1,241 → 1,255 |
<?php |
# $Id $ |
# $Id$ |
|
/******************** |
* READ CONF FILES * |
*********************/ |
define ("CONF_FILE", "/usr/local/etc/alcasar.conf"); |
define ("ACC_ACCESS_LOG", "/var/Save/security/acc_access.log"); |
$conf_files=array(CONF_FILE,ACC_ACCESS_LOG); |
foreach ($conf_files as $file){ |
if (!file_exists($file)){ |
exit("Requested file ".$file." isn't present");} |
if (!is_readable($file)){ |
exit("Can't read the file ".$file);} |
/**************************************************************** |
* GLOBAL FILE PATHS * |
*****************************************************************/ |
define('CONF_FILE', '/usr/local/etc/alcasar.conf'); |
define('ACC_ACCESS_LOG', '/var/Save/security/acc_access.log'); |
|
/**************************************************************** |
* FILE reading test * |
*****************************************************************/ |
$conf_files = array(CONF_FILE, ACC_ACCESS_LOG); |
foreach ($conf_files as $file) { |
if (!file_exists($file)) { |
exit("Requested file $file isn't present"); |
} |
if (!is_readable($file)) { |
exit("Can't read the file $file"); |
} |
} |
// Read CONF_FILE |
$file_conf = fopen(CONF_FILE, 'r'); # retrieve the version number |
|
/**************************************************************** |
* Read CONF_FILE * |
*****************************************************************/ |
$file_conf = fopen(CONF_FILE, 'r'); |
if (!$file_conf) { |
exit('Error opening the file '.CONF_FILE); |
} |
while (!feof($file_conf)) { |
$tampon = fgets($file_conf, 4096); |
if ((strpos($tampon, '=') !== false) && (substr($tampon, 0, 1) !== '#')) { |
$tmp = explode('=', $tampon); |
$conf[$tmp[0]] = trim($tmp[1]); |
$buffer = fgets($file_conf, 4096); |
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) { |
$tmp = explode('=', $buffer); |
$conf[trim($tmp[0])] = trim($tmp[1]); |
} |
} |
fclose($file_conf); |
?> |
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN//2.0"> |
<HTML> |
<!-- written by Rexy ! --> |
<HEAD> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<TITLE>menu</TITLE> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<? |
// retrieve the user's profil |
exec('sudo alcasar-profil.sh -l | cut -d":" -f2 2>&1', $output); |
$user_htdigest=$_SERVER['PHP_AUTH_USER']; |
|
if(strpos($output[0], $user_htdigest)) |
{ |
$right=1; |
// Retrieve the user's profil |
$user_htdigest = $_SERVER['PHP_AUTH_USER']; |
exec('sudo alcasar-profil.sh --list | cut -d":" -f2', $output); |
$admin_members = explode(' ', ltrim($output[0], " \t")); |
$backup_members = explode(' ', ltrim($output[1], " \t")); |
$manager_members = explode(' ', ltrim($output[2], " \t")); |
|
if (in_array($user_htdigest, $admin_members)) { |
$right = 0; // admin |
} else if (in_array($user_htdigest, $backup_members)) { |
$right = 1; // backup |
} else if (in_array($user_htdigest, $manager_members)) { |
$right = 2; // manager |
} else { |
exit(); // Unknown account |
} |
elseif(strpos($output[1], $user_htdigest)) |
{ |
$right=2; |
} |
elseif(strpos($output[2], $user_htdigest)) |
{ |
$right=3; |
} |
else |
{ |
exit(); |
} |
|
$installed_version = $conf['VERSION']; |
|
# Choice of language |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) |
{ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); |
