<?php
include_once("include/db.php");
# Return list of wisp users
function getWiSPUsers($params) {
# Filters and sorts are the same here
$filtersorts = array(
'Username' => 'users.Username',
'Disabled' => 'users.Disabled',
'ID' => 'wisp_userdata.UserID',
'Firstname' => 'wisp_userdata.Firstname',
'Lastname' => 'wisp_userdata.Lastname',
'Email' => 'wisp_userdata.Email',
'Phone' => 'wisp_userdata.Phone'
);
# Perform query
$res = DBSelectSearch("
SELECT
users.Username,
users.Disabled,
wisp_userdata.UserID,
wisp_userdata.FirstName,
wisp_userdata.LastName,
wisp_userdata.Email,
wisp_userdata.Phone
FROM
users, wisp_userdata
WHERE
wisp_userdata.UserID = users.ID
",$params[1],$filtersorts,$filtersorts
);
$sth = $res[0]; $numResults = $res[1];
# If STH is blank, return the error back to whoever requested the data
if (!isset($sth)) {
return $res;
}
# Loop through rows
$resultArray = array();
while ($row = $sth->fetchObject()) {
# Array for this row
$item = array();
$item['ID'] = $row->userid;
$item['Username'] = $row->username;
$item['Disabled'] = $row->disabled;
$item['Firstname'] = $row->firstname;
$item['Lastname'] = $row->lastname;
$item['Email'] = $row->email;
$item['Phone'] = $row->phone;
# Push this row onto array
array_push($resultArray,$item);
}
# Return results
return array($resultArray,$numResults);
}
# Return specific wisp user row
function getWiSPUser($params) {
# Query for userdata and username
$res = DBSelect("
SELECT
wisp_userdata.UserID,
wisp_userdata.FirstName,
wisp_userdata.LastName,
wisp_userdata.Phone,
wisp_userdata.Email,
wisp_userdata.LocationID,
users.Username
FROM
wisp_userdata, users
WHERE
wisp_userdata.UserID = ?
AND
users.ID = wisp_userdata.UserID
",array($params[0])
);
# Return if error
if (!is_object($res)) {
return $res;
}
# Build array of results
$resultArray = array();
$row = $res->fetchObject();
# Set userdata fields
$resultArray['ID'] = $row->userid;
$resultArray['Username'] = $row->username;
$resultArray['Firstname'] = $row->firstname;
$resultArray['Lastname'] = $row->lastname;
$resultArray['Phone'] = $row->phone;
$resultArray['Email'] = $row->email;
$resultArray['LocationID'] = $row->locationid;
$resultArray['Attributes'] = array();
# Query to get user password
$res = DBSelect("
SELECT
user_attributes.Value
FROM
user_attributes
WHERE
user_attributes.Name = 'User-Password'
AND
user_attributes.UserID = ?
",array($params[0])
);
# Return if error
if (!is_object($res)) {
return $res;
}
# Set user password field
$row = $res->fetchObject();
$resultArray['Password'] = $row->value;
# Query to get all other attributes
$res = DBSelect("
SELECT
user_attributes.ID,
user_attributes.Name,
user_attributes.Operator,
user_attributes.Value
FROM
user_attributes
WHERE
user_attributes.UserID = ?
",array($params[0])
);
# Return if error
if (!is_object($res)) {
return $res;
}
# Array for multiple attributes
$i = 0;
while ($row = $res->fetchObject()) {
$resultsArray['Attributes'][$i]['ID'] = $row->id;
$resultsArray['Attributes'][$i]['Name'] = $row->name;
$resultsArray['Attributes'][$i]['Operator'] = $row->operator;
$resultsArray['Attributes'][$i]['Value'] = $row->value;
$i++;
}
# Get number of results
$numResults = $res->rowCount();
# Return results
return array($resultArray,$numResults);
}
# Remove wisp user
function removeWiSPUser($params) {
# Begin transaction
DBBegin();
# Delete user information
$res = DBDo("DELETE FROM wisp_userdata WHERE UserID = ?",array($params[0]));
# Delete user attribtues
if ($res !== FALSE) {
$res = DBDo("DELETE FROM user_attributes WHERE UserID = ?",array($params[0]));
}
# Remove user from groups
if ($res !== FALSE) {
$res = DBDo("DELETE FROM users_to_groups WHERE UserID = ?",array($params[0]));
}
# Get list of topups and delete summaries
if ($res !== FALSE) {
$topupList = array();
$res = DBSelect("
SELECT
topups_summary.TopupID
FROM
topups_summary, topups
WHERE
topups_summary.TopupID = topups.ID
AND topups.UserID = ?",
array($params[0])
);
if (!is_object($res)) {
$res = FALSE;
} else {
while ($row = $res->fetchObject()) {
array_push($topupList,$row->topupid);
}
}
if ($res !== FALSE && sizeof($topupList) > 0) {
# Remove topup summaries
foreach ($topupList as $id) {
if ($res !== FALSE) {
$res = DBDo("
DELETE FROM
topups_summary
WHERE
TopupID = ?",
