- +

@@ -112,8 +112,7 @@ $spd = ipsec_dump_spd();

-
- +

diff --git a/usr/local/www/firewall_aliases.php b/usr/local/www/firewall_aliases.php index 4a16bac..575240c 100755 --- a/usr/local/www/firewall_aliases.php +++ b/usr/local/www/firewall_aliases.php @@ -160,7 +160,7 @@ include("head.inc"); " . gettext("You must apply the changes in order for them to take effect."));?> -

diff --git a/usr/local/www/services_dnsmasq.php b/usr/local/www/services_dnsmasq.php index defb275..a0e32d0 100755 --- a/usr/local/www/services_dnsmasq.php +++ b/usr/local/www/services_dnsmasq.php @@ -177,7 +177,7 @@ function enable_change(enable_over) {

- +

@@ -242,7 +242,7 @@ function enable_change(enable_over) {

- +

diff --git a/usr/local/www/services_wol.php b/usr/local/www/services_wol.php index cdc3e6a..37d4155 100755 --- a/usr/local/www/services_wol.php +++ b/usr/local/www/services_wol.php @@ -156,7 +156,7 @@ include("head.inc");

diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 4b9fc74..f1171a0 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -850,7 +850,7 @@ if ($savemsg) -

diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 4a24e2e..49df7a1 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -1369,7 +1369,7 @@ if ($savemsg) -

-- cgit v1.1 From 79633b6c1886aeb71d236d2702d15cd050377833 Mon Sep 17 00:00:00 2001 From: Evgeny Yurchenko Date: Sun, 5 Jun 2011 16:09:59 -0400 Subject: Reverting class="sortable" damaged by commit 17d5077f61d963178f47e016b8768b768800ba68 --- usr/local/www/diag_dump_states.php | 4 ++-- usr/local/www/diag_ipsec_spd.php | 5 +++-- usr/local/www/services_dnsmasq.php | 4 ++-- usr/local/www/vpn_openvpn_client.php | 2 +- usr/local/www/vpn_openvpn_server.php | 2 +- 5 files changed, 9 insertions(+), 8 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/diag_dump_states.php b/usr/local/www/diag_dump_states.php index c931173..a8671c1 100755 --- a/usr/local/www/diag_dump_states.php +++ b/usr/local/www/diag_dump_states.php @@ -143,13 +143,13 @@ include("head.inc");

- +

- + diff --git a/usr/local/www/diag_ipsec_spd.php b/usr/local/www/diag_ipsec_spd.php index ad6749a..4de5a7f 100755 --- a/usr/local/www/diag_ipsec_spd.php +++ b/usr/local/www/diag_ipsec_spd.php @@ -80,7 +80,7 @@ $spd = ipsec_dump_spd(); - + -- cgit v1.1 From 60ccf01c45e5fa05441081fd153f00f4f2d2c1bf Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Mon, 6 Jun 2011 20:44:50 -0400 Subject: Add a div around input errors box so that it can be hidden on subequent page posting --- usr/local/www/guiconfig.inc | 2 ++ 1 file changed, 2 insertions(+) (limited to 'usr/local/www') diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 3c576b9..8c87904 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -249,6 +249,7 @@ function print_input_errors($input_errors) { global $g; print <<

Router -> Destination");?>

- +

@@ -112,7 +112,8 @@ $spd = ipsec_dump_spd();

- +
+

diff --git a/usr/local/www/services_dnsmasq.php b/usr/local/www/services_dnsmasq.php index a0e32d0..defb275 100755 --- a/usr/local/www/services_dnsmasq.php +++ b/usr/local/www/services_dnsmasq.php @@ -177,7 +177,7 @@ function enable_change(enable_over) {

- +

@@ -242,7 +242,7 @@ function enable_change(enable_over) {

- +

diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index eb9e078..97b7769 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -854,7 +854,7 @@ if ($savemsg) -

diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 17641ad..b08c481 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -1377,7 +1377,7 @@ if ($savemsg) -

