// Preserve keys $network_array = Network::getAllNetworks(); foreach ($network_array as $network) { if ($network->getAuthenticator()->isRegistrationPermitted()) { $sources[$network->getId()] = $network->getName(); } } if (isset($sources)) { $smarty->assign('auth_sources', $sources); } // Pass the account_origin along, if it's set if (isset($_REQUEST["auth_source"])) { $smarty->assign('selected_auth_source', $_REQUEST["auth_source"]); } if (Server::getServer()->getUseGlobalUserAccounts()) { $default_network_param = Network::getDefaultNetwork()->getId(); $smarty->assign('SelectNetworkUI', "<input type=\"hidden\" name=\"auth_source\" value='{$default_network_param}' />"); } else { $smarty->assign('SelectNetworkUI', Network::getSelectUI('auth_source')); } // Compile HTML code $html_body = $smarty->fetch("templates/sites/lost_password.tpl"); /* * Render output */ $ui = MainUI::getObject(); $ui->addContent('left_area_middle', $html); $ui->addContent('main_area_middle', $html_body); $ui->display(); /* * Local variables:
/* * Tool content */ // Set section of Smarty template $smarty->assign('sectionTOOLCONTENT', true); $smarty->assign('sectionMAINCONTENT', false); // Compile HTML code $htmlToolContent = $smarty->fetch("templates/sites/signup.tpl"); /* * Main content */ // Use the account_origin along, if it was set (it may be set in case there was an error processing the form). if (isset($_REQUEST["auth_source"])) { $selectedNetwork = Network::getObject($_REQUEST['auth_source']); } else { $selectedNetwork = Network::getDefaultNetwork(); } if (Server::getServer()->getUseGlobalUserAccounts()) { $smarty->assign('SelectNetworkUI', "<input type=\"hidden\" name=\"auth_source\" value='" . $selectedNetwork->getId() . "' />"); } else { //Make sure to only list networks whose authenticator allows user self-signup $smarty->assign('SelectNetworkUI', Network::getSelectUI('auth_source', array('preSelectedObject' => $selectedNetwork, 'onlyNetwoksAllowingSignup' => true))); } // Set section of Smarty template $smarty->assign('sectionTOOLCONTENT', false); $smarty->assign('sectionMAINCONTENT', true); // Compile HTML code $htmlMainContent = $smarty->fetch("templates/sites/signup.tpl"); /* * Render final output */
/** * Get the current network for which the portal is displayed or to which a * user is physically connected. * * @param bool $real_network_only NOT IMPLEMENTED YET true or false. If * true, the real physical network where the * user is connected is returned, and * the node set by setCurrentNode is ignored. * * @return objetc A Network object, NEVER returns null. * * @static * @access public */ public static function getCurrentNetwork($real_network_only = false) { $retval = null; $current_node = Node::getCurrentNode(); if ($current_node != null) { $retval = $current_node->getNetwork(); } else { $retval = Network::getDefaultNetwork(); } return $retval; }
/** * Auto create an administrator user with the first authenticator available * * @return void */ function check_users_not_empty() { $db = AbstractDb::getObject(); // Extract the first account origin, assume it's the default $network = Network::getDefaultNetwork(); if (!empty($network)) { $db->execSqlUniqueRes("SELECT user_id FROM users WHERE account_origin = '{$network->getId()}' LIMIT 1", $row, false); if ($row == null) { echo "<html><head><h1>"; echo _("No user matches the default network, a new user admin/admin will be created. Change the password as soon as possible !"); echo "</html></head>"; $sql = "BEGIN;"; $sql .= "INSERT INTO users (user_id, username, pass, email, account_status, validation_token, account_origin) VALUES ('admin_original_user_delete_me', 'admin', 'ISMvKXpXpadDiUoOSoAfww==', '*****@*****.**', 1, 'df16cc4b1d0975e267f3425eaac31950', '{$default_account_origin}');"; $sql .= "INSERT INTO administrators (user_id) VALUES ('admin_original_user_delete_me');"; $sql .= "COMMIT;"; $db->execSqlUpdate($sql, $row, false); exit; } } else { echo "<html><head><h1>"; echo _("Could not get a default network!"); echo "</html></head>"; exit; } }
