/* FILE $Id: tclientfunc.h 6 2005-11-24 00:02:59Z ggw $ (tAuthorize.cPasswd template set member) PURPOSE AUTHOR Template and mysqlRAD2 author: (c) 2001-2004 Gary Wallis. GPL License applies, see www.fsf.org for details LICENSE included in this distribution. */ static char cPasswd[16]={""}; static char cExtLabel[16]={""}; static char cuPerm[33]={""}; static unsigned uPerm=0; //Aux drop/pull downs static char cForClientPullDown[256]={""}; static unsigned uForClient=0; unsigned IsAuthUser(char *cLabel); void PermLevelDropDown(char *cuPerm); void EncryptPasswdWithSalt(char *cPasswd,char *cSalt); void GetClientMaxParams(unsigned uClient,unsigned *uMaxSites,unsigned *uMaxIPs); char *UserLevel(unsigned uPermLevel); void GetConfiguration(char *cDefault,char *cValue,unsigned uHtml); unsigned uMaxClientsReached(unsigned uClient); void tTablePullDownResellers(int unsigned uSelector); void CheckForDependencies(void); void htmlReport(unsigned uClient); void tClientNavList(void); void ExtProcesstClientVars(pentry entries[], int x) { register int i; for(i=0;i=8) { ProcesstClientVars(entries,x); if(uPermLevel==8 && uMaxClientsReached(uLoginClient)) { mode=0; tClient("Your reseller maximum of customers has been reached"); } mode=2000; tClient(LANG_NB_CONFIRMNEW); } } else if(!strcmp(command,LANG_NB_CONFIRMNEW)) { if(uPermLevel>=8) { ProcesstClientVars(entries,x); if(uPermLevel==8 && uMaxClientsReached(uLoginClient)) { mode=0; tClient("Your reseller maximum of customers has been reached"); } if(!uForClient) uOwner=uLoginClient; else uOwner=uForClient; uClient=0; uCreatedBy=uLoginClient; uModBy=0;//Never modified NewtClient(1); } } else if(!strcmp(command,LANG_NB_DELETE)) { ProcesstClientVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>=8 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel>7 && uReseller==uLoginClient) ) { CheckForDependencies(); mode=2001; tClient(LANG_NB_CONFIRMDEL); } } else if(!strcmp(command,LANG_NB_CONFIRMDEL)) { ProcesstClientVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>=8 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel>7 && uReseller==uLoginClient) ) { CheckForDependencies(); mode=2001; sprintf(query,"DELETE FROM tAuthorize WHERE cLabel='%s'",cLabel); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tClient(mysql_error(&mysql)); mode=5; DeletetClient(); } } else if(!strcmp(command,LANG_NB_MODIFY)) { ProcesstClientVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>=8 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel>7 && uReseller==uLoginClient) ) { mode=2002; tClient(LANG_NB_CONFIRMMOD); } } else if(!strcmp(command,LANG_NB_CONFIRMMOD)) { ProcesstClientVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>=8 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel>7 && uReseller==uLoginClient) ) { uModBy=uLoginClient; if(uForClient) uOwner=uForClient; ModtClient(); } } else if(!strcmp(command,"Authorize")) { //Level 8! ProcesstClientVars(entries,x); if( uClient && (uPermLevel>9 || (uPermLevel>7 && uOwner==uLoginClient))) { mode=3000; tClient("Enter passwd, user level and confirm"); } } else if(!strcmp(command,"Confirm Authorize")) { ProcesstClientVars(entries,x); if( uClient && (uPermLevel>9 || (uPermLevel>7 && uOwner==uLoginClient))) { time_t clock; time(&clock); if(strlen(cPasswd)<6) { mode=3000; tClient("Passwd