** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
**/
require_once dirname(__FILE__) . '/include/config.inc.php';
require_once dirname(__FILE__) . '/include/users.inc.php';
require_once dirname(__FILE__) . '/include/forms.inc.php';
require_once dirname(__FILE__) . '/include/media.inc.php';
$page['title'] = _('User profile');
$page['file'] = 'profile.php';
$page['hist_arg'] = array();
$page['scripts'] = array('class.cviewswitcher.js');
ob_start();
require_once dirname(__FILE__) . '/include/page_header.php';
if (CWebUser::$data['alias'] == ZBX_GUEST_USER) {
access_deny();
}
$themes = array_keys(Z::getThemes());
$themes[] = THEME_DEFAULT;
// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION
$fields = array('password1' => array(T_ZBX_STR, O_OPT, null, null, 'isset({update}) && isset({form}) && ({form} != "update") && isset({change_password})'), 'password2' => array(T_ZBX_STR, O_OPT, null, null, 'isset({update}) && isset({form}) && ({form} != "update") && isset({change_password})'), 'lang' => array(T_ZBX_STR, O_OPT, null, null, null), 'theme' => array(T_ZBX_STR, O_OPT, null, IN('"' . implode('","', $themes) . '"'), 'isset({update})'), 'autologin' => array(T_ZBX_INT, O_OPT, null, IN('1'), null), 'autologout' => array(T_ZBX_INT, O_OPT, null, BETWEEN(90, 10000), null, _('Auto-logout (min 90 seconds)')), 'autologout_visible' => array(T_ZBX_STR, O_OPT, null, IN('1'), null), 'url' => array(T_ZBX_STR, O_OPT, null, null, 'isset({update})'), 'refresh' => array(T_ZBX_INT, O_OPT, null, BETWEEN(0, SEC_PER_HOUR), 'isset({update})', _('Refresh (in seconds)')), 'rows_per_page' => array(T_ZBX_INT, O_OPT, null, BETWEEN(1, 999999), 'isset({update})', _('Rows per page')), 'change_password' => array(T_ZBX_STR, O_OPT, null, null, null), 'user_medias' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, null), 'user_medias_to_del' => array(T_ZBX_STR, O_OPT, null, DB_ID, null), 'new_media' => array(T_ZBX_STR, O_OPT, null, null, null), 'enable_media' => array(T_ZBX_INT, O_OPT, null, null, null), 'disable_media' => array(T_ZBX_INT, O_OPT, null, null, null), 'messages' => array(T_ZBX_STR, O_OPT, null, null, null), 'update' => array(T_ZBX_STR, O_OPT, P_SYS | P_ACT, null, null), 'cancel' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'del_user_media' => array(T_ZBX_STR, O_OPT, P_SYS | P_ACT, null, null), 'form' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'form_refresh' => array(T_ZBX_INT, O_OPT, null, null, null));
check_fields($fields);
$_REQUEST['autologin'] = getRequest('autologin', 0);
// secondary actions
if (isset($_REQUEST['new_media'])) {
$_REQUEST['user_medias'] = getRequest('user_medias', array());
array_push($_REQUEST['user_medias'], $_REQUEST['new_media']);
} elseif (isset($_REQUEST['user_medias']) && isset($_REQUEST['enable_media'])) {
if (isset($_REQUEST['user_medias'][$_REQUEST['enable_media']])) {
$_REQUEST['user_medias'][$_REQUEST['enable_media']]['active'] = 0;
}
} elseif (isset($_REQUEST['user_medias']) && isset($_REQUEST['disable_media'])) {
if (isset($_REQUEST['user_medias'][$_REQUEST['disable_media']])) {
$languageComboBox->addItem($localeId, $locale['name'], $localeId == $this->data['lang'] ? true : null, $localeExists);
$allLocalesAvailable &= $localeExists;
}
}
// restoring original locale
setlocale(LC_MONETARY, zbx_locale_variants(CWebUser::$data['lang']));
