Refactored user, vlan and zone

master
Thomas Hooge 2 years ago
parent c63b500d77
commit 32bd592098
  1. 26
      submit.php
  2. 4
      tpl/user.tpl
  3. 5
      tpl/useradd.tpl
  4. 9
      tpl/userdel.tpl
  5. 7
      tpl/useredit.tpl
  6. 8
      tpl/userview.tpl
  7. 4
      tpl/vlan.tpl
  8. 5
      tpl/vlanadd.tpl
  9. 9
      tpl/vlandel.tpl
  10. 7
      tpl/vlanedit.tpl
  11. 6
      tpl/vlanview.tpl
  12. 4
      tpl/zone.tpl
  13. 5
      tpl/zoneadd.tpl
  14. 11
      tpl/zonedel.tpl
  15. 9
      tpl/zoneedit.tpl
  16. 4
      tpl/zoneview.tpl
  17. 150
      user.php
  18. 27
      useradd.php
  19. 28
      userdel.php
  20. 39
      useredit.php
  21. 35
      userview.php
  22. 123
      vlan.php
  23. 18
      vlanadd.php
  24. 26
      vlandel.php
  25. 28
      vlanedit.php
  26. 37
      vlanview.php
  27. 143
      zone.php
  28. 16
      zoneadd.php
  29. 23
      zonedel.php
  30. 27
      zoneedit.php
  31. 29
      zoneview.php

@ -119,7 +119,7 @@ if (isset($_POST['add'])) {
header_location("assetview.php?asset_id=" . $dbh->lastInsertId());
break;
/* refactored
/*
case ("assetclass") :
$name = sanitize($_POST['assetclass_name']);
$description = sanitize($_POST['assetclass_description']);
@ -304,7 +304,7 @@ if (isset($_POST['add'])) {
header_location("subnetview.php?subnet_id=" . $subnet_id);
break;
case ("user") :
/* case ("user") :
$user_name = strtolower(sanitize($_POST['user_name']));
$user_displayname = sanitize($_POST['user_displayname']);
$user_password = md5(sanitize($_POST['user_password']));
@ -338,7 +338,7 @@ if (isset($_POST['add'])) {
$sth->execute([$vlan_name, $vlan_number, $vlan_color, $vlan_info]);
header_location("vlanview.php?vlan_id=" . $dbh->lastInsertId());
break;
break; */
case ("vlansubnet") :
$subnet_id = sanitize($_POST['subnet_id']);
@ -352,7 +352,7 @@ if (isset($_POST['add'])) {
header_location("vlanview.php?vlan_id=" . $vlan_id);
break;
case ("zone") :
/* case ("zone") :
$zone_origin = sanitize($_POST['zone_origin']);
$zone_ttl_default = sanitize($_POST['zone_ttl_default']);
$zone_soa = sanitize($_POST['zone_soa']);
@ -380,7 +380,7 @@ if (isset($_POST['add'])) {
$zone_ns1, $zone_ns2, $zone_ns3, $zone_mx1, $zone_mx2, $zone_info]);
header_location("zoneview.php?zone_id=" . $dbh->lastInsertId());
break;
break; */
}
}
@ -398,7 +398,7 @@ if (isset($_POST['del'])) {
header_location("asset.php");
break;
/* refactored
/*
case ("assetclass") :
$assetclass_id = sanitize($_POST['assetclass_id']);
@ -487,7 +487,7 @@ if (isset($_POST['del'])) {
header_location("subnetview.php?subnet_id=" . $subnet_id);
break;
case ("user") :
/* case ("user") :
$user_id = sanitize($_POST['user_id']);
$sth = $dbh->prepare("DELETE FROM user WHERE user_id=?");
@ -503,7 +503,7 @@ if (isset($_POST['del'])) {
$sth->execute([$vlan_id]);
header_location("vlan.php");
break;
break; */
case ("vlansubnet") :
$subnet_id = sanitize($_POST['subnet_id']);
@ -515,14 +515,14 @@ if (isset($_POST['del'])) {
header_location("vlanview.php?vlan_id=" . $vlan_id);
break;
case ("zone") :
/* case ("zone") :
$zone_id = sanitize($_POST['zone_id']);
$sth = $dbh->prepare("DELETE FROM zone WHERE zone_id=?");
$sth->execute([$zone_id]);
header_location("zone.php");
break;
break; */
}
}
@ -548,7 +548,7 @@ if (isset($_POST['edit'])) {
$asset_id]);
header_location("assetview.php?asset_id=" . $asset_id);
/* refactored
/*
case ("assetclass") :
$id = sanitize($_POST['assetclass_id']);
$name = sanitize($_POST['assetclass_name']);
@ -729,7 +729,7 @@ if (isset($_POST['edit'])) {
header_location("subnetview.php?subnet_id=" . $subnet_id);
break;
case ("user") :
/* case ("user") :
$user_id = sanitize($_POST['user_id']);
$user_name = sanitize($_POST['user_name']);
$user_displayname = sanitize($_POST['user_displayname']);
@ -803,7 +803,7 @@ if (isset($_POST['edit'])) {
$id]);
header_location("zoneview.php?zone_id=" . $zone_id);
break;
break; */
}
}

