Project

General

Profile

Download (31 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/*
3
 * guiconfig.inc
4
 *
5
 * part of pfSense (https://www.pfsense.org)
6
 * Copyright (c) 2004-2013 BSD Perimeter
7
 * Copyright (c) 2013-2016 Electric Sheep Fencing
8
 * Copyright (c) 2014-2019 Rubicon Communications, LLC (Netgate)
9
 * All rights reserved.
10
 *
11
 * originally based on m0n0wall (http://m0n0.ch/wall)
12
 * Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
13
 * All rights reserved.
14
 *
15
 * Licensed under the Apache License, Version 2.0 (the "License");
16
 * you may not use this file except in compliance with the License.
17
 * You may obtain a copy of the License at
18
 *
19
 * http://www.apache.org/licenses/LICENSE-2.0
20
 *
21
 * Unless required by applicable law or agreed to in writing, software
22
 * distributed under the License is distributed on an "AS IS" BASIS,
23
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24
 * See the License for the specific language governing permissions and
25
 * limitations under the License.
26
 */
27

    
28
/* Include authentication routines */
29
/* THIS MUST BE ABOVE ALL OTHER CODE */
30
header("X-Frame-Options: SAMEORIGIN");
31
include_once('phpsessionmanager.inc');
32

    
33
function pfSense_csrf_callback() {
34
	include "csrf_error.php";
35
}
36

    
37
if (!$nocsrf) {
38
	function csrf_startup() {
39
		global $config;
40
		csrf_conf('rewrite-js', '/csrf/csrf-magic.js');
41
		$timeout_minutes = isset($config['system']['webgui']['session_timeout']) ? $config['system']['webgui']['session_timeout'] : 240;
42
		csrf_conf('expires', $timeout_minutes * 60);
43
		csrf_conf('callback', 'pfSense_csrf_callback');
44
	}
45
	require_once("csrf/csrf-magic.php");
46
	if ($_SERVER['REQUEST_METHOD'] == 'POST') {
47
		phpsession_end(true);
48
	}
49
}
50

    
51
/* make sure nothing is cached */
52
if (!$omit_nocacheheaders) {
53
	header("Expires: 0");
54
	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
55
	header("Cache-Control: no-cache, no-store, must-revalidate");
56
	header("Pragma: no-cache");
57
}
58

    
59
require_once("authgui.inc");
60

    
61
/* parse the configuration and include all configuration functions */
62
require_once("functions.inc");
63

    
64
/* Include the autoloader for all the GUI display classes */
65
require_once("classes/autoload.inc.php");
66

    
67
/* used by progress bar */
68
$lastseen = "-1";
69

    
70
$navlevelsep = ": ";	/* navigation level separator string */
71
$mandfldhtml = "";		/* display this before mandatory input fields */
72
$mandfldhtmlspc = "";	/* same as above, but with spacing */
73

    
74
if (!function_exists('set_language')) {
75
	require_once("pfsense-utils.inc");
76
}
77

    
78
set_language();
79

    
80
/* Some ajax scripts still need access to GUI */
81
if (!$ignorefirmwarelock) {
82
	if (is_subsystem_dirty('firmwarelock')) {
83
		if (!$d_isfwfile) {
84
			header("Location: system_update.php");
85
			exit;
86
		} else {
87
			return;
88
		}
89
	}
90
}
91

    
92
$firewall_rules_dscp_types = array(
93
	"af11",
94
	"af12",
95
	"af13",
96
	"af21",
97
	"af22",
98
	"af23",
99
	"af31",
100
	"af32",
101
	"af33",
102
	"af41",
103
	"af42",
104
	"af43",
105
	"VA",
106
	"EF",
107
	"cs1",
108
	"cs2",
109
	"cs3",
110
	"cs4",
111
	"cs5",
112
	"cs6",
113
	"cs7",
114
	"0x01",
115
	"0x02",
116
	"0x04");
117

    
118
$auth_server_types = array(
119
	'ldap' => "LDAP",
120
	'radius' => "RADIUS");
121

    
122
$ldap_urltypes = array(
123
	'TCP - Standard' => 389,
124
	'TCP - STARTTLS' => 389,
125
	'SSL - Encrypted' => 636);
126

    
127
$ldap_scopes = array(
128
	'one' => gettext("One Level"),
129
	'subtree' => gettext("Entire Subtree"));
130

    
131
$ldap_protvers = array(
132
	2,
133
	3);
134

    
135
$ldap_templates = array(
136

    
137
	'open' => array(
138
		'desc' => "OpenLDAP",
139
		'attr_user' => "cn",
140
		'attr_group' => "cn",
141
		'attr_member' => "member"),
142

    
143
	'msad' => array(
144
		'desc' => "Microsoft AD",
145
		'attr_user' => "samAccountName",
146
		'attr_group' => "cn",
147
		'attr_member' => "memberOf"),
148

    
149
	'edir' => array(
150
		'desc' => "Novell eDirectory",
151
		'attr_user' => "cn",
152
		'attr_group' => "cn",
153
		'attr_member' => "uniqueMember"));
154

    
155
$radius_srvcs = array(
156
	'both' => gettext("Authentication and Accounting"),
157
	'auth' => gettext("Authentication"),
158
	'acct' => gettext("Accounting"));
159

    
160
$radius_protocol = array(
161
	'PAP' => "PAP",
162
	'CHAP_MD5' => "MD5-CHAP",
163
	'MSCHAPv1' => "MS-CHAPv1",
164
	'MSCHAPv2' => "MS-CHAPv2");
165

    
166
$netbios_nodetypes = array(
167
	'0' => "none",
168
	'1' => "b-node",
169
	'2' => "p-node",
170
	'4' => "m-node",
171
	'8' => "h-node");
172

