You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

edit_user.php 7.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172
  1. <?php
  2. /* Poweradmin, a friendly web-based admin tool for PowerDNS.
  3. * See <http://www.poweradmin.org> for more details.
  4. *
  5. * Copyright 2007-2010 Rejo Zenger <rejo@zenger.nl>
  6. * Copyright 2010-2017 Poweradmin Development Team
  7. * <http://www.poweradmin.org/credits.html>
  8. *
  9. * This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. */
  22. /**
  23. * Script that handles user editing requests
  24. *
  25. * @package Poweradmin
  26. * @copyright 2007-2010 Rejo Zenger <rejo@zenger.nl>
  27. * @copyright 2010-2017 Poweradmin Development Team
  28. * @license http://opensource.org/licenses/GPL-3.0 GPL
  29. */
  30. require_once("inc/toolkit.inc.php");
  31. include_once("inc/header.inc.php");
  32. $edit_id = "-1";
  33. if (isset($_GET['id']) && v_num($_GET['id'])) {
  34. $edit_id = $_GET['id'];
  35. }
  36. do_hook('verify_permission' , 'user_edit_own' ) ? $perm_edit_own = "1" : $perm_edit_own = "0";
  37. do_hook('verify_permission' , 'user_edit_others' ) ? $perm_edit_others = "1" : $perm_edit_others = "0";
  38. if ($edit_id == "-1") {
  39. error(ERR_INV_INPUT);
  40. } elseif (($edit_id == $_SESSION["userid"] && $perm_edit_own == "1") || ($edit_id != $_SESSION["userid"] && $perm_edit_others == "1" )) {
  41. if (isset($_POST["commit"])) {
  42. $i_username = "-1";
  43. $i_fullname = "-1";
  44. $i_email = "-1";
  45. $i_description = "-1";
  46. $i_password = "-1";
  47. $i_perm_templ = "0";
  48. $i_active = "0";
  49. if (isset($_POST['username'])) {
  50. $i_username = $_POST['username'];
  51. }
  52. if (isset($_POST['fullname'])) {
  53. $i_fullname = $_POST['fullname'];
  54. }
  55. if (isset($_POST['email'])) {
  56. $i_email = $_POST['email'];
  57. }
  58. if (isset($_POST['description'])) {
  59. $i_description = $_POST['description'];
  60. }
  61. if (isset($_POST['password'])) {
  62. $i_password = $_POST['password'];
  63. }
  64. if (isset($_POST['perm_templ']) && v_num($_POST['perm_templ'])) {
  65. $i_perm_templ = $_POST['perm_templ'];
  66. }
  67. if (isset($_POST['active']) && v_num($_POST['active'])) {
  68. $i_active = $_POST['active'];
  69. }
  70. if ($i_username == "-1" || $i_fullname == "-1" || $i_email < "1" || $i_description == "-1" || $i_password == "-1") {
  71. error(ERR_INV_INPUT);
  72. } else {
  73. if ($i_username != "" && $i_perm_templ > "0" && $i_fullname) {
  74. if (!isset($i_active)) {
  75. $active = 0;
  76. } else {
  77. $active = 1;
  78. }
  79. if (do_hook('edit_user' , $edit_id, $i_username, $i_fullname, $i_email, $i_perm_templ, $i_description, $active, $i_password )) {
  80. success(SUC_USER_UPD);
  81. }
  82. }
  83. }
  84. }
  85. $users = do_hook('get_user_detail_list' , $edit_id );
  86. foreach ($users as $user) {
  87. (($user['active']) == "1") ? $check = " CHECKED" : $check = "";
  88. echo " <h2>" . _('Edit user') . " \"" . $user['fullname'] . "\"</h2>\n";
  89. echo " <form method=\"post\" action=\"\">\n";
  90. echo " <input type=\"hidden\" name=\"number\" value=\"" . $edit_id . "\">\n";
