require_once "../layout/class.layout"; require_once "../auth.php"; require_once "../class.xptlib.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Display customer/autonomous system information"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($search, $expr, $block, $ipplanParanoid) = myRegister("S:search S:expr I:block I:ipplanParanoid"); // basic sequence is connect, search, interpret search // result, close connection $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // what is the additional search SQL? $sql = $ds->mySearchSql("custdescrip", $expr, $search, FALSE); $result = $ds->GetCustomer($sql); insert($w, heading(3, my_("All customer/autonomous system info"))); // draw the search box $srch = new mySearch($w, array(), $search, "search"); $srch->legend = my_("Refine Search on Description"); $srch->expr = $expr; $srch->expr_disp = TRUE; $srch->Search(); // draw the sucker! $totcnt = 0;
$auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("DNS Domain Zones"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($action, $dataid, $cust, $serialdate, $serialnum, $domain, $hname, $responsiblemail, $ttl, $refresh, $retry, $expire, $minimum, $zonepath, $seczonepath, $descrip, $slaveonly, $block, $server, $expr, $ipplanParanoid, $clone) = myRegister("S:action I:dataid I:cust I:serialdate I:serialnum S:domain A:hname S:responsiblemail I:ttl I:refresh I:retry I:expire I:minimum S:zonepath S:seczonepath S:descrip S:slaveonly I:block S:server S:expr I:ipplanParanoid S:clone"); list($userfld) = myRegister("A:userfld"); // for template fields list($createyear, $createmonth, $createday, $expireyear, $expiremonth, $expireday, $regyear, $regmonth, $regday) = myRegister("I:createyear I:createmonth I:createday I:expireyear I:expiremonth I:expireday I:regyear I:regmonth I:regday"); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); $formerror = ""; $muldomains = ""; if ($slaveonly == "on") { $slaveonly = "Y"; } else { if ($slaveonly != "Y" or $slaveonly != "N") { $slaveonly = "N"; } } //if (!$_GET) { // myError($w,$p, my_("You cannot reload or bookmark this page!")); //}
require_once "../class.dbflib.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Change user password"); newhtml($p); $w = myheading($p, $title); // explicitly cast variables as security measure against SQL injection list($user, $password1, $password2) = myRegister("S:user S:password1 S:password2"); $formerror = ""; $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); if ($_POST) { $password1 = trim($password1); $password2 = trim($password2); if (strlen($password1) < 5 or strlen($password2) < 5) { $formerror .= my_("The password entered must be at least five characters") . "\n"; } if ($password1 != $password2) { $formerror .= my_("The passwords entered do not match") . "\n"; } if (!$formerror) { if ($user and getAuthUsername() == ADMINUSER) { $userid = $user; } else {
require_once "../auth.php"; require_once "../class.xptlib.php"; $auth = new BasicAuthenticator(ADMINREALM, REALMERROR); $auth->addUser(ADMINUSER, ADMINPASSWD); // And now perform the authentication $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Display Audit Log"); newhtml($p); $w = myheading($p, $title); // explicitly cast variables as security measure against SQL injection list($descrip, $block, $expr) = myRegister("S:descrip I:block S:expr"); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // display opening text insert($w, heading(3, "{$title}.")); $srch = new mySearch($w, $_GET, $descrip, "descrip"); //$srch->legend=my_("Refine Search on Domain"); $srch->expr = $expr; $srch->expr_disp = TRUE; $srch->Search(); // draw the sucker! // what is the additional search SQL? $where = $ds->mySearchSql("action", $expr, $descrip, FALSE); if ($where) { $where = "WHERE " . $where; } $sqllastmod = $ds->ds->SQLDate("M d Y H:i:s", 'dt');
require_once "../class.dbflib.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Delete a range or supernet/summary"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $rangeindex) = myRegister("I:cust I:rangeindex"); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); if ($_GET) { // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // check if user belongs to customer admin group $result = $ds->GetCustomerGrp($cust); // can only be one row - does not matter if nothing is // found as array search will return false $row = $result->FetchRow(); if (!in_array($row["admingrp"], $grps)) { myError($w, $p, my_("You may not delete an area for this customer as you are not a member of the customers admin group")); } if ($rangeindex > 0) { $result = $ds->GetRange($cust, $rangeindex);
//setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); if ($action == 'add') { $title = my_("Create DNS Zones"); } else { $title = my_("Edit DNS Zones"); } newhtml($p); insert($p, $h = wheader("IPPlan - {$title}")); insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js"))); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $dataid, $action, $domain, $responsiblemail, $serialdate, $serialnum, $ttl, $retry, $refresh, $expire, $minimum, $slaveonly, $zonepath, $seczonepath) = myRegister("I:cust I:dataid S:action S:domain S:responsiblemail I:serialdate I:serialnum I:ttl I:retry I:refresh I:expire I:minimum S:slaveonly S:zonepath S:seczonepath"); if (!$_GET) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } // basic sequence is connect, search, interpret search // result, close connection $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); insert($w, $f = form(array("name" => "ENTRY", "method" => "post", "action" => "modifydns.php"))); // Use the same form for adding or editing. Setup page & variables based on action. if ($action == 'add') { $now = getdate(); $serialdate = $now["year"] . str_pad($now["mon"], 2, '0', STR_PAD_LEFT) . str_pad($now["mday"], 2, '0', STR_PAD_LEFT); $serialnum = 0; $zone = ""; $ttl = DNSTTL; $refresh = DNSREFRESH;
} } } $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Results of your search"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust1, $cust2, $block) = myRegister("A:cust1 A:cust2 I:block"); // could be array! //$cust1=floor($cust1); //$cust2=floor($cust2); if (!$_GET) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } // basic sequence is connect, search, interpret search // result, close connection $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); insert($w, heading(3, my_("Search for overlapping subnets between customers/autonomous systems"))); // reduce the two arrays to a single array, removing all duplicates $arr = array_unique(array_merge($cust1, $cust2)); sort($arr); if (count($arr) <= 1) { myError($w, $p, my_("Both customers selected are the same - all subnets will overlap!"));
} require_once "../ipplanlib.php"; require_once "../adodb/adodb.inc.php"; require_once "../class.dbflib.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); // explicitly cast variables as security measure against SQL injection list($cust, $areaindex, $rangeindex, $action, $size, $ipaddr, $descrip) = myRegister("I:cust I:areaindex I:rangeindex S:action I:size S:ipaddr S:descrip"); $formerror = ""; if ($action == "modify") { $title = my_("Modify a range or supernet/summary"); } else { $title = my_("Create a new range or supernet/summary"); } newhtml($p); $w = myheading($p, $title, true); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); if ($_POST) { // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); if ($action == "modify") { $result = $ds->GetRange($cust, $rangeindex);
$auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $auth->authenticate(); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Results of your search"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $areaindex, $rangeindex, $start, $end, $showused, $size_from, $size_to) = myRegister("I:cust I:areaindex I:rangeindex S:start S:end I:showused I:size_from I:size_to"); if (!$_GET) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } // basic sequence is connect, search, interpret search // result, close connection $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // set start and end address according to range $site = ""; if ($rangeindex) { // should only return one row here! $result = $ds->GetRange($cust, $rangeindex); $row = $result->FetchRow(); $start = inet_ntoa($row["rangeaddr"]); $end = inet_ntoa($row["rangeaddr"] + $row["rangesize"] - 1); $site = " (" . $row["descrip"] . ")";
$auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Results of your search"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $areaindex, $rangeindex, $ipaddr, $descrip, $filename, $ntnameopt) = myRegister("I:cust I:areaindex I:rangeindex S:ipaddr S:descrip S:filename I:ntnameopt"); // extra protection on filename passed! $filename = basename($filename); if (!$_GET) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } // basic sequence is connect, search, interpret search // result, close connection $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // check if user belongs to customer admin group $result = $ds->GetCustomerGrp($cust); // can only be one row - does not matter if nothing is // found as array search will return false $row = $result->FetchRow(); if (!in_array($row["admingrp"], $grps)) { myError($w, $p, my_("You may not send a registrar update for this customer as you are not a member of the customers admin group"));
$auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $auth->authenticate(); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Results of your search for areas"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $ipplanParanoid) = myRegister("I:cust I:ipplanParanoid"); if (!$_GET) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } // basic sequence is connect, search, interpret search // result, close connection $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); $custdescrip = $ds->GetCustomerDescrip($cust); insert($w, heading(3, sprintf(my_("Search for areas and ranges for customer '%s'"), $custdescrip))); $result =& $ds->ds->Execute("SELECT area.areaaddr, area.descrip AS adescrip, \n netrange.rangeaddr,\n netrange.rangesize, netrange.descrip AS rdescrip,\n netrange.rangeindex, area.areaindex\n FROM netrange\n LEFT JOIN area\n ON netrange.areaindex=area.areaindex\n WHERE netrange.customer={$cust}\n ORDER BY area.areaaddr, netrange.rangeaddr, netrange.rangesize"); // create a table insert($w, $t = table(array("cols" => "8", "class" => "outputtable"))); // draw heading setdefault("cell", array("class" => "heading")); insert($t, $c = cell()); insert($c, text(my_("Area address")));
// And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Search for user info"); newhtml($p); insert($p, $h = wheader("IPPlan - {$title}")); insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js"))); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $areaindex, $field, $tmplfield, $rangeindex) = myRegister("I:cust I:areaindex S:field S:tmplfield I:rangeindex"); // display opening text insert($w, heading(3, "{$title}.")); insert($w, textbrbr(my_("Search for user info searches the individual IP address records."))); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // start form insert($w, $f1 = form(array("name" => "THISFORM", "method" => "post", "action" => $_SERVER["PHP_SELF"]))); // ugly kludge with global variable! $displayall = TRUE; $cust = myCustomerDropDown($ds, $f1, $cust, $grps) or myError($w, $p, my_("No customers")); $areaindex = myAreaDropDown($ds, $f1, $cust, $areaindex); $rangeindex = searchRangeDropDown($ds, $f1, $cust, $areaindex, $rangeindex); //$rangeindex=myRangeDropDown($ds, $f1, $cust, $areaindex); insert($f1, block("<p>")); insert($f1, $con2 = container("fieldset", array("class" => "fieldset"))); insert($con2, $legend = container("legend", array("class" => "legend")));
//setdefault("text",array("size"=>"2")); $title = my_("Results of your search"); newhtml($p); list($close) = myRegister("I:close"); // from modifyipform - close the popup? $w = myheading($p, $title, $close ? false : true); // explicitly cast variables as security measure against SQL injection list($baseindex, $block, $showactive, $showdns, $action) = myRegister("I:baseindex I:block I:showactive I:showdns S:action"); list($userfld) = myRegister("A:userfld"); // from modifyipform - need to add rest flds list($hname) = myRegister("S:hname"); // from modifyipformmul - need to add rest flds list($search, $expr) = myRegister("S:search S:expr"); // search fields list($user, $location, $descrip, $telno, $macaddr) = myRegister("S:user S:location S:descrip S:telno S:macaddr"); list($request) = myRegister("I:request"); // from modifyipform - dummy variable entered // from displayrequestip.php $formerror = ""; // $ip can be array or string or undefined! if (!isset($ip)) { $ip = 0; } if (is_array($ip)) { foreach ($ip as $key => $value) { $ip[$key] = floor($value); } } else { $ip = floor($ip); } if (!$_GET and !$_POST) {
