diff --git a/include/config/logging.php b/include/config/logging.php index 51482c6ac..fc80d17a9 100644 --- a/include/config/logging.php +++ b/include/config/logging.php @@ -1,107 +1,116 @@ -* -* This file is used for controlling the logging actions -* -*********************************************************************/ - - /* -* It is important to understand that when logging.php is included in -* a page AFTER an include for config_read.php it gains access to all -* of the variables it's scope including the $configValues[....] because -* it was included just before it. -* -* But it should be noticed that these variables are only accessible -* in the scope of the general or main block of php code and are -* not accessible from functions, so we can't just use $configValues[...] -* variables from within logMessageNotice() or any other function -* and so we must use them here as references. -* -* The relevant variables are: -* -* $operator -* $_SERVER["SCRIPT_NAME"] -* $configValues['CONFIG_LOG_FILE'] -* -*/ + ********************************************************************************************************* + * daloRADIUS - RADIUS Web Platform + * Copyright (C) 2007 - Liran Tal All Rights Reserved. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + ********************************************************************************************************* + * Description: This file is used for controlling the logging actions + * + * Authors: Liran Tal + * Filippo Lauria + * + ********************************************************************************************************* + */ -if ($configValues['CONFIG_LOG_PAGES'] == "yes") { - if (isset($log)) { - $msgNotice = $operator . " " . $log; - logMessage("NOTICE", $msgNotice, $configValues['CONFIG_LOG_FILE'], $_SERVER["SCRIPT_NAME"]); - } +// prevent this file to be directly accessed +if (strpos($_SERVER['PHP_SELF'], '/include/config/logging.php') !== false) { + header("Location: ../../index.php"); + exit; } +/* + * It is important to understand that when logging.php is included in + * a page AFTER an include for config_read.php it gains access to all + * of the variables it's scope including the $configValues[....] because + * it was included just before it. + * + * But it should be noticed that these variables are only accessible + * in the scope of the general or main block of php code and are + * not accessible from functions, so we can't just use $configValues[...] + * variables from within logMessageNotice() or any other function + * and so we must use them here as references. + * + * The relevant variables are: + * + * $operator + * $_SERVER["SCRIPT_NAME"] + * $configValues['CONFIG_LOG_FILE'] + * + */ +/* + * @param $type The message type, for example, NOTICE, DEBUG, ERROR, ACTION, etc... + * @param $msg The message string which should be logged to the file + * @param $logFile The full path for the filename to write logs to + * @param $currPage The current page that we included from + * @return $table The table name, either radcheck or radreply + */ +function logMessage($type, $msg, $logFile, $currPage) { + $date = date('M d G:i:s'); + $msgString = $date . " " . $type . " " . $msg . " " . $currPage; -if ($configValues['CONFIG_LOG_QUERIES'] == "yes") { - if (isset($logQuery)) { - $msgQuery = $operator . " " . $logQuery; - logMessage("QUERY", $msgQuery, $configValues['CONFIG_LOG_FILE'], $_SERVER["SCRIPT_NAME"]); - } + $fp = fopen($logFile, "a"); + if ($fp) { + fwrite($fp, $msgString . "\n"); + fclose($fp); + return; + } + + echo "
" + . 'error: could not open the file for writing: ' + . $logFile . "
" + . "Check file permissions. The file should be writable by the webserver's user/group" + . "
"; } +$logger_work = array(); +if ($configValues['CONFIG_LOG_PAGES'] == "yes" && isset($log) && !empty($log)) { + $logger_work['NOTICE'] = "$operator $log"; +} -if ($configValues['CONFIG_LOG_ACTIONS'] == "yes") { - if (isset($logAction)) { - $msgAction = $operator . " " . $logAction; - logMessage("ACTION", $msgAction, $configValues['CONFIG_LOG_FILE'], $_SERVER["SCRIPT_NAME"]); - } +if ($configValues['CONFIG_LOG_QUERIES'] == "yes" && isset($logQuery) && !empty($logQuery)) { + $logger_work['QUERIES'] = "$operator $logQuery"; } -/******************************************************************************** +if ($configValues['CONFIG_LOG_ACTIONS'] == "yes" && isset($logAction) && !empty($logAction)) { + $logger_work['ACTIONS'] = "$operator $logAction"; +} + +/* + ******************************************************************************** * evaluating whether we need to debug SQL queries to the database as well. * $logDebugSQL is set for each $sql = "query statement..." on the actual page * in the following form: $logDebugSQL += $sql . "\n"; * - ********************************************************************************/ -if ($configValues['CONFIG_DEBUG_SQL'] == "yes") { - if (isset($logDebugSQL)) { - $msgDebugSQL = "- SQL -" . " " . $logDebugSQL . " on page: "; - logMessage("DEBUG", $msgDebugSQL, $configValues['CONFIG_LOG_FILE'], $_SERVER["SCRIPT_NAME"]); - } + ******************************************************************************** + */ +if ($configValues['CONFIG_DEBUG_SQL'] == "yes" && isset($logDebugSQL) && !empty($logDebugSQL)) { + $logger_work['DEBUG'] = "- SQL -" . " " . $logDebugSQL . " on page: "; } -/* the continuation of the CONFIG_DEBUG_SQL actually, this prints to the page - * being viewed */ -if ($configValues['CONFIG_DEBUG_SQL_ONPAGE'] == "yes") { - if (isset($logDebugSQL)) { - echo "

"; - echo "Debugging SQL Queries:
"; - echo $logDebugSQL; - echo "

"; - } +foreach ($logger_work as $type => $message) { + logMessage($type, $message, $configValues['CONFIG_LOG_FILE'], $_SERVER["SCRIPT_NAME"]); } - - -function logMessage($type, $msg, $logFile, $currPage) { -/* -* @param $type The message type, for example, NOTICE, DEBUG, ERROR, ACTION, etc... -* @param $msg The message string which should be logged to the file -* @param $logFile The full path for the filename to write logs to -* @param $currPage The current page that we included from -* @return $table The table name, either radcheck or radreply -*/ - - $date = date('M d G:i:s'); - $msgString = $date . " " . $type . " " . $msg . " " . $currPage; - - $fp = fopen($logFile, "a"); - if ($fp) { - fwrite($fp, $msgString . "\n"); - fclose($fp); - } else { - - echo "error: could not open the file for writing: $logFile
"; - echo "Check file permissions. The file should be writable by the webserver's user/group
"; - } - +/* the continuation of the CONFIG_DEBUG_SQL actually, this prints to the page + * being viewed */ +if ($configValues['CONFIG_DEBUG_SQL_ONPAGE'] == "yes" && isset($logDebugSQL) && !empty($logDebugSQL)) { + echo "

" + . "Debugging SQL Queries:
" + . "
$logDebugSQL
" + . "

