├── api
├── .htaccess
├── controllers
│ └── custom
│ │ └── .gitignore
└── README
├── functions
├── locale
│ ├── cs
│ ├── cs_CZ
│ ├── de
│ ├── de_DE
│ ├── en
│ ├── en_GB
│ ├── en_US
│ ├── es
│ ├── es_ES
│ ├── fr
│ ├── fr_FR
│ ├── it
│ ├── it_IT
│ ├── nl
│ ├── nl_NL
│ ├── pt
│ ├── pt_BR
│ ├── ru
│ ├── ru_RU
│ ├── sl
│ ├── sl_SI
│ ├── zh
│ ├── zh_CN
│ ├── zh_TW
│ ├── cs_CZ.UTF8
│ ├── de_DE.UTF8
│ ├── en_GB.UTF8
│ ├── en_US.UTF8
│ ├── es_ES.UTF8
│ ├── fr_FR.UTF8
│ ├── ja_JP
│ ├── nl_NL.UTF8
│ ├── pt_BR.UTF8
│ ├── sl_SI.UTF8
│ ├── zh_CN.UTF8
│ ├── cs_CZ.UTF-8
│ │ ├── cs_CZ.UTF8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── de_DE.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── en_GB.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── en_US.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── es_ES.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── fr_FR.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── it_IT.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── ja_JP.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── nl_NL.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── pt_BR.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── ru_RU.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── sl_SI.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ ├── zh_CN.UTF-8
│ │ └── LC_MESSAGES
│ │ │ └── phpipam.mo
│ └── zh_TW.UTF-8
│ │ └── LC_MESSAGES
│ │ └── phpipam.mo
├── include-only.php
├── checks
│ ├── check_db_install.php
│ ├── check_db_upgrade.php
│ └── check_db_structure.php
├── output_buffering.php
├── upgrade_queries.php
├── classes
│ ├── class.Config.php
│ ├── class.Devices.php
│ ├── class.Devtype.php
│ └── class.LockForUpdate.php
├── scripts
│ ├── clear_logs.php
│ └── find_full_subnets.php
├── version.php
└── adLDAP
│ └── src
│ └── collections
│ ├── adLDAPGroupCollection.php
│ ├── adLDAPUserCollection.php
│ ├── adLDAPContactCollection.php
│ └── adLDAPComputerCollection.php
├── robots.txt
├── .gitattributes
├── app
├── subnets
│ ├── addresses
│ │ ├── index.php
│ │ ├── address-resolve.php
│ │ └── address-details
│ │ │ ├── address-details-location.php
│ │ │ ├── address-details-permissions.php
│ │ │ └── address-changelog.php
│ ├── scan
│ │ ├── subnet-scan-result-scan-telnet.php
│ │ └── subnet-scan-result.php
│ ├── mail-notify-subnet-check.php
│ ├── import-subnet
│ │ ├── upload
│ │ │ └── .htaccess
│ │ └── import-verify.php
│ └── subnet-details
│ │ ├── subnet-location.php
│ │ ├── subnet-map-search.php
│ │ └── subnet-permissions.php
├── admin
│ ├── circuits
│ │ └── index.php
│ ├── powerDNS
│ │ ├── host_records.php
│ │ ├── domains.php
│ │ ├── domains-print.php
│ │ ├── domain-records.php
│ │ └── refresh-ptr-records.php
│ ├── racks
│ │ ├── print-racks.php
│ │ ├── print-single-rack.php
│ │ └── index.php
│ ├── vlans
│ │ └── index.php
│ ├── nat
│ │ └── index.php
│ ├── dhcp
│ │ ├── reservations.php
│ │ ├── leases.php
│ │ ├── subnets.php
│ │ └── settings.php
│ ├── locations
│ │ └── index.php
│ ├── devices
│ │ └── index.php
│ ├── routing
│ │ ├── index.php
│ │ ├── edit-bgp-mapping-submit.php
│ │ └── edit-bgp-mapping-delete.php
│ ├── pstn-prefixes
│ │ └── index.php
│ ├── import-export
│ │ ├── upload
│ │ │ └── .htaccess
│ │ ├── import-constants.php
│ │ ├── not-implemented.php
│ │ ├── export-vrf-field-select.php
│ │ ├── generate-mysql.php
│ │ ├── export-l2dom-field-select.php
│ │ └── export-devtype-field-select.php
│ ├── users
│ │ ├── print-user
│ │ │ ├── modules.php
│ │ │ ├── mail.php
│ │ │ ├── display.php
│ │ │ └── authentication.php
│ │ └── index.php
│ ├── api
│ │ └── generate-key.php
│ ├── vrf
│ │ └── index.php
│ ├── customers
│ │ ├── index.php
│ │ └── unlink.php
│ ├── instructions
│ │ └── preview.php
│ ├── subnets
│ │ ├── index.php
│ │ ├── split-save.php
│ │ ├── linked-subnet-submit.php
│ │ └── permissions-submit.php
│ ├── settings
│ │ ├── remove-maintaneance.php
│ │ └── logo
│ │ │ ├── logo-clear.php
│ │ │ └── import-verify.php
│ ├── required-fields
│ │ └── submit.php
│ ├── index.php
│ ├── custom-fields
│ │ ├── order.php
│ │ └── filter-result.php
│ ├── filter-fields
│ │ └── filter-result.php
│ ├── ripe-import
│ │ └── index.php
│ ├── vaults
│ │ ├── lock.php
│ │ └── unlock-result.php
│ ├── sections
│ │ └── edit-order-result.php
│ ├── admin-menu.php
│ ├── verify-database
│ │ └── fix.php
│ ├── authentication-methods
│ │ └── edit.php
│ ├── mail
│ │ └── edit.php
│ ├── firewall-zones
│ │ └── index.php
│ ├── groups
│ │ ├── remove-users-result.php
│ │ └── add-users-result.php
│ ├── languages
│ │ └── edit-result.php
│ ├── device-types
│ │ └── edit-result.php
│ ├── replace-fields
│ │ └── result.php
│ └── 2fa
│ │ └── edit_user.php
├── tools
│ ├── subnets
│ │ └── index.php
│ ├── custom
│ │ └── .gitignore
│ ├── subnet-masks
│ │ ├── index.php
│ │ └── popup.php
│ ├── powerDNS
│ │ └── domains.php
│ ├── requests
│ │ └── index.php
│ ├── user-menu
│ │ ├── permissions.php
│ │ ├── user-widgets-set.php
│ │ ├── index.php
│ │ └── 2fa_save.php
│ ├── vaults
│ │ ├── vault
│ │ │ ├── vault-items.php
│ │ │ ├── form.php
│ │ │ └── index.php
│ │ └── index.php
│ ├── mac-lookup
│ │ ├── tips.php
│ │ ├── results.php
│ │ └── index.php
│ ├── routing
│ │ ├── menu.php
│ │ ├── ospf
│ │ │ └── all.php
│ │ └── bgp
│ │ │ └── details.php
│ ├── customers
│ │ ├── index.php
│ │ └── customer
│ │ │ ├── objects
│ │ │ └── menu.php
│ │ │ ├── objects.php
│ │ │ └── index.php
│ ├── pass-change
│ │ └── result.php
│ ├── logs
│ │ └── clear-logs.php
│ ├── changelog
│ │ └── clear-logs.php
│ ├── favourites
│ │ └── favourite-edit.php
│ ├── nat
│ │ └── index.php
│ ├── locations
│ │ ├── menu.php
│ │ └── index.php
│ ├── search
│ │ └── opensearch.php
│ ├── multicast-networks
│ │ ├── create_mac.php
│ │ └── validate_mac.php
│ ├── devices
│ │ └── device-details
│ │ │ └── device-location.php
│ ├── index.php
│ ├── instructions
│ │ └── index.php
│ ├── vlan
│ │ └── index.php
│ ├── vrf
│ │ └── index.php
│ ├── racks
│ │ ├── index.php
│ │ ├── draw_rack.php
│ │ └── print-racks.php
│ ├── ip-calculator
│ │ ├── index.php
│ │ ├── ip-calculator.php
│ │ └── bw-calculator-result.php
│ ├── pstn-prefixes
│ │ └── index.php
│ ├── tools-menu.php
│ ├── circuits
│ │ ├── physical-circuits
│ │ │ └── circuit-details-logical-parents.php
│ │ └── menu.php
│ └── temp-shares
│ │ └── delete-result.php
├── temp_share
│ ├── subnet-visual.php
│ └── subnet-graph.php
├── login
│ ├── request_ip_first_free.php
│ └── captchashow.php
├── install
│ ├── invalid_install_type.php
│ ├── sql_error.php
│ ├── postinstall_submit.php
│ └── install-execute.php
├── dashboard
│ └── widgets
│ │ ├── bw_calculator.php
│ │ ├── locations.php
│ │ ├── index.php
│ │ ├── template.php
│ │ ├── ipcalc-result.php
│ │ ├── instructions.php
│ │ ├── top10_hosts_v6.php
│ │ ├── top10_percentage.php
│ │ └── top10_hosts_v4.php
├── vrf
│ └── index.php
├── vlan
│ └── index.php
├── sections
│ ├── section-subnets.php
│ └── section-changelog.php
├── folder
│ └── index.php
└── footer.php
├── css
├── images
│ ├── li.png
│ ├── noise.png
│ ├── sn-bg.png
│ ├── favicon.png
│ ├── li-dark.png
│ ├── li-dns.png
│ ├── red-dot.png
│ ├── bg-light.png
│ ├── blue-dot.png
│ ├── hosterdam.png
│ ├── sn-bg-dark.png
│ ├── sn-bg-last.png
│ ├── ul-li-bg.png
│ ├── userVader.png
│ ├── li-dns-dark.png
│ ├── li-dns-last.png
│ ├── userTrooper.png
│ ├── btn_donate_SM.gif
│ ├── sn-bg-last-dark.png
│ ├── ul-li-bg-active.png
│ ├── ul-li-bg-dark.png
│ ├── li-dns-last-dark.png
│ ├── phpipam_logo_smal.png
│ ├── blankracks
│ │ ├── rack-top.png
│ │ ├── rack-unit.png
│ │ └── rack-bottom.png
│ ├── ul-li-bg-active-dark.png
│ └── bootstrap-colorpicker
│ │ ├── hue.png
│ │ ├── alpha.png
│ │ ├── saturation.png
│ │ ├── hue-horizontal.png
│ │ └── alpha-horizontal.png
└── fonts
│ ├── FontAwesome.otf
│ ├── fa-brands-400.eot
│ ├── fa-brands-400.ttf
│ ├── fa-solid-900.eot
│ ├── fa-solid-900.ttf
│ ├── fa-solid-900.woff
│ ├── MesloLGS-Regular.ttf
│ ├── fa-brands-400.woff
│ ├── fa-brands-400.woff2
│ ├── fa-regular-400.eot
│ ├── fa-regular-400.ttf
│ ├── fa-regular-400.woff
│ ├── fa-regular-400.woff2
│ ├── fa-solid-900.woff2
│ ├── fontawesome-webfont.eot
│ ├── fontawesome-webfont.ttf
│ ├── fontawesome-webfont.woff
│ ├── fontawesome-webfont.woff2
│ └── source_sans_pro
│ └── SourceSansPro-Light.woff2
├── install
└── .htaccess
├── upgrade
└── .htaccess
├── db
├── bkp
│ └── .htaccess
└── UPDATE.sql
├── js
├── ckeditor
│ ├── plugins
│ │ ├── icons.png
│ │ ├── link
│ │ │ └── images
│ │ │ │ └── anchor.png
│ │ ├── image
│ │ │ └── images
│ │ │ │ └── noimage.png
│ │ ├── magicline
│ │ │ └── images
│ │ │ │ └── icon.png
│ │ ├── fakeobjects
│ │ │ └── images
│ │ │ │ └── spacer.gif
│ │ ├── about2
│ │ │ └── dialogs
│ │ │ │ ├── logo_ckeditor.png
│ │ │ │ └── about.js
│ │ ├── dialog
│ │ │ └── dialogDefinition.js
│ │ ├── preview
│ │ │ └── preview.html
│ │ └── specialchar
│ │ │ └── dialogs
│ │ │ └── lang
│ │ │ └── _translationstatus.txt
│ ├── skins
│ │ └── moono
│ │ │ ├── icons.png
│ │ │ └── images
│ │ │ ├── arrow.png
│ │ │ ├── close.png
│ │ │ └── mini.png
│ └── config.js
└── dieIE.js
├── UPDATE
├── INSTALL.txt
├── .github
└── ISSUE_TEMPLATE
│ ├── help_wanted.md
│ ├── feature_request.md
│ └── bug_report.md
├── .gitignore
├── .htaccess
├── .gitmodules
└── misc
└── Roadmap
/api/.htaccess:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/functions/locale/cs:
--------------------------------------------------------------------------------
1 | cs_CZ.UTF-8
--------------------------------------------------------------------------------
/functions/locale/cs_CZ:
--------------------------------------------------------------------------------
1 | cs_CZ.UTF-8
--------------------------------------------------------------------------------
/functions/locale/de:
--------------------------------------------------------------------------------
1 | de_DE.UTF-8
--------------------------------------------------------------------------------
/functions/locale/de_DE:
--------------------------------------------------------------------------------
1 | de_DE.UTF-8
--------------------------------------------------------------------------------
/functions/locale/en:
--------------------------------------------------------------------------------
1 | en_GB.UTF-8
--------------------------------------------------------------------------------
/functions/locale/en_GB:
--------------------------------------------------------------------------------
1 | en_GB.UTF-8
--------------------------------------------------------------------------------
/functions/locale/en_US:
--------------------------------------------------------------------------------
1 | en_US.UTF-8
--------------------------------------------------------------------------------
/functions/locale/es:
--------------------------------------------------------------------------------
1 | es_ES.UTF-8
--------------------------------------------------------------------------------
/functions/locale/es_ES:
--------------------------------------------------------------------------------
1 | es_ES.UTF-8
--------------------------------------------------------------------------------
/functions/locale/fr:
--------------------------------------------------------------------------------
1 | fr_FR.UTF-8
--------------------------------------------------------------------------------
/functions/locale/fr_FR:
--------------------------------------------------------------------------------
1 | fr_FR.UTF-8
--------------------------------------------------------------------------------
/functions/locale/it:
--------------------------------------------------------------------------------
1 | it_IT.UTF-8
--------------------------------------------------------------------------------
/functions/locale/it_IT:
--------------------------------------------------------------------------------
1 | it_IT.UTF-8
--------------------------------------------------------------------------------
/functions/locale/nl:
--------------------------------------------------------------------------------
1 | nl_NL.UTF-8
--------------------------------------------------------------------------------
/functions/locale/nl_NL:
--------------------------------------------------------------------------------
1 | nl_NL.UTF-8
--------------------------------------------------------------------------------
/functions/locale/pt:
--------------------------------------------------------------------------------
1 | pt_BR.UTF-8
--------------------------------------------------------------------------------
/functions/locale/pt_BR:
--------------------------------------------------------------------------------
1 | pt_BR.UTF-8
--------------------------------------------------------------------------------
/functions/locale/ru:
--------------------------------------------------------------------------------
1 | ru_RU.UTF-8
--------------------------------------------------------------------------------
/functions/locale/ru_RU:
--------------------------------------------------------------------------------
1 | ru_RU.UTF-8
--------------------------------------------------------------------------------
/functions/locale/sl:
--------------------------------------------------------------------------------
1 | sl_SI.UTF-8
--------------------------------------------------------------------------------
/functions/locale/sl_SI:
--------------------------------------------------------------------------------
1 | sl_SI.UTF-8
--------------------------------------------------------------------------------
/functions/locale/zh:
--------------------------------------------------------------------------------
1 | zh_CN.UTF-8
--------------------------------------------------------------------------------
/functions/locale/zh_CN:
--------------------------------------------------------------------------------
1 | zh_CN.UTF-8
--------------------------------------------------------------------------------
/functions/locale/zh_TW:
--------------------------------------------------------------------------------
1 | zh_TW.UTF-8
--------------------------------------------------------------------------------
/functions/locale/cs_CZ.UTF8:
--------------------------------------------------------------------------------
1 | cs_CZ.UTF-8
--------------------------------------------------------------------------------
/functions/locale/de_DE.UTF8:
