function provider_save() { $q = new mysql_shorewall(); $table = "fw_providers"; $q->CheckTables(); $editF = false; $ID = $_POST["provider-save"]; unset($_POST["provider-save"]); $_POST["NAME"] = trim($_POST["NAME"]); $_POST["NAME"] = str_replace(" ", "", $_POST["NAME"]); $_POST["NAME"] = strtoupper(replace_accents($_POST["NAME"])); $_POST["NAME"] = substr($_POST["NAME"], 0, 16); while (list($key, $value) = each($_POST)) { $value = url_decode_special_tool($value); $fields[] = "`{$key}`"; $values[] = "'" . mysql_escape_string2($value) . "'"; $edit[] = "`{$key}`='" . mysql_escape_string2($value) . "'"; } $sql_edit = "UPDATE `{$table}` SET " . @implode(",", $edit) . " WHERE ID='{$ID}'"; $sql = "INSERT IGNORE INTO `{$table}` (" . @implode(",", $fields) . ") VALUES (" . @implode(",", $values) . ")"; if ($ID > 0) { $sql = $sql_edit; } $q->QUERY_SQL($sql); if (!$q->ok) { echo "Mysql error: `{$q->mysql_error}`"; return; } $tpl = new templates(); $tpl->javascript_parse_text("{success}"); }
function rule_save() { $q = new mysql_shorewall(); if (!is_numeric($_POST["connections"])) { $_POST["connections"] = 5; } if ($_POST["burst"] < 5) { $_POST["burst"] = 5; } $_POST["RATELIMIT"] = "{$_POST["LIMIT_TD"]}:{$_POST["connections"]}/{$_POST["LIMIT_T"]}:{$_POST["burst"]}"; unset($_POST["LIMIT_TD"]); unset($_POST["connections"]); unset($_POST["LIMIT_T"]); unset($_POST["burst"]); $table = "fw_rules"; if (!$q->TABLE_EXISTS($table)) { $q->CheckTables(); } $editF = false; $ID = $_POST["rule-save"]; unset($_POST["rule-save"]); while (list($key, $value) = each($_POST)) { $value = url_decode_special_tool($value); $fields[] = "`{$key}`"; $values[] = "'" . mysql_escape_string2($value) . "'"; $edit[] = "`{$key}`='" . mysql_escape_string2($value) . "'"; } $sql_edit = "UPDATE `{$table}` SET " . @implode(",", $edit) . " WHERE ID='{$ID}'"; $sql = "INSERT IGNORE INTO `{$table}` (" . @implode(",", $fields) . ") VALUES (" . @implode(",", $values) . ")"; if ($ID > 0) { $sql = $sql_edit; } $q->QUERY_SQL($sql); if (!$q->ok) { echo "Mysql error: `{$q->mysql_error}`"; return; } $tpl = new templates(); $tpl->javascript_parse_text("{success}"); }
function new_group_save() { $q = new mysql_shorewall(); $q->CheckTables(); $_POST["groupname"] = url_decode_special_tool($_POST["groupname"]); $q->QUERY_SQL("INSERT INTO fw_objects (groupname,grouptype) VALUES ('{$_POST["groupname"]}','{$_POST["type"]}')"); if (!$q->ok) { echo $q->mysql_error; } }
function items() { $tpl = new templates(); $MyPage = CurrentPageName(); $q = new mysql_shorewall(); $t = $_GET["t"]; $search = '%'; $table = "fw_zones"; $page = 1; $FORCE_FILTER = null; $total = 0; if ($q->COUNT_ROWS($table) == 0) { $q->CheckTables(); } if (isset($_POST["sortname"])) { if ($_POST["sortname"] != null) { $ORDER = "ORDER BY {$_POST["sortname"]} {$_POST["sortorder"]}"; } } if (isset($_POST['page'])) { $page = $_POST['page']; } $searchstring = string_to_flexquery(); if ($searchstring != null) { $sql = "SELECT COUNT(*) as TCOUNT FROM `{$table}` WHERE 1 {$FORCE_FILTER} {$searchstring}"; $ligne = mysql_fetch_array($q->QUERY_SQL($sql)); $total = $ligne["TCOUNT"]; } else { $total = $q->COUNT_ROWS($table); } if (isset($_POST['rp'])) { $rp = $_POST['rp']; } $pageStart = ($page - 1) * $rp; if (is_numeric($rp)) { $limitSql = "LIMIT {$pageStart}, {$rp}"; } $sql = "SELECT * FROM `{$table}` WHERE 1 {$searchstring} {$FORCE_FILTER} {$ORDER} {$limitSql}"; $results = $q->QUERY_SQL($sql); $no_rule = $tpl->_ENGINE_parse_body("{no_rule}"); $data = array(); $data['page'] = $page; $data['total'] = $total; $data['rows'] = array(); if (!