@ -5,7 +5,7 @@
{$lang_users} ({$users|@count})
</td>
<td align="right">
<a href="useradd.php"><img src="images/user_add.png" alt="{$lang_user_add}" /></a>
<a href="user.php?f=add"><img src="images/user_add.png" alt="{$lang_user_add}" /></a>
</td>
</tr>
</table>
@ -28,7 +28,7 @@
{foreach item=user from=$users}
<tr>
<td class="label">
<a href="userview.php?user_id={$user.id}">{$user.name}</a>
<a href="user.php?f=view&id={$user.id}">{$user.name}</a>
</td>
<td class="value">
{$user.realm}

@ -1,5 +1,4 @@
<form method="POST" action="submit.php">
<input type="hidden" name="add" value="user">
<form method="POST" action="user.php">
<table class="title">
<tr>
@ -9,7 +8,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=cancel" alt="{$lang_cancel}"></a>
<input type="image" src="images/user_add.png" alt="{$lang_submit}" />
<input type="image" name="submit[insert]" src="images/user_add.png" alt="{$lang_submit}" />
</td>
</tr>
</table>

@ -1,6 +1,5 @@
<form method="POST" action="submit.php">
<input type="hidden" name="del" value="user">
<input type="hidden" name="user_id" value="{$user->id}">
<form method="POST" action="user.php">
<input type="hidden" name="id" value="{$user->id}">
<table class="title">
<tr>
@ -10,7 +9,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=cancel" alt="{$lang_cancel}"></a>
<input type="image" src="images/user_delete.png" alt="{$lang_submit}">
<input type="image" name="submit[delete]" src="images/user_delete.png" alt="{$lang_submit}">
</td>
</tr>
</table>
@ -29,7 +28,7 @@
{$lang_user_name}
</td>
<td class="value">
<a href="userview.php?user_id={$user->id}">{$user->name}</a>
<a href="user.php?f=view&id={$user->id}">{$user->name}</a>
</td>
</tr>
</table>

@ -1,6 +1,5 @@
<form method="POST" action="submit.php">
<input type="hidden" name="edit" value="user">
<input type="hidden" name="user_id" value="{$user->id}">
<form method="POST" action="user.php">
<input type="hidden" name="id" value="{$user->id}">
<table class="title">
<tr>
@ -10,7 +9,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=back" alt="{$lang_cancel}"></a>
<input type="image" src="image.php?icon=save" alt="{$lang_submit}">
<input type="image" name="submit[update]" src="images/page_save.png" alt="{$lang_submit}">
</td>
</tr>
</table>

@ -2,11 +2,11 @@
<tr>
<td class="header">
<img class="icon" src="images/user.png" alt="" />
{$user_name}
{$user->name}
</td>
<td align="right">
<a href="useredit.php?user_id={$user->id}"><img src="images/user_edit.png" alt="{$lang_user_edit}"></a>
<a href="userdel.php?user_id={$user->id}"><img src="images/user_delete.png" alt="{$lang_user_del}"></a>
<a href="user.php?f=edit&id={$user->id}"><img src="images/user_edit.png" alt="{$lang_user_edit}"></a>
<a href="user.php?f=del&id={$user->id}"><img src="images/user_delete.png" alt="{$lang_user_del}"></a>
</td>
</tr>
</table>
@ -25,7 +25,7 @@
{$lang_user_name}
</td>
<td class="value">
<a href="userview.php?user_id={$user->id}">{$user->name}</a>
<b>{$user->name}</b>
</td>
</tr>
<tr>

@ -6,7 +6,7 @@
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="vlanadd.php"><img src="image.php?icon=add" alt="{$lang_vlan_add}" {if $suser_tooltips}title="{$lang_vlan_add}" {/if}/></a>
<a href="vlan.php?f=add"><img src="image.php?icon=add" alt="{$lang_vlan_add}" {if $suser_tooltips}title="{$lang_vlan_add}" {/if}/></a>
{/if}
</td>
</tr>
@ -31,7 +31,7 @@
</td>
<td class="value">
<img src="image.php?color={$vlan.color}" alt="#{$vlan.color}">
<a href="vlanview.php?vlan_id={$vlan.id}">{$vlan.name}</a>
<a href="vlan.php?f=view&id={$vlan.id}">{$vlan.name}</a>
</td>
<td>
{$vlan.info}

