[$my_nas_name]['type'] = $row['type'];
             if ($clear_fields == 0 && $selected_nas == $my_nas_name) {
                 $selected[$my_nas_name] = 'selected';
                 $selected[$my_nas_list[$my_nas_name]['type']] = 'selected';
             }
             $my_nas_list[$my_nas_name]['ports'] = $row['ports'];
            } else {
                if ($attr_type["{$key}"] == 'replyItem') {
                    $table = "{$config['sql_groupreply_table']}";
                    $type = 2;
                }
            }
            $val = ${$attrmap}["{$key}"];
            $val = da_sql_escape_string($val);
            $op_name = $attrmap["{$key}"] . '_op';
            $op_val = ${$op_name};
            if ($op_val != '') {
                $op_val = da_sql_escape_string($op_val);
                if (check_operator($op_val, $type) == -1) {
                    echo "<b>Invalid operator ({$op_val}) for attribute {$key}</b><br>\n";
                    coninue;
                }
                $op_val2 = ",'{$op_val}'";
            }
            if ($val == '' || check_defaults($val, $op_val, $default_vals["{$key}"])) {
                continue;
            }
            $res = @da_sql_query($link, $config, "INSERT INTO {$table} (attribute,value,groupname {$text})\n\t\t\tVALUES ('{$attrmap[$key]}','{$val}','{$login}' {$op_val2});");
            if (!$res || !@da_sql_affected_rows($link, $res, $config)) {
                echo "<b>Query failed for attribute {$key}: " . da_sql_error($link, $config) . "</b><br>\n";
            }
        }
        echo "<b>Group created successfully</b><br>\n";
    }
} else {
    echo "<b>Could not connect to SQL database</b><br>\n";
}
 if ($res) {
     if (@da_sql_num_rows($res, $config)) {
         $user_exists = 'yes';
     }
     while ($row = @da_sql_fetch_array($res, $config)) {
         $attr = $row[attribute];
         $val = $row[value];
         if ($use_op) {
             $oper = $row[op];
             $tmp["{$attr}"][operator][] = "{$oper}";
         }
         $tmp["{$attr}"][] = "{$val}";
         $tmp["{$attr}"][count]++;
     }
     if ($config[sql_use_user_info_table] == 'true') {
         $res = @da_sql_query($link, $config, "SELECT * FROM {$config['sql_user_info_table']} WHERE username = '******';");
         if ($res) {
             if (@da_sql_num_rows($res, $config)) {
                 $user_exists = 'yes';
                 $user_info = 1;
             }
             if ($row = @da_sql_fetch_array($res, $config)) {
                 $cn = $row[name] != '' ? $row[name] : '-';
                 $telephonenumber = $row[workphone] != '' ? $row[workphone] : '-';
                 $homephone = $row[homephone] != '' ? $row[homephone] : '-';
                 $ou = $row[department] != '' ? $row[department] : '-';
                 $mail = $row[mail] != '' ? $row[mail] : '-';
                 $mobile = $row[mobile] != '' ? $row[mobile] : '-';
             }
         } else {
             echo "<b>Database query failed partially: " . da_sql_error($link, $config) . "</b><br>\n";
            // 	if value is the same as that in the sql database do nothing
            if ($val == $item_vals["{$key}"][$j]) {
                continue;
            } else {
                if ((check_defaults($val, $op_val, $default_vals["{$key}"]) || $val == '') && isset($item_vals["{$key}"][$j])) {
                    $res = @da_sql_query($link, $config, "DELETE FROM {$table} WHERE {$query_key} = '{$login}' AND attribute = '{$sql_attr}';");
                    if (!$res || !@da_sql_affected_rows($link, $res, $config)) {
                        echo "<b>Delete failed for attribute {$key}: " . da_sql_error($link, $config) . "</b><br>\n";
                    }
                } else {
