Project

General

Profile

Download (25.8 KB) Statistics
| Branch: | Tag: | Revision:
1 1df17ba9 Scott Ullrich
<?php
2
/* $Id$ */
3 fab7ff44 Bill Marquette
/*
4 1df17ba9 Scott Ullrich
    system_usermanager.php
5
    part of m0n0wall (http://m0n0.ch/wall)
6
7 6b07c15a Matthew Grooms
    Copyright (C) 2008 Shrew Soft Inc.
8
    All rights reserved.
9
10 1df17ba9 Scott Ullrich
    Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
11
    All rights reserved.
12
13
    Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
14
    All rights reserved.
15
16
    Redistribution and use in source and binary forms, with or without
17
    modification, are permitted provided that the following conditions are met:
18
19
    1. Redistributions of source code must retain the above copyright notice,
20
       this list of conditions and the following disclaimer.
21
22
    2. Redistributions in binary form must reproduce the above copyright
23
       notice, this list of conditions and the following disclaimer in the
24
       documentation and/or other materials provided with the distribution.
25
26
    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
27
    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
28
    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
29
    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
30
    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31
    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32
    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33
    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35
    POSSIBILITY OF SUCH DAMAGE.
36 fab7ff44 Bill Marquette
*/
37 1d333258 Scott Ullrich
/*
38
	pfSense_BUILDER_BINARIES:	
39
	pfSense_MODULE:	auth
40
*/
41 fab7ff44 Bill Marquette
42 6b07c15a Matthew Grooms
##|+PRIV
43
##|*IDENT=page-system-usermanager
44
##|*NAME=System: User Manager page
45
##|*DESCR=Allow access to the 'System: User Manager' page.
46
##|*MATCH=system_usermanager.php*
47
##|-PRIV
48
49 cb42f385 Ermal Lu?i
require_once("certs.inc");
50 fab7ff44 Bill Marquette
require("guiconfig.inc");
51
52 45ee90ed Matthew Grooms
if (isAllowedPage("system_usermanager")) {
53 31b53653 Scott Ullrich
54 45ee90ed Matthew Grooms
	// start admin user code
55
	$pgtitle = array("System","User Manager");
56 fab7ff44 Bill Marquette
57 45ee90ed Matthew Grooms
	$id = $_GET['id'];
58
	if (isset($_POST['id']))
59
		$id = $_POST['id'];
60 1df17ba9 Scott Ullrich
61 7e4a4513 Scott Ullrich
	if (!is_array($config['system']['user'])) 
62
		$config['system']['user'] = array();
63 1df17ba9 Scott Ullrich
64 6b07c15a Matthew Grooms
	$a_user = &$config['system']['user'];
65 45ee90ed Matthew Grooms
66 6b07c15a Matthew Grooms
	if ($_GET['act'] == "deluser") {
67 45ee90ed Matthew Grooms
68 58fdb8ad Matthew Grooms
		if (!$a_user[$id]) {
69 6b07c15a Matthew Grooms
			pfSenseHeader("system_usermanager.php");
70
			exit;
71 45ee90ed Matthew Grooms
		}
72
73 58fdb8ad Matthew Grooms
		local_user_del($a_user[$id]);
74
		$userdeleted = $a_user[$id]['name'];
75
		unset($a_user[$id]);
76 6b07c15a Matthew Grooms
		write_config();
77
		$savemsg = gettext("User")." {$userdeleted} ".
78
					gettext("successfully deleted")."<br/>";
79
	}
80
81
	if ($_GET['act'] == "delpriv") {
82
83 58fdb8ad Matthew Grooms
		if (!$a_user[$id]) {
84 6b07c15a Matthew Grooms
			pfSenseHeader("system_usermanager.php");
85
			exit;
86 45ee90ed Matthew Grooms
		}
87 6b07c15a Matthew Grooms
88
		$privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name'];
89
		unset($a_user[$id]['priv'][$_GET['privid']]);
90
		write_config();
91
		$_GET['act'] = "edit";
92
		$savemsg = gettext("Privilege")." {$privdeleted} ".
