Changeset 262 for branches/dns/cgi-bin/main.cgi

Timestamp:

06/17/05 16:42:45 (20 years ago)

Author:

Kris Deugau

Message:

/branches/dns

Update branch base with trunk changes from r216:261

File:

• branches/dns/cgi-bin/main.cgi (modified) (38 diffs)

branches/dns/cgi-bin/main.cgi

@@ -22 +22 @@
 openlog "IPDB","pid","local2";
 
-# Collect the username from HTTP auth.  If undefined, we're in a test environment.
+# Collect the username from HTTP auth.  If undefined, we're in
+# a test environment, or called without a username.
 my $authuser;
 if (!defined($ENV{'REMOTE_USER'})) {
@@ -39 +40 @@
 ($ip_dbh,$errstr) = connectDB_My;
 if (!$ip_dbh) {
-  printAndExit("Database error: $errstr\n");
+  exitError("Database error: $errstr\n");
 }
 initIPDBGlobals($ip_dbh);
 
-#prototypes
-sub viewBy($$);         # feed it the category and query
-sub queryResults($$$);  # args is the sql, the page# and the rowCount
-# Needs rewrite/rename
-sub countRows($);       # returns first element of first row of passed SQL
-                        # Only usage passes "select count(*) ..."
+# Headerize!  Make sure we replace the $$EXTRA0$$ bit as needed.
+printHeader('', ($IPDBacl{$authuser} =~ /a/ ?
+        '<td align=right><a href="/ip/cgi-bin/main.cgi?action=assign">Add new assignment</a>' : ''
+        ));
+
 
 # Global variables
-my $RESULTS_PER_PAGE = 50;
 my %webvar = parse_post();
 cleanInput(\%webvar);
@@ -64 +63 @@
 if($webvar{action} eq 'index') {
   showSummary();
+} elsif ($webvar{action} eq 'addmaster') {
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+  } else {
+    open HTML, "<../addmaster.html";
+    print while <HTML>;
+  }
 } elsif ($webvar{action} eq 'newmaster') {
-  printHeader('');
-
-  my $cidr = new NetAddr::IP $webvar{cidr};
-
-  print "<div type=heading align=center>Adding $cidr as master block....</div>\n";
-
-  # Allow transactions, and raise an exception on errors so we can catch it later.
-  # Use local to make sure these get "reset" properly on exiting this block
-  local $ip_dbh->{AutoCommit} = 0;
-  local $ip_dbh->{RaiseError} = 1;
-
-  # Wrap the SQL in a transaction
-  eval {
-    $sth = $ip_dbh->prepare("insert into masterblocks values ('$webvar{cidr}')");
-    $sth->execute;
+
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+  } else {
+
+    my $cidr = new NetAddr::IP $webvar{cidr};
+
+    print "<div type=heading align=center>Adding $cidr as master block....</div>\n";
+
+    # Allow transactions, and raise an exception on errors so we can catch it later.
+    # Use local to make sure these get "reset" properly on exiting this block
+    local $ip_dbh->{AutoCommit} = 0;
+    local $ip_dbh->{RaiseError} = 1;
+
+    # Wrap the SQL in a transaction
+    eval {
+      $sth = $ip_dbh->prepare("insert into masterblocks values ('$webvar{cidr}')");
+      $sth->execute;
 
