API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 25th, 2016
126
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.69 KB | None | 0 0
raw download clone embed print report
  1. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
  2. <HTML><!-- Written by Rexy, Romero P. & 3abTux -->
  3. <HEAD>
  4. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  5. <TITLE>Users import</TITLE>
  6. <link rel="stylesheet" href="/css/style.css" type="text/css">
  7. </HEAD>
  8. <body>
  9. <?php
  10. // Choice of language
  11. $Language = 'en';
  12. if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
  13. $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
  14. $Language = strtolower(substr(chop($Langue[0]),0,2)); }
  15. if($Language == 'fr'){
  16. $l_title = "Importer et vider la base des usagers";
  17. $l_database_state = "état actuel de la base : nombre de groupes =";
  18. $l_number_of_users = "Nombre d'usagers";
  19. $l_text_import = "Importer à partir d'un fichier texte";
  20. $l_text_import_help = "Ce fichier ne doit contenir que des noms d'usagers écrits les uns sous les autres.";
  21. $l_file = "Fichier";
  22. $l_users_group = "Définissez leur groupe (conseillé)";
  23. $l_send = "Importer";
  24. $l_empty = "Vider";
  25. $l_empty_warn = "Vous êtes sur le point de vider entièrement la base de donnée des utilisateurs... Souhaitez vous continuer?";
  26. $l_imported_files = "Fichiers des identifiants/mot_de_passe import&eacute;s durant les derni&egrave;res 24h :";
  27. $l_db_import = "Importer à partir d'une sauvegarde de la base d'usagers";
  28. $l_db_import_help = "Afin de pouvoir imputer les dernières traces de connexion, une sauvegarde de la base actuelle sera automatiquement réalisée.";
  29. $l_db_reset = "Vider la base des usagers";
  30. $l_error_ext_txt = "Erreur! Veuillez sélectionner un fichier avec l'extension '.csv' ou '.txt'";
  31. $l_error_ext_sql = "Erreur! Veuillez sélectionner un fichier avec l'extension '.sql' ou '.sql.gz'";
  32. $l_group_empty = "La liste des groupes est vide";
  33. $l_out_title = " --- Accès à Internet via ALCASAR --- ";
  34. $l_out_login = "Nom de connexion :";
  35. $l_out_passwd = "Mot de passe :";
  36. $l_out_mind = "Pensez à changer votre mot de passe (lien sur la page d'authentification)";
  37. }
  38. else {
  39. $l_title = "Import and empty the users database";
  40. $l_database_state ="State of the database : number of groups =";
  41. $l_number_of_users = "Number of users";
  42. $l_text_import = "Import from a text file";
  43. $l_text_import_help = "In this file, you must write only the user login one below the other.";
  44. $l_file = "File";
  45. $l_users_group = "Define their group (advisable)";
  46. $l_send = "Import";
  47. $l_empty = "Empty";
  48. $l_empty_warn = "You are close to empty the whole user database... Would you like to proceed?";
  49. $l_imported_files = "Logins/passwords file imported during the last 24h :";
  50. $l_db_import = "Import from a saved users database file";
  51. $l_db_import_help = "In order to impute the last connections, the actual users database will be automaticly saved.";
  52. $l_db_reset = "Empty the users database";
  53. $l_error_ext_txt = "Error! Please select a file with '.txt' or '.csv' extension";
  54. $l_error_ext_sql = "Error! Please select a file with '.sql' or '.sql.gz' extension";
  55. $l_group_empty = "The group list is empty";
  56. $l_out_title = " --- Internet access via ALCASAR --- ";
