From cc8777b5e5c67c0314da8ee8958bb424d9329cb7 Mon Sep 17 00:00:00 2001 From: phpipam <miha.petkovsek@telemach.si> Date: Thu, 14 Dec 2023 14:27:45 +0100 Subject: [PATCH] Added IS_DEMO flag to simplify demo updating --- app/admin/2fa/edit_user.php | 3 +++ app/admin/2fa/save.php | 3 +++ app/admin/api/edit-result.php | 2 ++ .../authentication-methods/edit-result.php | 2 ++ app/admin/groups/add-users-result.php | 6 ++--- app/admin/groups/edit-group-result.php | 2 ++ app/admin/groups/remove-users-result.php | 6 ++--- app/admin/languages/edit-result.php | 5 ++-- app/admin/mail/edit.php | 5 ++-- app/admin/mail/test-mail.php | 5 ++-- app/admin/password-policy/save.php | 2 ++ app/admin/powerDNS/defaults-save.php | 2 ++ app/admin/powerDNS/settings-save.php | 2 ++ app/admin/scan-agents/edit-result.php | 6 ++--- app/admin/sections/edit-result.php | 4 +++- app/admin/settings/settings-save.php | 2 ++ app/admin/users/edit-result.php | 2 ++ app/admin/verify-database/fix.php | 3 +-- app/admin/verify-database/index.php | 4 +--- app/dashboard/index.php | 3 +++ app/login/login_form.php | 24 +++++++++++++++++++ .../scan/subnet-scan-execute-scan-icmp.php | 3 +++ .../subnet-scan-execute-scan-snmp-arp.php | 3 +++ .../scan/subnet-scan-execute-scan-telnet.php | 3 +++ .../scan/subnet-scan-execute-snmp-mac.php | 3 +++ .../subnet-scan-execute-snmp-route-all.php | 3 +++ .../scan/subnet-scan-execute-snmp-route.php | 3 +++ .../scan/subnet-scan-execute-update-icmp.php | 3 +++ .../subnet-scan-execute-update-snmp-arp.php | 3 +++ app/tools/user-menu/2fa_save.php | 2 ++ app/tools/user-menu/user-edit.php | 2 ++ app/tools/user-menu/user-widgets-set.php | 5 ++-- functions/classes/class.User.php | 15 ++++++++++++ index.php | 22 ++++++++++++++++- 34 files changed, 139 insertions(+), 24 deletions(-) diff --git a/app/admin/2fa/edit_user.php b/app/admin/2fa/edit_user.php index fe8c1125..3e1ba016 100644 --- a/app/admin/2fa/edit_user.php +++ b/app/admin/2fa/edit_user.php @@ -16,6 +16,9 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(true); + // check id if(!is_numeric($_POST['id'])) { $Result->show("danger", _("Invalid id"), true, true); } diff --git a/app/admin/2fa/save.php b/app/admin/2fa/save.php index dc2063f1..7158cce6 100644 --- a/app/admin/2fa/save.php +++ b/app/admin/2fa/save.php @@ -16,6 +16,9 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); + // validate csrf cookie $User->Crypto->csrf_cookie ("validate", "2fa", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; diff --git a/app/admin/api/edit-result.php b/app/admin/api/edit-result.php index 9958cc62..3e1aa133 100755 --- a/app/admin/api/edit-result.php +++ b/app/admin/api/edit-result.php @@ -15,6 +15,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); diff --git a/app/admin/authentication-methods/edit-result.php b/app/admin/authentication-methods/edit-result.php index 9644ea83..5fb8723c 100644 --- a/app/admin/authentication-methods/edit-result.php +++ b/app/admin/authentication-methods/edit-result.php @@ -16,6 +16,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); diff --git a/app/admin/groups/add-users-result.php b/app/admin/groups/add-users-result.php index 72ec4616..ae8d9c37 100755 --- a/app/admin/groups/add-users-result.php +++ b/app/admin/groups/add-users-result.php @@ -15,6 +15,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); @@ -59,6 +61,4 @@ if(isset($errors)) { } else { $Result->show("success", _('Users added to group'), true); -} - -?> \ No newline at end of file +} \ No newline at end of file diff --git a/app/admin/groups/edit-group-result.php b/app/admin/groups/edit-group-result.php index 9528d929..afe5d987 100755 --- a/app/admin/groups/edit-group-result.php +++ b/app/admin/groups/edit-group-result.php @@ -17,6 +17,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); diff --git a/app/admin/groups/remove-users-result.php b/app/admin/groups/remove-users-result.php index f893ed43..03a731c3 100755 --- a/app/admin/groups/remove-users-result.php +++ b/app/admin/groups/remove-users-result.php @@ -15,6 +15,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); @@ -55,6 +57,4 @@ if(isset($errors)) { } else { $Result->show("success", _('Users removed from group'), true); -} - -?