$circut_id = $_POST['circut_id']; $remote_id = $_POST['remote_id']; $ddns_text = $_POST['ddns_text']; $ddns_fwd_name = $_POST['ddns_fwd_name']; $ddns_client_fqdn = $_POST['ddns_client_fqdn']; $ddns_rev_name = $_POST['ddns_rev_name']; $search = $_POST['search']; $startdate = $_POST['startdate']; $enddate = $_POST['enddate']; // perform search if not empty if (!empty($_POST['SrchLeases'])) { if (empty($search) && empty($startdate) && empty($enddate)) { $error = $err->GenerateErrorLink("help/help.html", "#lease_search", $defined['error'], "Empty search fields, please enter an IP or Hostname to search or enter a start and end date for a list of leases between those dates", NULL, NULL); } else { // perform validation on search string(s) if ($val->ValidateIPv4($search) !== -1 || $val->ValidateMACFormats($search) !== -1 || $val->ValidateHostname($search) !== -1 && $val->ValidateDate($startdate) !== -1 && $val->ValidateDate($enddate) !== -1) { /* define our search query */ if ($group !== "admin") { $having = " HAVING `group` = \"" . $group . "\""; } // search by dates if (!empty($startdate) || !empty($enddate)) { $dates = " `start` > \"" . $startdate . "\" AND `end` < \"" . $enddate . "\""; } // provide fields search if (!empty($search)) { $main = "`hostname` LIKE \"" . $search . "\" OR `hardware` LIKE \"" . $search . "\" OR `ip` LIKE \"" . $search . "\""; } // and apply the attributes $query = "SELECT * FROM `conf_leases` WHERE {$main}{$dates}{$having} ORDER BY `hostname` ASC"; // process our query
$tmp[$row]['mac_address'] = $data[2]; $tmp[$row]['subnet'] = $data[3]; $tmp[$row]['pxe_group'] = $data[4]; } } // check for xml extension if (eregi(".*\\.[xml]", $upload_path)) { } // loop over our array and assign data to our template for ($x = 1; $x <= count($tmp); $x++) { // open an ordered list $list .= "<ol>"; // check each post element if (!empty($tmp[$x]['hostname']) && !empty($tmp[$x]['mac_address']) && !empty($tmp[$x]['ip_address'])) { // begin validation of file contents if ($val->ValidateParagraph($tmp[$x]['hostname']) !== -1 && $val->ValidateMACFormats($tmp[$x]['mac_address']) !== -1 && $val->ValidateIPv4($tmp[$x]['ip_address']) !== -1 && $val->ValidateParagraph($tmp[$x]['subnet']) !== -1 && $val->ValidateParagraph($tmp[$x]['pxe_group']) !== -1) { // generate our sql command $insert = "INSERT INTO `conf_hosts` ( `hostname`, `mac-address`, `ip-address`, `subnet-name`, `pxe-group` ) VALUES ( \"" . $tmp[$x]['hostname'] . "\",\"" . $tmp[$x]['mac_address'] . "\", \"" . $tmp[$x]['ip_address'] . "\", \"" . $tmp[$x]['subnet'] . "\", \"" . $tmp[$x]['pxe_group'] . "\" )"; // insert records or prompt for duplicate errors if (($value = $db->dbQuery($val->ValidateSQL($insert, $dbconn), $dbconn)) === -1) { // found an existing record? if (eregi("duplicate", $db->dbCatchError())) { // assign an error message $error = $err->GenerateErrorLink("help/help.html", "#import_host", $defined['error'], "Duplicate records found during import, please review and modify the data below accordingly.", NULL, NULL); // since we have a duplicate and not an invalid record give them the correct template $error_template = "admin.import.hosts.errors.tpl"; // find the duplicate record so the user can edit it $find = "SELECT * FROM `conf_hosts` WHERE `hostname` = \"" . $tmp[$x]['hostname'] . "\" OR `mac-address` = \"" . $tmp[$x]['mac_address'] . "\" OR `ip-address` = \"" . $tmp[$x]['mac_address'] . "\" LIMIT 1"; if (($value = $db->dbQuery($val->ValidateSQL($find, $dbconn), $dbconn)) === -1) { $error = $err->GenerateErrorLink("help/help.html", "#import_host", $defined['error'], "An error occured when attempting to lookup the duplicate record in which '" . $tmp[$x]['hostname'] . "' conflicts with.", NULL, NULL); } else {
$mac_address = $_POST['mac_address']; $ip_address = $_POST['ip_address']; $subnet_name = $_POST['subnet_name']; $pxe_group = $_POST['pxe_group']; $search = $_POST['search']; $modify = $_POST['modify']; $permissions = $_POST['select_groups']; $groups = $_POST['groups']; // perform search if not empty if (empty($search) && !empty($_POST['srch'])) { $search_err = $err->GenerateErrorImg($defined['error'], "help/help.html#host_search", '800', '800'); $list = "<ol><li>Search string is empty. Allowed formats:<br>MAC Address: xx:xx:xx:xx:xx<br>IPv4 Address: xxx.xxx.xxx.xxx<br>Hostname: [0-9a-z]</li></ol>"; $error = $err->GenerateErrorLink("help/help.html", "#host_search", $defined['error'], $errors['val_host'] . $list, NULL, NULL); } elseif (!empty($search) && !empty($_POST['srch'])) { // perform validation on search string if ($val->ValidateIPv4($search) !== -1 || $val->ValidateMACFormats($search) !== -1 || $val->ValidateParagraph($search) !== -1) { // Gather all records belonging to other groups but where this user is allowed access $sql = "SELECT * FROM `auth_group_perms` WHERE `resource` = \"hosts\""; if (($z = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) !== -1) { } // define our search query if ($group === "admin") { $query = "SELECT * FROM `conf_hosts` WHERE `hostname` LIKE \"" . $search . "\" OR `mac-address` LIKE \"" . $search . "\" OR `ip-address` LIKE \"" . $search . "\" ORDER BY `hostname` ASC"; } else { $query = "SELECT * FROM `conf_hosts` WHERE `hostname` LIKE \"" . $search . "\" OR `mac-address` LIKE \"" . $search . "\" OR `ip-address` LIKE \"" . $search . "\" HAVING `group` = \"" . $group . "\" ORDER BY `hostname` ASC"; } // process our query if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) { $error = $err->GenerateErrorLink("help/help.html", "#host_search", $defined['error'], $errors['db_search_err'], NULL, NULL); } else { // process results of search