--------------------------------------------------------------------------------
1 | de_DE.UTF-8
--------------------------------------------------------------------------------
/functions/locale/en_GB.UTF8:
--------------------------------------------------------------------------------
1 | en_GB.UTF-8
--------------------------------------------------------------------------------
/functions/locale/en_US.UTF8:
--------------------------------------------------------------------------------
1 | en_US.UTF-8
--------------------------------------------------------------------------------
/functions/locale/es_ES.UTF8:
--------------------------------------------------------------------------------
1 | es_ES.UTF-8
--------------------------------------------------------------------------------
/functions/locale/fr_FR.UTF8:
--------------------------------------------------------------------------------
1 | fr_FR.UTF-8
--------------------------------------------------------------------------------
/functions/locale/ja_JP:
--------------------------------------------------------------------------------
1 | ja_JP.UTF-8/
--------------------------------------------------------------------------------
/functions/locale/nl_NL.UTF8:
--------------------------------------------------------------------------------
1 | nl_NL.UTF-8
--------------------------------------------------------------------------------
/functions/locale/pt_BR.UTF8:
--------------------------------------------------------------------------------
1 | pt_BR.UTF-8
--------------------------------------------------------------------------------
/functions/locale/sl_SI.UTF8:
--------------------------------------------------------------------------------
1 | sl_SI.UTF-8
--------------------------------------------------------------------------------
/functions/locale/zh_CN.UTF8:
--------------------------------------------------------------------------------
1 | zh_CN.UTF-8
--------------------------------------------------------------------------------
/robots.txt:
--------------------------------------------------------------------------------
1 | User-agent: *
2 | Disallow: /
3 |
--------------------------------------------------------------------------------
/functions/locale/cs_CZ.UTF-8/cs_CZ.UTF8:
--------------------------------------------------------------------------------
1 | cs_CZ.UTF8
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | # enforce line endings
2 | *.php text eol=lf
3 |
--------------------------------------------------------------------------------
/app/subnets/addresses/index.php:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/app/admin/circuits/index.php:
--------------------------------------------------------------------------------
1 |
2 | DirectoryIndex disabled
3 |
--------------------------------------------------------------------------------
/upgrade/.htaccess:
--------------------------------------------------------------------------------
1 |
2 | DirectoryIndex disabled
3 |
--------------------------------------------------------------------------------
/app/admin/powerDNS/host_records.php:
--------------------------------------------------------------------------------
1 |
2 | Order Allow,Deny
3 | Deny from all
4 |
--------------------------------------------------------------------------------
/css/fonts/FontAwesome.otf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/bnchdan/phpipam/master/css/fonts/FontAwesome.otf
--------------------------------------------------------------------------------
/css/images/bg-light.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/bnchdan/phpipam/master/css/images/bg-light.png
--------------------------------------------------------------------------------
/css/images/blue-dot.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/bnchdan/phpipam/master/css/images/blue-dot.png
--------------------------------------------------------------------------------
/css/images/hosterdam.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/bnchdan/phpipam/master/css/images/hosterdam.png
--------------------------------------------------------------------------------
/css/images/sn-bg-dark.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/bnchdan/phpipam/master/css/images/sn-bg-dark.png
--------------------------------------------------------------------------------
/css/images/sn-bg-last.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/bnchdan/phpipam/master/css/images/sn-bg-last.png
--------------------------------------------------------------------------------
/css/images/ul-li-bg.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/bnchdan/phpipam/master/css/images/ul-li-bg.png
--------------------------------------------------------------------------------
/css/images/userVader.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/bnchdan/phpipam/master/css/images/userVader.png
--------------------------------------------------------------------------------
/app/tools/subnets/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
5 |
6 | # show all nat objects
7 | include(dirname(__FILE__)."/../../tools/nat/index.php");
--------------------------------------------------------------------------------
/app/subnets/scan/subnet-scan-result-scan-telnet.php:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/app/admin/dhcp/reservations.php:
--------------------------------------------------------------------------------
1 | check_user_session();
5 |
6 | # print reservations
7 | include(dirname(__FILE__)."/../../tools/dhcp/reservations.php");
--------------------------------------------------------------------------------
/js/ckeditor/plugins/dialog/dialogDefinition.js:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright (c) 2003-2013, CKSource - Frederico Knabben. All rights reserved.
3 | For licensing, see LICENSE.html or http://ckeditor.com/license
4 | */
5 |
--------------------------------------------------------------------------------
/js/ckeditor/plugins/preview/preview.html:
--------------------------------------------------------------------------------
1 |
11 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/help_wanted.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Help wanted or misc questions?
3 | about: Ask for help running phpIPAM
4 | title: ''
5 | labels: ''
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Request for help using phpIPAM / Misc question?**
11 | ...
--------------------------------------------------------------------------------
/app/tools/subnet-masks/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | // set popup
11 | $popup = false;
12 | // table
13 | include('print-table.php');
14 | ?>
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | db/bkp
2 | app/subnets/import-subnet/upload/
3 | app/admin/import-export/upload/
4 | config.php
5 | css/*/images/logo/logo.png
6 | functions/scripts/custom/
7 | functions/assets/
8 | api/_lock.txt
9 | app/dashboard/widgets/custom/
10 | .idea
11 | .vscode
12 |
--------------------------------------------------------------------------------
/app/admin/locations/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
5 |
6 | # Make sure user is admin
7 | $User->is_admin(true);
8 |
9 | # show all nat objects
10 | include(dirname(__FILE__)."/../../tools/locations/index.php");
--------------------------------------------------------------------------------
/app/admin/devices/index.php:
--------------------------------------------------------------------------------
1 |
9 |
10 |
11 |
--------------------------------------------------------------------------------
/app/admin/routing/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # include table
11 | include(dirname(__FILE__)."/../../tools/routing/index.php");
--------------------------------------------------------------------------------
/app/admin/pstn-prefixes/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
5 | # perm check
6 | $User->check_module_permissions ("pstn", User::ACCESS_R, true, false);
7 | # show all prefix objects
8 | include(dirname(__FILE__)."/../../tools/pstn-prefixes/index.php");
--------------------------------------------------------------------------------
/app/admin/dhcp/leases.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # print leases
11 | include(dirname(__FILE__)."/../../tools/dhcp/leases.php");
--------------------------------------------------------------------------------
/app/admin/dhcp/subnets.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # print subnets
11 | include(dirname(__FILE__)."/../../tools/dhcp/subnets.php");
--------------------------------------------------------------------------------
/functions/include-only.php:
--------------------------------------------------------------------------------
1 | show("danger", _("Invalid request"), true);
9 | }
--------------------------------------------------------------------------------
/app/admin/import-export/upload/.htaccess:
--------------------------------------------------------------------------------
1 | # Don't list directory contents
2 | IndexIgnore *
3 | # Deny access via web to it
4 | Deny from all
5 |
6 | # Disable script execution
7 | AddHandler cgi-script .php .php2 .php3 .php4 .php5 .php6 .php7 .php8 .pl .py .js .jsp .asp .htm .html .shtml .sh .cgi
8 | Options -ExecCGI -Indexes
--------------------------------------------------------------------------------
/app/subnets/import-subnet/upload/.htaccess:
--------------------------------------------------------------------------------
1 | # Don't list directory contents
2 | IndexIgnore *
3 | # Deny access via web to it
4 | Deny from all
5 |
6 | # Disable script execution
7 | AddHandler cgi-script .php .php2 .php3 .php4 .php5 .php6 .php7 .php8 .pl .py .js .jsp .asp .htm .html .shtml .sh .cgi
8 | Options -ExecCGI -Indexes
--------------------------------------------------------------------------------
/app/admin/powerDNS/domains.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # include tools PowerDNS
11 | include dirname(__FILE__) . "/../../tools/powerDNS/domains-print.php";
--------------------------------------------------------------------------------
/app/admin/users/print-user/modules.php:
--------------------------------------------------------------------------------
1 |
2 |
|
3 |
4 |
5 |
6 | |
7 |
12 | |
13 |
--------------------------------------------------------------------------------
/app/tools/requests/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # set tools
11 | $tools = true;
12 |
13 | # use admin
14 | include(dirname(__FILE__)."/../../admin/requests/index.php");
--------------------------------------------------------------------------------
/.htaccess:
--------------------------------------------------------------------------------
1 |
2 |
3 | # Enable rewrite engine
4 | RewriteEngine on
5 | # Passthroughs
6 | RewriteRule ^(css|js|app|test)/.*$ - [L,QSA]
7 |
8 | # Rewrites
9 | RewriteRule ^index\.php$ - [L]
10 | RewriteCond %{REQUEST_FILENAME} !-d
11 | RewriteCond %{REQUEST_FILENAME} !-f
12 | RewriteRule ^ index.php [L]
13 |
14 |
--------------------------------------------------------------------------------
/functions/checks/check_db_install.php:
--------------------------------------------------------------------------------
1 | check_db_connection(true);
9 | # connection is ok, check that table exists
10 | $Install->check_table("vrf", true);
--------------------------------------------------------------------------------
/app/admin/powerDNS/domain-records.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # include tools PowerDNS
11 | include dirname(__FILE__) . "/../../tools/powerDNS/domain-records.php";
12 | exit();
--------------------------------------------------------------------------------
/app/admin/api/generate-key.php:
--------------------------------------------------------------------------------
1 | check_user_session();
11 |
12 | print $User->Crypto->generate_html_safe_token(32);
13 | ?>
--------------------------------------------------------------------------------
/app/tools/user-menu/permissions.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 | user;
11 | include(dirname(__FILE__)."/../../admin/users/print_module_permissions.php");
--------------------------------------------------------------------------------
/app/admin/vrf/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 | # perm check
10 | $User->check_module_permissions ("vrf", User::ACCESS_R, true, false);
11 |
12 | # include vrf
13 | include (dirname(__FILE__)."/../../tools/vrf/index.php");
--------------------------------------------------------------------------------
/app/tools/vaults/vault/vault-items.php:
--------------------------------------------------------------------------------
1 | check_user_session();
5 |
6 | # printout
7 | print ""._('Vault items')."
";
8 | print "
";
9 | print "
";
10 |
11 | // include
12 | if($vault->type=="passwords") {
13 | include(dirname(__FILE__)."/vault-items-passwords.php");
14 | }
15 | else {
16 | include(dirname(__FILE__)."/vault-items-certificates.php");
17 | }
--------------------------------------------------------------------------------
/app/admin/import-export/import-constants.php:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/app/admin/users/print-user/mail.php:
--------------------------------------------------------------------------------
1 |
2 |
|
3 |
4 |
5 | |
6 | role == "Administrator" ? _($user->mailNotify) : _("No"); ?> |
7 |
8 |
9 | |
10 | role == "Administrator" ? _($user->mailChangelog) : _("No"); ?> |
11 |
--------------------------------------------------------------------------------
/app/tools/mac-lookup/tips.php:
--------------------------------------------------------------------------------
1 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 | - 00:50:56:93:73:f4
15 | - 00-50-56-93-73-f4
16 | - 0050.5693.73f4
17 | - 0050569373f4
18 |
19 |
20 |
2 |
3 |
--------------------------------------------------------------------------------
/app/admin/dhcp/settings.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 | # perm check
10 | $User->check_module_permissions ("dhcp", User::ACCESS_R, true, false);
11 | ?>
12 |
13 |
14 |
15 |
16 | $s) {
18 | if(is_array($s)) {
19 | print $k."
