Viewing File server/web/admin.php of 0.02.27a
|
1: <?php 2: /* ------------------------------------------------------------- 3: This file is part of FreeNATS 4: 5: FreeNATS is (C) Copyright 2008 PurplePixie Systems 6: 7: FreeNATS is free software: you can redistribute it and/or modify 8: it under the terms of the GNU General Public License as published by 9: the Free Software Foundation, either version 3 of the License, or 10: (at your option) any later version. 11: 12: FreeNATS is distributed in the hope that it will be useful, 13: but WITHOUT ANY WARRANTY; without even the implied warranty of 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15: GNU General Public License for more details. 16: 17: You should have received a copy of the GNU General Public License 18: along with Foobar. If not, see www.gnu.org/licenses 19: 20: For more information see www.purplepixie.org/freenats 21: -------------------------------------------------------------- */ 22: 23: ob_start(); 24: require("include.php"); 25: $NATS->Start(); 26: if (!$NATS_Session->Check($NATS->DB)) 27: { 28: header("Location: ./?login_msg=Invalid+Or+Expired+Session"); 29: exit(); 30: } 31: if ($NATS_Session->userlevel<9) UL_Error("Action Node"); 32: 33: if (isset($_REQUEST['action'])) 34: { 35: switch($_REQUEST['action']) 36: { 37: case "save_user": 38: $q="UPDATE fnuser SET realname=\"".ss($_REQUEST['realname'])."\",userlevel=".ss($_REQUEST['userlevel']); 39: if ((isset($_REQUEST['pword']))&&($_REQUEST['pword']!="_NOTTHIS_")) $q.=",password=MD5(\"".ss($_REQUEST['pword'])."\")"; 40: $q.=" WHERE username=\"".ss($_REQUEST['username'])."\""; 41: $NATS->DB->Query($q); 42: if ($NATS->DB->Affected_Rows()<=0) $amsg="Save User Failed or Nothing Changed"; 43: else $amsg="Save User ".$_REQUEST['username']." Succeeded"; 44: break; 45: 46: case "create_user": 47: $q="INSERT INTO fnuser(username,password,realname,userlevel) VALUES(\"".ss($_REQUEST['username'])."\","; 48: $q.="MD5(\"".ss($_REQUEST['pword'])."\"),\"".ss($_REQUEST['realname'])."\",".ss($_REQUEST['userlevel']).")"; 49: $NATS->DB->Query($q); 50: //echo $q; 51: if ($NATS->DB->Affected_Rows()<=0) $amsg="Create User Failed"; 52: else $amsg="User ".$_REQUEST['username']." Created"; 53: break; 54: 55: case "delete_user": 56: if ($_REQUEST['username']=="admin") 57: { 58: $amsg="Can't delete the admin user"; 59: break; 60: } 61: if (!isset($_REQUEST['confirmed'])) 62: { 63: $back=urlencode("admin.php?action=delete_user&username=".$_REQUEST['username']."&confirmed=1"); 64: $url="confirm.php?action=Delete+User+".$_REQUEST['username']."&back=".$back; 65: header("Location: ".$url); 66: exit(); 67: } 68: $q="DELETE FROM fnuser WHERE username=\"".ss($_REQUEST['username'])."\""; 69: $NATS->DB->Query($q); 70: $amsg="User ".$_REQUEST['username']." Deleted"; 71: break; 72: 73: case "var_save": 74: if ($_REQUEST['new_var']=="") // delete 75: { 76: $q="DELETE FROM fnconfig WHERE fnc_var=\"".ss($_REQUEST['orig_var'])."\""; 77: } 78: else // update 79: { 80: $q="UPDATE fnconfig SET fnc_var=\"".ss($_REQUEST['new_var'])."\",fnc_val=\"".ss($_REQUEST['new_val'])."\" "; 81: $q.