@ -1,5 +1,4 @@
<form method="POST" action="submit.php">
<input type="hidden" name="add" value="vlan">
<form method="POST" action="vlan.php">
<table class="title">
<tr>
@ -8,7 +7,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=cancel" alt="{$lang_cancel}"></a>
<input type="image" src="image.php?icon=save" alt="{$lang_submit}">
<input type="image" name="submit[insert]" src="images/page_save.png" alt="{$lang_submit}">
</td>
</tr>
</table>

@ -1,6 +1,5 @@
<form method="POST" action="submit.php">
<input type="hidden" name="del" value="vlan">
<input type="hidden" name="vlan_id" value="{$vlan->id}">
<form method="POST" action="vlan.php">
<input type="hidden" name="id" value="{$vlan->id}">
<table class="title">
<tr>
@ -9,7 +8,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=cancel" alt="{$lang_cancel}"></a>
<input type="image" src="image.php?icon=delete" alt="{$lang_submit}">
<input type="image" name="submit[delete]" src="images/bin.png" alt="{$lang_delete}">
</td>
</tr>
</table>
@ -28,7 +27,7 @@
{$lang_vlan_name}
</td>
<td class="value">
<a href="vlanview.php?vlan_id={$vlan->id}">{$vlan->name}&nbsp;({$vlan->number})</a>
<a href="vlan.php?f=view&id={$vlan->id}">{$vlan->name}&nbsp;({$vlan->number})</a>
</td>
</tr>
</table>

@ -1,6 +1,5 @@
<form method="POST" action="submit.php">
<input type="hidden" name="edit" value="vlan">
<input type="hidden" name="vlan_id" value="{$vlan->id}">
<form method="POST" action="vlan.php">
<input type="hidden" name="id" value="{$vlan->id}">
<table class="title">
<tr>
@ -10,7 +9,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=back" alt="{$lang_cancel}"></a>
<input type="image" src="image.php?icon=save" alt="{$lang_submit}">
<input type="image" name="submit[update]" src="images/page_save.png" alt="{$lang_save}">
</td>
</tr>
</table>

@ -9,10 +9,10 @@
<a href="assignvlantosubnet.php?vlan_id={$vlan->id}"><img src="image.php?icon=add" alt="{$lang_assignvlantosubnet}"></a>
{/if}
{if $suser_edit}
<a href="vlanedit.php?vlan_id={$vlan->id}"><img src="image.php?icon=edit" alt="{$lang_vlan_edit}"></a>
<a href="vlan.php?f=edit&id={$vlan->id}"><img src="image.php?icon=edit" alt="{$lang_vlan_edit}"></a>
{/if}
{if $suser_delete}
<a href="vlandel.php?vlan_id={$vlan->id}"><img src="image.php?icon=delete" alt="{$lang_vlan_del}"></a>
<a href="vlan.php?f=del&id={$vlan->id}"><img src="image.php?icon=delete" alt="{$lang_vlan_del}"></a>
{/if}
</td>
</tr>
@ -32,7 +32,7 @@
{$lang_vlan_name}
</td>
<td class="value">
<a href="vlanview.php?vlan_id={$vlan->id}">{$vlan->name}</a>
<a href="vlan.php?f=view&id={$vlan->id}">{$vlan->name}</a>
</td>
</tr>
<tr>

@ -6,7 +6,7 @@
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="zoneadd.php"><img src="image.php?icon=add" alt="{$lang_zone_add}"></a>
<a href="zone.php?f=add"><img src="image.php?icon=add" alt="{$lang_zone_add}"></a>
{/if}
</td>
</tr>
@ -27,7 +27,7 @@
{foreach item=zone from=$zones}
<tr>
<td class="label">
<a href="zoneview.php?zone_id={$zone.id}">{$zone.origin}</a>
<a href="zone.php?f=view&id={$zone.id}">{$zone.origin}</a>
</td>
<td class="value">
{$zone.hostmaster}

@ -1,5 +1,4 @@
<form method="POST" action="submit.php">
<input type="hidden" name="add" value="zone">
<form method="POST" action="zone.php">
<table class="title">
<tr>
@ -8,7 +7,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=back" alt="{$lang_cancel}"></a>
<input type="image" src="image.php?icon=save" alt="{$lang_submit}">
<input type="image" name="submit[insert]" src="images/page_save.png" alt="{$lang_submit}">
</td>
</tr>
</table>

