some changes

html/admin/devices/deleted.php

@@ -0,0 +1,36 @@
+<?php
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/auth.php");
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/languages/" . $language . ".php");
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
+print_device_submenu($page_url);
+?>
+<div id="cont">
+<br>
+<table class="data">
+	<tr align="center">
+		<td><b>id</b></td>
+		<td><b>Название</b></td>
+		<td><b>IP</b></td>
+		<td><b>Модель</b></td>
+		<td><b>Расположен</b></td>
+	</tr>
+<?
+$switches = get_records($db_link,'devices','deleted=1 ORDER BY ip');
+foreach ($switches as $row) {
+    print "<tr align=center>\n";
+    $cl = "data";
+    if ($row['deleted']) { $cl = "shutdown"; } else {
+        if (isset($fnagios)) {
+    	    if ($fnagios = 'DOWN') { $cl = 'down'; }
+            if ($fnagios = 'UP') { $cl = 'up'; }
+    	    }
+	}
+    print "<td class=\"$cl\"><input type=hidden name=\"id\" value=".$row['id'].">".$row['id']."</td>\n";
+    print "<td class=\"$cl\" align=left><a href=editdevice.php?id=".$row['id'].">" . $row['device_name'] . "</a></td>\n";
+    print "<td class=\"$cl\">".$row['ip']."</td>\n";
+    print "<td class=\"$cl\">" . get_vendor_name($db_link, $row['vendor_id']) . " " . get_device_model($db_link,$row['device_model_id']) . "</td>\n";
+    print "<td class=\"$cl\">" . get_building($db_link, $row['building_id']) . "(" . $row['comment'] . ")</td>\n";
+}
+?>
+</table>
+<?php require_once($_SERVER['DOCUMENT_ROOT']."/inc/footer.php"); ?>

html/admin/reports/index-full.php

@@ -66,7 +66,7 @@ $trafSQL=$trafSQL ." $sort_sql LIMIT $start,$displayed";
 print_navigation($page_url,$page,$displayed,$count_records[0],$total);
 
 print "<br><br>\n";
-print "<table class=\"data\" width=\"850\" cellspacing=\"1\" cellpadding=\"4\">\n";
+print "<table class=\"data\" cellspacing=\"1\" cellpadding=\"4\">\n";
 print "<tr align=\"center\">\n";
 print "<td ><b><a href=index-full.php?sort=login&order=$new_order>Логин</a></b></td>\n";
 print "<td ><b><a href=index-full.php?sort=ip&order=$new_order>IP</a></b></td>\n";

html/admin/reports/index.php

@@ -25,8 +25,8 @@ print_reports_submenu($page_url);
 
 <?php
 print "<br><br>\n";
-print "<table class=\"data\" width=\"650\" cellspacing=\"1\" cellpadding=\"4\">\n";
-print "<tr align=\"center\">\n";
+print "<table class=\"data\">\n";
+print "<tr class=\"info\">\n";
 print "<td ><b><a href=index.php?sort=login&order=$new_order>Логин</a></b></td>\n";
 print "<td ><b>Gate</b></td>\n";
 print "<td ><b><a href=index.php?sort=tin&order=$new_order>Входящий</a></b></td>\n";
@@ -48,15 +48,13 @@ AND User_stats.timestamp>='$date1'
 AND User_stats.timestamp<'$date2' 
 ";
 
-if ($rou !== 0) {
-    $trafSQL = $trafSQL . " AND User_list.ou_id=$rou";
-}
+if ($rou !== 0) { $trafSQL = $trafSQL . " AND User_list.ou_id=$rou"; }
 
 if ($rgateway == 0) {
     $trafSQL = $trafSQL . " GROUP by User_auth.user_id,User_stats.router_id";
-} else {
+    } else {
     $trafSQL = $trafSQL . " AND User_stats.router_id=$rgateway GROUP by User_auth.user_id,User_stats.router_id";
-}
+    }
 