  57. $l_out_login = "Login :";
  58. $l_out_passwd = "Password :";
  59. $l_out_mind = "Don't forget to change your password (a link is on the authentication window)";
  60. }
  61. function getImportFileList(){
  62. $importFile = array();
  63. if ($handle = opendir('/tmp')) {
  64. while (false !== ($file = readdir($handle))) {
  65. if ($file != "." && $file != "..") {
  66. $ext = pathinfo($file ,PATHINFO_EXTENSION);
  67. $name = substr($file, 0, -(strlen($ext)+1)); //Retirer les lettres de l'extension ET le point
  68. if ($ext=="pwd"){
  69. $importFile[] = $name;
  70. }
  71. }
  72. }
  73. closedir($handle);
  74. }
  75. return $importFile;
  76. }
  77. function GenPassword($nb_car="8")
  78. {
  79. // Random password
  80. $password = "";
  81. $chaine = "aAzZeErRtTyYuUIopP152346897mMLkK";
  82. $chaine .= "jJhHgGfFdDsSqQwWxXcCvVbBnN152346897";
  83. while($nb_car != 0)
  84. {
  85. $i = rand(0,71);
  86. $password .= $chaine[$i];
  87. $nb_car --;
  88. }
  89. return $password ;
  90. }
  91. ?>
  92. <TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
  93. <tr><th><? echo "$l_title"; ?></th></tr>
  94. <tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
  95. </TABLE>
  96. <TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
  97. <tr><td valign="middle" align="left">
  98. <CENTER><H3>
  99. <?php
  100. echo "$l_database_state";
  101.  
  102. $LIBpath = "../lib/";
  103. require('/etc/freeradius-web/config.php');
  104. if (is_file($LIBpath."sql/drivers/$config[sql_type]/functions.php"))
  105. {
  106. include_once($LIBpath."sql/drivers/$config[sql_type]/functions.php");
  107. }
  108. else
  109. {
  110. echo "<b>Could not include SQL library</b><br>\n";
  111. exit();
  112. }
  113. include_once($LIBpath.'functions.php');
  114. if ($config['sql_use_operators'] == 'true')
  115. {
  116. include($LIBpath."operators.php");
  117. $text = ',op';
  118. $passwd_op = ",':='";
  119. }
  120. $link = @da_sql_pconnect($config);
  121. if (isset ($_POST ['choix'])) { $choix = $_POST ['choix']; }
  122. else { $choix = ''; }
  123. if ($choix == "raz")
  124. {
  125. exec ("sudo /usr/local/bin/alcasar-logout.sh all");
  126. exec ("sudo /usr/local/bin/alcasar-mysql.sh --raz");
  127. }
  128. // a file is downloaded
  129. if(isset($_FILES['import-users']) && ($_FILES['import-users']['name'] !=""))
  130. {
  131. unset($result);
  132. if (isset ($_POST['groupe'])) $group = $_POST ['groupe'];
  133. list($file_name , $extension) = explode("." , $_FILES['import-users']['name'] , 2);
  134. if ($choix == "csv") // import of a txt file
  135. {
  136. if (($extension != 'csv') && ($extension != 'txt')) $result = $l_error_ext_txt;
  137. else
  138. {
  139. $destination = '/tmp/import_file.txt';
  140. exec ("sudo /usr/local/bin/alcasar-mysql.sh --dump");
  141. move_uploaded_file($_FILES['import-users']['tmp_name'], $destination);
  142. $RS_in = file ($destination);
  143. $da_abort=0;
  144. if ($link)
  145. {
  146. if (is_file($LIBpath."crypt/$config[general_encryption_method].php"))
  147. {
  148. include($LIBpath."crypt/$config[general_encryption_method].php");
  149. $tmpdate = date("Ymd-his");
  150. $file_out = "/tmp/$tmpdate-$file_name.pwd" ;
  151. $RS_out = fopen ("$file_out", "wb");
  152. foreach ($RS_in as $no => $ligne)
  153. {
  154. if (substr($ligne,0,3) == pack('CCC',239,187,191)) # remove UTF8-BOM
  155. {
  156. $ligne = substr ($ligne,3);
