53 |
53 |
// start admin user code
|
54 |
54 |
$pgtitle = array(gettext("System"),gettext("User Manager"));
|
55 |
55 |
|
56 |
|
if (is_numericint($_GET['id']))
|
57 |
|
$id = $_GET['id'];
|
58 |
|
if (isset($_POST['id']) && is_numericint($_POST['id']))
|
59 |
|
$id = $_POST['id'];
|
|
56 |
if (isset($_POST['userid']) && is_numericint($_POST['userid']))
|
|
57 |
$id = $_POST['userid'];
|
60 |
58 |
|
61 |
|
if (!is_array($config['system']['user']))
|
|
59 |
if (!isset($config['system']['user']) || !is_array($config['system']['user']))
|
62 |
60 |
$config['system']['user'] = array();
|
63 |
61 |
|
64 |
62 |
$a_user = &$config['system']['user'];
|
... | ... | |
81 |
79 |
$pconfig['disabled'] = isset($a_user[$id]['disabled']);
|
82 |
80 |
}
|
83 |
81 |
|
84 |
|
if ($_GET['act'] == "deluser") {
|
|
82 |
if ($_POST['act'] == "deluser") {
|
85 |
83 |
|
86 |
84 |
if (!$a_user[$id]) {
|
87 |
85 |
pfSenseHeader("system_usermanager.php");
|
... | ... | |
97 |
95 |
$savemsg = gettext("User")." {$userdeleted} ".
|
98 |
96 |
gettext("successfully deleted")."<br />";
|
99 |
97 |
}
|
100 |
|
else if ($_GET['act'] == "delpriv") {
|
|
98 |
else if ($_POST['act'] == "delpriv") {
|
101 |
99 |
|
102 |
100 |
if (!$a_user[$id]) {
|
103 |
101 |
pfSenseHeader("system_usermanager.php");
|
104 |
102 |
exit;
|
105 |
103 |
}
|
106 |
104 |
|
107 |
|
$privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name'];
|
108 |
|
unset($a_user[$id]['priv'][$_GET['privid']]);
|
|
105 |
$privdeleted = $priv_list[$a_user[$id]['priv'][$_POST['privid']]]['name'];
|
|
106 |
unset($a_user[$id]['priv'][$_POST['privid']]);
|
109 |
107 |
local_user_set($a_user[$id]);
|
110 |
108 |
write_config();
|
111 |
|
$_GET['act'] = "edit";
|
|
109 |
$_POST['act'] = "edit";
|
112 |
110 |
$savemsg = gettext("Privilege")." {$privdeleted} ".
|
113 |
111 |
gettext("successfully deleted")."<br />";
|
114 |
112 |
}
|
115 |
|
else if ($_GET['act'] == "expcert") {
|
|
113 |
else if ($_POST['act'] == "expcert") {
|
116 |
114 |
|
117 |
115 |
if (!$a_user[$id]) {
|
118 |
116 |
pfSenseHeader("system_usermanager.php");
|
119 |
117 |
exit;
|
120 |
118 |
}
|
121 |
119 |
|
122 |
|
$cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]);
|
|
120 |
$cert =& lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
|
123 |
121 |
|
124 |
122 |
$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.crt");
|
125 |
123 |
$exp_data = base64_decode($cert['crt']);
|
... | ... | |
131 |
129 |
echo $exp_data;
|
132 |
130 |
exit;
|
133 |
131 |
}
|
134 |
|
else if ($_GET['act'] == "expckey") {
|
|
132 |
else if ($_POST['act'] == "expckey") {
|
135 |
133 |
|
136 |
134 |
if (!$a_user[$id]) {
|
137 |
135 |
pfSenseHeader("system_usermanager.php");
|
138 |
136 |
exit;
|
139 |
137 |
}
|
140 |
138 |
|
141 |
|
$cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]);
|
|
139 |
$cert =& lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
|
142 |
140 |
|
143 |
141 |
$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.key");
|
144 |
142 |
$exp_data = base64_decode($cert['prv']);
|
... | ... | |
150 |
148 |
echo $exp_data;
|
151 |
149 |
exit;
|
152 |
150 |
}
|
153 |
|
else if ($_GET['act'] == "delcert") {
|
|
151 |
else if ($_POST['act'] == "delcert") {
|
154 |
152 |
|
155 |
153 |
if (!$a_user[$id]) {
|
156 |
154 |
pfSenseHeader("system_usermanager.php");
|
157 |
155 |
exit;
|
158 |
156 |
}
|
159 |
157 |
|
160 |
|
$certdeleted = lookup_cert($a_user[$id]['cert'][$_GET['certid']]);
|
|
158 |
$certdeleted = lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
|
161 |
159 |
$certdeleted = $certdeleted['descr'];
|
162 |
|
unset($a_user[$id]['cert'][$_GET['certid']]);
|
|
160 |
unset($a_user[$id]['cert'][$_POST['certid']]);
|
163 |
161 |
write_config();
|
164 |
|
$_GET['act'] = "edit";
|
|
162 |
$_POST['act'] = "edit";
|
165 |
163 |
$savemsg = gettext("Certificate")." {$certdeleted} ".
