From 990b05d3f2b3f23acc9cf54e0b1918ee824bb0f5 Mon Sep 17 00:00:00 2001 From: cmaffio Date: Wed, 16 Mar 2016 12:04:22 +0100 Subject: [PATCH] Aggiunta info proxy --- core/:q | 569 ++++++++++++++++++++++++++++++++++++++++ core/function.php | 51 +++- proxy/barra.php | 23 ++ proxy/index.php | 85 ++++-- proxy/lista.php | 63 +++++ risorse/stili/stile.css | 74 +++++- 6 files changed, 825 insertions(+), 40 deletions(-) create mode 100644 core/:q create mode 100644 proxy/barra.php create mode 100755 proxy/lista.php diff --git a/core/:q b/core/:q new file mode 100644 index 0000000..4f53862 --- /dev/null +++ b/core/:q @@ -0,0 +1,569 @@ += time())) { + if(!db_login ($_SESSION['username'], $_SESSION['passwd'])) { + $tMessage = 'Dati di autenticazione errati'; + $tUsername = $_SESSION['username']; + $_SESSION['auth'] = 0; + session_destroy(); + include ("userlogin.php"); + exit; + } else { + logga ($_SERVER['REQUEST_URI']); + $_SESSION['time'] = time(); + return carica_utente (); + } + } else { + if ($_POST['fUsername']) { + $fUsername = $_POST['fUsername']; + $fPassword = $_POST['fPassword']; + if(db_login ($fUsername, $fPassword)) { + $_SESSION = array(); + $_SESSION['passwd'] = $fPassword; + $_SESSION['username'] = $fUsername; + $_SESSION['auth'] = 1; + $_SESSION['time'] = time(); + session_regenerate_id(TRUE); + logga ("Accesso"); + return carica_utente (); + } else { + $tMessage = 'Errore'; + $tUsername = $fUsername; + include ("userlogin.php"); + exit; + } + } else { + if ($_SESSION['auth'] && ($_SESSION['time']+$CONF['temposessione']*60 < time())) { + $tMessage = 'Sessione scaduta'; + $tUsername = $_SESSION['username']; + logga ("Sessione scaduta"); + include ("userlogin.php"); + exit; + } else { + include ("userlogin.php"); + exit; + } + } + } +} + +function carica_conf ($modulo="") { + global $CONF, $DB_ID; + + if ($modulo != "") { + $query = "SELECT prefisso FROM moduli WHERE nome = '$modulo'"; + $res = mysql_query( $query, $DB_ID ); + $dato = mysql_fetch_array ( $res ); + $tabella = $dato['prefisso']."conf"; + } else { + $tabella = "conf"; + } + + $query = "SELECT variabile, valore FROM $tabella"; + $res = mysql_query( $query, $DB_ID ); + while ($dato = mysql_fetch_array ( $res )) { + $tmp[$dato[0]] = $dato[1]; + } + return $tmp; +} + +function isadmin () { + global $UTENTE, $CONF; + if ($UTENTE['admin']) { + return; + } else { + header("location: ".$CONF['base_url']."/index.php"); + exit; + } +} + +function carica_utente () { + global $_SESSION, $CONF, $DB_ID; + $query = "SELECT * FROM utenti where utente = '".$_SESSION['username']."'"; + $res = mysql_query( $query, $DB_ID ); + $dati = mysql_fetch_array ( $res ); + + return $dati; +} + +function is_first_access () { + global $_SESSION, $DB_ID, $CONF; + $utente = $_SESSION['username']; + $query = "SELECT * FROM utenti WHERE utente = '$utente'"; + $res = mysql_query( $query, $DB_ID ); + if (!mysql_fetch_array( $res )) { + $query = "INSERT INTO utenti SET utente='$utente', max_perm='".$CONF['permanenti']."', max_temp='".$CONF['temporanei']."', creato=now(), max_tempo='".$CONF['tempo_temporanei']."', totale=".$CONF['totale'].", idtemplate=".$CONF['template_base']; + mysql_query( $query, $DB_ID ); + logga ("Creazione nuova utenza"); + mkdir ($CONF['storage'].'/'.