/usr/local/www/system_usermanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_usermanager.php @ 42809b4a

-df17ba9
+<?php
 /* $Id$ */
-            fab7ff44
+/*
-df17ba9
+    system_usermanager.php
     part of m0n0wall (http://m0n0.ch/wall)
-b07c15a
+    Copyright (C) 2008 Shrew Soft Inc.
     All rights reserved.
-df17ba9
+    Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
     All rights reserved.
     Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
     All rights reserved.
     Redistribution and use in source and binary forms, with or without
     modification, are permitted provided that the following conditions are met:
 . Redistributions of source code must retain the above copyright notice,
        this list of conditions and the following disclaimer.
 . Redistributions in binary form must reproduce the above copyright
        notice, this list of conditions and the following disclaimer in the
        documentation and/or other materials provided with the distribution.
     THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
     INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
     AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
     AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
     OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
     INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
     CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     POSSIBILITY OF SUCH DAMAGE.
-            fab7ff44
+*/
-d333258
+/*
 	pfSense_BUILDER_BINARIES:
 	pfSense_MODULE:	auth
 */
-            fab7ff44
+            Bill Marquette
-b07c15a
+##|+PRIV
 ##|*IDENT=page-system-usermanager
 ##|*NAME=System: User Manager page
 ##|*DESCR=Allow access to the 'System: User Manager' page.
 ##|*MATCH=system_usermanager.php*
 ##|-PRIV
-            ead24d63
+require("certs.inc");
-            fab7ff44
+require("guiconfig.inc");
-ee90ed
+if (isAllowedPage("system_usermanager")) {
-b53653
+            Scott Ullrich
-ee90ed
+	// start admin user code
 	$pgtitle = array("System","User Manager");
-            fab7ff44
+            Bill Marquette
-ee90ed
+	$id = $_GET['id'];
 	if (isset($_POST['id']))
 		$id = $_POST['id'];
-df17ba9
+            Scott Ullrich
-e4a4513
+	if (!is_array($config['system']['user']))
 		$config['system']['user'] = array();
-df17ba9
+            Scott Ullrich
-b07c15a
+	$a_user = &$config['system']['user'];
-ee90ed
+            Matthew Grooms
-b07c15a
+	if ($_GET['act'] == "deluser") {
-ee90ed
+            Matthew Grooms
-fdb8ad
+		if (!$a_user[$id]) {
-b07c15a
+			pfSenseHeader("system_usermanager.php");
 			exit;
-ee90ed
+            Matthew Grooms
-fdb8ad
+		local_user_del($a_user[$id]);
 		$userdeleted = $a_user[$id]['name'];
 		unset($a_user[$id]);
-b07c15a
+		write_config();
 		$savemsg = gettext("User")." {$userdeleted} ".
 					gettext("successfully deleted")."<br/>";
+	}
 	if ($_GET['act'] == "delpriv") {
-fdb8ad
+		if (!$a_user[$id]) {
-b07c15a
+			pfSenseHeader("system_usermanager.php");
 			exit;
-ee90ed
+            Matthew Grooms
-b07c15a
+            Matthew Grooms
 		$privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name'];
 		unset($a_user[$id]['priv'][$_GET['privid']]);
 		write_config();
 		$_GET['act'] = "edit";
 		$savemsg = gettext("Privilege")." {$privdeleted} ".
 					gettext("successfully deleted")."<br/>";
-ee90ed
+            Matthew Grooms
-b10
+	if ($_GET['act'] == "expcert") {
 		if (!$a_user[$id]) {
 			pfSenseHeader("system_usermanager.php");
 			exit;
+		}
 		$cert =& $a_user[$id]['cert'][$_GET['certid']];
 		$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.crt");
 		$exp_data = base64_decode($cert['crt']);
 		$exp_size = strlen($exp_data);
 		header("Content-Type: application/octet-stream");
 		header("Content-Disposition: attachment; filename={$exp_name}");
 		header("Content-Length: $exp_size");
 		echo $exp_data;
 		exit;
+	}
 	if ($_GET['act'] == "expckey") {
 		if (!$a_user[$id]) {
 			pfSenseHeader("system_usermanager.php");
 			exit;
+		}
 		$cert =& $a_user[$id]['cert'][$_GET['certid']];
 		$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.key");
 		$exp_data = base64_decode($cert['prv']);
 		$exp_size = strlen($exp_data);
 		header("Content-Type: application/octet-stream");
 		header("Content-Disposition: attachment; filename={$exp_name}");
 		header("Content-Length: $exp_size");
 		echo $exp_data;
 		exit;
+	}
-fdb8ad
+	if ($_GET['act'] == "delcert") {
 		if (!$a_user[$id]) {
 			pfSenseHeader("system_usermanager.php");
 			exit;
+		}
 		$certdeleted = $a_user[$id]['cert'][$_GET['certid']]['name'];
 		unset($a_user[$id]['cert'][$_GET['certid']]);
 		write_config();
 		$_GET['act'] = "edit";
 		$savemsg = gettext("Certificate")." {$certdeleted} ".
