$search = ''; if ($_SESSION['search_relationship_group2accesspoints']) { $field['usergroup'] = sumo_search_composer($_SESSION['search_relationship_group2accesspoints'], 'usergroup'); $search = $group_query ? " AND " : " WHERE "; $search = $search . " (" . $field['usergroup'][0] . ")"; } $query1 = "SELECT id,usergroup FROM " . SUMO_TABLE_GROUPS . " " . $group_query . " " . $search . ""; $query2 = $query1 . " ORDER BY " . $_SESSION['relationship']['group2accesspoints']['col_sql'] . " " . $_SESSION['relationship']['group2accesspoints']['mode_sql']; $rs = $SUMO['DB']->Execute($query1); $tot = $rs->PO_RecordCount(); $rs = $SUMO['DB']->SelectLimit($query2, $_SESSION['rows_relationship_group2accesspoints'], $_SESSION['start_relationship_group2accesspoints']); $vis = $rs->PO_RecordCount(); /** * Create list */ $list = sumo_get_table_header($table['data']['group2accesspoints']); while ($tab = $rs->FetchRow()) { $style = sumo_alternate_str('tab-row-on', 'tab-row-off'); $query = "SELECT id,node,path,name FROM " . SUMO_TABLE_ACCESSPOINTS . "\n\t\t\t WHERE (\n\t\t\t \t\t usergroup LIKE '" . $tab['usergroup'] . "' \n\t\t\t\t\t OR usergroup LIKE '" . $tab['usergroup'] . ";%'\n\t\t\t\t\t OR usergroup LIKE '%;" . $tab['usergroup'] . "'\n\t\t\t\t\t OR usergroup LIKE '%;" . $tab['usergroup'] . ";%'\n\t\t\t\t\t )\n\t\t\t ORDER BY node,name,path"; $rs2 = $SUMO['DB']->Execute($query); $ap = "<table width='100%'>"; $a = 0; while ($tab2 = $rs2->FetchRow()) { $style2 = sumo_alternate_str('tab-row-on', 'tab-row-off', $tab['usergroup']); $tab2['name'] = sumo_get_accesspoint_name($tab2['name'], $_COOKIE['language']); $ap .= "<tr>" . "<td width='100%' class='" . $style2 . "' nowrap>" . "<a href='javascript:sumo_ajax_get(\"accesspoints\",\"?module=accesspoints&action=edit&id=" . $tab2['id'] . "\");'>" . $tab2['name'] . "</a>" . "</td>" . "<td class='" . $style2 . "'>" . "<a href='javascript:sumo_ajax_get(\"accesspoints\",\"?module=accesspoints&action=edit&id=" . $tab2['id'] . "\");'>" . $tab2['path'] . "</a>" . "</td>" . "</tr>\n"; $a++; } $ap .= "</table>"; if ($search) { $tab['usergroup'] = sumo_color_match_string($field['usergroup'][1], $tab['usergroup']);
$id_active = $tab['value']; } if ($tab['status'] == 'inactive') { $id_inactive = $tab['value']; } } $query1 = "SELECT * FROM " . SUMO_TABLE_SESSIONS . " " . $search; $query2 = $query1 . " ORDER BY " . $_SESSION['sessions']['slist']['col_sql'] . " " . $_SESSION['sessions']['slist']['mode_sql']; $rs = $SUMO['DB']->Execute($query1); $tot = $rs->PO_RecordCount(); $rs = $SUMO['DB']->SelectLimit($query2, $_SESSION['rows_sessions_slist'], $_SESSION['start_sessions_slist']); $vis = $rs->PO_RecordCount(); /** * Create list */ $list = sumo_get_table_header($table['data']['slist']); $col = $_SESSION['sessions']['slist']['col']; while ($tab = $rs->FetchRow()) { $style = sumo_alternate_str('tab-row-on', 'tab-row-off'); // verify if user is current user if ($tab['session_id'] == session_id()) { $style = 'tab-row-highlight'; } $color = 'green'; if ($tab['expire'] < $SUMO['server']['time'] + 500) { $color = 'orange'; } if ($tab['expire'] < $SUMO['server']['time'] + 300) { $color = 'red'; } $country = explode('-', $tab['country_name']);