"; } ?> diff --git a/include/management/actionMessages.php b/include/management/actionMessages.php index a883dd5b2..4d7f17a41 100644 --- a/include/management/actionMessages.php +++ b/include/management/actionMessages.php @@ -1,27 +1,41 @@ -* -* This file provides control for messages that are printed to the -* screen in reply to actions such as applying forms, saving data, -* removing data and such. -* -*********************************************************************/ +/* + ********************************************************************************************************* + * daloRADIUS - RADIUS Web Platform + * Copyright (C) 2007 - Liran Tal All Rights Reserved. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + ********************************************************************************************************* + * + * Description: + * This file provides control for messages that are printed to the + * screen in reply to actions such as applying forms, saving data, + * removing data and such. + * + * Authors: Liran Tal + * Filippo Lauria + * + ********************************************************************************************************* + */ - -if ((isset($failureMsg)) && ($failureMsg != "")) { - echo "
- $failureMsg -
- "; +// prevent this file to be directly accessed +if (strpos($_SERVER['PHP_SELF'], '/include/management/actionMessages.php') !== false) { + header("Location: ../../index.php"); + exit; } - -if ((isset($successMsg)) && ($successMsg != "")) { - echo "
- $successMsg -
- "; +if (isset($failureMsg) && !empty($failureMsg)) { + printf('
%s
', $failureMsg); } +if (isset($successMsg) && !empty($successMsg)) { + printf('
%s
', $successMsg); +} diff --git a/library/errorHandling.php b/library/errorHandling.php index bfacb988b..087bd1622 100644 --- a/library/errorHandling.php +++ b/library/errorHandling.php @@ -14,22 +14,30 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ********************************************************************************************************* - * Description: - * global error handling for all PEAR packages, it isn't too wise to do - * that as I've no idea what other php applications are running on this machine - * even though this is really just about handling the error but still. - * So instead we're using the object's error handling method (see library/opendb.php) - * PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'errorHandler'); + * + * Description: global error handling for all PEAR packages, it isn't too wise to do + * that as I've no idea what other php applications are running on this machine + * even though this is really just about handling the error but still. + * So instead we're using the object's error handling method (see library/opendb.php) + * PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'errorHandler'); * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ +// prevent this file to be directly accessed +if (strpos($_SERVER['PHP_SELF'], '/library/errorHandling.php') !== false) { + header("Location: ../index.php"); + exit; +} function errorHandler($err) { - echo("
Database error
- Error Message: " . $err->getMessage() . "
Debug info: " . $err->getDebugInfo() . "
"); + echo '
Database error
' + . "Error message: " . $err->getMessage() . "
" + . "Debug info:
" . $err->getDebugInfo() + . "
"; } ?> diff --git a/library/exten-boot_log.php b/library/exten-boot_log.php index ca323c768..3b5c3fd88 100644 --- a/library/exten-boot_log.php +++ b/library/exten-boot_log.php @@ -15,48 +15,79 @@ * ********************************************************************************************************* * Description: - * this script displays the radius log file ofcourse - * proper premissions must be applied on the log file for the web - * server to be able to read it + * this script displays the radius log file. + * Of course proper premissions must be applied on the log file for the web + * server to be able to read it * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ -$logfile_loc1 = '/var/log/dmesg'; -$logfile_loc2 = '/usr/local/var/log/dmesg'; - -if (file_exists($logfile_loc1)) - $logfile = $logfile_loc1; -else if (file_exists($logfile_loc2)) - $logfile = $logfile_loc2; -else { - $failureMsg = "error reading log file:
". - "looked for log file in $logfile_loc1 and $logfile_loc2 but couldn't find it.
". - "if you know where your dmesg (boot) log file is located, set it's location in " . $_SERVER[SCRIPT_NAME]; - exit; +// prevent this file to be directly accessed +$extension_file = '/library/exten-boot_log.php'; +if (strpos($_SERVER['PHP_SELF'], $extension_file) !== false) { + header("Location: ../index.php"); + exit; } - -if (is_readable($logfile) == false) { - $failureMsg = "error reading log file: $logfile
". - "possible cause is file premissions or file doesn't exist.
"; +// possible locations for radius logs +$logfile_loc = array( + '/var/log/boot', + '/var/log/dmesg', + '/usr/local/var/log/dmesg' +); + +// select one log file +$logfile = ""; + +foreach ($logfile_loc as $tmp) { + if (file_exists($tmp)) { + $logfile = $tmp; + break; + } +} + +$logfile_enc = (!empty($logfile)) ? htmlspecialchars($logfile, ENT_QUOTES, 'UTF-8') : '(none)'; + +// check if it is empty +if (empty($logfile)) { + $failureMsg = sprintf("

Error accessing log file: %s

" . + "Looked for log file in %s but could not find it.
" . + "If you know where your dmesg (boot) log file is located, " . + "specify its location in %s", + $logfile_enc, + htmlspecialchars(implode(", ", $logfile_loc), ENT_QUOTES, 'UTF-8'), + htmlspecialchars($extension_file, ENT_QUOTES, 'UTF-8')); } else { - if (file_get_contents($logfile)) { - $fileReversed = array_reverse(file($logfile)); - $counter = $bootLineCount; - foreach ($fileReversed as $line) { - if (preg_match("/$bootFilter/i", $line)) { - if ($counter == 0) - break; - $ret = preg_replace("/\n/i", "
", $line); - echo $ret; - $counter--; - } - } - } + + // check if it is readable + if (is_readable($logfile) !== true) { + $failureMsg = sprintf("

Error reading log file: %s.

Is this file readable?
", + $logfile_enc); + } else { + + // get its content + $logcontent = file_get_contents($logfile); + if (!empty($logcontent)) { + $counter = $bootLineCount; + $filter = (!empty($bootFilter)) ? preg_quote($bootFilter, "/") : ".+"; + $fileReversed = array_reverse(file($logfile)); + + echo '
'; + foreach ($fileReversed as $line) { + if (preg_match("/$filter/i", $line)) { + if ($counter == 0) { + break; + } + echo nl2br(htmlspecialchars($line, ENT_QUOTES, 'UTF-8'), false); + $counter--; + } + } + echo '
'; + } + } } ?> - diff --git a/library/exten-daloradius_log.php b/library/exten-daloradius_log.php index 9bdebbf5a..e9904e242 100644 --- a/library/exten-daloradius_log.php +++ b/library/exten-daloradius_log.php @@ -15,61 +15,59 @@ * ********************************************************************************************************* * Description: - * this script displays the daloradius log file ofcourse - * proper premissions must be applied on the log file for the web - * server to be able to read it + * this script displays the daloradius log file ofcourse + * proper premissions must be applied on the log file for the web + * server to be able to read it * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ +// prevent this file to be directly accessed +if (strpos($_SERVER['PHP_SELF'], '/library/exten-daloradius_log.php') !== false) { + header("Location: ../index.php"); + exit; +} -if (isset($configValues['CONFIG_LOG_FILE'])) { - $logfile = $configValues['CONFIG_LOG_FILE']; - - if (!file_exists($logfile)) { - - $failureMsg = "error reading log file: $logfile
". - "looked for log file in $logfile but couldn't find it.
". - "if you know where your daloradius log file is located, set it's location in your library/daloradius.conf file"; - } else { - - - if (is_readable($logfile) == false) { +// check if daloradius logfile is set +if (array_key_exists('CONFIG_LOG_FILE', $configValues) && isset($configValues['CONFIG_LOG_FILE'])) { - $failureMsg = "error reading log file: $logfile
". - "possible cause is file premissions or file doesn't exist.
"; + $logfile = $configValues['CONFIG_LOG_FILE']; + $logfile_enc = (!empty($logfile)) ? htmlspecialchars($logfile, ENT_QUOTES, 'UTF-8') : '(none)'; - } else { - if (file_get_contents($logfile)) { - $fileReversed = array_reverse(file($logfile)); - $counter = $daloradiusLineCount; + // check if file exists + if (!file_exists($logfile)) { + $failureMsg = sprintf("

Error accessing log file: %s

" + . "Looked for log file in %s but could not find it.
" + . "If you know where your daloradius log file is located, " + . "specify its location in your library/daloradius.conf.php file", + $logfile_enc, $logfile_enc); + } else { + // check if it is readable + if (is_readable($logfile) !== true) { + $failureMsg = sprintf("

Error reading log file: %s.