="WHERE fnc_var=\"".ss($_REQUEST['orig_var'])."\""; 82: } 83: $NATS->DB->Query($q); 84: if ($NATS->DB->Affected_Rows()<=0) $amsg="Update/Delete Variable Failed"; 85: else $amsg="Updated/Deleted Variable"; 86: break; 87: case "var_new": 88: $q="INSERT INTO fnconfig(fnc_var,fnc_val) VALUES(\"".ss($_REQUEST['new_var'])."\",\"".ss($_REQUEST['new_val'])."\")"; 89: //echo $q; 90: $NATS->DB->Query($q); 91: if ($NATS->DB->Affected_Rows()<=0) $amsg="Create Variable Failed"; 92: else $amsg="Created Variable"; 93: break; 94: 95: case "save_aa": 96: $q="UPDATE fnalertaction SET "; 97: $q.="atype=\"".ss($_REQUEST['atype'])."\","; 98: $q.="ctrlimit=".ss($_REQUEST['ctrlimit']).","; 99: $q.="ctrtoday=".ss($_REQUEST['ctrtoday']).","; 100: $q.="aname=\"".ss($_REQUEST['aname'])."\","; 101: $q.="efrom=\"".ss($_REQUEST['efrom'])."\","; 102: $q.="etolist=\"".ss($_REQUEST['etolist'])."\","; 103: $q.="esubject=".ss($_REQUEST['esubject']).","; 104: $q.="etype=".ss($_REQUEST['etype']); 105: if (isset($_REQUEST['awarnings'])) $q.=",awarnings=".ss($_REQUEST['awarnings']); 106: else $q.=",awarnings=0"; 107: if (isset($_REQUEST['adecrease'])) $q.=",adecrease=".ss($_REQUEST['adecrease']); 108: else $q.=",adecrease=0"; 109: $q.=" WHERE aaid=".ss($_REQUEST['aaid']); 110: //echo $q; 111: $NATS->DB->Query($q); 112: if ($NATS->DB->Affected_Rows()<=0) $amsg="Action Update Failed or Nothing Changed"; 113: else $amsg="Action Updated"; 114: break; 115: 116: case "action_test": 117: $q="SELECT mdata FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid'])." LIMIT 0,1"; 118: $r=$NATS->DB->Query($q); 119: $row=$NATS->DB->Fetch_Array($r); 120: $oldm=$row['mdata']; 121: $q="UPDATE fnalertaction SET mdata=\"** ACTION TEST **\" WHERE aaid=".ss($_REQUEST['aaid']); 122: $NATS->DB->Query($q); 123: $NATS->ActionFlush(); 124: $q="UPDATE fnalertaction SET mdata=\"".ss($oldm)."\" WHERE aaid=".ss($_REQUEST['aaid']); 125: $NATS->DB->Query($q); 126: $amsg="Alert Action Tested & Flushed"; 127: break; 128: 129: case "action_create": 130: $q="INSERT INTO fnalertaction(atype) VALUES(\"\")"; 131: $NATS->DB->Query($q); 132: $amsg="Created New Alert Action"; 133: break; 134: 135: case "action_delete": 136: if (!isset($_REQUEST['confirmed'])) 137: { 138: $back=urlencode("admin.php?aaid_del=".$_REQUEST['aaid_del']."&action=action_delete&confirmed=1"); 139: $url="confirm.php?action=Delete+alert+action&back=".$back; 140: header("Location: ".$url); 141: exit(); 142: } 143: // otherwise confirmed 144: $q="DELETE FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid_del']); 145: $NATS->DB->Query($q); 146: if ($NATS->DB->Affected_Rows()>0) $amsg="Alert Action Deleted"; 147: else $amsg="Alert Action Delete Failed"; 148: $q="DELETE FROM fnnalink WHERE aaid=".ss($_REQUEST['aaid_del']); 149: $NATS->DB->Query($q); 150: break; 151: 152: } 153: } 154: 155: ob_end_flush(); 156: Screen_Header("Administration Interface",1); 157: 158: if (isset($_REQUEST['message'])) echo "<br><b>".$_REQUEST['message']."</b><br>"; 159: if (isset($amsg)) echo "<br><b>".$amsg."</b><br>"; 160: 161: ?