diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2015-05-30 13:40:12 -0300 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2015-05-30 13:40:12 -0300 |
| commit | 5be3060472b257e0f171669b91d4e407960463e6 (patch) | |
| tree | 175f35bd121c34f23178e7c5ae92ab7966cd979a /usr/local | |
| parent | 5e50c5b3142710684fd78c8f8a58e6897452ea42 (diff) | |
| parent | 73fa304bfc6ced005d8862be8dcbdab81aface9d (diff) | |
| download | pfsense-5be3060472b257e0f171669b91d4e407960463e6.zip pfsense-5be3060472b257e0f171669b91d4e407960463e6.tar.gz | |
Merge pull request #1702 from phil-davis/system-usermanger
Diffstat (limited to 'usr/local')
| -rw-r--r-- | usr/local/www/system_usermanager.php | 201 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager_addprivs.php | 44 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager_passwordmg.php | 93 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager_settings.php | 36 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager_settings_ldapacpicker.php | 74 | ||||
| -rwxr-xr-x | usr/local/www/system_usermanager_settings_test.php | 39 |
6 files changed, 273 insertions, 214 deletions
diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 1bc91ad..b56ad6b 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -53,22 +53,24 @@ require("certs.inc"); require("guiconfig.inc"); - // start admin user code -$pgtitle = array(gettext("System"),gettext("User Manager")); +$pgtitle = array(gettext("System"), gettext("User Manager")); -if (isset($_POST['userid']) && is_numericint($_POST['userid'])) +if (isset($_POST['userid']) && is_numericint($_POST['userid'])) { $id = $_POST['userid']; +} -if (!isset($config['system']['user']) || !is_array($config['system']['user'])) +if (!isset($config['system']['user']) || !is_array($config['system']['user'])) { $config['system']['user'] = array(); +} $a_user = &$config['system']['user']; -if (isset($_SERVER['HTTP_REFERER'])) +if (isset($_SERVER['HTTP_REFERER'])) { $referer = $_SERVER['HTTP_REFERER']; -else +} else { $referer = '/system_usermanager.php'; +} if (isset($id) && $a_user[$id]) { $pconfig['usernamefld'] = $a_user[$id]['name']; @@ -96,10 +98,8 @@ if ($_POST['act'] == "deluser") { $userdeleted = $a_user[$id]['name']; unset($a_user[$id]); write_config(); - $savemsg = gettext("User")." {$userdeleted} ". - gettext("successfully deleted")."<br />"; -} -else if ($_POST['act'] == "delpriv") { + $savemsg = gettext("User") . " {$userdeleted} " . gettext("successfully deleted") . "<br />"; +} else if ($_POST['act'] == "delpriv") { if (!$a_user[$id]) { pfSenseHeader("system_usermanager.php"); @@ -111,10 +111,8 @@ else if ($_POST['act'] == "delpriv") { local_user_set($a_user[$id]); write_config(); $_POST['act'] = "edit"; - $savemsg = gettext("Privilege")." {$privdeleted} ". - gettext("successfully deleted")."<br />"; -} -else if ($_POST['act'] == "expcert") { + $savemsg = gettext("Privilege") . " {$privdeleted} " . gettext("successfully deleted"). "<br />"; +} else if ($_POST['act'] == "expcert") { if (!$a_user[$id]) { pfSenseHeader("system_usermanager.php"); @@ -132,8 +130,7 @@ else if ($_POST['act'] == "expcert") { header("Content-Length: $exp_size"); echo $exp_data; exit; -} -else if ($_POST['act'] == "expckey") { +} else if ($_POST['act'] == "expckey") { if (!$a_user[$id]) { pfSenseHeader("system_usermanager.php"); @@ -151,8 +148,7 @@ else if ($_POST['act'] == "expckey") { header("Content-Length: $exp_size"); echo $exp_data; exit; -} -else if ($_POST['act'] == "delcert") { +} else if ($_POST['act'] == "delcert") { if (!$a_user[$id]) { pfSenseHeader("system_usermanager.php"); @@ -164,10 +160,8 @@ else if ($_POST['act'] == "delcert") { unset($a_user[$id]['cert'][$_POST['certid']]); write_config(); $_POST['act'] = "edit"; - $savemsg = gettext("Certificate")." {$certdeleted} ". - gettext("association removed.")."