 # Unrouted blocks aren't associated with a city (yet).  We don't rely on this
@@ -85 +94 @@
 # Thus the "routed" flag.
 
-    $sth = $ip_dbh->prepare("insert into freeblocks (cidr,maskbits,city,routed)".
+      $sth = $ip_dbh->prepare("insert into freeblocks (cidr,maskbits,city,routed)".
         " values ('$webvar{cidr}',".$cidr->masklen.",'<NULL>','n')");
-    $sth->execute;
-
-    # If we get here, everything is happy.  Commit changes.
-    $ip_dbh->commit;
-  }; # end eval
-
-  if ($@) {
-    carp "Transaction aborted because $@";
-    eval { $ip_dbh->rollback; };
-    syslog "err", "Could not add master block '$webvar{cidr}' to database: '$@'";
-    printError("Could not add master block $webvar{cidr} to database: $@");
-  } else {
-    print "<div type=heading align=center>Success!</div>\n";
-    syslog "info", "$authuser added master block $webvar{cidr}";
-  }
+      $sth->execute;
+
+      # If we get here, everything is happy.  Commit changes.
+      $ip_dbh->commit;
+    }; # end eval
+
+    if ($@) {
+      carp "Transaction aborted because $@";
+      eval { $ip_dbh->rollback; };
+      syslog "err", "Could not add master block '$webvar{cidr}' to database: '$@'";
+      printError("Could not add master block $webvar{cidr} to database: $@");
+    } else {
+      print "<div type=heading align=center>Success!</div>\n";
+      syslog "info", "$authuser added master block $webvar{cidr}";
+    }
+
+  } # ACL check
 
 } # end add new master
@@ -113 +124 @@
 elsif($webvar{action} eq 'listpool') {
   listPool();
-}
-elsif($webvar{action} eq 'search') {
-  printHeader('');
-  if (!$webvar{input}) {
-    # No search term.  Display everything.
-    viewBy('all', '');
-  } else {
-    # Search term entered.  Display matches.
-    # We should really sanitize $webvar{input}, no?
-    viewBy($webvar{searchfor}, $webvar{input});
-  }
 }
 
@@ -153 +153 @@
 # which is not in any way guaranteed to provide anything useful.
 else {
-  printHeader('');
   my $rnd = rand 500;
   my $boing = sprintf("%.2f", rand 500);
@@ -171 +170 @@
 print qq(<div align=right style="position: absolute; right: 30px;">).
         qq(<a href="/ip/cgi-bin/admin.cgi">Admin tools</a></div><br>\n)
-        if $authuser =~ /kdeugau|jodyh|jipp/;
+        if $IPDBacl{$authuser} =~ /A/;
 
