WebSVN – ALCASAR – Diff – /web/acc/manager/htdocs/import_user.php



	return $password;
}
 
function freeradiusweb_removeDisallowedChars($login)
{
	global $config;
 
	if ($login != '')
	{
		$accent = "âêôûéàèùîáâãäçèéêëìíîïñòóôõöùúûü";
		$login = preg_replace("/[^\w$accent\.\/\@\:\-]/",'',$login);
	}

</TABLE>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
<CENTER><H3> 
<?php
echo "$l_database_state ";
 
$LIBpath = "../lib/";
if (is_file($LIBpath."sql/drivers/$config[sql_type]/functions.php"))
	{
	include_once($LIBpath."sql/drivers/$config[sql_type]/functions.php");

						{
						if (substr($ligne,0,3) == pack('CCC',239,187,191)) # remove UTF8-BOM 
							{
								$ligne = substr ($ligne,3);
							}
						$tligne = explode(" ",$ligne);
						$login = trim ($tligne[0]);
						$password = trim ($tligne[1]);
						if ($login != '')
							{
							if ($password == "")
								{
								$password = GenPassword();
								}
							$login = freeradiusweb_removeDisallowedChars($login);
							$login = da_sql_escape_string($link,$login);
 
							$passwd = da_encrypt($password);
							$passwd = da_sql_escape_string($link,$passwd);
// insertion (login + password) dans la table "radcheck" (si l'usager existe --> changement de mot de passe)
							$res = @da_sql_query($link,$config,"INSERT INTO $config[sql_check_table] (attribute,value,username $text) VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");
							if (!$res || !@da_sql_affected_rows($link,$res,$config))
								{
								echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";

								fputs($RS_out,"$l_out_login $login   |   $l_out_passwd $password\r\n\r\n");
								fputs($RS_out,"$l_out_mind\r\n\r\n");
								fputs($RS_out,"--------------------------------------------------------------------------------\r\n\r\n");
								}	
// insertion de l'usager dans la table "userinfo"
							if ($config['sql_use_user_info_table'] == 'true' && !$da_abort)
								{
							$res = @da_sql_query($link,$config, "SELECT username FROM $config[sql_user_info_table] WHERE username = '$login';");
							if ($res)
								{
								if (!@da_sql_num_rows($res,$config))

								else
									echo "<b>User already exists in user info table.</b><br>\n";
								}
							else
								echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
								if ((isset($group)) && (!empty($group)))
									{
									$group = da_sql_escape_string($link,$group);
									$res = @da_sql_query($link,$config,"SELECT username FROM $config[sql_usergroup_table] WHERE username = '$login' AND groupname = '$group';");
									if ($res)
										{

