function LoginForm() { global $command, $admlogin, $admpassword; htmlProlog($_SERVER['PHP_SELF'], "Administration", false); ?> <form method="post" action="<?php echo basename($_SERVER['PHP_SELF']); ?> " name=loginform> <table frame=void rules=none WIDTH="300"> <tr> <td align="left"> login: </td> <td align="left"> <input type="text" name="admlogin" maxlength=16 size=16> </td> <tr> <td align="left"> password: </td> <td align="left"> <input type="password" name="admpassword" maxlength=16 size=16> </td> <tr> <td align="left"> </td> <td align="left"> </td> <tr> <td align="left"> </td> <td align="left"> <input type=submit value="login" name="cmdlogin"> </td> <td align="left"> <input type=hidden name="command" value="login"> </td> </table> </form> <script type="text/javascript"> <!-- if (document.loginform) { document.loginform.login.focus(); } // --> </script> <?php $admlogin = ''; $admpassword = ''; htmlEpilog(); }
// // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. $publicAccess = true; include 'authenticate.php'; include 'request_interface.php'; if ($preselServ != "") { list($presel_shard, $presel_server, $presel_service) = explode(".", $preselServ); if ($presel_service) { $aliases = split('[/-]', $presel_service); if (count($aliases) == 3) { $presel_service = $aliases[0]; } } } htmlProlog($_SERVER['PHP_SELF'], "Player Locator"); echo "<script><!--\n"; echo "//----------------------------------\n"; echo "function clickOnEntity(entity)\n"; echo "{\n"; echo "\tplayer_select[entity] = !player_select[entity];\n"; echo "\tif (player_select[entity])\n"; echo "\t{\n"; echo "\t\tdocument.getElementById('player_'+entity).style.background = player_sel_bgcolor[entity];\n"; echo "\t}\n"; echo "\telse\n"; echo "\t{\n"; echo "\t\tdocument.getElementById('player_'+entity).style.background = player_bgcolor[entity];\n"; echo "\t}\n"; echo "\tvar total_select = 0;\n"; echo "\tvar list_select = ''\n";
$_GET =& $HTTP_GET_VARS; } function importParam($var) { global $_POST, $_GET; if (isset($_POST[$var])) { $GLOBALS[$var] = $_POST[$var]; } else { if (isset($_GET[$var])) { $GLOBALS[$var] = $_GET[$var]; } else { unset($GLOBALS[$var]); } } } htmlProlog($_SERVER['PHP_SELF'], "Log Analysis"); // look for LAS $las_query = "*.*.LAS.State"; $qstate = nel_query($las_query, $result); unset($availableLAS); if ($qstate) { $arr = explode(' ', $result); $numRes = count($arr); $numRows = current($arr); $numLines = ($numRes - $numRows - 2) / $numRows; next($arr); for ($i = 0; $i < $numRows; ++$i) { $vars[] = current($arr); next($arr); } unset($shards);
$fullPath = factorizeQuery("[" . join($newPaths, ",") . "]"); // filter selection with command $fullCmd = $fullPath . " " . $execServParams; logUser($uid, "COMMAND=" . $fullCmd); $qstate = nel_query($fullPath . " " . $execServParams, $cmdResult); } unset($ownerTables); // display available user and group views $result = sqlquery("SELECT view.name AS name, view.tid AS tid, view.uid AS gid, user.login AS owner FROM view_table AS view, user WHERE view.uid=user.uid AND (view.uid='{$uid}' OR view.uid='{$gid}') ORDER BY gid, ordering"); if ($result) { $owner = ""; while ($arr = sqlfetch($result)) { $ownerTables[$arr["owner"]][] = $arr; } } htmlProlog($_SERVER['PHP_SELF'], "View Selection '{$tname}'", true); if (isset($tname)) { $current_tname = $tname; } $use_refreshRate = isset($form_refreshRate) && $form_refreshRate != 0 ? $form_refreshRate : $refreshRate; if ($use_refreshRate > 0) { echo "<script><!--\n"; echo "\tvar sURL = unescape(window.location.pathname);\n"; echo "\tvar pos = sURL.indexOf('.php');\n"; echo "\tfunction refresh() { window.location.replace( sURL ); }\n"; echo "\tif (pos >= 0) {\n"; echo "\t\tsURL = sURL.substr(0, pos+4)+'?current_tid={$tid}&form_refreshRate={$form_refreshRate}';\n"; echo "\t\tsetTimeout(\"refresh()\", " . $use_refreshRate * 1000 . ");\n"; echo "\t}\n"; echo "//--></script>\n"; }