if ($_SESSION['search_security_banned']) { $field['ip'] = sumo_search_composer($_SESSION['search_security_banned'], 'ip'); $search = $field['ip'][0] ? " WHERE " . $field['ip'][0] . " " : ''; } $query1 = "SELECT * FROM " . SUMO_TABLE_BANNED . " " . $search . " "; $query2 = $query1 . " ORDER BY " . $_SESSION['security']['banned']['col_sql'] . " " . $_SESSION['security']['banned']['mode_sql']; $rs = $SUMO['DB']->Execute($query1); $tot = $rs->PO_RecordCount(); $rs = $SUMO['DB']->SelectLimit($query2, $_SESSION['rows_security_banned'], $_SESSION['start_security_banned']); $vis = $rs->PO_RecordCount(); /** * Create list */ $col = $_SESSION['security']['banned']['col']; if ($tot > 0) { $list = sumo_get_table_header($table['data']['banned']); while ($tab = $rs->FetchRow()) { $ip = $search ? sumo_color_match_string($field['ip'][1], $tab['ip']) : $tab['ip']; $time = sumo_get_human_date($tab['time'] + $SUMO['config']['security']['banned_time'], true, true); $style = sumo_alternate_str('tab-row-on', 'tab-row-off'); $list .= "<tr>\n"; if ($col[2]) { $list .= " <td class='" . $style . "'>" . $ip . "</td>\n"; } if ($col[3]) { $list .= " <td class='" . $style . "'>" . $time . "</td>\n"; } if (($col[2] || $col[3]) && $enableip) { $list .= " <td class='" . $style . "'>" . "<a href='javascript:sumo_ajax_get(\"security\",\"?module=security&action=banned&enableip=" . $tab['id'] . "\");'>" . $language['enable'] . "</a></td>\n"; } $list .= "</tr>\n";
$search = $group_query ? " AND " : " WHERE "; $search = $search . " (" . $field['usergroup'][0] . ")"; } if (isset($_GET['id'])) { $search = "WHERE id=" . intval($_GET['id']); } $query1 = "SELECT id,usergroup FROM " . SUMO_TABLE_GROUPS . " " . $group_query . " " . $search . ""; $query2 = $query1 . " ORDER BY " . $_SESSION['relationship']['group2users']['col_sql'] . " " . $_SESSION['relationship']['group2users']['mode_sql']; $rs = $SUMO['DB']->Execute($query1); $tot = $rs->PO_RecordCount(); $rs = $SUMO['DB']->SelectLimit($query2, $_SESSION['rows_relationship_group2users'], $_SESSION['start_relationship_group2users']); $vis = $rs->PO_RecordCount(); /** * Create list */ $list = sumo_get_table_header($table['data']['group2users']); while ($tab = $rs->FetchRow()) { $style = sumo_alternate_str('tab-row-on', 'tab-row-off'); $query = "SELECT id,username,firstname,lastname,usergroup,active \n\t\t\t FROM " . SUMO_TABLE_USERS . "\n\t\t\t WHERE (usergroup LIKE '" . $tab['usergroup'] . ":%' \n\t\t\t\t\t OR usergroup LIKE '%;" . $tab['usergroup'] . ":%'\n\t\t\t\t\t OR usergroup LIKE 'sumo:%'\n\t\t\t\t\t OR usergroup LIKE '%;sumo:%')\n\t\t\t AND username<>'sumo'\n\t\t\t ORDER BY username, lastname, firstname"; $rs2 = $SUMO['DB']->Execute($query); $users = "<table width='100%'>"; $u = 0; while ($tab2 = $rs2->FetchRow()) { if (ereg('sumo:', $tab2['usergroup'])) { $style2 = "tab-row-highlight"; } else { $style2 = sumo_alternate_str('tab-row-on', 'tab-row-off', $tab['usergroup']); } $rowcolor = $tab2['active'] ? "" : " class='row-null'"; $users .= "<tr" . $rowcolor . ">" . "<td width='100%' class='" . $style2 . "'>" . "<a href='javascript:sumo_ajax_get(\"users\",\"?module=users&action=view&id=" . $tab2['id'] . "\");'>" . $tab2['user'] . "</a>" . "</td>" . "<td class='" . $style2 . "' nowrap>" . "<a href='javascript:sumo_ajax_get(\"users\",\"?module=users&action=view&id=" . $tab2['id'] . "\");'>" . $tab2['lastname'] . " " . $tab2['firstname'] . "</a>" . "</td>" . "</tr>\n"; $u++;
