Project

General

Profile

Download (25.7 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
    system_usermanager.php
5
    part of m0n0wall (http://m0n0.ch/wall)
6

    
7
    Copyright (C) 2008 Shrew Soft Inc.
8
    All rights reserved.
9

    
10
    Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
11
    All rights reserved.
12

    
13
    Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
14
    All rights reserved.
15

    
16
    Redistribution and use in source and binary forms, with or without
17
    modification, are permitted provided that the following conditions are met:
18

    
19
    1. Redistributions of source code must retain the above copyright notice,
20
       this list of conditions and the following disclaimer.
21

    
22
    2. Redistributions in binary form must reproduce the above copyright
23
       notice, this list of conditions and the following disclaimer in the
24
       documentation and/or other materials provided with the distribution.
25

    
26
    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
27
    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
28
    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
29
    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
30
    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31
    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32
    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33
    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35
    POSSIBILITY OF SUCH DAMAGE.
36
*/
37

    
38
##|+PRIV
39
##|*IDENT=page-system-usermanager
40
##|*NAME=System: User Manager page
41
##|*DESCR=Allow access to the 'System: User Manager' page.
42
##|*MATCH=system_usermanager.php*
43
##|-PRIV
44

    
45

    
46
require("guiconfig.inc");
47

    
48
if (isAllowedPage("system_usermanager")) {
49

    
50
	// start admin user code
51
	$pgtitle = array("System","User Manager");
52

    
53
	$id = $_GET['id'];
54
	if (isset($_POST['id']))
55
		$id = $_POST['id'];
56

    
57
	if (!is_array($config['system']['user'])) 
58
		$config['system']['user'] = array();
59

    
60
	$a_user = &$config['system']['user'];
61

    
62
	if ($_GET['act'] == "deluser") {
63

    
64
		if (!$a_user[$id]) {
65
			pfSenseHeader("system_usermanager.php");
66
			exit;
67
		}
68

    
69
		local_user_del($a_user[$id]);
70
		$userdeleted = $a_user[$id]['name'];
71
		unset($a_user[$id]);
72
		write_config();
73
		$savemsg = gettext("User")." {$userdeleted} ".
74
					gettext("successfully deleted")."<br/>";
75
	}
76

    
77
	if ($_GET['act'] == "delpriv") {
78

    
79
		if (!$a_user[$id]) {
80
			pfSenseHeader("system_usermanager.php");
81
			exit;
82
		}
83

    
84
		$privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name'];
85
		unset($a_user[$id]['priv'][$_GET['privid']]);
86
		write_config();
87
		$_GET['act'] = "edit";
88
		$savemsg = gettext("Privilege")." {$privdeleted} ".
89
					gettext("successfully deleted")."<br/>";
90
	}
91

    
92
	if ($_GET['act'] == "expcert") {
93

    
94
		if (!$a_user[$id]) {
95
			pfSenseHeader("system_usermanager.php");
96
			exit;
97
		}
98

    
99
		$cert =& $a_user[$id]['cert'][$_GET['certid']];
100

    
101
		$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.crt");
102
		$exp_data = base64_decode($cert['crt']);
103
		$exp_size = strlen($exp_data);
104

    
105
		header("Content-Type: application/octet-stream");
106
		header("Content-Disposition: attachment; filename={$exp_name}");
107
		header("Content-Length: $exp_size");
108
		echo $exp_data;
109
		exit;
110
	}
111

    
112
	if ($_GET['act'] == "expckey") {
113

    
114
		if (!$a_user[$id]) {
115
			pfSenseHeader("system_usermanager.php");
116
			exit;
117
		}
118

    
119
		$cert =& $a_user[$id]['cert'][$_GET['certid']];
120

    
121
		$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.key");
122
		$exp_data = base64_decode($cert['prv']);
123
		$exp_size = strlen($exp_data);
124

    
125
		header("Content-Type: application/octet-stream");
126
		header("Content-Disposition: attachment; filename={$exp_name}");
127
		header("Content-Length: $exp_size");
128
		echo $exp_data;
129
		exit;
130
	}
131

    
132
	if ($_GET['act'] == "delcert") {
133

    
134
		if (!$a_user[$id]) {
135
			pfSenseHeader("system_usermanager.php");
136
			exit;
137
		}
138

