Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1804 → Rev 1805

/web/acc/manager/lib/acctshow.php
0,0 → 1,20
<?php
#Read sql attribute map
unset($sql_attrs);
if (isset($_SESSION['sql_attrs']))
$sql_attrs = $_SESSION["sql_attrs"];
if (!isset($sql_attrs)){
$ARR = file($config[general_sql_attrs_file]);
foreach($ARR as $val){
$val=chop($val);
if (preg_match('/^[[:space:]]*#/',$val) || preg_match('/^[[:space:]]*$/',$val))
continue;
list($key,$desc,$show,$func)=preg_split("/\t+/",$val);
$sql_attrs[strtolower($key)][desc] = "$desc";
$sql_attrs[strtolower($key)][show] = "$show";
$sql_attrs[strtolower($key)][func] = ($func == "") ? "nothing" : "$func";
}
if ($config[general_use_session] == 'yes')
session_register('sql_attrs');
}
?>
/web/acc/manager/lib/add_badusers.php
0,0 → 1,38
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
 
$date=date($config[sql_full_date_format]);
$lockmsg_name = $attrmap['Dialup-Lock-Msg'] . '0';
$msg = $$lockmsg_name;
$admin = '-';
if ($_SERVER["PHP_AUTH_USER"] != '')
$admin = $_SERVER["PHP_AUTH_USER"];
if ($msg == '')
echo "<b>Lock Message should not be empty</b><br>\n";
else{
$sql_servers = array();
if ($config[sql_extra_servers] != '')
$sql_servers = explode(' ',$config[sql_extra_servers]);
$sql_servers[] = $config[sql_server];
foreach ($sql_servers as $server){
$link = da_sql_host_connect($server,$config);
if ($link){
$r = da_sql_query($link,$config,
"INSERT INTO $config[sql_badusers_table] (username,incidentdate,admin,reason)
VALUES ('$login','$date','$admin','$msg');");
if (!$r)
echo "<b>SQL Error:" . da_sql_error($link,$config) . "</b><br>\n";
else
echo "<b>User added to badusers table</b><br>\n";
da_sql_close($link,$config);
}
else
echo "<b>SQL Error: Could not connect to SQL database: $server</b><br>\n";
}
}
?>
/web/acc/manager/lib/attrshow.php
0,0 → 1,54
<?php
//include_once('../lib/xlat.php');
#Read user_edit attribute map
unset($show_attrs);
if (isset($_SESSION['show_attrs']))
$show_attrs = $_SESSION['show_attrs'];
if (!isset($show_attrs)){
$infile = $config['general_user_edit_attrs_file'];
$ARR = file($infile);
foreach($ARR as $val){
$val=chop($val);
if (preg_match('/^[[:space:]]*#/',$val) || preg_match('/^[[:space:]]*$/',$val))
continue;
list($key,$v)=preg_split("/\t+/",$val);
$show_attrs["$key"]=($v != '') ? "$v" : "$key";
}
if ($config['general_use_session'] == 'yes')
session_register('show_attrs');
}
unset($acct_attrs);
if (isset($_SESSION['acct_attrs']))
$acct_attrs = $_SESSION['acct_attrs'];
if (!isset($acct_attrs) && isset($config['general_accounting_attrs_file'])){
$infile = $config['general_accounting_attrs_file'];
$ARR = file($infile);
$acct_attrs = array();
$acct_attrs["ua"] = array();
$acct_attrs["ua"]['num'] = 0;
$acct_attrs["uf"] = array();
$acct_attrs["uf"]['num'] = 0;
$acct_attrs["fl"] = array();
$acct_attrs["fl"]['num'] = 0;
foreach ($ARR as $val){
$val=chop($val);
if (preg_match('/^[[:space:]]*#/',$val) || preg_match('/^[[:space:]]*$/',$val))
continue;
list($num,$desc,$showua,$showuf,$showfl)=preg_split("/\t+/",$val);
if ($showua == 'yes'){
$acct_attrs["ua"]["num"]++;
$acct_attrs["ua"]["$num"]=$desc;
}
if ($showuf == 'yes'){
$acct_attrs["uf"]["num"]++;
$acct_attrs["uf"]["$num"]=$desc;
}
if ($showfl == 'yes'){
$acct_attrs["fl"]["num"]++;
$acct_attrs["fl"]["$num"]=$desc;
}
}
if ($config['general_use_session'] == 'yes')
session_register('acct_attrs');
}
?>
/web/acc/manager/lib/crypt/clear.php
0,0 → 1,6
<?php
function da_encrypt($passwd)
{
return $passwd;
}
?>
/web/acc/manager/lib/crypt/md5.php
0,0 → 1,6
<?php
function da_encrypt($passwd)
{
return md5($passwd);
}
?>
/web/acc/manager/lib/defaults.php
0,0 → 1,24
<?php
unset($text_default_vals);
unset($default_vals);
if (isset($_SESSION['text_default_vals']))
$text_default_vals = $_SESSION['text_default_vals'];
if (!isset($text_default_vals)){
$ARR=file("$config[general_default_file]");
foreach($ARR as $val) {
$val=chop($val);
if (preg_match('/^[[:space:]]*#/',$val) || preg_match('/^[[:space:]]*$/',$val))
continue;
list($key,$v)=preg_split("/:[[:space:]]*/",$val,2);
$text_default_vals["$key"][0]="$v";
$text_default_vals["$key"]['count']++;
}
if (!isset($text_default_vals))
$text_default_vals["NOT_EXIST"][0] = '0';
if ($config['general_use_session'] == 'yes')
session_register('text_default_vals');
}
$default_vals = $text_default_vals;
if (is_file("../lib/$config[general_lib_type]/defaults.php"))
include("../lib/$config[general_lib_type]/defaults.php");
?>
/web/acc/manager/lib/functions.php
6,6 → 6,7
return "0 seconds";
$d = $time/86400;
$d = floor($d);
$str = '';
if ($d){
$str .= "$d days, ";
$time = $time % 86400;
24,8 → 25,9
}
if ($time)
$str .= "$time seconds, ";
$str = ereg_replace(', $','',$str);
 
$str = preg_replace('/, $/','',$str);
 
return $str;
}
 
115,8 → 117,8
}
function check_defaults($val,$op,$def)
{
for($i=0;$i<$def[count];$i++){
if ($val == $def[$i] && ($op == '' || $op == $def[operator][$i]))
for($i=0;$i<$def['count'];$i++){
if ($val == $def[$i] && ($op == '' || $op == $def['operator'][$i]))
return 1;
}
 
/web/acc/manager/lib/lang/default/utf8.php
0,0 → 1,11
<?php
function init_decoder()
{
return 0;
}
 
function decode_string($line,$k)
{
return $line;
}
?>
/web/acc/manager/lib/lang/el/utf8.php
0,0 → 1,91
<?php
function init_encoder()
{
$k = array(
 
