summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--admin/access.php68
-rw-r--r--lib/class/access.class.php45
-rw-r--r--templates/show_add_access.inc.php2
-rw-r--r--templates/show_add_access_current.inc.php2
-rw-r--r--templates/show_add_access_local.inc.php8
-rw-r--r--templates/show_add_access_rpc.inc.php8
-rw-r--r--templates/show_edit_access.inc.php48
7 files changed, 142 insertions, 39 deletions
diff --git a/admin/access.php b/admin/access.php
index 6ffaa167..0fa88a15 100644
--- a/admin/access.php
+++ b/admin/access.php
@@ -35,9 +35,70 @@ switch ($_REQUEST['action']) {
show_confirmation(_('Deleted'),_('Your Access List Entry has been removed'),$url);
break;
case 'add_host':
- Access::create($_POST);
- $url = Config::get('web_path') . '/admin/access.php';
- show_confirmation(_('Added'),_('Your new Access List Entry has been created'),$url);
+
+ // Make sure we've got a valid form submission
+ if (!Core::form_verify('add_acl','post')) {
+ access_denied();
+ exit;
+ }
+
+ // We need to pre-process this a little bit as stuff is coming in from all over
+ switch ($_GET['method']) {
+ case 'advanced':
+ Access::create($_POST);
+ break;
+ case 'local':
+ $_POST['type'] = 'network';
+ Access::create($_POST);
+
+ // Create Additional stuff based on the type
+ if ($_POST['addtype'] == 'streamnetwork' OR $_POST['addtype'] == 'allnetwork') {
+ $_POST['type'] = 'stream';
+ Access::create($_POST);
+ }
+ if ($_POST['addtype'] == 'allnetwork') {
+ $_POST['type'] = 'interface';
+ Access::create($_POST);
+ }
+ break;
+ case 'current':
+ $_POST['type'] = 'interface';
+ Access::create($_POST);
+ $_POST['type'] = 'stream';
+ Access::create($_POST);
+ break;
+ case 'rpc':
+ $_POST['type'] = 'rpc';
+ Access::create($_POST);
+
+ // Create Additional stuff based on the type
+ if ($_POST['addtype'] == 'streamrpc' OR $_POST['addtype'] == 'allrpc') {
+ $_POST['type'] = 'stream';
+ Access::create($_POST);
+ }
+ if ($_POST['addtype'] == 'allrpc') {
+ $_POST['type'] = 'interface';
+ Access::create($_POST);
+ }
+ break;
+ default:
+ // Do nothing they f'ed something up
+ break;
+ } // end switch on method
+
+ if (!Error::occurred()) {
+ $url = Config::get('web_path') . '/admin/access.php';
+ show_confirmation(_('Added'),_('Your new Access Control List(s) have been created'),$url);
+ }
+ else {
+ switch ($_GET['method']) {
+ case 'rpc': require_once Config::get('prefix') . '/templates/show_add_access_rpc.inc.php'; break;
+ case 'local': require_once Config::get('prefix') . '/templates/show_add_access_local.inc.php'; break;
+ case 'current': require_once Config::get('prefix') . '/templates/show_add_access_current.inc.php'; break;
+ case 'advanced': require_once Config::get('prefix') . '/templates/show_add_access.inc.php'; break;
+ default: require_once Config::get('prefix') . '/templates/show_access_list.inc.php'; break;
+ }
+ }
break;
case 'update_record':
$access = new Access($_REQUEST['access_id']);
@@ -58,6 +119,7 @@ switch ($_REQUEST['action']) {
break;
case 'show_edit_record':
$access = new Access($_REQUEST['access_id']);
+ $access->format();
require_once Config::get('prefix') . '/templates/show_edit_access.inc.php';
break;
default:
diff --git a/lib/class/access.class.php b/lib/class/access.class.php
index 9f8e6016..28a98073 100644
--- a/lib/class/access.class.php
+++ b/lib/class/access.class.php
@@ -120,9 +120,27 @@ class Access {
public static function create($data) {
/* We need to verify the incomming data a littlebit */
+ $start = @inet_pton($data['start']);
+ $end = @inet_pton($data['end']);
- $start = Dba::escape(inet_pton($data['start']));
- $end = Dba::escape(inet_pton($data['end']));
+ if (!$start AND $data['start'] != '0.0.0.0' AND $data['start'] != '::') {
+ Error::add('start',_('Invalid IPv4 / IPv6 Address Entered'));
+ return false;
+ }
+ if (!$end) {
+ Error::add('end',_('Invalid IPv4 / IPv6 Address Entered'));
+ return false;
+ }
+
+ // Check existing ACL's to make sure we're not duplicating values here
+ if (self::exists($data)) {
+ debug_event('ACL Create','Error did not create duplicate ACL entrie for ' . $data['start'] . ' - ' . $data['end'],'1');
+ return false;
+ }
+
+
+ $start = Dba::escape($start);
+ $end = Dba::escape($end);
$name = Dba::escape($data['name']);
$key = Dba::escape($data['key']);
$user = $data['user'] ? Dba::escape($data['user']) : '-1';
@@ -139,6 +157,29 @@ class Access {
} // create
/**
+ * exists
+ * this sees if the ACL that we've specified already exists, prevent duplicates. This ignores the name
+ */
+ public static function exists($data) {
+
+ $start = Dba::escape(inet_pton($data['start']));
+ $end = Dba::escape(inet_pton($data['end']));
+ $type = self::validate_type($data['type']);
+ $user = $data['user'] ? Dba::escape($data['user']) : '-1';
+
+ $sql = "SELECT * FROM `access_list` WHERE `start`='$start' AND `end` = '$end' " .
