diff --git a/webui/controller/accounting/accounting.php b/webui/controller/accounting/accounting.php index dc63371..47116d8 100644 --- a/webui/controller/accounting/accounting.php +++ b/webui/controller/accounting/accounting.php @@ -22,7 +22,18 @@ $this->data['sort'] = 'item'; $this->data['sorttype'] = 0; $this->data['order'] = 0; - + + if(Registry::get('admin_user') == 0) { + die("go away"); + } + + $this->data['search'] = ''; + + /* get search term if there's any */ + + if(isset($this->request->post['search'])) { $this->data['search'] = $this->request->post['search']; } + else if(isset($this->request->get['search'])) { $this->data['search'] = $this->request->get['search']; } + // get page if(isset($this->request->get['page']) && is_numeric($this->request->get['page']) && $this->request->get['page'] > 0) { $this->data['page'] = $this->request->get['page']; @@ -50,15 +61,15 @@ if(@$this->request->get['view'] == "email") { $this->data['view'] = 'email'; $this->data['viewname'] = "Emails"; - $this->data['accounting'] = $counters->get_accounting('email',$this->data['page'], $this->data['page_len'], $this->data['sort'], $this->data['order']); - $this->data['total_records'] = $counters->count_accounting('email'); + $this->data['accounting'] = $counters->get_accounting('email',$this->data['search'], $this->data['page'], $this->data['page_len'], $this->data['sort'], $this->data['order']); + $this->data['total_records'] = $counters->count_accounting('email',$this->data['search']); } if(@$this->request->get['view'] == "domain") { $this->data['view'] = 'domain'; $this->data['viewname'] = "Domains"; - $this->data['accounting'] = $counters->get_accounting('domain',$this->data['page'], $this->data['page_len'], $this->data['sort'], $this->data['order']); - $this->data['total_records'] = $counters->count_accounting('domain'); + $this->data['accounting'] = $counters->get_accounting('domain',$this->data['search'], $this->data['page'], $this->data['page_len'], $this->data['sort'], $this->data['order']); + $this->data['total_records'] = $counters->count_accounting('domain',$this->data['search']); } if($this->data['accounting']) { diff --git a/webui/controller/audit/audit.php b/webui/controller/audit/audit.php index 46b849b..895cad5 100644 --- a/webui/controller/audit/audit.php +++ b/webui/controller/audit/audit.php @@ -14,6 +14,9 @@ $this->load->model('audit/audit'); + if(Registry::get('admin_user') == 0) { + die("go away"); + } $this->render(); } diff --git a/webui/controller/audit/helper.php b/webui/controller/audit/helper.php index 40e9da6..95c1c32 100644 --- a/webui/controller/audit/helper.php +++ b/webui/controller/audit/helper.php @@ -28,6 +28,10 @@ $this->load->model('audit/audit'); + if(Registry::get('admin_user') == 0) { + die("go away"); + } + $this->data['page'] = 0; if(isset($this->request->post['page'])) { $this->data['page'] = $this->request->post['page']; } diff --git a/webui/model/accounting/accounting.php b/webui/model/accounting/accounting.php index bc1609c..a9bf6b8 100644 --- a/webui/model/accounting/accounting.php +++ b/webui/model/accounting/accounting.php @@ -90,7 +90,7 @@ return $return; } - public function get_accounting($item = 'email',$page=0,$pagelen=0,$sort='item',$order=0 ) { + public function get_accounting($item = 'email',$search='',$page=0,$pagelen=0,$sort='item',$order=0 ) { // item can be either email or domain, maybe folder in the future?? @@ -116,18 +116,24 @@ $account_for_emails = $this->__getEmails(); $account_for_domains = $this->__getDomains(); - - + $search = preg_replace("/\s{1,}/", "", $search); + if ($item == 'email') { $account_for_emails = $this->__getEmails(); $account_for_domains = $this->__getDomains(); $query = "SELECT `email` AS `item`,MIN(`date`) as `oldest`,MAX(`date`) as `newest`,sum(`sent`) as `sent`,sum(`recd`) as `recd`,SUM(`sentsize`) as `sentsize`,AVG(`sentsize`) as `sentavg`,SUM(`recdsize`) as `recdsize`,AVG(`recdsize`) as `recdavg` FROM " . TABLE_STAT_COUNTER; - $where = "WHERE `email` IN ('".implode("','",$account_for_emails)."') OR `domain` IN ('".implode("','",$account_for_domains)."')"; + $where = "WHERE ( `email` IN ('".implode("','",$account_for_emails)."') OR `domain` IN ('".implode("','",$account_for_domains)."') )"; + if($search){ + $where .= " AND ( `email` like '%".$search."%' OR `domain` like '%".$search."%' )"; + } $group = "GROUP BY `email`"; } elseif ($item == 'domain') { $account_for_domains = $this->__getDomains(); $query = "SELECT `domain` AS `item`,MIN(`date`) as `oldest`,MAX(`date`) as `newest`,sum(`sent`) as `sent`,sum(`recd`) as `recd`,SUM(`sentsize`) as `sentsize`,AVG(`sentsize`) as `sentavg`,SUM(`recdsize`) as `recdsize`,AVG(`recdsize`) as `recdavg` FROM " . TABLE_STAT_COUNTER; - $where = "WHERE `domain` IN ('".implode("','",$account_for_domains)."')"; + $where = "WHERE ( `domain` IN ('".implode("','",$account_for_domains)."') )"; + if($search){ + $where .= " AND `domain` like '%".$search."%'"; + } $group = "GROUP BY `domain`"; } else { return false; @@ -154,18 +160,30 @@ } - public function count_accounting($item = 'email') { + public function count_accounting($item = 'email',$search='') { $account_for_emails = $this->__getEmails(); $account_for_domains = $this->__getDomains(); + $search = preg_replace("/\s{1,}/", "", $search); + + if($search){ + $search_cond .= " AND ( `email` like '%".$search."%' OR `domain` like '%".$search."%' )"; + } + $query = "SELECT `email` AS `item`,MIN(`date`) as `oldest`,MAX(`date`) as `newest`,sum(`sent`) as `sent`,sum(`recd`) as `recd`,sum(`sentsize`) as `sentsize`,sum(`recdsize`) as `recdsize` FROM " . TABLE_STAT_COUNTER; if ($item == 'email') { $where = "WHERE `email` IN ('".implode("','",$account_for_emails)."') OR `domain` IN ('".implode("','",$account_for_domains)."')"; + if($search){ + $where .= " AND ( `email` like '%".$search."%' OR `domain` like '%".$search."%' )"; + } $group = "GROUP BY `email`"; } elseif ($item == 'domain') { $where = "WHERE `domain` IN ('".implode("','",$account_for_domains)."')"; + if($search){ + $where .= " AND `domain` like '%".$search."%'"; + } $group = "GROUP BY `domain`"; } else { return false;