function settings() { global $colors, $themes; $themes["default"] = _("System Default (Global Setting)"); /* you cannot have per-user settings if cacti's user management is not turned on */ if (read_config_option("auth_method") == "0") { raise_message(6); display_output_messages(); return; } /* get user settings */ $user = api_user_info( array( "id" => $_SESSION["sess_user_id"] ) ); print "<form method='post'>\n"; html_start_box("<strong>" . _("User Settings") . "</strong>", "98%", $colors["header_background"], "3", "center", ""); ?> <tr bgcolor='<?php print $colors["header_panel_background"];?>'> <td colspan='2' class='textSubHeaderDark' style='padding: 3px;'>General</td> </tr> <?php $form_array = array( "current_theme" => array( "friendly_name" => _("Visual Theme"), "description" => _("The Cacti theme to use. Changes the look of Cacti."), "method" => "drop_array", "array" => $themes, "value" => api_user_theme($_SESSION["sess_user_id"]), "default" => "default" ) ); draw_edit_form( array( "config" => array( "no_form_tag" => true ), "fields" => $form_array ) ); html_end_box(); form_hidden_box("save_component_user","1",""); form_save_button((isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "index.php"), "save"); }
/* requery newly created user */ $user = api_user_info(array("username" => $username, "realm" => $realm)); #$user = db_fetch_row("select * from user_auth where username='******' and realm = " . $realm); } else { /* error */ auth_display_custom_error_message(sprintf(_("Template user '%s' does not exist."), read_config_option("user_template"))); log_save(sprintf(_("LOGIN: Unable to locate template user '%s'"), read_config_option("user_template")), SEV_ERROR, FACIL_AUTH); exit; } } /* Guest account checking - Not for builtin */ $guest_user = false; if (sizeof($user) < 1 && $user_auth && read_config_option("guest_user") != "0") { log_save(_("LOGIN: Authenicated user, but no cacti user record, loading guest account"), SEV_DEBUG, FACIL_AUTH); /* Locate guest user record */ $user = api_user_info(array("username" => read_config_option("guest_user"))); #$user = db_fetch_row("select * from user_auth where username='******'"); if ($user) { log_save(sprintf(_("LOGIN: Authenicated user '%s' using guest account '%s'"), $username, $user["username"]), SEV_INFO, FACIL_AUTH); $guest_user = true; } else { /* error */ auth_display_custom_error_message("Guest user \"" . read_config_option("guest_user") . "\" does not exist."); log_save(sprintf(_("LOGIN: Unable to locate guest user '%s'"), read_config_option("guest_user")), SEV_ERROR, FACIL_AUTH); exit; } } /* Process the user */ if (sizeof($user) > 0) { log_save(sprintf(_("LOGIN: User '%s' Authenticated"), $user["username"]), SEV_NOTICE, FACIL_AUTH); /* is user enabled */
function api_user_theme($user_id) { /* users must have cacti user auth turned on to use this */ if ((read_config_option("auth_method") == "0") || (!isset($user_id))) { return read_config_option("default_theme"); } if (isset($_SESSION["sess_current_theme"])) { return $_SESSION["sess_current_theme"]; }else{ $user = api_user_info( array( "id" => $user_id ) ); if ((empty($user["current_theme"])) || ($user["current_theme"] == "default")) { $user_theme = read_config_option("default_theme"); }else{ $user_theme = $user["current_theme"]; } $_SESSION["sess_current_theme"] = $user_theme; } return $user_theme; }
