public static function fatalDatabaseError($error, $pear_error_obj) { if (is_object($pear_error_obj)) { $error .= ": " . $pear_error_obj->toString(); } $AdminLog =& \AdminLog::getInstance(); $AdminLog->log_error($error); global $NONINTERACTIVE_SCRIPT; if (isset($NONINTERACTIVE_SCRIPT) && $NONINTERACTIVE_SCRIPT) { // Non-interactive script running, return error message as comments echo "#error_occured\n"; echo "# An error has occured in the application\n"; echo "# More information may be available in the server logs\n"; echo "# ::{$error}::\n"; echo "# Memory used: " . memory_get_usage() . "\n"; die; } $smarty = new \SmartyBC(); $smarty->compile_check = true; $smarty->register_block('t', 'smarty_block_t'); // Needed even though message will be in English $smarty->assign("Application", APPLICATION_NAME); $smarty->assign("error", $error); $smarty->display("error.tpl"); //var_dump($pear_error_obj); die; }
function loginForm($username = null, $status = null, &$auth = null) { global $templateEngine; $templateEngine->clearAssign('MenuItems'); $templateEngine->clearAssign("LoggedInUsername"); $templateEngine->assign('username', $username); switch ($status) { case 0: break; case -1: case -2: $error = T_("Your session has expired. Please login again"); AdminLog::getInstance()->log("Expired Session"); break; case -3: $error = T_("Incorrect Login"); AdminLog::getInstance()->log("Invalid Login"); break; case -5: $errro = T_("Security Issue. Please login again"); AdminLog::getInstance()->log("Security Issue With Login"); break; default: $error = T_("Authentication Issue. Please report to Admin"); AdminLog::getInstance()->log("Auth Issues: {$status}"); } if (isset($error)) { $templateEngine->assign("error", $error); } $templateEngine->displayPage('loginform.tpl'); exit; }
$password = \Grase\Util::randomPassword($Settings->getSetting('passwordLength')); } // Attempt to create user. Will error if it's not a unique username if (DatabaseFunctions::getInstance()->createUser($username, $password, $MaxMb, $MaxTime, expiry_for_group($group, $groupSettings), $groupSettings[$group]['ExpireAfter'], \Grase\Clean::text($_POST['Group']), \Grase\Clean::text($_POST['Comment']))) { AdminLog::getInstance()->log("Created new user {$username}"); $Settings->addUserToBatch($batchID, $username); $createdUsernames[] = $username; } else { // Failed to create. Most likely not a unique username. // Try again but only for so long (i.e. all usernames are in use) $i--; // This really chokes up the logs, maybe don't log this? TODO AdminLog::getInstance()->log("Failed to created new user {$username}. Probably duplicate username"); $failedUsers++; if ($failedUsers > 20) { AdminLog::getInstance()->log("Too many failed usernames, stopping batch creation"); $error[] = sprintf(T_("Too many users failed to create. Batch creation stopped. %s users have been successfully created"), $i); break; } } } // Load up user details of created users for displaying $createdUsers = DatabaseFunctions::getInstance()->getMultipleUsersDetails($createdUsernames); $templateEngine->assign("createdusers", $createdUsers); // Check if we managed to create all users or if batch failed if ($failedUsers <= 20) { $success[] = T_("Tickets Successfully Created"); $success[] = "<a target='_tickets' href='export.php?format=html&batch={$batchID}'>" . T_("Print Tickets") . "</a>"; unset($user); } }
/* Copyright 2008 Timothy White */ /* This file is part of GRASE Hotspot. http://grasehotspot.org/ GRASE Hotspot is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. GRASE Hotspot is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>. */ $PAGE = 'login'; require_once 'includes/pageaccess.inc.php'; $from_page = 'login'; require_once 'includes/session.inc.php'; AdminLog::getInstance()->log("Log in"); $host = $_SERVER['HTTP_HOST']; $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); if (isset($_GET['page'])) { $uri = $_GET['page']; } // Sanity check header("Location: http://{$host}{$uri}"); exit;
public function unlockUser($username) { /* Remove a lock on a user account */ $sql = sprintf("DELETE FROM radcheck\n WHERE Username=%s\n AND Attribute=%s", $this->db->quote($username), $this->db->quote('Auth-Type')); $result = $this->db->queryOne($sql); if (PEAR::isError($result)) { \Grase\ErrorHandling::fatalDatabaseError(T_('Removing User Lock Query Failed: '), $result); } $sql = sprintf("DELETE FROM radreply\n WHERE Username=%s\n AND Attribute=%s", $this->db->quote($username), $this->db->quote('Reply-Message')); $result = $this->db->queryOne($sql); if (PEAR::isError($result)) { \Grase\ErrorHandling::fatalDatabaseError(T_('Removing User Lock Message Query Failed: '), $result); } AdminLog::getInstance()->log("Unlocked user {$username}"); }