|
166 |
164 |
gettext("association removed.")."<br />";
|
167 |
165 |
}
|
168 |
|
else if ($_GET['act'] == "new") {
|
|
166 |
else if ($_POST['act'] == "new") {
|
169 |
167 |
/*
|
170 |
168 |
* set this value cause the text field is read only
|
171 |
169 |
* and the user should not be able to mess with this
|
... | ... | |
175 |
173 |
$pconfig['lifetime'] = 3650;
|
176 |
174 |
}
|
177 |
175 |
|
178 |
|
if ($_POST) {
|
|
176 |
if ($_POST['save']) {
|
179 |
177 |
unset($input_errors);
|
180 |
178 |
$pconfig = $_POST;
|
181 |
179 |
|
... | ... | |
469 |
467 |
<td id="mainarea">
|
470 |
468 |
<div class="tabcont">
|
471 |
469 |
<?php
|
472 |
|
if ($_GET['act'] == "new" || $_GET['act'] == "edit" || $input_errors):
|
|
470 |
if ($_POST['act'] == "new" || $_POST['act'] == "edit" || $input_errors):
|
473 |
471 |
?>
|
474 |
472 |
<form action="system_usermanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
|
|
473 |
<input type="hidden" id="act" name="act" value="" />
|
|
474 |
<input type="hidden" id="userid" name="userid" value="<?=(isset($id) ? $id : '');?>" />
|
|
475 |
<input type="hidden" id="privid" name="privid" value="" />
|
|
476 |
<input type="hidden" id="certid" name="certid" value="" />
|
475 |
477 |
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
|
476 |
478 |
<?php
|
477 |
479 |
$ro = "";
|
... | ... | |
628 |
630 |
<?php
|
629 |
631 |
if (!$group):
|
630 |
632 |
?>
|
631 |
|
<a href="system_usermanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')">
|
632 |
|
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" />
|
633 |
|
</a>
|
|
633 |
<input type="image" name="delpriv[]" width="17" height="17" border="0"
|
|
634 |
src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif"
|
|
635 |
onclick="document.getElementById('privid').value='<?=$i;?>';
|
|
636 |
document.getElementById('userid').value='<?=$id;?>';
|
|
637 |
document.getElementById('act').value='<?php echo "delpriv";?>';
|
|
638 |
return confirm('<?=gettext("Do you really want to delete this privilege?");?>');"
|
|
639 |
title="<?=gettext("delete privilege");?>" />
|
634 |
640 |
<?php
|
635 |
641 |
endif;
|
636 |
642 |
?>
|
... | ... | |
686 |
692 |
<?=htmlspecialchars($ca['descr']);?>
|
687 |
693 |
</td>
|
688 |
694 |
<td valign="middle" class="list nowrap">
|
689 |
|
<a href="system_usermanager.php?act=expckey&id=<?=$id;?>&certid=<?=$i;?>">
|
690 |
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export private key"); ?>" alt="<?=gettext("export private key"); ?>" width="17" height="17" border="0" />
|
691 |
|
</a>
|
692 |
|
<a href="system_usermanager.php?act=expcert&id=<?=$id;?>&certid=<?=$i;?>">
|
693 |
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export cert"); ?>" alt="<?=gettext("export cert"); ?>" width="17" height="17" border="0" />
|
694 |
|
</a>
|
695 |
|
<a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to remove this certificate association?") .'\n'. gettext("(Certificate will not be deleted)");?>')">
|
696 |
|