"~@"=>"€", "~A"=>"", "~B"=>"‚", "~C"=>"ƒ", "~D"=>"„", "~E"=>"…",
"~F"=>"†", "~G"=>"‡", "~H"=>"ˆ", "~I"=>"‰", "~J"=>"Š", "~K"=>"‹",
"~L"=>"Œ", "~M"=>"", "~N"=>"Ž", "~O"=>"", "~P"=>"", "~Q"=>"‘",
"~R"=>"’", "~S"=>"“", "~T"=>"”", "~U"=>"•", "~V"=>"–", "~W"=>"—",
"~^"=>"ž", "~_"=>"Ÿ", "| "=>" ", "¡"=>"ʽ", "¢"=>"ʼ", "£"=>"£",
"¤"=>"�", "¥"=>"�", "¦"=>"¦", "§"=>"§", "¨"=>"¨", "©"=>"©",
"ª"=>"�", "«"=>"«", "¬"=>"¬", "­"=>"­", "®"=>"�", "¯"=>"―",
"°"=>"°", "±"=>"±", "²"=>"²", "³"=>"³", "´"=>"΄", "µ"=>"΅",
"¶"=>"Ά", "·"=>"·", "¸"=>"Έ", "¹"=>"Ή", "º"=>"Ί", "»"=>"»",
"¼"=>"Ό", "½"=>"½", "¾"=>"Ύ", "¿"=>"Ώ", "À"=>"ΐ", "Á"=>"Α",
"Â"=>"Β", "Ã"=>"Γ", "Ä"=>"Δ", "Å"=>"Ε", "Æ"=>"Ζ", "Ç"=>"Η",
"È"=>"Θ", "É"=>"Ι", "Ê"=>"Κ", "Ë"=>"Λ", "Ì"=>"Μ", "Í"=>"Ν",
"Î"=>"Ξ", "Ï"=>"Ο", "Ð"=>"Π", "Ñ"=>"Ρ", "Ò"=>"�", "Ó"=>"Σ",
"Ô"=>"Τ", "Õ"=>"Î¥", "Ö"=>"Φ", "×"=>"Χ", "Ø"=>"Ψ", "Ù"=>"Ω",
"Ú"=>"Ϊ", "Û"=>"Ϋ", "Ü"=>"ά", "Ý"=>"έ", "Þ"=>"ή", "ß"=>"ί",
"à"=>"ΰ", "á"=>"α", "â"=>"β", "ã"=>"γ", "ä"=>"δ", "å"=>"ε",
"æ"=>"ζ", "ç"=>"η", "è"=>"θ", "é"=>"ι", "ê"=>"κ", "ë"=>"λ",
"ì"=>"μ", "í"=>"ν", "î"=>"ξ", "ï"=>"ο", "ð"=>"π", "ñ"=>"ρ",
"ò"=>"ς", "ó"=>"σ", "ô"=>"τ", "õ"=>"υ", "ö"=>"φ", "÷"=>"χ",
"ø"=>"ψ", "ù"=>"ω", "ú"=>"ϊ", "û"=>"ϋ", "ü"=>"ό", "ý"=>"ύ",
"þ"=>"ώ", "~X"=>"˜", "~Y"=>"™", "~Z"=>"š", "~["=>"›", "~]"=>""
);
 
return $k;
}
 
function init_decoder()
{
$k = array(
"€"=>"~@", ""=>"~A", "‚"=>"~B", "ƒ"=>"~C", "„"=>"~D", "…"=>"~E",
"†"=>"~F", "‡"=>"~G", "ˆ"=>"~H", "‰"=>"~I", "Š"=>"~J", "‹"=>"~K",
"Œ"=>"~L", ""=>"~M", "Ž"=>"~N", ""=>"~O", ""=>"~P", "‘"=>"~Q",
"’"=>"~R", "“"=>"~S", "”"=>"~T", "•"=>"~U", "–"=>"~V", "—"=>"~W",
"ž"=>"~^", "Ÿ"=>"~_", " "=>"| ", "ʽ"=>"¡", "ʼ"=>"¢", "£"=>"£",
"�"=>"¤", "�"=>"¥", "¦"=>"¦", "§"=>"§", "¨"=>"¨", "©"=>"©",
"�"=>"ª", "«"=>"«", "¬"=>"¬", "­"=>"­", "�"=>"®", "―"=>"¯",
"°"=>"°", "±"=>"±", "²"=>"²", "³"=>"³", "΄"=>"´", "΅"=>"µ",
"Ά"=>"¶", "·"=>"·", "Έ"=>"¸", "Ή"=>"¹", "Ί"=>"º", "»"=>"»",
"Ό"=>"¼", "½"=>"½", "Ύ"=>"¾", "Ώ"=>"¿", "ΐ"=>"À", "Α"=>"Á",
"Β"=>"Â", "Γ"=>"Ã", "Δ"=>"Ä", "Ε"=>"Å", "Ζ"=>"Æ", "Η"=>"Ç",
"Θ"=>"È", "Ι"=>"É", "Κ"=>"Ê", "Λ"=>"Ë", "Μ"=>"Ì", "Ν"=>"Í",
"Ξ"=>"Î", "Ο"=>"Ï", "Π"=>"Ð", "Ρ"=>"Ñ", "�"=>"Ò", "Σ"=>"Ó",
"Τ"=>"Ô", "Î¥"=>"Õ", "Φ"=>"Ö", "Χ"=>"×", "Ψ"=>"Ø", "Ω"=>"Ù",
"Ϊ"=>"Ú", "Ϋ"=>"Û", "ά"=>"Ü", "έ"=>"Ý", "ή"=>"Þ", "ί"=>"ß",
"ΰ"=>"à", "α"=>"á", "β"=>"â", "γ"=>"ã", "δ"=>"ä", "ε"=>"å",
"ζ"=>"æ", "η"=>"ç", "θ"=>"è", "ι"=>"é", "κ"=>"ê", "λ"=>"ë",
"μ"=>"ì", "ν"=>"í", "ξ"=>"î", "ο"=>"ï", "π"=>"ð", "ρ"=>"ñ",
"ς"=>"ò", "σ"=>"ó", "τ"=>"ô", "υ"=>"õ", "φ"=>"ö", "χ"=>"÷",
"ψ"=>"ø", "ω"=>"ù", "ϊ"=>"ú", "ϋ"=>"û", "ό"=>"ü", "ύ"=>"ý",
"ώ"=>"þ", "˜"=>"~X", "™"=>"~Y", "š"=>"~Z", "›"=>"~[", ""=>"~]"
);
 
return $k;
}
 
function encode_string($line,$k)
{
for($i=0;$i<strlen($line);$i++){
$c = $line{$i};
$val = $k["$c"];
$c = ($val != "") ? "$val" : "$c";
$new_line .= $c;
}
 
return $new_line;
}
 
function decode_string($line,$k)
{
$line = preg_replace("/&/","&&",$line);
$line = preg_replace("/([,+0-9.\/() -])/", "%\\1", $line);
$mline = chunk_split($line, 2, " ");
$chars = explode(" ", $mline);
foreach ($chars as $c){
$val = $k["$c"];
$c = ($val != "") ? "$val" : "$c";
$new_line .= $c;
}
$new_line = preg_replace("/%%/", " ", $new_line);
$new_line = preg_replace("/%([,+0-9.\/() -])/", "\\1", $new_line);
$new_line = preg_replace("/%/", " ",$new_line);
$new_line = preg_replace("/&&/","&",$new_line);
 
return $new_line;
}
?>
/web/acc/manager/lib/operators.php
0,0 → 1,42
<?php
$op_eq = '=';
$op_set = ':=';
$op_add = '+=';
$op_eq2 = '==';
$op_ne = '!=';
$op_gt = '>';
$op_ge = '>=';
$op_lt = '<';
$op_le = '<=';
$op_regeq = '=~';
$op_regne = '!~';
$op_exst = '=*';
$op_nexst = '!*';
 