93
					gettext("successfully deleted")."<br/>";
94 45ee90ed Matthew Grooms
	}
95
96 93823b10 Matthew Grooms
	if ($_GET['act'] == "expcert") {
97
98
		if (!$a_user[$id]) {
99
			pfSenseHeader("system_usermanager.php");
100
			exit;
101
		}
102
103
		$cert =& $a_user[$id]['cert'][$_GET['certid']];
104
105
		$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.crt");
106
		$exp_data = base64_decode($cert['crt']);
107
		$exp_size = strlen($exp_data);
108
109
		header("Content-Type: application/octet-stream");
110
		header("Content-Disposition: attachment; filename={$exp_name}");
111
		header("Content-Length: $exp_size");
112
		echo $exp_data;
113
		exit;
114
	}
115
116
	if ($_GET['act'] == "expckey") {
117
118
		if (!$a_user[$id]) {
119
			pfSenseHeader("system_usermanager.php");
120
			exit;
121
		}
122
123
		$cert =& $a_user[$id]['cert'][$_GET['certid']];
124
125
		$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.key");
126
		$exp_data = base64_decode($cert['prv']);
127
		$exp_size = strlen($exp_data);
128
129
		header("Content-Type: application/octet-stream");
130
		header("Content-Disposition: attachment; filename={$exp_name}");
131
		header("Content-Length: $exp_size");
132
		echo $exp_data;
133
		exit;
134
	}
135
136 58fdb8ad Matthew Grooms
	if ($_GET['act'] == "delcert") {
137
138
		if (!$a_user[$id]) {
139
			pfSenseHeader("system_usermanager.php");
140
			exit;
141
		}
142
143
		$certdeleted = $a_user[$id]['cert'][$_GET['certid']]['name'];
144
		unset($a_user[$id]['cert'][$_GET['certid']]);
145
		write_config();
146
		$_GET['act'] = "edit";
147
		$savemsg = gettext("Certificate")." {$certdeleted} ".
148
					gettext("successfully deleted")."<br/>";
149
	}
150
151 45ee90ed Matthew Grooms
	if ($_GET['act'] == "edit") {
152
		if (isset($id) && $a_user[$id]) {
153
			$pconfig['usernamefld'] = $a_user[$id]['name'];
154
			$pconfig['fullname'] = $a_user[$id]['fullname'];
155 0092b3bd mgrooms
			$pconfig['expires'] = $a_user[$id]['expires'];
156 659fa7f2 Matthew Grooms
			$pconfig['groups'] = local_user_get_groups($a_user[$id]);
157 45ee90ed Matthew Grooms
			$pconfig['utype'] = $a_user[$id]['scope'];
158
			$pconfig['uid'] = $a_user[$id]['uid'];
159
			$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
160 6b07c15a Matthew Grooms
			$pconfig['priv'] = $a_user[$id]['priv'];
161 45ee90ed Matthew Grooms
		}
162
	}
163
164
	if ($_GET['act'] == "new") {
165
		/*
166
		 * set this value cause the text field is read only
167
		 * and the user should not be able to mess with this
168
		 * setting.
