webui/user/include/version.php

 <?php
 # Versioning for this interface
-# Copyright (C) 2007-2009, AllWorldIT
+# Copyright (C) 2007-2015, AllWorldIT
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -19,7 +19,7 @@
 
 
 
-$VERSION = "0.4.0b1";
+$VERSION = "0.0.3a";
 
 # vim: ts=4
 ?>

webui/user/index.php

 <?php
 # Main User Control Panel Page
-# Copyright (c) 2007-2009, AllWorldIT
+# Copyright (c) 2007-2015, AllWorldIT
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -25,364 +25,545 @@ include("include/header.php");
 # NB: We will only end up here if we authenticated!
 
 
+# Displays error
+function webuiError($msg) {
+	echo isset($msg) ? $msg : "Unknown error";
+}
+
+
 # Display details
 function displayDetails() { 
 	global $db;
 	global $DB_TABLE_PREFIX;
 
-	$userName = $_SESSION['username'];
-
 	# Get user's ID
 	$sql = "
 		SELECT
-				ID
+			ID, Username
 		FROM
-				${DB_TABLE_PREFIX}users
+			${DB_TABLE_PREFIX}users
 		WHERE
-				Username = '$userName'
-		";
-
+			Username = ".$db->quote($_SESSION['username'])."
+	";
 	$res = $db->query($sql);
+	if (!(is_object($res))) {
+		webuiError("Error fetching user information");
+	}
+
 	$row = $res->fetchObject();
+
+	# Set user ID
 	$userID = $row->id;
+	$username = $row->username;
 
 	# Get accounting data
 	$currentMonth = date("Y-m");
 
 	$sql = "
 		SELECT
-				AcctSessionTime,
-				AcctInputOctets,
-				AcctInputGigawords,
-				AcctOutputOctets,
-				AcctOutputGigawords
+			SUM(AcctSessionTime) / 60 AS AcctSessionTime,
+			SUM(AcctInputOctets) / 1024 / 1024 +
+			SUM(AcctInputGigawords) * 4096 +
+			SUM(AcctOutputOctets) / 1024 / 1024 +
+			SUM(AcctOutputGigawords) * 4096 AS TotalTraffic
 		FROM
-				${DB_TABLE_PREFIX}accounting
+			${DB_TABLE_PREFIX}accounting
 		WHERE
-				Username = '$userName'
+			Username = ".$db->quote($username)."
 		AND
-				EventTimestamp >= '$currentMonth'
-		ORDER BY
-				EventTimestamp
-		DESC
-		";
-
+			PeriodKey = ".$db->quote($currentMonth)."
+	";
 	$res = $db->query($sql);
+	if (!(is_object($res))) {
+		webuiError("Error fetching user accounting");
+	}
 
-	$totalData = 0;
-	$totalInputData = 0;
-	$totalOutputData = 0;
-	$totalSessionTime = 0;
+	# Set total traffic and uptime used
+	$totalTraffic = 0;
+	$totalUptime = 0;
 
-	while ($row = $res->fetchObject()) {
+	# Pull in row
+	$row = $res->fetchObject();
+
+	# Traffic
+	if (isset($row->totaltraffic) && $row->totaltraffic > 0) {
+		$totalTraffic += $row->totaltraffic;
+	}
+	# Uptime
+	if (isset($row->acctsessiontime) && $row->acctsessiontime > 0) {
+		$totalUptime += $row->acctsessiontime;
+	}
 
-		# Input
-		$inputDataItem = 0;
+	# Fetch user uptime and traffic cap (group attributes)
+	$sql = "
+		SELECT
+			${DB_TABLE_PREFIX}group_attributes.Name, ${DB_TABLE_PREFIX}group_attributes.Value
+		FROM
+			${DB_TABLE_PREFIX}group_attributes, ${DB_TABLE_PREFIX}users_to_groups
+		WHERE
+			${DB_TABLE_PREFIX}users_to_groups.GroupID = ${DB_TABLE_PREFIX}group_attributes.GroupID
+			AND ${DB_TABLE_PREFIX}users_to_groups.UserID = ".$db->quote($userID)."
+			AND ${DB_TABLE_PREFIX}group_attributes.Disabled = 0
+	";
+	$res = $db->query($sql);
+	if (!(is_object($res))) {
+		webuiError("Error fetching user attributes");
+	}
 
-		if (!isset($row->acctinputoctets) && $row->acctinputoctets > 0) {
-			$inputDataItem += ($row->accinputoctets / 1024 / 1024);
+	# Initial values
+	$trafficCap = "Prepaid";
+	$uptimeCap = "Prepaid";
+	while ($row = $res->fetchObject()) {
+		if ($row->name === "SMRadius-Capping-Traffic-Limit") {
+			$trafficCap = (int)$row->value;
 		}
-		if (!empty($row->acctinputgigawords) && $row->inputgigawords > 0) {
-			$inputDataItem += ($row->acctinputgigawords * 4096);
+		if ($row->name === "SMRadius-Capping-Uptime-Limit") {
+			$uptimeCap = (int)$row->value;
 		}
+	}
 
-		$totalInputData += $inputDataItem;
-
-		# Output
-		$outputDataItem = 0;
+	# Fetch user uptime and traffic cap (user attributes)
+	$sql = "
+		SELECT
+			Name, Value
+		FROM
+			${DB_TABLE_PREFIX}user_attributes
+		WHERE
+			UserID = ".$db->quote($userID)."
+			AND Disabled = 0
+	";
+	$res = $db->query($sql);
+	if (!(is_object($res))) {
+		webuiError("Error fetching user attributes");
+	}
 
-		if (!empty($row->acctoutputoctets) && $row->acctoutputoctets > 0) {
-			$outputDataItem += ($row->acctoutputoctets / 1024 / 1024);
+	# Override group_attributes with user attributes
+	while ($row = $res->fetchObject()) {
+		if ($row->name === "SMRadius-Capping-Traffic-Limit") {
+			$trafficCap = (int)$row->value;
 		}
-		if (!empty($row->acctoutputgigawords) && $row->acctoutputgigawords > 0) {
-			$outputDataItem += ($row->acctoutputgigawords * 4096);
+		if ($row->name === "SMRadius-Capping-Uptime-Limit") {
+			$uptimeCap = (int)$row->value;
 		}
+	}
 
-		$totalOutputData += $outputDataItem;
+	# Fetch user uptime and traffic summary
+	$sql = "
+		SELECT
+			${DB_TABLE_PREFIX}topups_summary.Balance,
+			${DB_TABLE_PREFIX}topups.Type,
+			${DB_TABLE_PREFIX}topups.Value,
+			${DB_TABLE_PREFIX}topups.ValidFrom,
+			${DB_TABLE_PREFIX}topups.ValidTo
+		FROM
+			${DB_TABLE_PREFIX}topups_summary,
+			${DB_TABLE_PREFIX}topups
+		WHERE
+			${DB_TABLE_PREFIX}topups_summary.TopupID = ${DB_TABLE_PREFIX}topups.ID
+			AND ${DB_TABLE_PREFIX}topups.UserID = ".$db->quote($userID)."
+			AND ${DB_TABLE_PREFIX}topups_summary.PeriodKey = ".$db->quote($currentMonth)."
+			AND ${DB_TABLE_PREFIX}topups_summary.Depleted = 0
+		ORDER BY
+			${DB_TABLE_PREFIX}topups.Timestamp ASC
+	";
+	$res = $db->query($sql);
+	if (!(is_object($res))) {
+		webuiError("Error fetching topup summaries");
+	}
 
-		$totalData += $totalInputData + $totalOutputData;
+	# Store summary topups
+	$topups = array();
+	$i = 0;
+	while ($row = $res->fetchObject()) {
 
-		# Time calculation
-		$sessionTimeItem = 0;
-		if (!empty($row->acctsessiontime) && $row->acctsessiontime > 0) {
-			$sessionTimeItem += ($row->acctsessiontime - ($row->acctsessiontime % 60)) / 60;
-		}
+		$topups[$i] = array();
 
-		$totalSessionTime += $sessionTimeItem;
+		$topups[$i]['Type'] = $row->type;
+		$topups[$i]['CurrentLimit'] = $row->balance;
+		$topups[$i]['Limit'] = $row->value;
+		$topups[$i]['ValidFrom'] = $row->validfrom;
+		$topups[$i]['Expires'] = $row->validto;
 
+		$i++;
 	}
 
+	# Fetch user uptime and traffic topups
+	$thisMonthTimestamp = date("Y-m").'-01';
+	$now = date("Y-m-d");
 	$sql = "
-			SELECT
-					Name, Value
-			FROM
-					${DB_TABLE_PREFIX}user_attributes
-			WHERE
-					UserID = '$userID'
-			";
-
+		SELECT
+			Value, Type, ValidFrom, ValidTo
+		FROM
+			topups
+		WHERE
+			UserID = ".$db->quote($userID)."
+			AND ValidFrom = ".$db->quote($thisMonthTimestamp)."
+			AND ValidTo >= ".$db->quote($now)."
+			AND Depleted = 0
+		ORDER BY
+			Timestamp ASC
+	";
 	$res = $db->query($sql);
+	if (!(is_object($res))) {
+		webuiError("Error fetching topup");
+	}
 
-	$userPhone = "Unavailable";
-	$userEmail = "Unavailable";
-	$userCap = "Unavailable";
-	$dataCap = "Unavailable";
-	$timeCap = "Unavailable";
-	$userService = "Unavailable";
-
+	# Store normal topups
 	while ($row = $res->fetchObject()) {
-		if ($row->name == "SMRadius-Notify-Phone") {
-			$userPhone = $row->value;
-		}
-		if ($row->name == "SMRadius-Notify-Email") {
-			$userEmail = $row->value;
-		}
-		if ($row->name == "SMRadius-Capping-Traffic-Limit") {
-			$dataCap = $row->value;
-		}
-		if ($row->name == "SMRadius-Capping-UpTime-Limit") {
-			$timeCap = $row->value;
-		}
-		if ($row->name == "SMRadius-User-Service") {
-			$userService = $row->value;
-		}
+		$topups[$i] = array();
+		$topups[$i]['Type'] = $row->type;
+		$topups[$i]['Limit'] = $row->value;
+		$topups[$i]['ValidFrom'] = $row->validfrom;
+		$topups[$i]['Expires'] = $row->validto;
+
+		$i++;
 	}
 
-	$isDialup = 0;
+	# Calculate topup usage for prepaid and normal users
+	$totalTrafficTopupsAvail = 0;
+	if (!(is_numeric($trafficCap) && $trafficCap == 0)) {
 
-?>
+		# Excess usage
+		$excess = 0;
+		if ($trafficCap === "Prepaid") {
+			$excess = $totalTraffic;
+		} else {
+			$excess = $totalTraffic > $trafficCap ? ($totalTraffic - $trafficCap) : 0;
+		}
 
-	<table class="blockcenter">
-		<tr>
-			<td colspan="2" class="section">Account Information</td>
-		</tr>
-		<tr>
-			<td class="title">Username</td>
-			<td class="value"><?php echo $userName; ?></td>
-		</tr>
-		<tr>
-			<td class="title">Service</td>
-			<td class="value"><?php echo $userService; ?></td>
-		</tr>
+		# Loop through all valid topups
+		$trafficRows = array();
+		$i = 0;
+		foreach ($topups as $topup) {
 
-<?php
+			# Traffic topups
+			if ($topup['Type'] == 1) {
 
-		# Only display cap for DSL users
-		if (!$isDialup) {
+				# Topup not currently in use
+				if ($excess <= 0) {
+					$trafficRows[$i] = array();
 