 					gettext("successfully deleted")."<br/>";
+	}
-ee90ed
+	if ($_GET['act'] == "edit") {
 		if (isset($id) && $a_user[$id]) {
 			$pconfig['usernamefld'] = $a_user[$id]['name'];
 			$pconfig['fullname'] = $a_user[$id]['fullname'];
-b3bd
+			$pconfig['expires'] = $a_user[$id]['expires'];
-fa7f2
+			$pconfig['groups'] = local_user_get_groups($a_user[$id]);
-ee90ed
+			$pconfig['utype'] = $a_user[$id]['scope'];
 			$pconfig['uid'] = $a_user[$id]['uid'];
 			$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
-b07c15a
+			$pconfig['priv'] = $a_user[$id]['priv'];
-            b4bfd25d
+			$pconfig['disabled'] = isset($a_user[$id]['disabled']);
-ee90ed
+            Matthew Grooms
+	}
 	if ($_GET['act'] == "new") {
 		/*
 		 * set this value cause the text field is read only
 		 * and the user should not be able to mess with this
 		 * setting.
 		 */
 		$pconfig['utype'] = "user";
-            13646069
+		$pconfig['lifetime'] = 3650;
-ee90ed
+            Matthew Grooms
 	if ($_POST) {
-            dff1a09d
+		conf_mount_rw();
-ee90ed
+		unset($input_errors);
 		$pconfig = $_POST;
 		/* input validation */
 		if (isset($id) && ($a_user[$id])) {
 			$reqdfields = explode(" ", "usernamefld");
 			$reqdfieldsn = explode(",", "Username");
 		} else {
-            c9794c06
+			if (empty($_POST['name'])) {
 				$reqdfields = explode(" ", "usernamefld passwordfld1");
 				$reqdfieldsn = explode(",", "Username,Password");
 			} else {
 				$reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime");
 				$reqdfieldsn = explode(",", "Username,Password,Descriptive name,Certificate authority,Key length,Lifetime");
+			}
-ee90ed
+            Matthew Grooms
 		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
 		if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
 			$input_errors[] = gettext("The username contains invalid characters.");
 		if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
 			$input_errors[] = gettext("The passwords do not match.");
 		/* make sure this user name is unique */
 		if (!$input_errors && !(isset($id) && $a_user[$id])) {
 			foreach ($a_user as $userent) {
 				if ($userent['name'] == $_POST['usernamefld']) {
 					$input_errors[] = gettext("Another entry with the same username already exists.");
 					break;
+				}
-cc9
+            Scott Ullrich
-e4a4513
+            Scott Ullrich
-df17ba9
+            Scott Ullrich
-b3bd
+		/*
 		 * Check for a valid expirationdate if one is set at all (valid means,
 		 * strtotime() puts out a time stamp so any strtotime compatible time
 		 * format may be used. to keep it simple for the enduser, we only
 		 * claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
 		 * like "+1 day", which will be converted to MM/DD/YYYY based on "now".
 		 * Otherwhise such an entry would lead to an invalid expiration data.
 		 */
 		if ($_POST['expires']){
 			if(strtotime($_POST['expires']) > 0){
 				if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($_POST['expires'])))) {
-a82fa9b
+					// Allow items to lie in the past which ends up disabling.
