function validate_form()
{
$error = array();
$NumberTickets = clean_int($_POST['numberoftickets']);
$MaxMb = clean_number($_POST['MaxMb']);
$Max_Mb = clean_number($_POST['Max_Mb']);
$MaxTime = clean_int($_POST['MaxTime']);
$Max_Time = clean_int($_POST['Max_Time']);
$error[] = validate_int($NumberTickets);
if (!\Grase\Validate::numericLimit($MaxMb)) {
$error[] = sprintf(T_("Invalid value '%s' for Data Limit"), $MaxMb);
}
if (!\Grase\Validate::numericLimit($Max_Mb)) {
$error[] = sprintf(T_("Invalid value '%s' for Data Limit"), $Max_Mb);
}
if (!\Grase\Validate::numericLimit($MaxTime)) {
$error[] = sprintf(T_("Invalid value '%s' for Time Limit"), $MaxTime);
}
if (!\Grase\Validate::numericLimit($Max_Time)) {
$error[] = sprintf(T_("Invalid value '%s' for Time Limit"), $Max_Time);
}
if ((is_numeric($Max_Mb) || $_POST['Max_Mb'] == 'inherit') && is_numeric($MaxMb)) {
$error[] = T_("Only set one Data limit field");
}
if ((is_numeric($Max_Time) || $_POST['Max_Time'] == 'inherit') && is_numeric($MaxTime)) {
$error[] = T_("Only set one Time limit field");
}
// 1000 seems like a reasonable number, if someone wants it increased we can now that we can delete batches
if ($NumberTickets > 1000) {
$error[] = T_("Max of 1000 tickets per batch");
}
$error[] = validate_group($_POST['Group']);
return array_filter($error);
}
function validate_form($userDetails, $type = 'User')
{
$error = array();
if ($type == 'User') {
if (!DatabaseFunctions::getInstance()->checkUniqueUsername($userDetails['Username'])) {
$error[] = T_("Username already taken");
}
if (!$userDetails['Username'] || !$userDetails['Password']) {
$error[] = T_("Username and Password are both Required");
}
}
if ($type == 'Computer') {
if (!DatabaseFunctions::getInstance()->checkUniqueUsername($userDetails['mac'])) {
$error[] = T_("MAC Address already has an account");
}
if (!\Grase\Validate::MACAddress($userDetails['mac'])) {
$error[] = T_("MAC Address not in correct format");
}
}
if (!\Grase\Validate::numericLimit($userDetails['MaxMb']) && $userDetails['MaxMb'] != '') {
$error[] = sprintf(T_("Invalid value '%s' for 1 Data Limit"), $userDetails['MaxMb']);
}
if (!\Grase\Validate::numericLimit($userDetails['Max_Mb']) && $userDetails['Max_Mb'] != 'inherit') {
$error[] = sprintf(T_("Invalid value '%s' for Data Limit"), $userDetails['Max_Mb']);
}
if (!\Grase\Validate::numericLimit($userDetails['MaxTime']) && $userDetails['MaxTime'] != '') {
$error[] = sprintf(T_("Invalid value '%s' for Time Limit"), $userDetails['MaxTime']);
}
if (!\Grase\Validate::numericLimit($userDetails['Max_Time']) && $userDetails['Max_Time'] != 'inherit') {
$error[] = sprintf(T_("Invalid value '%s' for Time Limit"), $userDetails['Max_Time']);
}
if ((is_numeric($userDetails['Max_Mb']) || $userDetails['Max_Mb'] == 'inherit') && is_numeric($userDetails['MaxMb'])) {
$error[] = T_("Only set one Data limit field");
}
if ((is_numeric($userDetails['Max_Time']) || $userDetails['Max_Time'] == 'inherit') && is_numeric($userDetails['MaxTime'])) {
$error[] = T_("Only set one Time limit field");
}
$error[] = validate_group($userDetails['Group']);
return array_filter($error);
}
public function getUserDetails($username)