Is this file readable?
", + $logfile_enc); + } else { + // get its content + $logcontent = file_get_contents($logfile); + if (!empty($logcontent)) { + $counter = $daloradiusLineCount; + $fileReversed = array_reverse(file($logfile)); - // This doesn't take in any filter value - // from the forms. - // This takes in the log count though. - foreach ($fileReversed as $line) { - if ($counter == 0) { - break; - } - echo $line . "
"; - $counter--; - } - // Old Code - // $counter = $daloradiusLineCount; - // foreach ($fileReversed as $line) { - // if (preg_match("/$daloradiusFilter/i", $line)) { - // if ($counter == 0) - // break; - // $ret = eregi_replace("\n", "
", $line); - // echo $ret; - // $counter--; - // } - // } - } - } - } + echo '
'; + foreach ($fileReversed as $line) { + if ($counter == 0) { + break; + } + echo nl2br(htmlspecialchars($line, ENT_QUOTES, 'UTF-8'), false); + $counter--; + + } + echo '
'; + } + } + } } - ?> diff --git a/library/exten-maint-radclient.php b/library/exten-maint-radclient.php index 6f3954d91..9ad5e0160 100644 --- a/library/exten-maint-radclient.php +++ b/library/exten-maint-radclient.php @@ -15,106 +15,110 @@ * ********************************************************************************************************* * Description: - * This code allows for running the 'radtest' binary tool provided with freeradius - * for performing a dry-run check to see if a user is able to successfully login - * or that there may be problems connecting. + * This code allows for running the 'radtest' binary tool provided with freeradius + * for performing a dry-run check to see if a user is able to successfully login + * or that there may be problems connecting. * - * Authors: Liran Tal - * Giso Kegal + * Authors: Liran Tal + * Giso Kegal + * Filippo Lauria * ********************************************************************************************************* */ +// prevent this file to be directly accessed +$extension_file = '/library/exten-maint-radclient.php'; +if (strpos($_SERVER['PHP_SELF'], $extension_file) !== false) { + header("Location: ../index.php"); + exit; +} + +$extension_file_enc = htmlspecialchars($extension_file, ENT_QUOTES, 'UTF-8'); + // user_auth function // sends to the radius server an authentication request packet (for the sake of testing a user) -// $radiusaddr - the server address, this would most likely be the radius server IP Address/Hostname +// $radiusaddr - the server address, this would most likely be the radius server IP Address/Hostname // $radiusport - the server's port number, radius server's port number (1812 or the old port for auth) -// $options - the options passed to the radclient program -// $command - the command string that radclient sends (auth, acct, status, coa, disconnect), by default this functions does 'auth' -function user_auth($options,$user,$pass,$radiusaddr,$radiusport,$secret,$command="auth",$additional="") { - - $user = escapeshellarg($user); - $pass = escapeshellarg($pass); - - $args = escapeshellarg("$radiusaddr:$radiusport")." ".escapeshellarg($command). - " ".escapeshellarg($secret); - $query = "User-Name=$user,User-Password=$pass"; - - $radclient = "radclient"; // or you can change this with the full path if the binary radcilent program can not be - // found within your $PATH variable - - $radclient_options = "-c ".escapeshellarg($options['count']). - " -n ".escapeshellarg($options['requests']). - " -r ".escapeshellarg($options['retries']). - " -t ".escapeshellarg($options['timeout']). - " ".$options['debug']; - - if ($options['dictionary']) - $radclient_options .= " -d ".escapeshellarg($options['dictionary']); - - $cmd = "echo ".escapeshellcmd($query)." | $radclient $radclient_options $args 2>&1"; - - $print_cmd = "Executed:
$cmd

Results:
"; - $res = shell_exec($cmd); - - if ($res == "") { - echo "Error: Command did not return any results
"; - echo "Please check that you have the radclient binary program installed and that - it is found in your \$PATH variable
- You may also consult the file library/exten-maint-radclient.php for other problems
- "; - } - - // todo better layout - $output_html = nl2br($res); - return $print_cmd . $output_html; +// $options - the options passed to the radclient program +// $command - the command string that radclient sends (auth, acct, status, coa, disconnect), by default this functions does 'auth' +function user_auth($options, $user, $pass, $radiusaddr, $radiusport, $secret, $command="auth", $additional="") { + + $user = escapeshellarg($user); + $pass = escapeshellarg($pass); + $args = escapeshellarg("$radiusaddr:$radiusport") . " " . escapeshellarg($command) . " " . escapeshellarg($secret); + $query = "User-Name=$user,User-Password=$pass"; + + $radclient = "radclient"; // or you can change this with the full path if the binary radcilent program can not be + // found within your $PATH variable + + $radclient_options = " -c " . escapeshellarg($options['count']) + . " -n " . escapeshellarg($options['requests']) + . " -r " . escapeshellarg($options['retries']) + . " -t " . escapeshellarg($options['timeout']) + . " " . $options['debug']; + + if ($options['dictionary']) { + $radclient_options .= " -d " . escapeshellarg($options['dictionary']); + } + + $cmd = sprintf('echo "%s" | %s %s %s 2>&1', escapeshellcmd($query), $radclient, $radclient_options, $args); + $res = shell_exec($cmd); + + $print_cmd = "Executed:
$cmd
"; + if ($res == "") { + echo "Error: Command did not return any results.
" + . "Please check that you have the radclient binary program installed and that it is found in your \$PATH variable
" + . "You may also consult the file $extension_file_enc for other problems
"; + return $print_cmd; + } + + $output_html = '
Results:
' . nl2br($res) . '
'; + return $print_cmd . $output_html; } // user_disconnect function // sends to the NAS a CoA (Change of Authorization) or a CoD (Disconnect) packet -// $nasaddr - NAS address to receive the coa or disconnect request packet -// $nasport - NAS Port address (depends on the configuration on the NAS, this may be a different port for either CoA or Disconnect packets). -function user_disconnect($options,$user,$nasaddr,$nasport="3779",$nassecret,$command="disconnect",$additional="") { - - $user = escapeshellarg($user); - - $args = escapeshellarg("$nasaddr:$nasport")." ".escapeshellarg($command)." ". - escapeshellarg($nassecret); - $query = "User-Name=$user"; - - if (!empty($additional)) { - $query .= ','.$additional; - } - - $radclient = "radclient"; // or you can change this with the full path if the binary radcilent program can not be - // found within your $PATH variable - - $radclient_options = "-c ".escapeshellarg($options['count']). - " -n ".escapeshellarg($options['requests']). - " -r ".escapeshellarg($options['retries']). - " -t ".escapeshellarg($options['timeout']). - " ".$options['debug']; - - if ($options['dictionary']) - $radclient_options .= " -d ".escapeshellarg($options['dictionary']); - - $cmd = "echo \"".escapeshellcmd($query)."\" | $radclient $radclient_options $args 2>&1"; - $print_cmd = "Executed:
$cmd