    
139
		$certdeleted = $a_user[$id]['cert'][$_GET['certid']]['name'];
140
		unset($a_user[$id]['cert'][$_GET['certid']]);
141
		write_config();
142
		$_GET['act'] = "edit";
143
		$savemsg = gettext("Certificate")." {$certdeleted} ".
144
					gettext("successfully deleted")."<br/>";
145
	}
146

    
147
	if ($_GET['act'] == "edit") {
148
		if (isset($id) && $a_user[$id]) {
149
			$pconfig['usernamefld'] = $a_user[$id]['name'];
150
			$pconfig['fullname'] = $a_user[$id]['fullname'];
151
			$pconfig['expires'] = $a_user[$id]['expires'];
152
			$pconfig['groups'] = local_user_get_groups($a_user[$id]);
153
			$pconfig['utype'] = $a_user[$id]['scope'];
154
			$pconfig['uid'] = $a_user[$id]['uid'];
155
			$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
156
			$pconfig['priv'] = $a_user[$id]['priv'];
157
		}
158
	}
159

    
160
	if ($_GET['act'] == "new") {
161
		/*
162
		 * set this value cause the text field is read only
163
		 * and the user should not be able to mess with this
164
		 * setting.
165
		 */
166
		$pconfig['utype'] = "user";
167
	}
168

    
169
	if ($_POST) {
170
		conf_mount_rw();
171
		unset($input_errors);
172
		$pconfig = $_POST;
173

    
174
		/* input validation */
175
		if (isset($id) && ($a_user[$id])) {
176
			$reqdfields = explode(" ", "usernamefld");
177
			$reqdfieldsn = explode(",", "Username");
178
		} else {
179
			$reqdfields = explode(" ", "usernamefld passwordfld1");
180
			$reqdfieldsn = explode(",", "Username,Password");
181
		}
182

    
183
		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
184

    
185
		if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
186
			$input_errors[] = gettext("The username contains invalid characters.");
187

    
188
		if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
189
			$input_errors[] = gettext("The passwords do not match.");
190

    
191
		/* make sure this user name is unique */
192
		if (!$input_errors && !(isset($id) && $a_user[$id])) {
193
			foreach ($a_user as $userent) {
194
				if ($userent['name'] == $_POST['usernamefld']) {
195
					$input_errors[] = gettext("Another entry with the same username already exists.");
196
					break;
197
				}
198
			}
199
		}
200

    
201
		/*
202
		 * Check for a valid expirationdate if one is set at all (valid means,
203
		 * strtotime() puts out a time stamp so any strtotime compatible time
204
		 * format may be used. to keep it simple for the enduser, we only
205
		 * claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
206
		 * like "+1 day", which will be converted to MM/DD/YYYY based on "now".
207
		 * Otherwhise such an entry would lead to an invalid expiration data.
208
		 */
209
		if ($_POST['expires']){
210
			if(strtotime($_POST['expires']) > 0){
211
				if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($_POST['expires'])))) {
212
					$input_errors[] = "The expiration date lies in the past.";
213
				} else {
214
					//convert from any strtotime compatible date to MM/DD/YYYY
215
					$expdate = strtotime($_POST['expires']);
216
					$_POST['expires'] = date("m/d/Y",$expdate);
217
				}
218
			} else {
219
				$input_errors[] = "Invalid expiration date format; use MM/DD/YYYY instead.";
220
			}
221
		}
222

    
223
		if (isset($config['system']['ssh']['sshdkeyonly']) && empty($_POST['authorizedkeys']))
224
			$input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system.");
225

    
226
		/* if this is an AJAX caller then handle via JSON */
227
		if (isAjax() && is_array($input_errors)) {
228
			input_errors2Ajax($input_errors);
229
			exit;
230
		}
231

    
232
		if (!$input_errors) {
233
			$userent = array();
234
			if (isset($id) && $a_user[$id])
235
				$userent = $a_user[$id];
236

    
237
			isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
238

    
239
			/* the user name was modified */
240
			if ($_POST['usernamefld'] <> $_POST['oldusername'])
241
				$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
242

    
243
			/* the user password was mofified */
244
			if ($_POST['passwordfld1'])
245
				local_user_set_password($userent, $_POST['passwordfld1']);
246

    
247
			$userent['name'] = $_POST['usernamefld'];
248
			$userent['fullname'] = $_POST['fullname'];
249
			$userent['expires'] = $_POST['expires'];
250
			$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
251

