CX: Viewing File server/web/admin.php of 0.02.18a

File: 0.02.18a/server/web/admin.php (View as Code)

1: 2: /* ------------------------------------------------------------- 3: This file is part of FreeNATS 4: 5: FreeNATS is (C) Copyright 2008 PurplePixie Systems 6: 7: FreeNATS is free software: you can redistribute it and/or modify 8: it under the terms of the GNU General Public License as published by 9: the Free Software Foundation, either version 3 of the License, or 10: (at your option) any later version. 11: 12: FreeNATS is distributed in the hope that it will be useful, 13: but WITHOUT ANY WARRANTY; without even the implied warranty of 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15: GNU General Public License for more details. 16: 17: You should have received a copy of the GNU General Public License 18: along with Foobar. If not, see www.gnu.org/licenses 19: 20: For more information see www.purplepixie.org/freenats 21: -------------------------------------------------------------- */ 22: 23: ob_start(); 24: require("include.php"); 25: $NATS->Start(); 26: if (!$NATS_Session->Check($NATS->DB)) 27: { 28: header("Location: ./?login_msg=Invalid+Or+Expired+Session"); 29: exit(); 30: } 31: if ($NATS_Session->userlevel<9) UL_Error("Action Node"); 32: 33: if (isset($_REQUEST['action'])) 34: { 35: switch($_REQUEST['action']) 36: { 37: case "save_user": 38: $q="UPDATE fnuser SET realname=\"".ss($_REQUEST['realname'])."\",userlevel=".ss($_REQUEST['userlevel']); 39: if ((isset($_REQUEST['pword']))&&($_REQUEST['pword']!="_NOTTHIS_")) $q.=",password=MD5(\"".ss($_REQUEST['pword'])."\")"; 40: $q.=" WHERE username=\"".ss($_REQUEST['username'])."\""; 41: $NATS->DB->Query($q); 42: if ($NATS->DB->Affected_Rows()<=0) $amsg="Save User Failed or Nothing Changed"; 43: else $amsg="Save User ".$_REQUEST['username']." Succeeded"; 44: break; 45: 46: case "create_user": 47: $q="INSERT INTO fnuser(username,password,realname,userlevel) VALUES(\"".ss($_REQUEST['username'])."\","; 48: $q.="MD5(\"".ss($_REQUEST['pword'])."\"),\"".ss($_REQUEST['realname'])."\",".ss($_REQUEST['userlevel']).")"; 49: $NATS->DB->Query($q); 50: //echo $q; 51: if ($NATS->DB->Affected_Rows()<=0) $amsg="Create User Failed"; 52: else $amsg="User ".$_REQUEST['username']." Created"; 53: break; 54: 55: case "delete_user": 56: if ($_REQUEST['username']=="admin") 57: { 58: $amsg="Can't delete the admin user"; 59: break; 60: } 61: if (!isset($_REQUEST['confirmed'])) 62: { 63: $back=urlencode("admin.php?action=delete_user&username=".$_REQUEST['username']."&confirmed=1"); 64: $url="confirm.php?action=Delete+User+".$_REQUEST['username']."&back=".$back; 65: header("Location: ".$url); 66: exit(); 67: } 68: $q="DELETE FROM fnuser WHERE username=\"".ss($_REQUEST['username'])."\""; 69: $NATS->DB->Query($q); 70: $amsg="User ".$_REQUEST['username']." Deleted"; 71: break; 72: 73: case "var_save": 74: if ($_REQUEST['new_var']=="") // delete 75: { 76: $q="DELETE FROM fnconfig WHERE fnc_var=\"".ss($_REQUEST['orig_var'])."\""; 77: } 78: else // update 79: { 80: $q="UPDATE fnconfig SET fnc_var=\"".ss($_REQUEST['new_var'])."\",fnc_val=\"".ss($_REQUEST['new_val'])."\" "; 81: $q.="WHERE fnc_var=\"".ss($_REQUEST['orig_var'])."\""; 82: } 83: $NATS->DB->Query($q); 84: if ($NATS->DB->Affected_Rows()<=0) $amsg="Update/Delete Variable Failed"; 85: else $amsg="Updated/Deleted Variable"; 86: break; 87: case "var_new": 88: $q="INSERT INTO fnconfig(fnc_var,fnc_val) VALUES(\"".ss($_REQUEST['new_var'])."\",\"".ss($_REQUEST['new_val'])."\")"; 89: //echo $q; 90: $NATS->DB->Query($q); 91: if ($NATS->DB->Affected_Rows()<=0) $amsg="Create Variable Failed"; 92: else $amsg="Created Variable"; 93: break; 94: 95: case "save_aa": 96: $q="UPDATE fnalertaction SET "; 97: $q.="atype=\"".ss($_REQUEST['atype'])."\","; 98: $q.="aname=\"".ss($_REQUEST['aname'])."\","; 99: $q.="efrom=\"".ss($_REQUEST['efrom'])."\","; 100: $q.="etolist=\"".ss($_REQUEST['etolist'])."\","; 101: $q.="esubject=".ss($_REQUEST['esubject']).","; 102: $q.="etype=".ss($_REQUEST['etype']); 103: if (isset($_REQUEST['awarnings'])) $q.=",awarnings=".ss($_REQUEST['awarnings']); 104: else $q.=",awarnings=0"; 105: if (isset($_REQUEST['adecrease'])) $q.=",adecrease=".ss($_REQUEST['adecrease']); 106: else $q.=",adecrease=0"; 107: $q.=" WHERE aaid=".ss($_REQUEST['aaid']); 108: //echo $q; 109: $NATS->DB->Query($q); 110: if ($NATS->DB->Affected_Rows()<=0) $amsg="Action Update Failed or Nothing Changed"; 111: else $amsg="Action Updated"; 112: break; 113: 114: case "action_test": 115: $q="SELECT mdata FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid'])." LIMIT 0,1"; 116: $r=$NATS->DB->Query($q); 117: $row=$NATS->DB->Fetch_Array($r); 118: $oldm=$row['mdata']; 119: $q="UPDATE fnalertaction SET mdata=\"** ACTION TEST **\" WHERE aaid=".ss($_REQUEST['aaid']); 120: $NATS->DB->Query($q); 121: $NATS->ActionFlush(); 122: $q="UPDATE fnalertaction SET mdata=\"".ss($oldm)."\" WHERE aaid=".ss($_REQUEST['aaid']); 123: $NATS->DB->Query($q); 124: $amsg="Alert Action Tested & Flushed"; 125: break; 126: 127: case "action_create": 128: $q="INSERT INTO fnalertaction(atype) VALUES(\"\")"; 129: $NATS->DB->Query($q); 130: $amsg="Created New Alert Action"; 131: break; 132: 133: case "action_delete": 134: if (!isset($_REQUEST['confirmed'])) 135: { 136: $back=urlencode("admin.php?aaid_del=".$_REQUEST['aaid_del']."&action=action_delete&confirmed=1"); 137: $url="confirm.php?action=Delete+alert+action&back=".$back; 138: header("Location: ".$url); 139: exit(); 140: } 141: // otherwise confirmed 142: $q="DELETE FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid_del']); 143: $NATS->DB->Query($q); 144: if ($NATS->DB->Affected_Rows()>0) $amsg="Alert Action Deleted"; 145: else $amsg="Alert Action Delete Failed"; 146: $q="DELETE FROM fnnalink WHERE aaid=".ss($_REQUEST['aaid_del']); 147: $NATS->DB->Query($q); 148: break; 149: 150: } 151: } 152: 153: ob_end_flush(); 154: Screen_Header("Administration Interface",1); 155: 156: if (isset($_REQUEST['message'])) echo "
".$_REQUEST['message']."
"; 157: if (isset($amsg)) echo "
".$amsg."
"; 158: 159: ?> 160:
161: Users