  91. echo " <table>\n";
  92. echo " <tr>\n";
  93. echo " <td class=\"n\">" . _('Username') . "</td>\n";
  94. echo " <td class=\"n\"><input type=\"text\" class=\"input\" name=\"username\" value=\"" . $user['username'] . "\"></td>\n";
  95. echo " </tr>\n";
  96. echo " <tr>\n";
  97. echo " <td class=\"n\">" . _('Fullname') . "</td>\n";
  98. echo " <td class=\"n\"><input type=\"text\" class=\"input\" name=\"fullname\" value=\"" . $user['fullname'] . "\"></td>\n";
  99. echo " </tr>\n";
  100. echo " <tr>\n";
  101. echo " <td class=\"n\">" . _('Password') . "</td>\n";
  102. echo " <td class=\"n\"><input type=\"password\" class=\"input\" name=\"password\"></td>\n";
  103. echo " </tr>\n";
  104. echo " <tr>\n";
  105. echo " <td class=\"n\">" . _('Email address') . "</td>\n";
  106. echo " <td class=\"n\"><input type=\"text\" class=\"input\" name=\"email\" value=\"" . $user['email'] . "\"></td>\n";
  107. echo " </tr>\n";
  108. if (do_hook('verify_permission' , 'user_edit_templ_perm' )) {
  109. echo " <tr>\n";
  110. echo " <td class=\"n\">" . _('Permission template') . "</td>\n";
  111. echo " <td class=\"n\">\n";
  112. echo " <select name=\"perm_templ\">\n";
  113. foreach (do_hook('list_permission_templates' ) as $template) {
  114. ($template['id'] == $user['tpl_id']) ? $select = " SELECTED" : $select = "";
  115. echo " <option value=\"" . $template['id'] . "\"" . $select . ">" . $template['name'] . "</option>\n";
  116. }
  117. echo " </select>\n";
  118. echo " </td>\n";
  119. }
  120. echo " </tr>\n";
  121. echo " <tr>\n";
  122. echo " <td class=\"n\">" . _('Description') . "</td>\n";
  123. echo " <td class=\"n\"><textarea rows=\"4\" cols=\"30\" class=\"inputarea\" name=\"description\">" . $user['descr'] . "</textarea></td>\n";
  124. echo " </tr>\n";
  125. echo " <tr>\n";
  126. echo " <td class=\"n\">" . _('Enabled') . "</td>\n";
  127. echo " <td class=\"n\"><input type=\"checkbox\" class=\"input\" name=\"active\" value=\"1\"" . $check . "></td>\n";
  128. echo " </tr>\n";
  129. echo " <tr>\n";
  130. echo " <td class=\"n\">&nbsp;</td>\n";
  131. echo " <td class=\"n\"><input type=\"submit\" class=\"button\" name=\"commit\" value=\"" . _('Commit changes') . "\">\n";
  132. echo " <input type=\"reset\" class=\"button\" name=\"reset\" value=\"" . _('Reset changes') . "\"></td>\n";
  133. echo " </table>\n";
  134. echo " </form>\n";
  135. echo " <p>\n";
  136. printf(_('This user has been assigned the permission template "%s".'), $user['tpl_name']);
  137. if ($user['tpl_descr'] != "") {
  138. echo " " . _('The description for this template is') . ": \"" . $user['tpl_descr'] . "\".";
  139. }
  140. echo " " . _('Based on this template, this user has the following permissions') . ":";
  141. echo " </p>\n";
  142. echo " <ul>\n";
  143. foreach (do_hook('get_permissions_by_template_id' , $user['tpl_id'] ) as $item) {
  144. echo " <li>" . _($item['descr']) . " (" . $item['name'] . ")</li>\n";
  145. }
  146. echo " </ul>\n";
  147. }
  148. } else {
  149. error(ERR_PERM_EDIT_USER);
  150. }
  151. include_once("inc/footer.inc.php");