-- cgit v1.1 From 6627e4ec35f0ea2f8739eb8104fd500021ac412b Mon Sep 17 00:00:00 2001 From: Evgeny Yurchenko Date: Sun, 5 Jun 2011 16:23:10 -0400 Subject: Restoring gray background to the right of some tables in GUI (theme pfsense_ng). --- usr/local/www/themes/pfsense_ng/all.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr/local/www') diff --git a/usr/local/www/themes/pfsense_ng/all.css b/usr/local/www/themes/pfsense_ng/all.css index 650d52d..b89299d 100644 --- a/usr/local/www/themes/pfsense_ng/all.css +++ b/usr/local/www/themes/pfsense_ng/all.css @@ -1333,7 +1333,7 @@ div#log span.log-protocol-mini-header { /* Sortable tables */ table.sortable thead { cursor: default; - background-color: #EEEEEE; + padding-right: 12px; padding-left: 12px; padding-top: 12px; -- cgit v1.1 From e33be77c0e37a98721ad20d2381ba6e5b6fc1f57 Mon Sep 17 00:00:00 2001 From: Ermal Date: Mon, 6 Jun 2011 10:53:42 +0000 Subject: Ticket #1412. Fixing the access login to the user manager presented another problem since now users cannot change their passwords anymore. Allow this through another page and an extra priviledge needed to be added to the user for allowing them to change the password. --- usr/local/www/system_usermanager.php | 591 ++++++++++-------------- usr/local/www/system_usermanager_passwordmg.php | 128 +++++ 2 files changed, 373 insertions(+), 346 deletions(-) create mode 100644 usr/local/www/system_usermanager_passwordmg.php (limited to 'usr/local/www') diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index cc6c4f1..783eb0f 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -49,311 +49,304 @@ require("certs.inc"); require("guiconfig.inc"); -if (isAllowedPage("system_usermanager.php*")) { - // start admin user code - $pgtitle = array(gettext("System"),gettext("User Manager")); +// start admin user code +$pgtitle = array(gettext("System"),gettext("User Manager")); - $id = $_GET['id']; - if (isset($_POST['id'])) - $id = $_POST['id']; +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; - if (!is_array($config['system']['user'])) - $config['system']['user'] = array(); +if (!is_array($config['system']['user'])) + $config['system']['user'] = array(); - $a_user = &$config['system']['user']; +$a_user = &$config['system']['user']; - if ($_GET['act'] == "deluser") { +if ($_GET['act'] == "deluser") { - if (!$a_user[$id]) { - pfSenseHeader("system_usermanager.php"); - exit; - } - - local_user_del($a_user[$id]); - $userdeleted = $a_user[$id]['name']; - unset($a_user[$id]); - write_config(); - $savemsg = gettext("User")." {$userdeleted} ". - gettext("successfully deleted")."
"; + if (!$a_user[$id]) { + pfSenseHeader("system_usermanager.php"); + exit; } - if ($_GET['act'] == "delpriv") { - - if (!$a_user[$id]) { - pfSenseHeader("system_usermanager.php"); - exit; - } + local_user_del($a_user[$id]); + $userdeleted = $a_user[$id]['name']; + unset($a_user[$id]); + write_config(); + $savemsg = gettext("User")." {$userdeleted} ". + gettext("successfully deleted")."
"; +} +else if ($_GET['act'] == "delpriv") { - $privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name']; - unset($a_user[$id]['priv'][$_GET['privid']]); - local_user_set($a_user[$id]); - write_config(); - $_GET['act'] = "edit"; - $savemsg = gettext("Privilege")." {$privdeleted} ". - gettext("successfully deleted")."
"; + if (!$a_user[$id]) { + pfSenseHeader("system_usermanager.php"); + exit; } - if ($_GET['act'] == "expcert") { - - if (!$a_user[$id]) { - pfSenseHeader("system_usermanager.php"); - exit; - } - - $cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]); - - $exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.crt"); - $exp_data = base64_decode($cert['crt']); - $exp_size = strlen($exp_data); + $privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name']; + unset($a_user[$id]['priv'][$_GET['privid']]); + local_user_set($a_user[$id]); + write_config(); + $_GET['act'] = "edit"; + $savemsg = gettext("Privilege")." {$privdeleted} ". + gettext("successfully deleted")."
