Newer
Older
<?php
include_once("include/db.php");
# Return list of wisp users
function getWiSPUsers($params) {
# Filters and sorts are the same here
$filtersorts = array(
'Username' => 'users.Username',
'Disabled' => 'users.Disabled',
'ID' => 'wisp_userdata.UserID',
'Firstname' => 'wisp_userdata.Firstname',
'Lastname' => 'wisp_userdata.Lastname',
'Email' => 'wisp_userdata.Email',
'Phone' => 'wisp_userdata.Phone'
);
$res = DBSelectSearch("
SELECT
users.Username,
users.Disabled,
wisp_userdata.UserID,
wisp_userdata.FirstName,
wisp_userdata.LastName,
wisp_userdata.Email,
wisp_userdata.Phone
FROM
users, wisp_userdata
WHERE
wisp_userdata.UserID = users.ID
",$params[1],$filtersorts,$filtersorts
);
$sth = $res[0]; $numResults = $res[1];
# If STH is blank, return the error back to whoever requested the data
if (!isset($sth)) {
return $res;
}
$resultArray = array();
while ($row = $sth->fetchObject()) {
$item = array();
$item['ID'] = $row->userid;
$item['Username'] = $row->username;
$item['Disabled'] = $row->disabled;
$item['Firstname'] = $row->firstname;
$item['Lastname'] = $row->lastname;
$item['Email'] = $row->email;
$item['Phone'] = $row->phone;
array_push($resultArray,$item);
}
return array($resultArray,$numResults);
}
# Return specific wisp user row
function getWiSPUser($params) {
# Query for userdata and username
$res = DBSelect("
SELECT
wisp_userdata.UserID,
wisp_userdata.FirstName,
wisp_userdata.LastName,
wisp_userdata.Phone,
wisp_userdata.Email,
wisp_userdata.LocationID,
users.Username
FROM
wisp_userdata, users
WHERE
wisp_userdata.UserID = ?
AND
users.ID = wisp_userdata.UserID
",array($params[0])
);
if (!is_object($res)) {
return $res;
}
$resultArray = array();
$row = $res->fetchObject();
$resultArray['Username'] = $row->username;
$resultArray['Firstname'] = $row->firstname;
$resultArray['Lastname'] = $row->lastname;
$resultArray['Phone'] = $row->phone;
$resultArray['Email'] = $row->email;
$resultArray['LocationID'] = $row->locationid;
$resultArray['Attributes'] = array();
# Query to get user password
user_attributes.Value
FROM
user_attributes
WHERE
user_attributes.Name = 'User-Password'
AND
user_attributes.UserID = ?
",array($params[0])
);
if (!is_object($res)) {
return $res;
}
# Set user password field
$row = $res->fetchObject();
$resultArray['Password'] = $row->value;
# Query to get all other attributes
$res = DBSelect("
SELECT
user_attributes.ID,
user_attributes.Operator,
user_attributes.Value
FROM
user_attributes
WHERE
user_attributes.UserID = ?
",array($params[0])
);
if (!is_object($res)) {
return $res;
}
# Array for multiple attributes
$resultsArray['Attributes'][$i]['ID'] = $row->id;
$resultsArray['Attributes'][$i]['Name'] = $row->name;
$resultsArray['Attributes'][$i]['Operator'] = $row->operator;
$resultsArray['Attributes'][$i]['Value'] = $row->value;
$i++;
$numResults = $res->rowCount();
return array($resultArray,$numResults);
}
# Remove wisp user
function removeWiSPUser($params) {
# Delete user information
$res = DBDo("DELETE FROM wisp_userdata WHERE UserID = ?",array($params[0]));
# Delete user attribtues
if ($res !== FALSE) {
$res = DBDo("DELETE FROM user_attributes WHERE UserID = ?",array($params[0]));
}
# Remove user from groups
if ($res !== FALSE) {
$res = DBDo("DELETE FROM users_to_groups WHERE UserID = ?",array($params[0]));
}
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
# Get list of topups and delete summaries
if ($res !== FALSE) {
$topupList = array();
$res = DBSelect("
SELECT
topups_summary.TopupID
FROM
topups_summary, topups
WHERE
topups_summary.TopupID = topups.ID
AND topups.UserID = ?",
array($params[0])
);
if (!is_object($res)) {
$res = FALSE;
} else {
while ($row = $res->fetchObject()) {
array_push($topupList,$row->topupid);
}
}
if ($res !== FALSE && sizeof($topupList) > 0) {
# Remove topup summaries
foreach ($topupList as $id) {
if ($res !== FALSE) {
$res = DBDo("
DELETE FROM
topups_summary
WHERE
TopupID = ?",
array($id)
);
}
}
}
}
# Remove topups
if ($res !== FALSE) {
