Merge branch 'master' into bootstrap

1 files changed, 128 insertions, 0 deletions

diff --git a/src/usr/local/www/system_usermanager_passwordmg.php b/src/usr/local/www/system_usermanager_passwordmg.php
new file mode 100644
index 0000000..cb02942
--- /dev/null
+++ b/src/usr/local/www/system_usermanager_passwordmg.php
@@ -0,0 +1,128 @@
+<?php
+/* $Id$ */
+/*
+	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
+	Copyright (C) 2011 Ermal Luçi
+	system_usermanager_passwordmg.php
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+/*
+	pfSense_BUILDER_BINARIES:
+	pfSense_MODULE: auth
+*/
+
+##|+PRIV
+##|*IDENT=page-system-usermanager-passwordmg
+##|*NAME=System: User Password Manager page
+##|*DESCR=Allow access to the 'System: User Password Manager' page.
+##|*MATCH=system_usermanager_passwordmg.php*
+##|-PRIV
+
+require_once("auth.inc");
+require_once("certs.inc");
+require_once("guiconfig.inc");
+
+$pgtitle = array(gettext("System"), gettext("User Password"));
+
+if (isset($_POST['save'])) {
+	unset($input_errors);
+	/* input validation */
+
+	$reqdfields = explode(" ", "passwordfld1");
+	$reqdfieldsn = array(gettext("Password"));
+	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
+
+	if ($_POST['passwordfld1'] != $_POST['passwordfld2']) {
+		$input_errors[] = gettext("The passwords do not match.");
+	}
+
+	if (!$input_errors) {
+		if (!session_id()) {
+			session_start();
+		}
+		// all values are okay --> saving changes
+
+		$userent =& $config['system']['user'][$userindex[$_SESSION['Username']]];
+		local_user_set_password($userent, $_POST['passwordfld1']);
+		local_user_set($userent);
+		unset($userent);
+		session_commit();
+
+		write_config();
+
+		$savemsg = gettext("Password successfully changed") . "<br />";
+	}
+}
+
+if (!session_id()) {
+	session_start();
+}
+
+/* determine if user is not local to system */
+$islocal = false;
+foreach ($config['system']['user'] as $user) {
+	if ($user['name'] == $_SESSION['Username']) {
+		$islocal = true;
+	}
+}
+
+session_commit();
+
+include("head.inc");
+
+if ($input_errors) {
+	print_input_errors($input_errors);
+}
+
+if ($savemsg) {
+	print_info_box($savemsg);
+}
+
+if ($islocal == false) {
+	echo gettext("Sorry, you cannot change the password for a non-local user.");
+	include("foot.inc");
+	exit;
+}
+
+require('classes/Form.class.php');
+
+$form = new Form();
+
+$section = new Form_Section('Update Password');
+
+$section->addInput(new Form_Input(
+	'passwordfld1',
+	'Password',
+	'password'
+));
+
+$section->addInput(new Form_Input(
+	'passwordfld2',
+	'Confirmation',
+	'password'
+))->setHelp('Select a new password');
+
+$form->add($section);
+print($form);
+
+include("foot.inc");
\ No newline at end of file