must be at least 6 chars!"); } if(uPerm<7 || uPerm>12) { mode=3000; sprintf(query,"uPerm level error:%u",uPerm); tClient(query); } //Disallow Reseller level (8) from granting more than //Customer level permissions (7) if(uPerm>7 && uPermLevel<10) uPerm=7; //Disallow Admin level (10) users from granting //more than Reseller level permissions (8) if(uPerm>8 && uPermLevel<12) uPerm=8; EncryptPasswdWithSalt(cPasswd,".."); sprintf(query,"INSERT INTO tAuthorize SET cLabel='%s', uPerm=%u, uCertClient=%u, cPasswd='%s', uOwner=%u, uCreatedBy=%u, uCreatedDate=%lu, uModDate=0, cIPMask='0.0.0.0'", TextAreaSave(cLabel) ,uPerm ,uClient ,cPasswd ,uLoginClient ,uLoginClient ,(long unsigned)clock ); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tClient(mysql_error(&mysql)); tClient("Subclient authorized"); } }//Confirm auth else if(!strcmp(command,"Report")) { ProcesstClientVars(entries,x); if( uPermLevel>=10 && uClient) { htmlReport(uClient); } } } }//void ExttClientCommands(pentry entries[], int x) void ExttClientButtons(void) { printf("\n"); printf("\n"); printf("
"); printf(""); printf(""); switch(mode) { case 2000: printf("Enter required data
"); if(uPermLevel>7) { printf("

Create for customer
"); tTablePullDownResellers(uForClient); } printf("
"); printf(LANG_NBB_CONFIRMNEW); printf("
\n"); break; case 2001: printf(""); printf(LANG_NBB_CONFIRMDEL); printf("
\n"); break; case 2002: printf("Review record data
"); if(uPermLevel>7) { printf("

Change uOwner
"); tTablePullDownResellers(uForClient); } printf("
"); printf(LANG_NBB_CONFIRMMOD); printf("
\n"); break; case 3000: if(uPermLevel>7) PermLevelDropDown(cuPerm); printf("
Passwd "); printf(""); printf(""); break; default: if(uClient && uPermLevel>7 && uClient!=uLoginClient && !IsAuthUser(cLabel) &&mode!=5 ) { printf(""); printf("
"); } if(uClient && uPermLevel>=10) { printf(""); printf("
"); } printf(""); printf("

Authorized Clients
\n"); tClientNavList(); } printf("

\n"); }//void ExttClientButtons(void) void ExttClientAuxTable(void) { }//void ExttClientAuxTable(void) void ExttClientGetHook(entry gentries[], int x) { register int i; for(i=0;i=9) sprintf(query,"SELECT %s FROM tClient ORDER BY cLabel",VAR_LIST_tClient); else sprintf(query,"SELECT %s FROM tClient WHERE uOwner=%u OR uClient=%u ORDER BY cLabel",VAR_LIST_tClient,uLoginClient,uLoginClient); }//void ExttClientSelect(void) void ExttClientSelectRow(void) { if(uPermLevel<10) sprintf(query,"SELECT %s FROM tClient WHERE (uOwner=%u OR uClient=%u) AND uClient=%u", VAR_LIST_tClient, uLoginClient,uLoginClient,uClient); else sprintf(query,"SELECT %s FROM tClient WHERE uClient=%u", VAR_LIST_tClient,uClient); }//void ExttClientSelectRow(void) void ExttClientListSelect(void) { char cCat[512]; if(uPermLevel<10) sprintf(query,"SELECT %s FROM tClient WHERE (tClient.uOwner=%u OR tClient.uClient=%u)", VAR_LIST_tClient, uLoginClient, uLoginClient); else sprintf(query,"SELECT %s FROM tClient", VAR_LIST_tClient); //Changes here must be reflected below in ExttClientListFilter() if(!strcmp(filter,"uClient")) { sscanf(command,"%u",&uClient); if(uPermLevel<10) strcat(query," AND "); else strcat(query," WHERE "); sprintf(cCat,"uClient=%u ORDER BY uClient", uClient); strcat(query,cCat); } else if(1) { //None NO FILTER