    
252
			if (isset($id) && $a_user[$id])
253
				$a_user[$id] = $userent;
254
			else {
255
				$userent['uid'] = $config['system']['nextuid']++;
256
				$a_user[] = $userent;
257
			}
258

    
259
			local_user_set($userent);
260
			local_user_set_groups($userent,$_POST['groups']);
261
			write_config();
262

    
263
			conf_mount_ro();
264
			
265
			pfSenseHeader("system_usermanager.php");
266
		}
267
	}
268

    
269
	include("head.inc");
270
?>
271

    
272
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
273
<?php include("fbegin.inc"); ?>
274
<!--
275
//Date Time Picker script- by TengYong Ng of http://www.rainforestnet.com
276
//Script featured on JavaScript Kit (http://www.javascriptkit.com)
277
//For this script, visit http://www.javascriptkit.com
278
// -->
279
<script language="javascript" type="text/javascript" src="javascript/datetimepicker.js"></script>
280
<script language="JavaScript">
281
<!--
282

    
283
function setall_selected(id) {
284
	selbox = document.getElementById(id);
285
	count = selbox.options.length;
286
	for (index = 0; index<count; index++)
287
		selbox.options[index].selected = true;
288
}
289

    
290
function clear_selected(id) {
291
	selbox = document.getElementById(id);
292
	count = selbox.options.length;
293
	for (index = 0; index<count; index++)
294
		selbox.options[index].selected = false;
295
}
296

    
297
function remove_selected(id) {
298
	selbox = document.getElementById(id);
299
	index = selbox.options.length - 1;
300
	for (; index >= 0; index--)
301
		if (selbox.options[index].selected)
302
			selbox.remove(index);
303
}
304

    
305
function copy_selected(srcid, dstid) {
306
	src_selbox = document.getElementById(srcid);
307
	dst_selbox = document.getElementById(dstid);
308
	count = src_selbox.options.length;
309
	for (index = 0; index < count; index++) {
310
		if (src_selbox.options[index].selected) {
311
			option = document.createElement('option');
312
			option.text = src_selbox.options[index].text;
313
			option.value = src_selbox.options[index].value;
314
			dst_selbox.add(option, null);
315
		}
316
	}
317
}
318

    
319
function move_selected(srcid, dstid) {
320
	copy_selected(srcid, dstid);
321
	remove_selected(srcid);
322
}
323

    
324
function presubmit() {
325
	clear_selected('notgroups');
326
	setall_selected('groups');
327
}
328

    
329
//-->
330
</script>
331
<?php
332
	if ($input_errors)
333
		print_input_errors($input_errors);
334
	if ($savemsg)
335
		print_info_box($savemsg);
336
?>
337
<table width="100%" border="0" cellpadding="0" cellspacing="0">
338
	<tr>
339
		<td>
340
		<?php
341
			$tab_array = array();
342
			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
343
			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
344
			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
345
			$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
346
			display_top_tabs($tab_array);
347
		?>
348
		</td>
349
	</tr>
350
	<tr>
351
		<td id="mainarea">
352
			<div class="tabcont">
353

    
354
				<?php if ($_GET['act'] == "new" || $_GET['act'] == "edit" || $input_errors): ?>
355