// Choice of language |
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { |
$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]), 0, 2)); |
} |
if($Language == 'fr') |
{ |
$l_home = "ACCUEIL"; |
$l_system = "SYSTÈME"; |
$l_auth = "AUTHENTIFICATION"; |
$l_filter = "FILTRAGE"; |
$l_statistics = "STATISTIQUES"; |
$l_backup = "SAUVEGARDES"; |
$l_activity = "Activité"; |
$l_blacklist = "Liste noire"; |
$l_whitelist = "Liste blanche"; |
$l_network = "Réseau"; |
$l_ldap = "Ldap/A.D."; |
$l_access_nb = "Nb d'accès à l'ACC"; |
$l_create_user = "Créer des utilisateurs"; |
$l_edit_user = "Gérer les utilisateurs"; |
$l_create_group = "Créer un groupe"; |
$l_edit_group = "Gérer les groupe"; |
$l_import_empty = "Importer / Vider"; |
$l_protocols = "Protocoles"; |
$l_stat_user_day = "Par connexion"; |
$l_stat_con = "Journal global"; |
$l_stat_daily ="Usage journalier"; |
$l_stat_global_network="Trafic global"; |
$l_stat_detail_network="Trafic détaillé"; |
$l_security="Sécurité"; |
$l_menu="Menu"; |
$l_gammu="Auto enregistrement (SMS)"; |
$l_archive="Archivage"; |
$l_log="Générer les journaux"; |
$l_backup_archive="Archives"; |
$l_activity_report="Rapport d'activité"; |
$l_backup_log="Journaux d'imputabilité"; |
$l_since="depuis le :"; |
if ($Language === 'fr') { // French |
$l_home = "ACCUEIL"; |
$l_system = "SYSTÈME"; |
$l_auth = "AUTHENTIFICATION"; |
$l_filter = "FILTRAGE"; |
$l_statistics = "STATISTIQUES"; |
$l_backup = "SAUVEGARDES"; |
$l_activity = "Activité"; |
$l_blacklist = "Liste noire"; |
$l_whitelist = "Liste blanche"; |
$l_network = "Réseau"; |
$l_ldap = "LDAP/A.D."; |
$l_access_nb = "Nb d'accès à l'ACC"; |
$l_create_user = "Créer des utilisateurs"; |
$l_edit_user = "Gérer les utilisateurs"; |
$l_create_group = "Créer un groupe"; |
$l_edit_group = "Gérer les groupe"; |
$l_import_empty = "Importer / Vider"; |
$l_protocols = "Protocoles"; |
$l_stat_user_day = "Par connexion"; |
$l_stat_con = "Journal global"; |
$l_stat_daily = "Usage journalier"; |
$l_stat_global_network = "Trafic global"; |
$l_stat_detail_network = "Trafic détaillé"; |
$l_security = "Sécurité"; |
$l_menu = "Menu"; |
$l_gammu = "Auto enregistrement (SMS)"; |
$l_archive = "Archivage"; |
$l_log = "Générer les journaux"; |
$l_backup_archive = "Archives"; |
$l_activity_report = "Rapport d'activité"; |
$l_backup_log = "Journaux d'imputabilité"; |
$l_since = "depuis le :"; |
} else { // English |
$Language = 'en'; |
$l_home = "HOME"; |
$l_system = "SYSTEM"; |
$l_auth = "AUTHENTICATION"; |
$l_filter = "FILTERING"; |
$l_statistics = "STATISTICS"; |
$l_backup = "BACKUPS"; |
$l_activity = "Activity"; |
$l_blacklist = "Blacklist"; |
$l_whitelist = "Whitelist"; |
$l_network = "Network"; |
$l_ldap = "LDAP/A.D."; |
$l_access_nb = "ACC access Nbr"; |
$l_create_user = "Create users"; |
$l_edit_user = "Manage users"; |
$l_create_group = "Create a group"; |
$l_edit_group = "Manage groups"; |
$l_import_empty = "Import / Empty"; |
$l_protocols = "Protocols"; |
$l_stat_user_day = "By connexion"; |
$l_stat_con = "Global accounting"; |
$l_stat_daily = "daily use"; |
$l_stat_global_network = "global trafic"; |
$l_stat_detail_network = "detailed trafic"; |
$l_security = "security"; |
$l_menu = "Main"; |
