/usr/local/www/system_usermanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_usermanager.php @ 3642b348

1	1df17ba9	Scott Ullrich	<?php
2			/* $Id$ */
3	fab7ff44	Bill Marquette	/*
4	4c291f4c	Renato Botelho	system_usermanager.php
5			part of m0n0wall (http://m0n0.ch/wall)
6
7	29aef6c4	Jim Thompson	part of pfSense
8	6317d31d	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
9	29aef6c4	Jim Thompson	All rights reserved.
10
11	4c291f4c	Renato Botelho	Copyright (C) 2008 Shrew Soft Inc.
12			All rights reserved.
13
14			Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
15			All rights reserved.
16
17			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
18			All rights reserved.
19
20			Redistribution and use in source and binary forms, with or without
21			modification, are permitted provided that the following conditions are met:
22
23			1. Redistributions of source code must retain the above copyright notice,
24			this list of conditions and the following disclaimer.
25
26			2. Redistributions in binary form must reproduce the above copyright
27			notice, this list of conditions and the following disclaimer in the
28			documentation and/or other materials provided with the distribution.
29
30			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
31			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
32			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
33			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
34			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
35			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
36			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
37			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
38			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
39			POSSIBILITY OF SUCH DAMAGE.
40	fab7ff44	Bill Marquette	*/
41	1d333258	Scott Ullrich	/*
42	3ccb9689	Charlie Marshall	pfSense_BUILDER_BINARIES:
43	1d333258	Scott Ullrich	pfSense_MODULE: auth
44			*/
45	fab7ff44	Bill Marquette
46	6b07c15a	Matthew Grooms	##\|+PRIV
47			##\|*IDENT=page-system-usermanager
48			##\|*NAME=System: User Manager page
49			##\|*DESCR=Allow access to the 'System: User Manager' page.
50			##\|MATCH=system_usermanager.php
51			##\|-PRIV
52
53	ead24d63	sullrich	require("certs.inc");
54	fab7ff44	Bill Marquette	require("guiconfig.inc");
55
56	31b53653	Scott Ullrich
57	e33be77c	Ermal	// start admin user code
58			$pgtitle = array(gettext("System"),gettext("User Manager"));
59	fab7ff44	Bill Marquette
60	1a6769a6	Renato Botelho	if (isset($_POST['userid']) && is_numericint($_POST['userid']))
61			$id = $_POST['userid'];
62	1df17ba9	Scott Ullrich
63	1a6769a6	Renato Botelho	if (!isset($config['system']['user']) \|\| !is_array($config['system']['user']))
64	e33be77c	Ermal	$config['system']['user'] = array();
65	1df17ba9	Scott Ullrich
66	e33be77c	Ermal	$a_user = &$config['system']['user'];
67	45ee90ed	Matthew Grooms
68	7c2d0050	Renato Botelho	if (isset($_SERVER['HTTP_REFERER']))
69			$referer = $_SERVER['HTTP_REFERER'];
70			else
71			$referer = '/system_usermanager.php';
72
73	adacdf5f	jim-p	if (isset($id) && $a_user[$id]) {
74			$pconfig['usernamefld'] = $a_user[$id]['name'];
75			$pconfig['descr'] = $a_user[$id]['descr'];
76			$pconfig['expires'] = $a_user[$id]['expires'];
77			$pconfig['groups'] = local_user_get_groups($a_user[$id]);
78			$pconfig['utype'] = $a_user[$id]['scope'];
79			$pconfig['uid'] = $a_user[$id]['uid'];
80			$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
81			$pconfig['priv'] = $a_user[$id]['priv'];
82			$pconfig['ipsecpsk'] = $a_user[$id]['ipsecpsk'];
83			$pconfig['disabled'] = isset($a_user[$id]['disabled']);
84			}
85
86	1a6769a6	Renato Botelho	if ($_POST['act'] == "deluser") {
87	45ee90ed	Matthew Grooms
88	fbe0d698	Renato Botelho	if (!isset($_POST['username']) \|\| !isset($a_user[$id]) \|\| ($_POST['username'] != $a_user[$id]['name'])) {
89	e33be77c	Ermal	pfSenseHeader("system_usermanager.php");
90			exit;
91	6b07c15a	Matthew Grooms	}
92
93	8a0ae97f	Renato Botelho	conf_mount_rw();
94	e33be77c	Ermal	local_user_del($a_user[$id]);
95	8a0ae97f	Renato Botelho	conf_mount_ro();
96	e33be77c	Ermal	$userdeleted = $a_user[$id]['name'];
97			unset($a_user[$id]);
98			write_config();
99			$savemsg = gettext("User")." {$userdeleted} ".
100	8cd558b6	ayvis	gettext("successfully deleted")."<br />";
101	e33be77c	Ermal	}
102	1a6769a6	Renato Botelho	else if ($_POST['act'] == "delpriv") {
103	6b07c15a	Matthew Grooms
104	e33be77c	Ermal	if (!$a_user[$id]) {
105			pfSenseHeader("system_usermanager.php");
106			exit;
107	45ee90ed	Matthew Grooms	}
108
109	1a6769a6	Renato Botelho	$privdeleted = $priv_list[$a_user[$id]['priv'][$_POST['privid']]]['name'];
110			unset($a_user[$id]['priv'][$_POST['privid']]);
111	e33be77c	Ermal	local_user_set($a_user[$id]);
112			write_config();
113	1a6769a6	Renato Botelho	$_POST['act'] = "edit";
114	e33be77c	Ermal	$savemsg = gettext("Privilege")." {$privdeleted} ".
