File: user_admin.php

package info (click to toggle)
cacti 0.6.7-2.2
  • links: PTS
  • area: main
  • in suites: woody
  • size: 1,000 kB
  • ctags: 1,120
  • sloc: php: 5,059; sql: 922; sh: 302; perl: 81; makefile: 56
file content (148 lines) | stat: -rw-r--r-- 7,215 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
 
<?/* 
+-------------------------------------------------------------------------+
| Copyright (C) 2002 Ian Berry                                            |
|                                                                         |
| This program is free software; you can redistribute it and/or           |
| modify it under the terms of the GNU General Public License             |
| as published by the Free Software Foundation; either version 2          |
| of the License, or (at your option) any later version.                  |
|                                                                         |
| This program is distributed in the hope that it will be useful,         |
| but WITHOUT ANY WARRANTY; without even the implied warranty of          |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
| GNU General Public License for more details.                            |
+-------------------------------------------------------------------------+
| cacti: the rrdtool frontend [php-auth, php-tree, php-form]              |
+-------------------------------------------------------------------------+
| This code is currently maintained and debugged by Ian Berry, any        |
| questions or comments regarding this code should be directed to:        |
| - iberry@raxnet.net                                                     |
+-------------------------------------------------------------------------+
| - raXnet - http://www.raxnet.net/                                       |
+-------------------------------------------------------------------------+
*/?>
<? 	header("Cache-control: no-cache");
	include ('include/database.php');
	$section = "User Administration"; include ('auth/include/auth.php');
	include_once ("include/form.php");
	include ('include/config.php');

switch ($action) { 
	case 'save':
		/* only change password when user types on */
		if (($password == "") && ($confirm == "")) {
			$password_to_save = "\"$pass\"";
		}else{
			$password_to_save = "PASSWORD(\"$password\")";
		}
		
		if ($password == $confirm){
			$res_save = mysql_query("replace into auth_users (id,fullname,username,password,
				mustchangepassword,showtree,showlist,showpreview,graphsettings,loginopts,graphpolicy) 
				values($id,\"$fullname\",\"$username\",$password_to_save,\"$mustchangepassword\",
				\"$showtree\",\"$showlist\",\"$showpreview\",\"$graphsettings\",$loginopts,$graphpolicy)",$cnn_id);
			header("Location: user_admin.php"); exit;
		}else{
			$badpass = true;
			header("Location: user_admin.php?action=edit&id=$id&badpass=true"); exit;
		}
		break;
	case 'delete':
		mysql_query("delete from auth_users where id=$id",$cnn_id);
		mysql_query("delete from auth_acl where userid=$id",$cnn_id);
		mysql_query("delete from auth_hosts where userid=$id",$cnn_id);
		mysql_query("delete from auth_graph where userid=$id",$cnn_id);
		mysql_query("delete from auth_graph_hierarchy where userid=$id",$cnn_id);
		mysql_query("delete from settings_graphs where userid=$id",$cnn_id);
		mysql_query("delete from settings_tree where userid=$id",$cnn_id);
		
		header("Location: user_admin.php"); exit;
		break;
	case 'edit':
		include_once ("include/top_header.php");
		
		if ($id != "") {
			$sql_id = mysql_query("select * from auth_users where id=$id", $cnn_id);
			$pass = mysql_result($sql_id, 0, "password");
		}
		
		DrawFormHeader("Edit User Account Form","",false);
		
		DrawFormItem("Full Name","");
		DrawFormItemTextBox("fullname",$sql_id,"","");
		
		DrawFormItem("User Name","");
		DrawFormItemTextBox("username",$sql_id,"","");
		
		if ($badpass == "true") {
			DrawFormItem("Password","<font color=\"red\">Passwords do not match! Please retype.</font>");
		}else{
			DrawFormItem("Password","");
		}
		DrawFormItemPasswordTextBox("password","","","");
		DrawFormItemPasswordTextBox("confirm","","","");
		
