Example #1
0
        $_SESSION['password'] = $_GET['password'];
    }
}
if (!isset($config['auth_mechanism'])) {
    $config['auth_mechanism'] = 'mysql';
}
if (file_exists('includes/authentication/' . $config['auth_mechanism'] . '.inc.php')) {
    include_once 'includes/authentication/' . $config['auth_mechanism'] . '.inc.php';
} else {
    print_error('ERROR: no valid auth_mechanism defined!');
    exit;
}
$auth_success = 0;
if (isset($_SESSION['username']) || isset($_COOKIE['sess_id'], $_COOKIE['token'])) {
    if (reauthenticate($_COOKIE['sess_id'], $_COOKIE['token']) || authenticate($_SESSION['username'], $_SESSION['password'])) {
        $_SESSION['userlevel'] = get_userlevel($_SESSION['username']);
        $_SESSION['user_id'] = get_userid($_SESSION['username']);
        if (!$_SESSION['authenticated']) {
            if ($config['twofactor'] === true && !isset($_SESSION['twofactor'])) {
                include_once $config['install_dir'] . '/html/includes/authentication/twofactor.lib.php';
                twofactor_auth();
            }
            if (!$config['twofactor'] || $_SESSION['twofactor']) {
                $_SESSION['authenticated'] = true;
                dbInsert(array('user' => $_SESSION['username'], 'address' => get_client_ip(), 'result' => 'Logged In'), 'authlog');
            }
        }
        if (isset($_POST['remember'])) {
            $sess_id = session_id();
            $hasher = new PasswordHash(8, false);
            $token = strgen();
Example #2
0
 private function _auth($params)
 {
     $params = explode(' ', $params, 2);
     if (strlen($params[0]) == 64) {
         if ($this->tokens[$this->getUser($this->data)] == $params[0]) {
             $this->user['expire'] = time() + $this->config['irc_authtime'] * 3600;
             $tmp_user = get_user($this->user['id']);
             $tmp = get_userlevel($tmp_user['username']);
             $this->user['level'] = $tmp['level'];
             if ($this->user['level'] < 5) {
                 foreach (dbFetchRows('SELECT device_id FROM devices_perms WHERE user_id = ?', array($this->user['id'])) as $tmp) {
                     $this->user['devices'][] = $tmp['device_id'];
                 }
                 foreach (dbFetchRows('SELECT port_id FROM ports_perms WHERE user_id = ?', array($this->user['id'])) as $tmp) {
                     $this->user['ports'][] = $tmp['port_id'];
                 }
             }
             return $this->respond('Authenticated.');
         } else {
             return $this->respond('Nope.');
         }
     } else {
         $user_id = get_userid(mres($params[0]));
         $user = get_user($user_id);
         if ($user['email'] && $user['username'] == $params[0]) {
             $token = hash('gost', openssl_random_pseudo_bytes(1024));
             $this->tokens[$this->getUser($this->data)] = $token;
             $this->user['name'] = $params[0];
             $this->user['id'] = $user['user_id'];
             if ($this->debug) {
                 $this->log("Auth for '" . $params[0] . "', ID: '" . $user['user_id'] . "', Token: '" . $token . "', Mail: '" . $user['email'] . "'");
             }
             if (send_mail($user['email'], 'LibreNMS IRC-Bot Authtoken', "Your Authtoken for the IRC-Bot:\r\n\r\n" . $token . "\r\n\r\n") === true) {
                 return $this->respond('Token sent!');
             } else {
                 return $this->respond('Sorry, seems like mail doesnt like us.');
             }
         } else {
             return $this->respond('Who are you again?');
         }
     }
     //end if
     return false;
 }
Example #3
0
/**
 * Find contacts for alert
 * @param array $results Rule-Result
 * @return array
 */
function GetContacts($results)
{
    global $config;
    if (sizeof($results) == 0) {
        return array();
    }
    if ($config['alert']['default_only'] == true || $config['alerts']['email']['default_only'] == true) {
