= 1 && !in_array($parent_id, $mac_exists['users_id'] ?? [])) {
$dup_info = get_record_sql($db_link, "SELECT * FROM user_list WHERE id = ?", [$mac_exists['users_id'][0] ?? 0]);
$msg_error = "Mac already exists at another user in this subnet! Skip creating $ip [$mac].
Old user id: " . ($dup_info['id'] ?? '') . " login: " . ($dup_info['login'] ?? '');
$_SESSION[$page_url]['msg'] = $msg_error;
LOG_ERROR($db_link, $msg_error);
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
}
// DHCP для вторичного IP
$f_dhcp = (int)getPOST("f_dhcp", null, 0);
if (!empty($mac_exists) && in_array($parent_id, $mac_exists['users_id'] ?? [])) {
if ($parent_id != ($mac_exists['users_id'][0] ?? null)) {
$f_dhcp = 0;
}
}
// Проверка дубликата IP
$dup_ip_record = get_record_sql($db_link, "SELECT * FROM user_auth WHERE ip_int = ? AND id <> ? AND deleted = 0", [$ip_aton, $id]);
if (!empty($dup_ip_record)) {
$dup_info = get_record_sql($db_link, "SELECT * FROM user_list WHERE id = ?", [$dup_ip_record['user_id']]);
$msg_error = "$ip already exists. Skip creating $ip [$mac].
Old user id: " . $dup_info['id'] . " login: " . $dup_info['login'];
$_SESSION[$page_url]['msg'] = $msg_error;
LOG_ERROR($db_link, $msg_error);
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
}
$new = [
'ip' => $ip,
'ou_id' => $parent_ou_id,
'ip_int' => $ip_aton,
'mac' => $mac,
'description' => trim(getPOST("f_description", null, '')),
'WikiName' => trim(getPOST("f_wiki", null, ''))
];
$f_dnsname = trim(getPOST("f_dns_name", null, ''));
$f_dns_ptr_present = (getPOST("f_dns_ptr", null, null) !== null);
if (empty($f_dnsname)) {
$new['dns_ptr_only'] = 0;
$new['dns_name'] = '';
} else {
$new['dns_ptr_only'] = $f_dns_ptr_present ? 1 : 0;
}
// Обновление IP в devices
$device = get_record_sql($db_link, "SELECT * FROM devices WHERE ip_int = ?", [$old_auth_info['ip_int']]);
if (!empty($device)) {
update_record($db_link, "devices", "id = ?", [
'ip' => $ip,
'ip_int' => $ip_aton
], [$device['id']]);
}
// Обработка DNS-имени и алиасов
$dns_alias_count = get_count_records($db_link, 'user_auth_alias', 'auth_id = ?', [$id]);
if (!empty($f_dnsname) && !$new['dns_ptr_only']) {
$domain_zone = ltrim(get_option($db_link, 33), '.');
$escaped_zone = preg_quote($domain_zone, '/');
$f_dnsname = preg_replace('/\.' . $escaped_zone . '$/i', '', $f_dnsname);
$f_dnsname = preg_replace('/\s+/', '-', $f_dnsname);
if ($dns_alias_count > 0 && $f_dnsname !== $old_auth_info['dns_name']) {
$f_dnsname = $old_auth_info['dns_name'];
} else {
$valid_dns = checkValidHostname($f_dnsname);
$uniq_dns = checkUniqHostname($db_link, $id, $f_dnsname);
if ($valid_dns && $uniq_dns) {
$new['dns_name'] = $f_dnsname;
} else {
$msg_error = !$uniq_dns
? "DNS $f_dnsname already exists at: " . searchHostname($db_link, $id, $f_dnsname) . " Discard changes!"
