private function checkAuth($method)
{
$auth = "";
if ($this->input->server('HTTP_X_AUTHORIZATION')) {
$auth = $this->input->server('HTTP_X_AUTHORIZATION');
}
$request_date = "";
if ($this->input->server('HTTP_DATE')) {
$request_date = $this->input->server('HTTP_DATE');
}
$query_string = "";
if ($this->input->server('QUERY_STRING')) {
$query_string = $this->input->server('QUERY_STRING');
}
if (empty($request_date) || !$this->checkDate($request_date)) {
$error_code = "403";
$error_message = $error_code . " Date is invalid";
show_error($error_message, $error_code);
exit;
}
if (empty($auth) || !isAuthorized($auth, $request_date, $method, $query_string)) {
$error_code = "401";
$error_message = $error_code . " Unauthorized";
show_error($error_message, $error_code);
exit;
}
}
function show_default()
{
$profiledb = ProfileDB::getInstance();
$profiles = $profiledb->getList();
if (is_array($profiles) == false) {
$profiles = array();
}
$can_manage_profiles = isAuthorized('manageSharedFolders');
$can_manage_configuration = isAuthorized('manageConfiguration');
page_header();
echo '<div id="profiles_div">';
echo '<h1>' . _('Profiles') . '</h1>';
echo '<div id="profiles_list_div">';
echo '<table border="0" cellspacing="1" cellpadding="3">';
foreach ($profiles as $profile) {
echo '<tr>';
echo '<td><a href="profiles.php?action=manage&id=' . $profile->id . '">' . $profile->id . '</a></td>';
if ($can_manage_profiles) {
echo '<td><form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to delete this profile?') . '\');">';
echo '<input type="hidden" name="name" value="Profile" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="ids[]" value="' . $profile->id . '" />';
echo '<input type="submit" value="' . _('Delete this profile') . '" />';
echo '</form></td>';
}
echo '</tr>';
}
echo '</table>';
echo '</div>';
echo '</div>';
page_footer();
die;
}
function getMyPermissionsHash()
{
$permissionsList = "";
if (isAuthorized()) {
if (isset(Reg::get('usr')->perms) and !empty(Reg::get('usr')->perms)) {
if (is_array(Reg::get('usr')->perms->permissionsList)) {
foreach (Reg::get('usr')->perms->permissionsList as $perm) {
$permissionsList .= $perm->id . ':';
}
}
}
}
return md5($permissionsList);
}
function grantAccess()
{
$MM_restrictGoTo = "index.php";
if (!(isset($_SESSION['MM_Username']) && isAuthorized("", $MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup']))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) {
$MM_qsChar = "&";
}
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) {
$MM_referrer .= "?" . $QUERY_STRING;
}
$MM_restrictGoTo = $MM_restrictGoTo . $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: " . $MM_restrictGoTo);
exit;
}
}
<?php
require_once "../subs.php";
require_once "../conf.inc.php";
require_once "../lib/dblayer.php";
require_once "./subs.php";
require_once "../vendor/autoload.php";
// Twig инициализация
Twig_Autoloader::register();
$loader = new Twig_Loader_Filesystem("../templates");
// Twig папка с шаблонами
$twig = new Twig_Environment($loader, array("cache" => "../cache", "auto_reload" => 1));
// Twig no cache
$template = 'tools.twig';
if ($admin_login = isAuthorized()) {
$c['nojs'] = true;
$users = getUsers();
$permissions = getPermissions($admin_login["uid"], $users);
if ($permissions["bills"] == 'deny') {
unset($TITLE["bills"]);
}
if ($permissions["users"] == 'deny') {
unset($TITLE["users"]);
}
$c['dir'] = basename(__DIR__);
$TITLE['helpdesk/reports'] = "Отчёты";
$c['sections'] = $TITLE;
$categories = getCategories();
$c["cat"] = $_cat = checkRequest("cat");
if ($_cat) {
$c['current_cat'] = getCategory($_cat);
function pageClearence($secLevel, $AUTH_redirectTo)
{
if (!isAuthorized($secLevel)) {
header("Location: " . $AUTH_redirectTo);
}
}
<?php
/*
* index.php
* general page
*
*/
ini_set('display_errors', 1);
error_reporting(E_ALL ^ E_NOTICE);
require 'subs.php';
require 'conf.inc.php';
require_once "lib/dblayer.php";
$stage = isset($_REQUEST['stage']) ? check_string($_REQUEST['stage'], 'string') : null;
// Стадия
if (isAuthorized()) {
header("Location: home");
} else {
// echo 2;
authorize();
}
if ($db_err["error_no"] != null) {
print_r($db_err);
}
// DB-errors
function checkAuthorization($policy_)
{
if (isAuthorized($policy_)) {
return true;
}
popup_error(_('You are not allowed to perform this action'));
return false;
}
function show_default()
{
$tasks = $_SESSION['service']->tasks_list();
if (is_null($tasks)) {
popup_error(_('Internal error requestings tasks'));
redirect();
}
$servers_ = $_SESSION['service']->getOnlineServersList();
if (is_null($servers_)) {
$servers_ = array();
}
$servers = array();
foreach ($servers_ as $server) {
if (isset($server->ulteo_system) && $server->ulteo_system == 1) {
$servers[] = $server;
}
}
$can_do_action = isAuthorized('manageServers');
page_header();
echo '<div id="tasks_div">';
echo '<h1>' . _('Tasks') . '</h1>';
if (count($tasks) > 0) {
echo '<div id="tasks_list_div">';
echo '<h2>' . _('List of tasks') . '</h2>';
echo '<table class="main_sub sortable" id="tasks_list_table" border="0" cellspacing="1" cellpadding="5">';
echo '<thead>';
echo '<tr class="title">';
echo '<th>' . _('ID') . '</th>';
echo '<th>' . _('Creation time') . '</th>';
echo '<th>' . _('Type') . '</th>';
echo '<th>' . _('Server') . '</th>';
echo '<th>' . _('Status') . '</th>';
echo '<th>' . _('Details') . '</th>';
echo '</tr>';
echo '</thead>';
echo '<tbody>';
$count = 0;
foreach ($tasks as $task) {
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
if (array_key_exists($task->server, $servers_)) {
$server_name = $servers_[$task->server]->getDisplayName();
} else {
$server_name = $task->server;
}
$can_remove = $task->succeed() || $task->failed();
if ($task->succeed()) {
$status = '<span class="msg_ok">' . _('Finished') . '</span>';
} elseif ($task->failed()) {
$status = '<span class="msg_error">' . _('Error') . '</span>';
} elseif ($task->status == 'in progress') {
$status = '<span class="msg_warn">' . _('In progress') . '</span>';
} else {
$status = $task->status;
}
echo '<tr class="' . $content . '">';
echo '<td><a href="?action=manage&id=' . $task->id . '">' . $task->id . '</a></td>';
echo '<td>' . date('Y-m-d H:i:s', $task->t_begin) . '</td>';
echo '<td>' . $task->getAttribute('type') . '</td>';
echo '<td><a href="servers.php?action=manage&id=' . $task->server . '">' . $server_name . '</a></td>';
echo '<td>' . $status . '</td>';
echo '<td>' . $task->getAttribute('request') . '</td>';
// todo !!!
