cmaffio/pannello
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' into condes

Browse Source 
Recupero stato
This commit is contained in:
cmaffio
2016-05-18 09:52:14 +02:00
parent b161737537 dd90762a6f
commit 5b62bfa8e7
48 changed files with 780 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.htaccess
View File

@@ -1,3 +1,9 @@
RewriteEngine on RewriteEngine on
RewriteRule ^(.*/)?img/(.*) risorse/immagini/$2 [L] RewriteRule ^(.*/)?img/(.*) risorse/immagini/$2 [L]
RewriteRule ^(.*/)?css/(.*) risorse/stili/$2 [L] RewriteRule ^(.*/)?css/(.*) risorse/stili/$2 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /pannello_vbc/rewrite.php [L]

29
DBDiff/proxy.sql Normal file
View File

@@ -0,0 +1,29 @@
ALTER TABLE `proxy_utenti` ADD `guest` INT NOT NULL DEFAULT '0' AFTER `modifica`;
INSERT INTO `pannello_vbc`.`livelli` (`id`, `livello`, `nome`) VALUES (NULL, '1', 'Libero');
ALTER TABLE `moduli_page` ADD `livello` INT NOT NULL AFTER `pagina`;
CREATE TABLE `rewrite` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`from_url` varchar(512) NOT NULL,
`to_url` varchar(512) NOT NULL,
`attivo` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `from_url` (`from_url`(255))
) ENGINE=InnoDB DEFAULT CHARSET=utf8
INSERT INTO `rewrite` (`id`, `from_url`, `to_url`, `attivo`) VALUES
(1, 'pannello_vbc/proxy_auth.php', 'proxy/ext/main_proxy.php', 1),
(2, 'pannello_vbc/main_proxy.php', 'proxy/ext/main_proxy.php', 1),
(3, 'pannello_vbc/logout_proxy.php', 'proxy/ext/logout_proxy.php', 1),
(4, 'pannello_vbc/chkpasswd_proxy.php', 'proxy/ext/chkpasswd_proxy.php', 1);
ALTER TABLE `proxy_utenti` ADD `primo` DATETIME NULL AFTER `modifica`;
ALTER TABLE `proxy_utenti` ADD `ultimo` DATETIME NULL AFTER `ultimo`;
ALTER TABLE `proxy_utenti` ADD `tempo` DECIMAL(20,2) NOT NULL DEFAULT '0' AFTER `attivo`;
ALTER TABLE `proxy_utenti` CHANGE `ip` `ip` VARCHAR(15) CHARACTER SET utf8 COLLATE utf8_general_ci NULL;
REVOKE ALL PRIVILEGES ON `pannello_vbc`.`proxy_utenti` FROM 'pannello_proxy'@'%'; GRANT SELECT, UPDATE (`primo`, `ultimo`, `attivo`) ON `pannello_vbc`.`proxy_utenti` TO 'pannello_proxy'@'%';
INSERT INTO `pannello_vbc`.`moduli_page` (`id`, `id_moduli`, `nome`, `ordine`, `pagina`, `livello`, `attivo`) VALUES (NULL, '1', 'Lista Gruppi', '35', 'users_group_lista.php', '10', '1');
ALTER TABLE `moduli` ADD `ordine` INT NOT NULL AFTER `nome`;

0
calendar.css → OLD_REMOVE/calendar.css
View File

0
chk.php → OLD_REMOVE/chk.php
View File

0
footer_mini.php → OLD_REMOVE/footer_mini.php
View File

0
gestfw.php → OLD_REMOVE/gestfw.php
View File

0
modrule.php → OLD_REMOVE/modrule.php
View File

0
rule.php → OLD_REMOVE/rule.php
View File

0
top_mini.php → OLD_REMOVE/top_mini.php
View File

3
TODO
View File

@@ -1,7 +1,6 @@
# Moduli da implementare # Moduli da implementare
- Proxy - Accesso Desktop
- Firewall - Firewall
- DHCP - DHCP
- Routing - Routing