<?php /* Copyright 2009 Timothy White */ /* This file is part of GRASE Hotspot. http://grasehotspot.org/ GRASE Hotspot is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. GRASE Hotspot is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>. */ $PAGE = 'adminlog'; require_once 'includes/pageaccess.inc.php'; require_once 'includes/session.inc.php'; require_once 'includes/misc_functions.inc.php'; // TODO: Add "reset" option that archives old stuff? (Or deletes old stuff) $templateEngine->assign("loglines", AdminLog::getInstance()->getLog()); $templateEngine->assign("lastcron", AdminLog::getInstance()->lastCron()); $templateEngine->displayPage('adminlog.tpl');
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>. */ $NONINTERACTIVE_SCRIPT = true; require_once __DIR__ . '/../../vendor/autoload.php'; require_once 'includes/misc_functions.inc.php'; // Special case for stale sessions, don't log it /*if(isset($_GET['clearstalesessions'])) { CronFunctions::getInstance()->clearStaleSessions(); exit; }*/ AdminLog::getInstance()->log_cron("CRON"); $DBs = new DatabaseConnections(); $radiusDB = new \Grase\Database\Database(); $radminDB = new \Grase\Database\Database('/etc/grase/radmin.conf'); $upgradeDB = new \Grase\Database\Upgrade($radiusDB, $radminDB, new \Grase\Database\Radmin($radminDB), CronFunctions::getInstance()); $upgradeDatabaseResults = $upgradeDB->upgradeDatabase(); if ($upgradeDatabaseResults) { echo "{$upgradeDatabaseResults}\n"; } $staleSessionsResult = CronFunctions::getInstance()->clearStaleSessions(); if ($staleSessionsResult) { echo "{$staleSessionsResult}\n"; } $expiredUsersResults = CronFunctions::getInstance()->deleteExpiredUsers(); if ($expiredUsersResults) { echo "{$expiredUsersResults}\n";
$error = "Logo Failed to upload"; } elseif ($_FILES['newlogo']['size'] > 50960) { $error = "Logo too big"; } else { // TODO: test if jpg or png // TODO: test if jpeg/jpg/png extension otherwise browser doesn't know type //print "Attempting to test if png"; if (exif_imagetype($_FILES['newlogo']['tmp_name']) != IMAGETYPE_PNG) { $error = "Logo is not a png"; } else { // TODO: don't overwrite logo.X, upload to logo dir and remember name to add to css/html //print "Attempting to move file"; if (move_uploaded_file($_FILES['newlogo']['tmp_name'], '/usr/share/grase/www/images/logo.png')) { $error = false; $success = "Logo Updated (you may need to refresh your browser to see the change)"; AdminLog::getInstance()->log("New Logo Uploaded"); } else { $error = "Unable to save new logo to server"; } } } } else { $error = \Grase\Util::fileUploadErrorCodeToMessage($_FILES['newlogo']['error']); } } if ($error) { $templateEngine->assign("error", array($error)); } if ($success) { $templateEngine->assign("success", array($success)); }
public function deleteOutOfDataUsers() { /* Do select to get list of usernames * Run deleteUser over each username (this clears all junk easily * can be condensed into less queries but this removes complexity * */ $deleted_results = 0; $sql = sprintf("SELECT UserName\n FROM radcheck\n WHERE Attribute = %s AND\n Value = 0", $this->db->quote('Max-Octets')); $results = $this->db->queryAll($sql); if (PEAR::isError($results)) { return T_('Fetching users to delete failed') . $results->toString(); } foreach ($results as $user) { AdminLog::getInstance()->log_cron("Cron Deleting OutOfData {$user['UserName']}"); $this->deleteUser($user['UserName']); } $deleted_results += sizeof($results); if ($deleted_results) { return "({$deleted_results}) " . T_('OutOfData users deleted'); } return false; }
public function deleteVoucher($vouchername) { $delete = $this->radmin->prepare("DELETE FROM vouchers WHERE VoucherName=?"); $result = $delete->execute(array($vouchername)); if ($result === false) { ErrorHandling::fatalDatabaseError(T_('Delete Voucher query failed: '), $result); } \AdminLog::getInstance()->log("Voucher {$vouchername} deleted"); return $result; }
