$Subnets = new Subnets($Database); $Tools = new Tools($Database); $Addresses = new Addresses($Database); # verify that user is logged in $User->check_user_session(); # set sorting $tmp = explode("|", $_POST['direction']); $sort['field'] = $tmp[0]; $sort['direction'] = $tmp[1]; if ($sort['direction'] == "asc") { $sort['directionNext'] = "desc"; } else { $sort['directionNext'] = "asc"; } # subnet-related variables $subnet = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']); //subnet details $subnet_detailed = $Subnets->get_network_boundaries($subnet['subnet'], $subnet['mask']); //set network boundaries $slaves = $Subnets->has_slaves($subnet['id']) ? true : false; //check if subnet has slaves and set slaves flag true/false # fetch all addresses - sorted if ($slaves) { $addresses = $Addresses->fetch_subnet_addresses_recursive($subnet['id'], false, $sort['field'], $sort['direction']); $slave_subnets = (array) $Subnets->fetch_subnet_slaves($subnet['id']); } else { $addresses = $Addresses->fetch_subnet_addresses($subnet['id'], $sort['field'], $sort['direction']); } # set permissions $subnet_permission = $Subnets->check_permission($User->user, $subnet['id']); }
# reinitialize objects $Database = new Database_PDO(); $Admin = new Admin($Database, false); $Addresses = new Addresses($Database); $Subnets = new Subnets($Database); $DNS = new DNS($Database); $Scan = new Scan($Database); $Result = new Result(); # insert to database $discovered = 0; //for mailing foreach ($scan_subnets as $s) { if (sizeof(@$s->discovered) > 0) { foreach ($s->discovered as $ip) { // fetch subnet $subnet = $Subnets->fetch_subnet("id", $s->id); $nsid = $subnet === false ? false : $subnet->nameserverId; // try to resolve hostname $hostname = $DNS->resolve_address($ip, false, true, $nsid); //set update query $values = array("subnetId" => $s->id, "ip_addr" => $Subnets->transform_address($ip, "decimal"), "dns_name" => $hostname['name'], "description" => "-- autodiscovered --", "note" => "This host was autodiscovered on " . $nowdate, "lastSeen" => $nowdate, "state" => "2", "action" => "add"); //insert $Addresses->modify_address($values); //set discovered $discovered++; } } } # update scan time $Scan->ping_update_scanagent_checktime(1, $nowdate); # send mail
foreach ($custom_address_fields as $myField) { $worksheet->write($lineCount, $x, $myField['name'], $format_title); $x++; } } //new line $lineCount++; //Write IP addresses foreach ($result_addresses as $ip) { //cast $ip = (array) $ip; # check permission $subnet_permission = $Subnets->check_permission($User->user, $ip['subnetId']); if ($subnet_permission > 0) { //get the Subnet details $subnet = (array) $Subnets->fetch_subnet(null, $ip['subnetId']); //get section $section = (array) $Sections->fetch_section(null, $subnet['sectionId']); //get VLAN for subnet $vlan = (array) (array) $Tools->fetch_object("vlans", "vlanId", $subnet['vlanId']); //format vlan if (sizeof($vlan) > 0) { if (strlen($vlan['number']) > 0) { $vlanText = " (vlan: " . $vlan['number']; if (strlen($vlan['name']) > 0) { $vlanText .= ' - ' . $vlan['name'] . ')'; } else { $vlanText .= ")"; } } } else {
