Changes adopted from version 0.4
This commit is contained in:
@@ -1,13 +1,34 @@
|
||||
<?php
|
||||
/*****************************************************************************
|
||||
IP Reg, a PHP/MySQL IPAM tool
|
||||
Copyright (C) 2008 Wietse Warendorff
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
For more information, visit http://sourceforge.net/projects/ipreg,
|
||||
or contact me at wietsew@users.sourceforge.net
|
||||
*****************************************************************************/
|
||||
|
||||
// strip mac address to 12 char string
|
||||
function strip_mac($mac) {
|
||||
$mac = str_replace('-', '', $mac);
|
||||
$mac = str_replace(':', '', $mac);
|
||||
$mac = str_replace('.', '', $mac);
|
||||
$mac = str_replace(',', '', $mac);
|
||||
$mac = str_replace(' ', '', $mac);
|
||||
// strip chars we don't need
|
||||
$mac = preg_replace("|[^a-fA-F0-9]|", "", $mac);
|
||||
|
||||
// capotolize (just because it looks better eh)
|
||||
$mac = strtoupper($mac);
|
||||
|
||||
// and return
|
||||
return ($mac);
|
||||
}
|
||||
|
||||
@@ -17,24 +38,22 @@
|
||||
// if the MAC is empty, or for whatever reason incorrect, just return
|
||||
return $mac;
|
||||
} else {
|
||||
// length is good, continue
|
||||
$mac1 = substr($mac, 0, 2);
|
||||
$mac2 = substr($mac, 2, 2);
|
||||
$mac3 = substr($mac, 4, 2);
|
||||
$mac4 = substr($mac, 6, 2);
|
||||
$mac5 = substr($mac, 8, 2);
|
||||
$mac6 = substr($mac, 10, 2);
|
||||
|
||||
// check session for preference (if 0, do nothing), if changed: update useredit.php too!
|
||||
if ($_SESSION['suser_mac']==1) {
|
||||
$mac = $mac1 . '-' . $mac2 . '-' . $mac3 . '-' . $mac4 . '-' . $mac5 . '-' . $mac6;
|
||||
} else if ($_SESSION['suser_mac']==2) {
|
||||
$mac = $mac1 . ':' . $mac2 . ':' . $mac3 . ':' . $mac4 . ':' . $mac5 . ':' . $mac6;
|
||||
} else if ($_SESSION['suser_mac']==3) {
|
||||
$mac = $mac1 . $mac2 . $mac3 . '-' . $mac4 . $mac5 . $mac6;
|
||||
// length is ok, continue
|
||||
// strip mac to pieces
|
||||
for($i=0;$i<12;$i++) {
|
||||
${"mac".$i} = $mac{$i};
|
||||
}
|
||||
|
||||
return $mac;
|
||||
// get user preference
|
||||
$user_mac = $_SESSION['suser_mac'];
|
||||
|
||||
// replace user preference with pieces
|
||||
for($i=0;$i<12;$i++) {
|
||||
$user_mac = preg_replace("/x/", ${"mac".$i}, $user_mac, 1);
|
||||
}
|
||||
|
||||
// and return
|
||||
return $user_mac;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -43,4 +62,40 @@
|
||||
header("location: " . $location);
|
||||
exit;
|
||||
}
|
||||
|
||||
// authorisation check
|
||||
function auth($item, $min_auth, $item_id) {
|
||||
// get user_id
|
||||
$suser_id = $_SESSION['suser_id'];
|
||||
|
||||
// set base auth to 0
|
||||
$auth = 0;
|
||||
|
||||
// check for global rights
|
||||
$result = mysql_query("SELECT uc.auth FROM userclassauth uc, useruserclass u WHERE u.user_id='$suser_id' AND uc.userclass_id=u.userclass_id AND uc.item='ipreg' AND uc.id=0 ORDER BY uc.ordering DESC LIMIT 1") or die(mysql_error());
|
||||
while ($row = mysql_fetch_object($result)) {
|
||||
$auth = $row->auth;
|
||||
}
|
||||
|
||||
// check specific auth for this item
|
||||
$result = mysql_query("SELECT uc.auth FROM userclassauth uc, useruserclass u WHERE u.user_id='$suser_id' AND uc.userclass_id=u.userclass_id AND uc.item='$item' AND uc.id=0 ORDER BY uc.ordering DESC LIMIT 1") or die(mysql_error());
|
||||
while ($row = mysql_fetch_object($result)) {
|
||||
$auth = $row->auth;
|
||||
}
|
||||
|
||||
// and for a specific ID (if set)
|
||||
if($item_id>0) {
|
||||
$result = mysql_query("SELECT uc.auth FROM userclassauth uc, useruserclass u WHERE u.user_id='$suser_id' AND uc.userclass_id=u.userclass_id AND uc.item='$item' AND uc.id='$item_id' ORDER BY uc.ordering DESC LIMIT 1") or die(mysql_error());
|
||||
while ($row = mysql_fetch_object($result)) {
|
||||
$auth = $row->auth;
|
||||
}
|
||||
}
|
||||
|
||||
if($auth<$min_auth) {
|
||||
// not allowed -> redirect
|
||||
header_location("comments.php?comments=notallowed");
|
||||
} else {
|
||||
return $auth;
|
||||
}
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user