thooge
/
ipreg
Archived
1
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

Features LDAP, Rights, Cables, Menu improvements and bug fixing

Browse Source
master
Thomas Hooge 1 year ago
parent 26e9c89405
commit db26ffa611
59 changed files with 1039 additions and 301 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 161
      cable.php
  2. 14
      dbconnect.php
  3. 38
      header.php
  4. BIN
      images/admin.png
  5. BIN
      images/cancel.png
  6. BIN
      images/information.png
  7. BIN
      images/manage.png
  8. BIN
      images/note.png
  9. BIN
      images/plugin.png
  10. 13
      includes.php
  11. 29
      install/mysql.sql
  12. 2
      install/mysql_sample.sql
  13. 20
      lang/de.php
  14. 14
      lang/en.php
  15. 143
      lib.php
  16. 8
      lib/functions.php
  17. 171
      lib/user.class.php
  18. 48
      login.php
  19. 14
      optionseditdisplay.php
  20. 73
      submit.php
  21. 2
      subnetvlanadd.php
  22. 2
      tpl/asset.tpl
  23. 2
      tpl/assetclass.tpl
  24. 2
      tpl/assetclassgroup.tpl
  25. 2
      tpl/assetclassview.tpl
  26. 2
      tpl/assetview.tpl
  27. 52
      tpl/cable.tpl
  28. 75
      tpl/cableadd.tpl
  29. 39
      tpl/cabledel.tpl
  30. 76
      tpl/cableedit.tpl
  31. 63
      tpl/cableview.tpl
  32. 11
      tpl/header.tpl
  33. 2
      tpl/location.tpl
  34. 2
      tpl/locationview.tpl
  35. 2
      tpl/login.tpl
  36. 4
      tpl/node.tpl
  37. 2
      tpl/options.tpl
  38. 4
      tpl/optionseditdisplay.tpl
  39. 38
      tpl/style.css
  40. 3
      tpl/subnet.tpl
  41. 20
      tpl/user.tpl
  42. 57
      tpl/useredit.tpl
  43. 22
      tpl/userview.tpl
  44. 3
      tpl/vlan.tpl
  45. 8
      tpl/vlanadd.tpl
  46. 2
      tpl/vlandel.tpl
  47. 12
      tpl/vlanedit.tpl
  48. 11
      tpl/vlanview.tpl
  49. 2
      tpl/zone.tpl
  50. 6
      tpl/zoneview.tpl
  51. 17
      user.php
  52. 5
      useradd.php
  53. 6
      userdel.php
  54. 13
      useredit.php
  55. 14
      userview.php
  56. 2
      vlan.php
  57. 2
      vlanadd.php
  58. 3
      vlanedit.php
  59. 2
      vlanview.php

161
cable.php
Unescape View File

@ -0,0 +1,161 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if ($_SESSION['suser_role_admin'] == 0) {
header_location('comments.php?comments=accessdenied');
}
if (isset($_REQUEST['id'])) {
$id = (int) $_REQUEST['id'] or $id = 0;
}
$ctypes = array('copper' => 'Copper', 'fibre' => 'Fibre',
'laser' => 'Laserlink', 'radio' => 'Radiolink');
// ========== ACTIONS START ===================================================
switch ($submit = form_get_action()) {
case NULL: break;
case 'add': $action = ACT_ADD; break;
case 'view': $action = ACT_VIEW; break;
case 'edit': $action = ACT_EDIT; break;
case 'del': $action = ACT_DELETE; break;
case 'insert':
$description = sanitize($_POST['description']);
$color = sanitize($_POST['color']);
$info = sanitize($_POST['info']);
$sql = "INSERT INTO cable
(cable_description, cable_color, cable_info)
VALUES
(:description, :color, :info)";
$sth = $dbh->prepare($sql);
$sth->bindValue(':description', $description, PDO::PARAM_STR);
$sth->bindValue(':color', $color, PDO::PARAM_STR);
$sth->bindValue(':info', $info, PDO::PARAM_STR);
$sth->execute();
$id = $dbh->lastInsertId();
$action = ACT_VIEW;
break;
case 'update':
$description = sanitize($_POST['description']);
$color = sanitize($_POST['color']);
$length = sanitize($_POST['length']);
$type = sanitize($_POST['cable_type']);
$info = sanitize($_POST['info']);
$sql = "UPDATE cable
SET cable_description=:desc,
cable_color=:color,
cable_length=:length,
cable_type=:type,
cable_info=:info
WHERE cable_id=:id";
$sth = $dbh->prepare($sql);
$sth->bindValue(':id', $id, PDO::PARAM_INT);
$sth->bindValue(':desc', $description, PDO::PARAM_STR);
$sth->bindValue(':length', $length, PDO::PARAM_INT);
$sth->bindValue(':color', $color, PDO::PARAM_STR);
$sth->bindValue(':type', $type, PDO::PARAM_STR);
$sth->bindValue(':info', $info, PDO::PARAM_STR);
$sth->execute();
$action = ACT_VIEW;
break;
case 'delete':
$sth = $dbh->prepare("DELETE FROM cable WHERE cable_id=?");
$sth->execute([$id]);
$action = ACT_DEFAULT;
break;
default:
$g_error->Add(submit_error($submit));
$valid = FALSE;
}
// ========== ACTIONS END =====================================================
$smarty->assign("scripts", 'jscolor.js');
include("header.php");
// ========== PAGE CONTENT ====================================================
if ($action == ACT_DEFAULT):
// ========== VARIANT: default behavior =======================================
$sql = "SELECT cable_id AS id, cable_description AS description,
cable_from_id, cable_to_id, cable_length, cable_links,
cable_type, cable_color,
CONCAT(LEFT(cable_info, 60), IF(CHAR_LENGTH(cable_info)>60,'...','')) AS info
FROM cable
ORDER BY cable_description";
$sth = $dbh->query($sql);
$smarty->assign("cables", $sth->fetchAll());
$smarty->display("cable.tpl");
elseif ($action == ACT_ADD):
// ========== VARIANT: add record =============================================
$smarty->assign('type_options', $ctypes);
$smarty->display('cableadd.tpl');
elseif ($action == ACT_VIEW):
// ========== VARIANT: view single record =====================================
$sql = "SELECT cable_id AS id, cable_description AS description,
cable_from_id, cable_to_id, cable_length, cable_links,
cable_type, cable_color AS color, cable_info AS info
FROM cable
WHERE cable_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign('cable', $sth->fetch(PDO::FETCH_OBJ));
$smarty->display('cableview.tpl');
elseif ($action == ACT_EDIT):
// ========== VARIANT: edit single record =====================================
$sql = "SELECT cable_id AS id, cable_description AS description,
cable_from_id, cable_to_id, cable_length, cable_links,
cable_type, cable_color AS color, cable_info AS info
FROM cable
WHERE cable_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign('cable', $sth->fetch(PDO::FETCH_OBJ));
$smarty->assign('type_options', $ctypes);
$smarty->display('cableedit.tpl');
elseif ($action == ACT_DELETE):
// ========== VARIANT: delete record ==========================================
$sth = $dbh->prepare("SELECT cable_description FROM cable WHERE cable_id=?");
$sth->execute([$id]);
$smarty->assign('id', $id);
$smarty->assign('description', $sth->fetchColumn());
$smarty->display('cabledel.tpl');
else:
// ========== UNBEKANNTE VARIANTE =============================================
echo "<p>Unknown function call: Please report to system development!</p>\n";
endif; // $action == ...
// ========== END OF VARIANTS =================================================
include("footer.php");
?>

14
dbconnect.php
Unescape View File

@ -1,14 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
$dbh = new PDO("mysql:host=$config_mysql_host;dbname=$config_mysql_dbname;charset=utf8", $config_mysql_username, $config_mysql_password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
?>

38
header.php
Unescape View File

@ -27,15 +27,35 @@ $smarty->assign("suser_name", $_SESSION['suser_displayname']);
$smarty->assign("search", $search);
// menu
$smarty->assign("menu_assets", $_SESSION['suser_menu_assets']=='on');
$smarty->assign("menu_assetclasses", $_SESSION['suser_menu_assetclasses']=='on');
$smarty->assign("menu_assetclassgroups", $_SESSION['suser_menu_assetclassgroups']=='on');
$smarty->assign("menu_locations", $_SESSION['suser_menu_locations']=='on');
$smarty->assign("menu_nodes", $_SESSION['suser_menu_nodes']=='on');
$smarty->assign("menu_subnets", $_SESSION['suser_menu_subnets']=='on');
$smarty->assign("menu_users", $_SESSION['suser_menu_users']=='on');
$smarty->assign("menu_vlans", $_SESSION['suser_menu_vlans']=='on');
$smarty->assign("menu_zones", $_SESSION['suser_menu_zones']=='on');
$menu = array();
if ($_SESSION['suser_menu_assets']) {
$menu[] = '<a href="asset.php">' . $lang['lang_assets'] . "</a>\n";
}
if ($_SESSION['suser_menu_assetclasses']) {
$menu[] = '<a href="assetclass.php">' . $lang['lang_assetclasses'] . "</a>\n";
}
if ($_SESSION['suser_menu_assetclassgroups']) {
$menu[] = '<a href="assetclassgroup.php">' . $lang['lang_assetclassgroups'] . "</a>\n";
}
if ($_SESSION['suser_menu_locations']) {
$menu[] = '<a href="location.php">' . $lang['lang_locations'] . "</a>\n";
}
if ($_SESSION['suser_menu_nodes']) {
$menu[] = '<a href="node.php">' . $lang['lang_nodes'] . "</a>\n";
}
if ($_SESSION['suser_menu_subnets']) {
$menu[] = '<a href="subnet.php">' . $lang['lang_subnets'] . "</a>\n";
}
if ($_SESSION['suser_menu_vlans']) {
$menu[] = '<a href="vlan.php">' . $lang['lang_vlans'] . "</a>\n";
}
if ($_SESSION['suser_menu_cables']) {
$menu[] = '<a href="cable.php">' . $lang['lang_cables'] . "</a>\n";
}
if ($_SESSION['suser_menu_zones']) {
$menu[] = '<a href="zone.php">' . $lang['lang_zones'] . "</a>\n";
}
$smarty->assign("menu", implode(' | ', $menu));
$smarty->display("header.tpl");
?>