 # We print the footer here, so we don't have to do it elsewhere.
@@ -181 +180 @@
 
 
-sub viewBy($$) {
-  my ($category,$query) = @_;
-
-  # Local variables
-  my $sql;
-
-#print "<pre>\n";
-
-#print "start querysub: query '$query'\n";
-# this may happen with more than one subcategory.  Unlikely, but possible.
-
-  # Calculate start point for LIMIT clause
-  my $offset = ($webvar{page}-1)*$RESULTS_PER_PAGE;
-
-# Possible cases:
-# 1) Partial IP/subnet.  Treated as "first-three-octets-match" in old IPDB,
-#    I should be able to handle it similarly here.
-# 2a) CIDR subnet.  Treated more or less as such in old IPDB.
-# 2b) CIDR netmask.  Not sure how it's treated.
-# 3) Customer ID.  Not handled in old IPDB
-# 4) Description.
-# 5) Invalid data which might be interpretable as an IP or something, but
-#    which probably shouldn't be for reasons of sanity.
-
-  if ($category eq 'all') {
-
-    print qq(<div class="heading">Showing all netblock and static-IP allocations</div><br>\n);
-
-    # Need to assemble SQL query in this order to avoid breaking things.
-    $sql = "select cidr,custid,type,city,description from searchme";
-    my $count = countRows("select count(*) from ($sql) foo");
-    $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";
-    queryResults($sql, $webvar{page}, $count);
-
-  } elsif ($category eq 'cust') {
-
-    print qq(<div class="heading">Searching for Customer IDs containing '$query'</div><br>\n);
-
-    # Query for a customer ID.  Note that we can't restrict to "numeric-only"
-    # as we have non-numeric custIDs in the legacy data.  :/
-    $sql = "select cidr,custid,type,city,description from searchme where custid ilike '%$query%'";
-    my $count = countRows("select count(*) from ($sql) foo");
-    $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";
-    queryResults($sql, $webvar{page}, $count);
-
-  } elsif ($category eq 'desc') {
-
-    print qq(<div class="heading">Searching for descriptions containing '$query'</div><br>\n);
-    # Query based on description (includes "name" from old DB).
-    $sql = "select cidr,custid,type,city,description from searchme where description ilike '%$query%'";
-    my $count = countRows("select count(*) from ($sql) foo");
-    $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";
-    queryResults($sql, $webvar{page}, $count);
-
-  } elsif ($category =~ /ipblock/) {
-
-    # Query is for a partial IP, a CIDR block in some form, or a flat IP.
-    print qq(<div class="heading">Searching for IP-based matches on '$query'</div><br>\n);
-
-    $query =~ s/\s+//g;
-    if ($query =~ /\//) {
-      # 209.91.179/26 should show all /26 subnets in 209.91.179
-      my ($net,$maskbits) = split /\//, $query;
-      if ($query =~ /^(\d{1,3}\.){3}\d{1,3}\/\d{2}$/) {
-        # /0->/9 are silly to worry about right now.  I don't think
-        # we'll be getting a class A anytime soon.  <g>
-        $sql = "select cidr,custid,type,city,description from searchme where cidr='$query'";
-        queryResults($sql, $webvar{page}, 1);
-      } else {
-        print "Finding all blocks with netmask /$maskbits, leading octet(s) $net<br>\n";
-        # Partial match;  beginning of subnet and maskbits are provided
-        $sql = "select cidr,custid,type,city,description from searchme where ".
-                "text(cidr) like '$net%' and text(cidr) like '%$maskbits'";
-        my $count = countRows("select count(*) from ($sql) foo");
-        $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";
-        queryResults($sql, $webvar{page}, $count);
-      }
-    } elsif ($query =~ /^(\d{1,3}\.){3}\d{1,3}$/) {
-      # Specific IP address match
-      my $sfor = new NetAddr::IP $query;
-# We do this convoluted roundabout way of finding things in order
-# to bring up matches for single IPs that are within a static block;
-# we want to show both the "container" block and the static IP itself.
-      $sth = $ip_dbh->prepare("select cidr from searchme where cidr >>= '$sfor'");
-      $sth->execute;
-      while (my @data = $sth->fetchrow_array()) {
-        my $cidr = new NetAddr::IP $data[0];
-        queryResults("select cidr,custid,type,city,description from searchme where ".
-                "cidr='$cidr'", $webvar{page}, 1);
-      }
-    } elsif ($query =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.?$/) {
-      print "Finding matches where the first three octets are $query<br>\n";
-      $sql = "select cidr,custid,type,city,description from searchme where ".
-                "text(cidr) like '$query%'";
-      my $count = countRows("select count(*) from ($sql) foo");
-      $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";
-      queryResults($sql, $webvar{page}, $count);
-    } else {
-      # This shouldn't happen, but if it does, whoever gets it deserves what they get...
-      printError("Invalid query.");
-    }
-  } else {
-    # This shouldn't happen, but if it does, whoever gets it deserves what they get...
-    printError("Invalid searchfor.");
-  }
-} # viewBy
-
-
 # args are: a reference to an array with the row to be printed and the 
 # class(stylesheet) to use for formatting.
@@ -313 +204 @@
 