    
173
/* some well known ports */
174
$wkports = array(
175
	5999 => "CVSup",
176
	53 => "DNS",
177
	21 => "FTP",
178
	3000 => "HBCI",
179
	80 => "HTTP",
180
	443 => "HTTPS",
181
	5190 => "ICQ",
182
	113 => "IDENT/AUTH",
183
	143 => "IMAP",
184
	993 => "IMAP/S",
185
	4500 => "IPsec NAT-T",
186
	500 => "ISAKMP",
187
	1701 => "L2TP",
188
	389 => "LDAP",
189
	1755 => "MMS/TCP",
190
	7000 => "MMS/UDP",
191
	445 => "MS DS",
192
	3389 => "MS RDP",
193
	1512 => "MS WINS",
194
	1863 => "MSN",
195
	119 => "NNTP",
196
	123 => "NTP",
197
	138 => "NetBIOS-DGM",
198
	137 => "NetBIOS-NS",
199
	139 => "NetBIOS-SSN",
200
	1194 => "OpenVPN",
201
	110 => "POP3",
202
	995 => "POP3/S",
203
	1723 => "PPTP",
204
	1812 => "RADIUS",
205
	1813 => "RADIUS accounting",
206
	5004 => "RTP",
207
	5060 => "SIP",
208
	25 => "SMTP",
209
	465 => "SMTP/S",
210
	161 => "SNMP",
211
	162 => "SNMP-Trap",
212
	22 => "SSH",
213
	3478 => "STUN",
214
	587 => "SUBMISSION",
215
	3544 => "Teredo",
216
	23 => "Telnet",
217
	69 => "TFTP",
218
	5900 => "VNC");
219

    
220
/* TCP flags */
221
$tcpflags = array("fin", "syn", "rst", "psh", "ack", "urg", "ece", "cwr");
222

    
223
$specialnets = array(
224
	"(self)" => gettext("This Firewall"),
225
	"pppoe" => gettext("PPPoE clients"),
226
	"l2tp" => gettext("L2TP clients"));
227

    
228
$spiflist = get_configured_interface_with_descr(true);
229
foreach ($spiflist as $ifgui => $ifdesc) {
230
	$specialnets[$ifgui] = $ifdesc . " net";
231
	$specialnets[$ifgui . 'ip'] = $ifdesc . " address";
232
}
233

    
234
$medias = array(
235
	"auto" => gettext("autoselect"),
236
	"100full" => gettext("100BASE-TX full-duplex"),
237
	"100half" => gettext("100BASE-TX half-duplex"),
238
	"10full" => gettext("10BASE-T full-duplex"),
239
	"10half" => gettext("10BASE-T half-duplex"));
240

    
241
$wlan_modes = array(
242
	"bss" => gettext("Infrastructure (BSS)"),
243
	"adhoc" => gettext("Ad-hoc (IBSS)"),
244
	"hostap" => gettext("Access Point"));
245

    
246
function do_input_validation($postdata, $reqdfields, $reqdfieldsn, &$input_errors) {
247

    
248
	/* check for bad control characters */
249
	foreach ($postdata as $pn => $pd) {
250
		if (is_string($pd) && preg_match("/[\\x00-\\x08\\x0b\\x0c\\x0e-\\x1f]/", $pd)) {
251
			$input_errors[] = sprintf(gettext("The field %s contains invalid characters."), $pn);
252
		}
253
	}
254

    
255
	if (is_array($reqdfields)) {
256
		for ($i = 0; $i < count($reqdfields); $i++) {
257
			if ($postdata[$reqdfields[$i]] == "") {
258
				$input_errors[] = sprintf(gettext("The field %s is required."), $reqdfieldsn[$i]);
259
			}
260
		}
261
	}
262
}
263

    
264
function print_input_errors($input_errors) {
265
	echo '<div class="alert alert-danger input-errors">';
266
	echo '<p>' . gettext('The following input errors were detected:') . '</p>';
267
	echo '<ul>';
268

    
269
	foreach ($input_errors as $ierr) {
270
		echo '<li>' . htmlspecialchars($ierr) . '</li>';
271
	}
272

    
273
	echo '</ul>';
274
	echo '</div>';
275
}
276

    
277
function verify_gzip_file($fname) {
278
	$returnvar = mwexec("/usr/bin/gzip -t " . escapeshellarg($fname));
279
	if ($returnvar != 0) {
280
		return 0;
281
	} else {
282
		return 1;
283
	}
284
}
285

    
286
// sprint_info_box() returns a string with a formatted informational box, it does not print the box.
287
// To format and print in one step, call print_info_box() as usual.
288
// Any required button is explicitly created, rather than relying on the detection of certain
289
// strings in the message (such as "apply"). print_info_box_np() has been exterminated.
290
// $class = the bootstrap style class (default, info, warning, success, danger)
291
// $btnname and btntext describe the optional button and its display text, the default is an 'x' Close button.
292
// Note that there is also a shortcut function print_apply_box here that creates a standard "apply" box for you.
293
// In many cases just substitute that for print_info_box_np() to easily get a warning style "Apply changes" box.
294
function sprint_info_box($msg, $class="alert-warning", $btnname = "close", $btntext = "", $btnicon = "", $btnclass = "default") {
295

    
296
	if (strpos($class, "alert-") !== 0) {
297
		$class = 'alert-' . $class;
298
	}
299

    
300
	$msg = '<div class="pull-left">' . $msg . '</div>';
301

    
302
	if ($btnname === "close") {
303
		$msg = '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>' . $msg;
304
	} else if ($btnname != "") {
305
		if (empty($btntext)) {
306
			$btntext = $btnname;
307
		}
308
		if (!empty($btnicon)) {
309
			$btnicon = '<i class="fa ' . $btnicon . ' icon-embed-btn"></i>';
310
		}
311

    
312
		$msg .= '<form method="post" class="pull-right"><button type="submit" class="btn btn-' . $btnclass . '" name="'. $btnname . '" value="' . $btntext . '">' . $btnicon . $btntext . '</button>';
313

    
314
		if ( isset($_POST['if']) && !empty($_POST['if'])) {
315
			$msg .= "<input type=\"hidden\" name=\"if\" value=\"" . htmlspecialchars($_POST['if']) . "\" />";
316
		}
317

    
318
		$msg .= '</form>';
319
	}
320

    
321
	return '<div class="alert ' . $class . ' clearfix" role="alert">' . $msg . '</div>';
322
}
323

    
324
// Format and print an info box. See sprint_info_box() for details.
325
function print_info_box($msg, $class="alert-warning", $btnname = "close", $btntext = "", $btnicon = "", $btnclass = "default") {
326
	echo sprint_info_box($msg, $class, $btnname, $btntext, $btnicon, $btnclass);
327
}
328

    
329
function print_apply_box($msg) {
330
	print_info_box($msg, "warning", "apply", gettext("Apply Changes"), 'fa-check', 'success');
331
}
332

    
333
// Format and print a box reporting that changes have been applied
334
// $retval = status value from the functions called to apply the changes
335
// 0 is good
336
// non-zero is a problem
337
// $extra_text = optional extra text to display after the standard message
338
function print_apply_result_box($retval, $extra_text="") {
339
	$result_msg = get_std_save_message($retval);
340
	if ($retval === 0) {
341
		// 0 is success
342
		$severity = "success";
343
	} else {
344
		// non-zero means there was some problem
345
		$severity = "warning";
346
	}
347

    
348
	if (strlen($extra_text) > 0) {
349
		$result_msg .= " " . $extra_text;
350
	}
351
	print_info_box($result_msg, $severity);
352
}
353

    
354
/*
355
 * Print Bootstrap callout
356
 *
357
 * @param string $msg     message to display
358
 * @param string $class   contextual class, defaults to info (default | danger | warning | info)
359
 * @param string $heading optional callout heading
360
 */
361
function print_callout($msg, $class = 'info', $heading = '') {
362

    
363
	if ('' == $msg) {
364
		return;
365
	}
366
	$class = strtolower($class);
367
	$callout = '';
368

    
369
	if ($class != 'default' && $class != 'danger' && $class != 'warning' && $class != 'info') {
370
		$class = 'info';
371
	}
372
	$callout .= '<div class="bs-callout bs-callout-' . $class . '">';
373

    
374
	if ('' != $heading) {
375
		$callout .= '<h4>' . $heading . '</h4>';
376
	}
377
	$callout .= $msg . '</div>';
378
	echo $callout;
379
}
380

    
381
function get_std_save_message($retval) {
382
	$filter_related = false;
383
	$filter_pages = array("firewall_aliases", "firewall_nat", "firewall_rules", "status_logs_filter");
384
	if ($retval === 0) {
385
		// 0 is success
386
		$to_return = gettext("The changes have been applied successfully.");
387
	} else {
388
		// non-zero means there was some problem
389
		$to_return = sprintf(gettext('There was a problem applying the changes. See the %1$sSystem Logs%2$s.'), '<a href="status_logs.php">', '</a>');
390
	}
391
	foreach ($filter_pages as $fp) {
392
		if (stristr($_SERVER['SCRIPT_FILENAME'], $fp)) {
393
			$filter_related = true;
394
		}
395
	}
396
	if ($filter_related) {
397
		$to_return .= " " . gettext("The firewall rules are now reloading in the background.") . "<br />" .
398
		    sprintf(gettext('%1$sMonitor%2$s the filter reload progress.'), "<a href='status_filter_reload.php'>", "</a>");
399
	}
400
	return $to_return;
401
}
402

    
403
function pprint_address($adr) {
404
	global $specialnets;
405

    
406
	if (isset($adr['any'])) {
407
		$padr = "*";
408
	} else if ($adr['network']) {
409
		$padr = $specialnets[$adr['network']];
410
	} else {
411
		$padr = $adr['address'];
412
	}
413

    
414
	if (isset($adr['not'])) {
415
		$padr = "! " . $padr;
416
	}
417

    
418
	return $padr;
419
}
420

    
421
function pprint_port($port) {
422
	global $wkports;
423

    
424
	$pport = "";
425

    
426
	if (!$port) {
427
		return "*";
428
	} else {
429
		$srcport = explode("-", $port);
430
		if ((!$srcport[1]) || ($srcport[0] == $srcport[1])) {
431
			$pport = $srcport[0];
432
			if ($wkports[$srcport[0]]) {
433
				$pport .= " (" . $wkports[$srcport[0]] . ")";
434
			}
435
		} else {
436
			$pport .= $srcport[0] . " - " . $srcport[1];
437
		}
438
	}
439

    
440
	return $pport;
441
}
442

    
443
function insert_word_breaks_in_domain_name($domain_name) {
444
	return str_replace('.', '<wbr>.', $domain_name);
445
}
446

    
447
function firewall_check_for_advanced_options(&$item) {
448
	$item_set = "";
449
	if ($item['os']) {
450
			$item_set .= "os " . htmlspecialchars($item['os']) . " ";
451
	}
452
	if ($item['dscp']) {
453
		$item_set .= "dscp " . htmlspecialchars($item['dscp']) . " ";
454
	}
455
	if ($item['max']) {
456
		$item_set .= "max " . htmlspecialchars($item['max']) . " ";
457
	}
458
	if ($item['max-src-nodes']) {
459
		$item_set .= "max-src-nodes " . htmlspecialchars($item['max-src-nodes']) . " ";
460
	}
461
	if ($item['max-src-conn']) {
462
		$item_set .= "max-src-conn " . htmlspecialchars($item['max-src-conn']) . " ";
463
	}
464
	if ($item['max-src-states']) {
465
		$item_set .= "max-src-states " . htmlspecialchars($item['max-src-states']) . " ";
466
	}
467
	if (isset($item['nopfsync'])) {
468
		$item_set .= "nopfsync ";
469
	}
470
	if ($item['statetype'] != "keep state" && $item['statetype'] != "") {
471
		$item_set .= "statetype " . htmlspecialchars($item['statetype']) . " ";
472
	}
473
	if ($item['statetimeout']) {
474
		$item_set .= "statetimeout " . htmlspecialchars($item['statetimeout']) . " ";
475
	}
476
	if (isset($item['nosync'])) {
477
		$item_set .= "no XMLRPC Sync ";
478
	}
479
	if ($item['max-src-conn-rate']) {
480
		$item_set .= "max-src-conn-rate " . htmlspecialchars($item['max-src-conn-rate']) . " ";
481
	}
482
	if ($item['max-src-conn-rates']) {
483
		$item_set .= "max-src-conn-rates " . htmlspecialchars($item['max-src-conn-rates']) . " ";
484
	}
485
	if ($item['vlanprio']) {
486
		$item_set .= "vlanprio " . htmlspecialchars($item['vlanprio']) . " ";
487
	}
488
	if ($item['vlanprioset']) {
489
		$item_set .= "vlanprioset " . htmlspecialchars($item['vlanprioset']) . " ";
490
	}
491
	if ($item['gateway']) {
492
		$item_set .= "gateway " . htmlspecialchars($item['gateway']) . " ";
493
	}
494
	if ($item['dnpipe']) {
495
		$item_set .= "limiter " . htmlspecialchars($item['dnpipe']) . " ";
496
	}
497
	if ($item['pdnpipe']) {
498
		$item_set .= "limiter " . htmlspecialchars($item['pdnpipe']) . " ";
499
	}
500
	if ($item['ackqueue']) {
501
		$item_set .= "ackqueue " . htmlspecialchars($item['ackqueue']) . " ";
502
	}
503
	if ($item['defaultqueue']) {
504
		$item_set .= "defaultqueue " . htmlspecialchars($item['defaultqueue']) . " ";
505
	}
506
	if ($item['tag']) {
507
		$item_set .= "tag " . htmlspecialchars($item['tag']) . " ";
508
	}
509
	if ($item['tagged']) {
510
		$item_set .= "tagged " . htmlspecialchars($item['tagged']) . " ";
511
	}
512
	if (isset($item['allowopts'])) {
513
		$item_set .= "allowopts ";
514
	}
515
	if (isset($item['disablereplyto'])) {
516
		$item_set .= "disable reply-to ";
517
	}
518
	if ($item['tcpflags_any'] || $item['tcpflags1'] || $item['tcpflags2']) {
519
		$item_set .= "tcpflags set";
520
	}
521

    
522
	return $item_set;
523
}
524

    
525
function gentitle($title) {
526
	global $navlevelsep;
527
	if (!is_array($title)) {
528
		return $title;
529
	} else {
530
		return join($navlevelsep, $title);
531
	}
532
}
533

    
534
function genhtmltitle($title, $links=true) {
535
	if (is_array($title)) {
536
		$num_crumbs = count($title);
537
	} else if ($title != NULL) {
538
		$num_crumbs = 1;
539
	} else {
540
		$num_crumbs = 0;
541
	}
542

    
543
	// If the array contains only one element, there are no breadcrumbs, so don't
544
	// add anything else
545
	if ($num_crumbs > 1) {
546
		$bc = '<ol class="breadcrumb">';
547

    
548
		if (!is_array($links)) {
549
			$gen_default = ($links === true);
550
			$links = array_fill(0, $num_crumbs, '');
551
			// If no links passed, then default to a link to self on the last entry.
552
			if ($gen_default) {
553
				$links[$num_crumbs-1] = '@self';
554
			}
555
		}
556

    
557
		foreach ($title as $idx => $el) {
558
			$href = $links[$idx];
559
			if (strlen($href) > 0) {
560
				// For convenience, if the caller specifies '@self' then make a link
561
				// to the current page, including any query string.
562
				if ($href == '@self') {
563
					$href = $_SERVER['REQUEST_URI'];
564
				}
565
				if (substr($href, 0, 1) != '/') {
566
					$href = '/' . $href;
567
				}
568
				$bc .= '<li><a href="' . htmlentities($href) . '">' . $el . '</a></li>';
569
			} else {
570
				$bc .= '<li>' . $el . '</li>';
571
			}
572
		}
573

    
574
		$bc .= '</ol>';
575
	} else {
576
		$bc = "";
577
	}
578

    
579
	return $bc;
580
}
581

    
582
function gen_customwidgettitle_div($widgettitle) {
583
	$divstr = '<div class="form-group">';
584
	$divstr .= '  <label for="descr" class="col-sm-4 control-label">' . gettext('Widget title'). '</label>';
585
	$divstr .= '  <div class="col-sm-4">';
586
	$divstr .= '    <input type="text" name="descr" id="descr" value="'. $widgettitle . '" class="form-control" />';
587
	$divstr .= '  </div>';
588
	$divstr .= '</div>';
589