"; +} +else if ($_GET['act'] == "expcert") { - header("Content-Type: application/octet-stream"); - header("Content-Disposition: attachment; filename={$exp_name}"); - header("Content-Length: $exp_size"); - echo $exp_data; + if (!$a_user[$id]) { + pfSenseHeader("system_usermanager.php"); exit; } - if ($_GET['act'] == "expckey") { - - if (!$a_user[$id]) { - pfSenseHeader("system_usermanager.php"); - exit; - } + $cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]); - $cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]); + $exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.crt"); + $exp_data = base64_decode($cert['crt']); + $exp_size = strlen($exp_data); - $exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.key"); - $exp_data = base64_decode($cert['prv']); - $exp_size = strlen($exp_data); + header("Content-Type: application/octet-stream"); + header("Content-Disposition: attachment; filename={$exp_name}"); + header("Content-Length: $exp_size"); + echo $exp_data; + exit; +} +else if ($_GET['act'] == "expckey") { - header("Content-Type: application/octet-stream"); - header("Content-Disposition: attachment; filename={$exp_name}"); - header("Content-Length: $exp_size"); - echo $exp_data; + if (!$a_user[$id]) { + pfSenseHeader("system_usermanager.php"); exit; } - if ($_GET['act'] == "delcert") { + $cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]); - if (!$a_user[$id]) { - pfSenseHeader("system_usermanager.php"); - exit; - } + $exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.key"); + $exp_data = base64_decode($cert['prv']); + $exp_size = strlen($exp_data); - $certdeleted = lookup_cert($a_user[$id]['cert'][$_GET['certid']]); - $certdeleted = $certdeleted['descr']; - unset($a_user[$id]['cert'][$_GET['certid']]); - write_config(); - $_GET['act'] = "edit"; - $savemsg = gettext("Certificate")." {$certdeleted} ". - gettext("association removed.")."
"; - } + header("Content-Type: application/octet-stream"); + header("Content-Disposition: attachment; filename={$exp_name}"); + header("Content-Length: $exp_size"); + echo $exp_data; + exit; +} +else if ($_GET['act'] == "delcert") { - if ($_GET['act'] == "edit") { - if (isset($id) && $a_user[$id]) { - $pconfig['usernamefld'] = $a_user[$id]['name']; - $pconfig['descr'] = $a_user[$id]['descr']; - $pconfig['expires'] = $a_user[$id]['expires']; - $pconfig['groups'] = local_user_get_groups($a_user[$id]); - $pconfig['utype'] = $a_user[$id]['scope']; - $pconfig['uid'] = $a_user[$id]['uid']; - $pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']); - $pconfig['priv'] = $a_user[$id]['priv']; - $pconfig['ipsecpsk'] = $a_user[$id]['ipsecpsk']; - $pconfig['disabled'] = isset($a_user[$id]['disabled']); - } + if (!$a_user[$id]) { + pfSenseHeader("system_usermanager.php"); + exit; } - if ($_GET['act'] == "new") { - /* - * set this value cause the text field is read only - * and the user should not be able to mess with this - * setting. - */ - $pconfig['utype'] = "user"; - $pconfig['lifetime'] = 3650; + $certdeleted = lookup_cert($a_user[$id]['cert'][$_GET['certid']]); + $certdeleted = $certdeleted['descr']; + unset($a_user[$id]['cert'][$_GET['certid']]); + write_config(); + $_GET['act'] = "edit"; + $savemsg = gettext("Certificate")." {$certdeleted} ". + gettext("association removed.")."