 
-# Display certain types of search query.  Note that this can't be
-# cleanly reused much of anywhere else as the data isn't neatly tabulated.
-# This is tied to the search sub tightly enough I may just gut it and provide
-# more appropriate tables directly as needed.
-sub queryResults($$$) {
-  my ($sql, $pageNo, $rowCount) = @_;
-  my $offset = 0;
-  $offset = $1 if($sql =~ m/.*limit\s+(.*),.*/);
-
-  my $sth = $ip_dbh->prepare($sql);
-  $sth->execute();
-
-  startTable('Allocation','CustID','Type','City','Description/Name');
-  my $count = 0;
-
-  while (my @data = $sth->fetchrow_array) {
-    # cidr,custid,type,city,description
-    # Prefix subblocks with "Sub "
-    my @row = ( (($data[2] =~ /^.r$/) ? 'Sub ' : '').
-        qq(<a href="/ip/cgi-bin/main.cgi?action=edit&block=$data[0]">$data[0]</a>),
-        $data[1], $disp_alloctypes{$data[2]}, $data[3], $data[4]);
-    # Allow listing of pool if desired/required.
-    if ($data[2] =~ /^.[pd]$/) {
-      $row[0] .= ' &nbsp; <a href="/ip/cgi-bin/main.cgi?action=listpool'.
-        "&pool=$data[0]\">List IPs</a>";
-    }
-    printRow(\@row, 'color1', 1) if ($count%2==0); 
-    printRow(\@row, 'color2', 1) if ($count%2!=0);
-    $count++;
-  }
-
-  # Have to think on this call, it's primarily to clean up unfetched rows from a select.
-  # In this context it's probably a good idea.
-  $sth->finish();
-
-  my $upper = $offset+$count;
-  print "<tr><td colspan=10 bgcolor=white class=regular>Records found: $rowCount<br><i>Displaying: $offset - $upper</i></td></tr>\n";
-  print "</table></center>\n";
-
-  # print the page thing..
-  if ($rowCount > $RESULTS_PER_PAGE) {
-    my $pages = ceil($rowCount/$RESULTS_PER_PAGE);
-    print qq(<div class="center"> Page: );
-    for (my $i = 1; $i <= $pages; $i++) {
-      if ($i == $pageNo) {
-        print "<b>$i&nbsp;</b>\n";
-      } else {
-        print qq(<a href="/ip/cgi-bin/main.cgi?page=$i&input=$webvar{input}&action=search&searchfor=$webvar{searchfor}">$i</a>&nbsp;\n);
-      }
-    }
-    print "</div>";
-  }
-} # queryResults
-
-
 # Prints table headings.  Accepts any number of arguments;
 # each argument is a table heading.
@@ -380 +216 @@
 
 
-# Return first element of passed SQL query
-sub countRows($) {
-  my $sth = $ip_dbh->prepare($_[0]);
-  $sth->execute();
-  my @a = $sth->fetchrow_array();
-  $sth->finish();
-  return $a[0];
-}
-
-
 # Initial display:  Show master blocks with total allocated subnets, total free subnets
 sub showSummary {
-  # this is horrible-ugly-bad and will Go Away real soon now(TM)
-  print "Content-type: text/html\n\n";
 
   startTable('Master netblock', 'Routed netblocks', 'Allocated netblocks',
@@ -420 +244 @@
 
   # Count the free blocks.
-  $sth = $ip_dbh->prepare("select count(*) from freeblocks where cidr <<= ?");
+  $sth = $ip_dbh->prepare("select count(*) from freeblocks where cidr <<= ? and ".
+        "(routed='y' or routed='n')");
   foreach my $master (@masterblocks) {
     $sth->execute("$master");
@@ -428 +253 @@
 
   # Find the largest free block in each master
-  $sth = $ip_dbh->prepare("select maskbits from freeblocks where cidr <<= ? order by maskbits limit 1");
+  $sth = $ip_dbh->prepare("select maskbits from freeblocks where cidr <<= ? and ".
+        "(routed='y' or routed='n') order by maskbits limit 1");
   foreach my $master (@masterblocks) {
     $sth->execute("$master");
@@ -448 +274 @@
   }
   print "</table>\n";
-  print qq(<a href="/ip/addmaster.shtml">Add new master block</a><br><br>\n);
+  if ($IPDBacl{$authuser} =~ /a/) {
+    print qq(<a href="/ip/cgi-bin/main.cgi?action=addmaster">Add new master block</a><br><br>\n);
+  }
   print "Note:  Free blocks noted here include both routed and unrouted blocks.\n";
 
@@ -460 +288 @@
 # else should follow.  YMMV.)
 sub showMaster {
-  printHeader('');
 
   print qq(<center><div class="heading">Summarizing routed blocks for ).
@@ -502 +329 @@
 
