function Save() { $acl = new squid_acls_groups(); $DATAS = url_decode_special_tool($_POST["Save"]); $MAIN = explode("\n", $DATAS); while (list($index, $ligne) = each($MAIN)) { if (strpos($ligne, ";") == 0) { echo "{$ligne} -> FALSE ERR." . __LINE__ . "\n"; continue; } $tr = explode(";", $ligne); if (count($tr) < 2) { echo "{$ligne} -> FALSE\n"; continue; } $GroupName = $tr[0]; $Categories = explode(",", $tr[1]); if ($Categories[0] == null) { echo "{$ligne} -> FALSE ERR." . __LINE__ . "\n"; continue; } $gpid = GetADGroupID($GroupName); echo "{$GroupName} ID {$gpid}\n"; if ($gpid == 0) { echo "{$ligne} -> FALSE ERR." . __LINE__ . "\n"; continue; } $Category_groupnane = "{$GroupName} - categories"; $CategoryID = GetCategoryGroupID($GroupName); if ($CategoryID == 0) { echo "{$ligne} -> FALSE ERR." . __LINE__ . "\n"; continue; } FillCategoryItems($CategoryID, $Categories); $RuleName = "{$GroupName} - categories"; $RuleID = GetRuleID($RuleName); if ($RuleID == 0) { echo "{$ligne} -> FALSE ERR." . __LINE__ . "\n"; continue; } AssociatesG($RuleID, $gpid, 0); AssociatesG($RuleID, $CategoryID, 1); if (!$acl->aclrule_edittype($RuleID, "url_rewrite_access_deny", 1)) { echo "{$ligne} -> FALSE ERR." . __LINE__ . "\n"; continue; } echo "Associates {$RuleName}[{$RuleID}] to {$CategoryID},{$gpid} ({$Category_groupnane},{$GroupName}) [OK]\n"; } }
function import_acls_extacl($filename = null, $ARRAY, $aclgpid = 0) { $q = new mysql_squid_builder(); $acl = new squid_acls_groups(); if ($filename != null) { if (is_file($filename)) { $ARRAY = unserialize(base64_decode(@file_get_contents($filename))); } } if (!is_array($ARRAY)) { echo "{$filename}, unable to decode Array()\n"; return; } if (!isset($ARRAY["webfilters_sqacls"])) { echo "{$filename}, unable to decode webfilters_sqacls (" . __LINE__ . ")\n"; return; } if (!is_array($ARRAY["webfilters_sqacls"])) { echo "{$filename}, unable to decode webfilters_sqacls\n"; return; } if (isset($ARRAY["webfilters_sqaclaccess"])) { if (!is_array($ARRAY["webfilters_sqaclaccess"])) { if (!isset($ARRAY["SUBRULES"])) { echo "{$filename}, unable to decode webfilters_sqaclaccess\n"; return; } } } if (!isset($ARRAY["SUBRULES"])) { if (!is_array($ARRAY["webfilters_sqgroups"])) { echo "{$filename}, unable to decode webfilters_sqgroups\n"; return; } } $keys = array(); $values = array(); while (list($key, $value) = each($ARRAY["webfilters_sqacls"])) { $keys[] = "`{$key}`"; $values[] = "'" . mysql_escape_string2($value) . "'"; } if ($aclgpid > 0) { echo "Prepare SUB-ACL Master ACL:{$aclgpid}\n"; $keys[] = "`aclgpid`"; $values[] = "'{$aclgpid}'"; } $sql = "INSERT IGNORE INTO webfilters_sqacls (" . @implode(",", $keys) . ") VALUES (" . @implode(",", $values) . ")"; $q->QUERY_SQL($sql); if (!