> 162: <br> 163: <b class="minortitle">Users</b><br><br> 164: 165: <?php 166: function tul($l) 167: { 168: if ($l>9) return "Administrator"; 169: if ($l>4) return "Power User"; 170: if ($l>0) return "Normal User"; 171: return "Disabled"; 172: } 173: 174: $q="SELECT username,realname,userlevel FROM fnuser"; 175: $r=$NATS->DB->Query($q); 176: echo "<table border=0>"; 177: echo "<tr><td><b>Username </b></td>"; 178: echo "<td><b>Real Name</b></td><td><b>User Level</b></td><td><b>Password</b></td><td><b>Options</b></td></tr>"; 179: while ($row=$NATS->DB->Fetch_Array($r)) 180: { 181: echo "<form action=admin.php method=post>"; 182: echo "<input type=hidden name=action value=save_user>"; 183: echo "<input type=hidden name=username value=\"".$row['username']."\">"; 184: echo "<tr><td>".$row['username']."</td>"; 185: echo "<td><input type=text name=realname value=\"".$row['realname']."\" size=20 maxlength=120></td>"; 186: echo "<td><select name=userlevel>"; 187: echo "<option value=".$row['userlevel'].">".tul($row['userlevel'])."</option>"; 188: echo "<option value=0>".tul(0)."</option>"; 189: echo "<option value=1>".tul(1)."</option>"; 190: echo "<option value=5>".tul(5)."</option>"; 191: echo "<option value=10>".tul(10)."</option>"; 192: echo "</select>"; 193: echo "</td>"; 194: echo "<td><input type=password name=pword value=\"_NOTTHIS_\" size=10 maxlength=128></td>"; 195: echo "<td><input type=submit value=\"Save\"> <a href=admin.php?action=delete_user&username=".$row['username'].">Delete</a></td>"; 196: echo "</tr>"; 197: echo "</form>"; 198: } 199: echo "<form action=admin.php method=post>"; 200: echo "<input type=hidden name=action value=create_user>"; 201: echo "<tr><td><input type=text name=username size=20 maxlength=60></td>"; 202: echo "<td><input type=text name=realname size=20 maxlength=120></td>"; 203: echo "<td><select name=userlevel>"; 204: echo "<option value=1>".tul(1)."</option>"; 205: echo "<option value=0>".tul(0)."</option>"; 206: echo "<option value=5>".tul(5)."</option>"; 207: echo "<option value=10>".tul(10)."</option>"; 208: echo "</select></td>"; 209: echo "<td><input type=password name=pword size=10 maxlength=60></td>"; 210: echo "<td><input type=submit value=\"Create User\"></td>"; 211: echo "</tr></form>"; 212: echo "</table><br>"; 213: echo "<br>"; 214: $NATS->DB->Free($r); 215: 216: echo "<b class=\"minortitle\">Test Sessions</b><br><br>"; 217: $q="SELECT * FROM fntestrun ORDER BY trid DESC"; 218: if (!isset($_REQUEST['ShowAllSessions'])) $q.=" LIMIT 0,5"; 219: $r=$NATS->DB->Query($q); 220: echo "<table border=0>"; 221: while ($row=$NATS->DB->Fetch_Array($r)) 222: { 223: echo "<tr><td><a href=testrun.php?trid=".$row['trid'].">run/".$row['trid']."</a></td>"; 224: echo "<td>".nicedt($row['startx'])." - "; 225: if ($row['finishx']>0) echo nicedt($row['finishx']); 226: else echo "Still Running"; 227: echo " (<a href=log.php?f_entry=Tester+".