-b3bd
+				} else {
 					//convert from any strtotime compatible date to MM/DD/YYYY
 					$expdate = strtotime($_POST['expires']);
 					$_POST['expires'] = date("m/d/Y",$expdate);
+				}
 			} else {
 				$input_errors[] = "Invalid expiration date format; use MM/DD/YYYY instead.";
+			}
+		}
-            c9794c06
+		if (!empty($_POST['name'])) {
 			$ca = lookup_ca($_POST['caref']);
         		if (!$ca)
                 		$input_errors[] = "Invalid internal Certificate Authority\n";
+		}
-ee90ed
+		/* if this is an AJAX caller then handle via JSON */
 		if (isAjax() && is_array($input_errors)) {
 			input_errors2Ajax($input_errors);
 			exit;
+		}
-df17ba9
+            Scott Ullrich
-ee90ed
+		if (!$input_errors) {
 			$userent = array();
 			if (isset($id) && $a_user[$id])
 				$userent = $a_user[$id];
-df17ba9
+            Scott Ullrich
-            fb1266d3
+			isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
-fa7f2
+			/* the user name was modified */
-ee90ed
+			if ($_POST['usernamefld'] <> $_POST['oldusername'])
 				$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
-e4a4513
+            Scott Ullrich
-fa7f2
+			/* the user password was mofified */
 			if ($_POST['passwordfld1'])
 				local_user_set_password($userent, $_POST['passwordfld1']);
-ee90ed
+			$userent['name'] = $_POST['usernamefld'];
 			$userent['fullname'] = $_POST['fullname'];
-b3bd
+			$userent['expires'] = $_POST['expires'];
-            fb1266d3
+			$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
-            b4bfd25d
+            sullrich
 			if($_POST['disabled'])
 				$userent['disabled'] = true;
 			else
 				unset($userent['disabled']);
-df17ba9
+            Scott Ullrich
-ee90ed
+			if (isset($id) && $a_user[$id])
 				$a_user[$id] = $userent;
 			else {
-            c9794c06
+				if (!empty($_POST['name'])) {
 					$cert = array();
                         		$userent['cert'] = array();
             				$cert['name'] = $_POST['name'];
                 			$subject = cert_get_subject_array($ca['crt']);
                 			$dn = array(
                         			'countryName' => $subject[0]['v'],
                         			'stateOrProvinceName' => $subject[1]['v'],
                         			'localityName' => $subject[2]['v'],
                         			'organizationName' => $subject[3]['v'],
                         			'emailAddress' => $subject[4]['v'],
                         			'commonName' => $userent['name']);
 					cert_create($cert, $_POST['caref'], $_POST['keylen'],
 						(int)$_POST['lifetime'], $dn);
 					$userent['cert'][] = $cert;
+				}
-ee90ed
+				$userent['uid'] = $config['system']['nextuid']++;
 				$a_user[] = $userent;
+			}
-df17ba9
+            Scott Ullrich
-fa7f2
+			local_user_set($userent);
 			local_user_set_groups($userent,$_POST['groups']);
-ee90ed
+			write_config();
-df17ba9
+            Scott Ullrich
-db70b
+			if(is_dir("/etc/inc/privhooks"))
 				run_plugins("/etc/inc/privhooks");
-            dff1a09d
+			conf_mount_ro();
-ee90ed
+			pfSenseHeader("system_usermanager.php");
+		}
+	}
-            fab7ff44
+            Bill Marquette
-ee90ed
+	include("head.inc");
-df17ba9
+?>
-            fab7ff44
+            Bill Marquette
-df17ba9
+<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
-b07c15a
+<?php include("fbegin.inc"); ?>
-b3bd
+<!--
 //Date Time Picker script- by TengYong Ng of http://www.rainforestnet.com
 //Script featured on JavaScript Kit (http://www.javascriptkit.com)
 //For this script, visit http://www.javascriptkit.com
 // -->
-dd7b
+<script language="javascript" type="text/javascript" src="javascript/datetimepicker.js"></script>
-b07c15a
+<script language="JavaScript">
 <!--
 function setall_selected(id) {
 	selbox = document.getElementById(id);
 	count = selbox.options.length;
 	for (index = 0; index<count; index++)
 		selbox.options[index].selected = true;
+}
 function clear_selected(id) {
 	selbox = document.getElementById(id);
 	count = selbox.options.length;
 	for (index = 0; index<count; index++)
 		selbox.options[index].selected = false;
+}
 function remove_selected(id) {
 	selbox = document.getElementById(id);
 	index = selbox.options.length - 1;
 	for (; index >= 0; index--)
 		if (selbox.options[index].selected)
 			selbox.remove(index);
+}
 function copy_selected(srcid, dstid) {
 	src_selbox = document.getElementById(srcid);
 	dst_selbox = document.getElementById(dstid);
 	count = src_selbox.options.length;
 	for (index = 0; index < count; index++) {
 		if (src_selbox.options[index].selected) {
 			option = document.createElement('option');
 			option.text = src_selbox.options[index].text;
 			option.value = src_selbox.options[index].value;
 			dst_selbox.add(option, null);
+		}
+	}
+}
 function move_selected(srcid, dstid) {
 	copy_selected(srcid, dstid);
 	remove_selected(srcid);
+}
 function presubmit() {
 	clear_selected('notgroups');
 	setall_selected('groups');
+}
-            c9794c06
+function usercertClicked(obj) {
 	if (obj.checked) {
 		document.getElementById("usercertchck").style.display="none";
 		document.getElementById("usercert").style.display="";
 	} else {
 		document.getElementById("usercert").style.display="none";