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Modify/Copy/Move subnet details"); newhtml($p); insert($p, $h = wheader("IPPlan - {$title}")); insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js"))); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($baseindex, $cust, $descrip, $grp, $origcust, $dhcp) = myRegister("I:baseindex I:cust S:descrip S:grp S:origcust I:dhcp"); // additional vars for Location: header list($areaindex, $rangeindex, $search, $ipaddr) = myRegister("I:areaindex I:rangeindex S:search S:ipaddr"); list($userfld) = myRegister("A:userfld"); // for template fields $formerror = ""; $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // remember original customer if (!$origcust) { $origcust = $cust; } if ($_POST) { // check if user belongs to customer admin group $result = $ds->GetCustomerGrp($cust); // can only be one row - does not matter if nothing is // found as array search will return false $row = $result->FetchRow(); if (!in_array($row["admingrp"], $grps)) { myError($w, $p, my_("You may not modify this subnet for this customer as you are not a member of the new customers admin group"));
require_once "../class.templib.php"; // maximum number of outstanding IP address requests allowed - this is to prevent // denial of service on the database as this feature is not authenticated define("MAXREQUESTS", "100"); // disable or enable drop down menu on request page - default disabled define("MENU", FALSE); if (!REQUESTENABLED) { die("IP address request system has been disabled by the administrator."); } // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); // explicitly cast variables as security measure against SQL injection list($cust, $request, $user, $location, $descrip, $hname, $telno, $macaddr, $ipplanCustomer) = myRegister("I:cust S:request S:user S:location S:descrip S:hname S:telno S:macaddr I:ipplanCustomer"); $formerror = ""; $title = my_("Request an IP address"); newhtml($p); $w = myheading($p, $title, MENU); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); if ($_POST) { $request = trim($request); $descrip = trim($descrip); if (strlen($request) == 0) { $formerror .= my_("You need to enter request details for the ip address request") . "\n"; } if (strlen($user) == 0) { $formerror .= my_("You need to enter user details for the request") . "\n"; } if (strlen($location) == 0) {
function parseDeleteBounds($w, $ds) { list($grp, $boundsaddr) = myRegister("S:grp S:boundsaddr"); $result =& $ds->ds->Execute("DELETE FROM bounds\n WHERE grp=" . $ds->ds->qstr($grp) . " AND boundsaddr={$boundsaddr}"); if ($result) { $ds->DbfTransactionEnd(); insert($w, text(my_("Boundary deleted"))); } else { insert($w, text(my_("Boundary could not be deleted"))); } insertEditGroupForm($w, $ds); }
$result = ''; while (!feof($fp)) { $result .= fgets($fp, 128); } fclose($fp); } return $result; } // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); $title = my_("WHOIS results"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($lookup) = myRegister("S:lookup"); if (!$_GET) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } //$data = $whois->lookup($lookup); $data = whois(WHOISSERVER, $lookup); if (!$data) { myError($w, $p, my_("Whois query failed - are you behind a firewall?")); } else { /* $data = preg_replace("/\((.*?)\)/", "<a href='whois.php?lookup=\\1'>(\\1)</a>", $data); */ insert($w, block("<pre>" . htmlspecialchars($data) . "</pre>")); } printhtml($p);
require_once "../ipplanlib.php"; require_once "../adodb/adodb.inc.php"; require_once "../class.dbflib.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Display/Modify/Delete area information"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($ipplanCustomer) = myRegister("I:ipplanCustomer"); // display opening text insert($w, heading(3, my_("Display/Modify/Delete areas and ranges."))); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // start form insert($w, $f2 = form(array("name" => "ENTRY", "method" => "get", "action" => "modifyarearange.php"))); // ugly kludge with global variable! $cust = floor($ipplanCustomer); $displayall = TRUE; $cust = myCustomerDropDown($ds, $f2, $cust, $grps, FALSE) or myError($w, $p, my_("No customers")); insert($f2, generic("br")); insert($f2, submit(array("value" => my_("Submit")))); insert($f2, freset(array("value" => my_("Clear")))); printhtml($p);
