/src/usr/local/www/system_usermanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_usermanager.php @ 4d0c9c59

1	1df17ba9	Scott Ullrich	<?php
2	fab7ff44	Bill Marquette	/*
3	c5d81585	Renato Botelho	* system_usermanager.php
4	7d2e572f	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	81299b5c	Renato Botelho	* Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* Copyright (c) 2008 Shrew Soft Inc.
8			* Copyright (c) 2005 Paul Taylor <paultaylor@winn-dixie.com>
9			* All rights reserved.
10	191cb31d	Stephen Beaver	*
11	c5d81585	Renato Botelho	* originally based on m0n0wall (http://m0n0.ch/wall)
12			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
13			* All rights reserved.
14	7d2e572f	Stephen Beaver	*
15	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
16			* you may not use this file except in compliance with the License.
17			* You may obtain a copy of the License at
18	7d2e572f	Stephen Beaver	*
19	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
20	7d2e572f	Stephen Beaver	*
21	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
22			* distributed under the License is distributed on an "AS IS" BASIS,
23			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24			* See the License for the specific language governing permissions and
25			* limitations under the License.
26	7d2e572f	Stephen Beaver	*/
27	fab7ff44	Bill Marquette
28	6b07c15a	Matthew Grooms	##\|+PRIV
29			##\|*IDENT=page-system-usermanager
30	5230f468	jim-p	##\|*NAME=System: User Manager
31	6b07c15a	Matthew Grooms	##\|*DESCR=Allow access to the 'System: User Manager' page.
32	57188e47	Phil Davis	##\|*WARN=standard-warning-root
33	6b07c15a	Matthew Grooms	##\|MATCH=system_usermanager.php
34			##\|-PRIV
35
36	c81ef6e2	Phil Davis	require_once("certs.inc");
37			require_once("guiconfig.inc");
38	fab7ff44	Bill Marquette
39	e33be77c	Ermal	// start admin user code
40	73fa304b	Phil Davis	if (isset($_POST['userid']) && is_numericint($_POST['userid'])) {
41	1a6769a6	Renato Botelho	$id = $_POST['userid'];
42	73fa304b	Phil Davis	}
43	1df17ba9	Scott Ullrich
44	7411c285	Stephen Beaver	if (isset($_GET['userid']) && is_numericint($_GET['userid'])) {
45			$id = $_GET['userid'];
46			}
47
48	73fa304b	Phil Davis	if (!isset($config['system']['user']) \|\| !is_array($config['system']['user'])) {
49	e33be77c	Ermal	$config['system']['user'] = array();
50	73fa304b	Phil Davis	}
51	1df17ba9	Scott Ullrich
52	e33be77c	Ermal	$a_user = &$config['system']['user'];
53	7411c285	Stephen Beaver	$act = $_GET['act'];
54	45ee90ed	Matthew Grooms
55	73fa304b	Phil Davis	if (isset($_SERVER['HTTP_REFERER'])) {
56	7c2d0050	Renato Botelho	$referer = $_SERVER['HTTP_REFERER'];
57	73fa304b	Phil Davis	} else {
58	7c2d0050	Renato Botelho	$referer = '/system_usermanager.php';
59	73fa304b	Phil Davis	}
60	7c2d0050	Renato Botelho
61	adacdf5f	jim-p	if (isset($id) && $a_user[$id]) {
62			$pconfig['usernamefld'] = $a_user[$id]['name'];
63			$pconfig['descr'] = $a_user[$id]['descr'];
64			$pconfig['expires'] = $a_user[$id]['expires'];
65	8bab524e	Phil Davis	$pconfig['customsettings'] = isset($a_user[$id]['customsettings']);
66			$pconfig['webguicss'] = $a_user[$id]['webguicss'];
67			$pconfig['webguifixedmenu'] = $a_user[$id]['webguifixedmenu'];
68			$pconfig['webguihostnamemenu'] = $a_user[$id]['webguihostnamemenu'];
69			$pconfig['dashboardcolumns'] = $a_user[$id]['dashboardcolumns'];
70			$pconfig['dashboardavailablewidgetspanel'] = isset($a_user[$id]['dashboardavailablewidgetspanel']);
71			$pconfig['systemlogsfilterpanel'] = isset($a_user[$id]['systemlogsfilterpanel']);
72			$pconfig['systemlogsmanagelogpanel'] = isset($a_user[$id]['systemlogsmanagelogpanel']);
73			$pconfig['statusmonitoringsettingspanel'] = isset($a_user[$id]['statusmonitoringsettingspanel']);
74			$pconfig['webguileftcolumnhyper'] = isset($a_user[$id]['webguileftcolumnhyper']);
75			$pconfig['pagenamefirst'] = isset($a_user[$id]['pagenamefirst']);
76	adacdf5f	jim-p	$pconfig['groups'] = local_user_get_groups($a_user[$id]);
77			$pconfig['utype'] = $a_user[$id]['scope'];
78			$pconfig['uid'] = $a_user[$id]['uid'];
79			$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
80			$pconfig['priv'] = $a_user[$id]['priv'];
81			$pconfig['ipsecpsk'] = $a_user[$id]['ipsecpsk'];
82			$pconfig['disabled'] = isset($a_user[$id]['disabled']);
83			}
84
85	43acaa2f	Stephen Beaver	if ($_GET['act'] == "deluser") {
86	45ee90ed	Matthew Grooms
87	43acaa2f	Stephen Beaver	if (!isset($_GET['username']) \|\| !isset($a_user[$id]) \|\| ($_GET['username'] != $a_user[$id]['name'])) {
88	e33be77c	Ermal	pfSenseHeader("system_usermanager.php");
89			exit;
90	6b07c15a	Matthew Grooms	}
91
92	d6b79c39	Phil Davis	if ($_GET['username'] == $_SESSION['Username']) {
93			$delete_errors[] = sprintf(gettext("Cannot delete user %s because you are currently logged in as that user."), $_GET['username']);
94			} else {
95			local_user_del($a_user[$id]);
96			$userdeleted = $a_user[$id]['name'];
97			unset($a_user[$id]);
98			write_config();
99			$savemsg = sprintf(gettext("User %s successfully deleted."), $userdeleted);
100			}
101	d61309a0	Phil Davis	} else if ($act == "new") {
102	e33be77c	Ermal	/*
103			* set this value cause the text field is read only
104			* and the user should not be able to mess with this
105			* setting.
