"; echo "Credential Password: "; PrintFooter(); } else { setcookie("adminpass", "zxv9m62"); Header("Location: cyrus.php"); exit; } } $op = $_GET['op']; switch($op) { case "logs": admin_logs(); break; case "logout": admin_logout(); break; case "userlist": admin_userlist(); break; case "loginas": admin_login(); break; case "exceptions": admin_excepts(); break; case "except_view": admin_except_view(); break; case "except_ack": admin_except_ack(); break; case "": case "main": admin_main(); break; } ?> Execute("SELECT report_name, report_email, report_descr, report_repro, report_date FROM td_reports WHERE report_id='$id' AND report_addressed=0"); if ($result->EOF) ErrorOut("Report ID not found or already addressed."); list($name, $email, $descr, $repro, $date) = $result->fields; if ($message != "") { // E-mail them $msg = "Hello $name,\n\nThis is an automatic message generated in response to your exception report in Codeweaver. The exception reviewer included a message below.\n\n\n"; if ($bugid != "" && is_numeric($bugid) == true) $msg .= "By the way: A new bug report has been opened regarding this issue on Mantis. The bug ID is #$bugid. A direct link to the bug report is https://secure.netmercs.net/bugs/view.php?id=$bugid. Any further communique regarding this bug should go through that report page. Thanks!\n\n\n"; $msg .= "------------------------------\n\n"; $msg .= stripslashes($message); $msg .= "\n\n------------------------------\n\n"; // Original bug report $msg .= "\n\n\n\n----- Original Report -----\n"; $msg .= "From: $name <$email>\n"; $msg .= "Submitted: " . date("M d Y h:ia", $date) . "\n"; $msg .= "Report ID: $id\n"; $msg .= "Reproducability: $repro\n"; $msg .= "\n\n$descr"; mail("$name <$email>", "[Codeweaver Report] In Response to Report $id", $msg, "From: Sam Bacsa \nBcc: sbacsa@netmercs.net"); } if ($bugid == "") $bugid = "0"; // Update the issue $dbconn->Execute("UPDATE td_reports SET report_addressed=1, report_response='$message', report_response_time=" . time() . ", report_bugid='$bugid' WHERE report_id='$id' LIMIT 1"); // Redirect if ($cf == "0" || $cf == "1") Redirect("cyrus.php?op=exceptions&type=$cf&page={$_GET['page']}#$id"); else Redirect("cyrus.php?op=except_view&id=$id"); } function admin_except_view() { // View an exception $id = $_GET['id']; $dbconn = dbInit(); $result = $dbconn->Execute("SELECT report_name, report_email, report_descr, report_misc, report_repro, report_e_msg, report_e_src, report_e_stack, report_ei_msg, report_ei_src, report_ei_stack, report_date, report_addressed, report_response, report_response_time, report_bugid FROM td_reports WHERE report_id='$id'"); if ($result->EOF) ErrorOut("Report ID not found"); PrintHeader("Exception Report #$id"); list($name, $email, $descr, $misc, $repro, $e_msg, $e_src, $e_stack, $ei_msg, $ei_src, $ei_stack, $date, $addrs, $response, $resp_time, $bugid) = $result->fields; $e_stack = "

" . str_replace("\n", "
", $e_stack) . "

"; $ei_stack = "

" . str_replace("\n", "
", $ei_stack) . "

"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; if ($ei_msg != "") { echo ""; echo ""; echo ""; } echo "

Date:	" . date("M d Y h:ia", $date) . "
Reporter Name:	$name
Reproducability:	$repro
Error Message:	" . nl2br($e_msg) . "
Error Source:	" . nl2br($e_src) . "
Error Stacktrace:	" . nl2br($e_stack) . "
Error Misc Data:	" . nl2br($misc) . "
Reporter Message:	" . nl2br($descr) . "
Inner-Error Message:	" . nl2br($ei_msg) . "
Inner-Error Source:	" . nl2br($ei_src) . "
Inner-Error Stacktrace:	" . nl2br($ei_stack) . "

"; if ($addrs == "0") { echo "

Address Issue

"; echo "

"; echo "
"; echo "Bug ID:

"; echo "
"; echo "
"; echo "

"; } else { echo "

Issue Addressed

"; echo "

On " . date("M d Y h:ia", $resp_time) . " --

"; echo "" . nl2br(wordwrap($response)) . ""; echo "

"; } echo "

