if ($uName && !$user) {
$pass = array_key_exists('upasswd', $opts) ? $opts['upasswd'] : '';
$seed = rand() . rand();
$hash = sha1($seed . $pass);
$desc = 'created via cli';
$perm = array_key_exists('accesslvl', $opts) ? intval($opts['accesslvl']) : 0;
if (array_key_exists('folder', $opts)) {
$folder = $opts['folder'];
$folderid = $folderDao->getFolderId($folder);
if ($folderid == null) {
$folderid = $folderDao->insertFolder($folder, 'Cli generated folder');
}
} else {
$folderid = 1;
}
$agentList = userAgents();
$email = $emailNotify = '';
add_user($uName, $desc, $seed, $hash, $perm, $email, $emailNotify, $agentList, $folderid);
$user = $userDao->getUserByName($uName);
print "added user {$uName}\n";
}
$gName = array_key_exists("gname", $opts) ? $opts["gname"] : '';
if ($gName) {
$sql = "SELECT group_pk FROM groups WHERE group_name=\$1";
$groupRow = $dbManager->getSingleRow($sql, array($gName), __FILE__ . __LINE__);
$groupId = $groupRow ? $groupRow['group_pk'] : $userDao->addGroup($gName);
} else {
$groupId = false;
}
$permLvl = array_key_exists("permlvl", $opts) ? intval($opts["permlvl"]) : 0;
if ($user && $groupId) {
$nameTextBox = (new CTextBox('name', $this->data['name'], $this->data['templated'], 64))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH);
if (!$this->data['templated']) {
$nameTextBox->setAttribute('autofocus', 'autofocus');
}
$httpFormList->addRow(_('Name'), $nameTextBox);
// Application
if ($this->data['application_list']) {
$applications = zbx_array_merge([''], $this->data['application_list']);
$httpFormList->addRow(_('Application'), new CComboBox('applicationid', $this->data['applicationid'], null, $applications));
} else {
$httpFormList->addRow(_('Application'), new CSpan(_('No applications found.')));
}
// New application
$httpFormList->addRow(new CLabel(_('New application'), 'new_application'), (new CSpan((new CTextBox('new_application', $this->data['new_application']))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)))->addClass(ZBX_STYLE_FORM_NEW_GROUP))->addRow(_('Update interval (in sec)'), (new CNumericBox('delay', $this->data['delay'], 5))->setWidth(ZBX_TEXTAREA_NUMERIC_STANDARD_WIDTH))->addRow(_('Attempts'), (new CNumericBox('retries', $this->data['retries'], 2))->setWidth(ZBX_TEXTAREA_NUMERIC_STANDARD_WIDTH));
$agentComboBox = new CComboBox('agent', $this->data['agent']);
$userAgentsAll = userAgents();
$userAgentsAll[_('Others')][ZBX_AGENT_OTHER] = _('other') . ' ...';
foreach ($userAgentsAll as $userAgentGroup => $userAgents) {
$agentComboBox->addItemsInGroup($userAgentGroup, $userAgents);
}
$httpFormList->addRow(_('Agent'), $agentComboBox);
$httpFormList->addRow(_('User agent string'), (new CTextBox('agent_other', $this->data['agent_other']))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH), 'row_agent_other');
// append HTTP proxy to form list
$httpFormList->addRow(_('HTTP proxy'), (new CTextBox('http_proxy', $this->data['http_proxy'], false, 255))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)->setAttribute('placeholder', 'http://[user[:password]@]proxy.example.com[:port]'))->addRow(_('Variables'), (new CTextArea('variables', $this->data['variables']))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH))->addRow(_('Headers'), (new CTextArea('headers', $this->data['headers']))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH))->addRow(_('Enabled'), (new CCheckBox('status'))->setChecked(!$this->data['status']));
/*
* Authentication tab
*/
$httpAuthenticationFormList = new CFormList('httpAuthenticationFormList');
