Project

General

Profile

Download (26.2 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
    system_usermanager.php
5
    part of m0n0wall (http://m0n0.ch/wall)
6

    
7
    Copyright (C) 2008 Shrew Soft Inc.
8
    All rights reserved.
9

    
10
    Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
11
    All rights reserved.
12

    
13
    Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
14
    All rights reserved.
15

    
16
    Redistribution and use in source and binary forms, with or without
17
    modification, are permitted provided that the following conditions are met:
18

    
19
    1. Redistributions of source code must retain the above copyright notice,
20
       this list of conditions and the following disclaimer.
21

    
22
    2. Redistributions in binary form must reproduce the above copyright
23
       notice, this list of conditions and the following disclaimer in the
24
       documentation and/or other materials provided with the distribution.
25

    
26
    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
27
    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
28
    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
29
    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
30
    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31
    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32
    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33
    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35
    POSSIBILITY OF SUCH DAMAGE.
36
*/
37
/*
38
	pfSense_BUILDER_BINARIES:	
39
	pfSense_MODULE:	auth
40
*/
41

    
42
##|+PRIV
43
##|*IDENT=page-system-usermanager
44
##|*NAME=System: User Manager page
45
##|*DESCR=Allow access to the 'System: User Manager' page.
46
##|*MATCH=system_usermanager.php*
47
##|-PRIV
48

    
49
require("certs.inc");
50
require("guiconfig.inc");
51
require("priv.defs.inc");
52
require("priv.inc");
53

    
54
if (isAllowedPage("system_usermanager")) {
55

    
56
	// start admin user code
57
	$pgtitle = array("System","User Manager");
58

    
59
	$id = $_GET['id'];
60
	if (isset($_POST['id']))
61
		$id = $_POST['id'];
62

    
63
	if (!is_array($config['system']['user'])) 
64
		$config['system']['user'] = array();
65

    
66
	$a_user = &$config['system']['user'];
67

    
68
	if ($_GET['act'] == "deluser") {
69

    
70
		if (!$a_user[$id]) {
71
			pfSenseHeader("system_usermanager.php");
72
			exit;
73
		}
74

    
75
		local_user_del($a_user[$id]);
76
		$userdeleted = $a_user[$id]['name'];
77
		unset($a_user[$id]);
78
		write_config();
79
		$savemsg = gettext("User")." {$userdeleted} ".
80
					gettext("successfully deleted")."<br/>";
81
	}
82

    
83
	if ($_GET['act'] == "delpriv") {
84

    
85
		if (!$a_user[$id]) {
86
			pfSenseHeader("system_usermanager.php");
87
			exit;
88
		}
89

    
90
		$privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name'];
91
		unset($a_user[$id]['priv'][$_GET['privid']]);
92
		write_config();
93
		$_GET['act'] = "edit";
94
		$savemsg = gettext("Privilege")." {$privdeleted} ".
95
					gettext("successfully deleted")."<br/>";
96
	}
97

    
98
	if ($_GET['act'] == "expcert") {
99

    
100
		if (!$a_user[$id]) {
101
			pfSenseHeader("system_usermanager.php");
102
			exit;
103
		}
104

    
105
		$cert =& $a_user[$id]['cert'][$_GET['certid']];
106

    
107
		$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.crt");
108
		$exp_data = base64_decode($cert['crt']);
109
		$exp_size = strlen($exp_data);
110

    
111
		header("Content-Type: application/octet-stream");
112
		header("Content-Disposition: attachment; filename={$exp_name}");
113
		header("Content-Length: $exp_size");
114
		echo $exp_data;
115
		exit;
116
	}
117

    
118
	if ($_GET['act'] == "expckey") {
119

    
120
		if (!$a_user[$id]) {
121
			pfSenseHeader("system_usermanager.php");
122
			exit;
123
		}
124