93
core/function.php
View File

@@ -49,7 +49,7 @@ function db_data_connect () {
function login () { function login () {
global $_SESSION, $_POST, $POP3_Server, $DB_ID, $CONF; global $_SESSION, $_POST, $POP3_Server, $DB_ID, $CONF;
session_name("FirewallSW"); session_name("SWP");
session_start(); session_start();
if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 >= time())) { if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 >= time())) {
if(!db_login ($_SESSION['username'], $_SESSION['passwd'])) { if(!db_login ($_SESSION['username'], $_SESSION['passwd'])) {
@@ -345,7 +345,8 @@ function array_moduli () {
moduli.id AS id, moduli.id AS id,
moduli.nome AS nome, moduli.nome AS nome,
moduli.directory AS directory, moduli.directory AS directory,
moduli.descrizione AS descrizione moduli.descrizione AS descrizione,
permessi.accesso AS accesso
FROM FROM
utenti utenti
JOIN JOIN
@@ -356,12 +357,14 @@ function array_moduli () {
utenti.utente = '".$_SESSION['username']."' utenti.utente = '".$_SESSION['username']."'
AND AND
moduli.attivo = 1 moduli.attivo = 1
ORDER BY
ordine
"; ";
$menu[] = array("Home", $CONF['base_url']."/core/main.php",0,"Home Page"); $menu[] = array("Home", $CONF['base_url']."/core/main.php",0,"Home Page",0);
if ($UTENTE['admin']) { if ($UTENTE['admin']) {
$menu[] = array("Configurazione", $CONF['base_url']."/core/conf.php",0,"Modifica configurazione"); $menu[] = array("Configurazione", $CONF['base_url']."/core/conf.php",0,"Modifica configurazione",0);
$query .= " UNION DISTINCT SELECT $query .= " UNION DISTINCT SELECT
moduli.id AS id, moduli.id AS id,
moduli.nome AS nome, moduli.nome AS nome,
@@ -379,7 +382,7 @@ function array_moduli () {
$res = mysql_query( $query, $DB_ID ); $res = mysql_query( $query, $DB_ID );
while ($dato = mysql_fetch_array ($res)) { while ($dato = mysql_fetch_array ($res)) {
$menu[] = array($dato['nome'], $CONF['base_url']."/".$dato['directory']."/index.php",$dato['id'], $dato['descrizione']); $menu[] = array($dato['nome'], $CONF['base_url']."/".$dato['directory']."/index.php",$dato['id'], $dato['descrizione'], $dato['accesso']);
} }
$menu[] = array("Cambio password", $CONF['base_url']."/core/chkpasswd.php",0,"Cambio Password"); $menu[] = array("Cambio password", $CONF['base_url']."/core/chkpasswd.php",0,"Cambio Password");
@@ -391,13 +394,10 @@ function home_moduli () {
global $UTENTE, $CONF; global $UTENTE, $CONF;
$menu = array_moduli(); $menu = array_moduli();
?>
<tr> html_spazi (array (5,30,0));
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="20%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td> for ($i=1; $i<count($menu);$i++) { ?>
<td class="sep" width="75%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</tr>
<?php for ($i=0; $i<count($menu);$i++) { ?>
<tr> <tr>
<td class="spazioh"><a href="<?php print $menu[$i][1]?>"><img src="<?php print $CONF['base_url'] ?>/img/go.png"></a></td> <td class="spazioh"><a href="<?php print $menu[$i][1]?>"><img src="<?php print $CONF['base_url'] ?>/img/go.png"></a></td>
<td class="campo"><?php print $menu[$i][0] ?></td> <td class="campo"><?php print $menu[$i][0] ?></td>
@@ -437,10 +437,12 @@ function lista_moduli () {
moduli_page moduli_page
JOIN JOIN
moduli moduli
ON ON
moduli.id = moduli_page.id_moduli moduli.id = moduli_page.id_moduli
WHERE WHERE
moduli_page.attivo = 1 moduli_page.attivo = 1
AND
moduli_page.livello <= ".$menu[$i][4]."
AND AND
moduli_page.id_moduli = ".$menu[$i][2]." moduli_page.id_moduli = ".$menu[$i][2]."
ORDER BY ORDER BY
@@ -465,6 +467,18 @@ function lista_moduli () {
function diritti ($minimo) { function diritti ($minimo) {
global $UTENTE, $DB_ID, $CONF; global $UTENTE, $DB_ID, $CONF;
$query = " SELECT
livello
FROM
livelli
WHERE
nome = '$minimo'
";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ($res);
$minimo = $dato['livello'];
preg_match ('/^'.preg_replace('/\//','\/',$CONF['base_url']).'\/([^\/]+)\/.*/', $_SERVER['REQUEST_URI'], $trovato); preg_match ('/^'.preg_replace('/\//','\/',$CONF['base_url']).'\/([^\/]+)\/.*/', $_SERVER['REQUEST_URI'], $trovato);
$modulo = $trovato[1]; $modulo = $trovato[1];
@@ -473,17 +487,25 @@ function diritti ($minimo) {
FROM FROM
moduli moduli
JOIN JOIN
permessi ON moduli.id = permessi.id_moduli AND permessi.id_utenti = ".$UTENTE['id']." permessi
ON
moduli.id = permessi.id_moduli
AND
permessi.id_utenti = ".$UTENTE['id']."
WHERE WHERE
moduli.directory = '$modulo' moduli.directory = '$modulo'
AND AND
moduli.attivo = 1 moduli.attivo = 1
UNION DISTINCT SELECT UNION DISTINCT SELECT
moduli.superadmin moduli.superadmin
FROM FROM
moduli moduli
JOIN JOIN
utenti ON utenti.id = ".$UTENTE['id']." AND utenti.admin = 1 utenti
ON
utenti.id = ".$UTENTE['id']."
AND
utenti.admin = 1
WHERE WHERE
moduli.directory = '$modulo' moduli.directory = '$modulo'
"; ";
@@ -572,4 +594,41 @@ function generateStrongPassword($length = 9, $add_dashes = false, $available_set
return $dash_str; return $dash_str;
} }
function html_spazi ($dati) {
global $CONF;
print "<tr>";
$somma = 0;
foreach ($dati as $riga) {
if (!$riga) {
$riga = 100 - $somma;
} else {
$somma += $riga;
}
?>
<td class="sep" width="<?php print $riga ?>%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<?php }
print "</tr>";
}
function html_intestazione ($dati, $tipo = array ()) {
global $CONF;
print "<tr>";
foreach ($dati as $key => $riga) {
if ($riga == "") {
$riga = "&nbsp;";
}
if (isset ($tipo[$key]) && $tipo[$key] != "") {
$classe = $tipo[$key];
} else {
$classe = "descrizione";
}
?>
<td class="<?php print $classe ?>"><?php print $riga ?></td>
<?php }
print "</tr>";
}
?> ?>

2
core/logout.php
View File

@@ -2,7 +2,7 @@
include_once ("config.php"); include_once ("config.php");
login(); login();
logga ("Uscita"); logga ("Uscita");
session_name("AllegatiSW"); session_name("SWP");
session_start(); session_start();
$_SESSION['auth'] = 0; $_SESSION['auth'] = 0;
session_destroy(); session_destroy();

2
firewall/index.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(); $DIRITTI = diritti('Libero');

2
proxy/acl_edit.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
if (isset($_POST['rif']) && $_POST['rif'] != "") { if (isset($_POST['rif']) && $_POST['rif'] != "") {