115	8cd558b6	ayvis	gettext("successfully deleted")."<br />";
116	e33be77c	Ermal	}
117	1a6769a6	Renato Botelho	else if ($_POST['act'] == "expcert") {
118	93823b10	Matthew Grooms
119	e33be77c	Ermal	if (!$a_user[$id]) {
120			pfSenseHeader("system_usermanager.php");
121	93823b10	Matthew Grooms	exit;
122			}
123
124	1a6769a6	Renato Botelho	$cert =& lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
125	93823b10	Matthew Grooms
126	e33be77c	Ermal	$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.crt");
127			$exp_data = base64_decode($cert['crt']);
128			$exp_size = strlen($exp_data);
129	93823b10	Matthew Grooms
130	e33be77c	Ermal	header("Content-Type: application/octet-stream");
131			header("Content-Disposition: attachment; filename={$exp_name}");
132			header("Content-Length: $exp_size");
133			echo $exp_data;
134			exit;
135			}
136	1a6769a6	Renato Botelho	else if ($_POST['act'] == "expckey") {
137	93823b10	Matthew Grooms
138	e33be77c	Ermal	if (!$a_user[$id]) {
139			pfSenseHeader("system_usermanager.php");
140	93823b10	Matthew Grooms	exit;
141			}
142
143	1a6769a6	Renato Botelho	$cert =& lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
144	58fdb8ad	Matthew Grooms
145	e33be77c	Ermal	$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.key");
146			$exp_data = base64_decode($cert['prv']);
147			$exp_size = strlen($exp_data);
148	58fdb8ad	Matthew Grooms
149	e33be77c	Ermal	header("Content-Type: application/octet-stream");
150			header("Content-Disposition: attachment; filename={$exp_name}");
151			header("Content-Length: $exp_size");
152			echo $exp_data;
153			exit;
154			}
155	1a6769a6	Renato Botelho	else if ($_POST['act'] == "delcert") {
156	58fdb8ad	Matthew Grooms
157	e33be77c	Ermal	if (!$a_user[$id]) {
158			pfSenseHeader("system_usermanager.php");
159			exit;
160	45ee90ed	Matthew Grooms	}
161
162	1a6769a6	Renato Botelho	$certdeleted = lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
163	e33be77c	Ermal	$certdeleted = $certdeleted['descr'];
164	1a6769a6	Renato Botelho	unset($a_user[$id]['cert'][$_POST['certid']]);
165	e33be77c	Ermal	write_config();
166	1a6769a6	Renato Botelho	$_POST['act'] = "edit";
167	e33be77c	Ermal	$savemsg = gettext("Certificate")." {$certdeleted} ".
168	8cd558b6	ayvis	gettext("association removed.")."<br />";
169	e33be77c	Ermal	}
170	1a6769a6	Renato Botelho	else if ($_POST['act'] == "new") {
171	e33be77c	Ermal	/*
172			* set this value cause the text field is read only
173			* and the user should not be able to mess with this
174			* setting.
175			*/
176			$pconfig['utype'] = "user";
177			$pconfig['lifetime'] = 3650;
178			}
179	45ee90ed	Matthew Grooms
180	4e21c82e	bruno	if(isset($_POST['dellall_x'])) {
181
182			$del_users = $_POST['delete_check'];
183
184			if(!empty($del_users)) {
185			foreach($del_users as $userid) {
186			if (isset($a_user[$userid]) && $a_user[$userid]['scope'] != "system") {
187			conf_mount_rw();
188			local_user_del($a_user[$userid]);
189			conf_mount_ro();
190			unset($a_user[$userid]);
191			}
192			}
193			$savemsg = gettext("Selected users removed successfully!");
194			write_config($savemsg);
195			}
196			}
197
198	1a6769a6	Renato Botelho	if ($_POST['save']) {
199	e33be77c	Ermal	unset($input_errors);
200			$pconfig = $_POST;
201	45ee90ed	Matthew Grooms
202	e33be77c	Ermal	/* input validation */
203			if (isset($id) && ($a_user[$id])) {
204			$reqdfields = explode(" ", "usernamefld");
205			$reqdfieldsn = array(gettext("Username"));
206			} else {
207			if (empty($_POST['name'])) {
208			$reqdfields = explode(" ", "usernamefld passwordfld1");
209			$reqdfieldsn = array(
210			gettext("Username"),
211			gettext("Password"));
212	45ee90ed	Matthew Grooms	} else {
213	e33be77c	Ermal	$reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime");
214			$reqdfieldsn = array(
215			gettext("Username"),
216			gettext("Password"),
217			gettext("Descriptive name"),
218			gettext("Certificate authority"),
219			gettext("Key length"),
220			gettext("Lifetime"));
221	45ee90ed	Matthew Grooms	}
222	e33be77c	Ermal	}
223	45ee90ed	Matthew Grooms
224	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
225	45ee90ed	Matthew Grooms
226	e33be77c	Ermal	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
227			$input_errors[] = gettext("The username contains invalid characters.");
228	45ee90ed	Matthew Grooms
229	e33be77c	Ermal	if (strlen($_POST['usernamefld']) > 16)
230			$input_errors[] = gettext("The username is longer than 16 characters.");
231	94d455da	jim-p
232	e33be77c	Ermal	if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
233			$input_errors[] = gettext("The passwords do not match.");
234	45ee90ed	Matthew Grooms
235	123d8700	Renato Botelho	if (isset($_POST['ipsecpsk']) && !preg_match('/^[[:ascii:]]*$/', $_POST['ipsecpsk']))
236			$input_errors[] = gettext("IPsec Pre-Shared Key contains invalid characters.");
237
238	e33be77c	Ermal	if (isset($id) && $a_user[$id])
239			$oldusername = $a_user[$id]['name'];
240			else
241			$oldusername = "";
242			/* make sure this user name is unique */
243			if (!$input_errors) {
244			foreach ($a_user as $userent) {
245			if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
246			$input_errors[] = gettext("Another entry with the same username already exists.");
247			break;
248	58664cc9	Scott Ullrich	}
249	3dec33d4	Erik Fonnesbeck	}
250	e33be77c	Ermal	}
251			/* also make sure it is not reserved */
252			if (!$input_errors) {
253			$system_users = explode("\n", file_get_contents("/etc/passwd"));
254			foreach ($system_users as $s_user) {
255			$ent = explode(":", $s_user);
256			if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
257			$input_errors[] = gettext("That username is reserved by the system.");
258			break;
259	8339ab6d	jim-p	}
260	7e4a4513	Scott Ullrich	}
261	e33be77c	Ermal	}
262	1df17ba9	Scott Ullrich
263	e33be77c	Ermal	/*
264	4c40e2a7	Phil Davis	* Check for a valid expiration date if one is set at all (valid means,
265	4d148b59	Yehuda Katz	* DateTime puts out a time stamp so any DateTime compatible time
266	e33be77c	Ermal	* format may be used. to keep it simple for the enduser, we only
267			* claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
268			* like "+1 day", which will be converted to MM/DD/YYYY based on "now".