<br />"; -} -else if ($_POST['act'] == "new") { + $savemsg = gettext("Certificate") . " {$certdeleted} " . gettext("association removed.") . "<br />"; +} else if ($_POST['act'] == "new") { /* * set this value cause the text field is read only * and the user should not be able to mess with this @@ -177,12 +171,12 @@ else if ($_POST['act'] == "new") { $pconfig['lifetime'] = 3650; } -if(isset($_POST['dellall_x'])) { +if (isset($_POST['dellall_x'])) { $del_users = $_POST['delete_check']; - if(!empty($del_users)) { - foreach($del_users as $userid) { + if (!empty($del_users)) { + foreach ($del_users as $userid) { if (isset($a_user[$userid]) && $a_user[$userid]['scope'] != "system") { conf_mount_rw(); local_user_del($a_user[$userid]); @@ -223,22 +217,27 @@ if ($_POST['save']) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) { $input_errors[] = gettext("The username contains invalid characters."); + } - if (strlen($_POST['usernamefld']) > 16) + if (strlen($_POST['usernamefld']) > 16) { $input_errors[] = gettext("The username is longer than 16 characters."); + } - if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) + if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) { $input_errors[] = gettext("The passwords do not match."); + } - if (isset($_POST['ipsecpsk']) && !preg_match('/^[[:ascii:]]*$/', $_POST['ipsecpsk'])) + if (isset($_POST['ipsecpsk']) && !preg_match('/^[[:ascii:]]*$/', $_POST['ipsecpsk'])) { $input_errors[] = gettext("IPsec Pre-Shared Key contains invalid characters."); + } - if (isset($id) && $a_user[$id]) + if (isset($id) && $a_user[$id]) { $oldusername = $a_user[$id]['name']; - else + } else { $oldusername = ""; + } /* make sure this user name is unique */ if (!$input_errors) { foreach ($a_user as $userent) { @@ -268,20 +267,21 @@ if ($_POST['save']) { * like "+1 day", which will be converted to MM/DD/YYYY based on "now". * Otherwise such an entry would lead to an invalid expiration data. */ - if ($_POST['expires']){ + if ($_POST['expires']) { try { $expdate = new DateTime($_POST['expires']); //convert from any DateTime compatible date to MM/DD/YYYY $_POST['expires'] = $expdate->format("m/d/Y"); - } catch ( Exception $ex ) { + } catch (Exception $ex) { $input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead."); } } if (!empty($_POST['name'])) { $ca = lookup_ca($_POST['caref']); - if (!$ca) + if (!$ca) { $input_errors[] = gettext("Invalid internal Certificate Authority") . "\n"; + } } /* if this is an AJAX caller then handle via JSON */ @@ -293,8 +293,9 @@ if ($_POST['save']) { if (!$input_errors) { conf_mount_rw(); $userent = array(); - if (isset($id) && $a_user[$id]) + if (isset($id) && $a_user[$id]) { $userent = $a_user[$id]; + } isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; @@ -305,8 +306,9 @@ if ($_POST['save']) { } /* the user password was modified */ - if ($_POST['passwordfld1']) + if ($_POST['passwordfld1']) { local_user_set_password($userent, $_POST['passwordfld1']); + } $userent['name'] = $_POST['usernamefld']; $userent['descr'] = $_POST['descr']; @@ -314,14 +316,15 @@ if ($_POST['save']) { $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); $userent['ipsecpsk'] = $_POST['ipsecpsk']; - if($_POST['disabled']) + if ($_POST['disabled']) { $userent['disabled'] = true; - else + } else { unset($userent['disabled']); + } - if (isset($id) && $a_user[$id]) + if (isset($id) && $a_user[$id]) { $a_user[$id] = $userent; - else { + } else { if (!empty($_POST['name'])) { $cert = array(); $cert['refid'] = uniqid(); @@ -342,8 +345,9 @@ if ($_POST['save']) { cert_create($cert, $_POST['caref'], $_POST['keylen'], (int)$_POST['lifetime'], $dn); - if (!is_array($config['cert'])) + if (!is_array($config['cert'])) { $config['cert'] = array(); + } $config['cert'][] = $cert; $userent['cert'][] = $cert['refid']; } @@ -351,8 +355,9 @@ if ($_POST['save']) { /* Add the user to All Users group. */ foreach ($config['system']['group'] as $gidx => $group) { if ($group['name'] == "all") { - if (!is_array($config['system']['group'][$gidx]['member'])) + if (!is_array($config['system']['group'][$gidx]['member'])) { $config['system']['group'][$gidx]['member'] = array(); + } $config['system']['group'][$gidx]['member'][] = $userent['uid']; break; } @@ -362,11 +367,12 @@ if ($_POST['save']) { } local_user_set($userent); - local_user_set_groups($userent,$_POST['groups']); + local_user_set_groups($userent, $_POST['groups']); write_config(); - if(is_dir("/etc/inc/privhooks")) + if (is_dir("/etc/inc/privhooks")) { run_plugins("/etc/inc/privhooks"); + } conf_mount_ro(); @@ -400,31 +406,37 @@ include("head.inc"); function setall_selected(id) { selbox = document.getElementById(id); count = selbox.options.length; - for (index = 0; index<count; index++) + for (index = 0; index<count; index++) { selbox.options[index].selected = true; + } } function delete_empty(id) { selbox = document.getElementById(id); count = selbox.options.length; - for (index = 0; index<count; index++) - if (selbox.options[index].value == '') + for (index = 0; index<count; index++) { + if (selbox.options[index].value == '') { selbox.remove(index); + } + } } function clear_selected(id) { selbox = document.getElementById(id); count = selbox.options.length; - for (index = 0; index<count; index++) + for (index = 0; index<count; index++) { selbox.options[index].selected = false; + } } function remove_selected(id) { selbox = document.getElementById(id); index = selbox.options.length - 1; - for (; index >= 0; index--) - if (selbox.options[index].selected) + for (; index >= 0; index--) { + if (selbox.options[index].selected) { selbox.remove(index); + } + } } function copy_selected(srcid, dstid) { @@ -481,10 +493,12 @@ function sshkeyClicked(obj) { //]]> </script> <?php - if ($input_errors) + if ($input_errors) { print_input_errors($input_errors); - if ($savemsg) + } + if ($savemsg) { print_info_box($savemsg); + } ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="user manager"> <tr> @@ -513,8 +527,9 @@ function sshkeyClicked(obj) { <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area"> <?php $ro = ""; - if ($pconfig['utype'] == "system") + if ($pconfig['utype'] == "system") { $ro = "readonly=\"readonly\""; + } ?> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td> @@ -526,7 +541,7 @@ function sshkeyClicked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Disabled");?></td> <td width="78%" class="vtable"> - <input name="disabled" type="checkbox" id="disabled" <?php if($pconfig['disabled']) echo "checked=\"checked\""; ?> /> + <input name="disabled" type="checkbox" id="disabled" <?php if ($pconfig['disabled']) echo "checked=\"checked\""; ?> /> </td> </tr> <tr> @@ -560,7 +575,8 @@ function sshkeyClicked(obj) { <td width="78%" class="vtable"> <input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=htmlspecialchars($pconfig['expires']);?>" /> <br /> - <span class="vexpl"><?=gettext("Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy"); ?></span></td> + <span class="vexpl"><?=gettext("Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy"); ?></span> + </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td> @@ -574,10 +590,12 @@ function sshkeyClicked(obj) { <?php $rowIndex = 0; foreach ($config['system']['group'] as $group): - if ($group['gid'] == 1998) /* all users group */ + if ($group['gid'] == 1998) { /* all users group */ continue; - if (is_array($pconfig['groups']) && in_array($group['name'],$pconfig['groups'])) + } + if (is_array($pconfig['groups']) && in_array($group['name'], $pconfig['groups'])) { continue; + } $rowIndex++; ?> <option value="<?=$group['name'];?>" <?=$selected;?>> @@ -585,19 +603,20 @@ function sshkeyClicked(obj) { </option> <?php endforeach; - if ($rowIndex == 0) + if ($rowIndex == 0) { echo "<option></option>"; + } ?> </select> <br /> </td> <td> <br /> - <a href="javascript:move_selected('notgroups','groups')"> + <a href="javascript:move_selected('notgroups', 'groups')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="<?=gettext("Add Groups"); ?>" alt="<?=gettext("Add Groups"); ?>" width="17" height="17" border="0" /> </a> <br /><br /> - <a href="javascript:move_selected('groups','notgroups')"> + <a href="javascript:move_selected('groups', 'notgroups')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="<?=gettext("Remove Groups"); ?>" alt="<?=gettext("Remove Groups"); ?>" width="17" height="17" border="0" /> </a> </td> @@ -609,10 +628,12 @@ function sshkeyClicked(obj) { $rowIndex = 0; if (is_array($pconfig['groups'])): foreach ($config['system']['group'] as $group): - if ($group['gid'] == 1998) /* all users group */ + if ($group['gid'] == 1998) { /* all users group */ continue; - if (!in_array($group['name'],$pconfig['groups'])) + } + if (!in_array($group['name'], $pconfig['groups'])) { continue; + } $rowIndex++; ?> <option value="<?=$group['name'];?>"> @@ -621,8 +642,9 @@ function sshkeyClicked(obj) { <?php endforeach; endif; - if ($rowIndex == 0) + if ($rowIndex == 0) { echo "<option></option>"; + } ?> </select> <br /> @@ -647,12 +669,13 @@ function sshkeyClicked(obj) { </tr> <?php $privdesc = get_user_privdesc($a_user[$id]); - if(is_array($privdesc)): + if (is_array($privdesc)): $i = 0; foreach ($privdesc as $priv): $group = false; - if ($priv['group']) + if ($priv['group']) { $group = $priv['group']; + } ?