Location: PHPKode > projects > IPplan IP address management system > user/createrange.php

// IPplan v4.92a
// Aug 24, 2001
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
// Modify capabilities added by Denes Magyar (hide@address.com) 22/02/05

// when ranges or aggregates are created, should we test for overlaps within customer?
// RANGETEST=0 - no overlaps allowed at all
// RANGETEST=1 - overlaps within areas allowed
// RANGETEST=2 - any type of overlap allowed

// upgraded versions of IPplan before 4.47 will require a database ALTER TABLE
// to remove UNIQUE index on range field. New installations to not require the ALTER TABLE:
// DROP INDEX rangeaddr ON netrange;
// ALTER TABLE netrange ADD  INDEX range_rangeaddr  (rangeaddr, customer);

// test if netranges overlap
function TestDuplicateRange($ds, $rangeaddr, $rangesize, $cust) {

    // full test, no form of overlap allowed
    if (RANGETEST==0) {
        $result=&$ds->ds->Execute("SELECT rangeaddr
                FROM netrange
                WHERE (($rangeaddr BETWEEN rangeaddr AND 
                        rangeaddr + rangesize - 1) OR
                    ($rangeaddr < rangeaddr AND 
                     $rangeaddr+$rangesize > 
                     rangeaddr + rangesize - 1)) AND
    // only exact duplicates are rejected - no UNIQUE index for all three conditions
    else if (RANGETEST==1) {
        $result=&$ds->ds->Execute("SELECT rangeaddr
                FROM netrange
                WHERE rangeaddr = $rangeaddr AND rangesize = $rangesize AND customer=$cust");
    // do no checks at all - allows overlaps across areas and within areas
    else {
        return 0;
    if ($result->FetchRow()) {
        return 1;



$auth = new SQLAuthenticator(REALM, REALMERROR);

// And now perform the authentication

// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);


// explicitly cast variables as security measure against SQL injection
list($cust, $areaindex, $rangeindex, $action, $size, $ipaddr, $descrip) = myRegister("I:cust I:areaindex I:rangeindex S:action I:size S:ipaddr S:descrip");

if ($action=="modify") {
    $title=my_("Modify a range or supernet/summary");
else {
    $title=my_("Create a new range or supernet/summary");
$w=myheading($p, $title, true);

$ds=new IPplanDbf() or myError($w,$p, my_("Could not connect to database"));

if ($_POST) {
    // save the last customer used
    // must set path else Netscape gets confused!
    setcookie("ipplanCustomer","$cust",time() + 10000000, "/");

    if ($action=="modify") {
        $result=$ds->GetRange($cust, $rangeindex);
        if (!$row = $result->FetchRow()) {
            myError($w,$p, my_("Range cannot be found!"));


    if (strlen($descrip) == 0) {
        $formerror .= my_("You need to enter a description for the range")."\n";


    if (!$ipaddr)
        $formerror .= my_("Range address may not be blank")."\n";
    else if (testIP($ipaddr))
        $formerror .= my_("Invalid range address")."\n";
    else if (!$size)
        $formerror .= my_("Size may not be zero")."<br>";
    else if (TestDuplicateRange($ds, $base, $size, $cust)) {
        if ($action=="modify") {
            // ok if just changing description
            if($row["rangeaddr"]==$base and $row["rangesize"]==$size) {
            // ok if making smaller
            else if($row["rangeaddr"]==$base and $size<$row["rangesize"]) {
            // ok if allowed to overlap
            else if(RANGETEST >= 2) {
            else {
                $formerror .= my_("Range cannot be modified - overlaps with existing range or overlaps with self if trying to change size. Try moving the range out of the way first before resizing.")."\n";
        else {
            $formerror .= my_("Range cannot be created - overlaps with existing range")."\n";

    if ($size > 1) {
        if (TestBaseAddr(inet_aton3($ipaddr), $size)) {
            $formerror .= my_("Invalid base address")."\n";

    if (!$formerror) {
        // check if user belongs to customer admin group
        // can only be one row - does not matter if nothing is 
        // found as array search will return false
        $row = $result->FetchRow();
        if (!in_array($row["admingrp"], $grps)) {
            myError($w,$p, my_("You may not create/modify a range for this customer as you are not a member of the customers admin group"));

        // cast type correctly to prevent blank area!