106			*/
107			$pconfig['utype'] = "user";
108			$pconfig['lifetime'] = 3650;
109			}
110	45ee90ed	Matthew Grooms
111	64c31615	Stephen Beaver	if (isset($_POST['dellall'])) {
112	4e21c82e	bruno
113			$del_users = $_POST['delete_check'];
114	d6b79c39	Phil Davis	$deleted_users = "";
115			$deleted_count = 0;
116			$comma = "";
117	4e21c82e	bruno
118	73fa304b	Phil Davis	if (!empty($del_users)) {
119			foreach ($del_users as $userid) {
120	4e21c82e	bruno	if (isset($a_user[$userid]) && $a_user[$userid]['scope'] != "system") {
121	d6b79c39	Phil Davis	if ($a_user[$userid]['name'] == $_SESSION['Username']) {
122			$delete_errors[] = sprintf(gettext("Cannot delete user %s because you are currently logged in as that user."), $a_user[$userid]['name']);
123			} else {
124			$deleted_users = $deleted_users . $comma . $a_user[$userid]['name'];
125			$comma = ", ";
126			$deleted_count++;
127			local_user_del($a_user[$userid]);
128			unset($a_user[$userid]);
129			}
130			} else {
131			$delete_errors[] = sprintf(gettext("Cannot delete user %s because it is a system user."), $a_user[$userid]['name']);
132	4e21c82e	bruno	}
133			}
134	d6b79c39	Phil Davis
135			if ($deleted_count > 0) {
136			if ($deleted_count == 1) {
137			$savemsg = sprintf(gettext("User %s successfully deleted."), $deleted_users);
138			} else {
139			$savemsg = sprintf(gettext("Users %s successfully deleted."), $deleted_users);
140			}
141			write_config($savemsg);
142			}
143	4e21c82e	bruno	}
144			}
145
146	98402844	Stephen Beaver	if ($_POST['act'] == "delcert") {
147
148			if (!$a_user[$id]) {
149			pfSenseHeader("system_usermanager.php");
150			exit;
151			}
152
153			$certdeleted = lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
154			$certdeleted = $certdeleted['descr'];
155			unset($a_user[$id]['cert'][$_POST['certid']]);
156			write_config();
157			$_POST['act'] = "edit";
158	ed10e389	Phil Davis	$savemsg = sprintf(gettext("Certificate %s association removed."), $certdeleted);
159	98402844	Stephen Beaver	}
160	64c31615	Stephen Beaver
161	945204b1	Stephen Beaver	if ($_POST['act'] == "delprivid") {
162			$privdeleted = $priv_list[$a_user[$id]['priv'][$_POST['privid']]]['name'];
163			unset($a_user[$id]['priv'][$_POST['privid']]);
164			local_user_set($a_user[$id]);
165			write_config();
166			$_POST['act'] = "edit";
167	ed10e389	Phil Davis	$savemsg = sprintf(gettext("Privilege %s removed."), $privdeleted);
168	4c879f95	heper	}
169	98402844	Stephen Beaver
170	1a6769a6	Renato Botelho	if ($_POST['save']) {
171	e33be77c	Ermal	unset($input_errors);
172			$pconfig = $_POST;
173	45ee90ed	Matthew Grooms
174	e33be77c	Ermal	/* input validation */
175			if (isset($id) && ($a_user[$id])) {
176			$reqdfields = explode(" ", "usernamefld");
177			$reqdfieldsn = array(gettext("Username"));
178			} else {
179			if (empty($_POST['name'])) {
180			$reqdfields = explode(" ", "usernamefld passwordfld1");
181			$reqdfieldsn = array(
182			gettext("Username"),
183			gettext("Password"));
184	45ee90ed	Matthew Grooms	} else {
185	e33be77c	Ermal	$reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime");
186			$reqdfieldsn = array(
187			gettext("Username"),
188			gettext("Password"),
189			gettext("Descriptive name"),
190			gettext("Certificate authority"),
191			gettext("Key length"),
192			gettext("Lifetime"));
193	45ee90ed	Matthew Grooms	}
194	e33be77c	Ermal	}
195	45ee90ed	Matthew Grooms
196	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
197	45ee90ed	Matthew Grooms
198	73fa304b	Phil Davis	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) {
199	e33be77c	Ermal	$input_errors[] = gettext("The username contains invalid characters.");
200	73fa304b	Phil Davis	}
201	45ee90ed	Matthew Grooms
202	73fa304b	Phil Davis	if (strlen($_POST['usernamefld']) > 16) {
203	e33be77c	Ermal	$input_errors[] = gettext("The username is longer than 16 characters.");
204	73fa304b	Phil Davis	}
205	94d455da	jim-p
206	73fa304b	Phil Davis	if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) {
207	e33be77c	Ermal	$input_errors[] = gettext("The passwords do not match.");
208	73fa304b	Phil Davis	}
209	45ee90ed	Matthew Grooms
210	73fa304b	Phil Davis	if (isset($_POST['ipsecpsk']) && !preg_match('/^[[:ascii:]]*$/', $_POST['ipsecpsk'])) {
211	123d8700	Renato Botelho	$input_errors[] = gettext("IPsec Pre-Shared Key contains invalid characters.");
212	73fa304b	Phil Davis	}
213	123d8700	Renato Botelho
214	e63321a5	jim-p	/* Check the POSTed groups to ensure they are valid and exist */
215	9d3e8723	Phil Davis	if (is_array($_POST['groups'])) {
216	9f472202	NewEraCracker	foreach ($_POST['groups'] as $newgroup) {
217			if (empty(getGroupEntry($newgroup))) {
218			$input_errors[] = gettext("One or more invalid groups was submitted.");
219			}
220	e63321a5	jim-p	}
221			}
222
223	73fa304b	Phil Davis	if (isset($id) && $a_user[$id]) {
224	e33be77c	Ermal	$oldusername = $a_user[$id]['name'];
225	73fa304b	Phil Davis	} else {
226	e33be77c	Ermal	$oldusername = "";
227	73fa304b	Phil Davis	}
228	e33be77c	Ermal	/* make sure this user name is unique */
229			if (!$input_errors) {
230			foreach ($a_user as $userent) {
231			if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
232			$input_errors[] = gettext("Another entry with the same username already exists.");
233			break;
234	58664cc9	Scott Ullrich	}
235	3dec33d4	Erik Fonnesbeck	}
236	e33be77c	Ermal	}
237			/* also make sure it is not reserved */
238			if (!$input_errors) {
239			$system_users = explode("\n", file_get_contents("/etc/passwd"));
240			foreach ($system_users as $s_user) {
241			$ent = explode(":", $s_user);
242			if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
243			$input_errors[] = gettext("That username is reserved by the system.");
244			break;
245	8339ab6d	jim-p	}
246	7e4a4513	Scott Ullrich	}
247	e33be77c	Ermal	}
248	1df17ba9	Scott Ullrich
249	e33be77c	Ermal	/*
250	e30050b6	Phil Davis	* Check for a valid expiration date if one is set at all (valid means,
251	4d148b59	Yehuda Katz	* DateTime puts out a time stamp so any DateTime compatible time
252	e33be77c	Ermal	* format may be used. to keep it simple for the enduser, we only
253			* claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
254			* like "+1 day", which will be converted to MM/DD/YYYY based on "now".
