Example #1
0
function mysql_adduser($username, $password, $level, $email = "", $realname = "", $can_modify_passwd = '1', $description = "")
{
    if (!mysql_auth_user_exists($username)) {
        $encrypted = crypt($password, '$1$' . strgen(8) . '$');
        return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname, 'can_modify_passwd' => $can_modify_passwd, 'descr' => $description), 'users');
    } else {
        return FALSE;
    }
}
function hb_get_data($port_id, $from = false, $to = false)
{
    global $config, $rrd_cmd, $rrd_options, $debug;
    $debug = TRUE;
    ob_start();
    $vars = array('from' => $from, 'to' => $to, 'id' => $port_id, 'height' => 300, 'width' => 1075, 'type' => 'port_bits');
    foreach ($vars as $k => $v) {
        $_GET[$k] = $v;
    }
    $ds_in = "INOCTETS";
    $ds_out = "OUTOCTETS";
    $from = isset($vars['from']) && $vars['from'] ? $vars['from'] : time() - 60 * 60 * 24;
    $to = isset($vars['to']) && $vars['to'] ? $vars['to'] : time();
    if ($from < 0) {
        $from = $to + $from;
    }
    $period = $to - $from;
    $prev_from = $from - $period;
    $rrd_options = "";
    $auth = "1";
    $graphfile = $config['temp_dir'] . "/" . strgen() . ".png";
    include $config['install_dir'] . "/includes/rewrites.inc.php";
    include $config['install_dir'] . "/includes/rrdtool.inc.php";
    include $config['install_dir'] . "/includes/entities.inc.php";
    include $config['html_dir'] . "/includes/functions.inc.php";
    include $config['install_dir'] . "/html/includes/graphs/port/auth.inc.php";
    include $config['install_dir'] . "/html/includes/graphs/port/bits.inc.php";
    include $config['install_dir'] . "/html/includes/graphs/generic_data.inc.php";
    ob_get_clean();
    ob_start();
    $rrd_options = str_ireplace('--alt-autoscale', '', $rrd_options);
    $tmp_arr = explode(" ", trim($rrd_options));
    $tmp = array_pop($tmp_arr);
    if (substr_count($rrd_options, $tmp) > 1) {
        //possible repetition.
        $rrd_options = substr($rrd_options, 0, strpos($rrd_options, $tmp) + strlen($tmp));
    }
    $xml = rrdtool_graph_xport($rrd_options);
    $ret = ob_get_clean();
    if (stripos($ret, '</xport>') == false) {
        return false;
    }
    $ret = substr($ret, stripos($ret, '<xport>'));
    $ret = substr($ret, 0, stripos($ret, '</xport>')) . '</xport>';
    $xml = json_decode(json_encode((array) simplexml_load_string($ret)), 1);
    return $xml;
}
Example #3
0
function print_form_box($data, $return = FALSE)
{
    $form_id = isset($data['id']) ? $data['id'] : 'form-' . strgen();
    $form_class = 'form form-horizontal';
    if (isset($data['style'])) {
        $form_style = ' style="' . $data['style'] . '"';
    } else {
        $form_style = ' style="margin-bottom:0;"';
    }
    $base_class = array_key_exists('class', $data) ? $data['class'] : 'box';
    $base_space = $data['space'] ? $data['space'] : '15px';
    $used_vars = array();
    // Cache permissions to session var
    permissions_cache_session();
    //r($_SESSION['cache']);
    if ($data['submit_by_key']) {
        $action = '';
        if ($data['url']) {
            $action .= 'this.form.prop(\'action\', form_to_path(\'' . $form_id . '\'));';
        }
        register_html_resource('script', '$(function(){$(\'form#' . $form_id . '\').each(function(){$(this).find(\'input\').keypress(function(e){if(e.which==10||e.which==13){' . $action . 'this.form.submit();}});});});');
    }
    $header = '';
    if (isset($data['title'])) {
        $header .= '  <h2>' . $data['title'] . '</h2>' . PHP_EOL;
    }
    // Form elements
    $div_begin = '<div class="row">' . PHP_EOL;
    $div_end = '</div>' . PHP_EOL;
    if ($data['type'] == 'horizontal') {
        $row_style = '';
        $fieldset = array();
        foreach ($data['row'] as $k => $row) {
            $row_group = $k;
            $row_elements = '';
            $row_label = '';
            $row_control_group = FALSE;
            $i = 0;
            foreach ($row as $id => $element) {
                $used_vars[] = $id;
                $element['id'] = $id;
                if ($element['fieldset']) {
                    $row_group = $element['fieldset'];
                    // Add this element to group
                }
                // Additional element options for horizontal specific form
                switch ($element['type']) {
                    case 'hidden':
                        $div_class = '';
                        $div_style = '';
                        break;
                    case 'submit':
                        $div_class = 'form-actions';
                        $div_style = ' style="margin: 0px;"';
                        break;
                    case 'text':
                    case 'input':
                    case 'password':
                    case 'textarea':
                    default:
                        $row_control_group = TRUE;