";
20 | foreach ($s as $k2=>$s2) {
21 | print " $k2: $s2
";
22 | }
23 | }
24 | else {
25 | print "$k: $s
";
26 | }
27 | }
--------------------------------------------------------------------------------
/app/admin/users/print-user/display.php:
--------------------------------------------------------------------------------
1 |
2 |
|
3 |
4 |
5 | |
6 | theme=="" ? _("Default") : escape_input($user->theme) ?> |
7 |
8 |
9 | |
10 | compressOverride==1 ? _("Yes") : _("No") ?> |
11 |
12 |
13 | |
14 | hideFreeRange==1 ? _("Yes") : _("No") ?> |
15 |
16 |
17 | |
18 | menuType; ?> |
19 |
--------------------------------------------------------------------------------
/app/tools/logs/clear-logs.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # truncate logs table
20 | if(!$Admin->truncate_table("logs")) { $Result->show("danger", _('Error clearing logs')."!", true); }
21 | else { $Result->show("success", _('Logs cleared successfully')."!", true); }
22 | ?>
--------------------------------------------------------------------------------
/app/tools/changelog/clear-logs.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # truncate logs table
20 | if(!$Admin->truncate_table("changelog")) { $Result->show("danger", _('Error clearing logs')."!", true); }
21 | else { $Result->show("success", _('Logs cleared successfully')."!", true); }
--------------------------------------------------------------------------------
/app/tools/favourites/favourite-edit.php:
--------------------------------------------------------------------------------
1 | check_user_session();
15 |
16 | # checks
17 | is_numeric($_POST['subnetId']) ? : $Result->show("danger", _('Invalid ID'),false, true);
18 |
19 | # execute action
20 | if(!$User->edit_favourite($_POST['action'], $_POST['subnetId'])) { $Result->show("danger", _('Error editing favourite'),false, true); }
21 | else { print "success"; }
--------------------------------------------------------------------------------
/app/dashboard/widgets/bw_calculator.php:
--------------------------------------------------------------------------------
1 | check_user_session ();
19 |
20 | # set widget flag
21 | $widget = true;
22 |
23 | # overlay
24 | print "";
25 |
26 | # include ipcalc
27 | include (dirname(__FILE__)."/../../../app/tools/ip-calculator/bw-calculator.php");
28 |
29 | print "
";
--------------------------------------------------------------------------------
/app/tools/nat/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # check that nat support isenabled
11 | if ($User->settings->enableNAT!="1") {
12 | $Result->show("danger", _("NAT module disabled."), false);
13 | }
14 | elseif ($User->check_module_permissions ("nat", User::ACCESS_R, false, false)===false) {
15 | $Result->show("danger", _("You do not have permissions to access this module"), false);
16 | }
17 | else {
18 | //single nat
19 | if(isset($_GET['subnetId'])) { include(dirname(__FILE__).'/nat_details.php'); }
20 | //all nats
21 | else { include(dirname(__FILE__).'/all_nats.php'); }
22 | }
--------------------------------------------------------------------------------
/app/tools/customers/customer/objects/menu.php:
--------------------------------------------------------------------------------
1 | ";
12 | foreach ($Tools->get_customer_object_types () as $href=>$name) {
13 | // add badge
14 | $cnt = isset($objects[$href]) ? sizeof($objects[$href]) : 0;
15 |
16 | // print
17 | $active = $_GET['sPage']==$href ? "active" : "";
18 | $menu[] = "";
19 | $menu[] = " ".$name." $cnt";
20 | $menu[] = "";
21 | }
22 | $menu[] = "";
23 |
24 | print implode("\n", $menu);
--------------------------------------------------------------------------------
/app/admin/instructions/preview.php:
--------------------------------------------------------------------------------
1 | check_user_session();
12 |
13 | // vaidate cookie
14 | $User->Crypto->csrf_cookie ("validate", "instructions", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
15 | // strip script
16 | $_POST['instructions'] = $User->noxss_html($_POST['instructions']);
17 |
18 | ?>
19 |
24 |
--------------------------------------------------------------------------------
/app/subnets/addresses/address-resolve.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # fetch subnet
20 | $subnet = $Subnets->fetch_subnet ("id", $_POST['subnetId']);
21 | $nsid = $subnet===false ? false : $subnet->nameserverId;
22 |
23 | # resolve
24 | $hostname = $DNS->resolve_address ($_POST['ipaddress'], false, true, $nsid);
25 |
26 | # print result
27 | print $hostname['name'];
--------------------------------------------------------------------------------
/app/vrf/index.php:
--------------------------------------------------------------------------------
1 | fetch_object ("vrf", "vrfId", $_GET['section']);
7 |
8 | # perm check
9 | if ($User->get_module_permissions ("vrf")==User::ACCESS_NONE) {
10 | $Result->show("danger", _("You do not have permissions to access this module"), false);
11 | }
12 | elseif ($vrf===false) {
13 | print "";
14 | print "
"._("Error")."
";
15 | $Result->show("danger", _("Invalid VRF id"), false);
16 | print "";
17 | }
18 | else {
19 | # print VRF details
20 | print "";
21 | include_once("vrf-details.php");
22 | print "
";
23 |
24 | # Subnets in VRF
25 | print '';
26 | include_once('vrf-subnets.php');
27 | print '
';
28 | }
--------------------------------------------------------------------------------
/app/vlan/index.php:
--------------------------------------------------------------------------------
1 | fetch_object("vlans", "vlanId", $_GET['subnetId']);
5 |
6 | # perm check
7 | if ($User->get_module_permissions ("vlan")==User::ACCESS_NONE) {
8 | $Result->show("danger", _("You do not have permissions to access this module"), false);
9 | }
10 | # size check
11 | elseif($vlan===false) {
12 | print "";
13 | print "
"._("Error")."
";
14 | $Result->show("danger", _("Invalid VLAN id"), false);
15 | print "";
16 | }
17 | else {
18 | # print VLAN details
19 | print "";
20 | include_once("vlan-details.php");
21 | print "
";
22 |
23 | # Subnets in VLAN
24 | print '';
25 | include_once('vlan-subnets.php');
26 | print '
';
27 | }
--------------------------------------------------------------------------------
/app/admin/subnets/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # fetch all sections
11 | $sections = $Sections->fetch_all_sections();
12 |
13 | # print all sections with delete / edit button
14 | print ''._('Subnet management').'
';
15 | print "
";
16 |
17 | /* Foreach section fetch subnets and print it! */
18 | if(is_array($sections)) {
19 | foreach($sections as $section) {
20 | # check permission
21 | if($Sections->check_permission($User->user, $section->id)) {
22 | print "
"._('Available subnets in section')." $section->name: [$section->description]
";
23 | print $Sections->print_section_subnets_table($User, $section->id);
24 | }
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/app/admin/import-export/not-implemented.php:
--------------------------------------------------------------------------------
1 | check_user_session();
16 |
17 | ?>
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
33 |
--------------------------------------------------------------------------------
/app/admin/racks/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # fetch custom fields
11 | $custom = $Tools->fetch_custom_fields('racks');
12 |
13 | # get hidden fields
14 | $hidden_custom_fields = json_decode($User->settings->hiddenCustomFields, true);
15 | $hidden_custom_fields = is_array(@$hidden_custom_fields['racks']) ? $hidden_custom_fields['racks'] : array();
16 |
17 | # perm check
18 | if ($User->get_module_permissions ("racks")==User::ACCESS_NONE) {
19 | $Result->show("danger", _("You do not have permissions to access this module"), false);
20 | }
21 | elseif (isset($_GET['subnetId'])) { include("print-single-rack.php"); }
22 | else { include("print-racks.php"); }
--------------------------------------------------------------------------------
/app/admin/settings/remove-maintaneance.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # set update values
20 | $values = array("id"=>1,
21 | "maintaneanceMode" => 0
22 | );
23 | if(!$Admin->object_modify("settings", "edit", "id", $values)) { $Result->show("danger", _("Cannot update settings"), true, true, false, false, true); }
24 | else { $Result->show("success", _("Maintaneance mode removed"), true, true, false, false, true); }
--------------------------------------------------------------------------------
/app/tools/user-menu/user-widgets-set.php:
--------------------------------------------------------------------------------
1 | check_user_session();
19 |
20 | # validate csrf cookie
21 | $User->Crypto->csrf_cookie ("validate", "user-menu", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
22 |
23 | /* save widgets */
24 | if (!$User->self_update_widgets ($_POST['widgets'])) { $Result->show("danger", _('Error updating'),true); }
25 | else { $Result->show("success", _('Widgets updated'),true); }
26 | ?>
--------------------------------------------------------------------------------
/app/tools/locations/menu.php:
--------------------------------------------------------------------------------
1 |
2 | - >
3 | '>
4 |
5 | - >
6 | '>
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/js/ckeditor/plugins/specialchar/dialogs/lang/_translationstatus.txt:
--------------------------------------------------------------------------------
1 | Copyright (c) 2003-2013, CKSource - Frederico Knabben. All rights reserved.
2 | For licensing, see LICENSE.html or http://ckeditor.com/license
3 |
4 | cs.js Found: 118 Missing: 0
5 | cy.js Found: 118 Missing: 0
6 | de.js Found: 118 Missing: 0
7 | el.js Found: 16 Missing: 102
8 | eo.js Found: 118 Missing: 0
9 | et.js Found: 31 Missing: 87
10 | fa.js Found: 24 Missing: 94
11 | fi.js Found: 23 Missing: 95
12 | fr.js Found: 118 Missing: 0
13 | hr.js Found: 23 Missing: 95
14 | it.js Found: 118 Missing: 0
15 | nb.js Found: 118 Missing: 0
16 | nl.js Found: 118 Missing: 0
17 | no.js Found: 118 Missing: 0
18 | tr.js Found: 118 Missing: 0
19 | ug.js Found: 39 Missing: 79
20 | zh-cn.js Found: 118 Missing: 0
21 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Feature request
3 | about: Suggest an idea for this project
4 | title: ''
5 | labels: 'feature request'
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Is your feature request related to a problem? Please describe.**
11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
12 |
13 | **Describe the solution you'd like**
14 | A clear and concise description of what you want to happen.
15 |
16 | **Describe alternatives you've considered**
17 | A clear and concise description of any alternative solutions or features you've considered.
18 |
19 | **Describe how the feature would benefit other users**
20 | Add how this feature would benefit other phpIPAM users (your feature may need to be generalised to be as useful as possible). Add any other context or screenshots about the feature request here.
21 |
--------------------------------------------------------------------------------
/js/dieIE.js:
--------------------------------------------------------------------------------
1 | /**
2 | *
3 | * Die IF IE 6 and 7
4 | *
5 | *
6 | */
7 |
8 | $(document).ready(function () {
9 |
10 | //set text
11 | var html;
12 | html = "phpIPAM only works on newer browsers!
Please use at least IE9, IE10 is recommended (if you have to use IE :/)
You can get browsers here:";
13 | html += "";
19 |
20 | $('body').css('overflow','hidden');
21 | $('div.jqueryError').addClass('dieIE').html(''+html+'
').show();
22 |
23 | return false;
24 | });
--------------------------------------------------------------------------------
/app/dashboard/widgets/locations.php:
--------------------------------------------------------------------------------
1 | check_user_session ();
23 |
24 | # no errors!
25 | //ini_set('display_errors', 0);
26 |
27 | $height = '210px';
28 | $title = false;
29 |
30 | # open maps
31 | include(dirname(__FILE__)."/../../tools/locations/all-locations-map.php");
32 | ?>
33 |
--------------------------------------------------------------------------------
/app/tools/mac-lookup/results.php:
--------------------------------------------------------------------------------
1 | check_user_session();
4 |
5 | // trim and escape
6 | $mac = escape_input(trim($_POST['mac']));
7 |
8 | // validate
9 | if($User->validate_mac ($mac)===false) {
10 | $Result->show("warning", _("Invalid MAC address provided")." - ".$mac, false);
11 | }
12 | else {
13 | // check
14 | $mac_vendor = $User->get_mac_address_vendor_details ($mac);
15 |
16 | // print
17 | if($mac_vendor=="") {
18 | $Result->show("info", _("No matches found for prefix")." ".$mac, false);
19 | }
20 | else {
21 | $mac = strtoupper($User->reformat_mac_address ($mac, 1));
22 | $mac_partial = explode(":", $mac);
23 | // print
24 | print "Vendor: ".$mac_vendor."
";
25 | print "Prefix: ".$mac_partial[0].":".$mac_partial[1].":".$mac_partial[2]."
";
26 | print "MAC: ".$mac;
27 | }
28 | }
--------------------------------------------------------------------------------
/app/admin/required-fields/submit.php:
--------------------------------------------------------------------------------
1 | check_user_session();
19 | # check maintaneance mode
20 | $User->check_maintaneance_mode ();
21 |
22 | # set fields to update
23 | $values = array("id"=>1,
24 | "IPrequired"=>implode(';', $_POST));
25 |
26 | # update
27 | if(!$Admin->object_modify("settings", "edit", "id", $values)) { $Result->show("danger alert-absolute", _("Update failed"), true); }
28 | else { $Result->show("success alert-absolute", _('Update successfull'), true); }
--------------------------------------------------------------------------------
/functions/upgrade_queries.php:
--------------------------------------------------------------------------------
1 | $queries) {
29 | if ($version > $argv[1]) {
30 | print "\n\n"."/* VERSION $version */"."\n";
31 | foreach ($queries as $q) {
32 | print trim($q)."\n";
33 | }
34 | }
35 | }
36 | }
--------------------------------------------------------------------------------
/app/admin/settings/logo/logo-clear.php:
--------------------------------------------------------------------------------
1 | check_user_session();
16 |
17 | // define file
18 | $file = dirname(__FILE__)."/../../../../css/images/logo/logo.png";
19 |
20 | # try to remove logo
21 | try {
22 | if(!is_writable($file)) {
23 | throw new Exception("File $file not writable");
24 | }
25 | // remove
26 | unlink($file);
27 | // ok
28 | $Result->show("success", "Logo removed");
29 | }
30 | catch(Exception $e) {
31 | $Result->show("danger", "Cannot remove logo file ".$file." - error ".$e->getMessage());
32 | }
--------------------------------------------------------------------------------
/app/admin/index.php:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/app/sections/section-subnets.php:
--------------------------------------------------------------------------------
1 | check_user_session ();
7 |
8 | # must be numeric
9 | if(!is_numeric($_GET['section'])) { $Result->show("danger", _('Invalid ID'), true); }
10 |
11 | $section = $Sections->fetch_section (null, $_GET['section']);
12 |
13 | # title
14 | print ""._('Available subnets')."