    
125
		$cert =& $a_user[$id]['cert'][$_GET['certid']];
126

    
127
		$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.key");
128
		$exp_data = base64_decode($cert['prv']);
129
		$exp_size = strlen($exp_data);
130

    
131
		header("Content-Type: application/octet-stream");
132
		header("Content-Disposition: attachment; filename={$exp_name}");
133
		header("Content-Length: $exp_size");
134
		echo $exp_data;
135
		exit;
136
	}
137

    
138
	if ($_GET['act'] == "delcert") {
139

    
140
		if (!$a_user[$id]) {
141
			pfSenseHeader("system_usermanager.php");
142
			exit;
143
		}
144

    
145
		$certdeleted = $a_user[$id]['cert'][$_GET['certid']]['name'];
146
		unset($a_user[$id]['cert'][$_GET['certid']]);
147
		write_config();
148
		$_GET['act'] = "edit";
149
		$savemsg = gettext("Certificate")." {$certdeleted} ".
150
					gettext("successfully deleted")."<br/>";
151
	}
152

    
153
	if ($_GET['act'] == "edit") {
154
		if (isset($id) && $a_user[$id]) {
155
			$pconfig['usernamefld'] = $a_user[$id]['name'];
156
			$pconfig['fullname'] = $a_user[$id]['fullname'];
157
			$pconfig['expires'] = $a_user[$id]['expires'];
158
			$pconfig['groups'] = local_user_get_groups($a_user[$id]);
159
			$pconfig['utype'] = $a_user[$id]['scope'];
160
			$pconfig['uid'] = $a_user[$id]['uid'];
161
			$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
162
			$pconfig['priv'] = $a_user[$id]['priv'];
163
			$pconfig['disabled'] = isset($a_user[$id]['disabled']);
164
		}
165
	}
166

    
167
	if ($_GET['act'] == "new") {
168
		/*
169
		 * set this value cause the text field is read only
170
		 * and the user should not be able to mess with this
171
		 * setting.
172
		 */
173
		$pconfig['utype'] = "user";
174
	}
175

    
176
	if ($_POST) {
177
		conf_mount_rw();
178
		unset($input_errors);
179
		$pconfig = $_POST;
180

    
181
		/* input validation */
182
		if (isset($id) && ($a_user[$id])) {
183
			$reqdfields = explode(" ", "usernamefld");
184
			$reqdfieldsn = explode(",", "Username");
185
		} else {
186
			$reqdfields = explode(" ", "usernamefld passwordfld1");
187
			$reqdfieldsn = explode(",", "Username,Password");
188
		}
189

    
190
		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
191

    
192
		if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
193
			$input_errors[] = gettext("The username contains invalid characters.");
194

    
195
		if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
196
			$input_errors[] = gettext("The passwords do not match.");
197

    
198
		/* make sure this user name is unique */
199
		if (!$input_errors && !(isset($id) && $a_user[$id])) {
200
			foreach ($a_user as $userent) {
201
				if ($userent['name'] == $_POST['usernamefld']) {
202
					$input_errors[] = gettext("Another entry with the same username already exists.");
203
					break;
204
				}
205
			}
206
		}
207

    
208
		/*
209
		 * Check for a valid expirationdate if one is set at all (valid means,
210
		 * strtotime() puts out a time stamp so any strtotime compatible time
211
		 * format may be used. to keep it simple for the enduser, we only
212
		 * claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
213
		 * like "+1 day", which will be converted to MM/DD/YYYY based on "now".
214
		 * Otherwhise such an entry would lead to an invalid expiration data.
215
		 */
216
		if ($_POST['expires']){
217
			if(strtotime($_POST['expires']) > 0){
218
				if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($_POST['expires'])))) {
219
					// Allow items to lie in the past which ends up disabling.
220
				} else {
221
					//convert from any strtotime compatible date to MM/DD/YYYY
222
					$expdate = strtotime($_POST['expires']);
223
					$_POST['expires'] = date("m/d/Y",$expdate);
224
				}
225
			} else {
226
				$input_errors[] = "Invalid expiration date format; use MM/DD/YYYY instead.";
227
			}
228
		}
229