                        // In horizontal, name always placed at left
                        if (!isset($element['placeholder'])) {
                            $element['placeholder'] = TRUE;
                        }
                        if ($i < 1) {
                            // Add laber for first element in row
                            $row_label = '    <label class="control-label" for="' . $element['id'] . '">' . $element['name'] . '</label>' . PHP_EOL;
                            $row_control_id = $element['id'] . '_div';
                        }
                        $div_class = 'controls';
                        $div_style = '';
                        break;
                }
                if (!isset($element['div_class'])) {
                    $element['div_class'] = $div_class;
                }
                //if ($element['right'])
                //{
                //  $element['div_class'] .= ' pull-right';
                //}
                if ($id == 'search' && $data['url']) {
                    // Add form_id here, for generate onclick action in submit button
                    $element['form_id'] = $form_id;
                }
                $row_elements .= generate_form_element($element);
                $i++;
            }
            if ($element['div_class']) {
                // no additional divs if empty div class (hidden element for example)
                $row_elements = $row_label . PHP_EOL . '    <div class="' . $element['div_class'] . '"' . $div_style . '>' . PHP_EOL . $row_elements . '    </div>' . PHP_EOL;
            } else {
                $row_label = str_replace(' class="control-label"', '', $row_label);
                $row_elements = $row_label . PHP_EOL . $row_elements;
            }
            if ($row_control_group) {
                $fieldset[$row_group] .= '  <div id="' . $row_control_id . '" class="control-group"> <!-- START row-' . $k . ' -->' . PHP_EOL;
                $fieldset[$row_group] .= $row_elements;
                $fieldset[$row_group] .= '  </div> <!-- END row-' . $k . ' -->' . PHP_EOL;
            } else {
                // Do not add control group for submit/hidden
                $fieldset[$row_group] .= $row_elements;
            }
            //$row_style = 'style="margin-top: '.$base_space.';"'; // Add space between rows
        }
        $divs = array();
        $fieldset_tooltip = '';
        foreach ($data['fieldset'] as $group => $entry) {
            if (isset($fieldset[$group])) {
                if (!is_array($entry)) {
                    $entry = array('title' => $entry);
                }
                // Custom style
                if (!isset($entry['style'])) {
                    $entry['style'] = 'padding-bottom: 0px !important;';
                    // Remove last additional padding space
                }
                // Combinate fieldsets into common rows
                if ($entry['div']) {
                    $divs[$entry['div']][] = $group;
                } else {
                    $divs['row'][] = $group;
                }
                $box_args = array('header-border' => TRUE, 'padding' => TRUE, 'id' => $group);
                if (isset($entry['style'])) {
                    $box_args['body-style'] = $entry['style'];
                }
                if (isset($entry['title'])) {
                    $box_args['title'] = $entry['title'];
                    if ($entry['icon']) {
                        // $box_args['icon'] => $entry['icon'];
                    }
                }
                if (isset($entry['tooltip'])) {
                    $box_args['header-controls'] = array('controls' => array('tooltip' => array('icon' => 'icon-info text-primary', 'anchor' => TRUE, 'class' => 'tooltip-from-element', 'data' => 'data-tooltip-id="tooltip-' . $group . '"')));
                    $fieldset_tooltip .= '<div id="tooltip-' . $group . '" style="display: none;">' . PHP_EOL;
                    $fieldset_tooltip .= $entry['tooltip'] . '</div>' . PHP_EOL;
                }
                if (isset($entry['tooltip'])) {
                    $box_args['style'] = $entry['style'];
                }
                $fieldset_begin = generate_box_open($box_args);
                $fieldset_end = generate_box_close();
                // Additional div class if set
                if (isset($entry['class'])) {
                    $fieldset_begin = '<div class="' . $entry['class'] . '">' . PHP_EOL . $fieldset_begin;
                    $fieldset_end .= '</div>' . PHP_EOL;
                }
                $row_elements = $fieldset_begin . '
          <fieldset> <!-- START fieldset-' . $group . ' -->';
                $row_elements .= PHP_EOL . $fieldset[$group] . '
          </fieldset> <!-- END fieldset-' . $group . ' -->' . PHP_EOL;
                $fieldset[$group] = $row_elements . $fieldset_end;
            }
        }
        // Combinate fieldsets into common rows
