From: kkalev <kkalev>
Date: Fri, 18 Jun 2004 13:01:56 +0000 (+0000)
Subject: * Move the xlat function to a separate file in lib/xlat.php3
X-Git-Url: https://git.entuzijast.net/?a=commitdiff_plain;h=83d5cb1204e8597ef5d125f2d5ac4e12b8b44410;p=freeradius-dialup-admin.git

* Move the xlat function to a separate file in lib/xlat.php3
* Add a lib/sql/nas_list.php3 to also get the nas list from sql (naslist.conf still works)
* add realms nasdb and nasadmin in username.mappings. nasadmin is used to signify if the
  user is allowed to use the nas_admin page. nasdb is used to shorten the nas list to only
  a few specific entries. That way administrator responsible for a few access servers will
  only be able to administer those access servers and not see the rest of the nas list.
* Add username searching in the find page as suggested by joram agten
* Don't use nas_list in nas_admin
---

diff --git a/Changelog b/Changelog
index bff65d5..32d2db1 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,12 @@
+Ver 1.72:
+* Move the xlat function to a separate file in lib/xlat.php3
+* Add a lib/sql/nas_list.php3 to also get the nas list from sql (naslist.conf still works)
+* add realms nasdb and nasadmin in username.mappings. nasadmin is used to signify if the
+  user is allowed to use the nas_admin page. nasdb is used to shorten the nas list to only
+  a few specific entries. That way administrator responsible for a few access servers will
+  only be able to administer those access servers and not see the rest of the nas list.
+* Add username searching in the find page as suggested by joram agten
+* Don't use nas_list in nas_admin
 Ver 1.70:
 * Add the /bin postgresql compatibility patch from Guy Fraser
 * Add ldap_userdn as a configuration directive. If set we use that for
diff --git a/conf/admin.conf b/conf/admin.conf
index 2062d0b..9ef0778 100644
--- a/conf/admin.conf
+++ b/conf/admin.conf
@@ -142,6 +142,12 @@ general_stats_use_totacct: no
 # in the badusers table
 #
 general_restrict_badusers_access: no
+#
+# If set to yes then we restrict access to the nas administration page only to those
+# users which are allowed by their username mapping (nasadmin is set to yes)
+#
+general_restrict_nasadmin_access: yes
+
 
 INCLUDE: %{general_base_dir}/conf/naslist.conf
 
@@ -196,6 +202,8 @@ ldap_regular_profile_attr: dialupregularprofile
 # %U: username provided though http authentication
 # %mu: mappings for userdb
 # %ma: mappings for accounting
+# %mn: mappings for nasdb
+# %mN: mappings for nas administration
 #
 # One use of this would be to restrict access to only the user's belonging to
 # a specific administrator like this:
diff --git a/conf/config.php3 b/conf/config.php3
index 412d884..9b10af4 100644
--- a/conf/config.php3
+++ b/conf/config.php3
@@ -80,8 +80,18 @@ if (!isset($mappings) && $config[general_username_mappings_file] != ''){
 		if (ereg('^[[:space:]]*#',$val) || ereg('^[[:space:]]*$',$val))
 			continue;
 		list($key,$realm,$v)=split(":[[:space:]]*",$val,2);
-		if ($realm == 'accounting' || $realm == 'userdb')
+		if ($realm == 'accounting' || $realm == 'userdb' || $realm == 'nasdb' || $realm == 'nasadmin')
 			$mappings["$key"][$realm] = $v;
+		if ($realm == 'nasdb'){
+			$NAS_ARR = array();
+			$NAS_ARR = split(',',$v);
+			foreach ($nas_list as $key => $nas){
+				foreach ($NAS_ARR as $nas_check){
+					if ($nas_check == $nas[name])
+						unset($nas_list[$key]);
+				}
+			}
+		}
 	}
 	if ($config[general_use_session] == 'yes')
 		session_register('mappings');
diff --git a/conf/username.mappings b/conf/username.mappings
index e7d7b12..3180365 100644
--- a/conf/username.mappings
+++ b/conf/username.mappings
@@ -2,7 +2,20 @@
 # Format:
 # Username:realm:query
 #
-# where realm is accounting or userdb
+# where realm is:
+# accounting: for the map to be used when querying the accounting db
+# userdb: for the map to be used when querying the user db
+# nasdb: To only map specific NASes to the username (separated by ,)
+# nasadmin: To allow the user to use the nas_admin page (yes or no)
 #
 library-admin:accounting:AND nasipaddress = '123.123.123.123'
 library-admin:userdb:AND Admin = 'library-admin'
+library-admin:nasdb:nas.lib.company.com
+library-admin:nasadmin:no
+#
+lab-admin:accounting:AND nasipaddress =  '123.123.124.123'
+lab-admin:userdb:AND Admin = 'lab-admin'
+lab-admin:nasdb:nas.lab.company.com
+lab-admin:nasadmin:no
+#
+admin:nasadmin:yes
diff --git a/doc/TODO b/doc/TODO
index 315d454..2d71d3f 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -17,3 +17,4 @@
 * Parse the radius dictionary files so that we can show a pull down menu of possible values
   for various attributes.
 * Check the sql user code for sql injections
+* Also be able to keep username mappings in sql. Create and administration page
diff --git a/htdocs/accounting.php3 b/htdocs/accounting.php3
index 1d42015..db57b45 100644
--- a/htdocs/accounting.php3
+++ b/htdocs/accounting.php3
@@ -227,7 +227,7 @@ foreach ($accounting_show_attrs as $val)
 $query_view = ereg_replace(',$','',$query_view);
 $sql_extra_query = '';
 if ($config[sql_accounting_extra_query] != '')
-	$sql_extra_query = sql_xlat($config[sql_accounting_extra_query],$login,$config);
+	$sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
 $query="SELECT $query_view FROM $config[sql_accounting_table] $where $sql_extra_query ORDER BY $order LIMIT $maxresults;";
 
 echo <<<EOM
diff --git a/htdocs/clear_opensessions.php3 b/htdocs/clear_opensessions.php3
index 10349dc..133ce70 100644
--- a/htdocs/clear_opensessions.php3
+++ b/htdocs/clear_opensessions.php3
@@ -41,7 +41,7 @@ $open_sessions = 0;
 
 $sql_extra_query = '';
 if ($config[sql_accounting_extra_query] != '')
-	$sql_extra_query = sql_xlat($config[sql_accounting_extra_query],$login,$config);
+	$sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
 
 print <<<EOM
 </table>
diff --git a/htdocs/failed_logins.php3 b/htdocs/failed_logins.php3
index 23b77c4..475d84e 100644
--- a/htdocs/failed_logins.php3
+++ b/htdocs/failed_logins.php3
@@ -1,6 +1,7 @@
 <?php
 require('../conf/config.php3');
 require('../lib/attrshow.php3');
+require('../lib/sql/nas_list.php3');
 ?>
 <html>
 <?php
@@ -97,7 +98,7 @@ if ($acct_attrs['fl'][8] != '') echo "<th>" . $acct_attrs['fl'][8] . "</th>\n";
 if ($acct_attrs['fl'][9] != '') echo "<th>" . $acct_attrs['fl'][9] . "</th>\n";
 $sql_extra_query = '';
 if ($config[sql_accounting_extra_query] != '')
-	$sql_extra_query = sql_xlat($config[sql_accounting_extra_query],$login,$config);
+	$sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
 ?>
 	</tr>
 
@@ -200,6 +201,8 @@ EOM;
 <?php
 foreach ($nas_list as $nas){
 	$name = $nas[name];
+	if ($nas[ip] == '')
+		continue;
 	$servers[$name] = $nas[ip];
 }
 ksort($servers);
diff --git a/htdocs/find.php3 b/htdocs/find.php3
index f3e90c8..94c6ed6 100644
--- a/htdocs/find.php3
+++ b/htdocs/find.php3
@@ -76,8 +76,9 @@ Search Criteria
 <?php
 echo <<<EOM
 <select name="search_IN" editable onChange="this.form.submit();">
+<option $selected[username] value="username">User Name
 <option $selected[name]  value="name">User Full Name
-<option $selected[ou] value="ou">User Department
+<option $selected[department] value="department">User Department
 <option $selected[radius] value="radius">User Radius Attribute
 EOM;
 ?>
diff --git a/htdocs/nas_admin.php3 b/htdocs/nas_admin.php3
index 3378ff6..84d9318 100644
--- a/htdocs/nas_admin.php3
+++ b/htdocs/nas_admin.php3
@@ -16,6 +16,23 @@ else{
 EOM;
 	exit();
 }
+if ($config[general_restrict_nasadmin_access == 'yes'){
+	$auth_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
+	if ($auth_user == '' || $mappings[$auth_user][nasadmin] != 'yes'){
+		echo <<<EOM
+<title>NAS Administration Page</title>
+<link rel="stylesheet" href="style.css">
+</head>
+<body bgcolor="#80a040" background="images/greenlines1.gif" link="black" alink="black">
+<center>
+<b>Access is not allowed to this username.</b>
+</body>
+</html>
+EOM;
+		exit();
+	}
+}
+
 