    
230
		/* if this is an AJAX caller then handle via JSON */
231
		if (isAjax() && is_array($input_errors)) {
232
			input_errors2Ajax($input_errors);
233
			exit;
234
		}
235

    
236
		if (!$input_errors) {
237
			$userent = array();
238
			if (isset($id) && $a_user[$id])
239
				$userent = $a_user[$id];
240

    
241
			isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
242

    
243
			/* the user name was modified */
244
			if ($_POST['usernamefld'] <> $_POST['oldusername'])
245
				$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
246

    
247
			/* the user password was mofified */
248
			if ($_POST['passwordfld1'])
249
				local_user_set_password($userent, $_POST['passwordfld1']);
250

    
251
			$userent['name'] = $_POST['usernamefld'];
252
			$userent['fullname'] = $_POST['fullname'];
253
			$userent['expires'] = $_POST['expires'];
254
			$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
255
			
256
			if($_POST['disabled'])
257
				$userent['disabled'] = true;
258
			else 
259
				unset($userent['disabled']);
260

    
261
			if (isset($id) && $a_user[$id])
262
				$a_user[$id] = $userent;
263
			else {
264
				$userent['uid'] = $config['system']['nextuid']++;
265
				$a_user[] = $userent;
266
			}
267

    
268
			local_user_set($userent);
269
			local_user_set_groups($userent,$_POST['groups']);
270
			write_config();
271

    
272
			if(is_dir("/etc/inc/privhooks"))
273
				run_plugins("/etc/inc/privhooks");
274

    
275
			conf_mount_ro();
276
			
277
			pfSenseHeader("system_usermanager.php");
278
		}
279
	}
280

    
281
	include("head.inc");
282
?>
283

    
284
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
285
<?php include("fbegin.inc"); ?>
286
<!--
287
//Date Time Picker script- by TengYong Ng of http://www.rainforestnet.com
288
//Script featured on JavaScript Kit (http://www.javascriptkit.com)
289
//For this script, visit http://www.javascriptkit.com
290
// -->
291
<script language="javascript" type="text/javascript" src="javascript/datetimepicker.js"></script>
292
<script language="JavaScript">
293
<!--
294

    
295
function setall_selected(id) {
296
	selbox = document.getElementById(id);
297
	count = selbox.options.length;
298
	for (index = 0; index<count; index++)
299
		selbox.options[index].selected = true;
300
}
301

    
302
function clear_selected(id) {
303
	selbox = document.getElementById(id);
304
	count = selbox.options.length;
305
	for (index = 0; index<count; index++)
306
		selbox.options[index].selected = false;
307
}
308

    
309
function remove_selected(id) {
310
	selbox = document.getElementById(id);
311
	index = selbox.options.length - 1;
312
	for (; index >= 0; index--)
313
		if (selbox.options[index].selected)
314
			selbox.remove(index);
315
}
316

    
317
function copy_selected(srcid, dstid) {
318
	src_selbox = document.getElementById(srcid);
319
	dst_selbox = document.getElementById(dstid);
320
	count = src_selbox.options.length;
321
	for (index = 0; index < count; index++) {
322
		if (src_selbox.options[index].selected) {
323
			option = document.createElement('option');
324
			option.text = src_selbox.options[index].text;
325
			option.value = src_selbox.options[index].value;
326
			dst_selbox.add(option, null);
327
		}
328
	}
329
}
330

    
331
function move_selected(srcid, dstid) {
332
	copy_selected(srcid, dstid);
333
	remove_selected(srcid);
334
}
335

    
336
function presubmit() {
337
	clear_selected('notgroups');
338
	setall_selected('groups');
339
}
340