    
590
	return $divstr;
591
}
592

    
593
function set_customwidgettitle(& $user_settings) {
594
	if ($_POST['descr']) {
595
		$user_settings['widgets'][$_POST['widgetkey']]['descr'] = trim($_POST['descr']);
596
	} else {
597
		unset($user_settings['widgets'][$_POST['widgetkey']]['descr']);
598
	}
599
}
600

    
601
/* update the changedesc and changecount(er) variables */
602
function update_changedesc($update) {
603
	global $changedesc;
604
	global $changecount;
605

    
606
	$changedesc .= " {$update}";
607
	$changecount++;
608
}
609

    
610
/* Check if variable has changed, update and log if it has
611
 * returns true if var changed
612
 * varname = variable name in plain text
613
 * orig = original value
614
 * new = new value
615
 */
616
function update_if_changed($varname, & $orig, $new) {
617
	if (is_array($orig) && is_array($new)) {
618
		$a_diff = array_diff($orig, $new);
619
		foreach ($a_diff as $diff) {
620
			update_changedesc("removed {$varname}: \"{$diff}\"");
621
		}
622
		$a_diff = array_diff($new, $orig);
623
		foreach ($a_diff as $diff) {
624
			update_changedesc("added {$varname}: \"{$diff}\"");
625
		}
626
		$orig = $new;
627
		return true;
628

    
629
	} else {
630
		if ($orig != $new) {
631
			update_changedesc("{$varname}: \"{$orig}\" -> \"{$new}\"");
632
			$orig = $new;
633
			return true;
634
		}
635
	}
636
	return false;
637
}
638

    
639
function address_to_pconfig($adr, &$padr, &$pmask, &$pnot, &$pbeginport, &$pendport) {
640
	if (isset($adr['any'])) {
641
		$padr = "any";
642
	} else if ($adr['network']) {
643
		$padr = $adr['network'];
644
	} else if ($adr['address']) {
645
		list($padr, $pmask) = explode("/", $adr['address']);
646
		if (!$pmask) {
647
			if (is_ipaddrv6($padr)) {
648
				$pmask = 128;
649
			} else {
650
				$pmask = 32;
651
			}
652
		}
653
	}
654

    
655
	if (isset($adr['not'])) {
656
		$pnot = 1;
657
	} else {
658
		$pnot = 0;
659
	}
660

    
661
	if ($adr['port']) {
662
		list($pbeginport, $pendport) = explode("-", $adr['port']);
663
		if (!$pendport) {
664
			$pendport = $pbeginport;
665
		}
666
	} else if (!is_alias($pbeginport) && !is_alias($pendport)) {
667
		$pbeginport = "any";
668
		$pendport = "any";
669
	}
670
}
671

    
672
function pconfig_to_address(&$adr, $padr, $pmask, $pnot = false, $pbeginport = 0, $pendport = 0) {
673
	$adr = array();
674

    
675
	if ($padr == "any") {
676
		$adr['any'] = true;
677
	} else if (is_specialnet($padr)) {
678
		$adr['network'] = $padr;
679
	} else {
680
		$adr['address'] = $padr;
681
		if (is_ipaddrv6($padr)) {
682
			if ($pmask != 128) {
683
				$adr['address'] .= "/" . $pmask;
684
			}
685
		} else {
686
			if ($pmask != 32) {
687
				$adr['address'] .= "/" . $pmask;
688
			}
689
		}
690
	}
691

    
692
	if ($pnot) {
693
		$adr['not'] = true;
694
	} else {
695
		unset($adr['not']);
696
	}
697

    
698
	if (($pbeginport != 0) && ($pbeginport != "any")) {
699
		if ($pbeginport != $pendport) {
700
			$adr['port'] = $pbeginport . "-" . $pendport;
701
		} else {
702
			$adr['port'] = $pbeginport;
703
		}
704
	}
705

    
706
	/*
707
	 * If the port is still unset, then it must not be numeric, but could
708
	 * be an alias or a well-known/registered service.
709
	 * See https://redmine.pfsense.org/issues/8410
710
	 */
711
	if (!isset($adr['port']) && is_port_or_alias($pbeginport)) {
712
		$adr['port'] = $pbeginport;
713
	}
714
}
715

    
716
function is_specialnet($net) {
717
	global $specialsrcdst;
718

    
719
	if (!$net) {
720
		return false;
721
	}
722
	if (in_array($net, $specialsrcdst)) {
723
		return true;
724
	} else {
725
		return false;
726
	}
727
}
728

    
729
//function to create widget tabs when called
730
function display_widget_tabs(& $tab_array) {
731
	echo "<div id=\"tabs\">";
732
	$tabscounter = 0;
733
	foreach ($tab_array as $ta) {
734
		$dashpos = strpos($ta[2], '-');
735
		$tabname = $ta[2] . "-tab";
736
		$tabclass = substr($ta[2], 0, $dashpos);
737
		$tabclass = $tabclass . "-class";
738
		if ($ta[1] == true) {
739
			$tabActive = "table-cell";
740
			$tabNonActive = "none";
741
		} else {
742
			$tabActive = "none";
743
			$tabNonActive = "table-cell";
744
		}
745
		echo "<div id=\"{$ta[2]}-active\" class=\"{$tabclass}-tabactive\" style=\"display:{$tabActive}; background-color:#EEEEEE; color:black;\">";
746
		echo "<b>&nbsp;&nbsp;&nbsp;{$ta[0]}";
747
		echo "&nbsp;&nbsp;&nbsp;</b>";
748
		echo "</div>";
749

    
750
		echo "<div id=\"{$ta[2]}-deactive\" class=\"{$tabclass}-tabdeactive\" style=\"display:{$tabNonActive}; background-color:#777777; color:white; cursor: pointer;\" onclick=\"return changeTabDIV('{$ta[2]}')\">";
751
		echo "<b>&nbsp;&nbsp;&nbsp;{$ta[0]}";
752
		echo "&nbsp;&nbsp;&nbsp;</b>";
753
		echo "</div>";
754
	}
755
	echo "</div>";
756
}
757

