Subversion Repositories ALCASAR

Rev

Rev 1831 | Go to most recent revision | Details | Last modification | View Log

Rev Author Line No. Line
1805 clement.si 1
<?php
2
require('/etc/freeradius-web/config.php');
3
require('../lib/functions.php');
4
?>
5
<html>
6
<?php
7
 
8
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
9
	include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
10
else{
11
	echo <<<EOM
12
<title>Unauthorized Service Usage History for $login</title>
13
<meta http-equiv="Content-Type" content="text/html; charset=$config[general_charset]">
14
<link rel="stylesheet" href="style.css">
15
</head>
16
<body>
17
<center>
18
<b>Could not include SQL library functions. Aborting</b>
19
</body>
20
</html>
21
EOM;
22
	exit();
23
}
24
 
25
$now = time();
26
$now_str = ($now_str != '') ? "$now_str" : date($config[sql_date_format],$now + 86400);
27
$prev_str = ($prev_str != '') ? "$prev_str" : "0001-01-01 00:00:00";
28
 
29
$now_str = da_sql_escape_string($now_str);
30
$prev_str = da_sql_escape_string($prev_str);
31
 
32
$num = 0;
33
$pagesize = ($pagesize) ? $pagesize : 10;
34
if (!is_numeric($pagesize) && $pagesize != 'all')
35
	$pagesize = 10;
36
$limit = ($pagesize == 'all') ? '' : "$pagesize";
37
$selected[$pagesize] = 'selected';
38
$login = ($login != '') ? $login : 'anyone';
39
$usercheck = ($login == 'anyone') ? "LIKE '%'" : "= '$login'";
40
$order = ($order != '') ? $order : $config[general_accounting_info_order];
41
if ($order != 'desc' && $order != 'asc')
42
	$order = 'desc';
43
$selected[$order] = 'selected';
44
 
45
echo <<<EOM
46
<head>
47
<title>Unauthorized Service Usage History for $login</title>
48
<meta http-equiv="Content-Type" content="text/html; charset=$config[general_charset]">
49
<link rel="stylesheet" href="style.css">
50
</head>
51
<body>
52
<center>
53
<table border=0 width=550 cellpadding=0 cellspacing=0>
54
<tr valign=top>
55
<td align=center><img src="images/title2.gif"></td>
56
</tr>
57
</table>
58
EOM;
59
 
60
if ($login != 'anyone'){
61
	echo <<<EOM
62
<table border=0 width=400 cellpadding=0 cellspacing=2>
63
EOM;
64
 
65
include("../html/user_toolbar.html.php");
66
 
67
print <<<EOM
68
</table>
69
EOM;
70
}
71
 
72
if ($do_delete == 1 && ($row_id != 0 && is_numeric($row_id))){
73
$link = da_sql_connect($config);
74
if ($link){
75
	$search = da_sql_query($link,$config,
76
	"SELECT id,admin FROM $config[sql_badusers_table]
77
	WHERE id = '$row_id';");
78
	if ($search){
79
		$row = da_sql_fetch_array($search,$config);
80
		if ($row[id] == $row_id){
81
			$admin = "$row[admin]";
82
			if (($admin != '-' && $_SERVER["PHP_AUTH_USER"] == $admin) || $admin == '-'){
83
				$sql_servers = array();
84
				if ($config[sql_extra_servers] != '')
85
					$sql_servers = explode(' ',$config[sql_extra_servers]);
86
				$sql_servers[] = $config[sql_server];
87
				foreach ($sql_servers as $server){
88
					$link2 = da_sql_host_connect($server,$config);
89
					if ($link2){
90
						$r = da_sql_query($link2,$config,
91
						"DELETE FROM $config[sql_badusers_table]
92
						WHERE id = '$row_id';");
93
						if (!$r)
94
							echo "<b>SQL Error:" . da_sql_error($link2,$config) . "</b><br>\n";
95
						da_sql_close($link2,$config);
96
					}
97
					else
98
						echo "<b>SQL Error: Could not connect to SQL database: $server</b><br>\n";
99
				}
100
			}
101
		}
102
	}
103
	else
104
		echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
105
	da_sql_close($link,$config);
106
}
107
else
108
	echo "<b>Could not connect to SQL database</b><br>\n";
109
}
110
 