    
341
//-->
342
</script>
343
<?php
344
	if ($input_errors)
345
		print_input_errors($input_errors);
346
	if ($savemsg)
347
		print_info_box($savemsg);
348
?>
349
<table width="100%" border="0" cellpadding="0" cellspacing="0">
350
	<tr>
351
		<td>
352
		<?php
353
			$tab_array = array();
354
			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
355
			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
356
			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
357
			$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
358
			display_top_tabs($tab_array);
359
		?>
360
		</td>
361
	</tr>
362
	<tr>
363
		<td id="mainarea">
364
			<div class="tabcont">
365

    
366
				<?php if ($_GET['act'] == "new" || $_GET['act'] == "edit" || $input_errors): ?>
367

    
368
				<form action="system_usermanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
369
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
370
						<?php
371
							$ro = "";
372
							if ($pconfig['utype'] == "system")
373
								$ro = "readonly = \"readonly\"";
374
						?>
375
	                    <tr>
376
	                        <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td>
377
	                        <td width="78%" class="vtable">
378
	                            <strong><?=strtoupper($pconfig['utype']);?></strong>
379
								<input name="utype" type="hidden" value="<?=$pconfig['utype']?>"/>
380
	                        </td>
381
	                    </tr>
382
						<tr>
383
							<td width="22%" valign="top" class="vncell"><?=gettext("Disabled");?></td>
384
							<td width="78%" class="vtable">
385
								<input name="disabled" type="checkbox" id="disabled" <?php if($pconfig['disabled']) echo "CHECKED"; ?>>
386
							</td>
387
						</tr>
388
						<tr>
389
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td>
390
							<td width="78%" class="vtable">
391
								<input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?>/>
392
								<input name="oldusername" type="hidden" id="oldusername" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" />
393
							</td>
394
						</tr>
395
						<tr>
396
							<td width="22%" valign="top" class="vncellreq" rowspan="2"><?=gettext("Password");?></td>
397
							<td width="78%" class="vtable">
398
								<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" value="" />
399
							</td>
400
						</tr>
401
						<tr>
402
							<td width="78%" class="vtable">
403
								<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" value="" />&nbsp;<?= gettext("(confirmation)"); ?>
404
							</td>
405
						</tr>
406
						<tr>
407
							<td width="22%" valign="top" class="vncell"><?=gettext("Full name");?></td>
408
							<td width="78%" class="vtable">
409
								<input name="fullname" type="text" class="formfld unknown" id="fullname" size="20" value="<?=htmlspecialchars($pconfig['fullname']);?>" <?=$ro;?>/>
410
								<br/>
411
								<?=gettext("User's full name, for your own information only");?>
412
							</td>
413
						</tr>
414
						<tr>
415
							<td width="22%" valign="top" class="vncell">Expiration date</td>
416
							<td width="78%" class="vtable">
417
								<input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=$pconfig['expires'];?>">
418
								<a href="javascript:NewCal('expires','mmddyyyy')">
419
									<img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_cal.gif" width="16" height="16" border="0" alt="Pick a date">
420
								</a>
421
								<br>
422
								<span class="vexpl">Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy</span></td>
423
						</tr>
424
						<tr>
425
							<td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td>
426
							<td width="78%" class="vtable" align="center">
427
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
428
									<tr>
429
										<td align="center" width="50%">
430
											<strong>Not Member Of</strong><br/>
431
											<br/>
432
											<select size="10" style="width: 75%" name="notgroups[]" class="formselect" id="notgroups" onChange="clear_selected('groups')" multiple>
433
												<?php
434
													foreach ($config['system']['group'] as $group):
435
														if ($group['gid'] == 1998) /* all users group */
436
															continue;
437
														if (in_array($group['name'],$pconfig['groups']))
438
															continue;
439
												?>
440
												<option value="<?=$group['name'];?>" <?=$selected;?>>
441
													<?=htmlspecialchars($group['name']);?>
442
												</option>
443
												<?php endforeach; ?>
444
											</select>
445
											<br/>
446
										</td>
447
										<td>
448
											<br/>
449
											<a href="javascript:move_selected('notgroups','groups')">
450
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="Add Groups" alt="Add Groups" width="17" height="17" border="0" />
451
											</a>
452
											<br/><br/>
453
											<a href="javascript:move_selected('groups','notgroups')">
454
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="Remove Groups" alt="Remove Groups" width="17" height="17" border="0" />
455
											</a>
456
										</td>
457
										<td align="center" width="50%">
458
											<strong>Member Of</strong><br/>
459
											<br/>
460
											<select size="10" style="width: 75%" name="groups[]" class="formselect" id="groups" onChange="clear_selected('nogroups')" multiple>
461
												<?php
462
													foreach ($config['system']['group'] as $group):
463
														if ($group['gid'] == 1998) /* all users group */
464
															continue;
465
														if (!in_array($group['name'],$pconfig['groups']))
466
															continue;
467
												?>
468
												<option value="<?=$group['name'];?>">
469
													<?=htmlspecialchars($group['name']);?>
470
												</option>
471
												<?php endforeach; ?>
472
											</select>
473
											<br/>
474
										</td>
475
									</tr>
476
								</table>
477
								<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
478
							</td>
479
						</tr>
480