                    if ($val == '' || check_defaults($val, $op_val, $default_vals["{$key}"])) {
                        continue;
                    } else {
                        if (isset($item_vals["{$key}"][$j])) {
                            $old_val = $item_vals["{$key}"][$j];
                            $old_val = da_sql_escape_string($old_val);
                            $res = @da_sql_query($link, $config, "UPDATE {$table} SET value = '{$val}' WHERE {$query_key} = '{$login}' AND\n\t\t\t\t\tattribute = '{$sql_attr}' AND value = '{$old_val}';");
                        } else {
                            $res = @da_sql_query($link, $config, "INSERT INTO {$table} ({$query_key},attribute,value {$text2})\n\t\t\t\t\tVALUES ('{$login}','{$sql_attr}','{$val}' {$op_val2});");
                        }
                        if (!$res || !@da_sql_affected_rows($link, $res, $config)) {
                            echo "<b>Change failed for attribute {$key}: " . da_sql_error($link, $config) . "</b><br>\n";
                        }
                    }
                }
            }
        }
    }
} else {
    echo "<b>Could not connect to SQL database</b><br>\n";
}
for ($i = 1; $i <= 9; $i++) {
    if ($acct_attrs['ua']["{$i}"] != '') {
        echo "<th>" . $acct_attrs['ua']["{$i}"] . "</th>\n";
    }
}
$sql_extra_query = '';
if ($config[sql_accounting_extra_query] != '') {
    $sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config);
}
?>
	</tr>

<?php 
$link = @da_sql_pconnect($config);
if ($link) {
    $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_accounting_table']}\n\tWHERE username = '******' AND acctstarttime <= '{$now_str}'\n\tAND acctstarttime >= '{$prev_str}' {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY acctstarttime {$order} " . da_sql_limit($limit, 2, $config) . " ;");
    if ($search) {
        while ($row = @da_sql_fetch_array($search, $config)) {
            $tr_color = 'white';
            $num++;
            $acct_type = "{$row['framedprotocol']}/{$row['nasporttype']}";
            if ($acct_type == '') {
                $acct_type = '-';
            }
            $acct_logedin = $row[acctstarttime];
            $acct_sessiontime = $row[acctsessiontime];
            $acct_sessiontime_sum += $acct_sessiontime;
            $acct_sessiontime = time2str($acct_sessiontime);
            $acct_ip = $row[framedipaddress];
            if ($acct_ip == '') {
                $acct_ip = '-';
            echo "<b>Could not connect to SQL database</b><br>\n";
        }
    }
    echo <<<EOM
</td></tr>
</table>
</tr>
</table>
</body>
</html>
EOM;
    exit;
} else {
    $link = @da_sql_pconnect($config);
    if ($link) {
        $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS counter FROM {$config['sql_accounting_table']}\n\t\tWHERE username = '******' AND acctstoptime IS NULL {$sql_extra_query};");
        if ($search) {
            if ($row = @da_sql_fetch_array($search, $config)) {
                $open_sessions = $row[counter];
            }
        } else {
            echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
        }
    } else {
        echo "<b>Could not connect to SQL database</b><br>\n";
    }
}
?>
   <form method=post>
      <input type=hidden name=login value=<?php 
print $login;
\t</table>
</td></tr>
<tr bgcolor="black" valign=top><td colspan=2>
\t<table border=0 width=100% cellpadding=12 cellspacing=0 bgcolor="#ffffd0" valign=top>
\t<tr><td>
<p>
\t<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
\t<tr bgcolor="#d0ddb0">
\t</tr>
EOM;
    foreach ($accounting_show_attrs as $val) {
        $desc = $sql_attrs[$val][desc];
        echo "<th>{$desc}</th>\n";
    }
    echo "</tr>\n";
    $search = @da_sql_query($link, $config, $query);
