andytan91
-
Posts
43 -
Joined
-
Last visited
Never
Everything posted by andytan91
-
Assigning and designing user levels question
andytan91 replied to andytan91's topic in PHP Coding Help
Well i am doing a project on a web based auditing toolkit. There will be a role called system administrator. That account will be able to create accounts based on the 7 privileges defined above... -
Hey guys right now i am designing permission, basically system administrator can create a new user and assign any combinations of the 7 different types of privileges to him as defined below. I realized that if i am going to define the total amount of possible user levels, it would be unrealistic to code 5040 if-else statements. Can any kind soul tell me if there is another method for assign user levels? THanks! define('Edit_Policy_and_Save_Templates', 1); define('Show_Policy_Specs', 2); define('Run_Policy', 4); define('Create_Account', ; define('Edit_Roles', 32); define('Generate_Read_Report', 64); define('Trace_Past', 128); $user_level = Edit_Policy_and_Save_Templates; $user_level1 = Edit_Policy_and_Save_Templates + Show_Policy_Specs; $user_level2 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy; $user_level3 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account; $user_level5 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles; $user_level6 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles + Generate_Read_Report; $user_level7 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles + Generate_Read_Report + Trace_Past; <?php if (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "1") { { ?> <p><a href="Changepass.php">Auditee Change Password</a> <p><a href="auditmenu.php">Perform Audit Checks</A> <p><a href="logout.php">Logout</A> <?php } } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "2") { { ?> <p><a href="Changepass.php">Generate/Read Report</a><p> <p><a href="Changepass.php">Auditor Change Password</a><p> <p><a href="logout.php">Logout</A> <?php } } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "3") { { ?> <p><a href="createaccounts.php">Create accounts</a><p> <p><a href="editroles.php">Edit Roles</a><p> <a href="Changepass.php">System Administrator Change Password</a><p> <p><a href="logout.php">Logout</A> <?php } } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "4") { { ?> <p><a href="showpolicy.php">Show Policy Specs</a><p> <p><a href="editpolicy.php">Edit Policy and Save Template</a><p> <p><a href="Changepass.php">Security Administrator Change Password</a><p> <p><a href="logout.php">Logout</A> <?php } } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="logout.php">Logout</A> <p><a href="Changepass.php">Change Password</a> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level1 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Show Policy Specs</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level2 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Show Policy Specs</a><p> <p><a href="createaccounts.php">Run Policy</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level3 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Show Policy Specs</a><p> <p><a href="createaccounts.php">Run Policy</a><p> <p><a href="createaccounts.php">Create Account</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level5 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Show Policy Specs</a><p> <p><a href="createaccounts.php">Run Policy</a><p> <p><a href="createaccounts.php">Create Account</a><p> <p><a href="editroles.php">Edit Roles</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level6 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Show Policy Specs</a><p> <p><a href="createaccounts.php">Run Policy</a><p> <p><a href="createaccounts.php">Create Account</a><p> ><p><a href="editroles.php">Edit Roles</a><p> <p><a href="createaccounts.php">Generate Read Report</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level7 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Show Policy Specs</a><p> <p><a href="createaccounts.php">Run Policy</a><p> <p><a href="createaccounts.php">Create Account</a><p> <p><a href="editroles.php">Edit Roles</a><p> <p><a href="createaccounts.php">Generate Read Report</a><p> <p><a href="createaccounts.php">Trace Past</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level8 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Run Policy</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level9 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Run Policy</a><p> <p><a href="createaccounts.php">Create Account</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php } elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5") { { if($user_level11 == $_SESSION['Permission']) { ?> <p><a href="createaccounts.php">Edit Policy and Save Template</a><p> <p><a href="createaccounts.php">Run Policy</a><p> <p><a href="createaccounts.php">Create Account</a><p> <p><a href="editroles.php">Edit Roles</a><p> <p><a href="Changepass.php">Change Password</a> <p><a href="logout.php">Logout</A> <?php }
-
never mind about the above, i managed to work around it:) I would like to replace the string in this line -> $batch_file1 = 'service_pack.bat'; It is located on another php file. I have tried doing it for an hour but to no avail, can someone guide me? Thanks! <?php $file = 'C:\xampp\htdocs\new\editpolicy.php'; $batch_contents = file_get_contents($file); if(isset($_POST['argument']) && $_POST['submit'] == "Save") { $newArgument = $_POST['argument']; preg_replace('~$\batch_file1 = "([a-z0-9_ -]+)"~i', '$\batch file1 = "'.$newArgument.'"' ,$batch_contents); }file_put_contents($file, $batch_contents); ?> <b>Deploy Service Pack Policy</b> <p> <form action="deploy.php" method="post"> Select audit file to deploy: <input type="text" name="argument"<br> <input type="submit" name="submit" value="Save"> <p> </form> </p>
-
it gives me Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\xampp\htdocs\new\copyfile.php on line 3... what other options do i have?