> \ No newline at end of file +} \ No newline at end of file diff --git a/app/admin/languages/edit-result.php b/app/admin/languages/edit-result.php index 069dee29..3040a7ba 100755 --- a/app/admin/languages/edit-result.php +++ b/app/admin/languages/edit-result.php @@ -16,6 +16,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); @@ -37,5 +39,4 @@ $values = array("l_id"=>@$_POST['l_id'], # update if(!$Admin->object_modify("lang", $_POST['action'], "l_id", $values)) { $Result->show("danger", _("Language $_POST[action] error"), true); } -else { $Result->show("success", _("Language $_POST[action] success"), true); } -?> \ No newline at end of file +else { $Result->show("success", _("Language $_POST[action] success"), true); } \ No newline at end of file diff --git a/app/admin/mail/edit.php b/app/admin/mail/edit.php index 93fbc39a..92c93efa 100755 --- a/app/admin/mail/edit.php +++ b/app/admin/mail/edit.php @@ -15,6 +15,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); @@ -36,5 +38,4 @@ $values = array("id"=>1, # update if(!$Admin->object_modify("settingsMail", "edit", "id", $values)) { $Result->show("danger", _('Cannot update settings').'!', true); } -else { $Result->show("success", _('Settings updated successfully')."!", true); } -?> \ No newline at end of file +else { $Result->show("success", _('Settings updated successfully')."!", true); } \ No newline at end of file diff --git a/app/admin/mail/test-mail.php b/app/admin/mail/test-mail.php index 0d2307c2..48c161da 100755 --- a/app/admin/mail/test-mail.php +++ b/app/admin/mail/test-mail.php @@ -15,6 +15,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # try to send try { @@ -51,5 +53,4 @@ try { } //if error not sent print ok -$Result->show("success alert-absolute", "Message sent to site admin (".$User->settings->siteAdminMail.")!", true); -?> \ No newline at end of file +$Result->show("success alert-absolute", "Message sent to site admin (".$User->settings->siteAdminMail.")!", true); \ No newline at end of file diff --git a/app/admin/password-policy/save.php b/app/admin/password-policy/save.php index 9b68b23d..e2d9d82e 100644 --- a/app/admin/password-policy/save.php +++ b/app/admin/password-policy/save.php @@ -16,6 +16,8 @@ $Params = new Params ($_POST); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # validate csrf cookie $User->Crypto->csrf_cookie ("validate", "settings", $Params->csrf_cookie) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; diff --git a/app/admin/powerDNS/defaults-save.php b/app/admin/powerDNS/defaults-save.php index ea014806..f6c20eb9 100644 --- a/app/admin/powerDNS/defaults-save.php +++ b/app/admin/powerDNS/defaults-save.php @@ -15,6 +15,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); diff --git a/app/admin/powerDNS/settings-save.php b/app/admin/powerDNS/settings-save.php index 18a1acb1..50385992 100644 --- a/app/admin/powerDNS/settings-save.php +++ b/app/admin/powerDNS/settings-save.php @@ -15,6 +15,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); diff --git a/app/admin/scan-agents/edit-result.php b/app/admin/scan-agents/edit-result.php index eddf869a..67b8cc28 100644 --- a/app/admin/scan-agents/edit-result.php +++ b/app/admin/scan-agents/edit-result.php @@ -15,6 +15,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); @@ -85,6 +87,4 @@ else { // references removed $Result->show("info", _("Scan agent references removed")); } -} - -?