269	4c40e2a7	Phil Davis	* Otherwise such an entry would lead to an invalid expiration data.
270	e33be77c	Ermal	*/
271			if ($_POST['expires']){
272	4d148b59	Yehuda Katz	try {
273			$expdate = new DateTime($_POST['expires']);
274			//convert from any DateTime compatible date to MM/DD/YYYY
275			$_POST['expires'] = $expdate->format("m/d/Y");
276			} catch ( Exception $ex ) {
277	e33be77c	Ermal	$input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead.");
278	0092b3bd	mgrooms	}
279	e33be77c	Ermal	}
280	0092b3bd	mgrooms
281	e33be77c	Ermal	if (!empty($_POST['name'])) {
282			$ca = lookup_ca($_POST['caref']);
283	4c291f4c	Renato Botelho	if (!$ca)
284			$input_errors[] = gettext("Invalid internal Certificate Authority") . "\n";
285	e33be77c	Ermal	}
286	c9794c06	Ermal
287	e33be77c	Ermal	/* if this is an AJAX caller then handle via JSON */
288			if (isAjax() && is_array($input_errors)) {
289			input_errors2Ajax($input_errors);
290			exit;
291			}
292	1df17ba9	Scott Ullrich
293	e33be77c	Ermal	if (!$input_errors) {
294			conf_mount_rw();
295			$userent = array();
296			if (isset($id) && $a_user[$id])
297			$userent = $a_user[$id];
298	e879fc81	Ermal
299	e33be77c	Ermal	isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
300
301			/* the user name was modified */
302	5372d26d	Phil Davis	if (!empty($_POST['oldusername']) && ($_POST['usernamefld'] <> $_POST['oldusername'])) {
303	e33be77c	Ermal	$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
304	fdcf104c	jim-p	local_user_del($userent);
305			}
306	1df17ba9	Scott Ullrich
307	4c40e2a7	Phil Davis	/* the user password was modified */
308	e33be77c	Ermal	if ($_POST['passwordfld1'])
309			local_user_set_password($userent, $_POST['passwordfld1']);
310	1df17ba9	Scott Ullrich
311	e33be77c	Ermal	$userent['name'] = $_POST['usernamefld'];
312			$userent['descr'] = $_POST['descr'];
313			$userent['expires'] = $_POST['expires'];
314			$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
315			$userent['ipsecpsk'] = $_POST['ipsecpsk'];
316	3ccb9689	Charlie Marshall
317	e33be77c	Ermal	if($_POST['disabled'])
318			$userent['disabled'] = true;
319	3ccb9689	Charlie Marshall	else
320	e33be77c	Ermal	unset($userent['disabled']);
321
322			if (isset($id) && $a_user[$id])
323			$a_user[$id] = $userent;
324			else {
325			if (!empty($_POST['name'])) {
326			$cert = array();
327			$cert['refid'] = uniqid();
328	4c291f4c	Renato Botelho	$userent['cert'] = array();
329	e33be77c	Ermal
330			$cert['descr'] = $_POST['name'];
331
332	4c291f4c	Renato Botelho	$subject = cert_get_subject_array($ca['crt']);
333	e33be77c	Ermal
334	4c291f4c	Renato Botelho	$dn = array(
335			'countryName' => $subject[0]['v'],
336			'stateOrProvinceName' => $subject[1]['v'],
337			'localityName' => $subject[2]['v'],
338			'organizationName' => $subject[3]['v'],
339			'emailAddress' => $subject[4]['v'],
340			'commonName' => $userent['name']);
341	e33be77c	Ermal
342			cert_create($cert, $_POST['caref'], $_POST['keylen'],
343			(int)$_POST['lifetime'], $dn);
344
345			if (!is_array($config['cert']))
346			$config['cert'] = array();
347			$config['cert'][] = $cert;
348			$userent['cert'][] = $cert['refid'];
349			}
350			$userent['uid'] = $config['system']['nextuid']++;
351			/* Add the user to All Users group. */
352			foreach ($config['system']['group'] as $gidx => $group) {
353			if ($group['name'] == "all") {
354			if (!is_array($config['system']['group'][$gidx]['member']))
355			$config['system']['group'][$gidx]['member'] = array();
356			$config['system']['group'][$gidx]['member'][] = $userent['uid'];
357			break;
358			}
359			}
360	970db70b	Scott Ullrich
361	e33be77c	Ermal	$a_user[] = $userent;
362	45ee90ed	Matthew Grooms	}
363	e33be77c	Ermal
364			local_user_set($userent);
365	5372d26d	Phil Davis	local_user_set_groups($userent,$_POST['groups']);
366	e33be77c	Ermal	write_config();
367
368			if(is_dir("/etc/inc/privhooks"))
369			run_plugins("/etc/inc/privhooks");
370
371			conf_mount_ro();
372	3ccb9689	Charlie Marshall
373	e33be77c	Ermal	pfSenseHeader("system_usermanager.php");
374	45ee90ed	Matthew Grooms	}
375	e33be77c	Ermal	}
376	fab7ff44	Bill Marquette
377	9ef4289c	Colin Fleming	$closehead = false;
378	e33be77c	Ermal	include("head.inc");
379	1df17ba9	Scott Ullrich	?>
380	fab7ff44	Bill Marquette
381	12c2ec2e	Charlie Marshall	<link rel="stylesheet" type="text/css" href="/javascript/jquery-ui-timepicker-addon/css/jquery-ui-timepicker-addon.css" />
382	b9cf74c3	Renato Botelho	<link rel="stylesheet" type="text/css" href="/javascript/jquery/jquery-ui-1.11.1.css" />
383	12c2ec2e	Charlie Marshall
384	b27efa5d	bruno	<script type="text/javascript" src="/javascript/row_toggle.js"></script>
385	07130afe	ayvis	<script type="text/javascript">
386	9ef4289c	Colin Fleming	//<![CDATA[
387	12c2ec2e	Charlie Marshall	jQuery(function() {
388	23991e58	Charlie Marshall	jQuery( "#expires" ).datepicker( { dateFormat: 'mm/dd/yy', changeYear: true, yearRange: "+0:+100" } );
389	12c2ec2e	Charlie Marshall	});
390	9ef4289c	Colin Fleming	//]]>
391	12c2ec2e	Charlie Marshall	</script>
392	9ef4289c	Colin Fleming	</head>
393	12c2ec2e	Charlie Marshall
394	6db7ee23	xbipin	<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