$languageError = '';
if (!function_exists('bindtextdomain')) {
$languageError = 'Translations are unavailable because the PHP gettext module is missing.';
$languageComboBox->attr('disabled', 'disabled');
} elseif (!$allLocalesAvailable) {
$languageError = _('You are not able to choose some of the languages, because locales for them are not installed on the web server.');
}
$userFormList->addRow(_('Language'), $languageError ? array($languageComboBox, SPACE, new CSpan($languageError, 'red wrap')) : $languageComboBox);
// append themes to form list
$themes = array_merge(array(THEME_DEFAULT => _('System default')), Z::getThemes());
$themeComboBox = new CComboBox('theme', $this->data['theme'], null, $themes);
$userFormList->addRow(_('Theme'), $themeComboBox);
// append auto-login & auto-logout to form list
$autologoutCheckBox = new CCheckBox('autologout_visible', isset($this->data['autologout']) ? 'yes' : 'no');
if (isset($this->data['autologout'])) {
$autologoutTextBox = new CNumericBox('autologout', $this->data['autologout'], 4);
} else {
$autologoutTextBox = new CNumericBox('autologout', 900, 4);
$autologoutTextBox->setAttribute('disabled', 'disabled');
}
if ($this->data['alias'] != ZBX_GUEST_USER) {
$userFormList->addRow(_('Auto-login'), new CCheckBox('autologin', $this->data['autologin'], null, 1));
$userFormList->addRow(_('Auto-logout (min 90 seconds)'), array($autologoutCheckBox, $autologoutTextBox));
}
$userFormList->addRow(_('Refresh (in seconds)'), new CNumericBox('refresh', $this->data['refresh'], 4));
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
**/
require_once dirname(__FILE__) . '/js/administration.general.gui.php';
$comboTheme = new CComboBox('default_theme', $this->data['config']['default_theme'], null, Z::getThemes());
$comboDdFirstEntry = new CComboBox('dropdown_first_entry', $this->data['config']['dropdown_first_entry']);
$comboDdFirstEntry->addItem(ZBX_DROPDOWN_FIRST_NONE, _('None'));
$comboDdFirstEntry->addItem(ZBX_DROPDOWN_FIRST_ALL, _('All'));
$guiTab = new CFormList('scriptsTab');
$guiTab->addRow(_('Default theme'), array($comboTheme));
$guiTab->addRow(_('Dropdown first entry'), array($comboDdFirstEntry, new CCheckBox('dropdown_first_remember', $this->data['config']['dropdown_first_remember'], null, 1), _('remember selected')));
$guiTab->addRow(_('Search/Filter elements limit'), new CNumericBox('search_limit', $this->data['config']['search_limit'], 6));
$guiTab->addRow(_('Max count of elements to show inside table cell'), new CNumericBox('max_in_table', $this->data['config']['max_in_table'], 5));
$guiTab->addRow(_('Enable event acknowledges'), new CCheckBox('event_ack_enable', $this->data['config']['event_ack_enable'], null, 1));
$guiTab->addRow(_('Show events not older than (in days)'), new CTextBox('event_expire', $this->data['config']['event_expire'], 5));
$guiTab->addRow(_('Max count of events per trigger to show'), new CTextBox('event_show_max', $this->data['config']['event_show_max'], 5));
$guiTab->addRow(_('Show warning if Zabbix server is down'), new CCheckBox('server_check_interval', $this->data['config']['server_check_interval'], null, SERVER_CHECK_INTERVAL));
$guiView = new CTabView();
$guiView->addTab('gui', _('GUI'), $guiTab);
$guiForm = new CForm();
<?php
/*