$row['trid'].">System Logs</a>)"; 228: echo "</td></tr>"; 229: } 230: echo "</table>"; 231: $NATS->DB->Free($r); 232: echo "<br>"; 233: if (!isset($_REQUEST['ShowAllSessions'])) echo "<a href=admin.php?ShowAllSessions=1>Show All Testing Sessions</a><br><br>"; 234: echo "<br>"; 235: 236: echo "<b class=\"minortitle\">Alert Actions</b><br><br>"; 237: 238: function aat_etype($type) 239: { 240: switch ($type) 241: { 242: case 0: return "Short"; 243: case 1: return "Long"; 244: default: return "Unknown"; 245: } 246: } 247: 248: function aat_esub($type) 249: { 250: switch ($type) 251: { 252: case 0: return "Blank"; 253: case 1: return "Short"; 254: case 2: return "Long"; 255: default: return "Unknown"; 256: } 257: } 258: 259: function aat_atype($type) 260: { 261: switch($type) 262: { 263: case "": case "Disabled": return "Disabled"; 264: case "email": return "EMail"; 265: default: return "Unknown"; 266: } 267: } 268: 269: 270: 271: if (isset($_REQUEST['aaid'])) 272: { // view/edit aaid 273: $q="SELECT * FROM fnalertaction WHERE aaid=".ss($_REQUEST['aaid']); 274: $r=$NATS->DB->Query($q); 275: if (!$row=$NATS->DB->Fetch_Array($r)) 276: { 277: echo "<b>Error Fetching AAID</b><br><br>"; 278: Screen_Footer(); 279: exit(); 280: } 281: echo "<table border=0>"; 282: echo "<form action=admin.php method=post>"; 283: echo "<input type=hidden name=action value=save_aa>"; 284: echo "<input type=hidden name=aaid value=".$_REQUEST['aaid'].">"; 285: echo "<tr><td>ID : </td><td>action/".$_REQUEST['aaid']."</td></tr>"; 286: 287: echo "<tr><td>Action Name : </td>"; 288: echo "<td>"; 289: echo "<input type=text name=aname size=30 maxlength=120 value=\"".$row['aname']."\">"; 290: echo "</td></tr>"; 291: 292: echo "<tr><td>Type : </td><td>"; 293: echo "<select name=atype>"; 294: echo "<option value=".$row['atype'].">".aat_atype($row['atype'])."</option>"; 295: echo "<option value=Disabled>Disabled</option>"; 296: echo "<option value=email>EMail</option>"; 297: echo "</select>"; 298: echo "</td></tr>"; 299: 300: echo "<tr><td>Warnings : </td>"; 301: if ($row['awarnings']==1) $s=" checked"; 302: else $s=""; 303: echo "<td><input type=checkbox name=awarnings value=1".$s."> ".hlink("AAction:Warnings")."</td></tr>"; 304: 305: echo "<tr><td>Decreases : </td>"; 306: if ($row['adecrease']==1) $s=" checked"; 307: else $s=""; 308: echo "<td><input type=checkbox name=adecrease value=1".$s."> ".hlink("AAction:Decreases")."</td></tr>"; 309: 310: echo "<tr><td>Action Limit : </td>"; 311: echo "<td>"; 312: echo "<input type=text name=ctrlimit size=3 maxlength=6 value=\"".$row['ctrlimit']."\"> "; 313: echo hlink("AAction:Limit"); 314: echo "</td></tr>"; 315: 316: echo "<tr><td>Action Counter : </td>"; 317: echo "<td>"; 318: echo "<input type=text name=ctrtoday size=3 maxlength=6 value=\"".$row['ctrtoday']."\"> "; 319: echo hlink("AAction:Counter"); 320: echo " (for "; 321: if ($row['ctrdate']=="") echo "<i>unknown</i>"; 322: else echo substr($row['ctrdate'],6,2)."/".substr($row['ctrdate'],4,2)."/".substr($row['ctrdate'],0,4); 323: echo ")"; 324: echo "</td></tr>"; 325: 326: echo "<tr><td>Email From : </td>"; 327: echo "<td>"; 328: echo "<input type=text name=efrom size=30 maxlength=120 value=\"".$row['efrom']."\">"; 329: echo "</td></tr>"; 330: 331: echo "<tr><td>Email Subject : </td><td>"; 332: echo "<select name=esubject>"; 333: echo "<option value=".