html/pages/edituser.inc.php

<?php

include("includes/javascript-interfacepicker.inc.php");

echo("<div style='margin: 10px;'>");

if ($_SESSION['userlevel'] != '10') { include("includes/error-no-perm.inc.php"); } else
{
  if ($_GET['user_id'])
  {
    $user_data = dbFetchRow("SELECT * FROM users WHERE user_id = ?", array($_GET['user_id']));
      echo("<p><h2>" . $user_data['realname'] . "</h2><a href='?page=edituser'>Change...</a></p>");
    // Perform actions if requested

    if ($_GET['action'] == "deldevperm")
    {
      if (dbFetchCell("SELECT COUNT(*) FROM devices_perms WHERE `device_id` = ? AND `user_id` = ?", array($_GET['device_id'] ,$_GET['user_id'])))
      {
        dbDelete('devices_perms', "`device_id` =  ? AND `user_id` = ?", array($_GET['device_id'], $_GET['user_id']));
      }
    }
    if ($_GET['action'] == "adddevperm")
    {
      if (!dbFetchCell("SELECT COUNT(*) FROM devices_perms WHERE `device_id` = ? AND `user_id` = ?", array($_GET['device_id'] ,$_GET['user_id'])))
      {
        dbInsert(array('device_id' => $_GET['device_id'], 'user_id' => $_GET['user_id']), 'devices_perms');
      }
    }
    if ($_GET['action'] == "delifperm")
    {
      if (dbFetchCell("SELECT COUNT(*) FROM ports_perms WHERE `interface_id` = ? AND `user_id` = ?", array($_GET['interface_id'], $_GET['user_id'])))
      {
        dbDelete('ports_perms', "`interface_id` =  ? AND `user_id` = ?", array($_GET['interface_id'], $_GET['user_id']));
      }
    }
    if ($_GET['action'] == "addifperm")
    {
      if (!dbFetchCell("SELECT COUNT(*) FROM ports_perms WHERE `interface_id` = ? AND `user_id` = ?", array($_GET['interface_id'], $_GET['user_id'])))
      {
        dbInsert(array('interface_id' => $_GET['interface_id'], 'user_id' => $_GET['user_id']), 'ports_perms');
      }
    }
    if ($_GET['action'] == "delbillperm")
    {
      if (dbFetchCell("SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?", array($_GET['bill_id'], $_GET['user_id'])))
      {
        dbDelete('bill_perms', "`bill_id` =  ? AND `user_id` = ?", array($_GET['bill_id'], $_GET['user_id']));
      }
    }
    if ($_GET['action'] == "addbillperm")
    {
      if (!dbFetchCell("SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?", array($_GET['bill_id'], $_GET['user_id'])))
      {
        dbInsert(array('bill_id' => $_GET['bill_id'], 'user_id' => $_GET['user_id']), 'bill_perms');
      }
    }

    echo("<table width=100%><tr><td valign=top width=33%>");

    // Display devices this users has access to
    echo("<h3>Device Access</h3>");

    $device_perms = dbFetchRows("SELECT * from devices_perms as P, devices as D WHERE `user_id` = ? AND D.device_id = P.device_id", array($_GET['user_id']));
    foreach ($device_perms as $device_perm)
    {
      echo("<strong>" . $device_perm['hostname'] . " <a href='?page=edituser&action=deldevperm&user_id=" . $_GET['user_id'] . "&device_id=" . $device_perm['device_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a></strong><br />");
      $access_list[] = $device_perm['device_id'];
      $permdone = "yes";
    }

    if (!$permdone) { echo("None Configured"); }

    // Display devices this user doesn't have access to
    echo("<h4>Grant access to new device</h4>");
    echo("<form method='get' action=''>
            <input type='hidden' value='" . $_GET['user_id'] . "' name='user_id'>
            <input type='hidden' value='edituser' name='page'>
            <input type='hidden' value='adddevperm' name='action'>
            <select name='device_id' class=selector>");