    if ($search) {
        while ($row = @da_sql_fetch_array($search, $config)) {
            $num++;
            echo "<tr align=center>\n";
            foreach ($accounting_show_attrs as $val) {
                $info = $row[$val];
                if ($info == '') {
                    $info = '-';
                }
                $info = $sql_attrs[$val][func]($info);
                if ($val == 'username') {
                    $Info = urlencode($info);
                    $info = "<a href=\"user_admin.php?login={$Info}\" title=\"Edit user {$info}\">{$info}<a/>";
                }
                echo <<<EOM
     $res = @da_sql_query($link, $config, "SELECT username FROM {$config['sql_user_info_table']} WHERE\n\t\tusername = '******';");
     if ($res) {
         $Fcn = da_sql_escape_string($Fcn);
         $Fmail = da_sql_escape_string($Fmail);
         $Fou = da_sql_escape_string($Fou);
         $Ftelephonenumber = da_sql_escape_string($Ftelephonenumber);
         $Fhomephone = da_sql_escape_string($Fhomephone);
         $Fmobile = da_sql_escape_string($Fmobile);
         if (!@da_sql_num_rows($res, $config)) {
             $res = @da_sql_query($link, $config, "INSERT INTO {$config['sql_user_info_table']}\n\t\t\t\t(username,name,mail,department,homephone,workphone,mobile) VALUES\n\t\t\t\t('{$login}','{$Fcn}','{$Fmail}','{$Fou}','{$Ftelephonenumber}','{$Fhomephone}','{$Fmobile}');");
             if (!$res || !@da_sql_affected_rows($link, $res, $config)) {
                 echo "<b>Could not add user information in user info table: " . da_sql_error($link, $config) . "</b><br>\n";
                 $fail = 1;
             }
         } else {
             $res = @da_sql_query($link, $config, "UPDATE {$config['sql_user_info_table']} SET name = '{$Fcn}',Mail = '{$Fmail}',\n\t\t\t\tdepartment = '{$Fou}', homephone = '{$Fhomephone}', workphone = '{$Ftelephonenumber}',\n\t\t\t\tmobile = '{$Fmobile}' WHERE username = '******';");
             if (!$res || !@da_sql_affected_rows($link, $res, $config)) {
                 echo "<b>Could not update user information in user info table: " . da_sql_error($link, $config) . "</b><br>\n";
                 $fail = 1;
             }
         }
     } else {
         echo "<b>Could not find user in user info table: " . da_sql_error($link, $config) . "</b><br>\n";
         $fail = 1;
     }
     if ($fail == 0) {
         echo "<b>User information updated successfully</b><br>\n";
     }
 } else {
     echo "<b>Cannot use the user info table. Check the sql_use_user_info_table directive in admin.conf</b><br>\n";
 }
function da_sql_list_fields($table, $link, $config)
{
    $res = @da_sql_query($link, $config, "SELECT * from {$table} WHERE ROWNUM <=1");
    if ($res) {
        $fields[res] = array();
        for ($i = 1; $i <= ocinumcols($res); $i++) {
            array_push($fields[res], strtolower(OCIColumnName($res, $i)));
        }
        $fields[num] = @ocinumcols($res);
    } else {
        return NULL;
    }
    return $fields;
}
    $text3 = '';
}
$link = @da_sql_pconnect($config);
if ($link) {
    if (is_file("../lib/crypt/{$config['general_encryption_method']}.php")) {
        include "../lib/crypt/{$config['general_encryption_method']}.php";
        $passwd = da_encrypt($passwd);
        $passwd = da_sql_escape_string($passwd);
        $res = @da_sql_query($link, $config, "SELECT value FROM {$config['sql_check_table']} WHERE username = '******'\n\t\t\tAND attribute = '{$config['sql_password_attribute']}';");
        if ($res) {
            $row = @da_sql_fetch_array($res, $config);
            if ($row) {
                $res = @da_sql_query($link, $config, "UPDATE {$config['sql_check_table']} SET value = '{$passwd}' {$text3} WHERE\n\t\t\t\tattribute = '{$config['sql_password_attribute']}' AND username = '******';");
