Merge branch 'master' into condes

Recupero stato

.htaccess

@@ -1,3 +1,9 @@
 RewriteEngine on
 RewriteRule ^(.*/)?img/(.*) risorse/immagini/$2 [L]
 RewriteRule ^(.*/)?css/(.*) risorse/stili/$2 [L]
+
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteRule . /pannello_vbc/rewrite.php [L]
+
+

DBDiff/proxy.sql

@@ -0,0 +1,29 @@
+ALTER TABLE `proxy_utenti` ADD `guest` INT NOT NULL DEFAULT '0' AFTER `modifica`;
+
+INSERT INTO `pannello_vbc`.`livelli` (`id`, `livello`, `nome`) VALUES (NULL, '1', 'Libero');
+ALTER TABLE `moduli_page` ADD `livello` INT NOT NULL AFTER `pagina`;
+
+CREATE TABLE `rewrite` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `from_url` varchar(512) NOT NULL,
+  `to_url` varchar(512) NOT NULL,
+  `attivo` tinyint(1) NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `from_url` (`from_url`(255))
+) ENGINE=InnoDB DEFAULT CHARSET=utf8
+
+INSERT INTO `rewrite` (`id`, `from_url`, `to_url`, `attivo`) VALUES
+(1, 'pannello_vbc/proxy_auth.php', 'proxy/ext/main_proxy.php', 1),
+(2, 'pannello_vbc/main_proxy.php', 'proxy/ext/main_proxy.php', 1),
+(3, 'pannello_vbc/logout_proxy.php', 'proxy/ext/logout_proxy.php', 1),
+(4, 'pannello_vbc/chkpasswd_proxy.php', 'proxy/ext/chkpasswd_proxy.php', 1);
+
+ALTER TABLE `proxy_utenti` ADD `primo` DATETIME NULL AFTER `modifica`;
+ALTER TABLE `proxy_utenti` ADD `ultimo` DATETIME NULL AFTER `ultimo`;
+ALTER TABLE `proxy_utenti` ADD `tempo` DECIMAL(20,2) NOT NULL DEFAULT '0' AFTER `attivo`;
+ALTER TABLE `proxy_utenti` CHANGE `ip` `ip` VARCHAR(15) CHARACTER SET utf8 COLLATE utf8_general_ci NULL;
+REVOKE ALL PRIVILEGES ON `pannello_vbc`.`proxy_utenti` FROM 'pannello_proxy'@'%'; GRANT SELECT, UPDATE (`primo`, `ultimo`, `attivo`) ON `pannello_vbc`.`proxy_utenti` TO 'pannello_proxy'@'%';
+
+INSERT INTO `pannello_vbc`.`moduli_page` (`id`, `id_moduli`, `nome`, `ordine`, `pagina`, `livello`, `attivo`) VALUES (NULL, '1', 'Lista Gruppi', '35', 'users_group_lista.php', '10', '1'); 
+
+ALTER TABLE `moduli` ADD `ordine` INT NOT NULL AFTER `nome`;

TODO

@@ -1,7 +1,6 @@
 # Moduli da implementare
-- Proxy
+- Accesso Desktop
 - Firewall
 - DHCP
 - Routing
 
-

core/function.php

@@ -49,7 +49,7 @@ function db_data_connect () {
 
 function login () {
 	global $_SESSION, $_POST, $POP3_Server, $DB_ID, $CONF;
-	session_name("FirewallSW");
+	session_name("SWP");
 	session_start();
 	if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 >= time())) {
 		if(!db_login ($_SESSION['username'], $_SESSION['passwd'])) {
@@ -345,7 +345,8 @@ function array_moduli () {
 				moduli.id AS id,
 				moduli.nome AS nome,
 				moduli.directory AS directory,
-				moduli.descrizione AS descrizione
+				moduli.descrizione AS descrizione,
+				permessi.accesso AS accesso
 			FROM
 				utenti
 			JOIN
@@ -356,12 +357,14 @@ function array_moduli () {
 				utenti.utente = '".$_SESSION['username']."'
 			AND
 				moduli.attivo = 1
+			ORDER BY
+				ordine
 		";
 
-	$menu[] =	array("Home", $CONF['base_url']."/core/main.php",0,"Home Page");
+	$menu[] =	array("Home", $CONF['base_url']."/core/main.php",0,"Home Page",0);
 
 	if ($UTENTE['admin']) {
-		$menu[]	=	array("Configurazione", $CONF['base_url']."/core/conf.php",0,"Modifica configurazione");
+		$menu[]	=	array("Configurazione", $CONF['base_url']."/core/conf.php",0,"Modifica configurazione",0);
 		$query .= "	UNION DISTINCT SELECT
 					moduli.id AS id,
 					moduli.nome AS nome,
@@ -379,7 +382,7 @@ function array_moduli () {
 	$res = mysql_query( $query, $DB_ID );
 
 	while ($dato = mysql_fetch_array ($res)) {
-		$menu[]	=	array($dato['nome'], $CONF['base_url']."/".$dato['directory']."/index.php",$dato['id'], $dato['descrizione']);
+		$menu[]	=	array($dato['nome'], $CONF['base_url']."/".$dato['directory']."/index.php",$dato['id'], $dato['descrizione'], $dato['accesso']);
 	}
 
 	$menu[]	=	array("Cambio password", $CONF['base_url']."/core/chkpasswd.php",0,"Cambio Password");
@@ -391,13 +394,10 @@ function home_moduli () {
 	global $UTENTE, $CONF;
 