    $devices = dbFetchRows("SELECT * FROM `devices` ORDER BY hostname");
    foreach ($devices as $device)
    {
      unset($done);
      foreach ($access_list as $ac) { if ($ac == $device['device_id']) { $done = 1; } }
      if (!$done)
      {
        echo("<option value='" . $device['device_id'] . "'>" . $device['hostname'] . "</option>");
      }
    }

    echo("</select> <input type='submit' name='Submit' value='Add'></form>");

    echo("</td><td valign=top width=33%>");
    echo("<h3>Interface Access</h3>");

    $interface_perms = dbFetchRows("SELECT * from ports_perms as P, ports as I, devices as D WHERE `user_id` = ? AND I.interface_id = P.interface_id AND D.device_id = I.device_id", array($_GET['user_id']));

    foreach ($interface_perms as $interface_perm)
    {
      echo("<table><tr><td><strong>".$interface_perm['hostname']." - ".$interface_perm['ifDescr']."</strong><br />".
                  "" . $interface_perm['ifAlias'] . "</td><td width=50>&nbsp;&nbsp;<a href='?page=edituser&action=delifperm&user_id=" . $_GET['user_id'] .
       "&interface_id=" . $interface_perm['interface_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a></td></tr></table>");
      $ipermdone = "yes";
    }

    if (!$ipermdone) { echo("None Configured"); }

    // Display devices this user doesn't have access to
    echo("<h4>Grant access to new interface</h4>");

    echo("<form action='' method='get'>
        <input type='hidden' value='" . $_GET['user_id'] . "' name='user_id'>
        <input type='hidden' value='edituser' name='page'>
        <input type='hidden' value='addifperm' name='action'>
        <table><tr><td>Device: </td>
         <td><select id='device' class='selector' name='device' onchange='getInterfaceList(this)'>
          <option value=''>Select a device</option>");

    foreach ($devices as $device)
    {
      unset($done);
      foreach ($access_list as $ac) { if ($ac == $device['device_id']) { $done = 1; } }
      if (!$done) { echo("<option value='" . $device['device_id']  . "'>" . $device['hostname'] . "</option>"); }
    }

    echo("</select></td></tr><tr>
       <td>Interface: </td><td><select class=selector id='interface_id' name='interface_id'>
       </select></td>
       </tr><tr></table><input type='submit' name='Submit' value='Add'></form>");

    echo("</td><td valign=top width=33%>");
    echo("<h3>Bill Access</h3>");

    $bill_perms = dbFetchRows("SELECT * from bills AS B, bill_perms AS P WHERE P.user_id = ? AND P.bill_id = B.bill_id", array($_GET['user_id']));

    foreach ($bill_perms as $bill_perm)
    {
      echo("<table><tr><td><strong>".$bill_perm['bill_name']."</strong></td><td width=50>&nbsp;&nbsp;<a href='?page=edituser&action=delbillperm&user_id=" .
        $_GET['user_id'] . "&bill_id=" . $bill_perm['bill_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a></td></tr></table>");
      $bill_access_list[] = $bill_perm['bill_id'];

      $bpermdone = "yes";
    }

    if (!$bpermdone) { echo("None Configured"); }

    // Display devices this user doesn't have access to
    echo("<h4>Grant access to new bill</h4>");
    echo("<form method='get' action=''>
            <input type='hidden' value='" . $_GET['user_id'] . "' name='user_id'>
            <input type='hidden' value='edituser' name='page'>
            <input type='hidden' value='addbillperm' name='action'>
            <select name='bill_id' class=selector>");

    $bills dbFetchRows("SELECT * FROM `bills` ORDER BY `bill_name`");
    foreach ($bills as $bill)
    {
      unset($done);
      foreach ($bill_access_list as $ac) { if ($ac == $bill['bill_id']) { $done = 1; } }
      if (!$done)
      {
        echo("<option value='" . $bill['bill_id'] . "'>" . $bill['bill_name'] . "</option>");
      }
    }

    echo("</select> <input type='submit' name='Submit' value='Add'></form>");
    echo("</td></table>");

  } else {

    $user_list = dbFetchRows("SELECT * FROM `users`");

    echo("<h3>Select a user to edit</h3>");

    echo("<form method='get' action=''>
            <input type='hidden' value='edituser' name='page'>
            <select name='user_id'>");
    foreach($user_list as $user_entry)
    {
      echo("<option value='" . $user_entry['user_id']  . "'>" . $user_entry['username'] . "</option>");
    }
    echo("</select><input type='submit' name='Submit' value='Select'></form>");
  }

