// Copyright (C) 2010 Winch Gate Property Limited // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License as // published by the Free Software Foundation, either version 3 of the // License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . $publicAccess = true; include('authenticate.php'); unset($error); function reorderViews($uid) { $result = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' ORDER BY ordering"); $i = 0; while ($result && $arr = mysql_fetch_array($result)) { sqlquery("UPDATE view_table SET ordering='$i' WHERE tid='".$arr["tid"]."'"); ++$i; } } function swapView($uid, $ordering, $offs) { $result1 = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND ordering='$ordering'"); if (!$result1 || mysql_num_rows($result1) != 1) return; $result1 = mysql_fetch_array($result1); $tid1 = $result1["tid"]; $result2 = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND ordering='".($ordering+$offs)."'"); if (!$result2 || mysql_num_rows($result2) != 1) return; $result2 = mysql_fetch_array($result2); $tid2 = $result2["tid"]; sqlquery("UPDATE view_table SET ordering='".($ordering+$offs)."' WHERE uid='$uid' AND tid='$tid1'"); sqlquery("UPDATE view_table SET ordering='".($ordering)."' WHERE uid='$uid' AND tid='$tid2'"); } function reorderRows($tid) { $result = sqlquery("SELECT vid, ordering FROM view_row WHERE tid='$tid' ORDER BY ordering"); $i = 0; $rows = array(); while ($result && $arr = mysql_fetch_array($result)) $rows[] = array($arr['vid'], $arr['ordering']); if (count($rows) > 0) { $i = 0; foreach ($rows as $row) { sqlquery("UPDATE view_row SET ordering='".(-$i-1)."' WHERE tid='$tid' AND ordering='".$row[1]."'"); ++$i; } $i = 0; for ($i=0; $i\n"; } else { $result = sqlquery("INSERT INTO view_table SET uid='$uid', name='$viewname', ordering='255'"); if (!$result) { $error = $error."Couldn't create view '$viewname', mySQL request failed
\n"; } $result = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND name='$viewname'"); $result = mysql_fetch_array($result); $tid = $result["tid"]; reorderViews($uid); } } // duplicate a view else if (isset($dupView) && isset($tid)) { $result = sqlquery("SELECT * FROM view_table WHERE tid='$tid'"); if ($result && ($arr = sqlfetch($result))) { sqlquery("INSERT INTO view_table SET uid='$uid', name='CopyOf_".$arr["name"]."', ordering='127', filter='".$arr["filter"]."'"); $res2 = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND ordering='127'"); $arr=sqlfetch($res2); $ntid = $arr["tid"]; $result = sqlquery("SELECT * FROM view_row WHERE tid='$tid'"); while ($result && ($arr=sqlfetch($result))) { sqlquery("INSERT INTO view_row SET tid='$ntid', vid='".$arr["vid"]."', name='".$arr["name"]."', ordering='".$arr["ordering"]."', filter='".$arr["filter"]."'"); } reorderViews($uid); $tid = $ntid; } } // remove a view else if (isset($removeView)) { if (!($result = sqlquery("DELETE FROM view_table WHERE uid='$uid' AND tid='$removeView'")) || mysql_affected_rows() < 1) { $error = $error."Couldn't remove view $removeView, missing or user doesn't own it
\n"; } else { sqlquery("DELETE FROM view_row WHERE tid='$removeView'"); reorderViews($uid); } } // change view name else if (isset($chViewName)) { sqlquery("UPDATE view_table SET name='$chViewName' WHERE tid='$tid'"); } // change view state else if (isset($chViewFilter)) { sqlquery("UPDATE view_table SET filter='$chViewFilter' WHERE tid='$tid'"); } // change view state else if (isset($chViewDisplay)) { sqlquery("UPDATE view_table SET display='$chViewDisplay' WHERE tid='$tid'"); } // change view state else if (isset($chViewAutoDisplay)) { sqlquery("UPDATE view_table SET auto_display='$chViewAutoDisplay' WHERE tid='$tid'"); } // change view state else if (isset($chViewRefreshRate)) { sqlquery("UPDATE view_table SET refresh_rate='$chViewRefreshRate' WHERE tid='$tid'"); } // swap a view else if (isset($moveView) && isset($offs)) { swapView($uid, $moveView, $offs); } // add a variable to a view else if (isset($addToView) && isset($tid)) { if (hasAccessToVariable($addToView)) { if (!($resultt = sqlquery("SELECT name FROM view_table WHERE uid='$uid' AND tid='$tid'")) || mysql_num_rows($resultt) != 1) { $error = $error."Couldn't add variable $addToView to view $tid, view is missing or user doesn't own it
