Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2314 → Rev 2315

/web/acc/menu.php
1,241 → 1,255
<?php
# $Id $
# $Id$
 
/********************
* READ CONF FILES *
*********************/
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
define ("ACC_ACCESS_LOG", "/var/Save/security/acc_access.log");
$conf_files=array(CONF_FILE,ACC_ACCESS_LOG);
foreach ($conf_files as $file){
if (!file_exists($file)){
exit("Requested file ".$file." isn't present");}
if (!is_readable($file)){
exit("Can't read the file ".$file);}
/****************************************************************
* GLOBAL FILE PATHS *
*****************************************************************/
define('CONF_FILE', '/usr/local/etc/alcasar.conf');
define('ACC_ACCESS_LOG', '/var/Save/security/acc_access.log');
 
/****************************************************************
* FILE reading test *
*****************************************************************/
$conf_files = array(CONF_FILE, ACC_ACCESS_LOG);
foreach ($conf_files as $file) {
if (!file_exists($file)) {
exit("Requested file $file isn't present");
}
if (!is_readable($file)) {
exit("Can't read the file $file");
}
}
// Read CONF_FILE
$file_conf = fopen(CONF_FILE, 'r'); # retrieve the version number
 
/****************************************************************
* Read CONF_FILE *
*****************************************************************/
$file_conf = fopen(CONF_FILE, 'r');
if (!$file_conf) {
exit('Error opening the file '.CONF_FILE);
}
while (!feof($file_conf)) {
$tampon = fgets($file_conf, 4096);
if ((strpos($tampon, '=') !== false) && (substr($tampon, 0, 1) !== '#')) {
$tmp = explode('=', $tampon);
$conf[$tmp[0]] = trim($tmp[1]);
$buffer = fgets($file_conf, 4096);
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
$tmp = explode('=', $buffer);
$conf[trim($tmp[0])] = trim($tmp[1]);
}
}
fclose($file_conf);
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN//2.0">
<HTML>
<!-- written by Rexy ! -->
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<TITLE>menu</TITLE>
<link rel="stylesheet" href="/css/style.css" type="text/css">
</HEAD>
<?
// retrieve the user's profil
exec('sudo alcasar-profil.sh -l | cut -d":" -f2 2>&1', $output);
$user_htdigest=$_SERVER['PHP_AUTH_USER'];
 
if(strpos($output[0], $user_htdigest))
{
$right=1;
// Retrieve the user's profil
$user_htdigest = $_SERVER['PHP_AUTH_USER'];
exec('sudo alcasar-profil.sh --list | cut -d":" -f2', $output);
$admin_members = explode(' ', ltrim($output[0], " \t"));
$backup_members = explode(' ', ltrim($output[1], " \t"));
$manager_members = explode(' ', ltrim($output[2], " \t"));
 
if (in_array($user_htdigest, $admin_members)) {
$right = 0; // admin
} else if (in_array($user_htdigest, $backup_members)) {
$right = 1; // backup
} else if (in_array($user_htdigest, $manager_members)) {
$right = 2; // manager
} else {
exit(); // Unknown account
}
elseif(strpos($output[1], $user_htdigest))
{
$right=2;
}
elseif(strpos($output[2], $user_htdigest))
{
$right=3;
}
else
{
exit();
}
 
$installed_version = $conf['VERSION'];
 