  157. }
  158. $tligne = split(" ",$ligne);
  159. $login = trim ($tligne[0]);
  160. $password = trim ($tligne[1]);
  161. if ($login != '')
  162. {
  163. if ($password == "")
  164. {
  165. $password = GenPassword();
  166. }
  167. $login = da_sql_escape_string($link,$login);
  168. $passwd = da_sql_escape_string($link,$passwd);
  169. $passwd = da_encrypt($password);
  170. // insertion (login + password) dans la table "radcheck" (si l'usager existe --> changement de mot de passe)
  171. $res = @da_sql_query($link,$config,"INSERT INTO $config[sql_check_table] (attribute,value,username $text) VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");
  172. if (!$res || !@da_sql_affected_rows($link,$res,$config))
  173. {
  174. echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";
  175. $da_abort=1;
  176. }
  177. else
  178. {
  179. // create the user informations file
  180. fputs($RS_out,"$l_out_title\r\n\r\n");
  181. fputs($RS_out,"$l_out_login $login | $l_out_passwd $password\r\n\r\n");
  182. fputs($RS_out,"$l_out_mind\r\n\r\n");
  183. fputs($RS_out,"--------------------------------------------------------------------------------\r\n\r\n");
  184. }
  185. // insertion de l'usager dans la table "userinfo"
  186. if ($config[sql_use_user_info_table] == 'true' && !$da_abort)
  187. {
  188. $res = @da_sql_query($link,$config, "SELECT username FROM $config[sql_user_info_table] WHERE username = '$login';");
  189. if ($res)
  190. {
  191. if (!@da_sql_num_rows($res,$config))
  192. {
  193. $res = @da_sql_query($link,$config,"INSERT INTO $config[sql_user_info_table] (username) VALUES ('$login');");
  194. if (!$res || !@da_sql_affected_rows($link,$res,$config))
  195. echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
  196. }
  197. else
  198. echo "<b>User already exists in user info table.</b><br>\n";
  199. }
  200. else
  201. echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
  202. if ($group != '')
  203. {
  204. $group = da_sql_escape_string($link,$group);
  205. $res = @da_sql_query($link,$config,"SELECT username FROM $config[sql_usergroup_table] WHERE username = '$login' AND groupname = '$group';");
  206. if ($res)
  207. {
  208. if (!@da_sql_num_rows($res,$config))
  209. {
  210. $res = @da_sql_query($link,$config,"INSERT INTO $config[sql_usergroup_table] (username,groupname) VALUES ('$login','$group');");
  211. if (!$res || !@da_sql_affected_rows($link,$res,$config))
  212. echo "<b>Could not add user to group $group. SQL Error</b><br>\n";
  213. } # end if
  214. else
  215. echo "<b>User already is a member of group $group</b><br>\n";
  216. } # end if
  217. else
  218. echo "<b>Could not add user to group $group: " . da_sql_error($link,$config) . "</b><br>\n";
  219. } // end if ($group)
  220. } // end if ($config)
  221. } // end if ($login !='')
  222. } // end foreach
  223. fclose($RS_out);
  224. } // end if (is file)
  225. } // end if (link)
  226. unlink ($destination);
  227. } // end if (extension = (txt or cvs))
  228. }
  229. else if ($choix == "bdd") // database import
  230. {
  231. if (($extension == 'sql') || ($extension == 'sql.gz'))
  232. {
  233. $destination = '/tmp/import_file.'.$extension;
  234. exec ("sudo /usr/local/bin/alcasar-mysql.sh --dump");
  235. move_uploaded_file($_FILES['import-users']['tmp_name'], $destination);
  236. exec ("sudo /usr/local/bin/alcasar-mysql.sh --import $destination");
  237. //echo "OK : $destination";