     # Count the free blocks.
-    $sth = $ip_dbh->prepare("select count(*) from freeblocks where cidr <<= ?");
+    $sth = $ip_dbh->prepare("select count(*) from freeblocks where cidr <<= ? and ".
+        "(routed='y' or routed='n')");
     foreach my $master (@localmasters) {
       $sth->execute("$master");
@@ -510 +338 @@
 
     # Get the size of the largest free block
-    $sth = $ip_dbh->prepare("select maskbits from freeblocks where cidr <<= ? order by maskbits limit 1");
+    $sth = $ip_dbh->prepare("select maskbits from freeblocks where cidr <<= ? and ".
+        "(routed='y' or routed='n') order by maskbits limit 1");
     foreach my $master (@localmasters) {
       $sth->execute("$master");
@@ -534 +363 @@
     print qq(<hr width="60%"><center><div class="heading">No allocations in ).
         qq($master.</div>\n).
-        qq(<form action="/ip/cgi-bin/main.cgi" method=POST>\n).
-        qq(<input type=hidden name=action value="delete">\n).
-        qq(<input type=hidden name=block value="$master">\n).
-        qq(<input type=hidden name=alloctype value="mm">\n).
-        qq(<input type=submit value=" Remove this master ">\n).
-        qq(</form></center>\n);
+        ($IPDBacl{$authuser} =~ /d/ ?
+                qq(<form action="/ip/cgi-bin/main.cgi" method=POST>\n).
+                qq(<input type=hidden name=action value="delete">\n).
+                qq(<input type=hidden name=block value="$master">\n).
+                qq(<input type=hidden name=alloctype value="mm">\n).
+                qq(<input type=submit value=" Remove this master ">\n).
+                qq(</form></center>\n) :
+                '');
 
   } # end check for existence of routed blocks in master
@@ -573 +404 @@
 # not have anything useful to spew.
 sub showRBlock {
-  printHeader('');
 
   my $master = new NetAddr::IP $webvar{block};
@@ -621 +451 @@
     print qq(<hr width="60%"><center><div class="heading">No allocations in ).
         qq($master.</div></center>\n).
-        qq(<form action="/ip/cgi-bin/main.cgi" method=POST>\n).
-        qq(<input type=hidden name=action value="delete">\n).
-        qq(<input type=hidden name=block value="$master">\n).
-        qq(<input type=hidden name=alloctype value="rm">\n).
-        qq(<input type=submit value=" Remove this block ">\n).
-        qq(</form>\n);
+        ($IPDBacl{$authuser} =~ /d/ ?
+                qq(<form action="/ip/cgi-bin/main.cgi" method=POST>\n).
+                qq(<input type=hidden name=action value="delete">\n).
+                qq(<input type=hidden name=block value="$master">\n).
+                qq(<input type=hidden name=alloctype value="rm">\n).
+                qq(<input type=submit value=" Remove this block ">\n).
+                qq(</form>\n) :
+                '');
   }
 
@@ -645 +477 @@
     # Include some HairyPerl(TM) to prefix subblocks with "Sub "
     my @row = ((($data[1] ne 'y' && $data[1] ne 'n') ? 'Sub ' : '').
-        qq(<a href="/ip/cgi-bin/main.cgi?action=assign&block=$cidr&fbtype=$data[1]">$cidr</a>),
+        ($IPDBacl{$authuser} =~ /a/ ? qq(<a href="/ip/cgi-bin/main.cgi?action=assign&block=$cidr&fbtype=$data[1]">$cidr</a>) : $cidr),
         $cidr->range);
     printRow(\@row, 'color1') if ($count%2 == 0);
@@ -658 +490 @@
 # List the IPs used in a pool
 sub listPool {
-  printHeader('');
 
