/web/acc/manager/lib/sql/delete_group.php |
---|
0,0 → 1,31 |
<?php |
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php")) |
include_once("../lib/sql/drivers/$config[sql_type]/functions.php"); |
else{ |
echo "<b>Could not include SQL library</b><br>\n"; |
exit(); |
} |
$link = @da_sql_pconnect($config); |
if ($link){ |
$res = @da_sql_query($link,$config, |
"DELETE FROM $config[sql_groupreply_table] WHERE groupname = '$login';"); |
if ($res){ |
$res = @da_sql_query($link,$config, |
"DELETE FROM $config[sql_groupcheck_table] WHERE groupname = '$login';"); |
if ($res){ |
$res = @da_sql_query($link,$config, |
"DELETE FROM $config[sql_usergroup_table] WHERE groupname = '$login';"); |
if ($res) |
echo "<b>Le groupe $login a été correctement supprimé</b><br>\n"; |
else |
echo "<b>Error deleting group $login from usergroup table: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
else |
echo "<b>Error deleting group $login from group check table: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
else |
echo "<b>Error deleting group $login from group reply table: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
else |
echo "<b>Could not connect to SQL database</b><br>\n"; |
?> |
/web/acc/manager/lib/sql/password_check.php |
---|
0,0 → 1,36 |
<?php |
require('password.php'); |
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php")) |
include_once("../lib/sql/drivers/$config[sql_type]/functions.php"); |
else{ |
echo "<b>Could not include SQL library</b><br>\n"; |
exit(); |
} |
if ($action == 'checkpass'){ |
$link = @da_sql_pconnect($config); |
if ($link){ |
$res = @da_sql_query($link,$config, |
"SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login' |
AND attribute = '$config[sql_password_attribute]';"); |
if ($res){ |
$row = @da_sql_fetch_array($res,$config); |
if (is_file("../lib/crypt/$config[general_encryption_method].php")){ |
include("../lib/crypt/$config[general_encryption_method].php"); |
$enc_passwd = $row[value]; |
$passwd = da_encrypt($passwd,$enc_passwd); |
if ($passwd == $enc_passwd) |
// $msg = '<font color=blue><b>YES It is that</b></font>'; |
$msg = '<font color=blue><b>Le mot de passe est correct</b></font>'; |
else |
// $msg = '<font color=red><b>NO It is wrong</b></font>'; |
$msg = '<font color=red><b>Le mot de passe n\'est pas correct</b></font>'; |
} |
else |
echo "<b>Could not open encryption library file</b><br>\n"; |
} |
} |
echo "<b>$msg</b>\n"; |
} |
?> |
</form> |
/web/acc/manager/lib/sql/create_group.php |
---|
0,0 → 1,89 |
<?php |
require_once('../lib/functions.php'); |
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php")) |
include_once("../lib/sql/drivers/$config[sql_type]/functions.php"); |
else{ |
echo "<b>Could not include SQL library</b><br>\n"; |
exit(); |
} |
if ($config[sql_use_operators] == 'true'){ |
include("../lib/operators.php"); |
$text = ',op'; |
$passwd_op = ",':='"; |
} |
$da_abort=0; |
$op_val2 = ''; |
$link = @da_sql_pconnect($config); |
if ($link){ |
$Members = preg_split("/[\n\s]+/",$members,-1,PREG_SPLIT_NO_EMPTY); |
if (!empty($Members)){ |
foreach ($Members as $member){ |
$member = da_sql_escape_string($member); |
$res = @da_sql_query($link,$config, |
"INSERT INTO $config[sql_usergroup_table] (username,groupname) |
VALUES ('$member','$login');"); |
if (!$res || !@da_sql_affected_rows($link,$res,$config)){ |
echo "<b>Unable to add user $member in group $login: " . da_sql_error($link,$config) . "</b><br>\n"; |
$da_abort=1; |
} |
} |
} |
else |
{ |
$res = @da_sql_query($link,$config, |
"INSERT INTO $config[sql_usergroup_table] (username,groupname) |
VALUES ('$login','$login');"); |
if (!$res || !@da_sql_affected_rows($link,$res,$config)) |
{ |
echo "<b>Unable to add user $member in group $login: " . da_sql_error($link,$config) . "</b><br>\n"; |
$da_abort=1; |
} |
else |
{ |
echo "<b>Un groupe ne pouvant être vide, l'usager '$login' a été créé (usager virtuel)<br>"; |
} |
} |
if (!$da_abort) |
{ |
foreach($show_attrs as $key => $attr){ |
if ($attrmap["$key"] == 'none') |
continue; |
if ($attrmap["$key"] == ''){ |
$attrmap["$key"] = $key; |
$attr_type["$key"] = 'replyItem'; |