empty($_REQUEST['username']) ? $username = '******' : ($username = $_REQUEST['username']); empty($_REQUEST['password']) ? $password = '' : ($password = $_REQUEST['password']); empty($_REQUEST['password2']) ? $password2 = '' : ($password2 = $_REQUEST['password2']); empty($_REQUEST['email']) ? $email = $_SERVER['SERVER_ADMIN'] : ($email = $_REQUEST['email']); $conn_string = "host={$CONF_DATABASE_HOST} port={$CONF_DATABASE_PORT} dbname={$CONF_DATABASE_NAME} user={$CONF_DATABASE_USER} password={$CONF_DATABASE_PASSWORD}"; $connection = pg_connect($conn_string) or die; $sql = "SELECT * FROM users NATURAL JOIN server_stakeholders"; $result = pg_query($connection, $sql); $result_array = pg_fetch_all($result); $username_db = $result_array[0]['username']; if (empty($username_db) && $action == 'create') { //Only allow creating an adminstrator if we don't already have one. Otherwise we have a HUGE security hole. // require_once(dirname(__FILE__) . '/config.php'); require_once dirname(__FILE__) . '/include/common.php'; require_once dirname(__FILE__) . '/classes/User.php'; $created_user = User::createUser(get_guid(), $username, Network::getDefaultNetwork(), $email, $password); $user_id = $created_user->getId(); # Add user to admin table, hide his username and set his account status to 1 (allowed) $sql = "INSERT INTO server_stakeholders (user_id, role_id, object_id) VALUES ('{$user_id}', 'SERVER_OWNER', 'SERVER_ID');\n"; $sql .= "INSERT INTO network_stakeholders (user_id, role_id, object_id) VALUES ('{$user_id}', 'NETWORK_OWNER', 'default-network');\n"; $sql .= "UPDATE users SET account_status='1' WHERE user_id='{$user_id}'"; $result = pg_query($connection, $sql); } $sql = "SELECT * FROM users NATURAL JOIN server_stakeholders"; $result = pg_query($connection, $sql); $result_array = pg_fetch_all($result); $username_db = $result_array[0]['username']; if (!empty($username_db)) { #if a username exists print "<table>\n"; print "<tr><th colspan=2>Your current administrator accounts are:</th></tr>\n";
} else { $sort_by_param_sql = DEFAULT_SORT_BY_PARAM; } if (isset($_REQUEST["network_id"])) { $network_id = $_REQUEST["network_id"]; if ($network_id == "") { $network = null; } else { try { $network = Network::getObject($network_id); } catch (Exception $e) { $network = Network::getDefaultNetwork(); } } } else { $network = Network::getDefaultNetwork(); } $network_id_sql = $network === null ? "" : "AND network_id = '{$network->getId()}'"; $sql = "SELECT node_id, gw_id, name, last_heartbeat_user_agent, (CURRENT_TIMESTAMP-last_heartbeat_timestamp) AS since_last_heartbeat, last_heartbeat_ip, CASE WHEN ((CURRENT_TIMESTAMP-last_heartbeat_timestamp) < interval '5 minutes') THEN true ELSE false END AS online, creation_date, node_deployment_status, last_heartbeat_wifidog_uptime, last_heartbeat_sys_uptime FROM nodes WHERE node_deployment_status != 'PERMANENTLY_CLOSED' {$network_id_sql} ORDER BY {$sort_by_param_sql}"; $nodes_results = null; $db->execSql($sql, $nodes_results, false); //Possible to select empty networks, not an error if ($nodes_results === null) { $nodes_results = array(); } //throw new Exception(_("No nodes could not be found in the database")); $deploymentStatuses = array("DEPLOYED" => _("Deployed"), "IN_PLANNING" => _("In planning"), "IN_TESTING" => _("In testing"), "NON_WIFIDOG_NODE" => _("Non-Wifidog node"), "PERMANENTLY_CLOSED" => _("Permanently closed"), "TEMPORARILY_CLOSED" => _("Temporarily closed")); $nodes_list = array(); foreach ($nodes_results as $node_row) { $node = Node::getObject($node_row['node_id']); $node_row['duration'] = $db->GetDurationArrayFromIntervalStr($node_row['since_last_heartbeat']);
