Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • smradius/smradius
  • centiva-shail/smradius
  • nkukard/smradius
3 results
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 119 additions and 2070 deletions
webui/includes/header.php deleted 100644 → 0
View file @ daf4bbd2
<?php
include_once("includes/config.php");
# Print out HTML header
function printHeader($params = NULL)
{
global $DB_POSTFIX_DSN;
# Pull in params
if (!is_null($params)) {
if (isset($params['Tabs'])) {
$tabs = $params['Tabs'];
}
if (isset($params['js.onLoad'])) {
$jsOnLoad = $params['js.onLoad'];
}
if (isset($params['Title'])) {
$title = $params['Title'];
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>SMRadiusd Web Administration</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css" />
<script type="text/javascript" src="tooltips/BubbleTooltips.js"></script>
<script type="text/javascript">
window.onload=function(){enableTooltips(null,"img")};
</script>
</head>
<body<?php if (!empty($jsOnLoad)) { echo " onLoad=\"".$jsOnLoad."\""; } ?>>
<table id="maintable">
<tr>
<td id="header">SMRadiusd Web Administration</td>
</tr>
<tr>
<td>
<table>
<tr>
<td id="menu">
<img style="margin-top:-1px; margin-left:-1px;" src="images/top2.jpg" alt="" />
<p><a href=".">Home</a></p>
<p>Control Panel</p>
<ul>
<li><a href="user-main.php">User List</a></li>
<li><a href="group-main.php">Groups</a></li>
</ul>
<p>WiSP</p>
<ul>
<li><a href="wisp-user-list.php">User List</a></li>
<li><a href="wisp-user-add.php">Add User</a></li>
</ul>
<!-- <img style="margin-left:-1px; margin-bottom: -6px" src="images/specs_bottom.jpg" alt="" />-->
</td>
<td class="content">
<table class="content">
<?php
# Check if we must display tabs or not
if (!empty($tabs)) {
?>
<tr><td id="topmenu"><ul>
<?php
foreach ($tabs as $key => $value) {
?> <li>
<a href="<?php echo $value ?>"
title="<?php echo $key ?>">
<span><?php echo $key ?></span></a>
</li>
<?php
}
?>
</ul></td></tr>
<?php
}
?>
<tr>
<td>
<?php
}
# vim: ts=4
?>
webui/includes/tooltipdata.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Tooltip data
$tooltips['user_attributes_name'] = "Please refer to the manual for a list of allowed attribute names";
?>
webui/stylesheet.css deleted 100644 → 0
View file @ daf4bbd2
/*
*
* Web interfce stylesheet
* Copyright (C) 2008, LinuxRulz
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
body{
color:#999999;
font-family: Arial, Sans-Serif;
}
/*
* Main table
*/
#maintable {
width: 100%;
}
/*
* Header
*/
#header{
background: #000000 url('images/bg.jpg') bottom center repeat-x;
text-align: center;
font-size: 150%;
font-weight: bold;
}
/*
* Left hand menu
*/
#menu {
background-image: url("images/strips_onside.jpg");
background-repeat: repeat-y;
vertical-align: top;
}
#menu img {
border: none;
}
#menu p {
padding-right: 10px;
margin-left: 5px;
color:#888;
}
#menu a:link, a:visited {
color:#888;
text-decoration: none;
}
#menu a:hover, a:active {
color:#FF6666;
}
#menu ul {
margin-top: 0px;
list-style: url(images/bullet.jpg) disc;
}
#menu p {
font-size: 110%;
font-weight: bold;
margin-bottom: 0;
margin-top: 10px;
}
/*
* Footer
*/
#footer{
background: #000000 url('images/bg.jpg') top center repeat-x;
text-align: center;
font-weight: bold;
}
#footer a, a:link {
color: #999999;
text-decoration: none;
}
#footer a:hover {
color: #A5CE77;
text-decoration: none;
}
#footerimages {
border: none;
text-align: center;
}
/*
* Top Menu (tabs)
*/
#topmenu ul {
margin: 0;
padding: 0 0 0 0;
list-style: none;
}
#topmenu li {
display: inline;
margin: 0;
padding: 0;
}
#topmenu a {
float: left;
background: url(images/menuleft.gif) no-repeat left top;
margin: 0 5px 0 0;
padding: 0 0 0 4px;
text-decoration: none;
}
#topmenu a span {
float: left;
display: block;
background: url(images/menuright.gif) no-repeat right top;
padding: 5px 15px 4px 6px;
color: #000888;
}
/* Commented Backslash Hack hides rule from IE5-Mac \*/
#topmenu a span {
float: none;
}
/* End IE5-Mac hack */
#topmenu a:hover span {
color: #999999;
}
#topmenu a:hover {
background-position: 0% -42px;
}
#topmenu a:hover span {
background-position: 100% -42px;
}
/*
* Main content
*/
.content {
width: 100%;
vertical-align: top;
}
/*
* Main window content
*/
.pageheader {
background-color: #999999;
color: #000000;
width: 100%;
border: 1px solid black;
text-align: center;
font-weight: bold;
font-size: 110%;
}
/*
* Results table
*/
.results {
border: none;
margin-left: auto;
margin-right: auto;
}
.resultstitle td {
font-weight: bolder;
border: 1px solid black;
padding-left: 5px;
padding-right: 5px;
}
.resultsitem td {
border-bottom: 1px dashed black;
}
/*
* Entry tables
*/
.entry {
border: solid black 1px;
margin-left: auto;
margin-right: auto;
}
.entrytitle {
font-weight: bolder;
}
.oldval {
background-color: #eeeeee;
}
/*
* Misc
*/
.texttop {
vertical-align: top;
}
.textcenter {
text-align: center;
}
#noborder {
border: none;
}
a.help img {
border: none;
}
#tooltip {