 	$menu = array_moduli();
-?>
-	<tr>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="20%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="75%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-	</tr>
-<?php	for ($i=0; $i<count($menu);$i++) { ?>
+
+	html_spazi (array (5,30,0));
+
+	for ($i=1; $i<count($menu);$i++) { ?>
 	<tr>
 		<td class="spazioh"><a href="<?php print $menu[$i][1]?>"><img src="<?php print $CONF['base_url'] ?>/img/go.png"></a></td>
 		<td class="campo"><?php print $menu[$i][0] ?></td>
@@ -441,6 +441,8 @@ function lista_moduli () {
 							moduli.id = moduli_page.id_moduli
 					WHERE 
 						moduli_page.attivo = 1 
+						AND
+						moduli_page.livello <= ".$menu[$i][4]."
 					AND 
 						moduli_page.id_moduli = ".$menu[$i][2]." 
 					ORDER BY 
@@ -465,6 +467,18 @@ function lista_moduli () {
 function diritti ($minimo) {
 	global $UTENTE, $DB_ID, $CONF;
 
+	$query = "	SELECT
+				livello
+			FROM
+				livelli
+			WHERE
+				nome = '$minimo'
+		";
+
+	$res = mysql_query( $query, $DB_ID );
+	$dato = mysql_fetch_array ($res);	
+	$minimo = $dato['livello'];
+
 	preg_match ('/^'.preg_replace('/\//','\/',$CONF['base_url']).'\/([^\/]+)\/.*/', $_SERVER['REQUEST_URI'], $trovato);
 	$modulo = $trovato[1];
 
@@ -473,7 +487,11 @@ function diritti ($minimo) {
 			FROM
 				moduli
 			JOIN
-				permessi ON moduli.id = permessi.id_moduli AND permessi.id_utenti = ".$UTENTE['id']."
+				permessi 
+				ON 
+					moduli.id = permessi.id_moduli 
+					AND 
+					permessi.id_utenti = ".$UTENTE['id']."
 			WHERE
 				moduli.directory = '$modulo'
 				AND
@@ -483,7 +501,11 @@ function diritti ($minimo) {
 			FROM 
 				moduli 
 			JOIN 
-				utenti ON utenti.id = ".$UTENTE['id']." AND utenti.admin = 1 
+				utenti 
+				ON 
+					utenti.id = ".$UTENTE['id']." 
+					AND 
+					utenti.admin = 1 
 			WHERE 
 				moduli.directory = '$modulo'
 		";
@@ -572,4 +594,41 @@ function generateStrongPassword($length = 9, $add_dashes = false, $available_set
 	return $dash_str;
 }
 
+function html_spazi ($dati) {
+	global $CONF;
+
+	print "<tr>";
+	$somma = 0;
+	foreach ($dati as $riga) {
+		if (!$riga) {
+			$riga = 100 - $somma;
+		} else {
+			$somma += $riga;
+		}	
+?>
+		<td class="sep" width="<?php print $riga ?>%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+<?php	}
+	print "</tr>";
+}
+
+function html_intestazione ($dati, $tipo = array ()) {
+	global $CONF;
+
+	print "<tr>";
+	foreach ($dati as $key => $riga) {
+		if ($riga == "") {
+			$riga = "&nbsp;";
+		}
+
+		if (isset ($tipo[$key]) && $tipo[$key] != "") {
+			$classe = $tipo[$key];
+		} else {
+			$classe = "descrizione";
+		}
+?>
+		<td class="<?php print $classe ?>"><?php print $riga ?></td>
+<?php	}
+	print "</tr>";
+}
+
 ?>

core/logout.php

@@ -2,7 +2,7 @@
 include_once ("config.php");
 login();
 logga ("Uscita");
-session_name("AllegatiSW");
+session_name("SWP");
 session_start();
 $_SESSION['auth'] = 0;
 session_destroy();

firewall/index.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti();
+$DIRITTI = diritti('Libero');
 
 
 

proxy/acl_edit.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 
 if (isset($_POST['rif']) && $_POST['rif'] != "") {

proxy/acl_lista.php

@@ -1,23 +1,13 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 ?>
 
 <form name="" method="post">
 <table cellpadding="0" cellspacing="0" border="0" width="90%">
-	<tr>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="30%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="10%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="10%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="30%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-	</tr>
+<?php	html_spazi (array(5,5,5,30,5,10,5,10,0)); ?>
 	<tr>
 		<td ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
 		<td width="5%"><a href="acl_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td>

