############################################################ # # uber_admin.pl # # Provides the following administration functionality # # - reset a user's password # - change a user's privilege # - read log files # # Uberpages: # admin - top level admin page # admin_users - index of all users # admin_logs - index of logs # admin_log - contents of a log file # # The client is responsible for choosing what Privilege # level permits access to the admin page. # ############################################################ ############################################################ # # Handle various requests # ############################################################ sub uber_admin { my $message = ""; my $page = $cgi->param('page'); if ($cgi->param('admin') eq "Update") { process_admin(); } elsif (lc($page) eq "admin") # so that the "Admin" button { # goes to this page print_admin_page(); } elsif ($page eq "admin_users") { print_admin_users_page(); } elsif ($page eq "admin_logs") { print_admin_log_index_page(); } elsif ($page eq "admin_logfile") { print_admin_log_file_page(); } } ############################################################ # # Handle administrator's request. # ############################################################ sub process_admin { return if ($UBERACC{'PRIVILEGE'} < 3); my $action = $cgi->param('action'); my $username = $cgi->param('username'); my $message = ""; my %account; read_login_file(\%account, $username); if ($action eq "priv") # Change privilege { my $newpriv = $cgi->param('priv'); my $oldpriv = $account{'PRIVILEGE'}; $account{'PRIVILEGE'} = $newpriv; write_login_file(\%account, $zzuser, $zzpasswd, $zzname, $zzemail, $zzlocation, $zznewpriv); $message = qq(Changed privilege from $PRIVILEGE_LIST[$oldpriv] [$oldpriv] to $PRIVILEGE_LIST[$newpriv] [$newpriv] for $username); } elsif ($action eq "passwd") # Reset password { my $seed = (3600 * $Hour) + (60 * $Min) + $Sec; srand($seed); my $newpasswd = "horse" . (int(rand(899)) + 100); $account{PASSWORD} = crypt($newpasswd, $username); write_login_file(\%account, $zzuser, crypt($newpasswd, $username), $zzname, $zzemail, $zzlocation, $zzpriv); $message = qq(Password for $username reset); $message = qq(Password for $username reset to $newpasswd); my $email_to = $account{EMAIL}; $email_to = "mike\@stollery.uk"; if ($email_to eq "") { $message .= qq(
User $username has no email address.); } else # Inform user by email { my $app_link = "${THIS_SCRIPT}/cgi-bin/${SCRIPT_NAME}?"; my $email_from = $ADMIN_EMAIL; open(SENDMAIL, "|$SENDMAIL") or $message = qq(ERROR - Sorry, cannot send email to $email_to); print SENDMAIL qq(To: $email_to From: $email_from Reply-to: $email_from Subject: $SCRIPT_NAME Content-type: text/plain Password for $username has been reset to $newpasswd Please login to $app_link and change your password. ); close(SENDMAIL); $message .= qq(
Sent email to $email_to from $email_from); } } elsif ($action eq "delete") # Delete account { makedir("${LOGINROOT}/deleted"); move("${LOGINROOT}/$username", "${LOGINROOT}/deleted/$username"); $message = qq(Deleted account: $username); write_action("ADMIN $message"); } else { $message = qq(No change made.); } write_action("ADMIN $message"); admin_user_page($username, $message); } ############################################################ # # Perform admin operations # ############################################################ sub display_extra_login_commands { my ($fname) = "${REFROOT}/extra_admin_commands.dat"; open (INF, "$fname"); while() { chop; next if (/^#/); next if (/^\s*$/); ($name, $link, $others) = split /;/, $_; if ($link ne "") { print qq(     $name   ); } else { print qq(     $name   ); } } } sub print_admin_page { #write_action("FISH viewed the admin page"); my ($message) = @_; my $whoami = username_and_priv(); my $username = $cgi->param('user'); if ($username ne "") { admin_user_page($username, $message); return; } # else... prompt for username my ($message) = @_; my $title = "$SCRIPT_TITLE manage"; print_html_head(); print qq(
); if ($message ne "") { print qq( ); } print qq( ); display_extra_login_commands(); print qq(
$title
    $message
  Login: $whoami  
    actions log  
    hits log  
    detail log  
       