if ($can_do_action) {
echo '<td>';
if ($can_remove) {
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Task" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="checked_tasks[]" value="' . $task->id . '" />';
echo '<input type="submit" value="' . _('Delete') . '" />';
echo '</form>';
}
echo '</td>';
}
echo '</tr>';
}
echo '</tbody>';
echo '</table>';
echo '</div>';
}
$can_do_action = False;
if (count($servers) > 0 && $can_do_action) {
echo '<h2>' . _('Install an application from a package name') . '</h2>';
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Task" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<select name="server">';
foreach ($servers as $server) {
echo '<option value="' . $server->id . '">' . $server->getDisplayName() . '</option>';
}
echo '</select> ';
echo '<input type="text" name="request" value="" /> ';
echo '<input type="hidden" name="type" value="install_from_line" />';
echo '<input type="submit" name="submit" value="' . _('Install') . '" />';
echo '</form>';
echo '<h2>' . _('Upgrade the internal system and applications') . '</h2>';
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Task" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="hidden" name="type" value="upgrade" />';
echo '<input type="hidden" name="request" value="" />';
// hack for the task creation
echo '<select name="server">';
foreach ($servers as $server) {
echo '<option value="' . $server->id . '">' . $server->getDisplayName() . '</option>';
}
echo '</select> ';
echo '<input type="submit" name="submit" value="' . _('Upgrade') . '" />';
echo '</form>';
}
echo '</div>';
page_footer();
die;
}
footer_static();
}
} else {
// conf not valid
if ($setup) {
popup_error('Error : ' . $ret);
redirect('configuration.php?action=init');
} else {
header_static(_('Configuration'));
echo '<p class="msg_error centered">' . $ret . '</p>';
print_prefs($prefs);
footer_static();
}
}
} else {
$can_manage_configuration = isAuthorized('manageConfiguration');
if (isset($_GET['action']) && $_GET['action'] == 'init') {
try {
$prefs = new Preferences_admin();
} catch (Exception $e) {
}
$prefs->initialize();
require_once dirname(__FILE__) . '/includes/page_template.php';
page_header();
// printing of preferences
if ($can_manage_configuration) {
echo '<form method="post" action="configuration.php">';
echo '<input type="hidden" name="setup" value="setup" />';
}
print_prefs5($prefs, 'general', 'sql');
if ($can_manage_configuration) {
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><div align="right">Observaciones:</div></td>
<td><label>
<textarea name="observaciones" cols="50" rows="5" id="observaciones"></textarea>
</label></td>
<td> </td>
</tr>
<?php
if ($row_empleado['idunidadnegocio'] == $TYE_UNIDADNEGOCIO_DANONE || isAuthorized($FWK_PRIV_CONFIGURACION)) {
?>
<tr>
<td><div align="right">Refacturar:</div></td>
<td><select name="refacturar" id="refacturar">
<option value="0" selected>No refacturar</option>
<option value="4">Bonafont Themis</option>
<option value="5">Bonafont Training</option>
<option value="6">Bonafont IT</option>
<option value="7">Bonafont Compensaciones</option>
<option value="1">Colombia</option>
<option value="2">Guatemala</option>
<option value="3">El Salvador</option>
</select> </td>
<td> </td>
//防止直接登入
if (!$_SESSION['MM_Username'] || !$_SESSION['MM_UserGroup']) {
header("Location: " . $MM_redirectLoginFailed1);
}
//防止管理员进入
function isAuthorized($UserName, $UserGroup)
{
$isValid = False;
if (!empty($UserGroup)) {
if ($UserGroup['authority'] == 1) {
$isValid = true;
}
}
return $isValid;
}
if (isAuthorized($_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])) {
header("Location: " . $MM_redirectLoginFailed2);
}
//get data from the database of user's informaiton
$id_quest = sprintf("SELECT id,username FROM admin WHERE username='******'MM_Username'] . "' AND password='******'MM_UserGroup']['password'] . "'");
$id_set = mysqli_query($connect, $id_quest) or die(mysql_error());
$id = mysqli_fetch_assoc($id_set);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- saved from url=(0047)http://thechoose.phpnet.us/hushi2014070801.html -->
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=GBK">
<title>教育交流协会</title>
<meta name="keywords" content="个人留学直通车,中日人才交流援助平台,出国,留学,留日,人才交流,援助平台,培训,IPA,对外汉语">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<meta name="description" content="个人留学直通车,中日人才交流援助平台,出国,留学,留日,人才交流,援助平台,培训,IPA">
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if ($strUsers == "" && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "../index.php?error=2";
if (!(isset($_SESSION['MM_arica']) && isAuthorized("5,4,2", $MM_authorizedUsers, $_SESSION['MM_arica'], $_SESSION['MM_UserGroup']))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) {
$MM_qsChar = "&";
}
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) {
$MM_referrer .= "?" . $QUERY_STRING;
}
$MM_restrictGoTo = $MM_restrictGoTo . $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: " . $MM_restrictGoTo);
exit;
}
?>
<?php
public function isAuthorizedW($user)
{
// All registered users can add posts
if ($this->action === 'add' || $this->action === 'index' || $this->action === 'dashboard_user') {
return true;
}
// The owner of a post can edit and delete it
if (in_array($this->action, array('edit', 'delete'))) {
$postId = (int) $this->request->params['pass'][0];
if ($this->Wallet->isOwnedBy($postId, $user['id'])) {
return true;
}
}
return isAuthorized($user);
}
<?php
function isAuthorized()
{
return isset($_SESSION['userId']);
}
function getUserData($id = null, Mysql $mysql)
{
$user = ['companyId' => 0, 'companyPrivs' => 0];
if (!$id) {
return $user;
}
$query = $mysql->mq('
SELECT
`companyId`,
`companyPrivs`
FROM
`company`
WHERE
`companyId` = ' . (int) $id . '
LIMIT 1
');
return $mysql->assoc($query);
}
$userInfo = getUserData(isAuthorized() ? $_SESSION['userId'] : null, $mysql);
<?php
$_documentTitle = _KEYWORDS;
// Show "Page not found" for a non-administrator user.