Rev 2414	Rev 2415
Line 92...	Line 92...
92	`return $password;`	92	`return $password;`
93	`}`	93	`}`
94		94
95	`function freeradiusweb_removeDisallowedChars($login)`	95	`function freeradiusweb_removeDisallowedChars($login)`
96	`{`	96	`{`
-		97	`global $config;`
-		98
97	`if ($login != '')`	99	`if ($login != '')`
98	`{`	100	`{`
99	`$accent = "âêôûéàèùîáâãäçèéêëìíîïñòóôõöùúûü";`	101	`$accent = "âêôûéàèùîáâãäçèéêëìíîïñòóôõöùúûü";`
100	`$login = preg_replace("/[^\w$accent\.\/\@\:\-]/",'',$login);`	102	`$login = preg_replace("/[^\w$accent\.\/\@\:\-]/",'',$login);`
101	`}`	103	`}`
Line 117...	Line 119...
117	`</TABLE>`	119	`</TABLE>`
118	`<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>`	120	`<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>`
119	`<tr><td valign="middle" align="left">`	121	`<tr><td valign="middle" align="left">`
120	`<CENTER><H3>`	122	`<CENTER><H3>`
121	`<?php`	123	`<?php`
122	`echo "$l_database_state";`	124	`echo "$l_database_state ";`
123		125
124	`$LIBpath = "../lib/";`	126	`$LIBpath = "../lib/";`
125	`if (is_file($LIBpath."sql/drivers/$config[sql_type]/functions.php"))`	127	`if (is_file($LIBpath."sql/drivers/$config[sql_type]/functions.php"))`
126	`{`	128	`{`
127	`include_once($LIBpath."sql/drivers/$config[sql_type]/functions.php");`	129	`include_once($LIBpath."sql/drivers/$config[sql_type]/functions.php");`
Line 174...	Line 176...
174	`{`	176	`{`
175	`if (substr($ligne,0,3) == pack('CCC',239,187,191)) # remove UTF8-BOM`	177	`if (substr($ligne,0,3) == pack('CCC',239,187,191)) # remove UTF8-BOM`
176	`{`	178	`{`
177	`$ligne = substr ($ligne,3);`	179	`$ligne = substr ($ligne,3);`
178	`}`	180	`}`
179	`$tligne = split(" ",$ligne);`	181	`$tligne = explode(" ",$ligne);`
180	`$login = trim ($tligne[0]);`	182	`$login = trim ($tligne[0]);`
181	`$password = trim ($tligne[1]);`	183	`$password = trim ($tligne[1]);`
182	`if ($login != '')`	184	`if ($login != '')`
183	`{`	185	`{`
184	`if ($password == "")`	186	`if ($password == "")`
185	`{`	187	`{`
186	`$password = GenPassword();`	188	`$password = GenPassword();`
187	`}`	189	`}`
188	`$login = freeradiusweb_removeDisallowedChars($login);`	190	`$login = freeradiusweb_removeDisallowedChars($login);`
189	`$login = da_sql_escape_string($link,$login);`	191	`$login = da_sql_escape_string($link,$login);`
190	`$passwd = da_sql_escape_string($link,$passwd);`	-
191	`$passwd = da_encrypt($password);`	192	`$passwd = da_encrypt($password);`
-		193	`$passwd = da_sql_escape_string($link,$passwd);`
192	`// insertion (login + password) dans la table "radcheck" (si l'usager existe --> changement de mot de passe)`	194	`// insertion (login + password) dans la table "radcheck" (si l'usager existe --> changement de mot de passe)`
193	`$res = @da_sql_query($link,$config,"INSERT INTO $config[sql_check_table] (attribute,value,username $text) VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");`	195	`$res = @da_sql_query($link,$config,"INSERT INTO $config[sql_check_table] (attribute,value,username $text) VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");`
194	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config))`	196	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config))`
195	`{`	197	`{`
196	`echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";`	198	`echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";`
Line 203...	Line 205...
203	`fputs($RS_out,"$l_out_login $login \| $l_out_passwd $password\r\n\r\n");`	205	`fputs($RS_out,"$l_out_login $login \| $l_out_passwd $password\r\n\r\n");`
204	`fputs($RS_out,"$l_out_mind\r\n\r\n");`	206	`fputs($RS_out,"$l_out_mind\r\n\r\n");`
205	`fputs($RS_out,"--------------------------------------------------------------------------------\r\n\r\n");`	207	`fputs($RS_out,"--------------------------------------------------------------------------------\r\n\r\n");`
206	`}`	208	`}`
207	`// insertion de l'usager dans la table "userinfo"`	209	`// insertion de l'usager dans la table "userinfo"`
208	`if ($config[sql_use_user_info_table] == 'true' && !$da_abort)`	210	`if ($config['sql_use_user_info_table'] == 'true' && !$da_abort)`
209	`{`	211	`{`
210	`$res = @da_sql_query($link,$config, "SELECT username FROM $config[sql_user_info_table] WHERE username = '$login';");`	212	`$res = @da_sql_query($link,$config, "SELECT username FROM $config[sql_user_info_table] WHERE username = '$login';");`
211	`if ($res)`	213	`if ($res)`
212	`{`	214	`{`
213	`if (!@da_sql_num_rows($res,$config))`	215	`if (!@da_sql_num_rows($res,$config))`
Line 219...	Line 221...
219	`else`	221	`else`
220	`echo "<b>User already exists in user info table.</b><br>\n";`	222	`echo "<b>User already exists in user info table.</b><br>\n";`
221	`}`	223	`}`
222	`else`	224	`else`
223	`echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";`	225	`echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";`
224	`if ($group != '')`	226	`if ((isset($group)) && (!empty($group)))`
225	`{`	227	`{`
226	`$group = da_sql_escape_string($link,$group);`	228	`$group = da_sql_escape_string($link,$group);`
227	`$res = @da_sql_query($link,$config,"SELECT username FROM $config[sql_usergroup_table] WHERE username = '$login' AND groupname = '$group';");`	229	`$res = @da_sql_query($link,$config,"SELECT username FROM $config[sql_usergroup_table] WHERE username = '$login' AND groupname = '$group';");`
228	`if ($res)`	230	`if ($res)`
229	`{`	231	`{`

Subversion Repositories ALCASAR

(root)/web/acc/manager/htdocs/import_user.php – Rev 2414 → 2415