 if ($clear_fields == 1)
 	$selected_nas = $readonly = '';
@@ -84,21 +101,21 @@ if ($link){
 	"SELECT * FROM $config[sql_nas_table] ORDER BY nasname;");
 	if ($search){
 		$num = 0;
-		unset($nas_list);
+		unset($my_nas_list);
 		while($row = @da_sql_fetch_array($search,$config)){
 			$my_nas_name = $row['nasname'];
 			if ($my_nas_name != ''){
 				$num++;
 				if ($clear_fields == 0 && $selected_nas == $my_nas_name)
 					$selected[$my_nas_name] = 'selected';
-				$nas_list[$my_nas_name]['name'] = $my_nas_name;
-				$nas_list[$my_nas_name]['shortname'] = $row['shortname'];
-				$nas_list[$my_nas_name]['type'] = $row['type'];
-				$selected[$nas_list[$my_nas_name]['type']] = 'selected';
-				$nas_list[$my_nas_name]['ports'] = $row['ports'];
-				$nas_list[$my_nas_name]['secret'] = $row['secret'];
-				$nas_list[$my_nas_name]['community'] = $row['community'];
-				$nas_list[$my_nas_name]['description'] = $row['description'];
+				$my_nas_list[$my_nas_name]['name'] = $my_nas_name;
+				$my_nas_list[$my_nas_name]['shortname'] = $row['shortname'];
+				$my_nas_list[$my_nas_name]['type'] = $row['type'];
+				$selected[$my_nas_list[$my_nas_name]['type']] = 'selected';
+				$my_nas_list[$my_nas_name]['ports'] = $row['ports'];
+				$my_nas_list[$my_nas_name]['secret'] = $row['secret'];
+				$my_nas_list[$my_nas_name]['community'] = $row['community'];
+				$my_nas_list[$my_nas_name]['description'] = $row['description'];
 			}
 		}
 	}
@@ -152,7 +169,7 @@ NAS List
 <td>
 <select name=selected_nas size=5 OnChange="this.form.select_nas.value=1;this.form.submit()"> 
 <?php
-foreach ($nas_list as $member){
+foreach ($my_nas_list as $member){
 	$name = $member[name];
 	echo "<option $selected[$name] value=\"$name\">$name\n";
 }
@@ -161,7 +178,7 @@ foreach ($nas_list as $member){
 </td>
 </tr>
 <?php
-$array = $nas_list[$selected_nas];
+$array = $my_nas_list[$selected_nas];
 echo <<<EOM
 <tr>
 <td align=right bgcolor="#d0ddb0">
diff --git a/htdocs/stats.php3 b/htdocs/stats.php3
index bade492..b45c024 100644
--- a/htdocs/stats.php3
+++ b/htdocs/stats.php3
@@ -1,5 +1,6 @@
 <?php
 require('../conf/config.php3');
+require('../lib/sql/nas_list.php3');
 ?>
 <html>
 <head>
@@ -81,6 +82,8 @@ $i = 1;
 $servers[all] = 'all';
 foreach ($nas_list as $nas){
 	$name = $nas[name];
+	if ($nas[ip] == '')
+		continue;
 	$servers[$name] = $nas[ip];
 	$i++;
 }
@@ -91,7 +94,7 @@ if ($server != 'all' && $server != ''){
 }
 $sql_extra_query = '';
 if ($config[sql_accounting_extra_query] != '')
-	$sql_extra_query = sql_xlat($config[sql_accounting_extra_query],$login,$config);
+	$sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
 
