/** * Verifies server account * * @since 1.0 * @package facileManager */ function verify($data) { global $fmdb, $__FM_CONFIG; if (!isset($data['AUTHKEY'])) { return _('Account is not found.') . "\n"; } extract($data); include ABSPATH . 'fm-modules/' . $module_name . '/variables.inc.php'; /** Check account key */ $account_status = $this->verifyAccount($AUTHKEY); if ($account_status !== true) { return $account_status; } /** Check serial number */ if (isset($data['SERIALNO'])) { basicGet('fm_' . $__FM_CONFIG[$module_name]['prefix'] . 'servers', sanitize($SERIALNO), 'server_', 'server_serial_no', "AND server_installed='yes'", getAccountID($AUTHKEY)); if (!$fmdb->num_rows) { return _('Server is not found.') . "\n"; } } return _('Success'); }
/** * Returns if a zone reload is allowed or not * * @since 1.0 * @package facileManager * @subpackage fmDNS * * @param id $domain_id Domain ID to check * @return boolean */ function reloadAllowed($domain_id = null) { global $fmdb, $__FM_CONFIG; basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'servers', 'active', 'server_', 'server_status'); if ($fmdb->num_rows) { if ($domain_id) { $query = 'SELECT domain_id FROM `fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'track_builds` WHERE domain_id=' . $domain_id . ' LIMIT 1'; $result = $fmdb->get_results($query); $reload_allowed = $fmdb->num_rows ? true : false; } else { $reload_allowed = true; } } else { $reload_allowed = false; } return $reload_allowed; }
/** * Returns the server ID * * @since 1.0 * @package facileManager * * @param int $server_serial_no Server serial number to process * @param string $module Module to use * @return string */ function getServerID($server_serial_no, $module = null) { global $fmdb, $__FM_CONFIG; if ($module) { basicGet('fm_' . $__FM_CONFIG[$module]['prefix'] . 'servers', $server_serial_no, 'server_', 'server_serial_no'); if ($fmdb->num_rows) { $result = $fmdb->last_result; return $result[0]->server_id; } } }
/** * Processes the server groups to determine master/slave arrangement * * @since 2.0 * @package fmDNS * * @param array $zone_array The zone data * @param integer $server_id The server id to check * @return array */ function processServerGroups($zone_array, $server_id) { global $fmdb, $__FM_CONFIG; extract(get_object_vars($zone_array), EXTR_OVERWRITE); $domain_name_servers = explode(';', $domain_name_servers); if (!count($domain_name_servers) || in_array('0', $domain_name_servers) || $domain_type != 'master' || in_array('s_' . $server_id, $domain_name_servers)) { return array($domain_type, null); } foreach ($domain_name_servers as $ids) { if ($ids == '0' || strpos($ids, 's_') !== false) { continue; } if (strpos($ids, 'g_') !== false) { basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'server_groups', preg_replace('/\\D/', null, $ids), 'group_', 'group_id'); if ($fmdb->num_rows) { extract(get_object_vars($fmdb->last_result[0])); $group_masters = explode(';', $group_masters); $group_slaves = explode(';', $group_slaves); if (in_array($server_id, $group_masters)) { return array($domain_type, null); } if (in_array($server_id, $group_slaves)) { return array('slave', sprintf("\tmasters { %s };\n", $this->resolveServerGroupMasters($group_masters))); } } } } return array($domain_type, null); }
switch ($_POST['item_type']) { case 'groups': $post_class = $fm_sqlpass_groups; break; case 'servers': $post_class = $fm_module_servers; break; } if ($add_new) { if ($_POST['item_type'] == 'logging') { $edit_form = $post_class->printForm(null, $action, $_POST['item_sub_type']); } else { $edit_form = $post_class->printForm(null, $action, $type_map, $id); } } else { basicGet('fm_' . $table, $id, $prefix, $field); $results = $fmdb->last_result; if (!$fmdb->num_rows) { returnError(); } $edit_form_data[] = $results[0]; if ($_POST['item_type'] == 'logging') { $edit_form = $post_class->printForm($edit_form_data, 'edit', $_POST['item_sub_type']); } else { $edit_form = $post_class->printForm($edit_form_data, 'edit', $type_map, $view_id); } } echo $edit_form; } else { returnUnAuth(); }
function validatePost($post) { global $fmdb, $__FM_CONFIG; /** Process weekdays */ if (@is_array($post['policy_options'])) { $decimals = 0; foreach ($post['policy_options'] as $dec) { $decimals += $dec; } $post['policy_options'] = $decimals; } else { $post['policy_options'] = 0; } $post['server_serial_no'] = isset($post['server_serial_no']) ? $post['server_serial_no'] : $_REQUEST['server_serial_no']; $post['policy_source'] = implode(';', $post['source_items']); $post['policy_destination'] = implode(';', $post['destination_items']); $post['policy_services'] = implode(';', $post['services_items']); unset($post['source_items']); unset($post['destination_items']); unset($post['services_items']); /** Get policy_order_id */ if (!isset($post['policy_order_id']) || $post['policy_order_id'] == 0) { basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'policies', $post['server_serial_no'], 'policy_', 'server_serial_no', 'ORDER BY policy_order_id DESC LIMIT 1'); if ($fmdb->num_rows) { $result = $fmdb->last_result[0]; $post['policy_order_id'] = $result->policy_order_id + 1; } else { $post['policy_order_id'] = 1; } } /** ipfilter does not support reject */ if (getNameFromID($post['server_serial_no'], 'fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', 'server_', 'server_serial_no', 'server_type') == 'ipfilter' && $post['policy_action'] == 'reject') { $post['policy_action'] = 'block'; } return $post; }
/** * Updates the selected option */ function update($post) { global $fmdb, $__FM_CONFIG; /** Validate post */ $post = $this->validatePost($post); if (!is_array($post)) { return $post; } if (isset($post['cfg_id']) && !isset($post['cfg_name'])) { $post['cfg_name'] = getNameFromID($post['cfg_id'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'config', 'cfg_', 'cfg_id', 'cfg_name'); } /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'config', sanitize($post['cfg_name']), 'cfg_', 'cfg_name', "AND cfg_id!={$post['cfg_id']} AND cfg_type='{$post['cfg_type']}' AND server_serial_no='{$post['server_serial_no']}' AND view_id='{$post['view_id']}' AND domain_id='{$post['domain_id']}'"); if ($fmdb->num_rows) { $result = $fmdb->last_result; if ($result[0]->cfg_id != $post['cfg_id']) { $num_same_config = $fmdb->num_rows; $query = "SELECT def_max_parameters FROM fm_{$__FM_CONFIG['fmDNS']['prefix']}functions WHERE def_option='" . sanitize($post['cfg_name']) . "' AND def_option_type='{$post['cfg_type']}'"; $fmdb->get_results($query); if ($num_same_config > $fmdb->last_result[0]->def_max_parameters - 1) { return __('This record already exists.'); } } } $exclude = array('submit', 'action', 'cfg_id'); $sql_edit = null; foreach ($post as $key => $data) { if (!in_array($key, $exclude)) { $clean_data = sanitize($data); if (!strlen($clean_data) && $key != 'cfg_comment') { return false; } if ($key == 'cfg_name' && !isDNSNameAcceptable($clean_data)) { return false; } $sql_edit .= $key . "='" . $clean_data . "',"; } } $sql = rtrim($sql_edit, ','); // Update the config $old_name = getNameFromID($post['cfg_id'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'config', 'cfg_', 'cfg_id', 'cfg_name'); $query = "UPDATE `fm_{$__FM_CONFIG['fmDNS']['prefix']}config` SET {$sql} WHERE `cfg_id`={$post['cfg_id']} AND `account_id`='{$_SESSION['user']['account_id']}'"; $result = $fmdb->query($query); if (!$fmdb->result) { return __('Could not update the option because a database error occurred.'); } /** Return if there are no changes */ if (!$fmdb->rows_affected) { return true; } $tmp_server_name = $post['server_serial_no'] ? getNameFromID($post['server_serial_no'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'servers', 'server_', 'server_serial_no', 'server_name') : 'All Servers'; $tmp_view_name = $post['view_id'] ? getNameFromID($post['view_id'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'views', 'view_', 'view_id', 'view_name') : 'All Views'; $tmp_domain_name = isset($post['domain_id']) ? "\nZone: " . displayFriendlyDomainName(getNameFromID($post['domain_id'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', 'domain_', 'domain_id', 'domain_name')) : null; include_once ABSPATH . 'fm-modules/fmDNS/classes/class_acls.php'; $cfg_data = strpos($post['cfg_data'], 'acl_') !== false ? $fm_dns_acls->parseACL($post['cfg_data']) : $post['cfg_data']; addLogEntry("Updated option '{$old_name}' to:\nName: {$post['cfg_name']}\nValue: {$cfg_data}\nServer: {$tmp_server_name}\nView: {$tmp_view_name}{$tmp_domain_name}\nComment: {$post['cfg_comment']}"); return true; }