-
I tried both and it doesnt work..the 2nd one says... Warning: copy(C: mpp\htdocs ew\old$_POST['argument']) [function.copy]: failed to open stream: Invalid argument in C:\xampp\htdocs\new\copyfile.php on line 10 Save Template
-
Hey guys, how do i pass the $_POST['argument'] into the $newfile variable successfully? <?php $file = 'service_pack.bat'; $newfile = 'C:\xampp\htdocs\new\old\$_POST['argument']'; if(isset($_POST['argument']) && $_POST['submit'] == "Update") { copy($file, $newfile); } ?> <b>Save Template</b> <p> <form action="copyfile.php" method="post"> Save file as: <input type="text" name="argument"<br> <input type="submit" name="submit" value="Update"> <p> </form> </p>
-
Alright so basically if user inputs nothing in the text field..my code will cock up and change into systeminfo | findstr /i /C:"" . If i try to input some text into it, it will still appear as blank... Batch file @echo off rem systeminfo | findstr OS | findstr -v BIOS >> hi.txt rem findstr /C:"OS Version: 5.1.2600 Service Pack 2 Build 2600" final.doc rem cd C:\UnxUtils\usr\local\wbin rem systeminfo | grep -w "\(OS Name\|OS Version\)" >> final.doc systeminfo | findstr /i /C:"OS Version" | findstr -v BIOS >> C:\final.doc systeminfo | findstr /i /C:"Service pack 2" if %errorlevel%==0 ( echo Service_Pack_Requirement:Pass >> C:\final.doc ) else ( echo Service_Pack_Requirement:Fail >> C:\final.doc ) Replace string php file <?php $batch_file = 'service_pack.bat'; $batch_contents = file_get_contents($batch_file); if(isset($_POST['submit']) && $_POST['submit'] == "Update") { $newArgument = $_POST['argument']; $batch_contents = preg_replace('~findstr /i /C:"([a-z0-9_ -]+)"~i', 'findstr /i /C:"'.$newArgument.'"', $batch_contents); file_put_contents($batch_file, $batch_contents); } ?> <p> <form action="replaceservicepack.php" method="post"> Change argument: <input type="text" name="argument"<br> <input type="submit" name="submit" value="Update"> <input type="button" value="Cancel" onclick="history.go(-1);"> </form> </p>
-
okay i have solved it...but i have another question... whenever users input nothing into a form and clicks update, my regex replace function would stop working because my argument would be blank. I have put if(isset($_POST['submit']) && $_POST['submit'] == "Update") but it php still reads from the form..
-
Hmm i would like users to to able to change text inside "Success or Failure" while retaining the whitespace between : and S. findstr /i /C:"Privileged Account Logon: Success or Failure" I have tried this regex but i still cant make it to work... preg_replace('~(Privileged Account Logon:)(\s[a-z]+)~','${1}'.$newArgument, $batch_contents)
-
wow thanks man! That was detailed, helped me alot
-
thanks a lot it works! Can you kindly explain to me what does \[)([^\]]+)~','${1}' do?
-
Hello guys i am new to regular expression and i am figuring out how to give users a choice to change the argument in [0-90]. For example, user can change [0-90] to [5-60]... Batch file Script findstr /R /C:"Maximumpasswordage(days):[0-90]" final.doc if %errorlevel%==0 ( echo Maximum_Password_Age_Requirement:Pass >> C:\final.doc ) else ( echo Maximum_Password_Age_Requirement:Fail >> C:\final.doc ) $batch_contents = preg_replace('', 'findstr /R /C:"'.$newArgument.'"', $batch_contents);
-
thanks bro i'll try it out later!
-
Hello guys i am new to PHP. Basically what i am doing is an edit audit policy function. Basically the codes below are contained in a batch file. Users will run it in order to check whether he/she meets the requirement. If "Service Pack 2" is present, a pass notice will be given. What i want to do is to give system administrator the privilege to edit the audit policy, the argument to be changed will be located in findstr /C:"DEFINE ARGUMENT". I have managed to changed the file extension from .bat to .txt in order for php to read the text..now i need php to be able to edit the text in the DEFINE ARGUMENT part. Hence, if the system administrator inputs the desired text in an edit policy form, the text will replace the "Service Pack 2" in the text file. Ideas are welcome..thanks alot! @echo off systeminfo | findstr /C:"Service Pack 2" if %errorlevel%==0 ( echo Service_Pack_Requirement:Pass >> C:\final.doc ) else ( echo Service_Pack_Requirement:Fail >> C:\final.doc )
-
Hi guys im not sure if this is the right section to post, but what i am doing right now is using windows cmd to output results of computer configurations to a text file for auditing purpose. I will like my raw data to check against the desired setting and output a fail notice if they are different/pass notice if they are exactly the same. However, i do not have any ideas how to do that hence i need some guidance on this. Thanks! Example Minimum password age (days): 0 Maximum password age (days): 42 Minimum password length: 0 Length of password history maintained: None Desired Setting Minimum password age (days): 90 Maximum password age (days): 90 Minimum password length: 8 Length of password history maintained: None
-
Thanks a lot. I will look it up.
-
Actually i have another method which is using Force Downloading but however, my project requires me to auto run the batch file when the user saves the script....how do i go about doing that? <?PHP // Define the path to file $file = '4.4_File_Permission.bat'; if(!file) { // File doesn't exist, output error die('file not found'); } else { // Set headers header("Cache-Control: public"); header("Content-Description: File Transfer"); header("Content-Disposition: attachment; filename=$file"); header("Content-Type: application/bat"); header("Content-Transfer-Encoding: ASCII"); // Read the file from disk readfile($file); } ?>
-
Hi guys, basically my current situation is that the client will need to run the audit services batch file from the web server. My problem is that although the code below executed successfully, the .bat batch file outputs the result of the server's side computer configuration. I would like it to output the service result of the client side because i want to audit the client side and not the web server side. How do i go about doing that? <?php echo exec('cmd /c 4.1_services.bat'); ?> Contents of batch file @echo off sc qc Alerter | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc wuauserv | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc BITS| findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc Clipsrv | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc Browser | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc Fax | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc IISADMIN | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc ciSvc | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc Messenger | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc Netlogon | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc mnmsrvc| findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc RDSessMgr| findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc RemoteRegistry | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc RemoteAccess| findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc SMTPSVC | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc SNMP | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc SNMPTRAP | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc Schedule | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc TlntSvr | findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc TermService| findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc upnphost| findstr "START_TYPE DISPLAY_NAME" >>hi.txt sc qc w3svc | findstr "START_TYPE DISPLAY_NAME" >>hi.txt