+ "AND `type`='$type' AND `user`='$user'";
+ $db_results = Dba::read($sql);
+
+ if (Dba::fetch_assoc($db_results)) {
+ return true;
+ }
+
+ return false;
+
+ } // exists
+
+ /**
* delete
* deletes the specified access_list entry
*/
diff --git a/templates/show_add_access.inc.php b/templates/show_add_access.inc.php
index 79d3de38..d2e537c5 100644
--- a/templates/show_add_access.inc.php
+++ b/templates/show_add_access.inc.php
@@ -20,7 +20,7 @@
*/
?>
<?php show_box_top(_('Advanced Add')); ?>
-<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host">
+<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=advanced">
<table class="tabledata" cellpadding="5" cellspacing="0">
<tr>
<td><?php echo _('Name'); ?>:</td>
diff --git a/templates/show_add_access_current.inc.php b/templates/show_add_access_current.inc.php
index e999ad57..64e9e5eb 100644
--- a/templates/show_add_access_current.inc.php
+++ b/templates/show_add_access_current.inc.php
@@ -20,7 +20,7 @@
*/
?>
<?php show_box_top(_('Add Current Host')); ?>
-<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host">
+<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=current">
<table class="tabledata" cellpadding="5" cellspacing="0">
<tr>
<td><?php echo _('Name'); ?>:</td>
diff --git a/templates/show_add_access_local.inc.php b/templates/show_add_access_local.inc.php
index f7332f9d..cb6f4d43 100644
--- a/templates/show_add_access_local.inc.php
+++ b/templates/show_add_access_local.inc.php
@@ -20,7 +20,7 @@
*/
?>
<?php show_box_top(_('Add Local Network Definition')); ?>
-<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host">
+<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=local">
<table class="tabledata" cellpadding="5" cellspacing="0">
<tr>
<td><?php echo _('Name'); ?>:</td>
@@ -47,9 +47,9 @@
<tr>
<td valign="top"><?php echo _('Type'); ?>:</td>
<td colspan="3">
- <input type="radio" name="type" value="network" /><?php echo _('Local Network Definition'); ?><br />
- <input type="radio" name="type" value="streamnetwork" /><?php echo _('Local Network Definition'); ?> + <?php echo _('Stream Access'); ?> + <?php echo _('Web Interface'); ?><br />
- <input type="radio" name="type" value="allnetwork" checked="checked" /><?php echo _('Local Network Definition'); ?> + <?php echo _('All'); ?><br />
+ <input type="radio" name="addtype" value="network" /><?php echo _('Local Network Definition'); ?><br />
+ <input type="radio" name="addtype" value="streamnetwork" /><?php echo _('Local Network Definition'); ?> + <?php echo _('Stream Access'); ?> + <?php echo _('Web Interface'); ?><br />
+ <input type="radio" name="addtype" value="allnetwork" checked="checked" /><?php echo _('Local Network Definition'); ?> + <?php echo _('All'); ?><br />
</td>
</tr>
<tr>
diff --git a/templates/show_add_access_rpc.inc.php b/templates/show_add_access_rpc.inc.php
index c23bfb36..c4600562 100644
--- a/templates/show_add_access_rpc.inc.php
+++ b/templates/show_add_access_rpc.inc.php
@@ -20,7 +20,7 @@
*/
?>
<?php show_box_top(_('Add API / RPC Host')); ?>
-<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host">
+<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=rpc">
<table class="tabledata" cellpadding="5" cellspacing="0">
<tr>
<td><?php echo _('Name'); ?>:</td>
@@ -47,9 +47,9 @@
<tr>
<td valign="top"><?php echo _('Type'); ?>:</td>
<td colspan="3">
- <input type="radio" name="type" value="rpc" /><?php echo _('RPC'); ?><br />
- <input type="radio" name="type" value="streamrpc" checked="checked" /><?php echo _('RPC'); ?> + <?php echo _('Stream Access'); ?><br />
- <input type="radio" name="type" value="allrpc" /><?php echo _('RPC'); ?> + <?php echo _('All'); ?>
+ <input type="radio" name="addtype" value="rpc" /><?php echo _('RPC'); ?><br />
+ <input type="radio" name="addtype" value="streamrpc" checked="checked" /><?php echo _('RPC'); ?> + <?php echo _('Stream Access'); ?><br />
+ <input type="radio" name="addtype" value="allrpc" /><?php echo _('RPC'); ?> + <?php echo _('All'); ?>
</td>
</tr>
<tr>
diff --git a/templates/show_edit_access.inc.php b/templates/show_edit_access.inc.php
index 9aa6c25e..72404892 100644
--- a/templates/show_edit_access.inc.php
+++ b/templates/show_edit_access.inc.php
@@ -1,7 +1,7 @@
<?php
/*
- Copyright (c) 2001 - 2007 Ampache.org
+ Copyright (c) Ampache.org
All rights reserved.
