Viewing File server/web/admin.php of 0.02.14a
|
1: <?php 2: ob_start(); 3: require("include.php"); 4: $NATS->Start(); 5: if (!$NATS_Session->Check($NATS->DB)) 6: { 7: header("Location: ./?login_msg=Invalid+Or+Expired+Session"); 8: exit(); 9: } 10: if ($NATS_Session->userlevel<9) UL_Error("Action Node"); 11: 12: if (isset($_REQUEST['action'])) 13: { 14: switch($_REQUEST['action']) 15: { 16: case "save_user": 17: $q="UPDATE fnuser SET realname=\"".ss($_REQUEST['realname'])."\",userlevel=".ss($_REQUEST['userlevel']); 18: if ((isset($_REQUEST['pword']))&&($_REQUEST['pword']!="_NOTTHIS_")) $q.=",password=MD5(\"".ss($_REQUEST['pword'])."\")"; 19: $q.=" WHERE username=\"".ss($_REQUEST['username'])."\""; 20: $NATS->DB->Query($q); 21: if ($NATS->DB->Affected_Rows()<=0) $amsg="Save User Failed or Nothing Changed"; 22: else $amsg="Save User ".$_REQUEST['username']." Succeeded"; 23: break; 24: 25: case "create_user": 26: $q="INSERT INTO fnuser(username,password,realname,userlevel) VALUES(\"".ss($_REQUEST['username'])."\","; 27: $q.="MD5(\"".ss($_REQUEST['pword'])."\"),\"".ss($_REQUEST['realname'])."\",".ss($_REQUEST['userlevel']).")"; 28: $NATS->DB->Query($q); 29: //echo $q; 30: if ($NATS->DB->Affected_Rows()<=0) $amsg="Create User Failed"; 31: else $amsg="User ".$_REQUEST['username']." Created"; 32: break; 33: 34: case "delete_user": 35: if ($_REQUEST['username']=="admin") 36: { 37: $amsg="Can't delete the admin user"; 38: break; 39: } 40: if (!isset($_REQUEST['confirmed'])) 41: { 42: $back=urlencode("admin.php?action=delete_user&username=".$_REQUEST['username']."&confirmed=1"); 43: $url="confirm.php?action=Delete+User+".$_REQUEST['username']."&back=".$back; 44: header("Location: ".$url); 45: exit(); 46: } 47: $q="DELETE FROM fnuser WHERE username=\"".ss($_REQUEST['username'])."\""; 48: $NATS->DB->Query($q); 49: $amsg="User ".$_REQUEST['username']." Deleted"; 50: break; 51: 52: case "var_save": 53: if ($_REQUEST['new_var']=="") // delete 54: { 55: $q="DELETE FROM fnconfig WHERE fnc_var=\"".ss($_REQUEST['orig_var'])."\""; 56: } 57: else // update 58: { 59: $q="UPDATE fnconfig SET fnc_var=\"".ss($_REQUEST['new_var'])."\",fnc_val=\"".ss($_REQUEST['new_val'])."\" "; 60: $q.="WHERE fnc_var=\"".ss($_REQUEST['orig_var'])."\""; 61: } 62: $NATS->DB->Query($q); 63: if ($NATS->DB->Affected_Rows()<=0) $amsg="Update/Delete Variable Failed"; 64: else $amsg="Updated/Deleted Variable"; 65: break; 66: case "var_new": 67: $q="INSERT INTO fnconfig(fnc_var,fnc_val) VALUES(\"".ss($_REQUEST['new_var'])."\",\"".ss($_REQUEST['new_val'])."\")"; 68: //echo $q; 69: $NATS->DB->Query($q); 70: if ($NATS->DB->Affected_Rows()<=0) $amsg="Create Variable Failed"; 71: else $amsg="Created Variable"; 72: break; 73: 74: case "save_aa": 75: $q="UPDATE fnalertaction SET "; 76: $q.="atype=\"".ss($_REQUEST['atype'])."\","; 77: $q.="aname=\"".ss($_REQUEST['aname'])."\","; 78: $q.="efrom=\"".ss($_REQUEST['efrom'])."\","; 79: $q.="etolist=\"".ss($_REQUEST['etolist'])."\","; 80: $q.="esubject=".ss($_REQUEST['esubject']).","; 81: $q.="etype=".ss($_REQUEST['etype']); 82: if (isset($_REQUEST['awarnings'])) $q.=",awarnings=".ss($_REQUEST['awarnings']); 83: else $q.=",awarnings=0"; 84: if (isset($_REQUEST['adecrease'])) $q.=",adecrease=".ss($_REQUEST['adecrease']); 85: else $q.=",adecrease=0"; 86: $q.