    all users  
  Select user:
 
      home
       
); print_html_end(); exit(0); } ############################################################ # # Perform admin operations on a specified user # ############################################################ sub admin_user_page { my ($username, $message) = @_; my $title = "$SCRIPT_TITLE manage"; my $whoami = username_and_priv(); %account = {}; read_login_file(\%account, $username); my $user = $account{'USERNAME'}; my $name = $account{'REALNAME'}; my $email = $account{'EMAIL'}; my $location = $account{'LOCATION'}; my $priv = $account{'PRIVILEGE'}; print_html_head(); print qq(
); if ($message ne "") { print qq( ); } print qq(
$title
    $message
  Login: $whoami  
  Username: $user  
  Name: $name  
  Email: $email  
  Location: $location  
  Privilege:  
  Action:  
        all users    admin home
       
); if ($UBERACC{'PRIVILEGE'} < 3) { print qq(You need to be an administrator to use this page.); } print_html_end(); exit(0); } ############################################################ # # Show all users for admin # ############################################################ sub print_admin_users_page { my ($message) = @_; my $title = "$SCRIPT_TITLE manage - all users"; my $whoami = username_and_priv(); print_html_head(); print qq(
); print qq( ) if ($message ne ""); print qq( ); my $fname; my $dir; my %account; my @loginfiles = <${LOGINROOT}/*/login.dat>; for $fname (@loginfiles) { $dir = $fname; $dir =~ s/\/login.dat//; ($user_id, $tmp) = split /\./, basename($dir); read_login_file(\%account, $user_id); $userlink = $account{'USERNAME'}; $userlink = qq($user_id) if ($UBERACC{'PRIVILEGE'} > $account{'PRIVILEGE'}); print qq( ); # if ($user eq $user_id); } print qq(
$title

  
  $message  
Login: $whoami

  
Login Name Email Location Privilege
$userlink $account{'REALNAME'} $account{'EMAIL'} $account{'LOCATION'} $account{'PRIVILEGE'} $PRIVILEGE_LIST[$account{'PRIVILEGE'}]
      admin  
         
); print_html_end(); exit(0); } ############################################################ # # Index of log files # ############################################################ sub print_admin_log_index_page { my ($message) = @_; my $title = "$SCRIPT_TITLE manage - log files"; my $whoami = username_and_priv(); my $filetype = lc($cgi->param('type')); my $year = $cgi->param('year'); $year = date_manip("-fYEAR") if ($year eq ""); my $linktype; my $fileext; my $logdir; my $colour = "gray"; # What type of files do we want to look at? if ($filetype eq "details") { $logdir = "${LOGROOT}/details"; $fileext = ".log"; $linktype = "actions"; $linktype2 = "hits"; $colour = "#c00000"; } elsif ($filetype eq "actions") { $logdir = "${LOGROOT}/actions"; $fileext = ".csv"; $linktype = "hits"; $linktype2 = "details"; $colour = "#00c000"; } else { $logdir = "${LOGROOT}/hits"; $fileext = ".csv"; $filetype = "hits"; $linktype = "actions"; $linktype2 = "details"; $colour = "#c0a000"; } # $title .= qq(: $filetype); $title .= qq(: $filetype); # Get list of years of log files my @years = (); my $prev_f = ""; for $fname (sort <${logdir}/*$fileext>) { $f = basename($fname); $f =~ s/$fileext$//; $f = substr($f, -8); $f = substr($f, 0, 4); push @years, $f if ($f != $prev_f); $prev_f = $f; } print_html_head(); print qq(
); print qq( ) if ($message ne ""); print qq(
$title