Results:
"; - $res = shell_exec($cmd); - - if ($res == "") { - echo "Error: Command did not return any results
"; - echo "Please check that you have the radclient binary program installed and that - it is found in your \$PATH variable
- You may also consult the file library/exten-maint-radclient.php for other problems
- "; - } - - // todo better layout - $output_html = nl2br($res); - return $print_cmd . $output_html; +// $nasaddr - NAS address to receive the coa or disconnect request packet +// $nasport - NAS Port address (depends on the configuration on the NAS, this may be a different port for either CoA or Disconnect packets). +function user_disconnect($options, $user, $nasaddr, $nasport="3779", $nassecret, $command="disconnect", $additional="") { + + $user = escapeshellarg($user); + + $args = escapeshellarg("$nasaddr:$nasport") . " " . escapeshellarg($command). " " . escapeshellarg($nassecret); + $query = "User-Name=$user"; + + if (!empty($additional)) { + $query .= ',' . $additional; + } + + $radclient = "radclient"; // or you can change this with the full path if the binary radcilent program can not be + // found within your $PATH variable + + $radclient_options = " -c " . escapeshellarg($options['count']) + . " -n " . escapeshellarg($options['requests']) + . " -r " . escapeshellarg($options['retries']) + . " -t " . escapeshellarg($options['timeout']) + . " " . $options['debug']; + + if ($options['dictionary']) { + $radclient_options .= " -d " . escapeshellarg($options['dictionary']); + } + + $cmd = sprintf('echo "%s" | %s %s %s 2>&1', escapeshellcmd($query), $radclient, $radclient_options, $args); + $res = shell_exec($cmd); + + $print_cmd = "Executed:
$cmd
"; + if ($res == "") { + echo "Error: Command did not return any results.
" + . "Please check that you have the radclient binary program installed and that it is found in your \$PATH variable
" + . "You may also consult the file $extension_file_enc for other problems
"; + return $print_cmd; + } + + $output_html = '
Results:
' . nl2br($res) . '
'; + return $print_cmd . $output_html; } ?> diff --git a/library/exten-radius_log.php b/library/exten-radius_log.php index 918bc4581..20c245948 100644 --- a/library/exten-radius_log.php +++ b/library/exten-radius_log.php @@ -15,66 +15,77 @@ * ********************************************************************************************************* * Description: - * this script displays the radius log file ofcourse - * proper premissions must be applied on the log file for the web - * server to be able to read it + * this script displays the radius log file. + * Of course proper premissions must be applied + * on the log file for the web server to be able to read it * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - -$logfile_loc = array(); -$logfile_loc[1] = '/var/log/freeradius/radius.log'; -$logfile_loc[2] = '/usr/local/var/log/radius/radius.log'; -$logfile_loc[3] = '/var/log/radius/radius.log'; +// prevent this file to be directly accessed +$extension_file = '/library/exten-radius_log.php'; +if (strpos($_SERVER['PHP_SELF'], $extension_file) !== false) { + header("Location: ../index.php"); + exit; +} + +// possible locations for radius logs +$logfile_loc = array( + '/var/log/freeradius/radius.log', + '/usr/local/var/log/radius/radius.log', + '/var/log/radius/radius.log' +); + +// select one log file +$logfile = ""; foreach ($logfile_loc as $tmp) { - if (file_exists($tmp)) { - $logfile = $tmp; - break; - } + if (file_exists($tmp)) { + $logfile = $tmp; + break; + } } - +$logfile_enc = (!empty($logfile)) ? htmlspecialchars($logfile, ENT_QUOTES, 'UTF-8') : '(none)'; + +// check if it is empty if (empty($logfile)) { - echo "

- error reading log file:

- looked for log file in '".implode(", ", $logfile_loc)."' but couldn't find it.
- if you know where your freeradius log file is located, set it's location in " . $_SERVER['SCRIPT_NAME']; - exit; + printf("

Error accessing log file: %s.

" + . "Looked for log file in %s but could not find it.
" + . "If you know where your freeradius log file is located, " + . "specify its location in %s", + $logfile_enc, htmlspecialchars(implode(", ", $logfile_loc), ENT_QUOTES, 'UTF-8'), $logfile_enc); + exit; } - -if (is_readable($logfile) == false) { - echo "

- error reading log file: $logfile

- possible cause is file premissions or file doesn't exist.
"; -} else { - if (file_get_contents($logfile)) { +// check if it is readable +if (is_readable($logfile) !== true) { + $failureMsg = sprintf("

Error reading log file: %s.

Is this file readable?
", + $logfile_enc); + exit; +} + +// get its content +$logcontent = file_get_contents($logfile); +if (!empty($logcontent)) { + $counter = $radiusLineCount; + $filter = (!empty($radiusFilter)) ? preg_quote($radiusFilter, "/") : ".+"; + $fileReversed = array_reverse(file($logfile)); - $counter = $radiusLineCount; - $fileReversed = array_reverse(file($logfile)); - foreach ($fileReversed as $line) { - if($counter == 0) { - break; + echo '
'; + foreach ($fileReversed as $line) { + if (preg_match("/$filter/i", $line)) { + if ($counter == 0) { + break; } - echo $line . "
"; + echo nl2br(htmlspecialchars($line, ENT_QUOTES, 'UTF-8'), false); $counter--; - } - // $counter = $radiusLineCount; - // foreach ($fileReversed as $line) { - // if (preg_match("/$radiusFilter/i", $line)) { - // if ($counter == 0) - // break; - // $ret = eregi_replace("\n", "
", $line); - // echo $ret; - // $counter--; - // } - // } + } } + echo '
'; } ?> - diff --git a/library/exten-radius_server_info.php b/library/exten-radius_server_info.php index 08ef4cea7..d1ba14cea 100644 --- a/library/exten-radius_server_info.php +++ b/library/exten-radius_server_info.php @@ -15,41 +15,43 @@ * ********************************************************************************************************* * Description: - * this script runs a check to see if freeradius is up and running -* the check is done by looking for a 'radius' process listening -* on any socket interface. clumsy, but that's what we got for now + * this script uses pgrep to check if services stored + * in $services_to_check are running * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - -function check_service($sname) { - if ($sname != '') { - system("pgrep ".escapeshellarg($sname)." >/dev/null 2>&1", $ret_service); - if ($ret_service == 0) { - return "Enabled"; - } else { - return "Disabled"; - } - } else { - return "no service name"; - } + +// prevent this file to be directly accessed +if (strpos($_SERVER['PHP_SELF'], '/library/exten-radius_server_info.php') !== false) { + header("Location: ../index.php"); + exit; +} + +// given the $service_name, this function returns "Running" if that service is running +function check_service($service_name) { + if (empty($service_name)) { + return "no service name"; + } + + $command = sprintf("pgrep %s", escapeshellarg($service_name)); + exec($command, $output, $result_code); + return ($result_code === 0) ? "Running" : "Not running"; } +$services_to_check = array("FreeRADIUS", "MySQL", "MariaDB"); + ?> +