position: absolute;
z-index: 200;
}
/*
* vim: ts=4
*/
webui/tooltips/BubbleTooltips.js deleted 100644 → 0
View file @ daf4bbd2
/*Javascript for Bubble Tooltips by Alessandro Fulciniti
http://pro.html.it - http://web-graphics.com */
function enableTooltips(id,element){
var links,i,h;
if (!element) element = "a";
if(!document.getElementById || !document.getElementsByTagName) return;
AddCss();
h=document.createElement("span");
h.id="btc";
h.setAttribute("id","btc");
h.style.position="absolute";
document.getElementsByTagName("body")[0].appendChild(h);
if(id==null) links=document.getElementsByTagName(element);
else links=document.getElementById(id).getElementsByTagName(element);
for(i=0;i<links.length;i++){
Prepare(links[i]);
}
}
function Prepare(el){
var tooltip,t,b,s,l;
t=el.getAttribute("title");
//if(t==null || t.length==0) t="link:";
if (t == null) return;
el.removeAttribute("title");
tooltip=CreateEl("span","tooltip");
s=CreateEl("span","top");
s.appendChild(document.createTextNode(t));
tooltip.appendChild(s);
b=CreateEl("b","bottom");
//l=el.getAttribute("href");
//if(l.length>28) l=l.substr(0,25)+"...";
//b.appendChild(document.createTextNode(l));
//b.appendChild(document.createTextNode("hello world"));
tooltip.appendChild(b);
setOpacity(tooltip);
el.tooltip=tooltip;
el.onmouseover=showTooltip;
el.onmouseout=hideTooltip;
el.onmousemove=Locate;
}
function showTooltip(e){
document.getElementById("btc").appendChild(this.tooltip);
Locate(e);
}
function hideTooltip(e){
var d=document.getElementById("btc");
if(d.childNodes.length>0) d.removeChild(d.firstChild);
}
function setOpacity(el){
el.style.filter="alpha(opacity:95)";
el.style.KHTMLOpacity="0.95";
el.style.MozOpacity="0.95";
el.style.opacity="0.95";
}
function CreateEl(t,c){
var x=document.createElement(t);
x.className=c;
x.style.display="block";
return(x);
}
function AddCss(){
var l=CreateEl("link");
l.setAttribute("type","text/css");
l.setAttribute("rel","stylesheet");
l.setAttribute("href","tooltips/bt.css");
l.setAttribute("media","screen");
document.getElementsByTagName("head")[0].appendChild(l);
}
function Locate(e){
var posx=0,posy=0;
if(e==null) e=window.event;
if(e.pageX || e.pageY){
posx=e.pageX; posy=e.pageY;
}
else if(e.clientX || e.clientY){
if(document.documentElement.scrollTop){
posx=e.clientX+document.documentElement.scrollLeft;
posy=e.clientY+document.documentElement.scrollTop;
}
else{
posx=e.clientX+document.body.scrollLeft;
posy=e.clientY+document.body.scrollTop;
}
}
document.getElementById("btc").style.top=(posy+10)+"px";
document.getElementById("btc").style.left=(posx-20)+"px";
}
webui/tooltips/bt.css deleted 100644 → 0
View file @ daf4bbd2
.tooltip {
width: 200px;
color: #00000;
font: 11px Arial, sans-serif;
font-weight: bold;
text-decoration: none;
text-align: center
}
.tooltip span.top {
padding: 30px 8px 0;
background: url(bt.gif) no-repeat top;
}
.tooltip b.bottom {
padding:3px 8px 15px;
color: #548912;
background: url(bt.gif) no-repeat bottom;
}
webui/tooltips/bt.gif deleted 100644 → 0
View file @ daf4bbd2
webui/tooltips/bt.gif

1.55 KiB

webui/user-attribute-add.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Policy add
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
session_start();
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
include_once("includes/tooltips.php");
$db = connect_db();
printHeader(array(
"Tabs" => array(
"Back to user list" => "user-main.php"
),
));
if ($_POST['frmaction'] == "add") {
?>
<p class="pageheader">Add attribute</p>
<form method="post" action="attribute-add.php">
<div>
<input type="hidden" name="frmaction" value="add2" />
</div>
<table class="entry">
<tr>
<td class="entrytitle">Attribute Name</td>
<td><input type="text" name="attr_name" /></td>
</tr>
<tr>
<td class="entrytitle">Operator</td>
<td>
<select name="attr_operator">
<option value="=">=</option>
<option value="==">==</option>
<option value=":=">:=</option>
<option value="+=">+=</option>
<option value="!=">!=</option>
<option value=">">&gt</option>
<option value="<">&lt</option>
<option value=">=">&gt=</option>
<option value="<=">&lt=</option>
<option value="=~">=~</option>
<option value="!~">!~</option>
<option value="=*">=*</option>
<option value="!*">!*</option>
<option value="||=">||=</option>
<option value="||==">||==</option>
</select>
</td>
</tr>
<tr>
<td class="entrytitle">Value</td>
<td><input type="text" name="attr_value" /></td>
</tr>
<tr>
<td colspan="2">
<input type="submit" />
</td>
</tr>
</table>
</form>
<?php
# Check we have all params
} elseif ($_POST['frmaction'] == "add2") {
?>
<p class="pageheader">Attribute Add Results</p>
<?php
# Check for empty values
if (empty($_POST['attr_name']) || empty($_POST['attr_operator']) || empty($_POST['attr_value'])) {
?>
<div class="warning">Submission cannot have empty value</div>
<?php
} else {
$stmt = $db->prepare("INSERT INTO ${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value) VALUES (?,?,?,?)");