 		document.getElementById("usercertchck").style.display="";
+	}
+}
 function sshkeyClicked(obj) {
         if (obj.checked) {
                 document.getElementById("sshkeychck").style.display="none";
                 document.getElementById("sshkey").style.display="";
         } else {
                 document.getElementById("sshkey").style.display="none";
                 document.getElementById("sshkeychck").style.display="";
+        }
+}
-b07c15a
+//-->
 </script>
-df17ba9
+<?php
-ee90ed
+	if ($input_errors)
 		print_input_errors($input_errors);
 	if ($savemsg)
 		print_info_box($savemsg);
-df17ba9
+?>
-ee90ed
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
 	<tr>
-            e30001cf
+		<td>
-ee90ed
+		<?php
 			$tab_array = array();
 			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
-b07c15a
+			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
-ee90ed
+			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
-            d799787e
+			$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
-ee90ed
+			display_top_tabs($tab_array);
 		?>
 		</td>
 	</tr>
 	<tr>
-            e30001cf
+		<td id="mainarea">
 			<div class="tabcont">
 				<?php if ($_GET['act'] == "new" || $_GET['act'] == "edit" || $input_errors): ?>
 				<form action="system_usermanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
 					<table width="100%" border="0" cellpadding="6" cellspacing="0">
 						<?php
 							$ro = "";
 							if ($pconfig['utype'] == "system")
 								$ro = "readonly = \"readonly\"";
 						?>
 	                    <tr>
 	                        <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td>
 	                        <td width="78%" class="vtable">
 	                            <strong><?=strtoupper($pconfig['utype']);?></strong>
 								<input name="utype" type="hidden" value="<?=$pconfig['utype']?>"/>
 	                        </td>
 	                    </tr>
-            b4bfd25d
+						<tr>
-afddcb1
+							<td width="22%" valign="top" class="vncell"><?=gettext("Disabled");?></td>
-            b4bfd25d
+							<td width="78%" class="vtable">
 								<input name="disabled" type="checkbox" id="disabled" <?php if($pconfig['disabled']) echo "CHECKED"; ?>>
 							</td>
 						</tr>
-            e30001cf
+						<tr>
 							<td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td>
 							<td width="78%" class="vtable">
 								<input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?>/>
 								<input name="oldusername" type="hidden" id="oldusername" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" />
 							</td>
 						</tr>
 						<tr>
 							<td width="22%" valign="top" class="vncellreq" rowspan="2"><?=gettext("Password");?></td>
 							<td width="78%" class="vtable">
 								<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" value="" />
 							</td>
 						</tr>
 						<tr>
 							<td width="78%" class="vtable">
 								<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" value="" />&nbsp;<?= gettext("(confirmation)"); ?>
 							</td>
 						</tr>
 						<tr>
 							<td width="22%" valign="top" class="vncell"><?=gettext("Full name");?></td>
 							<td width="78%" class="vtable">
 								<input name="fullname" type="text" class="formfld unknown" id="fullname" size="20" value="<?=htmlspecialchars($pconfig['fullname']);?>" <?=$ro;?>/>
 								<br/>
 								<?=gettext("User's full name, for your own information only");?>
 							</td>
 						</tr>
-b3bd
+						<tr>
 							<td width="22%" valign="top" class="vncell">Expiration date</td>
 							<td width="78%" class="vtable">
 								<input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=$pconfig['expires'];?>">
 								<a href="javascript:NewCal('expires','mmddyyyy')">
 									<img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_cal.gif" width="16" height="16" border="0" alt="Pick a date">
 								</a>
 								<br>
 								<span class="vexpl">Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy</span></td>
 						</tr>
-            e30001cf
+						<tr>
 							<td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td>
 							<td width="78%" class="vtable" align="center">
 								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
 									<tr>
 										<td align="center" width="50%">
 											<strong>Not Member Of</strong><br/>
 											<br/>
 											<select size="10" style="width: 75%" name="notgroups[]" class="formselect" id="notgroups" onChange="clear_selected('groups')" multiple>
 												<?php
 													foreach ($config['system']['group'] as $group):
 														if ($group['gid'] == 1998) /* all users group */
 															continue;
 														if (in_array($group['name'],$pconfig['groups']))
 															continue;
 												?>
 												<option value="<?=$group['name'];?>" <?=$selected;?>>
 													<?=htmlspecialchars($group['name']);?>
 												</option>
 												<?php endforeach; ?>
 											</select>
 											<br/>
 										</td>
 										<td>
 											<br/>
 											<a href="javascript:move_selected('notgroups','groups')">