        return array('' . ($config['alert']['default_mail'] ? $config['alert']['default_mail'] : $config['alerts']['email']['default']) => 'NOC');
    }
    $users = get_userlist();
    $contacts = array();
    $uids = array();
    foreach ($results as $result) {
        $tmp = null;
        if (is_numeric($result["bill_id"])) {
            $tmpa = dbFetchRows("SELECT user_id FROM bill_perms WHERE bill_id = ?", array($result["bill_id"]));
            foreach ($tmpa as $tmp) {
                $uids[$tmp['user_id']] = $tmp['user_id'];
            }
        }
        if (is_numeric($result["port_id"])) {
            $tmpa = dbFetchRows("SELECT user_id FROM ports_perms WHERE access_level >= 0 AND port_id = ?", array($result["port_id"]));
            foreach ($tmpa as $tmp) {
                $uids[$tmp['user_id']] = $tmp['user_id'];
            }
        }
        if (is_numeric($result["device_id"])) {
            if ($config['alert']['syscontact'] == true) {
                if (dbFetchCell("SELECT attrib_value FROM devices_attribs WHERE attrib_type = 'override_sysContact_bool' AND device_id = ?", array($result["device_id"])) === "1") {
                    $tmpa = dbFetchCell("SELECT attrib_value FROM devices_attribs WHERE attrib_type = 'override_sysContact_string' AND device_id = ?", array($result["device_id"]));
                } else {
                    $tmpa = dbFetchCell("SELECT sysContact FROM devices WHERE device_id = ?", array($result["device_id"]));
                }
                $contacts[$tmpa] = "NOC";
            }
            $tmpa = dbFetchRows("SELECT user_id FROM devices_perms WHERE access_level >= 0 AND device_id = ?", array($result["device_id"]));
            foreach ($tmpa as $tmp) {
                $uids[$tmp['user_id']] = $tmp['user_id'];
            }
        }
    }
    foreach ($users as $user) {
        if (empty($user['email'])) {
            continue;
        } elseif (empty($user['realname'])) {
            $user['realname'] = $user['username'];
        }
        $user['level'] = get_userlevel($user['username']);
        if ($config["alert"]["globals"] && ($user['level'] >= 5 && $user['level'] < 10)) {
            $contacts[$user['email']] = $user['realname'];
        } elseif ($config["alert"]["admins"] && $user['level'] == 10) {
            $contacts[$user['email']] = $user['realname'];
        } elseif (in_array($user['user_id'], $uids)) {
            $contacts[$user['email']] = $user['realname'];
        }
    }
    $tmp_contacts = array();
    foreach ($contacts as $email => $name) {
        if (strstr($email, ',')) {
            $split_contacts = preg_split("/[,\\s]+/", $email);
            foreach ($split_contacts as $split_email) {
                if (!empty($split_email)) {
                    $tmp_contacts[$split_email] = $name;
                }
            }
        } else {
            $tmp_contacts[$email] = $name;
        }
    }
    return $tmp_contacts;
}
Example #4
0
<?php

$page_title = 'Lagerstatus';
require_once 'includes/load.php';
include_once 'layouts/header.php';
// Checking userlevel
page_require_level(2);
//Show only own sales, unless userlevel is admin
if (get_userlevel() == 1) {
    $is_admin = true;
} else {
    $is_admin = false;
}
$storageStatus = storage_status();
$prod_id = get_last_product_id();
$dbupdate = false;
$storageProd = [];
foreach ($storageStatus as $stg) {
    array_push($storageProd, $stg);
}
if (isset($_POST['storage'])) {
    $max = count($_POST['hovedlager']);
    for ($i = 0; $i < $max; $i++) {
        $I_hovedlager = $_POST["hovedlager"][$i];
        $I_kslager = $_POST["ks-lager"][$i];
        $I_m_storage = $_POST["m_storage"][$i];
        $changeKS = $storageProd[$i]['ks_storage'] != $I_kslager;
        $changeH = $storageProd[$i]['quantity'] != $I_hovedlager;
        $changeM = $storageProd[$i]['m_storage'] != $I_m_storage;
        $KS_qty = $I_kslager - $storageProd[$i]['ks_storage'];
        $H_qty = $I_hovedlager - $storageProd[$i]['quantity'];