/** * Gets all servers in a group * * @since 2.1 * @package facileManager */ function getGroupServers($id) { global $fmdb, $__FM_CONFIG; basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'server_groups', sanitize($id), 'group_', 'group_id'); if (!$fmdb->num_rows) { return sprintf(_('%d is not a valid group number.'), $id); } $group_details = $fmdb->last_result[0]; $group_masters = isset($group_details->group_masters) ? explode(';', $group_details->group_masters) : null; $group_slaves = isset($group_details->group_slaves) ? explode(';', $group_details->group_slaves) : null; $group_servers = array_merge($group_masters, $group_slaves); foreach ($group_servers as $key => $id) { $server_serial_nos[] = getNameFromID($id, 'fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', 'server_', 'server_id', 'server_serial_no'); } return (array) $server_serial_nos; }
function manageCache($server_id, $action) { global $fmdb, $__FM_CONFIG; /** Check serial number */ basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'servers', sanitize($server_id), 'server_', 'server_id'); if (!$fmdb->num_rows) { return __('This server is not found.'); } $server_details = $fmdb->last_result; extract(get_object_vars($server_details[0]), EXTR_SKIP); $response[] = $server_name; if ($server_installed != 'yes') { $response[] = ' --> ' . __('Failed: Client is not installed.'); } if (count($response) == 1 && $server_status != 'active') { $response[] = ' --> ' . sprintf(__('Failed: Server is %s.'), $server_status); } if (count($response) == 1) { foreach (makePlainText($this->buildServerConfig($server_serial_no, $action, ucfirst(str_replace('-', ' ', $action))), true) as $line) { $response[] = ' --> ' . $line; } } return implode("\n", $response); }
function displayRow($row, $prefix) { global $__FM_CONFIG, $fmdb, $fm_dns_zones; if (currentUserCan('manage_zones', $_SESSION['module'])) { $edit_status = '<td id="edit_delete_img">'; $edit_status .= '<a class="edit_form_link" href="#">' . $__FM_CONFIG['icons']['edit'] . '</a>'; $show_delete = true; /** Cannot delete templates in use */ if ($prefix == 'soa') { basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', $row->soa_id, 'domain_', 'soa_id'); } if ($prefix == 'domain') { basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', $row->domain_id, 'domain_', 'domain_template_id'); } if ($fmdb->num_rows) { $show_delete = false; } $edit_status .= $show_delete ? '<a href="#" class="delete">' . $__FM_CONFIG['icons']['delete'] . '</a>' : null; $edit_status .= '</td>'; } else { $edit_status = null; } $field_name = $prefix . '_name'; if ($prefix == 'domain') { if (!getSOACount($row->domain_id) && $row->domain_type == 'master' && currentUserCan('manage_zones', $_SESSION['module'])) { $type = 'SOA'; } elseif (!getNSCount($row->domain_id) && $row->domain_type == 'master' && currentUserCan('manage_zones', $_SESSION['module'])) { $type = 'NS'; } else { $type = $row->domain_mapping == 'forward' ? 'A' : 'PTR'; } $edit_name = $row->domain_type == 'master' ? "<a href=\"zone-records.php?map={$row->domain_mapping}&domain_id={$row->domain_id}&record_type={$type}\" title=\"" . __('Edit zone records') . '">' . displayFriendlyDomainName($row->{$field_name}) . "</a>" : displayFriendlyDomainName($row->{$field_name}); } else { $edit_name = $row->{$field_name}; } $field_name = $prefix . '_default'; $star = $row->{$field_name} == 'yes' ? str_replace(__('Super Admin'), __('Default Template'), $__FM_CONFIG['icons']['star']) : null; $field_id = $prefix . '_id'; echo <<<HTML \t\t<tr id="{$row->{$field_id}}"> \t\t\t<td>{$star}</td> \t\t\t<td>{$edit_name}</td> HTML; $row = get_object_vars($row); $excluded_fields = array($prefix . '_id', 'account_id', $prefix . '_template', $prefix . '_default', $prefix . '_name', $prefix . '_status', $prefix . '_template_id'); if ($prefix == 'soa') { $excluded_fields = array_merge($excluded_fields, array($prefix . '_append')); } if ($prefix == 'domain') { $excluded_fields = array_merge($excluded_fields, array('soa_serial_no', 'soa_id', $prefix . '_clone_domain_id', $prefix . '_reload', $prefix . '_clone_dname')); } foreach ($row as $key => $val) { if (in_array($key, $excluded_fields)) { continue; } if ($prefix == 'domain') { /** Friendly servers and view names */ if (in_array($key, array($prefix . '_view', $prefix . '_name_servers'))) { if (!isset($fm_dns_zones)) { include_once ABSPATH . 'fm-modules/' . $_SESSION['module'] . '/classes/class_zones.php'; } if ($key == $prefix . '_view') { $val = $fm_dns_zones->IDs2Name($val, 'view'); } elseif ($key == $prefix . '_name_servers') { $val = $fm_dns_zones->IDs2Name($val, 'server'); } } } echo '<td>' . $val; if ($prefix == 'soa') { if (in_array($key, array('soa_master_server', 'soa_email_address')) && $row['soa_append'] == 'yes') { echo '<span class="grey">.mydomain.tld</span>'; } } echo '</td>'; } echo $edit_status . "</tr>\n"; }
$form_data[0]->user_login = null; $form_data[0]->user_template_only = false; } $edit_form = $fm_users->printUsersForm($form_data, 'add', $form_bits, $_POST['item_sub_type']); } else { if ($_POST['item_sub_type'] == 'users') { if (currentUserCan('manage_users')) { $form_bits = $edit_form_data[0]->user_auth_type == 2 ? array('user_login', 'user_email', 'user_perms', 'user_module', 'user_groups') : array('user_login', 'user_email', 'user_options', 'user_perms', 'user_module', 'user_groups'); } else { $form_bits = array('user_password'); } basicGet('fm_users', $id, 'user_', 'user_id'); } elseif ($_POST['item_sub_type'] == 'groups') { if (currentUserCan('manage_users')) { $form_bits = array('group_name', 'comment', 'group_users', 'user_perms'); basicGet('fm_groups', $id, 'group_', 'group_id'); } else { return returnUnAuth(); } } $results = $fmdb->last_result; if (!$fmdb->num_rows) { returnError(); } $edit_form_data[] = $results[0]; $edit_form = $fm_users->printUsersForm($edit_form_data, 'edit', $form_bits, $_POST['item_sub_type']); } echo $edit_form; } elseif (isset($_SESSION['module']) && $_SESSION['module'] != $fm_name) { $include_file = ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $_SESSION['module'] . DIRECTORY_SEPARATOR . 'ajax' . DIRECTORY_SEPARATOR . 'getData.php'; if (file_exists($include_file)) {
/** * Builds an array of skipped record IDs * * @since 1.2 * @package facileManager * @subpackage fmDNS * * @param id $domain_id Domain ID to check * @return array */ function getSkippedRecordIDs($domain_id) { global $fmdb, $__FM_CONFIG; $skipped_records = null; basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'records_skipped', $domain_id, 'record_', 'domain_id'); if ($fmdb->num_rows) { $result = $fmdb->last_result; for ($i = 0; $i < $fmdb->num_rows; $i++) { $skipped_records[] = $result[$i]->record_id; } } return $skipped_records; }