: "DNS $f_dnsname not valid! Discard changes!";
$_SESSION[$page_url]['msg'] = $msg_error;
LOG_ERROR($db_link, $msg_error);
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
}
}
}
// Удаление алиасов при отключении DNS
if (empty($f_dnsname) || $new['dns_ptr_only']) {
$new['dns_name'] = '';
$t_user_auth_alias = get_records($db_link, 'user_auth_alias', "auth_id = ? ORDER BY alias", [$id]);
if (!empty($t_user_auth_alias)) {
foreach ($t_user_auth_alias as $row) {
LOG_INFO($db_link, "Remove alias id: " . $row['id'] . " for auth_id: $id :: " . dump_record($db_link, 'user_auth_alias', 'id = ?', [$row['id']]));
delete_record($db_link, 'user_auth_alias', 'id = ?', [$row['id']]);
}
}
}
// PTR-only режим
if ($old_auth_info['dns_ptr_only'] && !$new['dns_ptr_only']) {
$new['dns_name'] = '';
}
if (!empty($f_dnsname) && $new['dns_ptr_only']) {
$domain_zone = ltrim(get_option($db_link, 33), '.');
$escaped_zone = preg_quote($domain_zone, '/');
$f_dnsname = preg_replace('/\.' . $escaped_zone . '$/i', '', $f_dnsname);
$f_dnsname = preg_replace('/\s+/', '-', $f_dnsname);
$new['dns_name'] = $f_dnsname;
}
// Остальные поля
$new['save_traf'] = (int)getPOST("f_save_traf", null, 0);
$new['dhcp_acl'] = trim(getPOST("f_acl", null, ''));
$new['dhcp_option_set'] = trim(getPOST("f_dhcp_option_set", null, ''));
$new['dynamic'] = (int)(getPOST("f_dynamic", null, 0));
if ($new['dynamic']) {
$new['end_life'] = trim(getPOST("f_end_life", null, ''));
}
// Настройки по OU
if (get_const('default_user_ou_id') == $parent_ou_id || get_const('default_hotspot_ou_id') == $parent_ou_id) {
$new += [
'nagios_handler' => '',
'enabled' => 0,
'link_check' => 0,
'nagios' => 0,
'blocked' => 0,
'day_quota' => 0,
'month_quota' => 0,
'queue_id' => 0,
'filter_group_id' => 0
];
} else {
$new += [
'nagios_handler' => trim(getPOST("f_handler", null, '')),
'enabled' => (int)getPOST("f_enabled", null, 0),
'link_check' => (int)getPOST("f_link", null, 0),
'nagios' => (int)getPOST("f_nagios", null, 0),
'dhcp' => $f_dhcp,
'blocked' => (int)getPOST("f_blocked", null, 0),
'day_quota' => (int)getPOST("f_day_q", null, 0),
'month_quota' => (int)getPOST("f_month_q", null, 0),
'queue_id' => (int)getPOST("f_queue_id", null, 0),
'filter_group_id' => (int)getPOST("f_group_id", null, 0)
];
}
if ($new['nagios'] == 0) {
$new['nagios_status'] = 'UP';
}
if (!$user_enabled) {
$new['enabled'] = 0;
}
// Применение изменений
$changes = get_diff_rec($db_link, "user_auth", "id = ?", $new, 0, [$id]);
if (!empty($changes)) {
LOG_WARNING($db_link, "Changed record for $ip! Log: " . $changes, $id);
}
if (is_auth_bind_changed($db_link, $id, $ip, $mac)) {
$new_id = copy_auth($db_link, $id, $new);
if (!empty($new_id)) {
header("Location: /admin/users/editauth.php?id=" . $new_id, true, 302);
} else {
header("Location: " . $_SERVER["REQUEST_URI"]);
}
exit;
} else {
update_record($db_link, "user_auth", "id = ?", $new, [$id]);
}
} else {
$msg_error = "$msg_ip_error xxx.xxx.xxx.xxx";
$_SESSION[$page_url]['msg'] = $msg_error;
}
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
}
// === ПЕРЕМЕЩЕНИЕ ЗАПИСИ =========================================================
if (getPOST("moveauth") !== null && !$old_auth_info['deleted']) {
$new_parent_id = (int)getPOST("f_new_parent", null, 0);
$moved_auth = get_record_sql($db_link, "SELECT description FROM user_auth WHERE id = ?", [$id]);
$changes = apply_auth_rule($db_link, $moved_auth, $new_parent_id);
update_record($db_link, "user_auth", "id = ?", $changes, [$id]);
LOG_WARNING($db_link, "IP-address moved to another user! Applyed: " . hash_to_text($changes), $id);
// Удаляем старые правила
delete_records($db_link, "auth_rules", "user_id = ? AND rule = ? AND rule_type = 2", [$old_auth_info["user_id"], $old_auth_info["mac"]]);
delete_records($db_link, "auth_rules", "user_id = ? AND rule = ? AND rule_type = 1", [$old_auth_info["user_id"], $old_auth_info["ip"]]);
LOG_INFO($db_link, "Autorules removed for user_id: " . $old_auth_info["user_id"] . " login: " . $user_info["login"] . " by mac and ip");
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
}
// === ВОССТАНОВЛЕНИЕ УДАЛЁННОЙ ЗАПИСИ ===========================================
if (getPOST("recovery") !== null && $old_auth_info['deleted']) {
$ip = trim(getPOST("f_ip", null, ''));
if (checkValidIp($ip)) {
$ip_aton = ip2long($ip);
$mac = mac_dotted(getPOST("f_mac", null, ''));
// Проверка MAC
$mac_exists = find_mac_in_subnet($db_link, $ip, $mac);
if (!empty($mac_exists) && ($mac_exists['count'] ?? 0) >= 1 && !in_array($parent_id, $mac_exists['users_id'] ?? [])) {
$dup_info = get_record_sql($db_link, "SELECT * FROM user_list WHERE id = ?", [$mac_exists['users_id'][0] ?? 0]);
$msg_error = "Mac already exists at another user in this subnet! Skip creating $ip [$mac].
