function LoginForm()
{
global $command, $admlogin, $admpassword;
htmlProlog($_SERVER['PHP_SELF'], "Administration", false);
?>
<form method="post" action="<?php
echo basename($_SERVER['PHP_SELF']);
?>
" name=loginform>
<table frame=void rules=none WIDTH="300">
<tr>
<td align="left"> login: </td>
<td align="left"> <input type="text" name="admlogin" maxlength=16 size=16> </td>
<tr>
<td align="left"> password: </td>
<td align="left"> <input type="password" name="admpassword" maxlength=16 size=16> </td>
<tr>
<td align="left"> </td>
<td align="left"> </td>
<tr>
<td align="left"> </td>
<td align="left"> <input type=submit value="login" name="cmdlogin"> </td>
<td align="left"> <input type=hidden name="command" value="login"> </td>
</table>
</form>
<script type="text/javascript">
<!--
if (document.loginform)
{
document.loginform.login.focus();
}
// -->
</script>
<?php
$admlogin = '';
$admpassword = '';
htmlEpilog();
}
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
$publicAccess = true;
include 'authenticate.php';
include 'request_interface.php';
if ($preselServ != "") {
list($presel_shard, $presel_server, $presel_service) = explode(".", $preselServ);
if ($presel_service) {
$aliases = split('[/-]', $presel_service);
if (count($aliases) == 3) {
$presel_service = $aliases[0];
}
}
}
htmlProlog($_SERVER['PHP_SELF'], "Player Locator");
echo "<script><!--\n";
echo "//----------------------------------\n";
echo "function clickOnEntity(entity)\n";
echo "{\n";
echo "\tplayer_select[entity] = !player_select[entity];\n";
echo "\tif (player_select[entity])\n";
echo "\t{\n";
echo "\t\tdocument.getElementById('player_'+entity).style.background = player_sel_bgcolor[entity];\n";
echo "\t}\n";
echo "\telse\n";
echo "\t{\n";
echo "\t\tdocument.getElementById('player_'+entity).style.background = player_bgcolor[entity];\n";
echo "\t}\n";
echo "\tvar total_select = 0;\n";
echo "\tvar list_select = ''\n";
$_GET =& $HTTP_GET_VARS;
}
function importParam($var)
{
global $_POST, $_GET;
if (isset($_POST[$var])) {
$GLOBALS[$var] = $_POST[$var];
} else {
if (isset($_GET[$var])) {
$GLOBALS[$var] = $_GET[$var];
} else {
unset($GLOBALS[$var]);
}
}
}
htmlProlog($_SERVER['PHP_SELF'], "Log Analysis");
// look for LAS
$las_query = "*.*.LAS.State";
$qstate = nel_query($las_query, $result);
unset($availableLAS);
if ($qstate) {
$arr = explode(' ', $result);
$numRes = count($arr);
$numRows = current($arr);
$numLines = ($numRes - $numRows - 2) / $numRows;
next($arr);
for ($i = 0; $i < $numRows; ++$i) {
$vars[] = current($arr);
next($arr);
}
unset($shards);
$fullPath = factorizeQuery("[" . join($newPaths, ",") . "]");
// filter selection with command
$fullCmd = $fullPath . " " . $execServParams;
logUser($uid, "COMMAND=" . $fullCmd);
$qstate = nel_query($fullPath . " " . $execServParams, $cmdResult);
}
unset($ownerTables);
// display available user and group views
$result = sqlquery("SELECT view.name AS name, view.tid AS tid, view.uid AS gid, user.login AS owner FROM view_table AS view, user WHERE view.uid=user.uid AND (view.uid='{$uid}' OR view.uid='{$gid}') ORDER BY gid, ordering");
if ($result) {
$owner = "";
while ($arr = sqlfetch($result)) {
$ownerTables[$arr["owner"]][] = $arr;
}
}
htmlProlog($_SERVER['PHP_SELF'], "View Selection '{$tname}'", true);
if (isset($tname)) {
$current_tname = $tname;
}
$use_refreshRate = isset($form_refreshRate) && $form_refreshRate != 0 ? $form_refreshRate : $refreshRate;