14
proxy/acl_lista.php
View File

@@ -1,23 +1,13 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
?> ?>
<form name="" method="post"> <form name="" method="post">
<table cellpadding="0" cellspacing="0" border="0" width="90%"> <table cellpadding="0" cellspacing="0" border="0" width="90%">
<tr> <?php html_spazi (array(5,5,5,30,5,10,5,10,0)); ?>
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="30%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="10%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="10%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="30%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</tr>
<tr> <tr>
<td ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td> <td ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td width="5%"><a href="acl_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td> <td width="5%"><a href="acl_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td>

146
proxy/ext/chkpasswd_proxy.php Normal file
View File

@@ -0,0 +1,146 @@
<?php
include_once ("core/config.php");
include_once ("proxy/ext/function_proxy.php");
$UTENTE = login_proxy();
view_top_proxy();
if (isset ($_POST['id'])) {
$modifica = 2;
$id = $_POST['id'];
$utente = $_POST['utente'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
if (($password1 != "ahg5t!frtb5@u&^!") && ($password1 == $password2)) {
$querypwd = "pass = PASSWORD('$password1'),";
} else {
$querypwd = "";
}
$testo = "L'utente e' stato correttamente modificato";
$query = "UPDATE proxy_utenti SET $querypwd modifica = NOW() WHERE `id`=$id";
?>
<table cellpadding="0" cellspacing="0" border="0" width="90%">
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""><td>
</tr>
<tr>
<td>
<?php if (mysql_query( $query, $DB_ID )) { ?>
<?php print $testo ?><br>
<?php } else { ?>
Non e' stato possibile eseguire l'operazione richiesta a causa di un errore: <?php print mysql_error() ?><br>
<?php print $query ?><br>
<?php } ?>
</td>
</tr>
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td>
</tr>
<tr>
<td><input type="button" value="Ok" onclick="location.href = 'main_proxy.php';"></button></td>
</tr>
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""></td>
</tr>
</table>
<?php
} else {
$bottone = "Modifica";
$modifica = 1;
$query = "SELECT * FROM proxy_utenti WHERE user = '".$UTENTE['user']."'";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ( $res );
$dato['password'] = "ahg5t!frtb5@u&^!";
}
?>
<?php if (($modifica == 0 || $modifica == 1) && !isset($_GET['rm'])) { ?>
<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.js"></script>
<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.js"></script>
<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.password.js"></script>
<link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.password.css" />
<script type="text/javascript">
$(document).ready(function()
{
$("#modulo").validate( {
rules: {
password1: {
password: "#utente",
minlength: 0
},
password2: {
equalTo: "#password1"
}
},
messages: {
password2: {
equalTo: "Le due password devono essere uguali"
}
},
errorPlacement: function(error, element) {
error.prependTo( element.parent().next() );
},
success: function(label) {
label.html("&nbsp;").addClass("checked");
}
});
});
</script>
<form action="chkpasswd_proxy.php" method="post" id="modulo">
<table cellpadding="0" cellspacing="0" border="0" width="90%">
<input type="hidden" name="id" value="<?php print $dato['id'] ?>">
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="30" height="1" alt=""></td>
<td>Nome Utente</td>
<td><?php print $dato['user']?></td>
<td class="status" colspan="6"></td>
</tr>
<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td></tr>
<tr>
<td class="col1" colspan="9">
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="40" height="50" alt=""></td>
<td class="label"><label id="lpassword" for="password">Password</label></td>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="10" height="1" alt=""></td>
<td class="field" width="30"><input id="password1" name="password1" type="password" size="30" maxlength="32" value="<?php print $dato['password'] ?>" /></td>
<td class="status" width="400">
<div class="password-meter">
<div class="password-meter-message">&nbsp;</div>
<div class="password-meter-bg">
<div class="password-meter-bar"></div>
</div>
</div>
</td>
</tr>
<tr>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="40" height="50" alt=""></td>
<td class="label"><label id="lpassword_confirm" for="password_confirm">Password</label></td>
<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="10" height="1" alt=""></td>
<td class="field" width="30"><input id="password2" name="password2" type="password" size="30" maxlength="32" value="<?php print $dato['password'] ?>" /></td>
<td class="status" width="400"></td>
</tr>
<tr><td colspan="9" class="spaziov"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" alt=""></td></tr>
</table>
</td>
</tr>
<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td></tr>
<tr><td align="center" colspan="9">
<input type="submit" value="<?php print $bottone ?>">
&nbsp;&nbsp;&nbsp;
<input type="button" value="Annulla" onclick="location.href = 'main_proxy.php';"></button>
</td></tr>
<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""></td></tr>
</table>
</form>
<?php } ?>
<?php view_footer_proxy(); ?>

17
proxy/ext/footer_proxy.php Normal file
View File

@@ -0,0 +1,17 @@
</td></tr>
<tr><td>
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr bgcolor="#34c6ea">
<td nowrap class="lbottom">&nbsp;<?php print $CONF['Versione'] ?></td>
<td width="500">&nbsp;</td>
<?php if ($UTENTE['admin']) { ?>
<td class="rtop"><a class="rtop" href="main_proxy.php">Admin&nbsp;</a></td>
<?php } else {?>
<td>&nbsp;</td>
<?php } ?>
</tr>
</table>
</td></tr>
</table>
</body>
</html>