@ -1,6 +1,5 @@
<form method="POST" action="submit.php">
<input type="hidden" name="del" value="zone">
<input type="hidden" name="zone_id" value="{$zone.zone_id}">
<form method="POST" action="zone.php">
<input type="hidden" name="id" value="{$zone->zone_id}">
<table class="title">
<tr>
@ -9,7 +8,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=cancel" alt="{$lang_cancel}"></a>
<input type="image" src="images/table_delete.png" alt="{$lang_submit}">
<input type="image" name="submit[delete]" src="images/table_delete.png" alt="{$lang_submit}">
</td>
</tr>
</table>
@ -28,8 +27,8 @@
{$lang_zone}
</td>
<td class="value">
<a href="zoneview.php?zone_id={$zone.zone_id}">{$zone.zone_origin}</a>
({$zone.zone_serial})
<a href="zone.php?f=view&id={$zone->zone_id}">{$zone->zone_origin}</a>
({$zone->zone_serial})
</td>
</tr>
</table>

@ -1,6 +1,5 @@
<form method="POST" action="submit.php">
<input type="hidden" name="edit" value="zone">
<input type="hidden" name="zone_id" value="{$zone->zone_id}">
<form method="POST" action="zone.php">
<input type="hidden" name="id" value="{$zone->zone_id}">
<table class="title">
<tr>
@ -10,7 +9,7 @@
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=back" alt="{$lang_cancel}"></a>
<input type="image" src="image.php?icon=save" alt="{$lang_submit}">
<input type="image" name="submit[update]" src="images/page_save.png" alt="{$lang_save}">
</td>
</tr>
</table>
@ -141,7 +140,7 @@
Zone Info
</td>
<td class="value">
<textarea name="zone_info" cols="30" rows="10">{$zone.zone_info}</textarea>
<textarea name="zone_info" cols="30" rows="10">{$zone->zone_info}</textarea>
</td>
</tr>
</table>

@ -6,10 +6,10 @@
</td>
<td align="right">
{if $suser_edit || $suser_admin}
<a href="zoneedit.php?zone_id={$zone->zone_id}"><img src="images/table_edit.png" alt="{$lang_zone_edit}" /></a>
<a href="zone.php?f=edit&id={$zone->zone_id}"><img src="images/table_edit.png" alt="{$lang_zone_edit}" /></a>
{/if}
{if $suser_delete || $suser_admin}
<a href="zonedel.php?zone_id={$zone->zone_id}"><img src="images/table_delete.png" alt="{$lang_zone_del}" /></a>
<a href="zone.php?f=del&id={$zone->zone_id}"><img src="images/table_delete.png" alt="{$lang_zone_del}" /></a>
{/if}
</td>
</tr>