                if (!$res || !@da_sql_affected_rows($link, $res, $config)) {
                    echo "<b>Error while changing password: "******"</b><br>\n";
                }
            } else {
                $res = @da_sql_query($link, $config, "INSERT INTO {$config['sql_check_table']} (attribute,value,username {$text1})\n\t\t\t\t\tVALUES ('{$config['sql_password_attribute']}','{$passwd}','{$login}' {$text2});");
                if (!$res || !@da_sql_affected_rows($link, $res, $config)) {
                    echo "<b>Error while changing password: "******"</b><br>\n";
                }
            }
        } else {
            echo "<b>Error while executing query: " . da_sql_error($link, $config) . "</b><br>\n";
        }
    } else {
        echo "<b>Could not open encryption library file</b><br>\n";
    }
} else {
    echo "<b>Could not connect to SQL database</b><br>\n";
}
            if ($times == 2) {
                $login = $saved_login;
                $member_groups = $saved_member_groups;
                $stop = 1;
            }
        } else {
            echo "<b>Could not connect to SQL database</b><br>\n";
        }
    } while ($stop == 0);
} else {
    if (is_file("../lib/sql/drivers/{$config['sql_type']}/functions.php")) {
        include_once "../lib/sql/drivers/{$config['sql_type']}/functions.php";
    } else {
        echo "<b>Could not include SQL library</b><br>\n";
        exit;
    }
    unset($member_groups);
    $link = @da_sql_pconnect($config);
    if ($link) {
        $res = @da_sql_query($link, $config, "SELECT DISTINCT groupname FROM {$config['sql_usergroup_table']};");
        if ($res) {
            while ($row = @da_sql_fetch_array($res, $config)) {
                $member_groups[] = $row[groupname];
            }
        } else {
            echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
        }
    } else {
        echo "<b>Could not connect to SQL database</b><br>\n";
    }
}
}
$date = date($config[sql_full_date_format]);
$lockmsg_name = $attrmap['Dialup-Lock-Msg'] . '0';
$msg = ${$lockmsg_name};
$admin = '-';
if ($_SERVER["PHP_AUTH_USER"] != '') {
    $admin = $_SERVER["PHP_AUTH_USER"];
}
if ($msg == '') {
    echo "<b>Lock Message should not be empty</b><br>\n";
} else {
    $sql_servers = array();
    if ($config[sql_extra_servers] != '') {
        $sql_servers = explode(' ', $config[sql_extra_servers]);
    }
    $sql_servers[] = $config[sql_server];
    foreach ($sql_servers as $server) {
        $link = @da_sql_host_connect($server, $config);
        if ($link) {
            $r = da_sql_query($link, $config, "INSERT INTO {$config['sql_badusers_table']} (username,incidentdate,admin,reason)\n\t\t\tVALUES ('{$login}','{$date}','{$admin}','{$msg}');");
            if (!$r) {
                echo "<b>SQL Error:" . da_sql_error($link, $config) . "</b><br>\n";
            } else {
                echo "<b>User added to badusers table</b><br>\n";
            }
            da_sql_close($link, $config);
        } else {
            echo "<b>SQL Error: Could not connect to SQL database: {$server}</b><br>\n";
        }
    }
}
<?php

require 'password.php';
if (is_file("../lib/sql/drivers/{$config['sql_type']}/functions.php")) {
    include_once "../lib/sql/drivers/{$config['sql_type']}/functions.php";
} else {
    echo "<b>Could not include SQL library</b><br>\n";
    exit;
}
if ($action == 'checkpass') {
    $link = @da_sql_pconnect($config);
    if ($link) {
        $res = @da_sql_query($link, $config, "SELECT attribute,value FROM {$config['sql_check_table']} WHERE username = '******'\n\t\t\tAND attribute = '{$config['sql_password_attribute']}';");
        if ($res) {