> \ No newline at end of file +} \ No newline at end of file diff --git a/app/admin/sections/edit-result.php b/app/admin/sections/edit-result.php index ecbf01d3..3661590b 100755 --- a/app/admin/sections/edit-result.php +++ b/app/admin/sections/edit-result.php @@ -18,6 +18,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); @@ -122,4 +124,4 @@ else { // apply permission changes $Subnets->set_permissions ($section_subnets, $removed_permissions, $changed_permissions); } -} +} \ No newline at end of file diff --git a/app/admin/settings/settings-save.php b/app/admin/settings/settings-save.php index 5a0797fe..f2c6aa1d 100755 --- a/app/admin/settings/settings-save.php +++ b/app/admin/settings/settings-save.php @@ -16,6 +16,8 @@ $Result = new Result (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # validate csrf cookie $User->Crypto->csrf_cookie ("validate", "settings", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; diff --git a/app/admin/users/edit-result.php b/app/admin/users/edit-result.php index 38a59bac..8cc518d7 100755 --- a/app/admin/users/edit-result.php +++ b/app/admin/users/edit-result.php @@ -17,6 +17,8 @@ $Password_check = new Password_check (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # check maintaneance mode $User->check_maintaneance_mode (); diff --git a/app/admin/verify-database/fix.php b/app/admin/verify-database/fix.php index 7a35c8e5..5d032115 100755 --- a/app/admin/verify-database/fix.php +++ b/app/admin/verify-database/fix.php @@ -37,5 +37,4 @@ else { else { $Result->show("danger", _("Wrong parameters"), true); } -} -?> \ No newline at end of file +} \ No newline at end of file diff --git a/app/admin/verify-database/index.php b/app/admin/verify-database/index.php index 400323d8..aacbde3c 100755 --- a/app/admin/verify-database/index.php +++ b/app/admin/verify-database/index.php @@ -117,6 +117,4 @@ print "<h4>"._('Missing indexes').'</h4><hr>'; if($Tools->verify_database_indexes()===true) { $Result->show ("success", _("No missing indexes detected"), false); -} - -?> \ No newline at end of file +} \ No newline at end of file diff --git a/app/dashboard/index.php b/app/dashboard/index.php index bd5bc7ed..13dbadec 100755 --- a/app/dashboard/index.php +++ b/app/dashboard/index.php @@ -145,6 +145,9 @@ if(sizeof($uwidgets)>1) { print '<div class="row-fluid">'; + if(defined('IS_DEMO')) + print '<div class="alert alert-info" style="margin:auto;text-align:center;margin:10px;"><i class="fa fa-info fa-pad-right"></i> You can download latest phpIPAM version <a href="https://phpipam.net/download/" target="_blank">here</a>!</div>'; + foreach($uwidgetschunk as $w) { # print itams in a row foreach($w as $c) { diff --git a/app/login/login_form.php b/app/login/login_form.php index 072df17b..22e6bf9c 100755 --- a/app/login/login_form.php +++ b/app/login/login_form.php @@ -115,6 +115,30 @@ <div id="loginCheckPasskeys" class="col-xs-12 text-center"></div> <?php } ?> + <?php if(defined('IS_DEMO')) { ?> + + </div> + + <div class="alert alert-warning" style="width:400px;margin:auto;margin-top:30px;"> + <strong>Demo accounts:</strong> + <span class="pull-right"> + <!-- Place this tag where you want the +1 button to render --> + <g:plusone size="medium" class='pull-right'></g:plusone> + <!-- Place this render call where appropriate --> + <script type="text/javascript"> + (function() { + var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; + po.src = 'https://apis.google.com/js/plusone.js'; + var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); + })(); + </script> + </span> + <hr> + <strong>Admin demo:</strong> Admin / ipamadmin<br> + <strong>Viewer demo:</strong> demo / demo1234<br> + + <?php } ?