$row['esubject'].">".aat_esub($row['esubject'])."</option>"; 334: echo "<option value=0>Blank</option>"; 335: echo "<option value=1>Short</option>"; 336: echo "<option value=2>Long</option>"; 337: echo "</select>"; 338: echo "</td></tr>"; 339: 340: echo "<tr><td>Email Type : </td><td>"; 341: echo "<select name=etype>"; 342: echo "<option value=".$row['etype'].">".aat_etype($row['etype'])."</option>"; 343: echo "<option value=0>Short</option>"; 344: echo "<option value=1>Long</option>"; 345: echo "</select>"; 346: echo "</td></tr>"; 347: 348: echo "<tr><td valign=top>Email To : </td><td>"; 349: echo "<textarea name=etolist cols=40 rows=6>".$row['etolist']."</textarea>"; 350: echo "</td></tr>"; 351: 352: echo "<tr><td colspan=2><input type=submit value=\"Update Action\"> <a href=admin.php>Cancel Update</a> | "; 353: echo "<a href=admin.php?aaid=".$_REQUEST['aaid']."&action=action_test>Test Action</a> | "; 354: echo "<a href=admin.php?aaid_del=".$_REQUEST['aaid']."&action=action_delete>Delete Action</a>"; 355: echo "</td></tr>"; 356: 357: echo "</form></table><br><br>"; 358: $NATS->DB->Free($r); 359: } 360: 361: $q="SELECT aaid,atype,aname FROM fnalertaction"; 362: $r=$NATS->DB->Query($q); 363: while ($row=$NATS->DB->Fetch_Array($r)) 364: { 365: echo "<a href=admin.php?aaid=".$row['aaid'].">action/".$row['aaid']." : ".$row['aname']."</a> - "; 366: echo aat_atype($row['atype']); 367: echo "<br>"; 368: } 369: 370: echo "<br><a href=admin.php?action=action_create><b>Create New Alert Action</b></a><br>"; 371: echo "<br><br>"; 372: 373: echo "<b class=\"minortitle\">System Logs</b><br><br>"; 374: echo "<a href=log.php>System Event Log</a><br><br>"; 375: 376: echo "<br><br>"; 377: 378: echo "<b class=\"minortitle\">Variables</b> ".hlink("Variable")."<br><br>"; 379: $q="SELECT * FROM fnconfig ORDER BY fnc_var ASC"; 380: $r=$NATS->DB->Query($q); 381: echo "<table border=0>"; 382: while ($row=$NATS->DB->Fetch_Array($r)) 383: { 384: echo "<form action=admin.php method=post>"; 385: echo "<input type=hidden name=action value=var_save>"; 386: echo "<input type=hidden name=orig_var value=\"".$row['fnc_var']."\">"; 387: echo "<input type=hidden name=orig_val value=\"".$row['fnc_val']."\">"; 388: echo "<tr><td><input type=text size=20 maxlength=60 name=new_var value=\"".$row['fnc_var']."\"> "; 389: echo "</td>"; 390: echo "<td>=</td>"; 391: echo "<td><input type=text size=20 maxlength=60 name=new_val value=\"".$row['fnc_val']."\"></td>"; 392: echo "<td><input type=submit value=\"Save\"> "; 393: echo hlink("Var:".$row['fnc_var']); 394: echo "</td>"; 395: echo "</tr>"; 396: echo "</form>"; 397: } 398: echo "<form action=admin.php method=post>"; 399: echo "<input type=hidden name=action value=var_new>"; 400: echo "<tr><td><input type=text size=20 maxlength=60 name=new_var value=\"\"></td>"; 401: echo "<td>=</td>"; 402: echo "<td><input type=text size=20 maxlength=60 name=new_val value=\"\"></td>"; 403: echo "<td><input type=submit value=\"Create\"></td>"; 404: echo "</tr>"; 405: echo "</form>"; 406: echo "</table>"; 407: 408: ?> 409: 410: 411: <?php 412: Screen_Footer(); 413: ?> 414: