PHP User::csrf_cookie Examples

Programming Language: PHP

Class/Type: User

Method/Function: csrf_cookie

Examples at hotexamples.com: 30

`csrf_cookie` is a token that is generated to prevent cross-site request forgery attacks. It is a security measure used to protect the authenticity of user requests. It is composed of a random string that changes with each page request.

Here is an example of how to generate and set a CSRF token using PHP:



In this example, we first start a session and generate a CSRF token if it does not exist. We then set the token as a cookie with a one-hour expiration time.

This code example uses PHP's built-in functions to generate a random byte string (random_bytes) that we can use to create a unique token (bin2hex). It is important to note that this code should be used in conjunction with server-side validation to ensure the authenticity of the request.

The package library used in this example mainly relies on PHP's built-in functions with session handling and setcookie.

PHP User::csrf_cookie - 30 examples found. These are the top rated real world PHP examples of User::csrf_cookie extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

addUser(30)

data(30)

dropdown(30)

create(30)

findFirst(30)

fetch(30)

getAll(30)

factory(30)

getCanonicalName(30)

__construct(30)

auth(30)

getAllGroups(30)

find_all(30)

authenticate(30)

authorise(30)

findById(30)

getErrors(30)

first(30)

getAllUsers(30)

findByUsername(30)

exists(30)

getEmail(30)

find_by_id(30)

errors(30)

deleteUser(30)

add(30)

find_by_username(30)

delete(30)

getAuthorisedViewLevels(30)

current(30)

findOrFail(30)

all(30)

getCurrentUser(30)

getDefaultOption(30)

get(30)

createUser(30)

getById(30)

findOne(30)

find(30)

format(30)

getByUsername(30)

checkPassword(30)

count(30)

destroy(30)

checkName(30)

csrf_cookie(30)

can(29)

encryptPassword(29)

checkEmail(29)

User Class Documentation

Example #1

Show file

File: split.php Project: routenull0/phpipam

/*
 * Print resize split
 *********************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database, false);
$Subnets = new Subnets($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "split");
# ID must be numeric
if (!is_numeric($_POST['subnetId'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# get subnet details
$subnet = $Subnets->fetch_subnet(null, $_POST['subnetId']);
# verify that user has write permissions for subnet
$subnetPerm = $Subnets->check_permission($User->user, $subnet->id);
if ($subnetPerm < 3) {
    $Result->show("danger", _('You do not have permissions to resize subnet') . '!', true, true);
}
# check if it has slaves - if yes it cannot be splitted!
if ($Subnets->has_slaves($subnet->id)) {
    $Result->show("danger", _('Only subnets that have no nested subnets can be splitted') . "!", true, true);
}

Example #2

Show file

File: edit-domain-result.php Project: routenull0/phpipam

 * Edit switch result
 ***************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# strip input tags
$_POST = $Admin->strip_input_tags($_POST);
# validate csrf cookie
$User->csrf_cookie("validate", "vlan_domain", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
# we cannot delete default domain
if (@$_POST['id'] == 1 && $_POST['action'] == "delete") {
    $Result->show("danger", _("Default domain cannot be deleted"), true);
}
// ID must be numeric
if ($_POST['action'] != "add" && !is_numeric($_POST['id'])) {
    $Result->show("danger", _("Invalid ID"), true);
}
// Hostname must be present
if (@$_POST['name'] == "") {
    $Result->show("danger", _('Name is mandatory') . '!', true);
}
// set sections
if (@$_POST['id'] != 1) {
    foreach ($_POST as $key => $line) {

Example #3

Show file

File: edit-folder.php Project: routenull0/phpipam

 * Print edit folder
 *********************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database, false);
$Sections = new Sections($Database);
$Subnets = new Subnets($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "folder");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# ID must be numeric
if ($_POST['action'] != "add") {
    if (!is_numeric($_POST['subnetId'])) {
        $Result->show("danger", _("Invalid ID"), true, true);
    }
}
# verify that user has permissions to add subnet
if ($_POST['action'] == "add") {
    if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) {
        $Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true, true);
    }