proxy/ext/chkpasswd_proxy.php

@@ -0,0 +1,146 @@
+<?php
+include_once ("core/config.php");
+include_once ("proxy/ext/function_proxy.php");
+$UTENTE = login_proxy();
+view_top_proxy();
+
+if (isset ($_POST['id'])) {
+	$modifica = 2;
+	$id 		= $_POST['id'];
+	$utente 	= $_POST['utente'];
+	$password1 	= $_POST['password1'];
+	$password2	= $_POST['password2'];
+
+	if (($password1 != "ahg5t!frtb5@u&^!") && ($password1 == $password2)) {
+		$querypwd = "pass = PASSWORD('$password1'),";
+	} else {
+		$querypwd = "";
+	}
+
+	$testo = "L'utente e' stato correttamente modificato";
+	$query = "UPDATE proxy_utenti SET $querypwd modifica = NOW() WHERE `id`=$id";
+?>
+<table cellpadding="0" cellspacing="0" border="0" width="90%">
+	<tr>
+		<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""><td>
+	</tr>
+	<tr>
+		<td>
+<?php	if (mysql_query( $query, $DB_ID )) { ?>
+<?php print $testo ?><br>
+<?php	} else { ?>
+Non e' stato possibile eseguire l'operazione richiesta a causa di un errore: <?php print mysql_error() ?><br>
+<?php print $query ?><br>
+<?php	} ?>
+		</td>
+	</tr>
+	<tr>
+		<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td>
+	</tr>
+	<tr>
+		<td><input type="button" value="Ok" onclick="location.href = 'main_proxy.php';"></button></td>
+	</tr>
+	<tr>
+		<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""></td>
+	</tr>
+</table>
+<?php
+} else {
+
+	$bottone = "Modifica";
+	$modifica = 1;
+	$query = "SELECT * FROM proxy_utenti WHERE user = '".$UTENTE['user']."'";
+	$res = mysql_query( $query, $DB_ID );
+	$dato = mysql_fetch_array ( $res );
+	$dato['password'] = "ahg5t!frtb5@u&^!";
+}
+?>
+
+<?php if (($modifica == 0 || $modifica == 1) && !isset($_GET['rm'])) { ?>
+
+<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.js"></script>
+<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.js"></script>
+<script type="text/javascript" src="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.password.js"></script>
+<link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/jquery/jquery.validate.password.css" />
+
+<script type="text/javascript">
+$(document).ready(function() 
+{
+	$("#modulo").validate( {
+		rules: {
+			password1: {
+				password: "#utente",
+				minlength: 0
+			},
+			password2: {
+				equalTo: "#password1"
+			}
+		},
+		messages: {
+			password2: {
+				equalTo: "Le due password devono essere uguali"
+			}
+		},
+
+		errorPlacement: function(error, element) {
+			error.prependTo( element.parent().next() );
+		},
+		success: function(label) {
+			label.html("&nbsp;").addClass("checked");
+		}
+	});
+});
+</script>
+
+<form action="chkpasswd_proxy.php" method="post" id="modulo">
+<table cellpadding="0" cellspacing="0" border="0" width="90%">
+<input type="hidden" name="id" value="<?php print $dato['id'] ?>">
+<tr>
+	<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="30" height="1" alt=""></td>
+	<td>Nome Utente</td>
+	<td><?php print $dato['user']?></td>
+	<td class="status" colspan="6"></td>
+</tr>
+<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td></tr>
+<tr>
+	<td class="col1" colspan="9">
+	<table cellpadding="0" cellspacing="0" border="0" width="100%">
+		<tr>
+			<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="40" height="50" alt=""></td>
+			<td class="label"><label id="lpassword" for="password">Password</label></td>
+			<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="10" height="1" alt=""></td>
+			<td class="field" width="30"><input id="password1" name="password1" type="password" size="30" maxlength="32" value="<?php print $dato['password'] ?>" /></td>
+			<td class="status" width="400">
+				<div class="password-meter">
+					<div class="password-meter-message">&nbsp;</div>
+					<div class="password-meter-bg">
+						<div class="password-meter-bar"></div>
+					</div>
+				</div>
+			</td>
+		</tr>
+		<tr>
+			<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="40" height="50" alt=""></td>
+			<td class="label"><label id="lpassword_confirm" for="password_confirm">Password</label></td>
+			<td><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="10" height="1" alt=""></td>
+			<td class="field" width="30"><input id="password2" name="password2" type="password" size="30" maxlength="32" value="<?php print $dato['password'] ?>" /></td>
+			<td class="status" width="400"></td>
+		</tr>
+		<tr><td colspan="9" class="spaziov"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" alt=""></td></tr>
+	</table>
+	</td>
+</tr>
+
+<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="5" alt=""></td></tr>
+<tr><td align="center" colspan="9">
+	<input type="submit" value="<?php print $bottone ?>">
+	&nbsp;&nbsp;&nbsp;
+	<input type="button" value="Annulla" onclick="location.href = 'main_proxy.php';"></button>
+</td></tr>
+
+<tr><td colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="10" alt=""></td></tr>
+</table>
+</form>
+<?php } ?>
+
+<?php view_footer_proxy(); ?>

proxy/ext/footer_proxy.php

@@ -0,0 +1,17 @@
+	</td></tr>
+	<tr><td>
+		<table cellpadding="0" cellspacing="0" border="0" width="100%">
+		<tr bgcolor="#34c6ea">
+			<td nowrap class="lbottom">&nbsp;<?php print $CONF['Versione'] ?></td>
+			<td width="500">&nbsp;</td>
+<?php if ($UTENTE['admin']) { ?>
+			<td class="rtop"><a class="rtop" href="main_proxy.php">Admin&nbsp;</a></td>
+<?php } else {?>
+			<td>&nbsp;</td>
+<?php } ?>
+		</tr>
+		</table>
+	</td></tr>
+</table>
+</body>
+</html>