# Which user am I working with?
$attr_user_id = $_SESSION['attr_user_id'];
$res = $stmt->execute(array(
$attr_user_id,
$_POST['attr_name'],
$_POST['attr_operator'],
$_POST['attr_value'],
));
if ($res) {
?>
<div class="notice">Attribute added</div>
<?php
session_destroy();
} else {
?>
<div class="warning">Failed to add attribute</div>
<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
<?php
}
}
} else {
?>
<div class="warning">Invalid invocation</div>
<?php
}
printFooter();
# vim: ts=4
?>
webui/user-attribute-change.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Policy member change
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
include_once("includes/tooltips.php");
$db = connect_db();
printHeader(array(
"Tabs" => array(
"Back to user list" => "user-main.php",
),
));
# Display change screen
if ($_POST['frmaction'] == "change") {
# Check an attribute was selected
if (isset($_POST['attr_id'])) {
# Prepare statement
$temp = $_POST['attr_id'];
$sql = "SELECT ID, Name, Operator, Value, Disabled FROM ${DB_TABLE_PREFIX}user_attributes WHERE ID = $temp";
$res = $db->query($sql);
$row = $res->fetchObject();
?>
<p class="pageheader">Update User</p>
<form action="attribute-change.php" method="post">
<div>
<input type="hidden" name="frmaction" value="change2" />
<input type="hidden" name="attr_id" value="<?php echo $_POST['attr_id']; ?>" />
</div>
<table class="entry" style="width: 75%;">
<tr>
<td></td>
<td class="entrytitle textcenter">Old Value</td>
<td class="entrytitle textcenter">New Value</td>
</tr>
<tr>
<td class="entrytitle texttop">
Name
<?php tooltip('user_attributes_name'); ?>
</td>
<td class="oldval texttop"><?php echo $row->name ?></td>
<td><textarea name="user_attributes_name" cols="40" rows="1"></textarea></td>
</tr>
<tr>
<td class="entrytitle texttop">
Operator
</td>
<td class="oldval texttop"><?php echo $row->operator ?></td>
<td>
<select name="user_attributes_operator">
<option value="=">=</option>
<option value="==">==</option>
<option value=":=">:=</option>
<option value="+=">+=</option>
<option value="!=">!=</option>
<option value=">">&gt</option>
<option value="<">&lt</option>
<option value=">=">&gt=</option>
<option value="<=">&lt=</option>
<option value="=~">=~</option>
<option value="!~">!~</option>
<option value="=*">=*</option>
<option value="!*">!*</option>
<option value="||=">||=</option>
<option value="||==">||==</option>
</select>
</td>
</tr>
<tr>
<td class="entrytitle texttop">Value</td>
<td class="oldval texttop"><?php echo $row->value ?></td>
<td><textarea name="user_attributes_value" cols="40" rows="5"></textarea></td>
</tr>
<tr>
<td class="entrytitle">Disabled</td>
<td class="oldval"><?php echo $row->disabled ? 'yes' : 'no' ?></td>
<td>
<select name="user_attributes_disabled">
<option value="">--</option>
<option value="0">No</option>
<option value="1">Yes</option>
</select>
</td>
</tr>
</table>
<p />
<div class="textcenter">
<input type="submit" />
</div>
</form>
<?php
$res->closeCursor();
} else {
?>
<div class="warning">No attribute selected</div>
<?php
}
# SQL Updates
} elseif ($_POST['frmaction'] == "change2") {
?>
<p class="pageheader">Attribute Update Results</p>
<?php
# Check an attribute was selected
if (isset($_POST['attr_id'])) {
$updates = array();
if (!empty($_POST['user_attributes_name'])) {
array_push($updates,"Name = ".$db->quote($_POST['user_attributes_name']));
}
if (isset($_POST['user_attributes_operator']) && $_POST['user_attributes_operator'] != "") {
array_push($updates,"Operator = ".$db->quote($_POST['user_attributes_operator']));
}
if (!empty($_POST['user_attributes_value'])) {
array_push($updates,"Value = ".$db->quote($_POST['user_attributes_value']));
}
if (isset($_POST['user_attributes_disabled']) && $_POST['user_attributes_disabled'] != "") {
array_push($updates ,"Disabled = ".$db->quote($_POST['user_attributes_disabled']));
}
# Check if we have updates
if (sizeof($updates) > 0) {
$updateStr = implode(', ',$updates);
$res = $db->exec("UPDATE ${DB_TABLE_PREFIX}user_attributes SET $updateStr WHERE ID = ".$db->quote($_POST['attr_id']));
if ($res) {
?>
<div class="notice">Attribute updated</div>
<?php
} else {
?>
<div class="warning">Error updating attribute</div>
<div class="warning"><?php print_r($db->errorInfo()) ?></div>
<?php
}
# Warn
} else {
?>
<div class="warning">No attribute updates</div>
<?php
}
# Warn
} else {
?>
<div class="error">No attribute data available</div>
<?php
}
} else {
?>
<div class="warning">Invalid invocation</div>
<?php
}
printFooter();
# vim: ts=4
?>
webui/user-attribute-delete.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Module: Policy delete
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
$db = connect_db();
printHeader(array(
"Tabs" => array(
"Back to user list" => "user-main.php",
),
));
# Display delete confirm screen
if ($_POST['frmaction'] == "delete") {
# Check a user was selected
if (isset($_POST['attr_id'])) {
?>
<p class="pageheader">Delete Attribute</p>
<form action="attribute-delete.php" method="post">
<div>
<input type="hidden" name="frmaction" value="delete2" />
<input type="hidden" name="attr_id" value="<?php echo $_POST['attr_id']; ?>" />
</div>
