function get_profiles() { $profiles = array(); $serializer = new XMLProfileSerializer(); $profilesRoot = DOCUMENT_REAL_ROOT . '/config/profiles'; // Scan and parse each profile file foreach (scandir($profilesRoot) as $file) { $path = $profilesRoot . '/' . $file; $parts = pathinfo($path); // Check if it is an XML file if ($parts['extension'] === 'xml' and is_file($path)) { $profiles[$parts['filename']] = $serializer->unserialize($parts['filename'], file_get_contents($path)); } } return $profiles; }
function migrate_profiles_2_2() { if (!file_exists(DOCUMENT_REAL_ROOT . '/config/profiles')) { mkdir(DOCUMENT_REAL_ROOT . '/config/profiles'); } if (!is_writable(DOCUMENT_REAL_ROOT . '/config/profiles')) { msg_error($l->g(2116)); exit; } $txt_serializer = new TxtProfileSerializer(); $xml_serializer = new XMLProfileSerializer(); foreach (scandir($_SESSION['OCS']['CONF_PROFILS_DIR']) as $file) { if (preg_match('/^(.+)_config\\.txt$/', $file, $matches) and $matches[1] != '4all') { $profile_name = $matches[1]; $profile_data = read_profil_file($profile_name); $profile = $txt_serializer->unserialize($profile_name, $profile_data); $xml = $xml_serializer->serialize($profile); file_put_contents(DOCUMENT_REAL_ROOT . '/config/profiles/' . $profile_name . '.xml', $xml); } } }
} } /********************END DOWNLOAD REDISTRIBUTION******************/ /*********************************************GESTION OF LBL_TAG*************************************/ if (!isset($_SESSION['OCS']['TAG_LBL'])) { require_once 'require/function_admininfo.php'; $all_tag_lbl = witch_field_more('COMPUTERS'); foreach ($all_tag_lbl['LIST_NAME'] as $key => $value) { $_SESSION['OCS']['TAG_LBL'][$value] = $all_tag_lbl['LIST_FIELDS'][$key]; $_SESSION['OCS']['TAG_ID'][$key] = $value; } } /*******************************************GESTION OF PLUGINS (MAIN SECTIONS)****************************/ if (!isset($_SESSION['OCS']['profile'])) { $profile_config = 'config/profiles/' . $_SESSION['OCS']["lvluser"] . '.xml'; $profile_serializer = new XMLProfileSerializer(); $profile = $profile_serializer->unserialize($_SESSION['OCS']["lvluser"], file_get_contents($profile_config)); $_SESSION['OCS']['profile'] = $profile; } else { $profile = $_SESSION['OCS']['profile']; } if (!AJAX and (!isset($header_html) or $header_html != 'NO') and !isset($protectedGet['no_header'])) { require_once HEADER_HTML; } $url_name = $urls->getUrlName($protectedGet[PAG_INDEX]); //VERIF ACCESS TO THIS PAGE if (isset($protectedGet[PAG_INDEX]) and !$profile->hasPage($url_name) and (!$_SESSION['OCS']['TRUE_PAGES'] or !array_search($url_name, $_SESSION['OCS']['TRUE_PAGES'])) and !($profile->getConfigValue('TELEDIFF') == 'YES' and $url_name == 'ms_admin_ipdiscover')) { msg_error("ACCESS DENIED"); require_once FOOTER_HTML; die; }
function update_profile($profile_id, $data) { $yes_no = array('YES', 'NO'); $urls = $_SESSION['OCS']['url_service']; $profiles = get_profiles(); $profile = $profiles[$profile_id]; $updatedProfile = new Profile($profile_id, $data['new_label'] ?: $profile->getLabel()); foreach ($data['restrictions'] as $key => $val) { $updatedProfile->setRestriction($key, $val); } foreach ($data['config'] as $key => $val) { $updatedProfile->setConfig($key, $val); } foreach ($data['blacklist'] as $key => $val) { if ($val == 'YES') { $updatedProfile->addToBlacklist($key); } } foreach ($data['pages'] as $key => $val) { if ($urls->getUrl($key) and $val == 'on') { $updatedProfile->addPage($key); } } $serializer = new XMLProfileSerializer(); $xml = $serializer->serialize($updatedProfile); if (file_put_contents(DOCUMENT_REAL_ROOT . '/config/profiles/' . $profile->getName() . '.xml', $xml)) { return $profile->getName(); } else { return false; } }
//nom de la page $name = "local.php"; connexion_local_read(); mysqli_select_db($link_ocs, $db_ocs); //recherche du niveau de droit de l'utilisateur $reqOp = "SELECT new_accesslvl as accesslvl FROM operators WHERE id='%s'"; $argOp = array($_SESSION['OCS']["loggeduser"]); $resOp = mysql2_query_secure($reqOp, $link_ocs, $argOp); $rowOp = mysqli_fetch_object($resOp); if (isset($rowOp->accesslvl)) { $lvluser = $rowOp->accesslvl; $profile_config = DOCUMENT_REAL_ROOT . '/config/profiles/' . $lvluser . '.xml'; if (!file_exists($profile_config)) { migrate_config_2_2(); } $profile_serializer = new XMLProfileSerializer(); $profile = $profile_serializer->unserialize($lvluser, file_get_contents($profile_config)); $restriction = $profile->getRestriction('GUI'); //Si l'utilisateur a des droits limités //on va rechercher les tags sur lesquels il a des droits if ($restriction == 'YES') { $sql = "select tag from tags where login='******'"; $arg = array($_SESSION['OCS']["loggeduser"]); $res = mysql2_query_secure($sql, $link_ocs, $arg); while ($row = mysqli_fetch_object($res)) { $list_tag[$row->tag] = $row->tag; } if (!isset($list_tag)) { $ERROR = $l->g(893); } } elseif ($restriction != 'NO') {