169
		 */
170
		$pconfig['utype'] = "user";
171
	}
172
173
	if ($_POST) {
174 dff1a09d Scott Ullrich
		conf_mount_rw();
175 45ee90ed Matthew Grooms
		unset($input_errors);
176
		$pconfig = $_POST;
177
178
		/* input validation */
179
		if (isset($id) && ($a_user[$id])) {
180
			$reqdfields = explode(" ", "usernamefld");
181
			$reqdfieldsn = explode(",", "Username");
182
		} else {
183
			$reqdfields = explode(" ", "usernamefld passwordfld1");
184
			$reqdfieldsn = explode(",", "Username,Password");
185
		}
186
187
		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
188
189
		if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
190
			$input_errors[] = gettext("The username contains invalid characters.");
191
192
		if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
193
			$input_errors[] = gettext("The passwords do not match.");
194
195
		/* make sure this user name is unique */
196
		if (!$input_errors && !(isset($id) && $a_user[$id])) {
197
			foreach ($a_user as $userent) {
198
				if ($userent['name'] == $_POST['usernamefld']) {
199
					$input_errors[] = gettext("Another entry with the same username already exists.");
200
					break;
201
				}
202 58664cc9 Scott Ullrich
			}
203 7e4a4513 Scott Ullrich
		}
204 1df17ba9 Scott Ullrich
205 0092b3bd mgrooms
		/*
206
		 * Check for a valid expirationdate if one is set at all (valid means,
207
		 * strtotime() puts out a time stamp so any strtotime compatible time
208
		 * format may be used. to keep it simple for the enduser, we only
209
		 * claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
210
		 * like "+1 day", which will be converted to MM/DD/YYYY based on "now".
211
		 * Otherwhise such an entry would lead to an invalid expiration data.
212
		 */
213
		if ($_POST['expires']){
214
			if(strtotime($_POST['expires']) > 0){
215
				if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($_POST['expires'])))) {
216
					$input_errors[] = "The expiration date lies in the past.";
217
				} else {
218
					//convert from any strtotime compatible date to MM/DD/YYYY
219
					$expdate = strtotime($_POST['expires']);
220
					$_POST['expires'] = date("m/d/Y",$expdate);
221
				}
222
			} else {
223
				$input_errors[] = "Invalid expiration date format; use MM/DD/YYYY instead.";
224
			}
225
		}
226
227 fb1266d3 Matthew Grooms
		if (isset($config['system']['ssh']['sshdkeyonly']) && empty($_POST['authorizedkeys']))
228 45ee90ed Matthew Grooms
			$input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system.");
229 1df17ba9 Scott Ullrich
230 45ee90ed Matthew Grooms
		/* if this is an AJAX caller then handle via JSON */
231
		if (isAjax() && is_array($input_errors)) {
232
			input_errors2Ajax($input_errors);
233
			exit;
234
		}
235 1df17ba9 Scott Ullrich
236 45ee90ed Matthew Grooms
		if (!$input_errors) {
237
			$userent = array();
238
			if (isset($id) && $a_user[$id])
239
				$userent = $a_user[$id];
240 1df17ba9 Scott Ullrich
241 fb1266d3 Matthew Grooms
			isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
242
243 659fa7f2 Matthew Grooms
			/* the user name was modified */
244 45ee90ed Matthew Grooms
			if ($_POST['usernamefld'] <> $_POST['oldusername'])
245
				$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
246 7e4a4513 Scott Ullrich
247 659fa7f2 Matthew Grooms
			/* the user password was mofified */
248
			if ($_POST['passwordfld1'])
249
				local_user_set_password($userent, $_POST['passwordfld1']);
250
251 45ee90ed Matthew Grooms
			$userent['name'] = $_POST['usernamefld'];
252
			$userent['fullname'] = $_POST['fullname'];
253 0092b3bd mgrooms
			$userent['expires'] = $_POST['expires'];
254 fb1266d3 Matthew Grooms
			$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
255 1df17ba9 Scott Ullrich
256 45ee90ed Matthew Grooms
			if (isset($id) && $a_user[$id])
257
				$a_user[$id] = $userent;
258
			else {
259
				$userent['uid'] = $config['system']['nextuid']++;
260
				$a_user[] = $userent;
261
			}
262 1df17ba9 Scott Ullrich
263 659fa7f2 Matthew Grooms
			local_user_set($userent);
264
			local_user_set_groups($userent,$_POST['groups']);