        foreach ($divs as $entry) {
            $row_elements = $div_begin;
            foreach ($entry as $i => $group) {
                $row_elements .= $fieldset[$group];
                if ($i > 0) {
                    // unset all fieldsets except first one for replace later
                    unset($fieldset[$group]);
                }
            }
            $row_elements .= $div_end;
            // now replace first fieldset in group
            $fieldset[array_shift($entry)] = $row_elements;
        }
        // Final combining elements
        $string_elements = implode('', $fieldset);
    }
    // Remove old vars from url
    if ($data['url']) {
        foreach ($used_vars as $var) {
            $data['url'] = preg_replace('/' . $var . '=[^\\/]+\\/?/', '', $data['url']);
        }
    }
    // Form header
    $string = PHP_EOL . "<!-- START {$form_id} -->" . PHP_EOL;
    $string .= $header;
    $string .= '<form method="POST" id="' . $form_id . '" name="' . $form_id . '" action="' . $data['url'] . '" class="' . $form_class . '"' . $form_style . '>' . PHP_EOL;
    // Form elements
    $string .= $string_elements;
    // Form footer
    $string .= '</form>' . PHP_EOL;
    $string .= $fieldset_tooltip;
    $string .= "<!-- END {$form_id} -->" . PHP_EOL;
    if ($return) {
        // Save generation time for profiling
        $GLOBALS['form_time'] += utime() - $form_start;
        // Return form as string
        return $string;
    } else {
        // Print form
        echo $string;
        // Save generation time for profiling (after echo)
        $GLOBALS['form_time'] += utime() - $form_start;
    }
}
Example #4
0
     #    $maptool = $config['unflatten'] . ' -f -l 5 | ' . $config['sfdp'] . ' -Gpack -Goverlap=prism -Gcharset=latin1 | dot';
     #    $maptool = $config['sfdp'] . ' -Gpack -Goverlap=prism -Gcharset=latin1 -Gsize=20,20';
     $maptool = $config['dot'];
 }
 switch ($vars['format']) {
     case 'svg':
         header("Content-type: image/svg+xml");
         break;
     case 'png':
     default:
         $vars['format'] = 'png:gd';
         header("Content-type: image/png");
         break;
 }
 $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"));
 $mapfile = $config['temp_dir'] . "/" . strgen() . ".png";
 $process = proc_open($maptool . ' -T' . $vars['format'], $descriptorspec, $pipes);
 if (is_resource($process)) {
     fwrite($pipes[0], $map);
     fclose($pipes[0]);
     while (!feof($pipes[1])) {
         $img .= fgets($pipes[1]);
     }
     fclose($pipes[1]);
     $return_value = proc_close($process);
 }
 switch ($vars['format']) {
     case 'svg':
         $img = str_replace("<a ", '<a target="_parent" ', $img);
         break;
     case 'dot':
Example #5
0
function print_form($data)
{
    $form_id = 'form-' . strgen();
    $form_class = $data['type'] == 'rows' ? 'form-inline' : 'form';
    $base_class = $data['class'] ? $data['class'] : 'well';
    $base_space = '5px';
    $used_vars = array();
    // Form elements
    if ($data['type'] == 'rows') {
        $row_style = '';
        $string_elements = '';
        foreach ($data['row'] as $k => $row) {
            $string_elements .= '  <div class="row" ' . $row_style . '> <!-- START row-' . $k . ' -->' . PHP_EOL;
            foreach ($row as $id => $element) {
                $used_vars[] = $id;
                $element['id'] = $id;
                $element['class'] = 'col-lg-2';
                if ($element['right']) {
                    $element['class'] .= ' pull-right';
                }
                if ($id == 'search' && $data['url']) {
                    // Add form_id here, for generate onclick action in submit button
                    $element['form_id'] = $form_id;
                }
                $string_elements .= '    <div class="' . $element['class'] . '">' . PHP_EOL;
                $string_elements .= get_form_element($element);
                $string_elements .= '    </div>' . PHP_EOL;
            }
            $string_elements .= '  </div> <!-- END row-' . $k . ' -->' . PHP_EOL;
            $row_style = 'style="margin-top: ' . $base_space . ';"';
            // Add space between rows
        }
    }
    // Remove old vars from url
    if ($data['url']) {
        foreach ($used_vars as $var) {
            $data['url'] = preg_replace('/' . $var . '=[^\\/]+\\/?/', '', $data['url']);
        }
    }
    // Form header
    $string = PHP_EOL . "<!-- START {$form_id} -->" . PHP_EOL;
    $string .= '<div class="' . $base_class . '" style="padding: ' . $base_space . ';">' . PHP_EOL;
    $string .= '<form method="POST" id="' . $form_id . '" action="' . $data['url'] . '" class="' . $form_class . '" style="margin-bottom:0;">' . PHP_EOL;
    if ($data['brand']) {
        $string .= '  <a class="brand">' . $data['brand'] . '</a>' . PHP_EOL;
    }
    // Form elements
    $string .= $string_elements;
    // Form footer
    $string .= '</form>' . PHP_EOL;
    $string .= '</div>' . PHP_EOL;
