Location: PHPKode > projects > Cancerbero - The watchdog of the ports > cancerbero-0.6/site/owner_manager.php
<?php

include_once('include/class_history_links.inc');
include_once("include/dbconnect.php");
include_once("include/functions.php");
include_once("menu.html");

$config = new ReadConfig;
$general = $config->General('gui_debug');
if ($general['gui_debug'] == 1) {
	echo "<div align='center' class='orange'><h2><blink>Debug mode activated</blink></h2></div>\n";
}


$conf = $_GET["conf"];
if (isset($_GET["owner_id"])) $owner_id = $_GET["owner_id"];

switch($conf) {

case 'list':

	$title = "<h1>List of owners&nbsp;<a href='owner_manager.php?conf=add'><IMG title='Add a new owner' alt='Add a new owner' src='icons/users.png' border='0'></a></h1>";
	$query = "SELECT owner_id, name AS 'Owner Name', email AS 'Owner Email', telephone AS 'Telephone Number', section AS Room FROM owners ORDER BY name ASC";
	draw_table ($title,$query,800);

	break;
case 'owner':

	$query = mysql_query("SELECT owner_id, name AS 'Owner Name', email AS 'Owner Email', telephone AS 'Telephone Number', section AS Room FROM owners WHERE owner_id = $owner_id") or die (mysql_error());
	$data = mysql_fetch_assoc ($query);

	echo "<div align='center'><h1>Owner Info: {$data['Owner Name']} ({$data['Owner Email']})</h1></div>\n";

	$menu_bar = menu_bar(array('edit'=>'4','owners_manager'=>'1', 'trash'=>'4'),$owner_id);	
	echo "<br>";
	echo "<div class='buttonbar'>$menu_bar</div>\n";

	echo "<table width=95%>\n";

	echo "<td align='left' valign='top' width=250>";

	mysql_data_seek($query, 0);
	$title="<h1>Owner Info</h1>";
	draw_all ($title,$query,0);
	//echo "<br>";
	echo "</td>";
	echo "<td align='left' valign='top'>";

	$num_fields = 3;
	$objects = "";

	echo "<table class='cancerbero' width = 650>\n";
	show_colspan_cell("<h1>Ownership Info</h1>",$num_fields);

	$query_host = mysql_query("SELECT ip AS Ip,hostname AS Hostname,host_id FROM hosts WHERE host_id IN (select object_index from ownership where owner_id = $owner_id and object = 'host')") or die (mysql_error());
	$query_range = mysql_query("SELECT range AS Range,range_name AS 'Range Name',range_id FROM ranges WHERE range_id IN (select object_index from ownership where owner_id = $owner_id and object = 'range')") or die (mysql_error());
	$query_sensor = mysql_query("SELECT sensor_id,sensor_name AS Sensor FROM sensors WHERE sensor_id IN (select object_index from ownership where owner_id = $owner_id and object = 'sensor')") or die (mysql_error());

	echo "<tr>\n";
	echo "";
	echo "\t</tr>\n";
	echo "<tr>\n";
	echo "<td style='vertical-align: bottom; background-color: rgb(255, 204, 153);' align='center'><h2>Hosts</h2></td>";
	echo "<td style='vertical-align: bottom; background-color: rgb(255, 204, 153);' align='center'><h2>Ranges</h2></td>";
	echo "<td style='vertical-align: bottom; background-color: rgb(255, 204, 153);' align='center'><h2>Sensors</h2></td>";
	echo "</tr>";
	echo "\t<tr>\n";
	echo "\t<td align = 'center' style='vertical-align: top; background-color: rgb(255, 255, 255)'>\n";
	while ($linea = mysql_fetch_array($query_host, MYSQL_ASSOC)) {
		echo "<h3><a href='host_form.php?view_type=view&host_id=$linea[host_id]'>{$linea['Hostname']} / {$linea['Ip']}</a></h3>";
		$objects++;
	}
	echo "\t</td>\n";
	echo "\t<td align = 'center' style='vertical-align: top; background-color: rgb(255, 255, 255)'>\n";
	while ($linea = mysql_fetch_array($query_range, MYSQL_ASSOC)) {
		if ($linea['Range Name'] == "") {
			$linea['Range Name'] = "Unnamed";
		}
		echo "<h3><a href='owners.php?option=view_owners&object=Range&object_index=$linea[range_id]&ownerid=$owner_id'>{$linea['Range Name']} / {$linea['Range']}</a></h3>";
		$objects++;
	}
	echo "\t</td>\n";
	echo "\t<td align = 'center' style='vertical-align: top; background-color: rgb(255, 255, 255)'>\n";
	while ($linea = mysql_fetch_array($query_sensor, MYSQL_ASSOC)) {
		echo "<h3><a href='owners.php?option=view_owners&object=Sensor&object_index=$linea[sensor_id]&ownerid=$owner_id'>{$linea['Sensor']}</a></h3>";
		$objects++;
	}
	echo "\t</td>\n";
	echo "\t</tr>\n";