    
481
						<?php if ($pconfig['uid']): ?>
482

    
483
						<tr>
484
							<td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td>
485
							<td width="78%" class="vtable">
486
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
487
									<tr>
488
										<td width="20%" class="listhdrr"><?=gettext("Inherited From");?></td>
489
										<td width="30%" class="listhdrr"><?=gettext("Name");?></td>
490
										<td width="40%" class="listhdrr"><?=gettext("Description");?></td>
491
										<td class="list"></td>
492
									</tr>
493
									<?php
494
											
495
										$privdesc = get_user_privdesc($a_user[$id]);
496
										if(is_array($privdesc)):
497
											$i = 0;
498
											foreach ($privdesc as $priv):
499
											$group = false;
500
											if ($priv['group'])
501
												$group = $priv['group'];
502
									?>
503
									<tr>
504
										<td class="listlr"><?=$group;?></td>
505
										<td class="listr">
506
											<?=htmlspecialchars($priv['name']);?>
507
										</td>
508
										<td class="listbg">
509
												<?=htmlspecialchars($priv['descr']);?>
510
										</td>
511
										<td valign="middle" nowrap class="list">
512
											<?php if (!$group): ?>
513
											<a href="system_usermanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')">
514
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" />
515
											</a>
516
											<?php endif; ?>
517
										</td>
518
									</tr>
519
									<?php
520
											/* can only delete user priv indexes */
521
											if (!$group)
522
												$i++;
523
											endforeach;
524
										endif;
525
									?>
526
									<tr>
527
										<td class="list" colspan="3"></td>
528
										<td class="list">
529
											<a href="system_usermanager_addprivs.php?userid=<?=$id?>">
530
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
531
											</a>
532
										</td>
533
									</tr>
534
								</table>
535
							</td>
536
						</tr>
537
						<tr>
538
							<td width="22%" valign="top" class="vncell"><?=gettext("User Certificates");?></td>
539
							<td width="78%" class="vtable">
540
								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
541
									<tr>
542
										<td width="45%" class="listhdrr"><?=gettext("Name");?></td>
543
										<td width="45%" class="listhdrr"><?=gettext("CA");?></td>
544
										<td class="list"></td>
545
									</tr>
546
									<?php
547
										