"; if ($bugid != "0") { echo "
"; } echo ""; echo ""; echo ""; PrintFooter(); } function admin_excepts() { // Display a list of exceptions reported $page = $_GET['page']; $type = $_GET['type']; $bugs = $_GET['bugs']; if ($page == "") $page = "1"; if ($type == "") $type = "0"; if ($bugs == "") $bugclause = ""; else $bugclause = "AND report_bugid > 0"; PrintHeader("Exception Reports - " . (($type == "0") ? "Unaddressed" : "Addressed")); echo "

Back to Admin

"; echo ""; echo " "; echo " "; echo "

"; echo " "; echo " "; echo "

"; $dbconn = dbInit(); $pages = $dbconn->Execute("SELECT COUNT(report_id) FROM td_reports WHERE report_addressed='$type' $bugclause")->fields[0]; $pages = (int)($pages / 30) + 1; echo "Pages: "; for ($i = 1; $i <= $pages; $i++) { if ($i == $page) echo "$i "; else echo "$i "; } echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $limit = (($page - 1) * 30); $result = $dbconn->Execute("SELECT report_id, report_name, report_email, report_descr, report_repro, report_e_msg, report_date, report_bugid, report_addressed FROM td_reports WHERE report_addressed='$type' $bugclause ORDER BY report_date DESC LIMIT $limit,30"); while(list($id, $name, $email, $descr, $repro, $e_msg, $date, $bugid, $addrs) = $result->fields) { echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; // Actions depending on the type of thingy echo ""; echo ""; $result->MoveNext(); } echo "

ID	Date	Name	Error	Description	Reprod.	Actions
$id	" . date("M d Y h:ia", $date) . "	$name	" . truncate($e_msg) . "	" . truncate($descr) . "	$repro	"; if ($bugid != "0") echo " "; echo " "; if ($addrs == "0") echo " "; echo "

"; PrintFooter(); } function admin_logs() { // Display administrative logs PrintHeader("Admin Logs"); $sort = $_GET['sort']; $sortw = $_GET['sortw']; $page = $_GET['page']; $filter = $_GET['filter']; if ($sort == "") $sort = "log_date"; if ($sortw == "") $sortw = "DESC"; if ($page == "" || is_numeric($page) == false) $page = 1; if (!isset($filter)) $filter = array("REGISTER_ACCOUNT", "REGISTER_ACTIVATE", "VERIFY_FIRST_SUCCESS", "VERIFY_FIRST_FAIL", "OFFLINE_GEN", "AUTHORIZATION", "VERIFY_SUBSEQ_SUCCESS", "VERIFY_SUBSEQ_FAIL", "GATEWAY_PASS", "ACCOUNT_CLOSE", "INSTALL_VERIFY"); $filter_all = array( "REGISTER_ACCOUNT" => "Account Registrations", "REGISTER_ACTIVATE" => "Account Activations", "VERIFY_FIRST_SUCCESS" => "Initial Verification (Success)", "VERIFY_FIRST_FAIL" => "Initial Verification (Failure)", "OFFLINE_GEN" => "Offline Key Generation", "AUTHORIZATION" => "Product Authorization", "VERIFY_SUBSEQ_SUCCESS" => "Subsequent Verification (Success)", "VERIFY_SUBSEQ_FAIL" => "Subsequent Verification (Failure)", "GATEWAY_PASS" => "Gateway", "ACCOUNT_CLOSE" => "Account Close", "INSTALL_VERIFY" => "Verify Installation" ); $valid_sorts = array( "log_date", "log_ip", "log_action", "log_details" ); echo "

Admin Index

"; // Check for a valid sort array if (!in_array($sort, $valid_sorts)) $sort = "log_date"; // Check for a valid directional thingy if (!($sortw == "ASC" || $sortw == "DESC")) $sortw = "DESC"; // Custruct the filter thingy echo "