143
proxy/ext/function_proxy.php Normal file
View File

@@ -0,0 +1,143 @@
<?php
function view_top_proxy () {
global $CONF, $UTENTE;
include_once ("top_proxy.php");
}
function view_footer_proxy () {
global $CONF, $UTENTE;
include_once ("footer_proxy.php");
}
function db_login_proxy($user,$pass) {
global $DB_ID;
$query = "SELECT id FROM proxy_utenti WHERE user = '$user' AND pass = PASSWORD('$pass') AND attivo = 1";
$res = mysql_query( $query, $DB_ID );
$dato = mysql_fetch_array ( $res );
$ritorno = $dato['id'];
return $ritorno;
}
function login_proxy () {
global $_SESSION, $_POST, $DB_ID, $CONF;
session_name("authmail");
session_start();
if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 >= time())) {
if(!db_login_proxy ($_SESSION['username'], $_SESSION['passwd'])) {
$tMessage = '<span class="error_msg">Dati di autenticazione errati</span>';
$tUsername = $_SESSION['username'];
$_SESSION['auth'] = 0;
session_destroy();
include ("userlogin.php");
exit;
} else {
logga ($_SERVER['REQUEST_URI']);
$_SESSION['time'] = time();
return carica_utente_proxy ();
}
} else {
if ($_POST['fUsername']) {
$fUsername = $_POST['fUsername'];
$fPassword = $_POST['fPassword'];
if(db_login_proxy ($fUsername, $fPassword)) {
$_SESSION = array();
$_SESSION['passwd'] = $fPassword;
$_SESSION['username'] = $fUsername;
$_SESSION['auth'] = 1;
$_SESSION['time'] = time();
session_regenerate_id(TRUE);
return carica_utente_proxy ();
} else {
$tMessage = 'Errore';
$tUsername = $fUsername;
include ("userlogin.php");
exit;
}
} else {
if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 < time())) {
$tMessage = '<span class="error_msg">Sessione scaduta</span>';
$tUsername = $_SESSION['username'];
logga ("Sessione scaduta");
include ("userlogin.php");
exit;
} else {
include ("userlogin.php");
exit;
}
}
}
}
function carica_utente_proxy () {
global $_SESSION, $CONF, $DB_ID;
$query = "SELECT * FROM proxy_utenti where user = '".$_SESSION['username']."'";
$res = mysql_query( $query, $DB_ID );
$dati = mysql_fetch_array ( $res );
return $dati;
}
function lista_moduli_proxy () {
global $UTENTE, $DB_ID, $CONF;
$menu[] = array("Home", "main_proxy.php",0,"Home Page",0);
$menu[] = array("Cambio password", "chkpasswd_proxy.php",0,"Cambio Password");
$pezzi = preg_split('/\//', $_SERVER["PHP_SELF"], -2);
$self = $pezzi[count($pezzi)-1];
?>
<ul id="nav">
<?php for ($i=0; $i<count($menu);$i++) {
if ($self == $menu[$i][1]) {
$classe = "sel";
} else {
$classe = "nosel";
}
?>
<li>
<a class="<?php print $classe ?>" href="<?php print $menu[$i][1]?>"><?php print $menu[$i][0]?></a>
<?php
if ($menu[$i][2] != 0) {
$query = " SELECT
moduli_page.nome AS nome,
moduli_page.pagina AS pagina,
moduli.directory AS directory
FROM
moduli_page
JOIN
moduli
ON
moduli.id = moduli_page.id_moduli
WHERE
moduli_page.attivo = 1
AND
moduli_page.livello <= ".$menu[$i][4]."
AND
moduli_page.id_moduli = ".$menu[$i][2]."
ORDER BY
moduli_page.ordine
";
$res_page = mysql_query( $query, $DB_ID ); ?>
<ul>
<?php while ($page = mysql_fetch_array ($res_page)) { ?>
<li><a href="<?php print $CONF['base_url']."/".$page['directory']."/".$page['pagina'] ?>"><?php print $page['nome'] ?></a></li>
<?php } ?>
</ul>
<?php } ?>
</li>
<?php } ?>
</ul>
<?php
}
?>

10
proxy/ext/logout_proxy.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
include_once ("core/config.php");
include_once ("proxy/ext/function_proxy.php");
login_proxy();
session_name("authmail");
session_start();
$_SESSION['auth'] = 0;
session_destroy();
header('Location: main_proxy.php');
?>

15
proxy/ext/main_proxy.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
include_once ("core/config.php");
include_once ("proxy/ext/function_proxy.php");
$UTENTE = login_proxy();
view_top_proxy();
?>
<META HTTP-EQUIV="Refresh" CONTENT="30" URL="main_proxy.php">
<table cellpadding="0" cellspacing="0" border="0" width="90%">
<tr><td class="spaziov" colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
</table>
<img src="img/spazio.gif" width="1" height="20" alt="">
<?php view_footer_proxy(); ?>

30
proxy/ext/top_proxy.php Normal file
View File

@@ -0,0 +1,30 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Autenticazione Proxy</title>
</head>
<body>
<link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/css/stile.css" />
<table cellpadding="0" cellspacing="0" border="0" align="center" width="1000">
<?php
if ($UTENTE['user'] != '') { ?>
<tr><td>
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr bgcolor="#34c6ea">
<td nowrap class="ltop">Utente: <?php print $_SESSION['username'] ?></td>
<td width="200">&nbsp;</td>
<td class="rtop"><a class="rtop" href="logout_proxy.php">Logout</a></td>
</tr>
</table>
</td></tr>
<tr><td class="spaziov" colspan=2><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
<tr><td align="center">
<?php
lista_moduli_proxy();
} else {?>
<tr bgcolor="#34c6ea"><td>&nbsp;</td></tr>
<?php } ?>
</td></tr>
<tr><td class="spaziov" colspan=2><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
<tr><td align="center">

23
proxy/ext/userlogin.php Normal file
View File

@@ -0,0 +1,23 @@
<?php view_top_proxy(); ?>
<form name="login" method="post">
<table cellpadding="0" cellspacing="10" border="0" id="login_table">
<tr align="center" valign="middle">
<td colspan="2"><h4><?php print "Benvenuto" ?></h4></td>
</tr>
<tr>
<td><?php print "Utente:"; ?></td>
<td><input type="text" name="fUsername" value="<?php print $tUsername; ?>" /></td>
</tr>
<tr>
<td><?php print "Password:"; ?></td>
<td><input type="password" name="fPassword" /></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="<?php print "Accedi"; ?>" /></td>
</tr>
<tr>
<td colspan="2" align="center"<?php print $tMessage; ?></td>
</tr>
</table>
</form>
<?php view_footer_proxy(); ?>