-?>
+					$trafficRows[$i]['Cap'] = $topup['Limit'];
+					$trafficRows[$i]['Used'] = isset($topup['CurrentLimit']) ? ($topup['Limit'] - $topup['CurrentLimit']) : 0;
+					$trafficRows[$i]['ValidFrom'] = $topup['ValidFrom'];
+					$trafficRows[$i]['Expires'] = $topup['Expires'];
 
-			<tr>
-				<td colspan="2" class="section">Usage Info</td>
-			</tr>
-			<tr>
-				<td class="title">Bandwidth Cap</td>
-				<td class="title">Used This Month</td>
-			</tr>
-			<tr>
-				<td class="value"><?php echo $dataCap; ?> MB</td>
-				<td class="value"><?php printf('%.2f', $totalData); ?> MB</td>
-			</tr>
-			<tr>
-				<td class="title">Time Cap</td>
-				<td class="title">Used This Month</td>
-			</tr>
-			<tr>
-				<td class="value"><?php echo $timeCap; ?> Min</td>
-				<td class="value"><?php echo $totalSessionTime; ?> Min</td>
-			</tr>
-			<tr>
-				<td colspan="2" class="section">Notifications</td>
-			</tr>
-			<form method="post">
-			<tr>
-				<td class="title">Email Address</td>
-				<td class="value">
-					<input type="text" name="notifyMethodEmail"><?php echo $userEmail; ?></input>
-				</td>
-			</tr>
-			<tr>
-				<td class="title">Cell Number</td>
-				<td class="value">
-					<input type="text" name="notifyMethodCell"><?php echo $userPhone; ?></input>
-				</td>
-			</tr>
-			</form>
+					# Set total available topups
+					$totalTrafficTopupsAvail += isset($topup['CurrentLimit']) ? $topup['CurrentLimit'] : $topup['Limit'];
 
-<?php
+					$i++;
 
-		}
+				# Topup currently in use
+				} elseif (!isset($topup['CurrentLimit']) && $excess < $topup['Limit']) {
+					$trafficRows[$i] = array();
 
-?>
+					$trafficRows[$i]['Cap'] = $topup['Limit'];
+					$trafficRows[$i]['Used'] = $excess;
+					$trafficRows[$i]['ValidFrom'] = $topup['ValidFrom'];
+					$trafficRows[$i]['Expires'] = $topup['Expires'];
 
-		<tr>
-			<td></td>
-			<td></td>
-		</tr>
-		<tr>
-			<td colspan="2" align="center">
-				<a href="logs.php">Usage Logs</a>
-			</td>
-		</tr>
-	</table>
+					# Set total available topups
+					$totalTrafficTopupsAvail += $topup['Limit'];
 
-	<br><br>
+					# Set current topup
+					$currentTrafficTopup = array();
+					$currentTrafficTopup['Used'] = $excess;
+					$currentTrafficTopup['Cap'] = $topup['Limit'];
 
-	<font size="-1">
-		Note:
-		<li>Please contact your ISP if you have any problem using this interface.</li>
-	</font>
+					# If we hit this topup then all the rest of them are available
+					$excess = 0;
 
-<?php
+					$i++;
 
-}
+				} elseif (isset($topup['CurrentLimit']) && $excess < $topup['CurrentLimit']) {
+					$trafficRows[$i] = array();
 
-# If this is a post and we're updating
-if (isset($_POST['notifyUpdate']) && $_POST['notifyUpdate'] == "update") {
+					$trafficRows[$i]['Cap'] = $topup['Limit'];
+					$trafficRows[$i]['Expires'] = $topup['Expires'];
+					$trafficRows[$i]['ValidFrom'] = $topup['ValidFrom'];
 
-	$userName = $_SESSION['username'];
+					$trafficRows[$i]['Used'] = ($topup['Limit'] - $topup['CurrentLimit']) + $excess;
 
-	# Get user's ID
-	$sql = "
-		SELECT
-				ID
-		FROM
-				${DB_TABLE_PREFIX}users
-		WHERE
-				Username = '$userName'
-		";
+					# Set total available topups
+					$totalTrafficTopupsAvail += $topup['CurrentLimit'];
 
-	$res = $db->query($sql);
-	$row = $res->fetchObject();
-	$userID = $row->id;
+					# Set current topup
+					$currentTrafficTopup = array();
+					$currentTrafficTopup['Used'] = ($topup['Limit'] - $topup['CurrentLimit']) + $excess;
+					$currentTrafficTopup['Cap'] = $topup['Limit'];
 
-	$sql = "
-			SELECT
-					Name, Value
-			FROM
-					${DB_TABLE_PREFIX}user_attributes
-			WHERE
-					UserID = '$userID'
-			";
+					# If we hit this topup then all the rest of them are available
+					$excess = 0;
 
-	$res = $db->query($sql);
+					$i++;
 
-	$userPhone = "Unavailable";
-	$userEmail = "Unavailable";
+				# Topup has been used up
+				} else {
+					$trafficRows[$i] = array();
 
-	while ($row = $res->fetchObject()) {
-		if ($row->name == "SMRadius-Notify-Phone") {
-			$userPhone = $row->value;
-		}
-		if ($row->name == "SMRadius-Notify-Email") {
-			$userEmail = $row->value;
+					$trafficRows[$i]['Cap'] = $topup['Limit'];
+					$trafficRows[$i]['Used'] = $topup['Limit'];
+					$trafficRows[$i]['ValidFrom'] = $topup['ValidFrom'];
+					$trafficRows[$i]['Expires'] = $topup['Expires'];
+
+					# Subtract this topup from excess usage
+					$excess -= isset($topup['CurrentLimit']) ? $topup['CurrentLimit'] : $topup['Limit'];
+
+					$i++;
+				}
+			}
 		}
 	}
 
-	# If we want to update email address
-	if (isset($_POST['notifyMethodEmail']) && !empty($_POST['notifyMethodEmail'])) {
+	# Calculate topup usage for prepaid and normal users
+	$totalUptimeTopupsAvail = 0;
+	if (!(is_numeric($uptimeCap) && $uptimeCap == 0)) {
 
-		$db->beginTransaction();
+		# Excess usage
+		$excess = 0;
+		if ($uptimeCap === "Prepaid") {
+			$excess = $totalUptime;
+		} else {
+			$excess = $totalUptime > $uptimeCap ? ($totalUptime - $uptimeCap) : 0;
+		}
 
-		# Unavailble if no email address is set yet
-		if ($userEmail == "Unavailable") {
+		# Loop through all valid topups
+		$uptimeRows = array();
+		$i = 0;
+		foreach ($topups as $topup) {
 
-			# Prepare to insert email address for the first time
-			$emailStatement = $db->prepare("INSERT INTO 
-														${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
-											VALUES 
-														('$userID','SMRadius-Notify-Email','=*',?)
-											");
+			# Uptime topups
+			if ($topup['Type'] == 2) {
 
-			$emailResult = $emailStatement->execute(array($_POST['notifyMethodEmail'],));
+				# Topup not currently in use
+				if ($excess <= 0) {
+					$uptimeRows[$i] = array();
 
-			# If successful, commit
-			if ($emailResult) {
-				$db->commit();
-				echo "<center>Email address updated</center>";
-			# Else, rollback changes and give error
-			} else {
-				$db->rollback();
-				echo "<center>Error updating email address, please contact your ISP.</center>";
-			}
+					$uptimeRows[$i]['Cap'] = $topup['Limit'];
+					$uptimeRows[$i]['Used'] = isset($topup['CurrentLimit']) ? ($topup['Limit'] - $topup['CurrentLimit']) : 0;
+					$uptimeRows[$i]['ValidFrom'] = $topup['ValidFrom'];
+					$uptimeRows[$i]['Expires'] = $topup['Expires'];
 
-		} else {
-			# Prepare to update existing email address
-			$emailStatement = $db->prepare("UPDATE
-													${DB_TABLE_PREFIX}user_attributes
-											SET
-													Value = ? 
-											WHERE
-													Name = 'SMRadius-Notify-Email'
-											AND
-													UserID = '$userID'
-											");
-
-			$emailResult = $emailStatement->execute(array($_POST['notifyMethodEmail'],));
-
-			# If successful, commit
-			if ($emailResult) {
-				$db->commit();
-				echo "<center>Email address updated</center>";
-			# Else, rollback changes and give error
-			} else {
-				$db->rollback();
-				echo "<center>Error updating email address, please contact your ISP.</center>";
+					# Set total available topups
+					$totalUptimeTopupsAvail += isset($topup['CurrentLimit']) ? $topup['CurrentLimit'] : $topup['Limit'];
+
+					$i++;
+
+				# Topup currently in use
+				} elseif (!isset($topup['CurrentLimit']) && $excess < $topup['Limit']) {
+					$uptimeRows[$i] = array();
+
+					$uptimeRows[$i]['Cap'] = $topup['Limit'];
+					$uptimeRows[$i]['Used'] = $excess;
+					$uptimeRows[$i]['ValidFrom'] = $topup['ValidFrom'];
+					$uptimeRows[$i]['Expires'] = $topup['Expires'];
+
+					# Set total available topups
+					$totalUptimeTopupsAvail += $topup['Limit'];
+
+					# Set current topup
+					$currentUptimeTopup = array();
+					$currentUptimeTopup['Used'] = $excess;
+					$currentUptimeTopup['Cap'] = $topup['Limit'];
+
+					# If we hit this topup then all the rest of them are available
+					$excess = 0;
+
+					$i++;
+
+				} elseif (isset($topup['CurrentLimit']) && $excess < $topup['CurrentLimit']) {
+					$uptimeRows[$i] = array();
+
+					$uptimeRows[$i]['Cap'] = $topup['Limit'];
+					$uptimeRows[$i]['Expires'] = $topup['Expires'];
+					$uptimeRows[$i]['ValidFrom'] = $topup['ValidFrom'];
+
+					$uptimeRows[$i]['Used'] = ($topup['Limit'] - $topup['CurrentLimit']) + $excess;
+
+					# Set total available topups
+					$totalUptimeTopupsAvail += $topup['CurrentLimit'];
+
+					# Set current topup
+					$currentUptimeTopup = array();
+					$currentUptimeTopup['Used'] = ($topup['Limit'] - $topup['CurrentLimit']) + $excess;
+					$currentUptimeTopup['Cap'] = $topup['Limit'];
+
+					# If we hit this topup then all the rest of them are available
+					$excess = 0;
+
+					$i++;
+
+				# Topup has been used up
+				} else {
+					$uptimeRows[$i] = array();
+
+					$uptimeRows[$i]['Cap'] = $topup['Limit'];
+					$uptimeRows[$i]['Used'] = $topup['Limit'];
+					$uptimeRows[$i]['ValidFrom'] = $topup['ValidFrom'];
+					$uptimeRows[$i]['Expires'] = $topup['Expires'];
+
+					# Subtract this topup from excess usage
+					$excess -= isset($topup['CurrentLimit']) ? $topup['CurrentLimit'] : $topup['Limit'];
+
+					$i++;
+				}
 			}
 		}
 	}
 