proxy/ext/function_proxy.php

@@ -0,0 +1,143 @@
+<?php
+
+function view_top_proxy () {
+	global $CONF, $UTENTE;
+	include_once ("top_proxy.php");
+}
+
+function view_footer_proxy () {
+	global $CONF, $UTENTE;
+	include_once ("footer_proxy.php");
+}
+
+function db_login_proxy($user,$pass) {
+	global $DB_ID;
+	$query = "SELECT id FROM proxy_utenti WHERE user = '$user' AND pass = PASSWORD('$pass') AND attivo = 1";
+	$res = mysql_query( $query, $DB_ID );
+	$dato = mysql_fetch_array ( $res );
+	$ritorno = $dato['id'];
+	return $ritorno;
+}
+
+function login_proxy () {
+	global $_SESSION, $_POST, $DB_ID, $CONF;
+	session_name("authmail");
+	session_start();
+	if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 >= time())) {
+		if(!db_login_proxy ($_SESSION['username'], $_SESSION['passwd'])) {
+			$tMessage = '<span class="error_msg">Dati di autenticazione errati</span>';
+			$tUsername = $_SESSION['username'];
+			$_SESSION['auth'] = 0;
+			session_destroy();
+			include ("userlogin.php");
+			exit;
+		} else {
+			logga ($_SERVER['REQUEST_URI']);
+			$_SESSION['time'] = time();
+			return carica_utente_proxy ();
+		}
+	} else {
+		if ($_POST['fUsername']) {
+			$fUsername = $_POST['fUsername'];
+	   		$fPassword = $_POST['fPassword'];
+	   		if(db_login_proxy ($fUsername, $fPassword)) {
+		      		$_SESSION = array();
+		      		$_SESSION['passwd'] = $fPassword;
+		      		$_SESSION['username'] = $fUsername;
+		      		$_SESSION['auth'] = 1;
+      				$_SESSION['time'] = time();
+				session_regenerate_id(TRUE);
+      				return carica_utente_proxy ();
+   			} else {
+   				$tMessage = 'Errore';
+        		 	$tUsername = $fUsername;
+				include ("userlogin.php");
+        		 	exit;
+   			}
+		} else {
+			if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 < time())) {
+				$tMessage = '<span class="error_msg">Sessione scaduta</span>';
+				$tUsername = $_SESSION['username'];
+				logga ("Sessione scaduta");
+				include ("userlogin.php");
+       			  	exit;
+			} else {
+				include ("userlogin.php");
+       			  	exit;
+			}
+		}
+	}
+}
+
+function carica_utente_proxy () {
+	global $_SESSION, $CONF, $DB_ID;
+	$query = "SELECT * FROM proxy_utenti where user = '".$_SESSION['username']."'";
+	$res = mysql_query( $query, $DB_ID );
+	$dati = mysql_fetch_array ( $res );
+
+	return $dati;
+}
+
+function lista_moduli_proxy () {
+	global $UTENTE, $DB_ID, $CONF;
+
+	$menu[] =	array("Home", "main_proxy.php",0,"Home Page",0);
+	$menu[]	=	array("Cambio password", "chkpasswd_proxy.php",0,"Cambio Password");
+
+	$pezzi = preg_split('/\//', $_SERVER["PHP_SELF"], -2);
+	$self = $pezzi[count($pezzi)-1];
+?>
+		<ul id="nav">
+<?php 	for ($i=0; $i<count($menu);$i++) {
+		if ($self == $menu[$i][1]) {
+			$classe = "sel";
+		} else {
+			$classe = "nosel";
+		}
+?>
+			<li>
+				<a class="<?php print $classe ?>" href="<?php print $menu[$i][1]?>"><?php print $menu[$i][0]?></a>
+<?php
+		if ($menu[$i][2] != 0) {
+			$query = "	SELECT 
+						moduli_page.nome AS nome, 
+						moduli_page.pagina AS pagina,
+						moduli.directory AS directory
+					FROM 
+						moduli_page 
+					JOIN
+						moduli
+						ON
+							moduli.id = moduli_page.id_moduli
+					WHERE 
+						moduli_page.attivo = 1 
+						AND
+						moduli_page.livello <= ".$menu[$i][4]."
+					AND 
+						moduli_page.id_moduli = ".$menu[$i][2]." 
+					ORDER BY 
+						moduli_page.ordine
+				";
+
+			$res_page = mysql_query( $query, $DB_ID ); ?>
+				<ul>
+<?php			while ($page = mysql_fetch_array ($res_page)) { ?>
+					<li><a href="<?php print $CONF['base_url']."/".$page['directory']."/".$page['pagina'] ?>"><?php print $page['nome'] ?></a></li>
+<?php			} ?>
+				</ul>
+
+<?php		} ?>
+			</li>
+<?php	} ?>
+		</ul>
+
+<?php
+}
+
+
+
+
+
+
+
+?>

proxy/ext/logout_proxy.php

@@ -0,0 +1,10 @@
+<?php
+include_once ("core/config.php");
+include_once ("proxy/ext/function_proxy.php");
+login_proxy();
+session_name("authmail");
+session_start();
+$_SESSION['auth'] = 0;
+session_destroy();
+header('Location: main_proxy.php');
+?>

proxy/ext/main_proxy.php

@@ -0,0 +1,15 @@
+<?php
+include_once ("core/config.php");
+include_once ("proxy/ext/function_proxy.php");
+$UTENTE = login_proxy();
+view_top_proxy();
+?>
+
+<META HTTP-EQUIV="Refresh" CONTENT="30" URL="main_proxy.php">
+
+<table cellpadding="0" cellspacing="0" border="0" width="90%">
+	<tr><td class="spaziov" colspan="9"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
+</table>
+
+<img src="img/spazio.gif" width="1" height="20" alt="">
+<?php view_footer_proxy(); ?>

proxy/ext/top_proxy.php

@@ -0,0 +1,30 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+<title>Autenticazione Proxy</title>
+</head>
+<body>
+<link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/css/stile.css" />
+<table cellpadding="0" cellspacing="0" border="0" align="center" width="1000">
+<?php 
+	if ($UTENTE['user'] != '') { ?>
+	<tr><td>
+		<table cellpadding="0" cellspacing="0" border="0" width="100%">
+		<tr bgcolor="#34c6ea">
+			<td nowrap class="ltop">Utente: <?php print $_SESSION['username'] ?></td>
+			<td width="200">&nbsp;</td>
+			<td class="rtop"><a class="rtop" href="logout_proxy.php">Logout</a></td>
+		</tr>
+		</table>
+	</td></tr>
+	<tr><td class="spaziov" colspan=2><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
+	<tr><td align="center">
+<?php
+
+	lista_moduli_proxy();
+	} else {?>
+	<tr bgcolor="#34c6ea"><td>&nbsp;</td></tr>
+<?php 	} ?>
+	</td></tr>
+	<tr><td class="spaziov" colspan=2><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
+	<tr><td align="center">

