Rev 1831 | Rev 2403 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log
<?php
require('/etc/freeradius-web/config.php');
require('../lib/functions.php');
require('../lib/sql/functions.php');
require('../lib/acctshow.php');
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
echo <<<EOM
<html>
<head>
<title>Générateur de rapports de comptes</title>
<meta http-equiv="Content-Type" content="text/html; charset=$config[general_charset]">
<link rel="stylesheet" href="/css/style.css">
</head>
<body>
<center>
<b>Could not include SQL library functions. Aborting</b>
</body>
</html>
EOM;
exit();
}
$operators=array( '=','<', '>', '<=', '>=', 'regexp', 'like' );
if ($config['sql_type'] == 'pg'){
$operators=array( '=','<', '>', '<=', '>=', '~', 'like', '~*', '~~*', '<<=' );
}
$link = da_sql_pconnect ($config) or die('cannot connect to sql databse');
$fields = da_sql_list_fields($config['sql_accounting_table'],$link,$config);
unset($items);
while($row = $fields->fetch_array())
{
$key = strtolower($row[0]);
$val = $sql_attrs[$key]['desc'];
if ($val == '')
continue;
$show = $sql_attrs[$key]['show'];
$selected[$key] = ($show == 'yes') ? 'selected' : '';
$items[$key] = "$val";
}
asort($items);
class Qi {
var $name;
var $item;
var $_item;
var $operator;
var $type;
var $typestr;
var $value;
function Qi($name,$item,$operator) {
$this->name=$name;
$this->item=$item;
$this->operator=$operator;
}
function show() { global $operators;
global $items;
$nam = $this->item;
echo <<<EOM
<tr><td align=left>
<i>$items[$nam]</i>
<input type=hidden name="item_of_$this->name" value="$this->item">
</td><td align=left>
<select name=operator_of_$this->name>
EOM;
foreach($operators as $operator){
if($this->operator == $operator)
$selected=" selected ";
else
$selected='';
print("<option value=\"$operator\" $selected>$operator</option>\n");
}
echo <<<EOM
</select>
</td><td align=left>
<input name="value_of_$this->name" type=text value="$this->value">
</td><td align=left>
<input type=hidden name="delete_$this->name" value=0>
<input type=submit class=button size=5 value=del onclick="this.form.delete_$this->name.value=1">
</td></tr>
EOM;
}
function get($designator) { global ${"item_of_$designator"};
global ${"value_of_$designator"};
global ${"operator_of_$designator"};
if(${"item_of_$designator"}){
$this->value= ${"value_of_$designator"};
$this->operator=${"operator_of_$designator"};
$this->item=${"item_of_$designator"};
}
}
function query(){
global $operators;
global $items;
return $items[$this->item]." $this->operator '$this->value'";
}
}
?>
<html>
<head>
<title>Journal des connexions</title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $config['general_charset']?>">
<link rel="stylesheet" href="/css/style.css">
</head>
<body>
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th>Journal des connexions</th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2">
</td></tr>
</TABLE>
<TABLE width="100%" border="1" cellspacing="0" cellpadding="1">
<tr><td>
<?php
if(!isset($queryflag))
{
$queryflag = 0;
}
if(!$queryflag) {
echo <<<EOM
<form method=post>
<table border=0 width=740 cellpadding=1 cellspacing=1>
<tr>
<td>
<b>Afficher les attributs suivants :</b><br>
<select name="accounting_show_attrs[]" size=5 multiple>
EOM;
foreach($items as $key => $val)
echo <<<EOM
<option $selected[$key] value="$key">$val</option>
EOM;
echo <<<EOM
</select>
<br><br>
<b>Classé par :</b><br>
<select name="order_by">
EOM;
foreach($items as $key => $val)
if ($val == 'username')
echo <<<EOM
<option selected value="$key">$val</option>
EOM;
else
echo <<<EOM
<option value="$key">$val</option>
EOM;
echo <<<EOM
</select>
<br><br>
<b>Nbr. Max. de résultats retournés :</b><br>
<input name=maxresults value=$config[sql_row_limit] size=5>
</td>
