You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1087 lines
37 KiB
1087 lines
37 KiB
<?php
|
|
/*****************************************************************************
|
|
IP Reg, a PHP/MySQL IPAM tool
|
|
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
|
|
Copyright (C) 2011-2023 Thomas Hooge
|
|
|
|
SPDX-License-Identifier: GPL-3.0-or-later
|
|
*****************************************************************************/
|
|
|
|
include("includes.php");
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] != "POST") {
|
|
header_location("comments.php?comments=" . $comments);
|
|
exit;
|
|
}
|
|
|
|
if (isset($_POST['redirect'])) {
|
|
switch ($_POST['redirect']) {
|
|
case ("assigniptonode") :
|
|
$node_ip = sanitize($_POST['node_ip']);
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
switch ($_POST['action']) {
|
|
case ("assignnodetoasset") :
|
|
header_location("assignnodetoasset.php?subnet_id=" . $subnet_id . "&node_ip=" . $node_ip);
|
|
break;
|
|
case ("nodeadd") :
|
|
header_location("nodeadd.php?subnet_id=" . $subnet_id . "&node_ip=" . $node_ip);
|
|
break;
|
|
}
|
|
break;
|
|
case ("locationsubnet") :
|
|
$location_id = sanitize($_POST['location_id']);
|
|
|
|
switch ($_POST['action']) {
|
|
case ("locationsubnetadd") :
|
|
header_location("locationsubnetadd.php?location_id=" . $location_id);
|
|
break;
|
|
case ("locationsubnetdel") :
|
|
header_location("locationsubnetdel.php?location_id=" . $location_id);
|
|
break;
|
|
}
|
|
break;
|
|
case ("nat") :
|
|
$node_id = sanitize($_POST['node_id']);
|
|
|
|
switch ($_POST['action']) {
|
|
case ("natadd") :
|
|
header_location("natadd.php?node_id=" . $node_id);
|
|
break;
|
|
case ("natdel") :
|
|
header_location("natdel.php?node_id=" . $node_id);
|
|
break;
|
|
}
|
|
break;
|
|
case ("subnetlocation") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
switch ($_POST['action']) {
|
|
case ("subnetlocationadd") :
|
|
header_location("subnetlocationadd.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("subnetlocationdel") :
|
|
header_location("subnetlocationdel.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
}
|
|
break;
|
|
case ("subnetvlan") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
switch ($_POST['action']) {
|
|
case ("subnetvlanadd") :
|
|
header_location("subnetvlanadd.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("subnetvlandel") :
|
|
header_location("subnetvlandel.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
}
|
|
break;
|
|
case ("vlansubnet") :
|
|
$vlan_id = sanitize($_POST['vlan_id']);
|
|
|
|
switch ($_POST['action']) {
|
|
case ("vlansubnetadd") :
|
|
header_location("vlansubnetadd.php?vlan_id=" . $vlan_id);
|
|
break;
|
|
case ("vlansubnetdel") :
|
|
header_location("vlansubnetdel.php?vlan_id=" . $vlan_id);
|
|
break;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (isset($_POST['add'])) {
|
|
switch ($_POST['add']) {
|
|
case ("asset") :
|
|
$asset_name = sanitize($_POST['asset_name']);
|
|
$asset_hostname = sanitize($_POST['asset_hostname']);
|
|
$assetclass_id = sanitize($_POST['assetclass_id']);
|
|
$asset_info = sanitize($_POST['asset_info']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
asset(
|
|
asset_name,
|
|
asset_hostname,
|
|
assetclass_id,
|
|
asset_info
|
|
)
|
|
VALUE
|
|
(
|
|
'$asset_name',
|
|
'$asset_hostname',
|
|
'$assetclass_id',
|
|
'$asset_info'
|
|
)";
|
|
|
|
$asset_id = $db->db_insert($query);
|
|
|
|
header_location("assetview.php?asset_id=" . $asset_id);
|
|
break;
|
|
case ("assetclass") :