395	6b07c15a	Matthew Grooms	<?php include("fbegin.inc"); ?>
396	12c2ec2e	Charlie Marshall
397	6b8588c6	Colin Fleming	<script type="text/javascript">
398			//<![CDATA[
399	6b07c15a	Matthew Grooms
400			function setall_selected(id) {
401			selbox = document.getElementById(id);
402			count = selbox.options.length;
403			for (index = 0; index<count; index++)
404			selbox.options[index].selected = true;
405			}
406
407	61dec0b0	Renato Botelho	function delete_empty(id) {
408			selbox = document.getElementById(id);
409			count = selbox.options.length;
410			for (index = 0; index<count; index++)
411			if (selbox.options[index].value == '')
412			selbox.remove(index);
413			}
414
415	6b07c15a	Matthew Grooms	function clear_selected(id) {
416			selbox = document.getElementById(id);
417			count = selbox.options.length;
418			for (index = 0; index<count; index++)
419			selbox.options[index].selected = false;
420			}
421
422			function remove_selected(id) {
423			selbox = document.getElementById(id);
424			index = selbox.options.length - 1;
425			for (; index >= 0; index--)
426			if (selbox.options[index].selected)
427			selbox.remove(index);
428			}
429
430			function copy_selected(srcid, dstid) {
431			src_selbox = document.getElementById(srcid);
432			dst_selbox = document.getElementById(dstid);
433	4c4c59b9	Renato Botelho	count = dst_selbox.options.length;
434			for (index = count - 1; index >= 0; index--) {
435			if (dst_selbox.options[index].value == '') {
436			dst_selbox.remove(index);
437			}
438			}
439	6b07c15a	Matthew Grooms	count = src_selbox.options.length;
440			for (index = 0; index < count; index++) {
441			if (src_selbox.options[index].selected) {
442			option = document.createElement('option');
443			option.text = src_selbox.options[index].text;
444			option.value = src_selbox.options[index].value;
445			dst_selbox.add(option, null);
446			}
447			}
448			}
449
450			function move_selected(srcid, dstid) {
451			copy_selected(srcid, dstid);
452			remove_selected(srcid);
453			}
454
455			function presubmit() {
456	61dec0b0	Renato Botelho	delete_empty('groups');
457			delete_empty('notgroups');
458	6b07c15a	Matthew Grooms	clear_selected('notgroups');
459			setall_selected('groups');
460			}
461
462	c9794c06	Ermal	function usercertClicked(obj) {
463			if (obj.checked) {
464			document.getElementById("usercertchck").style.display="none";
465			document.getElementById("usercert").style.display="";
466			} else {
467			document.getElementById("usercert").style.display="none";
468			document.getElementById("usercertchck").style.display="";
469			}
470			}
471
472			function sshkeyClicked(obj) {
473	4c291f4c	Renato Botelho	if (obj.checked) {
474			document.getElementById("sshkeychck").style.display="none";
475			document.getElementById("sshkey").style.display="";
476			} else {
477			document.getElementById("sshkey").style.display="none";
478			document.getElementById("sshkeychck").style.display="";
479			}
480	c9794c06	Ermal	}
481	6b8588c6	Colin Fleming	//]]>
482	6b07c15a	Matthew Grooms	</script>
483	1df17ba9	Scott Ullrich	<?php
484	45ee90ed	Matthew Grooms	if ($input_errors)
485			print_input_errors($input_errors);
486			if ($savemsg)
487			print_info_box($savemsg);
488	1df17ba9	Scott Ullrich	?>
489	6b8588c6	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="user manager">
490	45ee90ed	Matthew Grooms	<tr>
491	e30001cf	Matthew Grooms	<td>
492	4c291f4c	Renato Botelho	<?php
493	45ee90ed	Matthew Grooms	$tab_array = array();
494			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
495	6b07c15a	Matthew Grooms	$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
496	45ee90ed	Matthew Grooms	$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
497	d799787e	Matthew Grooms	$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
498	45ee90ed	Matthew Grooms	display_top_tabs($tab_array);
499	4c291f4c	Renato Botelho	?>
500	45ee90ed	Matthew Grooms	</td>
501			</tr>
502			<tr>
503	e30001cf	Matthew Grooms	<td id="mainarea">
504			<div class="tabcont">
505	4c291f4c	Renato Botelho	<?php
506	1a6769a6	Renato Botelho	if ($_POST['act'] == "new" \|\| $_POST['act'] == "edit" \|\| $input_errors):
507	4c291f4c	Renato Botelho	?>
508	e30001cf	Matthew Grooms	<form action="system_usermanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
509	1a6769a6	Renato Botelho	<input type="hidden" id="act" name="act" value="" />
510			<input type="hidden" id="userid" name="userid" value="<?=(isset($id) ? $id : '');?>" />
511			<input type="hidden" id="privid" name="privid" value="" />
512			<input type="hidden" id="certid" name="certid" value="" />
513	6b8588c6	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
514	4c291f4c	Renato Botelho	<?php
515			$ro = "";
516			if ($pconfig['utype'] == "system")
517			$ro = "readonly=\"readonly\"";
518			?>
519			<tr>
520			<td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td>
521			<td width="78%" class="vtable">
522			<strong><?=strtoupper(htmlspecialchars($pconfig['utype']));?></strong>
523	6b8588c6	Colin Fleming	<input name="utype" type="hidden" value="<?=htmlspecialchars($pconfig['utype'])?>" />
524	4c291f4c	Renato Botelho	</td>
525			</tr>
526	b4bfd25d	sullrich	<tr>