  
  $message  
Login: $whoami
Directory: $logdir
Year: ); for $y (sort rev_sort @years) { if ($y == $year) { print qq($year  ); } else { print qq($y  ); } } print qq(

   Log $filetype:   $linktype | $linktype2 | admin  
); my $fname; my $dir; my $date; my ($user, $passwd, $name, $email, $location, $priv); my @logfiles = <${logdir}/*${year}[0-3][0-9][0-9][0-9]$fileext>; for $fname (sort rev_sort @logfiles) { $f = basename($fname); # get date from filename $date = $f; $date =~ s/$fileext$//; $date = substr($date, -8); $date = date_manip("-fDOW_DD_MON_YEAR $date"); ($dow, $dd, $mon, $year) = split / /, $date; # count lines and errors $lines = 0; $errors = 0; open (INF, "$fname") or $lines = -1; while() { $lines++; $errors++ if (/ERROR/); } close(INF); print qq( ); } print qq(
Date Lines Errors Filename
$dow $dd $mon $year $lines $errors $f
         
      $linktype | $linktype2 | admin  
); print_html_end(); exit(0); } ############################################################ # # Contents of a log file # ############################################################ sub print_admin_log_file_page { my ($message) = @_; my $title = "$SCRIPT_TITLE manage - log file"; my $whoami = username_and_priv(); my $filetype = lc($cgi->param('type')); my $year = $cgi->param('year'); my $fname = $cgi->param('f'); $year = date_manip("-fYEAR") if ($year eq ""); my $linktype; my $fileext; my $logdir; # What type of file are we looking at? if ($filetype eq "details") { $logdir = "${LOGROOT}/details"; $fileext = ".log"; $linktype = "hits"; } elsif ($filetype eq "actions") { $logdir = "${LOGROOT}/actions"; $fileext = ".csv"; $linktype = "actions"; } else { $logdir = "${LOGROOT}/hits"; $fileext = ".csv"; $filetype = "hits"; $linktype = "details"; } # default log file should be today's if ($fname eq "") { $fname = "${SCRIPT_TITLE}_${YYYYMMDD}.csv"; } $title .= ": $filetype"; my $date = $fname; $date =~ s/$fileext//; $date = substr($date, -8); my $display_date = date_manip("-fDAYOFWEEK_DD_MONTH_YEAR $date"); $fname = $logdir . "/" . $fname; print_html_head(); print qq(
); print qq( ) if ($message ne ""); print qq( ); log_file_links($filetype, $date, $fileext); print qq( ); log_file_links($filetype, $date, $fileext); print qq(
$title

  
  $message  
Login: $whoami
Filename: $fname
Date: $display_date
); if ($filetype eq "hits") # read a csv file of hits data { print qq( ); open (INF, "$fname"); while() { chop; ($timestamp, $remote_addr, $remote_host, $http_referer, $query_string, $user, $priv) = split /,/, $_; $http_referer =~ s/http:\/\/.*\/cgi-bin\/pooclub.cgi//; # $http_referer =~ s/pooclub/pieclub/; print qq( ); } print qq(
Time Rem IP Rem Host User Priv Query Referer
$timestamp $remote_addr $remote_host $user $priv ?$query_string $http_referer
); } elsif ($filetype eq "actions") # read a csv file of actions data { print qq( ); open (INF, "$fname"); while() { chop; ($timestamp, $remote_addr, $user, $priv, $action) = split /,/, $_; print qq( ); } print qq(
Time Rem IP User Priv Action
$timestamp $remote_addr $user $priv $action
); } else # print it raw { print qq( 
);
        open (INF, "$fname");
        while() {print qq($_);}
        close(INF);

        print qq(
); } print qq(
         
); print_html_end(); exit(0); } ############################################################ sub log_file_links { my ($filetype, $date, $fileext) = @_; my $previous_date = date_manip("-d-1 $date"); my $next_date = date_manip("-d1 $date"); print qq(   previous date | next date   logs | admin   ); } 1; ############################################################ # EOF