/**
* Add group and "registration group" to accesspoint
*
* @author Alberto Basso
*/
function sumo_add_accesspoint_group($groups_exist = array(), $name = '', $enabled = TRUE)
{
global $SUMO;
$group_exist = is_array($groups_exist) ? '' : $groups_exist;
$groups_exist = !is_array($groups_exist) ? array($groups_exist) : $groups_exist;
$group_name = sumo_get_grouplevel(sumo_get_user_available_group($SUMO['user']['user']), TRUE);
$name = $name ? $name : 'newgroup';
$disabled = $enabled ? '' : ' disabled';
$available = FALSE;
$list = "<select name='" . $name . "'" . $disabled . ">\n" . "<option value='" . $group_exist . "'>" . $group_exist . "</option>\n";
for ($g = 0; $g < count($group_name); $g++) {
if ($group_name[$g] == 'sumo') {
$available_group = sumo_get_available_group();
//$list = "<select name='".$name."'>\n<option></option>\n";
//if(!in_array('sumo', $group_exist)) $list .= "<option value='sumo' style='color:#BB0000'>sumo</option>\n";
for ($g = 0; $g < count($available_group); $g++) {
//if(!in_array($available_group[$g], $group_exist) && $available_group[$g] != 'sumo')
if (!in_array($available_group[$g], $groups_exist)) {
$style = $available_group[$g] == 'sumo' ? " style='color:#BB0000'" : "";
$list .= "<option value='" . $available_group[$g] . "'{$style}>" . $available_group[$g] . "</option>\n";
}
}
$available = TRUE;
break;
} else {
if (!in_array($group_name[$g], $group_exist)) {
$list .= "<option value='" . $group_name[$g] . "'>" . $group_name[$g] . "</option>\n";
$available = TRUE;
}
}
}
$list .= "</select>";
if (!$available) {
$list = '';
}
return $list;
}
// Delete
if ($SUMO['user']['group_level']['sumo'] > 4 && (!sumo_verify_is_console($tab['path']) || $tab['id'] != 1)) {
$msg = sumo_get_simple_rand_string(4, "123456789");
$delete = "<div class='sub-module-icon' " . "onmouseover='this.style.outline=\"1px solid #999999\";this.style.background=\"#FFFFFF\"' " . "onmouseout='this.style.outline=\"\";this.style.background=\"\"'>" . "<a href=\"javascript:" . "sumo_show_message('msg{$msg}', '" . htmlspecialchars(sumo_get_message('AreYouSureDelete', array($tab['path'], htmlspecialchars(sumo_get_accesspoint_name($tab['name'], $_COOKIE['language']), ENT_QUOTES)))) . "', \n\t\t\t\t\t\t'h', 0, \n\t\t\t\t\t\t'" . base64_encode(sumo_get_form_req('', 'delete', 'id=' . $tab['id'])) . "',\n\t\t\t\t\t\t'" . base64_encode('') . "',\n\t\t\t\t\t\t'" . base64_encode("<input type='button' value='" . $language['Cancel'] . "' onclick='javascript:sumo_remove_window(\"msg{$msg}\");' class='button'>") . "',\n\t\t\t\t\t\t'" . base64_encode("<input type='submit' value='" . $language['Ok'] . "' onclick='javascript:sumo_remove_window(\"msg{$msg}\");' class='button'>") . "'\n\t\t\t\t);\">" . "<img src='themes/" . $SUMO['page']['theme'] . "/images/modules/accesspoints/remove.png' vspace='4'><br>" . $language['Remove'] . "</a>" . "</div>";
} else {
$delete = sumo_get_action_icon("", "remove");
}
$tpl['GET:ID'] = $tab['id'];
$tpl['GET:RegGroup'] = $tab['reg_group'];
$tpl['GET:Updated'] = sumo_get_human_date($tab['updated']);
$tpl['GET:Created'] = sumo_get_human_date($tab['created']);
$tpl['GET:UpdateForm'] = sumo_get_form_req('', 'modify', 'id=' . $tab['id']);
