Exemplo n.º 1
0
/**
 *  Generate available languages list and flag
 */
function sumo_get_flags()
{
    global $SUMO;
    $languages = sumo_get_available_languages();
    $flags = "<div id='menuLanguages' class='menu'>\n";
    for ($l = 0; $l < count($languages); $l++) {
        if ($languages[$l] != $_COOKIE['language']) {
            $lang = sumo_get_string_languages($languages[$l]);
            $flags .= "<a href='?sumo_lang=" . $languages[$l] . "'>" . "<img src='" . $SUMO['page']['web_path'] . "/themes/" . $SUMO['page']['theme'] . "/images/flags/" . $languages[$l] . ".png'" . " class='flag' alt='" . ucwords($lang) . "'>&nbsp;" . ucwords($lang) . "</a>\n";
        }
    }
    $flags .= "</div>" . "<div onmouseover='dropdownmenu(this, event, \"menuLanguages\")'>" . "<img src='" . $SUMO['page']['web_path'] . "/themes/" . $SUMO['page']['theme'] . "/images/flags/" . $_COOKIE['language'] . ".png' " . "alt='" . ucwords(sumo_get_string_languages($_COOKIE['language'])) . "' " . "class='flag'>" . "</div>";
    return $flags;
}
Exemplo n.º 2
0
<?php

// Fix PNG images if client browser is Internet Explorer
$pngfix = preg_match("/Internet Explorer/i", $SUMO['client']['browser']) ? "javascript:PNGFix()" : "";
$url_req = "";
// Filter URL query string
if ($_SERVER['QUERY_STRING']) {
    $_GET = sumo_array_combine(array_keys($_GET), sumo_array_filter(array_values($_GET)));
    $get_data = array_keys($_GET);
    $url_req = "?";
    for ($k = 0; $k < count($get_data); $k++) {
        $url_req .= $get_data[$k] . "=" . $_GET[$get_data[$k]] . "&";
    }
}
$tpl_array = array("LANG:User" => $sumo_lang_core['User'], "LANG:Password" => $sumo_lang_core['Password'], "LANG:RegistrationForm" => $sumo_lang_core['RegistrationForm'], "LANG:RegistrationInfo" => $sumo_lang_core['RegistrationInfo'], "LANG:EraseAccount" => $sumo_lang_core['EraseAccount'], "LANG:EraseAccountInfo" => $sumo_lang_core['EraseAccountInfo'], "LANG:PasswordLost" => $sumo_lang_core['PasswordLost'], "LANG:PasswordLostInfo" => $sumo_lang_core['PasswordLostInfo'], "LANG:ConfirmRegistration" => $sumo_lang_core['ConfirmRegistration'], "LANG:ConfirmRegistrationInfo" => $sumo_lang_core['ConfirmRegistrationInfo'], "LANG:ConfirmEraseAccount" => $sumo_lang_core['ConfirmEraseAccount'], "LANG:ConfirmEraseAccountInfo" => $sumo_lang_core['ConfirmEraseAccountInfo'], "LANG:Email" => $sumo_lang_core['Email'], "LANG:Language" => $sumo_lang_core['Language'], "LANG:RegUser" => "<font color='red'>*</font>&nbsp;" . $sumo_lang_core['User'], "LANG:RegEmail" => "<font color='red'>*</font>&nbsp;" . $sumo_lang_core['Email'], "LANG:RegPassword" => "<font color='red'>*</font>&nbsp;" . $sumo_lang_core['Password'], "LANG:RegRepPassword" => "<font color='red'>*</font>&nbsp;" . $sumo_lang_core['RepPassword'], "LINK:Register" => sumo_get_link_registration(), "LINK:PasswordLost" => sumo_get_link_pwdlost(), "LINK:UnRegister" => sumo_get_link_registration(0), "GET:SumoVersion" => SUMO_VERSION, "GET:charset" => $SUMO['config']['server']['charset'], "GET:PagePath" => $SUMO['page']['web_path'], "GET:PageUrl" => $SUMO['page']['url'], "GET:PageTheme" => $SUMO['page']['theme'], "GET:ConfirmRegUser" => $sumo_reg_data['reg_user'], "GET:ConfirmRegEmail" => $sumo_reg_data['reg_email'], "GET:ConfirmLanguage" => $sumo_reg_data['reg_language'], "GET:PageName" => sumo_get_accesspoint_name($SUMO['page']['name'], $_COOKIE['language']), "GET:ScriptLoginFocus" => sumo_get_script_tag('login_focus.js'), "GET:ScriptRegistrationFocus" => sumo_get_script_tag('registration_focus.js'), "GET:ScriptLogin" => "<script language='javascript' type='text/javascript'>\n" . "var