> + </div> </form> diff --git a/app/subnets/scan/subnet-scan-execute-scan-icmp.php b/app/subnets/scan/subnet-scan-execute-scan-icmp.php index 4ea3fe7d..d825a717 100644 --- a/app/subnets/scan/subnet-scan-execute-scan-icmp.php +++ b/app/subnets/scan/subnet-scan-execute-scan-icmp.php @@ -3,6 +3,9 @@ # Check we have been included and not called directly require( dirname(__FILE__) . '/../../../functions/include-only.php' ); +# check if site is demo +$User->is_demo(); + /* * Discover new hosts with ping *******************************/ diff --git a/app/subnets/scan/subnet-scan-execute-scan-snmp-arp.php b/app/subnets/scan/subnet-scan-execute-scan-snmp-arp.php index 4ea92847..130e19ac 100644 --- a/app/subnets/scan/subnet-scan-execute-scan-snmp-arp.php +++ b/app/subnets/scan/subnet-scan-execute-scan-snmp-arp.php @@ -3,6 +3,9 @@ # Check we have been included and not called directly require( dirname(__FILE__) . '/../../../functions/include-only.php' ); +# check if site is demo +$User->is_demo(); + # Don't corrupt output with php errors! disable_php_errors(); diff --git a/app/subnets/scan/subnet-scan-execute-scan-telnet.php b/app/subnets/scan/subnet-scan-execute-scan-telnet.php index eacf5c39..b51e0f35 100755 --- a/app/subnets/scan/subnet-scan-execute-scan-telnet.php +++ b/app/subnets/scan/subnet-scan-execute-scan-telnet.php @@ -3,6 +3,9 @@ # Check we have been included and not called directly require( dirname(__FILE__) . '/../../../functions/include-only.php' ); +# check if site is demo +$User->is_demo(); + /* * Discover new hosts with telnet scan *******************************/ diff --git a/app/subnets/scan/subnet-scan-execute-snmp-mac.php b/app/subnets/scan/subnet-scan-execute-snmp-mac.php index cd4572d2..7cd4d8d0 100644 --- a/app/subnets/scan/subnet-scan-execute-snmp-mac.php +++ b/app/subnets/scan/subnet-scan-execute-snmp-mac.php @@ -3,6 +3,9 @@ # Check we have been included and not called directly require( dirname(__FILE__) . '/../../../functions/include-only.php' ); +# check if site is demo +$User->is_demo(); + # Don't corrupt output with php errors! disable_php_errors(); diff --git a/app/subnets/scan/subnet-scan-execute-snmp-route-all.php b/app/subnets/scan/subnet-scan-execute-snmp-route-all.php index 4216272a..e64bf950 100644 --- a/app/subnets/scan/subnet-scan-execute-snmp-route-all.php +++ b/app/subnets/scan/subnet-scan-execute-snmp-route-all.php @@ -3,6 +3,9 @@ # Check we have been included and not called directly require( dirname(__FILE__) . '/../../../functions/include-only.php' ); +# check if site is demo +$User->is_demo(); + # Don't corrupt output with php errors! disable_php_errors(); diff --git a/app/subnets/scan/subnet-scan-execute-snmp-route.php b/app/subnets/scan/subnet-scan-execute-snmp-route.php index 836a5c56..1e1ee65e 100644 --- a/app/subnets/scan/subnet-scan-execute-snmp-route.php +++ b/app/subnets/scan/subnet-scan-execute-snmp-route.php @@ -3,6 +3,9 @@ # Check we have been included and not called directly require( dirname(__FILE__) . '/../../../functions/include-only.php' ); +# check if site is demo +$User->is_demo(); + # Don't corrupt output with php errors! disable_php_errors(); diff --git a/app/subnets/scan/subnet-scan-execute-update-icmp.php b/app/subnets/scan/subnet-scan-execute-update-icmp.php index a61691a0..5ec099ce 100755 --- a/app/subnets/scan/subnet-scan-execute-update-icmp.php +++ b/app/subnets/scan/subnet-scan-execute-update-icmp.php @@ -3,6 +3,9 @@ # Check we have been included and not called directly require( dirname(__FILE__) . '/../../../functions/include-only.php' ); +# check if site is demo +$User->is_demo(); + /* * Update alive status of all hosts in subnet ***************************/ diff --git a/app/subnets/scan/subnet-scan-execute-update-snmp-arp.php b/app/subnets/scan/subnet-scan-execute-update-snmp-arp.php index cebeb6fb..26018906 100644 --- a/app/subnets/scan/subnet-scan-execute-update-snmp-arp.php +++ b/app/subnets/scan/subnet-scan-execute-update-snmp-arp.php @@ -3,6 +3,9 @@ # Check we have been included and not called directly require( dirname(__FILE__) . '/../../../functions/include-only.php' ); +# check if site is demo +$User->is_demo(); + # Don't corrupt output with php errors! disable_php_errors(); diff --git a/app/tools/user-menu/2fa_save.php b/app/tools/user-menu/2fa_save.php index 61d38132..0ac748ee 100644 --- a/app/tools/user-menu/2fa_save.php +++ b/app/tools/user-menu/2fa_save.php @@ -19,6 +19,8 @@ $ga = new PHPGangsta_GoogleAuthenticator(); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # validate csrf