proxy/ext/userlogin.php

@@ -0,0 +1,23 @@
+<?php view_top_proxy(); ?>
+<form name="login" method="post">
+<table cellpadding="0" cellspacing="10" border="0"  id="login_table">
+   <tr align="center" valign="middle">
+      <td colspan="2"><h4><?php print "Benvenuto" ?></h4></td>
+   </tr>
+   <tr>
+      <td><?php print "Utente:"; ?></td>
+      <td><input type="text" name="fUsername" value="<?php print $tUsername; ?>" /></td>
+   </tr>
+   <tr>
+      <td><?php print "Password:"; ?></td>
+      <td><input type="password" name="fPassword" /></td>
+   </tr>
+   <tr>
+      <td colspan="2" align="center"><input type="submit" name="submit" value="<?php print "Accedi"; ?>" /></td>
+   </tr>
+   <tr>
+      <td colspan="2" align="center"<?php print $tMessage; ?></td>
+   </tr>
+</table>
+</form>
+<?php view_footer_proxy(); ?>

proxy/index.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Utente');
 view_top();
 ?>
 

proxy/net_acl.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 
 if (isset($_POST['id'])) {
@@ -79,29 +79,9 @@ function do_submit() {
 <form name="acl" method="post">
 <table cellpadding="0" cellspacing="0" border="0" width="90%">
 <input type="hidden" name="id" value="<?php print $id ?>">
-	<tr>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="20%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="6%" ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="6%" ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="6%" ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="5%" ><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="20%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="27%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-	</tr>
-	<tr>
-		<td class="spaziol"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="descrizione">Rete</td>
-		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="radio">Nega</td>
-		<td class="radio">Default</td>
-		<td class="radio">Autorizza</td>
-		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="descrizione">Nome Lista</td>
-		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-	</tr>
 <?php	
+html_spazi (array(5,20,5,6,6,6,5,20,0)); 
+html_intestazione (array ("","Rete","","Nega","Default","Autorizza","","Nome Lista",""), array("","","","radio","radio","radio","","",""));
 $res = mysql_query( $query, $DB_ID );
 $conta = 0;
 while ($dato = mysql_fetch_array ( $res )) {

proxy/net_edit.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 
 if (isset($_POST['id'])) {

proxy/net_lista.php

@@ -1,24 +1,12 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(10);
+$DIRITTI = diritti('Admin');
 view_top();
 ?>
 <form name="" method="post">
 <table cellpadding="0" cellspacing="0" border="0" width="90%">
-	<tr>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="2%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="5%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="2%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="9%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="2%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="9%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="2%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="15%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-		<td class="sep" width="44%"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
-	</tr>
+<?php	html_spazi (array(5,5,2,5,2,9,2,9,2,15,0)); ?>
 	<tr>
 		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
 		<td class="spazioh"><a href="net_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td>

proxy/pool_acl.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 
 if (isset($_POST['id'])) {

proxy/pool_ip.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 ?>
 <form name="" method="post">

proxy/pool_lista.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(10);
+$DIRITTI = diritti('Admin');
 view_top();
 
 if (isset($_POST['tempo'])) {

proxy/proxy_gest.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 ?>
 <html>
 <head>
@@ -19,78 +19,95 @@ if (isset($_GET['id'])) {
 	$id = $_GET['id'];
 	if (isset($_GET['azione'])) {
 		$azione = $_GET['azione'];
+		$genera = 0;
 		switch ($azione) {
 			case "net_up":
 				$query = "UPDATE proxy_net SET attivo = 1 WHERE id = $id";
-				mysql_query( $query, $DB_ID );
+				$testo = "Confermate l'abilitazione della rete?";
 			break;
 			case "net_down":
 				$query = "UPDATE proxy_net SET attivo = 0 WHERE id = $id";
-				mysql_query( $query, $DB_ID );
+				$testo = "Confermate la disabilitazione della rete?";
 			break;
 			case "net_rm":
 				$query = "DELETE FROM proxy_net WHERE id = $id";
-				mysql_query( $query, $DB_ID );
+				$testo = "Confermate la rimozione della rete?";
 			break;
 
 			case "acl_up":
 				$query = "UPDATE proxy_acl_list SET attivo = 1, data = NOW() WHERE id = $id";
-				mysql_query( $query, $DB_ID );
+				$testo = "Confermate l'abilitazione della ACL?";
 			break;
 			case "acl_down":
 				$query = "UPDATE proxy_acl_list SET attivo = 0, data = NOW() WHERE id = $id";
-				mysql_query( $query, $DB_ID );
+				$testo = "Confermate la disabilitazione della ACL?";
 			break;
 			case "link_up":
 				$query = "UPDATE proxy_acl SET attivo = 1, data = NOW() WHERE id = $id";
-				mysql_query( $query, $DB_ID );
+				$testo = "Confermate l'abilitazione dell'URL?";
 			break;
 			case "link_down":
 				$query = "UPDATE proxy_acl SET attivo = 0, data = NOW() WHERE id = $id";
-				mysql_query( $query, $DB_ID );
+				$testo = "Confermate la disabilitazione dell'URL?";
 			break;
 			case "link_rm":
 				$query = "DELETE FROM proxy_acl WHERE id = $id";
-				mysql_query( $query, $DB_ID );
+				$testo = "Confermate la cancellazione dell'URL?";
 			break;
 