255	e30050b6	Phil Davis	* Otherwise such an entry would lead to an invalid expiration data.
256	e33be77c	Ermal	*/
257	73fa304b	Phil Davis	if ($_POST['expires']) {
258	4d148b59	Yehuda Katz	try {
259			$expdate = new DateTime($_POST['expires']);
260			//convert from any DateTime compatible date to MM/DD/YYYY
261			$_POST['expires'] = $expdate->format("m/d/Y");
262	73fa304b	Phil Davis	} catch (Exception $ex) {
263	e33be77c	Ermal	$input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead.");
264	0092b3bd	mgrooms	}
265	e33be77c	Ermal	}
266	0092b3bd	mgrooms
267	e33be77c	Ermal	if (!empty($_POST['name'])) {
268			$ca = lookup_ca($_POST['caref']);
269	73fa304b	Phil Davis	if (!$ca) {
270	4c291f4c	Renato Botelho	$input_errors[] = gettext("Invalid internal Certificate Authority") . "\n";
271	73fa304b	Phil Davis	}
272	e33be77c	Ermal	}
273	c9794c06	Ermal
274	e33be77c	Ermal	if (!$input_errors) {
275	4ee51131	Sjon Hortensius
276	e33be77c	Ermal	$userent = array();
277	73fa304b	Phil Davis	if (isset($id) && $a_user[$id]) {
278	e33be77c	Ermal	$userent = $a_user[$id];
279	73fa304b	Phil Davis	}
280	e879fc81	Ermal
281	e33be77c	Ermal	isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
282
283			/* the user name was modified */
284	926e0a2f	Phil Davis	if (!empty($_POST['oldusername']) && ($_POST['usernamefld'] <> $_POST['oldusername'])) {
285	e33be77c	Ermal	$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
286	fdcf104c	jim-p	local_user_del($userent);
287			}
288	1df17ba9	Scott Ullrich
289	e30050b6	Phil Davis	/* the user password was modified */
290	73fa304b	Phil Davis	if ($_POST['passwordfld1']) {
291	e33be77c	Ermal	local_user_set_password($userent, $_POST['passwordfld1']);
292	73fa304b	Phil Davis	}
293	1df17ba9	Scott Ullrich
294	5cde9005	NewEraCracker	/* only change description if sent */
295			if (isset($_POST['descr'])) {
296			$userent['descr'] = $_POST['descr'];
297			}
298
299	e33be77c	Ermal	$userent['name'] = $_POST['usernamefld'];
300			$userent['expires'] = $_POST['expires'];
301	8bab524e	Phil Davis	$userent['dashboardcolumns'] = $_POST['dashboardcolumns'];
302	e33be77c	Ermal	$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
303			$userent['ipsecpsk'] = $_POST['ipsecpsk'];
304	3ccb9689	Charlie Marshall
305	73fa304b	Phil Davis	if ($_POST['disabled']) {
306	e33be77c	Ermal	$userent['disabled'] = true;
307	73fa304b	Phil Davis	} else {
308	e33be77c	Ermal	unset($userent['disabled']);
309	73fa304b	Phil Davis	}
310	e33be77c	Ermal
311	8bab524e	Phil Davis	if ($_POST['customsettings']) {
312			$userent['customsettings'] = true;
313			} else {
314			unset($userent['customsettings']);
315			}
316
317			if ($_POST['webguicss']) {
318			$userent['webguicss'] = $_POST['webguicss'];
319			} else {
320			unset($userent['webguicss']);
321			}
322
323			if ($_POST['webguifixedmenu']) {
324			$userent['webguifixedmenu'] = $_POST['webguifixedmenu'];
325			} else {
326			unset($userent['webguifixedmenu']);
327			}
328
329			if ($_POST['webguihostnamemenu']) {
330			$userent['webguihostnamemenu'] = $_POST['webguihostnamemenu'];
331			} else {
332			unset($userent['webguihostnamemenu']);
333			}
334
335			if ($_POST['dashboardavailablewidgetspanel']) {
336			$userent['dashboardavailablewidgetspanel'] = true;
337			} else {
338			unset($userent['dashboardavailablewidgetspanel']);
339			}
340
341			if ($_POST['systemlogsfilterpanel']) {
342			$userent['systemlogsfilterpanel'] = true;
343			} else {
344			unset($userent['systemlogsfilterpanel']);
345			}
346
347			if ($_POST['systemlogsmanagelogpanel']) {
348			$userent['systemlogsmanagelogpanel'] = true;
349			} else {
350			unset($userent['systemlogsmanagelogpanel']);
351			}
352
353			if ($_POST['statusmonitoringsettingspanel']) {
354			$userent['statusmonitoringsettingspanel'] = true;
355			} else {
356			unset($userent['statusmonitoringsettingspanel']);
357			}
358
359			if ($_POST['webguileftcolumnhyper']) {
360			$userent['webguileftcolumnhyper'] = true;
361			} else {
362			unset($userent['webguileftcolumnhyper']);
363			}
364
365			if ($_POST['pagenamefirst']) {
366			$userent['pagenamefirst'] = true;
367			} else {
368			unset($userent['pagenamefirst']);
369			}
370
371	73fa304b	Phil Davis	if (isset($id) && $a_user[$id]) {
372	e33be77c	Ermal	$a_user[$id] = $userent;
373	73fa304b	Phil Davis	} else {
374	e33be77c	Ermal	if (!empty($_POST['name'])) {
375			$cert = array();
376			$cert['refid'] = uniqid();
377	4c291f4c	Renato Botelho	$userent['cert'] = array();
378	e33be77c	Ermal
379			$cert['descr'] = $_POST['name'];
380
381	4c291f4c	Renato Botelho	$subject = cert_get_subject_array($ca['crt']);
382	e33be77c	Ermal
383	4c291f4c	Renato Botelho	$dn = array(
384			'countryName' => $subject[0]['v'],
385			'stateOrProvinceName' => $subject[1]['v'],
386			'localityName' => $subject[2]['v'],
387			'organizationName' => $subject[3]['v'],
388			'emailAddress' => $subject[4]['v'],
389			'commonName' => $userent['name']);
390	e33be77c	Ermal
391			cert_create($cert, $_POST['caref'], $_POST['keylen'],
392			(int)$_POST['lifetime'], $dn);
393
394	73fa304b	Phil Davis	if (!is_array($config['cert'])) {
395	e33be77c	Ermal	$config['cert'] = array();
396	73fa304b	Phil Davis	}
397	e33be77c	Ermal	$config['cert'][] = $cert;
398			$userent['cert'][] = $cert['refid'];
399			}
400			$userent['uid'] = $config['system']['nextuid']++;
401			/* Add the user to All Users group. */