";
15 | print $Sections->print_section_subnets_table($User, $_GET['section'], $section->showSupernetOnly);
16 |
17 | # check Available subnets for subsection
18 | $subsections = $Sections->fetch_subsections($_GET['section']);
19 |
20 | # subsection subnets
21 | if(is_array($subsections)) {
22 | foreach($subsections as $ss) {
23 | print "
"._('Available subnets in subsection')." $ss->name [$ss->description]
";
24 | print $Sections->print_section_subnets_table($User, $ss->id, $ss->showSupernetOnly);
25 | }
26 | }
--------------------------------------------------------------------------------
/app/tools/search/opensearch.php:
--------------------------------------------------------------------------------
1 | settings->siteTitle;
12 | $site_url = $User->settings->siteURL;
13 |
14 | header('Content-Type: application/xml');
15 |
16 | print "
17 | $site_title search
18 | Search for Subnets, IP-Addresses, VLANS, VRFs
19 | IPAM IP Address Subnet VLAN VRF
20 | {$site_url}/css/images/favicon.png
21 |
22 | ";
--------------------------------------------------------------------------------
/functions/classes/class.Config.php:
--------------------------------------------------------------------------------
1 | {$name}))
32 | return self::$config->{$name};
33 | else
34 | return $default_value;
35 | }
36 | }
--------------------------------------------------------------------------------
/app/admin/custom-fields/order.php:
--------------------------------------------------------------------------------
1 | check_user_session();
19 |
20 | # some verifications
21 | if( (empty($_POST['current'])) || (empty($_POST['next'])) ) { $Result->show("danger", _('Fileds cannot be empty')."!", true); }
22 |
23 |
24 | /* reorder */
25 | if(!$Admin->reorder_custom_fields($_POST['table'], $_POST['next'], $_POST['current'])) { $Result->show("danger", _('Reordering failed')."!", true); }
26 | else { $Result->show("success", _('Fields reordered successfully')."!");}
27 |
28 | ?>
--------------------------------------------------------------------------------
/app/admin/filter-fields/filter-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
19 | # check maintaneance mode
20 | $User->check_maintaneance_mode ();
21 |
22 | # set fields to update
23 | $values = array("id"=>1,
24 | "IPfilter"=>implode(';', $_POST));
25 |
26 | # update
27 | if(!$Admin->object_modify("settings", "edit", "id", $values)) {
28 | $Result->show("danger alert-absolute", _("Update failed"), true); }
29 | else {
30 | $Result->show("success alert-absolute", _('Update successful'), true);
31 | }
32 |
33 | ?>
34 |
--------------------------------------------------------------------------------
/app/tools/multicast-networks/create_mac.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # check that multicast is enabled
20 | if ($User->settings->enableMulticast!="1") { die("False"); }
21 |
22 | # validations
23 | if ($Subnets->verify_cidr ($_POST['ip'])===false) { die("False"); }
24 | if ($Subnets->is_multicast ($_POST['ip'])===false) { die("False"); }
25 |
26 | # get mac
27 | $text = $Subnets->create_multicast_mac ($_POST['ip']);
28 |
29 | # print mas
30 | if ($text===false) { die("False"); }
31 | else { print $text; }
32 |
33 | ?>
--------------------------------------------------------------------------------
/app/admin/powerDNS/refresh-ptr-records.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
9 |
10 |
11 |
12 |
13 |
> Regenerate
14 |
15 |
16 |
17 |
18 |
19 | "._("Invalid Subnet ID")."
"._('Location')."
";
7 |
8 | // set?
9 | if ($device->location!=0 && strlen($device->location)>0) {
10 | // array
11 | $device = (array) $device;
12 | // fake data
13 | $loc_old = $location;
14 | unset($location);
15 | $location_index = $device['location'];
16 |
17 | $sid_orig = $_GET['subnetId'];
18 | $_GET['subnetId'] = $device['location'];
19 |
20 | $hide_title = true;
21 | include(dirname(__FILE__).'/../../locations/single-location.php');
22 |
23 | $_GET['subnetId'] = $sid_orig;
24 | $location = $loc_old;
25 | }
26 | else {
27 | $Result->show("info", _("Location is not set for this device"), false);
28 | }
29 | }
--------------------------------------------------------------------------------
/app/tools/index.php:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/app/admin/ripe-import/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 | ?>
10 |
11 |
12 |
13 |
14 |
15 | show("info alert-absolute", _('This script imports subnets from RIPE database for specific AS. Enter desired AS to search for subnets'), false); ?>
16 |
17 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/app/tools/instructions/index.php:
--------------------------------------------------------------------------------
1 | fetch_object("instructions", "id", 1);
9 | $instructions = $instructions->instructions;
10 |
11 | /* format line breaks */
12 | $instructions = stripslashes($instructions); //show html
13 |
14 | /* prevent
--------------------------------------------------------------------------------
/app/subnets/addresses/address-details/address-details-location.php:
--------------------------------------------------------------------------------
1 | check_user_session();
4 |
5 | if($User->get_module_permissions ("locations")==User::ACCESS_NONE) {
6 | $Result->show ("danger", _("You do not have permissions to access this module"), true);
7 | }
8 | # only if set
9 | elseif (is_numeric($address['location'])) {
10 | if($address['location']>0) {
11 | // fake data
12 | $loc_old = $location;
13 | unset($location);
14 | $location_index = $address['location'];
15 | $resize = false;
16 | $height = "500px;";
17 |
18 | $sid_orig = $_GET['subnetId'];
19 | $_GET['subnetId'] = $address['location'];
20 |
21 | $hide_title = true;
22 |
23 | include(dirname(__FILE__).'/../../../tools/locations/single-location.php');
24 |
25 | // back
26 | $_GET['subnetId'] = $sid_orig;
27 | $location = $loc_old;
28 | }
29 | else {
30 | $Result->show('info', _('Location not set !'), false);
31 | }
32 | }
33 | else {
34 | $Result->show('info', _('Location not set !'), false);
35 | }
--------------------------------------------------------------------------------
/app/admin/verify-database/fix.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # admin user is required
20 | $User->is_admin(true);
21 |
22 | /* verifications */
23 | if(!isset($_POST['tableid']) || strlen(@$_POST['tableid'])<1 ) {
24 | $Result->show("danger", _("Wrong parameters"), true);
25 | }
26 | else {
27 | //fix table
28 | if($_POST['type'] == "table") {
29 | $Tools->fix_table($_POST['tableid']);
30 | $Result->show("success", _('Table fixed'));
31 | }
32 | //fix field
33 | elseif($_POST['type'] == "field") {
34 | $Tools->fix_field($_POST['tableid'], $_POST['fieldid']);
35 | $Result->show("success", _('Field fixed'));
36 | }
37 | else {
38 | $Result->show("danger", _("Wrong parameters"), true);
39 | }
40 | }
41 | ?>
--------------------------------------------------------------------------------
/app/tools/ip-calculator/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
4 |
5 | # default load ip-calculator
6 | if(!isset($_GET['subnetId'])) {
7 | $_GET['subnetId'] = "ip-calculator";
8 | }
9 | ?>
10 |
11 |
12 |
13 |
14 |
15 |
19 |
20 |
21 | show("danger", _("Invalid request"), false);
30 | }
--------------------------------------------------------------------------------
/app/subnets/subnet-details/subnet-location.php:
--------------------------------------------------------------------------------
1 | check_user_session();
4 |
5 | # perm check
6 | if($User->get_module_permissions ("locations")==User::ACCESS_NONE) {
7 | $Result->show ("danger", _("You do not have permissions to access this module"), true);
8 | }
9 | # only if set
10 | elseif (is_numeric($subnet['location'])) {
11 | if($subnet['location']>0) {
12 | // fake data
13 | $loc_old = $location;
14 | unset($location);
15 | $location_index = $subnet['location'];
16 | $resize = false;
17 | $height = "500px;";
18 |
19 | $sid_orig = $_GET['subnetId'];
20 | $_GET['subnetId'] = $subnet['location'];
21 |
22 | $hide_title = true;
23 |
24 | include(dirname(__FILE__).'/../../tools/locations/single-location.php');
25 |
26 | // back
27 | $_GET['subnetId'] = $sid_orig;
28 | $location = $loc_old;
29 | $subnet = (array) $subnet;
30 | }
31 | else {
32 | $Result->show('info', _('Location not set !'), false);
33 | }
34 | }
35 | else {
36 | $Result->show('info', _('Location not set !'), false);
37 | }
--------------------------------------------------------------------------------
/app/subnets/addresses/address-details/address-details-permissions.php:
--------------------------------------------------------------------------------
1 | check_user_session();
4 |
5 | # user admin
6 | $User->is_admin();
7 |
8 | # get groups
9 | $groups = $Tools->fetch_all_objects ("userGroups", "g_name");
10 |
11 | # parse permissions
12 | $s_permissions = json_decode($subnet['permissions']);
13 |
14 | // title
15 | print ""._('Address permissions').":
";
16 |
17 | // show permissions
18 | if ($groups!==false) {
19 | # parse permissions
20 | if(strlen($subnet['permissions'])>1) { $permissons = $Sections->parse_section_permissions($subnet['permissions']); }
21 | else { $permissons = ""; }
22 |
23 | print "";
24 |
25 | # print each group
26 | foreach ($groups as $g) {
27 | //cast
28 | $g = (array) $g;
29 |
30 | print "";
31 | print " | $g[g_name] | ";
32 | print " ";
33 | print $Subnets->parse_permissions(@$permissons[$g['g_id']]);
34 | print " | ";
35 | print "
";
36 | }
37 |
38 | print "
";
39 | }
40 | else {
41 | $Result->show("info", _('No groups available'));
42 | }
43 | ?>
--------------------------------------------------------------------------------
/app/tools/pstn-prefixes/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # fetch custom fields
11 | $custom = $Tools->fetch_custom_fields('pstnPrefixes');
12 |
13 | # get hidden fields
14 | $hidden_custom_fields = json_decode($User->settings->hiddenCustomFields, true);
15 | $hidden_custom_fields = is_array(@$hidden_custom_fields['pstnPrefixes']) ? $hidden_custom_fields['pstnPrefixes'] : array();
16 |
17 | # perm check
18 | if ($User->get_module_permissions ("pstn")==User::ACCESS_NONE) {
19 | $Result->show("danger", _("You do not have permissions to access this module"), false);
20 | }
21 | # check that prefix support isenabled
22 | elseif ($User->settings->enablePSTN != "1") {
23 | $Result->show("danger", _("PSTN prefixes module disabled."), false);
24 | }
25 | else {
26 | # all prefixes
27 | if (!isset($_GET['subnetId'])) {
28 | include("all-prefixes.php");
29 | } else { # single prefixes
30 | $isMaster = $Tools->count_database_objects("pstnPrefixes", "master", $_GET['subnetId']) != 0;
31 | include("single-prefix.php");
32 | }
33 | }
--------------------------------------------------------------------------------
/app/admin/custom-fields/filter-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
20 | # check maintaneance mode
21 | $User->check_maintaneance_mode ();
22 |
23 | # set table name
24 | $table = $_POST['table'];
25 | unset($_POST['table']);
26 |
27 | # fetch custom fields
28 | $fields = $Tools->fetch_custom_fields($table);
29 |
30 | /* enthing to write? */
31 | if(sizeof($_POST)>0) {
32 | foreach($_POST as $k=>$v) {
33 | $kTest = str_replace("___", " ", $k);
34 | $filtered_fields[] = array_key_exists($kTest, $fields) ? $kTest : $k;
35 | }
36 | }
37 | else {
38 | $filtered_fields = null;
39 | }
40 |
41 | /* save */
42 | if(!$Admin->save_custom_fields_filter($table, $filtered_fields)) { }
43 | else { $Result->show("success", _('Filter saved')); }
--------------------------------------------------------------------------------
/functions/checks/check_db_structure.php:
--------------------------------------------------------------------------------
1 | verify_database();
22 |
23 | # print result
24 | if( (!isset($errors['tableError'])) && (!isset($errors['fieldError'])) ) {
25 | print 'All tables and fields are installed properly'. "\n";
26 | }
27 | else {
28 | # missing tables
29 | if (isset($errors['tableError'])) {
30 | print 'Missing tables:'. "\n";
31 |
32 | foreach ($errors['tableError'] as $table) {
33 | print " - ".$table."\n";
34 | }
35 | }
36 |
37 | # missing fields
38 | if (isset($errors['fieldError'])) {
39 | print "\n".'Missing fields'. "\n";
40 |
41 | foreach ($errors['fieldError'] as $table=>$field) {
42 | print 'Table `'. $table .'`: missing field `'. $field .'`;'."\n";
43 | }
44 | }
45 | }
46 | print "\n";
47 | ?>
--------------------------------------------------------------------------------
/functions/classes/class.LockForUpdate.php:
--------------------------------------------------------------------------------
1 | Database = $Database;
27 |
28 | $tableName = $this->Database->escape($tableName);
29 |
30 | $this->Database->beginTransaction();
31 | $this->Database->runQuery("SELECT id FROM `$tableName` WHERE `id`=? FOR UPDATE;", [$id]);
32 | }
33 |
34 | /**
35 | * Commit transaction and release MySQL row lock
36 | */
37 | function __destruct() {
38 | $this->Database->commit();
39 | }
40 | }
--------------------------------------------------------------------------------
/app/install/sql_error.php:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/app/tools/locations/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # set admin
11 | $admin = $User->is_admin(false);
12 |
13 | # fetch custom fields
14 | $custom = $Tools->fetch_custom_fields('locations');
15 |
16 | # get hidden fields
17 | $hidden_custom_fields = json_decode($User->settings->hiddenCustomFields, true);
18 | $hidden_custom_fields = is_array(@$hidden_custom_fields['locations']) ? $hidden_custom_fields['locations'] : array();
19 |
20 | # perm check
21 | if ($User->get_module_permissions ("locations")==User::ACCESS_NONE) {
22 | $Result->show("danger", _("You do not have permissions to access this module"), false);
23 | }
24 | # check that location support isenabled
25 | elseif ($User->settings->enableLocations!="1") {
26 | $Result->show("danger", _("Locations module disabled."), false);
27 | }
28 | else {
29 | # all locations
30 | if(!isset($_GET['subnetId'])) {
31 | include("all-locations-list.php");
32 | }
33 | # map
34 | elseif ($_GET['subnetId']=="map") {
35 | include("all-locations-map.php");
36 | }
37 | # single location
38 | else {
39 | include("single-location.php");
40 |
41 | }
42 | }
--------------------------------------------------------------------------------
/js/ckeditor/config.js:
--------------------------------------------------------------------------------
1 | /**
2 | * @license Copyright (c) 2003-2012, CKSource - Frederico Knabben. All rights reserved.