strcpy(filter,"None"); strcat(query," ORDER BY uClient"); } }//void ExttClientListSelect(void) void ExttClientListFilter(void) { //Filter printf("Select "); printf(""); }//void ExttClientListFilter(void) void ExttClientNavBar(void) { if(uOwner) GetClientOwner(uOwner,&uReseller); printf(LANG_NBB_SKIPFIRST); printf(LANG_NBB_SKIPBACK); printf(LANG_NBB_SEARCH); if(uPermLevel>=8) printf(LANG_NBB_NEW); if( (uPermLevel>=8 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel>7 && uReseller==uLoginClient) ) printf(LANG_NBB_MODIFY); if( (uPermLevel>=8 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel>7 && uReseller==uLoginClient) ) printf(LANG_NBB_DELETE); printf(LANG_NBB_LIST); printf(LANG_NBB_SKIPNEXT); printf(LANG_NBB_SKIPLAST); }//void ExttClientNavBar(void) //TODO make into recursive function void tClientNavList(void) { MYSQL_RES *res; MYSQL_ROW field; MYSQL_RES *res2; MYSQL_ROW field2; MYSQL_RES *res3; MYSQL_ROW field3; unsigned uLocalClient=0; unsigned uPerm=0; char *cMarker; //First select root clients, that is clients owned by themselves if(uPermLevel>9) { sprintf(query,"SELECT uClient,cLabel FROM tClient WHERE uOwner=uClient"); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return; } res=mysql_store_result(&mysql); while((field=mysql_fetch_row(res))) { sscanf(field[0],"%u",&uLocalClient); if((uPerm=IsAuthUser(field[1]))) { if(uLocalClient==uLoginClient) cMarker="*"; else cMarker="ª"; printf("%s%s (%s)
\n",field[0],cMarker,field[1],UserLevel(uPerm)); } else { printf("%s
\n",field[0],field[1]); } //Sub select reseller sprintf(query,"SELECT tClient.uClient,tClient.cLabel FROM tClient,tAuthorize WHERE tClient.uClient=tAuthorize.uCertClient AND tAuthorize.uPerm=8 AND tClient.uOwner=%u", uLocalClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return; } res2=mysql_store_result(&mysql); while((field2=mysql_fetch_row(res2))) { sscanf(field2[0],"%u",&uLocalClient); if((uPerm=IsAuthUser(field2[1]))) { if(uLocalClient==uLoginClient) cMarker="*"; else cMarker="ª"; printf("  %s%s (%s)
\n",field2[0],cMarker,field2[1],UserLevel(uPerm)); } else { printf("  %s
\n",field2[0],field2[1]); } //Sub select end-user customer sprintf(query,"SELECT tClient.uClient,tClient.cLabel FROM tClient,tAuthorize WHERE tClient.uClient=tAuthorize.uCertClient AND tAuthorize.uPerm=7 AND tClient.uOwner=%u", uLocalClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return; } res3=mysql_store_result(&mysql); while((field3=mysql_fetch_row(res3))) { sscanf(field3[0],"%u",&uLocalClient); if((uPerm=IsAuthUser(field3[1]))) { if(uLocalClient==uLoginClient) cMarker="*"; else cMarker="ª"; printf("    %s%s (%s)
\n",field3[0],cMarker,field3[1],UserLevel(uPerm)); } else { printf("    %s
\n",field3[0],field3[1]); } }//sub select customer mysql_free_result(res3); }//sub select reseller mysql_free_result(res2); } mysql_free_result(res); } else { sprintf(query,"SELECT uClient,cLabel FROM tClient WHERE uClient=%u",uLoginClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return; } res=mysql_store_result(&mysql); while((field=mysql_fetch_row(res))) { sscanf(field[0],"%u",&uLocalClient); if((uPerm=IsAuthUser(field[1]))) { if(uLocalClient==uLoginClient) cMarker="*"; else cMarker="ª"; printf("%s%s (%s)
\n",field[0],cMarker,field[1],UserLevel(uPerm)); } else { printf("%s
