Newer
Older
<?php
include_once("include/db.php");
# Return list of wisp users
function getWiSPUsers($params) {
# Filters and sorts are the same here
$filtersorts = array(
'Username' => 'users.Username',
'Disabled' => 'users.Disabled',
'ID' => 'wisp_userdata.UserID',
'Firstname' => 'wisp_userdata.Firstname',
'Lastname' => 'wisp_userdata.Lastname',
'Email' => 'wisp_userdata.Email',
'Phone' => 'wisp_userdata.Phone'
);
$res = DBSelectSearch("
SELECT
users.Username,
users.Disabled,
wisp_userdata.UserID,
wisp_userdata.FirstName,
wisp_userdata.LastName,
wisp_userdata.Email,
wisp_userdata.Phone
FROM
users, wisp_userdata
WHERE
wisp_userdata.UserID = users.ID
",$params[1],$filtersorts,$filtersorts
);
$sth = $res[0]; $numResults = $res[1];
# If STH is blank, return the error back to whoever requested the data
if (!isset($sth)) {
return $res;
}
$resultArray = array();
while ($row = $sth->fetchObject()) {
$item = array();
$item['ID'] = $row->userid;
$item['Username'] = $row->username;
$item['Disabled'] = $row->disabled;
$item['Firstname'] = $row->firstname;
$item['Lastname'] = $row->lastname;
$item['Email'] = $row->email;
$item['Phone'] = $row->phone;
array_push($resultArray,$item);
}
return array($resultArray,$numResults);
}
# Return specific wisp user row
function getWiSPUser($params) {
# Query for userdata and username
$res = DBSelect("
SELECT
wisp_userdata.UserID,
wisp_userdata.FirstName,
wisp_userdata.LastName,
wisp_userdata.Phone,
wisp_userdata.Email,
wisp_userdata.LocationID,
users.Username
FROM
wisp_userdata, users
WHERE
wisp_userdata.UserID = ?
AND
users.ID = wisp_userdata.UserID
",array($params[0])
);
if (!is_object($res)) {
return $res;
}
$resultArray = array();
$row = $res->fetchObject();
$resultArray['Username'] = $row->username;
$resultArray['Firstname'] = $row->firstname;
$resultArray['Lastname'] = $row->lastname;
$resultArray['Phone'] = $row->phone;
$resultArray['Email'] = $row->email;
$resultArray['LocationID'] = $row->locationid;
$resultArray['Attributes'] = array();
# Query to get user password
user_attributes.Value
FROM
user_attributes
WHERE
user_attributes.Name = 'User-Password'
AND
user_attributes.UserID = ?
",array($params[0])
);
if (!is_object($res)) {
return $res;
}
# Set user password field
$row = $res->fetchObject();
$resultArray['Password'] = $row->value;
# Query to get all other attributes
$res = DBSelect("
SELECT
user_attributes.ID,
user_attributes.Operator,
user_attributes.Value
FROM
user_attributes
WHERE
user_attributes.UserID = ?