if ($use_refreshRate > 0) {
echo "<script><!--\n";
echo "\tvar sURL = unescape(window.location.pathname);\n";
echo "\tvar pos = sURL.indexOf('.php');\n";
echo "\tfunction refresh() { window.location.replace( sURL ); }\n";
echo "\tif (pos >= 0) {\n";
echo "\t\tsURL = sURL.substr(0, pos+4)+'?current_tid={$tid}&form_refreshRate={$form_refreshRate}';\n";
echo "\t\tsetTimeout(\"refresh()\", " . $use_refreshRate * 1000 . ");\n";
echo "\t}\n";
echo "//--></script>\n";
}
}
}
}
}
}
}
}
}
}
}
}
}
}
// -----------------------------
// page display
htmlProlog($_SERVER['PHP_SELF'], "Customize views");
if ($error) {
echo "<b>Reported errors:</b><br>{$error}<br>\n";
}
unset($vargroups);
$result = sqlquery("SELECT * FROM variable_group ORDER BY name");
while ($result && ($arr = sqlfetch($result))) {
if ((!isset($sel_vgid) || $sel_vgid == "") && $arr["name"] == "NoGroup") {
$sel_vgid = $arr["vgid"];
}
$vargroups[$arr["name"]] = $arr["vgid"];
}
// -----------------------------
// display customizable views
$res = sqlquery("SELECT default_view FROM user, view_table WHERE user.uid='{$uid}' AND (view_table.uid='{$uid}' OR view_table.uid='{$gid}') AND view_table.tid=user.default_view");
if ($res && ($arr = sqlfetch($res))) {
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
include 'html_headers.php';
include 'sql_connection.php';
$file = getVar('file');
$topic = getVar('topic');
$edit = getVar('edit');
$help_body = getVar('help_body');
$update = getVar('update');
htmlProlog($_SERVER['PHP_SELF'], "Help for '{$file}/{$topic}'", false);
$result = defaultConnectToDatabase();
if ($result) {
echo "Can't find help, database connection failed.<br>[{$result}]<br>\n";
} else {
$view = true;
if ($edit) {
echo "<p align=justify><b>Edit help</b> for <b>{$file}/{$topic}</b><br>\n";
echo "<i>Hints/Warning:</i> Text note is not processed, and will be display as is, meaning that all HTML tags <b>must</b> be valid.\n";
echo "References to other help pages are formatted like<br><a href='help.php?file=<i>file</i>&topic=<i>topic</i>'><i>blahblah</i></a><br>\n";
echo "where <i>file</i> referres to a valid php file (e.g. /index.php) and <i>topic</i> to a valid topic name. For common Help Notes, <i>file</i> should be set to 'common'.\n";
echo "You may also use curved brackets '{' and '}' to point to a link (e.g. 'info about {NeL}' will point to a common help note on 'NeL' topic.)<br>\n";
$result = mysql_query("SELECT help_body FROM help_topic WHERE file='{$file}' AND topic='{$topic}'");
$help_body = "[Write your help note here]";
if ($result && ($arr = mysql_fetch_array($result))) {
$help_body = $arr["help_body"];
} else {
if (isset($filter_entity)) {
setCookie("admfilter_entity", $filter_entity, time() + 3600 * 24 * 15);
}
}
}
include 'sql_connection.php';
include 'session_auth.php';
include 'login_form.php';
include 'html_headers.php';
$result = defaultConnectToDatabase();
if ($result) {
die($result);
}
if (!auth($error)) {
LoginForm();
die;
}
$IsNevrax = strtolower($group) == 'nevraxgroup';
if ((!isset($publicAccess) || $publicAccess == false) && $admlogin != "root" && (!$allowNevrax || !$IsNevrax)) {
htmlProlog($_SERVER['PHP_SELF'], "Acces not granted");
echo "You are not allowed to go to this page.<br>\n";
echo "<a href='index.php'>Index page</a>\n";
htmlEpilog();
die;
}
include 'init.php';
// print "POST VARS: "; print_r($HTTP_POST_VARS); print "<br><br>";
// print "GET VARS: "; print_r($HTTP_GET_VARS); print "<br><br>";
