diff options
-rw-r--r-- | etc/inc/auth.inc | 24 | ||||
-rw-r--r-- | usr/local/www/system_usermanager.php | 20 |
2 files changed, 36 insertions, 8 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 25c8e15..1c75eb5 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -847,6 +847,16 @@ function get_user_expiration_date($username) { } } +function is_account_disabled($username) { + global $config; + foreach($config['system']['user'] as $user) { + if(isset($user['disabled'])) { + return true; + } + } + return false; +} + function session_auth($backing) { global $g, $debug, $HTTP_SERVER_VARS, $userindex, $config; @@ -858,14 +868,18 @@ function session_auth($backing) { $acct_expires = get_user_expiration_date($_POST['usernamefld']); if($acct_expires) { if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($acct_expires)))) { - log_error("Account is now expired."); + echo "showajaxmessage('{$_SESSION['Login_Error']}');"; return; } } else { - $_SESSION['Logged_In'] = "True"; - $_SESSION['Username'] = $_POST['usernamefld']; - $_SESSION['last_access'] = time(); - log_error("Successful login for user '{$_POST['usernamefld']}' from: {$_SERVER['REMOTE_ADDR']}"); + if(is_account_disabled($_POST['usernamefld'])) { + echo "showajaxmessage('{$_SESSION['Login_Error']}');"; + } else { + $_SESSION['Logged_In'] = "True"; + $_SESSION['Username'] = $_POST['usernamefld']; + $_SESSION['last_access'] = time(); + log_error("Successful login for user '{$_POST['usernamefld']}' from: {$_SERVER['REMOTE_ADDR']}"); + } } } else { /* give the user a more detailed error message */ diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index b3403e9..9ff460b 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -158,6 +158,7 @@ if (isAllowedPage("system_usermanager")) { $pconfig['uid'] = $a_user[$id]['uid']; $pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']); $pconfig['priv'] = $a_user[$id]['priv']; + $pconfig['disabled'] = isset($a_user[$id]['disabled']); } } @@ -252,6 +253,11 @@ if (isAllowedPage("system_usermanager")) { $userent['fullname'] = $_POST['fullname']; $userent['expires'] = $_POST['expires']; $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); + + if($_POST['disabled']) + $userent['disabled'] = true; + else + unset($userent['disabled']); if (isset($id) && $a_user[$id]) $a_user[$id] = $userent; @@ -372,6 +378,12 @@ function presubmit() { </td> </tr> <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled");?></td> + <td width="78%" class="vtable"> + <input name="disabled" type="checkbox" id="disabled" <?php if($pconfig['disabled']) echo "CHECKED"; ?>> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td> <td width="78%" class="vtable"> <input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?>/> @@ -601,7 +613,8 @@ function presubmit() { <tr> <td width="25%" class="listhdrr">Username</td> <td width="25%" class="listhdrr">Full name</td> - <td width="30%" class="listhdrr">Groups</td> + <td width="5%" class="listhdrr">Disabled</td> + <td width="25%" class="listhdrr">Groups</td> <td width="10%" class="list"></td> </tr> <?php @@ -628,6 +641,7 @@ function presubmit() { </table> </td> <td class="listr"><?=htmlspecialchars($userent['fullname']);?> </td> + <td class="listr"><?php if(isset($userent['disabled'])) echo "*"; ?></td> <td class="listbg"> <?=implode(",",local_user_get_groups($userent));?> @@ -649,7 +663,7 @@ function presubmit() { endforeach; ?> <tr> - <td class="list" colspan="3"></td> + <td class="list" colspan="4"></td> <td class="list"> <a href="system_usermanager.php?act=new"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add user" alt="add user" width="17" height="17" border="0" /> @@ -657,7 +671,7 @@ function presubmit() { </td> </tr> <tr> - <td colspan="3"> + <td colspan="4"> <p> <?=gettext("Additional webConfigurator users can be added here.");?> <?=gettext("User permissions can be assinged diretly or inherited from group memberships.");?> |