BIN
images/admin.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 748 B

BIN
images/cancel.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 587 B

BIN
images/information.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 778 B

BIN
images/manage.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 801 B

BIN
images/note.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 500 B

BIN
images/plugin.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 591 B

13
includes.php
Unescape View File

@ -11,13 +11,18 @@ session_name('ipreg');
session_start();
// check for user_id, if unnkown, redirect to login
if(empty($_SESSION['suser_id'])) {
header("Location: login.php");
exit;
if (empty($_SESSION['suser_id'])) {
$_SESSION['prelogin'] = $_SERVER['REQUEST_URI'];
header("Location: login.php");
exit;
}
include("config.php");
include("dbconnect.php");
// connect to database
$dbh = new PDO("mysql:host=$config_mysql_host;dbname=$config_mysql_dbname;charset=utf8", $config_mysql_username, $config_mysql_password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
include("lib.php");

29
install/mysql.sql
Unescape View File

@ -22,7 +22,7 @@ CREATE TABLE assetclass (
CREATE TABLE assetclassgroup (
assetclassgroup_id int(10) NOT NULL AUTO_INCREMENT,
assetclassgroup_name varchar(100) NOT NULL,
assetclassgroup_color varchar(6) NOT NULL DEFAULT '000000',
assetclassgroup_color char(6) NOT NULL DEFAULT '000000',
assetclassgroup_description varchar(100) DEFAULT NULL,
PRIMARY KEY (assetclassgroup_id),
INDEX ix_assetclassgroup_name (assetclassgroup_name)
@ -37,11 +37,20 @@ CREATE TABLE cable (
cable_length smallint(5) UNSIGNED DEFAULT NULL,
cable_links smallint(5) UNSIGNED DEFAULT 1,
cable_type enum('copper','fibre','laser','radio') DEFAULT NULL,
cable_color char(6) NOT NULL DEFAULT '000000',
cable_info text DEFAULT NULL,
PRIMARY KEY (cable_id),
UNIQUE INDEX ix_cable_description (cable_description)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- WIP
CREATE TABLE cablevlan (
cablevlan_id int(10) NOT NULL AUTO_INCREMENT,
cable_id int(10) NOT NULL,
vlan_id int(10) NOT NULL,
PRIMARY KEY (cablevlan_id)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- WIP
-- Reference to external systems
CREATE TABLE extlink (
@ -130,27 +139,23 @@ CREATE TABLE user (
user_dateformat varchar(10) NOT NULL DEFAULT 'd M Y H:i',
user_dns1suffix varchar(100) DEFAULT NULL,
user_dns2suffix varchar(100) DEFAULT NULL,
user_menu_assets varchar(2) NOT NULL DEFAULT 'on',
user_menu_assetclasses varchar(2) NOT NULL DEFAULT 'on',
user_menu_assetclassgroups varchar(2) NOT NULL DEFAULT 'on',
user_menu_locations varchar(2) NOT NULL DEFAULT 'on',
user_menu_nodes varchar(2) NOT NULL DEFAULT 'on',
user_menu_subnets varchar(2) NOT NULL DEFAULT 'on',
user_menu_users varchar(2) NOT NULL DEFAULT 'on',
user_menu_vlans varchar(2) NOT NULL DEFAULT 'on',
user_menu_zones varchar(2) NOT NULL DEFAULT 'on',
user_tooltips varchar(2) NOT NULL DEFAULT 'on',
user_menu set('asset','cable','class','group','location','nat','node',
'subnet','vlan','zone') NOT NULL DEFAULT 'asset,class,group,location,node,subnet,vlan',
user_role set('add','edit','delete','manage','admin') DEFAULT NULL,
user_flags set('deleted','locked'),
PRIMARY KEY (user_id),
UNIQUE INDEX ix_username (user_name)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
INSERT INTO user (user_name, user_pass, user_displayname) VALUES
('admin', '$2y$10$HTs0lSaFrfr.q4Gmy5zWfeDg3jhYZkqEGZEnDkMiHZ641nso38mt6', 'Administrator');
INSERT INTO user (user_name, user_pass, user_displayname, user_role) VALUES
('admin', '$2y$10$HTs0lSaFrfr.q4Gmy5zWfeDg3jhYZkqEGZEnDkMiHZ641nso38mt6', 'Administrator', 'admin');
CREATE TABLE vlan (
vlan_id int(10) NOT NULL AUTO_INCREMENT,
vlan_number int(3) NOT NULL,
vlan_name varchar(100) NOT NULL,
vlan_color char(6) NOT NULL DEFAULT '000000',
vlan_info text DEFAULT NULL,
PRIMARY KEY (vlan_id)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

2
install/mysql_sample.sql
Unescape View File

@ -57,4 +57,4 @@ INSERT INTO vlan (vlan_number, vlan_name) VALUES
(1, 'DEFAULT_VLAN');
INSERT INTO zone (zone_soa, zone_origin, zone_hostmaster, zone_serial, zone_ns1) VALUES
('ns1.example.com.', 'example.com.', 'hostmaster@example.com', '2023021301', 'ns1.example.com');
('ns1.example.com.', 'example.com.', 'hostmaster.example.com.', '2023021301', 'ns1.example.com');

20
lang/de.php
Unescape View File

@ -9,6 +9,8 @@ $lang = array(
'lang_assetclasses' => 'Objektklassen',
'lang_assetclassgroup' => 'Objektklassengruppe',
'lang_assetclassgroups' => 'Objektklassengruppen',
'lang_cable' => 'Kabel',
'lang_cables' => 'Kabel',
'lang_location' => 'Standort',
'lang_locations' => 'Standorte',
'lang_menu' => 'Menü',
@ -27,7 +29,7 @@ $lang = array(
'lang_vlans' => 'VLANs',
'lang_about' => 'Über',
'lang_all' => 'Allw',
'lang_all' => 'Alle',
'lang_cancel' => 'Abbruch',
'lang_color' => 'Farbe',
'lang_error' => 'Fehler',
@ -48,6 +50,7 @@ $lang = array(
'lang_empty' => 'leer',
'lang_source' => 'Quelle',
'lang_target' => 'Ziel',
'lang_length' => 'L&auml;nge',
'lang_asset_add' => 'Objekt hinzufügen',
'lang_asset_del' => 'Objekt löschen',
@ -99,6 +102,10 @@ $lang = array(
'lang_locationsubnet' => 'Standort/Subnetz',
'lang_locationsubnet_edit' => 'Standort/Subnetz bearbeiten',
'lang_cable_info' => 'Kabelinfo',
'lang_cable_type' => 'Kabeltyp',
'lang_cable_none' => 'Es sind keine Kabel vorhanden',
'lang_node_add' => 'Knoten hinzufügen',
'lang_node_del' => 'Knoten löschen',
'lang_node_edit' => 'Knoten ändern',
@ -151,6 +158,12 @@ $lang = array(
'lang_user_password' => 'Kennwort',
'lang_user_language' => 'Sprache',
'lang_user_realm' => 'Realm',
'lang_user_roles' => 'Rechte',
'lang_user_role_add' => 'Anlegen',
'lang_user_role_edit' => 'Bearbeiten',
'lang_user_role_delete' => 'Löschen',
'lang_user_role_manage' => 'Konfigurieren',
'lang_user_role_admin' => 'Adminstration',
'lang_zone_add' => 'Zone hinzufügen',
'lang_zone_del' => 'Zone löschen',
@ -178,6 +191,7 @@ $lang = array(
'lang_comments_usernameinuse' => 'Benutzername wird bereits verwendet',
'lang_comments_invalidpass' => 'Das Kennwort ist falsch',
'lang_comments_invalidnewpass' => 'Das neue Kennwort wurde nicht korrekt eingegeben',
'lang_comments_accessdenied' => 'Zugriff verweigert. Keine Berechtigung.',
'lang_options_ipreg' => 'IP Reg Optionen',
'lang_options_display' => 'Anzeigeeinstellungen',
@ -192,9 +206,9 @@ $lang = array(
'lang_options_dateformat' => 'Datumsformat',
'lang_options_dateformat_help' => 'Format in which dates are displayed using the php-date-format (see http://www.php.net/date for more info)',
'lang_options_dns1suffix' => 'DNS Name suffix',
'lang_options_dns1suffix_help' => 'Default DNS Name suffix für neue Knoten',
'lang_options_dns1suffix_help' => 'Standard DNS Name Suffix für neue Knoten',
'lang_options_dns2suffix' => 'DNS Alias suffix',
'lang_options_dns2suffix_help' => 'Default DNS Alias suffix für neue Knoten',
'lang_options_dns2suffix_help' => 'Standard DNS Alias Suffix für neue Knoten',
'lang_options_currentpassword' => 'Aktuelles Kennwort',
'lang_options_currentpassword_help' => 'Bitte geben Sie hier Ihr bisheriges Kennwort ein',
'lang_options_newpassword1' => 'Neues Kennwort',