            $row = @da_sql_fetch_array($res, $config);
            if (is_file("../lib/crypt/{$config['general_encryption_method']}.php")) {
                include "../lib/crypt/{$config['general_encryption_method']}.php";
                $enc_passwd = $row[value];
                $passwd = da_encrypt($passwd, $enc_passwd);
                if ($passwd == $enc_passwd) {
                    $msg = '<font color=blue><b>YES It is that</b></font>';
                } else {
                    $msg = '<font color=red><b>NO It is wrong</b></font>';
                }
            } else {
                echo "<b>Could not open encryption library file</b><br>\n";
            }
        }
    }
    echo "<tr><td colspan=3 align=center>{$msg}</td></tr>\n";
}
         $group_exists = 'yes';
     }
     while ($row = @da_sql_fetch_array($res, $config)) {
         $attr = $row[attribute];
         $val = $row[value];
         if ($use_op) {
             $oper = $row[op];
             $tmp["{$attr}"][operator][] = "{$oper}";
         }
         $tmp["{$attr}"][] = "{$val}";
         $tmp["{$attr}"][count]++;
     }
 } else {
     echo "<b>Database query failed partially: " . da_sql_error($link, $config) . "</b><br>\n";
 }
 $res = @da_sql_query($link, $config, "SELECT username FROM {$config['sql_usergroup_table']} WHERE groupname = '{$login}' ORDER BY username;");
 if ($res) {
     if (@da_sql_num_rows($res, $config)) {
         $group_exists = 'yes';
     }
     while ($row = @da_sql_fetch_array($res, $config)) {
         $member = $row[username];
         $group_members[] = "{$member}";
     }
 } else {
     echo "<b>Database query failed partially: " . da_sql_error($link, $config) . "</b><br>\n";
 }
 if (isset($tmp)) {
     foreach (array_keys($tmp) as $val) {
         if ($val == '') {
             continue;
if ($server != 'all' && $server != '') {
    $server = da_sql_escape_string($server);
    $s = "AND nasipaddress = '{$server}'";
}
$sql_extra_query = '';
if ($config[sql_accounting_extra_query] != '') {
    $sql_extra_query = xlat($config[sql_accounting_extra_query], $login, $config);
}
$link = @da_sql_pconnect($config);
if ($link) {
    for ($i = $num_days; $i > -1; $i--) {
        $day = "{$days[$i]}";
        if ($config[general_stats_use_totacct] == 'yes') {
            $search = @da_sql_query($link, $config, "SELECT {$res['1']},{$res['2']},{$res['3']} FROM {$config['sql_total_accounting_table']}\n\t\t\t{$sql_val['user']} AND acctdate = '{$day}' {$s} {$sql_extra_query};");
        } else {
            $search = @da_sql_query($link, $config, "SELECT {$res['1']},{$res['2']},{$res['3']} FROM {$config['sql_accounting_table']}\n\t\t\t{$sql_val['user']} AND acctstoptime >= '{$day} 00:00:00'\n\t\t\tAND acctstoptime <= '{$day} 23:59:59' {$s} {$sql_extra_query};");
        }
        if ($search) {
            $row = @da_sql_fetch_array($search, $config);
            $data[$day][1] = $row[res_1];
            $data[sum][1] += $row[res_1];
            $stats_num[1] = $data[$day][1] ? $stats_num[1] + 1 : $stats_num[1];
            $data[$day][2] = $row[res_2];
            $data[sum][2] += $row[res_2];
            $stats_num[2] = $data[$day][2] ? $stats_num[2] + 1 : $stats_num[2];
            $data[$day][3] = $row[res_3];
            $data[sum][3] += $row[res_3];
            $stats_num[3] = $data[$day][3] ? $stats_num[3] + 1 : $stats_num[3];
        } else {
            echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
        }
if ($link) {
    $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS counter, sum(acctsessiontime) AS sum_sess_time FROM {$config['sql_accounting_table']} WHERE\n\tusername = '******' AND acctstoptime >= '{$week_str}' AND\n\tacctstoptime <= '{$now_str}';");
    if ($search) {