|
|
$assetclass_name = sanitize($_POST['assetclass_name']);
|
|
$assetclassgroup_id = sanitize($_POST['assetclassgroup_id']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
assetclass(
|
|
assetclass_name,
|
|
assetclassgroup_id
|
|
)
|
|
VALUE
|
|
(
|
|
'$assetclass_name',
|
|
'$assetclassgroup_id'
|
|
)";
|
|
|
|
$assetclass_id = $db->db_insert($query);
|
|
|
|
header_location("assetclassview.php?assetclass_id=" . $assetclass_id);
|
|
break;
|
|
case ("assetclassgroup") :
|
|
$assetclassgroup_name = sanitize($_POST['assetclassgroup_name']);
|
|
$assetclassgroup_color = preg_replace("|[^a-zA-Z0-9]|", "", strtoupper(sanitize($_POST['assetclassgroup_color'])));
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
assetclassgroup(
|
|
assetclassgroup_name,
|
|
assetclassgroup_color
|
|
)
|
|
VALUE
|
|
(
|
|
'$assetclassgroup_name',
|
|
'$assetclassgroup_color'
|
|
)";
|
|
|
|
$assetclassgroup_id = $db->db_insert($query);
|
|
|
|
header_location("assetclassgroupview.php?assetclassgroup_id=" . $assetclassgroup_id);
|
|
break;
|
|
case ("assignnodetoasset") :
|
|
$node_ip = sanitize($_POST['node_ip']);
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
$asset_id = sanitize($_POST['asset_id']);
|
|
$node_mac = strip_mac(sanitize($_POST['node_mac']));
|
|
if ((!empty($_POST['node_dns1']) && isset($_POST['node_dns1suffix'])) ? $node_dns1 = sanitize($_POST['node_dns1']) . $config_dns1suffix : $node_dns1 = sanitize($_POST['node_dns1']));
|
|
if ((!empty($_POST['node_dns2']) && isset($_POST['node_dns2suffix'])) ? $node_dns2 = sanitize($_POST['node_dns2']) . $config_dns2suffix : $node_dns2 = sanitize($_POST['node_dns2']));
|
|
$node_info = $_POST['node_info'];
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
node(
|
|
node_ip,
|
|
node_mac,
|
|
node_dns1,
|
|
node_dns2,
|
|
subnet_id,
|
|
asset_id,
|
|
node_info
|
|
)
|
|
VALUE
|
|
(
|
|
'$node_ip',
|
|
'$node_mac',
|
|
'$node_dns1',
|
|
'$node_dns2',
|
|
'$subnet_id',
|
|
'$asset_id',
|
|
'$node_info'
|
|
)";
|
|
|
|
$node_id = $db->db_insert($query);
|
|
|
|
header_location("nodeview.php?node_id=" . $node_id);
|
|
break;
|
|
case ("assignlocationtosubnet") :
|
|
$location_id = sanitize($_POST['location_id']);
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
subnetlocation(
|
|
location_id,
|
|
subnet_id
|
|
)
|
|
VALUE
|
|
(
|
|
'$location_id',
|
|
'$subnet_id'
|
|
)";
|
|
|
|
$db->db_insert($query);
|
|
|
|
header_location("Location: location.php");
|
|
break;
|
|
case ("assignsubnettovlan") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
$vlan_id = sanitize($_POST['vlan_id']);
|
|
|
|
$query = "UPDATE
|
|
subnet
|
|
SET
|
|
vlan_id='$vlan_id'
|
|
WHERE
|
|
subnet_id='$subnet_id'";
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("subnetview.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("location") :
|
|
$location_name = sanitize($_POST['location_name']);
|
|
$location_parent = sanitize($_POST['location_parent']);
|
|
$location_info = sanitize($_POST['location_info']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
location(
|
|
location_name,
|
|
location_parent,
|
|
location_info
|
|
)
|
|
VALUE
|
|
(
|
|
'$location_name',
|
|
'$location_parent',
|
|
'$location_info'
|
|
)";
|
|
|
|
$location_id = $db->db_insert($query);
|
|
|
|
header_location("locationview.php?location_id=" . $location_id);
|
|
break;
|
|
case ("locationsubnet") :
|
|
$location_id = sanitize($_POST['location_id']);
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
subnetlocation(
|
|
location_id,
|
|
subnet_id