"; +} +else if ($_GET['act'] == "edit") { + if (isset($id) && $a_user[$id]) { + $pconfig['usernamefld'] = $a_user[$id]['name']; + $pconfig['descr'] = $a_user[$id]['descr']; + $pconfig['expires'] = $a_user[$id]['expires']; + $pconfig['groups'] = local_user_get_groups($a_user[$id]); + $pconfig['utype'] = $a_user[$id]['scope']; + $pconfig['uid'] = $a_user[$id]['uid']; + $pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']); + $pconfig['priv'] = $a_user[$id]['priv']; + $pconfig['ipsecpsk'] = $a_user[$id]['ipsecpsk']; + $pconfig['disabled'] = isset($a_user[$id]['disabled']); } +} +else if ($_GET['act'] == "new") { + /* + * set this value cause the text field is read only + * and the user should not be able to mess with this + * setting. + */ + $pconfig['utype'] = "user"; + $pconfig['lifetime'] = 3650; +} - if ($_POST) { - unset($input_errors); - $pconfig = $_POST; +if ($_POST) { + unset($input_errors); + $pconfig = $_POST; - /* input validation */ - if (isset($id) && ($a_user[$id])) { - $reqdfields = explode(" ", "usernamefld"); - $reqdfieldsn = array(gettext("Username")); + /* input validation */ + if (isset($id) && ($a_user[$id])) { + $reqdfields = explode(" ", "usernamefld"); + $reqdfieldsn = array(gettext("Username")); + } else { + if (empty($_POST['name'])) { + $reqdfields = explode(" ", "usernamefld passwordfld1"); + $reqdfieldsn = array( + gettext("Username"), + gettext("Password")); } else { - if (empty($_POST['name'])) { - $reqdfields = explode(" ", "usernamefld passwordfld1"); - $reqdfieldsn = array( - gettext("Username"), - gettext("Password")); - } else { - $reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime"); - $reqdfieldsn = array( - gettext("Username"), - gettext("Password"), - gettext("Descriptive name"), - gettext("Certificate authority"), - gettext("Key length"), - gettext("Lifetime")); - } + $reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime"); + $reqdfieldsn = array( + gettext("Username"), + gettext("Password"), + gettext("Descriptive name"), + gettext("Certificate authority"), + gettext("Key length"), + gettext("Lifetime")); } + } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) - $input_errors[] = gettext("The username contains invalid characters."); + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); - if (strlen($_POST['usernamefld']) > 16) - $input_errors[] = gettext("The username is longer than 16 characters."); + if (strlen($_POST['usernamefld']) > 16) + $input_errors[] = gettext("The username is longer than 16 characters."); - if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) - $input_errors[] = gettext("The passwords do not match."); + if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) + $input_errors[] = gettext("The passwords do not match."); - if (isset($id) && $a_user[$id]) - $oldusername = $a_user[$id]['name']; - else - $oldusername = ""; - /* make sure this user name is unique */ - if (!$input_errors) { - foreach ($a_user as $userent) { - if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) { - $input_errors[] = gettext("Another entry with the same username already exists."); - break; - } + if (isset($id) && $a_user[$id]) + $oldusername = $a_user[$id]['name']; + else + $oldusername = ""; + /* make sure this user name is unique */ + if (!$input_errors) { + foreach ($a_user as $userent) { + if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) { + $input_errors[] = gettext("Another entry with the same username already exists."); + break; } } - /* also make sure it is not reserved */ - if (!