265 45ee90ed Matthew Grooms
			write_config();
266 1df17ba9 Scott Ullrich
267 dff1a09d Scott Ullrich
			conf_mount_ro();
268
			
269 45ee90ed Matthew Grooms
			pfSenseHeader("system_usermanager.php");
270
		}
271
	}
272 fab7ff44 Bill Marquette
273 45ee90ed Matthew Grooms
	include("head.inc");
274 1df17ba9 Scott Ullrich
?>
275 fab7ff44 Bill Marquette
276 1df17ba9 Scott Ullrich
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
277 6b07c15a Matthew Grooms
<?php include("fbegin.inc"); ?>
278 0092b3bd mgrooms
<!--
279
//Date Time Picker script- by TengYong Ng of http://www.rainforestnet.com
280
//Script featured on JavaScript Kit (http://www.javascriptkit.com)
281
//For this script, visit http://www.javascriptkit.com
282
// -->
283 9344dd7b mgrooms
<script language="javascript" type="text/javascript" src="javascript/datetimepicker.js"></script>
284 6b07c15a Matthew Grooms
<script language="JavaScript">
285
<!--
286
287
function setall_selected(id) {
288
	selbox = document.getElementById(id);
289
	count = selbox.options.length;
290
	for (index = 0; index<count; index++)
291
		selbox.options[index].selected = true;
292
}
293
294
function clear_selected(id) {
295
	selbox = document.getElementById(id);
296
	count = selbox.options.length;
297
	for (index = 0; index<count; index++)
298
		selbox.options[index].selected = false;
299
}
300
301
function remove_selected(id) {
302
	selbox = document.getElementById(id);
303
	index = selbox.options.length - 1;
304
	for (; index >= 0; index--)
305
		if (selbox.options[index].selected)
306
			selbox.remove(index);
307
}
308
309
function copy_selected(srcid, dstid) {
310
	src_selbox = document.getElementById(srcid);
311
	dst_selbox = document.getElementById(dstid);
312
	count = src_selbox.options.length;
313
	for (index = 0; index < count; index++) {
314
		if (src_selbox.options[index].selected) {
315
			option = document.createElement('option');
316
			option.text = src_selbox.options[index].text;
317
			option.value = src_selbox.options[index].value;
318
			dst_selbox.add(option, null);
319
		}
320
	}
321
}
322
323
function move_selected(srcid, dstid) {
324
	copy_selected(srcid, dstid);
325
	remove_selected(srcid);
326
}
327
328
function presubmit() {
329
	clear_selected('notgroups');
330
	setall_selected('groups');
331
}
332
333
//-->
334
</script>
335 1df17ba9 Scott Ullrich
<?php
336 45ee90ed Matthew Grooms
	if ($input_errors)
337
		print_input_errors($input_errors);
338
	if ($savemsg)
339
		print_info_box($savemsg);
340 1df17ba9 Scott Ullrich
?>
341 45ee90ed Matthew Grooms
<table width="100%" border="0" cellpadding="0" cellspacing="0">
342
	<tr>
343 e30001cf Matthew Grooms
		<td>
344 45ee90ed Matthew Grooms
		<?php
345
			$tab_array = array();
346
			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
347 6b07c15a Matthew Grooms
			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
348 45ee90ed Matthew Grooms
			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
349 d799787e Matthew Grooms
			$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
350 45ee90ed Matthew Grooms
			display_top_tabs($tab_array);
351
		?>
352
		</td>
353
	</tr>
354
	<tr>
355 e30001cf Matthew Grooms
		<td id="mainarea">
356
			<div class="tabcont">
357
358
				<?php if ($_GET['act'] == "new" || $_GET['act'] == "edit" || $input_errors): ?>
359
360
				<form action="system_usermanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
361
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
362
						<?php
363
							$ro = "";
364
							if ($pconfig['utype'] == "system")
365
								$ro = "readonly = \"readonly\"";
366
						?>
367
	                    <tr>
368
	                        <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td>
369
	                        <td width="78%" class="vtable">
370
	                            <strong><?=strtoupper($pconfig['utype']);?></strong>
371
								<input name="utype" type="hidden" value="<?=$pconfig['utype']?>"/>
372
	                        </td>
373
	                    </tr>
374
						<tr>
375
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td>