|
|
)
|
|
VALUE
|
|
(
|
|
'$location_id',
|
|
'$subnet_id'
|
|
)";
|
|
|
|
$newid = $db->db_insert($query);
|
|
|
|
header_location("locationview.php?location_id=" . $location_id);
|
|
break;
|
|
case ("nat") :
|
|
$node_id_ext = sanitize($_POST['node_id_ext']);
|
|
$node_id_int = sanitize($_POST['node_id_int']);
|
|
$nat_type = sanitize($_POST['nat_type']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
nat(
|
|
nat_ext,
|
|
nat_int,
|
|
nat_type
|
|
)
|
|
VALUE
|
|
(
|
|
'$node_id_ext',
|
|
'$node_id_int',
|
|
'$nat_type'
|
|
)";
|
|
|
|
$db->db_insert($query);
|
|
|
|
header_location("nodeview.php?node_id=" . $node_id_ext);
|
|
break;
|
|
case ("node") :
|
|
$asset_name = sanitize($_POST['asset_name']);
|
|
$asset_hostname = sanitize($_POST['asset_hostname']);
|
|
$assetclass_id = sanitize($_POST['assetclass_id']);
|
|
$ip = sanitize($_POST['node_ip']);
|
|
$mac = strip_mac(sanitize($_POST['node_mac']));
|
|
if ((!empty($_POST['node_dns1']) && isset($_POST['dns1suffix'])) ? $dns1 = sanitize($_POST['node_dns1']) . $config_dns1suffix : $dns1 = sanitize($_POST['node_dns1']));
|
|
if ((!empty($_POST['node_dns2']) && isset($_POST['dns2suffix'])) ? $dns2 = sanitize($_POST['node_dns2']) . $config_dns2suffix : $dns2 = sanitize($_POST['node_dns2']));
|
|
$node_info = sanitize($_POST['node_info']);
|
|
$subnet_id = $_POST['subnet_id'];
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
asset(
|
|
asset_name,
|
|
asset_hostname,
|
|
assetclass_id
|
|
)
|
|
VALUE
|
|
(
|
|
'$asset_name',
|
|
'$asset_hostname',
|
|
'$assetclass_id'
|
|
)";
|
|
|
|
$asset_id = $db->db_insert($query);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
node(
|
|
node_ip,
|
|
node_mac,
|
|
node_dns1,
|
|
node_dns2,
|
|
node_info,
|
|
subnet_id,
|
|
asset_id
|
|
)
|
|
VALUE
|
|
(
|
|
'$ip',
|
|
'$mac',
|
|
'$dns1',
|
|
'$dns2',
|
|
'$node_info',
|
|
'$subnet_id',
|
|
'$asset_id'
|
|
)";
|
|
|
|
$node_id = $db->db_insert($query);
|
|
|
|
header_location("nodeview.php?node_id=" . $node_id);
|
|
break;
|
|
case ("subnet") :
|
|
$subnet_address= sanitize($_POST['subnet_address']);
|
|
$subnet_mask = sanitize($_POST['subnet_mask']);
|
|
$subnet_info = sanitize($_POST['subnet_info']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
subnet(
|
|
subnet_address,
|
|
subnet_mask,
|
|
subnet_info
|
|
)
|
|
VALUE
|
|
(
|
|
'$subnet_address',
|
|
'$subnet_mask',
|
|
'$subnet_info'
|
|
)";
|
|
|
|
$subnet_id = $db->db_insert($query);
|
|
|
|
header_location("subnetview.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("subnetlocation") :
|
|
$location_id = sanitize($_POST['location_id']);
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
subnetlocation(
|
|
location_id,
|
|
subnet_id
|
|
)
|
|
VALUE
|
|
(
|
|
'$location_id',
|
|
'$subnet_id'
|
|
)";
|
|
|
|
$db->db_insert($query);
|
|
|
|
header_location("subnetview.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("subnetvlan") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
$vlan_id = sanitize($_POST['vlan_id']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
subnetvlan(
|
|
subnet_id,
|
|
vlan_id
|
|
)
|
|
VALUE
|
|
(
|
|
'$subnet_id',
|
|
'$vlan_id'
|
|
)";
|
|
|
|
$db->db_insert($query);
|
|
|
|
header_location("subnetview.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("user") :
|
|
$user_name = strtolower(sanitize($_POST['user_name']));
|
|
$user_displayname = sanitize($_POST['user_displayname']);
|
|
$user_password = md5(sanitize($_POST['user_password']));
|
|
|
|
$query = "SELECT
|
|
user_name
|
|
FROM
|
|
user
|
|
