UnivNautes

Fix select name

Use count($array) where applicable, instead of a $rowIndex increment.

XHTML Compliance - System Menu

Enforce select option

XHTML Compliance - System Menu

Advanced - Admin Access Tab
Advanced - Firewall / NAT Tab
Cert Manager - Certificate Revocation Tab
User Manager - Users Tab
User Manager - Groups Tab

Tidy up "system_usermanager.php" XHTML

Add CLOSEHEAD varialbe and manually close HEAD
Add CDATA sections to SCRIPTS
Deprecate Ampersand in Anchor tags
Remove NAME from TR tag, not valid in XHTML
Remove WRAP from TEXTAREA and Javascript to take wrap off

removed duplicate type=text/javascript
added type for <script>

xhtml Compliance
replaced <br>, <br/> and </br> with <br />

Improve checks for params 'id', 'dup' and other similar ones to make sure they are numeric integer, also, pass them through htmlspecialchars() before print

Call conf_mount_rw before delete user, a better fix for #3294

Remove call-time pass by reference for do_input_validation, helps ticket #2565

change to plus 100 years as opposed to hard coded date

remove whitespaces

improve datePicker on usermanger page

If an account has SSH keys, show them, don't show the checkbox to add keys. Fixes #2729

Tidy up "system_usermanager.php" XHTML

Add CDATA sections to SCRIPT tags
Close INPUT, IMG and BR tags
Deprecate the ampersand in ANCHOR tags
Remove the NAME paramenter from TR tags
Moved NOWRAP into class statement
Move TFOOT between THEAD and TBODY, this is a "quirck" of HTML

Encode this before showing it.

Make tables sortable

When renaming a user, make sure to remove the previous user or it gets left in /etc/passwd.

Convert strtotime() to DateTime object to fix 2038 roll-over issue.

Fix permission and certificate display for the admin user

Clarify text

Populate pconfig in all cases with user info, or else when you delete a privilege, the list disappears until you go back and edit the user again. (Certs too)

Ticket #1412. Fixing the access login to the user manager presented another problem since now users cannot change their passwords anymore. Allow this through another page and an extra priviledge needed to be added to the user for allowing them to change the password.

Fixes #1412. Properly pass the page to match so users are not always presented with the change password screen. Proper fix.

Fixes #1412. Properly pass the page to match so users are not always presented with the change password screen.

Set password on the OS instead of just the gui. Fixes #1485

Set user when removing privileges, otherwise things like the user's shell would not be reset until pressing save, which is inconsistent with that step not being needed when adding privileges.

Enforce FreeBSD's max username length of 16 chars. http://forum.pfsense.org/index.php/topic,33410.0.html

Fix XSS issues

Return this field to its old name to prevent a conflict of names and since the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html

This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation of the user (either could still be changed afterward).

Test for arrays first, should fix #968

Indicate if a certificate has been revoked, both in the cert list and the user manager list.

Rename 'name' to 'descr' for CA, Certificates, and CRLs, to gain CDATA protection and standardize field names. Ticket #320.

Convert fullname field on users to descr, so it gains CDATA protection.

Allow creating a user certificate, pre-fill some info, direct back to user edit screen if that is what led us here. If we are making a user certificate, give another choice to select a pre-existing certificate to associate with that user.

Adjust add link.

Adjust the user manager to use cert references on the user instead of the actual certs.

CA/CERT Move

Make a refid even for user certs.

Set groups first, since local_user_set checks a privilege that relies on the groups being accurate when run.

Fix "all users" group member array test.

Validate for duplicate user names when editing, too.

Prevent the GUI from adding a user that already exists in /etc/passwd (root, operator, daemon, etc)

Fixes #613. Add correctly users to all users group.

Add IPsec PSK field to User Manager. No backend code to use this value yet.