14
lang/en.php
Unescape View File

@ -9,6 +9,8 @@ $lang = array(
'lang_assetclasses' => 'Assetclasses',
'lang_assetclassgroup' => 'Assetclassgroup',
'lang_assetclassgroups' => 'Assetclassgroups',
'lang_cable' => 'Cable',
'lang_cables' => 'Cables',
'lang_location' => 'Location',
'lang_locations' => 'Locations',
'lang_menu' => 'Menu',
@ -48,6 +50,7 @@ $lang = array(
'lang_empty' => 'empty',
'lang_source' => 'Source',
'lang_target' => 'Target',
'lang_length' => 'Length',
'lang_asset_add' => 'Add asset',
'lang_asset_del' => 'Delete asset',
@ -99,6 +102,10 @@ $lang = array(
'lang_locationsubnet' => 'Location/Subnet',
'lang_locationsubnet_edit' => 'Edit Location/Subnet',
'lang_cable_info' => 'Cable info',
'lang_cable_type' => 'Cable type',
'lang_cable_none' => 'There are no cables defined',
'lang_node_add' => 'Add node',
'lang_node_del' => 'Delete node',
'lang_node_edit' => 'Modify node',
@ -151,6 +158,12 @@ $lang = array(
'lang_user_password' => 'Password',
'lang_user_language' => 'Language',
'lang_user_realm' => 'Realm',
'lang_user_roles' => 'Roles',
'lang_user_role_add' => 'Add',
'lang_user_role_edit' => 'Edit',
'lang_user_role_delete' => 'Delete',
'lang_user_role_manage' => 'Manage',
'lang_user_role_admin' => 'Adminstration',
'lang_zone_add' => 'Add zone',
'lang_zone_del' => 'Delete zone',
@ -178,6 +191,7 @@ $lang = array(
'lang_comments_usernameinuse' => 'Username in use',
'lang_comments_invalidpass' => 'Invalid password',
'lang_comments_invalidnewpass' => 'Invalid new password',
'lang_comments_accessdenied' => 'Access denied',
'lang_options_ipreg' => 'IP Reg options',
'lang_options_display' => 'Display options',

143
lib.php
Unescape View File

@ -7,6 +7,26 @@ Copyright (C) 2011-2023 Thomas Hooge
SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
// ========== CONSTANT DEFINITIONS ============================================
// page actions
define ('ACT_DEFAULT', 0);
define ('ACT_ADD', 1);
define ('ACT_VIEW', 2);
define ('ACT_EDIT', 3);
define ('ACT_DELETE', 4);
define ('ACT_COPY', 5);
define ('ACT_JOIN', 6);
define ('ACT_LEAVE', 7);
define ('ACT_EDIT_DETAIL', 8);
define ('ACT_DEL_DETAIL', 9);
define ('ACT_LINK', 10);
define ('ACT_UNLINK', 11);
define ('ACT_MAIL', 12);
define ('ACT_VIEW_LIST', 13);
// ========== GLOBAL PAGE START CODE ==========================================
// global version string
$config_version = 'v0.8';
@ -15,19 +35,128 @@ $config_lang = array('de', 'en');
include("lib/functions.php");
//require("lib/db.class.php");
//$db = new Db($dblink);
//require("lib/user.class.php");
// $user = new User();
require_once('smarty3/Smarty.class.php');
$smarty = new Smarty();
$smarty->template_dir = 'tpl';
$smarty->compile_dir = 'tpl_c';
$smarty->registerPlugin('function', 'treelist', 'print_tree');
$smarty->registerPlugin('function', 'msgout', 'msgout');
$smarty->assign("suser_name", $_SESSION['suser_displayname']);
$smarty->assign("suser_tooltips", $_SESSION['suser_tooltips'] ?? 'off');
$smarty->assign("suser_add", $_SESSION['suser_role_add']);
$smarty->assign("suser_edit", $_SESSION['suser_role_edit']);
$smarty->assign("suser_delete", $_SESSION['suser_role_delete']);
$smarty->assign("suser_manage", $_SESSION['suser_role_manage']);
$smarty->assign("suser_admin", $_SESSION['suser_role_admin']);
// prepare global message system
$g_message = new Message;
$g_warning = new MessageWarning;
$g_error = new MessageError;
$action = ACT_DEFAULT;
// ========== FEEDBACK FUNCTIONS ==============================================
class Message {
var $count = 0;
var $text = array();
var $caption;
function Message() {
$this->caption = 'Information';
}
function SetCaption($str) {
$this->caption = $str;
}
function Add($msg) {
$this->count++;
$this->text[$this->count] = $msg;
}
function GetCount() {
return $this->count;
}
function PrintOut() {
if ($this->count > 0) {
echo '<div class="info">', "\n";
echo '<h3>', $this->caption, "</h3>\n";
echo "<ul>\n";
for ($i=1; $i<=$this->count; $i++) {
echo "\t<li>", $this->text[$i],"</li>\n";
}
echo "</ul>\n";
echo "</div>\n";
}
}
}
class MessageWarning extends Message {
function MessageWarning() {
$this->caption = 'Warning';
}
function PrintOut() {
if ($this->count > 0) {
echo '<div class="warning">', "\n";
echo '<h3>', $this->caption, "</h3>\n";
echo "<ul>\n";
for ($i=1; $i<=$this->count; $i++) {
echo "\t<li>", $this->text[$i],"</li>\n";
}
echo "</ul>\n";
echo "</div>\n";
}
}
}
class MessageError extends Message {
function MessageError() {
$this->caption = 'Error';
}
function PrintOut() {
if ($this->count > 0) {
echo '<div class="error">', "\n";
echo '<h3>', $this->caption, "</h3>\n";
echo "<ul>\n";
for ($i=1; $i<=$this->count; $i++) {
echo "\t<li>", $this->text[$i],"</li>\n";
}
echo "</ul>\n";
echo "</div>\n";
}
}
}
// ========== FORM FUNCTIONS ==================================================
function form_get_action() {
if (!isset($_POST['submit'])) {
if (isset($_GET['f'])) {
$submit = $_GET['f'];
} else {
$submit = NULL;
}
} else {
$submit = $_POST['submit'];
}
if (is_array($submit)) {
$submit = key($submit);
}
return strtolower($submit);
}
function submit_error($action) {
/* Submit buttons that return an unknown value end up in this
function by default. An exit() is conscious here *not* installed,
since it could be that despite such an error the program
execution should be continued. */
return sprintf('The action "%s" is unknown. It is probably a program error.<br /> Please inform your administrator of the exact circumstances of how this situation came about.', strtoupper($action));
}
// ========== DATABASE FUCTIONS ===============================================

8
lib/functions.php
Unescape View File

@ -152,4 +152,12 @@ function print_tree($params, Smarty_Internal_Template $template) {
}
}
function msgout(array $parameters, Smarty_Internal_Template $smarty)
{
// This is just a quick hack around missing {php} in Smarty3
$GLOBALS['g_error']->PrintOut();
$GLOBALS['g_warning']->PrintOut();
$GLOBALS['g_message']->PrintOut();
}
?>