",array($params[0])
);
if (!is_object($res)) {
return $res;
}
# Array for multiple attributes
$resultsArray['Attributes'][$i]['ID'] = $row->id;
$resultsArray['Attributes'][$i]['Name'] = $row->name;
$resultsArray['Attributes'][$i]['Operator'] = $row->operator;
$resultsArray['Attributes'][$i]['Value'] = $row->value;
$i++;
$numResults = $res->rowCount();
return array($resultArray,$numResults);
}
# Remove wisp user
function removeWiSPUser($params) {
# Delete user information
$res = DBDo("DELETE FROM wisp_userdata WHERE UserID = ?",array($params[0]));
# Delete user attribtues
if ($res !== FALSE) {
$res = DBDo("DELETE FROM user_attributes WHERE UserID = ?",array($params[0]));
}
# Remove user from groups
if ($res !== FALSE) {
$res = DBDo("DELETE FROM users_to_groups WHERE UserID = ?",array($params[0]));
}
# Delete user
if ($res !== FALSE) {
$res = DBDo("DELETE FROM users WHERE ID = ?",array($params[0]));
}
# Commit and return if successful
if ($res !== FALSE) {
DBCommit();
return $res;
} else {
DBRollback();
}
return NULL;
}
# Add wisp user
function createWiSPUser($params) {
global $adminEmails;
$res = "Username & Password required for single user. For adding multiple users an integer is required.";
# If we adding single user
if (empty($params[0]['Number']) && !empty($params[0]['Password']) && !empty($params[0]['Username'])) {
# Insert username
$res = DBDo("INSERT INTO users (Username) VALUES (?)",array($params[0]['Username']));
# Continue with others if successful
if ($res !== FALSE) {
$userID = DBLastInsertID();
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array($userID,
'User-Password',
'==',
$params[0]['Password'])
);
}
# Link users ID to make user a wisp user
if ($res !== FALSE) {
$res = DBDo("INSERT INTO wisp_userdata (UserID) VALUES (?)",array($userID));
}
# Add personal information
if ($res !== FALSE && isset($params[0]['Firstname'])) {
$res = DBDo("UPDATE wisp_userdata SET FirstName = ? WHERE UserID = ?",array($params[0]['Firstname'],$userID));
}
if ($res !== FALSE && isset($params[0]['Lastname'])) {
$res = DBDo("UPDATE wisp_userdata SET LastName = ? WHERE UserID = ?",array($params[0]['Lastname'],$userID));
}
if ($res !== FALSE && isset($params[0]['Phone'])) {
$res = DBDo("UPDATE wisp_userdata SET Phone = ? WHERE UserID = ?",array($params[0]['Phone'],$userID));
}
if ($res !== FALSE && isset($params[0]['Email'])) {
$res = DBDo("UPDATE wisp_userdata SET Email = ? WHERE UserID = ?",array($params[0]['Email'],$userID));
}
if ($res !== FALSE && isset($params[0]['LocationID'])) {
$res = DBDo("UPDATE wisp_userdata SET LocationID = ? WHERE UserID = ?",array($params[0]['LocationID'],$userID));
}
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
# Grab each attribute and add it's details to the database
if ($res !== FALSE && isset($params[0]['Attributes'])) {
foreach ($params[0]['Attributes'] as $attr) {
# Default value without modifier
$attrValue = $attr['Value'];
if ($attr['Name'] == 'SMRadius-Capping-Traffic-Limit' || $attr['Name'] == 'SMRadius-Capping-Uptime-Limit') {
# If modifier is set we need to work out attribute value
if (isset($attr['Modifier'])) {
switch ($attr['Modifier']) {
case "Seconds":
$attrValue = $attr['Value'] / 60;
case "Minutes":
$attrValue = $attr['Value'];
case "Hours":
$attrValue = $attr['Value'] * 60;
case "Days":
$attrValue = $attr['Value'] * 1440;
case "Weeks":
$attrValue = $attr['Value'] * 10080;
case "Months":
$attrValue = $attr['Value'] * 44640;
case "MBytes":
$attrValue = $attr['Value'];
case "GBytes":
# Add attribute
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array(
$userID,
$attr['Name'],
$attr['Operator'],
$attrValue
)
);
# Link user to groups if any selected
if ($res !== FALSE && isset($params[0]['Groups'])) {
$refinedGroups = array();
# Filter out unique group ID's
foreach ($params[0]['Groups'] as $group) {
foreach ($group as $ID=>$value) {
$refinedGroups[$value] = $value;
}
}
# Loop through groups
foreach ($refinedGroups as $groupID) {
$res = DBDo("INSERT INTO users_to_groups (UserID,GroupID) VALUES (?,?)",array($userID,$groupID));
}
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
# We adding multiple users
} elseif (!empty($params[0]['Number']) && $params[0]['Number'] > 1) {
$wispUser = array();
# Loop for number of chosen numbers
for ($i = 0; $i < $params[0]['Number']; $i++) {
# Check for duplicates and add
$usernameReserved = 1;
$characters = 'abcdefghijklmnopqrstuvwxyz0123456789';
while ($usernameReserved == 1) {
# Generate random username
$string = '';
for ($c = 0; $c < 7; $c++) {
$string .= $characters[rand(0, strlen($characters) - 1)];
}
$thisUsername = $string;
# Add prefix to string
if (!empty($params[0]['Prefix'])) {
$thisUsername = $params[0]['Prefix'].$string;
}
# Check if username used
$res = DBSelect("
SELECT
users.Username
FROM
users
WHERE
users.Username = ?