$q->ok) { json_error_show($q->mysql_error . "<br>{$sql}"); } if (mysql_num_rows($results) == 0) { json_error_show("no data"); } $fontsize = "16"; if ($searchstring == null) { $shorewall_firewall = $tpl->_ENGINE_parse_body("{shorewall_firewall}"); $data['total']++; $data['rows'][] = array('id' => $ligne['ID'], 'cell' => array("<span style='font-size:{$fontsize}px;font-weight:bold;'>fw</a></span>", "<span style='font-size:{$fontsize}px;font-weight:normal;'>firewall</span>", "<span style='font-size:{$fontsize}px;font-weight:normal;'>{$shorewall_firewall}</span>", "<span style='font-size:{$fontsize}px;font-weight:normal;'></span>")); } while ($ligne = mysql_fetch_assoc($results)) { $color = "black"; $NICNAME = null; if ($ligne['ID'] > 0) { $delete = imgsimple("delete-32.png", null, "Delete{$t}({$ligne["ID"]})"); } $editjs = "<a href=\"javascript:blur();\" OnClick=\"javascript:Loadjs('{$MyPage}?zone-js=yes&ID={$ligne['ID']}&t={$t}',true);\"\n\t\tstyle='font-size:{$fontsize}px;font-weight:bold;color:{$color};text-decoration:underline'>"; if (trim($ligne["eth"]) != null) { $nic = new system_nic($ligne["eth"]); $jsinterface = "javascript:Loadjs('shorewall.interfaces.php?interface-js=yes&ID={$ligne["eth"]}&t={$t}');"; if ($nic->NICNAME != null) { $NICNAME = "<i><a href=\"javascript:blur();\" OnClick=\"{$jsinterface}\"\n\t\t\tstyle='text-decoration:underline'>{$nic->NICNAME}</a></i>, "; } } if (isset($q->ZONES_RESERVED_WORDS[$ligne["zone"]])) { $delete = null; $editjs = null; } $data['rows'][] = array('id' => $ligne['ID'], 'cell' => array("<span style='font-size:{$fontsize}px;font-weight:bold;color:{$color}'>{$editjs}{$ligne["zone"]}</a></span>", "<span style='font-size:{$fontsize}px;font-weight:normal;color:{$color}'>{$ligne["type"]}</span>", "<span style='font-size:{$fontsize}px;font-weight:normal;color:{$color}'>{$NICNAME}{$ligne["comment"]}</span>", "<span style='font-size:{$fontsize}px;font-weight:normal;color:{$color}'>{$delete}</span>")); } echo json_encode($data); }
function masq_save(){ $q=new mysql_shorewall(); $table="fw_masq"; $q->CheckTables(); $editF=false; $ID=$_POST["masq-save"]; unset($_POST["masq-save"]); while (list ($key, $value) = each ($_POST) ){ $value=url_decode_special_tool($value); $fields[]="`$key`"; $values[]="'".mysql_escape_string2($value)."'"; $edit[]="`$key`='".mysql_escape_string2($value)."'"; } $sql_edit="UPDATE `$table` SET ".@implode(",", $edit)." WHERE ID='$ID'"; $sql="INSERT IGNORE INTO `$table` (".@implode(",", $fields).") VALUES (".@implode(",", $values).")"; if($ID>0){$sql=$sql_edit;} $q->QUERY_SQL($sql); if(!$q->ok){echo "Mysql error: `$q->mysql_error`";;return;} $tpl=new templates(); $tpl->javascript_parse_text("{success}"); }