376
							<td width="78%" class="vtable">
377
								<input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?>/>
378
								<input name="oldusername" type="hidden" id="oldusername" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" />
379
							</td>
380
						</tr>
381
						<tr>
382
							<td width="22%" valign="top" class="vncellreq" rowspan="2"><?=gettext("Password");?></td>
383
							<td width="78%" class="vtable">
384
								<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" value="" />
385
							</td>
386
						</tr>
387
						<tr>
388
							<td width="78%" class="vtable">
389
								<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" value="" />&nbsp;<?= gettext("(confirmation)"); ?>
390
							</td>
391
						</tr>
392
						<tr>
393
							<td width="22%" valign="top" class="vncell"><?=gettext("Full name");?></td>
394
							<td width="78%" class="vtable">
395
								<input name="fullname" type="text" class="formfld unknown" id="fullname" size="20" value="<?=htmlspecialchars($pconfig['fullname']);?>" <?=$ro;?>/>
396
								<br/>
397
								<?=gettext("User's full name, for your own information only");?>
398
							</td>
399
						</tr>
400 0092b3bd mgrooms
						<tr>
401
							<td width="22%" valign="top" class="vncell">Expiration date</td>
402
							<td width="78%" class="vtable">
403
								<input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=$pconfig['expires'];?>">
404
								<a href="javascript:NewCal('expires','mmddyyyy')">
405
									<img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_cal.gif" width="16" height="16" border="0" alt="Pick a date">
406
								</a>
407
								<br>
408
								<span class="vexpl">Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy</span></td>
409
						</tr>
410 e30001cf Matthew Grooms
						<tr>
411
							<td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td>
412
							<td width="78%" class="vtable" align="center">
413
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
414
									<tr>
415
										<td align="center" width="50%">
416
											<strong>Not Member Of</strong><br/>
417
											<br/>
418
											<select size="10" style="width: 75%" name="notgroups[]" class="formselect" id="notgroups" onChange="clear_selected('groups')" multiple>
419
												<?php
420
													foreach ($config['system']['group'] as $group):
421
														if ($group['gid'] == 1998) /* all users group */
422
															continue;
423
														if (in_array($group['name'],$pconfig['groups']))
424
															continue;
425
												?>
426
												<option value="<?=$group['name'];?>" <?=$selected;?>>
427
													<?=htmlspecialchars($group['name']);?>
428
												</option>
429
												<?php endforeach; ?>
430
											</select>
431
											<br/>
432
										</td>
433
										<td>
434
											<br/>
435
											<a href="javascript:move_selected('notgroups','groups')">
436
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="Add Groups" alt="Add Groups" width="17" height="17" border="0" />
437
											</a>
438
											<br/><br/>
439
											<a href="javascript:move_selected('groups','notgroups')">
440
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="Remove Groups" alt="Remove Groups" width="17" height="17" border="0" />
441
											</a>
442
										</td>
443
										<td align="center" width="50%">
444
											<strong>Member Of</strong><br/>
445
											<br/>
446
											<select size="10" style="width: 75%" name="groups[]" class="formselect" id="groups" onChange="clear_selected('nogroups')" multiple>
447
												<?php
448
													foreach ($config['system']['group'] as $group):
449
														if ($group['gid'] == 1998) /* all users group */
450
															continue;
451
														if (!in_array($group['name'],$pconfig['groups']))
452
															continue;
453
												?>
454
												<option value="<?=$group['name'];?>">
455
													<?=htmlspecialchars($group['name']);?>
456
												</option>
457
