1<?php 2 3/** 4 * Function to add / edit / delete section 5 *************************************************/ 6 7/* functions */ 8require_once( dirname(__FILE__) . '/../../../functions/functions.php' ); 9 10# initialize user object 11$Database = new Database_PDO; 12$User = new User ($Database); 13$Admin = new Admin ($Database); 14$Sections = new Sections ($Database); 15$Subnets = new Subnets ($Database); 16$Addresses = new Addresses ($Database); 17$Result = new Result (); 18 19# verify that user is logged in 20$User->check_user_session(); 21# check maintaneance mode 22$User->check_maintaneance_mode (); 23 24# strip input tags 25$_POST = $Admin->strip_input_tags($_POST); 26 27# validate csrf cookie 28$User->Crypto->csrf_cookie ("validate", "section", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; 29 30 31 32# If confirm is not set print delete warning 33if ($_POST['action']=="delete" && !isset($_POST['deleteconfirm'])) { 34 //for ajax to prevent reload 35 print "<div style='display:none'>alert alert-danger</div>"; 36 //result 37 print "<div class='alert alert-warning'>"; 38 39 //fetch all subsections 40 $subsections = $Sections->fetch_subsections ($_POST['id']); 41 42 //print what will be deleted 43 if(sizeof($subsections)>0) { 44 $subnets = $Subnets->fetch_section_subnets($_POST['id']); //fetch all subnets in section 45 $num_subnets = sizeof($subnets); //number of subnets to be deleted 46 if(sizeof($subnets)>0) { 47 foreach($subnets as $s) { 48 $out[] = $s; 49 } 50 } 51 //fetch subsection subnets 52 foreach($subsections as $ss) { 53 $subsection_subnets = $Subnets->fetch_section_subnets($ss->id); //fetch all subnets in subsection 54 if(sizeof($subsection_subnets)>0) { 55 foreach($subsection_subnets as $sss) { 56 $out[] = $sss; 57 } 58 } 59 $num_subnets = $num_subnets + sizeof($subsection_subnets); 60 //count all addresses that will be deleted! 61 $ipcnt = $Addresses->count_addresses_in_multiple_subnets($out); 62 } 63 } 64 # no subsections 65 else { 66 $subnets = $Subnets->fetch_section_subnets ($_POST['id']); //fetch all subnets in section 67 $num_subnets = sizeof($subnets); 68 $ipcnt = $Addresses->count_addresses_in_multiple_subnets($subnets); 69 } 70 71 # printout 72 print "<strong>"._("Warning")."</strong>: "._("I will delete").":<ul>"; 73 print " <li>$num_subnets "._("subnets")."</li>"; 74 if($ipcnt>0) { 75 print " <li>$ipcnt "._("IP addresses")."</li>"; 76 } 77 print "</ul>"; 78 79 print "<hr><div style='text-align:right'>"; 80 print _("Are you sure you want to delete above items?")." "; 81 print "<div class='btn-group'>"; 82 print " <a class='btn btn-sm btn-danger editSectionSubmitDelete' id='editSectionSubmitDelete'>"._("Confirm")."</a>"; 83 print "</div>"; 84 print "</div>"; 85 print "</div>"; 86} 87# ok, update section 88else { 89 90 # fetch old section 91 $section_old = $Sections->fetch_section ("id", $_POST['id']); 92 // parse old permissions 93 $old_permissions = json_decode($section_old->permissions, true); 94 95 list($removed_permissions, $changed_permissions, $new_permissions) = $Sections->get_permission_changes ((array) $_POST, $old_permissions); 96 97 # set variables for update 98 $values = array( 99 "id" => @$_POST['id'], 100 "name" => @$_POST['name'], 101 "description" => @$_POST['description'], 102 "strictMode" => @$_POST['strictMode'], 103 "subnetOrdering" => @$_POST['subnetOrdering'], 104 "showVLAN" => @$_POST['showVLAN'], 105 "showVRF" => @$_POST['showVRF'], 106 "showSupernetOnly" => @$_POST['showSupernetOnly'], 107 "masterSection" => @$_POST['masterSection'], 108 "permissions" => json_encode($new_permissions) 109 ); 110 111 # execute update 112 if(!$Sections->modify_section ($_POST['action'], $values, @$_POST['id'])) { $Result->show("danger", _("Section $_POST[action] failed"), false); } 113 else { $Result->show("success", _("Section $_POST[action] successful"), false); } 114 115 # delegate 116 if (@$_POST['delegate']==1) { 117 // fetch section subnets (use $subnets object to prime its cache) 118 $section_subnets = $Subnets->fetch_multiple_objects ("subnets", "sectionId", $_POST['id']); 119 if (!is_array($section_subnets)) $section_subnets = array(); 120 121 // apply permission changes 122 $Subnets->set_permissions ($section_subnets, $removed_permissions, $changed_permissions); 123 } 124}