Service Status

+Service Status"; + $format = '\n"; + foreach ($services_to_check as $service_name) { + printf($format, $service_name, check_service(strtolower($service_name))); + } ?> - -
%s%s' + . "
- - - - - - - -
Radius
Mysql
diff --git a/library/exten-server_info.php b/library/exten-server_info.php index dedc52d6b..f80a888e6 100644 --- a/library/exten-server_info.php +++ b/library/exten-server_info.php @@ -15,81 +15,103 @@ * ********************************************************************************************************* * Description: - * this script process some important server information and displays it + * this script process some important server information and displays it * - * Authors: Liran Tal - * Carlos Cesario + * Authors: Liran Tal + * Carlos Cesario + * Filippo Lauria * ********************************************************************************************************* */ - include_once('include/management/pages_common.php'); + +// prevent this file to be directly accessed +$extension_file = '/library/exten-server_info.php'; +if (strpos($_SERVER['PHP_SELF'], $extension_file) !== false) { + header("Location: ../index.php"); + exit; +} + +include_once('include/management/pages_common.php'); + +// returns system name and version +function get_system_name_and_version() { + $command = "cat /etc/*release | grep ^NAME\= | cut -d'=' -f2- | tr -d '\"'"; + exec($command, $output, $result_code); + if ($result_code !== 0) { + return "(n/d)"; + } + + $result = $output[0]; + $output = null; + $result_code = null; + + $command = "cat /etc/*release | grep ^VERSION\= | cut -d'=' -f2- | tr -d '\"'"; + exec($command, $output, $result_code); + if ($result_code === 0) { + $result .= sprintf(", version %s", $output[0]); + } + + return $result; +} + // Display uptime system // @return string Return uptime system function uptime() { - $file_name = "/proc/uptime"; - - $fopen_file = fopen($file_name, 'r'); - $buffer = explode(' ', fgets($fopen_file, 4096)); - fclose($fopen_file); - - $sys_ticks = trim($buffer[0]); - $min = $sys_ticks / 60; - $hours = $min / 60; - $days = floor($hours / 24); - $hours = floor($hours - ($days * 24)); - $min = floor($min - ($days * 60 * 24) - ($hours * 60)); - $result = ""; - - if ($days != 0) { - if ($days > 1) - $result = "$days " . " days "; - else - $result = "$days " . " day "; - } - - if ($hours != 0) { - if ($hours > 1) - $result .= "$hours " . " hours "; - else - $result .= "$hours " . " hour "; - } - - if ($min > 1 || $min == 0) - $result .= "$min " . " minutes "; - elseif ($min == 1) - $result .= "$min " . " minute "; - - return $result; + $file_name = "/proc/uptime"; + + $fopen_file = fopen($file_name, 'r'); + $buffer = explode(' ', fgets($fopen_file, 4096)); + fclose($fopen_file); + + $sys_ticks = trim($buffer[0]); + $min = $sys_ticks / 60; + $hours = $min / 60; + $days = floor($hours / 24); + $hours = floor($hours - ($days * 24)); + $min = floor($min - ($days * 60 * 24) - ($hours * 60)); + $result = ""; + + if ($days != 0) { + $result .= $days; + $result .= ($days > 1) ? " days " : " day "; + } + + if ($hours != 0) { + $result .= $hours; + $result .= ($hours > 1) ? " hours " : " hour "; + } + + if ($min > 1 || $min == 0) + $result .= "$min " . " minutes "; + elseif ($min == 1) + $result .= "$min " . " minute "; + + return $result; } // Display hostname system // @return string System hostname or none function get_hostname() { - $file_name = "/proc/sys/kernel/hostname"; + $file_name = "/proc/sys/kernel/hostname"; - if ($fopen_file = fopen($file_name, 'r')) { - $result = trim(fgets($fopen_file, 4096)); - fclose($fopen_file); - } else { - $result = "(none)"; - } + if ($fopen_file = fopen($file_name, 'r')) { + $result = trim(fgets($fopen_file, 4096)); + fclose($fopen_file); + } else { + $result = "(n/d)"; + } - return $result; + return $result; } // Display currenty date/time // @return string Current system date/time or none function get_datetime() { - if ($today = date("F j, Y, g:i a")) { - $result = $today; - } else { - $result = "(none)"; - } - - return $result; + $today = date("F j, Y, g:i a"); + return ($today) ? $today : "(n/d)"; } @@ -97,59 +119,59 @@ function get_datetime() { // Get System Load Average // @return array System Load Average function get_system_load() { - $file_name = "/proc/loadavg"; - $result = ""; - $output = ""; + $file_name = "/proc/loadavg"; + $result = ""; + $output = ""; - // get the /proc/loadavg information - if ($fopen_file = fopen($file_name, 'r')) { - $result = trim(fgets($fopen_file, 256)); - fclose($fopen_file); - } else { - $result = "(none)"; - } + // get the /proc/loadavg information + if ($fopen_file = fopen($file_name, 'r')) { + $result = trim(fgets($fopen_file, 256)); + fclose($fopen_file); + } else { + $result = "(n/d)"; + } - $loadavg = explode(" ", $result); - $output .= $loadavg[0] . " " . $loadavg[1] . " " . $loadavg[2] . "
"; + $loadavg = explode(" ", $result); + $output .= $loadavg[0] . " " . $loadavg[1] . " " . $loadavg[2] . "
"; - // get information the 'top' program - $file_name = "top -b -n1 | grep \"Tasks:\" -A1"; - $result = ""; + // get information the 'top' program + $file_name = "top -b -n1 | grep \"Tasks:\" -A1"; + $result = ""; - if ($popen_file = popen($file_name, 'r')) { - $result = trim(fread($popen_file, 2048)); - pclose($popen_file); - } else { - $result = "(none)"; - } + if ($popen_file = popen($file_name, 'r')) { + $result = trim(fread($popen_file, 2048)); + pclose($popen_file); + } else { + $result = "(n/d)"; + } - $result = str_replace("\n", "
", $result); - $output .= $result; + $result = str_replace("\n", "
", $result); + $output .= $result; - return $output; + return $output; } // Get Memory System MemTotal|MemFree // @return array Memory System MemTotal|MemFree function get_memory() { - $file_name = "/proc/meminfo"; - $mem_array = array(); - - $buffer = file($file_name); - - while (list($key, $value) = each($buffer)) { - if (strpos($value, ':') !== false) { - $match_line = explode(':', $value); - $match_value = explode(' ', trim($match_line[1])); - if (is_numeric($match_value[0])) { - $mem_array[trim($match_line[0])] = trim($match_value[0]); - } - } - } - - return $mem_array; + $file_name = "/proc/meminfo"; + $mem_array = array(); + + $buffer = file($file_name); + + while (list($key, $value) = each($buffer)) { + if (strpos($value, ':') !== false) { + $match_line = explode(':', $value); + $match_value = explode(' ', trim($match_line[1])); + if (is_numeric($match_value[0])) { + $mem_array[trim($match_line[0])] = trim($match_value[0]); + } + } + } + + return $mem_array; } @@ -164,7 +186,7 @@ function get_hdd_freespace() { // @param decimal $value // @return int Memory MB function convert_ToMB($value) { - return round($value / 1024) . " MB\n"; + return round($value / 1024) . " MB\n"; } @@ -172,20 +194,20 @@ function convert_ToMB($value) { // Get all network names devices (eth[0-9]) // @return array Get list network name interfaces function get_interface_list() { - $devices = array(); - $file_name = "/proc/net/dev"; - - if ($fopen_file = fopen($file_name, 'r')) { - while ($buffer = fgets($fopen_file, 4096)) { - if (preg_match("/eth[0-9][0-9]*/i", trim($buffer), $match)) { - $devices[] = $match[0]; - } - } - $devices = array_unique($devices); - sort($devices); - fclose ($fopen_file); - } - return $devices; + $devices = array(); + $file_name = "/proc/net/dev"; + + if ($fopen_file = fopen($file_name, 'r')) { + while ($buffer = fgets($fopen_file, 4096)) { + if (preg_match("/eth[0-9][0-9]*/i", trim($buffer), $match)) { + $devices[] = $match[0]; + } + } + $devices = array_unique($devices); + sort($devices); + fclose ($fopen_file); + } + return $devices; } @@ -194,42 +216,41 @@ function get_interface_list() { // @param string $ifname // @return string Ip address or (none) function get_ip_addr($ifname) { - $command_name = "/sbin/ifconfig $ifname"; - $ifip = ""; - - exec($command_name , $command_result); - - $ifip = implode($command_result, "\n"); - if (preg_match("/inet addr:[0-9\.]*/i", $ifip, $match)) { - $match = explode(":", $match[0]); - return $match[1]; - } elseif (preg_match("/inet [0-9\.]*/i", $ifip, $match)) { - $match = explode(" ", $match[0]); - return $match[1]; - } else { - return "(none)"; - } + $command_formats = array( + '(ip addr show %s || /sbin/ip addr show %s) | grep inet | grep -v inet6 | sed -E "s/^\s+//g" | cut -d" " -f2 | cut -d"/" -f1', + '(ifconfig %s || /sbin/ifconfig %s) | grep -oE "inet ([0-9]{1,3}\.?){4}" | cut -d" " -f2' + ); + + foreach ($command_formats as $format) { + $command = sprintf($format, escapeshellarg($ifname), escapeshellarg($ifname)); + exec($command, $output, $result_code); + if ($result_code === 0) { + return $output[0]; + } + } + + return "(n/d)"; } // Get mac address // @param string $ifname // @return string Mac address or (none) function get_mac_addr($ifname) { - $command_name = "/sbin/ifconfig $ifname"; - $ifip = ""; - - exec($command_name , $command_result); - - $ifmac = implode($command_result, "\n"); - if (preg_match("/hwaddr [0-9A-F:]*/i", $ifmac, $match)) { - $match = explode(" ", $match[0]); - return $match[1]; - } elseif (preg_match("/ether [0-9A-F:]*/i", $ifmac, $match)) { - $match = explode(" ", $match[0]); - return $match[1]; - } else { - return "(none)"; - } + $command_formats = array( + '(ip addr show %s || /sbin/ip addr show %s) | grep "link/ether" | sed -E "s/^\s+//g" | cut -d" " -f2', + '(ifconfig %s || /sbin/ifconfig %s) | grep "ether" | sed -E "s/^\s+//g" | cut -d" " -f2' + ); + + foreach ($command_formats as $format) { + $command = sprintf($format, escapeshellarg($ifname), escapeshellarg($ifname)); + exec($command, $output, $result_code); + + if ($result_code === 0 && preg_match("/^([0-9A-F]{2}\:){5}[0-9A-F]{2}$/i", $output[0])) { + return $output[0]; + } + } + + return "(n/d)"; } @@ -237,129 +258,109 @@ function get_mac_addr($ifname) { // @param string $ifname // @return string Netmask address or (none) function get_mask_addr($ifname) { - $command_name = "/sbin/ifconfig $ifname"; - $ifmask = ""; - - exec($command_name , $command_result); - - $ifmask = implode($command_result, "\n"); - if (preg_match("/mask:[0-9\.]*/i", $ifmask, $match)) { - $match = explode(":", $match[0]); - return $match[1]; - } elseif (preg_match("/netmask [0-9\.]*/i", $ifmask, $match)) { - $match = explode(" ", $match[0]); - return $match[1]; - } else { - return "(none)"; - } + $command_formats = array( + 'echo -n "/"; (ip addr show %s || /sbin/ip addr show %s) | grep inet | grep -v inet6 | sed -E "s/^\s+//g" | cut -d" " -f2 | cut -d"/" -f2', + '(ifconfig %s || /sbin/ifconfig %s) | grep -oE "netmask ([0-9]{1,3}\.?){4}" | cut -d" " -f2' + ); + + foreach ($command_formats as $format) { + $command = sprintf($format, escapeshellarg($ifname), escapeshellarg($ifname)); + exec($command, $output, $result_code); + if ($result_code === 0) { + return $output[0]; + } + } + + return "(n/d)"; } -?> +// memory info +$meminfo = get_memory(); +$memused = ($meminfo['MemTotal'] - $meminfo['MemFree']); +// hdd info +$hddfreespace = get_hdd_freespace(); + +// network interfaces info +$iflist = get_interface_list(); -General Information"; ?> - +