$tpl['GET:Created'] = sumo_get_human_date($tab['created']);
$tpl['PUT:Node'] = $tab['id'] > 1 ? sumo_put_node($tab['node']) : sumo_put_node($tab['node'], true);
$tpl['PUT:Groups'] = sumo_put_accesspoint_group($tab['id']);
$tpl['PUT:AddGroup'] = sumo_add_accesspoint_group(sumo_get_grouplevel($tab['usergroup'], true));
$tpl['PUT:AddRegGroup'] = sumo_add_accesspoint_group($tab['reg_group'], 'reg_group', $checked['reg_group']);
$tpl['PUT:Theme'] = sumo_put_themes($tab['theme']);
$tpl['PUT:Name'] = sumo_put_accesspoint_name($form_name, sumo_get_accesspoint_name($tab['name']));
$tpl['PUT:Filtering'] = "<input type='checkbox' name='filtering' " . $checked['filtering'] . ">";
$tpl['PUT:ChangePwd'] = $is_console ? "<input type='checkbox' name='change_pwd' disabled " . $checked['change_pwd'] . " />" : "<input type='checkbox' name='change_pwd' " . $checked['change_pwd'] . " />";
$tpl['PUT:Registration'] = $is_console ? "<input type='checkbox' name='registration' disabled " . $checked['registration'] . " " : "<input type='checkbox' name='registration' " . $checked['registration'] . " " . "onclick='if(document.{$form_name}.registration.checked==true){document.{$form_name}.reg_group.disabled=false;}else{document.{$form_name}.reg_group.disabled=true;}' />";
$tpl['PUT:Path'] = $tab['id'] > 1 ? "<input type='text' size='50' name='path' value='" . $tab['path'] . "' onchange='if(this.form.path.value!=\"{$path_console}\"){document.{$form_name}.filtering.disabled=false;}else{document.{$form_name}.filtering.disabled=true;}' />" : "<input type='hidden' name='path' value='" . $tab['path'] . "'><input type='text' size='50' name='path2' value='" . $tab['path'] . "' disabled>";
$tpl['PUT:HTTPAuth'] = "<input type='checkbox' name='http_auth' " . $checked['http_auth'] . " " . "onclick='if(document.{$form_name}.http_auth.checked==true && document.{$form_name}.pwd_encrypt.disabled==false){document.{$form_name}.pwd_encrypt.checked=false;}' />";
$tpl['PUT:PwdEncrypt'] = "<input type='checkbox' name='pwd_encrypt' " . $checked['pwd_encrypt'] . " " . "onclick='if(document.{$form_name}.pwd_encrypt.checked==true){document.{$form_name}.http_auth.checked=false;}' />";
$tpl['LINK:Add'] = sumo_verify_permissions(5, 'sumo') ? sumo_get_action_icon("", "add", "accesspoints.content", "?module=accesspoints&action=new&decoration=false") : sumo_get_action_icon("", "add");
$tpl['LINK:Edit'] = sumo_get_action_icon("", "edit");
$tpl['LINK:Remove'] = $delete;
$tpl['BUTTON:Back'] = "<input type='button' class='button-red' value='" . $language["Back"] . "' onclick='javascript:sumo_ajax_get(\"accesspoints\",\"?module=accesspoints&action=view&id=" . $tab['id'] . "\");'>";
// Use REQUEST method because when delete a group on AP
// the command came from a link
$_POST['group'] = sumo_get_normalized_group(implode(";", $_POST['group']), TRUE);
}
$_POST['path'] = sumo_get_normalized_accesspoint($_POST['path']);
// If new group exist add it
if ($_POST['newgroup']) {
$_POST['group'] = sumo_get_normalized_group($_POST['newgroup'] . ";" . $_POST['group'], TRUE);
}
// If registration enabled require reg_group
$reg_group = $_POST['registration'] ? 1 : 0;