\n"; } else { $resultt = mysql_fetch_array($resultt); $result = sqlquery("INSERT INTO view_row SET tid='$tid', vid='$addToView', name='".$variableData[$addToView]["name"]."', ordering='255'"); if (!$result) $error = $error."Couldn't add variable ".$variableData[addToView]["name"]." to view ".$resultt["name"].", query failed"; else reorderRows($tid); } } } // remove a row else if (isset($removeRow) && isset($tid)) { $result = sqlquery("SELECT uid FROM view_table WHERE tid='$tid' AND uid='$uid'"); if ($result && mysql_num_rows($result)>0) { if (!($result = sqlquery("DELETE FROM view_row WHERE tid='$tid' AND ordering='$removeRow'")) || mysql_affected_rows() < 1) { $error = $error."Couldn't remove row $removeRow, missing or user doesn't own it
\n"; } else { reorderRows($tid); } } } // swap a row else if (isset($moveRow) && isset($tid) && isset($offs)) { $result = sqlquery("SELECT uid FROM view_table WHERE tid='$tid' AND uid='$uid'"); if ($result && mysql_num_rows($result)>0) swapRows($tid, $moveRow, $offs); } // change a variable name else if ($changeVarName && isset($vid) && isset($tid)) { $result = sqlquery("SELECT uid FROM view_table WHERE tid='$tid' AND uid='$uid'"); if ($result && mysql_num_rows($result)>0) { $result = sqlquery("UPDATE view_row SET name='$changeVarName' WHERE vid='$vid' AND tid='$tid'"); } } // change a variable state else if (isset($changeVarFilter) && isset($vid) && isset($tid)) { $result = sqlquery("SELECT uid FROM view_table WHERE tid='$tid' AND uid='$uid'"); if ($result && mysql_num_rows($result)>0) { $result = sqlquery("UPDATE view_row SET filter='$changeVarFilter' WHERE vid='$vid' AND tid='$tid'"); } } // select a new default_view else if (isset($default_view)) { sqlquery("UPDATE user SET default_view='$default_view' WHERE uid='$uid'"); } // change a command name else if (isset($chViewCommandName) && isset($vcmd) && isset($tid)) { sqlquery("UPDATE view_command SET name='$chViewCommandName' WHERE tid='$tid' AND name='$vcmd'"); } else if (isset($chViewCommand) && isset($vcmd) && isset($tid)) { sqlquery("UPDATE view_command SET command='$chViewCommand' WHERE tid='$tid' AND name='$vcmd'"); } else if (isset($rmViewCommand) && isset($vcmd) && isset($tid)) { sqlquery("DELETE FROM view_command WHERE tid='$tid' AND name='$vcmd'"); } else if (isset($createViewCommand) && isset($nViewCommand) && isset($nViewCommandName) && isset($tid)) { sqlquery("INSERT INTO view_command SET tid='$tid', name='$nViewCommandName', command='$nViewCommand'"); } else if (isset($changeVidGraph) && isset($tid)) { if (isset($graphState) && $graphState == "on") { sqlquery("UPDATE view_row SET graph='1' WHERE tid='$tid' AND vid='$changeVidGraph'"); } else { sqlquery("UPDATE view_row SET graph='0' WHERE tid='$tid' AND vid='$changeVidGraph'"); } } // give a view to another user else if (isset($giveTo) && isset($tid)) { sqlquery("UPDATE view_table SET uid='$giveTo' WHERE tid='$tid'"); unset($tid); } // ----------------------------- // page display htmlProlog($_SERVER['PHP_SELF'], "Customize views"); if ($error) { echo "Reported errors:
$error
\n"; } unset($vargroups); $result = sqlquery("SELECT * FROM variable_group ORDER BY name"); while ($result && ($arr=sqlfetch($result))) { if ((!isset($sel_vgid) || $sel_vgid == "") && $arr["name"] == "NoGroup") $sel_vgid = $arr["vgid"]; $vargroups[$arr["name"]] = $arr["vgid"]; } // ----------------------------- // display customizable views $res = sqlquery("SELECT default_view FROM user, view_table WHERE user.uid='$uid' AND (view_table.uid='$uid' OR view_table.uid='$gid') AND view_table.tid=user.default_view"); if ($res && ($arr=sqlfetch($res))) $default_view = $arr["default_view"]; unset($availViews); unset($userViews); unset($groupViews); $res = sqlquery("SELECT name, tid, ordering FROM view_table WHERE uid='$uid' ORDER BY ordering"); while ($res && ($arr=sqlfetch($res))) { $availViews[] = $arr; $userViews[] = $arr; } $res = sqlquery("SELECT name, tid, ordering FROM view_table WHERE uid='$gid' ORDER BY ordering"); while ($res && ($arr=sqlfetch($res))) { $availViews[] = $arr; $groupViews[] = $arr; } echo "
\n"; echo "\n"; echo "\n"; echo "\n"; echo "

Your default view:

\n"; echo "\n"; $selected = false; foreach ($availViews as $view) { $selectedView = ($view["tid"]==$default_view); $selected |= $selectedView; echo "".$view["name"]."\n"; } echo "None\n"; echo "\n"; echo "

\n"; echo "\n"; if (isset($groupViews) && count($groupViews)>0) { echo "\n"; } echo "

\n"; echo "Your current views: ".help("View")." (click name to view/edit table, click radio to select as default view) \n"; echo "\n"; echo ""; echo "\n"; if (isset($userViews) && count($userViews)>0) { foreach ($userViews as $arr) { $_tname = $arr["name"]; $_tid = $arr["tid"]; $color = ($tid == $_tid ? " bgcolor=#eeeeee" : ""); echo "".$arr["ordering"].""; echo "$_tname". "Delete ". "- ". "+ ". "Duplicate\n"; } } echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo " Index [Default] View Commands \n"; echo "

\n"; echo "$group views: ".help("View")." (click name to view table, click radio to select as default view) \n"; echo "\n"; echo "\n"; echo "\n"; foreach ($groupViews as $arr) { $_tname = $arr["name"]; $_tid = $arr["tid"]; $color = ($tid == $_tid ? " bgcolor=#eeeeee" : ""); echo "".$arr["ordering"]."". "$_tname". "Duplicate\n"; } echo "\n"; echo " Index [Default] View Commands \n"; echo "

\n"; if (isset($tid)) { $result = sqlquery("SELECT name, uid, filter, display, auto_display, refresh_rate FROM view_table WHERE (uid='$uid' OR uid='$gid') AND tid='$tid'"); if (!$result || mysql_num_rows($result) == 0) { echo "
Can't display table $tid
\n"; } else { echo "