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="<?=gettext("delete cert");?>" />
|
697 |
|
</a>
|
|
695 |
<input type="image" name="expckey[]" width="17" height="17" border="0"
|
|
696 |
src="/themes/<?=$g['theme'];?>/images/icons/icon_down.gif"
|
|
697 |
onclick="document.getElementById('certid').value='<?=$i;?>';
|
|
698 |
document.getElementById('userid').value='<?=$id;?>';
|
|
699 |
document.getElementById('act').value='<?php echo "expckey";?>';"
|
|
700 |
title="<?=gettext("export private key");?>" />
|
|
701 |
<input type="image" name="expcert[]" width="17" height="17" border="0"
|
|
702 |
src="/themes/<?=$g['theme'];?>/images/icons/icon_down.gif"
|
|
703 |
onclick="document.getElementById('certid').value='<?=$i;?>';
|
|
704 |
document.getElementById('userid').value='<?=$id;?>';
|
|
705 |
document.getElementById('act').value='<?php echo "expcert";?>';"
|
|
706 |
title="<?=gettext("export cert");?>" />
|
|
707 |
<input type="image" name="delcert[]" width="17" height="17" border="0"
|
|
708 |
src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif"
|
|
709 |
onclick="document.getElementById('certid').value='<?=$i;?>';
|
|
710 |
document.getElementById('userid').value='<?=$id;?>';
|
|
711 |
document.getElementById('act').value='<?php echo "delcert";?>';
|
|
712 |
return confirm('<?=gettext("Do you really want to remove this certificate association?") .'\n'. gettext("(Certificate will not be deleted)");?>')"
|
|
713 |
title="<?=gettext("delete cert");?>" />
|
698 |
714 |
</td>
|
699 |
715 |
</tr>
|
700 |
716 |
<?php
|
... | ... | |
839 |
855 |
<?php
|
840 |
856 |
else:
|
841 |
857 |
?>
|
842 |
|
<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="">
|
843 |
|
<thead>
|
844 |
|
<tr>
|
845 |
|
<th width="25%" class="listhdrr"><?=gettext("Username"); ?></th>
|
846 |
|
<th width="25%" class="listhdrr"><?=gettext("Full name"); ?></th>
|
847 |
|
<th width="5%" class="listhdrr"><?=gettext("Disabled"); ?></th>
|
848 |
|
<th width="25%" class="listhdrr"><?=gettext("Groups"); ?></th>
|
849 |
|
<th width="10%" class="list"></th>
|
850 |
|
</tr>
|
851 |
|
</thead>
|
852 |
|
<tfoot>
|
853 |
|
<tr>
|
854 |
|
<td class="list" colspan="4"></td>
|
855 |
|
<td class="list">
|
856 |
|
<a href="system_usermanager.php?act=new">
|
857 |
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add user"); ?>" alt="<?=gettext("add user"); ?>" width="17" height="17" border="0" />
|
858 |
|
</a>
|
859 |
|
</td>
|
860 |
|
</tr>
|
861 |
|
<tr>
|
862 |
|
<td colspan="4">
|
863 |
|
<p>
|
864 |
|
<?=gettext("Additional users can be added here. User permissions for accessing " .
|
865 |
|
"the webConfigurator can be assigned directly or inherited from group memberships. " .
|
866 |
|
"An icon that appears grey indicates that it is a system defined object. " .
|
867 |
|
"Some system object properties can be modified but they cannot be deleted."); ?>
|
868 |
|
<br /><br />
|
869 |
|
<?=gettext("Accounts created here are also used for other parts of the system " .