sumo_theme='" . $SUMO['page']['theme'] . "';\n" . "</script>\n" . sumo_get_script_tag('check_login.js') . "\n" . sumo_get_script_tag('sumo_common.js') . "\n" . sumo_get_script_tag('sumo_crypt.js') . "\n" . sumo_get_script_tag('sumo_gui.js') . "\n", "GET:ScriptResubmit" => sumo_get_script_tag('resubmit.js'), "GET:ScriptNoRightClick" => sumo_get_script_tag('no_right_click.js'), "GET:OnLoad" => "onload='" . $pngfix . "'", "GET:Note" => $sumo_lang_core["PoweredBy"] . " <b>SUMO Access Manager</b> " . SUMO_VERSION . "<br>&copy; Copyright 2003-" . date("Y") . " by <b>Basso Alberto</b><br>" . $sumo_lang_core['ProjectPage'] . " <b><a href='http://sumoam.sourceforge.net' target='_blank'>http://sumoam.sourceforge.net</a></b>", "GET:NoteShort" => $sumo_lang_core["PoweredBy"] . "<br><b><a href='http://sumoam.sourceforge.net' target='_blank'>SUMO Access Manager</a></b>", "GET:LoginForm" => "<form method='POST' name='SumoAuth' action='" . $SUMO['page']['url'] . $url_req . "' onsubmit='check(document.SumoAuth);if((error==1)||(error==2)){return false;}else{sumo_pwd.value=hex_hmac_sha1(\"" . $SUMO['connection']['security_string'] . "\",hex_sha1(sumo_pwd.value));}'>", "GET:Message" => $sumo_message, "GET:Redirect" => "<meta http-equiv='refresh' content='10; " . $SUMO['page']['url'] . "'>", "PUT:RegUser" => "<input type='text' size='16' name='reg_user' value='" . $sumo_reg_data['reg_user'] . "' />" . "<input type='hidden' name='reg_group' value='" . $SUMO['page']['group'] . "' />", "PUT:RegEmail" => "<input type='text' size='16' name='reg_email' value='" . $sumo_reg_data['reg_email'] . "' />", "PUT:RegPassword" => "<input type='password' size='16' name='reg_password' autocomplete='off' />", "PUT:RegRepPassword" => "<input type='password' size='16' name='rep_reg_password' autocomplete='off' />", "PUT:User" => "<input type='text' size='16' name='sumo_user' class='username' />", "PUT:Password" => "<input type='password' size='16' name='sumo_pwd' class='password' autocomplete='off' />", "PUT:LanguageLogin" => sumo_get_available_languages(1, 1, $_COOKIE['language'], 'sumo_lang'), "PUT:Language" => sumo_get_available_languages(1), "BUTTON:Submit" => "<input type='submit' class='button' value='" . $sumo_lang_core["Ok"] . "' />", "BUTTON:BackLogin" => "<form action='" . $SUMO['page']['url'] . "' method='POST'><input type='submit' class='button' value='" . $sumo_lang_core['Back'] . "'></form>", "BUTTON:Back" => "<input type='button' class='button' value='" . $sumo_lang_core['Back'] . "' onclick='javascript:history.go(-1);' />");
// Disable password encryption (for LDAP server)
if (!$SUMO['page']['pwd_encrypt'] && !in_array($sumo_action, array('registration', 'regconfirmed'))) {
    $tpl_array['GET:ScriptSHA1'] = "";
    $tpl_array['GET:LoginForm'] = "<form name='SumoAuth' method='POST' action='" . $SUMO['page']['url'] . $url_req . "' onsubmit='check(document.SumoAuth);if((error==1)||(error==2)){return false;}'>";
}
Exemplo n.º 3
0
     $tpl['PUT:DayLimit'] = "<input type='text' size='5' name='day_limit' value='" . $tab['day_limit'] . "' />";
     // Change status
     if ($tab['active']) {
         $tpl['PUT:Status'] = "<select name='active'>\n<option value='1'>" . $language['Enable'] . "</option>\n<option value='0'>" . $language['Disable'] . "</option>\n</select>";
     } else {
         $tpl['PUT:Status'] = "<select name='active'>\n<option value='0'>" . $language['Disable'] . "</option>\n<option value='1'>" . $language['Enable'] . "</option>\n</select>";
     }
 } else {
     $tpl['PUT:DayLimit'] = $tab['day_limit'] ? $tab['day_limit'] : $language['Unlimited'];
 }
 if ($SUMO['user']['user'] == $tab['username'] || in_array('sumo', $SUMO['user']['group']) || $SUMO['user']['id'] == $tab['owner_id']) {
     $tpl['PUT:FirstName'] = "<input type='text' size='35' name='firstname' value='" . htmlspecialchars($tab['firstname'], ENT_QUOTES) . "'>";
