authorization has been fixed. Authorization is no longer reset when opening a direct link.

The address import script now handles dns name changes correctly.

html/admin/iplist/index.php

@@ -13,6 +13,7 @@ require_once ($_SERVER['DOCUMENT_ROOT']."/inc/iptypefilter.php");
 require_once ($_SERVER['DOCUMENT_ROOT']."/inc/dynfilter.php");
 require_once ($_SERVER['DOCUMENT_ROOT']."/inc/dhcpfilter.php");
 
+
 $sort_table = 'User_auth';
 if ($sort_field == 'login') { $sort_table = 'User_list'; }
 if ($sort_field == 'fio') { $sort_table = 'User_list'; }
@@ -50,6 +51,8 @@ if (!isset($f_search_str) and isset($_SESSION[$page_url]['search_str'])) { $f_se
 if (!isset($f_search_str)) { $f_search_str=''; }
 $_SESSION[$page_url]['search_str']=$f_search_str;
 
+$f_search=replaceSpecialChars($f_search_str);
+
 $ip_list_type_filter='';
 if ($ip_type>0) {
     //suspicious - dhcp not found 3 last days
@@ -69,7 +72,7 @@ if (!empty($f_search_str)) {
         } else {
         if (checkValidMac($f_search_str)) { $ip_where =" and mac='" . mac_dotted($f_search_str) ."'"; }
             else {
-            $ip_where =" and (mac like '" . mac_dotted($f_search_str) . "%' or login like '".$f_search_str."%' or comments like '".$f_search_str."%' or dns_name like '".$f_search_str."%' or dhcp_hostname like '".$f_search_str."%')"; 
+            $ip_where =" and (mac like '" . mac_dotted($f_search) . "%' or login like '".$f_search."%' or comments like '".$f_search."%' or dns_name like '".$f_search."%' or dhcp_hostname like '".$f_search."%')"; 
             }
         }
     }

html/inc/auth.utils.php

@@ -6,8 +6,8 @@ require_once($_SERVER['DOCUMENT_ROOT'] . "/cfg/config.php");
 require_once($_SERVER['DOCUMENT_ROOT'] . "/inc/sql.php");
 require_once($_SERVER['DOCUMENT_ROOT'] . "/inc/common.php");
 
-ini_set('session.use_trans_sid', true);
-ini_set('session.use_only_cookies', false);
+//ini_set('session.use_trans_sid', true);
+//ini_set('session.use_only_cookies', false);
 
 define('SESSION_TABLE', 'sessions');
 define('USER_SESSIONS_TABLE', 'user_sessions');
@@ -318,10 +318,12 @@ init_db_sessions($db_link);
 if (session_status() !== PHP_SESSION_ACTIVE) {
         // Старт сессии с безопасными настройками
         session_start([
-            'cookie_lifetime' => SESSION_LIFETIME ,
-//          'cookie_secure'   => true,
-//          'cookie_httponly' => true,
-            'cookie_samesite' => 'Strict',
-            'gc_maxlifetime' => SESSION_LIFETIME
+            'cookie_lifetime' => SESSION_LIFETIME,
+            'cookie_path' => '/', // ВАЖНО: кука должна быть доступна для всего сайта
+            'cookie_domain' => $_SERVER['HTTP_HOST'], // Текущий домен
+            'cookie_secure' => isset($_SERVER['HTTPS']), // true если HTTPS
+//            'cookie_httponly' => true,
+            'cookie_samesite' => 'Lax', // Или 'Strict', но 'Lax' лучше для переходов по ссылкам
+            'gc_maxlifetime' => SESSION_LIFETIME,
         ]);
     }

html/inc/common.php

@@ -288,6 +288,14 @@ function checkValidHostname($dnsname)
     return $result;
 }
 