if (@$_POST['showName'] == 1 && strlen($_POST['description']) == 0) { $Result->show("danger", _("Please enter subnet description to show as name!"), true); } # verify that user has permissions to add subnet if ($_POST['action'] == "add") { if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) { $Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true, true); } } else { if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) { $Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true); } } # we need old values for mailing if ($_POST['action'] == "edit" || $_POST['action'] == "delete") { $subnet_old_details = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']); } # get mask and subnet $_POST['mask'] = trim(strstr($_POST['subnet'], "/"), "/"); $_POST['subnet'] = strstr($_POST['subnet'], "/", true); $_POST['id'] = $_POST['subnetId']; //set cidr $_POST['cidr'] = $_POST['subnet'] . "/" . $_POST['mask']; # get section details $section = (array) $Sections->fetch_section(null, $_POST['sectionId']); # fetch custom fields $custom = $Tools->fetch_custom_fields('subnets'); # get master subnet details for folder overrides if ($_POST['masterSubnetId'] != 0) { $master_section = (array) $Subnets->fetch_subnet(null, $_POST['masterSubnetId']); if ($master_section['isFolder'] == 1) {
?> </div> <!-- content --> <div class="pContent"> <!-- form --> <form id="networkEdit"> <!-- table --> <table class="table table-noborder table-condensed"> <?php if ($_POST['action'] == 'delete') { ?> <!-- delete warning and network information--> <tr> <td style="width:150px;"> <?php $subnet = $Subnets->fetch_subnet('id', $_POST['subnetId']); # display network information with or without description if ($subnet->description) { $network = $Subnets->transform_to_dotted($subnet->subnet) . '/' . $subnet->mask . ' (' . $subnet->description . ')'; } else { $network = $Subnets->transform_to_dotted($subnet->subnet) . '/' . $subnet->mask; } $Result->show("warning", "<strong>" . _('Warning') . ":</strong><br>" . _("You are about to remove the following Network from the firewall zone:<br>" . $network), false); ?> <input type="hidden" name="masterSubnetId" value="<?php print $_POST['subnetId']; ?> "> </td> <?php } else {
<th><?php print _('Description'); ?> </th> <th><?php print _('Requested by'); ?> </th> </tr> <?php # print requests foreach ($requests as $request) { # cast $request = (array) $request; # get subnet details $subnet = $Subnets->fetch_subnet("id", $request['subnetId']); print '<tr>' . "\n"; print "\t<td><button class='btn btn-xs btn-default' data-requestid='{$request['id']}'><i class='fa fa-pencil'></i></button></td>"; print ' <td>' . $subnet->ip . '/' . $subnet->mask . ' (' . $subnet->description . ')</td>' . "\n"; print ' <td>' . $request['dns_name'] . '</td>' . "\n"; print ' <td>' . $request['description'] . '</td>' . "\n"; print ' <td>' . $request['requester'] . '</td>' . "\n"; print '</tr>' . "\n"; } ?> </table> <?php }
/** * Search inside subnets if host address is provided! ipv6 * * @access private * @param mixed $search_term * @param number $high * @param number $low * @return array */ private function search_subnets_inside_v6($high, $low, $search_req) { // same if ($low == $high) { # Initialize PEAR NET object $this->initialize_pear_net_IPv6(); // validate if ($this->Net_IPv6->checkIPv6($search_req)) { # ifmask remove it if (strpos($search_req, "/") > 0) { $search_req = $this->Net_IPv6->removeNetmaskSpec($search_req); } # subnets class $Subnets = new Subnets($this->Database); # fetch all subnets $subnets = $Subnets->fetch_all_subnets_search("IPv6"); # loop and search foreach ($subnets as $s) { # cast $s = (array) $s; # parse address $net = $this->Net_IPv6->parseAddress($this->transform_address($s['subnet'], "dotted") . '/' . $s['mask']); if (gmp_cmp($low, $this->transform_address(@$net['start'], "decimal")) == 1 && gmp_cmp($low, $this->transform_address($net['end'], "decimal")) == -1) { $ids[] = $s['id']; } } # filter $ids = sizeof(@$ids) > 0 ? array_filter($ids) : array(); # search if (sizeof($ids) > 0) { foreach ($ids as $id) { $result[] = $Subnets->fetch_subnet(null, $id); } } # return return sizeof(@$result) > 0 ? array_filter($result) : array(); } else { return array(); } } else { return array(); } }