Example #4

Show file

File: edit.php Project: routenull0/phpipam

/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database, false);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# make sue user can edit
if ($User->is_admin(false) == false && $User->user->editVlan != "Yes") {
    $Result->show("danger", _("Not allowed to change VLANs"), true, true);
}
# create csrf token
$csrf = $User->csrf_cookie("create", "vlan");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# fetch vlan details
$vlan = $Admin->fetch_object("vlans", "vlanId", @$_POST['vlanId']);
$vlan = $vlan !== false ? (array) $vlan : array();
# fetch custom fields
$custom = $Tools->fetch_custom_fields('vlans');
# set readonly flag
$readonly = $_POST['action'] == "delete" ? "readonly" : "";
# set form name!
if (isset($_POST['fromSubnet'])) {
    $formId = "vlanManagementEditFromSubnet";
} else {

Example #5

Show file

File: edit.php Project: routenull0/phpipam

/**
 * Script to print add / edit / delete users
 *************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Subnets = new Subnets($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "user");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# fetch custom fields
$custom = $Tools->fetch_custom_fields('users');
# fetch all languages
$langs = $Admin->fetch_all_objects("lang", "l_id");
# fetch all auth types
$auth_types = $Admin->fetch_all_objects("usersAuthMethod", "id");
# fetch all groups
$groups = $Admin->fetch_all_objects("userGroups", "g_id");
# set header parameters and fetch user
if ($_POST['action'] != "add") {
    $user = $Admin->fetch_object("users", "id", $_POST['id']);

Example #6

Show file

File: resize.php Project: routenull0/phpipam

/*
 * Print resize subnet
 *********************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database, false);
$Subnets = new Subnets($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "resize");
# ID must be numeric
if (!is_numeric($_POST['subnetId'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# verify that user has write permissions for subnet
if ($Subnets->check_permission($User->user, $_POST['subnetId']) < 3) {
    $Result->show("danger", _('You do not have permissions to resize subnet') . '!', true, true);
}
# fetch subnet details
$subnet = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']);
?>

<!-- header -->
<div class="pHeader"><?php 
print _('Resize subnet');

Example #7

Show file

File: edit-group.php Project: korhaldragonir/phpipam

<?php

/**
 * Script to print add / edit / delete group
 *************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "group");
# fetch group and set title
if ($_POST['action'] == "add") {
    $title = _('Add new group');
} else {
    //fetch all group details
    $group = (array) $Admin->fetch_object("userGroups", "g_id", $_POST['id']);
    //false die
    $group !== false ?: $Result->show("danger", _("Invalid ID"), true, true);
    $title = ucwords($_POST['action']) . ' ' . _('group') . ' ' . $group['g_name'];
}
?>

<!-- header -->
<div class="pHeader"><?php 
print $title;

Example #8

Show file

File: edit.php Project: routenull0/phpipam

<?php

/**
 * Script to print add / edit / delete API
 *************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "apiedit");
# validate action
$Admin->validate_action($_POST['action'], true);
# ID must be numeric
if ($_POST['action'] != "add" && !is_numeric($_POST['appid'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# fetch api for edit / add
if ($_POST['action'] != "add") {
    # fetch api details
    $api = $Admin->fetch_object("api", "id", $_POST['appid']);
    # null ?
    $api === false ? $Result->show("danger", _("Invalid ID"), true) : null;
    # title
    $title = ucwords($_POST['action']) . ' ' . _('api') . ' ' . $api->app_id;
} else {