<div class="textcenter">
Are you very sure? <br />
<input type="submit" name="confirm" value="yes" />
<input type="submit" name="confirm" value="no" />
</div>
</form>
<?php
} else {
?>
<div class="warning">No attribute selected</div>
<?php
}
# SQL Updates
} elseif ($_POST['frmaction'] == "delete2") {
?>
<p class="pageheader">Attribute Delete Results</p>
<?php
if (isset($_POST['attr_id'])) {
if ($_POST['confirm'] == "yes") {
$res = $db->exec("DELETE FROM ${DB_TABLE_PREFIX}user_attributes WHERE ID = ".$_POST['attr_id']);
if ($res !== FALSE) {
?>
<div class="notice">Attribute with ID: <?php print_r($_POST['attr_id']);?> deleted</div>
<?php
} else {
?>
<div class="warning">Error deleting attribute</div>
<div class="warning"><?php print_r($db->errorInfo()) ?></div>
<?php
}
?>
<?php
# Warn
} else {
?>
<div class="warning">Delete attribute aborted</div>
<?php
}
?>
<?php
} else {
?>
<div class="warning">Invocation error, no attribute ID selected</div>
<?php
}
}
printFooter();
# vim: ts=4
?>
webui/user-attributes.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Module: Policy delete
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
session_start();
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
$db = connect_db();
printHeader(array(
"Tabs" => array(
"Back to user list" => "user-main.php"
),
));
?>
<p class="pageheader">Attribute List</p>
<form id="main_form" action="user-attributes.php" method="post">
<div class="textcenter">
Action
<select id="main_form_action" name="frmaction"
onchange="
var myform = document.getElementById('main_form');
var myobj = document.getElementById('main_form_action');
if (myobj.selectedIndex == 2) {
myform.action = 'user-attribute-add.php';
} else if (myobj.selectedIndex == 5) {
myform.action = 'user-attribute-change.php';
} else if (myobj.selectedIndex == 3) {
myform.action = 'user-attribute-delete.php';
}
myform.submit();
">
<option selected="selected">select action</option>
<option disabled="disabled"> - - - - - - - - - - - </option>
<option value="add">Add Attribute</option>
<option value="delete">Delete Attribute</option>
<option disabled="disabled"> - - - - - - - - - - - </option>
<option value="change">Change Attribute</option>
</select>
</div>
<p />
<table class="results" style="width: 75%;">
<tr class="resultstitle">
<td class="textcenter">ID</td>
<td class="textcenter">Name</td>
<td class="textcenter">Operator</td>
<td class="textcenter">Value</td>
<td class="textcenter">Disabled</td>
</tr>
<?php
$_SESSION['attr_user_id'] = $_POST['user_id'];
if (isset($_POST['user_id'])) {
$temp = $_SESSION['attr_user_id'];
$sql = "SELECT ID, Name, Operator, Value, Disabled FROM ${DB_TABLE_PREFIX}user_attributes WHERE UserID = $temp ORDER BY ID";
$res = $db->query($sql);
$rownums = 0;
while ($row = $res->fetchObject()) {
if ($row->id != NULL) {
$rownums = $rownums + 1;
} else {
$rownums = $rownums - 1;
}
?>
<tr class="resultsitem">
<td><input type="radio" name="attr_id" value="<?php echo $row->id ?>"/><?php echo $row->id ?></td>
<td><?php echo $row->name ?></td>
<td><?php echo $row->operator ?></td>
<td><?php echo $row->value ?></td>
<td class="textcenter"><?php echo $row->disabled ? 'yes' : 'no' ?></td>
</tr>
<?php
}
$res->closeCursor();
if ($rownums <= 0) {
?>
<p />
<tr>
<td colspan="5" class="textcenter">Group attribute list is empty</td>
</tr>
<?php
}
unset($rownums);
} else {
?>
<tr class="resultitem">
<td colspan="5" class="textcenter">No User ID selected</td>
</tr>
<?php
}
?>
</table>
</form>
<?php
printFooter();
# vim: ts=4
?>
webui/user-delete.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Module: Policy delete
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
$db = connect_db();
printHeader(array(
"Tabs" => array(
"Back to user list" => "user-main.php",
),
));
# Display delete confirm screen
if ($_POST['frmaction'] == "delete") {
# Check a user was selected
if (isset($_POST['user_id'])) {
?>
<p class="pageheader">Delete User</p>
<form action="user-delete.php" method="post">
<div>
<input type="hidden" name="frmaction" value="delete2" />
<input type="hidden" name="user_id" value="<?php echo $_POST['user_id']; ?>" />
</div>
<div class="textcenter">
Are you very sure? <br />
<input type="submit" name="confirm" value="yes" />
<input type="submit" name="confirm" value="no" />
</div>
</form>
<?php
} else {
?>
<div class="warning">No user selected</div>
<?php
}
# SQL Updates
} elseif ($_POST['frmaction'] == "delete2") {
?>
<p class="pageheader">User Delete Results</p>
<?php
if (isset($_POST['user_id'])) {
# Check to see if user's attributes are empty
$userID = $_POST['user_id'];
$sql = "SELECT * FROM ${DB_TABLE_PREFIX}user_attributes WHERE UserID = $userID";
$res = $db->query($sql);
if ($_POST['confirm'] == "yes") {
$res = $db->exec("DELETE FROM ${DB_TABLE_PREFIX}users WHERE ID = ".$_POST['user_id']);
if ($res !== FALSE) {
?>
<div class="notice">User with ID: <?php print_r($_POST['user_id']);?> deleted</div>
<?php
} else {
?>
<div class="warning">Error deleting user</div>
<div class="warning"><?php print_r($db->errorInfo()) ?></div>
<?php
}
} else {
?>
<div class="warning">Delete user aborted</div>
<?php
}
} else {
?>
<div class="warning">Attribute list is not empty!</div>