162: 163: 164: function tul($l) 165: { 166: if ($l>9) return "Administrator"; 167: if ($l>4) return "Power User"; 168: if ($l>0) return "Normal User"; 169: return "Disabled"; 170: } 171: 172: $q="SELECT username,realname,userlevel FROM fnuser"; 173: $r=$NATS->DB->Query($q); 174: echo ""; 175: echo ""; 176: echo ""; 177: while ($row=$NATS->DB->Fetch_Array($r)) 178: { 179: echo ""; 180: echo ""; 181: echo ""; 182: echo ""; 183: echo ""; 184: echo ""; 192: echo ""; 193: echo ""; 194: echo ""; 195: echo ""; 196: } 197: echo ""; 198: echo ""; 199: echo ""; 200: echo ""; 201: echo ""; 207: echo ""; 208: echo ""; 209: echo ""; 210: echo "

Username	Real Name	User Level	Password	Options
".$row['username']."		"; 191: echo "		Delete

"; 211: echo "
"; 212: $NATS->DB->Free($r); 213: 214: echo "Test Sessions

"; 215: $q="SELECT * FROM fntestrun ORDER BY trid DESC"; 216: if (!isset($_REQUEST['ShowAllSessions'])) $q.=" LIMIT 0,5"; 217: $r=$NATS->DB->Query($q); 218: echo ""; 219: while ($row=$NATS->DB->Fetch_Array($r)) 220: { 221: echo ""; 222: echo ""; 227: } 228: echo "

run/".$row['trid']."