3 | * For licensing, see LICENSE.html or http://ckeditor.com/license
4 | */
5 |
6 | CKEDITOR.editorConfig = function( config ) {
7 | // Define changes to default configuration here.
8 | // For the complete reference:
9 | // http://docs.ckeditor.com/#!/api/CKEDITOR.config
10 |
11 | // The toolbar groups arrangement, optimized for two toolbar rows.
12 | config.toolbarGroups = [
13 | { name: 'clipboard', groups: [ 'clipboard', 'undo' ] },
14 | { name: 'editing', groups: [ 'find', 'selection', 'spellchecker' ] },
15 | { name: 'links' },
16 | { name: 'insert' },
17 | { name: 'forms' },
18 | { name: 'tools' },
19 | { name: 'document', groups: [ 'mode', 'document', 'doctools' ] },
20 | { name: 'others' },
21 | '/',
22 | { name: 'basicstyles', groups: [ 'basicstyles', 'cleanup' ] },
23 | { name: 'colors' },
24 | { name: 'paragraph', groups: [ 'list', 'indent', 'blocks', 'align' ] },
25 | { name: 'styles' },
26 | /* { name: 'about' } */
27 | ];
28 |
29 | // Remove some buttons, provided by the standard plugins, which we don't
30 | // need to have in the Standard(s) toolbar.
31 | config.removeButtons = 'Underline,Subscript,Superscript';
32 | };
33 |
--------------------------------------------------------------------------------
/app/tools/ip-calculator/ip-calculator.php:
--------------------------------------------------------------------------------
1 | check_user_session();
4 | ?>
5 |
6 |
7 |
8 |
9 |
10 |
39 |
40 |
41 |
42 |
43 |
--------------------------------------------------------------------------------
/app/admin/authentication-methods/edit.php:
--------------------------------------------------------------------------------
1 | settings);
12 |
13 | # verify that user is logged in
14 | $User->check_user_session();
15 |
16 | # create csrf token
17 | $csrf = $User->Crypto->csrf_cookie ("create", "authmethods");
18 |
19 | # if edit check if protected?
20 | if($_POST['action']!="add") {
21 | $auth_method = $Admin->fetch_object("usersAuthMethod", "id", $_POST['id']);
22 | if($auth_method->protected=="Yes") { $Result->show("danger", _("Method cannot be change as it is protected"), true, true); }
23 | }
24 |
25 | # check for permitted auth methods
26 | $permitted_methods = $User->fetch_available_auth_method_types();
27 |
28 | # route to proper auth method editing
29 | if(!file_exists(dirname(__FILE__)."/edit-$_POST[type].php")) { $Result->show("danger", _("Invalid method type"), true, true); }
30 | elseif (!in_array($_POST['type'], $permitted_methods)) { $Result->show("danger", _("Invalid method type"), true, true); }
31 | else { include("edit-$_POST[type].php"); }
--------------------------------------------------------------------------------
/app/tools/tools-menu.php:
--------------------------------------------------------------------------------
1 | check_user_session();
10 |
11 | # print
12 | foreach($tools_menu as $k=>$tool) {
13 | print "";
42 | }
--------------------------------------------------------------------------------
/app/admin/routing/edit-bgp-mapping-delete.php:
--------------------------------------------------------------------------------
1 | check_user_session();
14 |
15 | # perm check popup
16 | $User->check_module_permissions ("routing", User::ACCESS_RW, true, true);
17 |
18 | # ID must be numeric
19 | if($_POST['action']!="add" && !is_numeric($_POST['bgpid'])) { $Result->show("danger", _("Invalid ID"), true, true); }
20 | ?>
21 |
22 |
23 |
24 |
25 |
26 |
27 | object_modify ("routing_subnets", "delete", "id", ["id"=>$_POST['bgpid']])) { $Result->show("danger", _("Mapping removal failed"), false); }
30 | else { $Result->show("success", _("Mapping removed"), false); }
31 | ?>
32 |
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/misc/Roadmap:
--------------------------------------------------------------------------------
1 | Feature candidates for 1.5:
2 | ---------------------------
3 |
4 | Features:
5 |
6 | - LDAP group authentication without local user (group with adldap2 migration)
7 | - Webhooks support - send data via json to external URL / script
8 | - Display free subnet ranges joined for each section
9 | - API - permit IP/subnet as identifier insteaad of index (GET /api/test/subnets/1/ > /api/test/subnets/10.10.10.0_24/) and name for other objects
10 |
11 |
12 | Optional:
13 | - User PowerDNS API instead of direct DB entries;
14 | - KEA management via API
15 | - DCIM improvements
16 | - NTP Server addresses
17 |
18 |
19 | New modules
20 | #769 Enhancement in Inventory management
21 | #653 interactive racks and DCIM improvements
22 | #696 Password management
23 | #545 Wirelless LAN list
24 |
25 |
26 |
27 | Ideas for next releases:
28 | ---------------------------
29 |
30 | + User
31 | + IP address owner (from internal users - suggestions);
32 | + Autocomplete mail addresses and owners from users table;
33 |
34 | + Configurable cron from UI;
35 |
36 | + Tools enhancements
37 | + Changelog for VLANs, l2-domains, devices or vrf's, nameservers and firewallzones;
38 |
39 | + Subnet, addresses
40 | + assign a state to a subnet, vlan;
--------------------------------------------------------------------------------
/app/admin/mail/edit.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 | # check maintaneance mode
19 | $User->check_maintaneance_mode ();
20 |
21 | # validate csrf cookie
22 | $User->Crypto->csrf_cookie ("validate", "mail", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
23 |
24 | # set update query
25 | $values = array("id"=>1,
26 | "mtype"=>$_POST['mtype'],
27 | "msecure"=>@$_POST['msecure'],
28 | "mauth"=>@$_POST['mauth'],
29 | "mserver"=>@$_POST['mserver'],
30 | "mport"=>@$_POST['mport'],
31 | "muser"=>@$_POST['muser'],
32 | "mpass"=>@$_POST['mpass'],
33 | "mAdminName"=>@$_POST['mAdminName'],
34 | "mAdminMail"=>@$_POST['mAdminMail']
35 | );
36 |
37 | # update
38 | if(!$Admin->object_modify("settingsMail", "edit", "id", $values)) { $Result->show("danger", _('Cannot update settings').'!', true); }
39 | else { $Result->show("success", _('Settings updated successfully')."!", true); }
40 | ?>
--------------------------------------------------------------------------------
/app/tools/racks/draw_rack.php:
--------------------------------------------------------------------------------
1 | check_user_session();
17 | # verify module permissions
18 | $User->check_module_permissions ("racks", User::ACCESS_R, true);
19 |
20 | # init racks object
21 | $Racks = new phpipam_rack ($Database);
22 |
23 | # deviceId not set or empty - set to 0
24 | if (empty($_GET['deviceId'])) { $_GET['deviceId'] = 0; }
25 |
26 | # validate rackId
27 | if (!is_numeric($_GET['rackId'])) { die(); }
28 | if (!is_numeric($_GET['deviceId'])) { die(); }
29 |
30 | # fetch rack
31 | $rack = $User->fetch_object("racks", "id", $_GET['rackId']);
32 | if ($rack===false) { die(); }
33 |
34 | # permission - dont draw names if user has no access to devices
35 | $draw_names = $User->get_module_permissions ("devices")>=User::ACCESS_R ? true : false;
36 |
37 | # back
38 | if(@$_GET['is_back']=="1") {
39 | $Racks->draw_rack ($_GET['rackId'],$_GET['deviceId'], true, $draw_names);
40 | }
41 | else {
42 | $Racks->draw_rack ($_GET['rackId'],$_GET['deviceId'], false, $draw_names);
43 | }
--------------------------------------------------------------------------------
/app/subnets/subnet-details/subnet-map-search.php:
--------------------------------------------------------------------------------
1 | identify_address($subnet['subnet'])=="IPv6") {
12 | $biggest_subnet_mask = $subnet['mask']+10>128 ? 128 : $subnet['mask'];
13 | $pow = 128;
14 | }
15 | else {
16 | $biggest_subnet_mask = $subnet['mask']+10>32 ? 32 : $subnet['mask'];
17 | $pow = 32;
18 | }
19 |
20 |
21 | //
22 | // Select mask
23 | //
24 | $masks = [];
25 | print ""._("Select mask").":
";
26 | for($m=$biggest_subnet_mask+1; $m<=$pow; $m++) {
27 | // active
28 | $active = $m==$_GET['ipaddrid'] ? "btn-success" : "";
29 |
30 | // number of subnets
31 | $subnet_num = @gmp_strval(gmp_pow(2, ($m-$subnet['mask'])));
32 |
33 | // print link
34 | print "/$m ($subnet_num "._("Subnets").")
";
35 | // save to masks array
36 | $masks[] = $m;
37 | }
38 |
39 |
40 | // validate
41 |
42 |
43 |
44 |
45 | //
46 | // include
47 | //
48 | if(is_numeric(@$_GET['ipaddrid'])) {
49 | $from_search = true;
50 | $from_search_mask = $_GET['ipaddrid']+1;
51 |
52 | print ""._("Result").":
";
53 |
54 | // include
55 | include ('subnet-map.php');
56 | }
57 |
--------------------------------------------------------------------------------
/app/tools/customers/customer/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
10 | # verify module permissions
11 | $User->check_module_permissions ("customers", User::ACCESS_R, true);
12 |
13 | # strip tags - XSS
14 | $_GET = $User->strip_input_tags ($_GET);
15 | # fetch customer
16 | $customer = $Tools->fetch_object("customers", "title", urldecode($_GET['subnetId']));
17 |
18 | # get custom fields
19 | $custom_fields = $Tools->fetch_custom_fields('customers');
20 | # get hidden fields */
21 | $hidden_fields = json_decode($User->settings->hiddenCustomFields, true);
22 | $hidden_fields = is_array(@$hidden_fields['customers']) ? $hidden_fields['customers'] : array();
23 |
24 | # structure and include details
25 | print "";
26 |
27 | // invlid ?
28 | if ($customer===false) {
29 | $Result->show ("danger", _("Invalid customer"), false);
30 | }
31 | else {
32 | // details
33 | print "
";
34 | include ("details.php");
35 | print "
";
36 |
37 | // map
38 | print "
";
39 | if($User->settings->enableLocations==1)
40 | include ("map.php");
41 | print "
";
42 |
43 | // objects
44 | print "
";
45 | include ("objects.php");
46 | print "
";
47 | }
48 | print "
";
34 | include_once("folder-menu.php");
35 | print "
";
--------------------------------------------------------------------------------
/js/ckeditor/plugins/about2/dialogs/about.js:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright (c) 2003-2013, CKSource - Frederico Knabben. All rights reserved.
3 | For licensing, see LICENSE.html or http://ckeditor.com/license
4 | */
5 | CKEDITOR.dialog.add("about",function(a){a=a.lang.about;return{title:CKEDITOR.env.ie?a.dlgTitle:a.title,minWidth:390,minHeight:230,contents:[{id:"tab1",label:"",title:"",expand:!0,padding:0,elements:[{type:"html",html:'"}]}],buttons:[CKEDITOR.dialog.cancelButton]}});
--------------------------------------------------------------------------------
/functions/scripts/find_full_subnets.php:
--------------------------------------------------------------------------------
1 | fetch_all_objects ("subnets");
18 |
19 | # loop and check usage for each, make sure it does not have any parent
20 | foreach ($all_subnets as $k=>$s) {
21 | // marked as full should not be checked
22 | if ($s->isFull!=1) {
23 | // parent check
24 | if (!$Subnets-> has_slaves ($s->id)) {
25 | // calculate usage
26 | $usage = $Subnets->calculate_subnet_usage ($s);
27 | // if more than $threshold report
28 | if ($usage['freehosts_percent']<(100-$limit)) {
29 | // this subnet has high usage, save it to array
30 | $out[$k]['subnet'] = $Subnets->transform_address($s->subnet, "dotted")."/".$s->mask;
31 | $out[$k]['description'] = $s->description;
32 | $out[$k]['usage'] = $usage;
33 | }
34 | }
35 | }
36 | }
37 |
38 | # any fount
39 | if (isset($out)) {
40 | // do something with output
41 | print_r($out);
42 | }
43 | ?>
--------------------------------------------------------------------------------
/app/tools/ip-calculator/bw-calculator-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
11 |
12 | // process input values
13 | $tcp = $_POST['wsize'];
14 | $delay = $_POST['delay'];
15 | $fsize = $_POST['fsize'];
16 |
17 | // get mbps values from config
18 | $mbps = round($tcp/($delay/1000)/(1024*1024),2);
19 |
20 | // Calculate transfer time
21 | $time = round(($fsize / $mbps), 2);
22 |
23 | // set network type
24 | if($delay<1) { $type = "LAN"; }
25 | elseif($delay<20) { $type = "MAN"; }
26 | else { $type = "WAN"; }
27 | ?>
28 |
29 |
30 |
31 |
32 | :
33 |
sec2hms($time); ?>
34 |
35 |
36 |
37 |
38 |
39 | :
40 |
41 | -
42 | -
43 | -
44 | -
45 | -
46 |
47 |
48 |
49 |
--------------------------------------------------------------------------------
/app/admin/customers/unlink.php:
--------------------------------------------------------------------------------
1 | check_user_session();
19 | // verify module permissions
20 | $User->check_module_permissions ("customers", User::ACCESS_RW, true, true);
21 | // check maintaneance mode
22 | $User->check_maintaneance_mode ();
23 | // get modified details
24 | $_POST = $Admin->strip_input_tags($_POST);
25 |
26 | // make sure correct object is applied
27 | if(!array_key_exists($_POST['object'], $Tools->get_customer_object_types())) {
28 | $Result->show ("danger", _("Invalid object"), true, true);
29 | }
30 | // ID must be numeric
31 | if (!is_numeric($_POST['id'])) {
32 | $Result->show ("danger", _("Invalid object ID"), true, true);
33 | }
34 |
35 | // set field
36 | $field = "id";
37 | if($_POST['object']=="vlans") { $field = "vlanId"; }
38 | elseif($_POST['object']=="vrf") { $field = "vrfId"; }
39 |
40 | // unlink
41 | if ($Admin->object_modify ($_POST['object'], "edit", $field, [$field=>$_POST['id'], "customer_id"=>NULL])!==false) {
42 | $Result->show ("success", _("Object removed"), true, true, false, false, true);
43 | }
--------------------------------------------------------------------------------
/app/login/captchashow.php:
--------------------------------------------------------------------------------
1 | 425, // width of captcha image in pixels
16 | 'image_height' => 50, // height of captcha image in pixels
17 | 'code_length' => 6, // # of characters for captcha code
18 | 'image_bg_color' => '#ffffff', // hex color for image background
19 | 'text_color' => '#707070', // hex color for captcha text
20 | 'line_color' => '#202020', // hex color for lines over text
21 | 'num_lines' => 5, // # of lines to draw over text
22 | 'wordlist_file' => 'words/words.txt', // text file for word captcha
23 | 'use_wordlist' => false, // true to use word list
24 | 'wordlist_file_encoding' => null, // character encoding of word file if other than ASCII (e.g. UTF-8, GB2312)
25 | 'ttf_file' => './captcha/AHGBold.ttf', // TTF file for captcha text
26 | 'no_session' => false,
27 | 'session_name' => Config::ValueOf('phpsessname', 'phpipam'),
28 | 'use_database' => false
29 | );
30 |
31 | // construct
32 | $captcha = new Securimage($options);
33 |
34 | // show the image, this sends proper HTTP headers
35 | $captcha->show();
--------------------------------------------------------------------------------
/app/subnets/scan/subnet-scan-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # check if $_POST input data has been truncated (canary=true input dropped)
20 | if(!isset($_POST['canary']))
21 | $Result->show("danger", _("Number of discovered hosts exceed maximum possible defined by php.ini")."