												<?php endforeach; ?>
458
											</select>
459
											<br/>
460
										</td>
461
									</tr>
462
								</table>
463
								<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
464
							</td>
465
						</tr>
466
467
						<?php if ($pconfig['uid']): ?>
468
469
						<tr>
470
							<td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td>
471
							<td width="78%" class="vtable">
472
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
473
									<tr>
474
										<td width="20%" class="listhdrr"><?=gettext("Inherited From");?></td>
475
										<td width="30%" class="listhdrr"><?=gettext("Name");?></td>
476
										<td width="40%" class="listhdrr"><?=gettext("Description");?></td>
477
										<td class="list"></td>
478
									</tr>
479
									<?php
480
											
481
										$privdesc = get_user_privdesc($a_user[$id]);
482
										if(is_array($privdesc)):
483
											$i = 0;
484
											foreach ($privdesc as $priv):
485
											$group = false;
486
											if ($priv['group'])
487
												$group = $priv['group'];
488
									?>
489
									<tr>
490
										<td class="listlr"><?=$group;?></td>
491
										<td class="listr">
492
											<?=htmlspecialchars($priv['name']);?>
493
										</td>
494
										<td class="listbg">
495
												<?=htmlspecialchars($priv['descr']);?>
496
										</td>
497
										<td valign="middle" nowrap class="list">
498
											<?php if (!$group): ?>
499
											<a href="system_usermanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')">
500
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" />
501
											</a>
502
											<?php endif; ?>
503
										</td>
504
									</tr>
505
									<?php
506
											/* can only delete user priv indexes */
507
											if (!$group)
508
												$i++;
509
											endforeach;
510
										endif;
511
									?>
512
									<tr>
513
										<td class="list" colspan="3"></td>
514
										<td class="list">
515
											<a href="system_usermanager_addprivs.php?userid=<?=$id?>">
516
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
517
											</a>
518
										</td>
519
									</tr>
520
								</table>
521
							</td>
522
						</tr>
523
						<tr>
524
							<td width="22%" valign="top" class="vncell"><?=gettext("User Certificates");?></td>
525
							<td width="78%" class="vtable">
526
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
527
									<tr>
528
										<td width="45%" class="listhdrr"><?=gettext("Name");?></td>
529
										<td width="45%" class="listhdrr"><?=gettext("CA");?></td>
530
										<td class="list"></td>
531
									</tr>
532
									<?php
533
										
534
										$a_cert = $a_user[$id]['cert'];
535
										if(is_array($a_cert)):
536
											$i = 0;
537
											foreach ($a_cert as $cert):
538
						                        $ca = lookup_ca($cert['caref']);
539
									?>
540
									<tr>
541
										<td class="listlr">
542
											<?=htmlspecialchars($cert['name']);?>
543
										</td>
544
										<td class="listr">
545
											<?=htmlspecialchars($ca['name']);?>
546
										</td>
547
										<td valign="middle" nowrap class="list">
548
											<a href="system_usermanager.php?act=expckey&id=<?=$id;?>&certid=<?=$i;?>">
549
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export private key" alt="export private key" width="17" height="17" border="0" />
550
											</a>
551
											<a href="system_usermanager.php?act=expcert&id=<?=$id;?>&certid=<?=$i;?>">
552
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export cert" alt="export cert" width="17" height="17" border="0" />
553
											</a>
554
											<a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this certificate?");?>')">
555
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete cert" />
556
											</a>
557
										</td>
558
									</tr>
559
									<?php
560
												$i++;
561
											endforeach;
562
										endif;
563
									?>
564
									<tr>
565