171
lib/user.class.php
Unescape View File

@ -1,171 +0,0 @@
<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
For more information, visit http://sourceforge.net/projects/ipreg,
or contact me at wietsew@users.sourceforge.net
*****************************************************************************/
class User {
function check_strlen($string) {
// check length
if(strlen($string)<1) {
return FALSE;
} else {
return TRUE;
}
}
function check_ldap_bind($user_name, $user_pass) {
global $config_ldap_host;
global $config_ldap_port;
global $config_ldap_base_dn;
global $config_ldap_bind_dn;
global $config_ldap_bind_pass;
global $config_ldap_login_attr;
$ldap_conn = NULL;
foreach ($config_ldap_host as $server) {
if ($ldap_conn = ldap_connect($server, $config_ldap_port)) {
if ($res = ldap_bind($ldap_conn, $config_ldap_bind_dn, $config_ldap_bind_pass)) {
ldap_set_option($ldap_conn, LDAP_OPT_REFERRALS, 0);
ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
$filter = "(&(objectClass=user)($config_ldap_login_attr=$user_name))";
$res = ldap_search($ldap_conn, $config_ldap_base_dn, $filter, ['dn']);
if ($res) {
$info = ldap_get_entries($ldap_conn, $res);
$user_dn = $info[0]['dn'];
$res = ldap_bind($ldap_conn, $user_dn, $user_pass);
if ($res) {
return TRUE;
}
}
}
return FALSE;
}
}
return FALSE;
}
function user_login($user_name, $user_pass) {
global $dblink;
// check user_name length
if($this->check_strlen($user_name)==FALSE) {
return FALSE;
}
// check user_pass length
if($this->check_strlen($user_pass)==FALSE) {
return FALSE;
}
// get user data
// initiate class
$db = new Db($dblink);
// build query
$query = "SELECT
user.user_id,
user.user_pass,
user.user_realm,
user.user_displayname,
user.user_language,
user.user_imagesize,
user.user_imagecount,
user.user_mac,
user.user_dateformat,
user.user_dns1suffix,
user.user_dns2suffix,
user.user_menu_assets,
user.user_menu_assetclasses,
user.user_menu_assetclassgroups,
user.user_menu_locations,
user.user_menu_nodes,
user.user_menu_subnets,
user.user_menu_users,
user.user_menu_vlans,
user.user_menu_zones,
user.user_tooltips
FROM
user
WHERE
user.user_name='" . $user_name . "'";
// run query
$users = $db->db_select($query);
// count results
$user_counter = count($users);
// any users?
if ($user_counter>0) {
if ($users[0]['user_realm'] == 'ldap') {
// check LDAP auth
if (! $this->check_ldap_bind($user_name, $user_pass)) {
return FALSE;
}
// TODO sync LDAP data to local
} else {
// compare local passwords
if(!strcmp(md5($user_pass), rtrim($users[0]['user_pass']))) {
// all ok: user is logged in
// md5 match but outdated. rewrite with new algo
$newhash = password_hash($user_pass, PASSWORD_BCRYPT);
$query = "UPDATE user SET user_pass='" . $newhash. "' WHERE user_id=" . $users[0]['user_id'];
$db->db_update($query);
} else {
if (! password_verify($user_pass, $users[0]['user_pass'])) {
return FALSE;
}
}
}
} else {
return FALSE;
}
// register session data
$_SESSION['suser_id'] = $users[0]['user_id'];
$_SESSION['suser_displayname'] = $users[0]['user_displayname'];
$_SESSION['suser_language'] = $users[0]['user_language'];
$_SESSION['suser_imagesize'] = $users[0]['user_imagesize'];
$_SESSION['suser_imagecount'] = $users[0]['user_imagecount'];
$_SESSION['suser_mac'] = $users[0]['user_mac'];
$_SESSION['suser_dateformat'] = $users[0]['user_dateformat'];
$_SESSION['suser_dns1suffix'] = $users[0]['user_dns1suffix'];
$_SESSION['suser_dns2suffix'] = $users[0]['user_dns2suffix'];
$_SESSION['suser_menu_assets'] = $users[0]['user_menu_assets'];
$_SESSION['suser_menu_assetclasses'] = $users[0]['user_menu_assetclasses'];
$_SESSION['suser_menu_assetclassgroups'] = $users[0]['user_menu_assetclassgroups'];
$_SESSION['suser_menu_locations'] = $users[0]['user_menu_locations'];
$_SESSION['suser_menu_nodes'] = $users[0]['user_menu_nodes'];
$_SESSION['suser_menu_subnets'] = $users[0]['user_menu_subnets'];
$_SESSION['suser_menu_users'] = $users[0]['user_menu_users'];
$_SESSION['suser_menu_vlans'] = $users[0]['user_menu_vlans'];
$_SESSION['suser_menu_zones'] = $users[0]['user_menu_zones'];
$_SESSION['suser_tooltips'] = $users[0]['user_tooltips'];
// no errors found, return
return TRUE;
}
function user_logout() {
// clear and destroy session
$_SESSION = array();
}
}
?>

48
login.php
Unescape View File

@ -11,8 +11,13 @@ session_name('ipreg');
session_start();
include("config.php");
include("dbconnect.php");
include("lib.php");
// connect to database
$dbh = new PDO("mysql:host=$config_mysql_host;dbname=$config_mysql_dbname;charset=utf8", $config_mysql_username, $config_mysql_password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
include("lib.php"); // only for get_language from browser. TODO: simplify
function user_login ($user_name, $user_pass) {
global $dbh;
@ -27,11 +32,8 @@ function user_login ($user_name, $user_pass) {
$sql = "SELECT user_id, user_pass, user_displayname, user_language,
user_imagesize, user_imagecount, user_mac, user_dateformat,
user_dns1suffix, user_dns2suffix, user_menu_assets,
user_menu_assetclasses, user_menu_assetclassgroups,
user_menu_locations, user_menu_nodes, user_menu_subnets,
user_menu_users, user_menu_vlans, user_menu_zones,
user_tooltips
user_dns1suffix, user_dns2suffix, user_tooltips,
user_menu, user_role, user_flags
FROM user
WHERE user_name=?";
$sth = $dbh->prepare($sql);
@ -55,6 +57,7 @@ function user_login ($user_name, $user_pass) {
$sth->execute([$newhash, $user->user_id]);
}
// all ok: user is logged in, register session data
$_SESSION['suser_id'] = $user->user_id;
$_SESSION['suser_displayname'] = $user->user_displayname;
@ -65,17 +68,26 @@ function user_login ($user_name, $user_pass) {
$_SESSION['suser_dateformat'] = $user->user_dateformat;
$_SESSION['suser_dns1suffix'] = $user->user_dns1suffix;
$_SESSION['suser_dns2suffix'] = $user->user_dns2suffix;
$_SESSION['suser_menu_assets'] = $user->user_menu_assets;
$_SESSION['suser_menu_assetclasses'] = $user->user_menu_assetclasses;
$_SESSION['suser_menu_assetclassgroups'] = $user->user_menu_assetclassgroups;
$_SESSION['suser_menu_locations'] = $user->user_menu_locations;
$_SESSION['suser_menu_nodes'] = $user->user_menu_nodes;
$_SESSION['suser_menu_subnets'] = $user->user_menu_subnets;
$_SESSION['suser_menu_users'] = $user->user_menu_users;
$_SESSION['suser_menu_vlans'] = $user->user_menu_vlans;
$_SESSION['suser_menu_zones'] = $user->user_menu_zones;
$_SESSION['suser_tooltips'] = $user->user_tooltips;
$roles = explode(',', $user->user_role);
$_SESSION['suser_role_add'] = in_array('add', $roles);
$_SESSION['suser_role_edit'] = in_array('edit', $roles);
$_SESSION['suser_role_delete'] = in_array('delete', $roles);
$_SESSION['suser_role_manage'] = in_array('manage', $roles);
$_SESSION['suser_role_admin'] = in_array('admin', $roles);
$menu = explode(',', $user->user_menu);
$_SESSION['suser_menu_assets'] = in_array('asset', $menu);
$_SESSION['suser_menu_assetclasses'] = in_array('class', $menu);
$_SESSION['suser_menu_assetclassgroups'] = in_array('group', $menu);
$_SESSION['suser_menu_cables'] = in_array('cable', $menu);
$_SESSION['suser_menu_locations'] = in_array('location', $menu);
$_SESSION['suser_menu_nodes'] = in_array('node', $menu);
$_SESSION['suser_menu_subnets'] = in_array('subnet', $menu);
$_SESSION['suser_menu_vlans'] = in_array('vlan', $menu);
$_SESSION['suser_menu_zones'] = in_array('zone', $menu);
return TRUE;
}
@ -84,13 +96,13 @@ function user_login ($user_name, $user_pass) {
$language = lang_getfrombrowser($config_lang, $config_lang_default, null, false);
include('lang/' . $language . '.php');
if ($_SERVER['REQUEST_METHOD']=="POST" ) {
if ($_SERVER['REQUEST_METHOD'] == "POST" ) {
$user_name = sanitize($_POST['user_name']);
$user_pass = sanitize($_POST['user_pass']);
if (user_login($user_name, $user_pass) == TRUE) {
header_location("index.php");
header_location($_SESSION['prelogin'] ?? 'index.php');
} else {
$_SESSION = array();
session_destroy();

14
optionseditdisplay.php
Unescape View File

@ -31,6 +31,12 @@ if($_SESSION['suser_menu_assetclassgroups']=='on') {
} else {
$user_menu_assetclassgroups_checked = '';
}
// cables
if($_SESSION['suser_menu_cables']=='on') {
$user_menu_cables_checked = 'checked';
} else {
$user_menu_cables_checked = '';
}
// locations
if($_SESSION['suser_menu_locations']=='on') {
$user_menu_locations_checked = 'checked';
@ -49,12 +55,6 @@ if($_SESSION['suser_menu_subnets']=='on') {
} else {
$user_menu_subnets_checked = '';
}
// users
if($_SESSION['suser_menu_users']=='on') {
$user_menu_users_checked = 'checked';
} else {
$user_menu_users_checked = '';
}
// vlans
if($_SESSION['suser_menu_vlans']=='on') {
$user_menu_vlans_checked = 'checked';
@ -85,10 +85,10 @@ $smarty->assign("user_language", $_SESSION['suser_language']);
$smarty->assign("user_menu_assets_checked", $user_menu_assets_checked);
$smarty->assign("user_menu_assetclasses_checked", $user_menu_assetclasses_checked);
$smarty->assign("user_menu_assetclassgroups_checked", $user_menu_assetclassgroups_checked);
$smarty->assign("user_menu_cables_checked", $user_menu_cables_checked);
$smarty->assign("user_menu_locations_checked", $user_menu_locations_checked);
$smarty->assign("user_menu_nodes_checked", $user_menu_nodes_checked);
$smarty->assign("user_menu_subnets_checked", $user_menu_subnets_checked);
$smarty->assign("user_menu_users_checked", $user_menu_users_checked);
$smarty->assign("user_menu_vlans_checked", $user_menu_vlans_checked);
$smarty->assign("user_menu_zones_checked", $user_menu_zones_checked);
$smarty->assign("user_tooltips_checked", $user_tooltips_checked);