    
356
				<form action="system_usermanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
357
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
358
						<?php
359
							$ro = "";
360
							if ($pconfig['utype'] == "system")
361
								$ro = "readonly = \"readonly\"";
362
						?>
363
	                    <tr>
364
	                        <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td>
365
	                        <td width="78%" class="vtable">
366
	                            <strong><?=strtoupper($pconfig['utype']);?></strong>
367
								<input name="utype" type="hidden" value="<?=$pconfig['utype']?>"/>
368
	                        </td>
369
	                    </tr>
370
						<tr>
371
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td>
372
							<td width="78%" class="vtable">
373
								<input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?>/>
374
								<input name="oldusername" type="hidden" id="oldusername" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" />
375
							</td>
376
						</tr>
377
						<tr>
378
							<td width="22%" valign="top" class="vncellreq" rowspan="2"><?=gettext("Password");?></td>
379
							<td width="78%" class="vtable">
380
								<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" value="" />
381
							</td>
382
						</tr>
383
						<tr>
384
							<td width="78%" class="vtable">
385
								<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" value="" />&nbsp;<?= gettext("(confirmation)"); ?>
386
							</td>
387
						</tr>
388
						<tr>
389
							<td width="22%" valign="top" class="vncell"><?=gettext("Full name");?></td>
390
							<td width="78%" class="vtable">
391
								<input name="fullname" type="text" class="formfld unknown" id="fullname" size="20" value="<?=htmlspecialchars($pconfig['fullname']);?>" <?=$ro;?>/>
392
								<br/>
393
								<?=gettext("User's full name, for your own information only");?>
394
							</td>
395
						</tr>
396
						<tr>
397
							<td width="22%" valign="top" class="vncell">Expiration date</td>
398
							<td width="78%" class="vtable">
399
								<input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=$pconfig['expires'];?>">
400
								<a href="javascript:NewCal('expires','mmddyyyy')">
401
									<img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_cal.gif" width="16" height="16" border="0" alt="Pick a date">
402
								</a>
403
								<br>
404
								<span class="vexpl">Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy</span></td>
405
						</tr>
406
						<tr>
407
							<td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td>
408
							<td width="78%" class="vtable" align="center">
409
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
410
									<tr>
411
										<td align="center" width="50%">
412
											<strong>Not Member Of</strong><br/>
413
											<br/>
414
											<select size="10" style="width: 75%" name="notgroups[]" class="formselect" id="notgroups" onChange="clear_selected('groups')" multiple>
415
												<?php
416
													foreach ($config['system']['group'] as $group):
417
														if ($group['gid'] == 1998) /* all users group */
418
															continue;
419
														if (in_array($group['name'],$pconfig['groups']))
420
															continue;
421
												?>
422
												<option value="<?=$group['name'];?>" <?=$selected;?>>
423
													<?=htmlspecialchars($group['name']);?>
424
												</option>
425
												<?php endforeach; ?>
426
											</select>
427
											<br/>
428
										</td>
429
										<td>
430
											<br/>
431
											<a href="javascript:move_selected('notgroups','groups')">
432
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="Add Groups" alt="Add Groups" width="17" height="17" border="0" />
433
											</a>
434
											<br/><br/>
435
											<a href="javascript:move_selected('groups','notgroups')">
436
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="Remove Groups" alt="Remove Groups" width="17" height="17" border="0" />
437
											</a>
438
										</td>
439
										<td align="center" width="50%">
440
											<strong>Member Of</strong><br/>
441
											<br/>
442
											<select size="10" style="width: 75%" name="groups[]" class="formselect" id="groups" onChange="clear_selected('nogroups')" multiple>
443
												<?php
444
													foreach ($config['system']['group'] as $group):
445
														if ($group['gid'] == 1998) /* all users group */
446
															continue;
447
														if (!in_array($group['name'],$pconfig['groups']))
448
															continue;
449
												?>
450
												<option value="<?=$group['name'];?>">
451
													<?=htmlspecialchars($group['name']);?>
452
												</option>
453
												<?php endforeach; ?>
454
											</select>
455
											<br/>
456
										</td>
457
									</tr>
458
								</table>
459
								<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
460
							</td>
461
						</tr>
462

    
463
						<?php if ($pconfig['uid']): ?>
464

    
465
						<tr>
466
							<td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td>
467
							<td width="78%" class="vtable">
468
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
469
									<tr>
470
										<td width="20%" class="listhdrr"><?=gettext("Inherited From");?></td>
471
										<td width="30%" class="listhdrr"><?=gettext("Name");?></td>
472
										<td width="40%" class="listhdrr"><?=gettext("Description");?></td>
473
										<td class="list"></td>
474
									</tr>
475
									<?php
476
											
477
										$privdesc = get_user_privdesc($a_user[$id]);
478
										if(is_array($privdesc)):
479
											$i = 0;
480
											foreach ($privdesc as $priv):
481
											$group = false;
482
											if ($priv['group'])
483
												$group = $priv['group'];
484
									?>
485
									<tr>
486
										<td class="listlr"><?=$group;?></td>
487
										<td class="listr">
488
											<?=htmlspecialchars($priv['name']);?>
489
										</td>
490
										<td class="listbg">
491
												<?=htmlspecialchars($priv['descr']);?>
492
										</td>
493
										<td valign="middle" nowrap class="list">
494
											<?php if (!$group): ?>
495
											<a href="system_usermanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')">
496
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" />
497
											</a>
498
											<?php endif; ?>
499
										</td>
500
									</tr>
501
									<?php
502
											/* can only delete user priv indexes */
503
											if (!$group)
504
												$i++;
505
											endforeach;
506
										endif;
507
									?>
508
									<tr>
509
										<td class="list" colspan="3"></td>
510
										<td class="list">
511
											<a href="system_usermanager_addprivs.php?userid=<?=$id?>">
512
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
513
											</a>
514
										</td>
515
									</tr>
516
								</table>
517
							</td>
518
						</tr>
519
						<tr>
520
							<td width="22%" valign="top" class="vncell"><?=gettext("User Certificates");?></td>
521
							<td width="78%" class="vtable">
522
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
523
									<tr>
524
										<td width="45%" class="listhdrr"><?=gettext("Name");?></td>
525
										<td width="45%" class="listhdrr"><?=gettext("CA");?></td>
526
										<td class="list"></td>
527
									</tr>
528
									<?php
529
										