General Information

+
- - + + + - - + + - - + + - - + + + + + +
Uptime System distro
System Load Uptime
Hostname System Load
Current Date Hostname
Current Date
-Memory Information"; - $meminfo = get_memory(); -?> - - - +

Memory Information

+
- - + + - - + + - - + +
Mem. Total Mem. Total
Mem. Free Mem. Free
Mem. Used - - - Mem. Used
-Harddrive Information"; - $hddfreespace = get_hdd_freespace(); -?> +

Harddrive Information

+ + + + + +
Free Drive Space
+

Network Interfaces

- + +
- - + + + + + + + + + + + + + + -
Free Drive Space Interface
Ip
Mask
MAC address
Network Interfaces"; - $iflist = get_interface_list(); - - foreach ($iflist as $ifname) { - echo "\t\n"; - echo "\t\n"; - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t\n"; - echo "\t\n"; - echo "\t\n"; - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t\n"; - echo "\t\n"; - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t\n"; - echo "\t\n"; - echo "\t\t\n"; - echo "\t\n"; - } - - echo "\t
\n"; - echo "\t\t\t$ifname\n"; - echo "\t\t
\n"; - echo "\t\t\tIp\n"; - echo "\t\t\n"; - echo "\t\t\t".get_ip_addr($ifname)."\n"; - echo "\t\t
\n"; - echo "\t\t\tMask\n"; - echo "\t\t\n"; - echo "\t\t\t".get_mask_addr($ifname)."\n"; - echo "\t\t
\n"; - echo "\t\t\tMAC address\n"; - echo "\t\t\n"; - echo "\t\t\t".get_mac_addr($ifname)."\n"; - echo "\t\t
\n"; + } ?> diff --git a/library/exten-syslog_log.php b/library/exten-syslog_log.php index 175f04df4..ed5d68dd3 100644 --- a/library/exten-syslog_log.php +++ b/library/exten-syslog_log.php @@ -15,48 +15,75 @@ * ********************************************************************************************************* * Description: - * this script displays the radius log file ofcourse - * proper premissions must be applied on the log file for the web - * server to be able to read it + * this script displays the radius log file ofcourse + * proper premissions must be applied on the log file for the web + * server to be able to read it * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ +// prevent this file to be directly accessed +$extension_file = '/library/exten-syslog_log.php'; +if (strpos($_SERVER['PHP_SELF'], $extension_file) !== false) { + header("Location: ../index.php"); + exit; +} + +// possible locations for syslog files +$logfile_loc = array( + '/var/log/syslog', + '/var/log/messages' +); -$logfile_loc1 = '/var/log/syslog'; -$logfile_loc2 = '/var/log/messages'; +// select one log file +$logfile = ""; -if (file_exists($logfile_loc1)) - $logfile = $logfile_loc1; -else if (file_exists($logfile_loc2)) - $logfile = $logfile_loc2; -else { - $failureMsg = "error reading system log file:
". - "looked for log file in $logfile_loc1 and $logfile_loc2 but couldn't find it.
". - "if you know where your system log file is located, set it's location in " . $_SERVER[SCRIPT_NAME]; - exit; +foreach ($logfile_loc as $tmp) { + if (file_exists($tmp)) { + $logfile = $tmp; + break; + } } -if (is_readable($logfile) == false) { - $failureMsg = "error reading log file: $logfile
". - "possible cause is file premissions or file doesn't exist.
"; +$logfile_enc = (!empty($logfile)) ? htmlspecialchars($logfile, ENT_QUOTES, 'UTF-8') : '(none)'; + +// check if it is empty +if (empty($logfile)) { + $failureMsg = sprintf("

Error accessing log file: %s.

" . + "Looked for log file in %s but could not find it.
" . + "If you know where your system log file is located, specify its location in %s", + $logfile_enc, htmlspecialchars(implode(", ", $logfile_loc), ENT_QUOTES, 'UTF-8'), + htmlspecialchars($extension_file, ENT_QUOTES, 'UTF-8')); } else { - if (file_get_contents($logfile)) { - $fileReversed = array_reverse(file($logfile)); - $counter = $systemLineCount; - foreach ($fileReversed as $line) { - if (preg_match("/$systemFilter/i", $line)) { - if ($counter == 0) - break; - $ret = preg_replace("/\n/i", "
", $line); - echo $ret; - $counter--; - } - } + + // check if it is readable + if (is_readable($logfile) !== true) { + $failureMsg = sprintf("

Error reading log file: %s.