if (!atLeastModerator()) {
include INCLUDES . "p_notfound.php";
return;
}
if (!isAuthorized('isKeywordsAdmin')) {
include INCLUDES . "p_notfound.php";
return;
}
if ($_cmd[1] == "build") {
// rebuild keywords cache
include INCLUDES . "mod_keywords_build.php";
redirect(url("keywords", array("updated" => 1)));
}
?>
<div class="header">
<div class="header_title">
<?php
echo _ADMINISTRATION;
?>
<div class="subheader"><?php
echo _KEYWORDS_SUBTITLE;
?>
</div>
</div>
<?php
$active = 2;
include INCLUDES . "mod_adminmenu.php";
<?php
ini_set("display_errors", 1);
error_reporting(E_ALL ^ E_NOTICE);
session_start();
require_once "./subs.php";
require_once "./conf.php";
require_once "../subs.php";
require_once "../conf.inc.php";
require_once "../lib/dblayer.php";
$result['msg'] = "Unknown error";
$result['success'] = false;
if ($admin_login = isKnownUser($_SESSION['username']) or $admin_login = isAuthorized()) {
/* Получаем параметры в виде JSON-объекта и преобразуем в асс.массив
* Обязательный параметр - 'action'
* */
$action = $_REQUEST['action'];
$c['admin_id'] = $admin_login["uid"];
$users = getUsers();
switch ($action) {
// Сохраняем пользовательский фильтр
case 'saveNewFilter':
$global = check_string($_REQUEST['global'], 'digits');
$user_id = $global != 1 ? $admin_login['uid'] : '0';
$name = check_string($_REQUEST['name'], 'text');
$filter = check_string($_REQUEST['filter'], 'json');
if ($filter != '' and $user_id != '' and $name != '' and $global != '') {
$query_save = $db->query("INSERT INTO helpdesk_filter (`name`, `user`, `filter`)\r\n VALUES ('{$name}', '{$user_id}', '{$filter}')");
if ($query_save) {
$result['success'] = true;
$result['msg'] = "Фильтр {$name} успешно сохранён";
$theValue = $theValue != "" ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = $theValue != "" ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$url = str_replace('/' . $config['project_folder'], '', $_SERVER['PHP_SELF']);
mysql_select_db($database_dares_conn, $dares_conn);
$query_get_prem_by_self_page = sprintf("SELECT prem_role_ids FROM sys_permission WHERE prem_url = %s", GetSQLValueString($url, "text"));
$get_prem_by_self_page = mysql_query($query_get_prem_by_self_page, $dares_conn) or die(mysql_error());
$row_get_prem_by_self_page = mysql_fetch_assoc($get_prem_by_self_page);
$totalRows_get_prem_by_self_page = mysql_num_rows($get_prem_by_self_page);
$MM_authorizedUsers = $row_get_prem_by_self_page['prem_role_ids'];
$MM_donotCheckaccess = "false";
$MM_restrictGoTo = $config['http_base_url'] . "index.php";
if (!(isset($_SESSION['User_name']) && isAuthorized("", $MM_authorizedUsers, $_SESSION['User_name'], $_SESSION['User_roles']))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) {
$MM_qsChar = "&";
}
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) {
$MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
}
$MM_restrictGoTo = $MM_restrictGoTo . $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: " . $MM_restrictGoTo);
exit;
}
function show_manage($news_id_)
{
$news = $_SESSION['service']->news_info($news_id_);
if (!is_object($news)) {
redirect('news.php');
}
$can_manage_news = isAuthorized('manageNews');
page_header();
echo '<div id="news_div">';
echo '<h1>' . $news->title . '</h1>';
echo '<div>';
echo '<h2>' . _('Modify') . '</h2>';
echo '<table border="0" cellspacing="1" cellpadding="3">';
if ($can_manage_news) {
echo '<form action="news.php" method="post">';
echo '<input type="hidden" name="action" value="rename" />';
echo '<input type="hidden" name="id" value="' . $news->id . '" />';
echo '<tr><td><strong>Title:</strong></td><td><input type="text" name="news_title" value="' . $news->title . '" /></td></tr>';
echo '<tr><td><strong>Content:</strong></td><td><textarea name="news_content" cols="40" rows="4">' . $news->content . '</textarea></td></tr>';
echo '<tr><td colspan="2"><input type="submit" value="' . _('Modify') . '" /></td></tr>';
echo '</form>';
}
echo '</table>';
echo '</div>';
echo '</div>';
page_footer();
}
function show_manage($fqdn)
{
$server = Abstract_Server::load($fqdn);
if (!$server || $server->getAttribute('registered') === false) {
redirect('servers.php');
}
$server_online = $server->isOnline();
if ($server_online) {
$buf = $server->getMonitoring();
if ($buf === false) {
popup_error(sprintf(_('Cannot get server monitoring for \'%s\''), $server->getAttribute('fqdn')));
}
Abstract_Server::save($server);
}
$buf_status = $server->getAttribute('status');
if ($buf_status == 'down') {
$status_error_msg = _('Warning: server is offline');
} elseif ($buf_status == 'broken') {
$status_error_msg = _('Warning: server is broken');
}
$server_lock = $server->getAttribute('locked');
if ($server_lock) {
$switch_button = _('Switch to production');
$switch_value = 0;
} else {
$switch_button = _('Switch to maintenance');
$switch_value = 1;
}
ksort($server->roles);
$var = array();
foreach ($server->roles as $role => $bool) {
$ret = server_display_role_preparation($role, $server);
if (!is_bool($ret)) {
$var[$role] = $ret;
} else {
Logger::debug('main', 'server_display_role_preparation failed for server ' . $server->fqdn . ' role ' . $role);
}
}
$can_do_action = isAuthorized('manageServers');
page_header();
echo '<script type="text/javascript" src="media/script/ajax/servers.js" charset="utf-8"></script>';
echo '<div id="servers_div">';
echo '<h1>' . $server->fqdn . '</h1>';
// if ($server_online === false)
// echo '<h2><p class="msg_error centered">'.$status_error_msg.'</p></h2>';
echo '<div class="section">';
echo '<h2>' . _('Monitoring') . '</h2>';
echo '<table class="main_sub" border="0" cellspacing="1" cellpadding="3">';
echo '<tr class="title">';
echo '<th>' . _('Type') . '</th><th>' . _('Version') . '</th><th>' . _('Status') . '</th>';
echo '<th>' . _('Details') . '</th>';
if ($server_online) {
echo '<th>' . _('Monitoring') . '</th>';
}
echo '</tr>';
echo '<tr class="content1">';
echo '<td style="text-align: center;"><img src="media/image/server-' . $server->stringType() . '.png" alt="' . $server->stringType() . '" title="' . $server->stringType() . '" /><br />' . $server->stringType() . '</td>';
echo '<td>' . $server->stringVersion() . '</td>';
echo '<td>' . $server->stringStatus() . '</td>';
echo '<td>' . _('CPU') . '; : ' . $server->getAttribute('cpu_model') . ' (' . $server->getAttribute('cpu_nb_cores') . ' ';
echo $server->getAttribute('cpu_nb_cores') > 1 ? _('cores') : _('core');
echo ')<br />' . _('RAM') . ' : ' . round($server->getAttribute('ram_total') / 1024) . ' ' . _('MB') . '</td>';
if ($server_online) {
echo '<td>';
echo _('CPU usage') . ': ' . $server->getCpuUsage() . '%<br />';
echo display_loadbar($server->getCpuUsage());
echo _('RAM usage') . ': ' . $server->getRamUsage() . '%<br />';
echo display_loadbar($server->getRamUsage());
foreach ($server->roles as $role => $enabled) {
if ($enabled === false) {
continue;
}
switch ($role) {
case 'aps':
echo _('Sessions usage') . ': ' . $server->getSessionUsage() . '%<br />';
echo display_loadbar($server->getSessionUsage() > 100 ? 100 : $server->getSessionUsage());