> <tr> <td class="listlr"><?=$group;?></td> @@ -680,8 +703,9 @@ function sshkeyClicked(obj) { </tr> <?php /* can only delete user priv indexes */ - if (!$group) + if (!$group) { $i++; + } endforeach; endif; ?> @@ -707,7 +731,7 @@ function sshkeyClicked(obj) { </tr> <?php $a_cert = $a_user[$id]['cert']; - if(is_array($a_cert)): + if (is_array($a_cert)): $i = 0; foreach ($a_cert as $certref): $cert = lookup_cert($certref); @@ -770,9 +794,10 @@ function sshkeyClicked(obj) { else: if (is_array($config['ca']) && count($config['ca']) > 0): $i = 0; - foreach( $config['ca'] as $ca) { - if (!$ca['prv']) + foreach ($config['ca'] as $ca) { + if (!$ca['prv']) { continue; + } $i++; } ?> @@ -780,7 +805,7 @@ function sshkeyClicked(obj) { <tr id="usercertchck"> <td width="22%" valign="top" class="vncell"><?=gettext("Certificate");?></td> <td width="78%" class="vtable"> - <input type="checkbox" onclick="javascript:usercertClicked(this)" /> <?=gettext("Click to create a user certificate."); ?> + <input type="checkbox" onclick="javascript:usercertClicked(this)" /> <?=gettext("Click to create a user certificate."); ?> </td> </tr> @@ -803,16 +828,18 @@ function sshkeyClicked(obj) { <select name='caref' id='caref' class="formselect" onchange='internalca_change()'> <?php $rowIndex = 0; - foreach( $config['ca'] as $ca): - if (!$ca['prv']) + foreach ($config['ca'] as $ca): + if (!$ca['prv']) { continue; + } $rowIndex++; ?> <option value="<?=$ca['refid'];?>"><?=$ca['descr'];?></option> <?php endforeach; - if ($rowIndex == 0) + if ($rowIndex == 0) { echo "<option></option>"; + } ?> </select> </td> @@ -822,14 +849,15 @@ function sshkeyClicked(obj) { <td width="78%" class="vtable"> <select name='keylen' class="formselect"> <?php - $cert_keylens = array( "2048", "512", "1024", "4096"); - foreach( $cert_keylens as $len): + $cert_keylens = array("2048", "512", "1024", "4096"); + foreach ($cert_keylens as $len): ?> <option value="<?=$len;?>"><?=$len;?></option> <?php endforeach; - if (!count($cert_keylens)) + if (!count($cert_keylens)) { echo "<option></option>"; + } ?> </select> bits @@ -849,18 +877,18 @@ function sshkeyClicked(obj) { endif; endif; ?> - <tr id="sshkeychck" <?php if(!empty($pconfig['authorizedkeys'])) echo 'style="display:none"'; ?>> + <tr id="sshkeychck" <?php if (!empty($pconfig['authorizedkeys'])) echo 'style="display:none"'; ?>> <td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td> <td width="78%" class="vtable"> <input type="checkbox" onclick="javascript:sshkeyClicked(this)" /> <?=gettext("Click to paste an authorized key."); ?> </td> </tr> - <tr id="sshkey" <?php if(empty($pconfig['authorizedkeys'])) echo 'style="display:none"'; ?>> + <tr id="sshkey" <?php if (empty($pconfig['authorizedkeys'])) echo 'style="display:none"'; ?>> <td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td> <td width="78%" class="vtable"> <script type="text/javascript"> //<![CDATA[ - window.onload=function(){ + window.onload=function() { document.getElementById("authorizedkeys").wrap='off'; } //]]> @@ -936,13 +964,13 @@ function sshkeyClicked(obj) { <tbody> <?php $i = 0; - foreach($a_user as $userent): + foreach ($a_user as $userent): ?> <tr ondblclick="document.getElementById('act').value='<?php echo "edit";?>'; document.getElementById('userid').value='<?=$i;?>'; document.iform2.submit();" id="fr<?=$i?>"> <td class="list" id="frd<?=$i?>"> - <?php if($userent['scope'] != "system") : ?> + <?php if ($userent['scope'] != "system") : ?> <input type="checkbox" id="frc<?=$i?>" onclick="fr_bgcolor(<?=$i?>)" name="delete_check[]" value="<?=$i?>" /> <?php endif; ?> </td> @@ -951,10 +979,11 @@ function sshkeyClicked(obj) { <tr> <td align="left" valign="middle"> <?php - if($userent['scope'] != "user") + if ($userent['scope'] != "user") { $usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png"; - else + } else { $usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png"; + } ?> <img src="<?=$usrimg;?>" alt="<?=gettext("User"); ?>" title="<?=gettext("User"); ?>" border="0" height="16" width="16" /> </td> @@ -965,9 +994,9 @@ function sshkeyClicked(obj) { </table> </td> <td class="listr" id="frd<?=$i?>" onclick="fr_toggle('<?=$i;?>')"><?=htmlspecialchars($userent['descr']);?> </td> - <td class="listr" id="frd<?