print "\t<th class='hidden-xs'>" . _('Change') . "</th>";
print "</tr>";
# logs
$pc = 0;
//print count
foreach ($clogs as $l) {
# cast
$l = (array) $l;
if ($pc < 5) {
# permissions
if ($l['ctype'] == "subnet") {
$permission = $Subnets->check_permission($User->user, $l['tid']);
} elseif ($l['ctype'] == "ip_addr") {
$permission = $Subnets->check_permission($User->user, $l['subnetId']);
} elseif ($l['ctype'] == "section") {
$permission = $Sections->check_permission($User->user, $l['sectionId']);
} else {
$permission = 0;
}
# if 0 ignore
if ($permission > 0) {
# format diff
$changelog = str_replace("\r\n", "<br>", $l['cdiff']);
$changelog = str_replace("\n", "<br>", $changelog);
$changelog = array_filter(explode("<br>", $changelog));
$diff = array();
foreach ($changelog as $c) {
// type
switch ($l['ctype']) {
case "ip_addr":
$type = "address";
$User->check_user_session();
# create csrf token
$csrf = $User->csrf_cookie("create", "folder");
# strip tags - XSS
$_POST = $User->strip_input_tags($_POST);
# validate action
$Admin->validate_action($_POST['action'], true);
# ID must be numeric
if ($_POST['action'] != "add") {
if (!is_numeric($_POST['subnetId'])) {
$Result->show("danger", _("Invalid ID"), true, true);
}
}
# verify that user has permissions to add subnet
if ($_POST['action'] == "add") {
if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) {
$Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true, true);
}
} else {
if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) {
$Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true);
}
}
# we are editing or deleting existing subnet, get old details
if ($_POST['action'] != "add") {
$folder_old_details = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']);
} else {
# for selecting master subnet if added from subnet details!
if (strlen($_POST['subnetId']) > 0) {
$subnet_old_temp = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']);
$subnet_old_details['masterSubnetId'] = @$subnet_old_temp['id'];
$Sections = new Sections($Database);
$Subnets = new Subnets($Database);
$Result = new Result();
}
# user must be authenticated
$User->check_user_session();
# prepare list of permitted subnets with requests
// get all sections
$sections = $Sections->fetch_all_sections();
$subnets_count = 0;
if ($sections !== false) {
foreach ($sections as $section) {
# cast
$section = (array) $section;
# check permission
$permission = $Sections->check_permission($User->user, $section['id']);
if ($permission > 0) {
$subnets = $Subnets->fetch_section_subnets($section['id']);
if ($subnets !== false) {
foreach ($subnets as $subnet) {
# check permission
$subpermission = $Subnets->check_permission($User->user, $subnet->id);
if ($subpermission > 0) {
/* show only subnets that allow IP exporting */
if ($subnet->allowRequests == 1) {
$subnets_count++;
/* must not have any nested subnets! */
if (!$Subnets->has_slaves($subnet->id)) {
$html[] = '<option value="' . $subnet->id . '">' . $Subnets->transform_to_dotted($subnet->subnet) . '/' . $subnet->mask . ' [' . $subnet->description . ']</option>';
}
}