WHERE
|
|
user_name='$user_name'";
|
|
|
|
$users = $db->db_select($query);
|
|
|
|
$user_counter = count($users);
|
|
|
|
if ($user_counter==0) {
|
|
$query = "INSERT
|
|
INTO
|
|
user(
|
|
user_name,
|
|
user_displayname,
|
|
user_pass
|
|
)
|
|
VALUE
|
|
(
|
|
'$user_name',
|
|
'$user_displayname',
|
|
'$user_password'
|
|
)";
|
|
|
|
$user_id = $db->db_insert($query);
|
|
|
|
header_location("userview.php?user_id=" . $user_id);
|
|
}
|
|
|
|
$comments = "usernameinuse";
|
|
break;
|
|
case ("vlan") :
|
|
$vlan_name = sanitize($_POST['vlan_name']);
|
|
$vlan_number = sanitize($_POST['vlan_number']);
|
|
$vlan_info = sanitize($_POST['vlan_info']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
vlan(
|
|
vlan_name,
|
|
vlan_number,
|
|
vlan_info
|
|
)
|
|
VALUE
|
|
(
|
|
'$vlan_name',
|
|
'$vlan_number',
|
|
'$vlan_info'
|
|
)";
|
|
|
|
$vlan_id = $db->db_insert($query);
|
|
|
|
header_location("vlanview.php?vlan_id=" . $vlan_id);
|
|
break;
|
|
case ("vlansubnet") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
$vlan_id = sanitize($_POST['vlan_id']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
subnetvlan(
|
|
subnet_id,
|
|
vlan_id
|
|
)
|
|
VALUE
|
|
(
|
|
'$subnet_id',
|
|
'$vlan_id'
|
|
)";
|
|
|
|
$db->db_insert($query);
|
|
|
|
header_location("vlanview.php?vlan_id=" . $vlan_id);
|
|
break;
|
|
case ("zone") :
|
|
$zone_origin = sanitize($_POST['zone_origin']);
|
|
$zone_ttl_default = sanitize($_POST['zone_ttl_default']);
|
|
$zone_soa = sanitize($_POST['zone_soa']);
|
|
$zone_hostmaster = sanitize($_POST['zone_hostmaster']);
|
|
$zone_refresh = sanitize($_POST['zone_refresh']);
|
|
$zone_retry = sanitize($_POST['zone_retry']);
|
|
$zone_expire = sanitize($_POST['zone_expire']);
|
|
$zone_ttl = sanitize($_POST['zone_ttl']);
|
|
$zone_serial = sanitize($_POST['zone_serial']);
|
|
$zone_ns1 = sanitize($_POST['zone_ns1']);
|
|
$zone_ns2 = sanitize($_POST['zone_ns2']);
|
|
$zone_ns3 = sanitize($_POST['zone_ns3']);
|
|
$zone_mx1 = sanitize($_POST['zone_mx1']);
|
|
$zone_mx2 = sanitize($_POST['zone_mx2']);
|
|
$zone_info = sanitize($_POST['zone_info']);
|
|
|
|
$query = "INSERT
|
|
INTO
|
|
zone(
|
|
zone_origin,
|
|
zone_ttl_default,
|
|
zone_soa,
|
|
zone_hostmaster,
|
|
zone_refresh,
|
|
zone_retry,
|
|
zone_expire,
|
|
zone_ttl,
|
|
zone_serial,
|
|
zone_ns1,
|
|
zone_ns2,
|
|
zone_ns3,
|
|
zone_mx1,
|
|
zone_mx2,
|
|
zone_info
|
|
)
|
|
VALUE
|
|
(
|
|
'$zone_origin',
|
|
'$zone_ttl_default',
|
|
'$zone_soa',
|
|
'$zone_hostmaster',
|
|
'$zone_refresh',
|
|
'$zone_retry',
|
|
'$zone_expire',
|
|
'$zone_ttl',
|
|
'$zone_serial',
|
|
'$zone_ns1',
|
|
'$zone_ns2',
|
|
'$zone_ns3',
|
|
'$zone_mx1',
|
|
'$zone_mx2',
|
|
'$zone_info'
|
|
)";
|
|
|
|
$zoneid = $db->db_insert($query);
|
|
|
|
header_location("zoneview.php?zone_id=" . $zoneid);
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (isset($_POST['del'])) {
|
|
switch ($_POST['del']) {
|
|
case ("asset") :
|
|
$asset_id = sanitize($_POST['asset_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
asset
|
|
WHERE
|
|
asset_id=" . $asset_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
node
|
|
WHERE
|
|
asset_id=" . $asset_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("asset.php");
|
|
break;
|
|
case ("assetclass") :
|
|
$assetclass_id = sanitize($_POST['assetclass_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
assetclass
|
|
WHERE
|
|
assetclass_id=" . $assetclass_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("assetclass.php");
|
|
break;
|
|
case ("assetclassgroup") :