$utente); + logga ("Creazione storage utente"); + } +} + +function logga ($testo, $dest="") { + global $_SESSION, $DB_ID, $CONF; + + if ($dest == "") { + $destinatario = $_SESSION['username']; + } else { + $destinatario = $dest; + } + + $ip = @$_SERVER["REMOTE_ADDR"]; + $sessione = session_id();; +// print "-- $sessione --"; + $query = "INSERT INTO accessi_utenti SET utente = '$destinatario', quando = now(), ip = '$ip', cosa = '$testo', sessione = '$sessione'"; + $queryuser = "UPDATE utenti SET ultimo = now() WHERE utente = '$destinatario'"; +// print "-- $query --"; + $res = mysql_query( $query, $DB_ID ); + $res = mysql_query( $queryuser, $DB_ID ); +} + +function logga_allegati ($id, $cosa) { + global $DB_ID, $CONF; + $ip = $_SERVER["REMOTE_ADDR"]; + $query = "INSERT INTO accesso_allegati SET idallegato=$id, quando=now(), cosa='$cosa', ip='$ip'"; + $res = mysql_query( $query, $DB_ID ); +} + +function ultimo_coll () { + global $_SESSION, $DB_ID, $CONF; + $query = "SELECT DATE_FORMAT(quando, '%d-%m-%Y %H:%i:%s') as quando FROM accessi_utenti WHERE utente = '".$_SESSION['username']."' AND cosa = 'Uscita' order by quando desc limit 1"; + $res = mysql_query( $query, $DB_ID ); + $dato = mysql_fetch_array ( $res ); + if (is_null($dato['quando'])) { + return "Primo accesso"; + } else { + return $dato['quando']; + } +} + +function codice(){ + global $DB_ID; + $N_Caratteri = 30; + $Stringa = ""; + For($I=0;$I<$N_Caratteri;$I++){ + do{ + $N = Ceil(rand(48,122)); + }while(!((($N >= 48) && ($N <= 57)) || (($N >= 65) && ($N <= 90)) || (($N >= 97) && ($N <= 122)))); + $Stringa = $Stringa.Chr ($N); + } + + $query = "SELECT * FROM allegati WHERE codice='$Stringa' AND vecchio=0"; + $res = mysql_query( $query, $DB_ID ); + if (mysql_fetch_array ( $res )) { $stringa = codice(); } + return $Stringa; +} + +function invia_mail ($oggetto, $testo, $dest="") { + global $UTENTE, $CONF; + + $headers = 'From: noreply@esseweb.eu' . "\r\n" . + 'X-Mailer: PHP/' . phpversion(); + + if ($dest == "") { + $destinatario = $UTENTE['utente']; + } else { + $destinatario = $dest; + } + mail($destinatario, $oggetto, $testo, $headers); +} + +function fsize ($stat) { + $stat = (float)$stat; + $idx = 0; + $arr = array("B","kB","MB","GB","TB","PB","EB","ZB","YB"); + while(floor($stat/1024)>0){ + $stat = round($stat/1024,2); + $idx++; + } + return $stat." ".$arr[$idx]; +} + +function creanome ($idparent) { + global $DB_ID; + $query = "SELECT interfacce.device, defrule.idparent, defrule.priorita FROM defrule JOIN interfacce ON defrule.idinterfacce = interfacce.id WHERE defrule.id = '$idparent'"; + $res = mysql_query( $query, $DB_ID ); + $dato = mysql_fetch_array ( $res ); + if ($dato['idparent'] == 0) { + $ritorno = $dato['device']."-2:".$dato['priorita']; + return $ritorno; + } else { + $ritorno = creanome($dato['idparent']).":".$dato['priorita']; + return $ritorno; + } +} + +function defrule_att ($id) { + global $DB_ID; + $query = "UPDATE defrule SET attivo=1, stato=2 WHERE id = $id"; + if (mysql_query( $query, $DB_ID )) { + azioni ("defrule", $id, 1); + $query = "SELECT idparent FROM defrule WHERE id = $id"; + $res = mysql_query( $query, $DB_ID ); + $dato = mysql_fetch_array ( $res ); + $parent = $dato['idparent']; + if ($parent) { + $ritorno = defrule_att($parent); + } else { + $ritorno = 1; + } + } else { + return mysql_error(); + } + return $ritorno; +} + +function defrule_dis ($id, $stato=2) { + global $DB_ID; + $ritorno = 1; + $query = "UPDATE defrule SET attivo=0, stato=$stato WHERE id = $id"; + if (mysql_query( $query, $DB_ID )) { + azioni ("defrule", $id, 3); + if ($stato == 3) { + $query_rule = "DELETE FROM rule WHERE iddefrule = $id"; + mysql_query( $query_rule, $DB_ID ); + } + $query = "SELECT id FROM defrule WHERE idparent = $id AND stato <> 3"; + if ($res = mysql_query( $query, $DB_ID )) { + while ($dato = mysql_fetch_array ($res)) { + $ritorno = defrule_dis ($dato['id'], $stato); + } + } else { + return mysql_error(); + } + } else { + return