 												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="Add Groups" alt="Add Groups" width="17" height="17" border="0" />
 											</a>
 											<br/><br/>
 											<a href="javascript:move_selected('groups','notgroups')">
 												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="Remove Groups" alt="Remove Groups" width="17" height="17" border="0" />
 											</a>
 										</td>
 										<td align="center" width="50%">
 											<strong>Member Of</strong><br/>
 											<br/>
 											<select size="10" style="width: 75%" name="groups[]" class="formselect" id="groups" onChange="clear_selected('nogroups')" multiple>
 												<?php
 													foreach ($config['system']['group'] as $group):
 														if ($group['gid'] == 1998) /* all users group */
 															continue;
 														if (!in_array($group['name'],$pconfig['groups']))
 															continue;
 												?>
 												<option value="<?=$group['name'];?>">
 													<?=htmlspecialchars($group['name']);?>
 												</option>
 												<?php endforeach; ?>
 											</select>
 											<br/>
 										</td>
 									</tr>
 								</table>
 								<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
 							</td>
 						</tr>
 						<?php if ($pconfig['uid']): ?>
 						<tr>
 							<td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td>
 							<td width="78%" class="vtable">
 								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
 									<tr>
 										<td width="20%" class="listhdrr"><?=gettext("Inherited From");?></td>
 										<td width="30%" class="listhdrr"><?=gettext("Name");?></td>
 										<td width="40%" class="listhdrr"><?=gettext("Description");?></td>
 										<td class="list"></td>
 									</tr>
 									<?php
 										$privdesc = get_user_privdesc($a_user[$id]);
 										if(is_array($privdesc)):
 											$i = 0;
 											foreach ($privdesc as $priv):
 											$group = false;
 											if ($priv['group'])
 												$group = $priv['group'];
 									?>
 									<tr>
 										<td class="listlr"><?=$group;?></td>
 										<td class="listr">
 											<?=htmlspecialchars($priv['name']);?>
 										</td>
 										<td class="listbg">
 												<?=htmlspecialchars($priv['descr']);?>
 										</td>
 										<td valign="middle" nowrap class="list">
 											<?php if (!$group): ?>
 											<a href="system_usermanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')">
 												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" />
 											</a>
 											<?php endif; ?>
 										</td>
 									</tr>
 									<?php
 											/* can only delete user priv indexes */
 											if (!$group)
 												$i++;
 											endforeach;
 										endif;
 									?>
 									<tr>
 										<td class="list" colspan="3"></td>
 										<td class="list">
 											<a href="system_usermanager_addprivs.php?userid=<?=$id?>">
 												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
 											</a>
 										</td>
 									</tr>
 								</table>
 							</td>
 						</tr>
 						<tr>
 							<td width="22%" valign="top" class="vncell"><?=gettext("User Certificates");?></td>
 							<td width="78%" class="vtable">
 								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
 									<tr>
 										<td width="45%" class="listhdrr"><?=gettext("Name");?></td>
 										<td width="45%" class="listhdrr"><?=gettext("CA");?></td>
 										<td class="list"></td>
 									</tr>
 									<?php
 										$a_cert = $a_user[$id]['cert'];
 										if(is_array($a_cert)):
 											$i = 0;
 											foreach ($a_cert as $cert):
 						                        $ca = lookup_ca($cert['caref']);
 									?>
 									<tr>
 										<td class="listlr">
 											<?=htmlspecialchars($cert['name']);?>
 										</td>
 										<td class="listr">
 											<?=htmlspecialchars($ca['name']);?>
 										</td>
 										<td valign="middle" nowrap class="list">
 											<a href="system_usermanager.php?act=expckey&id=<?=$id;?>&certid=<?=$i;?>">
 												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export private key" alt="export private key" width="17" height="17" border="0" />
 											</a>
 											<a href="system_usermanager.php?act=expcert&id=<?=$id;?>&certid=<?=$i;?>">
 												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export cert" alt="export cert" width="17" height="17" border="0" />
 											</a>
 											<a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this certificate?");?>')">
 												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete cert" />
 											</a>
 										</td>
 									</tr>
 									<?php
 												$i++;
 											endforeach;
 										endif;
 									?>
 									<tr>
 										<td class="list" colspan="2"></td>
 										<td class="list">
 											<a href="system_usermanager_addcert.php?userid=<?=$id?>">
 												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
 											</a>
 										</td>
 									</tr>
 								</table>
 							</td>
 						</tr>