break;
case 'fs':
echo _('Disk usage') . ': ' . $server->getDiskUsage() . '%<br />';
echo display_loadbar($server->getDiskUsage() > 100 ? 100 : $server->getDiskUsage());
break;
}
}
echo '</td>';
}
echo '</tr>';
echo '</table>';
echo '</div>';
echo '<div class="section">';
echo '<h2>' . _('Configuration') . '</h2>';
echo '<table>';
echo '<tr><td>';
echo _('Redirection name for this server') . ': ';
echo '</td><td>';
if ($can_do_action) {
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Server" />';
echo '<input type="hidden" name="fqdn" value="' . $server->fqdn . '" />';
echo '<input type="hidden" name="action" value="external_name" />';
}
echo '<input type="text" name="external_name" value="' . $server->getAttribute('external_name') . '" />';
if ($can_do_action) {
echo ' <input type="submit" value="' . _('change') . '" />';
echo '</form>';
}
echo "</td></tr>\n";
if ($can_do_action) {
if ($server_online || $switch_value == 1) {
echo '<tr><td></td><td>';
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Server" />';
echo '<input type="hidden" name="checked_servers[]" value="' . $server->fqdn . '" />';
echo '<input type="hidden" name="action" value="maintenance" />';
if ($switch_value == 0) {
echo '<input type="hidden" name="to_production" value="to_production"/>';
} else {
echo '<input type="hidden" name="to_maintenance" value="to_maintenance"/>';
}
echo '<input';
if ($switch_value == 0) {
echo ' style="background: #05a305; color: #fff; font-weight: bold;"';
}
echo ' type="submit" value="' . $switch_button . '"/>';
echo '</form>';
echo '</td></tr>';
}
if ($server_lock || !$server_online) {
echo '<tr><td></td><td>';
echo '<form action="actions.php" method="get" onsubmit="return confirm(\'' . _('Are you sure you want to delete this server?') . '\');">';
echo '<input type="hidden" name="name" value="Server" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="checked_servers[]" value="' . $server->fqdn . '" />';
echo '<input type="submit" value="' . _('Delete') . '" />';
echo '</form>';
echo '</td></tr>';
}
}
echo '</table>';
echo '</div>';
foreach ($server->roles as $role => $bool) {
if (array_key_exists($role, $var)) {
echo '<div>';
// div role
echo '<fieldset class="role">';
echo '<legend>' . sprintf(_('Role: %s'), strtoupper($role)) . '</legend>';
echo server_display_role($role, $server, $var[$role]);
echo '</fieldset>';
echo '</div>';
}
}
page_footer();
die;
}
<span style="text-align: center; margin-left: auto; margin-right: auto;">
<?php
$prefs = Preferences::getInstance();
if (!$prefs) {
die_error('get Preferences failed', __FILE__, __LINE__);
}
$system_in_maintenance = $prefs->get('general', 'system_in_maintenance');
if ($system_in_maintenance == '1') {
echo '<span class="msg_error">' . _('The system is on maintenance mode') . '</span><br /><br />';
if (isAuthorized('manageServers')) {
echo '<form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to switch the system to production mode?') . '\');"><input type="hidden" name="name" value="System" /><input type="hidden" name="action" value="change" /><input type="hidden" name="switch_to" value="production" /><input style="background: #05a305; color: #fff; font-weight: bold;" type="submit" value="' . _('Switch the system to production mode') . '" /></form>';
}
} else {
echo '<span class="msg_ok">' . _('The system is on production mode') . '</span><br /><br />';
if (isAuthorized('manageServers')) {
echo '<form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to switch the system to maintenance mode?') . '\');"><input type="hidden" name="name" value="System" /><input type="hidden" name="action" value="change" /><input type="hidden" name="switch_to" value="maintenance" /><input type="submit" value="' . _('Switch the system to maintenance mode') . '" /></form>';
}
}
?>
</span>
</div>
</div>
</td>
<td style="width: 20px;">
</td>
<td style="padding-right: 20px; text-align: left; vertical-align: top;">
<div class="container rounded" style="background: #eee; width: 99%; margin-left: auto; margin-right: auto;">
<div>
<h2><?php
echo _('Status');
function checkAuthorization($policy_)
{
if (isAuthorized($policy_)) {
return true;
}
if (array_key_exists('admin_ovd_user', $_SESSION)) {
Logger::warning('main', 'User(login='******'admin_ovd_user']->getAttribute('login') . ') is not allowed to perform ' . $policy_ . '.');
} else {
Logger::warning('main', 'The user is not logged so he is not allowed to perform ' . $policy_ . '.');
}
popup_error(_('You are not allowed to perform this action'));
return false;
}
function show_manage($sharedfolder_id_)
{
$sharedfolder = $group = $_SESSION['service']->shared_folder_info($sharedfolder_id_);
if (is_null($sharedfolder)) {
popup_error(sprintf(_("Failed to import shared folder '%s'"), $sharedfolder_id_));
redirect('sharedfolders.php');
}
$server_displayname = $sharedfolder->server;
$server = $_SESSION['service']->server_info($sharedfolder->server);
if (!is_null($server)) {
$server_displayname = $server->getDisplayName();
}
$usersgroupsList = new UsersGroupsList($_REQUEST);
$all_groups = $usersgroupsList->search();
if (!is_array($all_groups)) {
$all_groups = array();
popup_error(_("Failed to get User Group data"));
}
uasort($all_groups, "usergroup_cmp");
$searchDiv = $usersgroupsList->getForm();
$available_groups = array();
$used_groups = array();
if ($sharedfolder->hasAttribute('groups')) {
$used_groups = array();
$mods_by_group = array();
$groups2 = $sharedfolder->getAttribute('groups');
foreach ($groups2 as $mode => $groups3) {
foreach ($groups3 as $group_id => $group_name) {
$used_groups[$group_id] = $group_name;
$mods_by_group[$group_id] = $mode;
}
}
}
foreach ($all_groups as $group) {
if (array_key_exists($group->id, $used_groups) === false) {
$available_groups[$group->id] = $group;
}
}
$can_manage_sharedfolders = isAuthorized('manageSharedFolders');
page_header();
echo '<div id="sharedfolders_div">';
echo '<h1>' . $sharedfolder->name . '</h1>';
echo '<div>';
echo '<h2>' . _('Server') . '</h2>';
echo '<a href="servers.php?action=manage&id=' . $sharedfolder->server . '"> ' . $server_displayname . '</a>';
echo '</div>';
echo '<br />';
echo '<div>';
echo '<h2>' . _('Configuration') . '</h2>';
echo '<table>';
echo '<tr><td>';
echo _('Name') . ': ';
echo '</td><td>';
if ($can_manage_sharedfolders) {
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="SharedFolder" />';
echo '<input type="hidden" name="action" value="rename" />';
echo '<input type="hidden" name="id" value="' . $sharedfolder->id . '" />';
}
echo '<input type="text" name="sharedfolder_name" value="' . $sharedfolder->name . '" />';
if ($can_manage_sharedfolders) {
echo ' <input type="submit" value="' . _('Rename') . '" />';
echo '</form>';
}
echo '</td></tr>';
echo '</table>';
echo '</div>';
echo '<br />';
echo '<div>';
echo '<h2>' . _('Publications') . '</h2>';
echo '<table border="0" cellspacing="1" cellpadding="3">';
foreach ($used_groups as $group_id => $group_name) {
echo '<tr>';
echo '<td><a href="usersgroup.php?action=manage&id=' . $group_id . '">' . $group_name . '</a></td>';