$data = array(array('id', $_GET['id'], 1), array('node', $_POST['node'], 1), array('name', $_POST['name'], 1), array('path', $_POST['path'], 1), array('usergroup', $_POST['group'], 1), array('reg_group', $_POST['reg_group'], $reg_group), array('boolean', $_POST['http_auth'], 1), array('boolean', $_POST['filtering'], 1), array('boolean', $_POST['pwd_encrypt'], 1), array('boolean', $_POST['change_pwd'], 1), array('boolean', $_POST['registration'], 1), array('theme', $_POST['theme']));
$validate = sumo_validate_accesspoint_data($data, TRUE);
// verify if accesspoint already exist
//if(sumo_verify_accesspoint_exist($_POST['node'], $_POST['path'])) $validate = array(FALSE, sumo_get_message('I07002C', $_POST['path']));
// Verify submittedd groups with current user group
if ($validate[0]) {
$submitted_group = sumo_get_grouplevel($_POST['group'], TRUE);
$available_group = sumo_get_available_group();
for ($g = 0; $g < count($submitted_group); $g++) {
if (!in_array($submitted_group[$g], $available_group) && $submitted_group[$g]) {
//$validate = array(false, sumo_get_message('GroupNotAvailable', $submitted_group[$g]));
$validate[0] = true;
$warning = sumo_get_message('GroupNotAvailable', $submitted_group[$g]);
break;
}
}
}
if (!$validate[0]) {
$tpl['MESSAGE:H'] = $language['AccessPointNotUpdated'] . ": " . $validate[1];
} else {
$update = sumo_update_accesspoint_data(array('id' => $_GET['id'], 'node' => $_POST['node'], 'path' => $_POST['path'], 'name' => $_POST['name'], 'group' => $_POST['group'], 'reg_group' => $_POST['reg_group'], 'http_auth' => $_POST['http_auth'], 'filtering' => $_POST['filtering'], 'pwd_encrypt' => $_POST['pwd_encrypt'], 'change_pwd' => $_POST['change_pwd'], 'registration' => $_POST['registration'], 'theme' => $_POST['theme']));
if ($update && !$warning) {
* @package SUMO
* @category Console
*/
$tab = sumo_get_user_info($_GET['id'], 'id', false);
if (sumo_verify_permissions(4, $tab['group'], null, false) || sumo_verify_permissions(false, false, $tab['username'], false) || $SUMO['user']['id'] == $tab['owner_id']) {
$tpl['PUT:NewPassword'] = $tpl['PUT:NewPassword'] ? $tpl['PUT:NewPassword'] : '';
$tpl['PUT:ReNewPassword'] = $tpl['PUT:ReNewPassword'] ? $tpl['PUT:ReNewPassword'] : '';
// If id not exist
if (!$tab['username']) {
$tpl['MESSAGE:H'] = sumo_get_message('W00001C', $_GET['id']);
}
// get data source of user
$datasource = sumo_get_datasource_info($tab['datasource_id']);
$tpl['PUT:Status'] = "";
$tpl['PUT:GroupLevel'] = sumo_put_user_grouplevel($_GET['id']);
$tpl['PUT:AddGroupLevel'] = $tab['username'] == 'sumo' ? "<input type='hidden' name='newgroup' value='sumo:7'>" : sumo_add_user_grouplevel('ModifyUsers', sumo_get_grouplevel($tab['usergroup'], true));
$tpl['BUTTON:AddGroup'] = $tab['username'] == 'sumo' ? "" : "<input type='submit' class='button' value='" . $language['AddGroup'] . "'>";
$tpl['PUT:DataSourceType'] = ($tab['username'] == 'sumo' || $tab['username'] == $SUMO['user']['user']) && $SUMO['user']['id'] != $tab['owner_id'] ? "<input name='datasource_id' type='hidden' value='" . $datasource['id'] . "'>" . $datasource['name'] : sumo_put_datasource($datasource['id']);
$tpl['GET:LastLogin'] = sumo_get_human_date($tab['last_login']);
