Subversion Repositories ALCASAR

<!DOCTYPE html>

<?php

require('/etc/freeradius-web/config.php');

require('../lib/functions.php');

require('../lib/sql/functions.php');

require('../lib/acctshow.php');

if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))

	include_once("../lib/sql/drivers/$config[sql_type]/functions.php");

else{

	echo <<<EOM

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

<title>$l_title</title>

<link rel="stylesheet" href="/css/acc.css">

</head>

<body>

<center>

<b>Could not include SQL library functions. Aborting</b>

</body>

</html>

EOM;

	exit();

}

$Language = 'en';

if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {

	$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);

	$Language = strtolower(substr(chop($Langue[0]), 0, 2)); 

}

if ($Language === 'fr') {

	$l_title	= "Journal des connexions";

} else {

	$l_title	= "Connections log";

}

$operators=array( '=','<', '>', '<=', '>=', 'regexp', 'like' );

if ($config['sql_type'] == 'pg'){

	$operators=array( '=','<', '>', '<=', '>=', '~', 'like', '~*', '~~*', '<<=' );

}

$link = da_sql_pconnect ($config) or die('cannot connect to sql databse');

$fields = da_sql_list_fields($config['sql_accounting_table'],$link,$config);

unset($items);

while($row = $fields->fetch_array())

{

	$key = strtolower($row[0]);

	$val = $sql_attrs[$key]['desc'];

	if ($val == '')

		continue;

	$show = $sql_attrs[$key]['show'];

	$selected[$key] = ($show == 'yes') ? 'selected' : '';

	$items[$key] = "$val";

}

asort($items);

class Qi {

	var $name;

	var $item;

	var $_item;

	var $operator;

	var $type;

	var $typestr;

	var $value;

	function Qi($name,$item,$operator) {

				$this->name=$name;

				$this->item=$item;

				$this->operator=$operator;

	}

	function show() {	global $operators;

				global $items;

		$nam = $this->item;

			echo <<<EOM

	<tr><td align=left>

	<i>$items[$nam]</i>

	<input type=hidden name="item_of_$this->name" value="$this->item">

	</td><td align=left>

	<select name=operator_of_$this->name>

EOM;

		foreach($operators as $operator){

			if($this->operator == $operator)

				$selected=" selected ";

			else

				$selected='';

			print("<option value=\"$operator\" $selected>$operator</option>\n");

		 }

	echo <<<EOM

	</select>

	</td><td align=left>

	<input name="value_of_$this->name" type=text value="$this->value">

	</td><td align=left>

	<input type=hidden name="delete_$this->name" value=0>

	<input type=submit class=button size=5 value=del onclick="this.form.delete_$this->name.value=1">

	</td></tr>

EOM;

	}

	function get($designator) {  	global ${"item_of_$designator"};

			global ${"value_of_$designator"};

			global ${"operator_of_$designator"};

			if(${"item_of_$designator"}){

				$this->value= ${"value_of_$designator"};

				$this->operator=${"operator_of_$designator"};

				$this->item=${"item_of_$designator"};

			}

		}

	function query(){

		global $operators;

		global $items;

		return $items[$this->item]."  $this->operator  '$this->value'";

	}

}

?>

<html>

<head>

	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

	<title><?= $l_title ?></title>

	<link rel="stylesheet" href="/css/acc.css">

</head>

<body>

<div class="panel">

	<div class="panel-header"><?= $l_title ?></div>

	<div class="panel-row">

<?php

if(!isset($queryflag))

{

	$queryflag = 0;

}

if(!$queryflag) {

	echo <<<EOM

<form method=post>

<table border=0 width=740 cellpadding=1 cellspacing=1>

<tr>

<td>

<b>Afficher les attributs suivants :</b><br>

<select name="accounting_show_attrs[]" size=5 multiple>

EOM;

foreach($items as $key => $val)

	echo <<<EOM

<option $selected[$key] value="$key">$val</option>

EOM;

echo <<<EOM

</select>

<br><br>

<b>Class&eacute; par :</b><br>

<select name="order_by">

EOM;

foreach($items as $key => $val)

	if ($val == 'username')

		echo <<<EOM

	<option selected value="$key">$val</option>

EOM;

	else

	echo <<<EOM

<option value="$key">$val</option>

EOM;

echo <<<EOM

</select>

<br><br>

<b>Nbr. Max. de r&eacute;sultats retourn&eacute;s :</b><br>

<input name=maxresults value=$config[sql_row_limit] size=5>

</td>

<td valign=top>

<input type=hidden name=add value=0>

<table border=0 width=340 cellpadding=1 cellspacing=1>

<tr><td>

<b>Crit&egrave;re de s&eacute;lection :</b>

</td></tr>

<tr><td>

<select name=item_name onchange="this.form.add.value=1;this.form.submit()">

<option>--Attribute--</option>

EOM;

foreach($items as $key => $val)

	print("<option value=\"$key\">$val</option>");

echo <<<EOM

</select>

</td></tr>

EOM;

