Viewing File web/admin.php of 0.00.0a
Home or version:
File: 0.00.0a/web/admin.php (View as HTML)

  1: <?php
  2: ob_start();
  3: require("include.php");
  4: $NATS->Start();
  5: if (!$NATS_Session->Check($NATS->DB))
  6: 	{
  7: 	header("Location: ./?login_msg=Invalid+Or+Expired+Session");
  8: 	exit();
  9: 	}
 10: if ($NATS_Session->userlevel<9) UL_Error("Action Node");
 11: 
 12: if (isset($_REQUEST['action']))
 13: 	{
 14: 	switch($_REQUEST['action'])
 15: 		{
 16: 		case "save_user":
 17: 		$q="UPDATE fnuser SET realname=\"".ss($_REQUEST['realname'])."\",userlevel=".ss($_REQUEST['userlevel']);
 18: 		if ((isset($_REQUEST['pword']))&&($_REQUEST['pword']!="_NOTTHIS_")) $q.=",password=MD5(\"".ss($_REQUEST['pword'])."\")";
 19: 		$q.=" WHERE username=\"".ss($_REQUEST['username'])."\"";
 20: 		$NATS->DB->Query($q);
 21: 		if ($NATS->DB->Affected_Rows()<=0) $amsg="Save User Failed or Nothing Changed";
 22: 		else $amsg="Save User ".$_REQUEST['username']." Succeeded";
 23: 		break;
 24: 		
 25: 		case "create_user":
 26: 		$q="INSERT INTO fnuser(username,password,realname,userlevel) VALUES(\"".ss($_REQUEST['username'])."\",";
 27: 		$q.="MD5(\"".ss($_REQUEST['pword'])."\"),\"".ss($_REQUEST['realname'])."\",".ss($_REQUEST['userlevel']).")";
 28: 		$NATS->DB->Query($q);
 29: 		//echo $q;
 30: 		if ($NATS->DB->Affected_Rows()<=0) $amsg="Create User Failed";
 31: 		else $amsg="User ".$_REQUEST['username']." Created";
 32: 		break;
 33: 		
 34: 		case "delete_user": 
 35: 		if ($_REQUEST['username']=="admin")
 36: 			{
 37: 			$amsg="Can't delete the admin user";
 38: 			break;
 39: 			}
 40: 		if (!isset($_REQUEST['confirmed']))
 41: 			{
 42: 			$back=urlencode("admin.php?action=delete_user&username=".$_REQUEST['username']."&confirmed=1");
 43: 			$url="confirm.php?action=Delete+User+".$_REQUEST['username']."&back=".$back;
 44: 			header("Location: ".$url);
 45: 			exit();
 46: 			}
 47: 		$q="DELETE FROM fnuser WHERE username=\"".ss($_REQUEST['username'])."\"";
 48: 		$NATS->DB->Query($q);
 49: 		$amsg="User ".$_REQUEST['username']." Deleted";
 50: 		break;
 51: 		
 52: 		case "var_save":
 53: 		if ($_REQUEST['new_var']=="") // delete
 54: 			{
 55: 			$q="DELETE FROM fnconfig WHERE fnc_var=\"".ss($_REQUEST['orig_var'])."\"";
 56: 			}
 57: 		else // update
 58: 			{
 59: 			$q="UPDATE fnconfig SET fnc_var=\"".ss($_REQUEST['new_var'])."\",fnc_val=\"".ss($_REQUEST['new_val'])."\" ";
 60: 			$q.="WHERE fnc_var=\"".ss($_REQUEST['orig_var'])."\"";
 61: 			}
 62: 		$NATS->DB->Query($q);
 63: 		if ($NATS->DB->Affected_Rows()<=0) $amsg="Update/Delete Variable Failed";
 64: 		else $amsg="Updated/Deleted Variable";
 65: 		break;
 66: 		case "var_new":
 67: 		$q="INSERT INTO fnconfig(fnc_var,fnc_val) VALUES(\"".ss($_REQUEST['new_var'])."\",\"".ss($_REQUEST['new_val'])."\")";
 68: 		//echo $q;
 69: 		$NATS->DB->Query($q);
 70: 		if ($NATS->DB->Affected_Rows()<=0) $amsg="Create Variable Failed";
 71: 		else $amsg="Created Variable";
 72: 		break;
 73: 		
 74: 		case "save_aa":
 75: 		$q="UPDATE fnalertaction SET ";
 76: 		$q.="atype=\"".ss($_REQUEST['atype'])."\",";
 77: 		$q.="aname=\"".ss($_REQUEST['aname'])."\",";
 78: 		$q.="efrom=\"".ss($_REQUEST['efrom'])."\",";
 79: 		$q.="etolist=\"".ss($_REQUEST['etolist'])."\",";
 80: 		$q.="esubject=".ss($_REQUEST['esubject']).",";
 81: 		$q.="etype=".ss($_REQUEST['etype']);
 82: 		if (isset($_REQUEST['awarnings'])) $q.=",awarnings=".ss($_REQUEST['awarnings']);
 83: 		else $q.=",awarnings=0";
 84: 		if (isset($_REQUEST['adecrease'])) $q.=",adecrease=".ss($_REQUEST['adecrease']);