-	# If we want to update phone number
-	if (isset($_POST['notifyMethodCell']) && !empty($_POST['notifyMethodCell'])) {
-
-		$db->beginTransaction();
-
-		# Unavailable if there is none found for this user
-		if ($userPhone == "Unavailable") {
-			# Prepare to insert first number
-			$phoneStatement = $db->prepare("INSERT INTO 
-														${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
-											VALUES 
-														('$userID','SMRadius-Notify-Phone','=*',?)
-											");
-
-			$phoneResult = $phoneStatement->execute(array($_POST['notifyMethodCell'],));
-
-			# If successful, commit
-			if ($phoneResult) {
-				$db->commit();
-				echo "<center>Mobile phone number updated</center>";
-			# Else, rollback changes and give error
-			} else {
-				$db->rollback();
-				echo "<center>Error updating mobile phone number, please contact your ISP.</center>";
+	# HTML
+?>
+	<table class="blockcenter">
+		<tr>
+			<td width="500" colspan="4" class="section">Account Information</td>
+		</tr>
+		<tr>
+			<td align="center" class="title">Username</td>
+			<td align="center" class="title">Traffic Cap</td>
+			<td align="center" class="title">Uptime Cap</td>
+		</tr>
+		<tr>
+			<td align="center" class="value"><?php echo $username; ?></td>
+			<td align="center" class="value">
+				<?php
+					if (is_numeric($trafficCap) && $trafficCap == 0) {
+						echo "Unlimited";
+					} elseif (is_string($trafficCap) && $trafficCap === "Prepaid") {
+						echo $trafficCap;
+					} else {
+						echo $trafficCap." MB";
+					}
+				?>
+			</td>
+			<td align="center" class="value">
+				<?php
+					if (is_numeric($uptimeCap) && $uptimeCap == 0) {
+						echo "Unlimited";
+					} elseif (is_string($uptimeCap) && $uptimeCap === "Prepaid") {
+						echo $uptimeCap;
+					} else {
+						echo $uptimeCap." MB";
+					}
+				?>
+			</td>
+		</tr>
+		<tr>
+			<td>&nbsp;</td>
+		</tr>
+		<tr>
+			<td colspan="4" class="section">Traffic Usage</td>
+		</tr>
+		<tr>
+			<td align="center" class="title">Active Topup</td>
+			<td align="center" class="title">Total Topup</td>
+			<td align="center" class="title">Total Usage</td>
+		</tr>
+			<td align="center" class="value">
+				<?php
+					if (isset($currentTrafficTopup) && (!(is_numeric($trafficCap) && $trafficCap == 0))) {
+						echo sprintf("%.2f",$currentTrafficTopup['Used'])."/".sprintf($currentTrafficTopup['Cap'])." MB";
+					} else {
+						echo "None";
+					}
+				?>
+			</td>
+			<td align="center" class="value"><?php echo $totalTrafficTopupsAvail." MB"; ?></td>
+			<td align="center" class="value"><?php echo sprintf("%.2f",$totalTraffic)." MB"; ?></td>
+		<tr>
+		</tr>
+		<tr>
+			<td>&nbsp;</td>
+		</tr>
+		<tr>
+			<td colspan="4" class="section">Uptime Usage</td>
+		</tr>
+		<tr>
+			<td align="center" class="title">Active Topup</td>
+			<td align="center" class="title">Total Topup</td>
+			<td align="center" class="title">Total Usage</td>
+		</tr>
+		<tr>
+			<td align="center" class="value">
+				<?php
+					if (isset($currentUptimeTopup) && (!(is_numeric($uptimeCap) && $uptimeCap == 0))) {
+						echo sprintf("%.2f",$currentUptimeTopup['Used'])."/".sprintf($currentUptimeTopup['Cap'])." MB";
+					} else {
+						echo "None";
+					}
+				?>
+			</td>
+			<td align="center" class="value"><?php echo $totalUptimeTopupsAvail." MB"; ?></td>
+			<td align="center" class="value"><?php echo sprintf("%.2f",$totalUptime)." Min"; ?></td>
+		</tr>
+	</table>
+	<p>&nbsp;</p>
+<?php
+	# Dont display if we unlimited
+	if (!(is_numeric($trafficCap) && $trafficCap == 0)) {
+?>
+		<table class="blockcenter">
+			<tr>
+				<td width="500" colspan="3" class="section">Topup Overview: Traffic</td>
+			</tr>
+			<tr>
+				<td align="center" class="title">Used</td>
+				<td align="center" class="title">Valid From</td>
+				<td align="center" class="title">Valid To</td>
+			</tr>
+<?php
+			foreach ($trafficRows as $trafficRow) {
+?>
+				<tr>
+					<td align="center" class="value">
+<?php
+							echo sprintf("%.2f",$trafficRow['Used'])."/".sprintf($trafficRow['Cap'])." MB";
+?>
+					</td>
+					<td align="center" class="value"><?php $validFrom = strtotime($trafficRow['ValidFrom']); echo date("Y-m-d",$validFrom);?></td>
+					<td align="center" class="value"><?php $validTo = strtotime($trafficRow['Expires']); echo date("Y-m-d",$validTo);?></td>
+				</tr>
+<?php
 			}
+?>
+		</table>
+<?php
+	}
 
-		} else {
-			# Prepare to update existing number 
-			$phoneStatement = $db->prepare("UPDATE
-													${DB_TABLE_PREFIX}user_attributes
-											SET
-													Value = ? 
-											WHERE
-													Name = 'SMRadius-Notify-Phone'
-											AND
-													UserID = '$userID'
-											");
-
-			$phoneResult = $phoneStatement->execute(array($_POST['notifyMethodPhone'],));
-
-			# If successful, commit
-			if ($emailResult) {
-				$db->commit();
-				echo "<center>Mobile phone number updated</center>";
-			# Else, rollback changes and give error
-			} else {
-				$db->rollback();
-				echo "<center>Error updating mobile phone number, please contact your ISP.</center>";
+	# Dont display if we unlimited
+	if (!(is_numeric($uptimeCap) && $uptimeCap == 0)) {
+?>
+		<p>&nbsp;</p>
+		<table class="blockcenter">
+			<tr>
+				<td width="500" colspan="3" class="section">Topup Overview: Uptime</td>
+			</tr>
+			<tr>
+				<td align="center" class="title">Used</td>
+				<td align="center" class="title">Valid From</td>
+				<td align="center" class="title">Valid To</td>
+			</tr>
+<?php
+			foreach ($uptimeRows as $uptimeRow) {
+?>
+				<tr>
+					<td align="center" class="value">
+<?php
+						echo sprintf("%.2f",$uptimeRow['Used'])."/".sprintf($uptimeRow['Cap'])." MB";
+?>
+					</td>
+					<td align="center" class="value"><?php $validFrom = strtotime($uptimeRow['ValidFrom']); echo date("Y-m-d",$validFrom);?></td>
+					<td align="center" class="value"><?php $validTo = strtotime($uptimeRow['Expires']); echo date("Y-m-d",$validTo);?></td>
+				</tr>
+<?php
 			}
-		}
+?>
+		</table>
+<?php
 	}
+?>
+	<p>&nbsp;</p>
+	<p align="center"><a href="logs.php">Usage Logs</a></p>
+<?php
 }
 
 displayDetails();

webui/user/logs.php

 <?php
 # Radius user logs
-# Copyright (C) 2007-2009, AllWorldIT
+# Copyright (C) 2007-2015, AllWorldIT
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -35,19 +35,56 @@ function displayLogs() {
 	global $db;
 	global $DB_TABLE_PREFIX;
 
-	$getuser = $_SESSION['username'];
-
 ?>
-
 	<table class="blockcenter" width="750">
 		<tr>
 			<td colspan="4" class="title">
 				<form method="POST">
 					<p class="middle center">
 					Display logs between
-					<input type="text" name="searchFrom" size="11" /> 
+<?php
+					# Validate dates before sending
+					if (isset($_POST['searchFrom'])) {
+						if (!(preg_match("/^\d{4}\-(0[1-9]|1[0-2])\-(0[1-9]|1[0-9]|2[0-9]|3[0-1])$/",$_POST['searchFrom']))) {
+							unset($_POST['searchFrom']);
+						}
+					}
+					if (isset($_POST['searchFrom'])) {
+						$searchFrom = date("Y-m-d",strtotime($_POST['searchFrom']));
+						$_POST['searchFrom'] = $searchFrom;
+					}
+					if (isset($_POST['searchFrom'])) {
+?>
+						<input type="text" name="searchFrom" size="11" value="<?php echo $_POST['searchFrom'] ?>"/> 
+<?php
+					} else {
+?>
+						<input type="text" name="searchFrom" size="11"/> 
+<?php
+					}
+?>
 					and 
-					<input type="text" name="searchTo"  size="11" />
+<?php
+					# Validate dates before sending
+					if (isset($_POST['searchTo'])) {
+						if (!(preg_match("/^\d{4}\-(0[1-9]|1[0-2])\-(0[1-9]|1[0-9]|2[0-9]|3[0-1])$/",$_POST['searchTo']))) {
+							unset($_POST['searchTo']);
+						}
+					}
+					if (isset($_POST['searchTo'])) {
+						$searchFrom = date("Y-m-d",strtotime($_POST['searchTo']));
+						$_POST['searchTo'] = $searchFrom;
+					}
+					if (isset($_POST['searchTo'])) {
+?>
+						<input type="text" name="searchTo" size="11" value="<?php echo $_POST['searchTo'] ?>"/> 
+<?php
+					} else {
+?>
+						<input type="text" name="searchTo"  size="11"/>
+<?php
+					}
+?>
 					<input type="submit" value="search">
 					</p>
 				</form>
@@ -65,9 +102,7 @@ function displayLogs() {
 			<td class="section">Upload</td>
 			<td class="section">Download</td>
 		</tr>
-
 <?php
-
 		# Extra SQL
 		$extraSQL = "";
 		$extraSQLVals = array();
@@ -80,147 +115,118 @@ function displayLogs() {
 			$extraSQL .= " AND EventTimestamp <= ?";
 			array_push($extraSQLVals,$_POST['searchTo']);
 
-			# Query to get all default data
+			# Accounting query FIXME nas receive and transmit rates
 			$sql = "
 				SELECT
-						EventTimestamp, 
-						CallingStationID, 
-						AcctSessionTime, 
-						AcctInputOctets, 
-						AcctInputGigawords, 
-						AcctOutputOctets, 
-						AcctOutputGigawords, 
-						AcctTerminateCause 
-				FROM 
-						${DB_TABLE_PREFIX}accounting 
-				WHERE 
-						Username = '$getuser'
+						EventTimestamp,
+						CallingStationID,
+						AcctSessionTime / 60 AS AcctSessionTime,
+						AcctInputOctets / 1024 / 1024 +
+						AcctInputGigawords * 4096 AS AcctInputMbyte,
+						AcctOutputOctets / 1024 / 1024 +
+						AcctOutputGigawords * 4096 AS AcctOutputMbyte,
+						AcctTerminateCause
+				FROM
+						${DB_TABLE_PREFIX}accounting
+				WHERE
+						Username = ".$db->quote($_SESSION['username'])."
 						$extraSQL
 				ORDER BY
 						EventTimestamp
 				DESC
-				";
+			";
 
 			$res = $db->prepare($sql);
 			$res->execute($extraSQLVals);
 
-			# Define totals:
-			$totalData = 0;
-			$totalInputData = 0;
-			$totalOutputData = 0;
-			$totalSessionTime = 0;
-
+			# Display logs
+			$totalInput = 0;
+			$totalOutput = 0;
+			$totalTime = 0;
 			while ($row = $res->fetchObject()) {
 
 				# Input data calculation
-				$inputDataItem = 0;
-
-				if (!empty($row->acctinputoctets) && $row->acctinputoctets > 0) {
-					$inputDataItem += ($row->acctinputoctets / 1024) / 1024;
+				$inputData = 0;
+				if (isset($row->acctinputmbyte) && $row->acctinputmbyte > 0) {
+					$inputData += $row->acctinputmbyte;
 				}
-				if (!empty($row->acctinputgigawords) && $row->inputgigawords > 0) {
-					$inputDataItem += ($row->acctinputgigawords * 4096);
-				}
-				$totalInputData += $inputDataItem;
-
+				$totalInput += $inputData;
 
