print "\t<th class='hidden-xs'>" . _('Change') . "</th>"; print "</tr>"; # logs $pc = 0; //print count foreach ($clogs as $l) { # cast $l = (array) $l; if ($pc < 5) { # permissions if ($l['ctype'] == "subnet") { $permission = $Subnets->check_permission($User->user, $l['tid']); } elseif ($l['ctype'] == "ip_addr") { $permission = $Subnets->check_permission($User->user, $l['subnetId']); } elseif ($l['ctype'] == "section") { $permission = $Sections->check_permission($User->user, $l['sectionId']); } else { $permission = 0; } # if 0 ignore if ($permission > 0) { # format diff $changelog = str_replace("\r\n", "<br>", $l['cdiff']); $changelog = str_replace("\n", "<br>", $changelog); $changelog = array_filter(explode("<br>", $changelog)); $diff = array(); foreach ($changelog as $c) { // type switch ($l['ctype']) { case "ip_addr": $type = "address";
$User->check_user_session(); # create csrf token $csrf = $User->csrf_cookie("create", "folder"); # strip tags - XSS $_POST = $User->strip_input_tags($_POST); # validate action $Admin->validate_action($_POST['action'], true); # ID must be numeric if ($_POST['action'] != "add") { if (!is_numeric($_POST['subnetId'])) { $Result->show("danger", _("Invalid ID"), true, true); } } # verify that user has permissions to add subnet if ($_POST['action'] == "add") { if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) { $Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true, true); } } else { if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) { $Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true); } } # we are editing or deleting existing subnet, get old details if ($_POST['action'] != "add") { $folder_old_details = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']); } else { # for selecting master subnet if added from subnet details! if (strlen($_POST['subnetId']) > 0) { $subnet_old_temp = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']); $subnet_old_details['masterSubnetId'] = @$subnet_old_temp['id'];
$Sections = new Sections($Database); $Subnets = new Subnets($Database); $Result = new Result(); } # user must be authenticated $User->check_user_session(); # prepare list of permitted subnets with requests // get all sections $sections = $Sections->fetch_all_sections(); $subnets_count = 0; if ($sections !== false) { foreach ($sections as $section) { # cast $section = (array) $section; # check permission $permission = $Sections->check_permission($User->user, $section['id']); if ($permission > 0) { $subnets = $Subnets->fetch_section_subnets($section['id']); if ($subnets !== false) { foreach ($subnets as $subnet) { # check permission $subpermission = $Subnets->check_permission($User->user, $subnet->id); if ($subpermission > 0) { /* show only subnets that allow IP exporting */ if ($subnet->allowRequests == 1) { $subnets_count++; /* must not have any nested subnets! */ if (!$Subnets->has_slaves($subnet->id)) { $html[] = '<option value="' . $subnet->id . '">' . $Subnets->transform_to_dotted($subnet->subnet) . '/' . $subnet->mask . ' [' . $subnet->description . ']</option>'; } }