73
submit.php
Unescape View File

@ -329,11 +329,12 @@ if (isset($_POST['add'])) {
$vlan_name = sanitize($_POST['vlan_name']);
$vlan_number = sanitize($_POST['vlan_number']);
$vlan_info = sanitize($_POST['vlan_info']);
$vlan_color = sanitize($_POST['vlan_color']);
$sql = "INSERT INTO vlan (vlan_name, vlan_number, vlan_info)
VALUE (?, ?, ?)";
$sql = "INSERT INTO vlan (vlan_name, vlan_number, vlan_color, vlan_info)
VALUE (?, ?, ?, ?)";
$sth = $dbh->prepare($sql);
$sth->execute([$vlan_name, $vlan_number, $vlan_info]);
$sth->execute([$vlan_name, $vlan_number, $vlan_color, $vlan_info]);
header_location("vlanview.php?vlan_id=" . $dbh->lastInsertId());
break;
@ -497,7 +498,7 @@ if (isset($_POST['del'])) {
case ("vlan") :
$vlan_id = sanitize($_POST['vlan_id']);
$sth = $dbh->prepare("DELETE FROM vlan WHERE vlan_id=");
$sth = $dbh->prepare("DELETE FROM vlan WHERE vlan_id=?");
$sth->execute([$vlan_id]);
header_location("vlan.php");
@ -623,31 +624,41 @@ if (isset($_POST['edit'])) {
$dateformat = sanitize($_POST['user_dateformat']);
$dns1suffix = sanitize($_POST['user_dns1suffix']);
$dns2suffix = sanitize($_POST['user_dns2suffix']);
$tooltips = sanitize($_POST['user_tooltips']);
$menu_assets = sanitize($_POST['user_menu_assets']);
$menu_assetclasses = sanitize($_POST['user_menu_assetclasses']);
$menu_assetclassgroups = sanitize($_POST['user_menu_assetclassgroups']);
$menu_cables = sanitize($_POST['user_menu_cables']);
$menu_locations = sanitize($_POST['user_menu_locations']);
$menu_nodes = sanitize($_POST['user_menu_nodes']);
$menu_subnets = sanitize($_POST['user_menu_subnets']);
$menu_users = sanitize($_POST['user_menu_users']);
$menu_vlans = sanitize($_POST['user_menu_vlans']);
$menu_zones = sanitize($_POST['user_menu_zones']);
$tooltips = sanitize($_POST['user_tooltips']);
// construct menu set
$menu = array();
if ($menu_assets) $menu[] = 'asset';
if ($menu_assetclasses) $menu[] = 'class';
if ($menu_assetclassgroups) $menu[] = 'group';
if ($menu_cables) $menu[] = 'cable';
if ($menu_locations) $menu[] = 'location';
if ($menu_nodes) $menu[] = 'node';
if ($menu_subnets) $menu[] = 'subnet';
if ($menu_vlans) $menu[] = 'vlan';
if ($menu_zones) $menu[] = 'zone';
$sql = "UPDATE user SET
user_language=?, user_imagesize=?, user_imagecount=?, user_mac=?, user_dateformat=?,
user_dns1suffix=?, user_dns2suffix=?, user_menu_assets=?, user_menu_assetclasses=?,
user_menu_assetclassgroups=?, user_menu_locations=?, user_menu_nodes=?,
user_menu_subnets=?, user_menu_users=?, user_menu_vlans=?, user_menu_zones=?,
user_tooltips=?
user_language=?, user_imagesize=?, user_imagecount=?,
user_mac=?, user_dateformat=?, user_dns1suffix=?,
user_dns2suffix=?, user_tooltips=?, user_menu=?
WHERE
user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$language, $imagesize, $imagecount, $mac, $dateformat,
$dns1suffix, $dns2suffix, $menu_assets, $menu_assetclasses,
$menu_assetclassgroups, $menu_locations, $menu_nodes,
$menu_subnets, $menu_users, $menu_vlans, $menu_zones,
$tooltips, $id]);
$sth->execute([$language, $imagesize, $imagecount,
$mac, $dateformat, $dns1suffix,
$dns2suffix, $tooltips, implode(',', $menu),
$id]);
$_SESSION['suser_language'] = $language;
$_SESSION['suser_imagesize'] = $imagesize;
@ -659,10 +670,10 @@ if (isset($_POST['edit'])) {
$_SESSION['suser_menu_assets'] = $menu_assets;
$_SESSION['suser_menu_assetclasses'] = $menu_assetclasses;
$_SESSION['suser_menu_assetclassgroups'] = $menu_assetclassgroups;
$_SESSION['suser_menu_cables'] = $menu_cables;
$_SESSION['suser_menu_locations'] = $menu_locations;
$_SESSION['suser_menu_nodes'] = $menu_nodes;
$_SESSION['suser_menu_subnets'] = $menu_subnets;
$_SESSION['suser_menu_users'] = $menu_users;
$_SESSION['suser_menu_vlans'] = $menu_vlans;
$_SESSION['suser_menu_zones'] = $menu_zones;
$_SESSION['suser_tooltips'] = $tooltips;
@ -720,10 +731,29 @@ if (isset($_POST['edit'])) {
$user_name = sanitize($_POST['user_name']);
$user_displayname = sanitize($_POST['user_displayname']);
$user_realm = sanitize($_POST['user_realm']);
// roles
$role_add = sanitize($_POST['role_add']);
$role_edit = sanitize($_POST['role_edit']);
$role_delete = sanitize($_POST['role_delete']);
$role_manage = sanitize($_POST['role_manage']);
$role_admin = sanitize($_POST['role_admin']);
// construct menu set
$role = array();
if ($role_add) $role[] = 'add';
if ($role_edit) $role[] = 'edit';
if ($role_delete) $role[] = 'delete';
if ($role_manage) $role[] = 'manage';
if ($role_admin) $role[] = 'admin';
$sql = "UPDATE user SET user_name=?, user_displayname=?, user_realm=? WHERE user_id=?";
$sql = "UPDATE user SET
user_name=?, user_displayname=?, user_realm=?,
user_role=?
WHERE user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$user_name ,$user_displayname, $user_realm, $user_id]);
$sth->execute([$user_name ,$user_displayname, $user_realm,
implode(',', $role), $user_id]);
header_location("userview.php?user_id=" . $user_id);
break;
@ -733,10 +763,11 @@ if (isset($_POST['edit'])) {
$vlan_name = sanitize($_POST['vlan_name']);
$vlan_number = sanitize($_POST['vlan_number']);
$vlan_info = sanitize($_POST['vlan_info']);
$vlan_color = sanitize($_POST['vlan_color']);
$sql = "UPDATE vlan SET vlan_name=?, vlan_number=?, vlan_info=? WHERE vlan_id=?";
$sql = "UPDATE vlan SET vlan_name=?, vlan_number=?, vlan_color=?, vlan_info=? WHERE vlan_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$vlan_name, $vlan_number, $vlan_info, $vlan_id]);
$sth->execute([$vlan_name, $vlan_number, $vlan_color, $vlan_info, $vlan_id]);
header_location("vlanview.php?vlan_id=" . $vlan_id);
break;

2
subnetvlanadd.php
Unescape View File

@ -33,7 +33,7 @@ $sth->execute([$subnet_id]);
$vlans = $sth->fetchAll();
foreach ($vlans as $vlan) {
$vlan_options[$vlan['vlan_id']] = $vlan['vlan_name'];
$vlan_options[$vlan['vlan_id']] = $vlan['vlan_name'] . '(' . $vlan['vlan_number']. ')';
}
$smarty->assign("vlan_options", $vlan_options);

2
tpl/asset.tpl
Unescape View File

@ -4,7 +4,9 @@
{$lang_assets} ({$assets|@count} / {$assetcount})
</td>
<td align="right">
{if $suser_add}
<a href="assetadd.php"><img src="image.php?icon=add" alt="{$lang_asset_add}" {if $suser_tooltips}title="{$lang_asset_add}" {/if}/></a>
{/if}
</td>
</tr>
</table>

2
tpl/assetclass.tpl
Unescape View File

@ -4,7 +4,9 @@
{$lang_assetclasses} ({$assetclasses|@count})
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="assetclassadd.php"><img src="image.php?icon=add" alt="{$lang_assetclass_add}" {if $suser_tooltips}title="{$lang_assetclass_add}" {/if}/></a>
{/if}
</td>
</tr>
</table>