 				# Output data calculation
-				$outputDataItem = 0;
-
-				if (!empty($row->acctoutputoctets) && $row->acctoutputoctets > 0) {
-					$outputDataItem += ($row->acctoutputoctets / 1024) / 1024;
+				$outputData = 0;
+				if (isset($row->acctoutputmbyte) && $row->acctoutputmbyte > 0) {
+					$outputData += $row->acctoutputmbyte;
 				}
-				if (!empty($row->acctoutputgigawords) && $row->acctoutputgigawords > 0) {
-					$outputDataItem += ($row->acctoutputgigawords * 4096);
-				}
-				$totalOutputData += $outputDataItem;
-
-				$totalData += $totalOutputData + $totalInputData;
-
+				$totalOutput += $outputData;
 
-				# Time calculation
-				$sessionTimeItem = 0;
-				if (!empty($row->acctsessiontime) && $row->acctsessiontime > 0) {
-					$sessionTimeItem += ($row->acctsessiontime - ($row->acctsessiontime % 60)) / 60;
+				# Uptime calculation
+				$sessionTime = 0;
+				if (isset($row->acctsessiontime) && $row->acctsessiontime > 0) {
+					$sessionTime += $row->acctsessiontime;
 				}
-
-				$totalSessionTime += $sessionTimeItem;
-
+				$totalTime += $sessionTime;
 ?>
-
 				<tr>
 					<td class="desc"><?php echo $row->eventtimestamp; ?></td>
-					<td class="desc"><?php echo $row->acctsessiontime; ?></td>
+					<td class="desc"><?php printf("%.2f",$sessionTime); ?></td>
 					<td class="desc"><?php echo $row->callingstationid; ?></td>
 					<td class="center desc"><?php echo strRadiusTermCode($row->acctterminatecause); ?></td>
-					<td class="center desc"><?php echo "NASTransmitRate"; ?></td>
-					<td class="center desc"><?php echo "NASReceiveRate"; ?></td>
-					<td class="right desc"><?php printf('%.2f',$inputDataItem); ?></td>
-					<td class="right desc"><?php printf('%.2f',$outputDataItem); ?></td>
+					<td class="center desc">
+						<?php 
+							if (isset($row->nastransmitrate)) {
+								echo $row->nastransmitrate;
+							}
+						?>
+					</td>
+					<td class="center desc">
+						<?php 
+							if (isset($row->nasreceiverate)) {
+								echo $row->nasreceiverate;
+							}
+						?>
+					</td>
+					<td class="right desc"><?php printf("%.2f",$inputData); ?></td>
+					<td class="right desc"><?php printf("%.2f",$outputData); ?></td>
 				</tr>
-
 <?php
-
 			}
 			if ($res->rowCount() == 0) {
-
 ?>
-
 				<tr>
 					<td colspan="8" class="info">There are no logs for the selected dates</td>
-				</tr>	
-
+				</tr>
 <?php
-
 			} else {
-
+				$totalTraffic = $totalInput + $totalOutput;
 ?>
-
 				<tr>
 					<td colspan="6" class="right">Sub Total:</td>
-					<td class="right desc"><?php printf('%.2f',$totalInputData); ?></td>
-					<td class="right desc"><?php printf('%.2f',$totalOutputData); ?></td>
+					<td class="right desc"><?php printf("%.2f",$totalInput); ?></td>
+					<td class="right desc"><?php printf("%.2f",$totalOutput); ?></td>
 				</tr>
 				<tr>
 					<td colspan="6" class="right">Total:</td>
-					<td colspan="2" class="center desc"><?php printf('%.2f',$totalData); ?></td>
+					<td colspan="2" class="center desc"><?php printf("%.2f",$totalTraffic); ?></td>
 				</tr>
-
 <?php
-
 			}
 		} else {
-
 ?>
-
 			<tr>
 				<td colspan="8" class="info">Please specify dates above in YYYY-MM-DD format and click "search".</td>
 			</tr>
-
 <?php
-
 		}
-
 ?>
-
 	</table>
-
 <?php
-
 }
-
 ?>
-
 	<a href=".">Back</a><br>
-
 <?php
-
 displayLogs();
-
 ?>
-
 	<a href=".">Back</a><br><br>
-
 <?php
 
 

webui/user/styles.css

 /*
  *
  * User Control Panel Stylesheet
- * Copyright (C) 2007-2009, AllWorldIT
+ * Copyright (C) 2007-2015, AllWorldIT
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -198,3 +198,20 @@ mtsearchtableorder {
 mtsearchtablesubmit {
 	font-weight: bold;
 }
+.graph { 
+	position: relative; /* IE is dumb */
+	margin: auto;
+	width: 200px; 
+	border: 1px solid #000066; 
+	padding: 2px; 
+}
+.graph .bar { 
+	display: block;
+	position: relative;
+	background: #E6E6FA; 
+	text-align: center; 
+	color: #333; 
+	height: 2em; 
+	line-height: 2em;            
+}
+.graph .bar span { position: absolute; left: 1em; }

webui/wisp-locations-delete.php

-<?php
-# Radius User Delete
-# Copyright (C) 2007-2009, AllWorldIT
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-
-include_once("includes/header.php");
-include_once("includes/footer.php");
-include_once("includes/db.php");
-
-
-
-$db = connect_db();
-
-
-
-printHeader(array(
-		"Tabs" => array(
-			"Back to location list" => "wisp-locations-manage.php",
-		),
-));
-
-
-
-# Display delete confirm screen
-if (isset($_POST['frmaction']) && $_POST['frmaction'] == "delete") {
-	# Check a user was selected
-	if (isset($_POST['location_id'])) {
-
-?>
-
-		<p class="pageheader">Delete Location</p>
-
-		<form action="wisp-locations-delete.php" method="post">
-			<input type="hidden" name="frmaction" value="delete2" />
-			<input type="hidden" name="location_id" value="<?php echo $_POST['location_id']; ?>" />
-			<div class="textcenter">
-				Are you very sure you wish to remove this location and unlink all users linked to it? <br />
-				<input type="submit" name="confirm" value="yes" />
-				<input type="submit" name="confirm" value="no" />
-			</div>
-		</form>
-
-<?php
-
-	} else {
-
-?>
-
-		<div class="warning">No location selected</div>
-
-<?php
-
-	}
-# SQL Updates
-} elseif (isset($_POST['frmaction']) && $_POST['frmaction'] == "delete2") {
-
-?>
-
-	<p class="pageheader">Location Delete Results</p>
-
-<?php
-
-	if (isset($_POST['location_id'])) {
-		if (isset($_POST['confirm']) && $_POST['confirm'] == "yes") {
-			$db->beginTransaction();
-
-			$res = $db->exec("UPDATE ${DB_TABLE_PREFIX}wisp_userdata SET LocationID = NULL WHERE LocationID = ".$db->quote($_POST['location_id']));
-			if ($res !== FALSE) {
-?>
-				<div class="notice">Location members unlinked</div>
-<?php
-			} else {
-?>
-				<div class="warning">Error unlinking members from location</div>
-				<div class="warning"><?php print_r($db->errorInfo()); ?></div>
-<?php
-				$db->rollback();
-			}
-
-			if ($res !== FALSE) {
-				$res = $db->exec("DELETE FROM ${DB_TABLE_PREFIX}wisp_locations WHERE ID = ".$db->quote($_POST['location_id']));
-				if ($res !== FALSE) {
-?>
-					<div class="notice">Location deleted</div>
-<?php
-				} else {
-?>
-					<div class="warning">Error deleting location</div>
-					<div class="warning"><?php print_r($db->errorInfo()); ?></div>
-<?php
-					$db->rollback();
-				}
-			}
-			if ($res) {
-?>
-				<div class="notice">Location with ID: <?php echo $_POST['location_id']; ?> deleted</div>
-<?php
-				$db->commit();
-			}
-		} else {
-?>
-			<div class="warning">Delete location aborted</div>
-<?php
-		}
-	} else {
-?>
-
-		<div class="warning">Invocation error, no location ID selected</div>
-
-<?php
-
-	}
-} else {
-?>
-	<div class="warning">Invocation error</div>
-<?php
-}
-printFooter();
-
-
-# vim: ts=4
-?>
-

webui/wisp-locations-manage.php

-<?php
-# Radius Location List
-# Copyright (C) 2007-2009, AllWorldIT
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-include_once("includes/header.php");
-include_once("includes/footer.php");
-include_once("includes/db.php");
-
-$db = connect_db();
-
-printHeader(array(
-));
-
-# If we have no action, display list
-if (!isset($_POST['frmaction']))
-{
-?>
-	<p class="pageheader">Location List</p>
-
-	<form id="main_form" action="wisp-locations-manage.php" method="post">
-		<div class="textcenter">
-			Action
-			<select id="main_form_action" name="frmaction" 
-					onchange="
-						var myform = document.getElementById('main_form');
-						var myobj = document.getElementById('main_form_action');
-
-						if (myobj.selectedIndex == 2) {
-							myform.action = 'wisp-locations-add.php';
-						} else if (myobj.selectedIndex == 3) {
-							myform.action = 'wisp-locations-delete.php';
-						} else if (myobj.selectedIndex == 5) {
-							myform.action = 'wisp-locations-members.php';
-						}
-
-						myform.submit();
-					">
-				<option selected="selected">select action</option>
-				<option disabled="disabled"> - - - - - - - - - - - </option>
-				<option value="add">Add Location</option>
-				<option value="delete">Delete Location</option>
-				<option disabled="disabled"> - - - - - - - - - - - </option>
-				<option value="useratts">List Location Members</option>
-			</select> 
-		</div>
-
-		<p />
-
-		<table class="results" style="width: 75%;">
-			<tr class="resultstitle">
-				<td class="textcenter">ID</td>
-				<td class="textcenter">Location</td>
-			</tr>
-
-<?php
-
-			$sql = "SELECT Name FROM ${DB_TABLE_PREFIX}wisp_locations ORDER BY Name ASC";
-			$res = $db->query($sql);
-
-			# List users
-			while ($row = $res->fetchObject()) {
-
-?>
-
-					<tr class="resultsitem">
-						<td><input type="radio" name="location_id" value="<?php echo $row->id; ?>"/></td>
-						<td><?php echo $row->name; ?></td>
-					</tr>
-<?php
-			}
-			if ($res->rowCount() == 0) {
-?>
-				<p />
-				<tr>
-					<td colspan="3" class="textcenter">Location list is empty</td>
-				</tr>
-<?php
-			}
-			$res->closeCursor();
-?>
-		</table>
-	</form>
-<?php
-}
-printFooter();
-
-# vim: ts=4
-?>