$Database = new Database_PDO(); $User = new User($Database); $Admin = new Admin($Database, false); $Subnets = new Subnets($Database); $Addresses = new Addresses($Database); $Result = new Result(); # verify that user is logged in $User->check_user_session(); # create csrf token $csrf = $User->create_csrf_cookie(); # id must be numeric if (!is_numeric($_POST['subnetId'])) { $Result->show("danger", _("Invalid ID"), true, true); } # get subnet details $subnet = $Subnets->fetch_subnet(null, $_POST['subnetId']); # verify that user has write permissions for subnet $subnetPerm = $Subnets->check_permission($User->user, $subnet->id); if ($subnetPerm < 3) { $Result->show("danger", _('You do not have permissions to resize subnet') . '!', true, true); } ?> <!-- header --> <div class="pHeader"><?php print _('Truncate subnet'); ?> </div> <!-- content --> <div class="pContent">
$User->check_user_session(); # permissions $permission = $Subnets->check_permission($User->user, $_POST['subnetId']); # die if write not permitted if ($permission < 2) { $Result->show("danger", _('You cannot write to this subnet'), true); } # check integer is_numeric($_POST['subnetId']) ?: $Result->show("danger", _("Invalid subnet ID"), true); # set filetype $filetype = explode(".", $_POST['filetype']); $filetype = end($filetype); # get custom fields $custom_address_fields = $Tools->fetch_custom_fields('ipaddresses'); # fetch subnet $subnet = $Subnets->fetch_subnet("id", $_POST['subnetId']); if ($subnet === false) { $Result->show("danger", _("Invalid subnet ID"), true); } # Parse file $outFile = $Tools->parse_import_file($filetype, $subnet, $custom_address_fields); # Fetch all devices $devices = $Tools->fetch_all_objects("devices", "hostname"); # cnt $edit = 0; $add = 0; $invalid_lines = array(); $errors = 0; # import each value foreach ($outFile as $k => $line) { // if not error
if (isset($_GET['VRF']) && $_GET['VRF'] == "on") { // get vrf if (!empty($subnet['vrfId'])) { $vrf = (array) $Tools->fetch_vrf(null, $subnet['vrfId']); $worksheet->write($lineCount, $rowCount, $vrf['name'], $format_text); } else { $worksheet->write($lineCount, $rowCount, '', $format_text); } $rowCount++; } if (isset($_GET['master']) && $_GET['master'] == "on") { // get master subnet // zet - could optimize here and reference the already loaded subnets, with the help of a dictionary variable $masterSubnet = $subnet['masterSubnetId'] == 0 || empty($subnet['masterSubnetId']) ? false : true; if ($masterSubnet) { $master = (array) $Subnets->fetch_subnet(null, $subnet['masterSubnetId']); if ($master['isFolder']) { $worksheet->write($lineCount, $rowCount, $master['description'] . " [folder]", $format_text); } else { $worksheet->write($lineCount, $rowCount, $master['ip'] . "/" . $master['mask'], $format_text); } } else { $worksheet->write($lineCount, $rowCount, "/", $format_text); } $rowCount++; } if (isset($_GET['requests']) && $_GET['requests'] == "on") { $worksheet->write($lineCount, $rowCount, $subnet['allowRequests'], $format_text); $rowCount++; } if (isset($_GET['hostscheck']) && $_GET['hostscheck'] == "on") {
/** * Returns array of all addresses to be scanned inside subnet defined with subnetId * * @access public * @param mixed $subnetId * @return void */ public function prepare_addresses_to_discover_subnetId($subnetId, $die) { # initialize classes $Subnets = new Subnets($this->Database); //subnet ID is provided, fetch subnet $subnet = $Subnets->fetch_subnet(null, $subnetId); if ($subnet === false) { if ($die) { die(json_encode(array("status" => 1, "error" => "Invalid subnet ID provided"))); } else { return array(); } } // we should support only up to 4094 hosts! if ($Subnets->get_max_hosts($subnet->mask, "IPv4") > 4094 && php_sapi_name() != "cli") { if ($die) { die(json_encode(array("status" => 1, "error" => "Scanning from GUI is only available for subnets up to /20 or 4094 hosts!"))); } else { return array(); } } # set array of addresses to scan, exclude existing! $ip = $this->get_all_possible_subnet_addresses($subnet->subnet, $subnet->mask); # remove existing $ip = $this->remove_existing_subnet_addresses($ip, $subnetId); //none to scan? if (sizeof($ip) == 0) { if ($die) { die(json_encode(array("status" => 1, "error" => "Didn't find any address to scan!"))); } else { return array(); } } //return return $ip; }
} //verify cidr if (!is_numeric($argv[2])) { if ($Subnets->verify_cidr_address($argv[2]) !== true) { die(json_encode(array("status" => 1, "error" => "Invalid subnet CIDR address provided"))); } } /** * Select how to scan based on scan type. * * if ping/pear make threads, if fping than just check since it has built-in threading ! */ # fping if ($Scan->settings->scanPingType == "fping" && $argv[1] == "discovery") { # fetch subnet $subnet = $Subnets->fetch_subnet(null, $argv[2]); $subnet !== false ?: die(json_encode(array("status" => 1, "error" => "Invalid subnet ID provided"))); //set exit flag to true $Scan->ping_set_exit(false); # set cidr $subnet_cidr = $Subnets->transform_to_dotted($subnet->subnet) . "/" . $subnet->mask; # execute $retval = $Scan->ping_address_method_fping_subnet($subnet_cidr); # errors if ($retval == 3) { die(json_encode(array("status" => 1, "error" => "invalid command line arguments"))); } if ($retval == 4) { die(json_encode(array("status" => 1, "error" => "system call failure"))); } # parse result
$Zones->get_zone_network($_POST['netZoneId']); } else { $Result->show('danger', _('Invalid netZone ID.'), true); } } # deliver networkinformations about a specific zone if ($_POST['noZone'] == 1) { if ($_POST['masterSubnetId']) { $_POST['network'][] = $_POST['masterSubnetId']; } if ($_POST['network']) { $rowspan = count($_POST['network']); $i = 1; print '<table class="table table-noborder table-condensed" style="padding-bottom:20px;">'; foreach ($_POST['network'] as $key => $network) { $network = $Subnets->fetch_subnet(null, $network); print '<tr>'; if ($i === 1) { print '<td rowspan="' . $rowspan . '" style="width:150px;">Network</td>'; } print '<td>'; print '<span alt="' . _('Delete Network') . '" title="' . _('Delete Network') . '" class="deleteTempNetwork" style="color:red;margin-bottom:10px;margin-top: 10px;margin-right:15px;" data-action="delete" data-subnetArrayKey="' . $key . '"><i class="fa fa-close"></i></span>'; if ($network->isFolder == 1) { print 'Folder: ' . $network->description . '</td>'; } else { # display network information with or without description if ($network->description) { print $Subnets->transform_to_dotted($network->subnet) . '/' . $network->mask . ' (' . $network->description . ')</td>'; } else { print $Subnets->transform_to_dotted($network->subnet) . '/' . $network->mask . '</td>'; }
$Result->show("danger", _("Invalid ID"), true, true); } } # verify that user has permissions to add subnet if ($_POST['action'] == "add") { if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) { $Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true, true); } } else { if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) { $Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true); } } # we are editing or deleting existing subnet, get old details if ($_POST['action'] != "add") { $folder_old_details = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']); } else { # for selecting master subnet if added from subnet details! if (strlen($_POST['subnetId']) > 0) { $subnet_old_temp = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']); $subnet_old_details['masterSubnetId'] = @$subnet_old_temp['id']; // same master subnet ID for nested $subnet_old_details['vlanId'] = @$subnet_old_temp['vlanId']; // same default vlan for nested $subnet_old_details['vrfId'] = @$subnet_old_temp['vrfId']; // same default vrf for nested } } # fetch custom fields $custom_fields = $Tools->fetch_custom_fields('subnets'); # fetch all sections