527	2afddcb1	sullrich	<td width="22%" valign="top" class="vncell"><?=gettext("Disabled");?></td>
528	b4bfd25d	sullrich	<td width="78%" class="vtable">
529	6b8588c6	Colin Fleming	<input name="disabled" type="checkbox" id="disabled" <?php if($pconfig['disabled']) echo "checked=\"checked\""; ?> />
530	b4bfd25d	sullrich	</td>
531			</tr>
532	e30001cf	Matthew Grooms	<tr>
533			<td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td>
534			<td width="78%" class="vtable">
535	6b8588c6	Colin Fleming	<input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" maxlength="16" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?> />
536	e30001cf	Matthew Grooms	<input name="oldusername" type="hidden" id="oldusername" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" />
537			</td>
538			</tr>
539			<tr>
540			<td width="22%" valign="top" class="vncellreq" rowspan="2"><?=gettext("Password");?></td>
541			<td width="78%" class="vtable">
542			<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" value="" />
543			</td>
544			</tr>
545			<tr>
546			<td width="78%" class="vtable">
547			<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" value="" /> <?= gettext("(confirmation)"); ?>
548			</td>
549			</tr>
550			<tr>
551			<td width="22%" valign="top" class="vncell"><?=gettext("Full name");?></td>
552			<td width="78%" class="vtable">
553	6b8588c6	Colin Fleming	<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>" <?=$ro;?> />
554	8cd558b6	ayvis	<br />
555	e30001cf	Matthew Grooms	<?=gettext("User's full name, for your own information only");?>
556			</td>
557			</tr>
558	0092b3bd	mgrooms	<tr>
559	b79454a7	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Expiration date"); ?></td>
560	0092b3bd	mgrooms	<td width="78%" class="vtable">
561	6b8588c6	Colin Fleming	<input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=htmlspecialchars($pconfig['expires']);?>" />
562	8cd558b6	ayvis	<br />
563	b79454a7	Carlos Eduardo Ramos	<span class="vexpl"><?=gettext("Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy"); ?></span></td>
564	0092b3bd	mgrooms	</tr>
565	e30001cf	Matthew Grooms	<tr>
566			<td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td>
567			<td width="78%" class="vtable" align="center">
568	6b8588c6	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="group membership">
569	e30001cf	Matthew Grooms	<tr>
570			<td align="center" width="50%">
571	8cd558b6	ayvis	<strong><?=gettext("Not Member Of"); ?></strong><br />
572			<br />
573	6b8588c6	Colin Fleming	<select size="10" style="width: 75%" name="notgroups[]" class="formselect" id="notgroups" onchange="clear_selected('groups')" multiple="multiple">
574	4c291f4c	Renato Botelho	<?php
575			$rowIndex = 0;
576			foreach ($config['system']['group'] as $group):
577			if ($group['gid'] == 1998) /* all users group */
578			continue;
579			if (is_array($pconfig['groups']) && in_array($group['name'],$pconfig['groups']))
580			continue;
581			$rowIndex++;
582			?>
583	e30001cf	Matthew Grooms	<option value="<?=$group['name'];?>" <?=$selected;?>>
584			<?=htmlspecialchars($group['name']);?>
585			</option>
586	4c291f4c	Renato Botelho	<?php
587			endforeach;
588	b4e9a4da	N0YB	if ($rowIndex == 0)
589			echo "<option></option>";
590	4c291f4c	Renato Botelho	?>
591	e30001cf	Matthew Grooms	</select>
592	8cd558b6	ayvis	<br />
593	e30001cf	Matthew Grooms	</td>
594			<td>
595	8cd558b6	ayvis	<br />
596	e30001cf	Matthew Grooms	<a href="javascript:move_selected('notgroups','groups')">
597	b79454a7	Carlos Eduardo Ramos	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="<?=gettext("Add Groups"); ?>" alt="<?=gettext("Add Groups"); ?>" width="17" height="17" border="0" />
598	e30001cf	Matthew Grooms	</a>
599	8cd558b6	ayvis	<br /><br />
600	e30001cf	Matthew Grooms	<a href="javascript:move_selected('groups','notgroups')">
601	b79454a7	Carlos Eduardo Ramos	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="<?=gettext("Remove Groups"); ?>" alt="<?=gettext("Remove Groups"); ?>" width="17" height="17" border="0" />
602	e30001cf	Matthew Grooms	</a>
603			</td>
604			<td align="center" width="50%">
605	8cd558b6	ayvis	<strong><?=gettext("Member Of"); ?></strong><br />
606			<br />
607	46f6eb78	Renato Botelho	<select size="10" style="width: 75%" name="groups[]" class="formselect" id="groups" onchange="clear_selected('notgroups')" multiple="multiple">
608	4c291f4c	Renato Botelho	<?php
609	b4e9a4da	N0YB	$rowIndex = 0;
610	4c291f4c	Renato Botelho	if (is_array($pconfig['groups'])):
611	e30001cf	Matthew Grooms	foreach ($config['system']['group'] as $group):
612			if ($group['gid'] == 1998) /* all users group */
613			continue;
614			if (!in_array($group['name'],$pconfig['groups']))
615			continue;
616	b4e9a4da	N0YB	$rowIndex++;
617	4c291f4c	Renato Botelho	?>
618	e30001cf	Matthew Grooms	<option value="<?=$group['name'];?>">
619			<?=htmlspecialchars($group['name']);?>
620			</option>
621	4c291f4c	Renato Botelho	<?php
622			endforeach;
623			endif;
624	b4e9a4da	N0YB	if ($rowIndex == 0)
625			echo "<option></option>";
626	4c291f4c	Renato Botelho	?>
627	e30001cf	Matthew Grooms	</select>
628	8cd558b6	ayvis	<br />
629	e30001cf	Matthew Grooms	</td>
630			</tr>
631			</table>
632			<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