webui/wisp-locations-members.php

-Im broken at the moment, please try later

webui/wisp-multiuser-add.php

-<?php
-# WiSP multi-user add
-# Copyright (C) 2007-2009, AllWorldIT
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-include_once("includes/header.php");
-include_once("includes/footer.php");
-include_once("includes/db.php");
-
-
-$db = connect_db();
-
-
-printHeader(array(
-));
-
-
-if (!isset($_POST['frmaction'])) {
-
-?>
-
-	<p class="pageheader">Add WiSP Users</p>
-
-	<!-- Add user input fields -->
-	<form method="post" action="wisp-multiuser-add.php">
-		<div>
-			<input type="hidden" name="frmaction" value="insert" />
-		</div>
-		<table class="entry">
-			<tr>
-				<td class="textcenter" colspan="2">Add multiple users</td>
-			</tr>
-			<tr>
-				<td><div></div><td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Number of users</td>
-				<td><input type="text" name="num_users" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Login Prefix</td>
-				<td><input type="text" name="login_prefix" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Uptime Limit</td>
-				<td><input type="text" name="session_timeout" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Data Limit</td>
-				<td><input type="text" name="data_limit" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Time Limit</td>
-				<td><input type="text" name="time_limit" /></td>
-			</tr>
-			<tr>
-				<td class="textcenter" colspan="2"><input type="submit" value="Submit" /></td>
-			</tr>
-		</table>
-	</form>
-
-<?php
-
-}
-
-if (isset($_POST['frmaction']) && $_POST['frmaction'] == "insert") {
-
-?>
-
-	<p class="pageheader">Add WiSP Users</p>
-
-<?php
-	#FIXME
-	# Perform checks on input
-	if (!empty($_POST['num_users']) && !empty($_POST['session_timeout']) && !empty($_POST['data_limit']) && !empty($_POST['time_limit'])) {
-		$db->beginTransaction();
-
-		$numberOfUsers = (int)$_POST['num_users'];
-		$sessionTimeout = (int)$_POST['session_timeout'];
-		$dataLimit = (int)$_POST['data_limit'];
-		$timeLimit = (int)$_POST['time_limit'];
-		$loginNamePrefix = $_POST['login_prefix'];
-
-		for ($counter = 0; $counter <= $numberOfUsers; $counter += 1) {
-
-			# Check if user already exists
-			$checkUsernameDuplicates = 0;
-
-			do {
-				# Generate random username
-				$randomString = chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122));
-
-				# If there is no login name prefix
-				if (empty($loginNamePrefix)) {
-					$userName = $randomString;
-
-					$lookForUser = $db->query("SELECT ID FROM ${DB_TABLE_PREFIX}users WHERE Username LIKE '%$userName%'");
-
-					# If the user was found
-					if ($lookForUser->rowCount() > 0) {
-						$checkUsernameDuplicates = 1;
-					} else {
-						$checkUsernameDuplicates = 0;
-					}
-
-				# If there is a login name prefix
-				} else {
-					$userName = $loginNamePrefix."_".$randomString;
-
-					$lookForUser = $db->query("SELECT ID FROM ${DB_TABLE_PREFIX}users WHERE Username LIKE '%$userName%'");
-
-					# If the user was found
-					if ($lookForUser->rowCount() > 0) {
-						$checkUsernameDuplicates = 1;
-					} else {
-						$checkUsernameDuplicates = 0;
-					}
-				}
-			} while ($checkUsernameDuplicates > 0);
-
-			#Insert user into users table
-			$userInsert = $db->prepare("INSERT INTO
-													${DB_TABLE_PREFIX}users (Username)
-										VALUES
-													(?)
-										");
-			$userInsertExec = $userInsert->execute(array($userName));
-
-			$failed = 0;
-			# After a user add is successful, continue with inserting the other data
-			if ($userInsertExec) {
-
-				# Get user ID to insert into other tables
-				$getUserID = $db->query("SELECT ID FROM ${DB_TABLE_PREFIX}users WHERE Username = '$userName'");
-				$resultRow = $getUserID->fetchObject();
-				$userID = $resultRow->id;
-
-				# Inset UserID into wisp_userdata table
-				$userDataStatement = $db->prepare("	INSERT INTO
-																${DB_TABLE_PREFIX}wisp_userdata (UserID)
-													VALUES
-																(?)
-													");
-
-				$userDataResult = $userDataStatement->execute(array($userID));
-
-				# Generate a password
-				$userPassword = chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122)).
-								chr(rand(97,122));
-
-				# Insert password into user_attributes table
-				$userPasswordStatement = $db->prepare("	INSERT INTO
-																	${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
-														VALUES
-																	($userID,'User-Password','==',?)
-														");
-
-				$userPasswordResult = $userPasswordStatement->execute(array($userPassword));
-				
-				# Insert data limit into user_attributes table
-				$userDataLimitStatement = $db->prepare("INSERT INTO
-																	${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
-														VALUES
-																	($userID,'SMRadius-Capping-Traffic-Limit',':=',?)
-														");
-
-				$userDataLimitResult = $userDataLimitStatement->execute(array($dataLimit,));
-				
-				# Insert time limit into user_attributes table
-				$userTimeStatement = $db->prepare("	INSERT INTO
-																${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
-													VALUES
-																($userID,'SMRadius-Capping-UpTime-Limit',':=',?)
-													");
-
-				$userTimeResult = $userTimeStatement->execute(array($timeLimit,));
-
-				# Insert timeout into user_attributes table
-				$userTimeOutStatement = $db->prepare("	INSERT INTO
-																	${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
-														VALUES
-																	($userID,'Session-Timeout','+=',?)
-													");
-
-				$userTimeOutResult = $userTimeOutStatement->execute(array($sessionTimeout,));
-
-				if ($userTimeOutResult && $userTimeResult && $userDataResult && $userPasswordResult && $userDataLimitResult) {
-					$failed = 0;
-				} else {
-					$failed = 1;
-				}
-			# If one was not successful, rollback
-			} else {
-				print_r($db->errorInfo());
-				$db->rollback;
-				$failed = 1;
-				break;
-			}
-		}
-		if ($failed == 0) {
-			$db->commit();
-
-?>
-
-				<div class="notice">Users added</div>
-
-<?php
-
-		}
-	} else {
-
-?>
-
-		<div class="warning">One or more fields have been left empty</div>
-
-<?php
-
-	}
-}
-
-printFooter();
-
-# vim: ts=4
-?>

webui/wisp-user-add.php

-<?php
-# WiSP User Add
-# Copyright (C) 2007-2009, AllWorldIT
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-include_once("includes/header.php");
-include_once("includes/footer.php");
-include_once("includes/db.php");
-
-
-$db = connect_db();
-
-
-printHeader(array(
-));
-
-
-if (!isset($_POST['frmaction'])) {
-
-?>
-
-	<p class="pageheader">Add WiSP User</p>
-
-	<!-- Add user input fields -->
-	<form method="post" action="wisp-user-add.php">
-		<div>
-			<input type="hidden" name="frmaction" value="insert" />
-		</div>
-		<table class="entry">
-			<tr>
-				<td class="textcenter" colspan="2">Account Information</td>
-			</tr>
-			<tr>
-				<td><div></div><td>
-			</tr>
-			<tr>
-				<td class="entrytitle">User Name</td>
-				<td><input type="text" name="user_name" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Password</td>
-				<td><input type="password" name="user_password" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Group</td>
-				<td>
-				<select name="user_group">
-						<option selected="selected" value="NULL">No group</option>
-<?php
-							$sql = "
-								SELECT
-									ID, Name
-								FROM
-									${DB_TABLE_PREFIX}groups
-								ORDER BY
-									Name
-								DESC
-							";
-
-							$res = $db->query($sql);
-
-							# If there are any result rows, list items
-							if ($res->rowCount() > 0) {
-								while ($row = $res->fetchObject()) {
-?>
-									<option value="<?php echo $row->id; ?>"><?php echo $row->name; ?></option>
-<?php
-								}
-							}
-?>
-					</select>
-				</td>
-			</tr>
-			<tr>
-				<td><div></div><td>
-			</tr>
-			<tr>
-				<td class="textcenter" colspan="2">Private Information</td>
-			</tr>
-			<tr>
-				<td><div></div><td>
-			</tr>
-			<tr>
-				<td class="entrytitle">First Name</td>
-				<td><input type="text" name="user_first_name" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Last Name</td>
-				<td><input type="text" name="user_last_name" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Phone</td>
-				<td><input type="text" name="user_phone" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Location</td>
-				<td>
-				<select name="user_location">
-						<option selected="selected" value="NULL">No location</option>
-<?php
-							$sql = "
-								SELECT
-									ID, Name
-								FROM
-									${DB_TABLE_PREFIX}wisp_locations
-								ORDER BY
-									Name
-								DESC
-							";
-
-							$res = $db->query($sql);
-
-							# If there are any result rows, list items
-							if ($res->rowCount() > 0) {
-
-								while ($row = $res->fetchObject()) {
-?>
-									<option value="<?php echo $row->id; ?>"><?php echo $row->name; ?></option>
-<?php
-								}
-							}
-?>
-					</select>
-				</td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Email Address</td>
-				<td><input type="text" name="user_email" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">MAC Address</td>
-				<td><input type="text" name="user_mac_address" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">IP Address</td>
-				<td><input type="text" name="user_ip_address" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Data Usage Limit (MB)</td>
-				<td><input type="text" name="user_data_limit" /></td>
-			</tr>
-			<tr>
-				<td class="entrytitle">Time Limit (Min)</td>
-				<td><input type="text" name="user_time_limit" /></td>
-			</tr>
-			<tr>
-				<td class="textcenter" colspan="2"><input type="submit" value="Submit" /></td>
-			</tr>
-		</table>
-	</form>
-
-<?php
-
-}
-	
-if (isset($_POST['frmaction']) && $_POST['frmaction'] == "insert") {
-
-?>
-
-	<p class="pageheader">Add user</p>
-
-<?php
-
-	$db->beginTransaction();
-
-	# Insert into users table
-	$stmt = $db->prepare("INSERT INTO ${DB_TABLE_PREFIX}users (Username) VALUES (?)");
-	$res = $stmt->execute(array($_POST['user_name']));
-
-
-	if ($res !== FALSE) {
-?>
-		<div class="notice">User added</div>
-<?php
-
-		# Grab inserted ID
-		$userID = $db->lastInsertId();
-
-		# FIXME Check for empty values for certain fields
-		# Check if userID is integer and > 0
-		if (!isset($userID) || $userID < 1) {
-			$db->rollback();
-?>
-			<div class="warning">Failed to get user ID</div>
-<?php			
-			$res = FALSE;
-		}
-
-
-	} else {
-?>
-			<div class="warning">Failed to add user</div>
-			<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
-<?php
-	}
-
-
-	if ($res !== FALSE) {
-		# Insert MAC Address
-		$stmt = $db->prepare("
-			INSERT INTO 
-				${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value) 
-			VALUES 
-				($userID,'Calling-Station-Id','||==',?)
-		");
-
-		$res = $stmt->execute(array($_POST['user_mac_address']));
-
-		if ($res !== FALSE) {
-?>
-			<div class="notice">Added MAC address</div>
-<?php
-		} else {
-?>
-			<div class="warning">Failed to add MAC address</div>
-			<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
-<?php
-		}
-	}
-
-
-	if ($res !== FALSE) {
-		if ($_POST['user_group'] !== "NULL") {
-			# Insert user group
-			$stmt = $db->prepare("
-				INSERT INTO 
-					${DB_TABLE_PREFIX}users_to_groups (UserID,GroupID) 
-				VALUES 
-					($userID,?)
-			");
-
-			$res = $stmt->execute(array($_POST['user_group']));
-
-			if ($res !== FALSE) {
-?>
-				<div class="notice">Added user to group</div>
-<?php
-			} else {
-?>
-				<div class="warning">Failed to add user to group</div>
-				<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
-<?php
-			}
-		}
-	}
-
-
-	if ($res !== FALSE) {
-		# Insert IP Address
-		$stmt = $db->prepare("
-			INSERT INTO 
-				${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value) 
-			VALUES 
-				($userID,'Framed-IP-Address','+=',?)
-		");
-
-		$res = $stmt->execute(array($_POST['user_ip_address']));
-		if ($res !== FALSE) {
-?>
-			<div class="notice">IP address added</div>
-<?php
-		} else {
-?>
-			<div class="warning">Failed to add IP address</div>
-			<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
-<?php
-		}
-	}
-
-	if ($res !== FALSE) {
-		# Insert data limit
-		$stmt = $db->prepare("
-			INSERT INTO 
-				${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value) 
-			VALUES 
-				($userID,'SMRadius-Capping-Traffic-Limit','==',?)
-		");
-
-		$res = $stmt->execute(array($_POST['user_data_limit']));
-		if ($res !== FALSE) {
-?>
-			<div class="notice">Traffic limit added</div>
-<?php
-		} else {
-?>
-			<div class="warning">Failed to add traffic limit</div>
-			<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
-<?php
-		}
-	}
-
-	if ($res !== FALSE) {
-		# Insert time limit
-		$stmt = $db->prepare("
-			INSERT INTO 
-				${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value) 
-			VALUES 
-				($userID,'SMRadius-Capping-UpTime-Limit','==',?)
-		");
-
-		$res = $stmt->execute(array($_POST['user_time_limit']));
-		if  ($res !== FALSE) {
-?>
-			<div class="notice">Uptime limit added</div>
-<?php
-		} else {
-?>
-			<div class="warning">Failed to add uptime limit</div>
-			<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
-<?php
-		}
-	}
-
-	if ($res !== FALSE) {
-		# Insert password 
-		$stmt = $db->prepare("
-			INSERT INTO 
-				${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value) 
-			VALUES 
-				($userID,'User-Password','==',?)
-		");
-
-		$res = $stmt->execute(array($_POST['user_password']));
-		if ($res !== FALSE) {
-?>
-			<div class="notice">User password added</div>
-<?php
-		} else {
-?>
-			<div class="warning">Failed to add up user password</div>
-			<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
-<?php
-		}
-	}
-
-
-	if ($res !== FALSE) {
-		# Insert user data
-		$stmt = $db->prepare("
-			INSERT INTO 
-				${DB_TABLE_PREFIX}wisp_userdata (UserID, FirstName, LastName, Email, Phone, LocationID) 
-			VALUES 
-				(?,?,?,?,?,?)
-		");
-
-		$res = $stmt->execute(array(
-			$userID,
-			$_POST['user_first_name'],
-			$_POST['user_last_name'],
-			$_POST['user_email'],
-			$_POST['user_phone'],
-			$_POST['user_location']
-		));
-		if ($res !== FALSE) {
-?>
-			<div class="notice">WiSP user data added</div>
-<?php
-		} else {
-?>
-			<div class="warning">Failed to add WiSP user data</div>
-			<div class="warning"><?php print_r($stmt->errorInfo()) ?></div>
-<?php
-		}
-	}
-
-
-	if ($res !== FALSE) {
-		$db->commit();
-	} else {
-		$db->rollback();
-	}
-}
-
-
-printFooter();
-
-# vim: ts=4
-?>