	if ($objects == "") {
		$bottom = "<h1>No ownerships has been defined</h1>";
	} else {
		$bottom = "<h1>Owns: ";
		if (mysql_num_rows($query_host)){
			$bottom.= mysql_num_rows($query_host)." Hosts ";
		}
		if (mysql_num_rows($query_range)){
			$bottom.= mysql_num_rows($query_range)." Ranges ";
		}
		if (mysql_num_rows($query_sensor)){
			$bottom.= mysql_num_rows($query_sensor)." Sensors";
		}
	}
	show_colspan_cell($bottom,$num_fields);
	echo "</td>";
	echo "</table>\n";
	break;

case 'delete':

	$sure = "";
	if (isset($_GET["sure"])) $sure = $_GET["sure"];
	
	$query = mysql_query("SELECT owner_id, name, email, telephone, section FROM owners WHERE owner_id = $owner_id") or die (mysql_error());
	$data = mysql_fetch_assoc ($query);

	if ( $sure == "yes" ) {
		echo "Deleting send of alerts...";
		$delete_owner = mysql_query("DELETE FROM send_alerts WHERE owner_id = '$data[owner_id]'");
		echo "...Done <br>";
		echo "Deleting ownership...";
		$delete_owner = mysql_query("DELETE FROM ownership WHERE owner_id = '$data[owner_id]'");
		echo "...Done <br>";
		echo "Deleting owner...";		
		$delete_owner = mysql_query("DELETE FROM owners WHERE owner_id = '$data[owner_id]'");
		echo "...Done <br>";
		echo "<br>";
		echo "Owner $data[name] has been deleted";

		$return = "owner_manager.php?conf=list";
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to the list of owners</a></h2></div>";
	} else {
		#Show a warning with the scan that will be deleted.
		echo "
		<div class='row'>
		<div align='center'><h1>Owner $data[name] and all his ownership and send of alerts 
		<p> are goint to be deleted of the database.</h1></div>
		<div align='center'><h2> Are you sure?</h2></div>
		<form action='owner_manager.php' method='get' onsubmit='return checkform(this);'>
		<input type='hidden' name='sure' value='yes'>
		<input type='hidden' name='conf' value='delete'>
		<input type='hidden' name='owner_id' value='$data[owner_id]'>
		<input type='hidden' name='option' value='delete_owner'>
		<p><div align='center'><input class='lowred' type='submit' name='delete' value='yes'></div>
		";


		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to the owner $data[name]</a></h2></div>";

	}

	break;
case 'modify':

	$save_add = "";
	$useremail = "";
	$username = "";
	$usertel = "";
	$userroom = "";
	$owner_id = "";
	if (isset($_GET["save_add"])) $save_add = $_GET["save_add"];
	if (isset($_GET["owner_id"])) $owner_id = $_GET["owner_id"];
	if (isset($_GET["useremail"])) $useremail = $_GET["useremail"];
	if (isset($_GET["name"]))  $username= $_GET["name"];
	if (isset($_GET["telephone"])) $usertel = $_GET["telephone"];
	if (isset($_GET["section"])) $userroom = $_GET["section"];