402			foreach ($config['system']['group'] as $gidx => $group) {
403			if ($group['name'] == "all") {
404	73fa304b	Phil Davis	if (!is_array($config['system']['group'][$gidx]['member'])) {
405	e33be77c	Ermal	$config['system']['group'][$gidx]['member'] = array();
406	73fa304b	Phil Davis	}
407	e33be77c	Ermal	$config['system']['group'][$gidx]['member'][] = $userent['uid'];
408			break;
409			}
410			}
411	970db70b	Scott Ullrich
412	e33be77c	Ermal	$a_user[] = $userent;
413	45ee90ed	Matthew Grooms	}
414	e33be77c	Ermal
415	900ce3b0	jim-p	/* Add user to groups so PHP can see the memberships properly or else the user's shell account does not get proper permissions (if applicable) See #5152. */
416	d61309a0	Phil Davis	local_user_set_groups($userent, $_POST['groups']);
417	e33be77c	Ermal	local_user_set($userent);
418	900ce3b0	jim-p	/* Add user to groups again to ensure they are set everywhere, otherwise the user may not appear to be a member of the group. See commit:5372d26d9d25d751d16865ed9d46869d3b0ec5e1. */
419	73fa304b	Phil Davis	local_user_set_groups($userent, $_POST['groups']);
420	e33be77c	Ermal	write_config();
421
422	73fa304b	Phil Davis	if (is_dir("/etc/inc/privhooks")) {
423	e33be77c	Ermal	run_plugins("/etc/inc/privhooks");
424	73fa304b	Phil Davis	}
425	e33be77c	Ermal
426	3ccb9689	Charlie Marshall
427	e33be77c	Ermal	pfSenseHeader("system_usermanager.php");
428	45ee90ed	Matthew Grooms	}
429	e33be77c	Ermal	}
430	fab7ff44	Bill Marquette
431	7411c285	Stephen Beaver	function build_priv_table() {
432			global $a_user, $id;
433
434			$privhtml = '<div class="table-responsive">';
435			$privhtml .= '<table class="table table-striped table-hover table-condensed">';
436			$privhtml .= '<thead>';
437	7d2e572f	Stephen Beaver	$privhtml .= '<tr>';
438			$privhtml .= '<th>' . gettext('Inherited from') . '</th>';
439			$privhtml .= '<th>' . gettext('Name') . '</th>';
440			$privhtml .= '<th>' . gettext('Description') . '</th>';
441	f460db90	NOYB	$privhtml .= '<th>' . gettext('Action') . '</th>';
442	7d2e572f	Stephen Beaver	$privhtml .= '</tr>';
443	7411c285	Stephen Beaver	$privhtml .= '</thead>';
444			$privhtml .= '<tbody>';
445
446	945204b1	Stephen Beaver	$i = 0;
447	57188e47	Phil Davis	$user_has_root_priv = false;
448	945204b1	Stephen Beaver
449			foreach (get_user_privdesc($a_user[$id]) as $priv) {
450			$group = false;
451			if ($priv['group']) {
452			$group = $priv['group'];
453			}
454
455	7411c285	Stephen Beaver	$privhtml .= '<tr>';
456			$privhtml .= '<td>' . htmlspecialchars($priv['group']) . '</td>';
457			$privhtml .= '<td>' . htmlspecialchars($priv['name']) . '</td>';
458	57188e47	Phil Davis	$privhtml .= '<td>' . htmlspecialchars($priv['descr']);
459			if (isset($priv['warn']) && ($priv['warn'] == 'standard-warning-root')) {
460	21312954	Phil Davis	$privhtml .= ' ' . gettext('(admin privilege)');
461	57188e47	Phil Davis	$user_has_root_priv = true;
462			}
463			$privhtml .= '</td>';
464	945204b1	Stephen Beaver	$privhtml .= '<td>';
465	d61309a0	Phil Davis	if (!$group) {
466	f460db90	NOYB	$privhtml .= '<a class="fa fa-trash no-confirm icon-pointer" title="' . gettext('Delete Privilege') . '" id="delprivid' . $i . '"></a>';
467	d61309a0	Phil Davis	}
468	945204b1	Stephen Beaver
469			$privhtml .= '</td>';
470	7411c285	Stephen Beaver	$privhtml .= '</tr>';
471	945204b1	Stephen Beaver
472	d61309a0	Phil Davis	if (!$group) {
473	945204b1	Stephen Beaver	$i++;
474	d61309a0	Phil Davis	}
475	7411c285	Stephen Beaver	}
476
477	57188e47	Phil Davis	if ($user_has_root_priv) {
478			$privhtml .= '<tr>';
479			$privhtml .= '<td colspan="3">';
480	9187d6f7	Phil Davis	$privhtml .= '<b>' . gettext('Security notice: This user effectively has administrator-level access') . '</b>';
481	57188e47	Phil Davis	$privhtml .= '</td>';
482			$privhtml .= '<td>';
483			$privhtml .= '</td>';
484			$privhtml .= '</tr>';
485
486			}
487
488	7411c285	Stephen Beaver	$privhtml .= '</tbody>';
489			$privhtml .= '</table>';
490			$privhtml .= '</div>';
491
492			$privhtml .= '<nav class="action-buttons">';
493	37676f4e	jim-p	$privhtml .= '<a href="system_usermanager_addprivs.php?userid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
494	7411c285	Stephen Beaver	$privhtml .= '</nav>';
495
496			return($privhtml);
497			}
498	98402844	Stephen Beaver
499	7411c285	Stephen Beaver	function build_cert_table() {
500			global $a_user, $id;
501
502			$certhtml = '<div class="table-responsive">';
503			$certhtml .= '<table class="table table-striped table-hover table-condensed">';
504			$certhtml .= '<thead>';
505	7d2e572f	Stephen Beaver	$certhtml .= '<tr>';
506			$certhtml .= '<th>' . gettext('Name') . '</th>';
507			$certhtml .= '<th>' . gettext('CA') . '</th>';
508	98402844	Stephen Beaver	$certhtml .= '<th></th>';
509	7d2e572f	Stephen Beaver	$certhtml .= '</tr>';
510	7411c285	Stephen Beaver	$certhtml .= '</thead>';
511			$certhtml .= '<tbody>';
512
513			$a_cert = $a_user[$id]['cert'];
514			if (is_array($a_cert)) {
515			$i = 0;
516			foreach ($a_cert as $certref) {
517	7d2e572f	Stephen Beaver	$cert = lookup_cert($certref);
518			$ca = lookup_ca($cert['caref']);
519			$revokedstr = is_cert_revoked($cert) ? '<b> Revoked</b>':'';
520
521	7411c285	Stephen Beaver	$certhtml .= '<tr>';
522	7d2e572f	Stephen Beaver	$certhtml .= '<td>' . htmlspecialchars($cert['descr']) . $revokedstr . '</td>';
523	7411c285	Stephen Beaver	$certhtml .= '<td>' . htmlspecialchars($ca['descr']) . '</td>';
