echo 'selected';
}
echo ">Normal User</option>\n <option value='5'";
if ($vars['new_level'] == '5') {
echo 'selected';
}
echo ">Global Read</option>\n <option value='10'";
if ($vars['new_level'] == '10') {
echo 'selected';
}
echo ">Administrator</option>\n <option value='11'";
if ($vars['new_level'] == '11') {
echo 'selected';
}
echo ">Demo account</option>\n </select>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>";
if (passwordscanchange($users_details['username'])) {
echo "\n <div class='form-group'>\n <label for='new_pass1' class='col-sm-2 control-label'>Password</label>\n <div class='col-sm-4'>\n <input type='password' name='new_pass1' class='form-control input-sm' value='" . $vars['new_pass1'] . "'>\n </div>\n </div>\n <div class='form-group'>\n <label for='new_pass2' class='col-sm-2 control-label'>Confirm Password</label>\n <div class='col-sm-4'>\n <input type='password' name='new_pass2' class='form-control input-sm' value='" . $vars['new_pass2'] . "'>\n </div>\n </div>\n ";
}
echo "\n <div class='form-group'>\n <label for='dashboard' class='col-sm-2 control-label'>Dashboard</label>\n <div class='col-sm-4'><select class='form-control' name='dashboard'>";
$defdash = dbFetchCell("SELECT dashboard FROM users WHERE user_id = ?", array($vars['user_id']));
foreach (dbFetchRows("SELECT dashboards.*,users.username FROM `dashboards` INNER JOIN `users` ON users.user_id = dashboards.user_id WHERE (dashboards.access > 0 && dashboards.user_id != ?) || dashboards.user_id = ?", array($vars['user_id'], $vars['user_id'])) as $dash) {
echo "<option value='" . $dash['dashboard_id'] . "'" . ($defdash == $dash['dashboard_id'] ? ' selected' : '') . ">" . $dash['username'] . ':' . $dash['dashboard_name'] . "</option>";
}
echo "</select>\n </div>\n </div>\n ";
echo "<div class='form-group'>\n <div class='col-sm-6'>\n <div class='checkbox'>\n <label>\n <input type='checkbox' ";
if ($vars['can_modify_passwd'] == '1') {
echo "checked='checked'";
}
echo " name='can_modify_passwd'> Allow the user to change his password.\n </label>\n </div>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>\n <button type='submit' class='btn btn-default'>Update User</button>\n </form>";
if ($config['twofactor']) {
echo "<br/><div class='well'><h3>Two-Factor Authentication</h3>";
$changepass_message = 'Password must not be blank.';
} else {
if ($_POST['new_pass'] == $_POST['new_pass2']) {
changepassword($_SESSION['username'], $_POST['new_pass']);
$changepass_message = 'Password Changed.';
} else {
$changepass_message = "Passwords don't match.";
}
}
} else {
$changepass_message = 'Incorrect password';
}
}
include 'includes/update-preferences-password.inc.php';
echo "<div class='well'>";
if (passwordscanchange($_SESSION['username'])) {
echo '<h3>Change Password</h3>';
echo $changepass_message;
echo "<form method='post' action='preferences/' class='form-horizontal' role='form'>\n <input type=hidden name='action' value='changepass'>\n <div class='form-group'>\n <label for='old_pass' class='col-sm-2 control-label'>Old Password</label>\n <div class='col-sm-4'>\n <input type=password name=old_pass autocomplete='off' class='form-control input-sm'>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>\n <div class='form-group'>\n <label for='new_pass' class='col-sm-2 control-label'>New Password</label>\n <div class='col-sm-4'>\n <input type=password name=new_pass autocomplete='off' class='form-control input-sm'>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>\n <div class='form-group'>\n <label for='new_pass2' class='col-sm-2 control-label'>New Password</label>\n <div class='col-sm-4'>\n <input type=password name=new_pass2 autocomplete='off' class='form-control input-sm'>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>\n <button type='submit' class='btn btn-default'>Submit</button>\n</form>";
echo '</div>';
}
//end if
if ($config['twofactor'] === true) {
if ($_POST['twofactorremove'] == 1) {
include_once $config['install_dir'] . '/html/includes/authentication/twofactor.lib.php';
if (!isset($_POST['twofactor'])) {
echo '<div class="well"><form class="form-horizontal" role="form" action="" method="post" name="twofactorform">';
echo '<input type="hidden" name="twofactorremove" value="1" />';
echo twofactor_form(false);
echo '</form></div>';
} else {
if ($vars['action'] == "addifperm") {
if (!dbFetchCell("SELECT COUNT(*) FROM ports_perms WHERE `port_id` = ? AND `user_id` = ?", array($vars['port_id'], $vars['user_id']))) {
dbInsert(array('port_id' => $vars['port_id'], 'user_id' => $vars['user_id']), 'ports_perms');
}
}
if ($vars['action'] == "delbillperm") {
if (dbFetchCell("SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?", array($vars['bill_id'], $vars['user_id']))) {
dbDelete('bill_perms', "`bill_id` = ? AND `user_id` = ?", array($vars['bill_id'], $vars['user_id']));
}
}
if ($vars['action'] == "addbillperm") {
if (!dbFetchCell("SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?", array($vars['bill_id'], $vars['user_id']))) {
dbInsert(array('bill_id' => $vars['bill_id'], 'user_id' => $vars['user_id']), 'bill_perms');
}
}
if (passwordscanchange($vars['user_id'])) {
echo "<div class='well'>\n <div style='font-size: 18px; font-weight: bold; margin-bottom: 5px;'>Change Password</div>\n <form method='post' action='edituser/user_id=" . $vars['user_id'] . "'>\n <input type=hidden name='action' value='changepass'>\n <input type=hidden value='" . $vars['user_id'] . "' name='user_id'>\n <table width='100%'>\n <tr><td>New Password</td><td align='right'><input type=password name=new_pass autocomplete='off'></input></td></tr>\n <tr><td>Retype Password</td><td align='right'><input type=password name=new_pass2 autocomplete='off'></input></td></tr>\n <tr><td></td><td align='right'><input type=submit class=submit></td></tr></table></form></div>";
// Change pass
}
echo "<table width=100%><tr><td valign=top width=33%>";
// Display devices this users has access to
echo "<h3>Device Access</h3>";
$device_perms = dbFetchRows("SELECT * from devices_perms as P, devices as D WHERE `user_id` = ? AND D.device_id = P.device_id", array($vars['user_id']));
foreach ($device_perms as $device_perm) {
echo "<strong>" . $device_perm['hostname'] . " <a href='edituser/action=deldevperm/user_id=" . $vars['user_id'] . "/device_id=" . $device_perm['device_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a></strong><br />";
$access_list[] = $device_perm['device_id'];
$permdone = "yes";
}
if (!$permdone) {
echo "None Configured";
}