    $string .= "<!-- END {$form_id} -->" . PHP_EOL;
    // Print form
    echo $string;
}
Example #6
0
    }
}
// FIXME -- remove these
$width = $vars['width'];
$height = $vars['height'];
$title = $vars['title'];
$vertical = $vars['vertical'];
$legend = $vars['legend'];
$from = isset($vars['from']) ? $vars['from'] : time() - 60 * 60 * 24;
$to = isset($vars['to']) ? $vars['to'] : time();
if ($from < 0) {
    $from = $to + $from;
}
$period = $to - $from;
$prev_from = $from - $period;
$graphfile = $config['temp_dir'] . '/' . strgen() . '.png';
$type = $graphtype['type'];
$subtype = $graphtype['subtype'];
if ($auth !== true && $auth != 1) {
    $auth = is_client_authorized($_SERVER['REMOTE_ADDR']);
}
require $config['install_dir'] . "/html/includes/graphs/{$type}/auth.inc.php";
if ($auth === true && is_custom_graph($type, $subtype, $device)) {
    include $config['install_dir'] . "/html/includes/graphs/custom.inc.php";
} else {
    if ($auth === true && is_mib_graph($type, $subtype)) {
        include $config['install_dir'] . "/html/includes/graphs/{$type}/mib.inc.php";
    } elseif ($auth === true && is_file($config['install_dir'] . "/html/includes/graphs/{$type}/{$subtype}.inc.php")) {
        include $config['install_dir'] . "/html/includes/graphs/{$type}/{$subtype}.inc.php";
    } else {
        graph_error("{$type}*{$subtype} ");
Example #7
0
 $_SESSION['user_id'] = get_userid($_SESSION['username']);
 if (!$_SESSION['authenticated']) {
     if ($config['twofactor'] === true && !isset($_SESSION['twofactor'])) {
         include_once $config['install_dir'] . '/html/includes/authentication/twofactor.lib.php';
         twofactor_auth();
     }
     if (!$config['twofactor'] || $_SESSION['twofactor']) {
         $_SESSION['authenticated'] = true;
         dbInsert(array('user' => $_SESSION['username'], 'address' => get_client_ip(), 'result' => 'Logged In'), 'authlog');
     }
 }
 if (isset($_POST['remember'])) {
     $sess_id = session_id();
     $hasher = new PasswordHash(8, false);
     $token = strgen();
     $auth = strgen();
     $hasher = new PasswordHash(8, false);
     $token_id = $_SESSION['username'] . '|' . $hasher->HashPassword($_SESSION['username'] . $token);
     // If we have been asked to remember the user then set the relevant cookies and create a session in the DB.
     setcookie('sess_id', $sess_id, time() + 60 * 60 * 24 * $config['auth_remember'], '/', null, false, true);
     setcookie('token', $token_id, time() + 60 * 60 * 24 * $config['auth_remember'], '/', null, false, true);
     setcookie('auth', $auth, time() + 60 * 60 * 24 * $config['auth_remember'], '/', null, false, true);
     dbInsert(array('session_username' => $_SESSION['username'], 'session_value' => $sess_id, 'session_token' => $token, 'session_auth' => $auth, 'session_expiry' => time() + 60 * 60 * 24 * $config['auth_remember']), 'session');
 }
 if (isset($_COOKIE['sess_id'], $_COOKIE['token'], $_COOKIE['auth'])) {
     // If we have the remember me cookies set then update session expiry times to keep us logged in.
     $sess_id = session_id();
     dbUpdate(array('session_value' => $sess_id, 'session_expiry' => time() + 60 * 60 * 24 * $config['auth_remember']), 'session', 'session_auth=?', array($_COOKIE['auth']));
     setcookie('sess_id', $sess_id, time() + 60 * 60 * 24 * $config['auth_remember'], '/', null, false, true);
     setcookie('token', $_COOKIE['token'], time() + 60 * 60 * 24 * $config['auth_remember'], '/', null, false, true);
     setcookie('auth', $_COOKIE['auth'], time() + 60 * 60 * 24 * $config['auth_remember'], '/', null, false, true);
function print_navbar($navbar)
{
    global $config;
    $id = strgen();
    ?>

  <div class="navbar <?php 
    echo $navbar['class'];
    ?>
" style="<?php 
    echo $navbar['style'];
    ?>
">
    <div class="navbar-inner">
      <div class="container">
        <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target="#nav-<?php 
    echo $id;
    ?>
">
          <span class="oicon-bar"></span>
        </button>

  <?php 
    if (isset($navbar['brand'])) {
        echo ' <a class="brand">' . $navbar['brand'] . '</a>';
    }
    echo '<div class="nav-collapse" id="nav-' . $id . '">';
    //rewrite navbar (for class pull-right)
    $newbar = array();
    foreach (array('options', 'options_right') as $array_name) {
        foreach ($navbar[$array_name] as $option => $array) {
            if (strstr($array['class'], 'pull-right') || $array_name == 'options_right' || $array['right'] == TRUE) {
                $array['class'] = str_replace('pull-right', '', $array['class']);
                $newbar['options_right'][$option] = $array;
            } else {
                $newbar['options'][$option] = $array;
            }
        }
    }
    foreach (array('options', 'options_right') as $array_name) {
        if ($array_name == 'options_right') {
            if (!$newbar[$array_name]) {
                break;
            }
