function GenMapMenu($table, $field, $order)
{
global $defined;
$db = new dbConn();
$val = new ValidateStrings();
if (empty($table) || empty($field)) {
return -1;
}
$conn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
if (empty($order)) {
$query = "SELECT {$field} FROM `{$table}`";
} else {
$query = "SELECT {$field} FROM `{$table}` ORDER BY `{$order}`";
}
$query = $val->ValidateSQL($query, $conn);
if (($value = $db->dbQuery($query, $conn)) === -1) {
return -1;
}
if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
return -1;
} else {
$list = "<form method=\"get\" action=\"{$_SERVER['PHP_SELF']}\"><b>Existing rides:</b> <select name=\"mapper\" onChange=\"jumpMenu('parent',this,0)\"><option value=\"NULL\">Select Map / Route...</option>";
$list .= "<option>------------------------------</option>";
foreach ($db->dbArrayResultsAssoc($value) as $key => $val) {
$url = $_SERVER['PHP_SELF'] . "?lat=" . $val['lat'] . "&lon=" . $val['lon'] . "&z=" . $val['zoom'] . "&mType=" . $val['type'] . "&driveFrom=" . $val['from'] . "&driveTo=" . $val['to'] . "&driveVia=" . $val['via'] . "&locale=en";
$list .= "<option name=\"{$url}\" value=\"{$url}\">" . $val['name'] . "</option>";
}
$list .= "</select></form>";
$data = $list;
}
$db->dbFreeData($conn);
$db->dbCloseConn($conn);
return $data;
}
function ChkLevel($token)
{
global $defined;
if (empty($token)) {
$level->value = -1;
} else {
$auth = new Encryption();
$db = new dbConn();
$val = new ValidateStrings();
$array = $auth->DecodeAuthToken($token);
$data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT `level` FROM `auth_users` WHERE `level` = \"" . base64_decode($array[2]) . "\"";
$value = $db->dbQuery($val->ValidateSQL($query, $data), $data);
$array = $db->dbArrayResults($value);
$level->value = $array[0]['level'];
$db->dbFreeData($query);
$db->dbCloseConn($data);
}
return $level->value;
}
$tpl->assign('broadcast_address_err', $broadcast_address_err, NULL, NULL);
$tpl->assign('netbios_servers_err', $netbios_servers_err, NULL, NULL);
$tpl->assign('ntp_servers_err', $ntp_servers_err, NULL, NULL);
$tpl->assign('default_lease_err', $default_lease_err, NULL, NULL);
$tpl->assign('max_lease_err', $max_lease_err, NULL, NULL);
$tpl->assign('min_lease_err', $min_lease_err, NULL, NULL);
$tpl->assign('pools_err', $pools_err, NULL, NULL);
$tpl->assign('list_err', $list_err, NULL, NULL);
$tpl->assign('select_groups_err', $select_groups_err, NULL, NULL);
// Do some cleaning before leaving
$misc->CleanUpVars($_POST, NULL);
// Perform analyze, repair and optimize on used tables
$db->dbFixTable("conf_pools", $dbconn);
$db->dbFixTable("auth_groups_perms", $dbconn);
// Free db handle and close connection(s)
$db->dbFreeData($dbconn);
$db->dbCloseConn($dbconn);
} else {
// page view restricted by access level
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['level'], NULL, NULL);
}
} else {
// general authentication error
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['auth_n'], NULL, NULL);
}
} else {
// Possible XSS attack
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['xss_config'], NULL, NULL);
}
} else {
// File is missing for configuration params
function GenUserList($user)
{
global $defined;
$db = new dbConn();
$conn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT * FROM `users` WHERE `username` = \"{$user}\" LIMIT 1";
if (($value = $db->dbQuery($query, $conn)) === -1) {
return -1;
}
if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
return -1;
} else {
$data = $db->dbArrayResults($value);
}
$db->dbFreeData($conn);
$db->dbCloseConn($conn);
return $data;
}
function GetAvailableIPAddresses($value, $subnet)
{
//echo "<pre>"; print_r( $value ); echo "</pre>";
global $defined;
$db = new dbConn();
$val = new ValidateStrings();