// Check the operator if it is allowed for this type of
// attribute (check or reply).
// Arguments:
// $op: The operator
// $type: 1(check),2(reply)
// Return value:0 for OK, -1 for error
function check_operator($op,$type)
{
switch($op){
case '=':
case ':=':
case '+=':
return 0;
case '==':
case '!=':
case '>':
case '>=':
case '<':
case '<=':
case '=~':
case '!~':
case '=*':
case '!*':
return ($type == 1) ? 0 : -1;
}
}
?>
/web/acc/manager/lib/sql/attrmap.php
0,0 → 1,37
<?php
#Read sql attribute map
unset($attrmap);
unset($rev_attrmap);
unset($attr_type);
if (isset($_SESSION['attrmap'])){
#If attrmap is set then the rest will also be set
$attrmap = $_SESSION['attrmap'];
$rev_attrmap =$_SESSION['rev_attrmap'];
$attr_type = $_SESSION['attr_type'];
}
else{
$ARR = file("$config[general_sql_attrmap]");
foreach($ARR as $val){
$val=chop($val);
if (preg_match('/^[[:space:]]*#/',$val) || preg_match('/^[[:space:]]*$/',$val))
continue;
list($type,$key,$v)=preg_split('/[[:space:]]+/',$val);
$attrmap["$key"]=$v;
$rev_attrmap["$v"] = $key;
$attr_type["$key"]=$type;
}
if (isset($show_attrs)){
foreach($show_attrs as $key => $desc){
if (!isset($attrmap["$key"]) || $attrmap["$key"] == ''){
$attrmap["$key"] = $key;
$attr_type["key"] = 'replyItem';
$rev_attrmap["$key"] = $key;
}
}
}
if ($config['general_use_session'] == 'yes'){
session_register('attrmap');
session_register('rev_attrmap');
session_register('attr_type');
}
}
/web/acc/manager/lib/sql/change_attrs.php
6,12 → 6,12
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
if ($config[sql_use_operators] == 'true'){
if ($config['sql_use_operators'] == 'true'){
$use_ops=1;
$text1 = 'AND op =';
$text2 = ',op';
}
$link = @da_sql_pconnect($config);
$link = da_sql_pconnect($config);
if ($link){
foreach($show_attrs as $key => $desc){
if ($attrmap["$key"] == 'none')
26,7 → 26,7
$name = $attrmap["$key"] . $i;
while(isset($$name)){
$val=$$name;
$val = da_sql_escape_string($val);
$val = da_sql_escape_string($link, $val);
$op_name = $name . '_op';
$i++;
$j++;
33,18 → 33,18
$name = $attrmap["$key"] . $i;
$sql_attr=$attrmap["$key"];
$query_key = ($user_type == 'group') ? 'groupname' : 'username';
if ($attr_type["$key"] == 'checkItem'){
$table = ($user_type == 'group') ? $config[sql_groupcheck_table] : $config[sql_check_table];
if (isset($attr_type["$key"]) && $attr_type["$key"] == 'checkItem'){
$table = ($user_type == 'group') ? $config['sql_groupcheck_table'] : $config['sql_check_table'];
$type = 1;
}
else if ($attr_type["$key"] == 'replyItem'){
$table = ($user_type == 'group') ? $config[sql_groupreply_table] : $config[sql_reply_table];
else if (isset($attr_type["$key"]) && $attr_type["$key"] == 'replyItem'){
$table = ($user_type == 'group') ? $config['sql_groupreply_table'] : $config['sql_reply_table'];
$type = 2;
}
if ($use_ops){
$op_val = $$op_name;
if ($op_val != ''){
$op_val = da_sql_escape_string($op_val);
$op_val = da_sql_escape_string($link, $op_val);
if (check_operator($op_val,$type) == -1){
echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";
continue;
52,25 → 52,26
$op_val2 = ",'$op_val'";
}
}
$sql_attr = da_sql_escape_string($sql_attr);
$val = da_sql_escape_string($val);
$sql_attr = da_sql_escape_string($link, $sql_attr);
$val = da_sql_escape_string($link, $val);
// if we have operators, the operator has changed and the corresponding value exists then update
if ($use_ops && isset($item_vals["$key"][operator][$j]) &&
$op_val != $item_vals["$key"][operator][$j] ){
$res = @da_sql_query($link,$config,
if ($use_ops && isset($item_vals["$key"]['operator'][$j]) &&
$op_val != $item_vals["$key"]['operator'][$j] ){
$res = da_sql_query($link,$config,
"UPDATE $table SET op = '$op_val' WHERE $query_key = '$login'
AND attribute = '$sql_attr' AND value = '$val';");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Operator change failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";
}
$chkdef = (isset($default_vals["$key"])) ? check_defaults($val,$op_val,$default_vals["$key"]) : 0;
// if value is the same as that in the sql database do nothing
if ($val == $item_vals["$key"][$j])
if (isset($item_vals["$key"]) && $val == $item_vals["$key"][$j])
continue;
// if value is null or equals the default value and corresponding value exists then delete
else if ((check_defaults($val,$op_val,$default_vals["$key"]) || $val == '' || ($sql_attr == "Filter-Id" && $val == "None")) && isset($item_vals["$key"][$j])){
$res = @da_sql_query($link,$config,
else if (($chkdef || $val == '' || ($sql_attr == "Filter-Id" && $val == "None")) && isset($item_vals["$key"][$j])){
$res = da_sql_query($link,$config,
"DELETE FROM $table WHERE $query_key = '$login' AND attribute = '$sql_attr';");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Delete failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";
}
// if value is null or equals the default value then don't add it
80,16 → 81,16
else{
if (isset($item_vals["$key"][$j])){
$old_val = $item_vals["$key"][$j];
$old_val = da_sql_escape_string($old_val);
$res = @da_sql_query($link,$config,
$old_val = da_sql_escape_string($link, $old_val);
$res = da_sql_query($link,$config,
"UPDATE $table SET value = '$val' WHERE $query_key = '$login' AND
attribute = '$sql_attr' AND value = '$old_val';");
}
else
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"INSERT INTO $table ($query_key,attribute,value $text2)
VALUES ('$login','$sql_attr','$val' $op_val2);");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Change failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
/web/acc/manager/lib/sql/change_info.php
0,0 → 1,57
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
$link = da_sql_pconnect($config);
$fail = 0;
if ($link){
if ($config['sql_use_user_info_table'] == 'true'){
$res = da_sql_query($link,$config,
"SELECT username FROM $config[sql_user_info_table] WHERE
username = '$login';");
if ($res){
$Fcn = (isset($Fcn)) ? da_sql_escape_string($link, $Fcn) : '';
$Fmail = (isset($Fmail)) ? da_sql_escape_string($link, $Fmail) : '';
$Fou = (isset($Fou)) ? da_sql_escape_string($link, $Fou) : '';
$Fhomephone = (isset($Fhomephone)) ? da_sql_escape_string($link, $Fhomephone) : '';
$Ftelephonenumber = (isset($Ftelephonenumber)) ? da_sql_escape_string($link, $Ftelephonenumber) : '';
$Fmobile = (isset($Fmobile)) ? da_sql_escape_string($link, $Fmobile) : '';
 
if (!da_sql_num_rows($res,$config)){
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_user_info_table]
(username,name,mail,department,homephone,workphone,mobile) VALUES
('$login','$Fcn','$Fmail','$Fou','$Ftelephonenumber','$Fhomephone','$Fmobile');");
if (!$res || !da_sql_affected_rows($link,$res,$config)){
echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
$fail = 1;
}
}
else{
$res = da_sql_query($link,$config,
"UPDATE $config[sql_user_info_table] SET name = '$Fcn',Mail = '$Fmail',
department = '$Fou', homephone = '$Fhomephone', workphone = '$Ftelephonenumber',
mobile = '$Fmobile' WHERE username = '$login';");
if (!$res || !da_sql_affected_rows($link,$res,$config)){
echo "<b>Could not update user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
$fail = 1;
}
}
}
else{
echo "<b>Could not find user in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
$fail = 1;
}
if ($fail == 0)
echo "<b>User information updated successfully</b><br>\n";
}
else
echo "<b>Cannot use the user info table. Check the sql_use_user_info_table directive in admin.conf</b><br>\n";
 