    
758

    
759
// Return inline javascript file or CSS to minimize
760
// request count going back to server.
761
function outputJavaScriptFileInline($javascript) {
762
	if (file_exists($javascript)) {
763
		echo "\n<script type=\"text/javascript\">\n";
764
		include_once($javascript);
765
		echo "\n</script>\n";
766
	} else {
767
		echo "\n\n<!-- Could not locate file:  {$javascript} -->\n\n";
768
	}
769
}
770

    
771

    
772

    
773
function outputCSSPrintFileInline($css) {
774
	if (file_exists($css)) {
775
		echo "\n<style media=\"print\" type=\"text/css\">\n";
776
		include_once($css);
777
		echo "\n</style>\n";
778
	} else {
779
		echo "\n\n<!-- Could not locate file:  {$css} -->\n\n";
780
	}
781
}
782

    
783

    
784
function outputCSSFileInline($css) {
785
	if (file_exists($css)) {
786
		echo "\n<style type=\"text/css\">\n";
787
		include_once($css);
788
		echo "\n</style>\n";
789
	} else {
790
		echo "\n\n<!-- Could not locate file:  {$css} -->\n\n";
791
	}
792
}
793

    
794
$rfc2616 = array(
795
	100 => "100 Continue",
796
	101 => "101 Switching Protocols",
797
	200 => "200 OK",
798
	201 => "201 Created",
799
	202 => "202 Accepted",
800
	203 => "203 Non-Authoritative Information",
801
	204 => "204 No Content",
802
	205 => "205 Reset Content",
803
	206 => "206 Partial Content",
804
	300 => "300 Multiple Choices",
805
	301 => "301 Moved Permanently",
806
	302 => "302 Found",
807
	303 => "303 See Other",
808
	304 => "304 Not Modified",
809
	305 => "305 Use Proxy",
810
	306 => "306 (Unused)",
811
	307 => "307 Temporary Redirect",
812
	400 => "400 Bad Request",
813
	401 => "401 Unauthorized",
814
	402 => "402 Payment Required",
815
	403 => "403 Forbidden",
816
	404 => "404 Not Found",
817
	405 => "405 Method Not Allowed",
818
	406 => "406 Not Acceptable",
819
	407 => "407 Proxy Authentication Required",
820
	408 => "408 Request Timeout",
821
	409 => "409 Conflict",
822
	410 => "410 Gone",
823
	411 => "411 Length Required",
824
	412 => "412 Precondition Failed",
825
	413 => "413 Request Entity Too Large",
826
	414 => "414 Request-URI Too Long",
827
	415 => "415 Unsupported Media Type",
828
	416 => "416 Requested Range Not Satisfiable",
829
	417 => "417 Expectation Failed",
830
	500 => "500 Internal Server Error",
831
	501 => "501 Not Implemented",
832
	502 => "502 Bad Gateway",
833
	503 => "503 Service Unavailable",
834
	504 => "504 Gateway Timeout",
835
	505 => "505 HTTP Version Not Supported"
836
);
837

    
838
function is_rfc2616_code($code) {
839
	global $rfc2616;
840
	if (isset($rfc2616[$code])) {
841
		return true;
842
	} else {
843
		return false;
844
	}
845
}
846

    
847
function print_rfc2616_select($tag, $current) {
848
	global $rfc2616;
849

    
850
	/* Default to 200 OK if not set */
851
	if ($current == "") {
852
		$current = 200;
853
	}
854

    
855
	echo "<select id=\"{$tag}\" name=\"{$tag}\">\n";
856
	foreach ($rfc2616 as $code => $message) {
857
		if ($code == $current) {
858
			$sel = " selected";
859
		} else {
860
			$sel = "";
861
		}
862
		echo "<option value=\"{$code}\"{$sel}>{$message}</option>\n";
863
	}
864
	echo "</select>\n";
865
}
866

    
867
// Useful debugging function, much cleaner than print_r
868
function echo_array($array, $return_me = false) {
869
	if (is_array($array) == false) {
870
		$return = "The provided variable is not an array.";
871
	} else {
872
		foreach ($array as $name=>$value) {
873
			if (is_array($value)) {
874
				$return .= "";
875
				$return .= "['<b>$name</b>'] {<div style=\"margin-left:10px;\">\n";
876
				$return .= echo_array($value, true);
877
				$return .= "</div>}";
878
				$return .= "\n\n";
879
			} else {
880
				if (is_string($value)) {
881
					$value = "\"$value\"";
882
				}
883
				$return .= "['<b>$name</b>'] = $value\n\n";
884
			}
885
		}
886
	}
887
	if ($return_me == true) {
888
		return $return;
889
	} else {
890
		echo "<pre>".$return."</pre>";
891
	}
892
}
893

    
894
/****f* pfsense-utils/display_top_tabs
895
 * NAME
896
 *	 display_top_tabs - display tabs with rounded edges
897
 * INPUTS
898
 *	 $text	  - array of tabs
899
 * RESULT
900
 *	 null
901
 ******/
902
function display_top_tabs(& $tab_array, $no_drop_down = false, $type = 'pills', $usepost = "") {
903
	global $config;
904
	global $g;
905
	global $tab_array_indent;
906
	global $tab_array_space;
907
	global $tab_array_char_limit;
908

    
909
	/*	does the user have access to this tab?
910
	 *	master user has access to everything.
911
	 *	if the user does not have access, simply
912
	 *	unset the tab item.
913
	 */
914

    
915
	/* empty string code */
916
	if ($tab_array_indent == '') {
917
		$tab_array_indent = 0;
918
	}
919

