changeconf.php

phpbased firewall for linux.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title><?=$titleOfPage?></title>
<script type="text/javascript" src="lib/js/tabpane.js"></script>
<link id="luna-tab-style-sheet" type="text/css" rel="stylesheet" href="lib/css/luna/tab.css"/>
<link rel="stylesheet" type="text/css" href="templates/<?=$theme?>/style.css" />

</head>
<?
if ($_POST["action"]=="modules") {
$filename = realpath('modules.xml');
if (is_writable($filename)) {
  // In our example we're opening $filename in append mode.
	   // The file pointer is at the bottom of the file hence
	   // that's where $somecontent will go when we fwrite() it.
	   if (!$handle = fopen($filename, 'w')) {
			 $feedback2="<span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Cannot open file ($filename)</span>";
			 exit;
	   }
	
	   // Write $somecontent to our opened file.
	   if (fwrite($handle, stripslashes($_POST["moduleEdit"])) === FALSE) {
		   $feedback2="<span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Cannot write to file ($filename)</span>";
		   exit;
	   }
	
	   $feedback2="<span style=\"color:green;font-weight:bold;\"><img src=\"images/info.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Successfully written Modules XML File.</span>";
	
	   fclose($handle);
	
	} else {
	   $feedback2="<span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> The file $filename is not writable</span>";
	}
}


$filename = realpath('config.inc.php');
if ($_POST["action"]=="change") {

$somecontent = "<? \n";
$somecontent.="include_once(\"template.inc.php\");\n";
$somecontent.="\$CONF[\"version\"]=\"".$CONF["version"]."\";\n";
$somecontent.="\$CONF[\"welcomeString\"]=\"".$_POST["welcomeString"]."\";\n";
$somecontent.="\$CONF[\"iconWidth\"]=".$_POST["iconWidth"].";\n";
$somecontent.="\$CONF[\"iconHeight\"]=".$_POST["iconHeight"].";\n";
$somecontent.="\$CONF[\"iconPerLine\"]=".$_POST["iconPerLine"].";\n";
$somecontent.="\$CONF[\"pathIfconfig\"]=\"".$_POST["pathIfconfig"]."\";\n";
$somecontent.="\$CONF[\"pathIptables\"]=\"".$_POST["pathIptables"]."\";\n";
$somecontent.="\$CONF[\"pathPing\"]=\"".$_POST["pathPing"]."\";\n";
$somecontent.="\$CONF[\"pathNmap\"]=\"".$_POST["pathNmap"]."\";\n";
$somecontent.="\$CONF[\"whereToSaveIptables\"]=\"".$_POST["whereToSaveIptables"]."\";\n";
$somecontent.="\n ?>";

$CONF["welcomeString"]=$_POST["welcomeString"];
$CONF["iconWidth"]=$_POST["iconWidth"];
$CONF["iconHeight"]=$_POST["iconHeight"];
$CONF["iconPerLine"]=$_POST["iconPerLine"];
$CONF["pathIfconfig"]=$_POST["pathIfconfig"];
$CONF["pathIptables"]=$_POST["pathIptables"];
$CONF["pathPing"]=$_POST["pathPing"];
$CONF["pathNmap"]=$_POST["pathNmap"];
$CONF["whereToSaveIptables"]=$_POST["whereToSaveIptables"];


	// Let's make sure the file exists and is writable first.
	if (is_writable($filename)) {
	
	   // In our example we're opening $filename in append mode.
	   // The file pointer is at the bottom of the file hence
	   // that's where $somecontent will go when we fwrite() it.
	   if (!$handle = fopen($filename, 'w')) {
			 $feedback="<span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Cannot open file ($filename)</span>";
			 exit;
	   }
	
	   // Write $somecontent to our opened file.
	   if (fwrite($handle, $somecontent) === FALSE) {
		   $feedback="<span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Cannot write to file ($filename)</span>";
		   exit;
	   }
	
	   $feedback="<span style=\"color:green;font-weight:bold;\"><img src=\"images/info.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Successfully written configuration.</span>";
	
	   fclose($handle);
	
	} else {
	   $feedback="<span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> The file $filename is not writable</span>";
	}
}

if ($_POST["action"]=="changePasswordApache") {
	require("lib/pwfile.php");
    $pw = new PwFile($_POST["passFile"]);
	if ($pw->error) { 
		$feedback3="<span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Wrong Password's file: <pre>".$_POST["passFile"]."</pre></span>";
    } 
	else { 
    $usr_ID = "admin";
    $usr_passwd = $_POST["password"];
	if (($_POST["password"]==$_POST["password2"]) && ($_POST["password"]!="")) {
		if ($pw->existsUser($usr_ID)) {
			$pw->addUser($usr_ID, $usr_passwd);
		}
		else { 
			$pw->updateUser($usr_ID, $usr_passwd);
			$feedback3="<span style=\"color:green;font-weight:bold;\"><img src=\"images/info.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Password updated.</span>";
			}
		//$pw->addUser($usr_ID, $usr_passwd);
		//$pw->deleteUser($usr_ID);	
	} else $feedback3="<span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> Oops passwords don't match (or blank password)!!</span>";
	}//
}

?>
<body>
<? backToIndex(); ?>
<h2>Configuration Panel</h2>
<div class="tab-pane" id="tab-pane-1">
<div class="tab-page">
<h2 class="tab">General</h2>
<h3>General Configuration</h3>
<?