     $tpl['PUT:LastName'] = "<input type='text' size='35' name='lastname' value='" . htmlspecialchars($tab['lastname'], ENT_QUOTES) . "'>";
     $tpl['PUT:Email'] = "<input type='text' size='35' name='email' value='" . $tab['email'] . "'>";
     $tpl['PUT:UserImage'] = "<input type='button' onclick='javascript:window.open(\"?module=users&action=editimg&id=" . $tab['id'] . "\",\"UserImage\",\"height=230,width=300,resizable=yes,scrollbars=yes,status=0,toolbar=0,location=0\");' class='button' value='" . $language['Change'] . "'>";
     $tpl['PUT:Language'] = sumo_get_available_languages(1, 0, $tab['language']);
 } else {
     $tpl['PUT:FirstName'] = htmlspecialchars($tab['firstname'], ENT_QUOTES);
     $tpl['PUT:LastName'] = htmlspecialchars($tab['lastname'], ENT_QUOTES);
     $tpl['PUT:Language'] = ucfirst(sumo_get_string_languages($tab['language']));
     $tpl['PUT:Email'] = "<a href='mailto:" . $tab['email'] . "' title='Send e-mail'>" . $tab['email'] . "</a>";
     $tpl['PUT:UserImage'] = "";
 }
 // to change IP
 if (in_array('sumo', $SUMO['user']['group']) || $SUMO['user']['id'] == $tab['owner_id']) {
     $tpl['PUT:IP'] = "<textarea rows='2' cols='40' name='ip'>" . implode("; ", $tab['ip']) . "</textarea>";
 } else {
     $tpl['PUT:IP'] = implode("; ", $tab['ip']);
 }
 // Remove
 if ((in_array('sumo', $SUMO['user']['group']) || sumo_verify_permissions(7, $tab['group']) || $SUMO['user']['id'] == $tab['owner_id']) && $tab['username'] != 'sumo' && $tab['username'] != $SUMO['user']['user']) {
Exemplo n.º 4
0
/**
 * Validate data settings
 * See also sumo_settings_data() in libs/lib.core.php
 */
function sumo_validate_data_settings($data = array(), $message = FALSE)
{
    $elements = count($data);
    $err = FALSE;
    if ($elements > 0) {
        for ($d = 0; $d < $elements; $d++) {
            if ($data[$d][2] == 1 || $data[$d][2] == 0 && $data[$d][1]) {
                switch ($data[$d][0]) {
                    case 'date_format':
                        if (!ereg("[BdDFjlLmMnrStTwWYyz:\\./\\-]+", $data[$d][1])) {
                            $err = 'W06011C';
                        }
                        break;
                    case 'time_format':
                        if (!ereg("[aABgGhHiIOrsTU.:-]+", $data[$d][1])) {
                            $err = 'W06010C';
                        }
                        break;
                    case 'admin_name':
                        if (!preg_match('/^[a-z0-9' . SUMO_REGEXP_ALLOWED_CHARS . '\'\\/\\\\_\\-\\ ]{0,50}$/i', $data[$d][1])) {
                            $err = 'W06012C';
                        }
                        break;
                    case 'accounts.life':
                        if ($data[$d][1] < 0) {
                            $err = 'W06001C';
                        }
                        break;
                    case 'accounts.registration.life':
                        if ($data[$d][1] < 1) {
                            $err = 'W06007C';
                        }
                        break;
                        // see also sumo_validate_data_accesspoint()
                    // see also sumo_validate_data_accesspoint()
                    case 'accesspoints.name':
                        $languages = sumo_get_available_languages();
                        for ($l = 0; $l < count($languages); $l++) {
                            if (!preg_match("/^[a-z0-9\\-\\_\\.\\=\\&\\/\\\\'\\ " . SUMO_REGEXP_ALLOWED_CHARS . "]{5,128}\$/i", $data[$d][1][$languages[$l]])) {
                                $err = 'W00031C';
                            }
                        }
                        break;
                        // see also sumo_validate_data_accesspoint()
                    // see also sumo_validate_data_accesspoint()