@ -13,8 +13,90 @@ if (($_SESSION['suser_role_admin'] == 0) and ($_SESSION['suser_role_manage'] ==
header_location('comments.php?comments=accessdenied');
}
if (isset($_REQUEST['id'])) {
$id = (int) $_REQUEST['id'] or $id = 0;
}
// ========== ACTIONS START ===================================================
switch ($submit = form_get_action()) {
case NULL: break;
case 'add': $action = ACT_ADD; break;
case 'view': $action = ACT_VIEW; break;
case 'edit': $action = ACT_EDIT; break;
case 'del': $action = ACT_DELETE; break;
case 'insert':
$user_name = strtolower(sanitize($_POST['user_name']));
$user_displayname = sanitize($_POST['user_displayname']);
$user_password = md5(sanitize($_POST['user_password']));
// check if username exists
$sth = $dbh->prepare("SELECT COUNT(*) FROM user WHERE user_name=?");
$sth->execute([$user_name]);
if ($sth->fetchColumn() == 0) {
$sql = "INSERT INTO user (user_name, user_displayname, user_pass)
VALUE (?, ?, ?)";
$sth = $dbh->prepare($sql);
$sth->execute([$user_name, $user_displayname, $user_password]);
$id = $dbh->lastInsertId();
$action = ACT_VIEW;
} else {
$g_error->Add(_("Username already in use."));
$action = ACT_ADD;
}
break;
case 'update':
$user_name = sanitize($_POST['user_name']);
$user_displayname = sanitize($_POST['user_displayname']);
$user_realm = sanitize($_POST['user_realm']);
// roles
$role_add = sanitize($_POST['role_add']);
$role_edit = sanitize($_POST['role_edit']);
$role_delete = sanitize($_POST['role_delete']);
$role_manage = sanitize($_POST['role_manage']);
$role_admin = sanitize($_POST['role_admin']);
// construct menu set
$role = array();
if ($role_add) $role[] = 'add';
if ($role_edit) $role[] = 'edit';
if ($role_delete) $role[] = 'delete';
if ($role_manage) $role[] = 'manage';
if ($role_admin) $role[] = 'admin';
$sql = "UPDATE user SET
user_name=?, user_displayname=?, user_realm=?,
user_role=?
WHERE user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$user_name ,$user_displayname, $user_realm,
implode(',', $role), $id]);
$action = ACT_VIEW;
break;
case 'delete':
$sth = $dbh->prepare("DELETE FROM user WHERE user_id=?");
$sth->execute([$id]);
$g_message->Add(_("User deleted."));
$action = ACT_DEFAULT;
break;
default:
$g_error->Add(submit_error($submit));
$valid = FALSE;
}
// ========== ACTIONS END =====================================================
include("header.php");
if ($action == ACT_DEFAULT):
// ========== VARIANT: default behavior =======================================
$sql = "SELECT user_id AS id, user_name AS name,
user_displayname AS displayname, user_realm AS realm,
user_role AS role
@ -27,10 +109,74 @@ $users = $sth->fetchAll(PDO::FETCH_ASSOC);
for($i = 0; $i < count($users); $i++) {
$users[$i]['role'] = explode(',', $users[$i]['role'] );
}
$smarty->assign("users", $users);
$smarty->display("user.tpl");
include("footer.php");
elseif ($action == ACT_ADD):
// ========== VARIANT: add record =============================================
$realms = db_load_enum('user','user_realm');
$smarty->assign("realm_ids", $realms);
$smarty->assign("realm_names", $realms);
$smarty->assign("realm_selected", $realms[0]);
$smarty->display("useradd.tpl");
elseif ($action == ACT_VIEW):
// ========== VARIANT: view single record =====================================
$sql = "SELECT user_id AS id, user_name AS name, user_displayname AS displayname,
user_realm as realm, user_role AS role, user_flags AS flags
FROM user
WHERE user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$user = $sth->fetch(PDO::FETCH_OBJ);
$user->role = explode(',', $user->role);
$user->flags = explode(',', $user->flags);
$smarty->assign("user", $user);
$smarty->display("userview.tpl");
elseif ($action == ACT_EDIT):
// ========== VARIANT: edit single record =====================================
$sql = "SELECT user_id AS id, user_name AS name, user_displayname AS displayname,
user_realm AS realm, user_role AS role, user_flags AS flags
FROM user
WHERE user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$user = $sth->fetch(PDO::FETCH_OBJ);
$user->role = explode(',', $user->role);
$smarty->assign("user", $user);
// auth realms
$smarty->assign("realm_ids", ['local', 'ldap']);
$smarty->assign("realm_names", ['Local', 'LDAP']);
$smarty->assign("realm_selected", $user->realm);
$smarty->display("useredit.tpl");
elseif ($action == ACT_DELETE):
// ========== VARIANT: delete record ==========================================
$sth = $dbh->prepare("SELECT user_id AS id, user_name AS name FROM user WHERE user_id=?");
$sth->execute([$id]);
$smarty->assign("user", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("userdel.tpl");
else:
// ========== ERROR UNKNOWN VARIANT ===========================================
echo "<p>Unknown function call: Please report to system development!</p>\n";
endif; // $action == ...
// ========== END OF VARIANTS =================================================
$smarty->display('footer.tpl');
?>

@ -1,27 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if (($_SESSION['suser_role_admin'] == 0) && ($_SESSION['suser_role_manage'] == 0)) {
header_location('comments.php?comments=accessdenied');
}
include("header.php");
$realms = db_load_enum('user','user_realm');
$smarty->assign("realm_ids", $realms);
$smarty->assign("realm_names", $realms);
$smarty->assign("realm_selected", $realms[0]);
$smarty->display("useradd.tpl");
include("footer.php");
?>

@ -1,28 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if ($_SESSION['suser_role_admin'] == 0) {
header_location('comments.php?comments=accessdenied');
}
$user_id = sanitize($_GET['user_id']);
include("header.php");
$sth = $dbh->prepare("SELECT user_id AS id user_name AS user_name FROM user WHERE user_id=?");
$dbh->execute([$user_id]);
$smarty->assign("user", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("userdel.tpl");
include("footer.php");
?>

@ -1,39 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if (($_SESSION['suser_role_admin'] == 0) && ($_SESSION['suser_role_manage'] == 0)) {
header_location('comments.php?comments=accessdenied');
}
$user_id = sanitize($_GET['user_id']);
include("header.php");
$sql = "SELECT user_id AS id, user_name AS name, user_displayname AS displayname,
user_realm AS realm, user_role AS role, user_flags AS flags
FROM user
WHERE user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$user_id]);
$user = $sth->fetch(PDO::FETCH_OBJ);
$user->role = explode(',', $user->role);
$smarty->assign("user", $user);
// auth realms
$smarty->assign("realm_ids", ['local', 'ldap']);
$smarty->assign("realm_names", ['Local', 'LDAP']);
$smarty->assign("realm_selected", $user->realm);
$smarty->display("useredit.tpl");
include("footer.php");
?>