2
proxy/index.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Utente');
view_top(); view_top();
?> ?>

28
proxy/net_acl.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
if (isset($_POST['id'])) { if (isset($_POST['id'])) {
@@ -79,29 +79,9 @@ function do_submit() {
<form name="acl" method="post"> <form name="acl" method="post">
<table cellpadding="0" cellspacing="0" border="0" width="90%"> <table cellpadding="0" cellspacing="0" border="0" width="90%">
<input type="hidden" name="id" value="<?php print $id ?>"> <input type="hidden" name="id" value="<?php print $id ?>">
<tr> <?php
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td> html_spazi (array(5,20,5,6,6,6,5,20,0));
<td class="sep" width="20%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td> html_intestazione (array ("","Rete","","Nega","Default","Autorizza","","Nome Lista",""), array("","","","radio","radio","radio","","",""));
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="6%" ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="6%" ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="6%" ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="5%" ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="20%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="27%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</tr>
<tr>
<td class="spaziol"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="descrizione">Rete</td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="radio">Nega</td>
<td class="radio">Default</td>
<td class="radio">Autorizza</td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="descrizione">Nome Lista</td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</tr>
<?php
$res = mysql_query( $query, $DB_ID ); $res = mysql_query( $query, $DB_ID );
$conta = 0; $conta = 0;
while ($dato = mysql_fetch_array ( $res )) { while ($dato = mysql_fetch_array ( $res )) {

2
proxy/net_edit.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
if (isset($_POST['id'])) { if (isset($_POST['id'])) {

16
proxy/net_lista.php
View File

@@ -1,24 +1,12 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(10); $DIRITTI = diritti('Admin');
view_top(); view_top();
?> ?>
<form name="" method="post"> <form name="" method="post">
<table cellpadding="0" cellspacing="0" border="0" width="90%"> <table cellpadding="0" cellspacing="0" border="0" width="90%">
<tr> <?php html_spazi (array(5,5,2,5,2,9,2,9,2,15,0)); ?>
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="2%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="2%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="9%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="2%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="9%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="2%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="15%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="sep" width="44%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</tr>
<tr> <tr>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td> <td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="spazioh"><a href="net_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td> <td class="spazioh"><a href="net_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td>

2
proxy/pool_acl.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
if (isset($_POST['id'])) { if (isset($_POST['id'])) {

2
proxy/pool_ip.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
?> ?>
<form name="" method="post"> <form name="" method="post">

2
proxy/pool_lista.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(10); $DIRITTI = diritti('Admin');
view_top(); view_top();
if (isset($_POST['tempo'])) { if (isset($_POST['tempo'])) {

61
proxy/proxy_gest.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
?> ?>
<html> <html>
<head> <head>
@@ -19,78 +19,95 @@ if (isset($_GET['id'])) {
$id = $_GET['id']; $id = $_GET['id'];
if (isset($_GET['azione'])) { if (isset($_GET['azione'])) {
$azione = $_GET['azione']; $azione = $_GET['azione'];
$genera = 0;
switch ($azione) { switch ($azione) {
case "net_up": case "net_up":
$query = "UPDATE proxy_net SET attivo = 1 WHERE id = $id"; $query = "UPDATE proxy_net SET attivo = 1 WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate l'abilitazione della rete?";
break; break;
case "net_down": case "net_down":
$query = "UPDATE proxy_net SET attivo = 0 WHERE id = $id"; $query = "UPDATE proxy_net SET attivo = 0 WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate la disabilitazione della rete?";
break; break;
case "net_rm": case "net_rm":
$query = "DELETE FROM proxy_net WHERE id = $id"; $query = "DELETE FROM proxy_net WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate la rimozione della rete?";
break; break;
case "acl_up": case "acl_up":
$query = "UPDATE proxy_acl_list SET attivo = 1, data = NOW() WHERE id = $id"; $query = "UPDATE proxy_acl_list SET attivo = 1, data = NOW() WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate l'abilitazione della ACL?";
break; break;
case "acl_down": case "acl_down":
$query = "UPDATE proxy_acl_list SET attivo = 0, data = NOW() WHERE id = $id"; $query = "UPDATE proxy_acl_list SET attivo = 0, data = NOW() WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate la disabilitazione della ACL?";
break; break;
case "link_up": case "link_up":
$query = "UPDATE proxy_acl SET attivo = 1, data = NOW() WHERE id = $id"; $query = "UPDATE proxy_acl SET attivo = 1, data = NOW() WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate l'abilitazione dell'URL?";
break; break;
case "link_down": case "link_down":
$query = "UPDATE proxy_acl SET attivo = 0, data = NOW() WHERE id = $id"; $query = "UPDATE proxy_acl SET attivo = 0, data = NOW() WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate la disabilitazione dell'URL?";
break; break;
case "link_rm": case "link_rm":
$query = "DELETE FROM proxy_acl WHERE id = $id"; $query = "DELETE FROM proxy_acl WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate la cancellazione dell'URL?";
break; break;
case "pool_ins": case "pool_ins":
$query = "INSERT INTO proxy_pool (ip, pool, attivo, ins) VALUES ('$id', 1, 1, NOW()) ON DUPLICATE KEY UPDATE attivo = 1"; $query = "INSERT INTO proxy_pool (ip, pool, attivo, ins) VALUES ('$id', 1, 1, NOW()) ON DUPLICATE KEY UPDATE attivo = 1";
mysql_query( $query, $DB_ID ); $testo = "Confermate l'inserimento dell'indirizzo IP nel pool di limitazione?";
genera($DB_ID); $genera = 1;
break; break;
case "pool_rem": case "pool_rem":
$query = "INSERT INTO proxy_pool (ip, pool, attivo, ins) VALUES ('$id', 1, 0, NOW()) ON DUPLICATE KEY UPDATE attivo = 0"; $query = "INSERT INTO proxy_pool (ip, pool, attivo, ins) VALUES ('$id', 1, 0, NOW()) ON DUPLICATE KEY UPDATE attivo = 0";
mysql_query( $query, $DB_ID ); $testo = "Confermate la rimozione dell'indirizzo IP dal pool di limitazione?";
genera($DB_ID); $genera = 1;
break; break;
case "user_up": case "user_up":
$query = "UPDATE proxy_utenti SET attivo = 1 WHERE id = $id"; $query = "UPDATE proxy_utenti SET attivo = 1 WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate l'abilitazione dell'utente?";
$testo = "Utente Abilitato";
break; break;
case "user_down": case "user_down":
$query = "UPDATE proxy_utenti SET attivo = 0 WHERE id = $id"; $query = "UPDATE proxy_utenti SET attivo = 0 WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate la disabilitazione dell'utente?";
$testo = "Utente Disabilitato";
break; break;
case "user_rm": case "user_rm":
$query = "DELETE FROM proxy_utenti WHERE id = $id"; $query = "DELETE FROM proxy_utenti WHERE id = $id";
mysql_query( $query, $DB_ID ); $testo = "Confermate la cancellazione dell'utente?";
$testo = "Utente Eliminato";
break; break;
default: default:
$testo = "Regola non implementata"; $testo = "Regola non implementata";
break; break;
} }
if (isset($_GET['ref'])) {
$ref = pack ('H*', $_GET['ref']);
mysql_query( $query, $DB_ID );
if ($genera) genera($DB_ID);
?>
<script type="text/javascript">
document.location.href="<?php print $ref ?>"
</script>
<?php } else {
$ref = unpack ('H*', $_SERVER["HTTP_REFERER"]);
?>
<script type="text/javascript">
var r = confirm("<?php print $testo ?>");
if (r == true) {
document.location.href="<?php print $_SERVER['REQUEST_URI']?>&ref=<?php print $ref[1] ?>"
} else {
document.location.href="<?php print $_SERVER['HTTP_REFERER']?>"
}
</script>
<?php }
} }
} }
?> ?>
<script type="text/javascript">
document.location.href='<?php print $_SERVER['HTTP_REFERER']?>'
</script>
<?php <?php
function genera ($DB_ID) { function genera ($DB_ID) {