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/change_passwd.php
0,0 → 1,52
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
if ($config[sql_use_operators] == 'true'){
$text1 = ',op';
$text2 = ",':='";
$text3 = ", op = ':='";
}
else{
$text1 = '';
$text2 = '';
$text3 = '';
}
$link = da_sql_pconnect($config);
if ($link){
if (is_file("../lib/crypt/$config[general_encryption_method].php")){
include("../lib/crypt/$config[general_encryption_method].php");
$passwd = da_encrypt($passwd);
$passwd = da_sql_escape_string($passwd);
$res = da_sql_query($link,$config,
"SELECT value FROM $config[sql_check_table] WHERE username = '$login'
AND attribute = '$config[sql_password_attribute]';");
if ($res){
$row = da_sql_fetch_array($res,$config);
if ($row){
$res = da_sql_query($link,$config,
"UPDATE $config[sql_check_table] SET value = '$passwd' $text3 WHERE
attribute = '$config[sql_password_attribute]' AND username = '$login';");
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Error while changing password: " . da_sql_error($link,$config) . "</b><br>\n";
}
else{
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_check_table] (attribute,value,username $text1)
VALUES ('$config[sql_password_attribute]','$passwd','$login' $text2);");
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Error while changing password: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
else
echo "<b>Error while executing query: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Could not open encryption library file</b><br>\n";
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/create_group.php
6,23 → 6,23
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
if ($config[sql_use_operators] == 'true'){
include("../lib/operators.php");
if ($config['sql_use_operators'] == 'true'){
include_once("../lib/operators.php");
$text = ',op';
$passwd_op = ",':='";
}
$da_abort=0;
$op_val2 = '';
$link = @da_sql_pconnect($config);
$link = da_sql_pconnect($config);
if ($link){
$Members = preg_split("/[\n\s]+/",$members,-1,PREG_SPLIT_NO_EMPTY);
if (!empty($Members)){
foreach ($Members as $member){
$member = da_sql_escape_string($member);
$res = @da_sql_query($link,$config,
$member = da_sql_escape_string($link, $member);
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_usergroup_table] (username,groupname)
VALUES ('$member','$login');");
if (!$res || !@da_sql_affected_rows($link,$res,$config)){
if (!$res || !da_sql_affected_rows($link,$res,$config)){
echo "<b>Unable to add user $member in group $login: " . da_sql_error($link,$config) . "</b><br>\n";
$da_abort=1;
}
30,10 → 30,10
}
else
{
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_usergroup_table] (username,groupname)
VALUES ('$login','$login');");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
if (!$res || !da_sql_affected_rows($link,$res,$config))
{
echo "<b>Unable to add user $member in group $login: " . da_sql_error($link,$config) . "</b><br>\n";
$da_abort=1;
55,20 → 55,20
$attr_type["$key"] = 'replyItem';
$rev_attrmap["$key"] = $key;
}
if ($attr_type["$key"] == 'checkItem'){
if (isset($attr_type["$key"]) && $attr_type["$key"] == 'checkItem'){
$table = "$config[sql_groupcheck_table]";
$type = 1;
}
else if ($attr_type["$key"] == 'replyItem'){
else if (isset($attr_type["$key"]) && $attr_type["$key"] == 'replyItem'){
$table = "$config[sql_groupreply_table]";
$type = 2;
}
$val = $$attrmap["$key"];
$val = da_sql_escape_string($val);
$val = da_sql_escape_string($link, $val);
$op_name = $attrmap["$key"] . '_op';
$op_val = $$op_name;
if ($op_val != ''){
$op_val = da_sql_escape_string($op_val);
$op_val = da_sql_escape_string($link, $op_val);
if (check_operator($op_val,$type) == -1){
echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";
coninue;
75,12 → 75,13
}
$op_val2 = ",'$op_val'";
}
if ($val == '' || check_defaults($val,$op_val,$default_vals["$key"]))
$chkdef = (isset($default_vals["$key"])) ? check_defaults($val,$op_val,$default_vals["$key"]) : 0;
if ($val == '' || $chkdef)
continue;
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"INSERT INTO $table (attribute,value,groupname $text)
VALUES ('$attrmap[$key]','$val','$login' $op_val2);");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";
}
echo "<b>Le groupe $login a &eacute;t&eacute; correctement cr&eacute;&eacute;</b><br>\n";
/web/acc/manager/lib/sql/create_user.php
1,4 → 1,4
<?php
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
6,7 → 6,7
exit();
}
include_once('../lib/functions.php');
if ($config[sql_use_operators] == 'true'){
if ($config['sql_use_operators'] == 'true'){
include_once("../lib/operators.php");
$text = ',op';
$passwd_op = ",':='";
13,7 → 13,7
}
$da_abort=0;
$op_val2 = '';
$link = @da_sql_pconnect($config);
$link = da_sql_pconnect($config);
if ($link){
if (is_file("../lib/crypt/$config[general_encryption_method].php")){
include_once("../lib/crypt/$config[general_encryption_method].php");
21,31 → 21,31
$passwd_imp = $passwd;
/*Fin Ajout*/
$passwd = da_encrypt($passwd);
$passwd = da_sql_escape_string($passwd);
$res = @da_sql_query($link,$config,
$passwd = da_sql_escape_string($link, $passwd);
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_check_table] (attribute,value,username $text)
VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");
if (!$res || !@da_sql_affected_rows($link,$res,$config)){
if (!$res || !da_sql_affected_rows($link,$res,$config)){
echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";
$da_abort=1;
}
if ($config[sql_use_user_info_table] == 'true' && !$da_abort){
$res = @da_sql_query($link,$config,
if ($config['sql_use_user_info_table'] == 'true' && !$da_abort){
$res = da_sql_query($link,$config,
"SELECT username FROM $config[sql_user_info_table] WHERE
username = '$login';");
if ($res){
if (!@da_sql_num_rows($res,$config)){
$Fcn = da_sql_escape_string($Fcn);
$Fmail = da_sql_escape_string($Fmail);
$Fou = da_sql_escape_string($Fou);
$Fhomephone = da_sql_escape_string($Fhomephone);
$Fworkphone = da_sql_escape_string($Fworkphone);
$Fmobile = da_sql_escape_string($Fmobile);
$res = @da_sql_query($link,$config,
if (!da_sql_num_rows($res,$config)){
$Fcn = (isset($Fcn)) ? da_sql_escape_string($link, $Fcn) : '';
$Fmail = (isset($Fmail)) ? da_sql_escape_string($link, $Fmail) : '';
$Fou = (isset($Fou)) ? da_sql_escape_string($link, $Fou) : '';
$Fhomephone = (isset($Fhomephone)) ? da_sql_escape_string($link, $Fhomephone) : '';
$Ftelephonenumber = (isset($Ftelephonenumber)) ? da_sql_escape_string($link, $Ftelephonenumber) : '';
$Fmobile = (isset($Fmobile)) ? da_sql_escape_string($link, $Fmobile) : '';
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_user_info_table]
(username,name,mail,department,homephone,workphone,mobile) VALUES
('$login','$Fcn','$Fmail','$Fou','$Fhomephone','$Ftelephonenumber','$Fmobile');");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
54,17 → 54,17
else
echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
}
if ($Fgroup != ''){
$Fgroup = da_sql_escape_string($Fgroup);
$res = @da_sql_query($link,$config,
if (isset($Fgroup) && $Fgroup != ''){
$Fgroup = da_sql_escape_string($link, $Fgroup);
$res = da_sql_query($link,$config,
"SELECT username FROM $config[sql_usergroup_table]
WHERE username = '$login' AND groupname = '$Fgroup';");
