dialup_admin/htdocs/badusers.php3

   1 <?php
   2 require('../conf/config.php3');
   3 require('../lib/functions.php3');
   4 ?>
   5 <html>
   6 <?php
   7
   8 if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php3"))
   9         include_once("../lib/sql/drivers/$config[sql_type]/functions.php3");
  10 else{
  11         echo <<<EOM
  12 <title>Unauthorized Service Usage History for $login</title>
  13 <meta http-equiv="Content-Type" content="text/html; charset=$config[general_charset]">
  14 <link rel="stylesheet" href="style.css">
  15 </head>
  16 <body bgcolor="#80a040" background="images/greenlines1.gif" link="black" alink="black">
  17 <center>
  18 <b>Could not include SQL library functions. Aborting</b>
  19 </body>
  20 </html>
  21 EOM;
  22         exit();
  23 }
  24
  25 $now = time();
  26 $now_str = ($now_str != '') ? "$now_str" : date($config[sql_date_format],$now + 86400);
  27 $prev_str = ($prev_str != '') ? "$prev_str" : "0001-01-01 00:00:00";
  28
  29 $now_str = da_sql_escape_string($now_str);
  30 $prev_str = da_sql_escape_string($prev_str);
  31
  32 $num = 0;
  33 $pagesize = ($pagesize) ? $pagesize : 10;
  34 if (!is_numeric($pagesize) && $pagesize != 'all')
  35         $pagesize = 10;
  36 $limit = ($pagesize == 'all') ? '' : "LIMIT $pagesize";
  37 $selected[$pagesize] = 'selected';
  38 $login = ($login != '') ? $login : 'anyone';
  39 $usercheck = ($login == 'anyone') ? "LIKE '%'" : "= '$login'";
  40 $order = ($order != '') ? $order : $config[general_accounting_info_order];
  41 if ($order != 'desc' && $order != 'asc')
  42         $order = 'desc';
  43 $selected[$order] = 'selected';
  44
  45 echo <<<EOM
  46 <head>
  47 <title>Unauthorized Service Usage History for $login</title>
  48 <meta http-equiv="Content-Type" content="text/html; charset=$config[general_charset]">
  49 <link rel="stylesheet" href="style.css">
  50 </head>
  51 <body bgcolor="#80a040" background="images/greenlines1.gif" link="black" alink="black">
  52 <center>
  53 <table border=0 width=550 cellpadding=0 cellspacing=0>
  54 <tr valign=top>
  55 <td align=center><img src="images/title2.gif"></td>
  56 </tr>
  57 </table>
  58 EOM;
  59
  60 if ($login != 'anyone'){
  61         echo <<<EOM
  62 <table border=0 width=400 cellpadding=0 cellspacing=2>
  63 EOM;
  64
  65 include("../html/user_toolbar.html.php3");
  66
  67 print <<<EOM
  68 </table>
  69 EOM;
  70 }
  71
  72 if ($do_delete == 1 && ($row_id != 0 && is_numeric($row_id))){
  73 $link = @da_sql_connect($config);
  74 if ($link){
  75         $search = @da_sql_query($link,$config,
  76         "SELECT id,admin FROM $config[sql_badusers_table]
  77         WHERE id = '$row_id';");
  78         if ($search){
  79                 $row = @da_sql_fetch_array($search,$config);
  80                 if ($row[id] == $row_id){
  81                         $admin = "$row[admin]";
  82                         if (($admin != '-' && $HTTP_SERVER_VARS["PHP_AUTH_USER"] == $admin) || $admin == '-'){
  83                                 $sql_servers = array();
  84                                 if ($config[sql_extra_servers] != '')
  85                                         $sql_servers = explode(' ',$config[sql_extra_servers]);
  86                                 $sql_servers[] = $config[sql_server];
  87                                 foreach ($sql_servers as $server){
  88                                         $link2 = @da_sql_host_connect($server,$config);
  89                                         if ($link2){
  90                                                 $r = da_sql_query($link2,$config,
  91                                                 "DELETE FROM $config[sql_badusers_table]
  92                                                 WHERE id = '$row_id';");
  93                                                 if (!$r)
  94                                                         echo "<b>SQL Error:" . da_sql_error($link2,$config) . "</b><br>\n";
  95                                                 @da_sql_close($link2,$config);
  96                                         }
  97                                         else
  98                                                 echo "<b>SQL Error: Could not connect to SQL database: $server</b><br>\n";
  99                                 }
 100                         }
 101                 }
 102         }
 103         else
 104                 echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
 105         @da_sql_close($link,$config);
 106 }
 107 else
 108         echo "<b>Could not connect to SQL database</b><br>\n";
 109 }
 110
 111 echo <<<EOM
 112 <br><br>
 113 <table border=0 width=740 cellpadding=1 cellspacing=1>
 114 <tr valign=top>
 115 <td width=55%></td>
 116 <td bgcolor="black" width=45%>
 117         <table border=0 width=100% cellpadding=2 cellspacing=0>