$input_errors) { - $system_users = explode("\n", file_get_contents("/etc/passwd")); - foreach ($system_users as $s_user) { - $ent = explode(":", $s_user); - if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) { - $input_errors[] = gettext("That username is reserved by the system."); - break; - } + } + /* also make sure it is not reserved */ + if (!$input_errors) { + $system_users = explode("\n", file_get_contents("/etc/passwd")); + foreach ($system_users as $s_user) { + $ent = explode(":", $s_user); + if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) { + $input_errors[] = gettext("That username is reserved by the system."); + break; } } + } - /* - * Check for a valid expirationdate if one is set at all (valid means, - * strtotime() puts out a time stamp so any strtotime compatible time - * format may be used. to keep it simple for the enduser, we only - * claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs - * like "+1 day", which will be converted to MM/DD/YYYY based on "now". - * Otherwhise such an entry would lead to an invalid expiration data. - */ - if ($_POST['expires']){ - if(strtotime($_POST['expires']) > 0){ - if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($_POST['expires'])))) { - // Allow items to lie in the past which ends up disabling. - } else { - //convert from any strtotime compatible date to MM/DD/YYYY - $expdate = strtotime($_POST['expires']); - $_POST['expires'] = date("m/d/Y",$expdate); - } + /* + * Check for a valid expirationdate if one is set at all (valid means, + * strtotime() puts out a time stamp so any strtotime compatible time + * format may be used. to keep it simple for the enduser, we only + * claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs + * like "+1 day", which will be converted to MM/DD/YYYY based on "now". + * Otherwhise such an entry would lead to an invalid expiration data. + */ + if ($_POST['expires']){ + if(strtotime($_POST['expires']) > 0){ + if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($_POST['expires'])))) { + // Allow items to lie in the past which ends up disabling. } else { - $input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead."); + //convert from any strtotime compatible date to MM/DD/YYYY + $expdate = strtotime($_POST['expires']); + $_POST['expires'] = date("m/d/Y",$expdate); } + } else { + $input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead."); } + } - if (!empty($_POST['name'])) { - $ca = lookup_ca($_POST['caref']); - if (!$ca) - $input_errors[] = gettext("Invalid internal Certificate Authority") . "\n"; - } + if (!empty($_POST['name'])) { + $ca = lookup_ca($_POST['caref']); + if (!$ca) + $input_errors[] = gettext("Invalid internal Certificate Authority") . "\n"; + } - /* if this is an AJAX caller then handle via JSON */ - if (isAjax() && is_array($input_errors)) { - input_errors2Ajax($input_errors); - exit; - } + /* if this is an AJAX caller then handle via JSON */ + if (isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } - if (!$input_errors) { - conf_mount_rw(); - $userent = array(); - if (isset($id) && $a_user[$id]) - $userent = $a_user[$id]; - - isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; - - /* the user name was modified */ - if ($_POST['usernamefld'] <> $_POST['oldusername']) - $_SERVER['REMOTE_USER'] = $_POST['usernamefld']; - - /* the user password was mofified */ - if ($_POST['passwordfld1']) - local_user_set_password($userent, $_POST['passwordfld1']); - - $userent['name'] = $_POST['usernamefld']; - $userent['descr'] = $_POST['descr']; - $userent['expires'] = $_POST['expires']; - $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); - $userent['ipsecpsk'] = $_POST['ipsecpsk']; - - if($_POST['disabled']) - $userent['disabled'] = true; - else - unset($userent['disabled']); - - if (isset($id) && $a_user[$id]) - $a_user[$id] = $userent; - else { - if (!empty($_POST['name'])) { - $cert = array(); - $cert['refid'] = uniqid(); - $userent['cert'] = array(); - - $cert['descr'] = $_POST['name']; - - $subject = cert_get_subject_array($ca['crt']); - - $dn = array( - 'countryName' => $subject[0]['v'], - 'stateOrProvinceName' => $subject[1]['v'], - 'localityName' => $subject[2]['v'], - 'organizationName' => $subject[3]['v'], - 'emailAddress' => $subject[4]['v'], - 'commonName' => $userent['name']); - - cert_create($cert, $_POST['caref'], $_POST['keylen'], - (int)$_POST['lifetime'], $dn); - - if (!is_array($config['cert'])) - $config['cert'] = array(); - $config['cert'][] = $cert; - $userent['cert'][] = $cert['refid']; - } - $userent['uid'] = $config['system']['nextuid']++; - /* Add the user to All Users group. */ - foreach ($config['system']['group'] as $gidx => $group) { - if ($group['name'] == "all") { - if (!is_array($config['system']['group'][$gidx]['member'])) - $config['system']['group'][$gidx]['member'] = array(); - $config['system']['group'][$gidx]['member'][] = $userent['uid']; - break; - } - } + if (!$input_errors) { + conf_mount_rw(); + $userent = array(); + if (isset($id) && $a_user[$id]) + $userent = $a_user[$id]; - $a_user[] = $userent; - } + isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; + + /* the user name was modified */ + if ($_POST['usernamefld'] <> $_POST['oldusername']) + $_SERVER['REMOTE_USER'] = $_POST['usernamefld']; - local_user_set_groups($userent,$_POST['groups']); - local_user_set($userent); - write_config(); + /* the user password was mofified */ + if ($_POST['passwordfld1']) + local_user_set_password($userent, $_POST['passwordfld1']); - if(is_dir("/etc/inc/privhooks")) - run_plugins("/etc/inc/privhooks"); + $userent['name'] = $_POST['usernamefld']; + $userent['descr'] = $_POST['descr']; + $userent['expires'] = $_POST['expires']; + $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); + $userent['ipsecpsk'] = $_POST['ipsecpsk']; + + if($_POST['disabled']) + $userent['disabled'] = true; + else + unset($userent['disabled']); + + if (isset($id) && $a_user[$id]) + $a_user[$id] = $userent; + else { + if (!empty($_POST['name'])) { + $cert = array(); + $cert['refid'] = uniqid(); + $userent['cert'] = array(); + + $cert['descr'] = $_POST['name']; + + $subject = cert_get_subject_array($ca['crt']); + + $dn = array( + 'countryName' => $subject[0]['v'], + 'stateOrProvinceName' => $subject[1]['v'], + 'localityName' => $subject[2]['v'], + 'organizationName' => $subject[3]['v'], + 'emailAddress' => $subject[4]['v'], + 'commonName' => $userent['name']); + + cert_create($cert, $_POST['caref'], $_POST['keylen'], + (int)$_POST['lifetime'], $dn); + + if (!is_array($config['cert'])) + $config['cert'] = array(); + $config['cert'][] = $cert; + $userent['cert'][] = $cert['refid']; + } + $userent['uid'] = $config['system']['nextuid']++; + /* Add the user to All Users group. */ + foreach ($config['system']['group'] as $gidx => $group) { + if ($group['name'] == "all") { + if (!is_array($config['system']['group'][$gidx]['member'])) + $config['system']['group'][$gidx]['member'] = array(); + $config['system']['group'][$gidx]['member'][] = $userent['uid']; + break; + } + } - conf_mount_ro(); - - pfSenseHeader("system_usermanager.php"); + $a_user[] = $userent; } + + local_user_set_groups($userent,$_POST['groups']); + local_user_set($userent); + write_config(); + + if(is_dir("/etc/inc/privhooks")) + run_plugins("/etc/inc/privhooks"); + + conf_mount_ro(); + + pfSenseHeader("system_usermanager.php"); } +} - include("head.inc"); +include("head.inc"); ?> "> @@ -871,98 +864,4 @@ function sshkeyClicked(obj) {