-ee90ed
+            Matthew Grooms
-            c9794c06
+						<?php else : ?>
 						<?php 	if (is_array($config['system']['ca']) && count($config['system']['ca']) > 0): ?>
 						<?php		$i = 0; foreach( $config['system']['ca'] as $ca) {
                                                                         	if (!$ca['prv'])
                                                                                 	continue;
 										$i++;
+									}
 						?>
 						<tr id="usercertchck" name="usercertchck" >
 							<td width="22%" valign="top" class="vncell"><?=gettext("Certificate");?></td>
                                                 	<td width="78%" class="vtable">
 							<input type="checkbox" onClick="javascript:usercertClicked(this)"> Click to create a user certificate.
 							</td>
 						</tr>
 						<?php		if ($i > 0): ?>
 						<tr id="usercert" name="usercert" style="display:none">
 							<td width="22%" valign="top" class="vncell"><?=gettext("Certificate");?></td>
                                                 	<td width="78%" class="vtable">
-            d0412d85
+							<table width="100%" border="0" cellpadding="6" cellspacing="0">
-            c9794c06
+							<tr>
                                                         	<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
                                                         	<td width="78%" class="vtable">
                                                                 	<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/>
                                                         	</td>
                                                 	</tr>
                                                 	<tr>
                                                         	<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate authority");?></td>
                                                         	<td width="78%" class="vtable">
                                                                 	<select name='caref' id='caref' class="formselect" onChange='internalca_change()'>
                                                                 <?php
                                                                         foreach( $config['system']['ca'] as $ca):
                                                                         if (!$ca['prv'])
                                                                                 continue;
                                                                 ?>
                                                                         <option value="<?=$ca['refid'];?>"><?=$ca['name'];?></option>
                                                                 <?php endforeach; ?>
                                                                 	</select>
                                                         	</td>
                                                 	</tr>
                                                 	<tr>
                                                         	<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
                                                         	<td width="78%" class="vtable">
                                                                 	<select name='keylen' class="formselect">
                                                                 <?php
-b4b9ff3
+									$cert_keylens = array( "2048", "512", "1024", "4096");
-            c9794c06
+                                                                        foreach( $cert_keylens as $len):
                                                                 ?>
                                                                         <option value="<?=$len;?>"><?=$len;?></option>
                                                                 <?php endforeach; ?>
                                                                 	</select>
                                                                 	bits
                                                         	</td>
                                                 	</tr>
 							<tr>
                                                         	<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
                                                         	<td width="78%" class="vtable">
                                                                 	<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>days
                                                         	</td>
                                                 	</tr>
 						</table>
 							</td>
 						</tr>
 						<?php 	endif; endif; ?>
-            e30001cf
+						<?php endif; ?>
-ee90ed
+            Matthew Grooms
-            c9794c06
+						<tr id="sshkeychck" name="sshkeychck" >
                                                         <td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
                                                         <td width="78%" class="vtable">
-a63da
+                                                        <input type="checkbox" onClick="javascript:sshkeyClicked(this)"> Click to paste an authorized key.
