Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 324 → Rev 325

/web/acc/manager/lib/sql/delete_group.php
0,0 → 1,31
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
$link = @da_sql_pconnect($config);
if ($link){
$res = @da_sql_query($link,$config,
"DELETE FROM $config[sql_groupreply_table] WHERE groupname = '$login';");
if ($res){
$res = @da_sql_query($link,$config,
"DELETE FROM $config[sql_groupcheck_table] WHERE groupname = '$login';");
if ($res){
$res = @da_sql_query($link,$config,
"DELETE FROM $config[sql_usergroup_table] WHERE groupname = '$login';");
if ($res)
echo "<b>Le groupe $login a &eacute;t&eacute; correctement supprim&eacute;</b><br>\n";
else
echo "<b>Error deleting group $login from usergroup table: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Error deleting group $login from group check table: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Error deleting group $login from group reply table: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/password_check.php
0,0 → 1,36
<?php
require('password.php');
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
 
if ($action == 'checkpass'){
$link = @da_sql_pconnect($config);
if ($link){
$res = @da_sql_query($link,$config,
"SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login'
AND attribute = '$config[sql_password_attribute]';");
if ($res){
$row = @da_sql_fetch_array($res,$config);
if (is_file("../lib/crypt/$config[general_encryption_method].php")){
include("../lib/crypt/$config[general_encryption_method].php");
$enc_passwd = $row[value];
$passwd = da_encrypt($passwd,$enc_passwd);
if ($passwd == $enc_passwd)
// $msg = '<font color=blue><b>YES It is that</b></font>';
$msg = '<font color=blue><b>Le mot de passe est correct</b></font>';
else
// $msg = '<font color=red><b>NO It is wrong</b></font>';
$msg = '<font color=red><b>Le mot de passe n\'est pas correct</b></font>';
}
else
echo "<b>Could not open encryption library file</b><br>\n";
}
}
echo "<b>$msg</b>\n";
}
?>
</form>
/web/acc/manager/lib/sql/create_group.php
0,0 → 1,89
<?php
require_once('../lib/functions.php');
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
if ($config[sql_use_operators] == 'true'){
include("../lib/operators.php");
$text = ',op';
$passwd_op = ",':='";
}
$da_abort=0;
$op_val2 = '';
$link = @da_sql_pconnect($config);
if ($link){
$Members = preg_split("/[\n\s]+/",$members,-1,PREG_SPLIT_NO_EMPTY);
if (!empty($Members)){
foreach ($Members as $member){
$member = da_sql_escape_string($member);
$res = @da_sql_query($link,$config,
"INSERT INTO $config[sql_usergroup_table] (username,groupname)
VALUES ('$member','$login');");
if (!$res || !@da_sql_affected_rows($link,$res,$config)){
echo "<b>Unable to add user $member in group $login: " . da_sql_error($link,$config) . "</b><br>\n";
$da_abort=1;
}
}
}
else
{
$res = @da_sql_query($link,$config,
"INSERT INTO $config[sql_usergroup_table] (username,groupname)
VALUES ('$login','$login');");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
{
echo "<b>Unable to add user $member in group $login: " . da_sql_error($link,$config) . "</b><br>\n";
$da_abort=1;
}
else
{
echo "<b>Un groupe ne pouvant &ecirc;tre vide, l'usager '$login' a &eacute;t&eacute; cr&eacute;&eacute; (usager virtuel)<br>";
}
}
if (!$da_abort)
{
foreach($show_attrs as $key => $attr){
if ($attrmap["$key"] == 'none')
continue;
if ($attrmap["$key"] == ''){
$attrmap["$key"] = $key;
$attr_type["$key"] = 'replyItem';
$rev_attrmap["$key"] = $key;
}
if ($attr_type["$key"] == 'checkItem'){
$table = "$config[sql_groupcheck_table]";
$type = 1;
}
else if ($attr_type["$key"] == 'replyItem'){
$table = "$config[sql_groupreply_table]";
$type = 2;
}
$val = $$attrmap["$key"];
$val = da_sql_escape_string($val);
$op_name = $attrmap["$key"] . '_op';
$op_val = $$op_name;
if ($op_val != ''){
$op_val = da_sql_escape_string($op_val);
if (check_operator($op_val,$type) == -1){
echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";
coninue;
}
$op_val2 = ",'$op_val'";
}
if ($val == '' || check_defaults($val,$op_val,$default_vals["$key"]))
continue;
$res = @da_sql_query($link,$config,
"INSERT INTO $table (attribute,value,groupname $text)
VALUES ('$attrmap[$key]','$val','$login' $op_val2);");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";
}
echo "<b>Le groupe $login a &eacute;t&eacute; correctement cr&eacute;&eacute;</b><br>\n";
}
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/delete_user.php
0,0 → 1,37
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
$link = @da_sql_pconnect($config);
if ($link){
$res = @da_sql_query($link,$config,
"DELETE FROM $config[sql_reply_table] WHERE username = '$login';");
if ($res){
$res = @da_sql_query($link,$config,
"DELETE FROM $config[sql_check_table] WHERE username = '$login';");
if ($res){
$res = @da_sql_query($link,$config,
"DELETE FROM $config[sql_usergroup_table] WHERE username = '$login';");
if (!$res)
echo "<b>Error deleting user $login from user group table: " . da_sql_error($link,$config) . "</b><br>\n";
if ($config[sql_use_user_info_table] == 'true'){
$res = @da_sql_query($link,$config,
"DELETE FROM $config[sql_user_info_table] WHERE username = '$login';");
if ($res)
echo "<b>L'usager $login a &eacute;t&eacute; correctement supprim&eacute;</b><br>\n";
else
echo "<b>Error deleting user $login from user info table: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
else
echo "<b>Error deleting user $login from check table: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Error deleting user $login from reply table: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/find.php
0,0 → 1,57
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
 