// Authentication type
$httpAuthenticationFormList->addRow(_('HTTP authentication'), new CComboBox('authentication', $this->data['authentication'], null, httptest_authentications()));
$httpAuthenticationFormList->addRow(_('User'), (new CTextBox('http_user', $this->data['http_user'], false, 64))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH))->addRow(_('Password'), (new CTextBox('http_password', $this->data['http_password'], false, 64))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH))->addRow(_('SSL verify peer'), (new CCheckBox('verify_peer'))->setChecked($this->data['verify_peer'] == 1))->addRow(_('SSL verify host'), (new CCheckBox('verify_host'))->setChecked($this->data['verify_host'] == 1))->addRow(_('SSL certificate file'), (new CTextBox('ssl_cert_file', $this->data['ssl_cert_file'], false, 255))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH))->addRow(_('SSL key file'), (new CTextBox('ssl_key_file', $this->data['ssl_key_file'], false, 255))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH))->addRow(_('SSL key password'), (new CTextBox('ssl_key_password', $this->data['ssl_key_password'], false, 64))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH));
$data['steps'] = DBfetchArray(DBselect('SELECT h.* FROM httpstep h WHERE h.httptestid=' . zbx_dbstr($_REQUEST['httptestid']) . ' ORDER BY h.no'));
} else {
if (isset($_REQUEST['form_refresh'])) {
$data['status'] = isset($_REQUEST['status']) ? HTTPTEST_STATUS_ACTIVE : HTTPTEST_STATUS_DISABLED;
} else {
$data['status'] = HTTPTEST_STATUS_ACTIVE;
}
$data['name'] = getRequest('name', '');
$data['applicationid'] = getRequest('applicationid');
$data['new_application'] = getRequest('new_application', '');
$data['delay'] = getRequest('delay', 60);
$data['retries'] = getRequest('retries', 1);
$data['agent'] = getRequest('agent', ZBX_DEFAULT_AGENT);
$data['agent_other'] = getRequest('agent_other');
if ($data['agent'] == ZBX_AGENT_OTHER) {
foreach (userAgents() as $userAgents) {
if (array_key_exists($data['agent_other'], $userAgents)) {
$data['agent'] = $data['agent_other'];
$data['agent_other'] = '';
break;
}
}
}
$data['variables'] = getRequest('variables', []);
$data['authentication'] = getRequest('authentication', HTTPTEST_AUTH_NONE);
$data['http_user'] = getRequest('http_user', '');
$data['http_password'] = getRequest('http_password', '');
$data['http_proxy'] = getRequest('http_proxy', '');
$data['templated'] = (bool) getRequest('templated');
$data['steps'] = getRequest('steps', []);
$data['headers'] = getRequest('headers');
/**
* \brief Alter a user.
*
* \return NULL on success, string on failure.
*/
function Edit()
{
global $PG_CONN;
/* Get the parameters */
$UserId = @$_SESSION['UserId'];
$User = GetParm('username', PARM_TEXT);
$Pass0 = GetParm('pass0', PARM_TEXT);
$Pass1 = GetParm('pass1', PARM_TEXT);
$Pass2 = GetParm('pass2', PARM_TEXT);
$Seed = rand() . rand();
$Desc = GetParm('description', PARM_TEXT);
$Perm = GetParm('permission', PARM_INTEGER);
$Folder = GetParm('folder', PARM_INTEGER);
$Email = GetParm('email', PARM_TEXT);
$Email_notify = GetParm('emailnotify', PARM_TEXT);
$agentList = userAgents();
$default_bucketpool_fk = GetParm('default_bucketpool_fk', PARM_INTEGER);
$new_upload_group_fk = GetParm('new_upload_group_fk', PARM_INTEGER);
$new_upload_perm = GetParm('new_upload_perm', PARM_INTEGER);
$uiChoice = GetParm('whichui', PARM_TEXT);
/* Make sure username looks valid */
if (empty($_SESSION['UserId'])) {
$text = _("You must be logged in.");
return $text;
}