This program is free software; you can redistribute it and/or
@@ -19,16 +19,16 @@
*/
?>
-<?php show_box_top(_('Edit ACL')); ?>
-<form name="edit_access" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=update_record&amp;access_id=<?php echo intval($access->id); ?>">
+<?php show_box_top(_('Edit Access Control List')); ?>
+<form name="edit_access" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=update_record&access_id=<?php echo intval($access->id); ?>">
<table class="table-data">
<tr>
<td><?php echo _('Name'); ?>: </td>
- <td><input type="text" name="name" value="<?php echo scrub_out($access->name); ?>" /></td>
+ <td colspan="3"><input type="text" name="name" value="<?php echo scrub_out($access->name); ?>" /></td>
</tr>
<tr>
<td><?php echo _('ACL Type'); ?>: </td>
- <td>
+ <td colspan="3">
<select name="type">
<?php $name = 'sl_' . $access->type; ${$name} = ' selected="selected"'; ?>
<option value="stream"<?php echo $sl_stream; ?>><?php echo _('Stream Access'); ?></option>
@@ -40,46 +40,46 @@
</tr>
<tr>
- <td><?php echo _('Start IP Address'); ?>:</td>
- <td>
- <input type="text" name="start" value="<?php echo long2ip($access->start); ?>" size="20" maxlength="15" />
- <span class="information">(0.0.0.0)</span>
- </td>
+ <td colspan="4"><h3><?php echo _('IPv4 or IPv6 Addresses'); ?></h3>
+ <span class="information">(255.255.255.255) / (ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff)</span>
+ </td>
</tr>
<tr>
- <td><?php echo _('End IP Address'); ?>:</td>
+ <td><?php echo _('Start'); ?>:</td>
+ <td>
+ <input type="text" name="start" value="<?php echo $access->f_start; ?>" size="20" maxlength="15" />
+ </td>
+ <td><?php echo _('End'); ?>:</td>
<td>
- <input type="text" name="end" value="<?php echo long2ip($access->end); ?>" size="20" maxlength="15" />
- <span class="information">(0.0.0.0)</span>
+ <input type="text" name="end" value="<?php echo $access->f_end; ?>" size="20" maxlength="15" />
</td>
</tr>
<tr>
<td><?php echo _('User'); ?>:</td>
- <td>
+ <td colspan="3">
<?php show_user_select('user',$access->user); ?>
</td>
</tr>
<tr>
<td><?php echo _('Remote Key'); ?></td>
- <td>
+ <td colspan="3">
<input type="text" name="key" value="<?php echo scrub_out($access->key); ?>" size="32" maxlength="32" />
</td>
</tr>
<tr>
<td><?php echo _('Level'); ?>:</td>
- <td>
- <select name="level">
- <?php $name = 'level_' . $access->level; ${$name} = 'selected="selected"'; ?>
- <option value="5" <?php echo $level_5; ?>><?php echo _('View'); ?></option>
- <option value="25" <?php echo $level_25; ?>><?php echo _('Read'); ?></option>
- <option value="50" <?php echo $level_50; ?>><?php echo _('Read/Write'); ?></option>
- <option value="75" <?php echo $level_75; ?>><?php echo _('All'); ?></option>
- </select>
+ <td colspan="3">
+ <?php $name = 'level_' . $access->level; ${$name} = 'checked="checked"'; ?>
+ <input type="radio" name="level" value="5" <?php echo $level_5; ?>><?php echo _('View'); ?>
+ <input type="radio" name="level" value="25" <?php echo $level_25; ?>><?php echo _('Read'); ?>
+ <input type="radio" name="level" value="50" <?php echo $level_50; ?>><?php echo _('Read/Write'); ?>
+ <input type="radio" name="level" value="75" <?php echo $level_75; ?>><?php echo _('All'); ?>
</td>
</tr>
</table>
<div class="formValidation">
- <input type="submit" value="<?php echo _('Update'); ?>" />
+ <?php Core::form_register('edit_acl'); ?>
+ <input type="submit" value="<?php echo _('Update'); ?>" />
</div>
</form>
<?php show_box_bottom(); ?>
generated by cgit (git 2.34.1) at 2025-08-13 09:49:58 +0000