										<td class="list" colspan="2"></td>
566
										<td class="list">
567
											<a href="system_usermanager_addcert.php?userid=<?=$id?>">
568
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
569
											</a>
570
										</td>
571
									</tr>
572
								</table>
573
							</td>
574
						</tr>
575 45ee90ed Matthew Grooms
576 e30001cf Matthew Grooms
						<?php endif; ?>
577 45ee90ed Matthew Grooms
578 e30001cf Matthew Grooms
						<tr>
579
							<td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
580
							<td width="78%" class="vtable">
581
								<textarea name="authorizedkeys" cols="65" rows="7" id="authorizedkeys" class="formfld_cert" wrap="off"><?=htmlspecialchars($pconfig['authorizedkeys']);?></textarea>
582
								<br/>
583
								<?=gettext("Paste an authorized keys file here.");?>
584
							</td>
585
						</tr>
586
						<tr>
587
							<td width="22%" valign="top">&nbsp;</td>
588
							<td width="78%">
589
								<input id="submit" name="save" type="submit" class="formbtn" value="Save" />
590
								<?php if (isset($id) && $a_user[$id]): ?>
591
								<input name="id" type="hidden" value="<?=$id;?>" />
592
								<?php endif;?>
593
							</td>
594
						</tr>
595
					</table>
596
				</form>
597
598
				<?php else: ?>
599
600
				<table width="100%" border="0" cellpadding="0" cellspacing="0">
601 45ee90ed Matthew Grooms
					<tr>
602 e30001cf Matthew Grooms
						<td width="25%" class="listhdrr">Username</td>
603
						<td width="25%" class="listhdrr">Full name</td>
604
						<td width="30%" class="listhdrr">Groups</td>
605
						<td width="10%" class="list"></td>
606 45ee90ed Matthew Grooms
					</tr>
607 e30001cf Matthew Grooms
					<?php
608
						$i = 0;
609
						foreach($a_user as $userent):
610
					?>
611
					<tr ondblclick="document.location='system_usermanager.php?act=edit&id=<?=$i;?>'">
612
						<td class="listlr">
613
							<table border="0" cellpadding="0" cellspacing="0">
614 6b07c15a Matthew Grooms
								<tr>
615 e30001cf Matthew Grooms
									<td align="left" valign="center">
616
										<?php
617
											if($userent['scope'] != "user")
618
												$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png";
619
											else
620
												$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png";
621
										?>
622
										<img src="<?=$usrimg;?>" alt="User" title="User" border="0" height="16" width="16" />
623 6b07c15a Matthew Grooms
									</td>
624 e30001cf Matthew Grooms
									<td align="left" valign="middle">
625
										<?=htmlspecialchars($userent['name']);?>
626 6b07c15a Matthew Grooms
									</td>
627
								</tr>
628
							</table>
629 45ee90ed Matthew Grooms
						</td>
630 e30001cf Matthew Grooms
						<td class="listr"><?=htmlspecialchars($userent['fullname']);?>&nbsp;</td>
631
						<td class="listbg">
632
								<?=implode(",",local_user_get_groups($userent));?>
633
							&nbsp;
634 45ee90ed Matthew Grooms
						</td>
635 e30001cf Matthew Grooms
						<td valign="middle" nowrap class="list">
636
							<a href="system_usermanager.php?act=edit&id=<?=$i;?>">
637
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="edit user" alt="edit user" width="17" height="17" border="0" />
638
							</a>
639
							<?php if($userent['scope'] != "system"): ?>
640
							&nbsp;
641
							<a href="system_usermanager.php?act=deluser&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')">
642
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete user" alt="delete user" width="17" height="17" border="0" />
643
							</a>
644
							<?php endif; ?>
645 58fdb8ad Matthew Grooms
						</td>
646
					</tr>
647 e30001cf Matthew Grooms
					<?php
648
							$i++;
649
						endforeach;
650
					?>
651 fb1266d3 Matthew Grooms
					<tr>
652 e30001cf Matthew Grooms
						<td class="list" colspan="3"></td>
653
						<td class="list">
654
							<a href="system_usermanager.php?act=new">
655
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add user" alt="add user" width="17" height="17" border="0" />
656
							</a>