@ -1,35 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if (($_SESSION['suser_role_admin'] == 0) and ($_SESSION['suser_role_manage'] == 0)) {
header_location('comments.php?comments=accessdenied');
}
$user_id = sanitize($_GET['user_id']);
include("header.php");
$sql = "SELECT user_id AS id, user_name AS name, user_displayname AS displayname,
user_realm as realm, user_role AS role, user_flags AS flags
FROM user
WHERE user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$user_id]);
$user = $sth->fetch(PDO::FETCH_OBJ);
$user->role = explode(',', $user->role);
$user->flags = explode(',', $user->flags);
$smarty->assign("user", $user);
$smarty->display("userview.tpl");
include("footer.php");
?>

@ -8,8 +8,68 @@ SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if (isset($_REQUEST['id'])) {
$id = (int) $_REQUEST['id'] or $id = 0;
}
// ========== ACTIONS START ===================================================
switch ($submit = form_get_action()) {
case NULL: break;
case 'add': $action = ACT_ADD; break;
case 'view': $action = ACT_VIEW; break;
case 'edit': $action = ACT_EDIT; break;
case 'del': $action = ACT_DELETE; break;
case 'insert':
$vlan_name = sanitize($_POST['vlan_name']);
$vlan_number = sanitize($_POST['vlan_number']);
$vlan_info = sanitize($_POST['vlan_info']);
$vlan_color = sanitize($_POST['vlan_color']);
$sql = "INSERT INTO vlan (vlan_name, vlan_number, vlan_color, vlan_info)
VALUE (?, ?, ?, ?)";
$sth = $dbh->prepare($sql);
$sth->execute([$vlan_name, $vlan_number, $vlan_color, $vlan_info]);
$id = $dbh->lastInsertId();
$action = ACT_VIEW;
break;
case 'update':
$vlan_name = sanitize($_POST['vlan_name']);
$vlan_number = sanitize($_POST['vlan_number']);
$vlan_info = sanitize($_POST['vlan_info']);
$vlan_color = sanitize($_POST['vlan_color']);
$sql = "UPDATE vlan SET vlan_name=?, vlan_number=?, vlan_color=?, vlan_info=? WHERE vlan_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$vlan_name, $vlan_number, $vlan_color, $vlan_info, $id]);
$action = ACT_VIEW;
break;
case 'delete':
$sth = $dbh->prepare("DELETE FROM vlan WHERE vlan_id=?");
$sth->execute([$id]);
$g_message->Add(_("VLAN deleted."));
$action = ACT_DEFAULT;
break;
default:
$g_error->Add(submit_error($submit));
$valid = FALSE;
}
// ========== ACTIONS END =====================================================
$smarty->assign("scripts", 'jscolor.js');
include("header.php");
if ($action == ACT_DEFAULT):
// ========== VARIANT: default behavior =======================================
$sql = "SELECT vlan_id AS id, vlan_number AS number, vlan_name AS name,
vlan_color AS color, LEFT(vlan_info, 60) AS info
FROM vlan
@ -19,5 +79,66 @@ $smarty->assign("vlans", $sth->fetchAll());
$smarty->display("vlan.tpl");
include("footer.php");
elseif ($action == ACT_ADD):
// ========== VARIANT: add record =============================================
$smarty->display("vlanadd.tpl");
elseif ($action == ACT_VIEW):
// ========== VARIANT: view single record =====================================
// vlan
$sql = "SELECT vlan_id AS id, vlan_name AS name, vlan_number AS number,
vlan_info AS info, vlan_color AS color
FROM vlan
WHERE vlan_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign("vlan", $sth->fetch(PDO::FETCH_OBJ));
// subnets
$sql = "SELECT s.subnet_id, s.subnet_address, s.subnet_mask, s.subnet_info
FROM subnet AS s LEFT JOIN subnetvlan AS v USING (subnet_id)
WHERE v.vlan_id=?
ORDER BY INET_ATON(s.subnet_address)";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign("subnets", $sth->fetchAll());
$smarty->display("vlanview.tpl");
elseif ($action == ACT_EDIT):
// ========== VARIANT: edit single record =====================================
$sql = "SELECT vlan_id AS id, vlan_name AS name, vlan_number AS number,
vlan_color AS color, vlan_info AS info
FROM vlan
WHERE vlan_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign("vlan", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("vlanedit.tpl");
elseif ($action == ACT_DELETE):
// ========== VARIANT: delete record ==========================================
$sql = "SELECT vlan_id AS id, vlan_name AS name, vlan_number AS number
FROM vlan
WHERE vlan_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign("vlan", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("vlandel.tpl");
else:
// ========== ERROR UNKNOWN VARIANT ===========================================
echo "<p>Unknown function call: Please report to system development!</p>\n";
endif; // $action == ...
// ========== END OF VARIANTS =================================================
$smarty->display('footer.tpl');
?>

@ -1,18 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
$smarty->assign("scripts", 'jscolor.js');
include("header.php");
$smarty->display("vlanadd.tpl");
include("footer.php");
?>

