echo ' 已选 ';
        }
        #echo(" onchange=\"location.href='edituser/user_id=' + this.options[this.selectedIndex].value + '/';\" ");
        echo ">" . escape_html($user_entry['username']) . "</option>";
    }
    echo '</select>
      </li>
    </ul>';
    if ($vars['user_id']) {
        // Load the user's information
        $user_data = dbFetchRow("SELECT * FROM users WHERE user_id = ?", array($vars['user_id']));
        // Become the selected user. Dirty.
        // FIXME this functionality is currently BROKEN. Commented out the link until we handle this better.
        // echo("<li><a href='edituser/action=becomeuser/user_id=".$vars['user_id']."/'>成为用户</a></li>");
        // Delete the selected user.
        if (auth_usermanagement() && $vars['user_id'] !== $_SESSION['user_id']) {
            echo '<ul class="nav pull-right">';
            echo '<li><a href="' . generate_url(array('page' => 'edituser', 'action' => 'deleteuser', 'user_id' => $vars['user_id'])) . '"><i class="oicon-cross-button"></i> 删除用户</a></li>';
            echo '</ul>';
        }
    }
    ?>

    </div>
  </div>
</div>
</form>

<?php 
    if ($vars['user_id']) {
        if ($vars['action'] == "deleteuser") {
Exemplo n.º 2
0
        </form>
      </div>
      <div class="col-md-3">
      </div>
    </div>
<?php 
} elseif ($stage == "4") {
    $proceed = 1;
    ?>
    <div class="row">
      <div class="col-md-3">
      </div>
      <div class="col-md-6">
<?php 
    require 'includes/authenticate.inc.php';
    if (auth_usermanagement()) {
        if (!user_exists($add_user)) {
            if (adduser($add_user, $add_pass, '10', $add_email)) {
                echo "<div class='alert alert-success'>User has been added successfully</div>";
                $proceed = 0;
            } else {
                echo "<div class='alert alert-danger'>User hasn't been added, please try again</div>";
            }
        } else {
            echo "<div class='alert alert-danger'>User {$add_user} already exists!</div>";
        }
    } else {
        echo "<div class='alert alert-danger'>Auth module isn't loaded</div>";
    }
    ?>
        <form class="form-horizontal" role="form" method="post">
Exemplo n.º 3
0
 // Check for allowed by CIDR range
 if (!$auth_allow_cidr) {
     $_SESSION['auth_message'] = 'Remote IP not allowed in CIDR ranges';
     session_logout(FALSE, 'Remote IP not allowed in CIDR ranges');
     header('Location: ' . $config['base_url']);
     exit;
 }
 // Auth from COOKIEs
 if ($_SESSION['cookie_auth']) {
     $_SESSION['authenticated'] = TRUE;
     $auth_success = TRUE;
     dbUpdate(array('expire' => $cookie_expire), 'users_ckeys', '`user_ckey_id` = ?', array($_SESSION['user_ckey_id']));
     unset($_SESSION['user_ckey_id'], $_SESSION['cookie_auth']);
 }
 // Auth from ...
 if (!$_SESSION['authenticated'] && (authenticate($_SESSION['username'], $auth_password) || auth_usermanagement() && auth_user_level($_SESSION['origusername']) >= 10)) {
     // If we get here, it means the password for the user was correct (authenticate() called)
     // Store encrypted password
     session_encrypt_password($auth_password, $user_unique_id);
     // If userlevel == 0 - user disabled and can not log in
     if (auth_user_level($_SESSION['username']) < 1) {
         $_SESSION['auth_message'] = 'User login disabled';
         session_logout(FALSE, 'User disabled');
         header('Location: ' . $config['base_url']);
         exit;
     }
     $_SESSION['authenticated'] = TRUE;
     $auth_success = TRUE;
     dbInsert(array('user' => $_SESSION['username'], 'address' => $_SERVER['REMOTE_ADDR'], 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'result' => 'Logged In'), 'authlog');
     // Generate keys for cookie auth
     if (isset($_POST['remember']) && $mcrypt_exists) {