$form_bits = currentUserCan('manage_users') ? array('user_login', 'user_email', 'user_auth_method', 'user_password', 'user_options', 'user_perms', 'user_module') : array('user_password'); $form_data = null; if ($id) { basicGet('fm_users', $id, 'user_', 'user_id'); $results = $fmdb->last_result; if (!$fmdb->num_rows) { returnError(); } $form_data[] = $results[0]; $form_data[0]->user_login = null; $form_data[0]->user_template_only = false; } $edit_form = $fm_users->printUsersForm($form_data, 'add', $form_bits); } else { $form_bits = currentUserCan('manage_users') ? array('user_login', 'user_email', 'user_options', 'user_perms', 'user_module') : array('user_password'); basicGet('fm_users', $id, 'user_', 'user_id'); $results = $fmdb->last_result; if (!$fmdb->num_rows) { returnError(); } $edit_form_data[] = $results[0]; if (currentUserCan('manage_users') && $edit_form_data[0]->user_auth_type == 2) { $form_bits = array('user_login', 'user_email', 'user_perms', 'user_module'); } $edit_form = $fm_users->printUsersForm($edit_form_data, 'edit', $form_bits); } echo $edit_form; } elseif (isset($_SESSION['module']) && $_SESSION['module'] != $fm_name) { $include_file = ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $_SESSION['module'] . DIRECTORY_SEPARATOR . 'ajax' . DIRECTORY_SEPARATOR . 'getData.php'; if (file_exists($include_file)) { include $include_file;
/** * Updates the selected key */ function update($post) { global $fmdb, $__FM_CONFIG; if (empty($post['key_name']) || empty($post['key_secret'])) { return __('No key defined.'); } $post['key_comment'] = trim($post['key_comment']); /** Check name field length */ $field_length = getColumnLength('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'keys', 'key_name'); if ($field_length !== false && strlen($post['key_name']) > $field_length) { return sprintf(dngettext($_SESSION['module'], 'Key name is too long (maximum %d character).', 'Key name is too long (maximum %d characters).', $field_length), $field_length); } /** Does the key already exist for this account? */ basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'keys', sanitize($post['key_name']), 'key_', 'key_name'); if ($fmdb->num_rows) { $result = $fmdb->last_result; if ($result[0]->key_id != $post['key_id']) { return __('This key already exists.'); } } $exclude = array('submit', 'action', 'key_id'); $sql_edit = null; foreach ($post as $key => $data) { if (!in_array($key, $exclude)) { $sql_edit .= $key . "='" . sanitize($data) . "',"; } } $sql = rtrim($sql_edit, ','); // Update the key $old_name = getNameFromID($post['key_id'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'keys', 'key_', 'key_id', 'key_name'); $query = "UPDATE `fm_{$__FM_CONFIG['fmDNS']['prefix']}keys` SET {$sql} WHERE `key_id`={$post['key_id']} AND `account_id`='{$_SESSION['user']['account_id']}'"; $result = $fmdb->query($query); if (!$fmdb->result) { return __('Could not update the key because a database error occurred.'); } /** Return if there are no changes */ if (!$fmdb->rows_affected) { return true; } $view_name = $post['key_view'] ? getNameFromID($post['key_view'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'views', 'view_', 'view_id', 'view_name') : 'All Views'; addLogEntry("Updated key '{$old_name}' to the following:\nName: {$post['key_name']}\nAlgorithm: {$post['key_algorithm']}\nSecret: {$post['key_secret']}\nView: {$view_name}\nComment: {$post['key_comment']}"); return true; }
/** * Updates the selected acl */ function update($post) { global $fmdb, $__FM_CONFIG; /** Check name field length */ $field_length = getColumnLength('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'acls', 'acl_name'); if ($field_length !== false && strlen($post['acl_name']) > $field_length) { return sprintf(dngettext($_SESSION['module'], 'ACL name is too long (maximum %d character).', 'ACL name is too long (maximum %d characters).', $field_length), $field_length); } /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'acls', sanitize($post['acl_name']), 'acl_', 'acl_name'); if ($fmdb->num_rows) { $result = $fmdb->last_result; if ($result[0]->acl_id != $post['acl_id']) { return __('This ACL already exists.'); } } if (empty($post['acl_name'])) { return __('No ACL name defined.'); } /** Cleans up acl_addresses for future parsing **/ $post['acl_addresses'] = verifyAndCleanAddresses($post['acl_addresses']); if (strpos($post['acl_addresses'], 'not valid') !== false) { return $post['acl_addresses']; } if ($post['acl_predefined'] != 'as defined:') { $post['acl_addresses'] = null; } $post['acl_comment'] = trim($post['acl_comment']); $post['account_id'] = $_SESSION['user']['account_id']; $exclude = array('submit', 'action', 'server_id'); $sql_edit = null; foreach ($post as $key => $data) { if (!in_array($key, $exclude)) { $sql_edit .= $key . "='" . sanitize($data) . "',"; } } $sql = rtrim($sql_edit, ','); // Update the acl $old_name = getNameFromID($post['acl_id'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'acls', 'acl_', 'acl_id', 'acl_name'); $query = "UPDATE `fm_{$__FM_CONFIG['fmDNS']['prefix']}acls` SET {$sql} WHERE `acl_id`={$post['acl_id']}"; $result = $fmdb->query($query); if (!$fmdb->result) { return __('Could not update the ACL because a database error occurred.'); } /** Return if there are no changes */ if (!$fmdb->rows_affected) { return true; } $acl_addresses = $post['acl_predefined'] == 'as defined:' ? $post['acl_addresses'] : $post['acl_predefined']; addLogEntry("Updated ACL '{$old_name}' to the following:\nName: {$post['acl_name']}\nAddresses: {$acl_addresses}\nComment: {$post['acl_comment']}"); return true; }
function validatePost($post) { global $fmdb, $__FM_CONFIG; if (empty($post['object_name'])) { return __('No object name defined.'); } if (empty($post['object_address'])) { return __('No object address defined.'); } if ($post['object_type'] == 'network') { if (empty($post['object_mask'])) { return __('No object netmask defined.'); } } /** Check name field length */ $field_length = getColumnLength('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'objects', 'object_name'); if ($field_length !== false && strlen($post['object_name']) > $field_length) { return sprintf(dngettext($_SESSION['module'], 'Object name is too long (maximum %d character).', 'Object name is too long (maximum %d characters).', $field_length), $field_length); } /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'objects', $post['object_name'], 'object_', 'object_name', "AND object_type='{$post['object_type']}' AND object_id!={$post['object_id']}"); if ($fmdb->num_rows) { return __('This object name already exists.'); } /** Check address and mask */ if (!verifyIPAddress($post['object_address'])) { return __('Address is invalid.'); } if ($post['object_type'] == 'network') { if (!verifyIPAddress($post['object_mask'])) { return __('Netmask is invalid.'); } } return $post; }
/** * Updates the selected server */ function update($post) { global $fmdb, $__FM_CONFIG; if (empty($post['server_name'])) { return __('No server name defined.'); } /** Check name field length */ $field_length = getColumnLength('fm_' . $__FM_CONFIG['fmSQLPass']['prefix'] . 'servers', 'server_name'); /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG['fmSQLPass']['prefix'] . 'servers', sanitize($post['server_name']), 'server_', 'server_name'); if ($fmdb->num_rows) { $result = $fmdb->last_result; if ($result[0]->server_id != $post['server_id']) { return __('This server name already exists.'); } } /** Set default ports */ if (!empty($post['server_port']) && !verifyNumber($post['server_port'], 1, 65535, false)) { return __('Server port must be a valid TCP port.'); } if (empty($post['server_port'])) { $post['server_port'] = $__FM_CONFIG['fmSQLPass']['default']['ports'][$post['server_type']]; } $exclude = array('submit', 'action', 'server_id', 'page'); $sql_edit = null; $old_name = getNameFromID($post['server_id'], 'fm_' . $__FM_CONFIG['fmSQLPass']['prefix'] . 'servers', 'server_', 'server_id', 'server_name'); $log_message = "Updated a database server ({$old_name}) with the following details:\n"; /** Convert groups and policies arrays into strings */ if (isset($post['server_groups']) && is_array($post['server_groups'])) { $temp_var = null; foreach ($post['server_groups'] as $id) { $temp_var .= $id . ';'; } $post['server_groups'] = rtrim($temp_var, ';'); } /** Handle credentials */ if (is_array($post['server_credentials'])) { $post['server_credentials'] = serialize($post['server_credentials']); } foreach ($post as $key => $data) { if (!in_array($key, $exclude)) { $sql_edit .= $key . "='" . sanitize($data) . "',"; if ($key == 'server_credentials') { $data = str_repeat('*', 7); } if ($key == 'server_groups') { if ($data) { $group_array = explode(';', $data); $clean_data = null; foreach ($group_array as $group_id) { $clean_data .= getNameFromID($group_id, 'fm_' . $__FM_CONFIG['fmSQLPass']['prefix'] . 'groups', 'group_', 'group_id', 'group_name') . '; '; } $data = rtrim($clean_data, '; '); } else { $data = 'None'; } } $log_message .= $data ? formatLogKeyData('server_', $key, $data) : null; } } $sql = rtrim($sql_edit, ','); // Update the server $query = "UPDATE `fm_{$__FM_CONFIG['fmSQLPass']['prefix']}servers` SET {$sql} WHERE `server_id`={$post['server_id']} AND `account_id`='{$_SESSION['user']['account_id']}'"; $result = $fmdb->query($query); if (!$fmdb->result) { return __('Could not add the server because a database error occurred.'); } /** Return if there are no changes */ if (!$fmdb->rows_affected) { return true; } addLogEntry($log_message); return true; }