            echo '<ul class="nav pull-right">';
        } else {
            echo '<ul class="nav">';
        }
        foreach ($newbar[$array_name] as $option => $array) {
            if (!is_array($array['suboptions'])) {
                echo '<li class="' . $array['class'] . '">';
                if (isset($array['alt'])) {
                    echo '<a href="' . $array['url'] . '" data-rel="tooltip" data-tooltip="' . $array['alt'] . '"';
                } else {
                    echo '<a href="' . $array['url'] . '"';
                }
                if (isset($array['id'])) {
                    echo ' id="' . $array['id'] . '"';
                }
                echo '>';
                if (isset($array['icon'])) {
                    echo '<i class="' . $array['icon'] . '"></i> ';
                    $array['text'] = '<span>' . $array['text'] . '</span>';
                    // Added span for allow hide by class 'icon'
                }
                echo $array['text'] . '</a>';
                echo '</li>';
            } else {
                echo '  <li class="dropdown ' . $array['class'] . '">';
                echo '    <a class="dropdown-toggle" data-toggle="dropdown" href="' . $array['url'] . '">';
                if (isset($array['icon'])) {
                    echo '<i class="' . $array['icon'] . '"></i> ';
                }
                echo $array['text'] . '
            <strong class="caret"></strong>
          </a>
        <ul class="dropdown-menu">';
                foreach ($array['suboptions'] as $suboption => $subarray) {
                    echo '<li class="' . $subarray['class'] . '">';
                    if (isset($subarray['alt'])) {
                        echo '<a href="' . $subarray['url'] . '" data-rel="tooltip" data-tooltip="' . $subarray['alt'] . '">';
                    } else {
                        echo '<a href="' . $subarray['url'] . '">';
                    }
                    if (isset($subarray['icon'])) {
                        echo '<i class="' . $subarray['icon'] . '"></i> ';
                        $subarray['text'] = '<span>' . $subarray['text'] . '</span>';
                        // Added span for allow hide by class 'icon'
                    }
                    echo $subarray['text'] . '</a>';
                    echo '</li>';
                }
                echo '    </ul>
      </li>';
            }
        }
        echo '</ul>';
    }
    ?>
        </div>
      </div>
    </div>
  </div>

 <?php 
}
Example #9
0
unset($prefs);
if (is_numeric($_SESSION['user_id'])) {
    $user_id = $_SESSION['user_id'];
    $prefs = get_user_prefs($user_id);
    // Reset RSS/Atom key
    if ($vars['atom_key'] == "toggle") {
        if (set_user_pref($user_id, 'atom_key', md5(strgen()))) {
            print_success('RSS/Atom key updated.');
            $prefs = get_user_prefs($user_id);
        } else {
            print_error('Error generating RSS/Atom key.');
        }
    }
    // Reset API key
    if ($vars['api_key'] == "toggle") {
        if (set_user_pref($user_id, 'api_key', md5(strgen()))) {
            print_success('API key updated.');
            $prefs = get_user_prefs($user_id);
        } else {
            print_error('Error generating API key.');
        }
    }
}
$atom_key_updated = isset($prefs['atom_key']['updated']) ? formatUptime(time() - strtotime($prefs['atom_key']['updated']), 'shorter') . ' ago' : 'Never';
$api_key_updated = isset($prefs['api_key']['updated']) ? formatUptime(time() - strtotime($prefs['api_key']['updated']), 'shorter') . ' ago' : 'Never';
$filename = $config['html_dir'] . '/pages/preferences/' . $vars['section'] . '.inc.php';
if (is_file($filename)) {
    $vars = get_vars('POST');
    // Note, on edit pages use only method POST!
    include $filename;
} else {
Example #10
0
                // DO NOT ALLOW show debug output for users with privilege level less than "global secure read"
                define('OBS_DEBUG', 0);
                ini_set('display_errors', 0);
                ini_set('display_startup_errors', 0);
                ini_set('log_errors', 1);
                //ini_set('error_reporting', 0); // Default
            } else {
                define('OBS_DEBUG', 1);
            }
        }
        $permissions = permissions_cache($_SESSION['user_id']);
        // Add feeds & api keys after first auth
        if ($mcrypt_exists && !get_user_pref($_SESSION['user_id'], 'atom_key')) {
            // Generate unique token
            do {
                $atom_key = md5(strgen());
            } while (dbFetchCell("SELECT COUNT(*) FROM `users_prefs` WHERE `pref` = ? AND `value` = ?;", array('atom_key', $atom_key)) > 0);
            set_user_pref($_SESSION['user_id'], 'atom_key', $atom_key);
        }
    }
    if ($auth_success) {
        // If just logged in go to request uri, unless we're debugging, in which case we want to see authentication module output first.