# Choice of language
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
{
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2));
// Choice of language
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]), 0, 2));
}
if($Language == 'fr')
{
$l_home = "ACCUEIL";
$l_system = "SYSTÈME";
$l_auth = "AUTHENTIFICATION";
$l_filter = "FILTRAGE";
$l_statistics = "STATISTIQUES";
$l_backup = "SAUVEGARDES";
$l_activity = "Activité";
$l_blacklist = "Liste noire";
$l_whitelist = "Liste blanche";
$l_network = "Réseau";
$l_ldap = "Ldap/A.D.";
$l_access_nb = "Nb d'accès à l'ACC";
$l_create_user = "Créer des utilisateurs";
$l_edit_user = "Gérer les utilisateurs";
$l_create_group = "Créer un groupe";
$l_edit_group = "Gérer les groupe";
$l_import_empty = "Importer / Vider";
$l_protocols = "Protocoles";
$l_stat_user_day = "Par connexion";
$l_stat_con = "Journal global";
$l_stat_daily ="Usage journalier";
$l_stat_global_network="Trafic global";
$l_stat_detail_network="Trafic détaillé";
$l_security="Sécurité";
$l_menu="Menu";
$l_gammu="Auto enregistrement (SMS)";
$l_archive="Archivage";
$l_log="Générer les journaux";
$l_backup_archive="Archives";
$l_activity_report="Rapport d'activité";
$l_backup_log="Journaux d'imputabilité";
$l_since="depuis le :";
if ($Language === 'fr') { // French
$l_home = "ACCUEIL";
$l_system = "SYSTÈME";
$l_auth = "AUTHENTIFICATION";
$l_filter = "FILTRAGE";
$l_statistics = "STATISTIQUES";
$l_backup = "SAUVEGARDES";
$l_activity = "Activité";
$l_blacklist = "Liste noire";
$l_whitelist = "Liste blanche";
$l_network = "Réseau";
$l_ldap = "LDAP/A.D.";
$l_access_nb = "Nb d'accès à l'ACC";
$l_create_user = "Créer des utilisateurs";
$l_edit_user = "Gérer les utilisateurs";
$l_create_group = "Créer un groupe";
$l_edit_group = "Gérer les groupe";
$l_import_empty = "Importer / Vider";
$l_protocols = "Protocoles";
$l_stat_user_day = "Par connexion";
$l_stat_con = "Journal global";
$l_stat_daily = "Usage journalier";
$l_stat_global_network = "Trafic global";
$l_stat_detail_network = "Trafic détaillé";
$l_security = "Sécurité";
$l_menu = "Menu";
$l_gammu = "Auto enregistrement (SMS)";
$l_archive = "Archivage";
$l_log = "Générer les journaux";
$l_backup_archive = "Archives";
$l_activity_report = "Rapport d'activité";
$l_backup_log = "Journaux d'imputabilité";
$l_since = "depuis le :";
} else { // English
$Language = 'en';
$l_home = "HOME";
$l_system = "SYSTEM";
$l_auth = "AUTHENTICATION";
$l_filter = "FILTERING";
$l_statistics = "STATISTICS";
$l_backup = "BACKUPS";
$l_activity = "Activity";
$l_blacklist = "Blacklist";
$l_whitelist = "Whitelist";
$l_network = "Network";
$l_ldap = "LDAP/A.D.";
$l_access_nb = "ACC access Nbr";
$l_create_user = "Create users";
$l_edit_user = "Manage users";
$l_create_group = "Create a group";
$l_edit_group = "Manage groups";
$l_import_empty = "Import / Empty";
$l_protocols = "Protocols";
$l_stat_user_day = "By connexion";
$l_stat_con = "Global accounting";
$l_stat_daily = "daily use";
$l_stat_global_network = "global trafic";
$l_stat_detail_network = "detailed trafic";
$l_security = "security";
$l_menu = "Main";
$l_gammu = "Auto registration (SMS)";
$l_backup_archive = "Archives";
$l_backup_log = "Log generation";
$l_activity_report = "Activity report";
$l_since = "since:";
}
else
{
$Language = 'en';
$l_home = "HOME";
$l_system = "SYSTEM";
$l_auth = "AUTHENTICATION";
$l_filter = "FILTERING";
$l_statistics = "STATISTICS";
$l_backup = "BACKUPS";
$l_activity = "Activity";
$l_blacklist = "Blacklist";
$l_whitelist = "Whitelist";
$l_network = "Network";
$l_ldap = "Ldap/A.D.";
$l_access_nb = "ACC access Nbr";
$l_create_user = "Create users";
$l_edit_user = "Manage users";
$l_create_group = "Create a group";
$l_edit_group = "Manage groups";
$l_import_empty = "Import / Empty";
$l_protocols= "Protocols";
$l_stat_user_day = "By connexion";
$l_stat_con = "Global accounting";
$l_stat_daily ="daily use";
$l_stat_global_network="global trafic";
$l_stat_detail_network="detailed trafic";
$l_security="security";
$l_menu="Main";
$l_gammu="Auto registration (SMS)";
$l_backup_archive="Archives";
$l_backup_log="Log generation";
$l_activity_report="Activity report";
$l_since="since";
}
echo "
<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=0>
<tr><th>$l_menu</th></tr>
<tr><td bgcolor=\"#FFCC66\"><img src=\"/images/pix.gif\" width=1 height=2></td></tr>
</TABLE>
<TABLE width=\"100%\" border=1 cellspacing=0 cellpadding=0>
<tr bgcolor=\"#666666\"><td>
<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=2>
<tr><td valign=\"middle\" align=\"left\">
<img src=\"/images/right.gif\" height=10 width=10 border=no nosave><A HREF=\"phpsysinfo/\" TARGET=\"REXY2\">$l_home</A></td></tr>";
if (isset($_GET['a'])) { $a=$_GET['a']; }
else $a=0;
if (isset($_GET['b'])) { $b=$_GET['b']; }
else $b=0;
switch($right){
case 1: #admin
$selection[0]=$l_system;
$selection[1]=$l_auth;
$selection[2]=$l_filter;
$selection[3]=$l_statistics;
$selection[4]=$l_backup;
$fichier[0]="system.php";
$fichier[1]="auth.php";
$fichier[2]="filtering.php";
$fichier[3]="stat.php";
$fichier[4]="backup.php";
break;
case 2: #backup
$selection[0]=$l_backup;
$fichier[0]="backup.php";
break;
case 3: #manager
$selection[0]=$l_auth;
$fichier[0]="auth.php";
break;
default:
exit();
break;
 