|
870 |
|
"such as OpenVPN, IPsec, and Captive Portal.");?>
|
871 |
|
</p>
|
872 |
|
</td>
|
873 |
|
</tr>
|
874 |
|
</tfoot>
|
875 |
|
<tbody>
|
876 |
|
<?php
|
877 |
|
$i = 0;
|
878 |
|
foreach($a_user as $userent):
|
879 |
|
?>
|
880 |
|
<tr ondblclick="document.location='system_usermanager.php?act=edit&id=<?=$i;?>'">
|
881 |
|
<td class="listlr">
|
882 |
|
<table border="0" cellpadding="0" cellspacing="0" summary="icons">
|
883 |
|
<tr>
|
884 |
|
<td align="left" valign="middle">
|
885 |
|
<?php
|
886 |
|
if($userent['scope'] != "user")
|
887 |
|
$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png";
|
888 |
|
else
|
889 |
|
$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png";
|
890 |
|
?>
|
891 |
|
<img src="<?=$usrimg;?>" alt="<?=gettext("User"); ?>" title="<?=gettext("User"); ?>" border="0" height="16" width="16" />
|
892 |
|
</td>
|
893 |
|
<td align="left" valign="middle">
|
894 |
|
<?=htmlspecialchars($userent['name']);?>
|
895 |
|
</td>
|
896 |
|
</tr>
|
897 |
|
</table>
|
898 |
|
</td>
|
899 |
|
<td class="listr"><?=htmlspecialchars($userent['descr']);?> </td>
|
900 |
|
<td class="listr"><?php if(isset($userent['disabled'])) echo "*"; ?></td>
|
901 |
|
<td class="listbg">
|
902 |
|
<?=implode(",",local_user_get_groups($userent));?>
|
903 |
|
|
904 |
|
</td>
|
905 |
|
<td valign="middle" class="list nowrap">
|
906 |
|
<a href="system_usermanager.php?act=edit&id=<?=$i;?>">
|
907 |
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit user"); ?>" alt="<?=gettext("edit user"); ?>" width="17" height="17" border="0" />
|
908 |
|
</a>
|
909 |
|
<?php
|
910 |
|
if($userent['scope'] != "system"):
|
911 |
|
?>
|
912 |
|
|
913 |
|
<a href="system_usermanager.php?act=deluser&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')">
|
914 |
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete user"); ?>" alt="<?=gettext("delete user"); ?>" width="17" height="17" border="0" />
|
915 |
|
</a>
|
916 |
|
<?php
|
917 |
|
endif;
|
918 |
|
?>
|
919 |
|
</td>
|
920 |
|
</tr>
|
921 |
|
<?php
|
922 |
|
$i++;
|
923 |
|
endforeach;
|
924 |
|
?>
|
925 |
|
</tbody>
|
926 |
|
</table>
|
|
858 |
<form action="system_usermanager.php" method="post" name="iform2" id="iform2">
|
|
859 |
<input type="hidden" id="act" name="act" value="" />
|
|
860 |
<input type="hidden" id="userid" name="userid" value="<?=(isset($id) ? $id : '');?>" />
|
|
861 |
<input type="hidden" id="privid" name="privid" value="" />
|
|
862 |
<input type="hidden" id="certid" name="certid" value="" />
|
|
863 |
<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="">
|
|
864 |
<thead>
|
|
865 |
<tr>
|
|
866 |
<th width="25%" class="listhdrr"><?=gettext("Username"); ?></th>
|
|
867 |
<th width="25%" class="listhdrr"><?=gettext("Full name"); ?></th>
|
|
868 |
<th width="5%" class="listhdrr"><?=gettext("Disabled"); ?></th>
|
|
869 |
<th width="25%" class="listhdrr"><?=gettext("Groups"); ?></th>
|
|
870 |
<th width="10%" class="list"></th>
|
|
871 |
</tr>
|
|
872 |
</thead>
|
|
873 |
<tfoot>
|
|
874 |
<tr>
|
|
875 |
<td class="list" colspan="4"></td>
|
|
876 |
<td class="list">
|
|
877 |
<input type="image" name="addcert" width="17" height="17" border="0"
|
|
878 |
src="/themes/<?=$g['theme'];?>/images/icons/icon_plus.gif"
|
|
879 |
onclick="document.getElementById('act').value='<?php echo "new";?>';"
|
|
880 |
title="<?=gettext("add user");?>" />
|
|
881 |
</td>
|
|
882 |
</tr>
|
|
883 |
<tr>
|
|
884 |
<td colspan="4">
|
|
885 |
<p>
|
|
886 |
<?=gettext("Additional users can be added here. User permissions for accessing " .