Is this file readable?
", + $logfile_enc); + } else { + + // get its content + $logcontent = file_get_contents($logfile); + if (!empty($logcontent)) { + $counter = $systemLineCount; + $filter = (!empty($systemFilter)) ? preg_quote($systemFilter, "/") : ".+"; + $fileReversed = array_reverse(file($logfile)); + + echo '
'; + foreach ($fileReversed as $line) { + if (preg_match("/$filter/i", $line)) { + if ($counter == 0) { + break; + } + echo nl2br(htmlspecialchars($line, ENT_QUOTES, 'UTF-8'), false); + $counter--; } + } + echo '
'; + } + } } - ?> - diff --git a/library/exten-welcome_page.php b/library/exten-welcome_page.php index a04e53b8d..e911aab37 100644 --- a/library/exten-welcome_page.php +++ b/library/exten-welcome_page.php @@ -14,24 +14,25 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ********************************************************************************************************* - * Description: - * displays a welcome page for the main index.php file + * Description: displays a welcome page for the main index.php file * - * Authors: Liran Tal - * Miguel García + * Authors: Liran Tal + * Miguel García + * Filippo Lauria * ********************************************************************************************************* */ -echo " -
- -

daloRADIUS Web Management Server

-

".t('all','daloRADIUSVersion')." / ".$configValues['DALORADIUS_DATE']."

-

Liran Tal

-


- -
-"; - +// prevent this file to be directly accessed +if (strpos($_SERVER['PHP_SELF'], '/library/exten-welcome_page.php') !== false) { + header("Location: ../index.php"); + exit; +} ?> + +
+

daloRADIUS Web Management Server

+

/

+

Liran Tal

+ +
diff --git a/rep-logs-boot.php b/rep-logs-boot.php index f893afda9..86fc94406 100644 --- a/rep-logs-boot.php +++ b/rep-logs-boot.php @@ -15,65 +15,62 @@ * ********************************************************************************************************* * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); + include("library/checklogin.php"); $operator = $_SESSION['operator_user']; - include('library/check_operator_perm.php'); + include('library/check_operator_perm.php'); - isset($_GET['bootLineCount']) ? $bootLineCount = $_GET['bootLineCount'] : $bootLineCount = 50; - isset($_GET['bootFilter']) ? $bootFilter = $_GET['bootFilter'] : $bootFilter = "."; + // parameter validation + $bootLineCount = (array_key_exists('bootLineCount', $_GET) && isset($_GET['bootLineCount']) && + intval($_GET['bootLineCount']) > 0) + ? intval($_GET['bootLineCount']) : 50; + // preg quoted before usage + $bootFilter = (array_key_exists('bootFilter', $_GET) && isset($_GET['bootFilter'])) + ? $_GET['bootFilter'] : ""; - include_once('library/config_read.php'); + include_once('library/config_read.php'); $log = "visited page: "; - $logQuery = "performed query on page: "; include('include/config/logging.php'); + include("menu-reports-logs.php"); + +?> +
+

+ + :: + + + +

- -
- -

- :: - -

- - -
+ +
+
- - - -
- - - - + + + diff --git a/rep-logs-daloradius.php b/rep-logs-daloradius.php index f241e2ec9..a908e83f9 100644 --- a/rep-logs-daloradius.php +++ b/rep-logs-daloradius.php @@ -15,64 +15,53 @@ * ********************************************************************************************************* * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); - $operator = $_SESSION['operator_user']; + include("library/checklogin.php"); + $operator = $_SESSION['operator_user']; - include('library/check_operator_perm.php'); + include('library/check_operator_perm.php'); - isset($_GET['daloradiusLineCount']) ? $daloradiusLineCount = $_GET['daloradiusLineCount'] : $daloradiusLineCount = 50; - isset($_GET['daloradiusFilter']) ? $daloradiusFilter = $_GET['daloradiusFilter'] : $daloradiusFilter = "."; + // parameter validation + $daloradiusLineCount = (array_key_exists('daloradiusLineCount', $_GET) && isset($_GET['daloradiusLineCount']) && + intval($_GET['daloradiusLineCount']) > 0) + ? intval($_GET['daloradiusLineCount']) : 50; - include_once('library/config_read.php'); - $log = "visited page: "; - $logQuery = "performed query on page: "; - include('include/config/logging.php'); + include_once('library/config_read.php'); + $log = "visited page: "; + include('include/config/logging.php'); -?> - - + include("menu-reports-logs.php"); +?> -
- -

- :: - -

+
+

+ + :: + + +

- + +
- - -
- - + + + diff --git a/rep-logs-radius.php b/rep-logs-radius.php index 7f8913001..706fc34d1 100644 --- a/rep-logs-radius.php +++ b/rep-logs-radius.php @@ -15,65 +15,65 @@ * ********************************************************************************************************* * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); + include("library/checklogin.php"); $operator = $_SESSION['operator_user']; - include('library/check_operator_perm.php'); + include('library/check_operator_perm.php'); - isset($_GET['radiusLineCount']) ? $radiusLineCount = $_GET['radiusLineCount'] : $radiusLineCount = 50; - isset($_GET['radiusFilter']) ? $radiusFilter = $_GET['radiusFilter'] : $radiusFilter = "."; + // parameter validation + $radiusLineCount = (array_key_exists('radiusLineCount', $_GET) && isset($_GET['radiusLineCount']) && + intval($_GET['radiusLineCount']) > 0) + ? intval($_GET['radiusLineCount']) : 50; + // preg quoted before usage + $radiusFilter = (array_key_exists('radiusFilter', $_GET) && isset($_GET['radiusFilter']) && + in_array($_GET['radiusFilter'], array( "Auth", "Info", "Error" ))) + ? $_GET['radiusFilter'] : ""; - include_once('library/config_read.php'); + + include_once('library/config_read.php'); $log = "visited page: "; - $logQuery = "performed query on page: "; include('include/config/logging.php'); + include ("menu-reports-logs.php"); ?> +
+

+ + :: + + + +

- - - -
- -

- :: - -

- - -
+ +
- -
- - + +
- - diff --git a/rep-logs-system.php b/rep-logs-system.php index ef78e5b67..4671fbdc1 100644 --- a/rep-logs-system.php +++ b/rep-logs-system.php @@ -15,66 +15,62 @@ * ********************************************************************************************************* * - * Authors: Liran Tal + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); + include("library/checklogin.php"); $operator = $_SESSION['operator_user']; - include('library/check_operator_perm.php'); + include('library/check_operator_perm.php'); - isset($_GET['systemLineCount']) ? $systemLineCount = $_GET['systemLineCount'] : $systemLineCount = 50; - isset($_GET['systemFilter']) ? $systemFilter = $_GET['systemFilter'] : $systemFilter = "."; + // parameter validation + $systemLineCount = (array_key_exists('systemLineCount', $_GET) && isset($_GET['systemLineCount']) && + intval($_GET['systemLineCount']) > 0) + ? intval($_GET['systemLineCount']) : 50; - include_once('library/config_read.php'); + // preg quoted before usage + $systemFilter = (array_key_exists('systemFilter', $_GET) && isset($_GET['systemFilter'])) + ? $_GET['systemFilter'] : ""; + + include_once('library/config_read.php'); $log = "visited page: "; - $logQuery = "performed query on page: "; include('include/config/logging.php'); + include ("menu-reports-logs.php"); +?> +
+

+ + :: + + + +

+ + +
-
- -

- :: - -

- - -
- + include('library/exten-syslog_log.php'); + include_once('include/management/actionMessages.php'); +?> +
+ + - - - -
- - - + - - diff --git a/rep-logs.php b/rep-logs.php index 29aea7425..553eed42f 100644 --- a/rep-logs.php +++ b/rep-logs.php @@ -14,56 +14,48 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ********************************************************************************************************* -* - * Authors: Liran Tal + * + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); + include("library/checklogin.php"); $operator = $_SESSION['operator_user']; - include_once('library/config_read.php'); + include_once('library/config_read.php'); $log = "visited page: "; + include("menu-reports-logs.php"); ?> +
+