} } } } } } } } } } } } } // ----------------------------- // page display htmlProlog($_SERVER['PHP_SELF'], "Customize views"); if ($error) { echo "<b>Reported errors:</b><br>{$error}<br>\n"; } unset($vargroups); $result = sqlquery("SELECT * FROM variable_group ORDER BY name"); while ($result && ($arr = sqlfetch($result))) { if ((!isset($sel_vgid) || $sel_vgid == "") && $arr["name"] == "NoGroup") { $sel_vgid = $arr["vgid"]; } $vargroups[$arr["name"]] = $arr["vgid"]; } // ----------------------------- // display customizable views $res = sqlquery("SELECT default_view FROM user, view_table WHERE user.uid='{$uid}' AND (view_table.uid='{$uid}' OR view_table.uid='{$gid}') AND view_table.tid=user.default_view"); if ($res && ($arr = sqlfetch($res))) {
// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. include 'html_headers.php'; include 'sql_connection.php'; $file = getVar('file'); $topic = getVar('topic'); $edit = getVar('edit'); $help_body = getVar('help_body'); $update = getVar('update'); htmlProlog($_SERVER['PHP_SELF'], "Help for '{$file}/{$topic}'", false); $result = defaultConnectToDatabase(); if ($result) { echo "Can't find help, database connection failed.<br>[{$result}]<br>\n"; } else { $view = true; if ($edit) { echo "<p align=justify><b>Edit help</b> for <b>{$file}/{$topic}</b><br>\n"; echo "<i>Hints/Warning:</i> Text note is not processed, and will be display as is, meaning that all HTML tags <b>must</b> be valid.\n"; echo "References to other help pages are formatted like<br><a href='help.php?file=<i>file</i>&topic=<i>topic</i>'><i>blahblah</i></a><br>\n"; echo "where <i>file</i> referres to a valid php file (e.g. /index.php) and <i>topic</i> to a valid topic name. For common Help Notes, <i>file</i> should be set to 'common'.\n"; echo "You may also use curved brackets '{' and '}' to point to a link (e.g. 'info about {NeL}' will point to a common help note on 'NeL' topic.)<br>\n"; $result = mysql_query("SELECT help_body FROM help_topic WHERE file='{$file}' AND topic='{$topic}'"); $help_body = "[Write your help note here]"; if ($result && ($arr = mysql_fetch_array($result))) { $help_body = $arr["help_body"];
} else { if (isset($filter_entity)) { setCookie("admfilter_entity", $filter_entity, time() + 3600 * 24 * 15); } } } include 'sql_connection.php'; include 'session_auth.php'; include 'login_form.php'; include 'html_headers.php'; $result = defaultConnectToDatabase(); if ($result) { die($result); } if (!auth($error)) { LoginForm(); die; } $IsNevrax = strtolower($group) == 'nevraxgroup'; if ((!isset($publicAccess) || $publicAccess == false) && $admlogin != "root" && (!$allowNevrax || !$IsNevrax)) { htmlProlog($_SERVER['PHP_SELF'], "Acces not granted"); echo "You are not allowed to go to this page.<br>\n"; echo "<a href='index.php'>Index page</a>\n"; htmlEpilog(); die; } include 'init.php'; // print "POST VARS: "; print_r($HTTP_POST_VARS); print "<br><br>"; // print "GET VARS: "; print_r($HTTP_GET_VARS); print "<br><br>"; // print "COOKIE VARS "; print_r($HTTP_COOKIE_VARS); print "<br><br>"; // print "SESSION VARS "; print_r($_SESSION); print "<br><br>";