$l_gammu = "Auto registration (SMS)"; |
$l_backup_archive = "Archives"; |
$l_backup_log = "Log generation"; |
$l_activity_report = "Activity report"; |
$l_since = "since:"; |
} |
else |
{ |
$Language = 'en'; |
$l_home = "HOME"; |
$l_system = "SYSTEM"; |
$l_auth = "AUTHENTICATION"; |
$l_filter = "FILTERING"; |
$l_statistics = "STATISTICS"; |
$l_backup = "BACKUPS"; |
$l_activity = "Activity"; |
$l_blacklist = "Blacklist"; |
$l_whitelist = "Whitelist"; |
$l_network = "Network"; |
$l_ldap = "Ldap/A.D."; |
$l_access_nb = "ACC access Nbr"; |
$l_create_user = "Create users"; |
$l_edit_user = "Manage users"; |
$l_create_group = "Create a group"; |
$l_edit_group = "Manage groups"; |
$l_import_empty = "Import / Empty"; |
$l_protocols= "Protocols"; |
$l_stat_user_day = "By connexion"; |
$l_stat_con = "Global accounting"; |
$l_stat_daily ="daily use"; |
$l_stat_global_network="global trafic"; |
$l_stat_detail_network="detailed trafic"; |
$l_security="security"; |
$l_menu="Main"; |
$l_gammu="Auto registration (SMS)"; |
$l_backup_archive="Archives"; |
$l_backup_log="Log generation"; |
$l_activity_report="Activity report"; |
$l_since="since"; |
} |
echo " |
<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=0> |
<tr><th>$l_menu</th></tr> |
<tr><td bgcolor=\"#FFCC66\"><img src=\"/images/pix.gif\" width=1 height=2></td></tr> |
</TABLE> |
<TABLE width=\"100%\" border=1 cellspacing=0 cellpadding=0> |
<tr bgcolor=\"#666666\"><td> |
<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign=\"middle\" align=\"left\"> |
<img src=\"/images/right.gif\" height=10 width=10 border=no nosave><A HREF=\"phpsysinfo/\" TARGET=\"REXY2\">$l_home</A></td></tr>"; |
if (isset($_GET['a'])) { $a=$_GET['a']; } |
else $a=0; |
if (isset($_GET['b'])) { $b=$_GET['b']; } |
else $b=0; |
|
switch($right){ |
case 1: #admin |
$selection[0]=$l_system; |
$selection[1]=$l_auth; |
$selection[2]=$l_filter; |
$selection[3]=$l_statistics; |
$selection[4]=$l_backup; |
$fichier[0]="system.php"; |
$fichier[1]="auth.php"; |
$fichier[2]="filtering.php"; |
$fichier[3]="stat.php"; |
$fichier[4]="backup.php"; |
break; |
case 2: #backup |
$selection[0]=$l_backup; |
$fichier[0]="backup.php"; |
break; |
case 3: #manager |
$selection[0]=$l_auth; |
$fichier[0]="auth.php"; |
break; |
default: |
exit(); |
break; |
|
} |
|
$i=0; |
$nb1=count($selection); |
while ($i != $nb1) |
{ |
if ($a==1 AND $i==$b) |
{ |
echo "<tr><td valign=\"middle\" align=\"left\"><img src=\"/images/down2.gif\" height=10 width=10 border=no nosave><a href=\"menu.php?a=0&b=0\"><font color=\"black\"><b>$selection[$i]</b></font></a></td></tr>"; |
include($fichier[$i]); |
} |
else |
{ |
echo "<tr><td valign=\"middle\" align=\"left\"><img src=\"/images/right.gif\" height=10 width=10 border=no nosave><a href=\"menu.php?a=1&b=$i\">$selection[$i]</a></td></tr>"; |
} |
$i++; |
} |
|
// Get access log count |
$tab = file(ACC_ACCESS_LOG); |
$accAccessCounter = count($tab); |
$field = explode('|', $tab[0]); |
$accAccessFirstDate = explode(' ', $field[0])[0]; |
?> |
</TABLE> |
</td></tr> |
</TABLE> |
<br> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th>Doc</th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" |