echo '<td>' . $mods_by_group[$group_id] . '</td>';
if ($can_manage_sharedfolders) {
echo '<td><form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to delete this shared folder access?') . '\');">';
echo '<input type="hidden" name="name" value="SharedFolder_ACL" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="sharedfolder_id" value="' . $sharedfolder->id . '" />';
echo '<input type="hidden" name="usergroup_id" value="' . $group_id . '" />';
echo '<input type="submit" value="' . _('Delete access to this shared folder') . '" />';
echo '</form></td>';
}
echo '</tr>';
}
if (count($available_groups) > 0 and $can_manage_sharedfolders) {
echo '<tr><form action="actions.php" method="post"><td>';
echo '<input type="hidden" name="name" value="SharedFolder_ACL" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="hidden" name="sharedfolder_id" value="' . $sharedfolder->id . '" />';
echo '<select name="usergroup_id">';
foreach ($available_groups as $group) {
echo '<option value="' . $group->id . '" >' . $group->name . '</option>';
}
echo '</select>';
echo '</td><td>';
echo '<select name="mode">';
echo '<option value="rw" >' . _('Read-write') . '</option>';
echo '<option value="ro" >' . _('Read only') . '</option>';
echo '</select>';
echo '</td><td><input type="submit" value="' . _('Add access to this shared folder') . '" /></td>';
echo '</form></tr>';
}
echo '</table>';
echo $searchDiv;
echo '</div>';
echo '</div>';
page_footer();
}
public function isAuthorizedC($user)
{
// All registered users can add posts
if ($this->action === 'add') {
return false;
}
// The owner of a post can edit and delete it
if (in_array($this->action, array('edit', 'delete'))) {
$postId = (int) $this->request->params['pass'][0];
if ($this->Category->isOwnedBy($postId, $user['id'])) {
return false;
}
}
return isAuthorized($user);
}
function show_manage($id)
{
$app = $_SESSION['service']->application_info($id);
$application_type = $app->getAttribute('type');
if (!is_object($app)) {
return false;
}
$is_rw = applicationdb_is_writable();
$can_manage_applications = isAuthorized('manageApplications');
// App groups
$appgroups = $_SESSION['service']->applications_groups_list();
$groups_id = array();
if ($app->hasAttribute('groups')) {
$groups_id = $app->getAttribute('groups');
}
$groups = array();
$groups_available = array();
foreach ($appgroups as $group) {
if (array_key_exists($group->id, $groups_id)) {
$groups[] = $group;
} else {
$groups_available[] = $group;
}
}
$servers_all = $_SESSION['service']->servers_list('online');
$servers = array();
foreach ($servers_all as $server) {
if (array_key_exists('webapps', $server->roles) && $server->roles['webapps']) {
$servers[] = $server;
}
}
$can_manage_server = isAuthorized('manageServers');
page_header();
echo '<div>';
echo '<h1><img class="icon32" src="media/image/cache.php?id=' . $app->getAttribute('id') . '" alt="" title="" /> ' . $app->getAttribute('name') . '</h1>';
echo '<table class="main_sub" border="0" cellspacing="1" cellpadding="3">';
echo '<tr class="title">';
echo '<th>' . _('Type') . '</th>';
echo '<th>' . _('Description') . '</th>';
if ($is_rw and $can_manage_applications) {
echo '<th></th>';
}
echo '</tr>';
echo '<tr class="content1">';
// echo '<td>'.$app->getAttribute('package').'</td>';
echo '<td style="text-align: center;"><img src="media/image/server-' . $app->getAttribute('type') . '.png" alt="' . $app->getAttribute('type') . '" title="' . $app->getAttribute('type') . '" /><br />' . $app->getAttribute('type') . '</td>';
echo '<td>' . $app->getAttribute('description') . '</td>';
if ($is_rw and $can_manage_applications) {
echo '<td>';
echo '<form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to delete this application?') . '\');">';
echo '<input type="hidden" name="name" value="Application_webapp" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="checked_applications[]" value="' . $app->getAttribute('id') . '" />';
echo '<input type="submit" value="' . _('Delete') . '" />';
echo '</form>';
echo '</td>';
}
echo '</tr>';
echo '</table>';
if ($is_rw and $can_manage_applications) {
$app_info = $_SESSION['service']->application_webapp_info($id);
echo '<br />';
echo '<form action="actions.php" method="post"">';
echo '<input type="hidden" name="name" value="Application_webapp" />';
echo '<input type="hidden" name="action" value="clone" />';
echo '<input type="hidden" name="id" value="' . $app->getAttribute('id') . '" />';
echo '<input type="submit" value="' . _('Clone to new application') . '"/>';
echo '</form>';
echo '<br />';
echo '<h2>' . _('Description') . '</h2>';
echo '<div id="application_modify">';
echo '<form id="delete_icon" action="actions.php" method="post" style="display: none;">';
echo '<input type="hidden" name="name" value="Application_webapp" />';
echo '<input type="hidden" name="action" value="del_icon" />';
echo '<input type="hidden" name="checked_applications[]" value="' . $app->getAttribute('id') . '" />';
echo '</form>';
echo '<form action="actions.php" method="post" enctype="multipart/form-data" >';
// form A
echo '<input type="hidden" name="name" value="Application_webapp" />';
echo '<input type="hidden" name="action" value="modify" />';
echo '<input type="hidden" name="published" value="1" />';
echo '<input type="hidden" name="static" value="1" />';
echo '<input type="hidden" name="id" value="' . $app->getAttribute('id') . '" />';
echo '<table border="1"><tr><td>';
echo '<table class="main_sub" border="0" cellspacing="1" cellpadding="5">';
$count = 1;
$app->setAttribute('application_name', $app->getAttribute('name'));
// ugly hack
$app->setAttribute('url_prefix', $app_info['url_prefix']);
$attr_list = array('application_name' => _('Name'), 'description' => 'Description', 'url_prefix' => _('URL prefix'));
foreach ($attr_list as $attr_name => $display_name) {
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tr class="' . $content . '">';
echo '<td style="text-transform: capitalize;">';
echo $display_name;
$attr_value = $app->getAttribute($attr_name);
echo '</td>';
echo '<td>';
echo '<input type="text" name="' . $attr_name . '" value="' . htmlspecialchars($attr_value) . '" style="with:100%;"/>';
echo '<input type="hidden" name="attributes_send[]" value="' . $attr_name . '" />';
echo '</td>';
echo '</tr>';
}
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tr class="' . $content . '">';
echo '<td>' . _('Icon') . '</td>';
echo '<td>';
echo '<img class="icon32" src="media/image/cache.php?id=' . $app->getAttribute('id') . '" alt="" title="" /> ';
echo '<input type="button" value="' . _('Delete this icon') . '" onclick="return confirm(\'' . _('Are you sure you want to delete this icon?') . '\') && $(\'delete_icon\').submit();"/>';
echo '<br />';
echo '<input type="file" name="file_icon" /> ';
echo '</td>';
echo '</tr>';
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tr class="' . $content . '">';
echo '<td>' . _('Configuration') . '</td>';
echo '<td>';
echo '<textarea name="app_conf_raw" style="width:100%;height:12em">' . $app_info['raw_configuration'] . '</textarea>';