-            c9794c06
+                                                        </td>
                                                 </tr>
 						<tr id="sshkey" name="sshkey" style="display:none">
-            e30001cf
+							<td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
 							<td width="78%" class="vtable">
 								<textarea name="authorizedkeys" cols="65" rows="7" id="authorizedkeys" class="formfld_cert" wrap="off"><?=htmlspecialchars($pconfig['authorizedkeys']);?></textarea>
 								<br/>
 								<?=gettext("Paste an authorized keys file here.");?>
 							</td>
 						</tr>
 						<tr>
 							<td width="22%" valign="top">&nbsp;</td>
 							<td width="78%">
 								<input id="submit" name="save" type="submit" class="formbtn" value="Save" />
 								<?php if (isset($id) && $a_user[$id]): ?>
 								<input name="id" type="hidden" value="<?=$id;?>" />
 								<?php endif;?>
 							</td>
 						</tr>
 					</table>
 				</form>
 				<?php else: ?>
 				<table width="100%" border="0" cellpadding="0" cellspacing="0">
-ee90ed
+					<tr>
-            e30001cf
+						<td width="25%" class="listhdrr">Username</td>
 						<td width="25%" class="listhdrr">Full name</td>
-            b4bfd25d
+						<td width="5%" class="listhdrr">Disabled</td>
 						<td width="25%" class="listhdrr">Groups</td>
-            e30001cf
+						<td width="10%" class="list"></td>
-ee90ed
+					</tr>
-            e30001cf
+					<?php
 						$i = 0;
 						foreach($a_user as $userent):
 					?>
 					<tr ondblclick="document.location='system_usermanager.php?act=edit&id=<?=$i;?>'">
 						<td class="listlr">
 							<table border="0" cellpadding="0" cellspacing="0">
-b07c15a
+								<tr>
-            e30001cf
+									<td align="left" valign="center">
 										<?php
 											if($userent['scope'] != "user")
 												$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png";
 											else
 												$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png";
 										?>
 										<img src="<?=$usrimg;?>" alt="User" title="User" border="0" height="16" width="16" />
-b07c15a
+									</td>
-            e30001cf
+									<td align="left" valign="middle">
 										<?=htmlspecialchars($userent['name']);?>
-b07c15a
+									</td>
 								</tr>
 							</table>
-ee90ed
+						</td>
-            e30001cf
+						<td class="listr"><?=htmlspecialchars($userent['fullname']);?>&nbsp;</td>
-            b4bfd25d
+						<td class="listr"><?php if(isset($userent['disabled'])) echo "*"; ?></td>
-            e30001cf
+						<td class="listbg">
 								<?=implode(",",local_user_get_groups($userent));?>
 							&nbsp;
-ee90ed
+						</td>
-            e30001cf
+						<td valign="middle" nowrap class="list">
 							<a href="system_usermanager.php?act=edit&id=<?=$i;?>">
 								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="edit user" alt="edit user" width="17" height="17" border="0" />
 							</a>
 							<?php if($userent['scope'] != "system"): ?>
 							&nbsp;
 							<a href="system_usermanager.php?act=deluser&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')">
 								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete user" alt="delete user" width="17" height="17" border="0" />
 							</a>
 							<?php endif; ?>
-fdb8ad
+						</td>
 					</tr>
-            e30001cf
+					<?php
 							$i++;
 						endforeach;
 					?>
-            fb1266d3
+					<tr>
-            b4bfd25d
+						<td class="list" colspan="4"></td>
-            e30001cf
+						<td class="list">
 							<a href="system_usermanager.php?act=new">
 								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add user" alt="add user" width="17" height="17" border="0" />
