*/ /* functions */ require dirname(__FILE__) . '/../../functions/functions.php'; # initialize user object $Database = new Database_PDO(); $User = new User($Database); $Result = new Result(); $Log = new Logging($Database); # Authenticate if (!empty($_POST['ipamusername']) && !empty($_POST['ipampassword'])) { # initialize array $ipampassword = array(); # check failed table $cnt = $User->block_check_ip(); # check for failed logins and captcha if ($User->blocklimit > $cnt) { // all good } elseif (!isset($_POST['captcha'])) { $Log->write("Login IP blocked", "Login from IP address {$_SERVER['REMOTE_ADDR']} was blocked because of 5 minute block after 5 failed attempts", 1); $Result->show("danger", _('You have been blocked for 5 minutes due to authentication failures'), true); } else { # check captcha if (strtolower($_POST['captcha']) != strtolower($_SESSION['securimage_code_value'])) { $Result->show("danger", _("Invalid security code"), true); } } # all good, try to authentucate user $User->authenticate($_POST['ipamusername'], $_POST['ipampassword']); } else { $Result->show("danger", _('Please enter your username and password'), true); }
# modify action - if delete ok, dynamically reset add / edit -> if IP already exists set edit if ($action != "delete") { $address['action'] = $Addresses->address_exists($m, $address['subnetId']) === true ? "edit" : "add"; } # if it fails set error log if (!$Addresses->modify_address($address, false)) { $errors[] = _('Cannot') . ' ' . $address['action'] . ' ' . _('IP address') . ' ' . $Addresses->transform_to_dotted($m); } # next IP $m = gmp_strval(gmp_add($m, 1)); } # print errors if they exist if (isset($errors)) { $log = $Result->array_to_log($errors); $Result->show("danger", $log, false); $Log->write("IP address modification", "'Error {$action} range {$address['start']} - {$address['stop']}<br> {$log}", 2); } else { # reset IP for mailing $address['ip_addr'] = $address['start'] . ' - ' . $address['stop']; # log and changelog $Result->show("success", _("Range") . " {$address['start']} - {$address['stop']} " . _($action) . " " . _("successfull") . "!", false); $Log->write("IP address modification", "Range {$address['start']} - {$address['stop']} {$action} successfull!", 0); # send changelog mail $Log->object_action = $action; $Log->object_type = "address range"; $Log->object_result = "success"; $Log->user = $User->user; $Log->changelog_send_mail("Address range {$address['start']} - {$address['stop']} {$action}"); } } } else {
<?php /** * Format and submit instructions to database **********************************************/ /* functions */ require dirname(__FILE__) . '/../../../functions/functions.php'; # initialize user object $Database = new Database_PDO(); $User = new User($Database); $Result = new Result(); $Log = new Logging($Database, $User->settings); # verify that user is logged in $User->check_user_session(); # execute # # we do it directly because we permit html tags for instructions # try { $Database->updateObject("instructions", array("id" => 1, "instructions" => $_POST['instructions']), "id"); } catch (Exception $e) { $Result->show("danger", _("Error: ") . $e->getMessage(), false); $Log->write("Instructions updated", "Failed to update instructions<hr>" . $e->getMessage(), 1); } # ok $Log->write("Instructions updated", "Instructions updated succesfully", 0); $Result->show("success", _("Instructions updated successfully"), true);