        // the fact that the range is unique prevents the range
        // being added to more than one area!
        if ($action=="modify") {

            $result=&$ds->ds->Execute("UPDATE netrange SET areaindex=$areaindex, 
                    rangeaddr=$base, rangesize=$size
                    WHERE rangeindex=$rangeindex") and
                $ds->AuditLog(array("event"=>161, "action"=>"modify range", 
                            "descrip"=>$descrip, "user"=>getAuthUsername(), "areaindex"=>$areaindex,
                            "baseaddr"=>$ipaddr, "size"=>$size, "cust"=>$cust));
        else {
            $result=&$ds->ds->Execute("INSERT INTO netrange
                    (rangeaddr, rangesize, areaindex, descrip,
                    ($base, $size, $areaindex,
                     $cust)") and
                    $ds->AuditLog(array("event"=>160, "action"=>"create range", 
                                "descrip"=>$descrip, "user"=>getAuthUsername(), "areaindex"=>$areaindex,
                                "baseaddr"=>$ipaddr, "size"=>$size, "cust"=>$cust));

        if ($result) {
            if ($action=="modify") {
                Header("Location: ".location_uri("modifyarearange.php?cust=$cust"));
                //insert($w,textbr(my_("Range modified")));
            else {
                insert($w,textbr(my_("Range created")));
            $ipaddr=""; $descrip="";
        else {
            $formerror .= my_("Range could not be created/modified - probably duplicate name")."\n";

myError($w,$p, $formerror, FALSE);
// display opening text
insert($w,heading(3, "$title."));

if ($action=="modify") {
    insert($w,textbrbr(my_("Modify a range supernet/summary. Changing the range address or size to overlap with the currently defined range and size is not supported. Move the range out of the way first.")));
else {
    insert($w,textbrbr(my_("Create a new range or supernet/summary by entering the base (network) address. A range is an aggregation of a number of subnets which can ultimately be used to reduce the number of routing entries in routing tables. Ranges are essentially the same as a normal subnet, just bigger with a wider view.")));

// start form
insert($w, $f1 = form(array("name"=>"THISFORM",

if ($action=="modify") {
else {
    // ugly kludge with global variable!
    $cust=myCustomerDropDown($ds, $f1, $cust, $grps) or myError($w,$p, my_("No customers"));
// show all areas, even ones with no ranges - need for create page
$areaindex=myAreaDropDown($ds, $f1, $cust, $areaindex, TRUE);

insert($w, $f2 = form(array("name"=>"ENTRY",

// save customer name for actual post of data
// save area index for actual post of data
if ($action=="modify") {

insert($f2,textbrbr(my_("Range address")));


insert($f2,textbrbr(my_("Range size/mask")));

insert($f2,selectbox(array("4"=>" - 4 hosts",
                           "8"=>" - 8 hosts",
                           "16"=>" - 16 hosts",
                           "32"=>" - 32 hosts",
                           "64"=>" - 64 hosts",
                           "128"=>" - 128 hosts",
                           "256"=>" - 256 hosts (class C)",
                           "512"=>" - 512 hosts",
                           "1024"=>" - 1k hosts",
                           "2048"=>" - 2k hosts",
                           "4096"=>" - 4k hosts",
                           "8192"=>" - 8k hosts",
                           "16384"=>" - 16k hosts",
                           "32768"=>" - 32k hosts",
                           "65536"=>" - 64k hosts (class B)",
                           "131072"=>" - 128k hosts",
                           "262144"=>" - 256k hosts",
                           "16777216"=>" (class A)"),



Return current item: IPplan IP address management system