function settings() {
global $colors, $themes;
$themes["default"] = _("System Default (Global Setting)");
/* you cannot have per-user settings if cacti's user management is not turned on */
if (read_config_option("auth_method") == "0") {
raise_message(6);
display_output_messages();
return;
}
/* get user settings */
$user = api_user_info( array( "id" => $_SESSION["sess_user_id"] ) );
print "<form method='post'>\n";
html_start_box("<strong>" . _("User Settings") . "</strong>", "98%", $colors["header_background"], "3", "center", "");
?>
<tr bgcolor='<?php print $colors["header_panel_background"];?>'>
<td colspan='2' class='textSubHeaderDark' style='padding: 3px;'>General</td>
</tr>
<?php
$form_array = array(
"current_theme" => array(
"friendly_name" => _("Visual Theme"),
"description" => _("The Cacti theme to use. Changes the look of Cacti."),
"method" => "drop_array",
"array" => $themes,
"value" => api_user_theme($_SESSION["sess_user_id"]),
"default" => "default"
)
);
draw_edit_form(
array(
"config" => array(
"no_form_tag" => true
),
"fields" => $form_array
)
);
html_end_box();
form_hidden_box("save_component_user","1","");
form_save_button((isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "index.php"), "save");
}
/* requery newly created user */
$user = api_user_info(array("username" => $username, "realm" => $realm));
#$user = db_fetch_row("select * from user_auth where username='******' and realm = " . $realm);
} else {
/* error */
auth_display_custom_error_message(sprintf(_("Template user '%s' does not exist."), read_config_option("user_template")));
log_save(sprintf(_("LOGIN: Unable to locate template user '%s'"), read_config_option("user_template")), SEV_ERROR, FACIL_AUTH);
exit;
}
}
/* Guest account checking - Not for builtin */
$guest_user = false;
if (sizeof($user) < 1 && $user_auth && read_config_option("guest_user") != "0") {
log_save(_("LOGIN: Authenicated user, but no cacti user record, loading guest account"), SEV_DEBUG, FACIL_AUTH);
/* Locate guest user record */
$user = api_user_info(array("username" => read_config_option("guest_user")));
#$user = db_fetch_row("select * from user_auth where username='******'");
if ($user) {
log_save(sprintf(_("LOGIN: Authenicated user '%s' using guest account '%s'"), $username, $user["username"]), SEV_INFO, FACIL_AUTH);
$guest_user = true;
} else {
/* error */
auth_display_custom_error_message("Guest user \"" . read_config_option("guest_user") . "\" does not exist.");
log_save(sprintf(_("LOGIN: Unable to locate guest user '%s'"), read_config_option("guest_user")), SEV_ERROR, FACIL_AUTH);
exit;
}
}
/* Process the user */
if (sizeof($user) > 0) {
log_save(sprintf(_("LOGIN: User '%s' Authenticated"), $user["username"]), SEV_NOTICE, FACIL_AUTH);
/* is user enabled */
function api_user_theme($user_id) {
/* users must have cacti user auth turned on to use this */
if ((read_config_option("auth_method") == "0") || (!isset($user_id))) {
return read_config_option("default_theme");
}
if (isset($_SESSION["sess_current_theme"])) {
return $_SESSION["sess_current_theme"];
}else{
$user = api_user_info( array( "id" => $user_id ) );
if ((empty($user["current_theme"])) || ($user["current_theme"] == "default")) {
$user_theme = read_config_option("default_theme");
}else{
$user_theme = $user["current_theme"];
}
$_SESSION["sess_current_theme"] = $user_theme;
}
return $user_theme;
}
function user_actions() {
global $colors, $user_actions, $fields_user_edit, $user_password_expire_intervals;
/* if we are to save this form, instead of display it */
if (isset($_POST["selected_items"])) {
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
if ($_POST["drp_action"] == "3") {
/* Enable Selected Users */
for ($i=0;($i<count($selected_items));$i++) {
api_user_enable($selected_items[$i]);
}
}elseif ($_POST["drp_action"] == "4") {
/* Disable Selected Users */
for ($i=0;($i<count($selected_items));$i++) {