548
										$a_cert = $a_user[$id]['cert'];
549
										if(is_array($a_cert)):
550
											$i = 0;
551
											foreach ($a_cert as $cert):
552
						                        $ca = lookup_ca($cert['caref']);
553
									?>
554
									<tr>
555
										<td class="listlr">
556
											<?=htmlspecialchars($cert['name']);?>
557
										</td>
558
										<td class="listr">
559
											<?=htmlspecialchars($ca['name']);?>
560
										</td>
561
										<td valign="middle" nowrap class="list">
562
											<a href="system_usermanager.php?act=expckey&id=<?=$id;?>&certid=<?=$i;?>">
563
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export private key" alt="export private key" width="17" height="17" border="0" />
564
											</a>
565
											<a href="system_usermanager.php?act=expcert&id=<?=$id;?>&certid=<?=$i;?>">
566
												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export cert" alt="export cert" width="17" height="17" border="0" />
567
											</a>
568
											<a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this certificate?");?>')">
569
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete cert" />
570
											</a>
571
										</td>
572
									</tr>
573
									<?php
574
												$i++;
575
											endforeach;
576
										endif;
577
									?>
578
									<tr>
579
										<td class="list" colspan="2"></td>
580
										<td class="list">
581
											<a href="system_usermanager_addcert.php?userid=<?=$id?>">
582
												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
583
											</a>
584
										</td>
585
									</tr>
586
								</table>
587
							</td>
588
						</tr>
589

    
590
						<?php endif; ?>
591

    
592
						<tr>
593
							<td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
594
							<td width="78%" class="vtable">
595
								<textarea name="authorizedkeys" cols="65" rows="7" id="authorizedkeys" class="formfld_cert" wrap="off"><?=htmlspecialchars($pconfig['authorizedkeys']);?></textarea>
596
								<br/>
597
								<?=gettext("Paste an authorized keys file here.");?>
598
							</td>
599
						</tr>
600
						<tr>
601
							<td width="22%" valign="top">&nbsp;</td>
602
							<td width="78%">
603
								<input id="submit" name="save" type="submit" class="formbtn" value="Save" />
604
								<?php if (isset($id) && $a_user[$id]): ?>
605
								<input name="id" type="hidden" value="<?=$id;?>" />
606
								<?php endif;?>
607
							</td>
608
						</tr>
609
					</table>
610
				</form>
611

    
612
				<?php else: ?>
613

    
614
				<table width="100%" border="0" cellpadding="0" cellspacing="0">
615
					<tr>
616
						<td width="25%" class="listhdrr">Username</td>
617
						<td width="25%" class="listhdrr">Full name</td>
618
						<td width="5%" class="listhdrr">Disabled</td>
619
						<td width="25%" class="listhdrr">Groups</td>
620
						<td width="10%" class="list"></td>
621
					</tr>
622
					<?php
623
						$i = 0;
624
						foreach($a_user as $userent):
625
					?>
626
					<tr ondblclick="document.location='system_usermanager.php?act=edit&id=<?=$i;?>'">
627
						<td class="listlr">
628
							<table border="0" cellpadding="0" cellspacing="0">
629
								<tr>
630
									<td align="left" valign="center">
631
										<?php
632
											if($userent['scope'] != "user")
633
												$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png";
634
											else
635
												$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png";
636
										?>
637
										<img src="<?=$usrimg;?>" alt="User" title="User" border="0" height="16" width="16" />
638
									</td>
639
									<td align="left" valign="middle">
640
										<?=htmlspecialchars($userent['name']);?>
641
									</td>
642
								</tr>
643
							</table>
644
						</td>
645
						<td class="listr"><?=htmlspecialchars($userent['fullname']);?>&nbsp;</td>
646
						<td class="listr"><?php if(isset($userent['disabled'])) echo "*"; ?></td>
647
						<td class="listbg">
648
								<?=implode(",",local_user_get_groups($userent));?>
649
							&nbsp;
650
						</td>
651
						<td valign="middle" nowrap class="list">
652
							<a href="system_usermanager.php?act=edit&id=<?=$i;?>">
653
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="edit user" alt="edit user" width="17" height="17" border="0" />
654
							</a>
655
							<?php if($userent['scope'] != "system"): ?>
656
							&nbsp;
657
							<a href="system_usermanager.php?act=deluser&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')">
658
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete user" alt="delete user" width="17" height="17" border="0" />
659
							</a>
660
							<?php endif; ?>
661
						</td>
662
					</tr>
663
					<?php
664
							$i++;
665
						endforeach;
666
					?>
667
					<tr>
668
						<td class="list" colspan="4"></td>
669
						<td class="list">
670
							<a href="system_usermanager.php?act=new">
671
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add user" alt="add user" width="17" height="17" border="0" />
672
							</a>
673
						</td>
674
					</tr>
675
					<tr>
676
						<td colspan="4">
677
							<p>
678
								<?=gettext("Additional webConfigurator users can be added here.");?>
679
								<?=gettext("User permissions can be assigned directly or inherited from group memberships.");?>
680
								<?=gettext("An icon that appears grey indicates that it is a system defined object.");?>
681
								<?=gettext("Some system object properties can be modified but they cannot be deleted.");?>
682
							</p>
683
						</td>
684
					</tr>
685
				</table>
686