+function replaceSpecialChars($input) {
+    // Заменяем ? на _ в любом месте
+    $result = str_replace('?', '_', $input);
+    // Заменяем * на % только в начале и конце с помощью регулярного выражения
+    $result = preg_replace('/^\*|\*$/', '%', $result);
+    return $result;
+}
+
 function searchHostname($db, $id, $hostname)
 {
     if (empty($hostname)) {

scripts/utils/import/import_auth.pl

@@ -0,0 +1,166 @@
+#!/usr/bin/perl
+
+#
+# Copyright (C) Roman Dmitiriev, rnd@rajven.ru
+#
+
+use utf8;
+use open ":encoding(utf8)";
+use open ':std', ':encoding(UTF-8)';
+use Encode;
+no warnings 'utf8';
+use English;
+use FindBin '$Bin';
+use lib "/opt/Eye/scripts";
+use Data::Dumper;
+use eyelib::config;
+use eyelib::main;
+use eyelib::database;
+use eyelib::net_utils;
+use Net::Patricia;
+use strict;
+use warnings;
+
+sub process_file {
+    my $fh = shift;
+    my @data;
+    my @headers;
+    my $line_num = 0;
+
+    while (my $line = <$fh>) {
+        chomp $line;
+        $line_num++;
+
+        # Пропускаем пустые строки
+        next if $line =~ /^\s*$/;
+
+        # Разбиваем строку по разделителям: пробелы, табы, запятые, точки с запятой
+        my @fields = split(/[\t,;]+/, $line);
+
+        if ($line_num == 1) {
+            # Первая непустая строка — заголовки
+            @headers = @fields;
+            print "Заголовки: " . join(" | ", map { "'$_'" } @headers) . "\n\n";
+            next;
+        }
+
+        # Проверяем, совпадает ли количество полей с количеством заголовков
+        if (@fields != @headers) {
+            warn "Предупреждение: строка $line_num: количество полей (" . scalar(@fields) .
+                 ") не совпадает с количеством заголовков (" . scalar(@headers) . ")\n";
+            # Дополняем или обрезаем массив, чтобы избежать ошибок
+            @fields = @fields[0 .. $#headers] if @fields > @headers;
+            while (@fields < @headers) {
+                push @fields, '';
+            }
+        }
+
+        # Создаём ассоциативный массив (hash) для текущей строки
+        my %row;
+        for my $i (0 .. $#headers) {
+            $row{$headers[$i]} = $fields[$i];
+        }
+
+        # Добавляем в общий результат
+        push @data, \%row;
+    }
+
+    return @data;  # возвращаем список ссылок на хеши
+}
+
+my @rows=();
+
+# === Основная логика ===
+if (@ARGV) {
+    foreach my $filename (@ARGV) {
+        open(my $fh, '<', $filename) or die "Не могу открыть файл '$filename': $!";
+        print "Обработка файла: $filename\n";
+        @rows = process_file($fh);
+        close($fh);
+    }
+} else {
+    @rows = process_file(\*STDIN);
+}
+
+foreach my $record (@rows) {
+
+next if (!exists($record->{ip}));
+
+my $auth_network = $office_networks->match_string($record->{ip});
+if (!$auth_network) {
+    log_error("Unknown network in request! IP: $record->{ip}");
+    next;
+    }
+
+my $search_sql = 'SELECT * FROM User_auth WHERE ip="'.$record->{ip}.'" and deleted=0 ORDER BY last_found DESC';
+$record->{ip_int}=StrToIp($record->{ip});
+if (!exists($record->{'mac'})) {
+    delete $record->{'mac'};
+    } else {
+    $record->{mac}=mac_splitted(isc_mac_simplify($record->{mac}));
+    $search_sql = 'SELECT * FROM User_auth WHERE ip="'.$record->{ip}.'" and mac="'.$record->{mac}.'" and deleted=0 ORDER BY last_found DESC';
+    }
+
+print "Импортируем:\n";
+for my $key (keys %{$record}) {
+    print "\t\t$key => $record->{$key}\n";
+}
+print "\n";
+
+if (exists $record->{dns_name}) {
+        my $auth_dns_name = lc(trim($record->{dns_name}));
+        $auth_dns_name=~s/\./-/g;
+        $auth_dns_name=~s/\//-/g;
+        $record->{dns_name} = $auth_dns_name;
+        }
+
+#search actual record
+my $auth_record = get_record_sql($dbh,$search_sql);
+if ($auth_record) {
+    update_record($dbh,'User_auth',$record,"id=".$auth_record->{id});
+    print "URL: <a href='".$config_ref{stat_url}."/admin/users/edituser.php?id=".$auth_record->{user_id}."'>".$auth_record->{user_id}."</a><br>\n";
+    if (exists $record->{dns_name}) {
+        my $user_info;
+        $user_info->{login}=$record->{dns_name};
+        update_record($dbh,'User_list',$user_info,"id=".$auth_record->{user_id});
+        my $device;
+        $device->{device_name}=$record->{dns_name};
+        update_record($dbh,'devices',$device,"user_id=".$auth_record->{user_id});
+        }
+    if (exists $record->{comments}) {
+        my $user_info;
+        $user_info->{fio}=$record->{comments};
+        update_record($dbh,'User_list',$user_info,"id=".$auth_record->{user_id});
+        }
+    next;
+    }
+
+my $dhcp_record =  {%{$record || {}}};
+$dhcp_record->{'type'}='add';
+
+my $res_id = resurrection_auth($dbh,$dhcp_record);
+if (!$res_id) {
+    db_log_error($dbh,"Error creating an ip address record for:\t\t".Dumper($dhcp_record));
+    next;
+    }
+update_record($dbh,'User_auth',$record,"id=".$res_id);
+$auth_record = get_record_sql($dbh,'SELECT * FROM User_auth where id='.$res_id);
+if ($auth_record) {
+    print "URL: <a href='".$config_ref{stat_url}."/admin/users/edituser.php?id=".$auth_record->{user_id}."'>".$auth_record->{user_id}."</a><br>\n";
+    if (exists $record->{dns_name}) {
+        my $user_info;
+        $user_info->{login}=$record->{dns_name};
+        update_record($dbh,'User_list',$user_info,"id=".$auth_record->{user_id});
+        my $device;
+        $device->{device_name}=$record->{dns_name};
+        update_record($dbh,'devices',$device,"user_id=".$auth_record->{user_id});
+        }
+    if (exists $record->{comments}) {
+        my $user_info;
+        $user_info->{fio}=$record->{comments};
+        update_record($dbh,'User_list',$user_info,"id=".$auth_record->{user_id});
+        }
+    }
+}
+
+exit;