<?php
}
} else {
?>
<div class="warning">Invocation error, no user ID selected</div>
<?php
}
}
printFooter();
# vim: ts=4
?>
webui/user-groups-add.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Policy groups main screen
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
session_start();
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
$db = connect_db();
printHeader(array(
));
if (isset($_SESSION['groups_user_id'])) {
if ($_POST['frmaction'] == "add") {
?>
<p class="pageheader">Available Groups</p>
<form id="main_form" action="user-groups-add.php" method="post">
<div class="textcenter">
<input type="hidden" name="frmaction" value="add2" />
<table class="entry">
<tr>
<td class="entrytitle">Comment</td>
<td class="entrytitle">Disabled</td>
</tr>
<tr>
<td><input type="text" name="users_to_groups_comment" /></td>
<td>
<select name="users_group_disabled">
<option value="0">No</option>
<option value="1">Yes</option>
</select>
</td>
<td>
<input type="submit" value="Submit" />
</td>
</tr>
</table>
</div>
<p />
<table class="results" style="width: 75%;">
<tr class="resultstitle">
<td class="textcenter">ID</td>
<td class="textcenter">Name</td>
<td class="textcenter">Priority</td>
<td class="textcenter">Disabled</td>
<td class="textcenter">Comment</td>
</tr>
<?php
# List current available groups
$sql = "SELECT ID, Name, Priority, Disabled, Comment FROM ${DB_TABLE_PREFIX}groups ORDER BY ID";
$res = $db->query($sql);
while ($row = $res->fetchObject()) {
?>
<tr class="resultsitem">
<td><input type="radio" name="group_id" value="<?php echo $row->id ?>" /></td>
<td><?php echo $row->name ?></td>
<td><?php echo $row->priority ?></td>
<td class="textcenter"><?php echo $row->disabled ? 'yes' : 'no' ?></td>
<td><?php echo $row->comment ?></td>
</tr>
<?php
}
$res->closeCursor();
?>
</table>
</form>
<?php
} elseif ($_POST['frmaction'] == "add2") {
?>
<p class="pageheader">Group assignment results</p>
<?php
if (isset($_POST['group_id']) && !empty($_POST['users_to_groups_comment'])) {
$stmt = $db->prepare("INSERT INTO ${DB_TABLE_PREFIX}users_to_groups (UserID,GroupID,Comment,Disabled) VALUES (?,?,?,?)");
# Which user am I working with?
$groups_user_id = $_SESSION['groups_user_id'];
$res = $stmt->execute(array(
$groups_user_id,
$_POST['group_id'],
$_POST['users_group_comment'],
$_POST['users_group_disabled'],
));
if ($res) {
?>
<div class="notice">Group assignment successful</div>
<?php
} else {
?>
<div class="warning">Failed to assign group to user</div>
<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
<?php
}
} else {
?>
<div class="warning">One or more values not set</div>
<?php
}
}
} else {
?>
<div class="warning">No user id received</div>
<?php
}
printFooter();
# vim: ts=4
?>
webui/user-groups-delete.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Module: Policy delete
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
session_start();
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
$db = connect_db();
printHeader(array(
"Tabs" => array(
"Back to user list" => "user-main.php",
),
));
# Display delete confirm screen
if ($_POST['frmaction'] == "delete") {
# Check a user was selected
if (isset($_POST['group_id'])) {
?>
<p class="pageheader">Remove Group Assignment</p>
<form action="user-groups-delete.php" method="post">
<div>
<input type="hidden" name="frmaction" value="delete2" />
<input type="hidden" name="group_id" value="<?php echo $_POST['group_id']; ?>" />
</div>
<div class="textcenter">
Are you very sure? <br />
<input type="submit" name="confirm" value="yes" />
<input type="submit" name="confirm" value="no" />
</div>
</form>
<?php
} else {
?>
<div class="warning">No group assignment selected</div>
<?php
}
# SQL Updates
} elseif ($_POST['frmaction'] == "delete2") {
?>
<p class="pageheader">Group Assignment Removal Results</p>
<?php
if (isset($_POST['group_id'])) {
if ($_POST['confirm'] == "yes") {
$res = $db->exec("DELETE FROM ${DB_TABLE_PREFIX}users_to_groups WHERE UserID = ".$_SESSION['groups_user_id']." AND GroupID = ".$_POST['group_id']);
if ($res !== FALSE) {
?>
<div class="notice">Group with ID: <?php print_r($_POST['group_id']);?> deleted from user with ID: <?php print_r($_SESSION['groups_user_id']);?></div>
<?php
session_destroy();
} else {
?>
<div class="warning">Error removing group assignment</div>
<div class="warning"><?php print_r($db->errorInfo()) ?></div>
<?php
}
?>
<?php
# Warn
} else {
?>
<div class="warning">Remove Group Assignment aborted</div>
<?php
}
?>
<?php
} else {
?>
<div class="warning">Invocation error, no group ID selected</div>
<?php
}
}
printFooter();
# vim: ts=4
?>
webui/user-groups.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Module: Policy delete
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
session_start();
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
$db = connect_db();
printHeader(array(
"Tabs" => array(
"Back to user list" => "user-main.php"
),
));
?>
<p class="pageheader">Groups List</p>
<form id="main_form" action="user-groups.php" method="post">
<div class="textcenter">
Action
<select id="main_form_action" name="frmaction"
onchange="
var myform = document.getElementById('main_form');