echo '<br />';
echo '<a href="actions.php?name=Application_webapp&action=download&id=' . $app->getAttribute('id') . '">' . _('Download') . '</a>';
echo '</td>';
echo '</tr>';
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tr class="' . $content . '">';
echo '<td colspan="2">';
echo '<input type="submit" value="' . _('Modify') . '" />';
echo '</td>';
echo '</tr>';
echo '</table>';
echo '</form>';
// form A
echo "</td>";
echo "<td>";
echo '<table class="main_sub" border="0" cellspacing="1" cellpadding="3">';
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Application_webapp" />';
echo '<input type="hidden" name="action" value="modify" />';
echo '<input type="hidden" name="published" value="1" />';
echo '<input type="hidden" name="static" value="1" />';
echo '<input type="hidden" name="task" value="webapp_configuration" />';
echo '<input type="hidden" name="id" value="' . $id . '" />';
display_webapp_configuration($id);
echo '</form>';
echo '</table>';
echo "</td></tr>";
echo "</table>";
echo '</div>';
// application_modify
}
if (count($servers) > 0) {
echo '<div>';
echo '<h2>' . _('Servers') . '</h2>';
echo '<table border="0" cellspacing="1" cellpadding="3">';
foreach ($servers as $server) {
echo '<tr><td>';
echo '<a href="servers.php?action=manage&id=' . $server->id . '">' . $server->getDisplayName() . '</a>';
echo '</td></tr>';
}
echo '</table>';
echo "<div>\n";
}
if (count($appgroups) > 0) {
echo '<div>';
echo '<h2>' . _('Groups with this application') . '</h2>';
echo '<table border="0" cellspacing="1" cellpadding="3">';
foreach ($groups as $group) {
echo '<tr>';
echo '<td>';
echo '<a href="appsgroup.php?action=manage&id=' . $group->id . '">' . $group->name . '</a>';
echo '</td>';
echo '<td><form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to delete this application from this group?') . '\');">';
echo '<input type="hidden" name="name" value="Application_ApplicationGroup" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="element" value="' . $id . '" />';
echo '<input type="hidden" name="group" value="' . $group->id . '" />';
echo '<input type="submit" value="' . _('Delete from this group') . '" />';
echo '</form></td>';
echo '</tr>';
}
if (count($groups_available) > 0) {
echo '<tr>';
echo '<form action="actions.php" method="post"><td>';
echo '<input type="hidden" name="name" value="Application_ApplicationGroup" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="hidden" name="element" value="' . $id . '" />';
echo '<select name="group">';
foreach ($groups_available as $group) {
echo '<option value="' . $group->id . '">' . $group->name . '</option>';
}
echo '</select>';
echo '</td><td><input type="submit" value="' . _('Add to this group') . '" /></td>';
echo '</form>';
echo '</tr>';
}
echo '</table>';
echo "<div>\n";
}
echo '</div>';
echo '</div>';
echo '</div>';
echo '</div>';
echo '</div>';
echo '</div>';
page_footer();
die;
}
<?php
session_start();
require_once __DIR__ . '/libs.php';
if (isAuthorized() === true) {
header('LOCATION: ./index.php');
}
if (isset($_POST['go'])) {
if (isset($_POST['login']) && isset($_POST['pass'])) {
require_once __DIR__ . '/db-conf.php';
$link = connect();
$login = mysqli_real_escape_string($link, $_POST['login']);
$pass = mysqli_real_escape_string($link, $_POST['pass']);
$pass = md5($pass . md5('solt'));
$sql = "SELECT id, user, pass FROM users WHERE user='******'";
$wasInBase = ($res = mysqli_query($link, $sql)) ? mysqli_fetch_assoc($res) : false;
if ($wasInBase == false) {
$user_id = createUser($link, $login, $pass);
login($link, $user_id);
} elseif (isset($wasInBase['pass']) && $wasInBase['pass'] == $pass) {
login($link, $wasInBase['id']);
} else {
$message = 'Неправильный пароль или пользователь с таким логином уже существует.';
}
}
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
function show_default()
{
$applicationsGroupDB = ApplicationsGroupDB::getInstance();
$publications = array();
$groups_apps = $applicationsGroupDB->getList(true);
if (is_null($groups_apps)) {
$groups_apps = array();
}
foreach ($groups_apps as $i => $group_apps) {
if (!$group_apps->published) {
unset($groups_apps[$i]);
}
}
$usergroupdb = UserGroupDB::getInstance();
$groups_users = $usergroupdb->getList(true);
foreach ($groups_users as $i => $group_users) {
if (!$group_users->published) {
unset($groups_users[$i]);
}
}
// Starts from the applications groups instead of users groups because
// it's possible to not be able to have the complete users groups list (LDAP)
foreach ($groups_apps as $group_apps) {
foreach ($group_apps->userGroups() as $group_users) {
if (!$group_users->published) {
continue;
}
$publications[] = array('user' => $group_users, 'app' => $group_apps);
}
}
$has_publish = count($publications);
$can_add_publish = true;
if (count($groups_users) == 0) {
$can_add_publish = false;
} elseif (count($groups_apps) == 0) {
$can_add_publish = false;
} elseif (count($groups_users) * count($groups_apps) <= count($publications)) {
$can_add_publish = false;
}
$count = 0;
$can_manage_publications = isAuthorized('managePublications');
page_header(array('js_files' => array('media/script/publication.js')));
echo '<div>';
echo '<h1>' . _('Publications') . '</h1>';
echo '<table class="main_sub sortable" id="publications_list_table" border="0" cellspacing="1" cellpadding="5">';
echo '<thead>';
echo '<tr class="title">';
echo '<th>' . _('Users group') . '</th>';
echo '<th>' . _('Applications group') . '</th>';
echo '</tr>';
echo '</thead>';
echo '<tbody>';
if (!$has_publish) {
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tr class="' . $content . '"><td colspan="3">' . _('No publication') . '</td></tr>';
} else {
foreach ($publications as $publication) {
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
$group_u = $publication['user'];
$group_a = $publication['app'];
echo '<tr class="' . $content . '">';
echo '<td><a href="usersgroup.php?action=manage&id=' . $group_u->getUniqueID() . '">' . $group_u->name . '</a></td>';
echo '<td><a href="appsgroup.php?action=manage&id=' . $group_a->id . '">' . $group_a->name . '</a></td>';
if ($can_manage_publications) {
echo '<td><form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to delete this publication?') . '\');"><div>';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="name" value="Publication" />';
echo '<input type="hidden" name="group_a" value="' . $group_a->id . '" />';
echo '<input type="hidden" name="group_u" value="' . $group_u->getUniqueID() . '" />';
echo '<input type="submit" value="' . _('Delete') . '"/>';
echo '</div></form></td>';
}
echo '</tr>';
}
}
echo '</tbody>';
$nb_groups_apps = count($groups_apps);
$nb_groups_users = count($groups_users);
if ($can_add_publish and $can_manage_publications) {
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tfoot>';
echo '<tr class="' . $content . '">';
echo '<td>';
echo '<select id="select_group_u" name="group_u" onchange="ovdsm_publication_hook_select(this)" style="width: 100%;">';
echo '<option value="">*</option>';
foreach ($groups_users as $group_users) {