        if (!OBS_DEBUG) {
            header("Location: " . $_SERVER['REQUEST_URI']);
        } else {
            print_message("Debugging mode has disabled redirect to front page; please click <a href=\"" . $_SERVER['REQUEST_URI'] . "\">here</a> to continue.");
        }
        exit;
    }
}
///r($_SESSION);
         dbInsert(array('user_encpass' => $encpass, 'expire' => $lifetime, 'username' => $_SESSION['username'], 'user_uniq' => $user_unique_id, 'user_ckey' => $ckey), 'users_ckeys');
         setcookie("ckey", $ckey, $lifetime, $cookie_path, $cookie_domain, $cookie_https, $cookie_httponly);
         setcookie("dkey", $dkey, $lifetime, $cookie_path, $cookie_domain, $cookie_https, $cookie_httponly);
         unset($_SESSION['user_ckey_id']);
     }
 }
 // Retrieve user ID and permissions
 if ($_SESSION['authenticated']) {
     if (!is_numeric($_SESSION['userlevel']) || !is_numeric($_SESSION['user_id'])) {
         $_SESSION['userlevel'] = auth_user_level($_SESSION['username']);
         $_SESSION['user_id'] = auth_user_id($_SESSION['username']);
     }
     $permissions = permissions_cache($_SESSION['user_id']);
     // Add feeds & api keys after first auth
     if ($mcrypt_exists && !get_user_pref($_SESSION['user_id'], 'atom_key')) {
         set_user_pref($_SESSION['user_id'], 'atom_key', md5(strgen()));
     }
 } else {
     if (isset($_SESSION['username'])) {
         $auth_message = "认证失败";
         //dbInsert(array('user' => $_SESSION['username'], 'address' => $_SERVER["REMOTE_ADDR"], 'result' => 'Authentication Failure'), 'authlog');
         session_logout(function_exists('auth_require_login'));
     }
 }
 if ($config['auth_mechanism'] != 'ldap') {
     // Duh.. for LDAP still need store password :(
     unset($_SESSION['password']);
     // Remove password so that it's not saved in $_SESSION in plaintext on the disk.
 }
 if ($auth_success) {
     // If just logged in go to request uri
Example #12
0
/**
 * Generate Bootstrap-format navigation bar
 *
 *   A little messy, but it works and lets us move to having no navbar markup on pages :)
 *   Examples:
 *   print_navbar(array('brand' => "Apps", 'class' => "navbar-narrow", 'options' => array('mysql' => array('text' => "MySQL", 'url' => generate_url($vars, 'app' => "mysql")))))
 *
 * @param array $vars
 * @return none
 *
 */
function print_navbar($navbar)
{
    global $config;
    if (OBSERVIUM_EDITION == 'community' && isset($navbar['community']) && $navbar['community'] === FALSE) {
        // Skip nonexistant features on community edition
        return;
    }
    $id = strgen();
    // Detect allowed screen ratio for current browser, cached!
    $ua_info = detect_browser();
    ?>

  <div class="navbar <?php 
    echo $navbar['class'];
    ?>
" style="<?php 
    echo $navbar['style'];
    ?>
">
    <div class="navbar-inner">
      <div class="container">
        <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target="#nav-<?php 
    echo $id;
    ?>
">
          <span class="oicon-bar"></span>
        </button>

  <?php 
    if (isset($navbar['brand'])) {
        echo ' <a class="brand">' . $navbar['brand'] . '</a>';
    }
    echo '<div class="nav-collapse" id="nav-' . $id . '">';
    //rewrite navbar (for class pull-right)
    $newbar = array();
    foreach (array('options', 'options_right') as $array_name) {
        if (isset($navbar[$array_name])) {
            foreach ($navbar[$array_name] as $option => $array) {
                if (isset($array['userlevel']) && isset($_SESSION['userlevel']) && $_SESSION['userlevel'] < $array['userlevel']) {
                    // skip not permitted menu items
                    continue;
                }
                if (OBSERVIUM_EDITION == 'community' && isset($array['community']) && $array['community'] === FALSE) {
                    // Skip not exist features on community
                    continue;
                }
                if (strstr($array['class'], 'pull-right') || $array_name == 'options_right' || $array['right'] == TRUE) {
                    $array['class'] = str_replace('pull-right', '', $array['class']);
                    $newbar['options_right'][$option] = $array;
                } else {
                    $newbar['options'][$option] = $array;
                }
            }
        }
    }
    foreach (array('options', 'options_right') as $array_name) {
        if ($array_name == 'options_right') {
            if (!$newbar[$array_name]) {
                break;
            }
            echo '<ul class="nav pull-right">';
        } else {
            echo '<ul class="nav">';
        }
        foreach ($newbar[$array_name] as $option => $array) {
            // if($array['divider']) { echo '<li class="divider"></li>'; break;}
            if (!is_array($array['suboptions'])) {
                echo '<li class="' . $array['class'] . '">';
                $link_opts = '';
                if (isset($array['link_opts'])) {
                    $link_opts .= ' ' . $array['link_opts'];
                }
                if (isset($array['alt'])) {
                    $link_opts .= ' data-rel="tooltip" data-tooltip="' . $array['alt'] . '"';
                }