var myobj = document.getElementById('main_form_action');
if (myobj.selectedIndex == 2) {
myform.action = 'user-groups-add.php';
} else if (myobj.selectedIndex == 3) {
myform.action = 'user-groups-delete.php';
}
myform.submit();
">
<option selected="selected">select action</option>
<option disabled="disabled"> - - - - - - - - - - - </option>
<option value="add">Assign Group</option>
<option value="delete">Remove Group Assignment</option>
</select>
</div>
<p />
<table class="results" style="width: 75%;">
<tr class="resultstitle">
<td class="textcenter">ID</td>
<td class="textcenter">Name</td>
<td class="textcenter">Priority</td>
<td class="textcenter">Disabled</td>
<td class="textcenter">Comment</td>
</tr>
<?php
if (isset($_POST['user_id'])) {
$sql = "SELECT GroupID FROM ${DB_TABLE_PREFIX}users_to_groups WHERE UserID = ".$_POST['user_id'];
$res = $db->query($sql);
$rownums = 0;
while ($row = $res->fetchObject()) {
if ($row->groupid != NULL) {
$rownums = $rownums + 1;
} else {
$rownums = $rownums - 1;
}
$sql = "SELECT ID, Name, Priority, Disabled, Comment FROM ${DB_TABLE_PREFIX}groups WHERE ID = ".$row->groupid;
$result = $db->query($sql);
while ($row = $result->fetchObject()) {
?>
<tr class="resultsitem">
<td><input type="radio" name="group_id" value="<?php echo $row->id ?>"/></td>
<td><?php echo $row->name ?></td>
<td><?php echo $row->priority ?></td>
<td class="textcenter"><?php echo $row->disabled ? 'yes' : 'no' ?></td>
<td><?php echo $row->comment ?></td>
</tr>
<?php
}
$result->closeCursor();
}
$res->closeCursor();
if ($rownums <= 0) {
?>
<p />
<tr>
<td colspan="5" class="textcenter">User doesn't belong to any groups</td>
</tr>
<?php
}
unset($rownums);
} else {
?>
<div class="warning">Invocation error, no user ID selected</div>
<?php
}
?>
</table>
</form>
<?php
$_SESSION['groups_user_id'] = $_POST['user_id'];
printFooter();
# vim: ts=4
?>
webui/user-logs.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Module: Policy delete
# Copyright (C) 2008, LinuxRulz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
include("includes/radiuscodes.php");
$db = connect_db();
printHeader(array(
"Tabs" => array(
"Back to user list" => "user-main.php"
),
));
?>
<p class="pageheader">User Log</p>
<?php
if (isset($_POST['user_id'])) {
# Which user in the accounting table should we look for?
$stmt = $db->prepare("SELECT Username FROM ${DB_TABLE_PREFIX}users WHERE ID = ?");
$stmt->execute(array($_POST['user_id']));
$row = $stmt->fetchObject();
$stmt->closeCursor();
$getuser = $row->username;
?>
<form id="main_form" action="user-logs.php" method="post">
<!-- User input from and to dates -->
<div>
<table>
<tr>
<td>From (yyyy-mm-dd)</td>
</tr>
<tr>
<td><input type="text" name="date_from" /></td>
</tr>
<tr>
<td>To (yyyy-mm-dd)</td>
</tr>
<tr>
<td><input type="text" name="date_to" /></td>
</tr>
<tr>
<input type="hidden" name="user_id" value=<?php echo $_POST['user_id']; ?> />
<td><input type="submit" value="Get results" /></td>
</tr>
</table>
</div>
</form>
<p />
<!-- Tables headings -->
<table class="results" style="width: 75%;">
<tr class="resultstitle">
<td class="textcenter">EventTimestamp</td>
<td class="textcenter">ServiceType</td>
<td class="textcenter">FramedProtocol</td>
<td class="textcenter">NASPort</td>
<td class="textcenter">NASPortType</td>
<td class="textcenter">CallingSationID</td>
<td class="textcenter">CalledStationID</td>
<td class="textcenter">NASPortID</td>
<td class="textcenter">AcctSessionID</td>
<td class="textcenter">FramedIPAddress</td>
<td class="textcenter">AcctAuthentic</td>
<td class="textcenter">NASIdentifier</td>
<td class="textcenter">NASIPAddress</td>
<td class="textcenter">AcctDelayTime</td>
<td class="textcenter">AcctSessionTime</td>
<td class="textcenter">Data-Input</td>
<td class="textcenter">Data-Output</td>
<td class="textcenter">AcctStatusType</td>
<td class="textcenter">AcctTerminateCause</td>
</tr>
<?php
# Extra SQL
$extraSQL = "";
$extraSQLVals = array();
$limitSQL = "";
# Do we have a from date?, if so add it to our query
if (isset($_POST['date_from'])) {
$extraSQL .= " AND EventTimestamp >= ?";
array_push($extraSQLVals,$_POST['date_from']);
}
# Do we have a from date?, if so add it to our query
if (isset($_POST['date_to'])) {
$extraSQL .= " AND EventTimestamp <= ?";
array_push($extraSQLVals,$_POST['date_to']);
}
# Modify if we had a partial search or no search
if (count($extraSQLVals) < 2) {
$limitSQL = "LIMIT 50";
}
# Query to get all default data
$sql = "
SELECT
EventTimestamp,
ServiceType,
FramedProtocol,
NASPort,
NASPortType,
CallingStationID,
CalledStationID,
NASPortID,
AcctSessionID,
FramedIPAddress,
AcctAuthentic,
NASIdentifier,
NASIPAddress,
AcctDelayTime,
AcctSessionTime,
AcctInputOctets,
AcctInputGigawords,
AcctOutputOctets,
AcctOutputGigawords,
AcctStatusType,
AcctTerminateCause
FROM
${DB_TABLE_PREFIX}accounting
WHERE
Username = '$getuser'
$extraSQL
ORDER BY
EventTimestamp
DESC
$limitSQL
";
$res = $db->prepare($sql);
$res->execute($extraSQLVals);
$totalInputData = 0;
$totalOutputData = 0;
$totalSessionTime = 0;
$rownums = 0;
while ($row = $res->fetchObject()) {
if ($row->eventtimestamp != NULL) {
$rownums = $rownums + 1;
} else {