if ($res){
if (!@da_sql_num_rows($res,$config)){
$res = @da_sql_query($link,$config,
if (!da_sql_num_rows($res,$config)){
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_usergroup_table]
(username,groupname) VALUES ('$login','$Fgroup');");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Could not add user to group $Fgroup. SQL Error</b><br>\n";
}
else
74,7 → 74,7
echo "<b>Could not add user to group $Fgroup: " . da_sql_error($link,$config) . "</b><br>\n";
}
if (!$da_abort){
if ($Fgroup != '')
if (isset($Fgroup) && $Fgroup != '')
require('../lib/defaults.php');
foreach($show_attrs as $key => $attr){
if ($attrmap["$key"] == 'none')
86,15 → 86,15
$attr_type["$key"] = 'replyItem';
$rev_attrmap["$key"] = $key;
}
if ($attr_type["$key"] == 'checkItem'){
if (isset($attr_type["$key"]) && $attr_type["$key"] == 'checkItem'){
$table = "$config[sql_check_table]";
$type = 1;
}
else if ($attr_type["$key"] == 'replyItem'){
else if (isset($attr_type["$key"]) && $attr_type["$key"] == 'replyItem'){
$table = "$config[sql_reply_table]";
$type = 2;
}
$val = $$attrmap["$key"];
$val = (isset($$attrmap["$key"])) ? $$attrmap["$key"] : '';
/*Ajout en vue de l'impression des données (thank's to Geoffroy MUSITELLI)*/
if($key == "Session-Timeout") $sto_imp = $val;
if($key == "Max-All-Session") $mas_imp = $val;
101,11 → 101,11
if($key == "Max-Daily-Session") $mds_imp = $val;
if($key == "Max-Monthly-Session") $mms_imp = $val;
/*Fin Ajout*/
$val = da_sql_escape_string($val);
$val = da_sql_escape_string($link, $val);
$op_name = $attrmap["$key"] . '_op';
$op_val = $$op_name;
$op_val = (isset($$op_name)) ? $$op_name : '';
if ($op_val != ''){
$op_val = da_sql_escape_string($op_val);
$op_val = da_sql_escape_string($link, $op_val);
if (check_operator($op_val,$type) == -1){
echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";
continue;
112,12 → 112,13
}
$op_val2 = ",'$op_val'";
}
if ($val == '' || check_defaults($val,$op_val,$default_vals["$key"]))
$chkdef = (isset($default_vals["$key"])) ? check_defaults($val,$op_val,$default_vals["$key"]) : 0;
if ($val == '' || $chkdef)
continue;
$res = @da_sql_query($link,$config,
"INSERT INTO $table (attribute,value,username $text)
VALUES ('$attrmap[$key]','$val','$login' $op_val2);");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
$sqlquery = "INSERT INTO $table (attribute,value,username $text)
VALUES ('$attrmap[$key]','$val','$login' $op_val2);";
$res = da_sql_query($link,$config,$sqlquery);
if (!$res || !da_sql_affected_rows($link,$res,$config))
echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
/web/acc/manager/lib/sql/defaults.php
0,0 → 1,139
<?php
require('../lib/sql/attrmap.php');
if ((isset($login) && $login != '') && (isset($user_type) && $user_type !== 'group')){
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
if ($config['sql_use_operators'] == 'true'){
$op = ',op';
$use_op = 1;
}else{
$op = "";
$use_op = 0;
}
$overwrite_defaults = 1;
$stop = 0;
$times = 0;
do{
unset($item_vals);
unset($member_groups);
unset($tmp);
$times++;
$link = da_sql_pconnect($config);
if ($link){
$res = da_sql_query($link,$config,
"SELECT groupname FROM $config[sql_usergroup_table] WHERE username = '$login';");
if ($res){
while(($row = da_sql_fetch_array($res,$config))){
$group = $row['groupname'];
$member_groups[$group] = $group;
}
if (isset($member_groups))
ksort($member_groups);
}
if (isset($member_groups)){
$in = '(';
foreach ($member_groups as $group)
$in .= "'$group',";
$in = substr($in,0,-1);
$in .= ')';
$res = da_sql_query($link,$config,
"SELECT attribute,value $op FROM $config[sql_groupcheck_table]
WHERE groupname IN $in;");
if ($res){
while(($row = da_sql_fetch_array($res,$config))){
$attr = $row['attribute'];
$val = $row['value'];
if ($use_op){
$oper = $row['op'];
$tmp["$attr"]['operator'][]="$oper";
}
$tmp["$attr"][]="$val";
$tmp["$attr"]['count']++;
}
$res = da_sql_query($link,$config,
"SELECT attribute,value $op FROM $config[sql_groupreply_table]
WHERE groupname IN $in;");
if ($res){
while(($row = da_sql_fetch_array($res,$config))){
$attr = $row['attribute'];
$val = $row['value'];
if ($use_op){
$oper = $row['op'];
$tmp["$attr"]['operator'][]="$oper";
}
$tmp["$attr"][] = "$val";
$tmp["$attr"]['count']++;
}
}
else
echo "<b>Database query failed partially: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
if (isset($tmp)){
foreach(array_keys($tmp) as $val){
if ($val == '')
continue;
$key = $rev_attrmap["$val"];
if ($key == ''){
$key = $val;
$attrmap["$key"] = $val;
$attr_type["$key"] = 'replyItem';
$rev_attrmap["$val"] = $key;
}
if (!isset($default_vals["$key"]) || $overwrite_defaults){
if ($use_op)
$default_vals["$key"]['operator'] = $tmp["$val"]['operator'];
if ($tmp[$val][0] != '')
$default_vals["$key"] = $tmp["$val"];
}
}
}
}
if ($times == 1){
if (!isset($config['sql_default_user_profile']) || $config['sql_default_user_profile'] == '')
$stop = 1;
else{
$saved_login = $login;
$saved_member_groups = $member_groups;
$login = $config['sql_default_user_profile'];
$overwrite_defaults = 0;
}
}
if ($times == 2){
$login = $saved_login;
$member_groups = $saved_member_groups;
$stop = 1;
}
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
}while($stop == 0);
}
else{
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
unset($member_groups);
$link = da_sql_pconnect($config);
if ($link){
$res = da_sql_query($link,$config,
"SELECT DISTINCT groupname FROM $config[sql_usergroup_table];");
if ($res){
while(($row = da_sql_fetch_array($res,$config)))
$member_groups[] = $row['groupname'];
}
else
echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
}
?>
/web/acc/manager/lib/sql/delete_group.php
5,15 → 5,15
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
$link = @da_sql_pconnect($config);
$link = da_sql_pconnect($config);
if ($link){
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_groupreply_table] WHERE groupname = '$login';");
if ($res){
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_groupcheck_table] WHERE groupname = '$login';");
if ($res){
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_usergroup_table] WHERE groupname = '$login';");
if ($res)
echo "<b>Le groupe $login a &eacute;t&eacute; correctement supprim&eacute;</b><br>\n";
/web/acc/manager/lib/sql/delete_user.php
5,20 → 5,20
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
$link = @da_sql_pconnect($config);
$link = da_sql_pconnect($config);
if ($link){
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_reply_table] WHERE username = '$login';");
if ($res){
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_check_table] WHERE username = '$login';");
if ($res){
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_usergroup_table] WHERE username = '$login';");
if (!$res)
echo "<b>Error deleting user $login from user group table: " . da_sql_error($link,$config) . "</b><br>\n";
if ($config[sql_use_user_info_table] == 'true'){
$res = @da_sql_query($link,$config,
if ($config['sql_use_user_info_table'] == 'true'){
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_user_info_table] WHERE username = '$login';");
if ($res)
echo "<b>L'usager $login a &eacute;t&eacute; correctement supprim&eacute;</b><br>\n";
/web/acc/manager/lib/sql/drivers/mysql/functions.php
16,90 → 16,89
 