530
										$a_cert = $a_user[$id]['cert'];
531
										if(is_array($a_cert)):
532
											$i = 0;
533
											foreach ($a_cert as $cert):
534
						                        $ca = lookup_ca($cert['caref']);
535
									?>
536
									<tr>
537
										<td class="listlr">
538
											<?=htmlspecialchars($cert['name']);?>
539
										</td>
540
										<td class="listr">
541
											<?=htmlspecialchars($ca['name']);?>
542
										</td>
543
										<td valign="middle" nowrap class="list">
544
											<a href="system_usermanager.php?act=expckey&id=<?=$id;?>&certid=<?=$i;?>">
545
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export private key" alt="export private key" width="17" height="17" border="0" />
546
											</a>
547
											<a href="system_usermanager.php?act=expcert&id=<?=$id;?>&certid=<?=$i;?>">
548
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export cert" alt="export cert" width="17" height="17" border="0" />
549
											</a>
550
											<a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this certificate?");?>')">
551
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete cert" />
552
											</a>
553
										</td>
554
									</tr>
555
									<?php
556
												$i++;
557
											endforeach;
558
										endif;
559
									?>
560
									<tr>
561
										<td class="list" colspan="2"></td>
562
										<td class="list">
563
											<a href="system_usermanager_addcert.php?userid=<?=$id?>">
564
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
565
											</a>
566
										</td>
567
									</tr>
568
								</table>
569
							</td>
570
						</tr>
571

    
572
						<?php endif; ?>
573

    
574
						<tr>
575
							<td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
576
							<td width="78%" class="vtable">
577
								<textarea name="authorizedkeys" cols="65" rows="7" id="authorizedkeys" class="formfld_cert" wrap="off"><?=htmlspecialchars($pconfig['authorizedkeys']);?></textarea>
578
								<br/>
579
								<?=gettext("Paste an authorized keys file here.");?>
580
							</td>
581
						</tr>
582
						<tr>
583
							<td width="22%" valign="top">&nbsp;</td>
584
							<td width="78%">
585
								<input id="submit" name="save" type="submit" class="formbtn" value="Save" />
586
								<?php if (isset($id) && $a_user[$id]): ?>
587
								<input name="id" type="hidden" value="<?=$id;?>" />
588
								<?php endif;?>
589
							</td>
590
						</tr>
591
					</table>
592
				</form>
593