|
|
$assetclassgroup_id = sanitize($_POST['assetclassgroup_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
assetclassgroup
|
|
WHERE
|
|
assetclassgroup_id=" . $assetclassgroup_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("assetclassgroup.php");
|
|
break;
|
|
case ("location") :
|
|
$location_id = sanitize($_POST['location_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
location
|
|
WHERE
|
|
location_id=" . $location_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("location.php");
|
|
break;
|
|
case ("locationsubnet") :
|
|
$location_id = sanitize($_POST['location_id']);
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
subnetlocation
|
|
WHERE
|
|
location_id=" . $location_id . "
|
|
AND subnet_id=" . $subnet_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("locationview.php?location_id=" . $location_id);
|
|
break;
|
|
case ("nat") :
|
|
$node_id_ext = sanitize($_POST['node_id_ext']);
|
|
$node_id_int = sanitize($_POST['node_id_int']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
nat
|
|
WHERE
|
|
nat_ext=" . $node_id_ext . "
|
|
AND nat_int=" . $node_id_int;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("nodeview.php?node_id=" . $node_id_ext);
|
|
break;
|
|
case ("node") :
|
|
$node_id = sanitize($_POST['node_id']);
|
|
$asset_id = sanitize($_POST['asset_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
node
|
|
WHERE
|
|
node_id=" . $node_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("assetview.php?asset_id=" . $asset_id);
|
|
break;
|
|
case ("subnet") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
subnet
|
|
WHERE
|
|
subnet_id=" . $subnet_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
node
|
|
WHERE
|
|
subnet_id=" . $subnet_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("subnet.php");
|
|
break;
|
|
case ("subnetlocation") :
|
|
$location_id = sanitize($_POST['location_id']);
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
subnetlocation
|
|
WHERE
|
|
location_id=" . $location_id . "
|
|
AND subnet_id=" . $subnet_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("subnetview.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("subnetvlan") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
$vlan_id = sanitize($_POST['vlan_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
subnetvlan
|
|
WHERE
|
|
subnet_id=" . $subnet_id . "
|
|
AND vlan_id=" . $vlan_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("subnetview.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("user") :
|
|
$user_id = sanitize($_POST['user_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
user
|
|
WHERE
|
|
user_id=" . $user_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("user.php");
|
|
break;
|
|
case ("vlan") :
|
|
$vlan_id = sanitize($_POST['vlan_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
vlan
|
|
WHERE
|
|
vlan_id=" . $vlan_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("vlan.php");
|
|
break;
|
|
case ("vlansubnet") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
$vlan_id = sanitize($_POST['vlan_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
subnetvlan
|
|
WHERE
|
|
subnet_id=" . $subnet_id . "
|
|
AND vlan_id=" . $vlan_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("vlanview.php?vlan_id=" . $vlan_id);
|
|
break;
|
|
case ("zone") :
|
|
$zone_id = sanitize($_POST['zone_id']);
|
|
|
|
$query = "DELETE
|
|
FROM
|
|
zone
|
|
WHERE
|
|
zone_id=" . $zone_id;
|
|
|
|
$db->db_delete($query);
|
|
|
|
header_location("zone.php");