                    case 'accesspoints.group':
                        if (!sumo_validate_group($data[$d][1], FALSE)) {
                            $err = 'W07002C';
                        }
                        break;
                        // see also sumo_validate_data_accesspoint()
                    // see also sumo_validate_data_accesspoint()
                    case 'accesspoints.theme':
                        if (!in_array($data[$d][1], sumo_get_available_themes())) {
                            $err = 'W00033C';
                        }
                        break;
                    case 'security.banned_time':
                        if ($data[$d][1] < 5) {
                            $err = 'W06002C';
                        }
                        break;
                    case 'security.max_login_attempts':
                        if ($data[$d][1] < 3) {
                            $err = 'W06004C';
                        }
                        break;
                    case 'connections.timeout':
                        if ($data[$d][1] < 10) {
                            $err = 'W06005C';
                        }
                        break;
                    case 'sessions.timeout':
                        if ($data[$d][1] < 60) {
                            $err = 'W06006C';
                        }
                        break;
                    case 'database.optimize_hits':
                        if ($data[$d][1] < 100) {
                            $err = 'W06008C';
                        }
                        break;
                    case 'logs.life':
                        if ($data[$d][1] < 0) {
                            $err = 'W06003C';
                        }
                        break;
                    case 'logs.file.size':
                        if ($data[$d][1] < 32) {
                            $err = 'W06005C';
                        }
                        break;
                    case 'language':
                        if (!in_array($data[$d][1], sumo_get_available_languages())) {
                            $err = 'W00021C';
                        }
                        break;
                    case 'email':
                        if (!sumo_validate_email($data[$d][1])) {
                            $err = 'W00007C';
                        }
                        break;
                    case 'boolean':
                        if ($data[$d][1] != 0 && $data[$d][1] != 1) {
                            $err = 'W00032C';
                        }
                        break;
                    default:
                        $err = 'W00019C';
                        break;
                }
                if ($err) {
                    break;
                }
            }
        }
        if ($message) {
            if (!$err) {
                return array(TRUE, '');
            } else {
                return array(FALSE, sumo_get_message($err) . "<br>[expect:" . $data[$d][0] . "]");
            }
        } else {
            if (!$err) {
                return TRUE;
            } else {
                return FALSE;
            }
        }
    } else {
        return FALSE;
    }
}
Exemplo n.º 5
0
<?php

/**
 * SUMO: Load required core language file 
 *
 * @version    0.3.5
 * @link       http://sumoam.sourceforge.net SUMO Access Manager
 * @author     Alberto Basso <*****@*****.**>
 * @copyright  Copyright &copy; 2003-2009, Alberto Basso
 * @license    http://opensource.org/licenses/gpl-license.php GNU Public License
 * @package    SUMO
 * @category   Core
 */
if (!empty($_REQUEST['sumo_lang']) || !$_COOKIE['language']) {
    $available_lang = sumo_get_available_languages();
    // try to detect browser language...