 $link = @da_sql_pconnect($config);
 if ($link){
diff --git a/htdocs/user_accounting.php3 b/htdocs/user_accounting.php3
index 74399f5..7e52a97 100644
--- a/htdocs/user_accounting.php3
+++ b/htdocs/user_accounting.php3
@@ -90,7 +90,7 @@ for($i=1;$i<=9;$i++){
 }
 $sql_extra_query = '';
 if ($config[sql_accounting_extra_query] != '')
-	$sql_extra_query = sql_xlat($config[sql_accounting_extra_query],$login,$config);
+	$sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
 ?>
 	</tr>
 
diff --git a/htdocs/user_finger.php3 b/htdocs/user_finger.php3
index a79021d..2439111 100644
--- a/htdocs/user_finger.php3
+++ b/htdocs/user_finger.php3
@@ -1,6 +1,7 @@
 <?php
 require('../conf/config.php3');
 require('../lib/attrshow.php3');
+require('../lib/sql/nas_list.php3');
 if (!isset($usage_summary)){
 	echo <<<EOM
 <html>
@@ -41,7 +42,7 @@ $date = strftime('%A, %e %B %Y, %T %Z');
 
 $sql_extra_query = '';
 if ($config[sql_accounting_extra_query] != '')
-	$sql_extra_query = sql_xlat($config[sql_accounting_extra_query],$login,$config);
+	$sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
 
 $link = @da_sql_pconnect($config);
 $link2 = connect2db($config);
@@ -60,6 +61,8 @@ if ($link){
 		}
 		else
 			$servers_num++;
+		if ($nas[ip] == '')
+			continue;
 		$name_data = $nas[ip];
 		$community_data = $nas[community];
 		$server_name[$servers_num] = $nas[name];
diff --git a/htdocs/user_stats.php3 b/htdocs/user_stats.php3
index ecd7285..f736d72 100644
--- a/htdocs/user_stats.php3
+++ b/htdocs/user_stats.php3
@@ -1,6 +1,7 @@
 <?php
 require('../conf/config.php3');
 require('../lib/functions.php3');
+require('../lib/sql/nas_list.php3');
 ?>
 <html>
 <?php
@@ -53,7 +54,7 @@ $selected[$sortby] = 'selected';
 
 $sql_extra_query = '';
 if ($config[sql_accounting_extra_query] != '')
-	$sql_extra_query = sql_xlat($config[sql_accounting_extra_query],$login,$config);
+	$sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
 
 ?>
 
@@ -194,6 +195,8 @@ EOM;
 <?php
 foreach ($nas_list as $nas){
 	$name = $nas[name];
+	if ($nas[ip] == '')
+		continue;
 	$servers[$name] = $nas[ip];
 }
 ksort($servers);
diff --git a/lib/ldap/defaults.php3 b/lib/ldap/defaults.php3
index 3583098..9db4af2 100644
--- a/lib/ldap/defaults.php3
+++ b/lib/ldap/defaults.php3
@@ -28,7 +28,7 @@ if ($config[ldap_default_dn] != ''){
 		if ($regular_profile_attr != ''){
 			$get_attrs = array("$regular_profile_attr");
 			if ($config[ldap_filter] != '')
-				$filter = ldap_xlat($config[ldap_filter],$login,$config);
+				$filter = xlat($config[ldap_filter],$login,$config);
 			else
 				$filter = 'uid=' . $login;
 			if ($config[ldap_debug] == 'true')
diff --git a/lib/ldap/functions.php3 b/lib/ldap/functions.php3
index 6cb3ad5..910d1f2 100644
--- a/lib/ldap/functions.php3
+++ b/lib/ldap/functions.php3
@@ -1,16 +1,5 @@
 <?php
-function ldap_xlat($filter,$login,$config)
-{
-	$string = $filter;
-	if ($filter != ''){
-		$string = preg_replace('/%u/',$login,$string);
-		$string = preg_replace('/%U/',$HTTP_SERVER_VARS["PHP_AUTH_USER"],$string);
-		$string = preg_replace('/%ma/',$mappings[$http_user][accounting],$string);
-		$string = preg_replace('/%mu/',$mappings[$http_user][userdb],$string);
-	}
-
-	return $string;
-}
+require('../lib/xlat.php3');
 