$rownums = $rownums - 1;
}
# Data usage
# ==========
# Input
$inputDataItem = 0;
if (!empty($row->acctinputoctets) && $row->acctinputoctets > 0) {
$inputDataItem = ($row->accinputoctets / 1024 / 1024);
}
if (!empty($row->acctinputgigawords) && $row->inputgigawords > 0) {
$inputDataItem = ($row->acctinputgigawords * 4096);
}
if ($inputDataItem != 0) {
$inputDataItemDisplay = ceil($inputDataItem * 100)/100;
} else {
$inputDataItemDisplay = 0;
}
$totalInputData = $totalInputData + $inputDataItem;
# Output
$outputDataItem = 0;
if (!empty($row->acctoutputoctets) && $row->acctoutputoctets > 0) {
$outputDataItem = ($row->acctoutputoctets / 1024 / 1024);
}
if (!empty($row->acctoutputgigawords) && $row->acctoutputgigawords > 0) {
$outputDataItem = ($row->acctoutputgigawords * 4096);
}
if ($outputDataItem != 0) {
$outputDataItem = ceil($outputDataItem * 100)/100;
} else {
$outputDataItem = 0;
}
$totalOutputData = $totalOutputData + $outputDataItem;
# Add up time
if (!empty($row->acctsessiontime) && $row->acctsessiontime > 0) {
$sessionTimeItem = $row->acctsessiontime / 60;
$sessionTimeItem = ceil($sessionTimeItem * 100)/100;
}
$totalSessionTime = $totalSessionTime + $sessionTimeItem;
$totalSessionTime = ceil($totalSessionTime * 100)/100;
?>
<tr class="resultsitem">
<td class="textcenter"><?php echo $row->eventtimestamp; ?></td>
<td class="textcenter"><?php echo $row->servicetype; ?></td>
<td class="textcenter"><?php echo $row->framedprotocol; ?></td>
<td class="textcenter"><?php echo $row->nasport; ?></td>
<td class="textcenter"><?php echo $row->nasporttype; ?></td>
<td class="textcenter"><?php echo $row->callingstationid; ?></td>
<td class="textcenter"><?php echo $row->calledstationid; ?></td>
<td class="textcenter"><?php echo $row->nasportid; ?></td>
<td class="textcenter"><?php echo $row->acctsessionid; ?></td>
<td class="textcenter"><?php echo $row->framedipaddress; ?></td>
<td class="textcenter"><?php echo $row->acctauthentic; ?></td>
<td class="textcenter"><?php echo $row->nasidentifier; ?></td>
<td class="textcenter"><?php echo $row->nasipaddress; ?></td>
<td class="textcenter"><?php echo $row->acctdelaytime; ?></td>
<td class="textcenter"><?php echo $sessionTimeItem; ?> Min</td>
<td class="textcenter"><?php echo $inputDataItem; ?> MB</td>
<td class="textcenter"><?php echo $outputDataItem; ?> MB</td>
<td class="textcenter"><?php echo $row->acctstatustype; ?></td>
<td class="textcenter"><?php echo strRadiusTermCode($row->acctterminatecause); ?></td>
</tr>
<?php
}
$res->closeCursor();
if ($rownums <= 0) {
?>
<tr>
<td colspan="23" class="textcenter">No logs found for user: <?php echo $getuser ?></td>
</tr>
<?php
} else {
?>
<tr class="resultsitem">
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter"></td>
<td class="textcenter" style="font-weight: bold;"><? echo $totalSessionTime ?> Min</td>
<td class="textcenter" style="font-weight: bold;"><? echo $totalInputData ?> MB</td>
<td class="textcenter" style="font-weight: bold;"><? echo $totalOutputData ?> MB</td>
<td class="textcenter"></td>
<td class="textcenter"></td>
</tr>
<?php
}
?>
</table>
<?php
} else {
?>
<div class="warning">No user selected</div>
<?php
}
?>
<?php
printFooter();
# vim: ts=4
?>
webui/user-main.php deleted 100644 → 0
View file @ daf4bbd2
<?php
# Radius User List
# Copyright (C) 2008-2009, AllWorldIT
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
$db = connect_db();
printHeader(array(
));
# If we have no action, display list
if (!isset($_POST['frmaction']))
{
?>
<p class="pageheader">User List</p>
<form id="main_form" action="user-main.php" method="post">
<div class="textcenter">
Action
<select id="main_form_action" name="frmaction"
onchange="
var myform = document.getElementById('main_form');
var myobj = document.getElementById('main_form_action');
if (myobj.selectedIndex == 2) {
myform.action = 'user-add.php';
} else if (myobj.selectedIndex == 3) {
myform.action = 'user-delete.php';
} else if (myobj.selectedIndex == 5) {
myform.action = 'user-attributes.php';
} else if (myobj.selectedIndex == 6) {
myform.action = 'user-groups.php';
} else if (myobj.selectedIndex == 7) {
myform.action = 'user-logs.php';
}
myform.submit();
">
<option selected="selected">select action</option>
<option disabled="disabled"> - - - - - - - - - - - </option>
<option value="add">Add User</option>
<option value="delete">Delete User</option>
<option disabled="disabled"> - - - - - - - - - - - </option>
<option value="useratts">List User Attributes</option>
<option value="usergroups">List User Groups</option>
<option value="defaultlist">User Log</option>
</select>
</div>
<p />
<table class="results" style="width: 75%;">
<tr class="resultstitle">
<td class="textcenter">ID</td>
<td class="textcenter">Username</td>
<td class="textcenter">Disabled</td>
</tr>
<?php
$sql = "SELECT ID, Username, Disabled FROM ${DB_TABLE_PREFIX}users ORDER BY ID ASC";
$res = $db->query($sql);
$rownums = 0;
# List users
while ($row = $res->fetchObject()) {
if ($row->id != NULL) {
$rownums = $rownums + 1;
} else {
$rownums = $rownums - 1;
}
?>
<tr class="resultsitem">
<td><input type="radio" name="user_id" value="<?php echo $row->id ?>"/><?php echo $row->id ?></td>