/* Make sure password matches */
if (!empty($Pass1) || !empty($Pass2)) {
if ($Pass1 != $Pass2) {
$text = _("New passwords did not match. No change.");
return $text;
}
}
/* Make sure email looks valid */
$Check = preg_replace("/[^a-zA-Z0-9@_.+-]/", "", $Email);
if ($Check != $Email) {
$text = _("Invalid email address. Not added.");
return $text;
}
/* See if the user already exists (better not!) */
$sql = "SELECT * FROM users WHERE user_name = '{$User}' AND user_pk != '{$UserId}' LIMIT 1;";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
$row = pg_fetch_assoc($result);
pg_free_result($result);
if (!empty($row['user_name'])) {
$text = _("User already exists. Not added.");
return $text;
}
/* Load current user */
$sql = "SELECT * FROM users WHERE user_pk = '{$UserId}' LIMIT 1;";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
$R = pg_fetch_assoc($result);
pg_free_result($result);
/* Make sure old password matched */
/* if login by siteminder, didn't check old password just get old password*/
if (siteminder_check() == -1) {
$Hash = sha1($R['user_seed'] . $Pass0);
if ($Hash != $R['user_pass']) {
$text = _("Authentication password did not match. No change.");
return $text;
}
} else {
$Pass0 = $R['user_pass'];
}
/* Update the user */
$GotUpdate = 0;
$SQL = "UPDATE users SET";
if (!empty($User) && $User != $R['user_name']) {
$_SESSION['User'] = '******';
$User = str_replace("'", "''", $User);
$SQL .= " user_name = '{$User}'";
$GotUpdate = 1;
}
if ($Desc != $R['user_desc']) {
$Desc = str_replace("'", "''", $Desc);
if ($GotUpdate) {
$SQL .= ", ";
}
$SQL .= " user_desc = '{$Desc}'";
$GotUpdate = 1;
}
if ($Email != $R['user_email']) {
$Email = str_replace("'", "''", $Email);
if ($GotUpdate) {
$SQL .= ", ";
}
$SQL .= " user_email = '{$Email}'";
$GotUpdate = 1;
}
if ($Email_notify != $R['email_notify']) {
if ($GotUpdate) {
$SQL .= ", ";
}
if ($Email_notify == 'on') {
$Email_notify = 'y';
} else {
$Email_notify = '';
}
$SQL .= " email_notify = '{$Email_notify}'";
$_SESSION['UserEnote'] = $Email_notify;
$GotUpdate = 1;
}
if ($agentList != $R['user_agent_list']) {
if ($GotUpdate) {
$SQL .= ", ";
}
$SQL .= " user_agent_list = '{$agentList}'";
$GotUpdate = 1;
}
if ($default_bucketpool_fk != $R['default_bucketpool_fk']) {
if ($default_bucketpool_fk == 0) {
$default_bucketpool_fk = 'NULL';
}
if ($GotUpdate) {
$SQL .= ", ";
}
$SQL .= " default_bucketpool_fk = {$default_bucketpool_fk}";
$GotUpdate = 1;
}
if ($new_upload_group_fk != $R['new_upload_group_fk']) {
if ($new_upload_group_fk == 0) {
$new_upload_group_fk = 'NULL';
}
if ($GotUpdate) {
$SQL .= ", ";
}
$SQL .= " new_upload_group_fk = {$new_upload_group_fk}";
$GotUpdate = 1;
}
if ($new_upload_perm != $R['new_upload_perm']) {
if ($new_upload_perm == 0) {
$new_upload_perm = 'NULL';
}
if ($GotUpdate) {
$SQL .= ", ";
}
$SQL .= " new_upload_perm = {$new_upload_perm}";
$GotUpdate = 1;
}
if ($uiChoice != $R['ui_preference']) {
if ($GotUpdate) {
$SQL .= ", ";
}
$SQL .= " ui_preference = '{$uiChoice}'";
$_SESSION['UiPref'] = $uiChoice;
$GotUpdate = 1;
}
if (!empty($Pass1) && $Pass0 != $Pass1 && $Pass1 == $Pass2) {
$Seed = rand() . rand();
$Hash = sha1($Seed . $Pass1);
if ($GotUpdate) {
$SQL .= ", ";
}
$SQL .= " user_seed = '{$Seed}'";
$SQL .= ", user_pass = '******'";
$GotUpdate = 1;
}
$SQL .= " WHERE user_pk = '{$UserId}';";
if ($GotUpdate) {
$result = pg_query($PG_CONN, $SQL);
DBCheckResult($result, $SQL, __FILE__, __LINE__);
pg_free_result($result);
}
$_SESSION['timeout_check'] = 1;
/* force a recheck */
return NULL;
}
/**
* \brief Add a user.