function validatePost($post) { global $fmdb, $__FM_CONFIG; if (!$post['domain_id']) { unset($post['domain_id']); } /** Empty domain names are not allowed */ if (empty($post['domain_name'])) { return __('No zone name defined.'); } if ($post['domain_template'] != 'yes') { $post['domain_name'] = rtrim(strtolower($post['domain_name']), '.'); /** Perform domain name validation */ if (!isset($post['domain_mapping'])) { global $map; $post['domain_mapping'] = $map; } if ($post['domain_mapping'] == 'reverse') { $post['domain_name'] = $this->fixDomainTypos($post['domain_name']); } else { $post['domain_name'] = function_exists('idn_to_ascii') ? idn_to_ascii($post['domain_name']) : $post['domain_name']; } if (!$this->validateDomainName($post['domain_name'], $post['domain_mapping'])) { return __('Invalid zone name.'); } } /** Is this based on a template? */ if ($post['domain_template_id']) { $include = array('action', 'domain_template_id', 'domain_name', 'domain_template', 'domain_mapping'); foreach ($include as $key) { $new_post[$key] = $post[$key]; } $post = $new_post; unset($new_post, $post['domain_template']); $post['domain_type'] = getNameFromID($post['domain_template_id'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', 'domain_', 'domain_id', 'domain_type'); $post['domain_view'] = getNameFromID($post['domain_template_id'], 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', 'domain_', 'domain_id', 'domain_view'); return $post; } else { $post['domain_template_id'] = 0; } /** Format domain_clone_domain_id */ if (!$post['domain_clone_domain_id'] && $post['action'] == 'add') { $post['domain_clone_domain_id'] = 0; } /** domain_clone_dname override */ if (!$post['domain_clone_dname_override']) { $post['domain_clone_dname'] = null; } else { unset($post['domain_clone_dname_override']); } /** Ensure domain_view is set */ if (!array_key_exists('domain_view', $post)) { $post['domain_view'] = $post['domain_clone_domain_id'] ? -1 : 0; } /** Reverse zones should have form of x.x.x.in-addr.arpa */ if ($post['domain_mapping'] == 'reverse') { $post['domain_name'] = $this->setReverseZoneName($post['domain_name']); } /** Does the record already exist for this account? */ $domain_id_sql = isset($post['domain_id']) ? 'AND domain_id!=' . sanitize($post['domain_id']) : null; basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'views', $_SESSION['user']['account_id'], 'view_', 'account_id'); if (!$fmdb->num_rows) { /** No views defined - all zones must be unique */ basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'domains', sanitize($post['domain_name']), 'domain_', 'domain_name', $domain_id_sql); if ($fmdb->num_rows) { return __('Zone already exists.'); } } else { /** All zones must be unique per view */ $defined_views = $fmdb->last_result; /** Format domain_view */ if (!$post['domain_view'] || in_array(0, $post['domain_view'])) { basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'domains', sanitize($post['domain_name']), 'domain_', 'domain_name', $domain_id_sql); if ($fmdb->num_rows) { /** Zone exists for views, but what about on the same server? */ if (!$post['domain_name_servers'] || in_array('0', $post['domain_name_servers'])) { return __('Zone already exists for all views.'); } } } if (is_array($post['domain_view'])) { $domain_view = null; foreach ($post['domain_view'] as $val) { if ($val == 0 || $val == '') { $domain_view = 0; break; } $domain_view .= $val . ';'; basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'domains', sanitize($post['domain_name']), 'domain_', 'domain_name', "AND (domain_view='{$val}' OR domain_view=0 OR domain_view LIKE '{$val};%' OR domain_view LIKE '%;{$val};%' OR domain_view LIKE '%;{$val}') {$domain_id_sql}"); if ($fmdb->num_rows) { $view_name = getNameFromID($val, 'fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'views', 'view_', 'view_id', 'view_name'); return sprintf(__("Zone already exists for the '%s' view."), $view_name); } } $post['domain_view'] = rtrim($domain_view, ';'); } } /** Check name field length */ $field_length = getColumnLength('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'domains', 'domain_name'); if ($field_length !== false && strlen($post['domain_name']) > $field_length) { return sprintf(dngettext($_SESSION['module'], 'Zone name is too long (maximum %d character).', 'Zone name is too long (maximum %d characters).', $field_length), $field_length); } /** No need to process more if zone is cloned */ if ($post['domain_clone_domain_id']) { return $post; } /** Cleans up acl_addresses for future parsing **/ $clean_fields = array('forwarders', 'masters'); foreach ($clean_fields as $val) { $post['domain_required_servers'][$val] = verifyAndCleanAddresses($post['domain_required_servers'][$val], 'no-subnets-allowed'); if (strpos($post['domain_required_servers'][$val], 'not valid') !== false) { return $post['domain_required_servers'][$val]; } } /** Forward zones require forward servers */ if ($post['domain_type'] == 'forward') { if (empty($post['domain_required_servers']['forwarders'])) { return __('No forward servers defined.'); } $post['domain_required_servers'] = $post['domain_required_servers']['forwarders']; } /** Slave and stub zones require master servers */ if (in_array($post['domain_type'], array('slave', 'stub'))) { if (empty($post['domain_required_servers']['masters'])) { return __('No master servers defined.'); } $post['domain_required_servers'] = $post['domain_required_servers']['masters']; } return $post; }
function validatePost($post) { global $fmdb, $__FM_CONFIG; $post['group_name'] = sanitize($post['group_name']); if (empty($post['group_name'])) { return __('No group name defined.'); } /** Check name field length */ $field_length = getColumnLength('fm_' . $__FM_CONFIG['fmSQLPass']['prefix'] . 'groups', 'group_name'); if ($field_length !== false && strlen($post['group_name']) > $field_length) { return sprintf(__('Group name is too long (maximum %d characters).'), $field_length); } /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG['fmSQLPass']['prefix'] . 'groups', sanitize($post['group_name']), 'group_', 'group_name'); if ($fmdb->num_rows) { $result = $fmdb->last_result; if ($result[0]->group_id != $post['group_id']) { return __('This group name already exists.'); } } return $post; }
/** Check account key */ include ABSPATH . 'fm-modules/facileManager/classes/class_accounts.php'; $account_status = $fm_accounts->verifyAccount($_POST['AUTHKEY']); if ($account_status !== true) { $data = $account_status; } else { if (in_array($_POST['module_name'], getActiveModules())) { if (array_key_exists('genserial', $_GET)) { $module = $_POST['module_name'] ? $_POST['module_name'] : $_SESSION['module']; $data['server_serial_no'] = generateSerialNo($module); } if (array_key_exists('addserial', $_GET)) { /** Client expects an array for a good return */ $data = $_POST; /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG[$_POST['module_name']]['prefix'] . 'servers', $_POST['server_name'], 'server_', 'server_name'); if ($fmdb->num_rows) { $server_array = $fmdb->last_result; $_POST['server_id'] = $server_array[0]->server_id; $update_server = moduleAddServer('update'); } else { if (getOption('client_auto_register')) { /** Add new server */ $add_server = moduleAddServer('add'); if ($add_server !== true) { $data = _('Could not add server to account.') . "\n"; } } else { $data = _('Client automatic registration is not allowed.') . "\n"; } }