/** * Get the login interface * @param string $userData=null Array of contextual data optionally sent to the method. * The function must still function if none of it is present. * * * This method understands: * $userData['preSelectedUser'] An optional User object. * @return HTML markup */ public static function getLoginUI($userData = null) { require_once 'classes/SmartyWifidog.php'; $networkUserData = null; if (!empty($userData['preSelectedUser'])) { $selectedUser = $userData['preSelectedUser']; $networkUserData['preSelectedObject'] = $selectedUser; } else { $selectedUser = null; } $smarty = SmartyWiFiDog::getObject(); // Set network selector $network_array = Network::getAllNetworks(); $default_network = Network::getDefaultNetwork(); foreach ($network_array as $network) { if ($network->getName() == $default_network->getName()) { $default_network_param = $network->getId(); } } if (Server::getServer()->getUseGlobalUserAccounts()) { $smarty->assign('selectNetworkUI', "<input type=\"hidden\" name=\"auth_source\" value='{$default_network_param}' />"); } else { $smarty->assign('selectNetworkUI', Network::getSelectUI('auth_source', $networkUserData)); } // Set user details $smarty->assign('user_id', $selectedUser ? $selectedUser->getId() : ""); $smarty->assign('username', $selectedUser ? $selectedUser->getUsername() : ""); // Set error message $smarty->assign('error', self::$_loginLastError); // Check if one of the network allow signup $network_array = Network::getAllNetworks(); $networksAllowingSignup = null; foreach ($network_array as $network) { if ($network->getAuthenticator()->isRegistrationPermitted()) { $networksAllowingSignup[] = $network; } } //pretty_print_r($networksAllowingSignup); if (count($networksAllowingSignup) > 0) { //FIXME: This is far from ideal, it assumes that all networks use the same signup URL, or that only one network allows signup. $smarty->assign('signupUrl', $networksAllowingSignup[0]->getAuthenticator()->getSignupUrl()); } // Compile HTML code $html = self::ArrayToHiddenInput($_POST); //This must remain BEFORE the actual form. It allws repeating the request if the login attempt is causes by a session timeout or insufficient permissions. $html .= $smarty->fetch("templates/classes/Authenticator_getLoginForm.tpl"); return $html; }
/** * Process admin interface of this object. * * @return void * * @access public */ public function processAdminUI() { require_once 'classes/Stakeholder.php'; $user = User::getCurrentUser(); // Get information about the network $network = Network::getDefaultNetwork(); //pretty_print_r($_REQUEST); $permArray[] = array(Permission::P('NETWORK_PERM_EDIT_ANY_NODEGROUP_CONFIG'), Network::getDefaultNetwork()); $permArray[] = array(Permission::P('NODEGROUP_PERM_EDIT_ANY_NODEGROUP_CONFIG'), $this); $permArray[] = array(Permission::P('NODEGROUP_PERM_EDIT_NODEGROUP_CONFIG'), $this); Security::requireAnyPermission($permArray); // Check if user is a admin $_userIsAdmin = User::getCurrentUser()->DEPRECATEDisSuperAdmin(); // Information about the node $ng_id = $this->getId(); // Content processing parent::processContentAdminUI(); // Name $permArray = null; $permArray[] = array(Permission::P('NETWORK_PERM_EDIT_ANY_NODEGROUP_CONFIG'), Network::getDefaultNetwork()); $permArray[] = array(Permission::P('NODEGROUP_PERM_EDIT_NODEGROUP_CONFIG'), $this); if (Security::hasAnyPermission($permArray)) { $name = "node_group_" . $ng_id . "_name"; $this->setName($_REQUEST[$name]); } // Creation date $name = "node_group_" . $ng_id . "_creation_date"; $this->setCreationDate(DateTimeWD::processSelectDateTimeUI($name, DateTimeWD::INTERFACE_DATETIME_FIELD)->getIso8601FormattedString()); // Description $name = "node_" . $ng_id . "_description"; $this->setDescription($_REQUEST[$name]); parent::processGraphAdminUI($errMsg); if (!empty($errMsg)) { echo $errMsg; $errMsg = null; } // End Node group configuration section // Access rights Stakeholder::processAssignStakeholdersUI($this, $errMsg); if (!empty($errMsg)) { echo $errMsg; } }