 85: 		else $q.=",adecrease=0";
 86: 		$q.=" WHERE aaid=".ss($_REQUEST['aaid']);
 87: 		//echo $q;
 88: 		$NATS->DB->Query($q);
 89: 		if ($NATS->DB->Affected_Rows()<=0) $amsg="Action Update Failed or Nothing Changed";
 90: 		else $amsg="Action Updated";
 91: 		break;
 92: 		
 93: 		case "action_test":
 94: 		$q="SELECT mdata FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid'])." LIMIT 0,1";
 95: 		$r=$NATS->DB->Query($q);
 96: 		$row=$NATS->DB->Fetch_Array($r);
 97: 		$oldm=$row['mdata'];
 98: 		$q="UPDATE fnalertaction SET mdata=\"** ACTION TEST **\" WHERE aaid=".ss($_REQUEST['aaid']);
 99: 		$NATS->DB->Query($q);
100: 		$NATS->ActionFlush();
101: 		$q="UPDATE fnalertaction SET mdata=\"".ss($oldm)."\" WHERE aaid=".ss($_REQUEST['aaid']);
102: 		$NATS->DB->Query($q);
103: 		$amsg="Alert Action Tested &amp; Flushed";
104: 		break;
105: 		
106: 		case "action_create":
107: 		$q="INSERT INTO fnalertaction(atype) VALUES(\"\")";
108: 		$NATS->DB->Query($q);
109: 		$amsg="Created New Alert Action";
110: 		break;
111: 		
112: 		case "action_delete":
113: 		if (!isset($_REQUEST['confirmed']))
114: 			{
115: 			$back=urlencode("admin.php?aaid_del=".$_REQUEST['aaid_del']."&action=action_delete&confirmed=1");
116: 			$url="confirm.php?action=Delete+alert+action&back=".$back;
117: 			header("Location: ".$url);
118: 			exit();
119: 			}
120: 		// otherwise confirmed
121: 		$q="DELETE FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid_del']);
122: 		$NATS->DB->Query($q);
123: 		if ($NATS->DB->Affected_Rows()>0) $amsg="Alert Action Deleted";
124: 		else $amsg="Alert Action Delete Failed";
125: 		$q="DELETE FROM fnnalink WHERE aaid=".ss($_REQUEST['aaid_del']);
126: 		$NATS->DB->Query($q);
127: 		break;
128: 		
129: 		}
130: 	}
131: 
132: ob_end_flush();
133: Screen_Header("Administration Interface",1);
134: 
135: if (isset($_REQUEST['message'])) echo "<br><b>".$_REQUEST['message']."</b><br>";
136: if (isset($amsg)) echo "<br><b>".$amsg."</b><br>";
137: 
138: ?>
139: <br>
140: <b class="minortitle">Users</b><br><br>
141: 
142: <?php
143: function tul($l)
144: {
145: if ($l>9) return "Administrator";
146: if ($l>4) return "Power User";
147: if ($l>0) return "Normal User";
148: return "Disabled";
149: }
150: 
151: $q="SELECT username,realname,userlevel FROM fnuser";
152: $r=$NATS->DB->Query($q);
153: echo "<table border=0>";
154: echo "<tr><td><b>Username&nbsp;</b></td>";
155: echo "<td><b>Real Name</b></td><td><b>User Level</b></td><td><b>Password</b></td><td><b>Options</b></td></tr>";
156: while ($row=$NATS->DB->Fetch_Array($r))
157: 	{
158: 	echo "<form action=admin.php method=post>";
159: 	echo "<input type=hidden name=action value=save_user>";
160: 	echo "<input type=hidden name=username value=\"".$row['username']."\">";
161: 	echo "<tr><td>".$row['username']."</td>";
162: 	echo "<td><input type=text name=realname value=\"".$row['realname']."\" size=20 maxlength=120></td>";
163: 	echo "<td><select name=userlevel>";
164: 	echo "<option value=".$row['userlevel'].">".tul($row['userlevel'])."</option>";
165: 	echo "<option value=0>".tul(0)."</option>";
166: 	echo "<option value=1>".tul(1)."</option>";
167: 	echo "<option value=5>".tul(5)."</option>";
168: 	echo "<option value=10>".tul(10)."</option>";
169: 	echo "</select>";
170: 	echo "</td>";
171: 	echo "<td><input type=password name=pword value=\"_NOTTHIS_\" size=10 maxlength=128></td>";
172: 	echo "<td><input type=submit value=\"Save\"> <a href=admin.php?action=delete_user&username=".$row['username'].">Delete</a></td>";