api_user_disable($selected_items[$i]);
}
}elseif ($_POST["drp_action"] == "1") {
/* Delete User */
for ($i=0; $i<count($selected_items); $i++) {
api_user_remove($selected_items[$i]);
}
}elseif ($_POST["drp_action"] == "2") {
/* Copy User */
/* Check for new user name */
if ((!empty($_POST["user_new"])) && (!empty($_POST["user_name"]))) {
if (api_user_copy($_POST["user_name"],$_POST["user_new"]) == 1) {
raise_message(12);
}
}
}elseif ($_POST["drp_action"] == "5") {
/* Password Expiration */
for ($i=0; $i<count($selected_items); $i++) {
api_user_expire_length_set($selected_items[$i], $_POST["expire_interval"]);
}
}
header("Location: user_admin.php");
exit;
}
/* setup some variables */
$user_list = ""; $i = 0; $username = "";
/* loop through each of the users selected on the previous page and get more info about them */
while (list($var,$val) = each($_POST)) {
if (ereg("^chk_([0-9]+)$", $var, $matches)) {
$user = api_user_info( array( "id" => $matches[1]) );
$user_list .= "<li>" . $user["username"] . "<br>";
$username_list[$user["username"]] = $user["username"];
$user_array[$i] = $matches[1];
}
$i++;
}
require_once(CACTI_BASE_PATH . "/include/top_header.php");
html_start_box("<strong>" . $user_actions{$_POST["drp_action"]} . "</strong>", "60%", $colors["header_panel_background"], "3", "center", "");
print "<form action='user_admin.php' method='post'>\n";
if ($_POST["drp_action"] == "3") { /* Enable Users */
print " <tr>
<td colspan='2' class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>" . _("To enable the following users, press the \"yes\" button below.") . "</p>
<p>$user_list</p>
</td>
</tr>";
}elseif ($_POST["drp_action"] == "4") { /* Disable Users */
print " <tr>
<td colspan='4' class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>". _("To disable the following users, press the \"yes\" button below.") . "</p>
<p>$user_list</p>
</td>
</tr>";
}elseif ($_POST["drp_action"] == "2") { /* copy user */
print " <tr>
<td colspan='2' class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>" . _("Would you like to copy a user to a new user?") . "</p>
</td>
</tr>";
if (isset($user_array)) {
$form_array = array(
"user_name" => array(
"method" => "drop_array",
"friendly_name" => _("User Name"),
"description" => _("Select the user name you would like to copy from."),
"value" => "",
"array" => $username_list
),
"user_new" => array(
"method" => "textbox",
"friendly_name" => _("New User Name"),
"description" => _("Type the user name of the new user."),
"value" => "",
"max_length" => "100"
)
);
draw_edit_form(
array(
"config" => array("no_form_tag" => true),
"fields" => $form_array
)
);
}
}elseif ($_POST["drp_action"] == "1") { /* delete */
print " <tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>" . _("Are you sure you want to delete the following users?") . "</p>
<p>$user_list</p>
</td></tr>
</td>
</tr>\n
";
}elseif ($_POST["drp_action"] == "5") { /* Password Expiration */
print " <tr>
<td colspan='2' class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>" . _("Would you like to set Password Expiration?") . "</p>
<p>$user_list</p>
</td>
</tr>";
$form_array = array(
"expire_interval" => array(
"method" => "drop_array",
"friendly_name" => _("Password Expiration Interval"),
"description" => _("Select the interval that you would like to apply to the selected users."),
"value" => "",
"array" => $user_password_expire_intervals
)
);
draw_edit_form(
array(
"config" => array("no_form_tag" => true),
"fields" => $form_array
)
);
}
if (!isset($user_array)) {
print "<tr><td colspan='2' bgcolor='#" . $colors["form_alternate1"]. "'><span class='textError'>" . _("You must select at least one user.") . "</span></td></tr>\n";
$save_html = "";
}else{
$save_html = "<input type='image' src='" . html_get_theme_images_path("button_yes.gif") . "' alt='" . _("Save") . "' align='absmiddle'>";
}
print " <tr>