} } # get ony ip's with empty DNS if ($resolve_config['emptyonly'] == 1) { $query[] = ' and `dns_name` like "" '; } $query[] = 'order by `ip_addr` ASC;'; //join $query = implode("\n", $query); } # fetch records $ipaddresses = $Database->getObjectsQuery($query); # try to update dns records foreach ($ipaddresses as $ip) { # fetch subnet $subnet = $Subnets->fetch_subnet("id", $ip->subnetId); $nsid = $subnet === false ? false : $subnet->nameserverId; # try to resolve $hostname = $DNS->resolve_address($ip->ip_addr, null, true, $nsid); # update if change if ($hostname['name'] != $Subnets->transform_to_dotted($ip->ip_addr)) { # values $values = array("dns_name" => $hostname['name'], "id" => $ip->id); # execute if (!$Admin->object_modify("ipaddresses", "edit", "id", $values)) { $Result->show_cli("Failed to update address " . $Subnets->transform_to_dotted($ip->ip_addr)); } # set text $res[] = 'updated ip address ' . $Subnets->transform_to_dotted($ip->ip_addr) . ' with hostname ' . $hostname['name']; } }
# initialize required objects $Database = new Database_PDO(); $Result = new Result(); $User = new User($Database); $Subnets = new Subnets($Database); $Tools = new Tools($Database); $Addresses = new Addresses($Database); # verify that user is logged in $User->check_user_session(); # id must be numeric is_numeric($_POST['id']) || strlen($_POST['id']) == 0 ?: $Result->show("danger", _("Invalid ID"), true); # get IP address id $id = $_POST['id']; # fetch address, subnet, vlan and nameservers $address = (array) $Addresses->fetch_address(null, $id); $subnet = (array) $Subnets->fetch_subnet(null, $address['subnetId']); $vlan = (array) $Tools->fetch_object("vlans", "vlanId", $subnet['vlanId']); $nameservers = (array) $Tools->fetch_object("nameservers", "id", $subnet['nameserverId']); # get all custom fields $custom_fields = $Tools->fetch_custom_fields('ipaddresses'); # checks sizeof($address) > 0 ?: $Result->show("danger", _("Invalid ID"), true); sizeof($subnet) > 0 ?: $Result->show("danger", _("Invalid subnet"), true); # set title $title = _('IP address details') . ' :: ' . $address['ip']; # address $content[] = "• " . _('IP address') . ": \t\t {$address['ip']}/{$subnet['mask']}"; # description empty($address['description']) ?: ($content[] = "• " . _('Description') . ":\t\t {$address['description']}"); # hostname empty($address['dns_name']) ?: ($content[] = "• " . _('Hostname') . ": \t {$address['dns_name']}");
$Addresses = new Addresses($Database); # verify that user is logged in $User->check_user_session(); # create csrf token $csrf = $User->create_csrf_cookie(); # validate action $Tools->validate_action($_POST['action']); # validate post is_numeric($_POST['subnetId']) ?: $Result->show("danger", _("Invalid subnet ID"), true, true); is_numeric($_POST['id']) || strlen($_POST['id']) == 0 ?: $Result->show("danger", _("Invalid ID"), true, true); # get posted values $subnetId = $_POST['subnetId']; $action = $_POST['action']; $id = $_POST['id']; # fetch subnet $subnet = (array) $Subnets->fetch_subnet(null, $subnetId); if (strpos($_SERVER['HTTP_REFERER'], "verify-database") == 0) { sizeof($subnet) > 0 ?: $Result->show("danger", _("Invalid subnet"), true, true); } # set and