12
proxy/squid_acl/squid_acl.pl
View File

@@ -9,7 +9,7 @@ require "$Bin/../script/conntrack.conf";
local $SIG{ALRM} = sub { local $SIG{ALRM} = sub {
my $time = localtime; # scalar context my $time = localtime; # scalar context
print LOG "$$ - $time - Exit\n"; # print LOG "$$ - $time - Exit\n";
exit 1; exit 1;
}; };
@@ -21,8 +21,8 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
$sts = $dbmysql->prepare("use $DBname"); $sts = $dbmysql->prepare("use $DBname");
$sts->execute (); $sts->execute ();
open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log"; #open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
LOG->autoflush(1); #LOG->autoflush(1);
while($limit) { while($limit) {
alarm $timeout; alarm $timeout;
@@ -35,15 +35,15 @@ while($limit) {
my $ritorno = cerca ($param[1],$param[2], -1); my $ritorno = cerca ($param[1],$param[2], -1);
$limit--; $limit--;
if ($ritorno) { if ($ritorno) {
print LOG "$param[0] - $param[1] - $param[2] - ERR\n"; # print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
print "DENY\n"; print "DENY\n";
} else { } else {
$ritorno = cerca ($param[1],$param[2], 1); $ritorno = cerca ($param[1],$param[2], 1);
if ($ritorno) { if ($ritorno) {
print LOG "$param[0] - $param[1] - $param[2] - OK\n"; # print LOG "$param[0] - $param[1] - $param[2] - OK\n";
print "OK\n"; print "OK\n";
} else { } else {
print LOG "$param[0] - $param[1] - $param[2] - ERR\n"; # print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
# print "DENY\n"; # print "DENY\n";
print "\n"; print "\n";
} }

12
proxy/squid_acl/squid_acl_net.pl
View File

@@ -9,7 +9,7 @@ require "$Bin/../script/conntrack.conf";
local $SIG{ALRM} = sub { local $SIG{ALRM} = sub {
my $time = localtime; # scalar context my $time = localtime; # scalar context
print LOG "$$ - $time - Exit\n"; # print LOG "$$ - $time - Exit\n";
exit 1; exit 1;
}; };
@@ -21,8 +21,8 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
$sts = $dbmysql->prepare("use $DBname"); $sts = $dbmysql->prepare("use $DBname");
$sts->execute (); $sts->execute ();
open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log"; #open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
LOG->autoflush(1); #LOG->autoflush(1);
while($limit) { while($limit) {
alarm $timeout; alarm $timeout;
@@ -35,15 +35,15 @@ while($limit) {
my $ritorno = cerca ($param[1],$param[2], -1); my $ritorno = cerca ($param[1],$param[2], -1);
$limit--; $limit--;
if ($ritorno) { if ($ritorno) {
print LOG "$param[0] - $param[1] - $param[2] - ERR\n"; # print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
print "DENY\n"; print "DENY\n";
} else { } else {
$ritorno = cerca ($param[1],$param[2], 1); $ritorno = cerca ($param[1],$param[2], 1);
if ($ritorno) { if ($ritorno) {
print LOG "$param[0] - $param[1] - $param[2] - OK\n"; # print LOG "$param[0] - $param[1] - $param[2] - OK\n";
print "OK\n"; print "OK\n";
} else { } else {
print LOG "$param[0] - $param[1] - $param[2] - ERR\n"; # print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
print "\n"; print "\n";
} }
} }