$field['path'] = sumo_search_composer($_SESSION['search_relationship_accesspoint2users'], 'path'); $field['name'] = sumo_search_composer($_SESSION['search_relationship_accesspoint2users'], 'name'); $search = $field['path'][0] && $field['name'][0] ? " WHERE (" . $field['path'][0] . " OR " . $field['name'][0] . ") " : ''; } // Create sql query to select only groups of user $group_query = sumo_get_group_query($search); $query1 = "SELECT * FROM " . SUMO_TABLE_ACCESSPOINTS . " " . $group_query . " " . $search . ""; $query2 = $query1 . " ORDER BY " . $_SESSION['relationship']['accesspoint2users']['col_sql'] . " " . $_SESSION['relationship']['accesspoint2users']['mode_sql']; $rs = $SUMO['DB']->Execute($query1); $tot = $rs->PO_RecordCount(); $rs = $SUMO['DB']->SelectLimit($query2, $_SESSION['rows_relationship_accesspoint2users'], $_SESSION['start_relationship_accesspoint2users']); $vis = $rs->PO_RecordCount(); /** * Create list */ $list = sumo_get_table_header($table['data']['accesspoint2users']); while ($tab = $rs->FetchRow()) { $style = sumo_alternate_str('tab-row-on', 'tab-row-off'); $groups = explode(";", $tab['usergroup']); $group = array(); for ($i = 0; $i < count($groups); $i++) { $group[] = " usergroup LIKE '%" . $groups[$i] . "%' "; } $groups = implode(" OR ", $group); $query = "SELECT id,username,firstname,lastname,usergroup,active\n\t\t\t FROM " . SUMO_TABLE_USERS . "\n\t\t\t WHERE ({$groups}\n\t\t\t\t\t OR usergroup LIKE 'sumo:%'\n\t\t\t\t\t OR usergroup LIKE '%;sumo:%')\n\t\t\t AND username<>'sumo'\n\t\t\t ORDER BY username,lastname,firstname"; $rs2 = $SUMO['DB']->Execute($query); $users = "<table width='100%'>"; $u = 0; while ($tab2 = $rs2->FetchRow()) { $rowcolor = $tab2['active'] ? '' : " class='row-null'"; if (ereg('sumo:', $tab2['usergroup'])) {
$query1 = "SELECT * FROM " . SUMO_TABLE_LOG_ERRORS . " " . $search; break; default: $query1 = "SELECT * FROM " . SUMO_TABLE_LOG_SYSTEM . " " . $search . " \n\t\t\tUNION \n\t SELECT * FROM " . SUMO_TABLE_LOG_ACCESS . " " . $search . "\n\t\t\tUNION \n\t SELECT * FROM " . SUMO_TABLE_LOG_ERRORS . " " . $search; break; } $query2 = $query1 . " ORDER BY " . $_SESSION['security'][$action]['col_sql'] . " " . $_SESSION['security'][$action]['mode_sql']; $rs = $SUMO['DB']->Execute($query1); $tot = $rs->PO_RecordCount(); $rs = $SUMO['DB']->SelectLimit($query2, $_SESSION['rows_security_' . $action], $_SESSION['start_security_' . $action]); $vis = $rs->PO_RecordCount(); /** * Create list */ if ($tot > 0) { $list = sumo_get_table_header($table['data'][$action]); $col = $_SESSION['security'][$action]['col']; while ($tab = $rs->FetchRow()) { $style = "class='" . sumo_alternate_str('tab-row-on', 'tab-row-off') . "'"; $node = sumo_get_node_info($tab['node'], 'ip'); $node['name'] = !$node['name'] ? '−' : $node['name']; if ($search) { $tab['code'] = sumo_color_match_string($field['code'][1], $tab['code']); $tab['ip'] = sumo_color_match_string($field['ip'][1], $tab['ip']); $tab['message'] = sumo_color_match_string($field['message'][1], $tab['message']); $tab['country_name'] = sumo_color_match_string($field['country_name'][1], $tab['country_name']); } $list .= "<tr>\n"; if ($col[2]) { $list .= " <td {$style} align='center'><img src='themes/" . $SUMO['page']['theme'] . "/images/modules/security/priority_" . $tab['priority'] . ".gif' class='log-priority' alt='" . $tab['priority'] . "'></td>\n"; }