<?php
	/*****************************************************************************
	IP Reg, a PHP/MySQL IPAM tool
	Copyright (C) 2008 Wietse Warendorff
	
	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.
	
	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.
	
	You should have received a copy of the GNU General Public License
	along with this program.  If not, see <http://www.gnu.org/licenses/>.
	
	For more information, visit http://sourceforge.net/projects/ipreg,
	or contact me at wietsew@users.sourceforge.net
	*****************************************************************************/
	
	// strip mac address to 12 char string
	function strip_mac($mac) {
		// strip chars we don't need
		$mac = preg_replace("|[^a-fA-F0-9]|", "", $mac);
		
		// capotolize (just because it looks better eh)
		$mac = strtoupper($mac);
		
		// and return
		return ($mac);
	}
	
	// rebuild mac address
	function write_mac($mac) {
		if (strlen($mac)!=12) {
			// if the MAC is empty, or for whatever reason incorrect, just return
			return $mac;
		} else {
			// length is ok, continue
			// strip mac to pieces
			for($i=0;$i<12;$i++) {
				${"mac".$i} = $mac{$i};
			}
			
			// get user preference
			$user_mac = $_SESSION['suser_mac'];
			
			// replace user preference with pieces
			for($i=0;$i<12;$i++) {
				$user_mac = preg_replace("/x/", ${"mac".$i}, $user_mac, 1);
			}
			
			// and return
			return $user_mac;
		}
	}
	
	// redirect page
	function header_location($location) {
		header("location: " . $location);
		exit;
	}
	
	// authorisation check
	function auth($item, $min_auth, $item_id) {
		// get user_id
		$suser_id = $_SESSION['suser_id'];
		
		// set base auth to 0
		$auth = 0;
		
		// check for global rights
		$result = mysql_query("SELECT uc.auth FROM userclassauth uc, useruserclass u WHERE u.user_id='$suser_id' AND uc.userclass_id=u.userclass_id AND uc.item='ipreg' AND uc.id=0 ORDER BY uc.ordering DESC LIMIT 1") or die(mysql_error());
		while ($row = mysql_fetch_object($result)) {
			$auth = $row->auth;
		}
				
		// check specific auth for this item 
		$result = mysql_query("SELECT uc.auth FROM userclassauth uc, useruserclass u WHERE u.user_id='$suser_id' AND uc.userclass_id=u.userclass_id AND uc.item='$item' AND uc.id=0 ORDER BY uc.ordering DESC LIMIT 1") or die(mysql_error());
		while ($row = mysql_fetch_object($result)) {
			$auth = $row->auth;
		}
		
		// and for a specific ID (if set)
		if($item_id>0) {
			$result = mysql_query("SELECT uc.auth FROM userclassauth uc, useruserclass u WHERE u.user_id='$suser_id' AND uc.userclass_id=u.userclass_id AND uc.item='$item' AND uc.id='$item_id' ORDER BY uc.ordering DESC LIMIT 1") or die(mysql_error());
			while ($row = mysql_fetch_object($result)) {
				$auth = $row->auth;
			}
		}
		
		if($auth<$min_auth) {
			// not allowed -> redirect
			header_location("comments.php?comments=notallowed");
		} else {
			return $auth;
		}
	}
?>