}
 
$i=0;
$nb1=count($selection);
while ($i != $nb1)
{
if ($a==1 AND $i==$b)
{
echo "<tr><td valign=\"middle\" align=\"left\"><img src=\"/images/down2.gif\" height=10 width=10 border=no nosave><a href=\"menu.php?a=0&b=0\"><font color=\"black\"><b>$selection[$i]</b></font></a></td></tr>";
include($fichier[$i]);
}
else
{
echo "<tr><td valign=\"middle\" align=\"left\"><img src=\"/images/right.gif\" height=10 width=10 border=no nosave><a href=\"menu.php?a=1&b=$i\">$selection[$i]</a></td></tr>";
}
$i++;
}
// Get access log count
$tab = file(ACC_ACCESS_LOG);
$accAccessCounter = count($tab);
$field = explode('|', $tab[0]);
$accAccessFirstDate = explode(' ', $field[0])[0];
?>
</TABLE>
</td></tr>
</TABLE>
<br>
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th>Doc</th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1"
height="2"></td></tr>
</TABLE>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<tr bgcolor="#666666"><td>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2>
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10
width=10 border=no nosave><a href="<? echo "alcasar-$installed_version-presentation-$Language.pdf"; ?>" target="_blank">Presentation</a></td></tr>
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10
width=10 border=no nosave><a href="<? echo "alcasar-$installed_version-installation-$Language.pdf"; ?>" target="_blank">Installation</a></td></tr>
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10
width=10 border=no nosave><a href="<? echo "alcasar-$installed_version-exploitation-$Language.pdf"; ?>" target="_blank">Exploitation</a></td></tr>
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10
width=10 border=no nosave><a href="<? echo "alcasar-$installed_version-technique.pdf"; ?>" target="_blank">Technique</a></td></tr>
</TABLE>
</td></tr>
</TABLE>
<BR>
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><? echo "$l_access_nb"; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</TABLE>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<tr bgcolor="#666666"><td>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
<tr><td valign="middle" align="center">
<a href="admin_log.php" target="REXY2">
<?
$tab=file(ACC_ACCESS_LOG);
$counter=count ($tab);
$field=explode("|", $tab[0]);
$first_date_time=$field[0];
$first_date=explode(" ", $first_date_time);
echo "$counter</a><br>";
echo "$l_since $first_date[0]";
?>
</TABLE>
</td></tr>
</TABLE>
</BODY>
</HTML>
 