633			</td>
634			</tr>
635	4c291f4c	Renato Botelho	<?php
636			if (isset($pconfig['uid'])):
637			?>
638	e30001cf	Matthew Grooms	<tr>
639			<td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td>
640			<td width="78%" class="vtable">
641	6b8588c6	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="privileges">
642	e30001cf	Matthew Grooms	<tr>
643			<td width="20%" class="listhdrr"><?=gettext("Inherited From");?></td>
644			<td width="30%" class="listhdrr"><?=gettext("Name");?></td>
645			<td width="40%" class="listhdrr"><?=gettext("Description");?></td>
646			<td class="list"></td>
647			</tr>
648	4c291f4c	Renato Botelho	<?php
649			$privdesc = get_user_privdesc($a_user[$id]);
650			if(is_array($privdesc)):
651			$i = 0;
652			foreach ($privdesc as $priv):
653			$group = false;
654			if ($priv['group'])
655			$group = $priv['group'];
656			?>
657	e30001cf	Matthew Grooms	<tr>
658			<td class="listlr"><?=$group;?></td>
659			<td class="listr">
660			<?=htmlspecialchars($priv['name']);?>
661			</td>
662			<td class="listbg">
663	4c291f4c	Renato Botelho	<?=htmlspecialchars($priv['descr']);?>
664	e30001cf	Matthew Grooms	</td>
665	6b8588c6	Colin Fleming	<td valign="middle" class="list nowrap">
666	4c291f4c	Renato Botelho	<?php
667			if (!$group):
668			?>
669	1a6769a6	Renato Botelho	<input type="image" name="delpriv[]" width="17" height="17" border="0"
670			src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif"
671			onclick="document.getElementById('privid').value='<?=$i;?>';
672			document.getElementById('userid').value='<?=$id;?>';
673			document.getElementById('act').value='<?php echo "delpriv";?>';
674			return confirm('<?=gettext("Do you really want to delete this privilege?");?>');"
675			title="<?=gettext("delete privilege");?>" />
676	4c291f4c	Renato Botelho	<?php
677			endif;
678			?>
679	e30001cf	Matthew Grooms	</td>
680			</tr>
681	4c291f4c	Renato Botelho	<?php
682			/* can only delete user priv indexes */
683			if (!$group)
684			$i++;
685			endforeach;
686			endif;
687			?>
688	e30001cf	Matthew Grooms	<tr>
689			<td class="list" colspan="3"></td>
690			<td class="list">
691			<a href="system_usermanager_addprivs.php?userid=<?=$id?>">
692	6b8588c6	Colin Fleming	<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="add" />
693	e30001cf	Matthew Grooms	</a>
694			</td>
695			</tr>
696			</table>
697			</td>
698			</tr>
699			<tr>
700			<td width="22%" valign="top" class="vncell"><?=gettext("User Certificates");?></td>
701			<td width="78%" class="vtable">
702	6b8588c6	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="certificates">
703	e30001cf	Matthew Grooms	<tr>
704			<td width="45%" class="listhdrr"><?=gettext("Name");?></td>
705			<td width="45%" class="listhdrr"><?=gettext("CA");?></td>
706			<td class="list"></td>
707			</tr>
708	4c291f4c	Renato Botelho	<?php
709			$a_cert = $a_user[$id]['cert'];
710			if(is_array($a_cert)):
711			$i = 0;
712			foreach ($a_cert as $certref):
713			$cert = lookup_cert($certref);
714			$ca = lookup_ca($cert['caref']);
715			?>
716	e30001cf	Matthew Grooms	<tr>
717			<td class="listlr">
718	f2a86ca9	jim-p	<?=htmlspecialchars($cert['descr']);?>
719	4c291f4c	Renato Botelho	<?php
720			if (is_cert_revoked($cert)):
721			?>
722	150bbe09	jim-p	(<b>Revoked</b>)
723	4c291f4c	Renato Botelho	<?php
724			endif;
725			?>
726	e30001cf	Matthew Grooms	</td>
727			<td class="listr">
728	f2a86ca9	jim-p	<?=htmlspecialchars($ca['descr']);?>
729	e30001cf	Matthew Grooms	</td>
730	6b8588c6	Colin Fleming	<td valign="middle" class="list nowrap">
731	1a6769a6	Renato Botelho	<input type="image" name="expckey[]" width="17" height="17" border="0"
732			src="/themes/<?=$g['theme'];?>/images/icons/icon_down.gif"
733			onclick="document.getElementById('certid').value='<?=$i;?>';
734			document.getElementById('userid').value='<?=$id;?>';
735			document.getElementById('act').value='<?php echo "expckey";?>';"
736			title="<?=gettext("export private key");?>" />
737			<input type="image" name="expcert[]" width="17" height="17" border="0"
738			src="/themes/<?=$g['theme'];?>/images/icons/icon_down.gif"
739			onclick="document.getElementById('certid').value='<?=$i;?>';
740			document.getElementById('userid').value='<?=$id;?>';
741			document.getElementById('act').value='<?php echo "expcert";?>';"
742			title="<?=gettext("export cert");?>" />
743			<input type="image" name="delcert[]" width="17" height="17" border="0"
744			src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif"
745			onclick="document.getElementById('certid').value='<?=$i;?>';
746			document.getElementById('userid').value='<?=$id;?>';
747			document.getElementById('act').value='<?php echo "delcert";?>';
748			return confirm('<?=gettext("Do you really want to remove this certificate association?") .'\n'. gettext("(Certificate will not be deleted)");?>')"
749			title="<?=gettext("delete cert");?>" />
750	e30001cf	Matthew Grooms	</td>
751			</tr>
752	4c291f4c	Renato Botelho	<?php
753			$i++;
754			endforeach;
755			endif;
756			?>
757	e30001cf	Matthew Grooms	<tr>
758			<td class="list" colspan="2"></td>
759			<td class="list">
760	6b8588c6	Colin Fleming	<a href="system_certmanager.php?act=new&userid=<?=$id?>">