function user_actions() { global $colors, $user_actions, $fields_user_edit, $user_password_expire_intervals; /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); if ($_POST["drp_action"] == "3") { /* Enable Selected Users */ for ($i=0;($i<count($selected_items));$i++) { api_user_enable($selected_items[$i]); } }elseif ($_POST["drp_action"] == "4") { /* Disable Selected Users */ for ($i=0;($i<count($selected_items));$i++) { api_user_disable($selected_items[$i]); } }elseif ($_POST["drp_action"] == "1") { /* Delete User */ for ($i=0; $i<count($selected_items); $i++) { api_user_remove($selected_items[$i]); } }elseif ($_POST["drp_action"] == "2") { /* Copy User */ /* Check for new user name */ if ((!empty($_POST["user_new"])) && (!empty($_POST["user_name"]))) { if (api_user_copy($_POST["user_name"],$_POST["user_new"]) == 1) { raise_message(12); } } }elseif ($_POST["drp_action"] == "5") { /* Password Expiration */ for ($i=0; $i<count($selected_items); $i++) { api_user_expire_length_set($selected_items[$i], $_POST["expire_interval"]); } } header("Location: user_admin.php"); exit; } /* setup some variables */ $user_list = ""; $i = 0; $username = ""; /* loop through each of the users selected on the previous page and get more info about them */ while (list($var,$val) = each($_POST)) { if (ereg("^chk_([0-9]+)$", $var, $matches)) { $user = api_user_info( array( "id" => $matches[1]) ); $user_list .= "<li>" . $user["username"] . "<br>"; $username_list[$user["username"]] = $user["username"]; $user_array[$i] = $matches[1]; } $i++; } require_once(CACTI_BASE_PATH . "/include/top_header.php"); html_start_box("<strong>" . $user_actions{$_POST["drp_action"]} . "</strong>", "60%", $colors["header_panel_background"], "3", "center", ""); print "<form action='user_admin.php' method='post'>\n"; if ($_POST["drp_action"] == "3") { /* Enable Users */ print " <tr> <td colspan='2' class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'> <p>" . _("To enable the following users, press the \"yes\" button below.") . "</p> <p>$user_list</p> </td> </tr>"; }elseif ($_POST["drp_action"] == "4") { /* Disable Users */ print " <tr> <td colspan='4' class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'> <p>". _("To disable the following users, press the \"yes\" button below.") . "</p> <p>$user_list</p> </td> </tr>"; }elseif ($_POST["drp_action"] == "2") { /* copy user */ print " <tr> <td colspan='2' class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'> <p>" . _("Would you like to copy a user to a new user?") . "</p> </td> </tr>"; if (isset($user_array)) { $form_array = array( "user_name" => array( "method" => "drop_array", "friendly_name" => _("User Name"), "description" => _("Select the user name you would like to copy from."), "value" => "", "array" => $username_list ), "user_new" => array( "method" => "textbox", "friendly_name" => _("New User Name"), "description" => _("Type the user name of the new user."), "value" => "", "max_length" => "100" ) ); draw_edit_form( array( "config" => array("no_form_tag" => true), "fields" => $form_array ) ); } }elseif ($_POST["drp_action"] == "1") { /* delete */ print " <tr> <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'> <p>" . _("Are you sure you want to delete the following users?") . "</p> <p>$user_list</p> </td></tr> </td> </tr>\n "; }elseif ($_POST["drp_action"] == "5") { /* Password Expiration */ print " <tr> <td colspan='2' class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'> <p>" . _("Would you like to set Password Expiration?") . "</p> <p>$user_list</p> </td> </tr>"; $form_array = array( "expire_interval" => array( "method" => "drop_array", "friendly_name" => _("Password Expiration Interval"), "description" => _("Select the interval that you would like to apply to the selected users."), "value" => "", "array" => $user_password_expire_intervals ) ); draw_edit_form( array( "config" => array("no_form_tag" => true), "fields" => $form_array ) ); } if (!isset($user_array)) { print "<tr><td colspan='2' bgcolor='#" . $colors["form_alternate1"]. "'><span class='textError'>" . _("You must select at least one user.") . "</span></td></tr>\n"; $save_html = ""; }else{ $save_html = "<input type='image' src='" . html_get_theme_images_path("button_yes.gif") . "' alt='" . _("Save") . "' align='absmiddle'>"; } print " <tr> <td colspan='2' align='right' bgcolor='#" . $colors["buttonbar_background"] . "'> <input type='hidden' name='action' value='actions'> <input type='hidden' name='selected_items' value='" . (isset($user_array) ? serialize($user_array) : '') . "'> <input type='hidden' name='drp_action' value='" . $_POST["drp_action"] . "'> <a href='user_admin.php'><img src='" . html_get_theme_images_path("button_no.gif") . "' alt='" . _("Cancel") . "' align='absmiddle' border='0'></a> $save_html </td> </tr> "; html_end_box(); require_once(CACTI_BASE_PATH . "/include/bottom_footer.php"); }