    
920
	if ($tab_array_space == '') {
921
		$tab_array_space = 1;
922
	}
923

    
924
	if ($tab_array_char_limit == '') {
925
		$tab_array_char_limit = 256;
926
	}
927

    
928
	foreach ($tab_array as $tab_id => $ta) {
929
		if (!isAllowedPage($ta[2])) {
930
			unset ($tab_array[$tab_id]);
931
		}
932
	}
933

    
934
	$tab_active_bg	 = "#EEEEEE";
935
	$tab_inactive_bg = "#777777";
936
	$nifty_tabs_corners = "#FFF";
937
	$font_color = "white";
938

    
939
	$tabcharcount = 0;
940
	foreach ($tab_array as $ta) {
941
		$tabcharcount = $tabcharcount + strlen($ta[0]);
942
	}
943

    
944
	if ($no_drop_down == true) {
945
		$tabcharcount = 0;
946
		unset($tab_array_char_limit);
947
	}
948

    
949
	// If the character count of the tab names is > 670
950
	// then show a select item dropdown menubox.
951
	if ($tabcharcount > $tab_array_char_limit) {
952
		echo gettext("Currently viewing: ");
953
		echo "<select name=\"TabSelect\" onchange=\"tabs_will_go(this)\">\n";
954

    
955
		foreach ($tab_array as $ta) {
956
			if ($ta[1] == "true") {
957
				$selected = " selected";
958
			} else {
959
				$selected = "";
960
			}
961
			// Onclick in option will not work in some browser
962
			// echo "<option onclick=\"document.location='{$ta[2]}';\"{$selected}>{$ta['0']}</option>\n";
963
			echo "<option value=\"{$ta[2]}\"{$selected}>{$ta['0']}</option>\n";
964
		}
965

    
966
		echo "</select>\n<p>&nbsp;</p>";
967
		echo "<script type=\"text/javascript\">";
968
		echo "\n//<![CDATA[\n";
969
		if ($usepost == 'usepost') {
970
			echo " function tabs_will_go(obj){ var target = obj.value.split(\"?\"); postSubmit(get2post(target[1]),target[0]); }\n";
971
		} else {
972
			echo " function tabs_will_go(obj){ document.location = obj.value; }\n";
973
		}
974
		echo "//]]>\n";
975
		echo "</script>";
976
	} else {
977
		echo '<ul class="nav nav-' . $type . '">';
978

    
979
		foreach ($tab_array as $ta) {
980
			echo '<li role="presentation"';
981
			if ($ta[1]) {
982
				echo ' class="active"';
983
			}
984

    
985
			echo '><a href="' . $ta[2] . '" ' . $usepost . '>' . $ta[0] . '</a></li>';
986
		}
987

    
988
		echo '</ul>';
989
	}
990
}
991

    
992
function add_package_tabs($tabgroup, &$tab_array) {
993
	global $config, $g;
994

    
995
	if (!isset($config['installedpackages']['package'])) {
996
		return;
997
	}
998

    
999
	foreach ($config['installedpackages']['package'] as $pkg) {
1000
		if (!is_array($pkg['tabs']['tab'])) {
1001
			continue;
1002
		}
1003

    
1004
		foreach ($pkg['tabs']['tab'] as $tab) {
1005
			if ($tab['tabgroup'] != $tabgroup) {
1006
				continue;
1007
			}
1008
			$tab_entry = array();
1009
			if ($tab['name']) {
1010
				$tab_entry[] = $tab['name'];
1011
				$tab_entry[] = false;
1012
				$tab_entry[] = $tab['url'];
1013
				$tab_array[] = $tab_entry;
1014
			}
1015
		}
1016
	}
1017
}
1018

    
1019
function alias_info_popup($alias_id) {
1020
	global $config, $user_settings;
1021

    
1022
	if (!is_array($config['aliases']['alias'][$alias_id])) {
1023
		return;
1024
	}
1025

    
1026
	$maxlength = 60;
1027
	$alias = $config['aliases']['alias'][$alias_id];
1028
	$content = "";
1029

    
1030
	if ($user_settings['webgui']['disablealiaspopupdetail']) {
1031
		if (strlen($alias['descr']) >= $maxlength) {
1032
			$alias['descr'] = substr($alias['descr'], 0, $maxlength) . '&hellip;';
1033
		}
1034

    
1035
		$content .= $alias['descr'];
1036
	} else if ($alias['url']) {
1037
		// TODO: Change it when pf supports tables with ports
1038
		if ($alias['type'] == "urltable") {
1039
			exec("/sbin/pfctl -t {$alias['name']} -T show | wc -l", $total_entries);
1040
			$counter=preg_replace("/\D/", "", $total_entries[0]);
1041
			exec("/sbin/pfctl -t {$alias['name']} -T show | head -10002", $alias_addresses);
1042
		} else {
1043
			$urlfn = alias_expand_urltable($alias['name']);
1044
			$alias_addresses = explode("\n", file_get_contents($urlfn));
1045
			$counter = count($alias_addresses);
1046
		}
1047

    
1048
		$content .= '<h5>'. $alias['url'] .'</h5><ul><li>'. implode('</li><li>', $alias_addresses) .'</li></ul>';
1049
		if ($counter > 10002) {
1050
			$content .= '<i>'. gettext("listing only first 10k items") .'</i>';
1051
		}
1052
	} else {
1053
		$alias_addresses = explode (" ", $alias['address']);
1054
		$alias_details = explode ("||", $alias['detail']);
1055
		$idx = 0;
1056