unset($found_users);
 
$link = @da_sql_pconnect($config);
if ($link){
$search = da_sql_escape_string($search);
if (!is_numeric($max))
# $max = 10;
# modif by MG fo Alcasar
$max = 40;
if ($max > 500)
$max = 10;
if (($search_IN == 'name' || $search_IN == 'department' || $search_IN == 'username') &&
$config[sql_use_user_info_table] == 'true'){
$res = @da_sql_query($link,$config,
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $config[sql_user_info_table] WHERE
lower($search_IN) LIKE '%$search%' " .
# da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;");
# modif by MG for Alcasar
da_sql_limit($max,1,$config) . " " . da_sql_limit($max,1,$config) . " ;");
if ($res){
while(($row = @da_sql_fetch_array($res,$config)))
$found_users[] = $row[username];
}
else
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
}
else if ($search_IN == 'radius' && $radius_attr != ''){
require("../lib/sql/attrmap.php");
if ($attrmap["$radius_attr"] == ''){
$attrmap["$radius_attr"] = $radius_attr;
$attr_type["$radius_attr"] = 'replyItem';
}
$table = ($attr_type[$radius_attr] == 'checkItem') ? $config[sql_check_table] : $config[sql_reply_table];
$attr = $attrmap[$radius_attr];
$attr = da_sql_escape_string($attr);
$res = @da_sql_query($link,$config,
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $table WHERE attribute = '$attr'
AND value LIKE '%$search%' " . da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;");
if ($res){
while(($row = @da_sql_fetch_array($res,$config)))
$found_users[] = $row[username];
}
else
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/create_user.php
0,0 → 1,120
<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
include_once('../lib/functions.php');
if ($config[sql_use_operators] == 'true'){
include("../lib/operators.php");
$text = ',op';
$passwd_op = ",':='";
}
$da_abort=0;
$op_val2 = '';
$link = @da_sql_pconnect($config);
if ($link){
if (is_file("../lib/crypt/$config[general_encryption_method].php")){
include("../lib/crypt/$config[general_encryption_method].php");
$passwd = da_encrypt($passwd);
$passwd = da_sql_escape_string($passwd);
$res = @da_sql_query($link,$config,
"INSERT INTO $config[sql_check_table] (attribute,value,username $text)
VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");
if (!$res || !@da_sql_affected_rows($link,$res,$config)){
echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";
$da_abort=1;
}
if ($config[sql_use_user_info_table] == 'true' && !$da_abort){
$res = @da_sql_query($link,$config,
"SELECT username FROM $config[sql_user_info_table] WHERE
username = '$login';");
if ($res){
if (!@da_sql_num_rows($res,$config)){
$Fcn = da_sql_escape_string($Fcn);
$Fmail = da_sql_escape_string($Fmail);
$Fou = da_sql_escape_string($Fou);
$Fhomephone = da_sql_escape_string($Fhomephone);
$Fworkphone = da_sql_escape_string($Fworkphone);
$Fmobile = da_sql_escape_string($Fmobile);
$res = @da_sql_query($link,$config,
"INSERT INTO $config[sql_user_info_table]
(username,name,mail,department,homephone,workphone,mobile) VALUES
('$login','$Fcn','$Fmail','$Fou','$Fhomephone','$Ftelephonenumber','$Fmobile');");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
}
else
echo "<b>Cet usager existe d&eacute;j&agrave; dans la table 'info'</b><br>\n";
}
else
echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
}
if ($Fgroup != ''){
$Fgroup = da_sql_escape_string($Fgroup);
$res = @da_sql_query($link,$config,
"SELECT username FROM $config[sql_usergroup_table]
WHERE username = '$login' AND groupname = '$Fgroup';");
if ($res){
if (!@da_sql_num_rows($res,$config)){
$res = @da_sql_query($link,$config,
"INSERT INTO $config[sql_usergroup_table]
(username,groupname) VALUES ('$login','$Fgroup');");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
echo "<b>Could not add user to group $Fgroup. SQL Error</b><br>\n";
}
else
echo "<b>User already is a member of group $Fgroup</b><br>\n";
}
else
echo "<b>Could not add user to group $Fgroup: " . da_sql_error($link,$config) . "</b><br>\n";
}
if (!$da_abort){
if ($Fgroup != '')
require('../lib/defaults.php');
foreach($show_attrs as $key => $attr){
if ($attrmap["$key"] == 'none')
continue;
if ($attrmap["$key"] == ''){
$attrmap["$key"] = $key;
$attr_type["$key"] = 'replyItem';
$rev_attrmap["$key"] = $key;
}
if ($attr_type["$key"] == 'checkItem'){
$table = "$config[sql_check_table]";
$type = 1;
}
else if ($attr_type["$key"] == 'replyItem'){
$table = "$config[sql_reply_table]";
$type = 2;
}
$val = $$attrmap["$key"];
$val = da_sql_escape_string($val);
$op_name = $attrmap["$key"] . '_op';
$op_val = $$op_name;
if ($op_val != ''){
$op_val = da_sql_escape_string($op_val);
if (check_operator($op_val,$type) == -1){
echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";
coninue;
}
$op_val2 = ",'$op_val'";
}
if ($val == '' || check_defaults($val,$op_val,$default_vals["$key"]))
continue;
$res = @da_sql_query($link,$config,
"INSERT INTO $table (attribute,value,username $text)
VALUES ('$attrmap[$key]','$val','$login' $op_val2);");
if (!$res || !@da_sql_affected_rows($link,$res,$config))
echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";
}
}
echo "<b>Usager correctement cr&eacute;&eacute;</b><br>\n";
}
else
echo "<b>Could not open encryption library file</b><br>\n";
}
else
echo "<b>Could not connect to SQL database</b><br>\n";
?>
/web/acc/manager/lib/sql/drivers/mysql/functions.php
0,0 → 1,136
<?php
function da_sql_limit($limit,$point,$config)
{
switch($point){
case 0:
return '';
case 1:
return '';
//modif by MG for Alcasar
case 2:
return "LIMIT $limit";
case 3:
return "LIMIT $limit";
}
}
 