// License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. $publicAccess = true; include 'authenticate.php'; if (isset($chCookieState)) { sqlquery("UPDATE user SET useCookie='{$chCookieState}' WHERE uid='{$uid}'"); $useCookie = $chCookieState; } htmlProlog($_SERVER['PHP_SELF'], "Preferences"); echo "<br><b>Preferences edit</b><br>\n"; echo "<table><tr><td>\n"; echo "<br><table><tr><td>Use login cookie</td><form method=post action='" . $_SERVER['PHP_SELF'] . "'><td>\n"; echo "<select name='chCookieState' onChange='submit()'>\n"; echo "<option value='yes'" . ($useCookie == 'yes' ? " selected" : "") . ">Yes\n"; echo "<option value='no'" . ($useCookie != 'yes' ? " selected" : "") . ">No\n"; echo "</td></form></tr></table><br>\n"; echo "</td></tr><tr><td><hr></td></tr><tr><td>\n"; echo "<table><tr><td colspan=2>Change password</td></tr>\n"; echo "<form method=post action='" . $_SERVER['PHP_SELF'] . "'><input type=hidden name='command' value='chPassword'><input type=hidden name='admlogin' value='{$admlogin}'><input type=hidden name='admpassword' value='{$admpassword}'>\n"; echo "<tr><td>Enter previous password</td><td><input type=password name='chOldPass' size=16 maxlength=16></td></tr>\n"; echo "<tr><td>Enter new password</td><td><input type=password name='chNewPass' size=16 maxlength=16></td></tr>\n"; echo "<tr><td>Reenter new password</td><td><input type=password name='chConfirmNewPass' size=16 maxlength=16></td></tr>\n"; echo "<tr><td colspan=2 align=center><input type=submit type=password name='chPassword' value='Change password'></td></tr>\n"; echo "</form></table><br>\n";
if ($preselServ != "") { list($presel_shard, $presel_server, $presel_service) = explode(".", $preselServ); if ($presel_service) { $aliases = split('[/-]', $presel_service); if (count($aliases) == 3) { $presel_service = $aliases[0]; } } } if ($reset_filters) { $filter_shard = ""; $filter_server = ""; $filter_service = ""; $filter_entity = ""; } htmlProlog($_SERVER['PHP_SELF'], "Commands"); // input variables : // - $preselServ : preselected service address // - $execCommand : executed command on preselected service, like a normal service // echo "Services commands<br>\n"; echo "<table border=1><form method=post action='" . $_SERVER['PHP_SELF'] . "'>\n"; echo "<tr><th rowspan=2> Filters </th><th>shard</th><th>server</th><th>service</th><th>entity</th><td rowspan=2> <input type=submit name='display_view' value='Update\nfilters'> </td><td rowspan=2> <input type=submit name='reset_filters' value='Reset\nfilters'> </td></tr>\n"; echo "<tr>\n"; echo "<td><input type=text name=filter_shard value='{$filter_shard}' size=12 maxlength=256></td>\n"; echo "<td><input type=text name=filter_server value='{$filter_server}' size=12 maxlength=256></td>\n"; echo "<td><input type=text name=filter_service value='{$filter_service}' size=12 maxlength=256></td>\n"; echo "<td><input type=text name=filter_entity value='{$filter_entity}' size=28 maxlength=1024></td>\n"; echo "</tr>\n"; echo "</form></table><br>\n"; echo "<table border=0><tr valign=top>\n";