<td colspan='2' align='right' bgcolor='#" . $colors["buttonbar_background"] . "'>
<input type='hidden' name='action' value='actions'>
<input type='hidden' name='selected_items' value='" . (isset($user_array) ? serialize($user_array) : '') . "'>
<input type='hidden' name='drp_action' value='" . $_POST["drp_action"] . "'>
<a href='user_admin.php'><img src='" . html_get_theme_images_path("button_no.gif") . "' alt='" . _("Cancel") . "' align='absmiddle' border='0'></a>
$save_html
</td>
</tr>
";
html_end_box();
require_once(CACTI_BASE_PATH . "/include/bottom_footer.php");
}
exit;
}
/* Check if we are logged in, and process guest account if set, used by graph_view.php */
if (isset($guest_account) && empty($_SESSION["sess_user_id"])) {
if (read_config_option("guest_user") != "0") {
$user = api_user_info(array("username" => read_config_option("guest_user"), "enabled" => "1"));
$guest_user_id = $user["id"];
if (!empty($guest_user_id)) {
$_SESSION["sess_user_id"] = $guest_user_id;
}
log_save(_("AUTH: Guest access enabled, using username '") . $user["username"] . _("' as guest"), SEV_INFO, FACIL_AUTH);
}
}
/* if we are a guest user in a non-guest area, wipe credentials and prompt for login */
if (!empty($_SESSION["sess_user_id"])) {
if (!isset($guest_account) && sizeof(api_user_info(array("username" => read_config_option("guest_user")))) == $_SESSION["sess_user_id"]) {
kill_session_var("sess_user_id");
}
}
if (empty($_SESSION["sess_user_id"])) {
/* User not authenticated, prompt for login */
require_once CACTI_BASE_PATH . "/include/auth/login.php";
exit;
} elseif (!empty($_SESSION["sess_user_id"])) {
/* User authenticated */
/* check if password is expired */
if (api_user_expire_info($_SESSION["sess_user_id"]) == "0") {
$_SESSION["sess_change_password"] = true;
if (read_config_option("auth_method") == 1 || $current_user["realm"] == "0" && read_config_option("auth_method") == "3") {
log_save(_("AUTH: User password expired, password change forced"), SEV_NOTICE, FACIL_AUTH);
header("Location: auth_changepassword.php?ref=" . (isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "index.php"));
/**
* Logs a message to the configured logging system
*
* This function is designed to handle logging for the cacti system.
*
* @param string $message the message your would like to log
* @param int $severity the severity you would like to log at, check logging constants for values, Default = SEV_INFO
* @param int $facility the facility you would like to log in, check logging constants for values. Default = FACIL_WEBUI
* @param string $plugin the plugin generating the log message
* @param int $poller_id the poller id generating the log message
* @param int $host_id the poller id generating the log message
* @param bool $output output messages to stdout
* @return bool true
*/
function log_save ($message, $severity = SEV_INFO, $facility = FACIL_WEBUI, $plugin = "", $poller_id = 0, $host_id = 0, $output = false) {
global $cnn_id;
/* fill in the current date for printing in the log */
$logdate = date("Y-m-d H:i:s");
/* Get variables */
$log_severity = log_read_config_option("log_severity");
/* get username */
if ($severity == SEV_DEV) {
$username = "******";
}else{
if (isset($_SESSION["sess_user_id"])) {
$user_info = api_user_info(array("id" => $_SESSION["sess_user_id"]));
$username = $user_info["username"];
}else{
$username = "******";
}
}
/* set the IP Address */
if (isset($_SERVER["REMOTE_ADDR"])) {
$source = $_SERVER["REMOTE_ADDR"];
}else {
$source = _("System");
}
/* Format message for developer if SEV_DEV is allowed */
if (($severity >= $log_severity) && ($severity == SEV_DEV)) {
/* get a backtrace so we can derive the current filename/line#/function */
$backtrace = debug_backtrace();
if (sizeof($backtrace) == 1) {
$function_name = $backtrace[0]["function"];
$filename = $backtrace[0]["file"];
$line_number = $backtrace[0]["line"];
} else {
$function_name = $backtrace[1]["function"];