 function da_ldap_bind($ds,$config)
 {
@@ -66,12 +55,12 @@ function get_user_info($ds,$user,$config,$decode_normal,$k)
 		$attrs = array('cn');
 		if ($config[ldap_userdn] == ''){
 			if ($config[ldap_filter] != '')
-				$filter = ldap_xlat($config[ldap_filter],$login,$config);
+				$filter = xlat($config[ldap_filter],$login,$config);
 			else
 				$filter = 'uid=' . $login;
 		}
 		else
-			$filter = ldap_xlat($config[ldap_userdn],$login,$config);
+			$filter = xlat($config[ldap_userdn],$login,$config);
 		if ($config[ldap_debug] == 'true'){
 			if ($config[ldap_userdn] == '')
 	print "<b>DEBUG(LDAP): Search Query: BASE='$config[ldap_base]',FILTER='$filter'</b><br>\n";
@@ -98,12 +87,12 @@ function get_user_dn($ds,$user,$config)
 		$attrs = array('dn');
 		if ($config[ldap_userdn] == ''){
 			if ($config[ldap_filter] != '')
-				$filter = ldap_xlat($config[ldap_filter],$login,$config);
+				$filter = xlat($config[ldap_filter],$login,$config);
 			else
 				$filter = 'uid=' . $login;
 		}
 		else
-			$filter = ldap_xlat($config[ldap_userdn],$login,$config);
+			$filter = xlat($config[ldap_userdn],$login,$config);
 		if ($config[ldap_debug] == 'true'){
 			if ($config[ldap_userdn] == '')
 	print "<b>DEBUG(LDAP): Search Query: BASE='$config[ldap_base]',FILTER='$filter'</b><br>\n";
diff --git a/lib/ldap/user_info.php3 b/lib/ldap/user_info.php3
index 45116b8..b38061d 100644
--- a/lib/ldap/user_info.php3
+++ b/lib/ldap/user_info.php3
@@ -32,12 +32,12 @@ if ($ds) {
 	$r=@da_ldap_bind($ds,$config);
 	if ($config[ldap_userdn] == ''){
 		if ($config[ldap_filter] != '')
-			$filter = ldap_xlat($config[ldap_filter],$login,$config);
+			$filter = xlat($config[ldap_filter],$login,$config);
 		else
 			$filter = 'uid=' . $login;
 	}
 	else
-		$filter = ldap_xlat($config[ldap_userdn],$login,$config);
+		$filter = xlat($config[ldap_userdn],$login,$config);
 	if ($config[ldap_debug] == 'true'){
 		if ($config[ldap_userdn] == '')
 			print "<b>DEBUG(LDAP): Search Query: BASE='$config[ldap_base]',FILTER='$filter'</b><br>\n";
diff --git a/lib/sql/find.php3 b/lib/sql/find.php3
index a4a700a..7080adc 100644
--- a/lib/sql/find.php3
+++ b/lib/sql/find.php3
@@ -11,11 +11,11 @@ if ($link){
 	$search = da_sql_escape_string($search);
 	if (!is_int($max_results))
 		$max_results = 10;
-	if (($search_IN == 'name' || $search_IN == 'ou') && $config[sql_use_user_info_table] == 'true'){
-		$attr = ($search_IN == 'name') ? 'name' : 'department';
+	if (($search_IN == 'name' || $search_IN == 'department' || $search_IN == 'username) && 
+			$config[sql_use_user_info_table] == 'true'){
 		$res = @da_sql_query($link,$config,
 		"SELECT username FROM $config[sql_user_info_table] WHERE
-		lower($attr) LIKE '%$search%' LIMIT $max_results;");
+		lower($search_IN) LIKE '%$search%' LIMIT $max_results;");
 		if ($res){
 			while(($row = @da_sql_fetch_array($res,$config)))
 				$found_users[] = $row[username];
diff --git a/lib/sql/functions.php3 b/lib/sql/functions.php3
index 98fdc66..d42a6eb 100644
--- a/lib/sql/functions.php3
+++ b/lib/sql/functions.php3
@@ -5,6 +5,7 @@ else{
 	echo "<b>Could not include SQL library</b><br>\n";
 	exit();
 }
+require('../lib/xlat.php3');
 