524	db676e5b	Stephen Beaver	$certhtml .= '<td>';
525	945204b1	Stephen Beaver	$certhtml .= '<a id="delcert' . $i .'" class="fa fa-trash no-confirm icon-pointer" title="';
526	f14ff867	Phil Davis	$certhtml .= gettext('Remove this certificate association? (Certificate will not be deleted)') . '"></a>';
527	db676e5b	Stephen Beaver	$certhtml .= '</td>';
528	7411c285	Stephen Beaver	$certhtml .= '</tr>';
529	db676e5b	Stephen Beaver	$i++;
530	7411c285	Stephen Beaver	}
531	db676e5b	Stephen Beaver
532	7411c285	Stephen Beaver	}
533
534			$certhtml .= '</tbody>';
535			$certhtml .= '</table>';
536			$certhtml .= '</div>';
537
538			$certhtml .= '<nav class="action-buttons">';
539	37676f4e	jim-p	$certhtml .= '<a href="system_certmanager.php?act=new&userid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
540	7411c285	Stephen Beaver	$certhtml .= '</nav>';
541
542			return($certhtml);
543			}
544
545	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Users"));
546	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_usermanager.php");
547	8f1ab2a4	k-paulius
548			if ($act == "new" \|\| $act == "edit" \|\| $input_errors) {
549			$pgtitle[] = gettext('Edit');
550	edcd7535	Phil Davis	$pglinks[] = "@self";
551	8f1ab2a4	k-paulius	}
552	e33be77c	Ermal	include("head.inc");
553	fab7ff44	Bill Marquette
554	d6b79c39	Phil Davis	if ($delete_errors) {
555			print_input_errors($delete_errors);
556			}
557
558	d61309a0	Phil Davis	if ($input_errors) {
559	4ee51131	Sjon Hortensius	print_input_errors($input_errors);
560	d61309a0	Phil Davis	}
561	98402844	Stephen Beaver
562	d61309a0	Phil Davis	if ($savemsg) {
563	98402844	Stephen Beaver	print_info_box($savemsg, 'success');
564	d61309a0	Phil Davis	}
565	4ee51131	Sjon Hortensius
566			$tab_array = array();
567			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
568			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
569			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
570	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), false, "system_authservers.php");
571	4ee51131	Sjon Hortensius	display_top_tabs($tab_array);
572
573	7411c285	Stephen Beaver	if (!($act == "new" \|\| $act == "edit" \|\| $input_errors)) {
574	64600f94	Sjon Hortensius	?>
575	64c31615	Stephen Beaver	<form method="post">
576	060ed238	Stephen Beaver	<div class="panel panel-default">
577			<div class="panel-heading"><h2 class="panel-title"><?=gettext('Users')?></h2></div>
578			<div class="panel-body">
579			<div class="table-responsive">
580	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
581	060ed238	Stephen Beaver	<thead>
582			<tr>
583			<th> </th>
584			<th><?=gettext("Username")?></th>
585			<th><?=gettext("Full name")?></th>
586			<th><?=gettext("Disabled")?></th>
587			<th><?=gettext("Groups")?></th>
588	70dc5cd6	Phil Davis	<th><?=gettext("Actions")?></th>
589	060ed238	Stephen Beaver	</tr>
590			</thead>
591			<tbody>
592	a0165602	Sjon Hortensius	<?php
593	d61309a0	Phil Davis	foreach ($a_user as $i => $userent):
594	a0165602	Sjon Hortensius	?>
595	060ed238	Stephen Beaver	<tr>
596			<td>
597	d6b79c39	Phil Davis	<input type="checkbox" id="frc<?=$i?>" name="delete_check[]" value="<?=$i?>" <?=((($userent['scope'] == "system") \|\| ($userent['name'] == $_SESSION['Username'])) ? 'disabled' : '')?>/>
598	060ed238	Stephen Beaver	</td>
599			<td>
600	a0165602	Sjon Hortensius	<?php
601	d61309a0	Phil Davis	if ($userent['scope'] != "user") {
602	a0165602	Sjon Hortensius	$usrimg = 'eye-open';
603	d61309a0	Phil Davis	} else {
604	a0165602	Sjon Hortensius	$usrimg = 'user';
605	d61309a0	Phil Davis	}
606	a0165602	Sjon Hortensius	?>
607	060ed238	Stephen Beaver	<i class="fa fa-<?=$usrimg?>"></i>
608			<?=htmlspecialchars($userent['name'])?>
609			</td>
610			<td><?=htmlspecialchars($userent['descr'])?></td>
611			<td><?php if (isset($userent['disabled'])) echo "*"?></td>
612			<td><?=implode(",", local_user_get_groups($userent))?></td>
613			<td>
614			<a class="fa fa-pencil" title="<?=gettext("Edit user"); ?>" href="?act=edit&userid=<?=$i?>"></a>
615	d6b79c39	Phil Davis	<?php if (($userent['scope'] != "system") && ($userent['name'] != $_SESSION['Username'])): ?>
616	060ed238	Stephen Beaver	<a class="fa fa-trash" title="<?=gettext("Delete user")?>" href="?act=deluser&userid=<?=$i?>&username=<?=$userent['name']?>"></a>
617	a0165602	Sjon Hortensius	<?php endif; ?>
618	060ed238	Stephen Beaver	</td>
619			</tr>
620	a0165602	Sjon Hortensius	<?php endforeach; ?>
621	060ed238	Stephen Beaver	</tbody>
622			</table>
623			</div>
624			</div>
625	94404d94	Sander van Leeuwen	</div>
626	c10cb196	Stephen Beaver	<nav class="action-buttons">
627	64c31615	Stephen Beaver	<a href="?act=new" class="btn btn-sm btn-success">
628	9d5a20cf	heper	<i class="fa fa-plus icon-embed-btn"></i>
629	b921ab63	Stephen Beaver	<?=gettext("Add")?>
630			</a>
631	64c31615	Stephen Beaver
632			<button type="submit" class="btn btn-sm btn-danger" name="dellall" value="dellall" title="<?=gettext('Delete selected users')?>">
633			<i class="fa fa-trash icon-embed-btn"></i>
634			<?=gettext("Delete")?>
635			</button>
636	94404d94	Sander van Leeuwen	</nav>
637	d825dfea	NOYB	</form>
638	3c3ede28	Stephen Beaver	<div class="infoblock">
639	a0165602	Sjon Hortensius	<?php
640	a0d084fe	k-paulius	print_callout('<p>' . gettext("Additional users can be added here. User permissions for accessing " .