=$i?>" onclick="fr_toggle('<?=$i;?>')"><?php if(isset($userent['disabled'])) echo "*"; ?></td> + <td class="listr" id="frd<?=$i?>" onclick="fr_toggle('<?=$i;?>')"><?php if (isset($userent['disabled'])) echo "*"; ?></td> <td class="listbg" onclick="fr_toggle('<?=$i;?>')"> - <?=implode(",",local_user_get_groups($userent));?> + <?=implode(",", local_user_get_groups($userent));?> </td> <td valign="middle" class="list nowrap"> @@ -977,7 +1006,7 @@ function sshkeyClicked(obj) { document.getElementById('act').value='<?php echo "edit";?>';" title="<?=gettext("edit user");?>" /> <?php - if($userent['scope'] != "system"): + if ($userent['scope'] != "system"): ?> <input type="image" name="deluser[]" width="17" height="17" border="0" diff --git a/usr/local/www/system_usermanager_addprivs.php b/usr/local/www/system_usermanager_addprivs.php index 2ccda95..87ddb21 100644 --- a/usr/local/www/system_usermanager_addprivs.php +++ b/usr/local/www/system_usermanager_addprivs.php @@ -47,12 +47,14 @@ function admusercmp($a, $b) { require("guiconfig.inc"); -$pgtitle = array("System","User manager","Add privileges"); +$pgtitle = array("System", "User manager", "Add privileges"); -if (is_numericint($_GET['userid'])) +if (is_numericint($_GET['userid'])) { $userid = $_GET['userid']; -if (isset($_POST['userid']) && is_numericint($_POST['userid'])) +} +if (isset($_POST['userid']) && is_numericint($_POST['userid'])) { $userid = $_POST['userid']; +} if (!isset($config['system']['user'][$userid]) && !is_array($config['system']['user'][$userid])) { pfSenseHeader("system_usermanager.php"); @@ -61,8 +63,9 @@ if (!isset($config['system']['user'][$userid]) && !is_array($config['system']['u $a_user = & $config['system']['user'][$userid]; -if (!is_array($a_user['priv'])) +if (!is_array($a_user['priv'])) { $a_user['priv'] = array(); +} if ($_POST) { conf_mount_rw(); @@ -77,37 +80,40 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* if this is an AJAX caller then handle via JSON */ - if(isAjax() && is_array($input_errors)) { + if (isAjax() && is_array($input_errors)) { input_errors2Ajax($input_errors); exit; } if (!$input_errors) { - if (!is_array($pconfig['sysprivs'])) + if (!is_array($pconfig['sysprivs'])) { $pconfig['sysprivs'] = array(); + } - if (!count($a_user['priv'])) + if (!count($a_user['priv'])) { $a_user['priv'] = $pconfig['sysprivs']; - else + } else { $a_user['priv'] = array_merge($a_user['priv'], $pconfig['sysprivs']); + } $a_user['priv'] = sort_user_privs($a_user['priv']); local_user_set($a_user); $retval = write_config(); $savemsg = get_std_save_message($retval); conf_mount_ro(); - + post_redirect("system_usermanager.php", array('act' => 'edit', 'userid' => $userid)); - + exit; } conf_mount_ro(); } /* if ajax is calling, give them an update message */ -if(isAjax()) +if (isAjax()) { print_info_box_np($savemsg); +} include("head.inc"); ?> @@ -123,9 +129,10 @@ if (is_array($priv_list)) { $id = 0; $jdescs = "var descs = new Array();\n"; - foreach($priv_list as $pname => $pdata) { - if (in_array($pname, $a_user['priv'])) + foreach ($priv_list as $pname => $pdata) { + if (in_array($pname, $a_user['priv'])) { continue; + } $desc = addslashes(preg_replace("/pfSense/i", $g['product_name'], $pdata['descr'])); $jdescs .= "descs[{$id}] = '{$desc}';\n"; $id++; @@ -144,10 +151,12 @@ function update_description() { //]]> </script> <?php - if ($input_errors) + if ($input_errors) { print_input_errors($input_errors); - if ($savemsg) + } + if ($savemsg) { print_info_box($savemsg); + } ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="user manager add privileges"> <tr> @@ -172,9 +181,10 @@ function update_description() { <td width="78%" class="vtable"> <select name="sysprivs[]" id="sysprivs" class="formselect" onchange="update_description();" multiple="multiple" size="35"> <?php - foreach($priv_list as $pname => $pdata): - if (in_array($pname, $a_user['priv'])) + foreach ($priv_list as $pname => $pdata): + if (in_array($pname, $a_user['priv'])) { continue; + } ?> <option value="<?=$pname;?>"><?=$pdata['name'];?></option> <?php endforeach; ?> diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php index 9491824..6d785ee 100644 --- a/usr/local/www/system_usermanager_passwordmg.php +++ b/usr/local/www/system_usermanager_passwordmg.php @@ -27,8 +27,8 @@ POSSIBILITY OF SUCH DAMAGE. */ /* - pfSense_BUILDER_BINARIES: - pfSense_MODULE: auth + pfSense_BUILDER_BINARIES: + pfSense_MODULE: auth */ ##|+PRIV @@ -42,7 +42,7 @@ require_once("auth.inc"); require_once("certs.inc"); require_once("guiconfig.inc"); -$pgtitle = array(gettext("System"),gettext("User Password")); +$pgtitle = array(gettext("System"), gettext("User Password")); if (isset($_POST['save'])) { unset($input_errors); @@ -52,12 +52,14 @@ if (isset($_POST['save'])) { $reqdfieldsn = array(gettext("Password")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - if ($_POST['passwordfld1'] != $_POST['passwordfld2']) + if ($_POST['passwordfld1'] != $_POST['passwordfld2']) { $input_errors[] = gettext("The passwords do not match."); + } if (!$input_errors) { - if (!session_id()) + if (!session_id()) { session_start(); + } // all values are okay --> saving changes $userent =& $config['system']['user'][$userindex[$_SESSION['Username']]]; @@ -72,14 +74,17 @@ if (isset($_POST['save'])) { } } -if (!session_id()) +if (!session_id()) { session_start(); +} /* determine if user is not local to system */ $islocal = false; -foreach($config['system']['user'] as $user) - if($user['name'] == $_SESSION['Username']) +foreach ($config['system']['user'] as $user) { + if ($user['name'] == $_SESSION['Username']) { $islocal = true; + } +} session_commit(); @@ -91,10 +96,12 @@ include("head.inc"); <?php include("fbegin.inc"); -if ($input_errors) +if ($input_errors) { print_input_errors($input_errors); -if ($savemsg) +} +if ($savemsg) { print_info_box($savemsg); +} if ($islocal == false) { echo gettext("Sorry, you cannot change the password for a non-local user."); @@ -105,41 +112,43 @@ if ($islocal == false) { ?> <div id="mainarea"> - <div class="tabcont"> - <form action="system_usermanager_passwordmg.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area"> - <tr> -<?php if (!session_id()) + <div class="tabcont"> + <form action="system_usermanager_passwordmg.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area"> + <tr> +<?php + if (!session_id()) { session_start(); + } ?> - <td colspan="2" valign="top" class="listtopic"><?=$_SESSION['Username']?>'s <?=gettext("Password"); ?></td> + <td colspan="2" valign="top" class="listtopic"><?=$_SESSION['Username']?>'s <?=gettext("Password"); ?></td> <?php session_commit(); ?> - </tr> - <tr> - <td width="22%" valign="top" class="vncell" rowspan="2"><?=gettext("Password"); ?></td> - <td width="78%" class="vtable"> - <input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" /> - </td> - </tr> - <tr> - <td width="78%" class="vtable"> - <input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" /> - <?=gettext("(confirmation)");?> - <br /> - <span class="vexpl"> - <?=gettext("Select a new password");?> - </span> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> - </td> - </tr> - </table> - </form> - </div> + </tr> + <tr> + <td width="22%" valign="top" class="vncell" rowspan="2"><?=gettext("Password"); ?></td> + <td width="78%" class="vtable"> + <input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" /> + </td> + </tr> + <tr> + <td width="78%" class="vtable"> + <input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" /> + <?=gettext("(confirmation)");?> + <br /> + <span class="vexpl"> + <?=gettext("Select a new password");?> + </span> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> + </td> + </tr> + </table> + </form> + </div> </div> <?php include("fend.inc");?> </body> diff --git a/usr/local/www/system_usermanager_settings.php b/usr/local/www/system_usermanager_settings.php index 8965c69..cadfb08 100644 --- a/usr/local/www/system_usermanager_settings.php +++ b/usr/local/www/system_usermanager_settings.php @@ -49,39 +49,44 @@ $pconfig['authmode'] = &$config['system']['webgui']['authmode']; $pconfig['backend'] = &$config['system']['webgui']['backend']; // Page title for main admin -$pgtitle = array(gettext("System"),gettext("User manager settings")); +$pgtitle = array(gettext("System"), gettext("User manager settings")); $save_and_test = false; if ($_POST) { unset($input_errors); $pconfig = $_POST; - if(isset($_POST['session_timeout'])) { + if (isset($_POST['session_timeout'])) { $timeout = intval($_POST['session_timeout']); - if ($timeout != "" && (!is_numeric($timeout) || $timeout <= 0)) + if ($timeout != "" && (!is_numeric($timeout) || $timeout <= 0)) { $input_errors[] = gettext("Session timeout must be an integer value."); + } } if (!$input_errors) { if ($_POST['authmode'] != "local") { $authsrv = auth_get_authserver($_POST['authmode']); - if ($_POST['savetest']) - if ($authsrv['type'] == "ldap") + if ($_POST['savetest']) { + if ($authsrv['type'] == "ldap") { $save_and_test = true; - else + } else { $savemsg = gettext("The test was not performed because it is supported only for ldap based backends."); + } + } } - if(isset($_POST['session_timeout']) && $_POST['session_timeout'] != "") + if (isset($_POST['session_timeout']) && $_POST['session_timeout'] != "") { $config['system']['webgui']['session_timeout'] = intval($_POST['session_timeout']); - else + } else { unset($config['system']['webgui']['session_timeout']); + } - if($_POST['authmode']) + if ($_POST['authmode']) { $config['system']['webgui']['authmode'] = $_POST['authmode']; - else + } else { unset($config['system']['webgui']['authmode']); + } write_config(); @@ -97,7 +102,7 @@ include("head.inc"); <?php if ($savemsg) print_info_box($savemsg);?> <?php - if($save_and_test) { + if ($save_and_test) { echo "<script type=\"text/javascript\">\n"; echo "//<![CDATA[\n"; echo "myRef = window.open('system_usermanager_settings_test.php?authserver={$pconfig['authmode']}','mywin', "; @@ -120,8 +125,9 @@ include("head.inc"); display_top_tabs($tab_array); /* Default to pfsense backend type if none is defined */ - if(!$pconfig['backend']) + if (!$pconfig['backend']) { $pconfig['backend'] = "pfsense"; + } ?> </td> </tr> @@ -147,10 +153,12 @@ include("head.inc"); $auth_servers = auth_get_authserver_list(); foreach ($auth_servers as $auth_server): $selected = ""; - if ($auth_server['name'] == $pconfig['authmode']) + if ($auth_server['name'] == $pconfig['authmode']) { $selected = "selected=\"selected\""; - if (!isset($pconfig['authmode']) && $auth_server['name'] == "Local Database") + } + if (!isset($pconfig['authmode']) && $auth_server['name'] == "Local Database") { $selected = "selected=\"selected\""; + } ?> <option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option> <?php diff --git a/usr/local/www/system_usermanager_settings_ldapacpicker.php b/usr/local/www/system_usermanager_settings_ldapacpicker.php index cdb8b81..068142e 100644 --- a/usr/local/www/system_usermanager_settings_ldapacpicker.php +++ b/usr/local/www/system_usermanager_settings_ldapacpicker.php @@ -37,7 +37,7 @@ require_once("auth.inc"); $ous = array(); -if($_GET) { +if ($_GET) { $authcfg = array(); $authcfg['ldap_port'] = $_GET['port']; $authcfg['ldap_basedn'] = $_GET['basedn']; @@ -55,25 +55,25 @@ if($_GET) { ?> <html> <head> - <STYLE type="text/css"> - TABLE { - border-width: 1px 1px 1px 1px; - border-spacing: 0px; - border-style: solid solid solid solid; - border-color: gray gray gray gray; - border-collapse: separate; - background-color: collapse; - } - TD { - border-width: 0px 0px 0px 0px; - border-spacing: 0px; - border-style: solid solid solid solid; - border-color: gray gray gray gray; - border-collapse: collapse; - background-color: white; - } - </STYLE> - </head> + <STYLE type="text/css"> + TABLE { + border-width: 1px 1px 1px 1px; + border-spacing: 0px; + border-style: solid solid solid solid; + border-color: gray gray gray gray; + border-collapse: separate; + background-color: collapse; + } + TD { + border-width: 0px 0px 0px 0px; + border-spacing: 0px; + border-style: solid solid solid solid; + border-color: gray gray gray gray; + border-collapse: collapse; + background-color: white; + } + </STYLE> + </head> <script type="text/javascript"> function post_choices() { @@ -82,8 +82,9 @@ function post_choices() { opener.document.forms[0].ldapauthcontainers.value=""; for (i = 0; i < ous; i++) { if (document.forms[0].ou[i].checked) { - if (opener.document.forms[0].ldapauthcontainers.value != "") + if (opener.document.forms[0].ldapauthcontainers.value != "") { opener.document.forms[0].ldapauthcontainers.value+=";"; + } opener.document.forms[0].ldapauthcontainers.value+=document.forms[0].ou[i].value; } } @@ -92,8 +93,8 @@ function post_choices() { } </script> - <body link="#0000CC" vlink="#0000CC" alink="#0000CC" > - <form method="post" action="system_usermanager_settings_ldapacpicker.php"> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC" > +<form method="post" action="system_usermanager_settings_ldapacpicker.php"> <?php if (empty($ous)): ?