        if ($row = @da_sql_fetch_array($search, $config)) {
            $weekly_used = time2strclock($row[sum_sess_time]);
            $weekly_conns = $row[counter];
        }
    }
    $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS counter,sum(acctsessiontime) AS sum_sess_time FROM {$config['sql_accounting_table']} WHERE\n\tusername = '******' AND acctstoptime >= '{$today} 00:00:00'\n\tAND acctstoptime <= '{$today} 23:59:59';");
    if ($search) {
        if ($row = @da_sql_fetch_array($search, $config)) {
            $daily_used = time2strclock($row[sum_sess_time]);
            $daily_conns = $row[counter];
        }
    }
    $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS counter, unix_timestamp() - unix_timestamp(acctstarttime) as diff FROM\n\t{$config['sql_accounting_table']} WHERE acctstoptime is null AND username = '******'\n\tGROUP BY username;");
    if ($search) {
        if ($row = @da_sql_fetch_array($search, $config)) {
            $open_conns = $row[counter];
            $online_time = $row[diff];
            $weekly_used += $online_time;
            $daily_used += $online_time;
            $daily_conns += $open_conns;
            $weekly_conns += $open_conns;
            $online_time = time2strclock($online_time);
        }
    }
    $weekly_used = time2strclock($weekly_used);
    $daily_used = time2strclock($daily_used);
}
foreach ($vars as $val) {
             if ($config[general_realm_format] == 'prefix') {
                 $match = "'[^']+" . $config[general_realm_delimiter];
             } else {
                 $match = $config[general_realm_delimiter] . "[^']+'";
             }
             $extra = preg_replace("/{$match}/", "'", $extra);
         }
     }
 }
 $search = @da_sql_query($link, $config, "SELECT COUNT(*) AS onlineusers FROM {$config['sql_accounting_table']} WHERE\n\t\tacctstoptime IS NULL AND nasipaddress = '{$name_data}' {$extra} {$sql_extra_query};");
 if ($search) {
     if ($row = @da_sql_fetch_array($search, $config)) {
         $num = $row[onlineusers];
     }
 }
 $search = @da_sql_query($link, $config, "SELECT DISTINCT username,acctstarttime,framedipaddress,callingstationid\n\t\tFROM {$config['sql_accounting_table']} WHERE\n\t\tacctstoptime IS NULL AND nasipaddress = '{$name_data}' {$extra} {$sql_extra_query}\n\t\tGROUP BY username,acctstarttime,framedipaddress,callingstationid\n\t\tORDER BY acctstarttime;");
 if ($search) {
     $now = time();
     while ($row = @da_sql_fetch_array($search, $config)) {
         $j++;
         $h += 21;
         $user = $row['username'];
         $finger_info[$servers_num][$j]['ip'] = $row['framedipaddress'];
         if ($finger_info[$servers_num][$j]['ip'] == '') {
             $finger_info[$servers_num][$j]['ip'] = '-';
         }
         $session_time = $row['acctstarttime'];
         $session_time = date2timediv($session_time, $now);
         $finger_info[$servers_num][$j]['session_time'] = time2strclock($session_time);
         $finger_info[$servers_num][$j]['user'] = $user;
         $finger_info[$servers_num][$j]['callerid'] = $row['callingstationid'];
<p>
	<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
	<tr bgcolor="#d0ddb0">
	<th>#</th><th>user</th><th>date</th><th>admin</th><th>reason</th><th>administrator action</th>
	</tr>

<?php 
$auth_user = $_SERVER["PHP_AUTH_USER"];
if ($config[general_restrict_badusers_access] == 'yes') {
    $auth_user = da_sql_escape_string($auth_user);
    $extra_query = "AND admin == '{$auth_user}'";
}
$link = @da_sql_pconnect($config);
if ($link) {
    $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_badusers_table']}\n\tWHERE username {$usercheck} {$extra_query} AND incidentdate <= '{$now_str}'\n\tAND incidentdate >= '{$prev_str}' " . da_sql_limit($limit, 1, $config) . " ORDER BY incidentdate {$order} " . da_sql_limit($limit, 2, $config) . " ;");