<td valign=top>
<input type=hidden name=add value=0>
<table border=0 width=340 cellpadding=1 cellspacing=1>
<tr><td>
<b>Critère de sélection :</b>
</td></tr>
<tr><td>
<select name=item_name onchange="this.form.add.value=1;this.form.submit()">
<option>--Attribute--</option>
EOM;
foreach($items as $key => $val)
print("<option value=\"$key\">$val</option>");
echo <<<EOM
</select>
</td></tr>
EOM;
$number=1;
$offset=0;
while (isset(${"item_of_w$number"}) && ${"item_of_w$number"}) {
if(${"delete_w$number"}==1) {$offset=1;$number++;}
else {
$designator=$number-$offset;
${"w$designator"} = new Qi("w$designator","","");
${"w$designator"}->get("w$number");
${"w$designator"}->show();
$number++;
}
}
if(isset($add) && $add==1) {
${"w$number"} = new Qi("w$number","$item_name","$operators[0]");
${"w$number"}->show();
}
echo <<<EOM
</table>
</td>
<tr>
<td>
<input type=hidden name=queryflag value=0>
<br><input type=submit class=button onclick="this.form.queryflag.value=1">
</td>
</tr>
</table>
</form>
</table>
</body>
</html>
EOM;
}
if ($queryflag == 1){
if(!isset($where))
$where = "";
$i = 1;
while (isset(${"item_of_w$i"}) && ${"item_of_w$i"}){
$op_found = 0;
foreach ($operators as $operator){
if (${"operator_of_w$i"} == $operator){
$op_found = 1;
break;
}
}
if (!$op_found)
die("L'opération demandé n'est pas valide. Sortie anormale.");
${"item_of_w$i"} = preg_replace('/\s/','',${"item_of_w$i"});
${"value_of_w$i"} = da_sql_escape_string($link,${"value_of_w$i"});
$where .= ($i == 1) ? ' WHERE ' . ${"item_of_w$i"} . ' ' . ${"operator_of_w$i"} . " '" . ${"value_of_w$i"} . "'" :
' AND ' . ${"item_of_w$i"} . ' ' . ${"operator_of_w$i"} . " '" . ${"value_of_w$i"} . "'" ;
$i++;
}
$order = ($order_by != '') ? "$order_by" : 'username';
if (preg_match("/[\s;]/",$order))
die("ORDER BY pattern is illegal. Exiting abnornally.");
if (!is_numeric($maxresults))
die("Max Results is not in numeric form. Exiting abnormally.");
$query_view = '';
foreach ($accounting_show_attrs as $val)
$query_view .= $val . ',';
$query_view = ereg_replace(',$','',$query_view);
unset($sql_extra_query);
if (isset($config['sql_accounting_extra_query'])){
$sql_extra_query = xlat($config['sql_accounting_extra_query'],$login,$config);
$sql_extra_query = da_sql_escape_string($link,$sql_extra_query);
}
else
{
$sql_extra_query = "";
}
if(!isset($where))
{
$where = "";
}
$query="SELECT " . da_sql_limit($maxresults,0,$config) . " $query_view FROM $config[sql_accounting_table]
$where $sql_extra_query " . da_sql_limit($maxresults,1,$config) .
" ORDER BY $order DESC " . da_sql_limit($maxresults,2,$config) . ";";
echo <<<EOM
<table border=0 width=100% cellpadding=12 cellspacing=0 bgcolor="#ffffd0" valign=top>
<tr><td>
<p>
<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
<tr bgcolor="#d0ddb0">
</tr>
EOM;
foreach($accounting_show_attrs as $val){
$desc = $sql_attrs[$val]['desc'];
if($val == 'acctoutputoctets')
$desc = "Upload";
if($val == 'acctinputoctets')
$desc = "Download";
echo "<th>$desc</th>\n";
}
echo "</tr>\n";
$search = da_sql_query($link,$config,$query);
if ($search){
while( $row = da_sql_fetch_array($search,$config) ){
//$num++;
echo "<tr align=center>\n";
foreach($accounting_show_attrs as $val){
$info = $row[$val];
if($val == "acctoutputoctets" || $val == "acctinputoctets")
$info = bytes2str($info);
if($val == "acctsessiontime")
$info = time2strclock($info);
if ($info == '')
$info = '-';
if ($val == 'username'){
$Info = urlencode($info);
$info = "<a href=\"user_admin.php?login=$Info\" title=\"Edit user $info\">$info<a/>";
}
echo <<<EOM
<td>$info</td>
EOM;
}
echo "</tr>\n";
}
}
else
echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
echo <<<EOM
</table>
</td></tr>
</table>
</td></tr>
</table>
</table>
</body>
</html>
EOM;
}
?>