Example #9

Show file

File: record-edit.php Project: korhaldragonir/phpipam

/**
 *	Edit powerDNS record
 ************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database, false);
$Tools = new Tools($Database);
$Result = new Result();
$PowerDNS = new PowerDNS($Database);
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "record");
# save settings for powerDNS default
$pdns = $PowerDNS->db_settings;
# default post
$post = $_POST;
# get record
if ($_POST['action'] != "add") {
    $record = $PowerDNS->fetch_record($_POST['id']);
    $record !== false ?: $Result->show("danger", _("Invalid ID"), true, true);
} else {
    // from IP table
    // we provide record hostname and strip domain from it
    if (!is_numeric($_POST['domain_id']) && !is_numeric($_POST['id'])) {
        // fetch all domains
        $all_domains = $PowerDNS->fetch_all_domains();
        if ($all_domains !== false) {

Example #10

Show file

File: edit.php Project: routenull0/phpipam

/**
 *	Edit device details
 ************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "device");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# fetch custom fields
$custom = $Tools->fetch_custom_fields('devices');
# ID must be numeric
if ($_POST['action'] != "add" && !is_numeric($_POST['switchId'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# fetch device details
if ($_POST['action'] == "edit" || $_POST['action'] == "delete") {
    $device = (array) $Admin->fetch_object("devices", "id", $_POST['switchId']);
    // false
    if ($device === false) {

Example #11

Show file

File: edit.php Project: korhaldragonir/phpipam

<?php

/**
 *	Edit device details
 ************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "device_types");
# ID must be numeric
if ($_POST['action'] != "add" && !is_numeric($_POST['tid'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# set delete flag
$readonly = $_POST['action'] == "delete" ? "readonly" : "";
# fetch device type details
if ($_POST['action'] == "edit" || $_POST['action'] == "delete") {
    $device = $Admin->fetch_object("deviceTypes", "tid", $_POST['tid']);
    # fail if false
    $device === false ? $Result->show("danger", _("Invalid ID"), true) : null;
}
?>

Example #12

Show file

File: edit.php Project: routenull0/phpipam

<?php

/**
 * Script to print add / edit / delete scanAgent
 *************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "agent");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# ID must be numeric
if ($_POST['action'] != "add" && !is_numeric($_POST['id'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# fetch api for edit / add
if ($_POST['action'] != "add") {
    # fetch api details
    $agent = $Admin->fetch_object("scanAgents", "id", $_POST['id']);
    # null ?
    $agent === false ? $Result->show("danger", _("Invalid ID"), true) : null;
    # title

Example #13

Show file

File: edit-number.php Project: korhaldragonir/phpipam

/**
 *	Print all available locations
 ************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database, false);
$Tools = new Tools($Database);
$Addresses = new Addresses($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "pstn_number");
# check permissions
if ($Tools->check_prefix_permission($User->user) < 2) {
    $Result->show("danger", _('You do not have permission to manage PSTN numbers'), true, true);
}
# get Location object
if ($_POST['action'] != "add") {
    $number = $Admin->fetch_object("pstnNumbers", "id", $_POST['id']);
    $number !== false ?: $Result->show("danger", _("Invalid ID"), true, true);
    $prefix = $Admin->fetch_object("pstnPrefixes", "id", $number->prefix);
} else {
    # id is required
    if (isset($_POST['id'])) {
        $prefix = $Admin->fetch_object("pstnPrefixes", "id", $_POST['id']);
        $prefix !== false ?: $Result->show("danger", _("Invalid prefix ID"), true, true);
        $number = new StdClass();

Example #14

Show file

File: edit.php Project: korhaldragonir/phpipam

/*
 * Print edit sections form
 *************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Sections = new Sections($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "section");
# fetch all sections for master section
$sections = $Sections->fetch_all_sections();
# fetch groups
$groups = $Admin->fetch_all_objects("userGroups", "g_id");
# fetch section
$section = (array) $Sections->fetch_section(null, @$_POST['sectionId']);
?>

<!-- header -->
<div class="pHeader"><?php 
print ucwords(_($_POST['action']));
?>
 <?php 
print _('Section');
?>