    $detected_lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
    $default_lang = in_array($detected_lang, $available_lang) ? $detected_lang : $SUMO['config']['server']['language'];
    $language = in_array($_REQUEST['sumo_lang'], $available_lang) ? $_REQUEST['sumo_lang'] : $default_lang;
    setcookie('language', $language, $SUMO['server']['time'] + 5184000);
    // 60gg
    // ...because cookie need time to write ;)
    $_COOKIE['language'] = $language;
}
// Load core language file
$lang_core = SUMO_PATH . "/languages/" . $SUMO['config']['server']['language'] . "/lang.core.php";
$lang_login = SUMO_PATH . "/languages/" . $_COOKIE['language'] . "/lang.login.php";
if (sumo_verify_file($lang_core)) {
    require $lang_core;
}
if (sumo_verify_file($lang_login)) {
Exemplo n.º 6
0
/**
 * Validate data
 *
 * See  sumo_validate_data_<module name> for specific validation
 * into library module
 *
 * @author Alberto Basso <*****@*****.**>
 */
function sumo_validate_data($data = array(), $message = FALSE)
{
    $elements = count($data);
    $err = FALSE;
    if ($elements > 0) {
        for ($d = 0; $d < $elements; $d++) {
            if ($data[$d][2] || !$data[$d][2] && $data[$d][1]) {
                switch ($data[$d][0]) {
                    // the "user" can be also an e-mail address
                    case 'username':
                        if (!preg_match('/^[a-z0-9' . SUMO_REGEXP_ALLOWED_CHARS . ']{3,100}$/i', $data[$d][1]) && !sumo_validate_email($data[$d][1])) {
                            $err = 'W00006C';
                        }
                        break;
                    case 'name':
                        if (!preg_match("/^[a-z" . SUMO_REGEXP_ALLOWED_CHARS . "\\&\\;\\\\'\\ ]{1,49}\$/i", $data[$d][1])) {
                            $err = 'W00022C';
                        }
                        break;
                    case 'password':
                        if (!preg_match('/^[\\.a-z0-9]{40}$/i', $data[$d][1])) {
                            $err = 'W00011C';
                        }
                        // for sha1 string
                        break;
                    case 'email':
                        if (!sumo_validate_email($data[$d][1])) {
                            $err = 'W00007C';
                        }
                        break;
                    case 'active':
                        if (!preg_match('/^[0-1]{1}$/', $data[$d][1])) {
                            $err = 'W00018C';
                        }
                        break;
                    case 'ip':
                        $ip = sumo_get_iprange($data[$d][1]);
                        for ($i = 0; $i < count($ip); $i++) {
                            if (!sumo_validate_ip($ip[$i])) {
                                $err = 'W00016C';
                            }
                            break;
                        }
                        break;
                    case 'usergroup':
                        if (!sumo_validate_group($data[$d][1])) {
                            $err = 'W00017C';
                        }
                        break;
                    case 'datasource_id':
                        $ds = sumo_get_datasource_info($data[$d][1], false);
                        if (empty($ds)) {
                            $err = 'W00023C';
                        }
                        break;
                    case 'hostname':
                        if (!preg_match('/[a-z0-9\\.\\_\\-]{3,255}$/i', $data[$d][1])) {
                            $err = 'W00025C';
                        }
                        break;
                    case 'port':
                        if ($data[$d][1] < 1 || $data[$d][1] > 65535) {
                            $err = 'W00026C';