webui/wisp-user-delete.php

-<?php
-# WiSP User Delete
-# Copyright (C) 2007-2009, AllWorldIT
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-
-include_once("includes/header.php");
-include_once("includes/footer.php");
-include_once("includes/db.php");
-
-
-
-$db = connect_db();
-
-
-
-printHeader(array(
-		"Tabs" => array(
-			"Back to user list" => "wisp-user-list.php",
-		),
-));
-
-
-# Display delete confirm screen
-if (isset($_POST['frmaction']) && $_POST['frmaction'] == "delete") {
-	# Check a user was selected
-	if (isset($_POST['user_id'])) {
-
-?>
-
-		<p class="pageheader">Remove User</p>
-
-		<form action="wisp-user-delete.php" method="post">
-			<div>
-				<input type="hidden" name="frmaction" value="delete2" />
-				<input type="hidden" name="user_id" value="<?php echo $_POST['user_id']; ?>" />
-			</div>
-			<div class="textcenter">
-				Are you very sure? <br />
-				<input type="submit" name="confirm" value="yes" />
-				<input type="submit" name="confirm" value="no" />
-			</div>
-		</form>
-
-<?php
-
-	} else {
-
-?>
-
-		<div class="warning">No user selected</div>
-
-<?php
-	}
-# SQL Updates
-} elseif (isset($_POST['frmaction']) && $_POST['frmaction'] == "delete2") {
-?>
-	<p class="pageheader">User Remove Results</p>
-<?php
-	if (isset($_POST['user_id'])) {
-		if (isset($_POST['confirm']) && $_POST['confirm'] == "yes") {
-			$db->beginTransaction();
-			# Delete user data
-			$res = $db->exec("DELETE FROM wisp_userdata WHERE UserID = ".$db->quote($_POST['user_id']));
-			if ($res !== FALSE) {
-				# Delete user attributes
-				$res = $db->exec("DELETE FROM user_attributes WHERE UserID = ".$db->quote($_POST['user_id']));
-				if ($res !== FALSE) {
-					# Delete group associations
-					$res = $db->exec("DELETE FROM ${DB_TABLE_PREFIX}users_to_groups WHERE UserID = ".$db->quote($_POST['user_id']));
-					if ($res !== FALSE) {
-						# Delete from users
-						$res = $db->exec("DELETE FROM users WHERE ID = ".$db->quote($_POST['user_id']));
-						if ($res !== FALSE) {
-?>
-							<div class="notice">User with ID: <?php print_r($_POST['user_id']); ?> deleted!</div>
-<?php
-							$db->commit();
-						} else {
-?>
-							<div class="warning">Failed to delete user!</div>
-							<div class="warning"><?php print_r($res->errorInfo()); ?></div>
-<?php
-							$db->rollback();
-						}
-					} else {
-?>
-						<div class="warning">Failed to remove group associations</div>
-						<div class="warning"><?php print_r($res->errorInfo()); ?></div>
-<?php
-						$db->rollback();
-					}
-				} else {
-?>
-					<div class="warning">Failed to delete user attributes</div>
-					<div class="warning"><?php print_r($res->errorInfo()); ?></div>
-<?php
-					$db->rollback();
-				}
-			} else {
-?>
-				<div class="warning">Failed to delete user data</div>
-				<div class="warning"><?php print_r($res->errorInfo()); ?></div>
-<?php
-				$db->rollback();
-			}
-		} else {
-?>
-			<div class="warning">Delete user aborted</div>
-<?php
-		}
-	} else {
-?>
-		<div class="warning">No user selected</div>
-<?php
-	}
-} else {
-
-?>
-	<div class="warning">Invocation error</div>
-<?php
-}
-printFooter();
-
-
-# vim: ts=4
-?>
-

