Fix select name
Use count($array) where applicable, instead of a $rowIndex increment.
XHTML Compliance - System Menu
Enforce select option
Advanced - Admin Access TabAdvanced - Firewall / NAT TabCert Manager - Certificate Revocation TabUser Manager - Users TabUser Manager - Groups Tab
Tidy up "system_usermanager.php" XHTML
Add CLOSEHEAD varialbe and manually close HEADAdd CDATA sections to SCRIPTSDeprecate Ampersand in Anchor tagsRemove NAME from TR tag, not valid in XHTMLRemove WRAP from TEXTAREA and Javascript to take wrap off
removed duplicate type=text/javascriptadded type for <script>
xhtml Compliancereplaced <br>, <br/> and </br> with <br />
Improve checks for params 'id', 'dup' and other similar ones to make sure they are numeric integer, also, pass them through htmlspecialchars() before print
Call conf_mount_rw before delete user, a better fix for #3294
Remove call-time pass by reference for do_input_validation, helps ticket #2565
change to plus 100 years as opposed to hard coded date
remove whitespaces
improve datePicker on usermanger page
If an account has SSH keys, show them, don't show the checkbox to add keys. Fixes #2729
Add CDATA sections to SCRIPT tagsClose INPUT, IMG and BR tagsDeprecate the ampersand in ANCHOR tagsRemove the NAME paramenter from TR tagsMoved NOWRAP into class statementMove TFOOT between THEAD and TBODY, this is a "quirck" of HTML
Encode this before showing it.
Make tables sortable
When renaming a user, make sure to remove the previous user or it gets left in /etc/passwd.
Convert strtotime() to DateTime object to fix 2038 roll-over issue.
Fix permission and certificate display for the admin user
Clarify text
Populate pconfig in all cases with user info, or else when you delete a privilege, the list disappears until you go back and edit the user again. (Certs too)
Ticket #1412. Fixing the access login to the user manager presented another problem since now users cannot change their passwords anymore. Allow this through another page and an extra priviledge needed to be added to the user for allowing them to change the password.
Fixes #1412. Properly pass the page to match so users are not always presented with the change password screen. Proper fix.
Fixes #1412. Properly pass the page to match so users are not always presented with the change password screen.
Set password on the OS instead of just the gui. Fixes #1485
Set user when removing privileges, otherwise things like the user's shell would not be reset until pressing save, which is inconsistent with that step not being needed when adding privileges.
Enforce FreeBSD's max username length of 16 chars. http://forum.pfsense.org/index.php/topic,33410.0.html
Fix XSS issues
Return this field to its old name to prevent a conflict of names and since the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html
This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation of the user (either could still be changed afterward).
Test for arrays first, should fix #968
Indicate if a certificate has been revoked, both in the cert list and the user manager list.
Rename 'name' to 'descr' for CA, Certificates, and CRLs, to gain CDATA protection and standardize field names. Ticket #320.
Convert fullname field on users to descr, so it gains CDATA protection.
Allow creating a user certificate, pre-fill some info, direct back to user edit screen if that is what led us here. If we are making a user certificate, give another choice to select a pre-existing certificate to associate with that user.
Adjust add link.
Adjust the user manager to use cert references on the user instead of the actual certs.
CA/CERT Move
Make a refid even for user certs.
Set groups first, since local_user_set checks a privilege that relies on the groups being accurate when run.
Fix "all users" group member array test.
Validate for duplicate user names when editing, too.
Prevent the GUI from adding a user that already exists in /etc/passwd (root, operator, daemon, etc)
Fixes #613. Add correctly users to all users group.
Add IPsec PSK field to User Manager. No backend code to use this value yet.
Removed gettext call
Add gettext call
add gettext() calls on missing places
Fixing multiline gettext()
Adding gettext()
Fix gettext issues
Fixing gettext implementation
Fixing gettext() implementation
Use array instead of explode for reqdfieldsn to fit it better with gettext() calls
Reviewing gettext() implementation
Default to 2048 bits.
Ticket #423. Remove priv.inc/priv.defs.inc from files. They used require() instead of required once so produced errors or redefinitions of functions. These includes are now included on authgui.inc.
Default to 3650 days. Requested-by: cmb@
fix text
Make the certificate table look better.
Allow user certificate to be created with the user.
Run /etc/inc/privhooks if they exist
fix typos
remove authorized_keys check, many users won't have SSH access anyway, this check is much too restrictive
include priv.inc
Disabled is not a required field
Include priv.defs.inc
Add disabled checkbox. Add code to check for disabled accounts.
Allow expiration date to lie in the past which has the side effect of disabling the account Ticket #65
Add necessary include. Reported-by: http://forum.pfsense.org/index.php/topic,19193.0.html
Add pfSense_BUILDER_BINARIES: and pfSense_MODULE:. Adjust Copyright to include 2009 on files that I have asserted (C) on
Clear guiconfig from all sort junk functions and put them on the specific pages where they are needed.Remove some sort functions not used.
Correct the path of the javascript after Bills cleanup.
Modify captive portal to use centralized user management. The user manager hasbeen modified to include an account expiration option to support this service.
Mount image rw during changes
Do not hard code white
Cleanup the tab format of the system user/group/server management pages.The edges were square instead of rounded like most pfSense pages. Alsomake sure tabs and cancel buttons are present in the add privilege andadd certificate pages.
Moves the protocol and certificate options out of the general config pageto the Advanced admin access tab. The thought is that they should be nextto each other. The certificate management has also been modified to usethe centralized certificate manager. I took the liberty of removing the...
Disallow creation of user certificates until the user has actually beencreated. This obviously won't work.
Add options to export ca, certificate and user certificate data from thewebui.
Rework most of the OpenVPN support. The interfaces have been updated tonot use the pkg system and the configuration has been migrated to anopenvpn prefix. The centralized user and certificate manager is now usedto support the openvpn configurations. Most of the files removed in this...
Add a certificate list to the user object that can be managed using the caand user manager screens.
Implement a certificate authority and certificate webui that can be usedto centrally manage this data. There are no consumers at this time. Thisinterface allow for the following ...
Certificate Authority Manager:- List certificates authorities- Import existing certificate authority...
Add a right arrow icon supplied by hoba. This compliments the existingleft arrow icon. Use the left and right arrow icons instead of the plusand x icons for moving users and groups between selection lists in theuser and group manager screens.
Add an interface to manage external authentication servers. The two typessupported currently are LDAP and Radius.
Cleanup authentication code. The basic auth method, the passwd, htpasswdand pam backing functions have been removed. The basic auth method waslegacy code and the backing functions were redundant with no added valuethat I could see. A simplified replacement backing function named...
Rewrite the pfsense privilege system with the following goals in mind ...
1) Redefine page privileges to not use static urls2) Accurate generation of privilege definitions from source3) Merging the user and group privileges into a single set4) Allow any privilege to be added to users or groups w/ inheritance...
Rewrite portions of the user manager to ensure data is properly synced tothe system password and group databases. This is to provide better supportfor centralized user management when local account administration ispreferred.
I also took this opportunity to do some housekeeping. A lot of funtions...
Admin automatically defaults to the admin groups. Do not worry aboutlack of group being sent.
Ticket #1752
At least one group is required for saving.
Correctly deterimine if user is local
Do not allow password change for non local user.
Back commit. Wrong branch.
Sync w/ RELENG_1
Check if item is an array. admin user has permission to all without array.
Add custom priv for granting access to the user manager.
Only assign &$ if item is an array.
Only iterate groups if it is an array.