Old user id: " . ($dup_info['id'] ?? '') . " login: " . ($dup_info['login'] ?? '');
$_SESSION[$page_url]['msg'] = $msg_error;
LOG_ERROR($db_link, $msg_error);
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
}
// DHCP для вторичного IP
$f_dhcp = (int)getPOST("f_dhcp", null, 0);
if (!empty($mac_exists) && in_array($parent_id, $mac_exists['users_id'] ?? [])) {
if ($parent_id != ($mac_exists['users_id'][0] ?? null)) {
$f_dhcp = 0;
}
}
// Проверка дубликата IP
$dup_ip_record = get_record_sql($db_link, "SELECT * FROM user_auth WHERE ip_int = ? AND id <> ? AND deleted = 0", [$ip_aton, $id]);
if (!empty($dup_ip_record)) {
$dup_info = get_record_sql($db_link, "SELECT * FROM user_list WHERE id = ?", [$dup_ip_record['user_id']]);
$msg_error = "$ip already exists. Skip creating $ip [$mac].
Old user id: " . $dup_info['id'] . " login: " . $dup_info['login'];
$_SESSION[$page_url]['msg'] = $msg_error;
LOG_ERROR($db_link, $msg_error);
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
}
$new = ['deleted' => 0, 'dynamic' => 0, 'dns_name' => ''];
$old_parent = get_record_sql($db_link, "SELECT * FROM user_list WHERE id = ?", [$parent_id]);
if (empty($old_parent)) {
$new_user_info = get_new_user_id($db_link, $ip, $mac, null);
$new_user_id = $new_user_info['user_id'] ?? null;
if (empty($new_user_id)) {
$new_user_id = new_user($db_link, $new_user_info);
}
$new['user_id'] = $new_user_id;
}
$new['description'] = $old_parent['description'] ?? '';
// Настройки по OU
if (get_const('default_user_ou_id') == $parent_ou_id || get_const('default_hotspot_ou_id') == $parent_ou_id) {
$new += [
'nagios_handler' => '',
'enabled' => 0,
'link_check' => 0,
'nagios' => 0,
'blocked' => 0,
'day_quota' => 0,
'month_quota' => 0,
'queue_id' => 0,
'filter_group_id' => 0
];
} else {
$new += [
'nagios_handler' => trim(getPOST("f_handler", null, '')),
'enabled' => (int)getPOST("f_enabled", null, 0),
'link_check' => (int)getPOST("f_link", null, 0),
'nagios' => (int)getPOST("f_nagios", null, 0),
'dhcp' => (int)getPOST("f_dhcp", null, 0),
'blocked' => (int)getPOST("f_blocked", null, 0),
'day_quota' => (int)getPOST("f_day_q", null, 0),
'month_quota' => (int)getPOST("f_month_q", null, 0),
'queue_id' => (int)getPOST("f_queue_id", null, 0),
'filter_group_id' => (int)getPOST("f_group_id", null, 0)
];
}
$changes = get_diff_rec($db_link, "user_auth", "id = ?", $new, 0, [$id]);
if (!empty($changes)) {
LOG_WARNING($db_link, "Recovered ip-address. Applyed: $changes", $id);
}
$new = apply_auth_rule($db_link, $new, $new['user_id']);
update_record($db_link, "user_auth", "id = ?", $new, [$id]);
} else {
$msg_error = "$msg_ip_error xxx.xxx.xxx.xxx/xx";
$_SESSION[$page_url]['msg'] = $msg_error;
}
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
}
unset($_POST);
require_once($_SERVER['DOCUMENT_ROOT'] . "/inc/header.php");
$sSQL = "SELECT * FROM user_auth WHERE id=?";
$auth_info = get_record_sql($db_link, $sSQL, [ $id ]);
$device = get_record_sql($db_link, "SELECT * FROM devices WHERE user_id=?", [ $auth_info['user_id'] ]);
$parent_name = get_login($db_link, $auth_info['user_id']);
if (empty($parent_name)) { $parent_name=$auth_info['user_id']; }
if ($auth_info['dhcp_time'] == '0000-00-00 00:00:00') {
$dhcp_str = '';
} else {
$dhcp_str = $auth_info['dhcp_time'] . " (" . $auth_info['dhcp_action'] . ")";
}
if ($auth_info['last_found'] == '0000-00-00 00:00:00') { $auth_info['last_found'] = ''; }
if ($auth_info['mac_found'] == '0000-00-00 00:00:00') { $auth_info['mac_found'] = ''; }
if ($auth_info['arp_found'] == '0000-00-00 00:00:00') { $auth_info['arp_found'] = ''; }
$now = DateTime::createFromFormat("Y-m-d H:i:s",date('Y-m-d H:i:s'));
$created = new DateTime($auth_info['ts']);
if (empty($auth_info['end_life']) or $auth_info['end_life'] == '0000-00-00 00:00:00') {
$now->modify('+1 day');
$auth_info['end_life'] = $now->format('Y-m-d H:i:s');
}
?>
' . $_SESSION[$page_url]['msg'] . '
';
unset($_SESSION[$page_url]['msg']);
}
print "" . WEB_user_title . " " . $parent_name . " ";
$alias_link = '';
if (!empty($auth_info['dns_name']) and !$auth_info['dns_ptr_only']) { $alias_link="/admin/users/edit_alias.php?id=".$id; }
if (empty($auth_info['created_by'])) { $auth_info['created_by'] = '-'; }
$f_dns_ptr = '';
if ($auth_info['dns_ptr_only']) { $f_dns_ptr = 'checked'; }
?>