function da_sql_host_connect($server,$config)
{
if ($config[sql_use_http_credentials] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_connect("$server:$config[sql_port]",$SQL_user,$SQL_passwd);
}
 
function da_sql_connect($config)
{
if ($config[sql_use_http_credentials] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_connect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd);
}
 
function da_sql_pconnect($config)
{
if ($config[sql_use_http_credentials] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_pconnect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd);
}
 
function da_sql_close($link,$config)
{
return @mysql_close($link);
}
 
function da_sql_escape_string($string)
{
return @mysql_escape_string($string);
}
 
function da_sql_query($link,$config,$query)
{
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query: <i>$query</i></b><br>\n";
return @mysql_db_query($config[sql_database],$query,$link);
}
 
function da_sql_num_rows($result,$config)
{
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Num rows:: " . @mysql_num_rows($result) . "</b><br>\n";
return @mysql_num_rows($result);
}
 
function da_sql_fetch_array($result,$config)
{
$row = array_change_key_case(@mysql_fetch_array($result,
MYSQL_ASSOC),CASE_LOWER);
if ($config[sql_debug] == 'true'){
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: <pre>";
print_r($row);
print "</b></pre>\n";
}
return $row;
}
 
function da_sql_affected_rows($link,$result,$config)
{
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Affected rows:: " . @mysql_affected_rows($result) . "</b><br>\n";
return @mysql_affected_rows($link);
}
 
function da_sql_list_fields($table,$link,$config)
{
return @mysql_list_fields($config[sql_database],$table);
}
 
function da_sql_num_fields($fields,$config)
{
return @mysql_num_fields($fields);
}
 
function da_sql_field_name($fields,$num,$config)
{
return @mysql_field_name($fields,$num);
}
 
function da_sql_error($link,$config)
{
return @mysql_error($link);
}
?>