if (!is_writable($filename)) {
	echo "<div class=\"info\"><span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> WARNING: config.inc.php is not writable!!</span></div><br/>";
}
else {
	echo "<div class=\"info\"><span style=\"color:green;font-weight:bold;\"><img src=\"images/info.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> OK: config.inc.php is writable.</span></div><br/>";
}

if (!empty($feedback)) echo "<div class=\"info\">".$feedback."</div><br/>\n";
?>
<form method="post" action="index.php?modules=changeConf">
<input type="hidden" name="action" value="change" />
<table width="600" class="tableBorder" border="0" cellpadding="3" cellspacing="0">
<tr><td class="lineBest">Welcome String</td>
	<td><input type="text" name="welcomeString" value="<?=$CONF["welcomeString"]?>" size="40" /></td>
</tr>
<tr><td class="lineBest">Icon Width</td>
	<td class="thAll"><input type="text" name="iconWidth" value="<?=$CONF["iconWidth"]?>" size="4" /></td>
</tr>
<tr><td class="lineBest">Icon Height</td>
	<td><input type="text" name="iconHeight" value="<?=$CONF["iconHeight"]?>" size="4" /></td>
</tr>
<tr><td class="lineBest">Icon Per Line</td>
	<td><input type="text" name="iconPerLine" value="<?=$CONF["iconPerLine"]?>" size="4" /></td>
</tr>
<tr><td class="lineBest">Path Of Iptables Command</td>
	<td><input type="text" name="pathIptables" value="<?=$CONF["pathIptables"]?>" /></td>
</tr>
<tr><td class="lineBest">Path Of Ifconfig Command</td>
	<td><input type="text" name="pathIfconfig" value="<?=$CONF["pathIfconfig"]?>" /></td>
</tr>
<tr><td class="lineBest">Path Of Ping Command</td>
	<td><input type="text" name="pathPing" value="<?=$CONF["pathPing"]?>" /></td>
</tr>
<tr><td class="lineBest">Path Of Nmap Command</td>
	<td><input type="text" name="pathNmap" value="<?=$CONF["pathNmap"]?>" /></td>
</tr>
<tr><td class="lineBest">Where to save iptables rules</td>
	<td><input type="text" name="whereToSaveIptables" value="<?=$CONF["whereToSaveIptables"]?>" /></td>
</tr>
<tr><td colspan="2" class="evenrowbg" align="center"><input type="submit" name="do_change" value="Save" /></td></tr>
</table>
</form><br />
</div>
	<div class="tab-page">
      <h2 class="tab">Modules</h2>
	  <h3>Manage your modules</h3>
	<? if (!is_writable("modules.xml")) {
		echo "<div class=\"info\"><span style=\"color:red;font-weight:bold;\"><img src=\"images/warning.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> WARNING: modules.xml is not writable!!</span></div><br/>";
	}
	else {
		echo "<div class=\"info\"><span style=\"color:green;font-weight:bold;\"><img src=\"images/info.png\" alt=\"\" border=\"0\" align=\"absmiddle\" /> OK: modules.xml is writable.</span></div><br/>";
	} 
	
	if (!empty($feedback2)) echo "<div class=\"info\">".$feedback2."</div><br/>\n";
	
	?>
	<form method="post" action="index.php?modules=changeConf">
	<input type="hidden" name="action" value="modules" />
	<table width="600" class="tableBorder" border="0" cellpadding="3" cellspacing="0">
	<tr><td class="lineBest"><b>modules.xml content:</b><br /></td></tr>
	<tr><td><textarea name="moduleEdit" rows="50" cols="80"><?
	$filename = "modules.xml";
	$handle = fopen($filename, "r");
	$contents = fread($handle, filesize($filename));
	fclose($handle);
	echo /*htmlentities(*/$contents;//);
	?></textarea>
	</td></tr>
	<tr><td class="evenrowbg" align="center">
	<input type="submit" name="do_change" value="Save" /></td>
	</tr>
	</table>
	</form>
	</div>
	<div class="tab-page">
<h2 class="tab">Security</h2>
<div class="info"><img src="images/info.png" alt="" border="0" align="absmiddle" />
We are working about security (authentication). We found 3 way:<br/>
<ol>
	<li>Apache Authentication</li>
	<li>Php Session Authentication</li>
	<li>Mysql Authentication (but it should require Mysql...)</li>
</ol>
Actually first method :-)
</div>
<br/>
<h3>Apache 2 Basic Authentication</h3>
<form action="index.php?modules=changeConf" method="post" name="security">
<input type="hidden" name="action" value="changePasswordApache" />
<table width="600" class="tableBorder" border="0" cellpadding="3" cellspacing="0">
	<tr><td class="lineBest"><b>User</b><br /></td>
	<td><em>admin</em></td></tr>
	<tr><td class="lineBest" width="250"><b>Insert new password</b><br /></td>
	<td><input type="password" name="password" value="" size="25" /></td></tr>
	<tr><td class="lineBest"><b>Insert new password (another time)</b><br /></td>
	<td><input type="password" name="password2" value="" size="25" /></td></tr>
	<tr><td class="lineBest"><b>Password file</b><br /></td>
	<td><input type="text" name="passFile" value="/var/www/site/passwords" size="25" /></td></tr>
	<tr><td colspan="2"><input type="submit" name="do_change" value="Save" onClick="return confirm('I\'m going to save new password: are you sure?');" /></td></tr>
</table>
</form>
<? if (!empty($feedback3)) echo "<br/><div class=\"info\">".$feedback3."</div><br/>\n"; ?>
</div>
</div>
<script type="text/javascript">
setupAllTabs();
</script>
<? author(); ?>
</body></html>