 #set sort
 $trafSQL=$trafSQL ." $sort_sql";

html/admin/users/edit_alias.php

@@ -17,7 +17,8 @@ if (isset($_POST["s_remove"])) {
             delete_record($db_link, "User_auth_alias", "id=" . $val);
         }
     }
-    header("Location: " . $_SERVER["REQUEST_URI"]);
+    header("Location: " . $page_url);
+    exit;
 }
 
 if (isset($_POST['s_save'])) {
@@ -32,30 +33,29 @@ if (isset($_POST['s_save'])) {
             update_record($db_link, "User_auth_alias", "id='{$save_id}'", $new);
         }
     }
-    header("Location: " . $_SERVER["REQUEST_URI"]);
+    header("Location: " . $page_url);
     exit;
 }
 
 if (isset($_POST["s_create"])) {
     $new_alias = $_POST["s_create_alias"];
     if (isset($new_alias)) {
-        $new['alias'] = trim($new_alias);
-        $new['auth_id'] = $id;
+        $new_rec['alias'] = trim($new_alias);
+        $new_rec['auth_id'] = $id;
         LOG_INFO($db_link, "Create new alias $new_alias");
-        insert_record($db_link, "User_auth_alias", $new);
+        insert_record($db_link, "User_auth_alias", $new_rec);
     }
-    header("Location: " . $_SERVER["REQUEST_URI"]);
+    header("Location: " . $page_url);
     exit;
 }
 
-unset($_POST);
-
 require_once ($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
 
+
 ?>
 <div id="cont">
 <br>
-<form name="def" action="edit_alias.php" method="post">
+<form name="def" action="edit_alias.php?id=<?php echo $id; ?>" method="post">
 <b>Альясы для <?php print_url($auth_info['ip'],"/admin/users/editauth.php?id=$id"); ?></b> <br>
 <table class="data">
 <tr align="center">
@@ -67,6 +67,7 @@ require_once ($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
 </tr>
 <?php
 $t_User_auth_alias = get_records($db_link,'User_auth_alias',"auth_id=$id ORDER BY alias");
+if (!empty($t_User_auth_alias)) {
 foreach ( $t_User_auth_alias as $row ) {
     print "<tr align=center>\n";
     print "<td class=\"data\" style='padding:0'><input type=checkbox name=s_id[] value='{$row['id']}'></td>\n";
@@ -76,6 +77,7 @@ foreach ( $t_User_auth_alias as $row ) {
     print "<td class=\"data\"><button name='s_save[]' value='{$row['id']}'>Сохранить</button></td>\n";
     print "</tr>\n";
 }
+}
 ?>
 <tr>
 <td colspan=6>Новый альяс :<?php print "<input type=\"text\" name='s_create_alias' value='' pattern=\"^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$\">"; ?></td>

html/admin/users/edit_rules.php

@@ -43,6 +43,7 @@ if (isset($_POST["s_create"])) {
         $new['type'] = $_POST["s_new_type"];
         $new['rule'] = $new_rule;
         $new['user_id'] = $id;
+	var_dump($new);
         LOG_INFO($db_link, "Create new rule $new_rule");
         insert_record($db_link, "auth_rules", $new);
     }
@@ -59,7 +60,7 @@ require_once ($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
 ?>
 <div id="cont">
 <br>
-<form name="def" action="edit_rules.php" method="post">
+<form name="def" action="edit_rules.php?id=<?php echo $id; ?>" method="post">
 <b>Правила автоназначения адресов в <?php print_url($auth_info['login'],"/admin/users/edituser.php?id=$id"); ?></b>
 <br>
 Порядок применения: hotspot => subnet => mac => hostname => default user

html/inc/auth.php

@@ -1,31 +1,42 @@
 <?php
 require_once ($_SERVER['DOCUMENT_ROOT']."/inc/login.php");
 login($db_link);
+
+if (isset($_GET['logout'])) { session_destroy(); header("Location: /logout.php"); }
+
 // считываем текущее время
 $start_time = microtime();
 // разделяем секунды и миллисекунды (становятся значениями начальных ключей массива-списка)
 $start_array = explode(" ",$start_time);
 // это и есть стартовое время
-$start_time = $start_array[1] + $start_array[0]; 
+$start_time = $start_array[1] + $start_array[0];
 
 $page_full_url=$_SERVER['PHP_SELF'];
 $page_url_array = explode('?', $page_full_url);
-$page_url = $page_url_array[0];
-$page_url_args = $page_url_array[1];
-if (!empty($_GET['id'])) { $page_url = $page_url.'=id='.$_GET["id"]; }
-if (empty($_GET['id']) and !empty($_POST['id'])) { $page_url = $page_url.'=id='.$_POST["id"]; }
 