  238. unlink ($destination);
  239. }
  240. else $result = $l_error_ext_sql;
  241. }
  242. }
  243. if ($link)
  244. {
  245. $res = @da_sql_query($link,$config,"SELECT GroupName FROM radusergroup GROUP BY GroupName");
  246. if ($res)
  247. {
  248. $nb_group = @da_sql_num_rows($res,$config);
  249. echo $nb_group;
  250. }
  251. }
  252. echo ", $l_number_of_users = ";
  253. if ($link)
  254. {
  255. $res = @da_sql_query($link,$config,"SELECT UserName FROM userinfo");
  256. if ($res)
  257. {
  258. $nb_user = @da_sql_num_rows($res,$config);
  259. echo "$nb_user";
  260. }
  261. }
  262. echo "</td></tr><tr><td>";
  263. echo "<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=1>";
  264. echo "<tr><td valign=\"middle\" align=\"left\" colspan=\"2\">";
  265. echo "<CENTER><H3>$l_text_import</H3></CENTER></td></tr>";
  266. echo "<tr><td valign=\"middle\" align=\"left\">";
  267. echo "$l_text_import_help<br>";
  268. echo "<tr><td valign=\"middle\" align=\"left\">";
  269. echo "<br><FORM action='$_SERVER[PHP_SELF]' method=POST ENCTYPE=\"multipart/form-data\">";
  270. echo "$l_file (.txt or .csv) : <input type=\"file\" name=\"import-users\"><br>";
  271. echo "$l_users_group : ";
  272. require("../lib/defaults.php");
  273. include_once("../lib/$config[general_lib_type]/group_info.php");
  274. if (isset($existing_groups)){
  275. echo "<select name=\"groupe\">";
  276. echo "<option value=\"\" selected>";
  277. foreach ($member_groups as $group)
  278. echo "<option value=\"$group\">$group\n";
  279. echo " </select>";
  280. }
  281. else echo "$l_group_empty";
  282. echo "<br>";
  283. echo "<input type='hidden' name='choix' value='csv'>";
  284. if (($choix == "csv") && isset($result)) echo "<b>".$result."</b><BR>";
  285. echo "<input type=\"submit\" value=\"$l_send\">";
  286. echo "</FORM></td>";
  287. echo "<td>";
  288. $ImportFileList = getImportFileList();
  289. if (count($ImportFileList) > 0){
  290. echo "$l_imported_files";
  291. echo "<ul>";
  292. foreach ( $ImportFileList as $ImportFile ) //on parcours le tableau
  293. {
  294. echo "<li>".$ImportFile." ( <a href=\"import_file.php?file=$ImportFile\">txt</a> - <a href=\"import_file.php?file=$ImportFile&format=pdf\">pdf</a> )</li>";
  295. }
  296. echo "</ul>";
  297. } else {
  298. echo "<br>";
  299. }
  300. echo "</td></tr></table>";
  301. echo "<tr><td valign=\"middle\" align=\"left\">";
  302. echo "<H3><CENTER>$l_db_import</CENTER></H3>";
  303. echo "$l_db_import_help <br><br>";
  304. echo "<FORM action='$_SERVER[PHP_SELF]' method=POST ENCTYPE=\"multipart/form-data\">";
  305. echo "$l_file (.sql or .sql.gz) : <input type=\"file\" name=\"import-users\"><br>";
  306. echo "<input type='hidden' name='choix' value='bdd'>";
  307. if (($choix == "bdd") && isset($result)) echo "<b>".$result."</b><BR>";
  308. echo "<input type=\"submit\" value=\"$l_send\">";
  309. echo "</FORM>";
  310. echo "</td></tr>";
  311. echo "<tr><td valign=\"middle\" align=\"left\">";
  312. echo "<H3><CENTER>$l_db_reset</CENTER></H3>";
  313. echo "$l_db_import_help<br><br>";
  314. echo "<FORM onsubmit=\"return confirm('$l_empty_warn');\" action='$_SERVER[PHP_SELF]' method=POST>";
  315. echo "<input type='hidden' name='choix' value='raz'>";
  316. echo "<input type=\"submit\" value=\"$l_empty\">";
  317. echo "</FORM>";
  318. echo "</TD></TR></TABLE>";
  319. ?>
  320. </BODY>
  321. </HTML>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!