173: 	echo "</tr>";
174: 	echo "</form>";
175: 	}
176: echo "<form action=admin.php method=post>";
177: echo "<input type=hidden name=action value=create_user>";
178: echo "<tr><td><input type=text name=username size=20 maxlength=60></td>";
179: echo "<td><input type=text name=realname size=20 maxlength=120></td>";
180: echo "<td><select name=userlevel>";
181: echo "<option value=1>".tul(1)."</option>";
182: echo "<option value=0>".tul(0)."</option>";
183: echo "<option value=5>".tul(5)."</option>";
184: echo "<option value=10>".tul(10)."</option>";
185: echo "</select></td>";
186: echo "<td><input type=password name=pword size=10 maxlength=60></td>";
187: echo "<td><input type=submit value=\"Create User\"></td>";
188: echo "</tr></form>";
189: echo "</table><br>";
190: echo "<br>";
191: $NATS->DB->Free($r);
192: 
193: echo "<b class=\"minortitle\">Test Sessions</b><br><br>";
194: $q="SELECT * FROM fntestrun ORDER BY trid DESC";
195: if (!isset($_REQUEST['ShowAllSessions'])) $q.=" LIMIT 0,5";
196: $r=$NATS->DB->Query($q);
197: echo "<table border=0>";
198: while ($row=$NATS->DB->Fetch_Array($r))
199: 	{
200: 	echo "<tr><td><a href=testrun.php?trid=".$row['trid'].">run/".$row['trid']."</a></td>";
201: 	echo "<td>".nicedt($row['startx'])." - ";
202: 	if ($row['finishx']>0) echo nicedt($row['finishx']);
203: 	else echo "Still Running";
204: 	echo "</td></tr>";
205: 	}
206: echo "</table>";
207: $NATS->DB->Free($r);
208: echo "<br>";
209: if (!isset($_REQUEST['ShowAllSessions'])) echo "<a href=admin.php?ShowAllSessions=1>Show All Testing Sessions</a><br><br>";
210: echo "<br>";
211: 
212: echo "<b class=\"minortitle\">Alert Actions</b><br><br>";
213: 
214: function aat_etype($type)
215: {
216: switch ($type)
217: 	{
218: 	case 0: return "Short";
219: 	case 1: return "Long";
220: 	default: return "Unknown";
221: 	}
222: }
223: 
224: function aat_esub($type)
225: {
226: switch ($type)
227: 	{
228: 	case 0: return "Blank";
229: 	case 1: return "Short";
230: 	case 2: return "Long";
231: 	default: return "Unknown";
232: 	}
233: }
234: 
235: function aat_atype($type)
236: {
237: switch($type)
238: 	{
239: 	case "": case "Disabled": return "Disabled";
240: 	case "email": return "EMail";
241: 	default: return "Unknown";
242: 	}
243: }
244: 
245: 
246: 
247: if (isset($_REQUEST['aaid']))
248: 	{ // view/edit aaid
249: 	$q="SELECT * FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid']);
250: 	$r=$NATS->DB->Query($q);
251: 	if (!$row=$NATS->DB->Fetch_Array($r))
252: 		{
253: 		echo "<b>Error Fetching AAID</b><br><br>";
254: 		Screen_Footer();
255: 		exit();
256: 		}
257: 	echo "<table border=0>";
258: 	echo "<form action=admin.php method=post>";
259: 	echo "<input type=hidden name=action value=save_aa>";
260: 	echo "<input type=hidden name=aaid value=".$_REQUEST['aaid'].">";
261: 	echo "<tr><td>ID : </td><td>action/".$_REQUEST['aaid']."</td></tr>";
262: 	
263: 	echo "<tr><td>Action Name : </td>";
264: 	echo "<td>";
265: 	echo "<input type=text name=aname size=30 maxlength=120 value=\"".$row['aname']."\">";
266: 	echo "</td></tr>";
267: 	
268: 	echo "<tr><td>Type : </td><td>";
269: 	echo "<select name=atype>";
270: 	echo "<option value=".$row['atype'].">".aat_atype($row['atype'])."</option>";
271: 	echo "<option value=Disabled>Disabled</option>";
272: 	echo "<option value=email>EMail</option>";
273: 	echo "</select>";
274: 	echo "</td></tr>";
275: 	
276: 	echo "<tr><td>Warnings : </td>";
277: 	if ($row['awarnings']==1) $s=" checked";
278: 	else $s="";
279: 	echo "<td><input type=checkbox name=awarnings value=1".$s."></td></tr>";
280: 	
281: 	echo "<tr><td>Decreases : </td>";
282: 	if ($row['adecrease']==1) $s=" checked";
283: 	else $s="";
284: 	echo "<td><input type=checkbox name=adecrease value=1".$s."></td></tr>";
285: 	
286: 	echo "<tr><td>Email From : </td>";
287: 	echo "<td>";
288: 	echo "<input type=text name=efrom size=30 maxlength=120 value=\"".$row['efrom']."\">";
289: 	echo "</td></tr>";
290: 	
291: 	echo "<tr><td>Email Subject : </td><td>";
292: 	echo "<select name=esubject>";
293: 	echo "<option value=".$row['esubject'].">".aat_esub($row['esubject'])."</option>";
294: 	echo "<option value=0>Blank</option>";
295: 	echo "<option value=1>Short</option>";
296: 	echo "<option value=2>Long</option>";
297: 	echo "</select>";
298: 	echo "</td></tr>";
299: 	
300: 	echo "<tr><td>Email Type : </td><td>";
301: 	echo "<select name=etype>";
302: 	echo "<option value=".$row['etype'].">".aat_etype($row['etype'])."</option>";
303: 	echo "<option value=0>Short</option>";
304: 	echo "<option value=1>Long</option>";
305: 	echo "</select>";
306: 	echo "</td></tr>";
307: 	
308: 	echo "<tr><td valign=top>Email To : </td><td>";
309: 	echo "<textarea name=etolist cols=40 rows=6>".$row['etolist']."</textarea>";
310: 	echo "</td></tr>";
311: 	
312: 	echo "<tr><td colspan=2><input type=submit value=\"Update Action\"> &nbsp; <a href=admin.php>Cancel Update</a> | ";
313: 	echo "<a href=admin.php?aaid=".$_REQUEST['aaid']."&action=action_test>Test Action</a> | ";
314: 	echo "<a href=admin.php?aaid_del=".$_REQUEST['aaid']."&action=action_delete>Delete Action</a>";
315: 	echo "</td></tr>";
316: 	
317: 	echo "</form></table><br><br>";
318: 	$NATS->DB->Free($r);
319: 	}
320: 
321: $q="SELECT aaid,atype,aname FROM fnalertaction";
322: $r=$NATS->DB->Query($q);
323: while ($row=$NATS->DB->Fetch_Array($r))
324: 	{
325: 	echo "<a href=admin.php?aaid=".$row['aaid'].">action/".$row['aaid']." : ".$row['aname']."</a> - ";
326: 	echo aat_atype($row['atype']);
327: 	echo "<br>";
328: 	}
329: 
330: echo "<br><a href=admin.php?action=action_create><b>Create New Alert Action</b></a>";
331: 	
332: echo "<br><br>";
333: 
334: echo "<b class=\"minortitle\">Variables</b><br><br>";
335: $q="SELECT * FROM fnconfig ORDER BY fnc_var ASC";
336: $r=$NATS->DB->Query($q);
337: echo "<table border=0>";
338: while ($row=$NATS->DB->Fetch_Array($r))
339: 	{
340: 	echo "<form action=admin.php method=post>";
341: 	echo "<input type=hidden name=action value=var_save>";
342: 	echo "<input type=hidden name=orig_var value=\"".$row['fnc_var']."\">";
343: 	echo "<input type=hidden name=orig_val value=\"".$row['fnc_val']."\">";
344: 	echo "<tr><td><input type=text size=20 maxlength=60 name=new_var value=\"".$row['fnc_var']."\"></td>";
345: 	echo "<td>=</td>";
346: 	echo "<td><input type=text size=20 maxlength=60 name=new_val value=\"".$row['fnc_val']."\"></td>";
347: 	echo "<td><input type=submit value=\"Save\"></td>";
348: 	echo "</tr>";
349: 	echo "</form>";
350: 	}
351: echo "<form action=admin.php method=post>";
352: echo "<input type=hidden name=action value=var_new>";
353: echo "<tr><td><input type=text size=20 maxlength=60 name=new_var value=\"\"></td>";
354: echo "<td>=</td>";
355: echo "<td><input type=text size=20 maxlength=60 name=new_val value=\"\"></td>";
356: echo "<td><input type=submit value=\"Create\"></td>";
357: echo "</tr>";
358: echo "</form>";
359: echo "</table>";
360: 
361: ?>
362: 
363: 
364: <?php
365: Screen_Footer();
366: ?>
367:
CodeXplore for FreeNATS by David Cutting, all rights reserved.