Removed gettext call

Add gettext call

add gettext() calls on missing places

Fixing multiline gettext()

Adding gettext()

Fix gettext issues

Fixing gettext implementation

Fixing gettext() implementation

Use array instead of explode for reqdfieldsn to fit it better with gettext() calls

Reviewing gettext() implementation

Default to 2048 bits.

Ticket #423. Remove priv.inc/priv.defs.inc from files. They used require() instead of required once so produced errors or redefinitions of functions. These includes are now included on authgui.inc.

Default to 3650 days. Requested-by: cmb@

fix text

Make the certificate table look better.

Allow user certificate to be created with the user.

Run /etc/inc/privhooks if they exist

fix typos

remove authorized_keys check, many users won't have SSH access anyway, this check is much too restrictive

fix typos

include priv.inc

Disabled is not a required field

Include priv.defs.inc

Add disabled checkbox. Add code to check for disabled accounts.

Allow expiration date to lie in the past which has the side effect of disabling the account Ticket #65

Add necessary include. Reported-by: http://forum.pfsense.org/index.php/topic,19193.0.html

Add pfSense_BUILDER_BINARIES: and pfSense_MODULE:. Adjust Copyright to include 2009 on files that I have asserted (C) on

Clear guiconfig from all sort junk functions and put them on the specific pages where they are needed.
Remove some sort functions not used.

Correct the path of the javascript after Bills cleanup.

Modify captive portal to use centralized user management. The user manager has
been modified to include an account expiration option to support this service.

Mount image rw during changes

Do not hard code white

Do not hard code white

Cleanup the tab format of the system user/group/server management pages.
The edges were square instead of rounded like most pfSense pages. Also
make sure tabs and cancel buttons are present in the add privilege and
add certificate pages.

Moves the protocol and certificate options out of the general config page
to the Advanced admin access tab. The thought is that they should be next
to each other. The certificate management has also been modified to use
the centralized certificate manager. I took the liberty of removing the...

Disallow creation of user certificates until the user has actually been
created. This obviously won't work.

Add options to export ca, certificate and user certificate data from the
webui.

Rework most of the OpenVPN support. The interfaces have been updated to
not use the pkg system and the configuration has been migrated to an
openvpn prefix. The centralized user and certificate manager is now used
to support the openvpn configurations. Most of the files removed in this...

Add a certificate list to the user object that can be managed using the ca
and user manager screens.

Implement a certificate authority and certificate webui that can be used
to centrally manage this data. There are no consumers at this time. This
interface allow for the following ...

Certificate Authority Manager:
- List certificates authorities
- Import existing certificate authority...

Add a right arrow icon supplied by hoba. This compliments the existing
left arrow icon. Use the left and right arrow icons instead of the plus
and x icons for moving users and groups between selection lists in the
user and group manager screens.

Add an interface to manage external authentication servers. The two types
supported currently are LDAP and Radius.

Cleanup authentication code. The basic auth method, the passwd, htpasswd
and pam backing functions have been removed. The basic auth method was
legacy code and the backing functions were redundant with no added value
that I could see. A simplified replacement backing function named...

Rewrite the pfsense privilege system with the following goals in mind ...

1) Redefine page privileges to not use static urls
2) Accurate generation of privilege definitions from source
3) Merging the user and group privileges into a single set
4) Allow any privilege to be added to users or groups w/ inheritance...

Rewrite portions of the user manager to ensure data is properly synced to
the system password and group databases. This is to provide better support
for centralized user management when local account administration is
preferred.

I also took this opportunity to do some housekeeping. A lot of funtions...

Admin automatically defaults to the admin groups. Do not worry about
lack of group being sent.

Ticket #1752

At least one group is required for saving.

Correctly deterimine if user is local

Do not allow password change for non local user.

Back commit. Wrong branch.

Sync w/ RELENG_1

Check if item is an array. admin user has permission to all without array.

Add custom priv for granting access to the user manager.

Only assign &$ if item is an array.

Only iterate groups if it is an array.