*
* \return NULL on success, string on failure.
*/
function Add()
{
global $PG_CONN;
if (!$PG_CONN) {
DBconnect();
if (!$PG_CONN) {
$text = _("NO DB connection!");
echo "<pre>{$text}\n</pre>";
}
}
/* Get the parameters */
$User = str_replace("'", "''", GetParm('username', PARM_TEXT));
$User = trim($User);
$Pass = GetParm('pass1', PARM_TEXT);
$Pass2 = GetParm('pass2', PARM_TEXT);
$Seed = rand() . rand();
$Hash = sha1($Seed . $Pass);
$Desc = str_replace("'", "''", GetParm('description', PARM_TEXT));
$Perm = GetParm('permission', PARM_INTEGER);
$Folder = GetParm('folder', PARM_INTEGER);
$Email_notify = GetParm('enote', PARM_TEXT);
$Email = str_replace("'", "''", GetParm('email', PARM_TEXT));
$agentList = userAgents();
$default_bucketpool_fk = GetParm('default_bucketpool_fk', PARM_INTEGER);
/* Make sure username looks valid */
if (empty($User)) {
$text = _("Username must be specified. Not added.");
return $text;
}
/* limit the user name size to 64 characters when creating an account */
if (strlen($User) > 64) {
$text = _("Username exceed 64 characters. Not added.");
return $text;
}
/* Make sure password matches */
if ($Pass != $Pass2) {
$text = _("Passwords did not match. Not added.");
return $text;
}
/* Make sure email looks valid */
$Check = preg_replace("/[^a-zA-Z0-9@_.+-]/", "", $Email);
if ($Check != $Email) {
$text = _("Invalid email address. Not added.");
return $text;
}
/* See if the user already exists (better not!) */
$row = $this->dbManager->getSingleRow("SELECT * FROM users WHERE user_name = \$1 LIMIT 1;", array($User), $stmt = __METHOD__ . ".getUserIfExisting");
if (!empty($row['user_name'])) {
$text = _("User already exists. Not added.");
return $text;
}
/* check email notification, if empty (box not checked), or if no email
* specified for the user set to 'n'.
*/
if (empty($Email_notify)) {
$Email_notify = '';
} elseif (empty($Email)) {
$Email_notify = '';
}
$ErrMsg = add_user($User, $Desc, $Seed, $Hash, $Perm, $Email, $Email_notify, $agentList, $Folder, $default_bucketpool_fk);
return $ErrMsg;
}
/**
* \brief Create a user record.
* \param integer $user_pk: If empty, use form data
*
* \return A user record in the same associated array format that you get from a pg_fetch_assoc().
* However, there may be additional fields from the data input form that are not in the
* users table. These additional fields start with an underscore (_pass1, _pass2, _blank_pass)
* that come from the edit form.
*/
function CreateUserRec(Request $request, $user_pk = "")
{
/* If a $user_pk was given, use it to read the user db record.
* Otherwise, use the form data.
*/
if (!empty($user_pk)) {
$UserRec = $this->GetUserRec($user_pk);
$UserRec['_pass1'] = "";
$UserRec['_pass2'] = "";
$UserRec['_blank_pass'] = $UserRec['user_pass'] == sha1($UserRec['user_seed'] . "") ? "on" : "";
} else {
$UserRec = array();
$UserRec['user_pk'] = intval($request->get('user_pk'));
$UserRec['user_name'] = stripslashes($request->get('user_name'));
$UserRec['root_folder_fk'] = intval($request->get('root_folder_fk'));
$UserRec['user_desc'] = stripslashes($request->get('user_desc'));
$UserRec['_pass1'] = stripslashes($request->get('_pass1'));
$UserRec['_pass2'] = stripslashes($request->get('_pass2'));
if (!empty($UserRec['_pass1'])) {
$UserRec['user_seed'] = rand() . rand();
$UserRec['user_pass'] = sha1($UserRec['user_seed'] . $UserRec['_pass1']);
$UserRec['_blank_pass'] = "";
} else {
$UserRec['user_pass'] = "";
$UserRec['_blank_pass'] = stripslashes($request->get("_blank_pass"));
if (empty($UserRec['_blank_pass'])) {
// get the stored seed
$StoredUserRec = $this->GetUserRec($UserRec['user_pk']);
$UserRec['_blank_pass'] = $UserRec['user_pass'] == sha1($StoredUserRec['user_seed'] . "") ? "on" : "";
}
}
$UserRec['user_perm'] = intval($request->get('user_perm'));
$UserRec['user_email'] = stripslashes($request->get('user_email'));
$UserRec['email_notify'] = stripslashes($request->get('email_notify'));
if (!empty($UserRec['email_notify'])) {
$UserRec['email_notify'] = 'y';
}
$UserRec['user_agent_list'] = userAgents();
$UserRec['default_bucketpool_fk'] = intval($request->get("default_bucketpool_fk"));
}
return $UserRec;
}
/**
* \brief Add a user.