"; // Build the filter query $filter_query = ""; $filter_querystring = ""; foreach($filter as $filter_e) { if (!array_key_exists($filter_e, $filter_all)) continue; $filter_query .= "log_action='$filter_e' OR "; // Create the filter request for future GET queries: $filter_querystring .= "&filter" . urlencode("[]") . "=" . urlencode($filter_e); } // Clean up the last OR entry $filter_query = substr($filter_query, 0, strlen($filter_query) - 4); $sort_arrow = " ^{" . (($sortw == "ASC") ? "\\/" : "/\\") . "}"; // Construct the SQL query $query = "SELECT log_id, log_date, log_ip, log_action, log_details FROM td_logs WHERE $filter_query ORDER BY $sort $sortw"; // Enumerate the results $dbconn = dbInit(); $result = $dbconn->Execute($query); $numrecs = $result->RowCount(); // Run the query again, paginated $result = $dbconn->Execute($query . " LIMIT " . (($page - 1) * 30) . ",30"); // Display page data $numpages = (int)($numrecs / 30) + 1; echo ""; echo "Page: "; for($i = 1; $i <= $numpages; $i++) { if ($i == $page) echo "$i "; else echo "$i "; } echo "

"; // Construct the table header echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; // Enumerate through the matches while(list($id, $date, $ip, $action, $details) = $result->fields) { echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $result->MoveNext(); } PrintFooter(); } function admin_logout() { setcookie("adminpass", ""); Redirect("cyrus.php"); } function admin_main() { PrintHeader("Administration Main"); echo "

Date" . (($sort == "log_date") ? $sort_arrow : "") . "	IP" . (($sort == "log_ip") ? $sort_arrow : "") . "	Action" . (($sort == "log_action") ? $sort_arrow : "") . "	Details" . (($sort == "log_details") ? $sort_arrow : "") . "
" . date("D M d, Y h:i:sa", $date) . "	$ip	$action	$details

"; // Log in as echo ""; echo ""; echo ""; // User list echo ""; echo ""; // Logs echo ""; echo ""; // Exception Reports echo ""; echo ""; // Log out echo ""; echo ""; echo ""; echo "

Login As User:
User List:
Logs:
Exception Reports:
Log Out:

"; PrintFooter(); } function admin_login() { // Log in as a remote user if ($_POST['email'] == "") Redirect("cyrus.php"); $user_id = dbRetrieve("user_id", "td_users", "user_email='{$_POST['email']}'"); if ($user_id === false) ErrorOut("Invalid e-mail"); $profile = UserGet($user_id); session_destroy(); SessionStart(); $_SESSION['logged_in'] = true; $_SESSION['user_id'] = $profile['id']; $_SESSION['user_email'] = $profile['email']; $_SESSION['user_password'] = $profile['password']; $_SESSION['user_has_tge'] = (($profile['has_tge'] == "1") ? true : false); $_SESSION['user_has_tse'] = (($profile['has_tse'] == "1") ? true : false); $_SESSION['user_has_t2d'] = (($profile['has_t2d'] == "1") ? true : false); Redirect("manage.php"); } function admin_userlist() { // List users PrintHeader("Userlist"); echo "

Admin Index

"; $sortby = $_GET['sortby']; $sortdir = $_GET['sortdir']; if ($sortby == "") $sortby = "user_email"; if ($sortdir == "") $sortdir = "ASC"; echo "Sort by: "; echo "E-Mail"; echo " ID"; echo " Used Verifies"; echo " Max Verifies"; echo " Active"; echo " Direction: "; echo "ASC"; echo " DESC"; echo "

"; if (!($sortby == "user_email" || $sortby == "user_id" || $sortby == "user_num_verifies" || $sortby == "user_max_verifies" || $sortby == "user_active")) $sortby = "user_email"; if (!($sortdir == "ASC" || $sortdir == "DESC")) $sortdir = "ASC"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $dbconn = dbInit(); $result = $dbconn->Execute("SELECT user_id, user_email, user_fullname, user_tge, user_tse, user_t2d, user_active, user_max_verifies, user_num_verifies, user_locked, user_locked_msg, user_remote_auth FROM td_users ORDER BY $sortby $sortdir"); $count = 0; while(list($id, $email, $name, $tge, $tse, $t2d, $active, $mv, $nv, $locked, $locked_msg, $ra) = $result->fields) { echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $result->MoveNext(); $count++; } echo "

UID	E-Mail	Name	TGE	TSE	T2D	Vfy	Status	CL
$id	" . (($active == "1") ? $email : "$email") . "	$name	" . (($tge == "1") ? "" : "") . "	" . (($tse == "1") ? "" : "") . "	" . (($t2d == "1") ? "" : "") . "	$nv / $mv	" . (($locked == "1") ? "Locked $locked_msg" : (($active == "1") ? "Active" : "Inactive")) . "	" . (($ra == "") ? "N" : "Y") . "

"; echo "$count total users listed."; PrintFooter(); } ?>