array($id)
);
}
}
}
}
# Remove topups
if ($res !== FALSE) {
$res = DBDo("DELETE FROM topups WHERE UserID = ?",array($params[0]));
}
# Delete user
if ($res !== FALSE) {
$res = DBDo("DELETE FROM users WHERE ID = ?",array($params[0]));
}
# Commit and return if successful
if (is_bool($res)) {
DBCommit();
return $res;
# Else rollback database
} else {
DBRollback();
}
return NULL;
}
# Add wisp user
function createWiSPUser($params) {
# We need this to send notification
global $adminEmails;
# Begin transaction
DBBegin();
# Perform first query
$res = "Username & Password required for single user. For adding multiple users an integer is required.";
# If we adding single user
if (empty($params[0]['Number']) && !empty($params[0]['Password']) && !empty($params[0]['Username'])) {
# Insert username
$res = DBDo("INSERT INTO users (Username) VALUES (?)",array($params[0]['Username']));
# Continue with others if successful
if ($res !== FALSE) {
$userID = DBLastInsertID();
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array($userID,
'User-Password',
'==',
$params[0]['Password'])
);
}
# Link users ID to make user a wisp user
if ($res !== FALSE) {
$res = DBDo("INSERT INTO wisp_userdata (UserID) VALUES (?)",array($userID));
}
# Add personal information
if ($res !== FALSE && isset($params[0]['Firstname'])) {
$res = DBDo("UPDATE wisp_userdata SET FirstName = ? WHERE UserID = ?",array($params[0]['Firstname'],$userID));
}
if ($res !== FALSE && isset($params[0]['Lastname'])) {
$res = DBDo("UPDATE wisp_userdata SET LastName = ? WHERE UserID = ?",array($params[0]['Lastname'],$userID));
}
if ($res !== FALSE && isset($params[0]['Phone'])) {
$res = DBDo("UPDATE wisp_userdata SET Phone = ? WHERE UserID = ?",array($params[0]['Phone'],$userID));
}
if ($res !== FALSE && isset($params[0]['Email'])) {
$res = DBDo("UPDATE wisp_userdata SET Email = ? WHERE UserID = ?",array($params[0]['Email'],$userID));
}
if ($res !== FALSE && !empty($params[0]['LocationID'])) {
$res = DBDo("UPDATE wisp_userdata SET LocationID = ? WHERE UserID = ?",array($params[0]['LocationID'],$userID));
}
# Grab each attribute and add it's details to the database
if ($res !== FALSE && isset($params[0]['Attributes'])) {
foreach ($params[0]['Attributes'] as $attr) {
# Default value without modifier
$attrValue = $attr['Value'];
if ($attr['Name'] == 'SMRadius-Capping-Traffic-Limit' || $attr['Name'] == 'SMRadius-Capping-Uptime-Limit') {
# If modifier is set we need to work out attribute value
if (isset($attr['Modifier'])) {
switch ($attr['Modifier']) {
case "Seconds":
$attrValue = $attr['Value'] / 60;
case "Minutes":
$attrValue = $attr['Value'];
case "Hours":
$attrValue = $attr['Value'] * 60;
case "Days":
$attrValue = $attr['Value'] * 1440;
case "Weeks":
$attrValue = $attr['Value'] * 10080;
case "Months":
$attrValue = $attr['Value'] * 44640;
case "MBytes":
$attrValue = $attr['Value'];
case "GBytes":
$attrValue = $attr['Value'] * 1000;
case "TBytes":
$attrValue = $attr['Value'] * 1000000;
}
}
}
# Add attribute
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array(
$userID,
$attr['Name'],
$attr['Operator'],
$attrValue
)
);
}
}
# Link user to groups if any selected
if ($res !== FALSE && isset($params[0]['Groups'])) {
$refinedGroups = array();
# Filter out unique group ID's
foreach ($params[0]['Groups'] as $group) {
foreach ($group as $ID=>$value) {
$refinedGroups[$value] = $value;
}
}
# Loop through groups
foreach ($refinedGroups as $groupID) {
$res = DBDo("INSERT INTO users_to_groups (UserID,GroupID) VALUES (?,?)",array($userID,$groupID));
}
}
# We adding multiple users
} elseif (!empty($params[0]['Number']) && $params[0]['Number'] > 1) {
$wispUser = array();
# Loop for number of chosen numbers
for ($i = 0; $i < $params[0]['Number']; $i++) {
# Check for duplicates and add
$usernameReserved = 1;
$characters = 'abcdefghijklmnopqrstuvwxyz0123456789';
while ($usernameReserved == 1) {
# Generate random username
$string = '';
for ($c = 0; $c < 7; $c++) {
$string .= $characters[rand(0, strlen($characters) - 1)];
}
$thisUsername = $string;
# Add prefix to string
if (!empty($params[0]['Prefix'])) {
$thisUsername = $params[0]['Prefix'].$string;
}
# Check if username used
$res = DBSelect("
SELECT
users.Username
FROM
users
WHERE
users.Username = ?