exit; } /* Check if we are logged in, and process guest account if set, used by graph_view.php */ if (isset($guest_account) && empty($_SESSION["sess_user_id"])) { if (read_config_option("guest_user") != "0") { $user = api_user_info(array("username" => read_config_option("guest_user"), "enabled" => "1")); $guest_user_id = $user["id"]; if (!empty($guest_user_id)) { $_SESSION["sess_user_id"] = $guest_user_id; } log_save(_("AUTH: Guest access enabled, using username '") . $user["username"] . _("' as guest"), SEV_INFO, FACIL_AUTH); } } /* if we are a guest user in a non-guest area, wipe credentials and prompt for login */ if (!empty($_SESSION["sess_user_id"])) { if (!isset($guest_account) && sizeof(api_user_info(array("username" => read_config_option("guest_user")))) == $_SESSION["sess_user_id"]) { kill_session_var("sess_user_id"); } } if (empty($_SESSION["sess_user_id"])) { /* User not authenticated, prompt for login */ require_once CACTI_BASE_PATH . "/include/auth/login.php"; exit; } elseif (!empty($_SESSION["sess_user_id"])) { /* User authenticated */ /* check if password is expired */ if (api_user_expire_info($_SESSION["sess_user_id"]) == "0") { $_SESSION["sess_change_password"] = true; if (read_config_option("auth_method") == 1 || $current_user["realm"] == "0" && read_config_option("auth_method") == "3") { log_save(_("AUTH: User password expired, password change forced"), SEV_NOTICE, FACIL_AUTH); header("Location: auth_changepassword.php?ref=" . (isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "index.php"));
/** * Logs a message to the configured logging system * * This function is designed to handle logging for the cacti system. * * @param string $message the message your would like to log * @param int $severity the severity you would like to log at, check logging constants for values, Default = SEV_INFO * @param int $facility the facility you would like to log in, check logging constants for values. Default = FACIL_WEBUI * @param string $plugin the plugin generating the log message * @param int $poller_id the poller id generating the log message * @param int $host_id the poller id generating the log message * @param bool $output output messages to stdout * @return bool true */ function log_save ($message, $severity = SEV_INFO, $facility = FACIL_WEBUI, $plugin = "", $poller_id = 0, $host_id = 0, $output = false) { global $cnn_id; /* fill in the current date for printing in the log */ $logdate = date("Y-m-d H:i:s"); /* Get variables */ $log_severity = log_read_config_option("log_severity"); /* get username */ if ($severity == SEV_DEV) { $username = "******"; }else{ if (isset($_SESSION["sess_user_id"])) { $user_info = api_user_info(array("id" => $_SESSION["sess_user_id"])); $username = $user_info["username"]; }else{ $username = "******"; } } /* set the IP Address */ if (isset($_SERVER["REMOTE_ADDR"])) { $source = $_SERVER["REMOTE_ADDR"]; }else { $source = _("System"); } /* Format message for developer if SEV_DEV is allowed */ if (($severity >= $log_severity) && ($severity == SEV_DEV)) { /* get a backtrace so we can derive the current filename/line#/function */ $backtrace = debug_backtrace(); if (sizeof($backtrace) == 1) { $function_name = $backtrace[0]["function"]; $filename = $backtrace[0]["file"]; $line_number = $backtrace[0]["line"]; } else { $function_name = $backtrace[1]["function"]; $filename = $backtrace[0]["file"]; $line_number = $backtrace[0]["line"]; } $message = str_replace(CACTI_BASE_PATH, "", $filename) . ":$line_number in " . ($function_name == "" ? "main" : $function_name) . "(): $message"; } /* Log to Cacti System Log */ if ((log_read_config_option("log_dest_cacti") == "on") && (log_read_config_option("log_status") != "suspended") && ($severity >= $log_severity)) { $sql = "insert into log (logdate,facility,severity,poller_id,host_id,username,source,plugin,message) values (SYSDATE(), " . $facility . "," . $severity . "," . $poller_id . "," .