 118         <tr bgcolor="#907030" align=right valign=top><th>
 119         <font color="white">Unauthorized Service Usage History for $login</font>&nbsp;
 120         </th></tr>
 121         </table>
 122 </td></tr>
 123 <tr bgcolor="black" valign=top><td colspan=2>
 124         <table border=0 width=100% cellpadding=12 cellspacing=0 bgcolor="#ffffd0" valign=top>
 125         <tr><td>
 126 <b>$prev_str</b> up to <b>$now_str</b>
 127 <form action="badusers.php3" method="get" name="master">
 128 <input type=hidden name=do_delete value=0>
 129 <input type=hidden name=row_id value=0>
 130 EOM;
 131 ?>
 132
 133 <p>
 134         <table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
 135         <tr bgcolor="#d0ddb0">
 136         <th>#</th><th>user</th><th>date</th><th>admin</th><th>reason</th><th>administrator action</th>
 137         </tr>
 138
 139 <?php
 140 $auth_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
 141 if ($config[general_restrict_badusers_access] == 'yes'){
 142         $auth_user = da_sql_escape_string($auth_user);
 143         $extra_query = "AND admin == '$auth_user'";
 144 }
 145 $link = @da_sql_pconnect($config);
 146 if ($link){
 147         $search = @da_sql_query($link,$config,
 148         "SELECT * FROM $config[sql_badusers_table]
 149         WHERE UserName $usercheck $extra_query AND Date <= '$now_str'
 150         AND Date >= '$prev_str' ORDER BY Date $order $limit;");
 151         if ($search){
 152                 while( $row = @da_sql_fetch_array($search,$config) ){
 153                         $num++;
 154                         $id = $row[id];
 155                         $user = "$row[userName]";
 156                         $date = "$row[date]";
 157                         $reason = "$row[reason]";
 158                         $admin = "$row[admin]";
 159                         if ($admin == $auth_user || $admin == '-')
 160         $action = "<td><input type=submit class=button value=\"Delete\" OnClick=\"this.form.do_delete.value=1;this.form.row_id.value=$id\"></td>";
 161                         else
 162                                 $action = "<td>-</td>";
 163                         if ($admin == '')
 164                                 $admin = '-';
 165                         if ($reason == '')
 166                                 $reason = '-';
 167                         echo <<<EOM
 168                         <tr align=center>
 169                                 <td>$num</td>
 170                                 <td><a href="user_admin.php3?login=$user" title="Edit user $user">$user</a></td>
 171                                 <td>$date</td>
 172                                 <td>$admin</td>
 173                                 <td>$reason</td>
 174                                 $action
 175                         </tr>
 176 EOM;
 177                 }
 178         }
 179         else
 180                 echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
 181 }
 182 else
 183         echo "<b>Could not connect to SQL database</b><br>\n";
 184 echo <<<EOM
 185         </table>
 186 <tr><td>
 187 <hr>
 188 <tr><td align="center">
 189         <table border=0>
 190                 <tr><td colspan=6></td>
 191                         <td rowspan=3 valign="bottom">
 192                                 <small>
 193                                 the <b>from</b> date matches any login after the 00:00 that day,
 194                                 and the <b>to</b> date any login before the 23:59 that day.
 195                                 the default values shown are the <b>current week</b>.
 196                         </td>
 197                 </tr>
 198                 <tr valign="bottom">
 199                         <td><small><b>user</td><td><small><b>from date</td><td><small><b>to date</td><td><small><b>pagesize</td><td><b>order</td>
 200 &nbsp;</td>
 201         <tr valign="middle"><td>
 202 <input type="text" name="login" size="11" value="$login"></td>
 203 <td><input type="text" name="prev_str" size="11" value="$prev_str"></td>
 204 <td><input type="text" name="now_str" size="11" value="$now_str"></td>
 205 <td><select name="pagesize">
 206 <option $selected[5] value="5" >05
 207 <option $selected[10] value="10">10
 208 <option $selected[15] value="15">15
 209 <option $selected[20] value="20">20
 210 <option $selected[40] value="40">40
 211 <option $selected[80] value="80">80
 212 <option $selected[all] value="all">all
 213 </select>
 214 </td>
 215 <td><select name="order">
 216 <option $selected[asc] value="asc">older first
 217 <option $selected[desc] value="desc">recent first
 218 </select>
 219 </td>
 220 EOM;
 221 ?>
 222
 223 <td><input type="submit" class=button value="show"></td></tr>
 224 </table></td></tr></form>
 225 </table>
 226 </tr>
 227 </table>
 228 </body>
 229 </html>