2
tpl/assetclassgroup.tpl
Unescape View File

@ -4,7 +4,9 @@
{$lang_assetclassgroups} ({$assetclassgroups|@count})
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="assetclassgroupadd.php"><img src="image.php?icon=add" alt="{$lang_assetclassgroup_add}" {if $suser_tooltips}title="{$lang_assetclassgroup_add}" {/if}/></a>
{/if}
</td>
</tr>
</table>

2
tpl/assetclassview.tpl
Unescape View File

@ -1,7 +1,7 @@
<table class="title">
<tr>
<td class="header">
{$assetclass_name}
{$assetclass->assetclass_name}
</td>
<td align="right">
<a href="assetadd.php?assetclass_id={$assetclass->assetclass_id}"><img src="image.php?icon=add" alt="{$lang_asset_add}" {if $suser_tooltips}title="{$lang_asset_add}" {/if}/></a>

2
tpl/assetview.tpl
Unescape View File

@ -1,7 +1,7 @@
<table class="title">
<tr>
<td class="header">
{$asset_name}
{$asset->asset_name}
</td>
<td align="right">
<a href="assignnodetoasset.php?asset_id={$asset->asset_id}"><img src="image.php?icon=add" alt="{$lang_assignnodetoasset}"></a>

52
tpl/cable.tpl
Unescape View File

@ -0,0 +1,52 @@
<table class="title">
<tr>
<td class="header">
{$lang_cable} ({$cables|@count})
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="cable.php?f=add"><img src="images/page_add.png" alt="{$lang_add}" {if $suser_tooltips}title="{$lang_add}" {/if}/></a>
{/if}
</td>
</tr>
</table>
<table class="info">
<tr>
<td class="header">
{$lang_cable}
</td>
<td class="header">
{$lang_length}
</td>
<td class="header">
{$lang_cable_type}
</td>
<td class="header">
{$lang_cable_info}
</td>
</tr>
{foreach item=cable from=$cables}
<tr>
<td class="label">
<img src="image.php?color={$cable.cable_color}" alt="#{$cable.cable_color}">
<a href="cable.php?f=view&id={$cable.id}">{$cable.description}</a>
</td>
<td class="label">
{$cable.cable_length} m
</td>
<td class="label">
{$cable.cable_type}
</td>
<td class="label">
{$cable.info}
</td>
</tr>
{foreachelse}
<tr>
<td>
{$lang_cable_none}
</td>
</tr>
{/foreach}
</table>

75
tpl/cableadd.tpl
Unescape View File

@ -0,0 +1,75 @@
<form method="POST" action="cable.php">
<table class="title">
<tr>
<td class="header">
{$lang_cable_add}
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="images/control_rewind_blue.png" alt="{$lang_cancel}"{if $suser_tooltips} title="{$lang_cancel}"{/if} /></a>
<input type="image" name="submit[insert]" src="images/page_save.png" alt="{$lang_save}"{if $suser_tooltips} title="{$lang_save}"{/if} />
</td>
</tr>
</table>
<table class="info">
<tr>
<td class="header">
{$lang_cable}
</td>
</tr>
<tr>
<td class="label">
{$lang_description}
</td>
<td class="value">
<input type="text" size="40" name="description" maxlength="80">
</td>
</tr>
{*
<tr>
<td class="label">
from - to
</td>
<td class="value">
<input type="text" size="10" name="length" maxlength="12">
-
<input type="text" size="10" name="length" maxlength="12">
</td>
</tr>
*}
<tr>
<td class="label">
{$lang_length}
</td>
<td class="value">
<input type="text" size="10" name="length" maxlength="80"> m
</td>
</tr>
<tr>
<td class="label">
Type
</td>
<td class="value">
{html_options name=cable_type options=$type_options selected=$cable->cable_type}
</td>
</tr>
<tr>
<td class="label">
{$lang_color}
</td>
<td class="value">
#<input type="text" {literal}class="color {pickerPosition:'right'}"{/literal} name="color" size="6" maxlength="6" value="{$cable->color}">
</td>
</tr>
<tr>
<td class="label">
{$lang_info}
</td>
<td class="value">
<textarea name="info" cols="30" rows="10"></textarea>
</td>
</tr>
</table>
</form>

39
tpl/cabledel.tpl
Unescape View File

@ -0,0 +1,39 @@
<form method="POST" action="cable.php">
<input type="hidden" name="id" value="{$cable->id}">
<table class="title">
<tr>
<td class="header">
{$lang_cable_del}
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=cancel" alt="{$lang_cancel}" {if $suser_tooltips}title="{$lang_cancel}" {/if}/></a>
<input type="image" src="image.php?icon=shred" alt="{$lang_assetclass_del}" {if $suser_tooltips}title="{$lang_assetclass_del}" {/if}/>
<a href="#" onClick="history.go(-1)"><img src="images/control_rewind_blue.png" alt="Abbruch"{if $suser_tooltips} title="{$lang_cancel}"{/if} /></a>
<input type="image" name="submit[delete]" src="images/delete.png" alt="Löschen"{if $suser_tooltips} title="Löschen"{/if} />
</td>
</tr>
</table>
<table class="info">
<tr>
<td class="header">
{$lang_cable}
</td>
<td class="header_right">
&nbsp;
</td>
</tr>
<tr>
<td class="label">
{$lang_cable_name}
</td>
<td class="value">
<a href="cable.php?id={$cable->id}">{$cable->description}</a>
</td>
</tr>
</table>
</form>

76
tpl/cableedit.tpl
Unescape View File

@ -0,0 +1,76 @@
<form method="POST" action="cable.php">
<input type="hidden" name="id" value="{$cable->id}">
<table class="title">
<tr>
<td class="header">
{$lang_cable_add}
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="images/control_rewind_blue.png" alt="{$lang_cancel}"{if $suser_tooltips} title="{$lang_cancel}"{/if} /></a>
<input type="image" name="submit[update]" src="images/page_save.png" alt="{$lang_save}"{if $suser_tooltips} title="{$lang_save}"{/if} />
</td>
</tr>
</table>
<table class="info">
<tr>
<td class="header">
{$lang_cable}
</td>
</tr>
<tr>
<td class="label">
{$lang_description}
</td>
<td class="value">
<input type="text" size="40" name="description" maxlength="80" value="{$cable->description}">
</td>
</tr>
{*
<tr>
<td class="label">
from - to
</td>
<td class="value">
<input type="text" size="10" name="loc_from" maxlength="12">
-
<input type="text" size="10" name="loc_to" maxlength="12">
</td>
</tr>
*}
<tr>
<td class="label">
{$lang_length}
</td>
<td class="value">
<input type="text" size="10" name="length" maxlength="80" value="{$cable->cable_length}"> m
</td>
</tr>
<tr>
<td class="label">
Type
</td>
<td class="value">
{html_options name=cable_type options=$type_options selected=$cable->cable_type}
</td>
</tr>
<tr>
<td class="label">
{$lang_color}
</td>
<td class="value">
#<input type="text" {literal}class="color {pickerPosition:'right'}"{/literal} name="color" size="6" maxlength="6" value="{$cable->color}">
</td>
</tr>
<tr>
<td class="label">
{$lang_info}
</td>
<td class="value">
<textarea name="info" cols="30" rows="10">{$cable->info}</textarea>
</td>
</tr>
</table>
</form>

63
tpl/cableview.tpl
Unescape View File

@ -0,0 +1,63 @@
<table class="title">
<tr>
<td class="header">
{$vlan_name}
</td>
<td align="right">
<a href="cable.php?f=edit&id={$cable->id}"><img src="image.php?icon=edit" alt="{$lang_cable_edit}"></a>
<a href="cable.php?f=del&id={$cable->id}"><img src="image.php?icon=delete" alt="{$lang_cable_del}"></a>
</td>
</tr>
</table>
<table class="info">
<tr>
<td class="header">
{$lang_cable}
</td>
<td class="header_right">
&nbsp;
</td>
</tr>
<tr>
<td class="label">
{$lang_description}
</td>
<td class="value">
{$cable->description}
</td>
</tr>
<tr>
<td class="label">
{$lang_cable_type} XXX
</td>
<td class="value">
{$cable->cable_type}
</td>
</tr>
<tr>
<td class="label">
{$lang_length}
</td>
<td class="value">
{$cable->cable_length} m
</td>
</tr>
<tr>
<td class="label">
{$lang_color}
</td>
<td class="value">
<img src="image.php?color={$cable->color}" alt="{$cable->color}">
#{$cable->color}
</td>
</tr>
<tr>
<td class="label">
{$lang_cable_info}
</td>
<td class="value">
{$cable->info}
</td>
</tr>
</table>