height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr bgcolor="#666666"><td> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10 |
width=10 border=no nosave><a href="<? echo "alcasar-$installed_version-presentation-$Language.pdf"; ?>" target="_blank">Presentation</a></td></tr> |
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10 |
width=10 border=no nosave><a href="<? echo "alcasar-$installed_version-installation-$Language.pdf"; ?>" target="_blank">Installation</a></td></tr> |
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10 |
width=10 border=no nosave><a href="<? echo "alcasar-$installed_version-exploitation-$Language.pdf"; ?>" target="_blank">Exploitation</a></td></tr> |
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10 |
width=10 border=no nosave><a href="<? echo "alcasar-$installed_version-technique.pdf"; ?>" target="_blank">Technique</a></td></tr> |
</TABLE> |
</td></tr> |
</TABLE> |
<BR> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><? echo "$l_access_nb"; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr bgcolor="#666666"><td> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><td valign="middle" align="center"> |
<a href="admin_log.php" target="REXY2"> |
<? |
$tab=file(ACC_ACCESS_LOG); |
$counter=count ($tab); |
$field=explode("|", $tab[0]); |
$first_date_time=$field[0]; |
$first_date=explode(" ", $first_date_time); |
echo "$counter</a><br>"; |
echo "$l_since $first_date[0]"; |
?> |
</TABLE> |
</td></tr> |
</TABLE> |
</BODY> |
</HTML> |
|
|
<!DOCTYPE html> |
<html> |
<head> |
<meta charset="utf-8"> |
<title>Menu - ALCASAR</title> |
<link rel="stylesheet" type="text/css" href="/css/style.css"> |
<link rel="stylesheet" type="text/css" href="/css/acc.css"> |
<script src="/js/jquery.min.js"></script> |
<script> |
$(document).ready(function () { |
$('.menu a[href="#"]').click(function (event) { |
event.preventDefault(); |
if ($(this).parent().hasClass('active')) { |
$(this).parent().removeClass('active'); |
} else { |
$('.menu li.active').removeClass('active'); |
$(this).parent().addClass('active'); |
} |
}); |
}); |
</script> |
</head> |
<body> |
<div class="panel"> |
<div class="panel-header"> |
<?= $l_menu ?> |
</div> |
<div class="panel-body"> |
<div class="menu"> |
<ul> |
<li><div class="caret"></div><a href="phpsysinfo/" target="REXY2"><?= $l_home ?></a></li> |
<?php if ($right === 0): // admin ?> |
<li> |
<div class="caret"></div><a href="#"><?= $l_system ?></a> |
<ul> |
<li><div class="caret"></div><a href="admin/network.php" target="REXY2"><?= $l_network ?></a></li> |
<li><div class="caret"></div><a href="admin/services.php" target="REXY2">Services</a></li> |
<li><div class="caret"></div><a href="admin/ldap.php" target="REXY2"><?= $l_ldap ?></a></li> |
</ul> |
</li> |
<?php endif; ?> |
<?php if ($right === 0 || $right === 2): // admin, manager ?> |
<li> |
<div class="caret"></div><a href="#"><?= $l_auth ?></a> |
<ul> |
<li><div class="caret"></div><a href="manager/htdocs/activity.php" target="REXY2"><?= $l_activity ?></a></li> |
<li><div class="caret"></div><a href="manager/htdocs/user_new.php" target="REXY2"><?= $l_create_user ?></a></li> |
<li><div class="caret"></div><a href="manager/htdocs/find.php" target="REXY2"><?= $l_edit_user ?></a></li> |
<li><div class="caret"></div><a href="manager/htdocs/group_new.php" target="REXY2"><?= $l_create_group ?></a></li> |
<li><div class="caret"></div><a href="manager/htdocs/show_groups.php" target="REXY2"><?= $l_edit_group ?></a></li> |
<li><div class="caret"></div><a href="manager/htdocs/import_user.php" target="REXY2"><?= $l_import_empty ?></a></li> |
<li><div class="caret"></div><a href="manager/auth_exceptions.php" target="REXY2">Exceptions</a></li> |
<li><div class="caret"></div><a href="manager/htdocs/autoregistration.php" target="REXY2"><?= $l_gammu ?></a></li> |
</ul> |
</li> |
<?php endif; ?> |
<?php if ($right === 0): // admin ?> |
<li> |
<div class="caret"></div><a href="#"><?= $l_filter ?></a> |
<ul> |
<li><div class="caret"></div><a href="admin/bl_filter.php" target="REXY2"><?= $l_blacklist ?></a></li> |
<li><div class="caret"></div><a href="admin/wl_filter.php" target="REXY2"><?= $l_whitelist ?></a></li> |
<li><div class="caret"></div><a href="admin/protocols_filter.php" target="REXY2"><?= $l_protocols ?></a></li> |
</ul> |
</li> |
<?php endif; ?> |
<?php if ($right === 0): // admin ?> |
<li> |
<div class="caret"></div><a href="#"><?= $l_statistics ?></a> |
<ul> |
<li><div class="caret"></div><a href="manager/htdocs/user_stats.php" target="REXY2"><?= $l_stat_user_day ?></a></li> |
<li><div class="caret"></div><a href="manager/htdocs/accounting.php" target="REXY2"><?= $l_stat_con ?></a></li> |
<li><div class="caret"></div><a href="manager/htdocs/stats.php" target="REXY2"><?= $l_stat_daily ?></a></li> |
<li><div class="caret"></div><a href="manager/stats/index.php" target="REXY2"><?= $l_stat_global_network ?></a></li> |
<li><div class="caret"></div><a href="manager/nfsen/nfsen.php" target="REXY2"><?= $l_stat_detail_network ?></a></li> |
<li><div class="caret"></div><a href="manager/htdocs/security.php" target="REXY2"><?= $l_security ?></a></li> |
</ul> |
</li> |
<?php endif; ?> |
<?php if ($right === 0 || $right === 1): // admin, backup ?> |
<li> |
<div class="caret"></div><a href="#"><?= $l_backup ?></a> |
<ul> |
<li><div class="caret"></div><a href="backup/sauvegarde.php" target="REXY2"><?= $l_backup_archive ?></a></li> |
<li><div class="caret"></div><a href="backup/log_generation.php" target="REXY2"><?= $l_backup_log ?></a></li> |
</ul> |
</li> |
<?php endif; ?> |
</ul> |
</div> |
</div> |
</div> |
<br> |
<div class="panel"> |
<div class="panel-header"> |
Documents |
</div> |
<div class="panel-body"> |
<div class="menu"> |
<ul> |
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-presentation-$Language.pdf" ?>" target="_blank">Presentation</a></li> |
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-installation-$Language.pdf" ?>" target="_blank">Installation</a></li> |
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-exploitation-$Language.pdf" ?>" target="_blank">Exploitation</a></li> |
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-technique.pdf" ?>" target="_blank">Technique</a></li> |
</ul> |
</div> |
</div> |
</div> |
<br> |
<div class="panel"> |
<div class="panel-header"> |
<?= $l_access_nb ?> |
</div> |
<div class="panel-body" style="text-align: center;"> |
<a href="admin_log.php" target="REXY2"><?= $accAccessCounter ?></a><br> |
<?= $l_since ?> <?= $accAccessFirstDate ?> |
</div> |
</div> |
</body> |
</html> |