scripts/utils/import/import_ips.pl

@@ -1,69 +0,0 @@
-#!/usr/bin/perl
-
-#
-# Copyright (C) Roman Dmitiriev, rnd@rajven.ru
-#
-
-#Import ip to user
-
-use utf8;
-use open ":encoding(utf8)";
-use FindBin '$Bin';
-use lib "/opt/Eye/scripts";
-use Data::Dumper;
-use eyelib::config;
-use eyelib::main;
-use eyelib::database;
-use eyelib::net_utils;
-use strict;
-use warnings;
-
-sub add_auth {
-my $db = shift;
-my $comment = shift;
-my $ip = shift;
-my $user_id = shift;
-
-my $ip_aton=StrToIp($ip);
-my $record=get_record_sql($db,'SELECT id FROM User_auth WHERE `deleted`=0 AND `ip_int`='.$ip_aton);
-if ($record->{id}) { return $record->{id}; }
-my $user_record=get_record_sql($db,"SELECT * FROM User_list WHERE id=$user_id");
-my $new_record;
-$new_record->{ip_int}=$ip_aton;
-$new_record->{ip}=$ip;
-$new_record->{user_id}=$user_id;
-$new_record->{save_traf}="$save_detail";
-$new_record->{deleted}="0";
-$new_record->{created_by}='manual';
-$new_record->{ou_id}=$user_record->{ou_id};
-$new_record->{filter_group_id}=$user_record->{filter_group_id};
-$new_record->{queue_id}=$user_record->{queue_id};
-$new_record->{enabled}="$user_record->{enabled}";
-$new_record->{comments}=$comment;
-
-my $cur_auth_id=insert_record($db,'User_auth',$new_record);
-return $cur_auth_id;
-}
-
-
-my $user_id =$ARGV[0];
-
-exit if (!$user_id);
-
-print "Stage 0: Read ip list for user_id: $user_id\n";
-
-binmode(STDOUT,':utf8');
-
-if (-e "1") {
-    my @nSQL=read_file("1");
-    foreach my $row (@nSQL) {
-        my ($user_name,$auth_ip) = split(/[\,|\;|\s]/,$row);
-        next if (!$auth_ip);
-        print "Add: $user_name $auth_ip";
-        my $ret = add_auth($dbh,$user_name,$auth_ip,$user_id);
-        if ($ret) { print "...OK\n"; } else { print "...Fail\n"; }
-        }
-    }
-print "Done!\n";
-
-exit;