"._("Please increase your php.ini setting:"). " `max_input_vars` = ".ini_get('max_input_vars'), true);
22 | else
23 | unset($_POST['canary']);
24 |
25 | # validate csrf cookie
26 | $User->Crypto->csrf_cookie ("validate", "scan", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
27 |
28 | $type = $_POST['type'];
29 |
30 | switch ($type) {
31 | case "scan-icmp":
32 | case "scan-telnet":
33 | case "scan-snmp-arp":
34 | case "snmp-mac":
35 | case "snmp-route-all":
36 | require("subnet-scan-result-$type.php");
37 | break;
38 | default:
39 | $Result->show("danger", _("Invalid scan type").' ('.escape_input($type).')', true);
40 | }
--------------------------------------------------------------------------------
/app/admin/subnets/split-save.php:
--------------------------------------------------------------------------------
1 | check_user_session();
20 | # check maintaneance mode
21 | $User->check_maintaneance_mode ();
22 |
23 | # validate csrf cookie
24 | $User->Crypto->csrf_cookie ("validate", "split", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
25 |
26 |
27 | # id must be numeric
28 | if(!is_numeric($_POST['subnetId'])) { $Result->show("danger", _("Invalid ID"), true); }
29 |
30 | # get subnet details
31 | $subnet_old = $Subnets->fetch_subnet (null, $_POST['subnetId']);
32 |
33 | # verify that user has write permissions for subnet
34 | $subnetPerm = $Subnets->check_permission ($User->user, $subnet_old->id);
35 | if($subnetPerm < 3) { $Result->show("danger", _('You do not have permissions to resize subnet').'!', true); }
36 |
37 | # verify
38 | $Subnets->subnet_split ($subnet_old, $_POST['number'], $_POST['prefix'], @$_POST['group'], @$_POST['custom_fields']);
39 |
40 | # all good
41 | $Result->show("success", _("Subnet splitted successfully")."!", true);
--------------------------------------------------------------------------------
/app/tools/circuits/physical-circuits/circuit-details-logical-parents.php:
--------------------------------------------------------------------------------
1 | check_module_permissions ("circuits", User::ACCESS_R, true, false);
8 |
9 | # title
10 | print ""._('Logical circuits')."
";
11 | print "
";
12 | # circuit
13 | if($logical_circuits!==false){
14 |
15 | print ""._("This circuit is member of the following logical circuits").":";
16 |
17 | # table
18 | print '';
19 | # headers
20 | print "";
21 | print '';
22 | print " | "._('Circuit ID')." | ";
23 | print " "._('Purpose').' | ';
24 | print " "._('Circuit Count').' | ';
25 | print '
';
26 | print "";
27 |
28 | print "";
29 | foreach ($logical_circuits as $circuit) {
30 | //print details
31 | print ''. "\n";
32 | print " | id)."'> $circuit->logical_cid | ";
33 | print " ".$circuit->purpose." | ";
34 | print " ".$circuit->member_count." | ";
35 | print '
'. "\n";
36 |
37 | }
38 | print "";
39 | print "
";
40 | }
41 | else {
42 | $Result->show("info", _("This circuit is not a member of any logical circuit."));
43 | }
--------------------------------------------------------------------------------
/app/footer.php:
--------------------------------------------------------------------------------
1 |
41 |
--------------------------------------------------------------------------------
/app/subnets/subnet-details/subnet-permissions.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | check_user_session();
7 |
8 | # user admin
9 | $User->is_admin();
10 |
11 | # get groups
12 | $groups = $Tools->fetch_all_objects ("userGroups", "g_name");
13 |
14 | // show permissions
15 | if ($groups!==false) {
16 | # parse permissions
17 | if(strlen($subnet['permissions'])>1) { $s_permissons = $Sections->parse_section_permissions($subnet['permissions']); }
18 | else { $s_permissons = ""; }
19 |
20 | print "";
21 |
22 | # print each group
23 | foreach ($groups as $g) {
24 | //cast
25 | $g = (array) $g;
26 |
27 | print "";
28 | print " | $g[g_name] | ";
29 | print " ";
30 | print $Subnets->parse_permissions(@$s_permissons[$g['g_id']]);
31 | print " | ";
32 | print "
";
33 | }
34 |
35 | # manage
36 | print "";
37 | print "
| ";
38 | print "
";
39 |
40 | print "";
41 | print " | ";
42 | print " ";
43 | print " "._("Manage subnet permissions")."";
44 | print " | ";
45 | print "
";
46 |
47 | print "
";
48 | }
49 | else {
50 | $Result->show("info", _('No groups available'));
51 | }
52 | ?>
--------------------------------------------------------------------------------
/app/dashboard/widgets/ipcalc-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
23 |
24 | # get requested IP addresses in CIDR format
25 | $cidr = $_POST['cidr'];
26 |
27 | # verify input CIDR and die if errors
28 | $errors = $Subnets->verify_cidr_address ($cidr, false);
29 | $errors===true ? : $Result->show("danger", _('Invalid input').': '.$errors,true);
30 |
31 | # fetch all sections
32 | $Sections->fetch_sections();
33 |
34 | # calculate results
35 | $calc_results = $Tools->calculate_ip_calc_results($cidr);
36 | ?>
37 |
38 | :
39 |
40 |
41 |
42 |
43 |
44 | $line) {
47 | print '';
48 | print ' | '._("$key").' | ';
49 | print ' '. $line .' | ';
50 | print '
';
51 |
52 | $m++;
53 | }
54 | ?>
55 |
56 |
--------------------------------------------------------------------------------
/app/tools/user-menu/index.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # create csrf token
11 | $csrf = $User->Crypto->csrf_cookie ("create", "user-menu");
12 |
13 | # fetch all languages
14 | $langs = $User->fetch_langs();
15 |
16 | /* print hello */
17 | print "".$User->user->real_name.", "._('here you can change your account details').":
";
18 | print "
";
19 |
20 | ?>
21 |
22 |
23 | "Account details",
27 | "widgets" => "Widgets"
28 | ];
29 |
30 | // module permisisons
31 | $subpages['permissions'] = "Module permissions";
32 |
33 | // 2fa
34 | if ($User->settings->{'2fa_provider'}!=='none') {
35 | $subpages['2fa'] = "Two-factor authentication";
36 | }
37 |
38 | // default tab
39 | if(!isset($_GET['subnetId'])) {
40 | $_GET['subnetId'] = "account";
41 | }
42 |
43 | // check
44 | if(!array_key_exists($_GET['subnetId'], $subpages)) { $Result->show("danger", "Invalid request", true); }
45 |
46 | // print
47 | foreach($subpages as $href=>$t) {
48 | $class = $_GET['subnetId']==$href ? "class='active'" : "";
49 | print "- ". _($t)."
";
50 | }
51 | ?>
52 |
53 |
54 |
55 |
59 |
--------------------------------------------------------------------------------
/app/admin/users/print-user/authentication.php:
--------------------------------------------------------------------------------
1 |
2 |
|
3 |
4 |
5 |
6 | |
7 | role; ?> |
8 |
9 |
10 | |
11 |
12 | No auth method"; }
14 | else { print $auth_details->type." (".$auth_details->description.")"; }
15 | ?>
16 | |
17 |
18 |
19 | |
20 | lastLogin)>0 ? $user->lastLogin : ""._("Never").""; ?> |
21 |
22 |
23 | |
24 | lastActivity)>0 ? $user->lastActivity : ""._("Never").""; ?> |
25 |
26 |
27 | |
28 |
29 | role == "Administrator") {
31 | print _('All groups');
32 | }
33 | else {
34 | $groups = json_decode($user->groups, true);
35 | $gr = $Admin->groups_parse($groups);
36 | if(sizeof($gr)>0) {
37 | foreach($gr as $group) {
38 | print $group['g_name']."
";
39 | }
40 | }
41 | else {
42 | print "No groups";
43 | }
44 | }
45 | ?>
46 | |
47 |
48 |
49 | |
50 | passChange; ?> |
51 |
--------------------------------------------------------------------------------
/app/dashboard/widgets/instructions.php:
--------------------------------------------------------------------------------
1 | check_user_session ();
23 |
24 | # no errors!
25 | //ini_set('display_errors', 0);
26 |
27 | # set size parameters
28 | $height = 200;
29 | $slimit = 5; //we dont need this, we will recalculate
30 |
31 | # count
32 | $m = 0;
33 |
34 | // fetch widget
35 | $widget = $Tools->fetch_object ("widgets", "wfile", "instructions");
36 |
37 | # if direct request include plot JS
38 | if($_SERVER['HTTP_X_REQUESTED_WITH']!="XMLHttpRequest") {
39 | # get widget details
40 | if(!$widget = $Tools->fetch_object ("widgets", "wfile", $_REQUEST['section'])) { $Result->show("danger", _("Invalid widget"), true); }
41 | # reset size and limit
42 | $height = 350;
43 | $slimit = 100;
44 | # and print title
45 | print "";
46 | print "
$widget->wtitle
";
47 | print "";
48 | }
49 |
50 | $i_am_a_widget = true;
51 | require( dirname(__FILE__) . '/../../tools/instructions/index.php' );
--------------------------------------------------------------------------------
/api/README:
--------------------------------------------------------------------------------
1 | phpIPAM API documentation v 1.16
2 | ================================
3 |
4 | phpIPAM provides API server for providing data to clients. It is a webapp and can be called
5 | via HTTP requests by providing appropriate GET parameters that define controller, actions and
6 | additional parameters required for each controller, such as id, name, etc.
7 |
8 | Response is in JSON format with success true or false and provided error message or object.
9 |
10 | You can find examples of client API calls in folder api/_examples/.
11 |
12 | Since version 1.16 API has 3 different security models:
13 | * Crypt
14 | * SSL
15 | * None
16 |
17 | If security type is crypt client based request values can be encrypted with app_id and app_code.
18 | You first have to enable API module in phpipam administration and create an app_id and app_code,
19 | that will be used for external app with appropriate permissions. ApiCaller in included in
20 | _examples directory of phpipam.
21 |
22 | For SSL and none security models crypting is not used, only app_id is required to match app and
23 | permissions for it.
24 |
25 | For security set to none all information will be sent via clear text, use with caution in internal
26 | network, use of no security is HIGHLY discouraged, but might be needed in some cases.
27 |
28 |
29 | API documentation and references are available on phpipam API website (http://phpipam.net/api/);
30 |
31 |
32 | Example for JSON POST:
33 | curl -X POST -H "Content-Type: application/json" -d '{"name":"Test Section","description":"My Section"}' "http://api.phpipam.net/api/myAPP/sections/"
--------------------------------------------------------------------------------
/app/admin/import-export/export-vrf-field-select.php:
--------------------------------------------------------------------------------
1 | check_user_session();
16 |
17 | ?>
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 | ';
29 |
30 | # table
31 | print "
';
46 | print '';
47 |
48 | ?>
49 |
50 |
15 |
16 | settings->enableFirewallZones==1) {
19 | ?>
20 |
21 |
22 | show("danger", "Invalid request", true); }
33 |
34 | # print
35 | foreach($tabs as $t) {
36 | $class = $_GET['subnetId']==$t ? "class='active'" : "";
37 | print "- ". _(ucwords($t))."