 
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Menu - ALCASAR</title>
<link rel="stylesheet" type="text/css" href="/css/style.css">
<link rel="stylesheet" type="text/css" href="/css/acc.css">
<script src="/js/jquery.min.js"></script>
<script>
$(document).ready(function () {
$('.menu a[href="#"]').click(function (event) {
event.preventDefault();
if ($(this).parent().hasClass('active')) {
$(this).parent().removeClass('active');
} else {
$('.menu li.active').removeClass('active');
$(this).parent().addClass('active');
}
});
});
</script>
</head>
<body>
<div class="panel">
<div class="panel-header">
<?= $l_menu ?>
</div>
<div class="panel-body">
<div class="menu">
<ul>
<li><div class="caret"></div><a href="phpsysinfo/" target="REXY2"><?= $l_home ?></a></li>
<?php if ($right === 0): // admin ?>
<li>
<div class="caret"></div><a href="#"><?= $l_system ?></a>
<ul>
<li><div class="caret"></div><a href="admin/network.php" target="REXY2"><?= $l_network ?></a></li>
<li><div class="caret"></div><a href="admin/services.php" target="REXY2">Services</a></li>
<li><div class="caret"></div><a href="admin/ldap.php" target="REXY2"><?= $l_ldap ?></a></li>
</ul>
</li>
<?php endif; ?>
<?php if ($right === 0 || $right === 2): // admin, manager ?>
<li>
<div class="caret"></div><a href="#"><?= $l_auth ?></a>
<ul>
<li><div class="caret"></div><a href="manager/htdocs/activity.php" target="REXY2"><?= $l_activity ?></a></li>
<li><div class="caret"></div><a href="manager/htdocs/user_new.php" target="REXY2"><?= $l_create_user ?></a></li>
<li><div class="caret"></div><a href="manager/htdocs/find.php" target="REXY2"><?= $l_edit_user ?></a></li>
<li><div class="caret"></div><a href="manager/htdocs/group_new.php" target="REXY2"><?= $l_create_group ?></a></li>
<li><div class="caret"></div><a href="manager/htdocs/show_groups.php" target="REXY2"><?= $l_edit_group ?></a></li>
<li><div class="caret"></div><a href="manager/htdocs/import_user.php" target="REXY2"><?= $l_import_empty ?></a></li>
<li><div class="caret"></div><a href="manager/auth_exceptions.php" target="REXY2">Exceptions</a></li>
<li><div class="caret"></div><a href="manager/htdocs/autoregistration.php" target="REXY2"><?= $l_gammu ?></a></li>
</ul>
</li>
<?php endif; ?>
<?php if ($right === 0): // admin ?>
<li>
<div class="caret"></div><a href="#"><?= $l_filter ?></a>
<ul>
<li><div class="caret"></div><a href="admin/bl_filter.php" target="REXY2"><?= $l_blacklist ?></a></li>
<li><div class="caret"></div><a href="admin/wl_filter.php" target="REXY2"><?= $l_whitelist ?></a></li>
<li><div class="caret"></div><a href="admin/protocols_filter.php" target="REXY2"><?= $l_protocols ?></a></li>
</ul>
</li>
<?php endif; ?>
<?php if ($right === 0): // admin ?>
<li>
<div class="caret"></div><a href="#"><?= $l_statistics ?></a>
<ul>
<li><div class="caret"></div><a href="manager/htdocs/user_stats.php" target="REXY2"><?= $l_stat_user_day ?></a></li>
<li><div class="caret"></div><a href="manager/htdocs/accounting.php" target="REXY2"><?= $l_stat_con ?></a></li>
<li><div class="caret"></div><a href="manager/htdocs/stats.php" target="REXY2"><?= $l_stat_daily ?></a></li>
<li><div class="caret"></div><a href="manager/stats/index.php" target="REXY2"><?= $l_stat_global_network ?></a></li>
<li><div class="caret"></div><a href="manager/nfsen/nfsen.php" target="REXY2"><?= $l_stat_detail_network ?></a></li>
<li><div class="caret"></div><a href="manager/htdocs/security.php" target="REXY2"><?= $l_security ?></a></li>
</ul>
</li>
<?php endif; ?>
<?php if ($right === 0 || $right === 1): // admin, backup ?>
<li>
<div class="caret"></div><a href="#"><?= $l_backup ?></a>
<ul>
<li><div class="caret"></div><a href="backup/sauvegarde.php" target="REXY2"><?= $l_backup_archive ?></a></li>
<li><div class="caret"></div><a href="backup/log_generation.php" target="REXY2"><?= $l_backup_log ?></a></li>
</ul>
</li>
<?php endif; ?>
</ul>
</div>
</div>
</div>
<br>
<div class="panel">
<div class="panel-header">
Documents
</div>
<div class="panel-body">
<div class="menu">
<ul>
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-presentation-$Language.pdf" ?>" target="_blank">Presentation</a></li>
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-installation-$Language.pdf" ?>" target="_blank">Installation</a></li>
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-exploitation-$Language.pdf" ?>" target="_blank">Exploitation</a></li>
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-technique.pdf" ?>" target="_blank">Technique</a></li>
</ul>
</div>
</div>
</div>
<br>
<div class="panel">
<div class="panel-header">
<?= $l_access_nb ?>
</div>
<div class="panel-body" style="text-align: center;">
<a href="admin_log.php" target="REXY2"><?= $accAccessCounter ?></a><br>
<?= $l_since ?> <?= $accAccessFirstDate ?>
</div>
</div>
</body>
</html>