   my $cidr = new NetAddr::IP $webvar{pool};
@@ -704 +535 @@
     my @row = ( qq(<a href="/ip/cgi-bin/main.cgi?action=edit&block=$data[0]">$data[0]</a>),
         $data[1],$data[2],$data[3],
-        ( ($data[2] eq 'n') ?
+        ( (($data[2] eq 'n') && ($IPDBacl{$authuser} =~ /d/)) ?
           ("<a href=\"/ip/cgi-bin/main.cgi?action=delete&block=$data[0]&".
            "alloctype=$data[4]\">Unassign this IP</a>") :
@@ -721 +552 @@
 # be one of two templates, and the lists come from the database.
 sub assignBlock {
-  printHeader('');
+
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
 
   my $html;
@@ -799 +634 @@
 # Take info on requested IP assignment and see what we can provide.
 sub confirmAssign {
-  printHeader('');
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
 
   my $cidr;
@@ -958 +796 @@
 # Do the work of actually inserting a block in the database.
 sub insertAssign {
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
   # Some things are done more than once.
-  printHeader('');
   return if !validateInput();
 
@@ -973 +814 @@
       print qq(<div class="center"><div class="heading">The IP $msg has been allocated to customer $webvar{custid}</div></div>);
       # Notify tech@example.com
-      mailNotify('tech@example.com',"ADDED: $disp_alloctypes{$webvar{alloctype}} allocation",
-        "$disp_alloctypes{$webvar{alloctype}} $msg allocated to customer $webvar{custid}\n".
-        "Description: $webvar{desc}\n\nAllocated by: $authuser\n");
+#      mailNotify('tech@example.com',"ADDED: $disp_alloctypes{$webvar{alloctype}} allocation",
+#       "$disp_alloctypes{$webvar{alloctype}} $msg allocated to customer $webvar{custid}\n".
+#       "Description: $webvar{desc}\n\nAllocated by: $authuser\n");
     } else {
       print qq(<div class="center"><div class="heading">The block $webvar{fullcidr} was ).
@@ -981 +822 @@
     }
     syslog "notice", "$authuser allocated '$webvar{fullcidr}' to '$webvar{custid}' as ".
-        "'$webvar{alloctype}'";
+        "'$webvar{alloctype}' ($msg)";
   } else {
     syslog "err", "Allocation of '$webvar{fullcidr}' to '$webvar{custid}' as ".
@@ -1057 +898 @@
 # action=edit
 sub edit {
-  printHeader('');
 
   my $sql;
@@ -1064 +904 @@
   # because I'm lazy, we'll try to make the SELECT's bring out identical)ish) data
   if ($webvar{block} =~ /\/32$/) {
-    $sql = "select ip,custid,type,city,circuitid,description,notes from poolips where ip='$webvar{block}'";
+    $sql = "select ip,custid,type,city,circuitid,description,notes,modifystamp from poolips where ip='$webvar{block}'";
   } else {
-    $sql = "select cidr,custid,type,city,circuitid,description,notes from allocations where cidr='$webvar{block}'"
+    $sql = "select cidr,custid,type,city,circuitid,description,notes,modifystamp from allocations where cidr='$webvar{block}'"
   }
 
@@ -1076 +916 @@
   # Clean up extra whitespace on alloc type
   $data[2] =~ s/\s//;
-
-##fixme LEGACY CODE
-  # Postfix "i" on pool IP types
-  if ($data[2] =~ /^[cdsmw]$/) {
-    $data[2] .= "i";
-  }
 
   open (HTML, "../editDisplay.html")
@@ -1093 +927 @@
 # Needs thinking.  Have to allow changes to city to correct errors, no?
   $html =~ s/\$\$BLOCK\$\$/$webvar{block}/g;
-  $html =~ s/\$\$CITY\$\$/$data[3]/g;
+
+  if ($IPDBacl{$authuser} =~ /c/) {
+    $html =~ s/\$\$CUSTID\$\$/<input type=text name=custid value="$data[1]" maxlength=15 class="regular">/;
 