 			case "pool_ins":
 				$query = "INSERT INTO proxy_pool (ip, pool, attivo, ins) VALUES ('$id', 1, 1, NOW()) ON DUPLICATE KEY UPDATE attivo = 1";
-				mysql_query( $query, $DB_ID );
-				genera($DB_ID);
+				$testo = "Confermate l'inserimento dell'indirizzo IP nel pool di limitazione?";
+				$genera = 1;
 			break;
 			case "pool_rem":
 				$query = "INSERT INTO proxy_pool (ip, pool, attivo, ins) VALUES ('$id', 1, 0, NOW()) ON DUPLICATE KEY UPDATE attivo = 0";
-				mysql_query( $query, $DB_ID );
-				genera($DB_ID);
+				$testo = "Confermate la rimozione dell'indirizzo IP dal pool di limitazione?";
+				$genera = 1;
 			break;
 
 			case "user_up":
 				$query = "UPDATE proxy_utenti SET attivo = 1 WHERE id = $id";
-				mysql_query( $query, $DB_ID );
-				$testo = "Utente Abilitato";
+				$testo = "Confermate l'abilitazione dell'utente?";
 			break;
 			case "user_down":
 				$query = "UPDATE proxy_utenti SET attivo = 0 WHERE id = $id";
-				mysql_query( $query, $DB_ID );
-				$testo = "Utente Disabilitato";
+				$testo = "Confermate la disabilitazione dell'utente?";
 			break;
 			case "user_rm":
 				$query = "DELETE FROM proxy_utenti WHERE id = $id";
-				mysql_query( $query, $DB_ID );
-				$testo = "Utente Eliminato";
+				$testo = "Confermate la cancellazione dell'utente?";
 			break;
 
 			default:
 				$testo = "Regola non implementata";
 			break;
 		}
+
+		if (isset($_GET['ref'])) {
+			$ref = pack ('H*', $_GET['ref']);
+			mysql_query( $query, $DB_ID );
+			if ($genera) genera($DB_ID);
+?>
+<script type="text/javascript">
+	document.location.href="<?php print $ref ?>"
+</script>
+<?php 		} else { 
+			$ref = unpack ('H*', $_SERVER["HTTP_REFERER"]);
+?>
+<script type="text/javascript">
+	var r = confirm("<?php print $testo ?>");
+	if (r == true) {
+		document.location.href="<?php print $_SERVER['REQUEST_URI']?>&ref=<?php print $ref[1] ?>"
+	} else {
+		document.location.href="<?php print $_SERVER['HTTP_REFERER']?>"
+	}
+</script>
+<?php		}
+
 	}
 }
 ?>
-<script type="text/javascript">
-	document.location.href='<?php print $_SERVER['HTTP_REFERER']?>'
-</script>
 
 <?php
 function genera ($DB_ID) {

proxy/squid_acl/squid_acl.pl

@@ -9,7 +9,7 @@ require "$Bin/../script/conntrack.conf";
 
 local $SIG{ALRM} = sub {
 	my $time = localtime; # scalar context
-	print LOG "$$ - $time - Exit\n";
+#	print LOG "$$ - $time - Exit\n";
 	exit 1;
 };
 
@@ -21,8 +21,8 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
 $sts = $dbmysql->prepare("use $DBname");
 $sts->execute ();
 
-open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
-LOG->autoflush(1);
+#open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
+#LOG->autoflush(1);
 
 while($limit) {
 	alarm $timeout;
@@ -35,15 +35,15 @@ while($limit) {
 	my $ritorno = cerca ($param[1],$param[2], -1);
 	$limit--;
 	if ($ritorno) {
-		print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
+#		print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
 		print "DENY\n";
 	} else {
 		$ritorno = cerca ($param[1],$param[2], 1);
 		if ($ritorno) {
-			print LOG "$param[0] - $param[1] - $param[2] - OK\n";
+#			print LOG "$param[0] - $param[1] - $param[2] - OK\n";
 			print "OK\n";
 		} else {
-			print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
+#			print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
 #			print "DENY\n";
 			print "\n";
 		}

proxy/squid_acl/squid_acl_net.pl

@@ -9,7 +9,7 @@ require "$Bin/../script/conntrack.conf";
 
 local $SIG{ALRM} = sub {
 	my $time = localtime; # scalar context
-	print LOG "$$ - $time - Exit\n";
+#	print LOG "$$ - $time - Exit\n";
 	exit 1;
 };
 
@@ -21,8 +21,8 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
 $sts = $dbmysql->prepare("use $DBname");
 $sts->execute ();
 
-open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
-LOG->autoflush(1);
+#open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
+#LOG->autoflush(1);
 
 while($limit) {
 	alarm $timeout;
@@ -35,15 +35,15 @@ while($limit) {
 	my $ritorno = cerca ($param[1],$param[2], -1);
 	$limit--;
 	if ($ritorno) {
-		print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
+#		print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
 		print "DENY\n";
 	} else {
 		$ritorno = cerca ($param[1],$param[2], 1);
 		if ($ritorno) {
-			print LOG "$param[0] - $param[1] - $param[2] - OK\n";
+#			print LOG "$param[0] - $param[1] - $param[2] - OK\n";
 			print "OK\n";
 		} else {
-			print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
+#			print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
 			print "\n";
 		}
 	}

proxy/squid_acl/squid_auth.pl

@@ -8,7 +8,7 @@ require "$Bin/../script/conntrack.conf";
 
 local $SIG{ALRM} = sub {
 	my $time = localtime; # scalar context
-	print LOG "$$ - $time - Exit\n";
+#	print LOG "$$ - $time - Exit\n";
 	exit 1;
 };
 