",array($thisUsername)
);
# If there are no rows we may continue
if ($res->rowCount() == 0 && !isset($wispUser[$thisUsername])) {
$usernameReserved = 0;
# Generate random username
$string = '';
for ($c = 0; $c < 7; $c++) {
$string .= $characters[rand(0, strlen($characters) - 1)];
}
# Add username and password onto array
$wispUser[$thisUsername] = $string;
}
}
}
# Insert users from array into database
foreach ($wispUser as $username => $password) {
$res = DBDo("INSERT INTO users (Username) VALUES (?)",array($username));
if ($res !== FALSE) {
$id = DBLastInsertID();
$res = DBDo("INSERT INTO user_attributes (UserID,Name,Operator,Value) VALUES (?,?,?,?)",
array($id,'User-Password','==',$password)
);
# Grab each attribute and add it's details to the database
if ($res !== FALSE && isset($params[0]['Attributes'])) {
foreach ($params[0]['Attributes'] as $attr) {
# Default value without modifier
$attrValue = $attr['Value'];
if ($attr['Name'] == 'SMRadius-Capping-Traffic-Limit' || $attr['Name'] == 'SMRadius-Capping-Uptime-Limit') {
# If modifier is set we need to work out attribute value
if (isset($attr['Modifier'])) {
switch ($attr['Modifier']) {
case "Seconds":
$attrValue = $attr['Value'] / 60;
case "Minutes":
$attrValue = $attr['Value'];
case "Hours":
$attrValue = $attr['Value'] * 60;
case "Days":
$attrValue = $attr['Value'] * 1440;
case "Weeks":
$attrValue = $attr['Value'] * 10080;
case "Months":
$attrValue = $attr['Value'] * 44640;
case "MBytes":
$attrValue = $attr['Value'];
case "GBytes":
$attrValue = $attr['Value'] * 1000;
case "TBytes":
$attrValue = $attr['Value'] * 1000000;
}
}
}
# Add attribute
$res = DBDo("
INSERT INTO
user_attributes (UserID,Name,Operator,Value)
VALUES
(?,?,?,?)",
array(
$id,
$attr['Name'],
$attr['Operator'],
$attrValue
)
);
}
}
# Link user to groups if any selected
if ($res !== FALSE && isset($params[0]['Groups'])) {
$refinedGroups = array();
# Filter out unique group ID's
foreach ($params[0]['Groups'] as $group) {
foreach ($group as $ID=>$value) {
$refinedGroups[$value] = $value;
}
}
# Loop through groups
foreach ($refinedGroups as $groupID) {
$res = DBDo("INSERT INTO users_to_groups (UserID,GroupID) VALUES (?,?)",array($id,$groupID));
}
}
# Link to wisp users
if ($res !== FALSE) {
$res = DBDo("INSERT INTO wisp_userdata (UserID) VALUES (?)",
array($id)
);
}
}
}
# Email userlist to admin
if ($res !== FALSE && isset($adminEmails)) {
// multiple recipients
$to = $adminEmails;
// subject
$subject = count($wispUser).' WiSP users added';
// html
$html = '';
foreach ($wispUser as $key => $val) {
$html .= '<tr><td>'.$key.'</td><td>'.$val.'</td></tr>';
}
// message
$message = '
<html>
<head>
<title>User List</title>
</head>
<body>
<table cellspacing="10">
<tr>
<th>Username</th><th>Password</th>
</tr>'.$html.'
</table>
</body>
</html>
';
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'From: SMRadius';
// Mail it
$res = mail($to, $subject, $message, $headers);
}
}
# Commit changes if all was successful, else rollback
if (is_bool($res)) {
DBCommit();
return $res;
} else {
DBRollback();
return $res;
}
return NULL;
}
# Edit wisp user
function updateWiSPUser($params) {
DBBegin();
$res = TRUE;
# Perform query
if (!empty($params[0]['Username'])) {
$res = DBDo("UPDATE users SET Username = ? WHERE ID = ?",array($params[0]['Username'],$params[0]['ID']));
}
# If successful, continue
if ($res !== FALSE) {
$res = DBDo("UPDATE user_attributes SET User-Password = ? WHERE UserID = ?",array($params[0]['Username'],$params[0]['ID']));
}
# If successful, continue
if ($res !== FALSE) {
$res = DBDo("
UPDATE
wisp_userdata
SET
FirstName = ?,
LastName = ?,
Phone = ?,
Email = ?
WHERE
UserID = ?",
array($params[0]['Firstname'],
$params[0]['Lastname'],
$params[0]['Phone'],
$params[0]['Email'],
$params[0]['ID'])
);
}
# If successful, add location if any
if ($res !== FALSE && !empty($params[0]['LocationID'])) {
$res = DBDo("UPDATE wisp_userdata SET LocationID = ? WHERE UserID = ?",
array($params[0]['LocationID'],$params[0]['ID'])
);
}
# Commit changes if all was successful, else break
if (is_bool($res)) {
DBCommit();
return $res;
} else {
DBRollback();
}
return NULL;
}
# vim: ts=4