From 1df17ba963a9830102333393142b333ca2123d01 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Sat, 17 Nov 2007 04:03:29 +0000 Subject: * Restore previous user manager, it works. * Remove #!/usr/local/bin/php from m0n0wall version of group manager page --- usr/local/www/system_groupmanager.php | 1 - usr/local/www/system_usermanager.php | 711 +++++++++++++++++++++------------- 2 files changed, 445 insertions(+), 267 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php index 927910f..dd56938 100644 --- a/usr/local/www/system_groupmanager.php +++ b/usr/local/www/system_groupmanager.php @@ -1,4 +1,3 @@ -#!/usr/local/bin/php . - All rights reserved. - - Copyright (C) 2003-2005 Manuel Kasper . - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + system_usermanager.php + part of m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2005 Paul Taylor . + All rights reserved. + + Copyright (C) 2003-2005 Manuel Kasper . + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require("guiconfig.inc"); - // The page title for non-admins -$pgtitle = array("System", "User password"); +$pgtitle = "System: User Password"; -if ($_SERVER['REMOTE_USER'] === $config['system']['username']) { - +if (isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { // Page title for main admin - $pgtitle = array("System", "User manager"); + $pgtitle = "System: User Manager"; $id = $_GET['id']; if (isset($_POST['id'])) - $id = $_POST['id']; - + $id = $_POST['id']; + if (!is_array($config['system']['user'])) { - $config['system']['user'] = array(); + $config['system']['user'] = array(); } + admin_users_sort(); $a_user = &$config['system']['user']; - - if ($_GET['act'] == "del") { - if ($a_user[$_GET['id']]) { - $userdeleted = $a_user[$_GET['id']]['name']; - unset($a_user[$_GET['id']]); - write_config(); - $retval = system_password_configure(); - $savemsg = get_std_save_message($retval); - $savemsg = "User ".$userdeleted." successfully deleted
"; - } + $t_privs = $a_user[$id]['priv']; + + if ($_GET['act'] == "del" && $_GET['what'] == "user") { + if ($a_user[$_GET['id']]) { + $userdeleted = $a_user[$_GET['id']]['name']; + unset($a_user[$_GET['id']]); + write_config(); + $retval = system_password_configure(); + $savemsg = get_std_save_message($retval); + $savemsg = gettext("User") . " " . $userdeleted . " " . gettext("successfully deleted") . "
"; + } + } else if ($_GET['act'] == "del" && $_GET['what'] == "priv") { + if ($t_privs[$_GET['privid']]) { + $privdeleted = $t_privs[$_GET['privid']]['id']; + unset($t_privs[$_GET['privid']]); + write_config(); + $_GET['act'] = "edit"; + $retval = 0; + $savemsg = get_std_save_message($retval); + $savemsg = gettext("Privilege") . " " . $privdeleted . " " . gettext("of user") . " " . $a_user[$_GET['id']]['name'] . " " . gettext("successfully deleted") . "
"; + } } - + if ($_POST) { - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - if (isset($id) && ($a_user[$id])) { - $reqdfields = explode(" ", "username"); - $reqdfieldsn = explode(",", "Username"); - } else { - $reqdfields = explode(" ", "username password"); - $reqdfieldsn = explode(",", "Username,Password"); - } - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username'])) - $input_errors[] = "The username contains invalid characters."; - - if($_POST['username']==$config['system']['username']) { - $input_errors[] = "username can not match the administrator username!"; - } - - if (($_POST['password']) && ($_POST['password'] != $_POST['password2'])) - $input_errors[] = "The passwords do not match."; - - if (!$input_errors && !(isset($id) && $a_user[$id])) { - /* make sure there are no dupes */ - foreach ($a_user as $userent) { - if ($userent['name'] == $_POST['username']) { - $input_errors[] = "Another entry with the same username already exists."; - break; - } - } - } - - if(!isset($groupindex[$_POST['groupname']])) { - $input_errors[] = "group does not exist, please define the group before assigning users."; - } - - if (!$input_errors) { - - if (isset($id) && $a_user[$id]) - $userent = $a_user[$id]; - - $userent['name'] = $_POST['username']; - $userent['fullname'] = $_POST['fullname']; - $userent['groupname'] = $_POST['groupname']; - - if ($_POST['password']) - $userent['password'] = crypt($_POST['password']); - - if (isset($id) && $a_user[$id]) - $a_user[$id] = $userent; - else - $a_user[] = $userent; - - write_config(); - $retval = system_password_configure(); - $savemsg = get_std_save_message($retval); - - header("Location: system_usermanager.php"); - } + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + if (isset($id) && ($a_user[$id])) { + $reqdfields = explode(" ", "usernamefld"); + $reqdfieldsn = explode(",", "Username"); + } else { + $reqdfields = explode(" ", "usernamefld passwordfld1"); + $reqdfieldsn = explode(",", "Username,Password"); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (hasShellAccess($_POST['usernamefld'])) { + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); + } else { + if (preg_match("/[^a-zA-Z0-9\@\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); + } + + if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) + $input_errors[] = gettext("The passwords do not match."); + + if (!$input_errors && !(isset($id) && $a_user[$id])) { + /* make sure there are no dupes */ + foreach ($a_user as $userent) { + if ($userent['name'] == $_POST['usernamefld']) { + $input_errors[] = gettext("Another entry with the same username already exists."); + break; + } + } + } + + if ($pconfig['utype'] <> "system" && !isset($groupindex[$_POST['groupname']])) { + $input_errors[] = gettext("group does not exist, please define the group before assigning users."); + } + + if (isset($config['system']['ssh']['sshdkeyonly']) && + empty($_POST['authorizedkeys'])) { + $input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system."); + } + + /* if this is an AJAX caller then handle via JSON */ + if (isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } + + if (!$input_errors) { + $userent = ""; + if (isset($id) && $a_user[$id]) + $userent = $a_user[$id]; + + /* the user did change his username */ + if ($_POST['usernamefld'] <> $_POST['oldusername']) { + $_SERVER['REMOTE_USER'] = $_POST['usernamefld']; + } + + $userent['name'] = $_POST['usernamefld']; + $userent['fullname'] = $_POST['fullname']; + if ($pconfig['utype'] <> "system") { + $userent['groupname'] = $_POST['groupname']; + } + isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; + + if ($_POST['passwordfld1']) + $userent['password'] = crypt($_POST['passwordfld1']); + + if(isset($config['system']['ssh']['sshdkeyonly'])) { + $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); + } + + if (isset($id) && $a_user[$id]) + $a_user[$id] = $userent; + else + $a_user[] = $userent; + + write_config(); + $retval = system_password_configure(); + sync_webgui_passwords(); + + pfSenseHeader("system_usermanager.php"); + } } -include("head.inc"); + include("head.inc"); +?> +"> + +