function autoCreatePTRZone($new_zones, $fwd_domain_id) { global $__FM_CONFIG, $fmdb; basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', $fwd_domain_id, 'domain_', 'domain_id'); if ($fmdb->num_rows) { $result = $fmdb->last_result; $new_zone = explode(",", $new_zones); $ptr_array['domain_id'] = 0; $ptr_array['domain_name'] = trim($new_zone[0], "'"); $ptr_array['domain_mapping'] = 'reverse'; $ptr_array['domain_name_servers'] = explode(';', $result[0]->domain_name_servers); $copy_fields = array('soa_id', 'domain_view', 'domain_type'); foreach ($copy_fields as $field) { $ptr_array[$field] = $result[0]->{$field}; } global $fm_dns_zones; if (!class_exists('fm_dns_zones')) { include_once ABSPATH . 'fm-modules/fmDNS/classes/class_zones.php'; } $retval = $fm_dns_zones->add($ptr_array); return !is_int($retval) ? array(null, $retval) : array($retval, __('Created reverse zone.')); } return array(null, __('Forward domain not found.')); }
/** * Updates the selected user * * @since 1.0 * @package facileManager */ function update($post) { global $fmdb, $fm_name, $fm_login; /** Template user? */ if (isset($post['user_template_only']) && $post['user_template_only'] == 'yes') { $post['user_template_only'] = 'yes'; $post['user_auth_type'] = 0; $post['user_status'] = 'disabled'; } else { $post['user_template_only'] = 'no'; $post['user_auth_type'] = getNameFromID($post['user_id'], 'fm_users', 'user_', 'user_id', 'user_auth_type'); if (!$post['user_auth_type']) { $post['user_auth_type'] = 1; } } if (!isset($post['user_id'])) { $post['user_id'] = $_SESSION['user']['id']; $post['user_login'] = $_SESSION['user']['name']; } if (empty($post['user_login'])) { return _('No username defined.'); } if (!empty($post['user_password'])) { if (empty($post['cpassword']) || $post['user_password'] != $post['cpassword']) { return _('Passwords do not match.'); } $post['user_password'] = sanitize($post['user_password'], false); $sql_pwd = "`user_password`=password('" . $post['user_password'] . "'),"; } else { $sql_pwd = null; } /** Check name field length */ $field_length = getColumnLength('fm_users', 'user_login'); if ($field_length !== false && strlen($post['user_login']) > $field_length) { sprintf(_('Username is too long (maximum %d characters).'), $field_length); } /** Does the record already exist for this account? */ basicGet('fm_users', sanitize($post['user_login']), 'user_', 'user_login'); if ($fmdb->num_rows) { $result = $fmdb->last_result; if ($result[0]->user_id != $post['user_id']) { return _('This user already exists.'); } } $sql_edit = null; $exclude = array('submit', 'action', 'user_id', 'cpassword', 'user_password', 'user_caps', 'is_ajax', 'process_user_caps'); foreach ($post as $key => $data) { if (!in_array($key, $exclude)) { $sql_edit .= $key . "='" . sanitize($data) . "',"; } } $sql = rtrim($sql_edit . $sql_pwd, ','); /** Process user permissions */ if (isset($post['process_user_caps']) && !isset($post['user_caps'])) { $post['user_caps'] = array(); } if (isset($post['user_caps'][$fm_name])) { if (array_key_exists('do_everything', $post['user_caps'][$fm_name])) { $post['user_caps'] = array($fm_name => array('do_everything' => 1)); } } if (isset($post['user_caps'])) { $sql .= ",user_caps='" . serialize($post['user_caps']) . "'"; } /** Update the user */ $query = "UPDATE `fm_users` SET {$sql} WHERE `user_id`={$post['user_id']} AND `account_id`='{$_SESSION['user']['account_id']}'"; $result = $fmdb->query($query); if (!$fmdb->last_result) { return _('Could not update the user in the database.'); } /** Process forced password change */ if (isset($post['user_force_pwd_change']) && $post['user_force_pwd_change'] == 'yes') { $fm_login->processUserPwdResetForm($post['user_login']); } addLogEntry(sprintf(_("Updated user '%s'."), $post['user_login'])); return true; }
if (!updateStatus('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', $_GET['domain_id'], 'domain_', $_GET['status'], 'domain_id')) { $response = sprintf('<p class="error">' . __('This item could not be set to %s.') . "</p>\n", $_GET['status']); } else { header('Location: ' . $GLOBALS['basename']); } } break; case 'download': if (array_key_exists('domain_id', $_POST) && is_numeric($_POST['domain_id'])) { include ABSPATH . 'fm-modules/facileManager/classes/class_accounts.php'; include ABSPATH . 'fm-modules/fmDNS/classes/class_buildconf.php'; $data['SERIALNO'] = -1; $data['compress'] = 0; $data['dryrun'] = true; $data['domain_id'] = sanitize($_POST['domain_id']); basicGet('fm_accounts', $_SESSION['user']['account_id'], 'account_', 'account_id'); $account_result = $fmdb->last_result; $data['AUTHKEY'] = $account_result[0]->account_key; $raw_data = $fm_module_buildconf->buildZoneConfig($data); if (!is_array($raw_data)) { $zone_contents = unserialize($raw_data); } else { $zone_contents = null; foreach ($raw_data['files'] as $filename => $contents) { $zone_contents .= $contents . "\n\n"; } $tmp_file = TMP_FILE_EXPORTS . $filename . date("Ymdhis"); if (!file_put_contents($tmp_file, $zone_contents)) { $response = sprintf('<p>%s</p>', sprintf(__('Zone file export failed to write to temp file: %s. Please correct and try again.'), $tmp_file)); break; }
function buildAddressList($addresses) { global $fmdb, $__FM_CONFIG; $address_list = null; $address_ids = explode(';', $addresses); foreach ($address_ids as $temp_id) { $temp = null; if ($temp_id[0] == 'g') { $temp[] = $this->extractItemsFromGroup($temp_id); } else { $temp[] = substr($temp_id, 1); } if (is_array($temp[0])) { $temp = $temp[0]; } foreach ($temp as $object_id) { basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'objects', $object_id, 'object_', 'object_id', 'active'); $result = $fmdb->last_result[0]; if ($result->object_type == 'network') { $address_list[] = $result->object_address . '/' . $this->mask2cidr($result->object_mask); } else { $address_list[] = $result->object_address; } } } return $address_list; }
function installfmFirewallSchema($link = null, $database, $module, $noisy = 'noisy') { global $fm_name; /** Include module variables */ @(include ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $module . DIRECTORY_SEPARATOR . 'variables.inc.php'); $table[] = <<<TABLE CREATE TABLE IF NOT EXISTS {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}groups` ( `group_id` int(11) NOT NULL AUTO_INCREMENT, `account_id` int(11) NOT NULL DEFAULT '1', `group_type` enum('object','service') NOT NULL, `group_name` varchar(255) NOT NULL, `group_items` text NOT NULL, `group_comment` text, `group_status` enum('active','disabled','deleted') NOT NULL DEFAULT 'active', PRIMARY KEY (`group_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ; TABLE; $table[] = <<<TABLE CREATE TABLE IF NOT EXISTS {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` ( `object_id` int(11) NOT NULL AUTO_INCREMENT, `account_id` int(11) NOT NULL DEFAULT '1', `object_type` enum('host','network') NOT NULL, `object_name` varchar(255) NOT NULL, `object_address` varchar(255) NOT NULL, `object_mask` varchar(15) NOT NULL, `object_comment` text, `object_status` enum('active','disabled','deleted') NOT NULL DEFAULT 'active', PRIMARY KEY (`object_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ; TABLE; $table[] = <<<TABLE CREATE TABLE IF NOT EXISTS {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}policies` ( `policy_id` int(11) NOT NULL AUTO_INCREMENT, `account_id` int(11) NOT NULL DEFAULT '1', `server_serial_no` int(10) NOT NULL, `policy_type` enum('rules','nat') NOT NULL DEFAULT 'rules', `policy_order_id` int(11) NOT NULL, `policy_interface` varchar(150) NOT NULL DEFAULT 'any', `policy_direction` enum('in','out') NOT NULL DEFAULT 'in', `policy_action` enum('pass','block','reject') NOT NULL