$q->ok) { echo $q->mysql_error . "\n{$sql}\n"; return; } $ACLID = $q->last_id; echo "*** New ACL {$ACLID} ***\n"; if (isset($ARRAY["SUBRULES"])) { if (is_array($ARRAY["SUBRULES"])) { while (list($index, $arrayrule) = each($ARRAY["SUBRULES"])) { if ($GLOBALS["VERBOSE"]) { echo "import_acls_extacl(null,{$arrayrule},{$ACLID})\n"; } import_acls_extacl(null, $arrayrule, $ACLID); } } } $keys = array(); $values = array(); if (isset($ARRAY["webfilters_sqaclaccess"])) { $acl->aclrule_edittype($ACLID, $ARRAY["webfilters_sqaclaccess"]["httpaccess"], $ARRAY["webfilters_sqaclaccess"]["httpaccess_value"]); echo "New sqaclaccess for {$ACLID} {$ARRAY["webfilters_sqaclaccess"]["httpaccess"]}\n"; } if (isset($ARRAY["webfilters_sqgroups"])) { while (list($index, $grouparray) = each($ARRAY["webfilters_sqgroups"])) { $GROUP_ARRAY = $grouparray["GROUP"]; $GROUP_ITEMS = $grouparray["ITEMS"]; $GROUP_DYN = $grouparray["DYN"]; $keys = array(); $values = array(); while (list($key, $value) = each($GROUP_ARRAY)) { $keys[] = "`{$key}`"; $values[] = "'" . mysql_escape_string2($value) . "'"; } $sql = "INSERT IGNORE INTO webfilters_sqgroups (" . @implode(",", $keys) . ") VALUES (" . @implode(",", $values) . ")"; $q->QUERY_SQL($sql); if (!$q->ok) { echo $q->mysql_error . "\n{$sql}\n"; return; } $GPID = $q->last_id; $GROUPSACLS[$GPID] = true; while (list($index, $itemsArray) = each($GROUP_ITEMS)) { $keys = array(); $values = array(); while (list($key, $value) = each($itemsArray)) { $keys[] = "`{$key}`"; $values[] = "'" . mysql_escape_string2($value) . "'"; } $keys[] = "`gpid`"; $values[] = "{$GPID}"; $sql = "INSERT IGNORE INTO webfilters_sqitems (" . @implode(",", $keys) . ") VALUES (" . @implode(",", $values) . ")"; $q->QUERY_SQL($sql); if (!$q->ok) { echo $q->mysql_error . "\n{$sql}\n"; return; } } if (count($GROUP_DYN) > 0) { $keys = array(); $values = array(); while (list($key, $value) = each($GROUP_DYN)) { $keys[] = "`{$key}`"; $values[] = "'" . mysql_escape_string2($value) . "'"; } $keys[] = "`gpid`"; $values[] = "{$GPID}"; $sql = "INSERT IGNORE INTO webfilter_aclsdynamic (" . @implode(",", $keys) . ") VALUES (" . @implode(",", $values) . ")"; $q->QUERY_SQL($sql); if (!$q->ok) { echo $q->mysql_error . "\n{$sql}\n"; return; } } } while (list($gpid, $value) = each($GROUPSACLS)) { echo "Linking ACL {$ACLID} with group {$gpid}\n"; $md5 = md5($ACLID . $gpid); $sql = "INSERT IGNORE INTO webfilters_sqacllinks (zmd5,aclid,gpid) VALUES('{$md5}','{$ACLID}','{$gpid}')"; $q->QUERY_SQL($sql); } } }
function acl_main_rule_edit() { if (!isset($_POST["aclgpid"])) { $_POST["aclgpid"] = 0; } //ini_set('html_errors',0);ini_set('display_errors', 1);ini_set('error_reporting', E_ALL);ini_set('error_prepend_string','');ini_set('error_append_string',''); if (!isset($_POST["tcp_outgoing_tos_value"])) { $_POST["tcp_outgoing_tos_value"] = null; } if (!isset($_POST["tcp_outgoing_address_value"])) { $_POST["tcp_outgoing_address_value"] = null; } try { $q = new mysql_squid_builder(); $acl = new squid_acls_groups(); $ID = $_POST["ID"]; $aclname = $_POST["aclrulename"]; if (isset($_POST["PortDirection"])) { $PortDirection = ",`PortDirection`='{$_POST["PortDirection"]}'"; } $sql = "UPDATE webfilters_sqacls SET aclname='{$aclname}',\n\t\t`aclgpid`='{$_POST["aclgpid"]}'{$PortDirection} WHERE ID='{$ID}'"; $q->QUERY_SQL($sql); if (!