*
* \return NULL on success, string on failure.
*/
function Add()
{
global $PG_CONN;
if (!$PG_CONN) {
DBconnect();
if (!$PG_CONN) {
$text = _("NO DB connection!");
echo "<pre>{$text}\n</pre>";
}
}
/* Get the parameters */
$User = str_replace("'", "''", GetParm('username', PARM_TEXT));
$User = trim($User);
$Pass = GetParm('pass1', PARM_TEXT);
$Pass2 = GetParm('pass2', PARM_TEXT);
$Seed = rand() . rand();
$Hash = sha1($Seed . $Pass);
$Desc = str_replace("'", "''", GetParm('description', PARM_TEXT));
$Perm = GetParm('permission', PARM_INTEGER);
$Folder = GetParm('folder', PARM_INTEGER);
$Email_notify = GetParm('enote', PARM_TEXT);
$Email = str_replace("'", "''", GetParm('email', PARM_TEXT));
$agentList = userAgents();
$default_bucketpool_fk = GetParm('default_bucketpool_fk', PARM_INTEGER);
$new_upload_group_fk = GetParm('new_upload_group_fk', PARM_INTEGER);
$new_upload_perm = GetParm('new_upload_perm', PARM_INTEGER);
$uiChoice = GetParm('whichui', PARM_TEXT);
/* Make sure username looks valid */
if (empty($User)) {
$text = _("Username must be specified. Not added.");
return $text;
}
/* limit the user name size to 64 characters when creating an account */
if (strlen($User) > 64) {
$text = _("Username exceed 64 characters. Not added.");
return $text;
}
/* Make sure password matches */
if ($Pass != $Pass2) {
$text = _("Passwords did not match. Not added.");
return $text;
}
/* Make sure email looks valid */
$Check = preg_replace("/[^a-zA-Z0-9@_.+-]/", "", $Email);
if ($Check != $Email) {
$text = _("Invalid email address. Not added.");
return $text;
}
/* See if the user already exists (better not!) */
$sql = "SELECT * FROM users WHERE user_name = '{$User}' LIMIT 1;";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
$row = pg_fetch_assoc($result);
pg_free_result($result);
if (!empty($row['user_name'])) {
$text = _("User already exists. Not added.");
return $text;
}
/* check email notification, if empty (box not checked), or if no email
* specified for the user set to 'n'.
*/
if (empty($Email_notify)) {
$Email_notify = '';
} elseif (empty($Email)) {
$Email_notify = '';
}
/* Add the user */
if ($uiChoice != 'simple') {
$uiChoice = 'original';
}
if (empty($new_upload_group_fk)) {
$new_upload_group_fk = 'NULL';
}
if (empty($new_upload_perm)) {
$new_upload_perm = 'NULL';
}
$ErrMsg = add_user($User, $Desc, $Seed, $Hash, $Perm, $Email, $Email_notify, $agentList, $Folder, $default_bucketpool_fk);
return $ErrMsg;
}
/**
* \brief Create a user record.
* \param integer $user_pk: If empty, use form data
*
* \return A user record in the same associated array format that you get from a pg_fetch_assoc().
* However, there may be additional fields from the data input form that are not in the
* users table. These additional fields start with an underscore (_pass1, _pass2, _blank_pass)
* that come from the edit form.
*/
function CreateUserRec($user_pk = "")
{
/* If a $user_pk was given, use it to read the user db record.