@@ -20,8 +20,8 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
 $sts = $dbmysql->prepare("use $DBname");
 $sts->execute ();
 
-open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
-LOG->autoflush(1);
+#open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
+#LOG->autoflush(1);
 
 alarm $timeout;
 while($limit) {
@@ -29,11 +29,10 @@ while($limit) {
 	my $input = <>;
 	chop $input;
 
-#	my ($acl, $ip) = split / /, $input;
 	my @param = split / /, $input;
 
 	if ($param[0] ne "") {
-		$query = "SELECT id FROM proxy_utenti WHERE user = '".$param[0]."' AND pass = PASSWORD('".$param[1]."') AND attivo = 1";
+		$query = "SELECT id, primo, (tempo*3600)-time_to_sec(timediff(ultimo, primo)) AS rimasto, tempo FROM proxy_utenti WHERE user = '".$param[0]."' AND pass = PASSWORD('".$param[1]."') AND attivo = 1";
 		$limit--;
 		alarm $timeout;
 	} else {
@@ -47,7 +46,22 @@ while($limit) {
 
 	if ($ref = $sts->fetchrow_hashref ) {
 		my $id = $$ref{'id'};
-		my $query = "UPDATE proxy_utenti SET data = NOW() WHERE id = $id";
+		my $primo = $$ref{'primo'};
+		my $rimasto = $$ref{'rimasto'};
+		my $tempo = $$ref{'tempo'};
+
+		my $agg = "";
+		my $query = "";
+		if (($tempo > 0) && ($rimasto < 0)){
+			$agg = "attivo = 0,";
+		}
+
+		if (!$primo) {
+			$query = "UPDATE proxy_utenti SET $agg primo =  NOW(), ultimo = NOW() WHERE id = $id";
+		} else {
+			$query = "UPDATE proxy_utenti SET $agg ultimo = NOW() WHERE id = $id";
+		}
+#		print LOG "$rimasto -- $query\n";
 		$sts = $dbmysql->prepare($query);
 		$sts->execute ();
 		print "OK\n";

proxy/users_edit.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 
 if (isset($_POST['id'])) {

proxy/users_group_edit.php

@@ -0,0 +1,84 @@
+<?php
+include_once ("../core/config.php");
+$UTENTE = login();
+$DIRITTI = diritti('Admin');
+view_top();
+
+if (isset($_POST['id'])) {
+	$prefisso 	= 	$_POST['prefisso'];
+	$da	 	= 	$_POST['da'];
+	$a	 	= 	$_POST['a'];
+	$a	 	= 	$_POST['a'];
+	$lung 		= 	$_POST['lung'];
+	$lpwd 		= 	$_POST['lpwd'];
+	$tempo 		= 	$_POST['tempo'];
+
+	$lunghezza = $lung - strlen ($prefisso);
+	$parametro = "0".$lunghezza."d";
+	for ($i=$da;$i<=$a;$i++) {
+		$utgruppo = sprintf ("%s%$parametro",$prefisso,$i);
+		$pwgruppo = generateStrongPassword($length = $lpwd, $add_dashes = false, $available_sets = 'lud');
+
+		$query = "	INSERT INTO
+					proxy_utenti
+				SET
+					user = '$utgruppo',
+					pass = PASSWORD('$pwgruppo'),
+					fullname = 'Utente Guest',
+					data = NOW(),
+					modifica = NOW(),
+					guest = 1,
+					attivo = 1,
+					tempo = $tempo
+		";
+		$res = mysql_query( $query, $DB_ID );
+	}
+?>
+<script type="text/javascript">
+        document.location.href="users_group_lista.php"
+</script>
+<?php
+
+}
+?>
+
+<form name="" method="post">
+<input type="hidden" name="id" value="0">
+<table cellpadding="0" cellspacing="0" border="0" width="90%">
+
+<?php
+html_spazi (array(2,10,2,16,2,10,0));
+html_intestazione (array ("","Prefisso","","Intervallo","","Lunghezza",""), array("","","","radio","","",""));
+?>
+	<tr>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="colip"><input type="text" size="16" name="prefisso"></td>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="radio">
+			<input type="text" size="2" name="da">
+			&nbsp;-&nbsp;
+			<input type="text" size="2" name="a">
+		</td>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="colip"><input type="text" size="3" name="lung"></td>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		</td>
+	</tr>
+	<tr><td class="spaziov" colspan=7><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
+<?php html_intestazione (array ("","Lunghezza Password","","Tempo assegnato (h)","","","")); ?>
+	<tr>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="colip"><input type="text" size="3" name="lpwd"></td>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="colip"><input type="text" size="3" name="tempo" value=24></td>
+		<td colspan=3 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+	</tr>
+	<tr><td class="spaziov" colspan=7><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
+	<tr>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="spaziov" colspan=6><input type="submit" value="Conferma"></td>
+	</tr>
+</table>
+</form>
+<img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="20" alt="">
+<?php view_footer(); ?>