} } } } } } } } } } } } } // ----------------------------- // page display htmlProlog($_SERVER['PHP_SELF'], "Administration"); subBar(array("Users" => $_SERVER['PHP_SELF'] . "?editUsers=true", "Variables" => $_SERVER['PHP_SELF'] . "?editVariables=true", "Services" => $_SERVER['PHP_SELF'] . "?editServices=true", "Servers" => $_SERVER['PHP_SELF'] . "?editServers=true", "Shards" => $_SERVER['PHP_SELF'] . "?editShards=true")); echo "Administration tools<br>\n"; if ($error) { echo "<b>Reported errors:</b><br>\n{$error}<br>"; } if (!$editUser && !$editUsers && !$editVariables && !$editShards && !$editServices && !$editServers) { $editUsers = true; } // --------------------------------------------------------------------------------- // edit a single user // --------------------------------------------------------------------------------- if ($editUser) { $resURL = $_SERVER['PHP_SELF'] . "?editUser={$editUser}&selGroup={$selGroup}"; $result = sqlquery("SELECT * FROM user WHERE uid='{$editUser}'"); if ($result && ($arr = mysql_fetch_array($result))) {
function auth(&$error) { global $command, $sessionAuth, $admcookielogin, $admcookiepassword, $sessionAuth; global $admlogin, $admpassword, $uid, $gid, $useCookie, $group, $HTTP_POST_VARS; unset($error); switch ($HTTP_POST_VARS["command"]) { case "logout": addToLog("Logout!"); $uid = $sessionAuth["uid"]; logUser($uid, "LOGOUT"); //session_unregister("sessionAuth"); unset($_SESSION["sessionAuth"]); session_destroy(); // erases cookies eraseCookies(); unset($admlogin); unset($admpassword); unset($admcookielogin); unset($admcookiepassword); unset($uid); htmlProlog($_SERVER['PHP_SELF'], "Logout", false); echo "<center>\n"; echo "You are not logged any more<br>\n"; echo "Click <a href='index.php'>here</a> to login<br>\n"; echo "</center>\n"; htmlEpilog(); die; break; case "chPassword": addToLog("Change pass!"); global $chOldPass, $chNewPass, $chConfirmNewPass; if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { $error = "Invalid login '{$admlogin}'"; eraseCookies(); return 0; } if (crypt($chOldPass, "NL") == $admpassword && $chNewPass == $chConfirmNewPass) { sqlquery("UPDATE user SET password='******' WHERE uid='{$uid}'"); $admpassword = $chNewPass; addToLog("Changed password to '{$chNewPass}':'" . crypt($chNewPass, "NL") . "'"); //session_unregister("sessionAuth"); unset($_SESSION["sessionAuth"]); session_destroy(); } case "login": $admpassword = crypt($admpassword, "NL"); addToLog("Login! -- admlogin='******', admpassword='******'"); if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { $error = "Invalid login '{$admlogin}'"; print $error; eraseCookies(); return 0; } $sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid); //session_register("sessionAuth"); $_SESSION["sessionAuth"] = $sessionAuth; if ($useCookie) { setupCookies($admlogin, $admpassword); } logUser($uid, "LOGIN"); return 1; break; default: if (!isset($sessionAuth) || $sessionAuth["admlogin"] == "") { print "no sessionauth or admlogin is blank"; if (!isset($admcookielogin)) { addToLog("cookie not set"); return false; } else { $admlogin = $admcookielogin; $admpassword = $admcookiepassword; } } else { $admlogin = $sessionAuth["admlogin"]; $admpassword = $sessionAuth["admpassword"]; $uid = $sessionAuth["uid"]; } if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { if (!$uid) { $error = "Invalid login '{$admlogin}'"; eraseCookies(); return false; } } $sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid); //session_register("sessionAuth"); $_SESSION["sessionAuth"] = $sessionAuth; if ($useCookie) { setupCookies($admlogin, $admpassword); } else { eraseCookies(); } //logUser($uid, "BROWSE"); return 1; break; } }