$res = DBDo("DELETE FROM topups WHERE UserID = ?",array($params[0]));
}
if ($res !== FALSE) {
$res = DBDo("DELETE FROM users WHERE ID = ?",array($params[0]));
}
# Commit and return if successful
} else {
DBRollback();
}
return NULL;
}
# Add wisp user
function createWiSPUser($params) {
global $adminEmails;
$res = "Username & Password required for single user. For adding multiple users an integer is required.";
# If we adding single user
if (empty($params[0]['Number']) && !empty($params[0]['Password']) && !empty($params[0]['Username'])) {
# Insert username
$res = DBDo("INSERT INTO users (Username) VALUES (?)",array($params[0]['Username']));
# Continue with others if successful
if ($res !== FALSE) {
$userID = DBLastInsertID();
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array($userID,
'User-Password',
'==',
$params[0]['Password'])
);
}
# Link users ID to make user a wisp user
if ($res !== FALSE) {
$res = DBDo("INSERT INTO wisp_userdata (UserID) VALUES (?)",array($userID));
}
# Add personal information
if ($res !== FALSE && isset($params[0]['Firstname'])) {
$res = DBDo("UPDATE wisp_userdata SET FirstName = ? WHERE UserID = ?",array($params[0]['Firstname'],$userID));
}
if ($res !== FALSE && isset($params[0]['Lastname'])) {
$res = DBDo("UPDATE wisp_userdata SET LastName = ? WHERE UserID = ?",array($params[0]['Lastname'],$userID));
}
if ($res !== FALSE && isset($params[0]['Phone'])) {
$res = DBDo("UPDATE wisp_userdata SET Phone = ? WHERE UserID = ?",array($params[0]['Phone'],$userID));
}
if ($res !== FALSE && isset($params[0]['Email'])) {
$res = DBDo("UPDATE wisp_userdata SET Email = ? WHERE UserID = ?",array($params[0]['Email'],$userID));
}
if ($res !== FALSE && !empty($params[0]['LocationID'])) {
$res = DBDo("UPDATE wisp_userdata SET LocationID = ? WHERE UserID = ?",array($params[0]['LocationID'],$userID));
}
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
# Grab each attribute and add it's details to the database
if ($res !== FALSE && isset($params[0]['Attributes'])) {
foreach ($params[0]['Attributes'] as $attr) {
# Default value without modifier
$attrValue = $attr['Value'];
if ($attr['Name'] == 'SMRadius-Capping-Traffic-Limit' || $attr['Name'] == 'SMRadius-Capping-Uptime-Limit') {
# If modifier is set we need to work out attribute value
if (isset($attr['Modifier'])) {
switch ($attr['Modifier']) {
case "Seconds":
$attrValue = $attr['Value'] / 60;
case "Minutes":
$attrValue = $attr['Value'];
case "Hours":
$attrValue = $attr['Value'] * 60;
case "Days":
$attrValue = $attr['Value'] * 1440;
case "Weeks":
$attrValue = $attr['Value'] * 10080;
case "Months":
$attrValue = $attr['Value'] * 44640;
case "MBytes":
$attrValue = $attr['Value'];
case "GBytes":
# Add attribute
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array(
$userID,
$attr['Name'],
$attr['Operator'],
$attrValue
)
);
# Link user to groups if any selected
if ($res !== FALSE && isset($params[0]['Groups'])) {
$refinedGroups = array();
# Filter out unique group ID's
foreach ($params[0]['Groups'] as $group) {
foreach ($group as $ID=>$value) {
$refinedGroups[$value] = $value;
}
}
# Loop through groups
foreach ($refinedGroups as $groupID) {
$res = DBDo("INSERT INTO users_to_groups (UserID,GroupID) VALUES (?,?)",array($userID,$groupID));
}
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
# We adding multiple users
} elseif (!empty($params[0]['Number']) && $params[0]['Number'] > 1) {
$wispUser = array();
# Loop for number of chosen numbers
for ($i = 0; $i < $params[0]['Number']; $i++) {
# Check for duplicates and add
$usernameReserved = 1;
$characters = 'abcdefghijklmnopqrstuvwxyz0123456789';
while ($usernameReserved == 1) {
# Generate random username
$string = '';
for ($c = 0; $c < 7; $c++) {
$string .= $characters[rand(0, strlen($characters) - 1)];
}
$thisUsername = $string;
# Add prefix to string
if (!empty($params[0]['Prefix'])) {
$thisUsername = $params[0]['Prefix'].$string;
}
# Check if username used
$res = DBSelect("
SELECT
users.Username
FROM
users
WHERE
users.Username = ?