mysql_error(); + } + return $ritorno; +} + +function defrule_reset ($iddevice, $idparent, $fw) { + global $DB_ID; + $query = "SELECT id FROM defrule WHERE idinterfacce = $iddevice AND idparent = $idparent AND attivo = 1 AND stato <> 3"; + $res = mysql_query( $query, $DB_ID ); + while ($dato = mysql_fetch_array ($res)) { + $id_defrule = $dato['id']; + $query_azioni = "INSERT INTO azioni SET fw=$fw, tabella='defrule', idtabella=$id_defrule, stato=1, datains=NOW()"; + mysql_query( $query_azioni, $DB_ID ); + defrule_reset ($iddevice, $id_defrule, $fw); + } +} + +function maxrate ($idrule, $idparent, $device) { + global $DB_ID; + if ($idparent == 0) { + $querylim = "SELECT rate, ceil FROM interfacce WHERE id = $device"; + } else { + $querylim = "SELECT rate, ceil FROM defrule WHERE id = $idparent"; + } + $queryatt = "SELECT SUM(rate) AS somma FROM defrule WHERE idinterfacce = $device AND attivo = 1 AND stato <> 3 AND id <> $idrule AND idparent = $idparent"; + $querypri = "SELECT MAX(priorita) AS pri FROM defrule WHERE idinterfacce = $device AND stato <> 3 AND id <> $idrule AND idparent = $idparent AND priorita < 1000"; + + $reslim = mysql_query( $querylim, $DB_ID ); + $datolim = mysql_fetch_array ($reslim); + $resatt = mysql_query( $queryatt, $DB_ID ); + $datoatt = mysql_fetch_array ($resatt); + $respri = mysql_query( $querypri, $DB_ID ); + $datopri = mysql_fetch_array ($respri); + + $ritorno['rate'] = $datolim['rate'] - $datoatt['somma']; + $ritorno['ceil'] = $datolim['ceil']; + $ritorno['pri'] = $datopri['pri'] + 10; + + return $ritorno; +} + +function azioni ($tabella, $idtabella, $stato) { + global $DB_ID; + + $query_fw = "SELECT id FROM firewall WHERE attivo = 1"; + $res_fw = mysql_query( $query_fw, $DB_ID ); + while ($dato_fw = mysql_fetch_array ($res_fw)) { + $id_fw = $dato_fw['id']; + $query_new = "INSERT INTO azioni SET fw = $id_fw, tabella = '$tabella', idtabella = $idtabella, stato = $stato, datains = NOW()"; +// print "$query_new
"; + mysql_query( $query_new, $DB_ID ); + } +} + +function lista_moduli () { + global $UTENTE, $DB_ID, $CONF; + + $query = " SELECT + moduli.id AS id, + moduli.nome AS nome, + moduli.directory AS directory + FROM + utenti + JOIN + permessi ON utenti.id = permessi.id_utenti AND permessi.accesso > 0 + JOIN + moduli ON moduli.id = permessi.id_moduli + WHERE + utenti.utente = '".$_SESSION['username']."' + AND + moduli.attivo = 1 + "; + + $menu[] = array("Home", $CONF['base_url']."/core/main.php",0); + + if ($UTENTE['admin']) { + $menu[] = array("Configurazione", $CONF['base_url']."/core/conf.php"); + $query .= " UNION DISTINCT SELECT + moduli.nome AS nome, + moduli.directory AS directory + FROM + moduli + WHERE + moduli.superadmin > 0 + AND + moduli.attivo = 1 + "; + } + + $res = mysql_query( $query, $DB_ID ); + + while ($dato = mysql_fetch_array ($res)) { + $menu[] = array($dato['nome'], $CONF['base_url']."/".$dato['directory']."/index.php",$dato['id']); + } + + $menu[] = array("Cambio password", $CONF['base_url']."/core/chkpasswd.php",0); + + $pezzi = preg_split('/\//', $_SERVER["PHP_SELF"], -2); + $self = $pezzi[count($pezzi)-1]; +?> + + + + + + + + + + + + + + + + + + + + + +
+
+ + +
+
+ + + + + + + + += $minimo) { + return $risposta; + } else { + header("location: ".$CONF['base_url']."/index.php"); + exit; + } +} + +function get_levels () { + global $DB_ID; + + $query = "SELECT nome, livello FROM livelli ORDER BY livello"; + $res = mysql_query( $query, $DB_ID ); + $livelli = array(); + while ($dato = mysql_fetch_array ($res)) { + $livelli[$dato['livello']] = $dato['nome']; + } + return $livelli; + +} + +function view_top () { + global $CONF, $UTENTE; + include_once ($_SERVER["CONTEXT_DOCUMENT_ROOT"].$CONF['base_url']."/core/top.php"); +} + +function view_footer () { + global $CONF, $UTENTE; + include_once ($_SERVER["CONTEXT_DOCUMENT_ROOT"].$CONF['base_url']."/core/footer.php"); +} +?> diff --git a/core/function.php b/core/function.php index c4b711c..b1f5435 100755 --- a/core/function.php +++ b/core/function.php @@ -342,6 +342,7 @@ function lista_moduli () { global $UTENTE, $DB_ID, $CONF; $query = " SELECT + moduli.id AS id, moduli.nome AS nome, moduli.directory AS directory FROM @@ -356,11 +357,12 @@ function lista_moduli () { moduli.attivo = 1 "; - $menu[] = array("Home", $CONF['base_url']."/core/main.php"); + $menu[] = array("Home", $CONF['base_url']."/core/main.php",0); if ($UTENTE['admin']) { $menu[] = array("Configurazione", $CONF['base_url']."/core/conf.php"); $query .= " UNION DISTINCT SELECT + moduli.id AS id, moduli.nome AS nome, moduli.directory AS directory FROM @@ -375,29 +377,40 @@ function lista_moduli () { $res = mysql_query( $query, $DB_ID ); while ($dato = mysql_fetch_array ($res)) { - $menu[] = array($dato['nome'], $CONF['base_url']."/".$dato['directory']."/index.php"); + $menu[] = array($dato['nome'], $CONF['base_url']."/".$dato['directory']."/index.php",$dato['id']); } - $menu[] = array("Cambio password", $CONF['base_url']."/core/chkpasswd.php"); + $menu[] = array("Cambio password", $CONF['base_url']."/core/chkpasswd.php",0); $pezzi = preg_split('/\//', $_SERVER["PHP_SELF"], -2); $self = $pezzi[count($pezzi)-1]; ?> - - - + - - - - - -
+
  • + + + + + +
    • + + + diff --git a/proxy/barra.php b/proxy/barra.php new file mode 100644 index 0000000..62c7fb1 --- /dev/null +++ b/proxy/barra.php @@ -0,0 +1,23 @@ + diff --git a/proxy/index.php b/proxy/index.php index 3ba40bd..0f42724 100755 --- a/proxy/index.php +++ b/proxy/index.php @@ -2,33 +2,68 @@ include_once ("../core/config.php"); $UTENTE = login(); $DIRITTI = diritti(1); -view_top(); ?> +view_top(); +?> + + + + + -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    -
    +/* +$ric = $valori['ricevuti']; +$inv = $valori['inviati']; +*/ +$query = "SELECT ip, ricevuti, inviati FROM proxy_speed ORDER BY ricevuti desc , inviati desc"; +$res = mysql_query( $query, $DB_ID ); +while ($dato = mysql_fetch_array ( $res )) { +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Utente attivo DettaglioInviati
    Ricevuti
    + diff --git a/proxy/lista.php b/proxy/lista.php new file mode 100755 index 0000000..7eccc40 --- /dev/null +++ b/proxy/lista.php @@ -0,0 +1,63 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Utente attivo DettaglioInviati
    Ricevuti
    + + diff --git a/risorse/stili/stile.css b/risorse/stili/stile.css index 13c7da3..1f1d8a1 100644 --- a/risorse/stili/stile.css +++ b/risorse/stili/stile.css @@ -39,7 +39,6 @@ td.rtop { font-family: verdana; font-size: 14px; text-align: right; vertical-al td.lbottom { font-family: verdana; font-size: 14px; text-align: left; vertical-align:text-top; text-decoration: none; color: #000000; } td.rbottom { font-family: verdana; font-size: 14px; text-align: right; vertical-align:text-top; text-decoration: none; color: #5191D5; } a.rtop { font-family: verdana; font-size: 14px; text-align: right; vertical-align:text-top; text-decoration: none; color: #5191D5; } -td.col3campo2 { font-family: verdana; font-size: 10px; text-align: left; vertical-align:middle; width:120px; height: 10px; text-decoration: none; color: #000000; white-space: nowrap} td.lmain { font-family: verdana; font-size: 14px; text-align: left; vertical-align:text-top; text-decoration: none; color: #000000; } td.rmain { font-family: verdana; font-size: 14px; text-align: right; vertical-align:text-top; text-decoration: none; color: #000000; } @@ -58,9 +57,82 @@ td.col3 { font-family: verdana; font-size: 14px; text-align: left; vertical-ali td.col3btn { font-family: verdana; font-size: 14px; text-align: center; vertical-align:middle; width:30px; text-decoration: none; color: #000000; } td.col3spa { font-family: verdana; font-size: 14px; text-align: left; vertical-align:middle; width:30px; text-decoration: none; color: #000000; } td.col3campo { font-family: verdana; font-size: 12px; text-align: left; vertical-align:middle; width:120px; height: 20px; text-decoration: none; color: #000000; } +td.col3campo2 { font-family: verdana; font-size: 10px; text-align: left; vertical-align:middle; width:120px; height: 10px; text-decoration: none; color: #000000; white-space: nowrap} td.col3valore { font-family: verdana; font-size: 12px; text-align: left; vertical-align:middle; width:200px; height: 20px; text-decoration: none; color: #000000; } td.col3valore2 { font-family: verdana; font-size: 10px; text-align: left; vertical-align:middle; width:200px; height: 10px; text-decoration: none; color: #000000; } +td.colip { font-family: verdana; font-size: 10px; text-align: left; vertical-align:middle; width:80px; height: 10px; text-decoration: none; color: #000000; white-space: nowrap} +td.colspeed { font-family: verdana; font-size: 10px; text-align: left; vertical-align:middle; width:80px; height: 10px; text-decoration: none; color: #000000; white-space: nowrap} +td.colimg { font-family: verdana; font-size: 11px; text-align: left; height:1px; text-decoration: none; color: #8e8e8e; white-space: nowrap} + +/*------------------------------------*\ + NAV +\*------------------------------------*/ +#nav{ + list-style:none; + font-weight:bold; + margin-bottom:10px; + float:left; /* Clear floats */ + width:100%; + /* Bring the nav above everything else--uncomment if needed. + position:relative; + z-index:5; + */ +} +#nav li{ + float:left; + margin-right:10px; + position:relative; +} +#nav a{ + display:block; + padding:3px; + color:#fff; + background:#333; + text-decoration:none; +} +#nav a.sel{ + display:block; + padding:3px; + color:#fff; + background:#888; + text-decoration:none; +} +#nav a:hover{ + color:#fff; + background:#5191D5; + text-decoration:underline; +} + +/*--- DROPDOWN ---*/ +#nav ul{ + background:#fff; + background:rgba(255,255,255,0); /* But! Let's make the background fully transparent where we can, we don't actually want to see it if we can help it... */ + list-style:none; + position:absolute; + left:-9999px; /* Hide off-screen when not needed (this is more accessible than display:none;) */ +} +#nav ul li{ + padding-top:1px; /* Introducing a padding between the li and the a give the illusion spaced items */ + float:none; +} +#nav ul a{ + white-space:nowrap; /* Stop text wrapping and creating multi-line dropdown items */ +} +#nav li:hover ul{ /* Display the dropdown on hover */ + left:0; /* Bring back on-screen when needed */ +} +#nav li:hover a{ /* These create persistent hover states, meaning the top-most link stays 'hovered' even when your cursor has moved down the list. */ + background:#5191D5; + text-decoration:underline; +} +#nav li:hover ul a{ /* The persistent hover state does however create a global style for links even before they're hovered. Here we undo these effects. */ + text-decoration:none; +} +#nav li:hover ul li a:hover{ /* Here we define the most explicit hover states--what happens when you hover each individual link. */ + background:#5191D5; +} + -->