    if ($search) {
        while ($row = @da_sql_fetch_array($search, $config)) {
            $num++;
            $id = $row[id];
            $user = "******";
            $User = urlencode($user);
            $date = "{$row['incidentdate']}";
            $reason = "{$row['reason']}";
            $admin = "{$row['admin']}";
            if ($admin == $auth_user || $admin == '-') {
                $action = "<td><input type=submit class=button value=\"Delete\" OnClick=\"this.form.do_delete.value=1;this.form.row_id.value={$id}\"></td>";
            } else {
                $action = "<td>-</td>";
            }
            if ($admin == '') {
             $lastlog_input = bytes2str($lastlog_input);
         } else {
             $lastlog_input = 'not available';
         }
         $lastlog_output = $row['acctoutputoctets'];
         if ($lastlog_output) {
             $lastlog_output = bytes2str($lastlog_output);
         } else {
             $lastlog_output = 'not available';
         }
     }
 } else {
     echo "<b>Database query failed: " . da_sql_error($link, $config) . "</b><br>\n";
 }
 if (!$logged_now) {
     $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit(1, 0, $config) . " * FROM {$config['sql_accounting_table']}\n\t\tWHERE username = '******' AND acctsessiontime != '0' " . da_sql_limit(1, 1, $config) . "\n\t\t ORDER BY acctstoptime DESC " . da_sql_limit(1, 2, $config) . " ;");
     if ($search) {
         if (@da_sql_num_rows($search, $config)) {
             $row = @da_sql_fetch_array($search, $config);
             $lastlog_time = $row['acctstarttime'];
             $lastlog_server_ip = $row['nasipaddress'];
             $lastlog_server_port = $row['nasportid'];
             $lastlog_session_time = time2str($row['acctsessiontime']);
             $lastlog_client_ip = $row['framedipaddress'];
             $lastlog_server_name = $lastlog_server_ip != '' ? @gethostbyaddr($lastlog_server_ip) : '-';
             $lastlog_client_name = $lastlog_client_ip != '' ? @gethostbyaddr($lastlog_client_ip) : '-';
             $lastlog_callerid = $row['callingstationid'];
             if ($lastlog_callerid == '') {
                 $lastlog_callerid = 'not available';
             }
             $lastlog_input = $row['acctinputoctets'];
<?php 
echo <<<EOM
<b>{$start}</b> up to <b>{$stop}</b>
EOM;
?>

<p>
	<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
	<tr bgcolor="#d0ddb0">
	<th>#</th><th>login</th><th>date</th><th>server</th><th>connections number</th><th>connections duration</th><th>upload</th><th>download</th>
	</tr>

<?php 
$link = @da_sql_pconnect($config);
if ($link) {
    $search = @da_sql_query($link, $config, "SELECT " . da_sql_limit($limit, 0, $config) . " * FROM {$config['sql_total_accounting_table']}\n\tWHERE acctdate >= '{$start}' AND acctdate <= '{$stop}' {$server_str} {$login_str} {$sql_extra_query} " . da_sql_limit($limit, 1, $config) . " ORDER BY {$order_attr} {$order} " . da_sql_limit($limit, 2, $config) . " ;");
    if ($search) {
        while ($row = @da_sql_fetch_array($search, $config)) {
            $num++;
            $acct_login = $row[username];
            if ($acct_login == '') {
                $acct_login = '******';
            } else {
                $Acct_login = urlencode($acct_login);
                $acct_login = "******"user_admin.php?login={$Acct_login}\" title=\"Edit user {$acct_login}\">{$acct_login}</a>";
            }
            $acct_time = $row[conntotduration];
            $acct_time = time2str($acct_time);
            $acct_conn_num = $row[connnum];
            $acct_date = $row[acctdate];
            $acct_upload = $row[inputoctets];