",array($thisUsername)
);
# If there are no rows we may continue
if ($res->rowCount() == 0 && !isset($wispUser[$thisUsername])) {
$usernameReserved = 0;
# Generate random username
$string = '';
for ($c = 0; $c < 7; $c++) {
$string .= $characters[rand(0, strlen($characters) - 1)];
}
# Add username and password onto array
$wispUser[$thisUsername] = $string;
}
# Insert users from array into database
foreach ($wispUser as $username => $password) {
$res = DBDo("INSERT INTO users (Username) VALUES (?)",array($username));
if ($res !== FALSE) {
$id = DBLastInsertID();
$res = DBDo("INSERT INTO user_attributes (UserID,Name,Operator,Value) VALUES (?,?,?,?)",
array($id,'User-Password','==',$password)
);
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
# Grab each attribute and add it's details to the database
if ($res !== FALSE && isset($params[0]['Attributes'])) {
foreach ($params[0]['Attributes'] as $attr) {
# Default value without modifier
$attrValue = $attr['Value'];
if ($attr['Name'] == 'SMRadius-Capping-Traffic-Limit' || $attr['Name'] == 'SMRadius-Capping-Uptime-Limit') {
# If modifier is set we need to work out attribute value
if (isset($attr['Modifier'])) {
switch ($attr['Modifier']) {
case "Seconds":
$attrValue = $attr['Value'] / 60;
case "Minutes":
$attrValue = $attr['Value'];
case "Hours":
$attrValue = $attr['Value'] * 60;
case "Days":
$attrValue = $attr['Value'] * 1440;
case "Weeks":
$attrValue = $attr['Value'] * 10080;
case "Months":
$attrValue = $attr['Value'] * 44640;
case "MBytes":
$attrValue = $attr['Value'];
case "GBytes":
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
}
}
}
# Add attribute
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array(
$id,
$attr['Name'],
$attr['Operator'],
$attrValue
)
);
}
}
# Link user to groups if any selected
if ($res !== FALSE && isset($params[0]['Groups'])) {
$refinedGroups = array();
# Filter out unique group ID's
foreach ($params[0]['Groups'] as $group) {
foreach ($group as $ID=>$value) {
$refinedGroups[$value] = $value;
}
}
# Loop through groups
foreach ($refinedGroups as $groupID) {
$res = DBDo("INSERT INTO users_to_groups (UserID,GroupID) VALUES (?,?)",array($id,$groupID));
}
}
# Link to wisp users
if ($res !== FALSE) {
$res = DBDo("INSERT INTO wisp_userdata (UserID) VALUES (?)",
array($id)
);
}
}
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
# Email userlist to admin
if ($res !== FALSE && isset($adminEmails)) {
// multiple recipients
$to = $adminEmails;
// subject
$subject = count($wispUser).' WiSP users added';
// html
$html = '';
foreach ($wispUser as $key => $val) {
$html .= '<tr><td>'.$key.'</td><td>'.$val.'</td></tr>';
}
// message
$message = '
<html>
<head>
<title>User List</title>
</head>
<body>
<table cellspacing="10">
<tr>
<th>Username</th><th>Password</th>
</tr>'.$html.'
</table>
</body>
</html>
';
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'From: SMRadius';
// Mail it
$res = mail($to, $subject, $message, $headers);
}
# Commit changes if all was successful, else rollback
function updateWiSPUser($params) {
if (!empty($params[0]['Username'])) {
$res = DBDo("UPDATE users SET Username = ? WHERE ID = ?",array($params[0]['Username'],$params[0]['ID']));
}
$res = DBDo("UPDATE user_attributes SET User-Password = ? WHERE UserID = ?",array($params[0]['Username'],$params[0]['ID']));
$res = DBDo("
UPDATE
wisp_userdata
SET
FirstName = ?,
LastName = ?,
Phone = ?,
WHERE
UserID = ?",
array($params[0]['Firstname'],
$params[0]['Lastname'],
$params[0]['Phone'],
$params[0]['Email'],
$params[0]['ID'])
# If successful, add location if any
if ($res !== FALSE && !empty($params[0]['LocationID'])) {
$res = DBDo("UPDATE wisp_userdata SET LocationID = ? WHERE UserID = ?",
array($params[0]['LocationID'],$params[0]['ID'])
);
}
# Commit changes if all was successful, else break
} else {
DBRollback();