function ChkLevel($token)
{
global $defined;
if (empty($token)) {
$level->value = -1;
} else {
$auth = new Encryption();
$db = new dbConn();
$val = new ValidateStrings();
$array = $auth->DecodeAuthToken($token);
$data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT `level` FROM `auth_users` WHERE `level` = \"" . base64_decode($array[2]) . "\"";
$value = $db->dbQuery($val->ValidateSQL($query, $data), $data);
$array = $db->dbArrayResults($value);
$level->value = $array[0]['level'];
$db->dbFreeData($query);
$db->dbCloseConn($data);
}
return $level->value;
}
$ERROR = $err->GenerateErrorLink("help/help.html", "#undef", $defined['error'], $errors['undef_sql'], NULL, NULL);
// valid user found
} elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === 0) {
// perform permissions check with access level and group data
if ($level->ChkLevel($_SESSION['token']) === "admin") {
// define some variables for the template etc.
$JS = " hidediv('extras'); hidediv('perms');";
$FILE = "manage.pools.tpl";
// initialize a db connection handle
$dbconn = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
// provide count of online users
$online = "SELECT * FROM `admin_sessions`";
$ret = $db->dbQuery($val->ValidateSQL($online, $dbconn), $dbconn);
$usersoline = $db->dbNumRows($ret);
// decode our authentication token to get our group membership
$user_details = $encrypt->DecodeAuthToken($_SESSION['token']);
$group = base64_decode($user_details[3]);
// get an array of subnets the ISC DHCPD service may listen on
$query = "SELECT `name`, `broadcast` FROM `conf_adapters` ORDER BY `broadcast` ASC";
if (($value = $db->dbQuery($val->ValidateSQL($query, $dbconn), $dbconn)) === -1) {
$error = $err->GenerateErrorLink("help/help.html", "#config_subnets", $defined['error'], $errors['db_select'], NULL, NULL);
} else {
$tmp = $db->dbArrayResultsAssoc($value);
// filter for empty stuff
for ($x = 0; $x < count($tmp); $x++) {
if (!empty($tmp[$x]['broadcast'])) {
$interface_list[$tmp[$x]['name']] = $tmp[$x]['broadcast'];
}
}
}
// Look for a GET id post to edit existing dnssec keys
function AuthUser($user, $pass, $token)
{
// our global config opts
global $defined;
// initialize classes
$db = new dbConn();
$val = new ValidateStrings();
$lib = new Authenticate();
$auth = new Encryption();
$sess = new Sessions();
$misc = new MiscFunctions();
$exit = new ExitApp();
// check our authentication requirements
if (empty($user) && empty($pass) && empty($token)) {
return -1;
}
// we have an existing authentication token present
if (!empty($token) && empty($user) && empty($pass)) {
$array = $auth->DecodeAuthToken($token);
$user = base64_decode($array[0]);
$pass = base64_decode($array[1]);
$time = $array[4];
$current = $misc->GenTime();
if ($lib->AuthTimeOut($defined['timeout'], $time, $current) === -1) {
return -2;
}
}
// perform validation on username and password
if ($val->ValidateAlphaChar($user) === -1 || $val->ValidateParagraph($pass) === -1) {
return -3;
}
// see if the user exists for authenticaiton
$data = $db->dbConnect($defined['dbhost'], $defined['username'], $defined['password'], $defined['dbname']);
$query = "SELECT * FROM `auth_users` WHERE `username` = \"{$user}\" AND `password` = sha1( \"{$pass}\" )";
$query = $val->ValidateSQL($query, $data);
// database problem
if (($value = $db->dbQuery($query, $data)) === -1) {
return -5;
}
// check user match
if ($db->dbNumRows($value) === -1 || $db->dbNumRows($value) === 0) {
return -4;
} else {
$return = 0;
}
// create our authentication session token
if (empty($token)) {
$array = $db->dbArrayResults($value);
$x = $auth->GeneratePrivateKey($defined['enckeygen']);
$access_date = $misc->GenDate();
$access_time = $misc->GenTimeRead();
$query = "UPDATE `auth_users` SET `access_date` = \"" . $access_date . "\", `access_time` = \"" . $access_time . "\", `session` = \"{$x}\" WHERE `id` = \"" . $array[0]['id'] . "\"";
$value = $val->ValidateSQL($query, $data);
if (($value = $db->dbQuery($value, $data)) === -1) {
return -5;
}
$x = $auth->EncodePrivToHex($x);
if (($token = $auth->EncodeAuthToken($array[0]['username'], $pass, $array[0]['level'], $array[0]['group'], $misc->GenTime(), $x)) !== -1) {
$sess->RegisterSession("token", $token);
$return = 0;
}
}
$db->dbFreeData($query);
$db->dbCloseConn($data);
return $return;
}