26
proxy/squid_acl/squid_auth.pl
View File

@@ -8,7 +8,7 @@ require "$Bin/../script/conntrack.conf";
local $SIG{ALRM} = sub { local $SIG{ALRM} = sub {
my $time = localtime; # scalar context my $time = localtime; # scalar context
print LOG "$$ - $time - Exit\n"; # print LOG "$$ - $time - Exit\n";
exit 1; exit 1;
}; };
@@ -20,8 +20,8 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
$sts = $dbmysql->prepare("use $DBname"); $sts = $dbmysql->prepare("use $DBname");
$sts->execute (); $sts->execute ();
open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log"; #open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
LOG->autoflush(1); #LOG->autoflush(1);
alarm $timeout; alarm $timeout;
while($limit) { while($limit) {
@@ -29,11 +29,10 @@ while($limit) {
my $input = <>; my $input = <>;
chop $input; chop $input;
# my ($acl, $ip) = split / /, $input;
my @param = split / /, $input; my @param = split / /, $input;
if ($param[0] ne "") { if ($param[0] ne "") {
$query = "SELECT id FROM proxy_utenti WHERE user = '".$param[0]."' AND pass = PASSWORD('".$param[1]."') AND attivo = 1"; $query = "SELECT id, primo, (tempo*3600)-time_to_sec(timediff(ultimo, primo)) AS rimasto, tempo FROM proxy_utenti WHERE user = '".$param[0]."' AND pass = PASSWORD('".$param[1]."') AND attivo = 1";
$limit--; $limit--;
alarm $timeout; alarm $timeout;
} else { } else {
@@ -47,7 +46,22 @@ while($limit) {
if ($ref = $sts->fetchrow_hashref ) { if ($ref = $sts->fetchrow_hashref ) {
my $id = $$ref{'id'}; my $id = $$ref{'id'};
my $query = "UPDATE proxy_utenti SET data = NOW() WHERE id = $id"; my $primo = $$ref{'primo'};
my $rimasto = $$ref{'rimasto'};
my $tempo = $$ref{'tempo'};
my $agg = "";
my $query = "";
if (($tempo > 0) && ($rimasto < 0)){
$agg = "attivo = 0,";
}
if (!$primo) {
$query = "UPDATE proxy_utenti SET $agg primo = NOW(), ultimo = NOW() WHERE id = $id";
} else {
$query = "UPDATE proxy_utenti SET $agg ultimo = NOW() WHERE id = $id";
}
# print LOG "$rimasto -- $query\n";
$sts = $dbmysql->prepare($query); $sts = $dbmysql->prepare($query);
$sts->execute (); $sts->execute ();
print "OK\n"; print "OK\n";

2
proxy/users_edit.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
if (isset($_POST['id'])) { if (isset($_POST['id'])) {

84
proxy/users_group_edit.php Executable file
View File

@@ -0,0 +1,84 @@
<?php
include_once ("../core/config.php");
$UTENTE = login();
$DIRITTI = diritti('Admin');
view_top();
if (isset($_POST['id'])) {
$prefisso = $_POST['prefisso'];
$da = $_POST['da'];
$a = $_POST['a'];
$a = $_POST['a'];
$lung = $_POST['lung'];
$lpwd = $_POST['lpwd'];
$tempo = $_POST['tempo'];
$lunghezza = $lung - strlen ($prefisso);
$parametro = "0".$lunghezza."d";
for ($i=$da;$i<=$a;$i++) {
$utgruppo = sprintf ("%s%$parametro",$prefisso,$i);
$pwgruppo = generateStrongPassword($length = $lpwd, $add_dashes = false, $available_sets = 'lud');
$query = " INSERT INTO
proxy_utenti
SET
user = '$utgruppo',
pass = PASSWORD('$pwgruppo'),
fullname = 'Utente Guest',
data = NOW(),
modifica = NOW(),
guest = 1,
attivo = 1,
tempo = $tempo
";
$res = mysql_query( $query, $DB_ID );
}
?>
<script type="text/javascript">
document.location.href="users_group_lista.php"
</script>
<?php
}
?>
<form name="" method="post">
<input type="hidden" name="id" value="0">
<table cellpadding="0" cellspacing="0" border="0" width="90%">
<?php
html_spazi (array(2,10,2,16,2,10,0));
html_intestazione (array ("","Prefisso","","Intervallo","","Lunghezza",""), array("","","","radio","","",""));
?>
<tr>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><input type="text" size="16" name="prefisso"></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="radio">
<input type="text" size="2" name="da">
&nbsp;-&nbsp;
<input type="text" size="2" name="a">
</td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><input type="text" size="3" name="lung"></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</td>
</tr>
<tr><td class="spaziov" colspan=7><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
<?php html_intestazione (array ("","Lunghezza Password","","Tempo assegnato (h)","","","")); ?>
<tr>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><input type="text" size="3" name="lpwd"></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><input type="text" size="3" name="tempo" value=24></td>
<td colspan=3 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</tr>
<tr><td class="spaziov" colspan=7><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
<tr>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="spaziov" colspan=6><input type="submit" value="Conferma"></td>
</tr>
</table>
</form>
<img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="20" alt="">
<?php view_footer(); ?>