if (count($group_users->appsGroups()) < $nb_groups_apps) {
echo '<option value="' . $group_users->getUniqueID() . '" >' . $group_users->name . '</option>';
}
}
echo '</select>';
echo '</td>';
echo '<td>';
echo '<select id="select_group_a" name="group_a" onchange="ovdsm_publication_hook_select(this)" style="width: 100%;">';
echo '<option value="" >*</option>';
foreach ($groups_apps as $group_apps) {
if (count($group_apps->userGroups()) < $nb_groups_users) {
echo '<option value="' . $group_apps->id . '" >' . $group_apps->name . '</option>';
}
}
echo '</select>';
echo '</td><td>';
echo '<form action="actions.php" method="post" ><div>';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="hidden" name="name" value="Publication" />';
echo '<input type="hidden" name="group_u" value="" id="input_group_u" />';
echo '<input type="hidden" name="group_a" value="" id="input_group_a" />';
echo '<input type="button" value="' . _('Add') . '" onclick="if($(\'input_group_u\').value == \'\') {alert(\'' . addslashes(_('Please select an users group')) . '\'); return;} if($(\'input_group_a\').value == \'\') {alert(\'' . addslashes(_('Please select an applications group')) . '\'); return;} this.form.submit();" />';
echo '</div></form>';
echo '</td>';
echo '</tr>';
echo '</tfoot>';
}
echo '</table>';
echo '<br /><br /><br />';
echo '</div>';
echo '</div>';
page_footer();
}
function show_manage($id, $applicationDB)
{
global $types;
$applicationsGroupDB = ApplicationsGroupDB::getInstance();
$app = $applicationDB->import($id);
if (!is_object($app)) {
return false;
}
$is_rw = $applicationDB->isWriteable();
$can_manage_applications = isAuthorized('manageApplications');
// App groups
$appgroups = $applicationsGroupDB->getList();
$groups_id = array();
$liaisons = Abstract_Liaison::load('AppsGroup', $app->getAttribute('id'), NULL);
foreach ($liaisons as $liaison) {
$groups_id[] = $liaison->group;
}
$groups = array();
$groups_available = array();
foreach ($appgroups as $group) {
if (in_array($group->id, $groups_id)) {
$groups[] = $group;
} else {
$groups_available[] = $group;
}
}
$servers_all = Abstract_Server::load_available_by_role(Server::SERVER_ROLE_APS, true);
$liaisons = Abstract_Liaison::load('ApplicationServer', $app->getAttribute('id'), NULL);
$servers_id = array();
foreach ($liaisons as $liaison) {
$servers_id[] = $liaison->group;
}
$servers = array();
$servers_available = array();
foreach ($servers_all as $server) {
if (in_array($server->fqdn, $servers_id)) {
$servers[] = $server;
} elseif (!$server->isOnline()) {
continue;
} elseif ($server->type != $app->getAttribute('type')) {
continue;
} else {
$servers_available[] = $server;
}
}
$mimes = $applicationDB->getAllMimeTypes();
$mimeliste1 = $app->getMimeTypes();
$mimeliste2 = array();
foreach ($mimes as $mime) {
if (!in_array($mime, $mimeliste1)) {
$mimeliste2[] = $mime;
}
}
$can_manage_server = isAuthorized('manageServers');
page_header();
echo '<div>';
echo '<h1><img src="media/image/cache.php?id=' . $app->getAttribute('id') . '" alt="" title="" /> ' . $app->getAttribute('name') . '</h1>';
echo '<table class="main_sub" border="0" cellspacing="1" cellpadding="3">';
echo '<tr class="title">';
// echo '<th>'._('Package').'</th>';
echo '<th>' . _('Type') . '</th>';
echo '<th>' . _('Description') . '</th>';
echo '<th>' . _('Command') . '</th>';
if ($is_rw and $can_manage_applications) {
echo '<th></th>';
}
echo '</tr>';
echo '<tr class="content1">';
// echo '<td>'.$app->getAttribute('package').'</td>';
echo '<td style="text-align: center;"><img src="media/image/server-' . $app->getAttribute('type') . '.png" alt="' . $app->getAttribute('type') . '" title="' . $app->getAttribute('type') . '" /><br />' . $app->getAttribute('type') . '</td>';
echo '<td>' . $app->getAttribute('description') . '</td>';
echo '<td>';
echo $app->getAttribute('executable_path');
echo '</td>';
if ($is_rw and $can_manage_applications) {
echo '<td>';
echo '<form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to delete this application?') . '\');">';
echo '<input type="hidden" name="name" value="Application_static" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="checked_applications[]" value="' . $app->getAttribute('id') . '" />';
echo '<input type="submit" value="' . _('Delete') . '" />';
echo '</form>';
echo '</td>';
}
echo '</tr>';
echo '</table>';
if ($is_rw and $can_manage_applications) {
echo '<br />';
echo '<form action="actions.php" method="post"">';
echo '<input type="hidden" name="name" value="Application" />';
echo '<input type="hidden" name="action" value="clone" />';
echo '<input type="hidden" name="id" value="' . $app->getAttribute('id') . '" />';
echo '<input type="submit" value="' . _('Clone to new application') . '"/>';
echo '</form>';
echo '<br />';
echo '<h2>' . _('Modify') . '</h2>';
echo '<div id="application_modify">';
echo '<form id="delete_icon" action="actions.php" method="post" style="display: none;">';
echo '<input type="hidden" name="name" value="Application_static" />';
echo '<input type="hidden" name="action" value="del_icon" />';
echo '<input type="hidden" name="checked_applications[]" value="' . $app->getAttribute('id') . '" />';
echo '</form>';
echo '<form action="actions.php" method="post" enctype="multipart/form-data" >';
// form A
echo '<input type="hidden" name="name" value="Application_static" />';
echo '<input type="hidden" name="action" value="modify" />';
echo '<input type="hidden" name="published" value="1" />';
echo '<input type="hidden" name="static" value="1" />';
echo '<input type="hidden" name="id" value="' . $app->getAttribute('id') . '" />';
echo '<table class="main_sub" border="0" cellspacing="1" cellpadding="5">';
$count = 1;
$app->setAttribute('application_name', $app->getAttribute('name'));
// ugly hack
$app->unsetAttribute('name');
$attr_list = $app->getAttributesList();
foreach ($attr_list as $k => $v) {
if (in_array($v, array('id', 'type', 'static', 'published', 'desktopfile', 'package', 'revision'))) {
unset($attr_list[$k]);
}
}
asort($attr_list);
foreach ($attr_list as $attr_name) {
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tr class="' . $content . '">';
echo '<td style="text-transform: capitalize;">';
if ($attr_name == 'executable_path') {
echo _('Command');
} else {
if ($attr_name == 'application_name') {
echo _('Name');
} else {
echo _($attr_name);
}
}
echo '</td>';
echo '<td>';
echo '<input type="text" name="' . $attr_name . '" value="' . htmlspecialchars($app->getAttribute($attr_name)) . '" style="with:100%;"/>';
echo '<input type="hidden" name="attributes_send[]" value="' . $attr_name . '" />';
echo '</td>';
echo '</tr>';
}
if (get_classes_startwith('Imagick') != array()) {
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tr class="' . $content . '">';
echo '<td>' . _('Icon') . '</td>';
echo '<td>';
if ($app->getIconPath() != $app->getDefaultIconPath() && file_exists($app->getIconPath())) {
echo '<img src="media/image/cache.php?id=' . $app->getAttribute('id') . '" alt="" title="" /> ';