** Zabbix
** Copyright (C) 2001-2016 Zabbix SIA
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
**/
require_once dirname(__FILE__) . '/js/administration.general.gui.php';
$widget = (new CWidget())->setTitle(_('GUI'))->setControls((new CForm())->cleanItems()->addItem((new CList())->addItem(makeAdministrationGeneralMenu('adm.gui.php'))));
$guiTab = (new CFormList())->addRow(_('Default theme'), new CComboBox('default_theme', $data['default_theme'], null, Z::getThemes()))->addRow(_('Dropdown first entry'), [new CComboBox('dropdown_first_entry', $data['dropdown_first_entry'], null, [ZBX_DROPDOWN_FIRST_NONE => _('None'), ZBX_DROPDOWN_FIRST_ALL => _('All')]), (new CDiv())->addClass(ZBX_STYLE_FORM_INPUT_MARGIN), new CLabel([(new CCheckBox('dropdown_first_remember'))->setChecked($data['dropdown_first_remember'] == 1), _('remember selected')], 'dropdown_first_remember')])->addRow(_('Search/Filter elements limit'), (new CNumericBox('search_limit', $data['search_limit'], 6))->setWidth(ZBX_TEXTAREA_NUMERIC_STANDARD_WIDTH))->addRow(_('Max count of elements to show inside table cell'), (new CNumericBox('max_in_table', $data['max_in_table'], 5))->setWidth(ZBX_TEXTAREA_NUMERIC_STANDARD_WIDTH))->addRow(_('Enable event acknowledges'), (new CCheckBox('event_ack_enable'))->setChecked($data['event_ack_enable'] == 1))->addRow(_('Show events not older than (in days)'), (new CTextBox('event_expire', $data['event_expire']))->setWidth(ZBX_TEXTAREA_TINY_WIDTH))->addRow(_('Max count of events per trigger to show'), (new CTextBox('event_show_max', $data['event_show_max']))->setWidth(ZBX_TEXTAREA_TINY_WIDTH))->addRow(_('Show warning if Zabbix server is down'), (new CCheckBox('server_check_interval', SERVER_CHECK_INTERVAL))->setChecked($data['server_check_interval'] == SERVER_CHECK_INTERVAL));
$guiView = (new CTabView())->addTab('gui', _('GUI'), $guiTab)->setFooter(makeFormFooter(new CSubmit('update', _('Update'))));
$guiForm = (new CForm())->addItem($guiView);
$widget->addItem($guiForm);
return $widget;
protected function checkInput(&$users, $method)
{
$create = $method === 'create';
$update = $method === 'update';
if ($update) {
$userDBfields = array('userid' => null);
$dbUsers = $this->get(array('output' => array('userid', 'alias', 'autologin', 'autologout'), 'userids' => zbx_objectValues($users, 'userid'), 'editable' => true, 'preservekeys' => true));
} else {
$userDBfields = array('alias' => null, 'passwd' => null, 'usrgrps' => null, 'user_medias' => array());
}
$themes = array_keys(Z::getThemes());
$themes[] = THEME_DEFAULT;
$themeValidator = new CSetValidator(array('values' => $themes));
$alias = array();
foreach ($users as &$user) {
if (!check_db_fields($userDBfields, $user)) {
self::exception(ZBX_API_ERROR_PARAMETERS, _s('Wrong fields for user "%s".', $user['alias']));
}
// permissions
if ($create) {
if (self::$userData['type'] != USER_TYPE_SUPER_ADMIN) {
self::exception(ZBX_API_ERROR_PARAMETERS, _('You do not have permissions to create users.'));
}
$dbUser = $user;
} elseif ($update) {
if (!isset($dbUsers[$user['userid']])) {
self::exception(ZBX_API_ERROR_PARAMETERS, _('You do not have permissions to update user or user does not exist.'));
}
if (bccomp(self::$userData['userid'], $user['userid']) != 0 && self::$userData['type'] != USER_TYPE_SUPER_ADMIN) {