\n",field[0],field[1]); } //Sub select end-user customer sprintf(query,"SELECT tClient.uClient,tClient.cLabel FROM tClient,tAuthorize WHERE tClient.uClient=tAuthorize.uCertClient AND tAuthorize.uPerm=7 AND tClient.uOwner=%u", uLocalClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return; } res3=mysql_store_result(&mysql); while((field3=mysql_fetch_row(res3))) { sscanf(field3[0],"%u",&uLocalClient); if((uPerm=IsAuthUser(field3[1]))) { if(uLocalClient==uLoginClient) cMarker="*"; else cMarker="ª"; printf("    %s%s (%s)
\n",field3[0],cMarker,field3[1],UserLevel(uPerm)); } else { printf("    %s
\n",field3[0],field3[1]); } }//sub select customer mysql_free_result(res3); }//outside reseller select mysql_free_result(res); } }//void tClientNavList(void) unsigned IsAuthUser(char *cLabel) { unsigned uRetVal=0; MYSQL_RES *res; MYSQL_ROW field; sprintf(query,"SELECT uPerm FROM tAuthorize WHERE cLabel='%s'",cLabel); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return(0); } res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) sscanf(field[0],"%u",&uRetVal); mysql_free_result(res); return(uRetVal); }//unsigned IsAuthUser(char *cLabel) void PermLevelDropDown(char *cuPerm) { printf("User Level "); printf("\n"); }//void PermLevelDropDown(char *cuPerm) unsigned uMaxClientsReached(unsigned uClient) { MYSQL_RES *res; MYSQL_ROW field; unsigned uRetVal=1; unsigned uMaxClients=0; unsigned uClients=0; sprintf(query,"SELECT uMaxClients FROM tClient WHERE uClient=%u",uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tClient(mysql_error(&mysql)); res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) sscanf(field[0],"%u",&uMaxClients); mysql_free_result(res); sprintf(query,"SELECT COUNT(uClient) FROM tClient WHERE uOwner=%u",uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tClient(mysql_error(&mysql)); res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) sscanf(field[0],"%u",&uClients); mysql_free_result(res); if(uClients0) { printf("\n"); } printf("\n"); }//tTablePullDownResellers() void CheckForDependencies(void) { MYSQL_RES *res; sprintf(query,"SELECT uUser FROM tUser WHERE uOwner=%u OR uCreatedBy=%u",uClient,uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tClient(mysql_error(&mysql)); res=mysql_store_result(&mysql); if(mysql_num_rows(res)) tClient("Can't delete client with users"); mysql_free_result(res); sprintf(query,"SELECT uDomain FROM tDomain WHERE uOwner=%u OR uCreatedBy=%u",uClient,uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tClient(mysql_error(&mysql)); res=mysql_store_result(&mysql); if(mysql_num_rows(res)) tClient("Can't delete client with domain"); mysql_free_result(res); sprintf(query,"SELECT uClient FROM tClient WHERE uOwner=%u OR uCreatedBy=%u",uClient,uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tClient(mysql_error(&mysql)); res=mysql_store_result(&mysql); if(mysql_num_rows(res)) tClient("Can't delete client with sub clients"); mysql_free_result(res); }//void CheckForDependencies(void) void htmlReport(unsigned uClient) { MYSQL_RES *res; MYSQL_ROW field; char cPrevLabel[33]={"*"}; unsigned register uSubCount=0; unsigned register uCount=0; sprintf(query,"SELECT tUser.cLogin,tClient.cLabel FROM tUser,tClient WHERE tUser.uOwner=tClient.uClient AND (tUser.uOwner=%u OR