function da_sql_host_connect($server,$config)
{
if ($config[sql_use_http_credentials] == 'yes'){
if ($config['sql_use_http_credentials'] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
$SQL_user = $config['sql_username'];
$SQL_passwd = $config['sql_password'];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
if ($config['sql_connect_timeout'] != 0)
ini_set('mysql.connect_timeout',$config['sql_connect_timeout']);
if ($config['sql_debug'] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_connect("$server:$config[sql_port]",$SQL_user,$SQL_passwd);
return mysqli_connect("$server:$config[sql_port]",$SQL_user,$SQL_passwd,$config['sql_database']);
}
 
function da_sql_connect($config)
{
if ($config[sql_use_http_credentials] == 'yes'){
if (isset($config['sql_use_http_credentials']) && $config['sql_use_http_credentials'] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
$SQL_user = $config['sql_username'];
$SQL_passwd = $config['sql_password'];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
if ($config['sql_connect_timeout'] != 0)
ini_set('mysql.connect_timeout',$config['sql_connect_timeout']);
if ($config['sql_debug'] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_connect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd);
return mysqli_connect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd,$config['sql_database']);
}
 
function da_sql_pconnect($config)
{
if ($config[sql_use_http_credentials] == 'yes'){
if (isset($config['sql_use_http_credentials']) && $config['sql_use_http_credentials'] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
$SQL_user = $config['sql_username'];
$SQL_passwd = $config['sql_password'];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
if ($config['sql_connect_timeout'] != 0)
ini_set('mysql.connect_timeout',$config['sql_connect_timeout']);
if ($config['sql_debug'] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_pconnect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd);
return mysqli_connect($config['sql_server'],$SQL_user,$SQL_passwd,$config['sql_database'],$config['sql_port']);
}
 
function da_sql_close($link,$config)
{
return @mysql_close($link);
return mysqli_close($link);
}
 
function da_sql_escape_string($string)
function da_sql_escape_string($link, $string)
{
return @mysql_real_escape_string($string);
return mysqli_real_escape_string($link, $string);
}
 
function da_sql_query($link,$config,$query)
{
if ($config[sql_debug] == 'true')
if ($config['sql_debug'] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query: <i>$query</i></b><br>\n";
return @mysql_db_query($config[sql_database],$query,$link);
return mysqli_query($link,$query);
}
 
function da_sql_num_rows($result,$config)
{
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Num rows:: " . @mysql_num_rows($result) . "</b><br>\n";
return @mysql_num_rows($result);
if ($config['sql_debug'] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Num rows:: " . mysqli_num_rows($result) . "</b><br>\n";
return mysqli_num_rows($result);
}
 
function da_sql_fetch_array($result,$config)
{
$row = array_change_key_case(@mysql_fetch_array($result,
MYSQL_ASSOC),CASE_LOWER);
if ($config[sql_debug] == 'true'){
$row = @array_change_key_case(mysqli_fetch_array($result,
MYSQLI_ASSOC),CASE_LOWER);
if ($config['sql_debug'] == 'true'){
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: <pre>";
print_r($row);
print "</b></pre>\n";
109,28 → 108,28
 
function da_sql_affected_rows($link,$result,$config)
{
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Affected rows:: " . @mysql_affected_rows($result) . "</b><br>\n";
return @mysql_affected_rows($link);
if ($config['sql_debug'] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Affected rows:: " . mysqli_affected_rows($result) . "</b><br>\n";
return mysqli_affected_rows($link);
}
 
function da_sql_list_fields($table,$link,$config)
{
return @mysql_list_fields($config[sql_database],$table);
return da_sql_query($link, $config, "SHOW COLUMNS FROM $table");
}
 
function da_sql_num_fields($fields,$config)
{
return @mysql_num_fields($fields);
return mysqli_num_fields($fields);
}
 
function da_sql_field_name($fields,$num,$config)
{
return @mysql_field_name($fields,$num);
return mysqli_fetch_field_direct($fields,$num);
}
 
function da_sql_error($link,$config)
{
return @mysql_error($link);
return mysqli_error($link);
}
?>
/web/acc/manager/lib/sql/find.php
8,18 → 8,19
 
unset($found_users);
 
$link = @da_sql_pconnect($config);
$link = da_sql_pconnect($config);
if ($link){
$search = da_sql_escape_string($search);
if (!is_numeric($max))
$search = da_sql_escape_string($link, $search);
if (!isset($max) || !is_numeric($max))
# $max = 10;
# modif by MG fo Alcasar
$max = 40;
if ($max > 500)
$max = 10;
 
if (($search_IN == 'name' || $search_IN == 'department' || $search_IN == 'username') &&
$config[sql_use_user_info_table] == 'true'){
$res = @da_sql_query($link,$config,
$config['sql_use_user_info_table'] == 'true'){
$res = da_sql_query($link,$config,
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $config[sql_user_info_table] WHERE
lower($search_IN) LIKE '%$search%' " .
# da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;");
26,8 → 27,8
# modif by MG for Alcasar
da_sql_limit($max,1,$config) . " " . da_sql_limit($max,1,$config) . " ;");
if ($res){
while(($row = @da_sql_fetch_array($res,$config)))
$found_users[] = $row[username];
while(($row = da_sql_fetch_array($res,$config)))
$found_users[] = $row['username'];
}
else
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
38,15 → 39,15
$attrmap["$radius_attr"] = $radius_attr;
$attr_type["$radius_attr"] = 'replyItem';
}
$table = ($attr_type[$radius_attr] == 'checkItem') ? $config[sql_check_table] : $config[sql_reply_table];
$table = ($attr_type[$radius_attr] == 'checkItem') ? $config['sql_check_table'] : $config['sql_reply_table'];
$attr = $attrmap[$radius_attr];
$attr = da_sql_escape_string($attr);
$res = @da_sql_query($link,$config,
$attr = da_sql_escape_string($link, $attr);
$res = da_sql_query($link,$config,
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $table WHERE attribute = '$attr'
AND value LIKE '%$search%' " . da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;");
if ($res){
while(($row = @da_sql_fetch_array($res,$config)))
$found_users[] = $row[username];
while(($row = da_sql_fetch_array($res,$config)))
$found_users[] = $row['username'];
}
else
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
/web/acc/manager/lib/sql/functions.php
0,0 → 1,35
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
require_once('../lib/xlat.php');
 