$number=1;

$offset=0;

while (isset(${"item_of_w$number"}) && ${"item_of_w$number"}) {

	if(${"delete_w$number"}==1) {$offset=1;$number++;}

		else {

		$designator=$number-$offset;

		${"w$designator"} = new Qi("w$designator","","");

		${"w$designator"}->get("w$number");

		${"w$designator"}->show();

		$number++;

		}

	}

if(isset($add) && $add==1) {

	${"w$number"} = new Qi("w$number","$item_name","$operators[0]");

	${"w$number"}->show();

	}

echo <<<EOM

</table>

</td>

<tr>

<td>

<input type=hidden name=queryflag value=0>

<br><input type=submit class=button onclick="this.form.queryflag.value=1">

</td>

</tr>

</table>

</form>

EOM;

}

if ($queryflag == 1){

	if(!isset($where))

		$where = "";

$i = 1;

while (isset(${"item_of_w$i"}) && ${"item_of_w$i"}){

	$op_found = 0;

	foreach ($operators as $operator){

		if (${"operator_of_w$i"} == $operator){

			$op_found = 1;

			break;

		}

	}

	if (!$op_found)

		die("L'opération demandé n'est pas valide. Sortie anormale.");

	${"item_of_w$i"} = preg_replace('/\s/','',${"item_of_w$i"});

	${"value_of_w$i"} = da_sql_escape_string($link,${"value_of_w$i"});

	$where .= ($i == 1) ? ' WHERE ' . ${"item_of_w$i"} . ' ' . ${"operator_of_w$i"} . " '" . ${"value_of_w$i"} . "'" :

				' AND ' . ${"item_of_w$i"} . ' ' . ${"operator_of_w$i"} . " '" . ${"value_of_w$i"} . "'" ;

	$i++;

}

$order = ($order_by != '') ? "$order_by" : 'username';

if (preg_match("/[\s;]/",$order))

	die("ORDER BY pattern is illegal. Exiting abnornally.");

if (!is_numeric($maxresults))

	die("Max Results is not in numeric form. Exiting abnormally.");

$query_view = '';

foreach ($accounting_show_attrs as $val)

	$query_view .= $val . ',';

$query_view = preg_replace('/,$/','',$query_view);

unset($sql_extra_query);

if (isset($config['sql_accounting_extra_query'])){

	$sql_extra_query = xlat($config['sql_accounting_extra_query'],$login,$config);

	$sql_extra_query = da_sql_escape_string($link,$sql_extra_query);

}

else

{

	$sql_extra_query = "";

}

if(!isset($where))

{

	$where = "";

}

$query="SELECT " . da_sql_limit($maxresults,0,$config) . " $query_view FROM $config[sql_accounting_table]

	$where $sql_extra_query " . da_sql_limit($maxresults,1,$config) .

	" ORDER BY $order DESC " . da_sql_limit($maxresults,2,$config) . ";";

echo <<<EOM

	<table border=0 width=100% cellpadding=12 cellspacing=0 bgcolor="#ffffd0" valign=top>

	<tr><td>

		<table border=1 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>

		<tr bgcolor="#d0ddb0">

EOM;

foreach($accounting_show_attrs as $val){

	$desc = $sql_attrs[$val]['desc'];

	if($val == 'acctoutputoctets')

		$desc = "Upload";

	if($val == 'acctinputoctets')

		$desc = "Download";

	echo "<th>$desc</th>\n";

}

echo "</tr>\n";

	$search = da_sql_query($link,$config,$query);

	if ($search){

		while( $row = da_sql_fetch_array($search,$config) ){

			//$num++;

			echo "<tr align=center>\n";

			foreach($accounting_show_attrs as $val){

				$info = $row[$val];

				if($val == "acctoutputoctets" || $val == "acctinputoctets")

					$info = bytes2str($info);

				if($val == "acctsessiontime")

					$info = time2strclock($info);

				if ($info == '')

					$info = '-';

				if ($val == 'username'){

					$Info = urlencode($info);

					$info = "<a href=\"user_admin.php?login=$Info\" title=\"Edit user $info\">$info</a>";

				}

				echo <<<EOM

			<td>$info</td>

EOM;

			}

			echo "</tr>\n";

		}

	}

	else

		echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";

		echo <<<EOM

		</table>

	</td></tr>

	</table>\n

EOM;

}

?>

	</div>

</div>

</body>

</html>