$host_id . ",'" . $username . "','" . $source . "','" . $plugin . "','". sql_sanitize($message) . "');"; /* DO NOT USE db_execute, function looping can occur when in SEV_DEV mode */ $cnn_id->Execute($sql); } /* Log to System Syslog/Eventlog */ /* Syslog is currently Unstable in Win32 */ if ((log_read_config_option("log_dest_system") == "on") && ($severity >= $log_severity)) { openlog("cacti", LOG_NDELAY | LOG_PID, log_read_config_option("log_system_facility")); syslog(log_get_system_severity($severity), log_get_severity($severity) . ": " . log_get_facility($facility) . ": " . $message); closelog(); } /* Log to Syslog Server */ if ((log_read_config_option("log_dest_syslog") == "on") && ($severity >= $log_severity)) { log_save_syslog(log_read_config_option("log_syslog_server"), log_read_config_option("log_syslog_port"), log_read_config_option("log_syslog_facility"), log_get_severity_syslog($severity), log_get_severity($severity) . ": " . log_get_facility($facility) . ": " . $message); } /* print output to standard out if required, only for use in command line scripts */ if (($output == true) && ($severity >= $log_severity)) { print $logdate . " - " . log_get_severity($severity) . ": " . log_get_facility($facility) . ": " . $message . "\n"; } return true; }
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | | GNU General Public License for more details. | +-------------------------------------------------------------------------+ | Cacti: The Complete RRDTool-based Graphing Solution | +-------------------------------------------------------------------------+ | This code is designed, written, and maintained by the Cacti Group. See | | about.php and/or the AUTHORS file for specific developer information. | +-------------------------------------------------------------------------+ | http://www.cacti.net/ | +-------------------------------------------------------------------------+ */ $using_guest_account = false; $show_console_tab = true; if (read_config_option("auth_method") != "0") { /* at this point this user is good to go... get user info */ $current_user = api_user_info(array("id" => $_SESSION["sess_user_id"])); /* find out if we are logged in as a 'guest user' or not */ if (read_config_option("guest_user") != "0") { if ($current_user["username"] == read_config_option("guest_user")) { $using_guest_account = true; } } /* find out if we should show the "console" tab or not, based on this user's permissions */ $current_user_realms = api_user_realms_list($current_user["id"]); if ($current_user_realms["8"]["value"] != "1") { $show_console_tab = false; } } else { /* set permission for no auth */ $current_user["graph_settings"] = 'on'; $current_user["show_tree"] = 'on';
} /* check that force password change it set */ if (!isset($_SESSION["sess_change_password"])) { $access_denied = true; } /* default to !bad_password */ $bad_password = false; $old_password = false; /* set default action */ if (!isset($_REQUEST["action"])) { $_REQUEST["action"] = ""; } if (!$access_denied) { switch ($_REQUEST["action"]) { case 'changepassword': if (api_user_info(array("id" => $_SESSION["sess_user_id"], "password" => md5($_POST["password"])))) { $old_password = true; } else { if ($_POST["password"] == $_POST["confirm"] && $_POST["password"] != "") { /* Log password change */ log_save(_("CHANGEPASSWORD: Password change successful"), SEV_INFO, FACIL_AUTH); /* change password */ api_user_changepassword($_SESSION["sess_user_id"], $_POST["password"]); kill_session_var("sess_change_password"); /* ok, at the point the user has been successfully authenticated; so we must decide what to do next */ /* if no console permissions show graphs otherwise, pay attention to user setting */ $user_realms = api_user_realms_list($_SESSION["sess_user_id"]); if ($user_realms[$user_auth_realm_filenames["index.php"]]["value"] == "1") { switch ($user["login_opts"]) { case '1':