echo '<input type="button" value="' . _('Delete this icon') . '" onclick="return confirm(\'' . _('Are you sure you want to delete this icon?') . '\') && $(\'delete_icon\').submit();"/>';
echo '<br />';
}
echo '<input type="file" name="file_icon" /> ';
echo '</td>';
echo '</tr>';
} else {
Logger::info('main', 'No Imagick support found');
}
$content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
echo '<tr class="' . $content . '">';
echo '<td colspan="2">';
echo '<input type="submit" value="' . _('Modify') . '" />';
echo '</td>';
echo '</tr>';
echo '</table>';
echo '</form>';
// form A
echo '</div>';
// application_modify
}
if (count($servers) + count($servers_available) > 0) {
echo '<div>';
echo '<h2>' . _('Servers with this application') . '</h2>';
echo '<table border="0" cellspacing="1" cellpadding="3">';
foreach ($servers as $server) {
echo '<tr><td>';
echo '<a href="servers.php?action=manage&fqdn=' . $server->fqdn . '">' . $server->fqdn . '</a>';
echo '</td>';
echo '<td>';
if ($server->isOnline() and $can_manage_server) {
echo '<form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to remove this application from this server?') . '\');">';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="name" value="Application_Server" />';
echo '<input type="hidden" name="application" value="' . $id . '" />';
echo '<input type="hidden" name="server" value="' . $server->fqdn . '" />';
echo '<input type="submit" value="' . _('Remove from this server') . '"/>';
echo '</form>';
}
echo '</td>';
echo '</tr>';
}
if (count($servers_available) > 0 and $can_manage_server) {
echo '<tr>';
echo '<form action="actions.php" method="post"><td>';
echo '<input type="hidden" name="name" value="Application_Server" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="hidden" name="application" value="' . $id . '" />';
echo '<select name="server">';
foreach ($servers_available as $server) {
echo '<option value="' . $server->fqdn . '">' . $server->fqdn . '</option>';
}
echo '</select>';
echo '</td><td><input type="submit" value="' . _('Add to this server') . '" /></td>';
echo '</form>';
echo '</tr>';
}
echo '</table>';
echo "<div>\n";
}
if (count($appgroups) > 0) {
echo '<div>';
echo '<h2>' . _('Groups with this application') . '</h2>';
echo '<table border="0" cellspacing="1" cellpadding="3">';
foreach ($groups as $group) {
echo '<tr>';
echo '<td>';
echo '<a href="appsgroup.php?action=manage&id=' . $group->id . '">' . $group->name . '</a>';
echo '</td>';
echo '<td><form action="actions.php" method="post" onsubmit="return confirm(\'' . _('Are you sure you want to delete this application from this group?') . '\');">';
echo '<input type="hidden" name="name" value="Application_ApplicationGroup" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="element" value="' . $id . '" />';
echo '<input type="hidden" name="group" value="' . $group->id . '" />';
echo '<input type="submit" value="' . _('Delete from this group') . '" />';
echo '</form></td>';
echo '</tr>';
}
if (count($groups_available) > 0) {
echo '<tr>';
echo '<form action="actions.php" method="post"><td>';
echo '<input type="hidden" name="name" value="Application_ApplicationGroup" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="hidden" name="element" value="' . $id . '" />';
echo '<select name="group">';
foreach ($groups_available as $group) {
echo '<option value="' . $group->id . '">' . $group->name . '</option>';
}
echo '</select>';
echo '</td><td><input type="submit" value="' . _('Add to this group') . '" /></td>';
echo '</form>';
echo '</tr>';
}
echo '</table>';
echo "<div>\n";
}
// Mime-Type part
echo '<div>';
echo '<h2>' . _('Mime-Types') . '</h2>';
echo '<div>';
echo '<table border="0" cellspacing="1" cellpadding="3">';
foreach ($mimeliste1 as $mime) {
echo '<tr><td>';
echo '<a href="mimetypes.php?action=manage&id=' . urlencode($mime) . '">' . $mime . '</a>';
echo '</td>';
echo '<td>';
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Application_MimeType" />';
echo '<input type="hidden" name="action" value="del" />';
echo '<input type="hidden" name="id" value="' . $app->getAttribute('id') . '" />';
echo '<input type="hidden" name="mime" value="' . $mime . '" />';
echo '<input type="submit" value="' . _('Del') . '"/>';
echo '</form>';
echo '</td>';
echo '</tr>';
}
if (is_array($mimeliste2) && count($mimeliste2) > 0) {
echo '<tr>';
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Application_MimeType" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="hidden" name="id" value="' . $app->getAttribute('id') . '" />';
echo '<td>';
echo '<select name="mime">';
foreach ($mimeliste2 as $mime) {
echo '<option>' . $mime . '</option>';
}
echo '</select>';
echo '</td>';
echo '<td>';
echo '<input type="submit" value="' . _('Add') . '"/>';
echo '</td>';
echo '</form>';
echo '</tr>';
}
echo '<tr>';
echo '<form action="actions.php" method="post">';
echo '<input type="hidden" name="name" value="Application_MimeType" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="hidden" name="id" value="' . $app->getAttribute('id') . '" />';
echo '<td>' . _('Custom Mime-Type: ') . '<input type="text" name="mime" /></td>';
echo '<td>';
echo '<input type="submit" value="' . _('Add') . '"/>';
echo '</td>';
echo '</form>';
echo '</tr>';
echo '</table>';
echo '</div>';
echo '</div>';
// mime div
echo '</div>';
echo '</div>';
echo '</div>';
echo '</div>';
echo '</div>';
echo '</div>';
page_footer();
die;
}
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if ($strUsers == "" && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "../users/login.php";
if (!(isset($_SESSION['MM_Username']) && isAuthorized("", $MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup']))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) {
$MM_qsChar = "&";
}
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) {
$MM_referrer .= "?" . $QUERY_STRING;
}
$MM_restrictGoTo = $MM_restrictGoTo . $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: " . $MM_restrictGoTo);
exit;
}
if ($_POST['list']) {
if (trim($_POST['list']) != "") {
$query = "insert into procentris_list(list, pid, level, list_type, user_id) values('" . addslashes(stripslashes($_POST['list'])) . "', '" . $_POST['pid'] . "', '" . $_POST['level'] . "', '" . $_POST['list_type'] . "', '" . $_POST['user_id'] . "')";
<?php
session_start();
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($access)
{
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($access)) {
$isValid = True;
}
return $isValid;
}
if (!isset($_SESSION['username']) && !isAuthorized($_SESSION['access'])) {
header("Location: " . $ROOT . "pages/login/login.php");
}
// ** Logout the current user. **
//Link for logout
$logoutAction = $_SERVER['PHP_SELF'] . "?doLogout=true";
if (isset($_GET['doLogout']) && $_GET['doLogout'] == "true") {
//to fully log out a visitor we need to clear the session varialbles
$_SESSION['username'] = NULL;
$_SESSION['name'] = NULL;
$_SESSION['access'] = NULL;
unset($_SESSION['username']);
unset($_SESSION['name']);
unset($_SESSION['access']);
//logout redirect
header("Location: " . $ROOT . "pages/login/login.php");