check permissions $subnet_permission = $Subnets->check_permission($User->user, $subnet['id']); $subnet_permission > 1 ?: $Result->show("danger", _('Cannot edit IP address details') . '! <br>' . _('You do not have write access for this network'), true, true); # set selected address fields array $selected_ip_fields = $User->settings->IPfilter; $selected_ip_fields = explode(";", $selected_ip_fields); //format to array # get all custom fields $custom_fields = $Tools->fetch_custom_fields('ipaddresses'); # if subnet is full we cannot any more ip addresses if (($action == "add" || $action == "all-add") && $subnet['isFull'] == 1) { $Result->show("warning", _("Cannot add address as subnet is market as used"), true, true);
$content[] = "\t<th style='padding:3px 8px;border:1px solid silver;border-bottom:2px solid gray;'>new status</th>"; $content[] = "</tr>"; //plain $content_plain[] = "phpIPAM host changes \r\n------------------------------"; //Changes foreach ($address_change as $change) { //reformat statuses if ($change['oldStatus'] == 0) { $oldStatus = "<font style='color:#04B486'>Online</font>"; $newStatus = "<font style='color:#DF0101'>Offline</font>"; } else { $oldStatus = "<font style='color:#DF0101'>Offline</font>"; $newStatus = "<font style='color:#04B486'>Online</font>"; } //set subnet $subnet = $Subnets->fetch_subnet(null, $change['subnetId']); //set section $section = $Tools->fetch_object("sections", "id", $subnet->sectionId); //ago if (is_null($change['lastSeen']) || $change['lastSeen'] == "0000-00-00 00:00:00") { $ago = "never"; } else { $timeDiff = time() - strtotime($change['lastSeen']); $ago = $change['lastSeen'] . " (" . sec2hms($timeDiff) . " ago)"; } //content $content[] = "<tr>"; $content[] = "\t<td style='padding:3px 8px;border:1px solid silver;'><a href='" . $Scan->settings->siteURL . "" . create_link("subnets", $section->id, $subnet->id) . "'>" . $Subnets->transform_to_dotted($change['ip_addr']) . "</a></td>"; $content[] = "\t<td style='padding:3px 8px;border:1px solid silver;'>{$change['description']}</td>"; $content[] = "\t<td style='padding:3px 8px;border:1px solid silver;'><a href='" . $Scan->settings->siteURL . "" . create_link("subnets", $section->id, $subnet->id) . "'>" . $Subnets->transform_to_dotted($subnet->subnet) . "/" . $subnet->mask . " - " . $subnet->description . "</a></td>"; $content[] = "\t<td style='padding:3px 8px;border:1px solid silver;'><a href='" . $Scan->settings->siteURL . "" . create_link("subnets", $section->id) . "'>{$section->name} {$section->description}</a></td>";
/** * Search inside subnets if host address is provided! * * @access private * @param mixed $search_term * @param number $high * @param number $low * @return array */ private function search_subnets_inside($high, $low) { if ($low == $high) { # subnets class $Subnets = new Subnets($this->Database); # fetch all subnets $subnets = $Subnets->fetch_all_subnets_search(); # loop and search foreach ($subnets as $s) { # cast $s = (array) $s; //first verify address type $type = $Subnets->identify_address($s['subnet']); if ($type == "IPv4") { # Initialize PEAR NET object $this->initialize_pear_net_IPv4(); # parse address $net = $this->Net_IPv4->parseAddress($Subnets->transform_to_decimal($s['subnet']) . '/' . $s['mask']); if ($low > $Subnets->transform_to_decimal(@$net->network) && $low < $Subnets->transform_to_decimal($net->broadcast)) { $ids[] = $s['id']; } } } # filter $ids = sizeof(@$ids) > 0 ? array_filter($ids) : array(); # search if (sizeof($ids) > 0) { foreach ($ids as $id) { $result[] = $Subnets->fetch_subnet(null, $id); } } # return return sizeof(@$result) > 0 ? array_filter($result) : array(); } else { return array(); } }