// print "COOKIE VARS "; print_r($HTTP_COOKIE_VARS); print "<br><br>";
// print "SESSION VARS "; print_r($_SESSION); print "<br><br>";
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
$publicAccess = true;
include 'authenticate.php';
if (isset($chCookieState)) {
sqlquery("UPDATE user SET useCookie='{$chCookieState}' WHERE uid='{$uid}'");
$useCookie = $chCookieState;
}
htmlProlog($_SERVER['PHP_SELF'], "Preferences");
echo "<br><b>Preferences edit</b><br>\n";
echo "<table><tr><td>\n";
echo "<br><table><tr><td>Use login cookie</td><form method=post action='" . $_SERVER['PHP_SELF'] . "'><td>\n";
echo "<select name='chCookieState' onChange='submit()'>\n";
echo "<option value='yes'" . ($useCookie == 'yes' ? " selected" : "") . ">Yes\n";
echo "<option value='no'" . ($useCookie != 'yes' ? " selected" : "") . ">No\n";
echo "</td></form></tr></table><br>\n";
echo "</td></tr><tr><td><hr></td></tr><tr><td>\n";
echo "<table><tr><td colspan=2>Change password</td></tr>\n";
echo "<form method=post action='" . $_SERVER['PHP_SELF'] . "'><input type=hidden name='command' value='chPassword'><input type=hidden name='admlogin' value='{$admlogin}'><input type=hidden name='admpassword' value='{$admpassword}'>\n";
echo "<tr><td>Enter previous password</td><td><input type=password name='chOldPass' size=16 maxlength=16></td></tr>\n";
echo "<tr><td>Enter new password</td><td><input type=password name='chNewPass' size=16 maxlength=16></td></tr>\n";
echo "<tr><td>Reenter new password</td><td><input type=password name='chConfirmNewPass' size=16 maxlength=16></td></tr>\n";
echo "<tr><td colspan=2 align=center><input type=submit type=password name='chPassword' value='Change password'></td></tr>\n";
echo "</form></table><br>\n";
if ($preselServ != "") {
list($presel_shard, $presel_server, $presel_service) = explode(".", $preselServ);
if ($presel_service) {
$aliases = split('[/-]', $presel_service);
if (count($aliases) == 3) {
$presel_service = $aliases[0];
}
}
}
if ($reset_filters) {
$filter_shard = "";
$filter_server = "";
$filter_service = "";
$filter_entity = "";
}
htmlProlog($_SERVER['PHP_SELF'], "Commands");
// input variables :
// - $preselServ : preselected service address
// - $execCommand : executed command on preselected service, like a normal service
//
echo "Services commands<br>\n";
echo "<table border=1><form method=post action='" . $_SERVER['PHP_SELF'] . "'>\n";
echo "<tr><th rowspan=2> Filters </th><th>shard</th><th>server</th><th>service</th><th>entity</th><td rowspan=2> <input type=submit name='display_view' value='Update\nfilters'> </td><td rowspan=2> <input type=submit name='reset_filters' value='Reset\nfilters'> </td></tr>\n";
echo "<tr>\n";
echo "<td><input type=text name=filter_shard value='{$filter_shard}' size=12 maxlength=256></td>\n";
echo "<td><input type=text name=filter_server value='{$filter_server}' size=12 maxlength=256></td>\n";
echo "<td><input type=text name=filter_service value='{$filter_service}' size=12 maxlength=256></td>\n";
echo "<td><input type=text name=filter_entity value='{$filter_entity}' size=28 maxlength=1024></td>\n";
echo "</tr>\n";
echo "</form></table><br>\n";
echo "<table border=0><tr valign=top>\n";
}
}
}
}
}
}
}
}
}
}
}
}
}
// -----------------------------
// page display
htmlProlog($_SERVER['PHP_SELF'], "Administration");