}

echo("</div>");

?>
replacing <? with <?php 2009-09-07 11:07:59 +00:00			`<?php`
Updates. 2008-03-09 22:49:53 +00:00
make billing usable (shonky interface it now has!) 2010-06-21 04:18:06 +00:00			`include("includes/javascript-interfacepicker.inc.php");`

Updates. 2008-03-09 22:49:53 +00:00			`echo("<div style='margin: 10px;'>");`

restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if ($_SESSION['userlevel'] != '10') { include("includes/error-no-perm.inc.php"); } else`
			`{`
			`if ($_GET['user_id'])`
			`{`
more db* 2011-05-15 14:49:26 +00:00			`$user_data = dbFetchRow("SELECT * FROM users WHERE user_id = ?", array($_GET['user_id']));`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("<p><h2>" . $user_data['realname'] . "</h2><a href='?page=edituser'>Change...</a></p>");`
			`// Perform actions if requested`

			`if ($_GET['action'] == "deldevperm")`
			`{`
more db* 2011-05-15 14:42:30 +00:00			if (dbFetchCell("SELECT COUNT(*) FROM devices_perms WHERE `device_id` = ? AND `user_id` = ?", array($_GET['device_id'] ,$_GET['user_id'])))
code standard/cleanups 2011-03-26 19:12:24 +00:00			`{`
more db* 2011-05-15 14:42:30 +00:00			dbDelete('devices_perms', "`device_id` = ? AND `user_id` = ?", array($_GET['device_id'], $_GET['user_id']));
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`}`
add some checking to adding/removing permissions for users 2010-08-10 12:08:42 +00:00			`}`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if ($_GET['action'] == "adddevperm")`
			`{`
more db* 2011-05-15 14:42:30 +00:00			if (!dbFetchCell("SELECT COUNT(*) FROM devices_perms WHERE `device_id` = ? AND `user_id` = ?", array($_GET['device_id'] ,$_GET['user_id'])))
code standard/cleanups 2011-03-26 19:12:24 +00:00			`{`
more db* 2011-05-15 14:42:30 +00:00			`dbInsert(array('device_id' => $_GET['device_id'], 'user_id' => $_GET['user_id']), 'devices_perms');`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`}`
add some checking to adding/removing permissions for users 2010-08-10 12:08:42 +00:00			`}`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if ($_GET['action'] == "delifperm")`
			`{`
more db* 2011-05-15 14:42:30 +00:00			if (dbFetchCell("SELECT COUNT(*) FROM ports_perms WHERE `interface_id` = ? AND `user_id` = ?", array($_GET['interface_id'], $_GET['user_id'])))
code standard/cleanups 2011-03-26 19:12:24 +00:00			`{`
more db* 2011-05-15 14:42:30 +00:00			dbDelete('ports_perms', "`interface_id` = ? AND `user_id` = ?", array($_GET['interface_id'], $_GET['user_id']));
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`}`
add some checking to adding/removing permissions for users 2010-08-10 12:08:42 +00:00			`}`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if ($_GET['action'] == "addifperm")`
			`{`
more db* 2011-05-15 14:42:30 +00:00			if (!dbFetchCell("SELECT COUNT(*) FROM ports_perms WHERE `interface_id` = ? AND `user_id` = ?", array($_GET['interface_id'], $_GET['user_id'])))
code standard/cleanups 2011-03-26 19:12:24 +00:00			`{`
more db* 2011-05-15 14:42:30 +00:00			`dbInsert(array('interface_id' => $_GET['interface_id'], 'user_id' => $_GET['user_id']), 'ports_perms');`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`}`
add some checking to adding/removing permissions for users 2010-08-10 12:08:42 +00:00			`}`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if ($_GET['action'] == "delbillperm")`
			`{`
more db* 2011-05-15 14:42:30 +00:00			if (dbFetchCell("SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?", array($_GET['bill_id'], $_GET['user_id'])))
code standard/cleanups 2011-03-26 19:12:24 +00:00			`{`
more db* 2011-05-15 14:42:30 +00:00			dbDelete('bill_perms', "`bill_id` = ? AND `user_id` = ?", array($_GET['bill_id'], $_GET['user_id']));
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`}`
add some checking to adding/removing permissions for users 2010-08-10 12:08:42 +00:00			`}`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if ($_GET['action'] == "addbillperm")`
			`{`
more db* 2011-05-15 14:42:30 +00:00			if (!dbFetchCell("SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?", array($_GET['bill_id'], $_GET['user_id'])))
code standard/cleanups 2011-03-26 19:12:24 +00:00			`{`
more db* 2011-05-15 14:42:30 +00:00			`dbInsert(array('bill_id' => $_GET['bill_id'], 'user_id' => $_GET['user_id']), 'bill_perms');`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`}`
add some checking to adding/removing permissions for users 2010-08-10 12:08:42 +00:00			`}`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("<table width=100%><tr><td valign=top width=33%>");`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`// Display devices this users has access to`
			`echo("<h3>Device Access</h3>");`
Updates. 2008-03-09 22:49:53 +00:00
more db* 2011-05-15 14:42:30 +00:00			$device_perms = dbFetchRows("SELECT * from devices_perms as P, devices as D WHERE `user_id` = ? AND D.device_id = P.device_id", array($_GET['user_id']));
			`foreach ($device_perms as $device_perm)`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`{`
			`echo("<strong>" . $device_perm['hostname'] . " <a href='?page=edituser&action=deldevperm&user_id=" . $_GET['user_id'] . "&device_id=" . $device_perm['device_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a></strong><br />");`
			`$access_list[] = $device_perm['device_id'];`
			`$permdone = "yes";`
Updates. 2008-03-09 22:49:53 +00:00			`}`

restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if (!$permdone) { echo("None Configured"); }`

			`// Display devices this user doesn't have access to`
			`echo("<h4>Grant access to new device</h4>");`
			`echo("<form method='get' action=''>`
			`<input type='hidden' value='" . $_GET['user_id'] . "' name='user_id'>`
			`<input type='hidden' value='edituser' name='page'>`
			`<input type='hidden' value='adddevperm' name='action'>`
			`<select name='device_id' class=selector>");`

more db* 2011-05-15 14:42:30 +00:00			$devices = dbFetchRows("SELECT * FROM `devices` ORDER BY hostname");
			`foreach ($devices as $device)`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`{`
			`unset($done);`
			`foreach ($access_list as $ac) { if ($ac == $device['device_id']) { $done = 1; } }`
			`if (!$done)`
			`{`
			`echo("<option value='" . $device['device_id'] . "'>" . $device['hostname'] . "</option>");`
			`}`
			`}`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("</select> <input type='submit' name='Submit' value='Add'></form>");`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("</td><td valign=top width=33%>");`
			`echo("<h3>Interface Access</h3>");`
Updates. 2008-03-09 22:49:53 +00:00
more db* 2011-05-15 14:42:30 +00:00			$interface_perms = dbFetchRows("SELECT * from ports_perms as P, ports as I, devices as D WHERE `user_id` = ? AND I.interface_id = P.interface_id AND D.device_id = I.device_id", array($_GET['user_id']));
Updates. 2008-03-09 22:49:53 +00:00
more db* 2011-05-15 14:42:30 +00:00			`foreach ($interface_perms as $interface_perm)`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`{`
			`echo("<table><tr><td><strong>".$interface_perm['hostname']." - ".$interface_perm['ifDescr']."</strong><br />".`
			`"" . $interface_perm['ifAlias'] . "</td><td width=50>  <a href='?page=edituser&action=delifperm&user_id=" . $_GET['user_id'] .`
			`"&interface_id=" . $interface_perm['interface_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a></td></tr></table>");`
			`$ipermdone = "yes";`
			`}`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if (!$ipermdone) { echo("None Configured"); }`

			`// Display devices this user doesn't have access to`
			`echo("<h4>Grant access to new interface</h4>");`

