echo 'selected'; } echo ">Normal User</option>\n <option value='5'"; if ($vars['new_level'] == '5') { echo 'selected'; } echo ">Global Read</option>\n <option value='10'"; if ($vars['new_level'] == '10') { echo 'selected'; } echo ">Administrator</option>\n <option value='11'"; if ($vars['new_level'] == '11') { echo 'selected'; } echo ">Demo account</option>\n </select>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>"; if (passwordscanchange($users_details['username'])) { echo "\n <div class='form-group'>\n <label for='new_pass1' class='col-sm-2 control-label'>Password</label>\n <div class='col-sm-4'>\n <input type='password' name='new_pass1' class='form-control input-sm' value='" . $vars['new_pass1'] . "'>\n </div>\n </div>\n <div class='form-group'>\n <label for='new_pass2' class='col-sm-2 control-label'>Confirm Password</label>\n <div class='col-sm-4'>\n <input type='password' name='new_pass2' class='form-control input-sm' value='" . $vars['new_pass2'] . "'>\n </div>\n </div>\n "; } echo "\n <div class='form-group'>\n <label for='dashboard' class='col-sm-2 control-label'>Dashboard</label>\n <div class='col-sm-4'><select class='form-control' name='dashboard'>"; $defdash = dbFetchCell("SELECT dashboard FROM users WHERE user_id = ?", array($vars['user_id'])); foreach (dbFetchRows("SELECT dashboards.*,users.username FROM `dashboards` INNER JOIN `users` ON users.user_id = dashboards.user_id WHERE (dashboards.access > 0 && dashboards.user_id != ?) || dashboards.user_id = ?", array($vars['user_id'], $vars['user_id'])) as $dash) { echo "<option value='" . $dash['dashboard_id'] . "'" . ($defdash == $dash['dashboard_id'] ? ' selected' : '') . ">" . $dash['username'] . ':' . $dash['dashboard_name'] . "</option>"; } echo "</select>\n </div>\n </div>\n "; echo "<div class='form-group'>\n <div class='col-sm-6'>\n <div class='checkbox'>\n <label>\n <input type='checkbox' "; if ($vars['can_modify_passwd'] == '1') { echo "checked='checked'"; } echo " name='can_modify_passwd'> Allow the user to change his password.\n </label>\n </div>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>\n <button type='submit' class='btn btn-default'>Update User</button>\n </form>"; if ($config['twofactor']) { echo "<br/><div class='well'><h3>Two-Factor Authentication</h3>";
$changepass_message = 'Password must not be blank.'; } else { if ($_POST['new_pass'] == $_POST['new_pass2']) { changepassword($_SESSION['username'], $_POST['new_pass']); $changepass_message = 'Password Changed.'; } else { $changepass_message = "Passwords don't match."; } } } else { $changepass_message = 'Incorrect password'; } } include 'includes/update-preferences-password.inc.php'; echo "<div class='well'>"; if (passwordscanchange($_SESSION['username'])) { echo '<h3>Change Password</h3>'; echo $changepass_message; echo "<form method='post' action='preferences/' class='form-horizontal' role='form'>\n <input type=hidden name='action' value='changepass'>\n <div class='form-group'>\n <label for='old_pass' class='col-sm-2 control-label'>Old Password</label>\n <div class='col-sm-4'>\n <input type=password name=old_pass autocomplete='off' class='form-control input-sm'>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>\n <div class='form-group'>\n <label for='new_pass' class='col-sm-2 control-label'>New Password</label>\n <div class='col-sm-4'>\n <input type=password name=new_pass autocomplete='off' class='form-control input-sm'>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>\n <div class='form-group'>\n <label for='new_pass2' class='col-sm-2 control-label'>New Password</label>\n <div class='col-sm-4'>\n <input type=password name=new_pass2 autocomplete='off' class='form-control input-sm'>\n </div>\n <div class='col-sm-6'>\n </div>\n </div>\n <button type='submit' class='btn btn-default'>Submit</button>\n</form>"; echo '</div>'; } //end if if ($config['twofactor'] === true) { if ($_POST['twofactorremove'] == 1) { include_once $config['install_dir'] . '/html/includes/authentication/twofactor.lib.php'; if (!isset($_POST['twofactor'])) { echo '<div class="well"><form class="form-horizontal" role="form" action="" method="post" name="twofactorform">'; echo '<input type="hidden" name="twofactorremove" value="1" />'; echo twofactor_form(false); echo '</form></div>'; } else {
if ($vars['action'] == "addifperm") { if (!dbFetchCell("SELECT COUNT(*) FROM ports_perms WHERE `port_id` = ? AND `user_id` = ?", array($vars['port_id'], $vars['user_id']))) { dbInsert(array('port_id' => $vars['port_id'], 'user_id' => $vars['user_id']), 'ports_perms'); } } if ($vars['action'] == "delbillperm") { if (dbFetchCell("SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?", array($vars['bill_id'], $vars['user_id']))) { dbDelete('bill_perms', "`bill_id` = ? AND `user_id` = ?", array($vars['bill_id'], $vars['user_id'])); } } if ($vars['action'] == "addbillperm") { if (!dbFetchCell("SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?", array($vars['bill_id'], $vars['user_id']))) { dbInsert(array('bill_id' => $vars['bill_id'], 'user_id' => $vars['user_id']), 'bill_perms'); } } if (passwordscanchange($vars['user_id'])) { echo "<div class='well'>\n <div style='font-size: 18px; font-weight: bold; margin-bottom: 5px;'>Change Password</div>\n <form method='post' action='edituser/user_id=" . $vars['user_id'] . "'>\n <input type=hidden name='action' value='changepass'>\n <input type=hidden value='" . $vars['user_id'] . "' name='user_id'>\n <table width='100%'>\n <tr><td>New Password</td><td align='right'><input type=password name=new_pass autocomplete='off'></input></td></tr>\n <tr><td>Retype Password</td><td align='right'><input type=password name=new_pass2 autocomplete='off'></input></td></tr>\n <tr><td></td><td align='right'><input type=submit class=submit></td></tr></table></form></div>"; // Change pass } echo "<table width=100%><tr><td valign=top width=33%>"; // Display devices this users has access to echo "<h3>Device Access</h3>"; $device_perms = dbFetchRows("SELECT * from devices_perms as P, devices as D WHERE `user_id` = ? AND D.device_id = P.device_id", array($vars['user_id'])); foreach ($device_perms as $device_perm) { echo "<strong>" . $device_perm['hostname'] . " <a href='edituser/action=deldevperm/user_id=" . $vars['user_id'] . "/device_id=" . $device_perm['device_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a></strong><br />"; $access_list[] = $device_perm['device_id']; $permdone = "yes"; } if (!$permdone) { echo "None Configured"; }