                        }
                        break;
                    case 'ldap_base':
                        if (!preg_match('/^[a-z0-9\\.\\,\\:\\;\\_\\-\\=\\\\/\\+\\*\\ ' . SUMO_REGEXP_ALLOWED_CHARS . ']{4,255}$/i', $data[$d][1])) {
                            $err = 'W00027C';
                        }
                        break;
                    case 'new_password':
                        if (!sumo_validate_data(array(array('password', $data[$d][1][0])))) {
                            $err = 'W00011C';
                        }
                        if ($data[$d][1][0] != $data[$d][1][1]) {
                            $err = 'W00024C';
                        }
                        break;
                        // Joomla
                    // Joomla
                    case 'new_password2':
                        if ($data[$d][1][0] != $data[$d][1][1]) {
                            $err = 'W00024C';
                        }
                        break;
                    case 'day_limit':
                        if (!preg_match('/^[0-9]{1,4}$/', $data[$d][1])) {
                            $err = 'W00020C';
                        }
                        break;
                    case 'language':
                        if (!in_array($data[$d][1], sumo_get_available_languages())) {
                            $err = 'W00021C';
                        }
                        break;
                    case 'id':
                        // INT = 256^4-1
                        if ($data[$d][1] < 1 || $data[$d][1] > 4294967296) {
                            $err = 'W00029C';
                        }
                        break;
                    default:
                        $err = 'W00019C';
                        break;
                }
                if ($err) {
                    break;
                }
            }
        }
        if ($message) {
            return !$err ? array(TRUE, '') : array(FALSE, sumo_get_message($err));
        } else {
            return !$err ? TRUE : FALSE;
        }
    } else {
        return FALSE;
    }
}
Exemplo n.º 7
0
/**
 * SUMO MODULE: Settings | Edit
 * 
 * @version    0.5.0
 * @link       http://sumoam.sourceforge.net SUMO Access Manager
 * @author     Alberto Basso <*****@*****.**>
 * @copyright  Copyright &copy; 2003-2009, Alberto Basso
 * @package    SUMO
 * @category   Console
 */
$tab = sumo_get_user_info($_GET['id'], 'id', FALSE);
$conf = sumo_get_config('server', FALSE);
$conf = $conf['config'];
$tpl['GET:UpdateForm'] = sumo_get_form_req('', 'modify');
// Generic
$tpl['PUT:server.language'] = sumo_get_available_languages(1, 0, $conf['server']['language'], 'config[server][language]');
$tpl['IMG:server.language'] = "<img src='themes/" . $SUMO['page']['theme'] . "/images/flags/" . $conf['server']['language'] . ".png' alt='" . ucwords($conf['server']['language']) . "' class='flag'>";
$tpl['PUT:server.date_format'] = "<input type='text' size='5' name='config[server][date_format]' value='" . $conf['server']['date_format'] . "'>";
$tpl['PUT:server.time_format'] = "<input type='text' size='5' name='config[server][time_format]' value='" . $conf['server']['time_format'] . "'>";
$tpl['PUT:server.admin.name'] = "<input type='text' size='30' name='config[server][admin][name]' value='" . $conf['server']['admin']['name'] . "'>";
$tpl['PUT:server.admin.email'] = "<input type='text' size='30' name='config[server][admin][email]' value='" . $conf['server']['admin']['email'] . "'>";
$tpl['PUT:iptocountry.enabled'] = $conf['iptocountry']['enabled'] ? "<input type='checkbox' name='config[iptocountry][enabled]' checked='checked'>" : "<input type='checkbox' name='config[iptocountry][enabled]'>";