webui/wisp-user-edit.php

-<?php
-# WiSP user edit
-# Copyright (C) 2007-2009, AllWorldIT
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-
-include_once("includes/header.php");
-include_once("includes/footer.php");
-include_once("includes/db.php");
-
-
-$db = connect_db();
-
-
-printHeader(array(
-));
-
-
-# Display edit screen
-if (isset($_POST['frmaction']) && $_POST['frmaction'] == "edit") {
-	# Check a user was selected
-	if (isset($_POST['user_id'])) {
-
-		$userID = $_POST['user_id'];
-		$sql = "SELECT 
-					wisp_userdata.FirstName, 
-					wisp_userdata.LastName, 
-					wisp_userdata.Email, 
-					wisp_userdata.Phone,
-					wisp_userdata.LocationID,
-					wisp_locations.ID,
-					wisp_locations.Name
-				FROM 
-					wisp_userdata, wisp_locations 
-				WHERE 
-					wisp_userdata.UserID = ".$db->quote($userID)."
-				AND
-					wisp_userdata.LocationID = 'wisp_locations.ID'
-				";
-
-		$userDataResult = $db->query($sql); 
-		print_r("NUMBER OF ROWS: ".$userDataResult->rowCount());
-		$userDataRow = $userDataResult->fetchObject();
-
-		$sql = "SELECT
-					Value
-				FROM
-					user_attributes
-				WHERE
-					UserID = ".$db->quote($userID)."
-				AND
-					Name = 'Framed-IP-Address'
-				";
-
-		$framedIPResult = $db->query($sql);
-		$framedIPRow = $framedIPResult->fetchObject();
-
-		$sql = "SELECT
-					Value
-				FROM
-					user_attributes
-				WHERE
-					UserID = ".$db->quote($userID)."
-				AND
-					Name = 'Calling-Station-Id'
-				";
-
-		$callingStationResult = $db->query($sql);
-		$callingStationRow = $callingStationResult->fetchObject();
-
-
-		$sql = "SELECT
-					Value
-				FROM
-					user_attributes
-				WHERE
-					UserID = ".$db->quote($userID)."
-				AND
-					Name = 'User-Password'
-				";
-
-		$userPasswordResult = $db->query($sql);
-		$userPasswordRow = $userPasswordResult->fetchObject();
-
-
-		$sql = "SELECT
-					Value
-				FROM
-					user_attributes
-				WHERE
-					UserID = ".$db->quote($userID)."
-				AND
-					Name = 'SMRadius-Capping-Traffic-Limit'
-				";
-
-		$dataLimitResult = $db->query($sql);
-		$dataLimitRow = $dataLimitResult->fetchObject();
-		$dataLimit = $dataLimitRow->value;
-
-		$sql = "SELECT
-					Value
-				FROM
-					user_attributes
-				WHERE
-					UserID = ".$db->quote($userID)."
-				AND
-					Name = 'SMRadius-Capping-UpTime-Limit'
-				";
-
-		$timeLimitResult = $db->query($sql);
-		$timeLimitRow = $timeLimitResult->fetchObject();
-		$timeLimit = $timeLimitRow->value;
-
-?>
-
-		<p class="pageheader">Edit User Information</p>
-
-		<form action="wisp-user-edit.php" method="post">
-			<input type="hidden" name="frmaction" value="edit2" />
-			<input type="hidden" name="user_id" value="<?php echo $_POST['user_id']; ?>" />
-			<table class="entry">
-				<tr>
-					<td class="entrytitle textcenter" colspan="3">Account Information</td>
-				</tr>
-				<tr>
-					<td><div></div></td>
-					<td>Old Value</td>
-					<td>New Value</td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">Password</td>
-					<td class="oldval texttop"><?php echo $userPasswordRow->value; ?></td>
-					<td><input type="password" name="new_password" /></td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">Data Limit</td>
-					<td class="oldval texttop"><?php echo $dataLimit; ?> MB</td>
-					<td><input type="text" name="new_data_limit" /></td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">Time Limit</td>
-					<td class="oldval texttop"><?php echo $timeLimit; ?> Min</td>
-					<td><input type="text" name="new_time_limit" /></td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">MAC Address</td>
-					<td class="oldval texttop"><?php echo $callingStationRow->value; ?></td>
-					<td><input type="text" name="new_mac_address" /></td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">IP Address</td>
-					<td class="oldval texttop"><?php echo $framedIPRow->value; ?></td>
-					<td><input type="text" name="new_ip_address" /></td>
-				</tr>
-				<tr>
-					<td class="entrytitle textcenter" colspan="3">Private Information</td>
-				</tr>
-				<tr>
-					<td><div></div></td>
-					<td>Old Value</td>
-					<td>New Value</td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">First Name</td>
-					<td class="oldval texttop"><?php echo $userDataRow->firstname; ?></td>
-					<td><input type="text" name="new_firstname" /></td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">Last Name</td>
-					<td class="oldval texttop"><?php echo $userDataRow->lastname; ?></td>
-					<td><input type="text" name="new_lastname" /></td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">Location</td>
-					<td class="oldval texttop"><?php echo $userDataRow->name; ?></td>
-					<td>
-						<select name="new_location">
-							<option selected="selected" value="<?php echo $userDataRow->id; ?>">Unchanged</option>
-<?php
-								$sql = "SELECT
-												ID, Name
-										FROM
-												${DB_TABLE_PREFIX}wisp_locations
-										ORDER BY
-												Name
-										DESC
-										";
-
-								$res = $db->query($sql);
-
-								# If there are any result rows, list items
-								if ($res->rowCount() > 0) {
-
-									while ($row = $res->fetchObject()) {
-?>
-										<option value="<?php echo $row->id; ?>"><?php echo $row->name; ?></option>
-<?php
-									}
-								}
-?>
-						</select>
-					</td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">Email</td>
-					<td class="oldval texttop"><?php echo $userDataRow->email; ?></td>
-					<td><input type="text" name="new_email" /></td>
-				</tr>
-				<tr>
-					<td class="entrytitle texttop">Phone</td>
-					<td class="oldval texttop"><?php echo $userDataRow->phone; ?></td>
-					<td><input type="text" name="new_phone" /></td>
-				</tr>
-			</table>
-
-			<p />
-
-			<div class="textcenter">
-				<input type="submit" />
-			</div>
-		</form>
-
-<?php
-
-	$userDataResult->closeCursor();
-	$framedIPResult->closeCursor();
-	$dataLimitResult->closeCursor();
-	$timeLimitResult->closeCursor();
-	$callingStationResult->closeCursor();
-
-	} else {
-
-?>
-
-		<div class="warning">No user selected</div>
-
-<?php
-
-	}
-
-
-# SQL Updates
-} elseif (isset($_POST['frmaction']) && $_POST['frmaction'] == "edit2") {
-
-?>
-
-	<p class="pageheader">User Edit Results</p>
-
-<?php
-
-	# Check a user was selected
-	if (isset($_POST['user_id'])) {
-
-		$userDataUpdates = array();
-
-		if (!empty($_POST['new_firstname'])) {
-			array_push($userDataUpdates,"FirstName = ".$db->quote($_POST['new_firstname']));
-		}
-		if (!empty($_POST['new_lastname'])) {
-			array_push($userDataUpdates,"LastName = ".$db->quote($_POST['new_lastname']));
-		}
-		if (!empty($_POST['new_location'])) {
-			array_push($userDataUpdates,"Location = ".$db->quote($_POST['new_location']));
-		}
-		if (!empty($_POST['new_email'])) {
-			array_push($userDataUpdates,"Email = ".$db->quote($_POST['new_email']));
-		}
-		if (!empty($_POST['new_phone'])) {
-			array_push($userDataUpdates,"Phone = ".$db->quote($_POST['new_phone']));
-		}
-
-		$numUserAttributesUpdates = 0;
-		if (!empty($_POST['new_data_limit'])) {
-			$dataLimitResult = $db->exec("	UPDATE 
-												user_attributes 
-											SET 
-												Value = ".$db->quote($_POST['new_data_limit'])." 
-											WHERE 
-												UserID = ".$db->quote($_POST['user_id'])."
-											AND
-												Name = 'SMRadius-Capping-Traffic-Limit'
-										");
-			$numUserAttributesUpdates++;
-		}
-		if (!empty($_POST['new_time_limit'])) {
-			$timeLimitResult = $db->exec("	UPDATE 
-												user_attributes 
-											SET 
-												Value = ".$db->quote($_POST['new_time_limit'])." 
-											WHERE 
-												UserID = ".$db->quote($_POST['user_id'])."
-											AND
-												Name = 'SMRadius-Capping-Traffic-Limit'
-										");
-			$numUserAttributesUpdates++;
-		}
-		if (!empty($_POST['new_password'])) {
-			$setUserPasswordResult = $db->exec("	UPDATE 
-														user_attributes 
-													SET 
-														Value = ".$db->quote($_POST['new_password'])." 
-													WHERE 
-														UserID = ".$db->quote($_POST['user_id'])."
-													AND
-														Name = 'User-Password'
-													");
-			$numUserAttributesUpdates++;
-		}
-		if (!empty($_POST['new_ip_address'])) {
-			$ipAddressResult = $db->exec("	UPDATE 
-												user_attributes 
-											SET 
-												Value = ".$db->quote($_POST['new_ip_address'])." 
-											WHERE 
-												UserID = ".$db->quote($_POST['user_id'])."
-											AND
-												Name = 'Framed-IP-Address'
-										");
-			$numUserAttributesUpdates++;
-		}
-		if (!empty($_POST['new_mac_address'])) {
-			$macAddressResult = $db->exec("	UPDATE 
-												user_attributes 
-											SET 
-												Value = ".$db->quote($_POST['new_mac_address'])." 
-											WHERE 
-												UserID = ".$db->quote($_POST['user_id'])."
-											AND
-												Name = 'Calling-Station-Id'
-										");
-			$numUserAttributesUpdates++;
-		}
-		if (!empty($_POST['new_location'])) {
-			$locationResult = $db->exec("	UPDATE
-												wisp_userdata
-											SET
-												LocationID = ".$db->quote($_POST['new_location'])."
-											WHERE
-												UserID = ".$db->quote($_POST['user_id'])."
-										");
-		}
-												
-
-		# Check if we have wisp_userdata table updates
-		if (sizeof($userDataUpdates) > 0) {
-			$userDataUpdateString = implode(', ',$userDataUpdates);
-
-			$res = $db->exec("UPDATE wisp_userdata SET $userDataUpdateString WHERE UserID = ".$db->quote($_POST['user_id']));
-			if ($res) {
-
-?>
-
-				<div class="notice">User private data updated</div>
-
-<?php
-
-			} else {
-
-?>
-
-				<div class="warning">Error updating user private data</div>
-				<div class="warning"><?php print_r($db->errorInfo()) ?></div>
-
-<?php
-
-			}
-
-		# Warn
-		} else {
-
-?>
-
-			<div class="warning">User private data not updated</div>
-
-<?php
-
-		}
-		if ($numUserAttributesUpdates > 0) {
-
-?>
-			<div class="notice">User account data updated</div>
-
-<?php
-
-		} else {
-
-?>
-
-			<div class="notice">User account data not updated</div>
-
-<?php
-
-		}
-
-	# Warn
-	} else {
-
-?>
-
-		<div class="error">No user data available</div>
-
-<?php
-
-	}
-} else {
-
-?>
-
-	<div class="warning">Invalid invocation</div>
-
-<?php
-
-}
-
-
-printFooter();
-
-
-# vim: ts=4
-?>
-

webui/wisp-user-list.php

-<?php
-# WiSP User List
-# Copyright (C) 2007-2009, AllWorldIT
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-include_once("includes/header.php");
-include_once("includes/footer.php");
-include_once("includes/db.php");
-
-$db = connect_db();
-
-printHeader(array(
-));
-
-# If we have nothing to do - display search
-if (!isset($_POST['frmaction'])) {
-?>
-	<p class="pageheader">User List</p>
-
-	<form id="main_form" action="wisp-user-list.php" method="post">
-		<input type="hidden" name="frmaction" value="dofilter" />
-		<table class="entry" style="width: 80%;">
-			<tr>
-				<td>Sort by:</td>
-				<td colspan="4">
-					<input type="radio" name="sortby" value="id">ID</input>
-					<input type="radio" name="sortby" value="fname">First Name</input>
-					<input type="radio" name="sortby" value="lname">Last Name</input>
-					<input type="radio" name="sortby" value="uname">Username</input>
-				</td>
-			</tr>
-			<tr>
-				<td>Username:</td>
-				<td><input type="text" name="username" /></td>
-				<td>First Name:</td>
-				<td><input type="text" name="firstname" /></td>
-			</tr>
-			<tr>
-				<td>Last Name:</td>
-				<td><input type="text" name="lastname" /></td>
-				<td>Phone:</td>
-				<td><input type="text" name="phone" /></td>
-			</tr>
-			<tr>
-				<td>Location:</td>
-				<td><input type="text" name="location" /></td>
-				<td>Email:</td>
-				<td><input type="text" name="email" /></td>
-			</tr>
-			<tr>
-				<td class="textcenter" colspan="5"><input type="submit" value="Submit" /></td>
-			</tr>
-		</table>
-	</form>
-<?php
-}
-if (isset($_POST['frmaction']) && $_POST['frmaction'] == "dofilter") {
-?>
-	<form id="main_form" action="wisp-user-list.php" method="post">
-
-		<div class="textcenter">
-			Action
-			<select id="main_form_action" name="frmaction" 
-					onchange="
-						var myform = document.getElementById('main_form');
-						var myobj = document.getElementById('main_form_action');
-
-						if (myobj.selectedIndex == 2) {
-							myform.action = 'wisp-user-edit.php';
-						} else if (myobj.selectedIndex == 3) {
-							myform.action = 'wisp-user-delete.php';
-						} else if (myobj.selectedIndex == 5) {
-							myform.action = 'wisp-user-logs.php';
-						}
-
-						myform.submit();
-					">
-				<option selected="selected">select action</option>
-				<option disabled="disabled"> - - - - - - - - - - - </option>
-				<option value="edit">Edit User</option>
-				<option value="delete">Remove User</option>
-				<option disabled="disabled"> - - - - - - - - - - - </option>
-				<option value="viewlogs">Logs</option>
-			</select> 
-		</div>
-
-		<p />
-
-		<table class="results">
-			<tr class="resultstitle">
-				<td class="textcenter">ID</td>
-				<td class="textcenter">Username</td>
-				<td class="textcenter">FirstName</td>
-				<td class="textcenter">LastName</td>
-				<td class="textcenter">Email</td>
-				<td class="textcenter">Phone</td>
-				<td class="textcenter">Location</td>
-				<td class="textcenter">Data Cap</td>
-				<td class="textcenter">Time Cap</td>
-				<td class="textcenter">IP Address</td>
-			</tr>
-<?php
-			$sql = "SELECT
-						ID, Name
-					FROM
-						${DB_TABLE_PREFIX}wisp_locations
-					ORDER BY
-						Name
-					ASC
-					";
-			$res = $db->query($sql);
-
-			$locationsIDtoName = array();
-			while ($row = $res->fetchObject()) {
-				$locationsIDtoName[$row->id] = $row->name;
-			}
-
-			# Additions to the SQL statement
-			$extraTables = "";
-			$extraSQLVals = array();
-			$extraSQL = "";
-			$orderSQL = "";
-
-			# What searches are we going to do?
-			if ($_POST['username']) {
-				$extraSQL .= " AND users.Username LIKE ?";
-				array_push($extraSQLVals,"%".$_POST['username']."%");
-			}
-
-			if ($_POST['firstname']) {
-				$extraSQL .= " AND wisp_userdata.FirstName LIKE ?";
-				array_push($extraSQLVals,"%".$_POST['firstname']."%");
-			}
-
-			if ($_POST['lastname']) {
-				$extraSQL .= " AND wisp_userdata.LastName LIKE ?";
-				array_push($extraSQLVals,"%".$_POST['lastname']."%");
-			}
-
-			if ($_POST['phone']) {
-				$extraSQL .= " AND wisp_userdata.Phone LIKE ?";
-				array_push($extraSQLVals,"%".$_POST['phone']."%");
-			}
-
-			if ($_POST['location']) {
-				$extraSQL .= " AND locations.Name LIKE ?";
-				array_push($extraSQLVals,"%".$_POST['location']."%");
-
-				$extraSQL .= " AND wisp_userdata.LocationID = locations.ID";
-
-				$extraTables .= ", wisp_locations";
-			}
-
-			if ($_POST['email']) {
-				$extraSQL = " AND wisp_userdata.Email LIKE ?";
-				array_push($extraSQLVals,"%".$_POST['email']."%");
-			}
-
-			$sortSQL = "";
-			if (isset($_POST['sortby'])) {
-				# How are we sorting the results?
-				switch ($_POST['sortby']) {
-					case "id":
-						$sortSQL = " ORDER BY users.ID";
-						break;
-					case "fname":
-						$sortSQL = " ORDER BY wisp_userdata.FirstName";
-						break;
-					case "lname":
-						$sortSQL = " ORDER BY wisp_userdata.LastName";
-						break;
-					case "uname":
-						$sortSQL = " ORDER BY users.Username";
-						break;
-				}
-			}
-
-			# Query based on user input
-			$sql = "
-				SELECT
-						users.ID, 
-						users.Username,
-						wisp_userdata.UserID,
-						wisp_userdata.FirstName,
-						wisp_userdata.LastName,
-						wisp_userdata.Email, 
-						wisp_userdata.Phone,
-						wisp_userdata.LocationID
-				FROM 
-						users, wisp_userdata $extraTables
-				WHERE 
-						users.ID = wisp_userdata.UserID
-						$extraSQL
-						$sortSQL
-				";
-
-			$res = $db->prepare($sql);
-			$res->execute($extraSQLVals);
-
-			# List users
-			while ($row = $res->fetchObject()) {
-
-				# Second dirty query to get user's attributes
-				$tempUserID = $row->id;
-				$attrQuery = "
-						SELECT
-								Name,
-								Value
-						FROM
-								user_attributes
-						WHERE
-								UserID = $tempUserID
-						";
-				
-				$dataCap = NULL;
-				$timeCap = NULL;
-				$userIP = NULL;
-				$attrResult = $db->query($attrQuery);
-				while ($attrRow = $attrResult->fetchObject()) {
-					switch ($attrRow->name) {
-						case "SMRadius-Capping-Traffic-Limit":
-							$dataCap = $attrRow->value;
-						case "SMRadius-Capping-UpTime-Limit":
-							$timeCap = $attrRow->value;
-						case "Framed-IP-Address":
-							$userIP = $attrRow->value;
-					}
-				}
-				$attrResult->closeCursor();
-?>		
-				<tr class="resultsitem">
-					<td><input type="radio" name="user_id" value="<?php echo $row->id; ?>"/></td>
-					<td><?php echo $row->username; ?></td>
-					<td><?php echo $row->firstname; ?></td>
-					<td><?php echo $row->lastname; ?></td>
-					<td><?php echo $row->email; ?></td>
-					<td><?php echo $row->phone; ?></td>
-<?php
-					if (isset($row->locationid)) {
-?>
-						<td><?php echo $locationsIDtoName[$row->locationid]; ?></td>
-<?php
-					} else {
-?>
-						<td><?php echo "None"; ?></td>
-<?php
-					}
-?>
-					<td><?php echo $dataCap; ?> MB</td>
-					<td><?php echo $timeCap; ?> Min</td>
-					<td><?php echo $userIP; ?></td>
-				</tr>
-
-<?php
-			}
-
-			# If there were no rows, complain
-			if ($res->rowCount() == 0) {
-
-?>
-				<p />
-				<tr>
-					<td colspan="3" class="textcenter">No users found</td>
-				</tr>
-<?php
-			}
-			$res->closeCursor();
-?>
-		</table>
-	</form>
-<?php
-}
-printFooter();
-
-# vim: ts=4
-?>