Example #15

Show file

File: edit.php Project: routenull0/phpipam

 * Print edit subnet
 *********************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database, false);
$Sections = new Sections($Database);
$Subnets = new Subnets($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "subnet");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# verify that user has permissions to add subnet
if ($_POST['action'] == "add") {
    if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) {
        $Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true, true);
    }
} else {
    if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) {
        $Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true);
    }
}
/**

Example #16

Show file

File: item-add.php Project: korhaldragonir/phpipam

 ************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# get NAT object
$nat = $Admin->fetch_object("nat", "id", $_POST['id']);
$nat !== false ?: $Result->show("danger", _("Invalid ID"), true, true);
// new cookie
$csrf_cookie = $User->csrf_cookie("create", "nat_add");
?>

<!-- header -->
<div class="pHeader"><?php 
print _('Add NAT item');
?>
</div>

<!-- content -->
<div class="pContent">

    <h4><?php 
print _("Search objects");
?>
</h4>

Example #17

Show file

File: edit-rack-devices-result.php Project: routenull0/phpipam

/**
 * Edit rack devices result
 ***************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# strip input tags
$_POST = $Admin->strip_input_tags($_POST);
# validate csrf cookie
$User->csrf_cookie("validate", "rack_devices", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
# ID must be numeric
if (!is_numeric($_POST['rackid'])) {
    $Result->show("danger", _("Invalid ID"), true);
}
if (!is_numeric($_POST['deviceid'])) {
    $Result->show("danger", _("Invalid ID"), true);
}
if (!is_numeric($_POST['rack_start'])) {
    $Result->show("danger", _("Invalid start value"), true);
}
if (!is_numeric($_POST['rack_size'])) {
    $Result->show("danger", _("Invalid size value"), true);
}
# validate rack
$rack = $Admin->fetch_object("racks", "id", $_POST['rackid']);

Example #18

Show file

File: truncate.php Project: routenull0/phpipam

/*
 * Print truncate subnet
 *********************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database, false);
$Subnets = new Subnets($Database);
$Addresses = new Addresses($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "truncate");
# id must be numeric
if (!is_numeric($_POST['subnetId'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# get subnet details
$subnet = $Subnets->fetch_subnet(null, $_POST['subnetId']);
# verify that user has write permissions for subnet
$subnetPerm = $Subnets->check_permission($User->user, $subnet->id);
if ($subnetPerm < 3) {
    $Result->show("danger", _('You do not have permissions to resize subnet') . '!', true, true);
}
# set prefix - folder or subnet
$prefix = $subnet->isFolder == "1" ? "folder" : "subnet";
# reformat description
$subnet->description = strlen($subnet->description) > 0 ? "({$subnet->description})" : "";

Example #19

Show file

File: edit.php Project: routenull0/phpipam

<?php

/**
 * Edit tag
 *************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "tags");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# ID must be numeric
if ($_POST['action'] != "add" && !is_numeric($_POST['id'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# fetch api for edit / add
if ($_POST['action'] != "add") {
    # fetch api details
    $tag = $Admin->fetch_object("ipTags", "id", $_POST['id']);
    # null ?
    $tag === false ? $Result->show("danger", _("Invalid ID"), true, true) : null;
}

Example #20

Show file

File: move-address.php Project: routenull0/phpipam

 *
 * Fetches info from database
 *************************************************/
# include required scripts
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize required objects
$Database = new Database_PDO();
$Result = new Result();
$User = new User($Database);
$Subnets = new Subnets($Database);
$Tools = new Tools($Database);
$Addresses = new Addresses($Database);
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "address");
# validate action
$Tools->validate_action($_POST['action']);
# validate post
is_numeric($_POST['subnetId']) ?: $Result->show("danger", _("Invalid ID"), true);
is_numeric($_POST['id']) || strlen($_POST['id']) == 0 ?: $Result->show("danger", _("Invalid ID"), true);
# fetch address and subnet
$address = (array) $Addresses->fetch_address(null, $_POST['id']);
$subnet = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']);
# fetch all slave subnets
$Subnets->fetch_subnet_slaves_recursive($subnet['id']);
?>