// And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Create a new subnet"); newhtml($p); insert($p, $h = wheader("IPPlan - {$title}")); insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js"))); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $size, $ipplanGroup, $dhcp) = myRegister("I:cust I:size S:ipplanGroup I:dhcp"); // display opening text insert($w, heading(3, "{$title}.")); insert($w, text(my_("Create a new subnet by entering the base (network) address of the subnet. Subnets are the building blocks of all networks, and are all that is required for small networks."))); insert($w, block("<p>")); insert($w, text(my_("Unused subnets can be pre-allocated with a description of either 'free' or 'spare'. These can be searched for at a later stage using the 'Find Free' function."))); insert($w, block("<p>")); insert($w, textbr(my_("It may also be beneficial to give ASE (Autonomous System External, networks not local to yours) a special handle like EXTERNAL so that they can be searched for at a later stage. These networks often appear in routing tables as static routes to third parties (not via the Internet)."))); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // start form insert($w, $f = form(array("name" => "ENTRY", "method" => "post", "action" => "createsubnet.php"))); $cust = myCustomerDropDown($ds, $f, $cust, $grps, FALSE) or myError($w, $p, my_("No customers")); $result = $ds->GetGrps(); $lst = array(); while ($row = $result->FetchRow()) { $col = $row["grp"];
$auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Registrar information sent"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($baseindex, $ntnameopt, $cust, $filename) = myRegister("A:baseindex I:ntnameopt I:cust S:filename"); // extra protection on filename passed! $filename = basename($filename); if (!$_POST) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } if (empty($baseindex)) { myError($w, $p, my_("No registrar updates selected to send")); } // basic sequence is connect, search, interpret search // result, close connection $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // check if user belongs to customer admin group $result = $ds->GetCustomerGrp($cust); // can only be one row - does not matter if nothing is // found as array search will return false
$auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Results of your search"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $areaindex, $rangeindex, $searchin, $ipaddr, $jump, $block, $descrip, $expr, $size, $subnetsize) = myRegister("I:cust I:areaindex I:rangeindex I:searchin S:ipaddr I:jump I:block S:descrip S:expr I:size I:subnetsize"); if (!$_GET) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } // basic sequence is connect, search, interpret search // result, close connection $ds = new Base() or myError($w, $p, my_("Could not connect to database")); $ds->SetGrps($grps); $ds->SetIPaddr($ipaddr); $ds->SetSubnetSize($subnetsize); // set from findfree.php $ds->SetSearchIn($searchin); $ds->SetDescrip($descrip); // set search type if (empty($expr) and !empty($descrip)) { $expr = "RLIKE";
// Modify capabilities added by Denes Magyar (fat@poison.hu) 22/02/05 require_once "../ipplanlib.php"; require_once "../adodb/adodb.inc.php"; require_once "../class.dbflib.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); // explicitly cast variables as security measure against SQL injection list($cust, $areaindex, $ipaddr, $action, $descrip) = myRegister("I:cust I:areaindex S:ipaddr S:action S:descrip"); $formerror = ""; if ($action == "modify") { $title = my_("Modify a network area"); } else { $title = my_("Create a new network area"); } newhtml($p); $w = myheading($p, $title, true); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); if ($_POST) { // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); $descrip = trim($descrip); if (strlen($descrip) == 0) {