self::exception(ZBX_API_ERROR_PARAMETERS, _('You do not have permissions to update other users.'));
}
$dbUser = $dbUsers[$user['userid']];
}
// check if user alias
if (isset($user['alias'])) {
// check if we change guest user
if ($dbUser['alias'] === ZBX_GUEST_USER && $user['alias'] !== ZBX_GUEST_USER) {
self::exception(ZBX_API_ERROR_PARAMETERS, _('Cannot rename guest user.'));
}
if (!isset($alias[$user['alias']])) {
$alias[$user['alias']] = $update ? $user['userid'] : 1;
} else {
if ($create || bccomp($user['userid'], $alias[$user['alias']]) != 0) {
self::exception(ZBX_API_ERROR_PARAMETERS, _s('Duplicate user alias "%s".', $user['alias']));
}
}
if (zbx_strlen($user['alias']) > 64) {
self::exception(ZBX_API_ERROR_PARAMETERS, _n('Maximum alias length is %1$d characters, "%2$s" is %3$d character.', 'Maximum alias length is %1$d characters, "%2$s" is %3$d characters.', 64, $user['alias'], zbx_strlen($user['alias'])));
}
}
if (isset($user['usrgrps'])) {
if (empty($user['usrgrps'])) {
self::exception(ZBX_API_ERROR_PARAMETERS, _s('User "%s" cannot be without user group.', $dbUser['alias']));
}
// checking if user tries to disable himself (not allowed). No need to check this on creating a user.
if (!$create && bccomp(self::$userData['userid'], $user['userid']) == 0) {
$usrgrps = API::UserGroup()->get(array('usrgrpids' => zbx_objectValues($user['usrgrps'], 'usrgrpid'), 'output' => API_OUTPUT_EXTEND, 'preservekeys' => true, 'nopermissions' => true));
foreach ($usrgrps as $groupid => $group) {
if ($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED) {
self::exception(ZBX_API_ERROR_PARAMETERS, _s('User may not modify GUI access for himself by becoming a member of user group "%s".', $group['name']));
}
if ($group['users_status'] == GROUP_STATUS_DISABLED) {
self::exception(ZBX_API_ERROR_PARAMETERS, _s('User may not modify system status for himself by becoming a member of user group "%s".', $group['name']));
}
}
}
}
if (isset($user['theme'])) {
$themeValidator->messageInvalid = _s('Incorrect theme for user "%1$s".', $dbUser['alias']);
$this->checkValidator($user['theme'], $themeValidator);
}
if (isset($user['type']) && USER_TYPE_SUPER_ADMIN != self::$userData['type']) {
self::exception(ZBX_API_ERROR_PARAMETERS, _s('You are not allowed to alter privileges for user "%s".', $dbUser['alias']));
}
if (isset($user['autologin']) && $user['autologin'] == 1 && $dbUser['autologout'] != 0) {
$user['autologout'] = 0;
}
if (isset($user['autologout']) && $user['autologout'] > 0 && $dbUser['autologin'] != 0) {
$user['autologin'] = 0;
}
if (array_key_exists('passwd', $user)) {
if (is_null($user['passwd'])) {
unset($user['passwd']);
} else {
if ($dbUser['alias'] == ZBX_GUEST_USER && !zbx_empty($user['passwd'])) {
self::exception(ZBX_API_ERROR_PARAMETERS, _('Not allowed to set password for user "guest".'));
}
$user['passwd'] = md5($user['passwd']);
}
}
if (isset($user['alias'])) {
$nodeids = $update ? id2nodeid($user['userid']) : get_current_nodeid(false);
$userExist = $this->get(array('nodeids' => $nodeids, 'filter' => array('alias' => $user['alias']), 'nopermissions' => true));
if ($exUser = reset($userExist)) {
if ($create || bccomp($exUser['userid'], $user['userid']) != 0) {
self::exception(ZBX_API_ERROR_PARAMETERS, _s('User with alias "%s" already exists.', $user['alias']));
}
}
}
}
unset($user);
}