			`echo("<form action='' method='get'>`
			`<input type='hidden' value='" . $_GET['user_id'] . "' name='user_id'>`
			`<input type='hidden' value='edituser' name='page'>`
			`<input type='hidden' value='addifperm' name='action'>`
			`<table><tr><td>Device: </td>`
			`<td><select id='device' class='selector' name='device' onchange='getInterfaceList(this)'>`
			`<option value=''>Select a device</option>");`

more db* 2011-05-15 14:42:30 +00:00			`foreach ($devices as $device)`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`{`
			`unset($done);`
			`foreach ($access_list as $ac) { if ($ac == $device['device_id']) { $done = 1; } }`
			`if (!$done) { echo("<option value='" . $device['device_id'] . "'>" . $device['hostname'] . "</option>"); }`
			`}`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("</select></td></tr><tr>`
			`<td>Interface: </td><td><select class=selector id='interface_id' name='interface_id'>`
			`</select></td>`
			`</tr><tr></table><input type='submit' name='Submit' value='Add'></form>");`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("</td><td valign=top width=33%>");`
			`echo("<h3>Bill Access</h3>");`
Updates. 2008-03-09 22:49:53 +00:00
more db* 2011-05-15 14:42:30 +00:00			`$bill_perms = dbFetchRows("SELECT * from bills AS B, bill_perms AS P WHERE P.user_id = ? AND P.bill_id = B.bill_id", array($_GET['user_id']));`
Updates. 2008-03-09 22:49:53 +00:00
more db* 2011-05-15 14:42:30 +00:00			`foreach ($bill_perms as $bill_perm)`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`{`
			`echo("<table><tr><td><strong>".$bill_perm['bill_name']."</strong></td><td width=50>  <a href='?page=edituser&action=delbillperm&user_id=" .`
			`$_GET['user_id'] . "&bill_id=" . $bill_perm['bill_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a></td></tr></table>");`
			`$bill_access_list[] = $bill_perm['bill_id'];`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`$bpermdone = "yes";`
Updates. 2008-03-09 22:49:53 +00:00			`}`

restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`if (!$bpermdone) { echo("None Configured"); }`

			`// Display devices this user doesn't have access to`
			`echo("<h4>Grant access to new bill</h4>");`
			`echo("<form method='get' action=''>`
			`<input type='hidden' value='" . $_GET['user_id'] . "' name='user_id'>`
			`<input type='hidden' value='edituser' name='page'>`
			`<input type='hidden' value='addbillperm' name='action'>`
			`<select name='bill_id' class=selector>");`

more db* 2011-05-15 14:42:30 +00:00			$bills dbFetchRows("SELECT * FROM `bills` ORDER BY `bill_name`");
			`foreach ($bills as $bill)`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`{`
			`unset($done);`
			`foreach ($bill_access_list as $ac) { if ($ac == $bill['bill_id']) { $done = 1; } }`
			`if (!$done)`
			`{`
			`echo("<option value='" . $bill['bill_id'] . "'>" . $bill['bill_name'] . "</option>");`
			`}`
			`}`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("</select> <input type='submit' name='Submit' value='Add'></form>");`
			`echo("</td></table>");`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`} else {`
Updates. 2008-03-09 22:49:53 +00:00
more db* 2011-05-15 14:49:26 +00:00			$user_list = dbFetchRows("SELECT * FROM `users`");
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("<h3>Select a user to edit</h3>");`
Updates. 2008-03-09 22:49:53 +00:00
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`echo("<form method='get' action=''>`
			`<input type='hidden' value='edituser' name='page'>`
			`<select name='user_id'>");`
more db* 2011-05-15 14:49:26 +00:00			`foreach($user_list as $user_entry)`
restructure/reindent/htmlfix html pages, remove dead code 2011-03-17 00:09:20 +00:00			`{`
			`echo("<option value='" . $user_entry['user_id'] . "'>" . $user_entry['username'] . "</option>");`
			`}`
			`echo("</select><input type='submit' name='Submit' value='Select'></form>");`
Updates. 2008-03-09 22:49:53 +00:00			`}`

			`}`

			`echo("</div>");`

fixes 2011-05-12 23:17:44 +00:00			`?>`