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (isset($_POST['edit'])) {
|
|
switch ($_POST['edit']) {
|
|
case ("asset") :
|
|
$asset_id = sanitize($_POST['asset_id']);
|
|
$asset_name = sanitize($_POST['asset_name']);
|
|
$asset_info = sanitize($_POST['asset_info']);
|
|
$asset_hostname = sanitize($_POST['asset_hostname']);
|
|
$assetclass_id = sanitize($_POST['assetclass_id']);
|
|
|
|
$query = "UPDATE
|
|
asset
|
|
SET
|
|
asset_name='$asset_name',
|
|
asset_info='$asset_info',
|
|
asset_hostname='$asset_hostname',
|
|
assetclass_id='$assetclass_id'
|
|
WHERE
|
|
asset_id=" . $asset_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("assetview.php?asset_id=" . $asset_id);
|
|
case ("assetclass") :
|
|
$assetclass_id = sanitize($_POST['assetclass_id']);
|
|
$assetclass_name = sanitize($_POST['assetclass_name']);
|
|
$assetclassgroup_id = sanitize($_POST['assetclassgroup_id']);
|
|
|
|
$query = "UPDATE
|
|
assetclass
|
|
SET
|
|
assetclass_name='$assetclass_name',
|
|
assetclassgroup_id='$assetclassgroup_id'
|
|
WHERE
|
|
assetclass_id=" . $assetclass_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("assetclassview.php?assetclass_id=" . $assetclass_id);
|
|
break;
|
|
case ("assetclassgroup") :
|
|
$assetclassgroup_id = sanitize($_POST['assetclassgroup_id']);
|
|
$assetclassgroup_name = sanitize($_POST['assetclassgroup_name']);
|
|
$assetclassgroup_color = preg_replace("|[^a-zA-Z0-9]|", "", strtoupper(sanitize($_POST['assetclassgroup_color'])));
|
|
|
|
$query = "UPDATE
|
|
assetclassgroup
|
|
SET
|
|
assetclassgroup_name='$assetclassgroup_name',
|
|
assetclassgroup_color='$assetclassgroup_color'
|
|
WHERE
|
|
assetclassgroup_id=" . $assetclassgroup_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("assetclassgroupview.php?assetclassgroup_id=" . $assetclassgroup_id);
|
|
break;
|
|
case ("location") :
|
|
$location_id = sanitize($_POST['location_id']);
|
|
$location_name = sanitize($_POST['location_name']);
|
|
$location_info = sanitize($_POST['location_info']);
|
|
$parentlocation_id = sanitize($_POST['parentlocation_id']);
|
|
|
|
$query = "UPDATE
|
|
location
|
|
SET
|
|
location_name='$location_name',
|
|
location_parent='$parentlocation_id',
|
|
location_info='$location_info'
|
|
WHERE
|
|
location_id=" . $location_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("locationview.php?location_id=" . $location_id);
|
|
break;
|
|
case ("node") :
|
|
$node_id = sanitize($_POST['node_id']);
|
|
$asset_id = sanitize($_POST['asset_id']);
|
|
$node_ip = sanitize($_POST['node_ip']);
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
$node_mac = strip_mac(sanitize($_POST['node_mac']));
|
|
$node_dns1 = sanitize($_POST['node_dns1']);
|
|
$node_dns2 = sanitize($_POST['node_dns2']);
|
|
$node_info = sanitize($_POST['node_info']);
|
|
$zone_id = sanitize($_POST['zone_id']);
|
|
|
|
$query = "UPDATE
|
|
node
|
|
SET
|
|
asset_id='$asset_id',
|
|
node_ip='$node_ip',
|
|
subnet_id='$subnet_id',
|
|
node_mac='$node_mac',
|
|
node_dns1='$node_dns1',
|
|
node_dns2='$node_dns2',
|
|
node_info='$node_info',
|
|
zone_id='$zone_id'
|
|
WHERE
|
|
node_id=" . $node_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("nodeview.php?node_id=" . $node_id);
|
|
break;
|
|
case ("optionsdisplay") :
|
|
$user_id = $_SESSION['suser_id'];
|
|
$user_language = $_POST['user_language'];
|
|
$user_imagesize = sanitize($_POST['user_imagesize']);
|
|
$user_imagecount = sanitize($_POST['user_imagecount']);
|
|
$user_mac = sanitize($_POST['user_mac']);
|
|
$user_dateformat = sanitize($_POST['user_dateformat']);