	$query = mysql_query("SELECT owner_id, name AS 'Owner Name', email AS 'Owner Email', telephone AS 'Telephone Number', section AS Room FROM owners WHERE owner_id = $owner_id") or die (mysql_error());
	$data = mysql_fetch_assoc ($query);
	
	if ( $save_add == "save" ) {
		if ( $useremail == "" || $username == "") {
			echo "<h1> ERROR: You must to fill all the madatory fields</h1>";
			echo "	
			\t<form id='modify_users' action='owner_manager.php' method='get' onsubmit='return checkform(this);'>\n
			\t<h3>Name: <input class='input' type='text' name='name' value='$username' size='20' maxlength='100'>&nbsp;*</h3>\n
			\t<h3>eMail: <input class='input' type='text' name='useremail' value='$useremail' size='20' maxlength='100'>&nbsp;*</h3>\n
			\t<h3>Phone: <input class='input' type='text' name='telephone' value='$usertel' size='20' maxlength='100'></h3>\n
			\t<h3>Room: <input class='input' type='text' name='section' value='$userroom' size='20' maxlength='100'></h3>\n
			\t<input type='hidden' name='owner_id' value='$owner_id'>\n
			\t<input type='hidden' name='conf' value='modify'>\n
			\t<div align='center'><input class='lowred' type='submit' name='save_add' value='save'></div>\n
			\t<h3>(*) Mandatory field.
			\t</form>\n
			";

			$return = $h->get_history_go(-2);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to {$data['Owner Name']}</a></h2></div>";
			break;
		} else {
			$update = "UPDATE owners SET name = '$username', email = '$useremail', telephone = '$usertel', section = '$userroom' WHERE owner_id = '$owner_id'";
			mysql_query($update) or die (mysql_error());
			echo "$username has been modify\n";
			$return = "owner_manager.php?conf=owner&owner_id=$owner_id";
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to $username</a></h2></div>";
		}
		break;
	}


	echo "	
	\t<form id='modify_users' action='owner_manager.php' method='get' onsubmit='return checkform(this);'>\n
	\t<h3>Name: <input class='input' type='text' name='name' value='{$data['Owner Name']}' size='20' maxlength='100'>&nbsp;*</h3>\n
	\t<h3>eMail: <input class='input' type='text' name='useremail' value='{$data['Owner Email']}' size='20' maxlength='100'>&nbsp;*</h3>\n
	\t<h3>Phone: <input class='input' type='text' name='telephone' value='{$data['Telephone Number']}' size='20' maxlength='100'></h3>\n
	\t<h3>Room: <input class='input' type='text' name='section' value='{$data['Room']}' size='20' maxlength='100'></h3>\n
	\t<input type='hidden' name='owner_id' value='$owner_id'>\n
	\t<input type='hidden' name='conf' value='modify'>\n
	\t<div align='center'><input class='lowred' type='submit' name='save_add' value='save'></div>\n
	\t<h3>(*) Mandatory field.
	\t</form>\n
	";

	$return = $h->get_history_go(-1);
	echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to {$data['Owner Name']}</a></h2></div>";

	break;

case 'add':

	$save_add = "";
	$useremail = "";
	$username = "";
	$usertel = "";
	$userroom = "";
	if (isset($_GET["save_add"])) $save_add = $_GET["save_add"];
	if (isset($_GET["useremail"])) $useremail = $_GET["useremail"];
	if (isset($_GET["name"]))  $username = $_GET["name"];
	if (isset($_GET["telephone"])) $usertel = $_GET["telephone"];
	if (isset($_GET["section"])) $userroom = $_GET["section"];
	
	if ( $save_add == "save" ) {

		$query = mysql_query("SELECT owner_id, name AS 'Owner Name', email AS 'Owner Email', telephone AS 'Telephone Number', section AS Room FROM owners WHERE email = '$useremail'") or die (mysql_error());
		$user_repeat = mysql_num_rows ($query);