|
|
887 |
"the webConfigurator can be assigned directly or inherited from group memberships. " .
|
|
888 |
"An icon that appears grey indicates that it is a system defined object. " .
|
|
889 |
"Some system object properties can be modified but they cannot be deleted."); ?>
|
|
890 |
<br /><br />
|
|
891 |
<?=gettext("Accounts created here are also used for other parts of the system " .
|
|
892 |
"such as OpenVPN, IPsec, and Captive Portal.");?>
|
|
893 |
</p>
|
|
894 |
</td>
|
|
895 |
</tr>
|
|
896 |
</tfoot>
|
|
897 |
<tbody>
|
|
898 |
<?php
|
|
899 |
$i = 0;
|
|
900 |
foreach($a_user as $userent):
|
|
901 |
?>
|
|
902 |
<tr ondblclick="document.getElementById('act').value='<?php echo "edit";?>';
|
|
903 |
document.getElementById('userid').value='<?=$i;?>';
|
|
904 |
document.iform2.submit();">
|
|
905 |
<td class="listlr">
|
|
906 |
<table border="0" cellpadding="0" cellspacing="0" summary="icons">
|
|
907 |
<tr>
|
|
908 |
<td align="left" valign="middle">
|
|
909 |
<?php
|
|
910 |
if($userent['scope'] != "user")
|
|
911 |
$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png";
|
|
912 |
else
|
|
913 |
$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png";
|
|
914 |
?>
|
|
915 |
<img src="<?=$usrimg;?>" alt="<?=gettext("User"); ?>" title="<?=gettext("User"); ?>" border="0" height="16" width="16" />
|
|
916 |
</td>
|
|
917 |
<td align="left" valign="middle">
|
|
918 |
<?=htmlspecialchars($userent['name']);?>
|
|
919 |
</td>
|
|
920 |
</tr>
|
|
921 |
</table>
|
|
922 |
</td>
|
|
923 |
<td class="listr"><?=htmlspecialchars($userent['descr']);?> </td>
|
|
924 |
<td class="listr"><?php if(isset($userent['disabled'])) echo "*"; ?></td>
|
|
925 |
<td class="listbg">
|
|
926 |
<?=implode(",",local_user_get_groups($userent));?>
|
|
927 |
|
|
928 |
</td>
|
|
929 |
<td valign="middle" class="list nowrap">
|
|
930 |
<input type="image" name="edituser[]" width="17" height="17" border="0"
|
|
931 |
src="/themes/<?=$g['theme'];?>/images/icons/icon_e.gif"
|
|
932 |
onclick="document.getElementById('userid').value='<?=$i;?>';
|
|
933 |
document.getElementById('act').value='<?php echo "edit";?>';"
|
|
934 |
title="<?=gettext("edit user");?>" />
|
|
935 |
<?php
|
|
936 |
if($userent['scope'] != "system"):
|
|
937 |
?>
|
|
938 |
|
|
939 |
<input type="image" name="deluser[]" width="17" height="17" border="0"
|
|
940 |
src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif"
|
|
941 |
onclick="document.getElementById('userid').value='<?=$i;?>';
|
|
942 |
document.getElementById('act').value='<?php echo "deluser";?>';
|
|
943 |
return confirm('<?=gettext("Do you really want to delete this user?");?>');"
|
|
944 |
title="<?=gettext("delete user");?>" />
|
|
945 |
<?php
|
|
946 |
endif;
|
|
947 |
?>
|
|
948 |
</td>
|
|
949 |
</tr>
|
|
950 |
<?php
|
|
951 |
$i++;
|
|
952 |
endforeach;
|
|
953 |
?>
|
|
954 |
</tbody>
|
|
955 |
</table>
|
|
956 |
</form>
|
927 |
957 |
<?php
|
928 |
958 |
endif;
|
929 |
959 |
?>
|
Replace GET by POST on system_usermanager.php and make necessary adjustments on necessary pages. It fixes #3856