webui/wisp-user-logs.php

-<?php
-# WiSP User Logs
-# Copyright (C) 2007-2009, AllWorldIT
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-
-include_once("includes/header.php");
-include_once("includes/footer.php");
-include_once("includes/db.php");
-include("includes/radiuscodes.php");
-
-$db = connect_db();
-
-
-printHeader(array(
-		"Tabs" => array(
-			"Back to user list" => "wisp-user-list.php"
-		),
-));
-
-
-?>
-
-<p class="pageheader">WiSP User Log</p>
-
-<?php
-
-if (isset($_POST['user_id'])) {
-
-	# Which user in the accounting table should we look for?
-	$stmt = $db->prepare("SELECT Username FROM ${DB_TABLE_PREFIX}users WHERE ID = ?");
-	$stmt->execute(array($_POST['user_id']));
-	$row = $stmt->fetchObject();
-	$stmt->closeCursor();
-	$getuser = $row->username;
-
-?>
-
-	<form id="main_form" action="wisp-user-logs.php" method="post">
-		<!-- User input from and to dates -->
-		<div>
-			<table>
-				<tr>
-					<td>From (yyyy-mm-dd)</td>
-				</tr>
-				<tr>
-					<td><input type="text" name="date_from" /></td>
-				</tr>
-				<tr>
-					<td>To (yyyy-mm-dd)</td>
-				</tr>
-				<tr>
-					<td><input type="text" name="date_to" /></td>
-				</tr>
-				<tr>
-					<input type="hidden" name="user_id" value=<?php echo $_POST['user_id']; ?> />
-					<td><input type="submit" value="Get results" /></td>
-				</tr>
-			</table>
-		</div>
-	</form>
-
-	<p />
-
-	<!-- Tables headings -->
-	<table class="results" style="width: 75%;">
-		<tr class="resultstitle">
-			<td class="textcenter">EventTimestamp</td>
-			<td class="textcenter">ServiceType</td>
-			<td class="textcenter">FramedProtocol</td>
-			<td class="textcenter">NASPort</td>
-			<td class="textcenter">NASPortType</td>
-			<td class="textcenter">CallingSationID</td>
-			<td class="textcenter">CalledStationID</td>
-			<td class="textcenter">NASPortID</td>
-			<td class="textcenter">AcctSessionID</td>
-			<td class="textcenter">FramedIPAddress</td>
-			<td class="textcenter">AcctAuthentic</td>
-			<td class="textcenter">NASIdentifier</td>
-			<td class="textcenter">NASIPAddress</td>
-			<td class="textcenter">AcctDelayTime</td>
-			<td class="textcenter">AcctSessionTime</td>
-			<td class="textcenter">Data-Input</td>
-			<td class="textcenter">Data-Output</td>
-			<td class="textcenter">AcctStatusType</td>
-			<td class="textcenter">AcctTerminateCause</td>
-		</tr>
-
-<?php
-
-		# Extra SQL
-		$extraSQL = "";
-		$extraSQLVals = array();
-		$limitSQL = "";
-
-		# Do we have a from date?, if so add it to our query
-		if (isset($_POST['date_from'])) {
-			$extraSQL .= " AND EventTimestamp >= ?";
-			array_push($extraSQLVals,$_POST['date_from']);
-		}
-		# Do we have a from date?, if so add it to our query
-		if (isset($_POST['date_to'])) {
-			$extraSQL .= " AND EventTimestamp <= ?";
-			array_push($extraSQLVals,$_POST['date_to']);
-		}
-
-		# Modify if we had a partial search or no search
-		if (count($extraSQLVals) < 2) {
-			$limitSQL = "LIMIT 50";
-		}
-
-		# Query to get all default data
-		$sql = "
-			SELECT
-					EventTimestamp, 
-					ServiceType,
-					FramedProtocol,
-					NASPort,
-					NASPortType, 
-					CallingStationID, 
-					CalledStationID, 
-					NASPortID, 
-					AcctSessionID, 
-					FramedIPAddress, 
-					AcctAuthentic, 
-					NASIdentifier, 
-					NASIPAddress, 
-					AcctDelayTime, 
-					AcctSessionTime, 
-					AcctInputOctets, 
-					AcctInputGigawords, 
-					AcctOutputOctets, 
-					AcctOutputGigawords, 
-					AcctStatusType, 
-					AcctTerminateCause 
-			FROM 
-					${DB_TABLE_PREFIX}accounting 
-			WHERE 
-					Username = '$getuser'
-					$extraSQL
-			ORDER BY
-					EventTimestamp
-			DESC
-				$limitSQL
-			";
-
-		$res = $db->prepare($sql);
-		$res->execute($extraSQLVals);
-
-		$totalInputData = 0;
-		$totalOutputData = 0;
-		$totalSessionTime = 0;
-
-		while ($row = $res->fetchObject()) {
-
-			# Input
-			$inputDataItem = 0;
-
-			if (!empty($row->acctinputoctets) && $row->acctinputoctets > 0) {
-				$inputDataItem += ($row->acctinputoctets / 1024) / 1024;
-			}
-			if (!empty($row->acctinputgigawords) && $row->inputgigawords > 0) {
-				$inputDataItem += ($row->acctinputgigawords * 4096);
-			}
-
-			$totalInputData += $inputDataItem;
-
-			# Output
-			$outputDataItem = 0;
-
-			if (!empty($row->acctoutputoctets) && $row->acctoutputoctets > 0) {
-				$outputDataItem += ($row->acctoutputoctets / 1024) / 1024;
-			}
-			if (!empty($row->acctoutputgigawords) && $row->acctoutputgigawords > 0) {
-				$outputDataItem += ($row->acctoutputgigawords * 4096);
-			}
-
-			$totalOutputData += $outputDataItem;
-
-			# Add up time
-			$sessionTimeItem = 0;
-
-			if (!empty($row->acctsessiontime) && $row->acctsessiontime > 0) {
-				$sessionTimeItem += $row->acctsessiontime / 60;
-			}
-
-			$totalSessionTime += $sessionTimeItem;
-
-?>
-
-			<tr class="resultsitem">
-				<td class="textcenter"><?php echo $row->eventtimestamp; ?></td>
-				<td class="textcenter"><?php echo $row->servicetype; ?></td>
-				<td class="textcenter"><?php echo $row->framedprotocol; ?></td>
-				<td class="textcenter"><?php echo $row->nasport; ?></td>
-				<td class="textcenter"><?php echo $row->nasporttype; ?></td>
-				<td class="textcenter"><?php echo $row->callingstationid; ?></td>
-				<td class="textcenter"><?php echo $row->calledstationid; ?></td>
-				<td class="textcenter"><?php echo $row->nasportid; ?></td>
-				<td class="textcenter"><?php echo $row->acctsessionid; ?></td>
-				<td class="textcenter"><?php echo $row->framedipaddress; ?></td>
-				<td class="textcenter"><?php echo $row->acctauthentic; ?></td>
-				<td class="textcenter"><?php echo $row->nasidentifier; ?></td>
-				<td class="textcenter"><?php echo $row->nasipaddress; ?></td>
-				<td class="textcenter"><?php echo $row->acctdelaytime; ?></td>
-				<td class="textcenter"><?php printf('%.2f',$sessionTimeItem); ?> Min</td>
-				<td class="textcenter"><?php printf('%.2f',$inputDataItem); ?> MB</td>
-				<td class="textcenter"><?php printf('%.2f',$outputDataItem); ?> MB</td>
-				<td class="textcenter"><?php echo $row->acctstatustype; ?></td>
-				<td class="textcenter"><?php echo strRadiusTermCode($row->acctterminatecause); ?></td>
-			</tr>
-
-<?php
-
-		}
-		if ($res->rowCount() == 0) {
-
-?>
-
-			<tr>
-				<td colspan="23" class="textcenter">No logs found for user: <?php echo $getuser; ?></td>
-			</tr>
-
-<?php
-
-		} else {
-
-?>
-
-			<tr class="resultsitem">
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-				<td class="textcenter" style="font-weight: bold;"><? printf('%.2f',$totalSessionTime); ?> Min</td>
-				<td class="textcenter" style="font-weight: bold;"><? printf('%.2f',$totalInputData); ?> MB</td>
-				<td class="textcenter" style="font-weight: bold;"><? printf('%.2f',$totalOutputData); ?> MB</td>
-				<td class="textcenter"></td>
-				<td class="textcenter"></td>
-			</tr>
-
-<?php
-
-		}
-		$res->closeCursor();
-?>
-		</table>
-<?php
-
-} else {
-
-?>
-	<div class="warning">No user selected</div>
-<?php
-
-}
-
-?>
-
-
-<?php
-
-printFooter();
-
-
-# vim: ts=4
-?>