require_once "../auth.php"; require_once "../xmllib.php"; $auth = new BasicAuthenticator(ADMINREALM, REALMERROR); $auth->addUser(ADMINUSER, ADMINPASSWD); // And now perform the authentication $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Import IP details result"); newhtml($p); $w = myheading($p, $title); // explicitly cast variables as security measure against SQL injection list($cust, $format, $append) = myRegister("I:cust S:format S:append"); if (!$_POST) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } if (empty($_FILES)) { $tmp = get_cfg_var("file_uploads"); if (empty($tmp)) { insert($w, block("<b>" . my_("File uploads may have been disabled in the php.ini configuration file") . "</b><p>")); } } else { if ($_FILES['userfile']['size'] == 0) { myError($w, $p, my_("Possible file size exceeded php.ini or webserver limit of 2meg - break file into smaller parts")); } if (!is_uploaded_file($_FILES['userfile']['tmp_name'])) { myError($w, $p, my_("Possible file upload attack")); }
require_once "../auth.php"; require_once "../class.xptlib.php"; $auth = new BasicAuthenticator(ADMINREALM, REALMERROR); $auth->addUser(ADMINUSER, ADMINPASSWD); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("IPplan Maintenance"); newhtml($p); $w = myheading($p, $title); // explicitly cast variables as security measure against SQL injection list($action, $cust, $block, $requestindex, $requestdesc) = myRegister("S:action I:cust I:block I:requestindex S:requestdesc"); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); if ($action == "deletecustomer") { if (DBF_TYPE == "mysql" or DBF_TYPE == "maxsql") { $version = $ds->ds->GetOne("SELECT version() AS version"); if ($version < "4.0.0") { myError($w, $p, my_("You need MySQL v4.0.0 or higher for this function!")); } } $ds->DbfTransactionStart(); $result =& $ds->ds->Execute("DELETE FROM customer\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM custinfo\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM ipaddr \n WHERE baseindex IN (SELECT baseindex FROM base WHERE customer={$cust})") and $result =& $ds->ds->Execute("DELETE FROM ipaddradd\n WHERE baseindex IN (SELECT baseindex FROM base WHERE customer={$cust})") and $result =& $ds->ds->Execute("DELETE FROM base\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM custadd\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM revdns\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM area\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM netrange\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM fwdzone\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM fwdzoneadd\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM fwdzonerec\n WHERE customer={$cust}") and $result =& $ds->ds->Execute("DELETE FROM zones\n WHERE customer={$cust}") and $ds->AuditLog(array("event" => 182, "action" => "delete customer", "user" => getAuthUsername(), "cust" => $cust)); if ($result) { $ds->DbfTransactionEnd(); insert($w, text(my_("Customer deleted"))); } else { insert($w, text(my_("Customer could not be deleted")));
require_once "../class.dbflib.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Modify IP address details (range)"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($baseindex, $block, $ip, $search, $expr, $ipplanParanoid) = myRegister("I:baseindex I:block A:ip S:search S:expr I:ipplanParanoid"); //$ip=array($ip); // type array if (!$_POST) { myError($w, $p, my_("You cannot reload or bookmark this page!")); } // basic sequence is connect, search, interpret search // result, close connection $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // save md5str for check in displaysubnet.php to see if info has // been modified since start of edit $md5str = $ds->GetMD5($ip, $baseindex); insert($w, block("<h3>")); insert($w, text(my_("IP Addresses to modify: "))); foreach ($ip as $value) { insert($w, text(inet_ntoa($value) . " ")); }
// GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // require_once "../config.php"; require_once "../ipplanlib.php"; require_once "../adodb/adodb.inc.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // explicitly cast variables as security measure against SQL injection list($paranoid, $ipplanParanoid, $poll, $ipplanPoll, $lang) = myRegister("I:paranoid I:ipplanParanoid I:poll I:ipplanPoll S:lang"); // set language if ($lang) { myLanguage($lang . ":" . dirname(dirname(__FILE__))); } else { isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); } //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Change display settings"); newhtml($p); $results = ""; if ($_POST) { setcookie("ipplanTheme", $theme, time() + 10000000, "/"); // Make change immediate.