$tpl['GET:iptocountry.updater'] = "<a href='services.php?service=updater&cmd=UPDATE_IP2C' target='_new'>" . $language['iptocountry.updater'] . "</a>";
// Console
$tpl['PUT:console.tip'] = $conf['console']['tip'] ? "<input type='checkbox' name='config[console][tip]' checked='checked'>" : "<input type='checkbox' name='config[console][tip]'>";
// Security
$tpl['PUT:security.max_login_attempts'] = "<input type='text' size='5' name='config[security][max_login_attempts]' value='" . $conf['security']['max_login_attempts'] . "'>";
$tpl['PUT:security.banned_time'] = "<input type='text' size='5' name='config[security][banned_time]' value='" . $conf['security']['banned_time'] . "'>";
$tpl['PUT:security.access_violations'] = $conf['security']['access_violations'] ? "<input type='checkbox' name='config[security][access_violations]' checked='checked'>" : "<input type='checkbox' name='config[security][access_violations]'>";
// Accesspoints
$tpl['PUT:accesspoints.stats.enabled'] = $conf['accesspoints']['stats']['enabled'] ? "<input type='checkbox' name='config[accesspoints][stats][enabled]' checked='checked'>" : "<input type='checkbox' name='config[accesspoints][stats][enabled]'>";
Exemplo n.º 8
0
 * @author     Alberto Basso <*****@*****.**>
 * @copyright  Copyright &copy; 2003-2009, Alberto Basso
 * @package    SUMO
 * @category   Console
 */
if (sumo_verify_permissions(5, $SUMO['user']['group'])) {
    $tpl['PUT:User'] = "******" . $_POST['user'] . "'>";
    $tpl['PUT:FirstName'] = "<input type='text' size='35' name='firstname' value='" . htmlspecialchars($_POST['firstname'], ENT_QUOTES) . "'>";
    $tpl['PUT:LastName'] = "<input type='text' size='35' name='lastname' value='" . htmlspecialchars($_POST['lastname'], ENT_QUOTES) . "'>";
    $tpl['PUT:Email'] = "<input type='text' size='35' name='email' value='" . $_POST['email'] . "'>";
    $tpl['PUT:DayLimit'] = "<input type='text' size='3' name='day_limit' value='" . $SUMO['config']['accounts']['life'] . "'>";
    $tpl['PUT:NewPassword'] = "******";
    $tpl['PUT:ReNewPassword'] = "******";
    $tpl['PUT:IP'] = "<textarea rows='2' cols='40' name='ip'>" . $_POST['ip'] . "</textarea>";
    $tpl['PUT:AddGroupLevel'] = sumo_add_user_grouplevel('AddUsers');
    $tpl['PUT:Language'] = sumo_get_available_languages(1, 0, $_COOKIE['language']);
    $tpl['PUT:DataSourceType'] = sumo_put_datasource();
    $tpl['GET:AddForm'] = sumo_get_form_req('', 'add', '', 'POST', 'onsubmit=\'if(document.AddUsers.new_password.value!=""){document.AddUsers.new_password.value=hex_sha1(document.AddUsers.new_password.value);' . 'document.AddUsers.renew_password.value=hex_sha1(document.AddUsers.renew_password.value);}\'');
    // Status
    $tpl['GET:Status'] = "<font class='status-green'>" . $language['Active'] . "</font>";
    $tpl['IMG:Status'] = "<img src='themes/" . $SUMO['page']['theme'] . "/images/modules/users/user_on.gif' align='middle'>";
    $tpl['PUT:Status'] = "<select name='active'>\n<option value='1'>" . $language['Enable'] . "</option>\n<option value='0'>" . $language['Disable'] . "</option>\n</select>";
    // Pwd expiration date
    if ($SUMO['config']['accounts']['password']['life'] > 0) {
        $tpl['GET:PwdExpiration'] = sumo_get_human_date($SUMO['server']['time'] + $SUMO['config']['accounts']['password']['life'] * 86400);
    }
    $tpl['LINK:AddUser'] = sumo_get_action_icon("users", "new");
    $tpl['LINK:EditUser'] = sumo_get_action_icon("users", "edit");
    $tpl['LINK:Remove'] = sumo_get_action_icon("users", "delete");
} else {
    $action_error = true;
Exemplo n.º 9
0
/**
 * Update accesspoint data
 */
function sumo_update_accesspoint_data($data = array())
{
    if (!empty($data)) {
        global $SUMO;
        $id = intval($data['id']);
        $node = $data['node'] ? intval($data['node']) : "NULL";
        $path = $data['path'];