<!-- header -->
<div class="pHeader"><?php 
print _('Move IP address to different subnet');

Example #21

Show file

File: edit.php Project: korhaldragonir/phpipam

/**
 *	Edit rack details
 ************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Racks = new phpipam_rack($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "rack");
# fetch custom fields
$custom = $Tools->fetch_custom_fields('racks');
# ID must be numeric
if ($_POST['action'] != "add" && !is_numeric($_POST['rackid'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# fetch device details
if ($_POST['action'] == "edit" || $_POST['action'] == "delete") {
    $rack = $Admin->fetch_object("racks", "id", $_POST['rackid']);
} else {
    $rack = new StdClass();
    $rack->size = 42;
}
# all locations
if ($User->settings->enableLocations == "1") {

Example #22

Show file

File: edit-result.php Project: korhaldragonir/phpipam

    # initialize user object
    $Database = new Database_PDO();
    $User = new User($Database);
    $Admin = new Admin($Database, false);
    $Subnets = new Subnets($Database);
    $Sections = new Sections($Database);
    $Addresses = new Addresses($Database);
    $Tools = new Tools($Database);
    $Result = new Result();
}
# verify that user is logged in
$User->check_user_session();
# strip input tags
$_POST = $Admin->strip_input_tags($_POST);
# validate csrf cookie
$User->csrf_cookie("validate", "subnet", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
# if show name than description must be set
if (@$_POST['showName'] == 1 && strlen($_POST['description']) == 0) {
    $Result->show("danger", _("Please enter subnet description to show as name!"), true);
}
# we need old values for mailing
if ($_POST['action'] == "edit" || $_POST['action'] == "delete") {
    $old_subnet_details = (array) $Subnets->fetch_subnet("id", $_POST['subnetId']);
}
# modify post parameters
$_POST['cidr'] = trim($_POST['subnet']);
$_POST['id'] = $_POST['subnetId'];
# get mask and subnet
$temp = explode("/", $_POST['subnet']);
$_POST['mask'] = trim($temp[1]);
$_POST['subnet'] = trim($temp[0]);

Example #23

Show file

File: edit.php Project: routenull0/phpipam

		table		= name of the table
		action		= action
		fieldName	= field name to edit
*/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "custom_field");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
/* reset field name for add! */
if ($_POST['action'] == "add") {
    $_POST['fieldName'] = "";
} else {
    $_POST['oldname'] = $_POST['fieldName'];
}
# fetch old field definition
$fieldval = (array) $Tools->fetch_full_field_definition($_POST['table'], $_POST['fieldName']);
?>

Example #24

Show file

File: edit.php Project: routenull0/phpipam

/**
 * Script to print add / edit / delete widget
 *************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "widget");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# fetch widget
if ($_POST['action'] != "add") {
    $w = $Admin->fetch_object("widgets", "wid", $_POST['wid']);
    $w !== false ?: $Result->show("danger", _("Invalid ID"), true, true);
    $w = (array) $w;
}
?>

<!-- header -->
<div class="pHeader"><?php 
print ucwords($_POST['action']) . " widget";

Example #25

Show file

File: edit.php Project: korhaldragonir/phpipam

/**
 *	Print all available nameserver sets and configurations
 ************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "nat");
# get NAT object
if ($_POST['action'] != "add") {
    $nat = $Admin->fetch_object("nat", "id", $_POST['id']);
    $nat !== false ?: $Result->show("danger", _("Invalid ID"), true, true);
}
# disable edit on delete
$readonly = $_POST['action'] == "delete" ? "readonly" : "";
$link = $readonly ? false : true;
?>


<!-- header -->
<div class="pHeader"><?php 
print ucwords(_("{$_POST['action']}"));
?>

