?> " /> <input type="hidden" name="form" value="adduser"> <label class="control-label col-sm-2">Username</label> <div class="col-sm-10"> <input class="form-control " type="text" name="username" value="<?php echo str_replace("@", "_at_", $attrib["mail"][0]); ?> " readonly> </div> </div> <div class="form-group"> <label class="control-label col-sm-2">Password</label> <div class="col-sm-10"> <input class="form-control" type="text" name="password" value="<?php echo mkpasswd(32); ?> " readonly> </div> </div> <div class="form-group"> <label class="control-label col-sm-2">Realm</label> <div class="col-sm-10"> <input class="form-control" type="text" name="realm" value="<?php echo default_realm; ?> " readonly> </div> <br> </div> <button type="submit" class="btn btn-primary btn-lg center-block" aria-hidden="true">Request Password Credential <i class="ion-android-arrow-forward"></i></button>
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); do_input_validation_type($_POST, $reqdfields, $reqdfieldsn, $reqdfieldst, $input_errors); // Validate old password. if (!password_verify($_POST['password_old'], $config['system']['password'])) { $input_errors[] = gettext("The current password is incorrectly entered."); } // Validate new password. if ($_POST['password_new'] !== $_POST['password_confirm']) { $input_errors[] = gettext("The new password does not match. Please ensure the passwords match exactly."); } // Check Webserver document root if auth is required if (isset($config['websrv']['enable']) && isset($config['websrv']['authentication']['enable']) && !is_dir($config['websrv']['documentroot'])) { $input_errors[] = gettext("Webserver document root is missing."); } if (empty($input_errors)) { $config['system']['password'] = mkpasswd($_POST['password_new']); write_config(); $retval = 0; if (!file_exists($d_sysrebootreqd_path)) { config_lock(); $retval |= rc_exec_service("userdb"); $retval |= rc_exec_service("htpasswd"); $retval |= rc_exec_service("websrv_htpasswd"); $retval |= rc_exec_service("fmperm"); config_unlock(); } $savemsg = get_std_save_message($retval); } } include "fbegin.inc"; ?>
} $muser->set('sessionId', 'y'); $muser->set('superuser', $superuser); $muser->save(); } } } else { # new user $res = mysql_query("select id from users where login like '{$login}' limit 1;"); if (!mysql_num_rows($res)) { mysql_query("insert into users(login) values ('{$login}');"); $newid = mysql_insert_id($dbh); $muser = new user($CONFIG['DB_HOST'], $CONFIG['DB_NAME'], $CONFIG['DB_USER'], $CONFIG['DB_PASS']); if ($muser->loadByUserId($newid)) { if ($_POST['password'] != '') { $muser->set('password', mkpasswd($CONFIG['USER_PASSWORD_SALT'], $_POST['password'])); } $muser->set('sessionId', 'y'); $muser->set('superuser', $superuser); $muser->save(); } } } dbClose($dbh); header('Location: ?a=superuserUsers'); } break; case 'superuserUserDelExec': if ($user->get('superuser')) { if ($id > $user->get('id')) { $dbh = dbConnect();