 # Screw it.  Changing allocation types gets very ugly VERY quickly- especially
@@ -1102 +938 @@
 
 ##fixme The check here should be built from the database
-  if ($data[2] =~ /^.[ne]$/) {
-    # Block that can be changed
-    my $blockoptions = "<select name=alloctype><option".
+    if ($data[2] =~ /^.[ne]$/) {
+      # Block that can be changed
+      my $blockoptions = "<select name=alloctype><option".
         (($data[2] eq 'me') ? ' selected' : '') ." value='me'>Dialup netblock</option>\n<option".
-        (($data[2] eq 'de') ? ' selected' : '') ." value='de'>Dynamic DSL netblock</option>\n<option".  (($data[2] eq 'dc') ? ' selected' : '') ." value='dc'>Dynamic cable netblock</option>\n<option".
-        (($data[2] eq 'ce') ? ' selected' : '') ." value='ce'>Dynamic cable netblock</option>\n<option".        (($data[2] eq 'dc') ? ' selected' : '') ." value='dc'>Dynamic cable netblock</option>\n<option".
-        (($data[2] eq 'we') ? ' selected' : '') ." value='we'>Dynamic wireless netblock</option>\n<option".     (($data[2] eq 'dc') ? ' selected' : '') ." value='dc'>Dynamic cable netblock</option>\n<option".
+        (($data[2] eq 'de') ? ' selected' : '') ." value='de'>Dynamic DSL netblock</option>\n<option".
+        (($data[2] eq 'ce') ? ' selected' : '') ." value='ce'>Dynamic cable netblock</option>\n<option".
+        (($data[2] eq 'we') ? ' selected' : '') ." value='we'>Dynamic wireless netblock</option>\n<option".
         (($data[2] eq 'cn') ? ' selected' : '') ." value='cn'>Customer netblock</option>\n<option".
         (($data[2] eq 'en') ? ' selected' : '') ." value='en'>End-use netblock</option>\n<option".
         (($data[2] eq 'in') ? ' selected' : '') ." value='in'>Internal netblock</option>\n".
         "</select>\n";
-    $html =~ s/\$\$TYPESELECT\$\$/$blockoptions/g;
+      $html =~ s/\$\$TYPESELECT\$\$/$blockoptions/g;
+    } else {
+      $html =~ s/\$\$TYPESELECT\$\$/$disp_alloctypes{$data[2]}<input type=hidden name=alloctype value="$data[2]">/g;
+    }
+    $html =~ s/\$\$CITY\$\$/<input type=text name=city value="$data[3]">/g;
+    $html =~ s/\$\$CIRCID\$\$/<input type="text" name="circid" value="$data[4]" maxlength=64 size=64 class="regular">/g;
+    $html =~ s/\$\$DESC\$\$/<input type="text" name="desc" value="$data[5]" maxlength=64 size=64 class="regular">/g;
+    $html =~ s|\$\$NOTES\$\$|<textarea rows="8" cols="64" name="notes" class="regular">$data[6]</textarea>|g;
   } else {
-    $html =~ s/\$\$TYPESELECT\$\$/$disp_alloctypes{$data[2]}<input type=hidden name=alloctype value="$data[2]">/g;
-  }
-
-  # These can be modified, although CustID changes may get ignored.
-  $html =~ s/\$\$CUSTID\$\$/$data[1]/g;
-  $html =~ s/\$\$TYPE\$\$/$data[2]/g;
-  $html =~ s/\$\$CIRCID\$\$/$data[4]/g;
-  $html =~ s/\$\$DESC\$\$/$data[5]/g;
-  $html =~ s/\$\$NOTES\$\$/$data[6]/g;
+    $html =~ s/\$\$CUSTID\$\$/$data[1]/g;
+    $html =~ s/\$\$TYPESELECT\$\$/$disp_alloctypes{$data[2]}/g;
+    $html =~ s/\$\$CITY\$\$/$data[3]/g;
+    $html =~ s/\$\$CIRCID\$\$/$data[4]/g;
+    $html =~ s/\$\$DESC\$\$/$data[5]/g;
+    $html =~ s/\$\$NOTES\$\$/$data[6]/g;
+  }
+  my ($lastmod,undef) = split /\s+/, $data[7];
+  $html =~ s/\$\$LASTMOD\$\$/$lastmod/g;
+
+  # Allows us to "correctly" colour backgrounds in table
+  my $i=1;
+
+  # More ACL trickery - we can live with forms that don't submit,
+  # but we can't leave the extra table rows there, and we *really*
+  # can't leave the submit buttons there.
+  my $updok = '';
+  if ($IPDBacl{$authuser} =~ /c/) {
+    $updok = qq(<tr class="color$i"><td colspan=2><div class="center">).
+        qq(<input type="submit" value=" Update this block " class="regular">).
+        "</div></td></tr></form>\n";
+    $i++;
+  }
+  $html =~ s/\$\$UPDOK\$\$/$updok/g;
+
+  my $delok = '';
+  if ($IPDBacl{$authuser} =~ /d/) {
+    $delok = qq(<form method="POST" action="main.cgi">
+        <tr class="color$i"><td colspan=2 class="regular"><div class=center>
+        <input type="hidden" name="action" value="delete">
+        <input type="hidden" name="block" value="$webvar{block}">
+        <input type="hidden" name="alloctype" value="$data[2]">
+        <input type=submit value=" Delete this block ">
+        </div></td></tr>);
+  }
+  $html =~ s/\$\$DELOK\$\$/$delok/;
 