DEFAULT 'pass', `policy_source_not` enum('0','1') NOT NULL DEFAULT '0', `policy_source` text, `policy_destination_not` enum('0','1') NOT NULL DEFAULT '0', `policy_destination` text, `policy_services_not` enum('0','1') NOT NULL DEFAULT '0', `policy_services` text, `policy_time` text, `policy_options` int(3) NOT NULL DEFAULT '0', `policy_comment` text, `policy_status` enum('active','disabled','deleted') NOT NULL DEFAULT 'active', PRIMARY KEY (`policy_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 ; TABLE; $table[] = <<<TABLE CREATE TABLE IF NOT EXISTS {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}servers` ( `server_id` int(11) NOT NULL AUTO_INCREMENT, `account_id` int(11) NOT NULL DEFAULT '1', `server_serial_no` int(10) NOT NULL, `server_name` varchar(255) NOT NULL, `server_os` varchar(50) DEFAULT NULL, `server_os_distro` varchar(150) DEFAULT NULL, `server_type` enum('iptables','ipfw','ipfilter','pf') NOT NULL DEFAULT 'iptables', `server_version` varchar(150) DEFAULT NULL, `server_config_file` varchar(255) NOT NULL DEFAULT '/usr/local/{$fm_name}/{$module}/rules.fw', `server_interfaces` text, `server_update_method` enum('http','https','cron','ssh') NOT NULL DEFAULT 'http', `server_update_port` int(5) NOT NULL DEFAULT '0', `server_build_config` enum('yes','no') NOT NULL DEFAULT 'no', `server_update_config` enum('yes','no') NOT NULL DEFAULT 'no', `server_installed` enum('yes','no') NOT NULL DEFAULT 'no', `server_client_version` varchar(150) DEFAULT NULL, `server_status` enum('active','disabled','deleted') NOT NULL DEFAULT 'disabled', PRIMARY KEY (`server_id`), UNIQUE KEY `server_serial_no` (`server_serial_no`) ) ENGINE = MYISAM DEFAULT CHARSET=utf8; TABLE; $table[] = <<<TABLE CREATE TABLE IF NOT EXISTS {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` ( `service_id` int(11) NOT NULL AUTO_INCREMENT, `account_id` int(11) NOT NULL DEFAULT '1', `service_type` enum('icmp','tcp','udp') NOT NULL, `service_name` varchar(255) NOT NULL, `service_icmp_type` int(3) DEFAULT NULL, `service_icmp_code` int(3) DEFAULT NULL, `service_src_ports` varchar(11) DEFAULT NULL, `service_dest_ports` varchar(11) DEFAULT NULL, `service_tcp_flags` varchar(5) DEFAULT NULL, `service_established` enum('0','1') NOT NULL DEFAULT '0', `service_comment` text, `service_status` enum('active','disabled','deleted') NOT NULL DEFAULT 'active', PRIMARY KEY (`service_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ; TABLE; $table[] = <<<TABLE CREATE TABLE IF NOT EXISTS {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}time` ( `time_id` int(11) NOT NULL AUTO_INCREMENT, `account_id` int(11) NOT NULL DEFAULT '1', `time_name` varchar(255) NOT NULL, `time_start_date` date DEFAULT NULL, `time_end_date` date DEFAULT NULL, `time_start_time` time NOT NULL, `time_end_time` time NOT NULL, `time_weekdays` int(3) NOT NULL DEFAULT '0', `time_comment` text, `time_status` enum('active','disabled','deleted') NOT NULL DEFAULT 'active', PRIMARY KEY (`time_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ; TABLE; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_options` (option_name, option_value, module_name) \tSELECT 'version', '{$__FM_CONFIG[$module]['version']}', '{$module}' FROM DUAL WHERE NOT EXISTS \t(SELECT option_name FROM {$database}.`fm_options` WHERE option_name = 'version' \t\tAND module_name='{$module}'); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_options` (option_name, option_value, module_name) \tSELECT 'client_version', '{$__FM_CONFIG[$module]['client_version']}', '{$module}' FROM DUAL WHERE NOT EXISTS \t(SELECT option_name FROM {$database}.`fm_options` WHERE option_name = 'client_version' \t\tAND module_name='{$module}'); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` (account_id, object_type, object_name, object_address, object_mask, object_comment) \tSELECT '1', 'host', '{$fm_name}', '{$_SERVER['SERVER_ADDR']}', '255.255.255.255', '{$fm_name} Server' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` WHERE \tobject_type = 'host' AND object_name = '{$fm_name}' AND account_id = '1' \t); INSERT; /** Default networks */ $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` (account_id, object_type, object_name, object_address, object_mask, object_comment) \tSELECT '1', 'network', 'net-10.0.0.0', '10.0.0.0', '255.0.0.0', '10.0.0.0/8 - This block is reserved for use in private networks and should not appear on the public Internet. Its intended use is documented in RFC1918.' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` WHERE \tobject_type = 'network' AND object_name = 'net-10.0.0.0' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` (account_id, object_type, object_name, object_address, object_mask, object_comment) \tSELECT '1', 'network', 'net-172.16.0.0', '172.16.0.0', '255.240.0.0', '172.16.0.0/12 - This block is reserved for use in private networks and should not appear on the public Internet. Its intended use is documented in RFC1918.' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` WHERE \tobject_type = 'network' AND object_name = 'net-172.16.0.0' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` (account_id, object_type, object_name, object_address, object_mask, object_comment) \tSELECT '1', 'network', 'net-192.168.0.0', '192.168.0.0', '255.255.0.0', '192.168.0.0/16 - This block is reserved for use in private networks and should not appear on the public Internet. Its intended use is documented in RFC1918.' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` WHERE \tobject_type = 'network' AND object_name = 'net-192.168.0.0' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` (account_id, object_type, object_name, object_address, object_mask, object_comment) \tSELECT '1', 'network', 'All Multicasts', '224.0.0.0', '240.0.0.0', '224.0.0.0/4 - This block, formerly known as the Class D address space, is allocated for use in IPv4 multicast address assignments. The IANA guidelines for assignments from this space are described in RFC3171.' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}objects` WHERE \tobject_type = 'network' AND object_name = 'All Multicasts' AND account_id = '1' \t); INSERT; $groups[] = array('object', array('network|net-10.0.0.0', 'network|net-172.16.0.0', 'network|net-192.168.0.0'), 'rfc1918', 'RFC1918 networks.'); /** Default ICMP Services */ $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` (account_id, service_type, service_name, service_icmp_type, service_icmp_code) \tSELECT '1', 'icmp', 'Any ICMP', '-1', '-1' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` WHERE \tservice_type = 'icmp' AND service_name = 'Any ICMP' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` (account_id, service_type, service_name, service_icmp_type, service_icmp_code) \tSELECT '1', 'icmp', 'Ping Reply', '0', '0' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` WHERE \tservice_type = 'icmp' AND service_name = 'Ping Reply' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` (account_id, service_type, service_name, service_icmp_type, service_icmp_code) \tSELECT '1', 'icmp', 'Ping Request', '8', '0' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` WHERE \tservice_type = 'icmp' AND service_name = 'Ping Request' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` (account_id, service_type, service_name, service_icmp_type, service_icmp_code) \tSELECT '1', 'icmp', 'Ping Unreachable', '3', '3' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` WHERE \tservice_type = 'icmp' AND service_name = 'Ping Unreachable' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` (account_id, service_type, service_name, service_icmp_type, service_icmp_code) \tSELECT '1', 'icmp', 'Host Unreachable', '3', '1' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` WHERE \tservice_type = 'icmp' AND service_name = 'Host Unreachable' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` (account_id, service_type, service_name, service_icmp_type, service_icmp_code, service_comment) \tSELECT '1', 'icmp', 'Time Exceeded', '11', '0', 'Traceroute requires this type of ICMP messages.' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` WHERE \tservice_type = 'icmp' AND service_name = 'Time Exceeded' AND account_id = '1' \t); INSERT; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` (account_id, service_type, service_name, service_icmp_type, service_icmp_code) \tSELECT '1', 'icmp', 'Time Exceeded in Transit', '11', '1' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` WHERE \tservice_type = 'icmp' AND service_name = 'Time Exceeded in Transit' AND account_id = '1' \t); INSERT; /** Default TCP/UDP Services */ $services[] = array('tcp', 'Any TCP', '', '', NULL, ''); $services[] = array('udp', 'Any UDP', '', '', NULL, ''); $services[] = array('tcp', 'High TCP Ports', '', '1024:65535', NULL, ''); $services[] = array('udp', 'High UDP Ports', '', '1024:65535', NULL, ''); $services[] = array('tcp', 'ssh', '', '22:22', NULL, ''); $services[] = array('tcp', 'rdp', '', '3389:3389', NULL, ''); $services[] = array('tcp', 'http', '', '80:80', NULL, ''); $services[] = array('tcp', 'https', '', '443:443', NULL, ''); $services[] = array('tcp', 'mysql', '', '3306:3306', NULL, ''); $services[] = array('tcp', 'mssql', '', '1433:1433', NULL, ''); $services[] = array('tcp', 'postgre', '', '5432:5432', NULL, ''); $services[] = array('tcp', 'domain', '', '53:53', NULL, ''); $services[] = array('udp', 'domain', '', '53:53', NULL, ''); $services[] = array('tcp', 'ftp', '', '21:21', NULL, ''); $services[] = array('tcp', 'ftp-data', '20:20', '1024:65535', NULL, ''); $services[] = array('tcp', 'ftp-data passive', '', '20:20', NULL, ''); $services[] = array('tcp', 'smtp', '', '25:25', NULL, ''); $services[] = array('tcp', 'smtps', '', '465:465', NULL, ''); $services[] = array('tcp', 'pop3', '', '110:110', NULL, ''); $services[] = array('tcp', 'pop3s', '', '995:995', NULL, ''); $services[] = array('tcp', 'imap', '', '143:143', NULL, ''); $services[] = array('tcp', 'imaps', '', '993:993', NULL, ''); $services[] = array('tcp', 'squid', '', '3128:3128', NULL, 'Standard proxy server'); $services[] = array('tcp', 'telnet', '', '23:23', NULL, ''); $services[] = array('tcp', 'afp', '', '548:548', NULL, 'Apple File Sharing over TCP'); $services[] = array('tcp', 'nfs', '', '2049:2049', NULL, ''); $services[] = array('udp', 'nfs', '', '2049:2049', NULL, ''); $services[] = array('tcp', 'kerberos', '', '88:88', NULL, ''); $services[] = array('udp', 'kerberos', '', '88:88', NULL, ''); $services[] = array('udp', 'kerberos-adm', '', '749:750', NULL, ''); $services[] = array('tcp', 'ldap', '', '389:389', NULL, ''); $services[] = array('tcp', 'ldaps', '', '636:636', NULL, ''); $services[] = array('tcp', 'eklogin', '', '2105:2105', NULL, ''); $services[] = array('tcp', 'klogin', '', '543:543', NULL, ''); $services[] = array('tcp', 'kpasswd', '', '464:464', NULL, ''); $services[] = array('tcp', 'krb524', '', '4444:4444', NULL, ''); $services[] = array('tcp', 'ksh', '', '544:544', NULL, ''); $services[] = array('udp', 'netbios-ns', '', '137:137', NULL, ''); $services[] = array('udp', 'netbios-dgm', '', '138:138', NULL, ''); $services[] = array('tcp', 'netbios-ssn', '', '139:139', NULL, ''); $services[] = array('udp', 'bootps', '', '67:67', NULL, ''); $services[] = array('udp', 'bootpc', '', '68:68', NULL, ''); $services[] = array('tcp', 'smb', '', '445:445', NULL, 'SMB over TCP'); $services[] = array('udp', 'ntp', '', '123:123', NULL, ''); $services[] = array('udp', 'snmp', '', '161:161', NULL, ''); $services[] = array('udp', 'snmp-trap', '', '162:162', NULL, ''); $services[] = array('udp', 'syslog', '', '514:514', NULL, ''); $services[] = array('udp', 'tftp', '', '69:69', NULL, ''); $services[] = array('udp', 'traceroute', '', '33434:33524', NULL, ''); $services[] = array('udp', 'kerberos', '', '88:88', NULL, ''); $services[] = array('tcp', 'radius', '', '1812:1812', NULL, 'Radius Protocol'); $services[] = array('tcp', 'radius acct', '', '1813:1813', NULL, 'Radius Accounting'); $services[] = array('udp', 'radius', '', '1645:1645', NULL, ''); $services[] = array('tcp', 'WINS replication', '', '42:42', NULL, ''); $services[] = array('tcp', 'microsoft-rpc', '', '135:135', NULL, ''); $services[] = array('udp', 'microsoft-rpc', '', '135:135', NULL, ''); $services[] = array('tcp', 'sunrpc', '', '111:111', NULL, ''); $services[] = array('udp', 'sunrpc', '', '111:111', NULL, ''); $services[] = array('tcp', 'cvsup', '', '5999:5999', NULL, 'CVSup file transfers (FreeBSD uses this)'); $services[] = array('tcp', 'irc', '', '6667:6667', NULL, ''); $services[] = array('tcp', 'Christmas Tree', '', '', '63:37', 'Packets that are lit up like a Christmas Tree'); $groups[] = array('service', array('tcp|ssh', 'tcp|rdp'), 'Remote Server Administration', ''); $groups[] = array('service', array('tcp|http', 'tcp|https'), 'Web Server', ''); $groups[] = array('service', array('tcp|domain', 'udp|domain'), 'DNS', ''); $groups[] = array('service', array('tcp|ftp', 'tcp|ftp-data', 'tcp|ftp-data passive'), 'FTP', ''); $groups[] = array('service', array('tcp|kerberos', 'udp|kerberos', 'udp|kerberos-adm', 'tcp|eklogin', 'tcp|klogin', 'tcp|kpasswd', 'tcp|krb524', 'tcp|ksh'), 'Kerberos', ''); $groups[] = array('service', array('udp|bootps', 'udp|bootpc'), 'DHCP', ''); $groups[] = array('service', array('tcp|nfs', 'udp|nfs'), 'NFS', ''); $groups[] = array('service', array('udp|netbios-ns', 'udp|netbios-dgm', 'tcp|netbios-ssn'), 'NETBIOS', ''); foreach ($services as $array) { list($protocol, $name, $src_port, $dest_port, $tcp_flags, $comment) = $array; $inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` (account_id, service_type, service_name, service_src_ports, service_dest_ports, service_tcp_flags, service_comment) \tSELECT '1', '{$protocol}', '{$name}', '{$src_port}', '{$dest_port}', '{$tcp_flags}', '{$comment}' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}services` WHERE \tservice_type = '{$protocol}' AND service_name = '{$name}' AND account_id = '1' \t); INSERT; } /** Create table schema */ foreach ($table as $schema) { if ($link) { $result = mysql_query($schema, $link); if (mysql_error($link)) { return function_exists('displayProgress') ? displayProgress($module, $result, $noisy, mysql_error($link)) : $result; } } else { global $fmdb; $result = $fmdb->query($schema); if ($fmdb->last_error) { return function_exists('displayProgress') ? displayProgress($module, $result, $noisy, $fmdb->last_error) : $result; } } } /** Insert site values if not already present */ foreach ($inserts as $query) { if ($link) { $result = mysql_query($query, $link); if (mysql_error($link)) { return function_exists('displayProgress') ? displayProgress($module, $result, $noisy, mysql_error($link)) : $result; } } else { $result = $fmdb->query($query); if ($fmdb->last_error) { return function_exists('displayProgress') ? displayProgress($module, $result, $noisy, $fmdb->last_error) : $result; } } } /** Process groups */ foreach ($groups as $array) { list($group_type, $item_array, $group_name, $comment) = $array; $group_ids = null; foreach ($item_array as $item) { list($protocol, $name) = explode('|', $item); if ($protocol == 'group') { if ($link) { $query = "SELECT * FROM {$database}.fm_{$__FM_CONFIG[$module]['prefix']}groups WHERE group_status!='deleted'\n\t\t\t\t\t\t\t\tAND account_id=1 AND group_name='{$name}' LIMIT 1"; $result = mysql_query($query, $link); $temp_result = mysql_fetch_object($result); } else { basicGet($database . "`.`fm_{$__FM_CONFIG[$module]['prefix']}groups", $name, 'group_', 'group_name', null, 1); $temp_result = $fmdb->last_result[0]; } $type_id = 'group_id'; $prefix = 'g'; } else { if ($link) { $query = "SELECT * FROM {$database}.fm_{$__FM_CONFIG[$module]['prefix']}{$group_type}s WHERE {$group_type}_status!='deleted'\n\t\t\t\t\t\t\t\tAND account_id=1 AND {$group_type}_name='{$name}' AND {$group_type}_type = '{$protocol}' LIMIT 1"; $result = mysql_query($query, $link); $temp_result = mysql_fetch_object($result); } else { basicGet($database . "`.