function CreateNav($token, $skin) { global $defined; $auth = new Authenticate(); $level = new AccessLevels(); if (empty($token)) { $data->menu = 'menu.default.tpl'; } else { if ($auth->AuthUser(NULL, NULL, $token) === -1 || $auth->AuthUser(NULL, NULL, $token) === -2) { // $data->menu = $msg; $data->menu = 'menu.default.tpl'; } else { if ($level->ChkLevel($token) === "admin") { $data->menu = 'menu.admin.tpl'; } elseif ($level->ChkLevel($token) === "user") { $data->menu = 'menu.user.tpl'; } elseif ($level->ChkLevel($token) === "view") { $data->menu = 'menu.view.tpl'; } else { $data->menu = 'menu.default.tpl'; } } } return $data->menu; }
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -2) { $ERROR = $err->GenerateErrorLink("help/help.html", "#timeout", $defined['error'], $errors['auth_to'], NULL, NULL); $misc->ExitApplication($_SESSION['token']); // error in validation of authentication data } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -3) { $ERROR = $err->GenerateErrorLink("help/help.html", "#alphanum", $defined['error'], $errors['val_alp'], NULL, NULL); // authentication data not found in database } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -4) { $ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL); // error in database query } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) { $ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL); // valid user found } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) { // perform permissions check with access level and group data if ($level->ChkLevel($_SESSION['token']) === "admin") { // define some variables for the template etc. $JS = " hidediv('extras'); hidediv('perms');"; $FILE = "manage.pools.tpl"; // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // provide count of online users $online = "SELECT * FROM `admin_sessions`"; $ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn); $usersoline = $db->dbNumRows($ret); // decode our authentication token to get our group membership $user_details = $encrypt->DecodeAuthToken($_SESSION['token']); $group = base64_decode($user_details[3]); // get an array of subnets the ISC DHCPD service may listen on $query = "SELECT `name`, `broadcast` FROM `conf_adapters` ORDER BY `broadcast` ASC"; if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) {
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -2) { $ERROR = $err->GenerateErrorLink("help/help.html", "#timeout", $defined['error'], $errors['auth_to'], NULL, NULL); $misc->ExitApplication($_SESSION['token']); // error in validation of authentication data } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -3) { $ERROR = $err->GenerateErrorLink("help/help.html", "#alphanum", $defined['error'], $errors['val_alp'], NULL, NULL); // authentication data not found in database } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -4) { $ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL); // error in database query } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) { $ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL); // valid user found } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) { // perform permissions check with access level and group data if ($level->ChkLevel($_SESSION['token']) === "root" || $level->ChkLevel($_SESSION['token'] === "user")) { // decode our authentication token to get our group membership $user_details = $encrypt->DecodeAuthToken($_SESSION['token']); $group = base64_decode($user_details[3]); // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // Get array of subnets to assign hosts to if ($group === "admin") { $query = "SELECT * FROM `conf_subnets` ORDER BY `subnet-name` ASC"; } else { $query = "SELECT * FROM `conf_subnets` WHERE `group` = \"" . $group . "\" ORDER BY `subnet-name` ASC"; } if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) !== -1) { $subdata = $db->dbArrayResults($value); } // are there subnets? if so populate sql queries to look up hosts per subnet
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -2) { $ERROR = $err->GenerateErrorLink("help/help.html", "#timeout", $defined['error'], $errors['auth_to'], NULL, NULL); $misc->ExitApplication($_SESSION['token']); // error in validation of authentication data } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -3) { $ERROR = $err->GenerateErrorLink("help/help.html", "#alphanum", $defined['error'], $errors['val_alp'], NULL, NULL); // authentication data not found in database } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -4) { $ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL); // error in database query } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) { $ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL); // valid user found } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) { // perform permissions check with access level and group data if ($level->ChkLevel($_SESSION['token']) === "admin" || $level->ChkLevel($_SESSION['token']) === "user") { // define some variables for the template etc. $JS = " hidediv('extras'); hidediv('perms');"; $FILE = "manage.leases.tpl"; // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // provide count of online users $online = "SELECT * FROM `admin_sessions`"; $ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn); $usersoline = $db->dbNumRows($ret); // decode our authentication token to get our group membership $user_details = $encrypt->DecodeAuthToken($_SESSION['token']); $group = base64_decode($user_details[3]); // attempt to process leases if file changed $misc->GetCurrentLeases($defined['leases']); // Look for a GET id post to edit existing dnssec keys
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -2) { $ERROR = $err->GenerateErrorLink("help/help.html", "#timeout", $defined['error'], $errors['auth_to'], NULL, NULL); $misc->ExitApplication($_SESSION['token']); // error in validation of authentication data } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -3) { $ERROR = $err->GenerateErrorLink("help/help.html", "#alphanum", $defined['error'], $errors['val_alp'], NULL, NULL); // authentication data not found in database } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -4) { $ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL); // error in database query } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -5) { $ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL); // valid user found } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) { // perform permissions check with access level and group data if ($level->ChkLevel($_SESSION['token']) === "user") { // define some variables for the template etc. $JS = NULL; $FILE = "admin.manage.users.tpl"; $user_ip = $_SERVER['REMOTE_ADDR']; $user_host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $user_create_date = $misc->GenDate(); $user_create_time = $misc->GenTimeRead(); // initialize a db connection handle $dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']); // provide count of online users $online = "SELECT * FROM `admin_sessions`"; $ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn); $usersoline = $db->dbNumRows($ret); // decode our authentication token to get our group membership $user_details = $encrypt->DecodeAuthToken($_SESSION['token']);