$rev_attrmap["$key"] = $key; |
} |
if ($attr_type["$key"] == 'checkItem'){ |
$table = "$config[sql_groupcheck_table]"; |
$type = 1; |
} |
else if ($attr_type["$key"] == 'replyItem'){ |
$table = "$config[sql_groupreply_table]"; |
$type = 2; |
} |
$val = $$attrmap["$key"]; |
$val = da_sql_escape_string($val); |
$op_name = $attrmap["$key"] . '_op'; |
$op_val = $$op_name; |
if ($op_val != ''){ |
$op_val = da_sql_escape_string($op_val); |
if (check_operator($op_val,$type) == -1){ |
echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n"; |
coninue; |
} |
$op_val2 = ",'$op_val'"; |
} |
if ($val == '' || check_defaults($val,$op_val,$default_vals["$key"])) |
continue; |
$res = @da_sql_query($link,$config, |
"INSERT INTO $table (attribute,value,groupname $text) |
VALUES ('$attrmap[$key]','$val','$login' $op_val2);"); |
if (!$res || !@da_sql_affected_rows($link,$res,$config)) |
echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
echo "<b>Le groupe $login a été correctement créé</b><br>\n"; |
} |
} |
else |
echo "<b>Could not connect to SQL database</b><br>\n"; |
?> |
/web/acc/manager/lib/sql/delete_user.php |
---|
0,0 → 1,37 |
<?php |
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php")) |
include_once("../lib/sql/drivers/$config[sql_type]/functions.php"); |
else{ |
echo "<b>Could not include SQL library</b><br>\n"; |
exit(); |
} |
$link = @da_sql_pconnect($config); |
if ($link){ |
$res = @da_sql_query($link,$config, |
"DELETE FROM $config[sql_reply_table] WHERE username = '$login';"); |
if ($res){ |
$res = @da_sql_query($link,$config, |
"DELETE FROM $config[sql_check_table] WHERE username = '$login';"); |
if ($res){ |
$res = @da_sql_query($link,$config, |
"DELETE FROM $config[sql_usergroup_table] WHERE username = '$login';"); |
if (!$res) |
echo "<b>Error deleting user $login from user group table: " . da_sql_error($link,$config) . "</b><br>\n"; |
if ($config[sql_use_user_info_table] == 'true'){ |
$res = @da_sql_query($link,$config, |
"DELETE FROM $config[sql_user_info_table] WHERE username = '$login';"); |
if ($res) |
echo "<b>L'usager $login a été correctement supprimé</b><br>\n"; |
else |
echo "<b>Error deleting user $login from user info table: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
} |
else |
echo "<b>Error deleting user $login from check table: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
else |
echo "<b>Error deleting user $login from reply table: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
else |
echo "<b>Could not connect to SQL database</b><br>\n"; |
?> |
/web/acc/manager/lib/sql/find.php |
---|
0,0 → 1,57 |
<?php |
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php")) |
include_once("../lib/sql/drivers/$config[sql_type]/functions.php"); |
else{ |
echo "<b>Could not include SQL library</b><br>\n"; |
exit(); |
} |
unset($found_users); |
$link = @da_sql_pconnect($config); |
if ($link){ |
$search = da_sql_escape_string($search); |
if (!is_numeric($max)) |
# $max = 10; |
# modif by MG fo Alcasar |
$max = 40; |
if ($max > 500) |
$max = 10; |
if (($search_IN == 'name' || $search_IN == 'department' || $search_IN == 'username') && |
$config[sql_use_user_info_table] == 'true'){ |
$res = @da_sql_query($link,$config, |
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $config[sql_user_info_table] WHERE |
lower($search_IN) LIKE '%$search%' " . |
# da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;"); |
# modif by MG for Alcasar |
da_sql_limit($max,1,$config) . " " . da_sql_limit($max,1,$config) . " ;"); |
if ($res){ |
while(($row = @da_sql_fetch_array($res,$config))) |
$found_users[] = $row[username]; |
} |
else |
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
else if ($search_IN == 'radius' && $radius_attr != ''){ |
require("../lib/sql/attrmap.php"); |
if ($attrmap["$radius_attr"] == ''){ |
$attrmap["$radius_attr"] = $radius_attr; |
$attr_type["$radius_attr"] = 'replyItem'; |
} |
$table = ($attr_type[$radius_attr] == 'checkItem') ? $config[sql_check_table] : $config[sql_reply_table]; |
$attr = $attrmap[$radius_attr]; |
$attr = da_sql_escape_string($attr); |
$res = @da_sql_query($link,$config, |