subBar(array("Users" => $_SERVER['PHP_SELF'] . "?editUsers=true", "Variables" => $_SERVER['PHP_SELF'] . "?editVariables=true", "Services" => $_SERVER['PHP_SELF'] . "?editServices=true", "Servers" => $_SERVER['PHP_SELF'] . "?editServers=true", "Shards" => $_SERVER['PHP_SELF'] . "?editShards=true"));
echo "Administration tools<br>\n";
if ($error) {
echo "<b>Reported errors:</b><br>\n{$error}<br>";
}
if (!$editUser && !$editUsers && !$editVariables && !$editShards && !$editServices && !$editServers) {
$editUsers = true;
}
// ---------------------------------------------------------------------------------
// edit a single user
// ---------------------------------------------------------------------------------
if ($editUser) {
$resURL = $_SERVER['PHP_SELF'] . "?editUser={$editUser}&selGroup={$selGroup}";
$result = sqlquery("SELECT * FROM user WHERE uid='{$editUser}'");
if ($result && ($arr = mysql_fetch_array($result))) {
function auth(&$error)
{
global $command, $sessionAuth, $admcookielogin, $admcookiepassword, $sessionAuth;
global $admlogin, $admpassword, $uid, $gid, $useCookie, $group, $HTTP_POST_VARS;
unset($error);
switch ($HTTP_POST_VARS["command"]) {
case "logout":
addToLog("Logout!");
$uid = $sessionAuth["uid"];
logUser($uid, "LOGOUT");
//session_unregister("sessionAuth");
unset($_SESSION["sessionAuth"]);
session_destroy();
// erases cookies
eraseCookies();
unset($admlogin);
unset($admpassword);
unset($admcookielogin);
unset($admcookiepassword);
unset($uid);
htmlProlog($_SERVER['PHP_SELF'], "Logout", false);
echo "<center>\n";
echo "You are not logged any more<br>\n";
echo "Click <a href='index.php'>here</a> to login<br>\n";
echo "</center>\n";
htmlEpilog();
die;
break;
case "chPassword":
addToLog("Change pass!");
global $chOldPass, $chNewPass, $chConfirmNewPass;
if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) {
$error = "Invalid login '{$admlogin}'";
eraseCookies();
return 0;
}
if (crypt($chOldPass, "NL") == $admpassword && $chNewPass == $chConfirmNewPass) {
sqlquery("UPDATE user SET password='******' WHERE uid='{$uid}'");
$admpassword = $chNewPass;
addToLog("Changed password to '{$chNewPass}':'" . crypt($chNewPass, "NL") . "'");
//session_unregister("sessionAuth");
unset($_SESSION["sessionAuth"]);
session_destroy();
}
case "login":
$admpassword = crypt($admpassword, "NL");
addToLog("Login! -- admlogin='******', admpassword='******'");
if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) {
$error = "Invalid login '{$admlogin}'";
print $error;
eraseCookies();
return 0;
}
$sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid);
//session_register("sessionAuth");
$_SESSION["sessionAuth"] = $sessionAuth;
if ($useCookie) {
setupCookies($admlogin, $admpassword);
}
logUser($uid, "LOGIN");
return 1;
break;
default:
if (!isset($sessionAuth) || $sessionAuth["admlogin"] == "") {
print "no sessionauth or admlogin is blank";
if (!isset($admcookielogin)) {
addToLog("cookie not set");
return false;
} else {
$admlogin = $admcookielogin;
$admpassword = $admcookiepassword;
}
} else {
$admlogin = $sessionAuth["admlogin"];
$admpassword = $sessionAuth["admpassword"];
$uid = $sessionAuth["uid"];
}
if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) {
if (!$uid) {
$error = "Invalid login '{$admlogin}'";
eraseCookies();
return false;
}
}
$sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid);
//session_register("sessionAuth");
$_SESSION["sessionAuth"] = $sessionAuth;
if ($useCookie) {
setupCookies($admlogin, $admpassword);
} else {
eraseCookies();
}
//logUser($uid, "BROWSE");
return 1;
break;
}
}