$q->ok) { echo $q->mysql_error; return; } if (!$acl->aclrule_edittype($ID, "access_allow", $_POST["access_allow"])) { return; } if (!$acl->aclrule_edittype($ID, "url_rewrite_access_deny", $_POST["url_rewrite_access_deny"])) { return; } if (!$acl->aclrule_edittype($ID, "url_rewrite_access_allow", $_POST["url_rewrite_access_allow"])) { return; } if (!$acl->aclrule_edittype($ID, "access_deny", $_POST["access_deny"])) { return; } if (!$acl->aclrule_edittype($ID, "adaptation_access_deny", $_POST["adaptation_access_deny"])) { return; } if (!$acl->aclrule_edittype($ID, "cache_deny", $_POST["cache_deny"])) { return; } if (!$acl->aclrule_edittype($ID, "deny_access_except", $_POST["deny_access_except"])) { return; } if (!$acl->aclrule_edittype($ID, "tcp_outgoing_tos", $_POST["tcp_outgoing_tos"], $_POST["tcp_outgoing_tos_value"])) { return; } if (!$acl->aclrule_edittype($ID, "reply_body_max_size", $_POST["reply_body_max_size"], $_POST["reply_body_max_size_value"])) { return; } if (!$acl->aclrule_edittype($ID, "tcp_outgoing_address", $_POST["tcp_outgoing_address"], $_POST["tcp_outgoing_address_value"])) { return; } if (!$acl->aclrule_edittype($ID, "delay_access", $_POST["delay_access"], $_POST["delay_access_id"])) { return; } if (!$acl->aclrule_edittype($ID, "snmp_access_allow", $_POST["snmp_access_allow"], $_POST["snmp_access_allow"])) { return; } if (!$acl->aclrule_edittype($ID, "log_access", $_POST["log_access"], $_POST["log_access"])) { return; } if (!$acl->aclrule_edittype($ID, "deny_log", $_POST["deny_log"])) { return; } if (!$acl->aclrule_edittype($ID, "cache_parent", $_POST["cache_parent"])) { return; } if (!$acl->aclrule_edittype($ID, "deny_quota_rule", $_POST["deny_quota_rule"], $_POST["deny_quota_rule_id"])) { return; } if (!$acl->aclrule_edittype($ID, "http_reply_access_deny", $_POST["http_reply_access_deny"])) { return; } if (!$acl->aclrule_edittype($ID, "http_reply_access_allow", $_POST["http_reply_access_allow"])) { return; } $request_header_add_value["header_name"] = $_POST["request_header_add_name"]; $request_header_add_value["header_value"] = $_POST["request_header_add_value"]; $request_header_add_value_final = base64_encode(serialize($request_header_add_value)); if (!$acl->aclrule_edittype($ID, "request_header_add", $_POST["request_header_add"], $request_header_add_value_final)) { return; } } catch (Exception $e) { echo $e->getMessage(); return; } }
function import_http_access($line, $xORDER) { if (!preg_match("#(http_access|http_reply_access)\\s+(allow|deny)\\s+(.