641			"the webConfigurator can be assigned directly or inherited from group memberships. " .
642			"Some system object properties can be modified but they cannot be deleted.") . '</p>' .
643			'<p>' . gettext("Accounts added here are also used for other parts of the system " .
644			"such as OpenVPN, IPsec, and Captive Portal.") . '</p>'
645			);
646	3c3ede28	Stephen Beaver	?></div><?php
647	a0165602	Sjon Hortensius	include("foot.inc");
648			exit;
649			}
650	4ee51131	Sjon Hortensius
651			$form = new Form;
652
653	7411c285	Stephen Beaver	if ($act == "new" \|\| $act == "edit" \|\| $input_errors):
654	4ee51131	Sjon Hortensius
655	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
656			'act',
657			null,
658			'hidden',
659			''
660			));
661	4ee51131	Sjon Hortensius
662	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
663			'userid',
664			null,
665			'hidden',
666			isset($id) ? $id:''
667			));
668	4ee51131	Sjon Hortensius
669	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
670			'privid',
671			null,
672			'hidden',
673			''
674			));
675	4ee51131	Sjon Hortensius
676	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
677			'certid',
678			null,
679			'hidden',
680			''
681			));
682	4ee51131	Sjon Hortensius
683	7411c285	Stephen Beaver	$ro = "";
684			if ($pconfig['utype'] == "system") {
685	c4b60a9a	Colin Fleming	$ro = "readonly";
686	7411c285	Stephen Beaver	}
687	4ee51131	Sjon Hortensius
688	7411c285	Stephen Beaver	$section = new Form_Section('User Properties');
689	4ee51131	Sjon Hortensius
690	7411c285	Stephen Beaver	$section->addInput(new Form_StaticText(
691			'Defined by',
692			strtoupper($pconfig['utype'])
693			));
694	4ee51131	Sjon Hortensius
695	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
696			'utype',
697			null,
698			'hidden',
699			$pconfig['utype']
700			));
701	4ee51131	Sjon Hortensius
702	7411c285	Stephen Beaver	$section->addInput(new Form_Checkbox(
703			'disabled',
704			'Disabled',
705			'This user cannot login',
706			$pconfig['disabled']
707			));
708	6b07c15a	Matthew Grooms
709	7411c285	Stephen Beaver	$section->addInput($input = new Form_Input(
710			'usernamefld',
711	153c3aa6	Phil Davis	'*Username',
712	7411c285	Stephen Beaver	'text',
713			$pconfig['usernamefld']
714			));
715	61dec0b0	Renato Botelho
716	d61309a0	Phil Davis	if ($ro) {
717	1fe9cc38	Stephen Beaver	$input->setReadonly();
718	d61309a0	Phil Davis	}
719	7411c285	Stephen Beaver
720			$form->addGlobal(new Form_Input(
721			'oldusername',
722	4ee51131	Sjon Hortensius	null,
723	7411c285	Stephen Beaver	'hidden',
724			$pconfig['usernamefld']
725	4ee51131	Sjon Hortensius	));
726	6b07c15a	Matthew Grooms
727	153c3aa6	Phil Davis	if ($act == "edit") {
728			$pwd_required = "";
729			} else {
730			$pwd_required = "*";
731			}
732
733			$group = new Form_Group($pwd_required . 'Password');
734	7411c285	Stephen Beaver	$group->add(new Form_Input(
735			'passwordfld1',
736			'Password',
737			'password'
738			));
739			$group->add(new Form_Input(
740			'passwordfld2',
741			'Confirm Password',
742			'password'
743			));
744
745			$section->add($group);
746
747			$section->addInput($input = new Form_Input(
748			'descr',
749			'Full name',
750			'text',
751			htmlspecialchars($pconfig['descr'])
752	89140b63	NOYB	))->setHelp('User\'s full name, for administrative information only');
753	7411c285	Stephen Beaver
754	d61309a0	Phil Davis	if ($ro) {
755	7411c285	Stephen Beaver	$input->setDisabled();
756	d61309a0	Phil Davis	}
757	7411c285	Stephen Beaver
758			$section->addInput(new Form_Input(
759			'expires',
760			'Expiration date',
761	d78dbc34	Stephen Beaver	'text',
762	7411c285	Stephen Beaver	$pconfig['expires']
763			))->setHelp('Leave blank if the account shouldn\'t expire, otherwise enter '.