-if (isset($_GET['logout'])) { session_destroy(); header("Location: /logout.php"); }
+$page_url=$_SERVER["REQUEST_URI"];
+
+if (!empty($page_url_array[0])) { $page_url = $page_url_array[0]; }
+if (!empty($page_url_array[1])) { $page_url_args = $page_url_array[1]; } else { $page_url_args=''; }
+
+if (!empty($_GET['id'])) { $id = $_GET["id"]; }
+if (!empty($_POST['id'])) { $id = $_POST["id"]; }
+if (!empty($id) and !empty($page_url)) { $page_url = $page_url.'?id='.$id; }
+
+if (empty($page_url)) {
+    header("Location: /admin/index.php");
+    exit;
+    }
 
-if (isset($_GET['page'])){ $page = $_GET['page']*1; }
-if (isset($_POST['page'])){ $page = $_POST['page']*1; }
-if (!isset($page) and isset($_SESSION[$page_url]['page'])) { $page=$_SESSION[$page_url]['page']*1; }
+if (isset($_GET['page'])){ $page = $_GET['page']; }
+if (isset($_POST['page'])){ $page = $_POST['page']; }
+if (!isset($page) and isset($_SESSION[$page_url]['page'])) { $page=$_SESSION[$page_url]['page']; }
 if (!isset($page)) { $page=1; }
 
 if (!isset($default_displayed)) { $default_displayed=50; }
 
-if (isset($_POST['rows'])) { $displayed=$_POST['rows']*1; }
-if (!isset($displayed) and isset($_SESSION[$page_url]['rows'])) { $displayed=$_SESSION[$page_url]['rows']*1; }
+if (isset($_POST['rows'])) { $displayed=$_POST['rows']; }
+if (!isset($displayed) and isset($_SESSION[$page_url]['rows'])) { $displayed=$_SESSION[$page_url]['rows']; }
 if (!isset($displayed)) { $displayed=$default_displayed; }
 
 $_SESSION[$page_url]['page']=$page;

html/inc/common.php

@@ -2913,7 +2913,7 @@ function get_records_sql($db, $sql)
         LOG_ERROR($db, "Empty query! Skip command.");
         return;
 	}
-    $record = mysqli_query($db, $sql);
+    $record = mysqli_query($db, $sql) or LOG_ERROR($db, mysqli_error($db));
     $index = 0;
     $result = NULL;
     while ($rec = mysqli_fetch_array($record, MYSQLI_ASSOC)) {
@@ -2932,7 +2932,7 @@ function get_record_sql($db, $sql)
         LOG_ERROR($db, "Empty query! Skip command.");
         return;
     }
-    $record = mysqli_query($db, $sql." LIMIT 1");
+    $record = mysqli_query($db, $sql." LIMIT 1") or LOG_ERROR($db, mysqli_error($db));
     $result = NULL;
     $rec = mysqli_fetch_array($record, MYSQLI_ASSOC);
     if (!empty($rec)) {
@@ -3037,7 +3037,8 @@ function update_record($db, $table, $filter, $newvalue)
 
     $new_sql = "UPDATE $table SET $run_sql WHERE $filter";
     LOG_DEBUG($db, "Run sql: $new_sql");
-    mysqli_query($db, $new_sql);
+    $sql_result = mysqli_query($db, $new_sql);
+    if ($sql_result === false) { LOG_ERROR($db, mysqli_error($db)); return; }
     LOG_VERBOSE($db, "Change table $table WHERE $filter set $changed_log");
 }
 
@@ -3072,11 +3073,13 @@ function delete_record($db, $table, $filter)
         $changed_time = GetNowTimeString();
         $new_sql = "UPDATE $table SET deleted=1, changed=1, `changed_time`='".$changed_time."' WHERE $filter";
         LOG_DEBUG($db, "Run sql: $new_sql");
-        mysqli_query($db, $new_sql);
+        $sql_result = mysqli_query($db, $new_sql);
+        if ($sql_result === false) { LOG_ERROR($db, mysqli_error($db)); return; }
         } else {
         $new_sql = "DELETE FROM $table WHERE $filter";
         LOG_DEBUG($db, "Run sql: $new_sql");
-        mysqli_query($db, $new_sql);
+        $sql_result = mysqli_query($db, $new_sql);
+        if ($sql_result === false) { LOG_ERROR($db, mysqli_error($db)); return; }
         }
     LOG_VERBOSE($db, "Delete FROM table $table WHERE $filter $changed_log");
 }
@@ -3091,15 +3094,16 @@ function insert_record($db, $table, $newvalue)
         LOG_ERROR($db, "Create record for unknown table! Skip command.");
         return;
     }
-    if (! isset($newvalue)) {
+    if (empty($newvalue)) {
         LOG_ERROR($db, "Create record ($table) with empty data! Skip command.");
         return;
     }
+
     $changed_log = '';
     $field_list = '';
     $value_list = '';
     foreach ($newvalue as $key => $value) {
-        if (! isset($value)) { $value = ''; }
+        if (empty($value)) { $value = ''; }
         $changed_log = $changed_log . " $key => $value,";
         $field_list = $field_list . "`" . $key . "`,";
         $value = trim($value);
@@ -3113,12 +3117,12 @@ function insert_record($db, $table, $newvalue)
     $value_list = substr_replace($value_list, "", - 1);
     $new_sql = "insert into $table(" . $field_list . ") values(" . $value_list . ")";
     LOG_DEBUG($db, "Run sql: $new_sql");
-    if (mysqli_query($db, $new_sql)) {
-            $last_id = mysqli_insert_id($db);
-            LOG_VERBOSE($db, "Create record in table $table: $changed_log with id: $last_id");
-            if ($table === 'User_auth') { run_sql($db,"UPDATE User_auth SET changed=1 WHERE id=".$last_id); }
-            return $last_id;
-            }
+    $sql_result = mysqli_query($db, $new_sql);
+    if ($sql_result === false) { LOG_ERROR($db, mysqli_error($db)); return; }
+    $last_id = mysqli_insert_id($db);
+    LOG_VERBOSE($db, "Create record in table $table: $changed_log with id: $last_id");
+    if ($table === 'User_auth') { run_sql($db,"UPDATE User_auth SET changed=1 WHERE id=".$last_id); }
+    return $last_id;
 }
 
 function get_diff_rec($db, $table, $filter, $newvalue, $only_changed)

html/inc/enabledfilter.php

@@ -1,4 +1,6 @@
 <?php
+if (! defined("CONFIG")) die("Not defined");
+
 if (isset($_GET['enabled'])) { $enabled = $_GET["enabled"] * 1; }
 if (isset($_POST['enabled'])) { $enabled = $_POST["enabled"] * 1; }
 if (!isset($enabled)) {

html/inc/gatefilter.php

@@ -1,4 +1,6 @@
 <?php
+if (! defined("CONFIG")) die("Not defined");
+
 if (isset($_POST['gateway'])) { $rgateway = $_POST["gateway"] * 1; } else {
     if (isset($_SESSION[$page_url]['gateway'])) { $rgateway = $_SESSION[$page_url]['gateway']; } else { $rgateway = 0; }
     }

html/inc/idfilter.php

@@ -1,11 +1,12 @@
 <?php
-if (isset($default_id)) { $id=$default_id; }
-if (isset($_GET['id'])) { $id = $_GET["id"] * 1; }
-if (isset($_POST['id'])) { $id = $_POST["id"] * 1; }
-if (!isset($id)) {
-    if (isset($_SESSION[$page_url]['id'])) { $id = $_SESSION[$page_url]['id']*1; }
+if (! defined("CONFIG")) die("Not defined");
+
+if (empty($id) and !empty($_SESSION[$page_url]['id'])) { $id = $_SESSION[$page_url]['id']; }
+
+if (empty($id)) {
+    header("Location: /admin/index.php");
+    exit;
     }
-if (!isset($id) and isset($default_id)) { $id=$default_id; }
-if (!isset($id)) { header("Location: /admin/index.php"); }
+
 $_SESSION[$page_url]['id']=$id;
 ?>

updates/20221105/mysql_fix_aliases.sql

@@ -0,0 +1 @@
+ALTER TABLE `User_auth_alias` CHANGE `id` `id` INT(11) NOT NULL AUTO_INCREMENT, add PRIMARY KEY (`id`);