$filename = $backtrace[0]["file"];
$line_number = $backtrace[0]["line"];
}
$message = str_replace(CACTI_BASE_PATH, "", $filename) . ":$line_number in " . ($function_name == "" ? "main" : $function_name) . "(): $message";
}
/* Log to Cacti System Log */
if ((log_read_config_option("log_dest_cacti") == "on") && (log_read_config_option("log_status") != "suspended") && ($severity >= $log_severity)) {
$sql = "insert into log
(logdate,facility,severity,poller_id,host_id,username,source,plugin,message) values
(SYSDATE(), " . $facility . "," . $severity . "," . $poller_id . "," .$host_id . ",'" . $username . "','" . $source . "','" . $plugin . "','". sql_sanitize($message) . "');";
/* DO NOT USE db_execute, function looping can occur when in SEV_DEV mode */
$cnn_id->Execute($sql);
}
/* Log to System Syslog/Eventlog */
/* Syslog is currently Unstable in Win32 */
if ((log_read_config_option("log_dest_system") == "on") && ($severity >= $log_severity)) {
openlog("cacti", LOG_NDELAY | LOG_PID, log_read_config_option("log_system_facility"));
syslog(log_get_system_severity($severity), log_get_severity($severity) . ": " . log_get_facility($facility) . ": " . $message);
closelog();
}
/* Log to Syslog Server */
if ((log_read_config_option("log_dest_syslog") == "on") && ($severity >= $log_severity)) {
log_save_syslog(log_read_config_option("log_syslog_server"), log_read_config_option("log_syslog_port"), log_read_config_option("log_syslog_facility"), log_get_severity_syslog($severity), log_get_severity($severity) . ": " . log_get_facility($facility) . ": " . $message);
}
/* print output to standard out if required, only for use in command line scripts */
if (($output == true) && ($severity >= $log_severity)) {
print $logdate . " - " . log_get_severity($severity) . ": " . log_get_facility($facility) . ": " . $message . "\n";
}
return true;
}
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| GNU General Public License for more details. |
+-------------------------------------------------------------------------+
| Cacti: The Complete RRDTool-based Graphing Solution |
+-------------------------------------------------------------------------+
| This code is designed, written, and maintained by the Cacti Group. See |
| about.php and/or the AUTHORS file for specific developer information. |
+-------------------------------------------------------------------------+
| http://www.cacti.net/ |
+-------------------------------------------------------------------------+
*/
$using_guest_account = false;
$show_console_tab = true;
if (read_config_option("auth_method") != "0") {
/* at this point this user is good to go... get user info */
$current_user = api_user_info(array("id" => $_SESSION["sess_user_id"]));
/* find out if we are logged in as a 'guest user' or not */
if (read_config_option("guest_user") != "0") {
if ($current_user["username"] == read_config_option("guest_user")) {
$using_guest_account = true;
}
}
/* find out if we should show the "console" tab or not, based on this user's permissions */
$current_user_realms = api_user_realms_list($current_user["id"]);
if ($current_user_realms["8"]["value"] != "1") {
$show_console_tab = false;
}
} else {
/* set permission for no auth */
$current_user["graph_settings"] = 'on';
$current_user["show_tree"] = 'on';
}
/* check that force password change it set */
if (!isset($_SESSION["sess_change_password"])) {
$access_denied = true;
}
/* default to !bad_password */
$bad_password = false;
$old_password = false;
/* set default action */
if (!isset($_REQUEST["action"])) {
$_REQUEST["action"] = "";
}
if (!$access_denied) {
switch ($_REQUEST["action"]) {
case 'changepassword':
if (api_user_info(array("id" => $_SESSION["sess_user_id"], "password" => md5($_POST["password"])))) {
$old_password = true;
} else {
if ($_POST["password"] == $_POST["confirm"] && $_POST["password"] != "") {
/* Log password change */
