kkalev [Mon, 20 Dec 2004 16:58:16 +0000 (16:58 +0000)]
* In bin/snmpfinger also accept @,. in the username
* If we are stripping realms, then if needed strip them from the data returned by snmpfinger in
user_finger.php3
kkalev [Mon, 25 Oct 2004 13:55:04 +0000 (13:55 +0000)]
* Add lib/sql/group_change.php3 to add and delete a user from groups
* Add a new directive sql_show_all_groups. If set to true then in user edit page we show all available
groups with the ones the user is a member of highlighted. The administrator can then directly
change user group membership by changing membership in this group list.
kkalev [Mon, 9 Aug 2004 15:37:46 +0000 (15:37 +0000)]
In user_state also take into account any open sessions when calculating daily/weekly usage.
Add two more lines in the output stating the number of current open sessions and the time used.
* Add a drop down menu with existing groups in group_new.php3
* Check for sql in show_groups.php3
* In lib/sql/group_info.php3 if $login is not set, find available groups and place them in
$existing_groups along with a count of users per group. Use the functionality in group_new.php3
and show_groups.php3
* Update TODO
* A LOT of security related fixes. Now dialupadmin should hopefully be secure enough to
be accessed by normal users (not administrators).
* Move a few elements in the CSS file from the body tag. Suggestion by Gary McKinney
* Update FAQ about using php with no sql support.
* Allow the user to select between viewing FAQ,HOWTO or README in the help page.
* Use $_SERVER instead of $HTTP_SERVER_VARS
Add a missing.php3 file with functions that may be missing from the PHP version used. Include it
if a function is missing. Currently only array_change_key_case() is included
kkalev [Tue, 29 Jun 2004 10:09:26 +0000 (10:09 +0000)]
* Escape special characters in the sql password. This closes bug #96
* Do an xlat for general_accounting_attrs_file and general_user_edit_attrs_file. That way we can
have different mappings for each administrator.
kkalev [Fri, 18 Jun 2004 13:01:56 +0000 (13:01 +0000)]
* Move the xlat function to a separate file in lib/xlat.php3
* Add a lib/sql/nas_list.php3 to also get the nas list from sql (naslist.conf still works)
* add realms nasdb and nasadmin in username.mappings. nasadmin is used to signify if the
user is allowed to use the nas_admin page. nasdb is used to shorten the nas list to only
a few specific entries. That way administrator responsible for a few access servers will
only be able to administer those access servers and not see the rest of the nas list.
* Add username searching in the find page as suggested by joram agten
* Don't use nas_list in nas_admin
* Add a check_user_passwd() and a get_user_dn() functions in lib/ldap/functions.php3
* Add general_restrict_badusers_access directive. If set to yes we only allow each administrator
access to their own entries in the badusers table
* Add a username.mappings table. We are able to map each administrator username to additional queries
on the accounting and user settings tables.
* Add an sql_accounting_extra_query directive. If set this query is included in all
queries to the accounting tables.
Combined with admin username mappings we are able to easily restrict access on specific accounting data
to each administrator.
* Escape bad characters in the $login variable
* Add a da_sql_escape_string function. We use that for every element we pass to sql queries in order to
protect ourselves from sql injection.
* Use the ldap_userdn directive where applicable in the functions.php3 file
* Add an sql_xlat function
TODO: Check out the sql queries in lin/sql for sql injection.
Add ldap_userdn as a configuration directive. If set we use that for
user DN's (variables supported) instead of performing and ldap search for
each user. That can be somewhat faster.
kkalev [Wed, 10 Mar 2004 14:29:32 +0000 (14:29 +0000)]
Add a force directive in log_badlogins. If uncommented it will force inserts even if there are
sql errors. That can help in case there is one sql query which stops the whole failed logins
logging system from working
kkalev [Mon, 15 Dec 2003 16:55:28 +0000 (16:55 +0000)]
* Huge PostgreSQL compatibility patch by Guy Fraser <guy@incentre.net>
* Also support the Crypt-Password attribute in lib/sql/password_check.php3. Patch by Guy Fraser <guy@incentre.net>
kkalev [Sun, 2 Nov 2003 13:57:35 +0000 (13:57 +0000)]
* Check for the binaries used (mysql/snmpwalk) in the scripts in the bin folder before using them
* Update the HOWTO file
* Use the general_domain variable from the admin.conf file in log_badlogins instead of a new one
* Add a sql_command directive in admin.conf containing the path to the mysql binary. That can be used by the
scripts in the bin folder instead of setting a variable in each script
* Add a general_nas_type and a per nas type directive and pass that to snmpfinger. Updated snmpfinger to also
support lucent equipment apart from cisco
kkalev [Sat, 1 Nov 2003 15:04:02 +0000 (15:04 +0000)]
* Add a few help pages for the nomadix radius attributes by Ulrich Walcher
* Update the HOWTO with instructions about the ldap configuration directives and the scripts in the bin folder
* Update the AUTHORS file
kkalev [Mon, 20 Oct 2003 16:39:38 +0000 (16:39 +0000)]
* Add a captions.conf file with a few configurable captions for now
* Move the nas list to a separate file called naslist.conf
* Add the ability to include configuration files in admin.conf
* Add a page for clearing open sessions from the database called clear_opensessions.php3. Add it in the
user toolbar
* Move the userinfo page of user_admin to a separate file so that it can be easily changed to
fit per installation needs
* Add a conf/accounting.attrs allowing the customization of the attributes in the user_accounting,
user_finger and failed_logins pages
* Add a directive to determine if the administrator will be able to change the user password from
the user edit page
* Call mysql_escape_string before running the sql query
* Use the sql_connect_timeout for the mysql driver
* Add a help page for the badusers table
* Also take the Session-Timeout in consideration when calcualting the remaining time in user_admin.php3
* Add regex matching in log_badlogins and don't expect the callerid to always be in numeric format
With these changes dialupadmin can probably be used for administrating other radius based services
apart from dialup
Hope everything works
kkalev [Sun, 5 Oct 2003 16:03:11 +0000 (16:03 +0000)]
Add a configuration directive counter_monthly_calculate_usage to calculate the monthly usage time. Calculate
it in user_admin if monthly_limit != 'none' or if this directive is set.
Based on a report by "apellido jr., wilfredo p"
Allow for defining the ldap_filter used when searching for a user. The filter supports dynamic variables
like %u (username) and %U (username provided though http auth)
* Only delete sessions which are not open in truncate_radacct. Bug noted by Evren Yurtesen <yurtesen@ispro.net.tr>
* Add a user input tag in user_stats.php3
* Make all scripts use the mysql binary instead of DBI and make the sql password even if it is empty
* Make log_badlogins work with usernames containing spaces
kkalev [Sat, 10 May 2003 13:49:46 +0000 (13:49 +0000)]
Add a usage_summary parameter in user_finger. If it is passed then we only output a text like:
"Online: <num> Free: <num>" which can be used in outside pages
kkalev [Mon, 5 May 2003 23:10:04 +0000 (23:10 +0000)]
* Use Max-Monthly-Session not Max-Weekly-Session for the monthly limit
* When checking the weekly limit check first that $remaining is numeric before doing any comparisons
projects / freeradius-dialup-admin.git / log