cookie $User->Crypto->csrf_cookie ("validate", "user-menu", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; diff --git a/app/tools/user-menu/user-edit.php b/app/tools/user-menu/user-edit.php index edbeb1fc..0224a5b3 100755 --- a/app/tools/user-menu/user-edit.php +++ b/app/tools/user-menu/user-edit.php @@ -19,6 +19,8 @@ $Password_check = new Password_check (); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # validate csrf cookie $User->Crypto->csrf_cookie ("validate", "user-menu", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; diff --git a/app/tools/user-menu/user-widgets-set.php b/app/tools/user-menu/user-widgets-set.php index 36e34878..233573a5 100755 --- a/app/tools/user-menu/user-widgets-set.php +++ b/app/tools/user-menu/user-widgets-set.php @@ -16,11 +16,12 @@ $User = new User ($Database); # verify that user is logged in $User->check_user_session(); +# check if site is demo +$User->is_demo(); # validate csrf cookie $User->Crypto->csrf_cookie ("validate", "user-menu", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; /* save widgets */ if (!$User->self_update_widgets ($_POST['widgets'])) { $Result->show("danger", _('Error updating'),true); } -else { $Result->show("success", _('Widgets updated'),true); } -?> \ No newline at end of file +else { $Result->show("success", _('Widgets updated'),true); } \ No newline at end of file diff --git a/functions/classes/class.User.php b/functions/classes/class.User.php index 7a92941b..515ad5ad 100644 --- a/functions/classes/class.User.php +++ b/functions/classes/class.User.php @@ -2083,6 +2083,21 @@ class User extends Common_functions { return $level=="0" ? "<span class='badge badge1 badge5 alert-danger'>"._($this->parse_permissions ($level))."</span>" : "<span class='badge badge1 badge5 alert-success'>"._($this->parse_permissions ($level))."</span>"; } + /** + * Stops script execution if demo flag is set. + * This is used to simplify updating of phpipam demo page + * + * Store below to config.php: + * define('IS_DEMO', true); + * + * @method is_demo + * @param bool $popup + * @return bool + */ + public function is_demo ($popup = false) { + !defined('IS_DEMO') ? : $this->Result->show("danger", "<h4>Demo website !</h4><hr>This script is disabled in demo page!", true, $popup); + } + } /** * Fake User object for install/scripts diff --git a/index.php b/index.php index a272f19b..46e7cf8a 100755 --- a/index.php +++ b/index.php @@ -72,9 +72,14 @@ else { <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-Control" content="no-cache, must-revalidate"> - <meta name="Description" content=""> <meta name="title" content="<?php print $title = $User->get_site_title ($_GET); ?>"> + <?php if(defined('IS_DEMO')) { ?> + <meta name="Description" content="phpIPAM demo page. phpIPAM is an open-source web IP address management application. Its goal is to provide light and simple IP address management application. It is ajax-based using jQuery libraries, it uses php scripts and javascript and some HTML5/CSS3 features. More info on phpipam website."> + <meta name="robots" content="index, follow"> + <?php } else { ?> <meta name="robots" content="noindex, nofollow"> + <meta name="Description" content=""> + <?php } ?> <meta http-equiv="X-UA-Compatible" content="IE=9" > <meta name="viewport" content="width=device-width, initial-scale=0.7, maximum-scale=1, user-scalable=yes"> @@ -129,6 +134,21 @@ else { <!-- jQuery UI --> <script src="js/jquery-ui-1.12.1.custom.min.js?v=<?php print SCRIPT_PREFIX; ?>"></script> + <?php if(defined('IS_DEMO')) { ?> + <!-- GA --> + <script type="text/javascript"> + var _gaq = _gaq || []; + _gaq.push(['_setAccount', 'UA-11778671-10']); + _gaq.push(['_trackPageview']); + (function() { + var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; + ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; + var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); + })(); + + </script> + <?php } ?> + </head> <!-- body --> -- GitLab