function connect2db($config)
{
$link=da_sql_pconnect($config);
 
return $link;
}
 
function get_user_info($link,$user,$config)
{
if ($link && $config['sql_use_user_info_table'] == 'true'){
$user = da_sql_escape_string($link, $user);
$res=da_sql_query($link,$config,
"SELECT name FROM $config[sql_user_info_table] WHERE username = '$user';");
if ($res){
$row = da_sql_fetch_array($res,$config);
if ($row)
return $row['name'];
}
}
}
 
function closedb($link,$config)
{
return 1;
}
?>
/web/acc/manager/lib/sql/group_admin.php
0,0 → 1,46
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
$link = da_sql_pconnect($config);
if ($link){
if (isset($del_members)){
foreach ($del_members as $del){
$del = da_sql_escape_string($link, $del);
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_usergroup_table] WHERE username = '$del' AND groupname = '$login';");
if (!$res)
echo "<b>Could not delete user $del from group: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
if ($new_members != ''){
$Members = preg_split("/[\n\s]+/",$new_members,-1,PREG_SPLIT_NO_EMPTY);
if (!empty($Members)){
foreach ($Members as $new_member){
$new_member = da_sql_escape_string($link, $new_member);
$res = da_sql_query($link,$config,
"SELECT username FROM $config[sql_usergroup_table] WHERE
username = '$new_member' AND groupname = '$login';");
if ($res){
if (da_sql_num_rows($res,$config))
echo "<b>User $new_member already is a member of the group</b><br>\n";
else{
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_usergroup_table] (groupname,username)
VALUES ('$login','$new_member');");
if (!$res)
echo "<b>Error while adding user $new_member to group: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
else
echo "<b>Could not add new member $new_member: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
}
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/group_change.php
0,0 → 1,40
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
$link = da_sql_pconnect($config);
if ($link){
if (isset($member_groups) && isset($edited_groups)){
$del_groups = array_diff($member_groups,$edited_groups);
if (isset($del_groups)){
foreach ($del_groups as $del){
$del = da_sql_escape_string($del);
$res = da_sql_query($link,$config,
"DELETE FROM $config[sql_usergroup_table] WHERE username = '$login' AND groupname = '$del';");
if (!$res)
echo "<b>Could not delete user $login from group $del: " . da_sql_error($link,$config) . "</b><br>\n";
else
echo "<b>User $login deleted from group $del</b><br>\n";
}
}
$new_groups = array_diff($edited_groups,$member_groups);
if (isset($new_groups)){
foreach($new_groups as $new){
$new = da_sql_escape_string($new);
$res = da_sql_query($link,$config,
"INSERT INTO $config[sql_usergroup_table] (groupname,username)
VALUES ('$new','$login');");
if (!$res)
echo "<b>Error while adding user $login to group $login: " . da_sql_error($link,$config) . "</b><br>\n";
else
echo "<b>User $login added to group $new</b><br>\n";
}
}
}
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/group_info.php
6,7 → 6,7
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
if ($config[sql_use_operators] == 'true'){
if ($config['sql_use_operators'] == 'true'){
$op = ',op';
$use_op = 1;
}else{
14,18 → 14,18
$use_op = 0;
}
$group_exists = 'no';
$link = @da_sql_pconnect($config);
$link = da_sql_pconnect($config);
if ($link){
if ($login == ''){
if (!isset($login) || $login == ''){
unset($existing_groups);
 
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"SELECT COUNT(*) as counter,groupname FROM $config[sql_usergroup_table]
GROUP BY groupname;");
if ($res){
while(($row = @da_sql_fetch_array($res,$config))){
$name = $row[groupname];
$existing_groups["$name"] = $row[counter];
while(($row = da_sql_fetch_array($res,$config))){
$name = $row['groupname'];
$existing_groups["$name"] = $row['counter'];
}
if (isset($existing_groups))
ksort($existing_groups);
39,14 → 39,15
unset($group_members);
unset($existing_groups);
 
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"SELECT attribute,value $op FROM $config[sql_groupcheck_table] WHERE groupname = '$login';");
if ($res){
if (@da_sql_num_rows($res,$config))
if (da_sql_num_rows($res,$config))
$group_exists = 'yes';
while(($row = @da_sql_fetch_array($res,$config))){
$attr = $row[attribute];
$val = $row[value];
while(($row = da_sql_fetch_array($res,$config))){
$attr = $row['attribute'];
$val = $row['value'];
if(!isset($tmp["$attr"]['count'])) $tmp["$attr"]['count'] = 0;
/*Ajout en vue de l'impression des données (thank's to Geoffroy MUSITELLI)*/
if($attr == "Max-All-Session") $mas_imp = $val;
if($attr == "Max-Daily-Session") $mds_imp = $val;
54,40 → 55,41
if($attr == "Expiration") $Expiration = $val;
/*Fin Ajout*/
if ($use_op){
$oper = $row[op];
$tmp["$attr"][operator][]="$oper";
$oper = $row['op'];
$tmp["$attr"]['operator'][]="$oper";
}
$tmp["$attr"][]="$val";
$tmp["$attr"][count]++;
$tmp["$attr"]['count']++;
}
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"SELECT attribute,value $op FROM $config[sql_groupreply_table] WHERE groupname = '$login';");
if ($res){
if (@da_sql_num_rows($res,$config))
if (da_sql_num_rows($res,$config))
$group_exists = 'yes';
while(($row = @da_sql_fetch_array($res,$config))){
$attr = $row[attribute];
$val = $row[value];
while(($row = da_sql_fetch_array($res,$config))){
$attr = $row['attribute'];
$val = $row['value'];
if(!isset($tmp["$attr"]['count'])) $tmp["$attr"]['count'] = 0;
/*Ajout en vue de l'impression des données (thank's to Geoffroy MUSITELLI)*/
if($attr == "Session-Timeout") $sto_imp = $val;
/*Fin Ajout*/
if ($use_op){
$oper = $row[op];
$tmp["$attr"][operator][]="$oper";
$oper = $row['op'];
$tmp["$attr"]['operator'][]="$oper";
}
$tmp["$attr"][] = "$val";
$tmp["$attr"][count]++;
$tmp["$attr"]['count']++;
}
}
else
echo "<b>Database query failed partially: " . da_sql_error($link,$config) . "</b><br>\n";
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"SELECT username FROM $config[sql_usergroup_table] WHERE groupname = '$login' ORDER BY username;");
if ($res){
if (@da_sql_num_rows($res,$config))
if (da_sql_num_rows($res,$config))
$group_exists = 'yes';
while(($row = @da_sql_fetch_array($res,$config))){
$member = $row[username];
while(($row = da_sql_fetch_array($res,$config))){
$member = $row['username'];
$group_members[] = "$member";
}
}
105,9 → 107,9
$rev_attrmap["$val"] = $key;
}
$item_vals["$key"] = $tmp[$val];
$item_vals["$key"][count] = $tmp[$val][count];
$item_vals["$key"]['count'] = $tmp[$val]['count'];
if ($use_op)
$item_vals["$key"][operator] = $tmp[$val][operator];
$item_vals["$key"]['operator'] = $tmp[$val]['operator'];
}
}
}
/web/acc/manager/lib/sql/nas_list.php
0,0 → 1,62
<?php
require('/etc/freeradius-web/config.php');
require_once('../lib/functions.php');
 
unset($da_name_cache);
if (isset($_SESSION['da_name_cache']))
$da_name_cache = $_SESSION['da_name_cache'];
if ($config[sql_nas_table] != ''){
 