+ + + + + -
+ - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + +
-
    - -
-
+
-
- - - - - - - - + +
+
Username - -
Password -
- - (confirmation)
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ /> + +
+ +
+   +
+ /> +
+ +
+ +
+ +
+ + + + + + - - - + + + + ""): ?> + + + + + - - - - - - - + + +
Full name - -
- User's full name, for your own information only
> + + > + + > +   + + + + + + + +
')">
+ +
Group Name - -
- The admin group to which this user is assigned.
  - - - - + + + + + +
+ + + + +
- +
+ +
+ +
+ +
+ +
  + + + + +
+ - +
- - - - - - - - - - - - - - - - - - - - -
UsernameFull nameGroup
-   - -   - -   - -  
- Additional webGUI users can be added here. User permissions are determined by the admin group they are a member of. -
- - -
UsernameFull nameGroup
+ + + + + +
+ + User + + User + +   + + +
+ 		  +   + + + edit user + + +   + ')"> + delete user + + +
+ + add user + +
+

+ +

+

+ +

+
+ +
- + saving changes - $config['system']['user'][$userindex[$_SERVER['REMOTE_USER']]]['password']=crypt(trim($_POST['password'])); - - write_config(); - $retval = system_password_configure(); - $savemsg = get_std_save_message($retval); - $savemsg = "Password successfully changed
"; - } - } - - + if (isset($_POST['save'])) { + unset($input_errors); + + /* input validation */ + $reqdfields = explode(" ", "passwordfld1"); + $reqdfieldsn = explode(",", "Password"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if ($_POST['passwordfld1'] != $_POST['passwordfld2']) + $input_errors[] = "The passwords do not match."; + + if (!$input_errors) { + // all values are okay --> saving changes + $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1'])); + + write_config(); + + sync_webgui_passwords(); + + $retval = system_password_configure(); + $savemsg = get_std_save_message($retval); + $savemsg = "Password successfully changed
"; + } + } ?> - - - -
- - - - - - - - - - - - -
's Password
Password -
-  (confirmation)
Select a new password
  - -
-
- - - + +getHTML(); +?> + + + + "> +
+ + + + + + + + + + + + + + + +
's Password
Password + +
+ +   +
+ +
  + " /> +
+
+ + + + + -- cgit v1.1