|
|
$user_dns1suffix = sanitize($_POST['user_dns1suffix']);
|
|
$user_dns2suffix = sanitize($_POST['user_dns2suffix']);
|
|
$user_menu_assets = sanitize($_POST['user_menu_assets']);
|
|
$user_menu_assetclasses = sanitize($_POST['user_menu_assetclasses']);
|
|
$user_menu_assetclassgroups = sanitize($_POST['user_menu_assetclassgroups']);
|
|
$user_menu_locations = sanitize($_POST['user_menu_locations']);
|
|
$user_menu_nodes = sanitize($_POST['user_menu_nodes']);
|
|
$user_menu_subnets = sanitize($_POST['user_menu_subnets']);
|
|
$user_menu_users = sanitize($_POST['user_menu_users']);
|
|
$user_menu_vlans = sanitize($_POST['user_menu_vlans']);
|
|
$user_menu_zones = sanitize($_POST['user_menu_zones']);
|
|
$user_tooltips = sanitize($_POST['user_tooltips']);
|
|
|
|
$query = "UPDATE
|
|
user
|
|
SET
|
|
user_language='" . $user_language . "',
|
|
user_imagesize='" . $user_imagesize . "',
|
|
user_imagecount='" . $user_imagecount . "',
|
|
user_mac='" . $user_mac . "',
|
|
user_dateformat='" . $user_dateformat . "',
|
|
user_dns1suffix='" . $user_dns1suffix . "',
|
|
user_dns2suffix='" . $user_dns2suffix . "',
|
|
user_menu_assets='" . $user_menu_assets . "',
|
|
user_menu_assetclasses='" . $user_menu_assetclasses . "',
|
|
user_menu_assetclassgroups='" . $user_menu_assetclassgroups . "',
|
|
user_menu_locations='" . $user_menu_locations . "',
|
|
user_menu_nodes='" . $user_menu_nodes . "',
|
|
user_menu_subnets='" . $user_menu_subnets . "',
|
|
user_menu_users='" . $user_menu_users . "',
|
|
user_menu_vlans='" . $user_menu_vlans . "',
|
|
user_menu_zones='" . $user_menu_zones . "',
|
|
user_tooltips='" . $user_tooltips . "'
|
|
WHERE
|
|
user_id=" . $user_id;
|
|
|
|
$_SESSION['suser_language'] = $user_language;
|
|
$_SESSION['suser_imagesize'] = $user_imagesize;
|
|
$_SESSION['suser_imagecount'] = $user_imagecount;
|
|
$_SESSION['suser_mac'] = $user_mac;
|
|
$_SESSION['suser_dateformat'] = $user_dateformat;
|
|
$_SESSION['suser_dns1suffix'] = $user_dns1suffix;
|
|
$_SESSION['suser_dns2suffix'] = $user_dns2suffix;
|
|
$_SESSION['suser_menu_assets'] = $user_menu_assets;
|
|
$_SESSION['suser_menu_assetclasses'] = $user_menu_assetclasses;
|
|
$_SESSION['suser_menu_assetclassgroups'] = $user_menu_assetclassgroups;
|
|
$_SESSION['suser_menu_locations'] = $user_menu_locations;
|
|
$_SESSION['suser_menu_nodes'] = $user_menu_nodes;
|
|
$_SESSION['suser_menu_subnets'] = $user_menu_subnets;
|
|
$_SESSION['suser_menu_users'] = $user_menu_users;
|
|
$_SESSION['suser_menu_vlans'] = $user_menu_vlans;
|
|
$_SESSION['suser_menu_zones'] = $user_menu_zones;
|
|
$_SESSION['suser_tooltips'] = $user_tooltips;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("options.php");
|
|
break;
|
|
case ("optionspassword") :
|
|
$user_id = $_SESSION['suser_id'];
|
|
$user_currentpass = sanitize($_POST['user_currentpass']);
|
|
$user_newpass1 = sanitize($_POST['user_newpass1']);
|
|
$user_newpass2 = sanitize($_POST['user_newpass2']);
|
|
|
|
$query = "SELECT
|
|
user_pass
|
|
FROM
|
|
user
|
|
WHERE
|
|
user_id='" . $user_id . "'";
|
|
|
|
$user = $db->db_select($query);
|
|
|
|
if (password_verify($user_currentpass, $user[0]['user_pass'])) {
|
|
if(!strcmp($user_newpass1, $user_newpass2)) {
|
|
$newhash = password_hash($user_newpass1, PASSWORD_BCRYPT);
|
|
$query = "UPDATE
|
|
user
|
|
SET
|
|
user_pass='" . $newhash . "'
|
|
WHERE
|
|
user_id=" . $user_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("options.php");
|
|
}
|
|
}
|
|
break;
|
|
case ("subnet") :
|
|