@ -1,26 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
$vlan_id = sanitize($_GET['vlan_id']);
include("header.php");
$sql = "SELECT vlan_id AS id, vlan_name AS name, vlan_number AS number
FROM vlan
WHERE vlan_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$vlan_id]);
$smarty->assign("vlan", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("vlandel.tpl");
include("footer.php");
?>

@ -1,28 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
$vlan_id = sanitize($_GET['vlan_id']);
$smarty->assign("scripts", 'jscolor.js');
include("header.php");
$sql = "SELECT vlan_id AS id, vlan_name AS name, vlan_number AS number,
vlan_color AS color, vlan_info AS info
FROM vlan
WHERE vlan_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$vlan_id]);
$smarty->assign("vlan", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("vlanedit.tpl");
include("footer.php");
?>

@ -1,37 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
$vlan_id = sanitize($_GET['vlan_id']);
include("header.php");
// vlan
$sql = "SELECT vlan_id AS id, vlan_name AS name, vlan_number AS number,
vlan_info AS info, vlan_color AS color
FROM vlan
WHERE vlan_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$vlan_id]);
$smarty->assign("vlan", $sth->fetch(PDO::FETCH_OBJ));
// subnets
$sql = "SELECT s.subnet_id, s.subnet_address, s.subnet_mask, s.subnet_info
FROM subnet AS s LEFT JOIN subnetvlan AS v USING (subnet_id)
WHERE v.vlan_id=?
ORDER BY INET_ATON(s.subnet_address)";
$sth = $dbh->prepare($sql);
$sth->execute([$vlan_id]);
$smarty->assign("subnets", $sth->fetchAll());
$smarty->display("vlanview.tpl");
include("footer.php");
?>