{
$username = mb_strtolower($username);
if ($this->usercacheloaded) {
$Userdata = $this->usercache[$username]['radcheck'];
$Userreplydata = $this->usercache[$username]['radreply'];
$Userdata['Username'] = $this->usercache[$username]['Username'];
} else {
$Userdata['Username'] = $username;
// Get radcheck attributes
$sql = sprintf("SELECT Attribute, Value\n FROM radcheck\n WHERE Username = %s", $this->db->quote($username));
$results = $this->db->queryAll($sql);
if (PEAR::isError($results)) {
\Grase\ErrorHandling::fatalDatabaseError(T_('Get User details Query failed: '), $results);
}
foreach ($results as $attribute) {
$Userdata[$attribute['Attribute']] = $attribute['Value'];
}
// Get radreply attributes
$sql = sprintf("SELECT Attribute, Value\n FROM radreply\n WHERE Username = %s", $this->db->quote($username));
$results = $this->db->queryAll($sql);
if (PEAR::isError($results)) {
\Grase\ErrorHandling::fatalDatabaseError(T_('Get User radreply details Query failed: '), $results);
}
foreach ($results as $attribute) {
$Userreplydata[$attribute['Attribute']] = $attribute['Value'];
}
}
// User Password (Upgraded to Cleartext-Password, but smarty doesn't like '-' in names)
if (isset($Userdata['Cleartext-Password']) && !isset($Userdata['Password'])) {
$Userdata['Password'] = $Userdata['Cleartext-Password'];
}
// User Data Limit
if (isset($Userdata['Max-Octets'])) {
$Userdata['MaxOctets'] = $Userdata['Max-Octets'];
$Userdata['MaxMb'] = sprintf('%0.2f', $Userdata['Max-Octets'] / 1024 / 1024);
//Needed for forms
}
// User Expiry
if (isset($Userdata['Expiration'])) {
$Userdata['FormatExpiration'] = date("M j Y H:i:s", strtotime($Userdata['Expiration']));
if (substr($Userdata['Expiration'], -8) == "00:00:00") {
$Userdata['FormatExpiration'] = substr($Userdata['FormatExpiration'], 0, -8);
}
$Userdata['ExpirationTimestamp'] = strtotime($Userdata['Expiration']);
} else {
$Userdata['Expiration'] = "--";
$Userdata['FormatExpiration'] = "--";
}
if (isset($Userdata['GRASE-ExpireAfter'])) {
$Userdata['ExpireAfter'] = $Userdata['GRASE-ExpireAfter'];
}
// User Account Lockout
if (isset($Userdata['Auth-Type'])) {
// Check we are actually locked (Reject)
if ($Userdata['Auth-Type'] == "Reject") {
$Userdata['AccountLock'] = true;
$Userdata['LockReason'] = $Userreplydata['Reply-Message'];
}
// Get message
}
// User "time" limit
if (isset($Userdata['Max-All-Session'])) {
$Userdata['MaxAllSession'] = $Userdata['Max-All-Session'];
$Userdata['MaxTime'] = $Userdata['Max-All-Session'] / 60;
}
// Get User Group
$Userdata['Group'] = $this->getUserGroup($username);
// Get Data usage
$Userdata['AcctTotalOctets'] = $this->getUserDataUsage($username);
$Userdata['TotalOctets'] = $this->getUserDataUsageTotal($username);
// Get Total Session Time
$Userdata['TotalTimeMonth'] = $this->getUserTotalSessionTime($username);
$Userdata['TotalTimeAll'] = $this->getUserSessionTimeTotal($username);
// User remaining time
if (isset($Userdata['Max-All-Session'])) {
$Userdata['RemainingSeconds'] = $Userdata['Max-All-Session'] - $Userdata['TotalTimeMonth'];
if ($Userdata['RemainingSeconds'] < 0) {
$Userdata['RemainingSeconds'] = 0;
}
}
// Get Last Logout
$Userdata['LastLogout'] = $this->getUserLastLogoutTime($username);
// Get Account Status
$Userdata['account_status'] = $this->_userAccountStatus($Userdata);
// Get User Comment
$Userdata['Comment'] = $this->getUserComment($username);
// Determin if this is a computer account
$Userdata['isComputer'] = false;
if (\Grase\Validate::MACAddress($username)) {
$Userdata['isComputer'] = true;
}
// Get Information about groups (it's cached, so might as well fetch it all)
$groupdata = $this->getGroupAttributes();
if (isset($groupdata[$Userdata['Group']])) {
$Userdata['GroupSettings'] = $groupdata[$Userdata['Group']];
}
return $Userdata;
}
if (!isset($voucherprice[$key])) {
$error[] = T_("Vouchers need a price");
} else {
// Don't want to show both errors
$error[] = @validate_num($voucherprice[$key], T_('Invalid price'));
}
if (!(isset($vouchermaxmb[$key]) || isset($vouchermaxtime[$key]))) {
$warning[] = T_("It is not recommended having vouchers without a data or time limit");
}
// validate limits
//$error[] = validate_datalimit($groupdatalimit[$key]);
// Silence warnings (@) as we don't care if they are set or not'
if (!\Grase\Validate::numericLimit($vouchermaxtime[$key])) {
$error[] = sprintf(T_("Invalid value '%s' for Time Limit"), $vouchermaxtime[$key]);
}
if (!\Grase\Validate::numericLimit($vouchermaxmb[$key])) {
$error[] = sprintf(T_("Invalid value '%s' for Data Limit"), $vouchermaxmb[$key]);
}
// TODO validate groupname, it already comes in in the correct format though
$error = array_filter($error);
$vouchersettings[\Grase\Clean::groupName($name)] = array_filter(array('VoucherName' => \Grase\Clean::groupName($name), 'VoucherLabel' => \Grase\Clean::text($name), 'VoucherPrice' => @clean_number($voucherprice[$key]), 'VoucherGroup' => $vouchergroup[$key], 'MaxMb' => @clean_number($vouchermaxmb[$key]), 'MaxTime' => @clean_int($vouchermaxtime[$key]), 'Description' => @\Grase\Clean::text($voucherdesc[$key]), 'TopupVoucher' => $vouchertopup[$key] ? TRUE : FALSE, 'InitVoucher' => $voucherinit[$key] ? TRUE : FALSE));
}
if (sizeof($error) == 0) {
// No errors. Save groups
//$Settings->setSetting("groups", serialize($groupexpiries));
foreach ($vouchersettings as $attributes) {
//$Settings->setGroup($attributes);
$Settings->setVoucher($attributes);
}
// Delete vouchers no longer referenced
foreach ($Settings->getVoucher() as $oldvoucher => $oldvouchersettings) {
}
// Increase Time Limit
if ($addTime) {
if (!\Grase\Validate::numericLimit($addTime)) {
$error[] = sprintf(T_("Invalid value '%s' for Time Limit"), $addTime);
} else {
DatabaseFunctions::getInstance()->increaseUserTimelimit($username, $addTime);
DatabaseFunctions::getInstance()->setUserExpiry($username, expiry_for_group(DatabaseFunctions::getInstance()->getUserGroup($username)));
// TODO: Check return for success
$success[] = T_("Time Limit Increased");
AdminLog::getInstance()->log(sprintf(T_("Time Limit increased for %s"), $username));
}
}
// If Time Limit is changed and Not added too, Change Time Limit
if ($maxTime !== '' && !$addTime && $maxTime != $user['MaxTime']) {
if (!\Grase\Validate::numericLimit($maxTime)) {