* Otherwise, use the form data.
*/
if (!empty($user_pk)) {
$UserRec = $this->GetUserRec($user_pk);
$UserRec['_pass1'] = "";
$UserRec['_pass2'] = "";
$UserRec['_blank_pass'] = $UserRec['user_pass'] == sha1($UserRec['user_seed'] . "") ? "on" : "";
} else {
$UserRec = array();
$UserRec['user_pk'] = GetParm('user_pk', PARM_TEXT);
$UserRec['user_name'] = GetParm('user_name', PARM_TEXT);
$UserRec['root_folder_fk'] = GetParm('root_folder_fk', PARM_INTEGER);
$UserRec['user_desc'] = GetParm('user_desc', PARM_TEXT);
$UserRec['_pass1'] = GetParm('_pass1', PARM_TEXT);
$UserRec['_pass2'] = GetParm('_pass2', PARM_TEXT);
if (!empty($UserRec['_pass1'])) {
$UserRec['user_seed'] = rand() . rand();
$UserRec['user_pass'] = sha1($UserRec['user_seed'] . $UserRec['_pass1']);
$UserRec['_blank_pass'] = "";
} else {
$UserRec['user_pass'] = "";
$UserRec['_blank_pass'] = GetParm("_blank_pass", PARM_TEXT);
if (empty($UserRec['_blank_pass'])) {
// get the stored seed
$StoredUserRec = $this->GetUserRec($UserRec['user_pk']);
$UserRec['_blank_pass'] = $UserRec['user_pass'] == sha1($StoredUserRec['user_seed'] . "") ? "on" : "";
}
}
$UserRec['user_perm'] = GetParm('user_perm', PARM_INTEGER);
$UserRec['user_email'] = GetParm('user_email', PARM_TEXT);
$UserRec['email_notify'] = GetParm('email_notify', PARM_TEXT);
if (!empty($UserRec['email_notify'])) {
$UserRec['email_notify'] = 'y';
}
$UserRec['user_agent_list'] = userAgents();
$UserRec['default_bucketpool_fk'] = GetParm("default_bucketpool_fk", PARM_INTEGER);
}
return $UserRec;
}
/**
* \brief Edit a user.
*
* \return NULL on success, string on failure.
*/
function Edit()
{
global $PG_CONN;
/* Get the parameters */
$UserId = GetParm('userid', PARM_INTEGER);
if (empty($UserId)) {
$text = _("No user selected. No change.");
return $text;
}
$User = GetParm('username', PARM_TEXT);
$Pass1 = GetParm('pass1', PARM_TEXT);
$Pass2 = GetParm('pass2', PARM_TEXT);
$Seed = rand() . rand();
$Hash = sha1($Seed . $Pass1);
$Desc = GetParm('description', PARM_TEXT);
$Perm = GetParm('permission', PARM_INTEGER);
$Folder = GetParm('folder', PARM_INTEGER);
$Email = GetParm('email', PARM_TEXT);
$Email_notify = GetParm('enote', PARM_TEXT);
$uiChoice = GetParm('whichui', PARM_TEXT);
$agentList = userAgents();
$Block = GetParm("block", PARM_INTEGER);
$Blank = GetParm("blank", PARM_INTEGER);
$default_bucketpool_fk = GetParm("default_bucketpool_fk", PARM_INTEGER);
$new_upload_group_fk = GetParm('new_upload_group_fk', PARM_INTEGER);
$new_upload_perm = GetParm('new_upload_perm', PARM_INTEGER);
if (!empty($Email_notify)) {
}
/* Make sure username looks valid */
if (empty($User)) {
$text = _("Username must be specified. No change.");
return $text;
}
/* Make sure password matches */
if ($Pass1 != $Pass2) {
$text = _("Passwords did not match. No change.");
return $text;
}
/* Make sure email looks valid */
$Check = preg_replace("/[^a-zA-Z0-9@_.+-]/", "", $Email);
if ($Check != $Email) {
$text = _("Invalid email address. Not edited.");
return $text;
}
//echo "<pre>session is:{$_SESSION['UiPref']}\n</pre>";
/* Get existing user info for updating */
$sql = "SELECT * FROM users WHERE user_pk = '{$UserId}' LIMIT 1;";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
$R = pg_fetch_assoc($result);
pg_free_result($result);
if (empty($R['user_pk'])) {
$text = _("User does not exist. No change.");
return $text;
}
/* Edit the user */
if (strcmp($User, $R['user_name'])) {
/* See if the user already exists (better not!) */
$Val = str_replace("'", "''", $User);
$sql = "SELECT * FROM users WHERE user_name = '{$Val}' LIMIT 1;";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
$row = pg_fetch_assoc($result);
pg_free_result($result);
if (!empty($row['user_name'])) {
$text = _("User already exists. Not edited.");
return $text;
}
$sql = "UPDATE users SET user_name = '{$Val}' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
if (strcmp($Desc, $R['user_desc'])) {
$Val = str_replace("'", "''", $Desc);
$sql = "UPDATE users SET user_desc = '{$Val}' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
if (strcmp($Email, $R['user_email'])) {
$Val = str_replace("'", "''", $Email);
$sql = "UPDATE users SET user_email = '{$Val}' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
/* check email notification, if empty (box not checked), or if no email
* specified for the user set to ''. (default value for field is 'y').