+)#", $line, $re)) { echo "`{$line}` -ERR- unable to understand this rule\n"; return; } $PortDirectionS["proxy_auth_ads"] = 1; $q = new mysql_squid_builder(); $PortDirection = 0; $re[2] = trim($re[2]); $re[3] = trim($re[3]); $GroupsX = explode(" ", $re[3]); $GPS = array(); while (list($index, $gptmp) = each($GroupsX)) { $gptmp = trim($gptmp); $gpName = null; $negation = false; $Alternate = null; if ($gptmp == null) { continue; } if (substr($gptmp, 0, 1) == "!") { $gptmp = substr($gptmp, 1, strlen($gptmp)); $negation = true; } if ($gptmp == "all") { continue; } $sql = "SELECT ID,GroupType FROM webfilters_sqgroups WHERE GroupName='{$gptmp}'"; $ligne = mysql_fetch_array($q->QUERY_SQL($sql)); if ($ligne["ID"] == 0) { $Alternate = external_acl_find($gptmp); if ($Alternate != null) { $gptmp = $Alternate; $sql = "SELECT ID,GroupType FROM webfilters_sqgroups WHERE GroupName='{$Alternate}'"; $ligne = mysql_fetch_array($q->QUERY_SQL($sql)); } } if ($ligne["ID"] == 0) { echo " -ERR- Unable to find group id from `{$gptmp}`\n"; continue; } if (isset($PortDirectionS[$ligne["GroupType"]])) { $PortDirection = $PortDirectionS[$ligne["GroupType"]]; } $GroupLogs[] = " {$gptmp} id:{$ligne["ID"]}"; $Groups[$ligne["ID"]] = $negation; if ($negation) { $gpName = "not "; } $gpName = $gpName . $gptmp; $GPS[] = $gpName; } if (count($GPS) == 0) { echo "`{$line}` -ERR- no associated groups\n"; return; } $DenyAllow = $re[2]; $aclType = trim($re[1]); $aclname2 = trim(@implode(" ", $GPS)); $aclname = "{$DenyAllow} {$aclname2}"; $TRANS["http_access"]["deny"] = "access_deny"; $TRANS["http_access"]["allow"] = "access_allow"; $TRANS["http_reply_access"]["deny"] = "http_reply_access_deny"; $TRANS["http_reply_access"]["allow"] = "http_reply_access_allow"; $acl_type = $TRANS[$aclType][$DenyAllow]; if ($acl_type == null) { echo " {$aclname} -> -ERR- Unable to understand {$aclType}/{$DenyAllow}\n"; return; } echo "Acl Name `{$aclname}`"; $sql = "SELECT ID FROM webfilters_sqacls WHERE aclname='{$aclname}'"; //if(isset($_POST["PortDirection"])){$PortDirection=",`PortDirection`='{$_POST["PortDirection"]}'";} $ligne = mysql_fetch_array($q->QUERY_SQL($sql)); if ($ligne["ID"] > 0) { $aclid = $ligne["ID"]; $q->QUERY_SQL("UPDATE webfilters_sqacls SET xORDER='{$xORDER}',PortDirection={$PortDirection} WHERE ID='{$aclid}'"); echo " {$aclid} (edited) [" . @implode(" ", $GroupLogs) . "]"; } else { $sql = "INSERT INTO webfilters_sqacls (aclname,enabled,acltpl,xORDER,aclport,aclgroup,aclgpid,PortDirection) VALUES ('{$aclname}',1,'','{$xORDER}','0','0','0','{$PortDirection}')"; $q->QUERY_SQL($sql); if (!$q->ok) { echo " {$aclname} -> -ERR- !!\n{$q->mysql_error}\n"; return; } $aclid = $q->last_id; echo " ID:{$aclid} (added) [" . @implode(" ", $GroupLogs) . "]"; } $acl = new squid_acls_groups(); if (!$acl->aclrule_edittype($aclid, $acl_type, 1)) { echo " {$aclname} -> aclrule_edittype -> -ERR- !!\n{$q->mysql_error}\n"; return; } $c = 0; while (list($gpid, $negation) = each($Groups)) { $xnegation = 0; $md5 = md5($aclid . $gpid); if ($negation) { $xnegation = 1; } $sql = "INSERT IGNORE INTO webfilters_sqacllinks (zmd5,aclid,gpid,negation) VALUES('{$md5}','{$aclid}','{$gpid}','{$xnegation}')"; $q->QUERY_SQL($sql); if (!$q->ok) { echo " -ERR- Group:{$gpid} on rule {$aclid} Line:" . __LINE__ . " {$q->mysql_error}\n"; continue; } $c++; } echo " Linked to {$c} Group(s) Done..\n"; }