		DrawFormItem("Account Options","");
		DrawFormItemCheckBox("mustchangepassword",$sql_id,"User Must Change Password at Next Login","");
		DrawFormItemCheckBox("graphsettings",$sql_id,"Allow this User to Keep Custom Graph Settings","on");
		
		DrawFormItem("Graph Options","");
		DrawFormItemCheckBox("showtree",$sql_id,"User Has Rights to View Tree Mode","on");
		DrawFormItemCheckBox("showlist",$sql_id,"User Has Rights to View List Mode","on");
		DrawFormItemCheckBox("showpreview",$sql_id,"User Has Rights to View Preview Mode","on");
		
		DrawFormItem("Default Policy","The default allow/deny graph policy for this user (changing this value will clear the current graph permissions for this user).");
		DrawFormItemDropDownCustomHeader("graphpolicy");
		DrawFormItemDropDownCustomItem("graphpolicy","1","Allow",$sql_id);
		DrawFormItemDropDownCustomItem("graphpolicy","2","Deny",$sql_id);
		DrawFormItemDropDownCustomFooter();
		
		DrawFormItem("Login","What to do when this user logs in.");
		DrawFormItemRadioButton("loginopts", $sql_id, "1", "Show the page that user pointed their browser to.","1");
		DrawFormItemRadioButton("loginopts", $sql_id, "2", "Show the default console screen.","1");
		DrawFormItemRadioButton("loginopts", $sql_id, "3", "Show the default graph screen.","1");
		
		DrawFormSaveButton();
		DrawFormItemHiddenIDField("id",$id);
		DrawFormItemHiddenTextBox("pass",$pass,"");
		DrawFormFooter();
		break;
	default:
		include_once ("include/top_header.php");
		
		DrawMatrixTableBegin(false);
		
		DrawMatrixRowBegin();
			DrawMatrixHeaderTop("Current Users",$color_dark_bar,$color_panel_text,"5");
			DrawMatrixHeaderAdd($color_dark_bar,"","");
		DrawMatrixRowEnd();
		
		DrawMatrixRowBegin();
			DrawMatrixHeaderItem("User Name",$color_panel,$color_panel_text);
			DrawMatrixHeaderItem("Full Name",$color_panel,$color_panel_text);
			DrawMatrixHeaderItem("Realm Security",$color_panel,$color_panel_text);
			DrawMatrixHeaderItem("IP Security",$color_panel,$color_panel_text);
			DrawMatrixHeaderItem("Graph Permissions",$color_panel,$color_panel_text);
			DrawMatrixHeaderItem("",$color_panel,$color_panel_text);
		DrawMatrixRowEnd();
		
		$sql_id = mysql_query("select * from auth_users order by username", $cnn_id);
		$rows = mysql_num_rows($sql_id); $i = 0;
		
		while ($i < $rows) { 
			DrawMatrixRowAlternateColorBegin($color_alternate,$color_light,$i);
				DrawMatrixLoopItem($sql_id,"username",$i,html_boolean($config["vis_main_column_bold"]["value"]),"user_admin.php?action=edit&id=" . mysql_result($sql_id, $i, "id"));
				DrawMatrixLoopItem($sql_id,"fullname",$i,false,"");
				DrawMatrixLoopItem("Allowed Sections","","",false,"user_admin_permissions.php?id=" . mysql_result($sql_id, $i, "id"));
				DrawMatrixLoopItem("IP Security","","",false,"user_admin_ip.php?id=" . mysql_result($sql_id, $i, "id"));
				DrawMatrixLoopItem("Graph Permissions","","",false,"user_admin_graphs.php?id=" . mysql_result($sql_id, $i, "id"));
				DrawMatrixLoopItemAction("Remove",$color_panel,"",false,"user_admin.php?action=delete&id=" . mysql_result($sql_id, $i, "id"));
			DrawMatrixRowEnd();
			$i++;
		}
		
		DrawMatrixTableEnd();
		DrawBodyFooter(true);
		
		break;
} ?>