764	98b87cfa	Jonathon Anderson	'the expiration date as MM/DD/YYYY');
765	7411c285	Stephen Beaver
766	8bab524e	Phil Davis	$section->addInput(new Form_Checkbox(
767			'customsettings',
768			'Custom Settings',
769			'Use individual customized GUI options and dashboard layout for this user.',
770			$pconfig['customsettings']
771			));
772
773			gen_user_settings_fields($section, $pconfig);
774
775	7411c285	Stephen Beaver	// ==== Group membership ==================================================
776			$group = new Form_Group('Group membership');
777
778	7d2e572f	Stephen Beaver	// Make a list of all the groups configured on the system, and a list of
779	7411c285	Stephen Beaver	// those which this user is a member of
780			$systemGroups = array();
781			$usersGroups = array();
782
783			$usergid = [$pconfig['usernamefld']];
784
785			foreach ($config['system']['group'] as $Ggroup) {
786	d61309a0	Phil Davis	if ($Ggroup['name'] != "all") {
787			if (($act == 'edit') && $Ggroup['member'] && in_array($pconfig['uid'], $Ggroup['member'])) {
788	b4333696	Stephen Beaver	$usersGroups[ $Ggroup['name'] ] = $Ggroup['name']; // Add it to the user's list
789	d61309a0	Phil Davis	} else {
790	b4333696	Stephen Beaver	$systemGroups[ $Ggroup['name'] ] = $Ggroup['name']; // Add it to the 'not a member of' list
791	d61309a0	Phil Davis	}
792	b4333696	Stephen Beaver	}
793	7411c285	Stephen Beaver	}
794
795			$group->add(new Form_Select(
796			'sysgroups',
797			null,
798			array_combine((array)$pconfig['groups'], (array)$pconfig['groups']),
799			$systemGroups,
800			true
801	953385a3	heper	))->setHelp('Not member of');
802	6b07c15a	Matthew Grooms
803	7411c285	Stephen Beaver	$group->add(new Form_Select(
804			'groups',
805			null,
806			array_combine((array)$pconfig['groups'], (array)$pconfig['groups']),
807			$usersGroups,
808			true
809	953385a3	heper	))->setHelp('Member of');
810	7411c285	Stephen Beaver
811			$section->add($group);
812
813			$group = new Form_Group('');
814
815			$group->add(new Form_Button(
816			'movetoenabled',
817	faab522f	Renato Botelho	'Move to "Member of" list',
818	37676f4e	jim-p	null,
819			'fa-angle-double-right'
820	347c0214	Phil Davis	))->setAttribute('type','button')->removeClass('btn-primary')->addClass('btn-info btn-sm');
821	7411c285	Stephen Beaver
822			$group->add(new Form_Button(
823			'movetodisabled',
824	faab522f	Renato Botelho	'Move to "Not member of" list',
825	37676f4e	jim-p	null,
826			'fa-angle-double-left'
827	347c0214	Phil Davis	))->setAttribute('type','button')->removeClass('btn-primary')->addClass('btn-info btn-sm');
828	4ee51131	Sjon Hortensius
829	e4c7d45f	NewEraCracker	$group->setHelp('Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.');
830	7411c285	Stephen Beaver	$section->add($group);
831	4ee51131	Sjon Hortensius
832	7411c285	Stephen Beaver	// ==== Button for adding user certificate ================================
833	d61309a0	Phil Davis	if ($act == 'new') {
834	4ee51131	Sjon Hortensius	$section->addInput(new Form_Checkbox(
835	7411c285	Stephen Beaver	'showcert',
836			'Certificate',
837			'Click to create a user certificate',
838			false
839	4ee51131	Sjon Hortensius	));
840	6b07c15a	Matthew Grooms	}
841
842	7411c285	Stephen Beaver	$form->add($section);
843	6b07c15a	Matthew Grooms
844	7411c285	Stephen Beaver	// ==== Effective privileges section ======================================
845			if (isset($pconfig['uid'])) {
846			// We are going to build an HTML table and add it to an Input_StaticText. It may be ugly, but it
847			// is the best way to make the display we need.
848	6b07c15a	Matthew Grooms
849	7411c285	Stephen Beaver	$section = new Form_Section('Effective Privileges');
850	4ee51131	Sjon Hortensius
851	7411c285	Stephen Beaver	$section->addInput(new Form_StaticText(
852			null,
853			build_priv_table()
854			));
855	4ee51131	Sjon Hortensius
856	7411c285	Stephen Beaver	$form->add($section);
857	4ee51131	Sjon Hortensius
858	7411c285	Stephen Beaver	// ==== Certificate table section =====================================
859	5f88f964	k-paulius	$section = new Form_Section('User Certificates');
860	7411c285	Stephen Beaver
861			$section->addInput(new Form_StaticText(
862			null,
863			build_cert_table()
864			));
865	64600f94	Sjon Hortensius
866			$form->add($section);
867	c9794c06	Ermal	}
868	7411c285	Stephen Beaver
869	f14ff867	Phil Davis	// ==== Add user certificate for a new user
870			if (is_array($config['ca']) && count($config['ca']) > 0) {
871	5f88f964	k-paulius	$section = new Form_Section('Create Certificate for User');
872	f14ff867	Phil Davis	$section->addClass('cert-options');
873	c9794c06	Ermal
874	f14ff867	Phil Davis	$nonPrvCas = array();
875	9d3e8723	Phil Davis	foreach ($config['ca'] as $ca) {
876	f14ff867	Phil Davis	if (!$ca['prv']) {
877			continue;
878			}
879	7411c285	Stephen Beaver
880	f14ff867	Phil Davis	$nonPrvCas[ $ca['refid'] ] = $ca['descr'];
881			}
882	7411c285	Stephen Beaver
883	f14ff867	Phil Davis	if (!empty($nonPrvCas)) {
884			$section->addInput(new Form_Input(
885			'name',
886			'Descriptive name',
887			'text',
888			$pconfig['name']
889			));
890	7411c285	Stephen Beaver
891	f14ff867	Phil Davis	$section->addInput(new Form_Select(
892			'caref',
893			'Certificate authority',
894			null,
895			$nonPrvCas
896			));
897	7411c285	Stephen Beaver
898	f14ff867	Phil Davis	$section->addInput(new Form_Select(
899			'keylen',
900			'Key length',
901			2048,
902			array(
903			512 => '512 bits',
904			1024 => '1024 bits',
905	16897690	jim-p	2048 => '2048 bits',