761			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="add" />
762	e30001cf	Matthew Grooms	</a>
763			</td>
764			</tr>
765			</table>
766			</td>
767			</tr>
768	45ee90ed	Matthew Grooms
769	4c291f4c	Renato Botelho	<?php
770			else:
771			if (is_array($config['ca']) && count($config['ca']) > 0):
772			$i = 0;
773			foreach( $config['ca'] as $ca) {
774			if (!$ca['prv'])
775			continue;
776			$i++;
777			}
778			?>
779	c9794c06	Ermal
780	6b8588c6	Colin Fleming	<tr id="usercertchck">
781	c9794c06	Ermal	<td width="22%" valign="top" class="vncell"><?=gettext("Certificate");?></td>
782	4c291f4c	Renato Botelho	<td width="78%" class="vtable">
783	6b8588c6	Colin Fleming	<input type="checkbox" onclick="javascript:usercertClicked(this)" /> <?=gettext("Click to create a user certificate."); ?>
784	c9794c06	Ermal	</td>
785			</tr>
786
787	4c291f4c	Renato Botelho	<?php
788			if ($i > 0):
789			?>
790	9ef4289c	Colin Fleming	<tr id="usercert" style="display:none">
791	c9794c06	Ermal	<td width="22%" valign="top" class="vncell"><?=gettext("Certificate");?></td>
792	4c291f4c	Renato Botelho	<td width="78%" class="vtable">
793			<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="certificate">
794			<tr>
795			<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
796			<td width="78%" class="vtable">
797			<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>" />
798			</td>
799			</tr>
800			<tr>
801			<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate authority");?></td>
802			<td width="78%" class="vtable">
803			<select name='caref' id='caref' class="formselect" onchange='internalca_change()'>
804			<?php
805			$rowIndex = 0;
806			foreach( $config['ca'] as $ca):
807			if (!$ca['prv'])
808			continue;
809			$rowIndex++;
810			?>
811			<option value="<?=$ca['refid'];?>"><?=$ca['descr'];?></option>
812			<?php
813			endforeach;
814			if ($rowIndex == 0)
815			echo "<option></option>";
816			?>
817			</select>
818			</td>
819			</tr>
820			<tr>
821			<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
822			<td width="78%" class="vtable">
823			<select name='keylen' class="formselect">
824			<?php
825			$cert_keylens = array( "2048", "512", "1024", "4096");
826			foreach( $cert_keylens as $len):
827			?>
828			<option value="<?=$len;?>"><?=$len;?></option>
829			<?php
830			endforeach;
831			if (!count($cert_keylens))
832			echo "<option></option>";
833			?>
834			</select>
835			bits
836			</td>
837			</tr>
838			<tr>
839			<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
840			<td width="78%" class="vtable">
841			<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>" />days
842			</td>
843			</tr>
844			</table>
845	c9794c06	Ermal	</td>
846			</tr>
847	4c291f4c	Renato Botelho	<?php
848			endif;
849			endif;
850			endif;
851			?>
852	1c8faa89	jim-p	<tr id="sshkeychck" <?php if(!empty($pconfig['authorizedkeys'])) echo 'style="display:none"'; ?>>
853	4c291f4c	Renato Botelho	<td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
854			<td width="78%" class="vtable">
855			<input type="checkbox" onclick="javascript:sshkeyClicked(this)" /> <?=gettext("Click to paste an authorized key."); ?>
856			</td>
857			</tr>
858	1c8faa89	jim-p	<tr id="sshkey" <?php if(empty($pconfig['authorizedkeys'])) echo 'style="display:none"'; ?>>
859	e30001cf	Matthew Grooms	<td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
860			<td width="78%" class="vtable">
861	9ef4289c	Colin Fleming	<script type="text/javascript">
862			//<![CDATA[
863			window.onload=function(){
864			document.getElementById("authorizedkeys").wrap='off';
865			}
866			//]]>
867			</script>
868			<textarea name="authorizedkeys" cols="65" rows="7" id="authorizedkeys" class="formfld_cert"><?=htmlspecialchars($pconfig['authorizedkeys']);?></textarea>
869	8cd558b6	ayvis	<br />
870	e30001cf	Matthew Grooms	<?=gettext("Paste an authorized keys file here.");?>
871			</td>
872			</tr>
873	6b8588c6	Colin Fleming	<tr id="ipsecpskrow">
874	ddd1fb7f	jim-p	<td width="22%" valign="top" class="vncell"><?=gettext("IPsec Pre-Shared Key");?></td>
875			<td width="78%" class="vtable">
876	6b8588c6	Colin Fleming	<input name="ipsecpsk" type="text" class="formfld unknown" id="ipsecpsk" size="65" value="<?=htmlspecialchars($pconfig['ipsecpsk']);?>" />
877	ddd1fb7f	jim-p	</td>
878			</tr>
879	e30001cf	Matthew Grooms	<tr>
880			<td width="22%" valign="top"> </td>
881			<td width="78%">
882	6e707e77	Vinicius Coque	<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
883	f636bc12	Phil Davis	<input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=$referer;?>'" />
884	e30001cf	Matthew Grooms	<?php if (isset($id) && $a_user[$id]): ?>
885	e41ec584	Renato Botelho	<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
886	e30001cf	Matthew Grooms	<?php endif;?>
887			</td>
888			</tr>
889			</table>
890			</form>
891	4c291f4c	Renato Botelho	<?php
892			else:
893			?>
894	1a6769a6	Renato Botelho	<form action="system_usermanager.php" method="post" name="iform2" id="iform2">
895			<input type="hidden" id="act" name="act" value="" />
896			<input type="hidden" id="userid" name="userid" value="<?=(isset($id) ? $id : '');?>" />