 function connect2db($config)
 {
@@ -31,16 +32,4 @@ function closedb($link,$config)
 {
 	return 1;
 }
-function sql_xlat($filter,$login,$config)
-{
-	$string = $filter;
-	$http_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
-	if ($filter != ''){
-		$string = preg_replace('/%u/',$login,$string);
-		$string = preg_replace('/%U/',$http_user,$string);
-		$string = preg_replace('/%m/',$mappings[$http_user],$string);
-	}
-
-	return $string;
-}
 ?>
diff --git a/lib/sql/nas_list.php3 b/lib/sql/nas_list.php3
new file mode 100644
index 0000000..2d689ec
--- /dev/null
+++ b/lib/sql/nas_list.php3
@@ -0,0 +1,55 @@
+<?php
+require('../conf/config.php3');
+
+if ($config[sql_nas_table] != ''){
+
+	if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php3"))
+		include_once("../lib/sql/drivers/$config[sql_type]/functions.php3");
+	else{
+		echo "<b>Could not include SQL library</b><br>\n";
+		exit();
+	}
+	$link = @da_sql_pconnect($config);
+	if ($link){
+		$auth_user = HTTP_SERVER_VARS["PHP_AUTH_USER"];
+		$extra = '';
+		if (isset($mappings[$auth_user][nasdb]){
+			$NAS_ARR = array();
+			$NAS_ARR = split(',',$mappings[$auth_user][nasdb]);
+			$extra = 'WHERE nasname IN (';
+			foreach ($NAS_ARR as $nas)
+				$extra .= "'$nasname',";	
+			unset($NAS_ARR);
+			$extra = rtrim($extra,",");
+			$extra .= ')';	
+		}
+		$search = @da_sql_query($link,$config,
+		"SELECT * FROM $config[sql_nas_table] $extra;");
+		if ($search){
+			while($row = @da_sql_fetch_array($search,$config)){
+				$num = 0;
+				$my_nas_name = $row['nasname'];
+				if ($my_nas_name != ''){
+					$nas_list[$my_nas_name]['name'] = $my_nas_name;
+                                	$nas_server = $da_name_cache[$my_nas_name];
+                                	if (!isset($nas_server)){
+                                        	$nas_server = @gethostbyname($nas_server);
+                                        	if (!isset($da_name_cache) && $config[general_use_session] == 'yes'){
+                                                	$da_name_cache[$my_nas_name] = $nas_server;
+                                                	session_register('da_name_cache');
+                                        	}
+                                	}
+					if ($nas_server != $my_nas_name)
+						$nas_list[$my_nas_name]['ip'] = $nas_server;
+					$nas_list[$my_nas_name]['port_num'] = $row['ports'];
+					$nas_list[$my_nas_name]['community'] = $row['community'];
+					$nas_list[$my_nas_name]['model'] = $row['description'];
+				}
+			}
+		}
+	}
+	else
+		echo "<b>Could not connect to SQL database</b><br>\n";
+}
+
+?>
diff --git a/lib/xlat.php3 b/lib/xlat.php3
new file mode 100644
index 0000000..ff5c2f9
--- /dev/null
+++ b/lib/xlat.php3
@@ -0,0 +1,16 @@
+<?php
+function xlat($filter,$login,$config)
+{
+	$string = $filter;
+	if ($filter != ''){
+		$string = preg_replace('/%u/',$login,$string);
+		$string = preg_replace('/%U/',$HTTP_SERVER_VARS["PHP_AUTH_USER"],$string);
+		$string = preg_replace('/%ma/',$mappings[$http_user][accounting],$string);
+		$string = preg_replace('/%mu/',$mappings[$http_user][userdb],$string);
+		$string = preg_replace('/%mn/',$mappings[$http_user][nasdb],$string);
+		$string = preg_replace('/%mN/',$mappings[$http_user][nasadmin],$string);
+	}
+
+	return $string;
+}
+?>