proxy/users_group_lista.php

@@ -0,0 +1,66 @@
+<?php
+include_once ("../core/config.php");
+$UTENTE = login();
+$DIRITTI = diritti('Admin');
+view_top();
+?>
+<table cellpadding="0" cellspacing="0" border="0" width="90%">
+<?php	html_spazi (array (5,5,5,2,10,2,13,2,10,2,10,0)); ?>
+	<tr>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="spazioh"><a href="users_group_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td>
+		<td colspan=10 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+	</tr>
+<?php
+$query = "	SELECT 
+			id,
+			user,
+			fullname,
+			attivo,
+			DATE_FORMAT(primo, '%d.%m.%Y %H:%i:%s') AS primo,
+			DATE_FORMAT(ultimo, '%d.%m.%Y %H:%i:%s') AS ultimo
+		FROM
+			proxy_utenti
+		WHERE
+			guest = 1
+		ORDER BY
+			user
+	";
+
+$res = mysql_query( $query, $DB_ID );
+html_intestazione (array ("","","","","Utente","","Nome Completo","","Primo Accesso","","Ultimo Accesso",""));
+while ($dato = mysql_fetch_array ( $res )) {
+?>
+	<tr>
+<?php
+	if ($dato['attivo']) {
+?>
+		<td class="spazioh"><a href="proxy_gest.php?azione=user_down&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/attivo.gif" ALT="Utente Attivo" TITLE="Utente Attivo"></a></td>
+<?php	} else { ?>
+		<td class="spazioh"><a href="proxy_gest.php?azione=user_up&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/non_attivo.gif" ALT="Utente non Attivo" TITLE="Utente non Attivo"></a></td>
+<?php	} ?>
+		<td class="spazioh"><a href="proxy_gest.php?azione=user_rm&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/trash.png"></a></td>
+
+		<td class="spazioh"><a href="users_edit.php?id=<?php print $dato['id'] ?>"><img src="<?php print $CONF['base_url'] ?>/img/modify.gif" ALT="Dettaglio" TITLE="Dettaglio"></a></td>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+
+		<td class="colip"><?php print $dato['user'] ?></td>
+
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="colip"><?php print $dato['fullname'] ?></td>
+
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="colip"><?php print $dato['primo'] ?></td>
+
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="colip"><?php print $dato['ultimo'] ?></td>
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		</td>
+	</tr>
+	<tr><td class="spaziov" colspan=12><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
+
+<?php
+} ?>
+</table>
+<img src="<?php print $CONF['base_url'] ?>/img/spazio.gif" width="1" height="20" alt="">
+<?php view_footer(); ?>

proxy/users_lista.php

@@ -1,15 +1,15 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 ?>
-
 <table cellpadding="0" cellspacing="0" border="0" width="90%">
+<?php	html_spazi (array (5,5,5,2,10,2,13,2,10,2,10,0)); ?>
 	<tr>
 		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
 		<td class="spazioh"><a href="users_edit.php"><img src="<?php print $CONF['base_url'] ?>/img/addresource.png"></a></td>
-		<td colspan=9 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td colspan=10 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
 	</tr>
 <?php
 $query = "	SELECT 
@@ -17,19 +17,20 @@ $query = "	SELECT
 			user,
 			fullname,
 			attivo,
-			DATE_FORMAT(data, '%d.%m.%Y %H:%i:%s') AS data,
+			DATE_FORMAT(ultimo, '%d.%m.%Y %H:%i:%s') AS data,
 			ip
 		FROM
 			proxy_utenti
+		WHERE
+			guest = 0
 		ORDER BY
 			user
 	";
 
 $res = mysql_query( $query, $DB_ID );
+html_intestazione (array ("","","","","Utente","","Nome Completo","","Ultimo Accesso","","IP Associato",""));
 while ($dato = mysql_fetch_array ( $res )) {
 ?>
-
-
 	<tr>
 <?php
 	if ($dato['attivo']) {
@@ -53,10 +54,10 @@ while ($dato = mysql_fetch_array ( $res )) {
 
 		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
 		<td class="colip"><?php print $dato['ip'] ?></td>
-
+		<td class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
 		</td>
 	</tr>
-	<tr><td class="spaziov" colspan=11><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
+	<tr><td class="spaziov" colspan=12><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td></tr>
 
 <?php
 } ?>

proxy/users_pwd.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 ?>
 <script type="text/javascript">
 <!--

rewrite.php

@@ -0,0 +1,27 @@
+<?php 
+include_once ("core/config.php");
+
+$path = ltrim($_SERVER['REQUEST_URI'], '/');
+
+$query = "	SELECT
+			to_url
+		FROM
+			rewrite
+		WHERE
+			from_url = '$path'
+			AND
+			attivo = 1
+";
+
+$res = mysql_query( $query, $DB_ID );
+
+if ($valori = mysql_fetch_array ( $res )) {
+	include ($valori['to_url']);
+} else {
+	print "$path non c'e'";
+	exit;
+}
+
+
+
+?>

routing/index.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 
 $conf_route = carica_conf('Routing');

routing/linee.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(10);
+$DIRITTI = diritti('Admin');
 view_top();
 ?>
 

routing/modlinea.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(10);
+$DIRITTI = diritti('Admin');
 view_top();
 
 $netmask = array(	30	=>	"/30 - 255.255.255.252",

utenti/dettlogutenti.php

@@ -1,8 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti();
-//isadmin();
+$DIRITTI = diritti('Admin');
 ?>
 <body>
 <link rel="stylesheet" type="text/css" href="<?php print $CONF['base_url'] ?>/css/stile.css" />

utenti/index.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 ?>
 

utenti/logutenti.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti();
+$DIRITTI = diritti('Admin');
 //isadmin();
 ?>
 <body>

utenti/modutenti.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(10);
+$DIRITTI = diritti('Admin');
 view_top();
 
 if (isset($_GET['id'])) {

utenti/permessiutenti.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti(1);
+$DIRITTI = diritti('Admin');
 view_top();
 
 $query = "	SELECT

utenti/updatepermessi.php

@@ -1,7 +1,7 @@
 <?php
 include_once ("../core/config.php");
 $UTENTE = login();
-$DIRITTI = diritti();
+$DIRITTI = diritti('Admin');
 
 $user_id = $_GET['user_id'];
 $accesso = $_GET['accesso'];