// And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Modify/Copy/Move/Delete/Split/Join subnets"); newhtml($p); insert($p, $h = wheader("IPPlan - {$title}")); insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js"))); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $areaindex) = myRegister("I:cust I:areaindex"); // display opening text insert($w, heading(3, "{$title}.")); $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); // start form insert($w, $f1 = form(array("name" => "THISFORM", "method" => "post", "action" => $_SERVER["PHP_SELF"]))); $cust = myCustomerDropDown($ds, $f1, $cust, $grps) or myError($w, $p, my_("No customers")); $areaindex = myAreaDropDown($ds, $f1, $cust, $areaindex); insert($w, $f2 = form(array("name" => "ENTRY", "method" => "get", "action" => "modifybase.php"))); // save customer name for actual post of data insert($f2, hidden(array("name" => "cust", "value" => "{$cust}"))); insert($f2, hidden(array("name" => "areaindex", "value" => "{$areaindex}"))); myRangeDropDown($ds, $f2, $cust, $areaindex); insert($f2, block("<p>")); insert($f2, $con = container("fieldset", array("class" => "fieldset"))); insert($con, $legend = container("legend", array("class" => "legend")));
$auth->addUser(ADMINUSER, ADMINPASSWD); // And now perform the authentication $auth->authenticate(); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Import subnet results"); newhtml($p); $w = myheading($p, $title); // explicitly cast variables as security measure against SQL injection list($cust, $admingrp) = myRegister("I:cust S:admingrp"); if (empty($_FILES)) { $tmp = get_cfg_var("file_uploads"); if (empty($tmp)) { insert($w, block("<b>" . my_("File uploads may have been disabled in the php.ini configuration file") . "</b><p>")); } } else { if ($_FILES['userfile']['size'] == 0) { myError($w, $p, my_("Possible file size exceeded php.ini or webserver limit of 2meg - break file into smaller parts")); } if (!is_uploaded_file($_FILES['userfile']['tmp_name'])) { myError($w, $p, my_("Possible file upload attack")); } } $filename = $_FILES['userfile']['tmp_name']; // basic sequence is connect, search, interpret search
require_once "../ipplanlib.php"; require_once "../adodb/adodb.inc.php"; require_once "../class.dbflib.php"; require_once "../auth.php"; require_once "../class.templib.php"; $auth = new BasicAuthenticator(ADMINREALM, REALMERROR); $auth->addUser(ADMINUSER, ADMINPASSWD); // And now perform the authentication $auth->authenticate(); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // basic sequence is connect, search, interpret search // result, close connection // explicitly cast variables as security measure against SQL injection list($cust) = myRegister("I:cust"); $ds = new IPplanDbf() or die(my_("Could not connect to database")); // force file download due to bad mime type header("Content-Type: bad/type"); header("Content-Disposition: attachment; filename=base.txt"); header("Pragma: no-cache"); header("Expires: 0"); $startnum = inet_aton(DEFAULTROUTE); $endnum = inet_aton(ALLNETS); // if a specific network template exists, use that, else use generic template $template = new IPplanIPTemplate("basetemplate", $cust); $err = $template->is_error(); $result = $ds->GetBase($startnum, $endnum, '', $cust); while ($row = $result->FetchRow()) { echo inet_ntoa($row["baseaddr"]) . FIELDS_TERMINATED_BY . $row["descrip"] . FIELDS_TERMINATED_BY . inet_ntoa(inet_aton(ALLNETS) + 1 - $row["subnetsize"]) . FIELDS_TERMINATED_BY; if (!$err) {
require_once "../layout/class.layout"; require_once "../auth.php"; require_once "../class.xptlib.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("DNS Reverse Zones"); newhtml($p); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($action, $zoneid, $serialdate, $serialnum, $cust, $zone, $zoneip, $size, $hname, $responsiblemail, $ttl, $refresh, $retry, $expire, $minimum, $zonepath, $seczonepath, $slaveonly, $descrip, $block, $server, $expr, $ipplanParanoid) = myRegister("S:action I:zoneid I:serialdate I:serialnum I:cust S:zone S:zoneip I:size A:hname S:responsiblemail I:ttl I:refresh I:retry I:expire I:minimum S:zonepath S:seczonepath S:slaveonly S:descrip I:block S:server S:expr I:ipplanParanoid"); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); $formerror = ""; if ($slaveonly == "on") { $slaveonly = "Y"; } else { if ($slaveonly != "Y" or $slaveonly != "N") { $slaveonly = "N"; } } //if (!$_GET) { // myError($w,$p, my_("You cannot reload or bookmark this page!")); //} // basic sequence is connect, search, interpret search