\n"; $result = mysql_fetch_array($result); $viewName = $result["name"]; $viewFilter = $result["filter"]; $viewDisplay = $result["display"]; $viewAutoDisplay = $result["auto_display"]; $viewRefreshRate = $result["refresh_rate"]; $ownView = ($result["uid"] == $uid); echo "\n"; echo ""; if ($ownView && ($admlogin == "root" || $admlogin == $group || $IsNevrax)) { echo ""; $result = sqlquery("SELECT view_row.name AS name, view_row.vid AS vid, view_row.ordering AS ordering, path, view_row.filter AS filter, graph ". "FROM view_table, view_row, variable ". "WHERE variable.command='variable' AND view_table.uid='$uid' AND view_table.tid='$tid' AND view_table.tid=view_row.tid AND ". "view_row.vid=variable.vid ORDER BY ordering"); if (!$result) die("rows select failed !"); unset($rows); echo "\n"; while ($arr = mysql_fetch_array($result)) { $vid = $arr["vid"]; if (!hasAccessToVariable($vid)) continue; $priv = getVariableRight($vid); $rows[$vid] = $arr["name"]; $ordering = $arr["ordering"]; if ($ownView) { echo "". "". "". "". "". "". "". "\n"; } else { echo "". "". "". "". "". "". "". "\n"; } } echo ""; $result = sqlquery("SELECT view_row.name AS name, view_row.vid AS vid, view_row.ordering AS ordering, path, view_row.filter AS filter, graph ". "FROM view_table, view_row, variable ". "WHERE variable.command='command' AND view_table.uid='$uid' AND view_table.tid='$tid' AND view_table.tid=view_row.tid AND ". "view_row.vid=variable.vid ORDER BY ordering"); if (!$result) die("rows select failed !"); unset($rows); echo "\n"; while ($arr = mysql_fetch_array($result)) { $vid = $arr["vid"]; if (!hasAccessToVariable($vid)) continue; $priv = getVariableRight($vid); $rows[$vid] = $arr["name"]; $ordering = $arr["ordering"]; if ($ownView) { echo "". "". "". "". "". "\n"; } else { echo "". "". "". "". "". "". "". "\n"; } } echo ""; echo ""; echo " Content of ".($ownView ? "" : $viewName)." Give view to "; $gresult = sqlquery("SELECT uid, login FROM user ORDER BY login"); while ($gresult && ($garr=sqlfetch($gresult))) { echo "".$garr["login"]; } echo ""; } else { echo " "; } echo " Index Variable Path Privilege Filter Graph Commands ".$arr["ordering"]." ".$arr["path"]." $priv Delete ". "- ". "+ ".$arr["ordering"]." ".$arr["name"]." ".$arr["path"]." $priv ".$arr["filter"]." ".($arr["graph"] != 0 ? "Yes" : "No")." Index Command Path Filter Commands ".$arr["ordering"]." ".$arr["path"]." Delete ". "- ". "+ ".$arr["ordering"]." ".$arr["name"]." ".$arr["path"]." $priv ".$arr["filter"]." ".($arr["graph"] != 0 ? "Yes" : "No")." "; if ($ownView) { echo "\n"; echo ""; echo "\n"; echo "\n"; echo "\n"; echo " Filter Display type "; echo "Normal display"; echo "Condensed display"; echo " Display automation "; echo "Automatic display"; echo "Manual display"; echo " Refresh rate seconds \n"; } else { echo "Filter ".($ownView ? "" : $viewFilter)." "; echo ($viewDisplay == "condensed" ? "Condensed" : "Normal")." display, "; echo ($viewAutoDisplay == "auto" ? "Automatic" : "Manual")." display"; } echo " \n"; echo "

\n"; echo "

\n"; if ($ownView) { echo "Available variables: (click a variable to add it to view $viewName) \n"; echo "\n"; echo ""; echo "\n"; echo "\n"; $result = sqlquery("SELECT command, variable.vid AS vid, variable.name AS name, path, state, variable.vgid AS vgid, variable_group.name AS group_name ". "FROM variable, variable_group ". "WHERE variable.vgid = variable_group.vgid".(isset($sel_vgid) && $sel_vgid!="-1" ? " AND variable.vgid='$sel_vgid'" : "")." ORDER BY variable.command, variable.vgid, variable.name"); if (!$result) die("variable select failed !"); $prevvgid = ""; $prevvtype = ""; while ($arr = mysql_fetch_array($result)) { $vid = $arr["vid"]; if (!hasAccessToVariable($vid)) continue; $priv = getVariableRight($vid); if ($prevvtype != "" && $prevvtype != $arr["command"]) { echo "\n"; echo "\n"; $prevvgid = ""; } if ($prevvgid != "" && $prevvgid != $arr["vgid"]) { echo "\n"; } $prevvgid = $arr["vgid"]; $prevvtype = $arr["command"]; echo "". "". "". "". "\n"; } echo " Variable \n"; foreach ($vargroups as $vargroup => $vgid) echo "$vargroup\n"; echo "All Groups\n"; echo " Path State Privilege Command Group Path State Privilege ".$arr["name"]." ".$arr["group_name"]." ".$arr["path"]." ".$arr["state"]." $priv \n"; } echo "

\n"; /* //if ($admlogin == "root" || $group == $admlogin) { echo "

\n"; echo " View commands \n"; echo "\n"; $result = sqlquery("SELECT name, command FROM view_command WHERE tid='$tid' ORDER BY name"); while ($result && ($arr = sqlfetch($result))) { echo "\n"; } echo "\n"; echo "\n"; echo " Name Command (with full parameter list) \n"; echo "

\n"; echo "
\n"; } */ } } htmlEpilog(); ?>