                if (isset($array['id'])) {
                    $link_opts .= ' id="' . $array['id'] . '"';
                }
                if (empty($array['url']) || $array['url'] == '#') {
                    $array['url'] = 'javascript:void(0)';
                }
                echo '<a href="' . $array['url'] . '" ' . $link_opts . '>';
                if (isset($array['icon'])) {
                    echo '<i class="' . $array['icon'] . '"></i>&nbsp;';
                    $array['text'] = '<span>' . $array['text'] . '</span>';
                    // Added span for allow hide by class 'icon'
                }
                if (isset($array['image'])) {
                    if (isset($array['image_2x']) && $ua_info['screen_ratio'] > 1) {
                        // Add hidpi image set
                        $srcset = ' srcset="' . $array['image_2x'] . ' 2x"';
                    } else {
                        $srcset = '';
                    }
                    echo '<img src="' . $array['image'] . '"' . $srcset . ' alt="" /> ';
                }
                echo $array['text'] . '</a>';
                echo '</li>';
            } else {
                echo '  <li class="dropdown ' . $array['class'] . '">';
                $link_opts = '';
                if (isset($array['link_opts'])) {
                    $link_opts .= ' ' . $array['link_opts'];
                }
                if (isset($array['alt'])) {
                    $link_opts .= ' data-rel="tooltip" data-tooltip="' . $array['alt'] . '"';
                }
                if (isset($array['id'])) {
                    $link_opts .= ' id="' . $array['id'] . '"';
                }
                if (empty($array['url']) || $array['url'] == '#') {
                    $array['url'] = 'javascript:void(0)';
                }
                echo '    <a class="dropdown-toggle" data-hover="dropdown" data-toggle="dropdown" href="' . $array['url'] . '" ' . $link_opts . '>';
                if (isset($array['icon'])) {
                    echo '<i class="' . $array['icon'] . '"></i> ';
                }
                echo $array['text'] . '
            <strong class="caret"></strong>
          </a>
        <ul class="dropdown-menu">';
                foreach ($array['suboptions'] as $suboption => $subarray) {
                    if (isset($subarray['divider']) && $subarray['divider']) {
                        echo '<li class="divider"></li>';
                    } else {
                        echo '<li class="' . $subarray['class'] . '">';
                        $link_opts = '';
                        if (isset($subarray['link_opts'])) {
                            $link_opts .= ' ' . $subarray['link_opts'];
                        }
                        if (isset($subarray['alt'])) {
                            $link_opts .= ' data-rel="tooltip" data-tooltip="' . $subarray['alt'] . '"';
                        }
                        if (isset($subarray['id'])) {
                            $link_opts .= ' id="' . $subarray['id'] . '"';
                        }
                        if (empty($subarray['url']) || $subarray['url'] == '#') {
                            $subarray['url'] = 'javascript:void(0)';
                        }
                        echo '<a href="' . $subarray['url'] . '" ' . $link_opts . '>';
                        if (isset($subarray['icon'])) {
                            echo '<i class="' . $subarray['icon'] . '"></i>&nbsp;';
                            $subarray['text'] = '<span>' . $subarray['text'] . '</span>';
                            // Added span for allow hide by class 'icon'
                        }
                        echo $subarray['text'] . '</a>';
                        echo '</li>';
                    }
                }
                echo '    </ul>
      </li>';
            }
        }
        echo '</ul>';
    }
    ?>
        </div>
      </div>
    </div>
  </div>

 <?php 
}
Example #13
0
                    }
                    if (!is_array($vars['entity_id'])) {
                        $vars['entity_id'] = array($vars['entity_id']);
                    }
                    foreach ($vars['entity_id'] as $entry) {
                        if (get_entity_by_id_cache($vars['entity_type'], $entry)) {
                            if (!dbFetchCell("SELECT COUNT(*) FROM `entity_permissions` WHERE `user_id` = ? AND `entity_type` = ? AND `entity_id` = ?", array($vars['user_id'], $vars['entity_type'], $entry))) {
                                dbInsert(array('entity_id' => $entry, 'entity_type' => $vars['entity_type'], 'user_id' => $vars['user_id']), 'entity_permissions');
                            }
                        }
                    }
                }
            }
        }
        // Generate new auth secret
        $_SESSION['auth_secret'] = md5(strgen());
        ?>
  <div class="row"> <!-- main row begin -->

    <div class="col-md-7"> <!-- left column begin -->
    <div class="row"> <!-- left up row begin -->

      <div class="col-md-<?php 
        echo auth_usermanagement() ? '6' : '12';
        ?>
"> <!-- userinfo begin -->