".nicedt($row['startx'])." - "; 223: if ($row['finishx']>0) echo nicedt($row['finishx']); 224: else echo "Still Running"; 225: echo " (System Logs)"; 226: echo "

"; 229: $NATS->DB->Free($r); 230: echo "
"; 231: if (!isset($_REQUEST['ShowAllSessions'])) echo "Show All Testing Sessions

"; 232: echo "
"; 233: 234: echo "Alert Actions

"; 235: 236: function aat_etype($type) 237: { 238: switch ($type) 239: { 240: case 0: return "Short"; 241: case 1: return "Long"; 242: default: return "Unknown"; 243: } 244: } 245: 246: function aat_esub($type) 247: { 248: switch ($type) 249: { 250: case 0: return "Blank"; 251: case 1: return "Short"; 252: case 2: return "Long"; 253: default: return "Unknown"; 254: } 255: } 256: 257: function aat_atype($type) 258: { 259: switch($type) 260: { 261: case "": case "Disabled": return "Disabled"; 262: case "email": return "EMail"; 263: default: return "Unknown"; 264: } 265: } 266: 267: 268: 269: if (isset($_REQUEST['aaid'])) 270: { // view/edit aaid 271: $q="SELECT * FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid']); 272: $r=$NATS->DB->Query($q); 273: if (!$row=$NATS->DB->Fetch_Array($r)) 274: { 275: echo "Error Fetching AAID

"; 276: Screen_Footer(); 277: exit(); 278: } 279: echo ""; 280: echo ""; 281: echo ""; 282: echo ""; 283: echo ""; 284: 285: echo ""; 286: echo ""; 289: 290: echo ""; 297: 298: echo ""; 299: if ($row['awarnings']==1) $s=" checked"; 300: else $s=""; 301: echo ""; 302: 303: echo ""; 304: if ($row['adecrease']==1) $s=" checked"; 305: else $s=""; 306: echo ""; 307: 308: echo ""; 309: echo ""; 312: 313: echo ""; 321: 322: echo ""; 329: 330: echo ""; 333: 334: echo ""; 338: 339: echo "

ID :	action/".$_REQUEST['aaid']."
Action Name :	"; 287: echo ""; 288: echo "
Type :	"; 291: echo ""; 296: echo "
Warnings :
Decreases :
Email From :	"; 310: echo ""; 311: echo "
Email Subject :	"; 314: echo ""; 320: echo "
Email Type :	"; 323: echo ""; 328: echo "
Email To :	"; 331: echo "".$row['etolist'].""; 332: echo "
Cancel Update \| "; 335: echo "Test Action \| "; 336: echo "Delete Action"; 337: echo "

"; 340: $NATS->DB->Free($r); 341: } 342: 343: $q="SELECT aaid,atype,aname FROM fnalertaction"; 344: $r=$NATS->DB->Query($q); 345: while ($row=$NATS->DB->Fetch_Array($r)) 346: { 347: echo "action/".$row['aaid']." : ".$row['aname']." - "; 348: echo aat_atype($row['atype']); 349: echo "
"; 350: } 351: 352: echo "
Create New Alert Action
"; 353: echo "

"; 354: 355: echo "System Logs

"; 356: echo "System Event Log

"; 357: 358: echo "

"; 359: 360: echo "Variables ".hlink("Variable")."

"; 361: $q="SELECT * FROM fnconfig ORDER BY fnc_var ASC"; 362: $r=$NATS->DB->Query($q); 363: echo ""; 364: while ($row=$NATS->DB->Fetch_Array($r)) 365: { 366: echo ""; 367: echo ""; 368: echo ""; 369: echo ""; 370: echo ""; 372: echo ""; 373: echo ""; 374: echo ""; 377: echo ""; 378: echo ""; 379: } 380: echo ""; 381: echo ""; 382: echo ""; 383: echo ""; 384: echo ""; 385: echo ""; 386: echo ""; 387: echo ""; 388: echo "

"; 371: echo "	=		"; 375: echo hlink("Var:".$row['fnc_var']); 376: echo "
	=

"; 389: 390: ?> 391: 392: 393: 394: Screen_Footer(); 395: ?> 396: