* Remove snmp_clearsession. It is replaced by clearsession which supports both snmp and telnet
methods of removing a user from an access server. Add corresponding configuration directives
general_sessionclear_method and nasXX_sessionclear_method
+* Create a new function da_sql_limit() and use that to pass LIMIT arguments to the database layer
+ since the syntax is different between db vendors
Ver 1.78:
* Add a snmp_clearsession which can disconnect a user by using the Cisco AAA Session MIB
* Add a configuration directive general_sessionclear_bin
if ($config[sql_accounting_extra_query] != '')
$sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
$sql_extra_query = da_sql_escape_string($sql_extra_query);
-$query="SELECT $query_view FROM $config[sql_accounting_table] $where $sql_extra_query ORDER BY $order LIMIT $maxresults;";
+$query="SELECT da_sql_limit($maxresults,0,$config) $query_view FROM $config[sql_accounting_table]
+ $where $sql_extra_query da_sql_limit($maxresults,1,$config)
+ ORDER BY $order da_sql_limit($maxresults,2,$config);";
echo <<<EOM
<html>
$pagesize = ($pagesize) ? $pagesize : 10;
if (!is_numeric($pagesize) && $pagesize != 'all')
$pagesize = 10;
-$limit = ($pagesize == 'all') ? '' : "LIMIT $pagesize";
+$limit = ($pagesize == 'all') ? '' : "$pagesize";
$selected[$pagesize] = 'selected';
$login = ($login != '') ? $login : 'anyone';
$usercheck = ($login == 'anyone') ? "LIKE '%'" : "= '$login'";
$link = @da_sql_pconnect($config);
if ($link){
$search = @da_sql_query($link,$config,
- "SELECT * FROM $config[sql_badusers_table]
+ "SELECT da_sql_limit($limit,0,$config) * FROM $config[sql_badusers_table]
WHERE username $usercheck $extra_query AND date <= '$now_str'
- AND date >= '$prev_str' ORDER BY date $order $limit;");
+ AND date >= '$prev_str' da_sql_limit($limit,1,$config) ORDER BY date $order da_sql_limit($limit,2,$config);");
if ($search){
while( $row = @da_sql_fetch_array($search,$config) ){
$num++;
$pagesize = ($pagesize) ? $pagesize : 10;
if (!is_numeric($pagesize) && $pagesize != 'all')
$pagesize = 10;
-$limit = ($pagesize == 'all') ? '' : "LIMIT $pagesize";
+$limit = ($pagesize == 'all') ? '' : "$pagesize";
$selected[$pagesize] = 'selected';
$order = ($order != '') ? $order : $config[general_accounting_info_order];
if ($order != 'desc' && $order != 'asc')
$link = @da_sql_pconnect($config);
if ($link){
$search = @da_sql_query($link,$config,
- "SELECT acctstoptime,username,nasipaddress,nasportid,acctterminatecause,callingstationid
+ "SELECT da_sql_limit($limit,0,$config) acctstoptime,username,nasipaddress,nasportid,acctterminatecause,callingstationid
FROM $config[sql_accounting_table]
WHERE acctstoptime <= '$now_str' AND acctstoptime >= '$prev_str'
AND (acctterminatecause LIKE 'Login-Incorrect%' OR
acctterminatecause LIKE 'Invalid-User%' OR
- acctterminatecause LIKE 'Multiple-Logins%') $callerid_str $server_str $sql_extra_query
- ORDER BY acctstoptime $order $limit;");
+ acctterminatecause LIKE 'Multiple-Logins%') $callerid_str $server_str $sql_extra_query da_sql_limit($limit,1,$config)
+ ORDER BY acctstoptime $order da_sql_limit($limit,2,$config);");
if ($search){
while( $row = @da_sql_fetch_array($search,$config) ){
$num++;
$pagesize = ($pagesize) ? $pagesize : 10;
if (!is_numeric($pagesize) && $pagesize != 'all')
$pagesize = 10;
-$limit = ($pagesize == 'all') ? '' : "LIMIT $pagesize";
+$limit = ($pagesize == 'all') ? '' : "$pagesize";
$selected[$pagesize] = 'selected';
$order = ($order != '') ? $order : $config[general_accounting_info_order];
if ($order != 'desc' && $order != 'asc')
$link = @da_sql_pconnect($config);
if ($link){
$search = @da_sql_query($link,$config,
- "SELECT * FROM $config[sql_accounting_table]
+ "SELECT da_sql_limit($limit,0,$config) * FROM $config[sql_accounting_table]
WHERE username = '$login' AND acctstarttime <= '$now_str'
- AND acctstarttime >= '$prev_str' $sql_extra_query ORDER BY acctstarttime $order $limit;");
+ AND acctstarttime >= '$prev_str' $sql_extra_query da_sql_limit($limit,1,$config)
+ ORDER BY acctstarttime $order da_sql_limit($limit,2,$config);");
if ($search){
while( $row = @da_sql_fetch_array($search,$config) ){
$tr_color='white';
}
$search = @da_sql_query($link,$config,
- "SELECT * FROM $config[sql_accounting_table]
- WHERE username = '$login' AND acctstoptime IS NULL
- ORDER BY acctstarttime DESC LIMIT 1;");
+ "SELECT da_sql_limit(1,0,$config) * FROM $config[sql_accounting_table]
+ WHERE username = '$login' AND acctstoptime IS NULL da_sql_limit(1,1,$config)
+ ORDER BY acctstarttime DESC da_sql_limit(1,2,$config);");
if ($search){
if (@da_sql_num_rows($search,$config)){
$logged_now = 1;
echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
if (! $logged_now){
$search = @da_sql_query($link,$config,
- "SELECT * FROM $config[sql_accounting_table]
- WHERE username = '$login' AND acctsessiontime != '0'
- ORDER BY acctstoptime DESC LIMIT 1;");
+ "SELECT da_sql_limit(1,0,$config) * FROM $config[sql_accounting_table]
+ WHERE username = '$login' AND acctsessiontime != '0' da_sql_limit(1,1,$config)
+ ORDER BY acctstoptime DESC da_sql_limit(1,2,$config);");
if ($search){
if (@da_sql_num_rows($search,$config)){
$row = @da_sql_fetch_array($search,$config);
$pagezise = 10;
if ($pagesize > 100)
$pagesize = 100;
-$limit = ($pagesize == 'all') ? 'LIMIT 100' : "LIMIT $pagesize";
+$limit = ($pagesize == 'all') ? '100' : "$pagesize";
$selected[$pagesize] = 'selected';
$order = ($order) ? $order : $config[general_accounting_info_order];
if ($order != 'desc' && $order != 'asc')
$link = @da_sql_pconnect($config);
if ($link){
$search = @da_sql_query($link,$config,
- "SELECT * FROM $config[sql_total_accounting_table]
- WHERE acctdate >= '$start' AND acctdate <= '$stop' $server_str $login_str $sql_extra_query
- ORDER BY $order_attr $order $limit;");
+ "SELECT da_sql_limit($limit,0,$config) * FROM $config[sql_total_accounting_table]
+ WHERE acctdate >= '$start' AND acctdate <= '$stop' $server_str $login_str $sql_extra_query da_sql_limit($limit,1,$config)
+ ORDER BY $order_attr $order da_sql_limit($limit,2,$config);");
if ($search){
while( $row = @da_sql_fetch_array($search,$config) ){
<?php
+function da_sql_limit($limit,$point,$config)
+{
+ switch($point){
+ case 0:
+ return '';
+ case 1:
+ return '';
+ case 2:
+ return "LIMIT $limit";
+ }
+}
+
function da_sql_host_connect($server,$config)
{
if ($config[sql_use_http_credentials] == 'yes'){
<?php
+function da_sql_limit($limit,$point,$config)
+{
+ switch($point){
+ case 0:
+ return '';
+ case 1:
+ return '';
+ case 3:
+ return "LIMIT $limit";
+}
+
function da_sql_host_connect($server,$config)
{
if ($config[sql_use_http_credentials] == 'yes'){
<?php
// $Id$
+function da_sql_limit($limit,$point,$config)
+{
+ switch($point){
+ case 0:
+ return '';
+ case 1:
+ return "AND ROWNUM <= $limit";
+ case 2:
+ return '';
+ }
+}
+
function da_sql_host_connect($server,$config)
{
if ($config[sql_use_http_credentials] == 'yes'){
<?php
+function da_sql_limit($limit,$point,$config)
+{
+ switch($point){
+ case 0:
+ return '';
+ case 1:
+ return '';
+ case 2:
+ return "LIMIT $limit";
+ }
+}
function da_sql_host_connect($server,$config)
{
if ($config[sql_use_http_credentials] == 'yes'){
<?php
+function da_sql_limit($limit,$point,$config)
+{
+ switch($point){
+ case 0:
+ return '';
+ case 1:
+ return '';
+ case 2:
+ return "LIMIT $limit";
+ }
+}
+
function da_sql_host_connect($server,$config)
{
$retrytime = 0;
if (($search_IN == 'name' || $search_IN == 'department' || $search_IN == 'username') &&
$config[sql_use_user_info_table] == 'true'){
$res = @da_sql_query($link,$config,
- "SELECT username FROM $config[sql_user_info_table] WHERE
- lower($search_IN) LIKE '%$search%' LIMIT $max_results;");
+ "SELECT da_sql_limit($max_results,0,$config) username FROM $config[sql_user_info_table] WHERE
+ lower($search_IN) LIKE '%$search%'
+ da_sql_limit($max_results,1,$config) da_sql_limit($max_results,2,$config);");
if ($res){
while(($row = @da_sql_fetch_array($res,$config)))
$found_users[] = $row[username];
$attr = $attrmap[$radius_attr];
$attr = da_sql_escape_string($attr);
$res = @da_sql_query($link,$config,
- "SELECT username FROM $table WHERE attribute = '$attr' AND value LIKE '%$search%' LIMIT $max_results;");
+ "SELECT da_sql_limit($max_results,0,$config) username FROM $table WHERE attribute = '$attr'
+ AND value LIKE '%$search%' da_sql_limit($max_results,1,$config) da_sql_limit($max_results,2,$config);");
if ($res){
while(($row = @da_sql_fetch_array($res,$config)))
$found_users[] = $row[username];