$tpl['GET:PwdUpdated'] = sumo_get_human_date($tab['pwd_updated']);
$tpl['GET:AccountCreated'] = sumo_get_human_date($tab['created']);
$tpl['GET:Modified'] = sumo_get_human_date($tab['modified']);
$tpl['GET:UserAccessPages'] = sumo_get_user_accesspoints($tab['id'], true);
$tpl['GET:UpdateForm'] = sumo_get_form_req('', 'modify', 'id=' . $tab['id'], 'POST', ' enctype="multipart/form-data"');
$tpl['GET:Expire'] = $tab['day_limit'] ? sumo_get_human_date($tab['day_limit'] * 86400 + $SUMO['server']['time'], false) : $language['Never'];
$tpl['GET:User'] = $tab['username'] . "<input type='hidden' name='user' value='" . $tab['username'] . "'>";
$tpl['IMG:User'] = "******" . $tab['id'] . "' alt='" . $tab['username'] . "' class='user'>";
$tpl['IMG:Language'] = "<img src='themes/" . $SUMO['page']['theme'] . "/images/flags/" . $tab['language'] . ".png' alt='" . ucwords(sumo_get_string_languages($tab['language'])) . "' class='flag' id='userflag'>";
$tpl['LINK:AddUser'] = sumo_get_action_icon("users", "new", "users.content", "?module=users&action=new&decoration=false");
$tpl['LINK:EditUser'] = sumo_get_action_icon("users", "edit");
// Verify image support for refection effects
/**
* Get info of user
* If not specify an user return current session user info
* $type specify a search method, user is default
*
* @global resource $SUMO
* @return array $user_data
* @author Alberto Basso <*****@*****.**>
*/
function sumo_get_user_info($value = FALSE, $field = 'username', $cache = TRUE)
{
global $SUMO;
$cache_time = 30;
if (!$value) {
$value = $_SESSION['user']['user'];
}
switch (strtolower($field)) {
case '':
case 'user':
$field = "username";
$value = "'" . $value . "'";
break;
case 'username':
$field = "username";
$value = "'" . $value . "'";
break;
case 'email':
$field = "email";
$value = "'" . $value . "'";
break;
case 'id':
$field = "id";
$value = intval($value);
break;
}
$query = "SELECT * FROM " . SUMO_TABLE_USERS . "\n\t\tWHERE " . $field . "=" . $value;
// ...to disable cached password when user changed it
if (isset($_SESSION['pwd_changed'])) {
if ($_SESSION['pwd_changed'] + $cache_time > time()) {
$cache = false;
} else {
$cache = true;
unset($_SESSION['pwd_changed']);
}
}
if ($cache) {
$rs = $SUMO['DB']->CacheExecute($cache_time, $query);
} else {
$rs = $SUMO['DB']->Execute($query);
}
$user_data = $rs->FetchRow();
$user_data['user'] = $user_data['username'];
$user_data['datasource_id'] = $user_data['datasource_id'] == "" ? false : $user_data['datasource_id'];
$user_data['ip'] = empty($user_data['ip']) ? array() : sumo_get_iprange($user_data['ip']);
$user_data['group_level'] = empty($user_data['usergroup']) ? array() : sumo_get_grouplevel($user_data['usergroup']);
$user_data['group'] = empty($user_data['usergroup']) ? array() : sumo_get_grouplevel($user_data['usergroup'], true);
$user_data['datasource_type'] = 'SUMO';
$user_data['datasource_name'] = 'SUMO Access Manager';
// Get authorization type (if defined)
if ($user_data['datasource_id'] != 1 && $user_data['datasource_type'] != 'Unix') {
$ds = sumo_get_datasource_info($user_data['datasource_id']);
$user_data['datasource_type'] = $ds['type'];
$user_data['datasource_enctype'] = $ds['enctype'];
$user_data['datasource_name'] = $ds['name'];