> <p><?=gettext("Could not connect to the LDAP server. Please check your LDAP configuration.");?></p> <input type='button' value='<?=gettext("Close"); ?>' onClick="window.close();"> @@ -101,29 +102,30 @@ function post_choices() { <b><?=gettext("Please select which containers to Authenticate against:");?></b> <p/> <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td class="tabnavtbl"> - <table width="100%"> + <tr> + <td class="tabnavtbl"> + <table width="100%"> <?php - if(is_array($ous)) { - foreach($ous as $ou) { - if(in_array($ou, $authcfg['ldap_authcn'])) + if (is_array($ous)) { + foreach ($ous as $ou) { + if (in_array($ou, $authcfg['ldap_authcn'])) { $CHECKED=" CHECKED"; - else + } else { $CHECKED=""; + } echo " <tr><td><input type='checkbox' value='{$ou}' id='ou' name='ou[]'{$CHECKED}> {$ou}<br /></td></tr>\n"; } } ?> - </table> - </td> - </tr> - </table> + </table> + </td> + </tr> + </table> <p/> <input type='button' value='<?=gettext("Save");?>' onClick="post_choices();"> <?php endif; ?> - </form> - </body> +</form> +</body> </html> diff --git a/usr/local/www/system_usermanager_settings_test.php b/usr/local/www/system_usermanager_settings_test.php index 2dcba45..9076262 100755 --- a/usr/local/www/system_usermanager_settings_test.php +++ b/usr/local/www/system_usermanager_settings_test.php @@ -43,7 +43,7 @@ require("guiconfig.inc"); require_once("auth.inc"); -if(isset($config['system']['authserver'][0]['host'])){ +if (isset($config['system']['authserver'][0]['host'])) { $auth_server = $config['system']['authserver'][0]['host']; $authserver = $_GET['authserver']; $authcfg = auth_get_authserver($authserver); @@ -52,17 +52,17 @@ if(isset($config['system']['authserver'][0]['host'])){ ?> <html> - <HEAD> - <STYLE type="text/css"> - TABLE { +<HEAD> + <STYLE type="text/css"> + TABLE { border-width: 1px; border-spacing: 0px; border-style: solid solid solid solid; border-color: gray gray gray gray; border-collapse: separate; background-color: collapse; - } - TD { + } + TD { border-width: 1px 1px 1px 1px; border-spacing: 0px; border-style: solid solid solid solid; @@ -70,18 +70,18 @@ if(isset($config['system']['authserver'][0]['host'])){ border-collapse: collapse; background-color: #dddddd; } - </STYLE> - </HEAD> - <body> - <form method="post" name="iform" id="iform"> - + </STYLE> +</HEAD> +<body> + <form method="post" name="iform" id="iform"> + <?php $theme = $config['theme']; if (!$authcfg) { printf(gettext("Could not find settings for %s%s"), htmlspecialchars($authserver), "<p/>"); } else { - if($theme != "" && file_exists("/usr/local/www/themes/{$theme}/images/logo.gif")){ + if ($theme != "" && file_exists("/usr/local/www/themes/{$theme}/images/logo.gif")) { echo "<p><img src='/themes/{$theme}/images/logo.gif' style='float: left'><br/><br/><br/></p>"; } echo "<b>" . sprintf(gettext("Testing %s LDAP settings... One moment please..."), $g['product_name']) . "</b>"; @@ -89,28 +89,29 @@ if (!$authcfg) { echo "<table width='100%'>"; echo "<tr><td>" . gettext("Attempting connection to") . " " . "<td><center>$auth_server</b></center></td>"; - if(ldap_test_connection($authcfg)) { + if (ldap_test_connection($authcfg)) { echo "<td><center><font color=green>OK</center></td></tr>"; - echo "<tr><td>" . gettext("Attempting bind to") . " " . "<td><center>$auth_server</b></center></td>"; - if(ldap_test_bind($authcfg)) { + echo "<tr><td>" . gettext("Attempting bind to") . " " . "<td><center>$auth_server</b></center></td>"; + if (ldap_test_bind($authcfg)) { echo "<td><center><font color=green>OK</center></td></tr>"; echo "<tr><td>" . gettext("Attempting to fetch Organizational Units from") . " " . "<td><center>$auth_server</b></center></td>"; $ous = ldap_get_user_ous(true, $authcfg); - if(count($ous)>1) { + if (count($ous)>1) { echo "<td><center><font color=green>OK</center></td></tr>"; echo "</table>"; - if(is_array($ous)) { + if (is_array($ous)) { echo "<br/>"; echo "<b>" . gettext("Organization units found") . "</b>"; echo "<table width='100%'>"; - foreach($ous as $ou) { + foreach ($ous as $ou) { echo "<tr><td onmouseover=\"this.style.backgroundColor='#ffffff';\" onmouseout=\"this.style.backgroundColor='#dddddd';\">" . $ou . "</td></tr>"; } } - } else + } else { echo "<td><font color=red>" . gettext("failed") . "</td></tr>"; + } echo "</table><p/>"; |