897	fbe0d698	Renato Botelho	<input type="hidden" id="username" name="username" value="" />
898	1a6769a6	Renato Botelho	<input type="hidden" id="privid" name="privid" value="" />
899			<input type="hidden" id="certid" name="certid" value="" />
900			<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="">
901			<thead>
902			<tr>
903	b27efa5d	bruno	<th width="5%" class="list"> </th>
904	1a6769a6	Renato Botelho	<th width="25%" class="listhdrr"><?=gettext("Username"); ?></th>
905			<th width="25%" class="listhdrr"><?=gettext("Full name"); ?></th>
906			<th width="5%" class="listhdrr"><?=gettext("Disabled"); ?></th>
907			<th width="25%" class="listhdrr"><?=gettext("Groups"); ?></th>
908			<th width="10%" class="list"></th>
909			</tr>
910			</thead>
911			<tfoot>
912			<tr>
913	b27efa5d	bruno	<td class="list" colspan="5"></td>
914	1a6769a6	Renato Botelho	<td class="list">
915			<input type="image" name="addcert" width="17" height="17" border="0"
916			src="/themes/<?=$g['theme'];?>/images/icons/icon_plus.gif"
917			onclick="document.getElementById('act').value='<?php echo "new";?>';"
918			title="<?=gettext("add user");?>" />
919	4e21c82e	bruno	<input type="image" src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" name="dellall" title="<?=gettext('Delete selected users')?>" onClick="return confirm('<?=gettext("Do you really want to delete selected Users?");?>')" />
920	1a6769a6	Renato Botelho	</td>
921			</tr>
922			<tr>
923	b27efa5d	bruno	<td colspan="5">
924	1a6769a6	Renato Botelho	<p>
925			<?=gettext("Additional users can be added here. User permissions for accessing " .
926			"the webConfigurator can be assigned directly or inherited from group memberships. " .
927			"An icon that appears grey indicates that it is a system defined object. " .
928			"Some system object properties can be modified but they cannot be deleted."); ?>
929			<br /><br />
930			<?=gettext("Accounts created here are also used for other parts of the system " .
931			"such as OpenVPN, IPsec, and Captive Portal.");?>
932			</p>
933			</td>
934			</tr>
935			</tfoot>
936			<tbody>
937			<?php
938			$i = 0;
939			foreach($a_user as $userent):
940			?>
941			<tr ondblclick="document.getElementById('act').value='<?php echo "edit";?>';
942			document.getElementById('userid').value='<?=$i;?>';
943	c4661249	bruno	document.iform2.submit();" id="fr<?=$i?>">
944	b27efa5d	bruno	<td class="list" id="frd<?=$i?>">
945	0fa2086f	bruno	<?php if($userent['scope'] != "system") : ?>
946	b27efa5d	bruno	<input type="checkbox" id="frc<?=$i?>" onclick="fr_bgcolor(<?=$i?>)" name="delete_check[]" value="<?=$i?>" />
947	0fa2086f	bruno	<?php endif; ?>
948	b27efa5d	bruno	</td>
949	4970f1de	bruno	<td class="listlr" id="frd<?=$i?>" onclick="fr_toggle('<?=$i;?>')">
950	1a6769a6	Renato Botelho	<table border="0" cellpadding="0" cellspacing="0" summary="icons">
951			<tr>
952			<td align="left" valign="middle">
953			<?php
954			if($userent['scope'] != "user")
955			$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png";
956			else
957			$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png";
958			?>
959			<img src="<?=$usrimg;?>" alt="<?=gettext("User"); ?>" title="<?=gettext("User"); ?>" border="0" height="16" width="16" />
960			</td>
961			<td align="left" valign="middle">
962			<?=htmlspecialchars($userent['name']);?>
963			</td>
964			</tr>
965			</table>
966			</td>
967	4970f1de	bruno	<td class="listr" id="frd<?=$i?>" onclick="fr_toggle('<?=$i;?>')"><?=htmlspecialchars($userent['descr']);?> </td>
968			<td class="listr" id="frd<?=$i?>" onclick="fr_toggle('<?=$i;?>')"><?php if(isset($userent['disabled'])) echo "*"; ?></td>
969			<td class="listbg" onclick="fr_toggle('<?=$i;?>')">
970	1a6769a6	Renato Botelho	<?=implode(",",local_user_get_groups($userent));?>
971
972			</td>
973			<td valign="middle" class="list nowrap">
974			<input type="image" name="edituser[]" width="17" height="17" border="0"
975			src="/themes/<?=$g['theme'];?>/images/icons/icon_e.gif"
976			onclick="document.getElementById('userid').value='<?=$i;?>';
977			document.getElementById('act').value='<?php echo "edit";?>';"
978			title="<?=gettext("edit user");?>" />
979			<?php
980			if($userent['scope'] != "system"):
981			?>
982
983			<input type="image" name="deluser[]" width="17" height="17" border="0"
984			src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif"
985			onclick="document.getElementById('userid').value='<?=$i;?>';
986	fbe0d698	Renato Botelho	document.getElementById('username').value='<?=$userent['name'];?>';
987	1a6769a6	Renato Botelho	document.getElementById('act').value='<?php echo "deluser";?>';
988			return confirm('<?=gettext("Do you really want to delete this user?");?>');"
989			title="<?=gettext("delete user");?>" />
990			<?php
991			endif;
992			?>
993			</td>
994			</tr>
995			<?php
996			$i++;
997			endforeach;
998			?>
999			</tbody>
1000			</table>
1001			</form>
1002	4c291f4c	Renato Botelho	<?php
1003			endif;
1004			?>
1005	e30001cf	Matthew Grooms	</div>
1006	45ee90ed	Matthew Grooms	</td>
1007			</tr>
1008	1df17ba9	Scott Ullrich	</table>
1009	45ee90ed	Matthew Grooms	<?php include("fend.inc");?>
1010			</body>
1011	12c2ec2e	Charlie Marshall	</html>

Project

General

Profile

pfSense