- - saving changes - $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1'])); - local_user_set($config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]); - write_config(); - $savemsg = gettext("Password successfully changed") . "
"; - } - } - - /* determine if user is not local to system */ - $islocal = false; - foreach($config['system']['user'] as $user) - if($user['name'] == $_SESSION['Username']) - $islocal = true; -?> - -"> - -

- -

- - - - + diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php new file mode 100644 index 0000000..cf9a99d --- /dev/null +++ b/usr/local/www/system_usermanager_passwordmg.php @@ -0,0 +1,128 @@ + saving changes + $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1'])); + local_user_set($config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]); + + write_config(); + + $savemsg = gettext("Password successfully changed") . "
"; + } +} + +/* determine if user is not local to system */ +$islocal = false; +foreach($config['system']['user'] as $user) + if($user['name'] == $_SESSION['Username']) + $islocal = true; + +?> + +"> + + +

+ + + + + + + + + + + + + + + +

's
	+ +
	+ + + + + + +
	+ " /> +

+ + + -- cgit v1.1 From 43f26ab1ea6595c0bc35bdb449202cbe976d5cb0 Mon Sep 17 00:00:00 2001 From: Ermal Date: Mon, 6 Jun 2011 11:04:41 +0000 Subject: Ticket #1412. Provide even a link to this page through System->User Manager --- usr/local/www/fbegin.inc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index c342913..4e50d7b 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -89,7 +89,10 @@ if ($g['platform'] == "pfSense" or $g['platform'] == "nanobsd") $system_menu[] = array("Setup Wizard", "/wizard.php?xml=setup_wizard.xml"); $system_menu[] = array("Routing", "/system_gateways.php"); $system_menu[] = array("Cert Manager", "/system_camanager.php"); -$system_menu[] = array("User Manager", "/system_usermanager.php"); +if (!isAllowedPage("system_usermanager.php*")) + $system_menu[] = array("User Manager", "/system_usermanager_passwordmg.php"); +else + $system_menu[] = array("User Manager", "/system_usermanager.php"); $system_menu = msort(array_merge($system_menu, return_ext_menu("System")),0); // Interfaces @@ -433,4 +436,4 @@ if(is_subsystem_dirty('packagelock')) { print_info_box(gettext("Packages are currently being reinstalled in the background.

Do not make changes in the GUI until this is complete.") . "

"); } $pgtitle_output = true; -?> \ No newline at end of file +?> -- cgit v1.1 From 0b704a404b0110383d0473030dfa4e171cf1a58b Mon Sep 17 00:00:00 2001 From: Ermal Date: Mon, 6 Jun 2011 15:45:28 +0000 Subject: Correct whitespace. --- usr/local/www/services_captiveportal.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 586e569..4526028 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -520,8 +520,7 @@ value="">

@@ -269,6 +270,7 @@ EOF;

EOF2; -- cgit v1.1 From 3f8a13e051d17b6240f30f9a0c284baa3a0559ac Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 7 Jun 2011 08:08:13 +0000 Subject: Oops correct the POST destination page. --- usr/local/www/system_usermanager_passwordmg.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr/local/www') diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php index cf9a99d..b8b3f76 100644 --- a/usr/local/www/system_usermanager_passwordmg.php +++ b/usr/local/www/system_usermanager_passwordmg.php @@ -92,7 +92,7 @@ if ($islocal == false) {

+ -- cgit v1.1 From 720e2e6036b3eb3b010add7d60ca1f4189f0292b Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 7 Jun 2011 11:09:14 -0400 Subject: Nuke trailing newline --- usr/local/www/guiconfig.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr/local/www') diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 8c87904..940eb34 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -1092,4 +1092,4 @@ function rule_popup($src,$srcport,$dst,$dstport){ } } -?> +?> \ No newline at end of file -- cgit v1.1 From 7fc6c0057345847fc88642cb663b6b4abd82da52 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 8 Jun 2011 07:29:33 +0000 Subject: Generate proper index for unsetting so we do not destroy all the vips in the backup. --- usr/local/www/xmlrpc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr/local/www') diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index 500700a..78d1023 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -202,7 +202,7 @@ function restore_config_section_xmlrpc($raw_params) { if (does_interface_exist("vip{$vip['vhid']}")) continue; // Skip reconfiguring this vips since nothing has changed. } else - unset($oldvips['vhid']); + unset($oldvips[$vip['vhid']]); } switch ($vip['mode']) { -- cgit v1.1