",array($thisUsername)
);
# If there are no rows we may continue
if ($res->rowCount() == 0 && !isset($wispUser[$thisUsername])) {
$usernameReserved = 0;
# Generate random username
$string = '';
for ($c = 0; $c < 7; $c++) {
$string .= $characters[rand(0, strlen($characters) - 1)];
}
# Add username and password onto array
$wispUser[$thisUsername] = $string;
}
# Insert users from array into database
foreach ($wispUser as $username => $password) {
$res = DBDo("INSERT INTO users (Username) VALUES (?)",array($username));
if ($res !== FALSE) {
$id = DBLastInsertID();
$res = DBDo("INSERT INTO user_attributes (UserID,Name,Operator,Value) VALUES (?,?,?,?)",
array($id,'User-Password','==',$password)
);
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
# Grab each attribute and add it's details to the database
if ($res !== FALSE && isset($params[0]['Attributes'])) {
foreach ($params[0]['Attributes'] as $attr) {
# Default value without modifier
$attrValue = $attr['Value'];
if ($attr['Name'] == 'SMRadius-Capping-Traffic-Limit' || $attr['Name'] == 'SMRadius-Capping-Uptime-Limit') {
# If modifier is set we need to work out attribute value
if (isset($attr['Modifier'])) {
switch ($attr['Modifier']) {
case "Seconds":
$attrValue = $attr['Value'] / 60;
case "Minutes":
$attrValue = $attr['Value'];
case "Hours":
$attrValue = $attr['Value'] * 60;
case "Days":
$attrValue = $attr['Value'] * 1440;
case "Weeks":
$attrValue = $attr['Value'] * 10080;
case "Months":
$attrValue = $attr['Value'] * 44640;
case "MBytes":
$attrValue = $attr['Value'];
case "GBytes":
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
}
}
}
# Add attribute
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array(
$id,
$attr['Name'],
$attr['Operator'],
$attrValue
)
);
}
}
# Link user to groups if any selected
if ($res !== FALSE && isset($params[0]['Groups'])) {
$refinedGroups = array();
# Filter out unique group ID's
foreach ($params[0]['Groups'] as $group) {
foreach ($group as $ID=>$value) {
$refinedGroups[$value] = $value;
}
}
# Loop through groups
foreach ($refinedGroups as $groupID) {
$res = DBDo("INSERT INTO users_to_groups (UserID,GroupID) VALUES (?,?)",array($id,$groupID));
}
}
# Link to wisp users
if ($res !== FALSE) {
$res = DBDo("INSERT INTO wisp_userdata (UserID) VALUES (?)",
array($id)
);
}
}
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
# Email userlist to admin
if ($res !== FALSE && isset($adminEmails)) {
// multiple recipients
$to = $adminEmails;
// subject
$subject = count($wispUser).' WiSP users added';
// html
$html = '';
foreach ($wispUser as $key => $val) {
$html .= '<tr><td>'.$key.'</td><td>'.$val.'</td></tr>';
}
// message
$message = '
<html>
<head>
<title>User List</title>
</head>
<body>
<table cellspacing="10">
<tr>
<th>Username</th><th>Password</th>
</tr>'.$html.'
</table>
</body>
</html>
';
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'From: SMRadius';
// Mail it
$res = mail($to, $subject, $message, $headers);
}
# Commit changes if all was successful, else rollback
function updateWiSPUser($params) {
$res = DBDo("UPDATE users SET Username = ? WHERE ID = ?",array($params[0]['Username'],$params[0]['ID']));
$res = DBDo("UPDATE user_attributes SET User-Password = ? WHERE UserID = ?",array($params[0]['Username'],$params[0]['ID']));
$res = DBDo("
UPDATE
wisp_userdata
SET
FirstName = ?,
LastName = ?,
Phone = ?,
Email = ?,
LocationID = ?
WHERE
UserID = ?",
array($params[0]['Firstname'],
$params[0]['Lastname'],
$params[0]['Phone'],
$params[0]['Email'],
$params[0]['LocationID'],
$params[0]['ID'])
# Commit changes if all was successful, else break
if ($res !== FALSE) {
DBCommit();
} else {
DBRollback();