    
1057
		$content .= "<table>\n";
1058
		$content .= "<thead>\n";
1059
		$content .= "<tr>\n";
1060
		$content .= "<th>" . gettext("Value") . "</th><th  style='padding-left: 10px;'>" . gettext("Description") . "</th></tr>\n";
1061
		$content .= "</thead>\n";
1062
		$content .= "<tbody>\n";
1063

    
1064
		foreach ($alias_addresses as $ap) {
1065
			$content .= "	<tr>\n";
1066
			$content .= "		<td>\n";
1067
			$content .= 			$ap;
1068
			$content .=	"		</td>\n";
1069
			$content .= "		<td style='padding-left: 10px;'>\n";
1070
			$content .= 			htmlspecialchars($alias_details[$idx]);
1071
			$content .=	"		</td>\n";
1072
			$content .= "	</tr>\n";
1073
			$idx++;
1074
		}
1075

    
1076
		$content .= "</tbody>\n";
1077
		$content .= "<table>\n";
1078
	}
1079

    
1080
	return $content;
1081
}
1082

    
1083
function rule_columns_with_alias($src, $srcport, $dst, $dstport, $target="", $targetport="") {
1084
	global $config;
1085

    
1086
	if ($config['aliases']['alias'] == "" || !is_array($config['aliases']['alias'])) {
1087
		return;
1088
	}
1089

    
1090
	$columns = array();
1091
	foreach ($config['aliases']['alias'] as $alias_id => $alias_name) {
1092
		if ($alias_name['name'] == $src) {
1093
			$columns['src'] = $alias_id;
1094
		}
1095
		if ($alias_name['name'] == $srcport) {
1096
			$columns['srcport'] = $alias_id;
1097
		}
1098
		if ($alias_name['name'] == $dst) {
1099
			$columns['dst'] = $alias_id;
1100
		}
1101
		if ($alias_name['name'] == $dstport) {
1102
			$columns['dstport'] = $alias_id;
1103
		}
1104
		if ($alias_name['name'] == $target) {
1105
			$columns['target'] = $alias_id;
1106
		}
1107
		if ($alias_name['name'] == $targetport) {
1108
			$columns['targetport'] = $alias_id;
1109
		}
1110
	}
1111

    
1112
	return $columns;
1113
}
1114

    
1115
function form_output_row($name, $label, $content) {
1116
var_dump($content);die;
1117
?>
1118
<div class="form-group">
1119
	<label for="<?=$name?>" class="col-sm-2 control-label"><?=gettext($label); ?></label>
1120
	<div class="col-sm-10">
1121
		<?=$content?>
1122
	</div>
1123
</div>
1124
<?php
1125
}
1126

    
1127
function set_flash_message($class, $msg) {
1128
	@phpsession_begin();
1129
	$_SESSION['flash_messages'][$class][] = $msg;
1130
	@phpsession_end(true);
1131
}
1132

    
1133
function get_flash_message() {
1134
	@phpsession_begin();
1135
	if (isset($_SESSION['flash_messages']) && !empty($_SESSION['flash_messages'])) {
1136
		foreach ($_SESSION['flash_messages'] as $class => $flash_message) {
1137
			print_info_box(implode("<br />", $flash_message), $class);
1138
		}
1139
		unset($_SESSION['flash_messages']);
1140
	}
1141
	@phpsession_end(true);
1142
}
1143

    
1144
/* Retrieve GET or POST Value/State
1145
 * Eample Usage:
1146
 * $value = getGETPOSTsettingvalue('get/post parameter name', "");
1147
 * $value = getGETPOSTsettingvalue('get/post parameter name', null);
1148
 * $state = getGETPOSTsettingvalue('get/post parameter name', null);
1149
 * $state = getGETPOSTsettingvalue('get/post parameter name', false);
1150
 */
1151
function getGETPOSTsettingvalue($settingname, $default) {
1152
	$settingvalue = $default;
1153
	if ($_GET[$settingname]) {
1154
		$settingvalue = $_GET[$settingname];
1155
	}
1156
	if ($_POST[$settingname]) {
1157
		$settingvalue = $_POST[$settingname];
1158
	}
1159
	return $settingvalue;
1160
}
1161

    
1162
/* set timezone */
1163
if (isset($config['system']['timezone']) &&
1164
    !empty($config['system']['timezone'])) {
1165
	$timezone = $config['system']['timezone'];
1166
} elseif (isset($g['default_timezone']) && !empty($g['default_timezone'])) {
1167
	$timezone = $g['default_timezone'];
1168
} else {
1169
	$timezone = "Etc/UTC";
1170
}
1171

    
1172
/* Remove files we do not want to see in a crash report */
1173
function cleanup_crash_file_list() {
1174
	$files = glob("/var/crash/*");
1175
	if (!is_array($files) || empty($files)) {
1176
		return array();
1177
	}
1178

    
1179
	$exclude_patterns = array(
1180
		'.*.last',
1181
		'bounds',
1182
		'minfree'
1183
	);
1184

    
1185
	foreach ($files as $idx => $fb) {
1186
		if (preg_match('/' . implode('|', $exclude_patterns) . '/', basename($fb)) == 1) {
1187
			unset($files[$idx]);
1188
		}
1189
	}
1190

    
1191
	return $files;
1192
}
1193

    
1194
function system_has_crash_data() {
1195
	/* Test if there are any crash data files present */
1196
	return count(cleanup_crash_file_list()) > 0;
1197
}
1198

    
1199
function system_has_php_errors() {
1200
	/* Check if the PHP error log is empty. Cast to int in case the file
1201
	 * does not exist and filesize() returns false. */
1202
	return (int) @filesize("/tmp/PHP_errors.log") > 0;
1203
}
1204

    
1205
date_default_timezone_set($timezone);
1206

    
1207
?>
(67-67/227)