<td><?php echo $row->username ?></td>
<td class="textcenter"><?php echo $row->disabled ? 'yes' : 'no' ?></td>
</tr>
<?php
}
$res->closeCursor();
if ($rownums <= 0) {
?>
<p />
<tr>
<td colspan="3" class="textcenter">Group list is empty</td>
</tr>
<?php
}
unset($rownums);
?>
</table>
</form>
<?php
}
printFooter();
# vim: ts=4
?>
webui1/shared-php/auth.php webui/user/include/auth.php
View file @ b659b33b
<?php
# Authentication class
#
# Copyright (c) 2005-2008, AllWorldIT
# Copyright (C) 2007-2015, AllWorldIT
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
......@@ -17,16 +16,14 @@
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
$soap_location = "http://localhost:1080";
include('include/db.php');
# Authentication class
class Auth {
var $loggedIn = false;
var $username = "";
var $key = "";
var $section = "";
var $loginBoxUsername = "Username";
var $loginBoxMsg = "";
......@@ -36,17 +33,13 @@ class Auth {
function _unsetSession() {
$this->loggedIn = $_SESSION['loggedIn'] = false;
$this->username = $_SESSION['username'] = "";
$this->key = $_SESSION['key'] = "";
$this->section = $_SESSION['section'] = "";
}
# Populate session
function _setSession($username,$key) {
function _setSession($username) {
$this->loggedIn = $_SESSION['loggedIn'] = true;
$this->username = $_SESSION['username'] = $username;
$this->key = $_SESSION['key'] = $key;
$this->section = $_SESSION['section'] = $this->section;
}
......@@ -54,8 +47,6 @@ class Auth {
function _loadSession() {
$this->loggedIn = $_SESSION['loggedIn'];
$this->username = $_SESSION['username'];
$this->key = $_SESSION['key'];
$this->section = $_SESSION['section'];
}
......@@ -68,12 +59,6 @@ class Auth {
# Check if we logged in, if we are pull in data
if (isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] == true) {
$this->_loadSession();
if ($this->section != $section) {
$this->logout("Login section mismatch!");
}
} else {
# Set section
$this->section = $section;
}
}
......@@ -86,12 +71,58 @@ class Auth {
# Login
function _login($username,$password) {
global $soap_location;
$this->_setSession("joesoap","mykey");
global $db;
global $DB_TABLE_PREFIX;
// Authenticate user with SQL, do query for password, compare ... if matches set session
// Check if user exists
$sql = "SELECT
Username, ID
FROM
${DB_TABLE_PREFIX}users
WHERE
Username = ".$db->quote($username)."
";
$res = $db->query($sql);
if (!$res) {
return -1;
}
return 0;
$row = $res->fetchObject();
# Check if we actually have a user...
if (!$row) {
# If not .... reject
return -1;
}
# We're done, close
$res->closeCursor();
# Save username for later
$username = $row->username;
# Now check password
$sql = "SELECT
Value
FROM
${DB_TABLE_PREFIX}user_attributes
WHERE
Name = 'User-Password'
AND
UserID = ".$db->quote($row->id)."
";
$res = $db->query($sql);
$row = $res->fetchObject();
# We're done, close
$res->closeCursor();
if ($row->value == $password) {
$this->_setSession($username,$row->value);
return 0;
} else {
return -1;
}
}
......@@ -111,7 +142,7 @@ class Auth {
<?php
displayError($this->loginBoxMsg);
?>
<table class="block-center">
<table class="blockcenter">
<tr>
<td><?php echo $this->loginBoxUsername ?></td>
<td><input type="text" name="username" /></td>
......@@ -141,15 +172,10 @@ class Auth {
$res = 0;
break;
case -1:
case -3:
$this->loginBoxMsg = $this->loginBoxUsername. " or Password invalid.";
break;
case -2:
$this->loginBoxMsg = "Cannot connect to SOAP server, please contact your ISP.";
break;
case -4:
default:
$this->loginBoxMsg = "Unknown error contacting SOAP server, please contact your ISP.";
$this->loginBoxMsg = "Unknown error, please contact your ISP.";
break;
}
} else {
......@@ -168,4 +194,5 @@ class Auth {
}
# vim: ts=4
?>
webui/user/include/config.php 0 → 100644
View file @ b659b33b
<?php
# User Control Panel UI Config
# Copyright (C) 2007-2015, AllWorldIT
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# mysql:host=xx;dbname=yyy
#
# pgsql:host=xx;dbname=yyy
#
# sqlite:////full/unix/path/to/file.db?mode=0666
#
#$DB_DSN="sqlite:////tmp/cluebringer.sqlite";
$DB_DSN="mysql:host=localhost;dbname=smradius";
$DB_USER="root";
$DB_PASS="root";
#$DB_PASS="";
$DB_TABLE_PREFIX="";
# vim: ts=4
?>
webui/includes/tooltips.php webui/user/include/db.php
View file @ b659b33b
<?php
# Tooltip handling code
# Copyright (C) 2008, LinuxRulz
# Database Interface
# Copyright (C) 2007-2015, AllWorldIT
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
......@@ -16,15 +16,32 @@
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
include_once("includes/tooltipdata.php");
require_once('include/config.php');
# Create tooltip
function tooltip($text)
# Connect to DB
function connect_db()
{
global $tooltips;
?>
<span id="tip"><img src="images/help.gif" alt="Tooltip" title="<?php echo htmlspecialchars($tooltips[$text]) ?>" /></span>
<?php
global $DB_DSN;
global $DB_USER;
global $DB_PASS;
try {
$dbh = new PDO($DB_DSN, $DB_USER, $DB_PASS, array(
PDO::ATTR_PERSISTENT => false
));
$dbh->setAttribute(PDO::ATTR_CASE,PDO::CASE_LOWER);
} catch (PDOException $e) {
die("Error connecting to Policyd v2 DB: " . $e->getMessage());
}
return $dbh;
}
# Grab DB handle
$db = connect_db();
# vim: ts=4
?>