Portions created by the Initial Developer are Copyright (C) 2018 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //includes require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; //check permissions if (!permission_exists('access_control_node_add') && !permission_exists('access_control_node_edit')) { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //action add or update if (is_uuid($_REQUEST["id"])) { $action = "update"; $access_control_node_uuid = $_REQUEST["id"]; } else { $action = "add"; } //set the parent uuid if (is_uuid($_GET["access_control_uuid"])) { $access_control_uuid = $_GET["access_control_uuid"]; } //get http post variables and set them to php variables if (count($_POST)>0) { $node_type = $_POST["node_type"]; $node_cidr = $_POST["node_cidr"]; $node_domain = $_POST["node_domain"]; $node_description = $_POST["node_description"]; } if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //get the uuid if ($action == "update" && is_uuid($_POST["access_control_node_uuid"])) { $access_control_node_uuid = $_POST["access_control_node_uuid"]; } //validate the token $token = new token; if (!$token->validate($_SERVER['PHP_SELF'])) { message::add($text['message-invalid_token'],'negative'); header('Location: access_controls.php'); exit; } //check for all required data $msg = ''; if (strlen($node_type) == 0) { $msg .= $text['message-required']." ".$text['label-node_type']."
\n"; } //if (strlen($node_cidr) == 0) { $msg .= $text['message-required']." ".$text['label-node_cidr']."
\n"; } //if (strlen($node_domain) == 0) { $msg .= $text['message-required']." ".$text['label-node_domain']."
\n"; } //if (strlen($node_description) == 0) { $msg .= $text['message-required']." ".$text['label-node_description']."
\n"; } // check IPv4 and IPv6 CIDR notation $pattern4 = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/'; $pattern6 = '/^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))$/'; if ($node_cidr != '' && (preg_match($pattern4, $node_cidr) == 0) && (preg_match($pattern6, $node_cidr) == 0)) { $msg .= $text['message-required']." ".$text['label-node_cidr']."
\n"; } if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; require_once "resources/persist_form_var.php"; echo "

\n"; echo "

\n"; echo $msg."
"; echo "

\n"; persistformvar($_POST); echo "

\n"; require_once "resources/footer.php"; return; } //add or update the database if ($_POST["persistformvar"] != "true") { if ($action == "add" && permission_exists('access_control_node_add')) { //insert $array['access_control_nodes'][0]['access_control_node_uuid'] = uuid(); $array['access_control_nodes'][0]['access_control_uuid'] = $access_control_uuid; $array['access_control_nodes'][0]['node_type'] = $node_type; $array['access_control_nodes'][0]['node_cidr'] = $node_cidr; $array['access_control_nodes'][0]['node_domain'] = $node_domain; $array['access_control_nodes'][0]['node_description'] = $node_description; $database = new database; $database->app_name = 'access_controls'; $database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd'; $database->save($array); unset($array); //clear the cache $cache = new cache; $cache->delete("configuration:acl.conf"); //create the event socket connection $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); if ($fp) { event_socket_request($fp, "api reloadacl"); } //add the message message::add($text['message-add']); //redirect the browser header('Location: access_control_edit.php?id='.escape($access_control_uuid)); return; } //if ($action == "add") if ($action == "update" && permission_exists('access_control_node_edit')) { //update $array['access_control_nodes'][0]['access_control_node_uuid'] = $access_control_node_uuid; $array['access_control_nodes'][0]['access_control_uuid'] = $access_control_uuid; $array['access_control_nodes'][0]['node_type'] = $node_type; $array['access_control_nodes'][0]['node_cidr'] = $node_cidr; $array['access_control_nodes'][0]['node_domain'] = $node_domain; $array['access_control_nodes'][0]['node_description'] = $node_description; $database = new database; $database->app_name = 'access_controls'; $database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd'; $database->save($array); unset($array); //clear the cache $cache = new cache; $cache->delete("configuration:acl.conf"); //create the event socket connection $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); if ($fp) { event_socket_request($fp, "api reloadacl"); } //add the message message::add($text['message-update']); //redirect the browser header('Location: access_control_edit.php?id='.escape($access_control_uuid)); return; } //if ($action == "update") } //if ($_POST["persistformvar"] != "true") } //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) //pre-populate the form if (count($_GET) > 0 && $_POST["persistformvar"] != "true" && is_uuid($_GET["id"])) { $access_control_node_uuid = $_GET["id"]; $sql = "select * from v_access_control_nodes "; $sql .= "where access_control_node_uuid = :access_control_node_uuid "; $parameters['access_control_node_uuid'] = $access_control_node_uuid; $database = new database; $row = $database->select($sql, $parameters, 'row'); if (is_array($row) && sizeof($row) != 0) { $node_type = $row["node_type"]; $node_cidr = $row["node_cidr"]; $node_domain = $row["node_domain"]; $node_description = $row["node_description"]; } unset($sql, $parameters, $row); } //create token $object = new token; $token = $object->create($_SERVER['PHP_SELF']); //show the header $document['title'] = $text['title-access_control_node']; require_once "resources/header.php"; //show the content echo "

\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo " \n"; echo " \n"; echo " "; echo "

".$text['title-access_control_node']."	\n"; echo " "; echo " "; echo "
\n"; echo " ".$text['label-node_type']."\n"; echo "	\n"; echo " \n"; echo " \n"; echo $text['description-node_type']."\n"; echo "
\n"; echo " ".$text['label-node_cidr']."\n"; echo "	\n"; echo " \n"; echo " \n"; echo $text['description-node_cidr']."\n"; echo "
\n"; echo " ".$text['label-node_domain']."\n"; echo "	\n"; echo " \n"; echo " \n"; echo $text['description-node_domain']."\n"; echo "
\n"; echo " ".$text['label-node_description']."\n"; echo "	\n"; echo " \n"; echo " \n"; echo $text['description-node_description']."\n"; echo "
\n"; echo " \n"; if ($action == "update") { echo " \n"; } echo " \n"; echo " \n"; echo "

"; echo "

"; echo "

"; //include the footer require_once "resources/footer.php"; ?>