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $table WHERE attribute = '$attr' |
AND value LIKE '%$search%' " . da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;"); |
if ($res){ |
while(($row = @da_sql_fetch_array($res,$config))) |
$found_users[] = $row[username]; |
} |
else |
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
} |
else |
echo "<b>Could not connect to SQL database</b><br>\n"; |
?> |
/web/acc/manager/lib/sql/create_user.php |
---|
0,0 → 1,120 |
<?php |
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php")) |
include_once("../lib/sql/drivers/$config[sql_type]/functions.php"); |
else{ |
echo "<b>Could not include SQL library</b><br>\n"; |
exit(); |
} |
include_once('../lib/functions.php'); |
if ($config[sql_use_operators] == 'true'){ |
include("../lib/operators.php"); |
$text = ',op'; |
$passwd_op = ",':='"; |
} |
$da_abort=0; |
$op_val2 = ''; |
$link = @da_sql_pconnect($config); |
if ($link){ |
if (is_file("../lib/crypt/$config[general_encryption_method].php")){ |
include("../lib/crypt/$config[general_encryption_method].php"); |
$passwd = da_encrypt($passwd); |
$passwd = da_sql_escape_string($passwd); |
$res = @da_sql_query($link,$config, |
"INSERT INTO $config[sql_check_table] (attribute,value,username $text) |
VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);"); |
if (!$res || !@da_sql_affected_rows($link,$res,$config)){ |
echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n"; |
$da_abort=1; |
} |
if ($config[sql_use_user_info_table] == 'true' && !$da_abort){ |
$res = @da_sql_query($link,$config, |
"SELECT username FROM $config[sql_user_info_table] WHERE |
username = '$login';"); |
if ($res){ |
if (!@da_sql_num_rows($res,$config)){ |
$Fcn = da_sql_escape_string($Fcn); |
$Fmail = da_sql_escape_string($Fmail); |
$Fou = da_sql_escape_string($Fou); |
$Fhomephone = da_sql_escape_string($Fhomephone); |
$Fworkphone = da_sql_escape_string($Fworkphone); |
$Fmobile = da_sql_escape_string($Fmobile); |
$res = @da_sql_query($link,$config, |
"INSERT INTO $config[sql_user_info_table] |
(username,name,mail,department,homephone,workphone,mobile) VALUES |
('$login','$Fcn','$Fmail','$Fou','$Fhomephone','$Ftelephonenumber','$Fmobile');"); |
if (!$res || !@da_sql_affected_rows($link,$res,$config)) |
echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
else |
echo "<b>Cet usager existe déjà dans la table 'info'</b><br>\n"; |
} |
else |
echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
if ($Fgroup != ''){ |
$Fgroup = da_sql_escape_string($Fgroup); |
$res = @da_sql_query($link,$config, |
"SELECT username FROM $config[sql_usergroup_table] |
WHERE username = '$login' AND groupname = '$Fgroup';"); |
if ($res){ |
if (!@da_sql_num_rows($res,$config)){ |
$res = @da_sql_query($link,$config, |
"INSERT INTO $config[sql_usergroup_table] |
(username,groupname) VALUES ('$login','$Fgroup');"); |
if (!$res || !@da_sql_affected_rows($link,$res,$config)) |
echo "<b>Could not add user to group $Fgroup. SQL Error</b><br>\n"; |
} |
else |
echo "<b>User already is a member of group $Fgroup</b><br>\n"; |
} |
else |
echo "<b>Could not add user to group $Fgroup: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
if (!$da_abort){ |
if ($Fgroup != '') |
require('../lib/defaults.php'); |
foreach($show_attrs as $key => $attr){ |
if ($attrmap["$key"] == 'none') |
continue; |
if ($attrmap["$key"] == ''){ |
$attrmap["$key"] = $key; |
$attr_type["$key"] = 'replyItem'; |
$rev_attrmap["$key"] = $key; |
} |
if ($attr_type["$key"] == 'checkItem'){ |
$table = "$config[sql_check_table]"; |
$type = 1; |
} |
else if ($attr_type["$key"] == 'replyItem'){ |
$table = "$config[sql_reply_table]"; |
$type = 2; |
} |
$val = $$attrmap["$key"]; |
$val = da_sql_escape_string($val); |
$op_name = $attrmap["$key"] . '_op'; |
$op_val = $$op_name; |
if ($op_val != ''){ |
$op_val = da_sql_escape_string($op_val); |
if (check_operator($op_val,$type) == -1){ |
echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n"; |
coninue; |
} |
$op_val2 = ",'$op_val'"; |
} |
if ($val == '' || check_defaults($val,$op_val,$default_vals["$key"])) |
continue; |
$res = @da_sql_query($link,$config, |