function change_password_form() { global $colors; $user = api_user_info( array( "id" => $_SESSION["sess_user_id"]) ); $user_realms = api_user_realms_list($_SESSION["sess_user_id"]); $form_fields = array ( "password_old" => array( "method" => "textbox_password_single", "friendly_name" => _("Current Password"), "description" => _("Enter your current password validation."), "value" => "", "max_length" => "255" ), "password_new" => array( "method" => "textbox_password", "friendly_name" => _("New Password"), "description" => _("Enter your new password twice. Remember that passwords are case sensitive!"), "value" => "", "max_length" => "255" ), ); require_once(CACTI_BASE_PATH . "/include/top_header.php"); /* check if authorized */ if ($user_realms["18"]["value"] == "1") { if ((read_config_option("auth_method") == "1") || (($current_user["realm"] == "0") && (read_config_option("auth_method") == "3"))) { /* Builtin auth method, password can be changed */ html_start_box("<strong>" . _("Change Password") . "</strong>", "98%", $colors["header_background"], "3", "center", ""); draw_edit_form(array( "config" => array("form_name" => "chk"), "fields" => inject_form_variables($form_fields, (isset($user) ? $user : array())) )); html_end_box(); form_save_button((isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "index.php"),"save"); }else{ /* Password changing not supported */ display_custom_error_message(_("Current selected Authentication Method does not support changing of passwords.")); } }else{ /* access denied */ display_custom_error_message(_("Access Denied.")); } require_once(CACTI_BASE_PATH . "/include/bottom_footer.php"); }
function api_user_copy($template_user, $new_user, $new_realm=-1) { $user_auth = db_fetch_row("select * from user_auth where username = '******'"); $user_auth['username'] = sql_sanitize($new_user); if ($new_realm != -1) { $user_auth['realm'] = sql_sanitize($new_realm); } $old_id = $user_auth['id']; $user_auth['id'] = 0; $user_auth["created"] = "now()"; $user_auth["password_change_last"] = ""; /* check that destination user doesn't already exist */ $user = api_user_info( array( "username" => $new_user, "realm" => $user_auth['realm'] ) ); if (!empty($user["id"])) { return 1; } $new_id = sql_save($user_auth, 'user_auth'); $user_auth_perms = db_fetch_assoc("select * from user_auth_perms where user_id = " . $old_id); foreach ($user_auth_perms as $row) { $row['user_id'] = $new_id; sql_save($row, 'user_auth_perms', array('user_id', 'item_id', 'type')); } $user_auth_realm = db_fetch_assoc("select * from user_auth_realm where user_id = " . $old_id); foreach ($user_auth_realm as $row) { $row['user_id'] = $new_id; sql_save($row, 'user_auth_realm', array('realm_id', 'user_id')); } $settings_graphs = db_fetch_assoc("select * from settings_graphs where user_id = " . $old_id); foreach ($settings_graphs as $row) { $row['user_id'] = $new_id; sql_save($row, 'settings_graphs', array('user_id', 'name')); } $settings_tree = db_fetch_assoc("select * from settings_tree where user_id = " . $old_id); foreach ($settings_tree as $row) { $row['user_id'] = $new_id; sql_save($row, 'settings_tree', array('user_id', 'graph_tree_item_id')); } log_save(sprintf(_("USER_ADMIN: User '%s' copied to user '%s'"), $template_user, $new_user), SEV_NOTICE, FACIL_AUTH); return 0; }