?>
" />
<input type="hidden" name="form" value="adduser">
<label class="control-label col-sm-2">Username</label>
<div class="col-sm-10">
<input class="form-control " type="text" name="username" value="<?php
echo str_replace("@", "_at_", $attrib["mail"][0]);
?>
" readonly>
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2">Password</label>
<div class="col-sm-10">
<input class="form-control" type="text" name="password" value="<?php
echo mkpasswd(32);
?>
" readonly>
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2">Realm</label>
<div class="col-sm-10">
<input class="form-control" type="text" name="realm" value="<?php
echo default_realm;
?>
" readonly>
</div>
<br>
</div>
<button type="submit" class="btn btn-primary btn-lg center-block" aria-hidden="true">Request Password Credential <i class="ion-android-arrow-forward"></i></button>
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
do_input_validation_type($_POST, $reqdfields, $reqdfieldsn, $reqdfieldst, $input_errors);
// Validate old password.
if (!password_verify($_POST['password_old'], $config['system']['password'])) {
$input_errors[] = gettext("The current password is incorrectly entered.");
}
// Validate new password.
if ($_POST['password_new'] !== $_POST['password_confirm']) {
$input_errors[] = gettext("The new password does not match. Please ensure the passwords match exactly.");
}
// Check Webserver document root if auth is required
if (isset($config['websrv']['enable']) && isset($config['websrv']['authentication']['enable']) && !is_dir($config['websrv']['documentroot'])) {
$input_errors[] = gettext("Webserver document root is missing.");
}
if (empty($input_errors)) {
$config['system']['password'] = mkpasswd($_POST['password_new']);
write_config();
$retval = 0;
if (!file_exists($d_sysrebootreqd_path)) {
config_lock();
$retval |= rc_exec_service("userdb");
$retval |= rc_exec_service("htpasswd");
$retval |= rc_exec_service("websrv_htpasswd");
$retval |= rc_exec_service("fmperm");
config_unlock();
}
$savemsg = get_std_save_message($retval);
}
}
include "fbegin.inc";
?>
}
$muser->set('sessionId', 'y');
$muser->set('superuser', $superuser);
$muser->save();
}
}
} else {
# new user
$res = mysql_query("select id from users where login like '{$login}' limit 1;");
if (!mysql_num_rows($res)) {
mysql_query("insert into users(login) values ('{$login}');");
$newid = mysql_insert_id($dbh);
$muser = new user($CONFIG['DB_HOST'], $CONFIG['DB_NAME'], $CONFIG['DB_USER'], $CONFIG['DB_PASS']);
if ($muser->loadByUserId($newid)) {
if ($_POST['password'] != '') {
$muser->set('password', mkpasswd($CONFIG['USER_PASSWORD_SALT'], $_POST['password']));
}
$muser->set('sessionId', 'y');
$muser->set('superuser', $superuser);
$muser->save();
}
}
}
dbClose($dbh);
header('Location: ?a=superuserUsers');
}
break;
case 'superuserUserDelExec':
if ($user->get('superuser')) {
if ($id > $user->get('id')) {
$dbh = dbConnect();