+ + + + +

- - -
- -

-

- - -
- - + +
-
- - + +
+ diff --git a/rep-stat-cron.php b/rep-stat-cron.php index c32d2add2..ee232868d 100644 --- a/rep-stat-cron.php +++ b/rep-stat-cron.php @@ -14,109 +14,101 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ********************************************************************************************************* -* - * Authors: Liran Tal + * + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); - //$operator = $_SESSION['operator_user'] - //include('library/check_operator_perm.php'); + include("library/checklogin.php"); + $operator = $_SESSION['operator_user']; + + include('library/check_operator_perm.php'); - include_once('library/config_read.php'); + include_once('library/config_read.php'); $log = "visited page: "; $logQuery = "performed query on page: "; include('include/config/logging.php'); $cronUser = get_current_user(); - isset($_GET['cmd']) ? $cmd = $_GET['cmd'] : $cmd = ""; - + // validating params + $cmd = (array_key_exists('cmd', $_GET) && isset($_GET['cmd']) && + in_array(strtolower($_GET['cmd']), array( "enable", "disable" ))) + ? strtolower($_GET['cmd']) : ""; + $dalo_crontab_file = dirname(__FILE__) . '/contrib/scripts/dalo-crontab'; + $exec = ""; switch ($cmd) { - - case "disable": - exec("`which crontab` -u $cronUser -r"); - break; - - case "enable": - exec("`which crontab` -u $cronUser $dalo_crontab_file"); - break; + case "disable": + $exec = sprintf("$(which crontab || command -v crontab) -u %s -r", escapeshellarg($cronUser)); + break; + + case "enable": + $exec = sprintf("$(which crontab || command -v crontab) -u %s %s", escapeshellarg($cronUser), $dalo_crontab_file); + break; } + if (!empty($exec)) { + exec($exec); + } -?> - - - - - - -
- -

CRON Status -

- - -
- - - - - -

CRON Entries

+?> +
+ +

+ CRON Status + + +

- Enable CRON -   - Disable CRON + +
-
-
+

CRON Entries

+ Enable CRON +   + Disable CRON - - Error no crontab is configured for this user or user does not exist -

+
+
#$i: " . $text . '
'; - } - - endif; + $failureMsg = ""; + + $exec = sprintf("$(which crontab || command -v crontab) -u %s -l", escapeshellarg($cronUser)); + exec($exec, $output, $retStatus); + + if ($retStatus !== 0) { + $failureMsg = 'Error no crontab is configured for this user or user does not exist

'; + } else { + $i = 1; + foreach($output as $text) { + printf('#%d: %s
', $i, htmlspecialchars($text, ENT_QUOTES, 'UTF-8')); + $i++; + } + } + + if (!empty($failureMsg)) { + include_once('include/management/actionMessages.php'); + } ?> -
- - + + - -
+ + + - diff --git a/rep-stat-raid.php b/rep-stat-raid.php index 09d1f3c07..076ef5a41 100644 --- a/rep-stat-raid.php +++ b/rep-stat-raid.php @@ -14,8 +14,9 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ********************************************************************************************************* -* - * Authors: Liran Tal + * + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ @@ -25,110 +26,84 @@ include('library/check_operator_perm.php'); - include_once('library/config_read.php'); + include_once('library/config_read.php'); $log = "visited page: "; $logQuery = "performed query on page: "; include('include/config/logging.php'); - -?> - - - - - - -
- -

RAID Status -

- - -
- - - -
- + +?> +
+

+ + RAID Status + +

+ + +
- Error accessing RAID device information: -

- -Error accessing RAID device information

'; + + if (!file_exists('/proc/mdstat')) { + $failureMsg = $error; + } else { + exec("cat /proc/mdstat | awk '/md/ {print $1}'", $mdstat, $retStatus); + + if ($retStatus !== 0) { + $failureMsg = $error; + } else { + if (count($mdstat) > 0) { + include_once("library/tabber/tab-layout.php"); + echo '
'; + foreach($mdstat as $mddevice) { + printf('
', htmlspecialchars($mddevice, ENT_QUOTES, 'UTF-8')); + + $dev = "/dev/$mddevice"; + $cmd = sprintf("sudo /sbin/mdadm --detail %s", escapeshellarg($dev)); + $output = ""; + exec($cmd, $output); + + echo ''; + foreach($output as $line) { + list($var, $val) = split(":", $line); + $var = htmlspecialchars($var, ENT_QUOTES, 'UTF-8'); + $val = htmlspecialchars($val, ENT_QUOTES, 'UTF-8'); + + printf('' . + '', $var, $val); + } + echo '
%s%s
' + . '
'; + + } + echo '
'; + + } else { + $failureMsg = $error; + } + } + } + + if (!empty($failureMsg)) { + include_once('include/management/actionMessages.php'); + } ?> - - Error accessing RAID device information: -

- - - -
- - - - - - - - - - - - - - - - -
- -
- - - - -
- - - - -
- - + + - -
+ + + - diff --git a/rep-stat-server.php b/rep-stat-server.php index 8d414d46a..3aa776084 100644 --- a/rep-stat-server.php +++ b/rep-stat-server.php @@ -14,59 +14,50 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ********************************************************************************************************* -* - * Authors: Liran Tal + * + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); + include("library/checklogin.php"); $operator = $_SESSION['operator_user']; - include('library/check_operator_perm.php'); - - + include('library/check_operator_perm.php'); - include_once('library/config_read.php'); + include_once('library/config_read.php'); $log = "visited page: "; - $logQuery = "performed query on page: "; include('include/config/logging.php'); -?> + include("menu-reports-status.php"); + +?> +
+

+ + + + +

+ +
+ - - -
- -

-

- - -
- - -
- - + +
+ diff --git a/rep-stat-services.php b/rep-stat-services.php index 8fd6806e7..f28886d87 100644 --- a/rep-stat-services.php +++ b/rep-stat-services.php @@ -14,61 +14,49 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ********************************************************************************************************* -* - * Authors: Liran Tal + * + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); + include("library/checklogin.php"); $operator = $_SESSION['operator_user']; - include('library/check_operator_perm.php'); - - + include('library/check_operator_perm.php'); - include_once('library/config_read.php'); + include_once('library/config_read.php'); $log = "visited page: "; - $logQuery = "performed query on page: "; include('include/config/logging.php'); + include("menu-reports-status.php"); + +?> +
+

+ + + + +

-?> - + +
- - -
- -

-

- - -
- - -
- - + +
+ diff --git a/rep-stat-ups.php b/rep-stat-ups.php index 0fd4d29f2..b7d61574a 100644 --- a/rep-stat-ups.php +++ b/rep-stat-ups.php @@ -14,92 +14,82 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ********************************************************************************************************* -* - * Authors: Liran Tal + * + * Authors: Liran Tal + * Filippo Lauria * ********************************************************************************************************* */ - include ("library/checklogin.php"); + include("library/checklogin.php"); $operator = $_SESSION['operator_user']; include('library/check_operator_perm.php'); - include_once('library/config_read.php'); + include_once('library/config_read.php'); $log = "visited page: "; $logQuery = "performed query on page: "; include('include/config/logging.php'); - + include("menu-reports-status.php"); + ?> +
+

+ + UPS Status + +

+ +
- - -
- -

UPS Status -

- - -
- - - + $failureMsg = ""; -Error accessing UPS device information

'; + } else { ?> - -

General Information

+

General Information

+ - Error accessing UPS device information: -

- - -
- - - + + + + - - - - - - - - -
- -
- - - -
+ + + + + -