}
// Get shadow password for local Unix users
if ($user_data['datasource_type'] == 'Unix') {
$u = exec("egrep \"^{$user_data['user']}:\" /etc/shadow");
$p = explode(":", $u);
$a = explode(" ", exec("passwd -S {$user_data['user']}"));
$user_data['active'] = $a[1] == "P" ? 1 : 0;
$user_data['password'] = $p[1];
}
return $user_data;
}
$pwd_verify = 'new_password2';
break;
default:
$pwd_verify = 'new_password';
break;
}
$data = array(array('id', $_GET['id'], 1), array('username', $_POST['user'], 1), array('name', $_POST['firstname']), array('name', $_POST['lastname']), array('active', $_POST['active']), array('email', $_POST['email']), array('language', $_POST['language']), array('datasource_id', $_POST['datasource_id'], 1), array('usergroup', $_POST['group']), array('ip', $_POST['ip']), array('day_limit', $_POST['day_limit']), array($pwd_verify, array($_POST['new_password'], $_POST['renew_password'])));
$validate = sumo_validate_data($data, true);
// verify if current user is sumo to change administrator account
if ($_POST['user'] == 'sumo' && $SUMO['user']['user'] != 'sumo') {
$validate = array(false, $language['CannotModifyAccount']);
}
// Verify submittedd groups with current user group
if ($validate[0]) {
$submitted_group_level = sumo_get_grouplevel($_POST['group']);
$submitted_group = sumo_get_grouplevel($_POST['group'], true);
$available_group = sumo_get_available_group();
for ($g = 0; $g < count($submitted_group); $g++) {
if (!in_array($submitted_group[$g], $available_group) && $submitted_group[$g]) {
$validate = array(false, sumo_get_message('GroupNotAvailable', $submitted_group[$g]));
break;
}
if (!in_array('sumo', $SUMO['user']['group']) || $submitted_group[$g] == 'sumo') {
if ($SUMO['user']['group_level'][$submitted_group[$g]] < $submitted_group_level[$submitted_group[$g]] || $SUMO['user']['group_level'][$submitted_group[$g]] < $tab['group_level'][$submitted_group[$g]]) {
$submitted_group_level[$submitted_group[$g]] = $tab['group_level'][$submitted_group[$g]];
}
// User can't change his group level
if ($_GET['id'] == $SUMO['user']['id'] && $submitted_group_level[$submitted_group[$g]] != $SUMO['user']['group_level'][$submitted_group[$g]]) {
$validate = array(false, sumo_get_message('WrongLevel', $submitted_group_level[$submitted_group[$g]]));
}
}
/**
* Combo box to add group and relative level to user
*/
function sumo_add_user_grouplevel($form_name = '', $group_exist = array())
{
global $SUMO;
$groups_array = sumo_get_grouplevel(sumo_get_user_available_group($SUMO['user']['user']));
$groups_name = array_keys($groups_array);
$form_name = $form_name ? $form_name : ucfirst($_SESSION['action']) . ucfirst($_SESSION['module']);
$available = FALSE;
$script = "";
$change = "n=document.forms['{$form_name}'].group;\n" . "l=document.forms['{$form_name}'].newgroup;\n" . "gr=n.options[n.selectedIndex].value;\n" . "ls=g[gr];l.options.length=0;if(!gr)return;\n" . "for(i=0;i<ls.length;i+=2){l.options[i/2]=new Option(ls[i],ls[i+1]);}\n";
$list = "<select name='group' onchange=\"" . $change . "\">\n<option></option>\n";
for ($g = 0; $g < count($groups_name); $g++) {
// ...administrator can add all groups
if ($groups_name[$g] == 'sumo') {