		if ( $useremail == "" || $username == "") {
			echo "<h1> ERROR: You must to fill all the madatory fields</h1>";
			echo "	
			\t<form id='add_users' action='owner_manager.php' method='get' onsubmit='return checkform(this);'>\n
			\t<h3>Name: <input class='input' type='text' name='name' value='$username' size='20' maxlength='100'>&nbsp;*</h3>\n
			\t<h3>eMail: <input class='input' type='text' name='useremail' value='$useremail' size='20' maxlength='100'>&nbsp;*</h3>\n
			\t<h3>Phone: <input class='input' type='text' name='telephone' value='$usertel' size='20' maxlength='100'></h3>\n
			\t<h3>Room: <input class='input' type='text' name='section' value='$userroom' size='20' maxlength='100'></h3>\n
			\t<input type='hidden' name='conf' value='add'>\n
			\t<div align='center'><input class='lowred' type='submit' name='save_add' value='save'></div>\n
			\t<h3>(*) Mandatory field.
			\t</form>\n
			";

			$return = "owner_manager.php?conf=list";
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to the list of owners</a></h2></div>";
			break;
		} elseif ( $user_repeat != 0 ) {
			echo "<h1> ERROR: There is another user with the same mail address</h1>";
			echo "	
			\t<form id='add_users' action='owner_manager.php' method='get' onsubmit='return checkform(this);'>\n
			\t<h3>Name: <input class='input' type='text' name='name' value='$username' size='20' maxlength='100'>&nbsp;*</h3>\n
			\t<h3>eMail: <input class='input' type='text' name='useremail' value='$useremail' size='20' maxlength='100'>&nbsp;*</h3>\n
			\t<h3>Phone: <input class='input' type='text' name='telephone' value='$usertel' size='20' maxlength='100'></h3>\n
			\t<h3>Room: <input class='input' type='text' name='section' value='$userroom' size='20' maxlength='100'></h3>\n
			\t<input type='hidden' name='conf' value='add'>\n
			\t<div align='center'><input class='lowred' type='submit' name='save_add' value='save'></div>\n
			\t<h3>(*) Mandatory field.
			\t</form>\n
			";

			$return = "owner_manager.php?conf=list";
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to Owners menu</a></h2></div>";
			break;
		} else {
			$add = "INSERT INTO owners (name,email,telephone,section) VALUES ('$username','$useremail','$usertel','$userroom')";
			mysql_query($add) or die (mysql_error());
			echo "$username has been created\n";
			
			$query = mysql_query("SELECT owner_id, name AS 'Owner Name', email AS 'Owner Email', telephone AS 'Telephone Number', section AS Room FROM owners WHERE email = '$useremail'") or die (mysql_error());
			$data = mysql_fetch_assoc ($query);

			$return = "owner_manager.php?conf=owner&owner_id={$data['owner_id']}";
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to $username</a></h2></div>";
		}
		break;
	}


	echo "	
	\t<form id='add_users' action='owner_manager.php' method='get' onsubmit='return checkform(this);'>\n
	\t<h3>Name: <input class='input' type='text' name='name' size='20' maxlength='100'>&nbsp;*</h3>\n
	\t<h3>eMail: <input class='input' type='text' name='useremail' value='$useremail' size='20' maxlength='100'>&nbsp;*</h3>\n
	\t<h3>Phone: <input class='input' type='text' name='telephone' size='20' maxlength='100'></h3>\n
	\t<h3>Room: <input class='input' type='text' name='section' size='20' maxlength='100'></h3>\n
	\t<input type='hidden' name='conf' value='add'>\n
	\t<div align='center'><input class='lowred' type='submit' name='save_add' value='save'></div>\n
	\t<h3>(*) Mandatory field.
	\t</form>\n
	";

	$return = "owner_manager.php?conf=list";
	echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return to the list of owners</a></h2></div>";

	break;
default:
	echo "<div class='row'>";
	echo "	<h1>Parameter error</h1>";
	echo "</div>";
	break;
}

echo "</table>";
?>

	<div class="row">
		&nbsp;
	</div>

</div>
</div>

</body>
</html>
Return current item: Cancerbero - The watchdog of the ports