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// process available scope IP's minus IP's engaged in `conf_leases` table
preg_match('/([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\.([0-9]{1,3})/', $value['scope-range-1'], $start);
preg_match('/([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\.([0-9]{1,3})/', $value['scope-range-2'], $end);
// populate a range of valid octets to use
for ($x = $start[2]; $x < $end[2]; $x++) {
$tmp[] = $start[1] . "." . $x;
}
// mathmatica bitch
$x = 1;
for ($i = $start[2]; $i < $end[2]; $i++) {
$total[$key] = $x;
$x++;
}
// now get list of IP's in use as noted by the `conf_leases` table
$sql = "SELECT `ip` FROM `conf_leases` WHERE `ip` LIKE \"" . $start[1] . "%\"";
if (($return = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) !== -1) {
if ($db->dbNumRows($return) !== 0) {
$leases = $db->dbArrayResultsAssoc($return);
}
}
// mathmatics
$amnt = $total[$key];
$in_use = count($leases);
$unused = $amnt - $in_use;
// populate empty list
if (count($tmp) !== 0) {
$x = 0;
foreach ($tmp as $key => $value) {
for ($i = 0; $i < count($leases); $i++) {
if (!in_array($value, $leases[$i])) {
$empty[$x][] = $value;
$x++;
}
}
}
$empty = $this->EliminiateDuplicates($empty);
}
// put everything in a simple array, wuka wuka
$ip_counts[$subnet]['total'] = $amnt;
$ip_counts[$subnet]['total_used'] = $in_use;
$ip_counts[$subnet]['total_unused'] = $unused;
$ip_counts[$subnet]['detail_used'] = $leases;
$ip_counts[$subnet]['detail_unused'] = $empty;
// Free db handle and close connection(s)
$db->dbFreeData($dbconn);
$db->dbCloseConn($dbconn);
// give it to them raw, raw
return $ip_counts;
}
function AuthUser($user, $pass, $token)
{
// our global config opts
global $defined;
// initialize classes
$db = new dbConn();
$val = new ValidateStrings();
$lib = new Authenticate();
$auth = new Encryption();
$sess = new Sessions();
$misc = new MiscFunctions();
$exit = new ExitApp();
// check our authentication requirements
if (empty($user) && empty($pass) && empty($token)) {
return -1;
}
// we have an existing authentication token present
if (!empty($token) && empty($user) && empty($pass)) {
$array = $auth->DecodeAuthToken($token);
$user = base64_decode($array[0]);
$pass = base64_decode($array[1]);
$time = $array[4];
$current = $misc->GenTime();
if ($lib->AuthTimeOut($defined['timeout'], $time, $current) === -1) {
return -2;
}
}
// perform validation on username and password
if ($val->ValidateAlphaChar($user) === -1 || $val->ValidateParagraph($pass) === -1) {
return -3;
}
// see if the user exists for authenticaiton
$data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT * FROM `auth_users` WHERE `username` = \"{$user}\" AND `password` = sha1( \"{$pass}\" )";
$query = $val->ValidateSQL($query, $data);
// database problem
if (($value = $db->dbQuery($query, $data)) === -1) {
return -5;
}
// check user match
if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
return -4;
} else {
$return = 0;
}
// create our authentication session token
if (empty($token)) {
$array = $db->dbArrayResults($value);
$x = $auth->GeneratePrivateKey($defined['enckeygen']);
$access_date = $misc->GenDate();
$access_time = $misc->GenTimeRead();
$query = "UPDATE `auth_users` SET `access_date` = \"" . $access_date . "\", `access_time` = \"" . $access_time . "\", `session` = \"{$x}\" WHERE `id` = \"" . $array[0]['id'] . "\"";
$value = $val->ValidateSQL($query, $data);
if (($value = $db->dbQuery($value, $data)) === -1) {
return -5;
}
$x = $auth->EncodePrivToHex($x);
if (($token = $auth->EncodeAuthToken($array[0]['username'], $pass, $array[0]['level'], $array[0]['group'], $misc->GenTime(), $x)) !== -1) {
$sess->RegisterSession("token", $token);
$return = 0;
}
}
$db->dbFreeData($query);
$db->dbCloseConn($data);
return $return;
}