657 fb1266d3 Matthew Grooms
						</td>
658
					</tr>
659 45ee90ed Matthew Grooms
					<tr>
660 e30001cf Matthew Grooms
						<td colspan="3">
661
							<p>
662
								<?=gettext("Additional webConfigurator users can be added here.");?>
663
								<?=gettext("User permissions can be assinged diretly or inherited from group memberships.");?>
664
								<?=gettext("An icon that appears grey indicates that it is a system defined object.");?>
665
								<?=gettext("Some system object properties can be modified but they cannot be deleted.");?>
666
							</p>
667 45ee90ed Matthew Grooms
						</td>
668
					</tr>
669
				</table>
670
671 e30001cf Matthew Grooms
				<?php endif; ?>
672 45ee90ed Matthew Grooms
673 e30001cf Matthew Grooms
			</div>
674 45ee90ed Matthew Grooms
		</td>
675
	</tr>
676 1df17ba9 Scott Ullrich
</table>
677 45ee90ed Matthew Grooms
<?php include("fend.inc");?>
678
</body>
679
680 1df17ba9 Scott Ullrich
<?php
681
682 45ee90ed Matthew Grooms
	// end admin user code
683
684
} else {
685
686
	// start normal user code
687 6b07c15a Matthew Grooms
688 45ee90ed Matthew Grooms
	$pgtitle = array("System","User Password");
689
690
	if (isset($_POST['save'])) {
691
		unset($input_errors);
692
693
		/* input validation */
694
		$reqdfields = explode(" ", "passwordfld1");
695
		$reqdfieldsn = explode(",", "Password");
696 1df17ba9 Scott Ullrich
697 45ee90ed Matthew Grooms
		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
698 1df17ba9 Scott Ullrich
699 45ee90ed Matthew Grooms
		if ($_POST['passwordfld1'] != $_POST['passwordfld2'])
700
			$input_errors[] = "The passwords do not match.";
701 1df17ba9 Scott Ullrich
702 45ee90ed Matthew Grooms
		if (!$input_errors) {
703
			// all values are okay --> saving changes
704
			$config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1']));
705 1df17ba9 Scott Ullrich
706 45ee90ed Matthew Grooms
			write_config();
707
			$savemsg = "Password successfully changed<br />";
708
		}
709
	}
710
711
	/* deterimine if user is not local to system */
712
	$islocal = false;
713
	foreach($config['system']['user'] as $user) 
714
		if($user['name'] == $_SESSION['Username'])
715
			$islocal = true;
716 fab7ff44 Bill Marquette
?>
717 1df17ba9 Scott Ullrich
718 45ee90ed Matthew Grooms
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
719 1df17ba9 Scott Ullrich
<?php
720
    include("head.inc");
721 45ee90ed Matthew Grooms
	include("fbegin.inc");
722
	if ($input_errors)
723
		print_input_errors($input_errors);
724
	if ($savemsg)
725
		print_info_box($savemsg);
726
727
	if($islocal == false) {
728
		echo "Sorry, you cannot change the password for a LDAP user.";
729
		include("fend.inc");
730
		exit;
731
	}
732 1df17ba9 Scott Ullrich
?>
733 e30001cf Matthew Grooms
<div id="mainarea">
734
	<div class="tabcont">
735
		<form action="system_usermanager.php" method="post" name="iform" id="iform">
736
			<table width="100%" border="0" cellpadding="6" cellspacing="0">
737
				<tr>
738
					<td colspan="2" valign="top" class="listtopic"><?=$HTTP_SERVER_VARS['AUTH_USER']?>'s Password</td>
739
				</tr>
740
				<tr>
741
					<td width="22%" valign="top" class="vncell" rowspan="2">Password</td>
742
					<td width="78%" class="vtable">
743
						<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" />
744
					</td>
745
				</tr>
746
				<tr>
747
					<td width="78%" class="vtable">
748
						<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" />
749
						&nbsp;<?=gettext("(confirmation)");?>
750
						<br/>
751
						<span class="vexpl">
752
							<?=gettext("Select a new password");?>
753
						</span>
754
					</td>
755
				</tr>
756
				<tr>
757
					<td width="22%" valign="top">&nbsp;</td>
758
					<td width="78%">
759
						<input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
760
					</td>
761
				</tr>
762
			</table>
763
		</form>
764
	</div>
765
</div>
766 45ee90ed Matthew Grooms
<?php include("fend.inc");?>
767
</body>
768 82e913df Scott Ullrich
769 1df17ba9 Scott Ullrich
<?php
770
771 6b07c15a Matthew Grooms
} // end of normal user code
772 45ee90ed Matthew Grooms
773
?>