`fm_{$__FM_CONFIG[$module]['prefix']}{$group_type}s", $name, $group_type . '_', $group_type . '_name', "AND {$group_type}_type = '{$protocol}'", 1); $temp_result = $fmdb->last_result[0]; } $type_id = $group_type . '_id'; $prefix = substr($group_type, 0, 1); } $group_ids[] = $prefix . $temp_result->{$type_id}; } $group_items = implode(';', $group_ids); $group_inserts[] = <<<INSERT INSERT INTO {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}groups` (account_id, group_type, group_name, group_items, group_comment) \tSELECT '1', '{$group_type}', '{$group_name}', '{$group_items}', '{$comment}' FROM DUAL WHERE NOT EXISTS \t(SELECT * FROM {$database}.`fm_{$__FM_CONFIG[$module]['prefix']}groups` WHERE \tgroup_type = '{$group_type}' AND group_name = '{$group_name}' AND account_id = '1' \t); INSERT; } /** Insert site values if not already present */ foreach ($group_inserts as $query) { if ($link) { $result = mysql_query($query, $link); if (mysql_error($link)) { return function_exists('displayProgress') ? displayProgress($module, $result, $noisy, mysql_error($link)) : $result; } } else { $result = $fmdb->query($query); if ($fmdb->last_error) { return function_exists('displayProgress') ? displayProgress($module, $result, $noisy, $fmdb->last_error) : $result; } } } if (function_exists('displayProgress')) { return displayProgress($module, $result, $noisy); } else { if ($result) { return 'Success'; } else { return 'Failed'; } } }
basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'views', $view_id, 'view_', 'view_id'); if (!$fmdb->num_rows) { header('Location: config-views.php'); } $view_info = $fmdb->last_result; $display_option_type = $view_info[0]->view_name; $display_option_type_sql .= "' AND view_id='{$view_id}"; $name = 'view_id'; $rel = $view_id; /* Configure options for a zone */ } elseif (array_key_exists('domain_id', $_GET)) { $domain_id = isset($_GET['domain_id']) ? sanitize($_GET['domain_id']) : null; if (!$domain_id) { header('Location: ' . $GLOBALS['basename']); } basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', $domain_id, 'domain_', 'domain_id'); if (!$fmdb->num_rows) { header('Location: zones.php'); } $domain_info = $fmdb->last_result; $display_option_type = displayFriendlyDomainName($domain_info[0]->domain_name); $display_option_type_sql .= "' AND domain_id='{$domain_id}"; $name = 'domain_id'; $rel = $domain_id; } else { $view_id = $domain_id = $name = $rel = null; $display_option_type_sql .= "' AND view_id='0"; if ($option_type == 'Global') { $display_option_type_sql .= "' AND domain_id='0"; } }
function isValidDomain($domain_id) { global $fmdb, $__FM_CONFIG; basicGet('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains', $domain_id, 'domain_', 'domain_id'); if ($fmdb->num_rows) { $result = $fmdb->last_result; if ($result[0]->domain_type == 'master') { return true; } } return false; }
function validatePost($post) { global $fmdb, $__FM_CONFIG; if (empty($post['time_name'])) { return __('No name defined.'); } /** Check name field length */ $field_length = getColumnLength('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'time', 'time_name'); if ($field_length !== false && strlen($post['time_name']) > $field_length) { return sprintf(dngettext($_SESSION['module'], 'Name is too long (maximum %d character).', 'Name is too long (maximum %d characters).', $field_length), $field_length); } /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'time', $post['time_name'], 'time_', 'time_name', "AND time_id!={$post['time_id']}"); if ($fmdb->num_rows) { return __('This name already exists.'); } /** Process time */ $post['time_start_time'] = $post['time_start_time_hour'] . ':' . $post['time_start_time_min']; $post['time_end_time'] = $post['time_end_time_hour'] . ':' . $post['time_end_time_min']; /** Process weekdays */ if (@is_array($post['time_weekdays'])) { $decimals = 0; foreach ($post['time_weekdays'] as $dec => $checked) { $decimals += $dec; } $post['time_weekdays'] = $decimals; } else { $post['time_weekdays'] = 0; } /** Process dates */ if (empty($post['time_start_date'])) { unset($post['time_start_date']); } if (empty($post['time_end_date'])) { unset($post['time_end_date']); } return $post; }
function validatePost($post) { global $fmdb, $__FM_CONFIG; if (empty($post['server_name'])) { return __('No server name defined.'); } /** Check name field length */ $field_length = getColumnLength('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', 'server_name'); if ($field_length !== false && strlen($post['server_name']) > $field_length) { return sprintf(dngettext($_SESSION['module'], 'Server name is too long (maximum %d character).', 'Server name is too long (maximum %d characters).', $field_length), $field_length); } /** Does the record already exist for this account? */ basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', $post['server_name'], 'server_', 'server_name', "AND server_id!='{$post['server_id']}'"); if ($fmdb->num_rows) { return __('This server name already exists.'); } if (empty($post['server_config_file'])) { $post['server_config_file'] = $__FM_CONFIG['fw']['config_file']['default']; if (!is_array($__FM_CONFIG['fw']['config_file'][$post['server_type']]) && $__FM_CONFIG['fw']['config_file'][$post['server_type']]) { $post['server_config_file'] = $__FM_CONFIG['fw']['config_file'][$post['server_type']]; } elseif (is_array($__FM_CONFIG['fw']['config_file'][$post['server_type']])) { if (isset($post['server_os_distro'])) { $distro = $post['server_os_distro']; } else { if ($post['action'] == 'edit') { $distro = getNameFromID($post['server_id'], 'fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', 'server_', 'server_id', 'server_os_distro'); } } if (isset($distro) && array_key_exists($distro, $__FM_CONFIG['fw']['config_file'][$post['server_type']])) { $post['server_config_file'] = $__FM_CONFIG['fw']['config_file'][$post['server_type']][$distro]; } } } /** Set default ports */ if (empty($post['server_update_port']) || isset($post['server_update_port']) && $post['server_update_method'] == 'cron') { $post['server_update_port'] = 0; } if (!empty($post['server_update_port']) && !verifyNumber($post['server_update_port'], 1, 65535, false)) { return __('Server update port must be a valid TCP port.'); } if (empty($post['server_update_port']) && isset($post['server_update_method'])) { if ($post['server_update_method'] == 'http') { $post['server_update_port'] = 80; } elseif ($post['server_update_method'] == 'https') { $post['server_update_port'] = 443; } elseif ($post['server_update_method'] == 'ssh') { $post['server_update_port'] = 22; } } return $post; }
/** * Process bulk server config build * * @since 1.2 * @package facileManager */ function doBulkServerBuild($server_serial_no) { global $fmdb, $__FM_CONFIG, $fm_module_servers; /** Check permissions */ if (!currentUserCan('build_server_configs', $_SESSION['module'])) { echo buildPopup('header', _('Error')); printf('<p>%s</p>', _('You do not have permission to build server configs.')); echo buildPopup('footer', _('OK'), array('cancel_button' => 'cancel')); exit; } /** Check serial number */ basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', sanitize($server_serial_no), 'server_', 'server_serial_no'); if (!$fmdb->num_rows) { return sprintf(_('%d is not a valid serial number.'), $server_serial_no); } $server_details = $fmdb->last_result; extract(get_object_vars($server_details[0]), EXTR_SKIP); $response[] = $server_name; if ($server_installed != 'yes') { $response[] = ' --> ' . _('Failed: Client is not installed.'); } if (count($response) == 1 && $server_status != 'active') { $response[] = ' --> ' . sprintf(_('Failed: Server is %s.'), $server_status); } if (count($response) == 1) { if (!isset($fm_module_servers)) { include_once ABSPATH . 'fm-modules/' . $_SESSION['module'] . '/classes/class_servers.php'; } foreach (makePlainText($fm_module_servers->buildServerConfig($server_serial_no), true) as $line) { $response[] = ' --> ' . $line; } } $response[] = null; return implode("\n", $response); }