";
38 | }
39 | ?>
40 |
41 |
42 |
43 | show("danger", "Invalid request", true); }
46 | else { include(dirname(__FILE__) . '/'.$_GET['subnetId'].".php"); }
47 | ?>
48 |
49 |
50 | show("info", _('Please enable the firewall zone module under server management'), false);
53 | }
54 | ?>
55 |
--------------------------------------------------------------------------------
/app/admin/subnets/linked-subnet-submit.php:
--------------------------------------------------------------------------------
1 | check_user_session();
19 | # check maintaneance mode
20 | $User->check_maintaneance_mode ();
21 |
22 | # strip input tags
23 | $_POST = $Admin->strip_input_tags($_POST);
24 |
25 | # validate csrf cookie
26 | $User->Crypto->csrf_cookie ("validate", "linkedsubnet", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
27 |
28 | # check subnet permissions
29 | if($Subnets->check_permission ($User->user, $_POST['subnetId']) != 3) { $Result->show("danger", _('You do not have permissions to add edit/delete this subnet')."!", true); }
30 |
31 | # ID must be numeric
32 | if(!is_numeric($_POST['subnetId'])) { $Result->show("danger", _("Invalid ID"), true); }
33 | if(!is_numeric($_POST['linked_subnet'])) { $Result->show("danger", _("Invalid ID"), true); }
34 |
35 | # submit
36 | $values = array(
37 | "id" => $_POST['subnetId'],
38 | "linked_subnet" => $_POST['linked_subnet']
39 | );
40 |
41 | # verify that user has write permissions for subnet
42 | if($Subnets->modify_subnet ("edit", $values)!==false) {
43 | $Result->show("success", _("Subnet linked"), false);
44 | }
45 | ?>
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Bug report
3 | about: Create a report to help us improve
4 | title: ''
5 | labels: 'bug report'
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Describe the bug**
11 | A clear and concise description of what the bug is.
12 |
13 | **phpIPAM version**
14 | Bug fixes are supported in the latest production and development releases. Please update to a supported release before reporting issues. Please search for existing Issues (including closed Issues) before submitting duplicates.
15 |
16 | Versions of phpIPAM known to contain the issue (delete as appropriate).
17 |
18 | - Latest git `master` development branch.
19 | - Latest production release [1.32].
20 | - Older obsolete release (please specify version). Issues upgrading to a supported release only.
21 |
22 | **Your Environment (please supply the following information):**
23 | - phpIPAM version: [e.g. 1.32 or master]
24 | - OS [e.g. Ubuntu 16.04 64bit]
25 | - PHP version [e.g. php 7.2 64bit]
26 | - Webserver [e.g Apache/NGINX]
27 | - Database [e.g MariaDB 10.2]
28 |
29 | **Steps To Reproduce**
30 | Please include steps to reproduce the issue:
31 | 1. Go to '...'
32 | 2. Click on '....'
33 | 3. Scroll down to '....'
34 | 4. See error
35 |
36 | **Screenshots and error logs**
37 | Please set `$debugging=true;` in your config.php and include any reported error messages. If applicable, add screenshots or other error logs to help explain your problem.
38 |
39 | **Additional Info**
40 | Add any other useful info about the problem here. e.g enabled modules or advanced usage such as MySQL clustering/reverse proxies.
--------------------------------------------------------------------------------
/app/tools/multicast-networks/validate_mac.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # check that multicast is enabled
20 | if ($User->settings->enableMulticast!="1") { die("True"); }
21 |
22 | # default vlan/id if not set
23 | if (strlen($_POST['vlanId'])==0) { $_POST['vlanId'] = 0; }
24 | if (strlen($_POST['id'])==0) { $_POST['id'] = 0; }
25 |
26 | # validations
27 | if (strlen($_POST['mac'])>21) { die("True"); }
28 | if (!is_numeric($_POST['sectionId'])) { die("True"); }
29 | if (!is_numeric($_POST['vlanId'])) { die("True"); }
30 | if (!is_numeric($_POST['id'])) { die("True"); }
31 |
32 | # if address is not multicast return true
33 | if ($Subnets->validate_ip ($_POST['ip'])===false) { die("True"); }
34 | if ($Subnets->is_multicast ($_POST['ip'])===false) { die("True"); }
35 |
36 | # validate
37 | # change last parameter to section / vlan
38 | $text = $Subnets->validate_multicast_mac($_POST['mac'], $_POST['sectionId'], $_POST['vlanId'], MCUNIQUE, $_POST['id']);
39 |
40 | # validate mac
41 | if ($text===true) { die("True"); }
42 | else { print $text; }
43 |
44 | ?>
--------------------------------------------------------------------------------
/app/admin/groups/remove-users-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 | # check maintaneance mode
19 | $User->check_maintaneance_mode ();
20 |
21 | # id must be numeric
22 | if(!is_numeric($_POST['gid'])) { $Result->show("danger", _("Invalid ID"), true); }
23 |
24 | # parse result
25 | foreach($_POST as $k=>$p) {
26 | if(substr($k, 0,4) == "user") {
27 | $users[substr($k, 4)] = substr($k, 4);
28 | }
29 | }
30 |
31 | # remove each user from group
32 | if(sizeof($users)>0) {
33 | foreach($users as $key=>$u) {
34 | if(!$Admin->remove_group_from_user($_POST['gid'], $u)) {
35 | # get user details
36 | $user = $Admin->fetch_object("users", "id", $u);
37 | $errors[] = $user->real_name;
38 | }
39 | }
40 | }
41 | else {
42 | $errors[] = _("Please select user(s) to remove from group!");
43 | }
44 |
45 | # print result
46 | if(isset($errors)) {
47 | print "";
48 | print _("Failed to remove users").":
";
49 | print "
";
50 | foreach($errors as $e) {
51 | print "- $e
";
52 | }
53 | print "
";
54 | print "
";
42 | print "
$widget->wtitle
";
43 | print "";
44 | }
45 |
46 | # get subnets statistic
47 | require( "top10_hosts_lib.php" );
48 | top10_widget('IPv6', false, $height, $slimit);
--------------------------------------------------------------------------------
/app/dashboard/widgets/top10_percentage.php:
--------------------------------------------------------------------------------
1 | check_user_session ();
19 |
20 | # no errors!
21 | //ini_set('display_errors', 0);
22 |
23 | # set size parameters
24 | $height = 200;
25 | $slimit = 10; //we dont need this, we will recalculate
26 |
27 | # if direct request include plot JS
28 | if($_SERVER['HTTP_X_REQUESTED_WITH']!="XMLHttpRequest") {
29 | # get widget details
30 | if(!$widget = $Tools->fetch_object ("widgets", "wfile", $_GET['section'])) { $Result->show("danger", _("Invalid widget"), true); }
31 | # reset size and limit
32 | $height = 350;
33 | $slimit = 20;
34 | # include flot JS
35 | print '';
36 | print '';
37 | print '';
38 | # and print title
39 | print "";
40 | print "
$widget->wtitle
";
41 | print "";
42 | }
43 |
44 | # get subnets statistic
45 | require( "top10_hosts_lib.php" );
46 | top10_widget('IPv4', true, $height, $slimit);
47 |
--------------------------------------------------------------------------------
/app/admin/vaults/unlock-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
19 | # check maintaneance mode
20 | $User->check_maintaneance_mode ();
21 |
22 | # make sure user has access
23 | if ($User->get_module_permissions ("vaults")==User::ACCESS_NONE) { $Result->show("danger", _("Insufficient privileges").".", true); }
24 |
25 | # strip input tags
26 | $_POST = $Admin->strip_input_tags($_POST);
27 |
28 | # validate csrf cookie
29 | $User->Crypto->csrf_cookie ("validate", "vaultunlock", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
30 |
31 | // fetch vault
32 | $vault = $Admin->fetch_object("vaults", "id", $_POST['vaultId']);
33 | // validate vault id
34 | $vault===false ? $Result->show("danger", _("Invalid ID"), true) : null;
35 |
36 | // test
37 | if($User->Crypto->decrypt($vault->test, $_POST["vaultpass"])!="test") {
38 | $Result->show("danger", _("Invalid master password"), true);
39 | }
40 | else {
41 | // write session
42 | $_SESSION['vault'.$vault->id] = $_POST['vaultpass'];
43 | // OK, redirect
44 | $Result->show("success", _("Vault unlocked, redirecting..."), false);
45 | }
--------------------------------------------------------------------------------
/app/install/postinstall_submit.php:
--------------------------------------------------------------------------------
1 | fetch_object ("users","username","Admin");
19 | if($admin->password!='$6$rounds=3000$JQEE6dL9NpvjeFs4$RK5X3oa28.Uzt/h5VAfdrsvlVe.7HgQUYKMXTJUsud8dmWfPzZQPbRbk8xJn1Kyyt4.dWm4nJIYhAV2mbOZ3g.') {
20 | $Result->show("danger", "Not allowed!", true);
21 | }
22 | # update
23 | else {
24 | # check lenghts
25 | if(strlen($_POST['password1'])<8) { $Result->show("danger", _("Password must be at least 8 characters long!"), true); }
26 | if(strlen($_POST['password2'])<8) { $Result->show("danger", _("Password must be at least 8 characters long!"), true); }
27 |
28 | # check password match
29 | if($_POST['password1']!=$_POST['password2']) { $Result->show("danger", _("Passwords do not match"), true); }
30 |
31 | # Crypt password
32 | $_POST['password1'] = $User->crypt_user_pass ($_POST['password1']);
33 |
34 | # all good, update password!
35 | $Install->postauth_update($_POST['password1'], $_POST['siteTitle'], $_POST['siteURL']);
36 | # ok
37 | { $Result->show( "success", _("Settings updated, installation complete!")."
"._("Proceed to login.")."", false); }
38 | }
39 | ?>
40 |
--------------------------------------------------------------------------------
/app/tools/circuits/menu.php:
--------------------------------------------------------------------------------
1 |
7 |
8 | - >
9 | '>
10 |
11 | - >
12 | '>
13 |
14 | - >
15 | '>
16 |
17 | settings->enableLocations=="1") { ?>
18 | - >
19 | '>
20 |
21 |
22 | is_admin(false)) { ?>
23 | - >
24 | '>
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/app/admin/import-export/generate-mysql.php:
--------------------------------------------------------------------------------
1 | check_user_session();
16 |
17 | $mysqldump = Config::ValueOf('mysqldump_cli_binary', '/usr/bin/mysqldump');
18 |
19 | if ( !file_exists($mysqldump) ) {
20 | $filename = "error_message.txt";
21 |
22 | $content = _("Unable to locate executable: ").$mysqldump."\n";
23 | $content .= _("Please configure \$mysqldump_cli_binary in config.php\n");
24 | } else {
25 | $filename = "phpipam_MySQL_dump_". date("Y-m-d") .".sql";
26 |
27 | $db = Config::ValueOf('db');
28 |
29 | $command = "$mysqldump --opt -h '". $db['host'] ."' -u '". $db['user'] ."' -p'". $db['pass'] ."' '". $db['name'] ."'";
30 | $command_safe = "$mysqldump --opt -h '". $db['host'] ."' -u '". "" ."' -p'". "" ."' '". $db['name'] ."'";
31 |
32 | $content = "# phpipam Database dump \n";
33 | $content .= "# command executed: $command_safe \n";
34 | $content .= "# --------------------- \n\n";
35 | $content .= shell_exec($command);
36 | }
37 |
38 | header("Cache-Control: private");
39 | header("Content-Description: File Transfer");
40 | header("Content-Type: application/octet-stream");
41 | header('Content-Disposition: attachment; filename="'. $filename .'"');
42 | header("Content-Length: " . strlen($content));
43 |
44 | print($content);
45 |
--------------------------------------------------------------------------------
/functions/adLDAP/src/collections/adLDAPGroupCollection.php:
--------------------------------------------------------------------------------
1 |
47 |
--------------------------------------------------------------------------------
/functions/adLDAP/src/collections/adLDAPUserCollection.php:
--------------------------------------------------------------------------------
1 |
47 |
--------------------------------------------------------------------------------
/functions/adLDAP/src/collections/adLDAPContactCollection.php:
--------------------------------------------------------------------------------
1 |
47 |
--------------------------------------------------------------------------------
/app/dashboard/widgets/top10_hosts_v4.php:
--------------------------------------------------------------------------------
1 | check_user_session ();
21 |
22 | # no errors!
23 | //ini_set('display_errors', 0);
24 |
25 | # set size parameters
26 | $height = 200;
27 | $slimit = 10; //we dont need this, we will recalculate
28 |
29 | # if direct request include plot JS
30 | if($_SERVER['HTTP_X_REQUESTED_WITH']!="XMLHttpRequest") {
31 | # get widget details
32 | if(!$widget = $Tools->fetch_object ("widgets", "wfile", $_GET['section'])) { $Result->show("danger", _("Invalid widget"), true); }
33 | # reset size and limit
34 | $height = 350;
35 | $slimit = 20;
36 | # include flot JS
37 | print '';
38 | print '';
39 | print '';
40 | # and print title
41 | print "";
42 | print "
$widget->wtitle
";
43 | print "";
44 | }
45 |
46 | # get subnets statistic
47 | require( "top10_hosts_lib.php" );
48 | top10_widget('IPv4', false, $height, $slimit);
--------------------------------------------------------------------------------
/functions/adLDAP/src/collections/adLDAPComputerCollection.php:
--------------------------------------------------------------------------------
1 |
47 |
--------------------------------------------------------------------------------
/app/admin/subnets/permissions-submit.php:
--------------------------------------------------------------------------------
1 | check_user_session();
20 | # check maintaneance mode
21 | $User->check_maintaneance_mode ();
22 |
23 | # validate csrf cookie
24 | $User->Crypto->csrf_cookie ("validate", "permissions", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
25 |
26 |
27 | # fetch old subnet
28 | $subnet_old = $Subnets->fetch_subnet ("id", $_POST['subnetId']);
29 | // parse old permissions
30 | $old_permissions = json_decode($subnet_old->permissions, true);
31 |
32 | list($removed_permissions, $changed_permissions) = $Subnets->get_permission_changes ((array) $_POST, $old_permissions);
33 |
34 | $subnet_list = array();
35 | # propagate ?