$subnet_id = sanitize($_POST['subnet_id']);
|
|
$subnet_address= sanitize($_POST['subnet_address']);
|
|
$subnet_proto_vers = sanitize($_POST['subnet_proto_vers']);
|
|
$subnet_mask = sanitize($_POST['subnet_mask']);
|
|
$subnet_dhcpstart = sanitize($_POST['subnet_dhcpstart']);
|
|
$subnet_dhcpend = sanitize($_POST['subnet_dhcpend']);
|
|
$subnet_ntp_server = sanitize($_POST['subnet_ntp_server']);
|
|
$subnet_info = sanitize($_POST['subnet_info']);
|
|
|
|
$query = "UPDATE
|
|
subnet
|
|
SET
|
|
subnet_address='$subnet_address',
|
|
subnet_mask='$subnet_mask',
|
|
subnet_dhcp_start='$subnet_dhcpstart',
|
|
subnet_dhcp_end='$subnet_dhcpend',
|
|
subnet_info='$subnet_info',
|
|
protocol_version=$subnet_proto_vers,
|
|
ntp_server='$subnet_ntp_server'
|
|
WHERE
|
|
subnet_id=" . $subnet_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("subnetview.php?subnet_id=" . $subnet_id);
|
|
break;
|
|
case ("user") :
|
|
$user_id = sanitize($_POST['user_id']);
|
|
$user_name = sanitize($_POST['user_name']);
|
|
$user_displayname = sanitize($_POST['user_displayname']);
|
|
$user_realm = sanitize($_POST['user_realm']);
|
|
|
|
$query = "UPDATE
|
|
user
|
|
SET
|
|
user_name='" . $user_name . "',
|
|
user_displayname='" . $user_displayname . "',
|
|
user_realm='" . $user_realm . "'
|
|
WHERE
|
|
user_id=" . $user_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("userview.php?user_id=" . $user_id);
|
|
break;
|
|
case ("vlan") :
|
|
$vlan_id = sanitize($_POST['vlan_id']);
|
|
$vlan_name = sanitize($_POST['vlan_name']);
|
|
$vlan_number = sanitize($_POST['vlan_number']);
|
|
$vlan_info = sanitize($_POST['vlan_info']);
|
|
|
|
$query = "UPDATE
|
|
vlan
|
|
SET
|
|
vlan_name='$vlan_name',
|
|
vlan_number='$vlan_number',
|
|
vlan_info='$vlan_info'
|
|
WHERE
|
|
vlan_id=" . $vlan_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("vlanview.php?vlan_id=" . $vlan_id);
|
|
break;
|
|
case ("zone") :
|
|
$zone_id = sanitize($_POST['zone_id']);
|
|
$zone_origin = sanitize($_POST['zone_origin']);
|
|
$zone_ttl_default = sanitize($_POST['zone_ttl_default']);
|
|
$zone_soa = sanitize($_POST['zone_soa']);
|
|
$zone_hostmaster = sanitize($_POST['zone_hostmaster']);
|
|
$zone_refresh = sanitize($_POST['zone_refresh']);
|
|
$zone_retry = sanitize($_POST['zone_retry']);
|
|
$zone_expire = sanitize($_POST['zone_expire']);
|
|
$zone_ttl = sanitize($_POST['zone_ttl']);
|
|
$zone_serial = sanitize($_POST['zone_serial']);
|
|
$zone_ns1 = sanitize($_POST['zone_ns1']);
|
|
$zone_ns2 = sanitize($_POST['zone_ns2']);
|
|
$zone_ns3 = sanitize($_POST['zone_ns3']);
|
|
$zone_mx1 = sanitize($_POST['zone_mx1']);
|
|
$zone_mx2 = sanitize($_POST['zone_mx2']);
|
|
$zone_info = sanitize($_POST['zone_info']);
|
|
$query = "UPDATE
|
|
zone
|
|
SET
|
|
zone_origin='$zone_origin',
|
|
zone_ttl_default='$zone_ttl_default',
|
|
zone_soa='$zone_soa',
|
|
zone_hostmaster='$zone_hostmaster',
|
|
zone_refresh='$zone_refresh',
|
|
zone_retry='$zone_retry',
|
|
zone_expire='$zone_expire',
|
|
zone_ttl='$zone_ttl',
|
|
zone_serial='$zone_serial',
|
|
zone_ns1='$zone_ns1',
|
|
zone_ns2='$zone_ns2',
|
|
zone_ns3='$zone_ns3',
|
|
zone_mx1='$zone_mx1',
|
|
zone_mx2='$zone_mx2',
|
|
zone_info='$zone_info'
|
|
WHERE
|
|
zone_id=" . $zone_id;
|
|
|
|
$db->db_update($query);
|
|
|
|
header_location("zoneview.php?zone_id=" . $zone_id);
|
|
break;
|
|
}
|
|
}
|
|
|
|
// still not redirected, check for error
|
|
if(empty($comments)) {
|
|
$comments = "error";
|
|
}
|
|
header_location("comments.php?comments=" . $comments);
|
|
?>
|
|
|