 							</a>
-            fb1266d3
+						</td>
 					</tr>
-ee90ed
+					<tr>
-            b4bfd25d
+						<td colspan="4">
-            e30001cf
+							<p>
 								<?=gettext("Additional webConfigurator users can be added here.");?>
-d7db5
+								<?=gettext("User permissions can be assigned directly or inherited from group memberships.");?>
-            e30001cf
+								<?=gettext("An icon that appears grey indicates that it is a system defined object.");?>
 								<?=gettext("Some system object properties can be modified but they cannot be deleted.");?>
 							</p>
-ee90ed
+						</td>
 					</tr>
 				</table>
-            e30001cf
+				<?php endif; ?>
-ee90ed
+            Matthew Grooms
-            e30001cf
+			</div>
-ee90ed
+		</td>
 	</tr>
-df17ba9
+</table>
-ee90ed
+<?php include("fend.inc");?>
 </body>
-df17ba9
+<?php
-ee90ed
+	// end admin user code
 } else {
 	// start normal user code
-b07c15a
+            Matthew Grooms
-ee90ed
+	$pgtitle = array("System","User Password");
 	if (isset($_POST['save'])) {
 		unset($input_errors);
 		/* input validation */
 		$reqdfields = explode(" ", "passwordfld1");
 		$reqdfieldsn = explode(",", "Password");
-df17ba9
+            Scott Ullrich
-ee90ed
+		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-df17ba9
+            Scott Ullrich
-ee90ed
+		if ($_POST['passwordfld1'] != $_POST['passwordfld2'])
 			$input_errors[] = "The passwords do not match.";
-df17ba9
+            Scott Ullrich
-ee90ed
+		if (!$input_errors) {
 			// all values are okay --> saving changes
 			$config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1']));
-df17ba9
+            Scott Ullrich
-ee90ed
+			write_config();
 			$savemsg = "Password successfully changed<br />";
+		}
+	}
-cf6a
+	/* determine if user is not local to system */
-ee90ed
+	$islocal = false;
 	foreach($config['system']['user'] as $user)
 		if($user['name'] == $_SESSION['Username'])
 			$islocal = true;
-            fab7ff44
+?>
-df17ba9
+            Scott Ullrich
-ee90ed
+<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
-df17ba9
+<?php
     include("head.inc");
-ee90ed
+	include("fbegin.inc");
 	if ($input_errors)
 		print_input_errors($input_errors);
 	if ($savemsg)
 		print_info_box($savemsg);
 	if($islocal == false) {
 		echo "Sorry, you cannot change the password for a LDAP user.";
 		include("fend.inc");
 		exit;
+	}
-df17ba9
+?>
-            e30001cf
+<div id="mainarea">
 	<div class="tabcont">
 		<form action="system_usermanager.php" method="post" name="iform" id="iform">
 			<table width="100%" border="0" cellpadding="6" cellspacing="0">
 				<tr>
 					<td colspan="2" valign="top" class="listtopic"><?=$HTTP_SERVER_VARS['AUTH_USER']?>'s Password</td>
 				</tr>
 				<tr>
 					<td width="22%" valign="top" class="vncell" rowspan="2">Password</td>
 					<td width="78%" class="vtable">
 						<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" />
 					</td>
 				</tr>
 				<tr>
 					<td width="78%" class="vtable">
 						<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" />
 						&nbsp;<?=gettext("(confirmation)");?>
 						<br/>
 						<span class="vexpl">
 							<?=gettext("Select a new password");?>
 						</span>
 					</td>
 				</tr>
 				<tr>
 					<td width="22%" valign="top">&nbsp;</td>
 					<td width="78%">
 						<input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
 					</td>
 				</tr>
 			</table>
 		</form>
 	</div>
 </div>
-ee90ed
+<?php include("fend.inc");?>
 </body>
-e913df
+            Scott Ullrich
-df17ba9
+<?php
-b07c15a
+} // end of normal user code
-ee90ed
+            Matthew Grooms
 ?>

Project

General

Profile

pfSense