$available_group = sumo_get_available_group();
// ...to display 'sumo' group on top
//if(!in_array('sumo', $group_exist))
// $list .= " <option value='sumo' style='color:#BB0000'>sumo</option>\n";
for ($g = 0; $g < count($available_group); $g++) {
// create levels
for ($l = 1; $l <= 7; $l++) {
$value[$l] = $l . ",'" . $available_group[$g] . ":" . $l . "'";
if ($available_group[$g] == 'sumo' && $SUMO['user']['group_level']['sumo'] <= $l) {
break;
}
}
$script .= "g['" . $available_group[$g] . "']=new Array(" . implode(',', $value) . ");\n";
//
if (!in_array($available_group[$g], $group_exist)) {
$list .= " <option value='" . $available_group[$g] . "'>" . $available_group[$g] . "</option>\n";
}
}
$available = TRUE;
break;
} else {
// create levels
for ($l = 1; $l <= $groups_array[$groups_name[$g]]; $l++) {
$value[$l] = $l . ",'" . $groups_name[$g] . ":" . $l . "'";
}
$script .= "g['" . $groups_name[$g] . "']=new Array(" . implode(',', $value) . ");";
//
if (!in_array($groups_name[$g], $group_exist)) {
$list .= " <option value='" . $groups_name[$g] . "'>" . $groups_name[$g] . "</option>\n";
$available = TRUE;
}
}
}
$list .= "</select> : <select name='newgroup'></select>";
$list = str_replace("onchange=\"", "onchange=\"g=new Array();" . $script, $list);
return $available ? $list : '';
}
}
$color = $tab['active'] ? 'on' : 'off';
$rowcolor = $tab['active'] ? '' : " class='row-null'";
$last_login = $tab['last_login'] ? sumo_get_human_date($tab['last_login']) : ' ';
$created = $tab['created'] ? sumo_get_human_date($tab['created']) : ' ';
$expire = $tab['day_limit'] != NULL ? sumo_get_human_date($tab['day_limit'] * 86400 + $SUMO['server']['time'], FALSE) : '';
$style = $tab['username'] == $SUMO['user']['user'] ? 'tab-row-highlight' : sumo_alternate_str('tab-row-on', 'tab-row-off');
//$style2 = ($tab['modified'] > $SUMO['server']['time'] - 10) ? " style='border-top:1px solid #FF7722;border-bottom:1px solid #FF7722'" : "";
$username = sumo_get_formatted_username($tab['firstname'], $tab['lastname']);
// Format group string to display it
$group = preg_replace("/sumo:7/", "<b><font color='#BB0000'>sumo:7</font></b>", $tab['usergroup']);
$group = preg_replace("/sumo:/", "<font color='#BB0000'>sumo</font>:", $group);
$group = str_replace(';', ', ', $group);
$group = strlen(strip_tags($group)) > 50 ? substr($group, 0, 50) . '...' : $group;
//
$usergroup = sumo_get_grouplevel($tab['usergroup'], true);
for ($g = 0; $g < count($usergroup); $g++) {
if (!in_array($usergroup[$g], $available_group)) {
$group = str_replace($usergroup[$g], '<strike>' . $usergroup[$g] . '</strike>', $group);
}
}
if ($search) {
$tab['username'] = sumo_color_match_string($field['username'][1], $tab['username']);
$tab['email'] = sumo_color_match_string($field['email'][1], $tab['email']);
$group = sumo_color_match_string($field['usergroup'][1], strip_tags($group));
$username = sumo_color_match_string(array_merge($field['firstname'][1], $field['lastname'][1]), $username);
}
$list .= "<tr" . $rowcolor . ">\n";
if ($col[6]) {
$list .= " <td class='" . $style . "'><img src='themes/" . $SUMO['page']['theme'] . "/images/modules/users/user_" . $color . ".gif' alt='•'></td>\n";
}