*/
if ($Email_notify != $R['email_notify']) {
if ($Email_notify == 'on') {
$Email_notify = 'y';
}
$sql = "UPDATE users SET email_notify = '{$Email_notify}' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
$_SESSION['UserEnote'] = $Email_notify;
} elseif (empty($Email)) {
$sql = "UPDATE users SET email_notify = '' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
$_SESSION['UserEnote'] = '';
}
if ($uiChoice != $R['ui_preference']) {
$sql = "UPDATE users SET ui_preference='{$uiChoice}' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
if ($Folder != $R['root_folder_fk']) {
$sql = "UPDATE users SET root_folder_fk = '{$Folder}' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
if ($Perm != $R['user_perm']) {
$sql = "UPDATE users SET user_perm = '{$Perm}' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
if ($Blank == 1) {
$Seed = rand() . rand();
$Hash = sha1($Seed . "");
$sql = "UPDATE users SET user_seed = '{$Seed}', user_pass = '******' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
$R['user_seed'] = $Seed;
$R['user_pass'] = $Hash;
}
if (!empty($Pass1)) {
$Seed = rand() . rand();
$Hash = sha1($Seed . $Pass1);
$sql = "UPDATE users SET user_seed = '{$Seed}', user_pass = '******' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
$R['user_seed'] = $Seed;
$R['user_pass'] = $Hash;
}
if (substr($R['user_pass'], 0, 1) == ' ') {
$OldBlock = 1;
} else {
$OldBlock = 0;
}
if (empty($Block)) {
$Block = 0;
}
if ($Block != $OldBlock) {
if ($Block) {
$sql = "UPDATE users SET user_pass = '******'user_pass'] . "' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
} else {
$sql = "UPDATE users SET user_pass = '******'user_pass']) . "' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
}
// update user_agent_list
if (strcmp($agentList, $R['user_agent_list'])) {
$Val = str_replace("'", "''", $agentList);
$sql = "UPDATE users SET user_agent_list = '{$Val}' WHERE user_pk = '{$UserId}';";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
if ($default_bucketpool_fk != $R['default_bucketpool_fk']) {
if ($default_bucketpool_fk == 0) {
$default_bucketpool_fk = 'NULL';
}
$sql = "UPDATE users SET default_bucketpool_fk = {$default_bucketpool_fk} WHERE user_pk = '{$UserId}'";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
/**** new upload group ****/
if ($new_upload_group_fk != $R['new_upload_group_fk']) {
if ($new_upload_group_fk == 0) {
$new_upload_group_fk = 'NULL';
}
$sql = "UPDATE users SET new_upload_group_fk = {$new_upload_group_fk} WHERE user_pk = '{$UserId}'";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
/**** new upload perm ****/
if ($new_upload_perm != $R['new_upload_perm']) {
if ($new_upload_perm == 0) {
$new_upload_perm = 'NULL';
}
$sql = "UPDATE users SET new_upload_perm = {$new_upload_perm} WHERE user_pk = '{$UserId}'";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
}
return NULL;
}