$groupSettings = $Settings->getGroup($user['Group']); // TODO: Create function to make these the same across all locations // Check if we are using the dropdown, or inherit to override the input field if (is_numeric($user['Max_Mb'])) { $user['MaxMb'] = $user['Max_Mb']; } elseif ($user['Max_Mb'] == 'inherit') { $user['MaxMb'] = $groupSettings[$user['Group']]['MaxMb']; } // Check if we are using the dropdown, or inherit to override the input field if (is_numeric($user['Max_Time'])) { $user['MaxTime'] = $user['Max_Time']; } elseif ($user['Max_Time'] == 'inherit') { $user['MaxTime'] = $groupSettings[$user['Group']]['MaxTime']; } // TODO: Check if valid DatabaseFunctions::getInstance()->createUser($user['Username'], $user['Password'], $user['MaxMb'], $user['MaxTime'], expiry_for_group($user['Group'], $groupSettings), $groupSettings[$user['Group']]['ExpireAfter'], $user['Group'], $user['Comment']); $success[] = sprintf(T_("User %s Successfully Created"), $user['Username']); $success[] = "<a target='_tickets' href='export.php?format=html&user={$user['Username']}'>" . sprintf(T_("Print Ticket for %s"), $user['Username']) . "</a>"; AdminLog::getInstance()->log(sprintf(T_("Created new user %s"), $user['Username'])); $templateEngine->assign("success", $success); // We are now loading the form afresh, ensure we clear the $user array $user = array(); } } $user['Password'] = \Grase\Util::randomPassword($Settings->getSetting('passwordLength')); // TODO: make default settings customisable $user['Max_Mb'] = 'inherit'; $user['Max_Time'] = 'inherit'; $user['Expiration'] = "--"; $templateEngine->assign("user", $user); $templateEngine->displayPage($templateFile);
function updateSupportLinkSetting($supportLink) { global $error, $Settings, $success; if ($Settings->getSetting('supportContactLink') == $supportLink) { return true; } if ($supportLink == "" || strpos($supportLink, ' ') !== false) { $error[] = T_("Support link not valid"); } else { if ($Settings->setSetting('supportContactLink', $supportLink)) { $success[] = T_("Support link updated"); AdminLog::getInstance()->log(T_("Support link updated")); } else { $error[] = T_("Error Saving Support link"); } } }
if (sizeof($errors) == 0) { // Access level is set at creation and can't be changed via the Auth class if ($Auth->addUser($_POST['newUsername'], $_POST['newPassword'], array('accesslevel' => $newAccessLevel))) { $success[] = T_("User Created"); AdminLog::getInstance()->log("New Admin User Created, {$_POST['newUsername']}"); } else { $errors[] = T_("Error Creating Admin User"); } } } // Delete admin user if (isset($_POST['deleteadminusersubmit'])) { if ($_POST['deleteusername']) { $success[] = sprintf(T_("User %s Deleted"), $_POST['deleteusername']); $Auth->removeUser($_POST['deleteusername']) or $error_delete = "Error Deleting User"; AdminLog::getInstance()->log("Admin User Deleted, {$_POST['deleteusername']}"); } else { $errors[] = T_("Invalid Delete Request"); } } $templateEngine->assign("error", $errors); $templateEngine->assign("success", $success); $adminUsersDetails = array(); foreach ($Auth->listUsers() as $adminUserDetail) { unset($adminUserDetail['password']); switch ($adminUserDetail['accesslevel']) { case 1: $adminUserDetail['accesslevellabel'] = T_("Admin User"); break; case 2: $adminUserDetail['accesslevellabel'] = T_("Power User");
// TODO: Check return for success $success[] = T_("Max Time Limit Updated"); AdminLog::getInstance()->log(sprintf(T_("Max Time Limit changed for %s"), $username)); } } } if (isset($_POST['unexpiresubmit'])) { DatabaseFunctions::getInstance()->setUserExpiry($username, expiry_for_group(DatabaseFunctions::getInstance()->getUserGroup($username))); $success[] = T_("Expiry updated"); } // Delete User if (isset($_POST['deleteusersubmit'])) { DatabaseFunctions::getInstance()->deleteUser($username); // TODO: Check for success $success[] = sprintf(T_("User '%s' Deleted"), $username); AdminLog::getInstance()->log("User {$username} deleted"); $templateEngine->assign("error", $error); $templateEngine->assign("success", $success); require 'display.php'; die; // TODO: Recode so don't need die (too many nests?) } $templateEngine->assign("error", $error); $templateEngine->assign("success", $success); // if $success we need to reload the info if (sizeof($success) > 0 || sizeof($error) > 0) { $user = DatabaseFunctions::getInstance()->getUserDetails($_GET['username']); } // After potential reload, we can assign it to smarty $templateEngine->assign("user", $user); // After all user details are loaded, we can load our warning