$result =& $ds->ds->Execute("INSERT INTO baseadd\n (info, baseindex)\n VALUES\n (" . $ds->ds->qstr($info) . ",\n {$baseindex})"); // Second, try to update. if ($result == FALSE) { $result =& $ds->ds->Execute("UPDATE baseadd\n SET info=" . $ds->ds->qstr($info) . " \n WHERE baseindex={$baseindex}"); if ($result == FALSE) { insert($w, block("<b>" . my_("Error inserting/updating info.") . "</b>")); } } } // End of template support for base // Changed - End [FE] $ds->AuditLog(sprintf(my_("User %s modified subnet details %s size %u customer cust %u"), getAuthUsername(), inet_ntoa($base), $size, $cust)); } else { // if not duplicate, fall through to here if ($size > 1) { if (TestBaseAddr(inet_aton3($ipaddr), $size)) { insert($w, text(my_("Invalid base address!"))); break; } } // use the first group user belongs to create subnet if ($baseindex = $ds->CreateSubnet($base, $size, $descrip, $cust, 0, $admingrp)) { $ds->AuditLog(sprintf(my_("User %s created new subnet %s size %u cust %u"), getAuthUsername(), inet_ntoa($base), $size, $cust)); // Changed - Begin [FE] // Start of template support for base if (!empty($info)) { // First, try to insert. $result =& $ds->ds->Execute("INSERT INTO baseadd\n (info, baseindex)\n VALUES\n (" . $ds->ds->qstr($info) . ",\n {$baseindex})"); // Second, try to update. if ($result == FALSE) { $result =& $ds->ds->Execute("UPDATE baseadd\n SET info=" . $ds->ds->qstr($info) . " \n WHERE baseindex={$baseindex}");
} else { myError($w, $p, sprintf(my_("Invalid hostname %s"), $server) . "\n"); } } } if (!$zoneip) { myError($w, $p, my_("IP address may not be blank")); } else { if (testIP($zoneip)) { myError($w, $p, my_("Invalid IP address")); } else { if (!$size) { myError($w, $p, my_("Size may not be zero")); } else { if ($size > 1) { if (TestBaseAddr(inet_aton3($zoneip), $size)) { myError($w, $p, my_("Invalid base address!")); } } } } } $zoneip = inet_aton($zoneip); $cnt = 0; for ($i = 1; $i < 11; $i++) { if ($hname[$i] and !preg_match("/[^ \t@()<>,]+\\.[^ \t()<>,.]+\$/", $hname[$i])) { myError($w, $p, sprintf(my_("Invalid hostname %u"), $i) . "\n"); } if ($hname[$i]) { $cnt++; }
function parseAddGroupBoundaryForm($w, $ds) { list($grp, $ipaddr, $size) = myRegister("S:grp S:ipaddr S:size"); // explicitly cast variables as security measure against SQL injection $formerror = ""; $size = floor($size); if ($_POST) { $base = inet_aton($ipaddr); // creating readonly group? if ($base == 0 and $size == 0) { if ($ds->ds->GetOne("SELECT count(*) AS cnt FROM bounds WHERE grp=" . $ds->ds->qstr($grp))) { $formerror .= my_("Boundary cannot be created - overlaps with existing boundary") . "\n"; } } else { if (!$ipaddr) { $formerror .= my_("Boundary address may not be blank") . "\n"; } else { if (testIP($ipaddr)) { $formerror .= my_("Invalid boundary address") . "\n"; } else { if (!$size) { $formerror .= my_("Size may not be zero") . "\n"; } else { if (TestDuplicateBounds($ds, $base, $size, $grp)) { $formerror .= my_("Boundary cannot be created - overlaps with existing boundary") . "\n"; } } } } if ($size > 1) { if (TestBaseAddr(inet_aton3($ipaddr), $size)) { $formerror .= my_("Invalid base address") . "\n"; } } } if (!$formerror) { $ds->DbfTransactionStart(); // the fact that the range is unique prevents the range // being added to more than one area! $result =& $ds->ds->Execute("INSERT INTO bounds\n (boundsaddr, boundssize, grp)\n VALUES\n ({$base}, {$size}, " . $ds->ds->qstr($grp) . ")"); if ($result) { $ds->DbfTransactionEnd(); insert($w, textbr(my_("Boundary created"))); insertEditGroupForm($w, $ds); } else { $formerror .= my_("Boundary could not be created") . "\n"; } } } return $formerror; }
break; } } // could not find new subnet within any of the defined bounds // so do not delete if (!$extst) { myError($w, $p, sprintf(my_("Subnet %s not split or joined - out of defined authority boundary"), $baseip) . "\n"); } $ds->DbfTransactionStart(); // this code is not safe if transactions are not used // another user could have added a new subnet that causes an overlap // during the split and the create will thus fail. very unlikely though if ($action == "join") { // additional checks for join // check if subnet size * 2 is valid? if (TestBaseAddr(inet_aton3(inet_ntoa($base)), $size * 2)) { myError($w, $p, my_("Subnets cannot be joined - Invalid base address!")); } // check if there is another subnet close by $result = $ds->GetDuplicateSubnet($base + $size, $size, $cust); if ($row = $result->FetchRow()) { // now check if there is exactly one subnet of the same size if ($row["subnetsize"] == $size) { // delete old one $basetmp = $row["baseindex"]; // found adjacent subnet, so delete it $ds->ds->Execute("DELETE FROM base\n WHERE baseindex={$basetmp}"); $ds->ds->Execute("DELETE FROM baseadd\n WHERE baseindex={$basetmp}"); // ... and link its ip records to the bigger subnet // files attached to ip records will travel with $ds->ds->Execute("UPDATE ipaddr\n SET baseindex={$baseindex}\n WHERE baseindex={$basetmp}");