66
proxy/users_group_lista.php Executable file
View File

@@ -0,0 +1,66 @@
<?php
include_once ("../core/config.php");
$UTENTE = login();
$DIRITTI = diritti('Admin');
view_top();
?>
<table cellpadding="0" cellspacing="0" border="0" width="90%">
<?php html_spazi (array (5,5,5,2,10,2,13,2,10,2,10,0)); ?>
<tr>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="spazioh"><a href="users_group_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td>
<td colspan=10 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</tr>
<?php
$query = " SELECT
id,
user,
fullname,
attivo,
DATE_FORMAT(primo, '%d.%m.%Y %H:%i:%s') AS primo,
DATE_FORMAT(ultimo, '%d.%m.%Y %H:%i:%s') AS ultimo
FROM
proxy_utenti
WHERE
guest = 1
ORDER BY
user
";
$res = mysql_query( $query, $DB_ID );
html_intestazione (array ("","","","","Utente","","Nome Completo","","Primo Accesso","","Ultimo Accesso",""));
while ($dato = mysql_fetch_array ( $res )) {
?>
<tr>
<?php
if ($dato['attivo']) {
?>
<td class="spazioh"><a href="proxy_gest.php?azione=user_down&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/attivo.gif" ALT="Utente Attivo" TITLE="Utente Attivo"></a></td>
<?php } else { ?>
<td class="spazioh"><a href="proxy_gest.php?azione=user_up&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/non_attivo.gif" ALT="Utente non Attivo" TITLE="Utente non Attivo"></a></td>
<?php } ?>
<td class="spazioh"><a href="proxy_gest.php?azione=user_rm&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/trash.png"></a></td>
<td class="spazioh"><a href="users_edit.php?id=<?php print $dato['id'] ?>"><img src="<?php print $CONF['base_url'] ?>/img/modify.gif" ALT="Dettaglio" TITLE="Dettaglio"></a></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><?php print $dato['user'] ?></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><?php print $dato['fullname'] ?></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><?php print $dato['primo'] ?></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><?php print $dato['ultimo'] ?></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</td>
</tr>
<tr><td class="spaziov" colspan=12><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
<?php
} ?>
</table>
<img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="20" alt="">
<?php view_footer(); ?>

17
proxy/users_lista.php
View File

@@ -1,15 +1,15 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
?> ?>
<table cellpadding="0" cellspacing="0" border="0" width="90%"> <table cellpadding="0" cellspacing="0" border="0" width="90%">
<?php html_spazi (array (5,5,5,2,10,2,13,2,10,2,10,0)); ?>
<tr> <tr>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td> <td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="spazioh"><a href="users_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td> <td class="spazioh"><a href="users_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td>
<td colspan=9 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td> <td colspan=10 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</tr> </tr>
<?php <?php
$query = " SELECT $query = " SELECT
@@ -17,19 +17,20 @@ $query = " SELECT
user, user,
fullname, fullname,
attivo, attivo,
DATE_FORMAT(data, '%d.%m.%Y %H:%i:%s') AS data, DATE_FORMAT(ultimo, '%d.%m.%Y %H:%i:%s') AS data,
ip ip
FROM FROM
proxy_utenti proxy_utenti
WHERE
guest = 0
ORDER BY ORDER BY
user user
"; ";
$res = mysql_query( $query, $DB_ID ); $res = mysql_query( $query, $DB_ID );
html_intestazione (array ("","","","","Utente","","Nome Completo","","Ultimo Accesso","","IP Associato",""));
while ($dato = mysql_fetch_array ( $res )) { while ($dato = mysql_fetch_array ( $res )) {
?> ?>
<tr> <tr>
<?php <?php
if ($dato['attivo']) { if ($dato['attivo']) {
@@ -53,10 +54,10 @@ while ($dato = mysql_fetch_array ( $res )) {
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td> <td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
<td class="colip"><?php print $dato['ip'] ?></td> <td class="colip"><?php print $dato['ip'] ?></td>
<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
</td> </td>
</tr> </tr>
<tr><td class="spaziov" colspan=11><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr> <tr><td class="spaziov" colspan=12><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
<?php <?php
} ?> } ?>

2
proxy/users_pwd.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
?> ?>
<script type="text/javascript"> <script type="text/javascript">
<!-- <!--

27
rewrite.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
include_once ("core/config.php");
$path = ltrim($_SERVER['REQUEST_URI'], '/');
$query = " SELECT
to_url
FROM
rewrite
WHERE
from_url = '$path'
AND
attivo = 1
";
$res = mysql_query( $query, $DB_ID );
if ($valori = mysql_fetch_array ( $res )) {
include ($valori['to_url']);
} else {
print "$path non c'e'";
exit;
}
?>

2
routing/index.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
$conf_route = carica_conf('Routing'); $conf_route = carica_conf('Routing');

2
routing/linee.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(10); $DIRITTI = diritti('Admin');
view_top(); view_top();
?> ?>

2
routing/modlinea.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(10); $DIRITTI = diritti('Admin');
view_top(); view_top();
$netmask = array( 30 => "/30 - 255.255.255.252", $netmask = array( 30 => "/30 - 255.255.255.252",

3
utenti/dettlogutenti.php
View File

@@ -1,8 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(); $DIRITTI = diritti('Admin');
//isadmin();
?> ?>
<body> <body>
<link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/css/stile.css" /> <link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/css/stile.css" />

2
utenti/index.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
?> ?>

2
utenti/logutenti.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(); $DIRITTI = diritti('Admin');
//isadmin(); //isadmin();
?> ?>
<body> <body>

2
utenti/modutenti.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(10); $DIRITTI = diritti('Admin');
view_top(); view_top();
if (isset($_GET['id'])) { if (isset($_GET['id'])) {

2
utenti/permessiutenti.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(1); $DIRITTI = diritti('Admin');
view_top(); view_top();
$query = " SELECT $query = " SELECT

2
utenti/updatepermessi.php
View File

@@ -1,7 +1,7 @@
<?php <?php
include_once ("../core/config.php"); include_once ("../core/config.php");
$UTENTE = login(); $UTENTE = login();
$DIRITTI = diritti(); $DIRITTI = diritti('Admin');
$user_id = $_GET['user_id']; $user_id = $_GET['user_id'];
$accesso = $_GET['accesso']; $accesso = $_GET['accesso'];