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
$link = da_sql_pconnect($config);
if ($link){
$auth_user = $_SERVER["PHP_AUTH_USER"];
$extra = '';
if (isset($mappings[$auth_user][nasdb])){
$NAS_ARR = array();
$NAS_ARR = preg_split('/,/',$mappings[$auth_user][nasdb]);
$extra = 'WHERE nasname IN (';
foreach ($NAS_ARR as $nas)
$extra .= "'$nasname',";
unset($NAS_ARR);
$extra = rtrim($extra,",");
$extra .= ')';
}
$search = da_sql_query($link,$config,
"SELECT * FROM $config[sql_nas_table] $extra;");
if ($search){
while($row = da_sql_fetch_array($search,$config)){
$num = 0;
$my_nas_name = $row['nasname'];
if ($my_nas_name != ''){
$nas_list[$my_nas_name]['name'] = $my_nas_name;
$nas_server = $da_name_cache[$my_nas_name];
if (!isset($nas_server)){
if (!check_ip($my_nas_name))
$nas_server = @gethostbyname($my_nas_name);
else
$nas_server = $my_nas_name;
if (!isset($da_name_cache) && $config[general_use_session] == 'yes'){
$da_name_cache[$my_nas_name] = $nas_server;
session_register('da_name_cache');
}
}
if ($nas_server != $my_nas_name || check_ip($nas_server))
$nas_list[$my_nas_name]['ip'] = $nas_server;
$nas_list[$my_nas_name]['port_num'] = $row['ports'];
$nas_list[$my_nas_name]['community'] = $row['community'];
$nas_list[$my_nas_name]['model'] = $row['description'];
}
}
}
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
}
 
?>
/web/acc/manager/lib/sql/password_check.php
7,17 → 7,17
exit();
}
 
if ($action == 'checkpass'){
$link = @da_sql_pconnect($config);
if (isset($action) && $action == 'checkpass'){
$link = da_sql_pconnect($config);
if ($link){
$res = @da_sql_query($link,$config,
$res = da_sql_query($link,$config,
"SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login'
AND attribute = '$config[sql_password_attribute]';");
if ($res){
$row = @da_sql_fetch_array($res,$config);
$row = da_sql_fetch_array($res,$config);
if (is_file("../lib/crypt/$config[general_encryption_method].php")){
include("../lib/crypt/$config[general_encryption_method].php");
$enc_passwd = $row[value];
$enc_passwd = $row['value'];
$passwd = da_encrypt($passwd,$enc_passwd);
if ($passwd == $enc_passwd)
$msg = '<font color=blue><b>YES It is that</b></font>';
/web/acc/manager/lib/sql/user_info.php
0,0 → 1,122
<?php
require('../lib/sql/attrmap.php');
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
if ($config['sql_use_operators'] == 'true'){
$op = ',op';
$use_op = 1;
}else{
$op = "";
$use_op = 0;
}
$user_exists = 'no';
 
$cn = '-';
$cn_lang = '-';
$address = '-';
$address_lang = '-';
$homeaddress = '-';
$homeaddress_lang = '-';
$fax = '-';
$url = '-';
$ou = '-';
$ou_lang = '-';
$title = '-';
$title_lang = '-';
$telephonenumber = '-';
$homephone = '-';
$mobile = '-';
$mail = '-';
$mailalt = '-';
$user_password_exists = 'no';
 
unset($item_vals);
unset($tmp);
$link = da_sql_pconnect($config);
if ($link){
$res = da_sql_query($link,$config,
"SELECT attribute,value $op FROM $config[sql_check_table] WHERE username = '$login';");
if ($res){
if (da_sql_num_rows($res,$config))
$user_exists = 'yes';
while(($row = da_sql_fetch_array($res,$config))){
$attr = $row['attribute'];
$val = $row['value'];
if(!isset($tmp["$attr"]['count'])) $tmp["$attr"]['count'] = 0;
if ($attr == $config['sql_password_attribute'] && $val != '')
$user_password_exists = 'yes';
if ($use_op){
$oper = $row['op'];
$tmp["$attr"]['operator'][]="$oper";
}
$tmp["$attr"][]="$val";
$tmp["$attr"]['count']++;
}
$res = da_sql_query($link,$config,
"SELECT attribute,value $op FROM $config[sql_reply_table] WHERE username = '$login';");
if ($res){
if (da_sql_num_rows($res,$config))
$user_exists = 'yes';
while(($row = da_sql_fetch_array($res,$config))){
$attr = $row['attribute'];
$val = $row['value'];
if(!isset($tmp["$attr"]['count'])) $tmp["$attr"]['count'] = 0;
if ($use_op){
$oper = $row['op'];
$tmp["$attr"]['operator'][]="$oper";
}
$tmp["$attr"][] = "$val";
$tmp["$attr"]['count']++;
}
if ($config['sql_use_user_info_table'] == 'true'){
$res = da_sql_query($link,$config,
"SELECT * FROM $config[sql_user_info_table] WHERE username = '$login';");
if ($res){
if (da_sql_num_rows($res,$config)){
$user_exists = 'yes';
$user_info = 1;
}
if (($row = da_sql_fetch_array($res,$config))){
$cn = ($row['name'] != '') ? $row['name'] : '-';
$telephonenumber = ($row['workphone'] != '') ? $row['workphone'] : '-';
$homephone = ($row['homephone'] != '') ? $row['homephone'] : '-';
$ou = ($row['department'] != '') ? $row['department'] : '-';
$mail = ($row['mail'] != '') ? $row['mail'] : '-';
$mobile = ($row['mobile'] != '') ? $row['mobile'] : '-';
}
}
else
echo "<b>Database query failed partially: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
else
echo "<b>Database query failed partially: " . da_sql_error($link,$config) . "</b><br>\n";
if (isset($tmp)){
foreach(array_keys($tmp) as $val){
if ($val == '')
continue;
if(isset($rev_attrmap["$val"])) $key = $rev_attrmap["$val"];
if ($key == ''){
$key = $val;
$attrmap["$key"] = $val;
$attr_type["$key"] = 'replyItem';
$rev_attrmap["$val"] = $key;
}
$item_vals["$key"] = $tmp[$val];
if(isset($tmp["$attr"]['count']) && isset($item_vals["$key"]['count'])) $item_vals["$key"]['count'] = $tmp[$val]['count'];
if ($use_op)
$item_vals["$key"]['operator'] = $tmp[$val]['operator'];
}
}
 
}
else
echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/xlat.php
0,0 → 1,16
<?php
function xlat($filter,$login,$config)
{
$string = $filter;
if ($filter != ''){
$string = preg_replace('/%u/',$login,$string);
$string = preg_replace('/%U/',$_SERVER["PHP_AUTH_USER"],$string);
$string = preg_replace('/%ma/',$mappings[$http_user]['accounting'],$string);
$string = preg_replace('/%mu/',$mappings[$http_user]['userdb'],$string);
$string = preg_replace('/%mn/',$mappings[$http_user]['nasdb'],$string);
$string = preg_replace('/%mN/',$mappings[$http_user]['nasadmin'],$string);
}
 
return $string;
}
?>