Rev 1878 | Rev 2299 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log
<?phpif (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))include_once("../lib/sql/drivers/$config[sql_type]/functions.php");else{echo "<b>Could not include SQL library</b><br>\n";exit();}include_once('../lib/functions.php');if ($config['sql_use_operators'] == 'true'){include_once("../lib/operators.php");$text = ',op';$passwd_op = ",':='";}$da_abort=0;$op_val2 = '';$link = da_sql_pconnect($config);if ($link){mysqli_set_charset($link,"utf8");if (is_file("../lib/crypt/$config[general_encryption_method].php")){include_once("../lib/crypt/$config[general_encryption_method].php");//Si auth par @MAC, alors on disocie l'adresse mac du réseau afin que alcasar-macup.sh fasse son travail.//Si @MAC à auth a la meme adresse IP, on ne fait pas de dhcp-down.(sinon le PHP ne peut pas s'exécuter entierement)$output = array();if($passwd == "password" && preg_match('/([a-fA-F0-9]{2}[:|\-]?){6}/', $login)){exec ("sudo chilli_query list | grep $login | cut -d' ' -f2", $output);//on vérifie que l'@IP de l'@MAC est différente de celle de l'admin sur l'ACCif(strpos($output[0], $_SERVER["REMOTE_ADDR"]) === false ){exec ("sudo chilli_query dhcp-release $login"); //dhcp-down}}unset ($output);/*Ajout en vue de l'impression des données (thank's to Geoffroy MUSITELLI)*/$passwd_imp = $passwd;/*Fin Ajout*/$passwd = da_encrypt($passwd);$passwd = da_sql_escape_string($link, $passwd);$res = da_sql_query($link,$config,"INSERT INTO $config[sql_check_table] (attribute,value,username $text)VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");if (!$res || !da_sql_affected_rows($link,$res,$config)){echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";$da_abort=1;}if ($config['sql_use_user_info_table'] == 'true' && !$da_abort){$res = da_sql_query($link,$config,"SELECT username FROM $config[sql_user_info_table] WHEREusername = '$login';");if ($res){if (!da_sql_num_rows($res,$config)){$Fcn = (isset($Fcn)) ? da_sql_escape_string($link, $Fcn) : '';$Fmail = (isset($Fmail)) ? da_sql_escape_string($link, $Fmail) : '';$Fou = (isset($Fou)) ? da_sql_escape_string($link, $Fou) : '';$Fhomephone = (isset($Fhomephone)) ? da_sql_escape_string($link, $Fhomephone) : '';$Ftelephonenumber = (isset($Ftelephonenumber)) ? da_sql_escape_string($link, $Ftelephonenumber) : '';$Fmobile = (isset($Fmobile)) ? da_sql_escape_string($link, $Fmobile) : '';$res = da_sql_query($link,$config,"INSERT INTO $config[sql_user_info_table](username,name,mail,department,homephone,workphone,mobile) VALUES('$login','$Fcn','$Fmail','$Fou','$Fhomephone','$Ftelephonenumber','$Fmobile');");if (!$res || !da_sql_affected_rows($link,$res,$config))echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";}elseecho "<b>Cet usager existe déjà dans la table 'info'</b><br>\n";}elseecho "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";}if (isset($Fgroup) && $Fgroup != ''){$Fgroup = da_sql_escape_string($link, $Fgroup);$res = da_sql_query($link,$config,"SELECT username FROM $config[sql_usergroup_table]WHERE username = '$login' AND groupname = '$Fgroup';");if ($res){if (!da_sql_num_rows($res,$config)){$res = da_sql_query($link,$config,"INSERT INTO $config[sql_usergroup_table](username,groupname) VALUES ('$login','$Fgroup');");if (!$res || !da_sql_affected_rows($link,$res,$config))echo "<b>Could not add user to group $Fgroup. SQL Error</b><br>\n";}elseecho "<b>User already is a member of group $Fgroup</b><br>\n";}elseecho "<b>Could not add user to group $Fgroup: " . da_sql_error($link,$config) . "</b><br>\n";}if (!$da_abort){if (isset($Fgroup) && $Fgroup != '')require('../lib/defaults.php');foreach($show_attrs as $key => $attr){if ($attrmap["$key"] == 'none')continue;if ($key == "Filter-Id" && $$attrmap["$key"] == "None")continue;if ($attrmap["$key"] == ''){$attrmap["$key"] = $key;$attr_type["$key"] = 'replyItem';$rev_attrmap["$key"] = $key;}if (isset($attr_type["$key"]) && $attr_type["$key"] == 'checkItem'){$table = "$config[sql_check_table]";$type = 1;}else if (isset($attr_type["$key"]) && $attr_type["$key"] == 'replyItem'){$table = "$config[sql_reply_table]";$type = 2;}$val = (isset($$attrmap["$key"])) ? $$attrmap["$key"] : '';/*Ajout en vue de l'impression des données (thank's to Geoffroy MUSITELLI)*/if($key == "Session-Timeout") $sto_imp = $val;if($key == "Max-All-Session") $mas_imp = $val;if($key == "Max-Daily-Session") $mds_imp = $val;if($key == "Max-Monthly-Session") $mms_imp = $val;/*Fin Ajout*/$val = da_sql_escape_string($link, $val);$op_name = $attrmap["$key"] . '_op';$op_val = (isset($$op_name)) ? $$op_name : '';if ($op_val != ''){$op_val = da_sql_escape_string($link, $op_val);if (check_operator($op_val,$type) == -1){echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";continue;}$op_val2 = ",'$op_val'";}$chkdef = (isset($default_vals["$key"])) ? check_defaults($val,$op_val,$default_vals["$key"]) : 0;if ($val == '' || $chkdef)continue;$sqlquery = "INSERT INTO $table (attribute,value,username $text)VALUES ('$attrmap[$key]','$val','$login' $op_val2);";$res = da_sql_query($link,$config,$sqlquery);if (!$res || !da_sql_affected_rows($link,$res,$config))echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";}}echo "<b>Usager correctement créé</b><br>\n";}elseecho "<b>Could not open encryption library file</b><br>\n";}elseecho "<b>Could not connect to SQL database</b><br>\n";?>