    
594
				<?php else: ?>
595

    
596
				<table width="100%" border="0" cellpadding="0" cellspacing="0">
597
					<tr>
598
						<td width="25%" class="listhdrr">Username</td>
599
						<td width="25%" class="listhdrr">Full name</td>
600
						<td width="30%" class="listhdrr">Groups</td>
601
						<td width="10%" class="list"></td>
602
					</tr>
603
					<?php
604
						$i = 0;
605
						foreach($a_user as $userent):
606
					?>
607
					<tr ondblclick="document.location='system_usermanager.php?act=edit&id=<?=$i;?>'">
608
						<td class="listlr">
609
							<table border="0" cellpadding="0" cellspacing="0">
610
								<tr>
611
									<td align="left" valign="center">
612
										<?php
613
											if($userent['scope'] != "user")
614
												$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png";
615
											else
616
												$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png";
617
										?>
618
										<img src="<?=$usrimg;?>" alt="User" title="User" border="0" height="16" width="16" />
619
									</td>
620
									<td align="left" valign="middle">
621
										<?=htmlspecialchars($userent['name']);?>
622
									</td>
623
								</tr>
624
							</table>
625
						</td>
626
						<td class="listr"><?=htmlspecialchars($userent['fullname']);?>&nbsp;</td>
627
						<td class="listbg">
628
								<?=implode(",",local_user_get_groups($userent));?>
629
							&nbsp;
630
						</td>
631
						<td valign="middle" nowrap class="list">
632
							<a href="system_usermanager.php?act=edit&id=<?=$i;?>">
633
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="edit user" alt="edit user" width="17" height="17" border="0" />
634
							</a>
635
							<?php if($userent['scope'] != "system"): ?>
636
							&nbsp;
637
							<a href="system_usermanager.php?act=deluser&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')">
638
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete user" alt="delete user" width="17" height="17" border="0" />
639
							</a>
640
							<?php endif; ?>
641
						</td>
642
					</tr>
643
					<?php
644
							$i++;
645
						endforeach;
646
					?>
647
					<tr>
648
						<td class="list" colspan="3"></td>
649
						<td class="list">
650
							<a href="system_usermanager.php?act=new">
651
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add user" alt="add user" width="17" height="17" border="0" />
652
							</a>
653
						</td>
654
					</tr>
655
					<tr>
656
						<td colspan="3">
657
							<p>
658
								<?=gettext("Additional webConfigurator users can be added here.");?>
659
								<?=gettext("User permissions can be assinged diretly or inherited from group memberships.");?>
660
								<?=gettext("An icon that appears grey indicates that it is a system defined object.");?>
661
								<?=gettext("Some system object properties can be modified but they cannot be deleted.");?>
662
							</p>
663
						</td>
664
					</tr>
665
				</table>
666

    
667
				<?php endif; ?>
668

    
669
			</div>
670
		</td>
671
	</tr>
672
</table>
673
<?php include("fend.inc");?>
674
</body>
675

    
676
<?php
677

    
678
	// end admin user code
679

    
680
} else {
681

    
682
	// start normal user code
683

    
684
	$pgtitle = array("System","User Password");
685

    
686
	if (isset($_POST['save'])) {
687
		unset($input_errors);
688

    
689
		/* input validation */
690
		$reqdfields = explode(" ", "passwordfld1");
691
		$reqdfieldsn = explode(",", "Password");
692

    
693
		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
694

    
695
		if ($_POST['passwordfld1'] != $_POST['passwordfld2'])
696
			$input_errors[] = "The passwords do not match.";
697

    
698
		if (!$input_errors) {
699
			// all values are okay --> saving changes
700
			$config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1']));
701

    
702
			write_config();
703
			$savemsg = "Password successfully changed<br />";
704
		}
705
	}
706

    
707
	/* deterimine if user is not local to system */
708
	$islocal = false;
709
	foreach($config['system']['user'] as $user) 
710
		if($user['name'] == $_SESSION['Username'])
711
			$islocal = true;
712
?>
713

    
714
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
715
<?php
716
    include("head.inc");
717
	include("fbegin.inc");
718
	if ($input_errors)
719
		print_input_errors($input_errors);
720
	if ($savemsg)
721
		print_info_box($savemsg);
722

    
723
	if($islocal == false) {
724
		echo "Sorry, you cannot change the password for a LDAP user.";
725
		include("fend.inc");
726
		exit;
727
	}
728
?>
729
<div id="mainarea">
730
	<div class="tabcont">
731
		<form action="system_usermanager.php" method="post" name="iform" id="iform">
732
			<table width="100%" border="0" cellpadding="6" cellspacing="0">
733
				<tr>
734
					<td colspan="2" valign="top" class="listtopic"><?=$HTTP_SERVER_VARS['AUTH_USER']?>'s Password</td>
735
				</tr>
736
				<tr>
737
					<td width="22%" valign="top" class="vncell" rowspan="2">Password</td>
738
					<td width="78%" class="vtable">
739
						<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" />
740
					</td>
741
				</tr>
742
				<tr>
743
					<td width="78%" class="vtable">
744
						<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" />
745
						&nbsp;<?=gettext("(confirmation)");?>
746
						<br/>
747
						<span class="vexpl">
748
							<?=gettext("Select a new password");?>
749
						</span>
750
					</td>
751
				</tr>
752
				<tr>
753
					<td width="22%" valign="top">&nbsp;</td>
754
					<td width="78%">
755
						<input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
756
					</td>
757
				</tr>
758
			</table>
759
		</form>
760
	</div>
761
</div>
762
<?php include("fend.inc");?>
763
</body>
764

    
765
<?php
766

    
767
} // end of normal user code
768

    
769
?>
(192-192/218)