"INSERT INTO $table (attribute,value,username $text) |
VALUES ('$attrmap[$key]','$val','$login' $op_val2);"); |
if (!$res || !@da_sql_affected_rows($link,$res,$config)) |
echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n"; |
} |
} |
echo "<b>Usager correctement créé</b><br>\n"; |
} |
else |
echo "<b>Could not open encryption library file</b><br>\n"; |
} |
else |
echo "<b>Could not connect to SQL database</b><br>\n"; |
?> |
/web/acc/manager/lib/sql/drivers/mysql/functions.php |
---|
0,0 → 1,136 |
<?php |
function da_sql_limit($limit,$point,$config) |
{ |
switch($point){ |
case 0: |
return ''; |
case 1: |
return ''; |
//modif by MG for Alcasar |
case 2: |
return "LIMIT $limit"; |
case 3: |
return "LIMIT $limit"; |
} |
} |
function da_sql_host_connect($server,$config) |
{ |
if ($config[sql_use_http_credentials] == 'yes'){ |
global $HTTP_SERVER_VARS; |
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"]; |
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"]; |
} |
else{ |
$SQL_user = $config[sql_username]; |
$SQL_passwd = $config[sql_password]; |
} |
if ($config[sql_connect_timeout] != 0) |
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]); |
if ($config[sql_debug] == 'true') |
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n"; |
return @mysql_connect("$server:$config[sql_port]",$SQL_user,$SQL_passwd); |
} |
function da_sql_connect($config) |
{ |
if ($config[sql_use_http_credentials] == 'yes'){ |
global $HTTP_SERVER_VARS; |
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"]; |
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"]; |
} |
else{ |
$SQL_user = $config[sql_username]; |
$SQL_passwd = $config[sql_password]; |
} |
if ($config[sql_connect_timeout] != 0) |
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]); |
if ($config[sql_debug] == 'true') |
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n"; |
return @mysql_connect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd); |
} |
function da_sql_pconnect($config) |
{ |
if ($config[sql_use_http_credentials] == 'yes'){ |
global $HTTP_SERVER_VARS; |
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"]; |
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"]; |
} |
else{ |
$SQL_user = $config[sql_username]; |
$SQL_passwd = $config[sql_password]; |
} |
if ($config[sql_connect_timeout] != 0) |
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]); |
if ($config[sql_debug] == 'true') |
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n"; |
return @mysql_pconnect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd); |
} |
function da_sql_close($link,$config) |
{ |
return @mysql_close($link); |
} |
function da_sql_escape_string($string) |
{ |
return @mysql_escape_string($string); |
} |
function da_sql_query($link,$config,$query) |
{ |
if ($config[sql_debug] == 'true') |
print "<b>DEBUG(SQL,MYSQL DRIVER): Query: <i>$query</i></b><br>\n"; |
return @mysql_db_query($config[sql_database],$query,$link); |
} |
function da_sql_num_rows($result,$config) |
{ |
if ($config[sql_debug] == 'true') |
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Num rows:: " . @mysql_num_rows($result) . "</b><br>\n"; |
return @mysql_num_rows($result); |
} |
function da_sql_fetch_array($result,$config) |
{ |
$row = array_change_key_case(@mysql_fetch_array($result, |
MYSQL_ASSOC),CASE_LOWER); |
if ($config[sql_debug] == 'true'){ |
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: <pre>"; |
print_r($row); |
print "</b></pre>\n"; |
} |
return $row; |
} |
function da_sql_affected_rows($link,$result,$config) |
{ |
if ($config[sql_debug] == 'true') |
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Affected rows:: " . @mysql_affected_rows($result) . "</b><br>\n"; |
return @mysql_affected_rows($link); |
} |
function da_sql_list_fields($table,$link,$config) |
{ |
return @mysql_list_fields($config[sql_database],$table); |
} |
function da_sql_num_fields($fields,$config) |
{ |
return @mysql_num_fields($fields); |
} |
function da_sql_field_name($fields,$num,$config) |
{ |
return @mysql_field_name($fields,$num); |
} |
function da_sql_error($link,$config) |
{ |
return @mysql_error($link); |
} |
?> |