tClient.uOwner=%u)",uClient,uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tClient(mysql_error(&mysql)); res=mysql_store_result(&mysql); printf("Content-type: text/plain\n\n"); printf("Resource Report for: %s(%u)\n",cLabel,uClient); printf("Part 1 tUser\n\n"); while((field=mysql_fetch_row(res))) { if(strcmp(cPrevLabel,field[1])) { printf("%s:\n",field[1]); sprintf(cPrevLabel,"%.32s",field[1]); uSubCount++; } printf("\t%s\n",field[0]); uCount++; } mysql_free_result(res); printf("\n\nPart 1 tUser Summary\n%u tUsers for %u tClients\n\n",uCount,uSubCount); uSubCount=0; uCount=0; strcpy(cPrevLabel,"*"); sprintf(query,"SELECT tDomain.cDomain,tClient.cLabel FROM tDomain,tClient WHERE tDomain.uOwner=tClient.uClient AND (tDomain.uOwner=%u OR tClient.uOwner=%u)",uClient,uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s\n",mysql_error(&mysql)); exit(1); } res=mysql_store_result(&mysql); printf("Part 2 tDomain\n\n"); while((field=mysql_fetch_row(res))) { if(strcmp(cPrevLabel,field[1])) { printf("%s:\n",field[1]); sprintf(cPrevLabel,"%.32s",field[1]); uSubCount++; } printf("\t%s\n",field[0]); uCount++; } mysql_free_result(res); printf("\nPart 2 tDomain Summary\n%u tDomains for %u tClients\n\n",uCount,uSubCount); uSubCount=0; uCount=0; strcpy(cPrevLabel,"*"); sprintf(query,"SELECT tAccess.cDomainIP,tClient.cLabel FROM tAccess,tClient WHERE tAccess.uOwner=tClient.uClient AND (tAccess.uOwner=%u OR tClient.uOwner=%u)",uClient,uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s\n",mysql_error(&mysql)); exit(1); } res=mysql_store_result(&mysql); printf("Part 3 tAccess\n\n"); while((field=mysql_fetch_row(res))) { if(strcmp(cPrevLabel,field[1])) { printf("%s:\n",field[1]); sprintf(cPrevLabel,"%.32s",field[1]); uSubCount++; } printf("\t%s\n",field[0]); uCount++; } mysql_free_result(res); printf("\nPart 3 tAccess Summary\n%u tAccess DomainIPs for %u tClients\n\n",uCount,uSubCount); uSubCount=0; uCount=0; strcpy(cPrevLabel,"*"); sprintf(query,"SELECT tLocal.cDomain,tClient.cLabel FROM tLocal,tClient WHERE tLocal.uOwner=tClient.uClient AND (tLocal.uOwner=%u OR tClient.uOwner=%u)",uClient,uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s\n",mysql_error(&mysql)); exit(1); } res=mysql_store_result(&mysql); printf("Part 4 tLocal\n\n"); while((field=mysql_fetch_row(res))) { if(strcmp(cPrevLabel,field[1])) { printf("%s:\n",field[1]); sprintf(cPrevLabel,"%.32s",field[1]); uSubCount++; } printf("\t%s\n",field[0]); uCount++; } mysql_free_result(res); printf("\nPart 4 tLocal Summary\n%u tLocal Domains for %u tClients\n\n",uCount,uSubCount); uSubCount=0; uCount=0; strcpy(cPrevLabel,"*"); sprintf(query,"SELECT tVUT.cDomain,tClient.cLabel FROM tVUT,tClient WHERE tVUT.uOwner=tClient.uClient AND (tVUT.uOwner=%u OR tClient.uOwner=%u)",uClient,uClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s\n",mysql_error(&mysql)); exit(1); } res=mysql_store_result(&mysql); printf("Part 5 tVUT\n\n"); while((field=mysql_fetch_row(res))) { if(strcmp(cPrevLabel,field[1])) { printf("%s:\n",field[1]); sprintf(cPrevLabel,"%.32s",field[1]); uSubCount++; } printf("\t%s\n",field[0]); uCount++; } mysql_free_result(res); printf("\nPart 5 tVUT Summary\n%u tVUTs for %u tClients\n\n",uCount,uSubCount); printf("\n\nEnd.\n"); exit(0); }//void htmlReport(unsigned uClient) //sedall patch1 //sedall patch2