Example #26

Show file

File: edit.php Project: korhaldragonir/phpipam

/**
 *	Print all available VRFs and configurations
 ************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Sections = new Sections($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "vrf");
# get VRF
if ($_POST['action'] != "add") {
    $vrf = $Admin->fetch_object("vrf", "vrfId", $_POST['vrfId']);
    $vrf !== false ?: $Result->show("danger", _("Invalid ID"), true, true);
    $vrf = (array) $vrf;
}
# disable edit on delete
$readonly = $_POST['action'] == "delete" ? "readonly" : "";
# fetch custom fields
$custom = $Tools->fetch_custom_fields('vrf');
?>


<!-- header -->
<div class="pHeader"><?php

Example #27

Show file

File: edit.php Project: routenull0/phpipam

/**
 *	Print all available locations
 ************************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "location");
# validate action
$Admin->validate_action($_POST['action'], true);
# get Location object
if ($_POST['action'] != "add") {
    $location = $Admin->fetch_object("locations", "id", $_POST['id']);
    $location !== false ?: $Result->show("danger", _("Invalid ID"), true, true);
}
# disable edit on delete
$readonly = $_POST['action'] == "delete" ? "readonly" : "";
$link = $readonly ? false : true;
# fetch custom fields
$custom = $Tools->fetch_custom_fields('locations');
?>

Example #28

Show file

File: result.php Project: korhaldragonir/phpipam

<?php

/**
 *	Script to replace fields in IP address list
 ***********************************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# validate csrf cookie
$User->csrf_cookie("validate", "replace_fields", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
//verify post
if (empty($_POST['search'])) {
    $Result->show("danger", _('Please enter something in search field') . '!', true);
}
//if device verify that it exists
if ($_POST['field'] == "switch") {
    if (!($device1 = $Admin->fetch_object("devices", "hostname", $_POST['search']))) {
        $Result->show("danger  alert-absolute", _('Switch') . ' "<i>' . $_POST['search'] . '</i>" ' . _('does not exist, first create switch under admin menu') . '!', true);
    }
    if (!($device2 = $Admin->fetch_object("devices", "hostname", $_POST['replace']))) {
        $Result->show("danger  alert-absolute", _('Switch') . ' "<i>' . $_POST['search'] . '</i>" ' . _('does not exist, first create switch under admin menu') . '!', true);
    }
    //replace posts
    $_POST['search'] = $device1->id;
    $_POST['replace'] = $device2->id;

Example #29

Show file

File: permissions-show.php Project: routenull0/phpipam

/*
 * Print edit subnet
 *********************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Sections = new Sections($Database);
$Subnets = new Subnets($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "permissions");
# ID must be numeric
if (!is_numeric($_POST['subnetId'])) {
    $Result->show("danger", _("Invalid ID"), true, true);
}
# get all groups
$groups = $Admin->fetch_all_objects("userGroups", "g_name");
# get subnet details
$subnet = $Subnets->fetch_subnet(null, $_POST['subnetId']);
?>


<script type="text/javascript">
$(document).ready(function() {
/* bootstrap switch */
var switch_options = {

Example #30

Show file

File: settings-save.php Project: routenull0/phpipam

<?php

/**
 *	Site settings
 **************************/
/* functions */
require dirname(__FILE__) . '/../../../functions/functions.php';
# initialize user object
$Database = new Database_PDO();
$User = new User($Database);
$Admin = new Admin($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# validate csrf cookie
$User->csrf_cookie("validate", "pdns_settings", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
// validations
if (strlen($_POST['name']) == 0) {
    $Result->show("danger", "Invalid database name", true);
}
if (strlen($_POST['port']) == 0) {
    $_POST['port'] = 3306;
} elseif (!is_numeric($_POST['port'])) {
    $Result->show("danger", "Invalid port number", true);
}
// formulate json
$values = new StdClass();
$values->host = $_POST['host'];
$values->name = $_POST['name'];
$values->username = $_POST['username'];
$values->password = $_POST['password'];