    
687
				<?php endif; ?>
688

    
689
			</div>
690
		</td>
691
	</tr>
692
</table>
693
<?php include("fend.inc");?>
694
</body>
695

    
696
<?php
697

    
698
	// end admin user code
699

    
700
} else {
701

    
702
	// start normal user code
703

    
704
	$pgtitle = array("System","User Password");
705

    
706
	if (isset($_POST['save'])) {
707
		unset($input_errors);
708

    
709
		/* input validation */
710
		$reqdfields = explode(" ", "passwordfld1");
711
		$reqdfieldsn = explode(",", "Password");
712

    
713
		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
714

    
715
		if ($_POST['passwordfld1'] != $_POST['passwordfld2'])
716
			$input_errors[] = "The passwords do not match.";
717

    
718
		if (!$input_errors) {
719
			// all values are okay --> saving changes
720
			$config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1']));
721

    
722
			write_config();
723
			$savemsg = "Password successfully changed<br />";
724
		}
725
	}
726

    
727
	/* determine if user is not local to system */
728
	$islocal = false;
729
	foreach($config['system']['user'] as $user) 
730
		if($user['name'] == $_SESSION['Username'])
731
			$islocal = true;
732
?>
733

    
734
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
735
<?php
736
    include("head.inc");
737
	include("fbegin.inc");
738
	if ($input_errors)
739
		print_input_errors($input_errors);
740
	if ($savemsg)
741
		print_info_box($savemsg);
742

    
743
	if($islocal == false) {
744
		echo "Sorry, you cannot change the password for a LDAP user.";
745
		include("fend.inc");
746
		exit;
747
	}
748
?>
749
<div id="mainarea">
750
	<div class="tabcont">
751
		<form action="system_usermanager.php" method="post" name="iform" id="iform">
752
			<table width="100%" border="0" cellpadding="6" cellspacing="0">
753
				<tr>
754
					<td colspan="2" valign="top" class="listtopic"><?=$HTTP_SERVER_VARS['AUTH_USER']?>'s Password</td>
755
				</tr>
756
				<tr>
757
					<td width="22%" valign="top" class="vncell" rowspan="2">Password</td>
758
					<td width="78%" class="vtable">
759
						<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" />
760
					</td>
761
				</tr>
762
				<tr>
763
					<td width="78%" class="vtable">
764
						<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" />
765
						&nbsp;<?=gettext("(confirmation)");?>
766
						<br/>
767
						<span class="vexpl">
768
							<?=gettext("Select a new password");?>
769
						</span>
770
					</td>
771
				</tr>
772
				<tr>
773
					<td width="22%" valign="top">&nbsp;</td>
774
					<td width="78%">
775
						<input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
776
					</td>
777
				</tr>
778
			</table>
779
		</form>
780
	</div>
781
</div>
782
<?php include("fend.inc");?>
783
</body>
784

    
785
<?php
786

    
787
} // end of normal user code
788

    
789
?>
(192-192/218)