log_save(_("CHANGEPASSWORD: Password change successful"), SEV_INFO, FACIL_AUTH);
/* change password */
api_user_changepassword($_SESSION["sess_user_id"], $_POST["password"]);
kill_session_var("sess_change_password");
/* ok, at the point the user has been successfully authenticated; so we must
decide what to do next */
/* if no console permissions show graphs otherwise, pay attention to user setting */
$user_realms = api_user_realms_list($_SESSION["sess_user_id"]);
if ($user_realms[$user_auth_realm_filenames["index.php"]]["value"] == "1") {
switch ($user["login_opts"]) {
case '1':
function change_password_form() {
global $colors;
$user = api_user_info( array( "id" => $_SESSION["sess_user_id"]) );
$user_realms = api_user_realms_list($_SESSION["sess_user_id"]);
$form_fields = array (
"password_old" => array(
"method" => "textbox_password_single",
"friendly_name" => _("Current Password"),
"description" => _("Enter your current password validation."),
"value" => "",
"max_length" => "255"
),
"password_new" => array(
"method" => "textbox_password",
"friendly_name" => _("New Password"),
"description" => _("Enter your new password twice. Remember that passwords are case sensitive!"),
"value" => "",
"max_length" => "255"
),
);
require_once(CACTI_BASE_PATH . "/include/top_header.php");
/* check if authorized */
if ($user_realms["18"]["value"] == "1") {
if ((read_config_option("auth_method") == "1") || (($current_user["realm"] == "0") && (read_config_option("auth_method") == "3"))) {
/* Builtin auth method, password can be changed */
html_start_box("<strong>" . _("Change Password") . "</strong>", "98%", $colors["header_background"], "3", "center", "");
draw_edit_form(array(
"config" => array("form_name" => "chk"),
"fields" => inject_form_variables($form_fields, (isset($user) ? $user : array()))
));
html_end_box();
form_save_button((isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "index.php"),"save");
}else{
/* Password changing not supported */
display_custom_error_message(_("Current selected Authentication Method does not support changing of passwords."));
}
}else{
/* access denied */
display_custom_error_message(_("Access Denied."));
}
require_once(CACTI_BASE_PATH . "/include/bottom_footer.php");
}
function api_user_copy($template_user, $new_user, $new_realm=-1) {
$user_auth = db_fetch_row("select * from user_auth where username = '******'");
$user_auth['username'] = sql_sanitize($new_user);
if ($new_realm != -1) {
$user_auth['realm'] = sql_sanitize($new_realm);
}
$old_id = $user_auth['id'];
$user_auth['id'] = 0;
$user_auth["created"] = "now()";
$user_auth["password_change_last"] = "";
/* check that destination user doesn't already exist */
$user = api_user_info( array( "username" => $new_user, "realm" => $user_auth['realm'] ) );
if (!empty($user["id"])) {
return 1;
}
$new_id = sql_save($user_auth, 'user_auth');
$user_auth_perms = db_fetch_assoc("select * from user_auth_perms where user_id = " . $old_id);
foreach ($user_auth_perms as $row) {
$row['user_id'] = $new_id;
sql_save($row, 'user_auth_perms', array('user_id', 'item_id', 'type'));
}
$user_auth_realm = db_fetch_assoc("select * from user_auth_realm where user_id = " . $old_id);
foreach ($user_auth_realm as $row) {
$row['user_id'] = $new_id;
sql_save($row, 'user_auth_realm', array('realm_id', 'user_id'));
}
$settings_graphs = db_fetch_assoc("select * from settings_graphs where user_id = " . $old_id);
foreach ($settings_graphs as $row) {
$row['user_id'] = $new_id;
sql_save($row, 'settings_graphs', array('user_id', 'name'));
}
$settings_tree = db_fetch_assoc("select * from settings_tree where user_id = " . $old_id);
foreach ($settings_tree as $row) {
$row['user_id'] = $new_id;
sql_save($row, 'settings_tree', array('user_id', 'graph_tree_item_id'));
}
log_save(sprintf(_("USER_ADMIN: User '%s' copied to user '%s'"), $template_user, $new_user), SEV_NOTICE, FACIL_AUTH);
return 0;
}