      <div class="box box-solid">
        <div class="box-header">
          <h3 class="box-title">User Information</h3>
        </div>
/**
 * Generate Bootstrap-format Navbar
 *
 *   A little messy, but it works and lets us move to having no navbar markup on pages :)
 *   Examples:
 *   print_navbar(array('brand' => "Apps", 'class' => "navbar-narrow", 'options' => array('mysql' => array('text' => "MySQL", 'url' => generate_url($vars, 'app' => "mysql")))))
 *
 * @param array $vars
 * @return none
 *
 */
function print_navbar($navbar)
{
    global $config;
    $id = strgen();
    ?>

  <div class="navbar <?php 
    echo $navbar['class'];
    ?>
">
    <div class="navbar-inner">
      <div class="container">
        <button type="button" class="btn btn-navbar" data-toggle="collapse" data-target="#nav-<?php 
    echo $id;
    ?>
">
          <span class="oicon-bar"></span>
        </button>

  <?php 
    if (isset($navbar['brand'])) {
        echo ' <a class="brand">' . $navbar['brand'] . '</a>';
    }
    echo '<div class="nav-collapse" id="nav-' . $id . '">';
    foreach (array('options', 'options_right') as $array_name) {
        if ($array_name == "options_right") {
            if (!$navbar[$array_name]) {
                break;
            }
            echo '<ul class="nav pull-right">';
        } else {
            echo '<ul class="nav">';
        }
        foreach ($navbar[$array_name] as $option => $array) {
            if ($array[''] == "pull-right") {
                $navbar['options_right'][$option] = $array;
            } else {
                if (!is_array($array['suboptions'])) {
                    echo '<li class="' . $array['class'] . '">';
                    echo '<a href="' . $array['url'] . '">';
                    if (isset($array['icon'])) {
                        echo '<i class="' . $array['icon'] . '"></i> ';
                    }
                    echo $array['text'] . '</a>';
                    echo '</li>';
                } else {
                    echo '  <li class="dropdown">';
                    echo '    <a class="dropdown-toggle" data-toggle="dropdown"  href="' . $array['url'] . '">';
                    if (isset($array['icon'])) {
                        echo '<i class="' . $array['icon'] . '"></i> ';
                    }
                    echo $array['text'] . '
            <b class="caret"></b>
          </a>
        <ul class="dropdown-menu">';
                    foreach ($array['suboptions'] as $suboption => $subarray) {
                        echo '<li class="' . $subarray['class'] . '">';
                        echo '<a href="' . $subarray['url'] . '">';
                        if (isset($subarray['icon'])) {
                            echo '<i class="' . $subarray['icon'] . '"></i> ';
                        }
                        echo $subarray['text'] . '</a>';
                        echo '</li>';
                    }
                    echo '    </ul>
      </li>';
                }
            }
        }
        echo '</ul>';
    }
    ?>
        </div>
      </div>
    </div>
  </div>

 <?php 
}
     dbUpdate("UPDATE `users_ckeys` SET `expire` = ? WHERE `users_ckey_id` = ?", array(time() + $lifetime, $_SESSION['user_ckey_id']));
     //dbInsert(array('user' => $_SESSION['username'], 'address' => $_SERVER["REMOTE_ADDR"], 'result' => 'Logged in with COOKIE'), 'authlog');
     unset($_SESSION['user_ckey_id']);
 }
 // Auth from login/password
 if (!$_SESSION['authenticated'] && (authenticate($_SESSION['username'], $_SESSION['password']) || auth_usermanagement() && auth_user_level($_SESSION['origusername']) >= 10)) {
     $_SESSION['authenticated'] = TRUE;
     dbInsert(array('user' => $_SESSION['username'], 'address' => $_SERVER["REMOTE_ADDR"], 'result' => '登录'), 'authlog');
     // Add feeds & api keys after first auth
     if ($mcrypt_exists && !get_user_pref($_SESSION['user_id'], 'atom_key')) {
         set_user_pref($_SESSION['user_id'], 'atom_key', md5(strgen()));
     }
     // Generate keys for cookie auth
     if (isset($_POST['remember']) && $mcrypt_exists) {
         $ckey = md5(strgen());
         $dkey = md5(strgen());
         $encpass = encrypt($_SESSION['password'], $dkey);
         dbDelete('users_ckeys', "`username` = ? AND `expire` < ?", array($_SESSION['username'], time()));
         // Remove old ckeys from DB
         dbInsert(array('user_encpass' => $encpass, 'expire' => time() + $lifetime, 'username' => $_SESSION['username'], 'user_uniq' => $user_unique_id, 'user_ckey' => $ckey), 'users_ckeys');
         setcookie("ckey", $ckey, $lifetime, $cookie_path, $cookie_domain, $cookie_https, $cookie_httponly);
         setcookie("dkey", $dkey, $lifetime, $cookie_path, $cookie_domain, $cookie_https, $cookie_httponly);
         unset($_SESSION['user_ckey_id']);
     }
     header("Location: " . $_SERVER['REQUEST_URI']);
     /// exit(); Tom, not exit here!
 }
 if ($_SESSION['authenticated']) {
     if (!is_numeric($_SESSION['userlevel']) || !is_numeric($_SESSION['user_id'])) {
         $_SESSION['userlevel'] = auth_user_level($_SESSION['username']);
         $_SESSION['user_id'] = auth_user_id($_SESSION['username']);