11
tpl/header.tpl
Unescape View File

@ -26,14 +26,7 @@
<a href="index.php"><img src="image.php?icon=logo" alt="{$lang_ipreg}" style="margin-right:1em" /></a>
</td>
<td valign="top" rowspan="2">
{if $menu_assets}<a href="asset.php">{$lang_assets}</a> | {/if}
{if $menu_assetclasses}<a href="assetclass.php">{$lang_assetclasses}</a> | {/if}
{if $menu_assetclassgroups}<a href="assetclassgroup.php">{$lang_assetclassgroups}</a> | {/if}
{if $menu_locations}<a href="location.php">{$lang_locations}</a> | {/if}
{if $menu_nodes}<a href="node.php">{$lang_nodes}</a> | {/if}
{if $menu_subnets}<a href="subnet.php">{$lang_subnets}</a> | {/if}
{if $menu_vlans}<a href="vlan.php">{$lang_vlans}</a> | {/if}
{if $menu_zones}<a href="zone.php">{$lang_zones}</a> {/if}
{$menu}
</td>
<td align="right" width="38%">
{$suser_name}&nbsp;|&nbsp;
@ -49,7 +42,6 @@
</tr>
</table>
</form>
<table class="header">
<tr>
<td>
@ -57,3 +49,4 @@
</td>
</tr>
</table>
{msgout}

2
tpl/location.tpl
Unescape View File

@ -5,7 +5,9 @@
{$lang_locations} ({$locations|@count})
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="locationadd.php"><img src="images/building_add.png" alt="{$lang_location_add}" title="{$lang_location_add}" /></a>
{/if}
</td>
</tr>
</table>

2
tpl/locationview.tpl
Unescape View File

@ -2,7 +2,7 @@
<tr>
<td class="header">
<img class="icon" src="images/building.png" alt="" />
{$location_name}
{$location->name}
</td>
<td align="right">
<a href="locationadd.php?location_parent={$location->id}"><img src="images/building_add.png" alt="{$lang_sublocation_add}"></a>

2
tpl/login.tpl
Unescape View File

@ -1,4 +1,4 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<!DOCTYPE html>
<html>
<head>
<title>{$lang_ipreg}</title>

4
tpl/node.tpl
Unescape View File

@ -5,7 +5,9 @@
{$lang_nodes} {if $subnet_id}in {$subnet}{/if} ({$nodes|@count})
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="nodeadd.php?subnet_id={$subnet_id}"><img src="image.php?icon=add" alt="{$lang_node_add}"></a>
{/if}
</td>
</tr>
</table>
@ -40,4 +42,4 @@
</td>
</tr>
{/foreach}
</table>
</table>

2
tpl/options.tpl
Unescape View File

@ -26,9 +26,11 @@
<a href="optionseditdisplay.php">{$lang_options_display}</a>
</td>
</tr>
{if $suser_admin || $suser_manage}
<tr>
<td class="label">
<a href="user.php">{$lang_users}</a>
</td>
</tr>
{/if}
</table>

4
tpl/optionseditdisplay.tpl
Unescape View File

@ -89,10 +89,12 @@
<input type="checkbox" name="user_menu_assets" {$user_menu_assets_checked}>{$lang_assets}<br />
<input type="checkbox" name="user_menu_assetclasses" {$user_menu_assetclasses_checked}>{$lang_assetclasses}<br />
<input type="checkbox" name="user_menu_assetclassgroups" {$user_menu_assetclassgroups_checked}>{$lang_assetclassgroups}<br />
{if $suser_admin}
<input type="checkbox" name="user_menu_cables" {$user_menu_cables_checked}>{$lang_cables}<br />
{/if}
<input type="checkbox" name="user_menu_locations" {$user_menu_locations_checked}>{$lang_locations}<br />
<input type="checkbox" name="user_menu_nodes" {$user_menu_nodes_checked}>{$lang_nodes}<br />
<input type="checkbox" name="user_menu_subnets" {$user_menu_subnets_checked}>{$lang_subnets}<br />
<input type="checkbox" name="user_menu_users" {$user_menu_users_checked}>{$lang_users}<br />
<input type="checkbox" name="user_menu_vlans" {$user_menu_vlans_checked}>{$lang_vlans}<br />
<input type="checkbox" name="user_menu_zones" {$user_menu_zones_checked}>{$lang_zones}
</td>

38
tpl/style.css
Unescape View File

@ -201,3 +201,41 @@ table.subnetview td {
padding-left: 0;
background-image: none;
}
/* ========== Error and other messages ===== ================================ */
div.error, div.warning, div.info, div.note {
padding: 0 1em 0 36px;
margin: 1em 0 0 0;
-moz-border-radius: 12px;
}
div.error {
border: 1px solid #8b0000;
background: #ff9999 url("../images/cancel.png") no-repeat scroll 4px 4px;
}
div.warning {
border: 1px solid #827206;
background: #ffdd00 url("../images/error.png") no-repeat scroll 4px 4px;
}
div.info {
border: 1px solid #006400;
background: #b0e1a9 url("../images/information.png") no-repeat scroll 4px 4px;
}
div.note {
border: 1px solid #00008b;
background: #c3d4de url("../images/note.png") no-repeat scroll 4px 4px;
}
div.error h3,
div.warning h3,
div.info h3,
div.note h3 {
font-size: 0.9em;
margin: 0.8em 0.5em 0.5em 0;
color: black;
}
div.error p,
div.warning p,
div.info p,
div.note p {
margin: 0.5em 0.5em 0.5em 0;
}

3
tpl/subnet.tpl
Unescape View File

@ -1,10 +1,13 @@
<table class="title">
<tr>
<td class="header">
<img class="icon" src="images/plugin.png" alt="" />
{$lang_subnets} ({$subnets|@count})
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="subnetadd.php"><img src="image.php?icon=add" alt="{$lang_subnet_add}"></a>
{/if}
</td>
</tr>
</table>

20
tpl/user.tpl
Unescape View File

@ -21,6 +21,9 @@
<td class="header">
{$lang_user_displayname}
</td>
<td class="header">
{$lang_user_roles}
</td>
</tr>
{foreach item=user from=$users}
<tr>
@ -33,6 +36,23 @@
<td class="value">
{$user.displayname}
</td>
<td class="value">
{if in_array('add', $user.role)}
<img src="images/page_add.png" alt="{$lang_user_role_add}"{if $suser_tooltips} title="{$lang_user_role_add}"{/if} />
{/if}
{if in_array('edit', $user.role)}
<img src="images/page_edit.png" alt="{$lang_user_role_edit}"{if $suser_tooltips} title="{$lang_user_role_edit}"{/if} />
{/if}
{if in_array('delete', $user.role)}
<img src="images/page_delete.png" alt="{$lang_user_role_delete}"{if $suser_tooltips} title="{$lang_user_role_delete}"{/if} />
{/if}
{if in_array('manage', $user.role)}
<img src="images/manage.png" alt="{$lang_user_role_manage}"{if $suser_tooltips} title="{$lang_user_role_manage}"{/if} />
{/if}
{if in_array('admin', $user.role)}
<img src="images/admin.png" alt="{$lang_user_role_admin}"{if $suser_tooltips} title="{$lang_user_role_admin}"{/if} />
{/if}
</td>
</tr>
{/foreach}
</table>

57
tpl/useredit.tpl
Unescape View File

@ -45,9 +45,64 @@
{$lang_user_realm}
</td>
<td class="value">
{html_radios name=user_realm values=$realm_ids output=$realm_names selected=$realm_selected}
{html_radios name=user_realm values=$realm_ids output=$realm_names selected=$user->realm}
</td>
</tr>
<tr>
<td class="label">
<b>Rechte</b>
</td>
<td class="value">
&nbsp;
</td>
</tr>
<tr>
<td class="label">
{$lang_user_role_add}
</td>
<td class="value">
<img src="images/page_add.png" alt="[Add]">
<input type="checkbox" name="role_add" {if in_array('add', $user->role)} checked="checked"{/if}
</td>
</tr>
<tr>
<td class="label">
{$lang_user_role_edit}
</td>
<td class="value">
<img src="images/page_edit.png" alt="[Edit]">
<input type="checkbox" name="role_edit" {if in_array('edit', $user->role)} checked="checked"{/if}
</td>
</tr>
<tr>
<td class="label">
{$lang_user_role_delete}
</td>
<td class="value">
<img src="images/page_delete.png" alt="[Delete]">
<input type="checkbox" name="role_delete" {if in_array('delete', $user->role)} checked="checked"{/if}
</td>
</tr>
{if $suser_admin}
<tr>
<td class="label">
{$lang_user_role_manage}
</td>
<td class="value">
<img src="images/manage.png" alt="[Manage]">
<input type="checkbox" name="role_manage" {if in_array('manage', $user->role)} checked="checked"{/if}
</td>
</tr>
<tr>
<td class="label">
{$lang_user_role_admin}
</td>
<td class="value">
<img src="images/admin.png" alt="[Admin]">
<input type="checkbox" name="role_admin" {if in_array('admin', $user->role)} checked="checked"{/if}
</td>
</tr>
{/if}
</table>
</form>

22
tpl/userview.tpl
Unescape View File

@ -44,4 +44,26 @@
{$user->realm}
</td>
</tr>
<tr>
<td class="label">
{$lang_user_roles}
</td>
<td class="value">
{if in_array('add', $user->role)}
<img src="images/page_add.png" alt="{$lang_user_role_add}"{if $suser_tooltips} title="{$lang_user_role_add}"{/if} />
{/if}
{if in_array('edit', $user->role)}
<img src="images/page_edit.png" alt="{$lang_user_role_edit}"{if $suser_tooltips} title="{$lang_user_role_edit}"{/if} />
{/if}
{if in_array('delete', $user->role)}
<img src="images/page_delete.png" alt="{$lang_user_role_delete}"{if $suser_tooltips} title="{$lang_user_role_delete}"{/if} />
{/if}
{if in_array('manage', $user->role)}
<img src="images/manage.png" alt="{$lang_user_role_manage}"{if $suser_tooltips} title="{$lang_user_role_manage}"{/if} />
{/if}
{if in_array('admin', $user->role)}
<img src="images/admin.png" alt="{$lang_user_role_admin}"{if $suser_tooltips} title="{$lang_user_role_admin}"{/if} />
{/if}
</td>
</tr>
</table>