        $group = $data['group'];
        $reg_group = $data['reg_group'];
        $theme = $data['theme'];
        $http_auth = $data['http_auth'] == 'on' || $data['http_auth'] == 1 ? 1 : 0;
        $filtering = $data['filtering'] == 'on' || $data['filtering'] == 1 ? 1 : 0;
        $pwd_encrypt = $data['pwd_encrypt'] == 'on' || $data['pwd_encrypt'] == 1 ? 1 : 0;
        $change_pwd = $data['change_pwd'] == 'on' || $data['change_pwd'] == 1 ? 1 : 0;
        $registration = $data['registration'] == 'on' || $data['registration'] == 1 ? 1 : 0;
        // AP names
        $languages = sumo_get_available_languages();
        $names = "";
        for ($l = 0; $l < count($languages); $l++) {
            $names[$l] = $languages[$l] . ":" . $data['name'][$languages[$l]];
        }
        $name = implode(";", $names);
        $filtering = sumo_verify_is_console($path) ? 1 : $filtering;
        /**
         * Kill all sessions at path where pwd_encrypt 
         * or http_auth it has been changed
         */
        $accesspoint = sumo_get_accesspoint_info($id, 'id', FALSE);
        $nodeinfo = sumo_get_node_info($node);
        if ($accesspoint['pwd_encrypt'] != $pwd_encrypt || $accesspoint['http_auth'] != $http_auth) {
            $query = "DELETE FROM " . SUMO_TABLE_SESSIONS . " \r\n\t\t\t\t\t  WHERE node='" . $nodeinfo['ip'] . "' AND url LIKE '%" . $path . "'";
            $SUMO['DB']->Execute($query);
        }
        // Delete cached data
        #if($path) $SUMO['DB']->CacheFlush("SELECT * FROM ".SUMO_TABLE_ACCESSPOINTS."
        #								   WHERE path='".$path."'");
        if ($node >= 1) {
            $record['node'] = "node=" . $node;
        }
        if ($path) {
            $record['path'] = "path='" . $path . "'";
        }
        if ($name) {
            $record['name'] = "name='" . $name . "'";
        }
        if ($group) {
            $record['group'] = "usergroup='" . sumo_get_ordered_groups($group) . "'";
        }
        if ($reg_group) {
            $record['reg_group'] = "reg_group='" . $reg_group . "'";
        }
        if ($theme) {
            $record['theme'] = "theme='" . $theme . "'";
        }
        $record['http_auth'] = "http_auth=" . $http_auth;
        $record['filtering'] = "filtering=" . $filtering;
        $record['pwd_encrypt'] = "pwd_encrypt=" . $pwd_encrypt;
        $record['change_pwd'] = "change_pwd=" . $change_pwd;
        $record['registration'] = "registration=" . $registration;
        $record['updated'] = "updated=" . $SUMO['server']['time'];
        // Create fields for query
        $new_record = array_values($record);
        for ($r = 0; $r < count($new_record); $r++) {
            if ($new_record[$r]) {
                $records[$r] = $new_record[$r];
            }
        }
        $update = implode(', ', $records);
        $select = implode(' AND ', $records);
        // create query
        $query = "UPDATE " . SUMO_TABLE_ACCESSPOINTS . " \r\n\t\t\t\t  SET " . $update . " \r\n\t\t\t\t  WHERE id=" . $id;
        $SUMO['DB']->CacheFlush();
        $SUMO['DB']->Execute($query);
        // verify query success
        $query = "SELECT COUNT(id) FROM " . SUMO_TABLE_ACCESSPOINTS . " \r\n\t\t\t\t  WHERE id=" . $id . " \r\n\t\t\t\t  AND " . $select;
        $rs = $SUMO['DB']->Execute($query);
        $tab = $rs->FetchRow();
        // if updated:
        if ($tab[0] == 1) {
            if ($nodeinfo['ip'] == '') {
                $nodeinfo['ip'] = 'UNDEFINED';
            }
            $apname = sumo_get_accesspoint_name($name, $SUMO['config']['server']['language']);
            sumo_write_log('I07000X', array($id, $apname, $nodeinfo['ip'], $SUMO['user']['user']), 3, 3, 'system', FALSE);
            return TRUE;
        } else {
            return FALSE;
        }
    }
}