111
echo <<<EOM
112
<br><br>
113
<table border=0 width=740 cellpadding=1 cellspacing=1>
114
<tr valign=top>
115
<td width=55%></td>
116
<td bgcolor="black" width=45%>
117
	<table border=0 width=100% cellpadding=2 cellspacing=0>
118
	<tr bgcolor="#907030" align=right valign=top><th>
119
	<font color="white">Unauthorized Service Usage History for $login</font>&nbsp;
120
	</th></tr>
121
	</table>
122
</td></tr>
123
<tr bgcolor="black" valign=top><td colspan=2>
124
	<table border=0 width=100% cellpadding=12 cellspacing=0 bgcolor="#ffffd0" valign=top>
125
	<tr><td>
126
<b>$prev_str</b> up to <b>$now_str</b>
127
<form action="badusers.php" method="get" name="master">
128
<input type=hidden name=do_delete value=0>
129
<input type=hidden name=row_id value=0>
130
EOM;
131
?>
132
 
133
<p>
134
	<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
135
	<tr bgcolor="#d0ddb0">
136
	<th>#</th><th>user</th><th>date</th><th>admin</th><th>reason</th><th>administrator action</th>
137
	</tr>
138
 
139
<?php
140
$auth_user = $_SERVER["PHP_AUTH_USER"];
141
if ($config[general_restrict_badusers_access] == 'yes'){
142
	$auth_user = da_sql_escape_string($auth_user);
143
	$extra_query = "AND admin == '$auth_user'";
144
}
145
$link = da_sql_pconnect($config);
146
if ($link){
147
	$search = da_sql_query($link,$config,
148
	"SELECT " . da_sql_limit($limit,0,$config) . " * FROM $config[sql_badusers_table]
149
	WHERE username $usercheck $extra_query AND incidentdate <= '$now_str'
150
	AND incidentdate >= '$prev_str' " . da_sql_limit($limit,1,$config) .
151
	" ORDER BY incidentdate $order " . da_sql_limit($limit,2,$config) . " ;");
152
	if ($search){
153
		while( $row = da_sql_fetch_array($search,$config) ){
154
			$num++;
155
			$id = $row[id];
156
			$user = "$row[username]";
157
			$User = urlencode($user);
158
			$date = "$row[incidentdate]";
159
			$reason = "$row[reason]";
160
			$admin = "$row[admin]";
161
			if ($admin == $auth_user || $admin == '-')
162
	$action = "<td><input type=submit class=button value=\"Delete\" OnClick=\"this.form.do_delete.value=1;this.form.row_id.value=$id\"></td>";
163
			else
164
				$action = "<td>-</td>";
165
			if ($admin == '')
166
				$admin = '-';
167
			if ($reason == '')
168
				$reason = '-';
169
			echo <<<EOM
170
			<tr align=center>
171
				<td>$num</td>
172
				<td><a href="user_admin.php?login=$User" title="Edit user $user">$user</a></td>
173
				<td>$date</td>
174
				<td>$admin</td>
175
				<td>$reason</td>
176
				$action
177
			</tr>
178
EOM;
179
		}
180
	}
181
	else
182
		echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
183
}
184
else
185
	echo "<b>Could not connect to SQL database</b><br>\n";
186
echo <<<EOM
187
	</table>
188
<tr><td>
189
<hr>
190
<tr><td align="center">
191
	<table border=0>
192
		<tr><td colspan=6></td>
193
			<td rowspan=3 valign="bottom">
194
				<small>
195
				the <b>from</b> date matches any login after the 00:00 that day,
196
				and the <b>to</b> date any login before the 23:59 that day.
197
				the default values shown are the <b>current week</b>.
198
			</td>
199
		</tr>
200
		<tr valign="bottom">
201
			<td><small><b>user</td><td><small><b>from date</td><td><small><b>to date</td><td><small><b>pagesize</td><td><b>order</td>
202
&nbsp;</td>
203
	<tr valign="middle"><td>
204
<input type="text" name="login" size="11" value="$login"></td>
205
<td><input type="text" name="prev_str" size="11" value="$prev_str"></td>
206
<td><input type="text" name="now_str" size="11" value="$now_str"></td>
207
<td><select name="pagesize">
208
<option $selected[5] value="5" >05
209
<option $selected[10] value="10">10
210
<option $selected[15] value="15">15
211
<option $selected[20] value="20">20
212
<option $selected[40] value="40">40
213
<option $selected[80] value="80">80
214
<option $selected[all] value="all">all
215
</select>
216
</td>
217
<td><select name="order">
218
<option $selected[asc] value="asc">older first
219
<option $selected[desc] value="desc">recent first
220
</select>
221
</td>
222
EOM;
223
?>
224
 
225
<td><input type="submit" class=button value="show"></td></tr>
226
</table></td></tr></form>
227
</table>
228
</tr>
229
</table>
230
</body>
231
</html>