3
tpl/vlan.tpl
Unescape View File

@ -4,7 +4,9 @@
{$lang_vlans} ({$vlans|@count})
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="vlanadd.php"><img src="image.php?icon=add" alt="{$lang_vlan_add}" {if $suser_tooltips}title="{$lang_vlan_add}" {/if}/></a>
{/if}
</td>
</tr>
</table>
@ -27,6 +29,7 @@
{$vlan.number}
</td>
<td class="value">
<img src="image.php?color={$vlan.color}" alt="#{$vlan.color}">
<a href="vlanview.php?vlan_id={$vlan.id}">{$vlan.name}</a>
</td>
<td>

8
tpl/vlanadd.tpl
Unescape View File

@ -35,6 +35,14 @@
<input type="text" name="vlan_number" size="3">
</td>
</tr>
<tr>
<td class="label">
{$lang_color}
</td>
<td class="value">
#<input type="text" {literal}class="color {pickerPosition:'right'}"{/literal} name="vlan_color" size="6" maxlength="6" value="{$vlan->color}">
</td>
</tr>
<tr>
<td class="label">
{$lang_vlan_info}

2
tpl/vlandel.tpl
Unescape View File

@ -5,7 +5,7 @@
<table class="title">
<tr>
<td class="header">
{$vlan_name}
{$vlan->name}
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=cancel" alt="{$lang_cancel}"></a>

12
tpl/vlanedit.tpl
Unescape View File

@ -1,11 +1,11 @@
<form method="POST" action="submit.php">
<input type="hidden" name="edit" value="vlan">
<input type="hidden" name="vlan_id" value="{$vlan_id}">
<input type="hidden" name="vlan_id" value="{$vlan->id}">
<table class="title">
<tr>
<td class="header">
{$vlan_name}
{$vlan->name}
</td>
<td align="right">
<a href="#" onClick="history.go(-1)"><img src="image.php?icon=back" alt="{$lang_cancel}"></a>
@ -39,6 +39,14 @@
<input type="text" name="vlan_number" size="3" value="{$vlan->number}">
</td>
</tr>
<tr>
<td class="label">
{$lang_color}
</td>
<td class="value">
#<input type="text" {literal}class="color {pickerPosition:'right'}"{/literal} name="vlan_color" size="6" maxlength="6" value="{$vlan->color}">
</td>
</tr>
<tr>
<td class="label">
{$lang_vlan_info}

11
tpl/vlanview.tpl
Unescape View File

@ -1,7 +1,7 @@
<table class="title">
<tr>
<td class="header">
{$vlan_name}
{$vlan->name}
</td>
<td align="right">
<a href="assignvlantosubnet.php?vlan_id={$vlan->id}"><img src="image.php?icon=add" alt="{$lang_assignvlantosubnet}"></a>
@ -44,6 +44,15 @@
{$vlan->info}
</td>
</tr>
<tr>
<td class="label">
{$lang_color}
</td>
<td class="value">
<img src="image.php?color={$vlan->color}" alt="{$vlan->color}">
#{$vlan->color}
</td>
</tr>
</table>
<table class="info">

2
tpl/zone.tpl
Unescape View File

@ -5,7 +5,9 @@
{$lang_zones} ({$zones|@count})
</td>
<td align="right">
{if $suser_add || $suser_admin}
<a href="zoneadd.php"><img src="image.php?icon=add" alt="{$lang_zone_add}"></a>
{/if}
</td>
</tr>
</table>

6
tpl/zoneview.tpl
Unescape View File

@ -2,11 +2,15 @@
<tr>
<td class="header">
<img class="icon" src="images/table.png" alt="" />
{$zone_origin}
{$zone->zone_origin}
</td>
<td align="right">
{if $suser_edit || $suser_admin}
<a href="zoneedit.php?zone_id={$zone->zone_id}"><img src="images/table_edit.png" alt="{$lang_zone_edit}" /></a>
{/if}
{if $suser_del || $suser_admin}
<a href="zonedel.php?zone_id={$zone->zone_id}"><img src="images/table_delete.png" alt="{$lang_zone_del}" /></a>
{/if}
</td>
</tr>
</table>

17
user.php
Unescape View File

@ -8,14 +8,27 @@ SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if (($_SESSION['suser_role_admin'] == 0) and ($_SESSION['suser_role_manage'] == 0)) {
header_location('comments.php?comments=accessdenied');
}
include("header.php");
$sql = "SELECT user_id AS id, user_name AS name,
user_displayname AS displayname, user_realm as realm
user_displayname AS displayname, user_realm AS realm,
user_role AS role
FROM user
ORDER BY user_name";
$sth = $dbh->query($sql);
$smarty->assign("users", $sth->fetchAll(PDO::FETCH_ASSOC));
// role: convert db set to array
$users = $sth->fetchAll(PDO::FETCH_ASSOC);
for($i = 0; $i < count($users); $i++) {
$users[$i]['role'] = explode(',', $users[$i]['role'] );
}
$smarty->assign("users", $users);
$smarty->display("user.tpl");

5
useradd.php
Unescape View File

@ -8,6 +8,11 @@ SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if (($_SESSION['suser_role_admin'] == 0) && ($_SESSION['suser_role_manage'] == 0)) {
header_location('comments.php?comments=accessdenied');
}
include("header.php");
$realms = db_load_enum('user','user_realm');

6
userdel.php
Unescape View File

@ -8,7 +8,11 @@ SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if ($_SESSION['suser_role_admin'] == 0) {
header_location('comments.php?comments=accessdenied');
}
$user_id = sanitize($_GET['user_id']);
include("header.php");

13
useredit.php
Unescape View File

@ -8,18 +8,25 @@ SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if (($_SESSION['suser_role_admin'] == 0) && ($_SESSION['suser_role_manage'] == 0)) {
header_location('comments.php?comments=accessdenied');
}
$user_id = sanitize($_GET['user_id']);
include("header.php");
$sql = "SELECT user_id AS id, user_name AS name, user_displayname AS displayname,
user_realm AS realm
user_realm AS realm, user_role AS role, user_flags AS flags
FROM user
WHERE user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$user_id]);
$smarty->assign("user", $sth->fetch(PDO::FETCH_OBJ));
$user = $sth->fetch(PDO::FETCH_OBJ);
$user->role = explode(',', $user->role);
$smarty->assign("user", $user);
// auth realms
$smarty->assign("realm_ids", ['local', 'ldap']);

14
userview.php
Unescape View File

@ -8,18 +8,26 @@ SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
if (($_SESSION['suser_role_admin'] == 0) and ($_SESSION['suser_role_manage'] == 0)) {
header_location('comments.php?comments=accessdenied');
}
$user_id = sanitize($_GET['user_id']);
include("header.php");
$sql = "SELECT user_id AS id, user_name AS name, user_displayname AS displayname,
user_realm as realm
user_realm as realm, user_role AS role, user_flags AS flags
FROM user
WHERE user_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$user_id]);
$smarty->assign("user", $sth->fetch(PDO::FETCH_OBJ));
$user = $sth->fetch(PDO::FETCH_OBJ);
$user->role = explode(',', $user->role);
$user->flags = explode(',', $user->flags);
$smarty->assign("user", $user);
$smarty->display("userview.tpl");

2
vlan.php
Unescape View File

@ -11,7 +11,7 @@ include("includes.php");
include("header.php");
$sql = "SELECT vlan_id AS id, vlan_number AS number, vlan_name AS name,
LEFT(vlan_info, 60) AS info
vlan_color AS color, LEFT(vlan_info, 60) AS info
FROM vlan
ORDER BY vlan_number";
$sth = $dbh->query($sql);

2
vlanadd.php
Unescape View File

@ -8,6 +8,8 @@ SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/
include("includes.php");
$smarty->assign("scripts", 'jscolor.js');
include("header.php");
$smarty->display("vlanadd.tpl");

3
vlanedit.php
Unescape View File

@ -11,10 +11,11 @@ include("includes.php");
$vlan_id = sanitize($_GET['vlan_id']);
$smarty->assign("scripts", 'jscolor.js');
include("header.php");
$sql = "SELECT vlan_id AS id, vlan_name AS name, vlan_number AS number,
vlan_info AS info
vlan_color AS color, vlan_info AS info
FROM vlan
WHERE vlan_id=?";
$sth = $dbh->prepare($sql);

2
vlanview.php
Unescape View File

@ -15,7 +15,7 @@ include("header.php");
// vlan
$sql = "SELECT vlan_id AS id, vlan_name AS name, vlan_number AS number,
vlan_info AS info
vlan_info AS info, vlan_color AS color
FROM vlan
WHERE vlan_id=?";
$sth = $dbh->prepare($sql);