   print $html;
@@ -1133 +1003 @@
 # action=update
 sub update {
-  printHeader('');
 
   # Make sure incoming data is in correct format - custID among other things.
-  validateInput;
+  return if !validateInput;
 
   # SQL transaction wrapper
@@ -1143 +1012 @@
     my $sql;
     if (my $pooltype = ($webvar{alloctype} =~ /^(.)i$/) ) {
-      # Note the hack ( available='n' ) to work around "update" additions
-      # to static IP space.  Eww.
       $sql = "update poolips set custid='$webvar{custid}',notes='$webvar{notes}',".
-        "circuitid='$webvar{circid}',description='$webvar{desc}',available='n' ".
+        "circuitid='$webvar{circid}',description='$webvar{desc}',city='$webvar{city}' ".
         "where ip='$webvar{block}'";
     } else {
@@ -1194 +1061 @@
 # Delete an allocation.
 sub remove {
-  printHeader('');
+  if ($IPDBacl{$authuser} !~ /d/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
+
   #show confirm screen.
   open HTML, "../confirmRemove.html"
@@ -1284 +1155 @@
 # Remove IPs from pool listing if necessary
 sub finalDelete {
-  printHeader('');
+  if ($IPDBacl{$authuser} !~ /d/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
 
   my ($code,$msg) = deleteBlock($ip_dbh, $webvar{block}, $webvar{alloctype});
@@ -1292 +1166 @@
     syslog "notice", "$authuser deallocated '$webvar{alloctype}'-type netblock $webvar{block}";
     # Notify tech@ when a block/IP is deallocated
-    mailNotify('tech@example.com',"REMOVED: $disp_alloctypes{$webvar{alloctype}} $webvar{block}",
-        "$disp_alloctypes{$webvar{alloctype}} $webvar{block} deallocated by $authuser\n");
+#    mailNotify('tech@example.com',"REMOVED: $disp_alloctypes{$webvar{alloctype}} $webvar{block}",
+#       "$disp_alloctypes{$webvar{alloctype}} $webvar{block} deallocated by $authuser\n");
   } else {
     if ($webvar{alloctype} =~ /^.i$/) {
@@ -1307 +1181 @@
 
 
+sub exitError {
+  my $errStr = $_[0];
+  printHeader('','');
+  print qq(<center><p class="regular"> $errStr </p>
+<input type="button" value="Back" onclick="history.go(-1)">
+</center>
+);
+  printFooter();
+  exit;
+} # errorExit
+
+
 # Just in case we manage to get here.
 exit 0;