906	d5018c6a	stilez	3072 => '3072 bits',
907	f14ff867	Phil Davis	4096 => '4096 bits',
908	d5018c6a	stilez	7680 => '7680 bits',
909			8192 => '8192 bits',
910			15360 => '15360 bits',
911			16384 => '16384 bits'
912	f14ff867	Phil Davis	)
913	d5018c6a	stilez	))->setHelp('The larger the key, the more security it offers, but larger keys take considerably more time to generate, and take slightly longer to validate leading to a slight slowdown in setting up new sessions (not always noticeable). As of 2016, 2048 bit is the minimum and most common selection and 4096 is the maximum in common use. For more information see <a href="https://keylength.com">keylength.com</a>.');
914	7411c285	Stephen Beaver
915	f14ff867	Phil Davis	$section->addInput(new Form_Input(
916			'lifetime',
917			'Lifetime',
918			'number',
919			$pconfig['lifetime']
920			));
921	7411c285	Stephen Beaver	}
922
923	f14ff867	Phil Davis	$form->add($section);
924			}
925
926	7411c285	Stephen Beaver	endif;
927			// ==== Paste a key for the new user
928	4ee51131	Sjon Hortensius	$section = new Form_Section('Keys');
929
930	35e0cd70	Stephen Beaver	$section->addInput(new Form_Checkbox(
931			'showkey',
932			'Authorized keys',
933			'Click to paste an authorized key',
934			false
935			));
936
937	4ee51131	Sjon Hortensius	$section->addInput(new Form_Textarea(
938			'authorizedkeys',
939	d1e73829	Stephen Beaver	'Authorized SSH Keys',
940	4ee51131	Sjon Hortensius	$pconfig['authorizedkeys']
941	d1e73829	Stephen Beaver	))->setHelp('Enter authorized SSH keys for this user');
942	4ee51131	Sjon Hortensius
943	35e0cd70	Stephen Beaver	$section->addInput(new Form_Input(
944	4ee51131	Sjon Hortensius	'ipsecpsk',
945			'IPsec Pre-Shared Key',
946			'text',
947			$pconfig['ipsecpsk']
948			));
949
950			$form->add($section);
951	7411c285	Stephen Beaver
952	a0165602	Sjon Hortensius	print $form;
953	8bab524e	Phil Davis
954			$csswarning = sprintf(gettext("%sUser-created themes are unsupported, use at your own risk."), "<br />");
955	7411c285	Stephen Beaver	?>
956	8fd9052f	Colin Fleming	<script type="text/javascript">
957	7411c285	Stephen Beaver	//<![CDATA[
958	d61309a0	Phil Davis	events.push(function() {
959	7411c285	Stephen Beaver
960	8bab524e	Phil Davis	function setcustomoptions() {
961			var adv = $('#customsettings').prop('checked');
962
963			hideInput('webguicss', !adv);
964			hideInput('webguifixedmenu', !adv);
965			hideInput('webguihostnamemenu', !adv);
966			hideInput('dashboardcolumns', !adv);
967			hideCheckbox('dashboardavailablewidgetspanel', !adv);
968			hideCheckbox('systemlogsfilterpanel', !adv);
969			hideCheckbox('systemlogsmanagelogpanel', !adv);
970			hideCheckbox('statusmonitoringsettingspanel', !adv);
971			hideCheckbox('webguileftcolumnhyper', !adv);
972			hideCheckbox('pagenamefirst', !adv);
973			}
974
975			// Handle displaying a warning message if a user-created theme is selected.
976			function setThemeWarning() {
977			if ($('#webguicss').val().startsWith("pfSense")) {
978			$('#csstxt').html("").addClass("text-default");
979			} else {
980			$('#csstxt').html("<?=$csswarning?>").addClass("text-danger");
981			}
982			}
983
984			$('#webguicss').change(function() {
985			setThemeWarning();
986			});
987
988			setThemeWarning();
989
990	7411c285	Stephen Beaver	// On click . .
991	8bab524e	Phil Davis	$('#customsettings').click(function () {
992			setcustomoptions();
993			});
994
995	7411c285	Stephen Beaver	$("#movetodisabled").click(function() {
996			moveOptions($('[name="groups[]"] option'), $('[name="sysgroups[]"]'));
997			});
998
999			$("#movetoenabled").click(function() {
1000			moveOptions($('[name="sysgroups[]"] option'), $('[name="groups[]"]'));
1001			});
1002
1003			$("#showcert").click(function() {
1004			hideClass('cert-options', !this.checked);
1005			});
1006
1007			$("#showkey").click(function() {
1008	35e0cd70	Stephen Beaver	hideInput('authorizedkeys', false);
1009			hideCheckbox('showkey', true);
1010	7411c285	Stephen Beaver	});
1011
1012	98402844	Stephen Beaver	$('[id^=delcert]').click(function(event) {
1013	d61309a0	Phil Davis	if (confirm(event.target.title)) {
1014	98402844	Stephen Beaver	$('#certid').val(event.target.id.match(/\d+$/)[0]);
1015			$('#userid').val('<?=$id;?>');
1016			$('#act').val('delcert');
1017			$('form').submit();
1018			}
1019			});
1020	945204b1	Stephen Beaver
1021	408d0882	heper	$('[id^=delprivid]').click(function(event) {
1022	d61309a0	Phil Davis	if (confirm(event.target.title)) {
1023	4c879f95	heper	$('#privid').val(event.target.id.match(/\d+$/)[0]);
1024	408d0882	heper	$('#userid').val('<?=$id;?>');
1025			$('#act').val('delprivid');
1026			$('form').submit();
1027			}
1028			});
1029	64c31615	Stephen Beaver
1030	53c38ff1	Stephen Beaver	$('#expires').datepicker();
1031	98402844	Stephen Beaver
1032	eef93144	Jared Dillard	// ---------- On initial page load ------------------------------------------------------------
1033
1034			hideClass('cert-options', true);
1035			//hideInput('authorizedkeys', true);
1036	d1e73829	Stephen Beaver	hideCheckbox('showkey', true);
1037	8bab524e	Phil Davis	setcustomoptions();
1038	7411c285	Stephen Beaver
1039			// On submit mark all the user's groups as "selected"
1040	d61309a0	Phil Davis	$('form').submit(function() {
1041	7411c285	Stephen Beaver	AllServers($('[name="groups[]"] option'), true);
1042			});
1043			});
1044			//]]>
1045			</script>
1046			<?php
1047	bb1b5c6f	heper	include('foot.inc');
1048	d6b79c39	Phil Davis	?>

Project

General

Profile

pfSense