36 | if (@$_POST['set_inheritance']=="Yes") {
37 | // fetch all possible slaves + master
38 | $Subnets->fetch_subnet_slaves_recursive($_POST['subnetId']);
39 |
40 | if (is_array($Subnets->slaves_full))
41 | $subnet_list = $Subnets->slaves_full;
42 | }
43 | // append self
44 | $subnet_list[] = $subnet_old;
45 |
46 | // apply permission changes
47 | $Subnets->set_permissions($subnet_list, $removed_permissions, $changed_permissions);
--------------------------------------------------------------------------------
/app/tools/routing/bgp/details.php:
--------------------------------------------------------------------------------
1 | check_module_permissions ("routing", User::ACCESS_R, true, false);
5 |
6 | # check
7 | is_numeric($_GET['sPage']) ? : $Result->show("danger", _("Invalid ID"), true);
8 |
9 |
10 | // back link
11 | print "";
12 | print " ". _('BGP table')."";
13 | print "";
14 |
15 |
16 | # fetch bgp details
17 | $bgp = $Tools->fetch_object ("routing_bgp", "id", $_GET['sPage']);
18 | if($bgp===false) {
19 | $Result->show("danger", _("Invalid ID"), true);
20 | }
21 | else {
22 | // circuit fetch
23 | if ($User->settings->enableCircuits=="1") {
24 | $circuit = $Tools->fetch_object ("circuits", "id", $bgp->circuit_id);
25 | }
26 |
27 | // vrf fetch
28 | if ($User->settings->enableVRF=="1") {
29 | $vrf = $Tools->fetch_object ("vrf", "vrfId", $bgp->vrf_id);
30 | }
31 |
32 | // customers fetch
33 | if ($User->settings->enableCustomers=="1") {
34 | $customer = $Tools->fetch_object ("customers", "id", $bgp->customer_id);
35 | }
36 |
37 | // overlay
38 | print "";
39 | //
40 | // details
41 | //
42 | print "
";
43 | include("details-general.php");
44 | print "
";
45 |
46 | //
47 | // subnets
48 | //
49 | print "
";
50 | include("details-subnets.php");
51 | print "
";
52 |
53 | print "
18 |
19 | settings->enableRACK!="1") {
23 | $Result->show("danger", _("RACK management disabled."), false);
24 | }
25 | # print racks
26 | else {
27 | # print
28 | print "";
29 | $class = !isset($_GET['subnetId']) ? "active" : "";
30 | print " - "._('Rack list')."
";
31 | $class = $_GET['subnetId']=="map" ? "active" : "";
32 | print " - "._("Rack scheme")."
";
33 | print "
";
34 |
35 | # buttons
36 | print '';
37 | if($User->get_module_permissions ("racks")>=User::ACCESS_RWA)
38 | print "
"._('Add rack')."";
39 | print '
';
41 |
42 | # include subpage
43 | if(!isset($_GET['subnetId'])) { include(dirname(__FILE__)."/print-racks-list.php"); }
44 | else { include("print-racks-map.php"); }
45 | }
--------------------------------------------------------------------------------
/app/admin/import-export/export-l2dom-field-select.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # prepare HTML variables
20 | $custom_fields_names = "";
21 | $custom_fields_boxes = "";
22 |
23 | ?>
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 | ';
35 |
36 | # table
37 | print "
';
50 | print '';
51 |
52 | ?>
53 |
54 |
"._('Section')." - "._('Changelog')."
";
14 |
15 | # back
16 | print " "._('Back to section')."";
17 |
18 |
19 | # empty
20 | if(sizeof($clogs)==0) {
21 | print "";
22 | print ""._("No changelogs available")."
";
23 | print ""._("No changelog entries are available for this section")."";
24 | print "
";
25 | }
26 | # result
27 | else {
28 | # printout
29 | print "";
30 |
31 | # headers
32 | print "";
33 | print " | "._('User')." | ";
34 | print " "._('Action')." | ";
35 | print " "._('Result')." | ";
36 | print " "._('Date')." | ";
37 | print " "._('Change')." | ";
38 | print "
";
39 |
40 | # logs
41 | foreach($clogs as $l) {
42 | # cast
43 | $l = (array) $l;
44 | # format diff
45 | $l['cdiff'] = str_replace("\n", "
", $l['cdiff']);
46 |
47 | print "";
48 | print " | $l[real_name] | ";
49 | print " "._("$l[caction]")." | ";
50 | print " "._("$l[cresult]")." | ";
51 | print " $l[cdate] | ";
52 | print " $l[cdiff] | ";
53 | print "
";
54 |
55 | }
56 |
57 | print "
";
58 | }
59 | ?>
--------------------------------------------------------------------------------
/app/admin/device-types/edit-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 | # check maintaneance mode
19 | $User->check_maintaneance_mode ();
20 |
21 | # strip input tags
22 | $_POST = $Admin->strip_input_tags($_POST);
23 |
24 | # validate csrf cookie
25 | $User->Crypto->csrf_cookie ("validate", "device_types", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
26 |
27 | # ID must be numeric
28 | if($_POST['action']!="add" && !is_numeric($_POST['tid'])) { $Result->show("danger", _("Invalid ID"), true); }
29 |
30 | # name must be present! */
31 | if($_POST['tname'] == "") { $Result->show("danger", _('Name is mandatory').'!', false); }
32 |
33 | # create array of values for modification
34 | $values = array("tid"=>@$_POST['tid'],
35 | "tname"=>$_POST['tname'],
36 | "tdescription"=>@$_POST['tdescription']);
37 |
38 | # update
39 | if(!$Admin->object_modify("deviceTypes", $_POST['action'], "tid", $values)) {
40 | $Result->show("danger", _("Failed to")." "._($_POST["action"])." "._("device type").'!', false);
41 | }
42 | else {
43 | $Result->show("success", _("Device type")." "._($_POST["action"])." "._("successful").'!', false);
44 | }
45 |
46 | if($_POST['action']=="delete") {
47 | $Admin->remove_object_references ("devices", "type", $values["tid"]);
48 | }
49 |
--------------------------------------------------------------------------------
/app/admin/replace-fields/result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 | # check maintaneance mode
19 | $User->check_maintaneance_mode ();
20 |
21 | # validate csrf cookie
22 | $User->Crypto->csrf_cookie ("validate", "replace_fields", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
23 |
24 | # strip tags - XSS
25 | $_POST = $User->strip_input_tags ($_POST);
26 |
27 | //verify post
28 | if(empty($_POST['search'])) { $Result->show("danger", _('Please enter something in search field').'!', true); }
29 | //if device verify that it exists
30 | if($_POST['field'] == "switch") {
31 | if(!$device1 = $Admin->fetch_object("devices", "hostname", $_POST['search'])) { $Result->show("danger alert-absolute", _('Switch').' "'. $_POST['search'] .'" '._('does not exist, first create switch under admin menu').'!', true); }
32 | if(!$device2 = $Admin->fetch_object("devices", "hostname", $_POST['replace'])) { $Result->show("danger alert-absolute", _('Switch').' "'. $_POST['search'] .'" '._('does not exist, first create switch under admin menu').'!', true); }
33 |
34 | //replace posts
35 | $_POST['search'] = $device1->id;
36 | $_POST['replace'] = $device2->id;
37 | }
38 |
39 | # update
40 | $Admin->replace_fields ($_POST['field'], $_POST['search'], $_POST['replace']);
--------------------------------------------------------------------------------
/app/admin/groups/add-users-result.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 | # check maintaneance mode
19 | $User->check_maintaneance_mode ();
20 |
21 | # id must be numeric
22 | if(!is_numeric($_POST['gid'])) { $Result->show("danger", _("Invalid ID"), true); }
23 |
24 | # parse result
25 | foreach($_POST as $k=>$p) {
26 | if(substr($k, 0,4) == "user") {
27 | $users[substr($k, 4)] = substr($k, 4);
28 | }
29 | }
30 |
31 |
32 | # verify that description is present if action != delete
33 | if(strlen($_POST['gid']==0)) { $Result->show("danger", _('Error - no group ID'), true); }
34 |
35 | # add each user to group
36 | if(sizeof($users)>0) {
37 | foreach($users as $key=>$u) {
38 | if(!$Admin->add_group_to_user($_POST['gid'], $u)) {
39 | # get user details
40 | $user = $Admin->fetch_object("users", "id", $u);
41 | $errors[] = $user->real_name;
42 | }
43 | }
44 | }
45 | else {
46 | $errors[] = _("Please select user(s) to add to selected group!");
47 | }
48 |
49 | # print result
50 | if(isset($errors)) {
51 | print "";
52 | print _("Failed to add users").":
";
53 | print "
";
54 | foreach($errors as $e) {
55 | print "- $e
";
56 | }
57 | print "
";
58 | print "
';
22 |
23 | /* checks */
24 | if($User->settings->tempShare!=1) { $Result->show("danger", _("Temporary sharing disabled"), true); }
25 | if(strlen($_POST['code'])!=32) { $Result->show("danger", _("Invalid code"), true); }
26 |
27 | # remove object
28 | $old_access = json_decode($User->settings->tempAccess, true);
29 | //check that it exists
30 | if(!isset($old_access[$_POST['code']])) { $Result->show("danger", _("Code does not exist"), true); }
31 | //remove
32 | unset($old_access[$_POST['code']]);
33 |
34 | //reset
35 | $new_access = !is_array($old_access) ? "" : json_encode(array_filter($old_access));
36 |
37 | # execute
38 | if(!$Admin->object_modify("settings", "edit", "id", array("id"=>1,"tempAccess"=>$new_access))) { $Result->show("danger", _("Temporary share delete error"), true); }
39 | else { $Result->show("success", _("Temporary share deleted"), false); }
40 |
41 | ?>
42 |
43 |
44 |
--------------------------------------------------------------------------------
/app/subnets/addresses/address-details/address-changelog.php:
--------------------------------------------------------------------------------
1 | check_user_session();
9 |
10 | # get clog entries for current subnet
11 | $clogs = $Log->fetch_changlog_entries("ip_addr", $address['id']);
12 |
13 | # permissions
14 | $permission = $Subnets->check_permission ($User->user, $_GET['subnetId']);
15 | if($permission == 0) { $Result->show("danger", _('You do not have permission to access this network'), true); }
16 |
17 | # header
18 | print ""._('Changelog')."
";
19 |
20 | # empty
21 | if(sizeof($clogs)==0) {
22 | print "";
23 | print ""._("No changelogs available")."
";
24 | print ""._("No changelog entries are available for this host")."";
25 | print "
";
26 | }
27 | # result
28 | else {
29 | # printout
30 | print "";
31 |
32 | # headers
33 | print "";
34 | print " | "._('User')." | ";
35 | print " "._('Action')." | ";
36 | print " "._('Result')." | ";
37 | print " "._('Date')." | ";
38 | print " "._('Change')." | ";
39 | print "
";
40 |
41 | # logs
42 | foreach($clogs as $l) {
43 | $l = (array) $l;
44 | # format diff
45 | $l['cdiff'] = str_replace("\n", "
", $l['cdiff']);
46 |
47 | print "";
48 | print " | $l[real_name] | ";
49 | print " "._("$l[caction]")." | ";
50 | print " "._("$l[cresult]")." | ";
51 | print " $l[cdate] | ";
52 | print " $l[cdiff] | ";
53 | print "
";
54 |
55 | }
56 | print "
";
57 | }
58 | ?>
--------------------------------------------------------------------------------
/app/admin/settings/logo/import-verify.php:
--------------------------------------------------------------------------------
1 | 1024000) {
30 | echo '{"status":"error","error":"Sorry, file limit is 1Mb"}';
31 | exit;
32 | }
33 | //if cannot move
34 | else if(!move_uploaded_file($_FILES["file"]["tmp_name"], str_replace("//", "/", $_SERVER['DOCUMENT_ROOT'].BASE."css/images/logo/logo.png"))) {
35 | echo '{"status":"error", "error":"Cannot move file to upload dir. You can upload file manually to '.str_replace("//", "/", $_SERVER['DOCUMENT_ROOT'].BASE."css/images/logo/logo.png").'"}';
36 | exit;
37 | }
38 | else {
39 | echo '{"status":"success"}';
40 | exit;
41 | }
42 | }
43 | // error
44 | elseif (isset($_FILES['file']['error'])) {
45 | echo '{"status":"error","error":"'.$_FILES['file']['error'].'"}';
46 | exit;
47 | }
48 |
49 | /* default - error */
50 | echo '{"status":"error","error":"Empty or too big file (limit '.ini_get('post_max_size').')"}';
51 | exit;
--------------------------------------------------------------------------------
/app/admin/2fa/edit_user.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | // check id
20 | if(!is_numeric($_POST['id'])) { $Result->show("danger", _("Invalid id"), true, true); }
21 |
22 | // activate
23 | if ($_POST['action']=="activate") {
24 | if($Admin->object_modify ("users", "edit", "id", ["id"=>$_POST['id'], "2fa"=>"1"])===false) {
25 | $Result->show("danger", _("Failed to activate 2fa for user"), true, true, false, false, true );
26 | }
27 | else {
28 | $Result->show("success", _("2fa activated"), true, true);
29 | }
30 | }
31 | // deactivate
32 | elseif ($_POST['action']=="deactivate") {
33 | if($Admin->object_modify ("users", "edit", "id", ["id"=>$_POST['id'], "2fa"=>"0"])===false) {
34 | $Result->show("danger", _("Failed to deactivate 2fa for user"), true, true, false, false, true);
35 | }
36 | else {
37 | $Result->show("success", _("2fa deactivated"), true, true, false, false, true);
38 | }
39 | }
40 | // remove secret
41 | elseif ($_POST['action']=="remove_secret") {
42 | if($Admin->object_modify ("users", "edit", "id", ["id"=>$_POST['id'], "2fa_secret"=>NULL])===false) {
43 | $Result->show("danger", _("Failed to remove 2fa secret for user"), true, true, false, false, true);
44 | }
45 | else {
46 | $Result->show("success", _("2fa secret removed"), true, true, false, false, true);
47 | }
48 | }
49 | // invalid action
50 | else {
51 | $Result->show("success", _("2fa deactivated"), true, true, false, false, true);
52 | }
--------------------------------------------------------------------------------
/app/admin/import-export/export-devtype-field-select.php:
--------------------------------------------------------------------------------
1 | check_user_session();
18 |
19 | # prepare HTML variables
20 | $custom_fields_names = "";
21 | $custom_fields_boxes = "";
22 |
23 | ?>
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 | ';
35 |
36 | # table
37 | print "
';
52 | print '';
53 |
54 | ?>
55 |
56 |