$error[] = sprintf(T_("Invalid value '%s' for Time Limit"), $maxTime);
} else {
DatabaseFunctions::getInstance()->setUserTimeLimit($username, $maxTime);
DatabaseFunctions::getInstance()->setUserExpiry($username, expiry_for_group(DatabaseFunctions::getInstance()->getUserGroup($username)));
// TODO: Check return for success
$success[] = T_("Max Time Limit Updated");
AdminLog::getInstance()->log(sprintf(T_("Max Time Limit changed for %s"), $username));
}
}
}
if (isset($_POST['unexpiresubmit'])) {
DatabaseFunctions::getInstance()->setUserExpiry($username, expiry_for_group(DatabaseFunctions::getInstance()->getUserGroup($username)));
$success[] = T_("Expiry updated");
}
// Delete User
if (!\Grase\Validate::numericLimit($groupIdleTimeout[$key])) {
$error[] = sprintf(T_("Invalid value '%s' for Idle Timeout"), $groupIdleTimeout[$key]);
}
if (!\Grase\Validate::recurrenceInterval($groupRecurTime[$key], recurtimes())) {
$error[] = sprintf(T_("Invalid recurrence interval '%s'"), $groupRecurTime[$key]);
}
if (!\Grase\Validate::recurrenceInterval($groupRecurData[$key], recurtimes())) {
$error[] = sprintf(T_("Invalid recurrence interval '%s'"), $groupRecurData[$key]);
}
if (!\Grase\Validate::recurrenceTime($groupRecurTime[$key], $groupRecurTimeLimit[$key])) {
$error[] = T_("Recurring time limit must be less than interval");
}
if (!\Grase\Validate::bandwidthOptions($groupBandwidthDownLimit[$key], bandwidth_options())) {
$error[] = sprintf(T_("Invalid Bandwidth Limit '%s'"), $groupBandwidthDownLimit[$key]);
}
if (!\Grase\Validate::bandwidthOptions($groupBandwidthUpLimit[$key], bandwidth_options())) {
$error[] = sprintf(T_("Invalid Bandwidth Limit '%s'"), $groupBandwidthUpLimit[$key]);
}
//TODO we don't validate that it's not 0, relying on HTML5 to do that
$error[] = @validate_int($groupSimultaneousUse[$key], true);
// TODO: Validate Login-Time
$error[] = @validate_uucptimerange($groupLoginTime[$key]);
$error = array_filter($error);
if (isset($groupRecurTime[$key]) xor isset($groupRecurTimeLimit[$key])) {
$error[] = sprintf(T_("Need both a time limit and recurrance for '%s'"), \Grase\Clean::text($name));
}
$groups[\Grase\Clean::groupName($name)] = array_filter(array('DataRecurTime' => \Grase\Clean::text($groupRecurData[$key]), 'DataRecurLimit' => clean_number($groupRecurDataLimit[$key]), 'TimeRecurTime' => @\Grase\Clean::text($groupRecurTime[$key]), 'TimeRecurLimit' => @clean_int($groupRecurTimeLimit[$key]), 'BandwidthDownLimit' => @clean_int($groupBandwidthDownLimit[$key]), 'BandwidthUpLimit' => @clean_int($groupBandwidthUpLimit[$key]), 'SimultaneousUse' => @clean_int($groupSimultaneousUse[$key]), 'LoginTime' => @$groupLoginTime[$key], 'IdleTimeout' => @clean_int($groupIdleTimeout[$key])));
$groupSettings[\Grase\Clean::groupName($name)] = array_filter(array('GroupName' => \Grase\Clean::groupName($name), 'Comment' => \Grase\Clean::text($groupComment[$key]), 'GroupLabel' => \Grase\Clean::text($name), 'Expiry' => @$groupExpiry[$key], 'ExpireAfter' => @$groupExpireAfter[$key], 'MaxMb' => @clean_number($groupDataLimit[$key]), 'MaxTime' => @clean_int($groupTimeLimit[$key])));
}
if (sizeof($error) == 0) {
// No errors. Save groups