@ -9,8 +9,98 @@ SPDX-License-Identifier: GPL-3.0-or-later
include("includes.php");
if (isset($_REQUEST['id'])) {
$id = (int) $_REQUEST['id'] or $id = 0;
}
// ========== ACTIONS START ===================================================
switch ($submit = form_get_action()) {
case NULL: break;
case 'add': $action = ACT_ADD; break;
case 'view': $action = ACT_VIEW; break;
case 'edit': $action = ACT_EDIT; break;
case 'del': $action = ACT_DELETE; break;
case 'insert':
$zone_origin = sanitize($_POST['zone_origin']);
$zone_ttl_default = sanitize($_POST['zone_ttl_default']);
$zone_soa = sanitize($_POST['zone_soa']);
$zone_hostmaster = sanitize($_POST['zone_hostmaster']);
$zone_refresh = sanitize($_POST['zone_refresh']);
$zone_retry = sanitize($_POST['zone_retry']);
$zone_expire = sanitize($_POST['zone_expire']);
$zone_ttl = sanitize($_POST['zone_ttl']);
$zone_serial = sanitize($_POST['zone_serial']);
$zone_ns1 = sanitize($_POST['zone_ns1']);
$zone_ns2 = sanitize($_POST['zone_ns2']);
$zone_ns3 = sanitize($_POST['zone_ns3']);
$zone_mx1 = sanitize($_POST['zone_mx1']);
$zone_mx2 = sanitize($_POST['zone_mx2']);
$zone_info = sanitize($_POST['zone_info']);
$sql = "INSERT INTO zone (
zone_origin, zone_ttl_default, zone_soa, zone_hostmaster,
zone_refresh, zone_retry, zone_expire, zone_ttl, zone_serial,
zone_ns1, zone_ns2, zone_ns3, zone_mx1, zone_mx2, zone_info)
VALUE (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$sth = $dbh->prepare($sql);
$sth->execute([$zone_origin, $zone_ttl_default, $zone_soa, $zone_hostmaster,
$zone_refresh, $zone_retry, $zone_expire, $zone_ttl, $zone_serial,
$zone_ns1, $zone_ns2, $zone_ns3, $zone_mx1, $zone_mx2, $zone_info]);
$id = $dbh->lastInsertId();
$action = ACT_VIEW;
break;
case 'update':
$origin = sanitize($_POST['zone_origin']);
$ttl_default = sanitize($_POST['zone_ttl_default']);
$soa = sanitize($_POST['zone_soa']);
$hostmaster = sanitize($_POST['zone_hostmaster']);
$refresh = sanitize($_POST['zone_refresh']);
$retry = sanitize($_POST['zone_retry']);
$expire = sanitize($_POST['zone_expire']);
$ttl = sanitize($_POST['zone_ttl']);
$serial = sanitize($_POST['zone_serial']);
$ns1 = sanitize($_POST['zone_ns1']);
$ns2 = sanitize($_POST['zone_ns2']);
$ns3 = sanitize($_POST['zone_ns3']);
$mx1 = sanitize($_POST['zone_mx1']);
$mx2 = sanitize($_POST['zone_mx2']);
$info = sanitize($_POST['zone_info']);
$sql = "UPDATE zone SET
zone_origin=?, zone_ttl_default=?, zone_soa=?, zone_hostmaster=?,
zone_refresh=?, zone_retry=?, zone_expire=?, zone_ttl=?, zone_serial=?,
zone_ns1=?, zone_ns2=?, zone_ns3=?, zone_mx1=?, zone_mx2=?, zone_info=?
WHERE zone_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$origin, $ttl_default, $soa, $hostmaster, $refresh, $retry,
$expire, $ttl, $serial, $ns1, $ns2, $ns3, $mx1, $mx2, $info,
$id]);
$action = ACT_VIEW;
break;
case 'delete':
$sth = $dbh->prepare("DELETE FROM zone WHERE zone_id=?");
$sth->execute([$id]);
$g_message->Add(_("Deleted zone"));
$action = ACT_DEFAULT;
break;
default:
$g_error->Add(submit_error($submit));
$valid = FALSE;
}
// ========== ACTIONS END =====================================================
include("header.php");
if ($action == ACT_DEFAULT):
// ========== VARIANT: default behavior =======================================
$sql = "SELECT zone_id AS id, zone_origin AS origin, zone_soa AS soa,
zone_hostmaster AS hostmaster, zone_serial AS serial
FROM zone
@ -20,5 +110,56 @@ $smarty->assign("zones", $sth->fetchAll());
$smarty->display("zone.tpl");
include("footer.php");
elseif ($action == ACT_ADD):
// ========== VARIANT: add record =============================================
$smarty->display("zoneadd.tpl");
elseif ($action == ACT_VIEW):
// ========== VARIANT: view single record =====================================
$sql = "SELECT zone_id, zone_soa, zone_hostmaster, zone_origin,
zone_ttl_default, zone_refresh, zone_retry, zone_expire,
zone_ttl, zone_serial, zone_ns1, zone_ns2, zone_ns3,
zone_mx1, zone_mx2, zone_info
FROM zone
WHERE zone_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign("zone", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("zoneview.tpl");
elseif ($action == ACT_EDIT):
// ========== VARIANT: edit single record =====================================
$sql = "SELECT zone_id, zone_soa, zone_hostmaster, zone_origin, zone_ttl_default,
zone_refresh, zone_retry, zone_expire, zone_ttl, zone_serial,
zone_ns1, zone_ns2, zone_ns3, zone_mx1, zone_mx2, zone_info
FROM zone
WHERE zone_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign("zone", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("zoneedit.tpl");
elseif ($action == ACT_DELETE):
// ========== VARIANT: delete record ==========================================
$sth = $dbh->prepare("SELECT zone_id, zone_origin, zone_serial FROM zone WHERE zone_id=?");
$sth->execute([$id]);
$smarty->assign("zone", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("zonedel.tpl");
else:
// ========== ERROR UNKNOWN VARIANT ===========================================
echo "<p>Unknown function call: Please report to system development!</p>\n";
endif; // $action == ...
// ========== END OF VARIANTS =================================================
$smarty->display('footer.tpl');
?>

@ -1,16 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
include("header.php");
$smarty->display("zoneadd.tpl");
include("footer.php");
?>

@ -1,23 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
$zone_id = sanitize($_GET['zone_id']);
include("header.php");
$sth = $dbh->prepare("SELECT zone_id, zone_origin, zone_serial FROM zone WHERE zone_id=?");
$sth->execute($sql);
$smarty->assign("zone", $sth->fetchAll(PDO::FETCH_ASSOC));
$smarty->display("zonedel.tpl");
include("footer.php");
?>

@ -1,27 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
$zone_id = sanitize($_GET['zone_id']);
include("header.php");
$sql = "SELECT zone_id, zone_soa, zone_hostmaster, zone_origin, zone_ttl_default,
zone_refresh, zone_retry, zone_expire, zone_ttl, zone_serial,
zone_ns1, zone_ns2, zone_ns3, zone_mx1, zone_mx2, zone_info
FROM zone
WHERE zone_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$zone_id]);
$smarty->assign("zone", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("zoneedit.tpl");
include("footer.php");
?>

@ -1,29 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
$zone_id = sanitize($_GET['zone_id']);
include("header.php");
$sql = "SELECT zone_id, zone_soa, zone_hostmaster, zone_origin,
zone_ttl_default, zone_refresh, zone_retry, zone_expire,
zone_ttl, zone_serial, zone_ns1, zone_ns2, zone_ns3,
zone_mx1, zone_mx2, zone_info
FROM zone
WHERE zone_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$zone_id]);
$smarty->assign("zone", $sth->fetch(PDO::FETCH_OBJ));
$smarty->display("zoneview.tpl");
include("footer.php");
?>