=" WHERE aaid=".ss($_REQUEST['aaid']); 87: //echo $q; 88: $NATS->DB->Query($q); 89: if ($NATS->DB->Affected_Rows()<=0) $amsg="Action Update Failed or Nothing Changed"; 90: else $amsg="Action Updated"; 91: break; 92: 93: case "action_test": 94: $q="SELECT mdata FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid'])." LIMIT 0,1"; 95: $r=$NATS->DB->Query($q); 96: $row=$NATS->DB->Fetch_Array($r); 97: $oldm=$row['mdata']; 98: $q="UPDATE fnalertaction SET mdata=\"** ACTION TEST **\" WHERE aaid=".ss($_REQUEST['aaid']); 99: $NATS->DB->Query($q); 100: $NATS->ActionFlush(); 101: $q="UPDATE fnalertaction SET mdata=\"".ss($oldm)."\" WHERE aaid=".ss($_REQUEST['aaid']); 102: $NATS->DB->Query($q); 103: $amsg="Alert Action Tested & Flushed"; 104: break; 105: 106: case "action_create": 107: $q="INSERT INTO fnalertaction(atype) VALUES(\"\")"; 108: $NATS->DB->Query($q); 109: $amsg="Created New Alert Action"; 110: break; 111: 112: case "action_delete": 113: if (!isset($_REQUEST['confirmed'])) 114: { 115: $back=urlencode("admin.php?aaid_del=".$_REQUEST['aaid_del']."&action=action_delete&confirmed=1"); 116: $url="confirm.php?action=Delete+alert+action&back=".$back; 117: header("Location: ".$url); 118: exit(); 119: } 120: // otherwise confirmed 121: $q="DELETE FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid_del']); 122: $NATS->DB->Query($q); 123: if ($NATS->DB->Affected_Rows()>0) $amsg="Alert Action Deleted"; 124: else $amsg="Alert Action Delete Failed"; 125: $q="DELETE FROM fnnalink WHERE aaid=".ss($_REQUEST['aaid_del']); 126: $NATS->DB->Query($q); 127: break; 128: 129: } 130: } 131: 132: ob_end_flush(); 133: Screen_Header("Administration Interface",1); 134: 135: if (isset($_REQUEST['message'])) echo "<br><b>".$_REQUEST['message']."</b><br>"; 136: if (isset($amsg)) echo "<br><b>".$amsg."</b><br>"; 137: 138: ?> 139: <br> 140: <b class="minortitle">Users</b><br><br> 141: 142: <?php 143: function tul($l) 144: { 145: if ($l>9) return "Administrator"; 146: if ($l>4) return "Power User"; 147: if ($l>0) return "Normal User"; 148: return "Disabled"; 149: } 150: 151: $q="SELECT username,realname,userlevel FROM fnuser"; 152: $r=$NATS->DB->Query($q); 153: echo "<table border=0>"; 154: echo "<tr><td><b>Username </b></td>"; 155: echo "<td><b>Real Name</b></td><td><b>User Level</b></td><td><b>Password</b></td><td><b>Options</b></td></tr>"; 156: while ($row=$NATS->DB->Fetch_Array($r)) 157: { 158: echo "<form action=admin.php method=post>"; 159: echo "<input type=hidden name=action value=save_user>"; 160: echo "<input type=hidden name=username value=\"".$row['username']."\">"; 161: echo "<tr><td>".$row['username']."</td>"; 162: echo "<td><input type=text name=realname value=\"".$row['realname']."\" size=20 maxlength=120></td>"; 163: echo "<td><select name=userlevel>"; 164: echo "<option value=".$row['userlevel'].">".tul($row['userlevel'])."</option>"; 165: echo "<option value=0>".tul(0)."</option>"; 166: echo "<option value=1>".tul(1)."</option>"; 167: echo "<option value=5>".tul(5)."</option>"; 168: echo "<option value=10>".tul(10)."</option>"; 169: echo "</select>"; 170: echo "</td>"; 171: echo "<td><input type=password name=pword value=\"_NOTTHIS_\" size=10 maxlength=128></td>"; 172: echo "<td><input type=submit value=\"Save\"> <a href=admin.php?action=delete_user&username=".$row['username'].">Delete</a></td>"; 173: echo "</tr>"; 174: echo "</form>"; 175: } 176: echo "<form action=admin.php method=post>"; 177: echo "<input type=hidden name=action value=create_user>"; 178: echo "<tr><td><input type=text name=username size=20 maxlength=60></td>"; 179: echo "<td><input type=text name=realname size=20 maxlength=120></td>"; 180: echo "<td><select name=userlevel>"; 181: echo "<option value=1>".tul(1)."</option>"; 182: echo "<option value=0>".tul(0)."</option>"; 183: echo "<option value=5>".tul(5)."</option>"; 184: echo "<option value=10>".tul(10)."</option>"; 185: echo "</select></td>"; 186: echo "<td><input type=password name=pword size=10 maxlength=60></td>"; 187: echo "<td><input type=submit value=\"Create User\"></td>"; 188: echo "</tr></form>"; 189: echo "</table><br>"; 190: echo "<br>"; 191: $NATS->DB->Free($r); 192: 193: echo "<b class=\"minortitle\">Test Sessions</b><br><br>"; 194: $q="SELECT * FROM fntestrun ORDER BY trid DESC"; 195: if (!isset($_REQUEST['ShowAllSessions'])) $q.=" LIMIT 0,5"; 196: $r=$NATS->DB->Query($q); 197: echo "<table border=0>"; 198: while ($row=$NATS->DB->Fetch_Array($r)) 199: { 200: echo "<tr><td><a href=testrun.php?trid=".$row['trid'].">run/".$row['trid']."</a></td>"; 201: echo "<td>".nicedt($row['startx'])." - "; 202: if ($row['finishx']>0) echo nicedt($row['finishx']); 203: else echo "Still Running"; 204: echo " (<a href=log.php?f_entry=Tester+".$row['trid'].">System Logs</a>)"; 205: echo "</td></tr>"; 206: } 207: echo "</table>"; 208: $NATS->DB->Free($r); 209: echo "<br>"; 210: if (!isset($_REQUEST['ShowAllSessions'])) echo "<a href=admin.php?ShowAllSessions=1>Show All Testing Sessions</a><br><br>"; 211: echo "<br>"; 212: 213: echo "<b class=\"minortitle\">Alert Actions</b><br><br>"; 214: 215: function aat_etype($type) 216: { 217: switch ($type) 218: { 219: case 0: return "Short"; 220: case 1: return "Long"; 221: default: return "Unknown"; 222: } 223: } 224: 225: function aat_esub($type) 226: { 227: switch ($type) 228: { 229: case 0: return "Blank"; 230: case 1: return "Short"; 231: case 2: return "Long"; 232: default: return "Unknown"; 233: } 234: } 235: 236: function aat_atype($type) 237: { 238: switch($type) 239: { 240: case "": case "Disabled": return "Disabled"; 241: case "email": return "EMail"; 242: default: return "Unknown"; 243: } 244: } 245: 246: 247: 248: if (isset($_REQUEST['aaid'])) 249: { // view/edit aaid 250: $q="SELECT * FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid']); 251: $r=$NATS->DB->Query($q); 252: if (!$row=$NATS->DB->Fetch_Array($r)) 253: { 254: echo "<b>Error Fetching AAID</b><br><br>"; 255: Screen_Footer(); 256: exit(); 257: } 258: echo "<table border=0>"; 259: echo "<form action=admin.php method=post>"; 260: echo "<input type=hidden name=action value=save_aa>"; 261: echo "<input type=hidden name=aaid value=".$_REQUEST['aaid'].">"; 262: echo "<tr><td>ID : </td><td>action/".$_REQUEST['aaid']."</td></tr>"; 263: 264: echo "<tr><td>Action Name : </td>"; 265: echo "<td>"; 266: echo "<input type=text name=aname size=30 maxlength=120 value=\"".$row['aname']."\">"; 267: echo "</td></tr>"; 268: 269: echo "<tr><td>Type : </td><td>"; 270: echo "<select name=atype>"; 271: echo "<option value=".$row['atype'].">".aat_atype($row['atype'])."</option>"; 272: echo "<option value=Disabled>Disabled</option>"; 273: echo "<option value=email>EMail</option>"; 274: echo "</select>"; 275: echo "</td></tr>"; 276: 277: echo "<tr><td>Warnings : </td>"; 278: if ($row['awarnings']==1) $s=" checked"; 279: else $s=""; 280: echo "<td><input type=checkbox name=awarnings value=1".$s."></td></tr>"; 281: 282: echo "<tr><td>Decreases : </td>"; 283: if ($row['adecrease']==1) $s=" checked"; 284: else $s=""; 285: echo "<td><input type=checkbox name=adecrease value=1".$s."></td></tr>"; 286: 287: echo "<tr><td>Email From : </td>"; 288: echo "<td>"; 289: echo "<input type=text name=efrom size=30 maxlength=120 value=\"".$row['efrom']."\">"; 290: echo "</td></tr>"; 291: 292: echo "<tr><td>Email Subject : </td><td>"; 293: echo "<select name=esubject>"; 294: echo "<option value=".$row['esubject'].">".aat_esub($row['esubject'])."</option>"; 295: echo "<option value=0>Blank</option>"; 296: echo "<option value=1>Short</option>"; 297: echo "<option value=2>Long</option>"; 298: echo "</select>"; 299: echo "</td></tr>"; 300: 301: echo "<tr><td>Email Type : </td><td>"; 302: echo "<select name=etype>"; 303: echo "<option value=".$row['etype'].">".aat_etype($row['etype'])."</option>"; 304: echo "<option value=0>Short</option>"; 305: echo "<option value=1>Long</option>"; 306: echo "</select>"; 307: echo "</td></tr>"; 308: 309: echo "<tr><td valign=top>Email To : </td><td>"; 310: echo "<textarea name=etolist cols=40 rows=6>".$row['etolist']."</textarea>"; 311: echo "</td></tr>"; 312: 313: echo "<tr><td colspan=2><input type=submit value=\"Update Action\"> <a href=admin.php>Cancel Update</a> | "; 314: echo "<a href=admin.php?aaid=".$_REQUEST['aaid']."&action=action_test>Test Action</a> | "; 315: echo "<a href=admin.php?aaid_del=".$_REQUEST['aaid']."&action=action_delete>Delete Action</a>"; 316: echo "</td></tr>"; 317: 318: echo "</form></table><br><br>"; 319: $NATS->DB->Free($r); 320: } 321: 322: $q="SELECT aaid,atype,aname FROM fnalertaction"; 323: $r=$NATS->DB->Query($q); 324: while ($row=$NATS->DB->Fetch_Array($r)) 325: { 326: echo "<a href=admin.php?aaid=".$row['aaid'].">action/".$row['aaid']." : ".$row['aname']."</a> - "; 327: echo aat_atype($row['atype']); 328: echo "<br>"; 329: } 330: 331: echo "<br><a href=admin.php?action=action_create><b>Create New Alert Action</b></a><br>"; 332: echo "<br><br>"; 333: 334: echo "<b class=\"minortitle\">System Logs</b><br><br>"; 335: echo "<a href=log.php>System Event Log</a><br><br>"; 336: 337: echo "<br><br>"; 338: 339: echo "<b class=\"minortitle\">Variables</b> ".hlink("Variable")."<br><br>"; 340: $q="SELECT * FROM fnconfig ORDER BY fnc_var ASC"; 341: $r=$NATS->DB->Query($q); 342: echo "<table border=0>"; 343: while ($row=$NATS->DB->Fetch_Array($r)) 344: { 345: echo "<form action=admin.php method=post>"; 346: echo "<input type=hidden name=action value=var_save>"; 347: echo "<input type=hidden name=orig_var value=\"".$row['fnc_var']."\">"; 348: echo "<input type=hidden name=orig_val value=\"".$row['fnc_val']."\">"; 349: echo "<tr><td><input type=text size=20 maxlength=60 name=new_var value=\"".$row['fnc_var']."\"> "; 350: echo "</td>"; 351: echo "<td>=</td>"; 352: echo "<td><input type=text size=20 maxlength=60 name=new_val value=\"".$row['fnc_val']."\"></td>"; 353: echo "<td><input type=submit value=\"Save\"> "; 354: echo hlink("Var:".$row['fnc_var']); 355: echo "</td>"; 356: echo "</tr>"; 357: echo "</form>"; 358: } 359: echo "<form action=admin.php method=post>"; 360: echo "<input type=hidden name=action value=var_new>"; 361: echo "<tr><td><input type=text size=20 maxlength=60 name=new_var value=\"\"></td>"; 362: echo "<td>=</td>"; 363: echo "<td><input type=text size=20 maxlength=60 name=new_val value=\"\"></td>"; 364: echo "<td><input type=submit value=\"Create\"></td>"; 365: echo "</tr>"; 366: echo "</form>"; 367: echo "</table>"; 368: 369: ?> 370: 371: 372: <?php 373: Screen_Footer(); 374: ?> 375: