Skip to content

O
OpnSense
Commit 83e8d88d authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(legacy) refactor src/www/system_usermanager_passwordmg.php

parent 9f66d8f3
Show whitespace changes
Inline Side-by-side
Showing with 54 additions and 66 deletions
src/www/system_usermanager_passwordmg.php
View file @ 83e8d88d
...@@ -29,7 +29,7 @@ ...@@ -29,7 +29,7 @@
require_once("guiconfig.inc"); require_once("guiconfig.inc");
$pgtitle = array(gettext("System"),gettext("User Password")); $pgtitle = array(gettext("System"), gettext("User Password"));
if (session_status() == PHP_SESSION_NONE) { if (session_status() == PHP_SESSION_NONE) {
session_start(); session_start();
...@@ -37,7 +37,7 @@ if (session_status() == PHP_SESSION_NONE) { ...@@ -37,7 +37,7 @@ if (session_status() == PHP_SESSION_NONE) {
$username = $_SESSION['Username']; $username = $_SESSION['Username'];
if (isset($_POST['save'])) { if (isset($_POST['save'])) {
unset($input_errors); $input_errors = array();
/* input validation */ /* input validation */
$reqdfields = explode(" ", "passwordfld0 passwordfld1 passwordfld2"); $reqdfields = explode(" ", "passwordfld0 passwordfld1 passwordfld2");
...@@ -49,7 +49,19 @@ if (isset($_POST['save'])) { ...@@ -49,7 +49,19 @@ if (isset($_POST['save'])) {
$input_errors[] = gettext("The passwords do not match."); $input_errors[] = gettext("The passwords do not match.");
} }
if (!$input_errors) { /* determine if user is not local to system */
$userFound = false;
foreach ($config['system']['user'] as $user) {
if ($user['name'] == $username) {
$userFound = true;
}
}
if (!$userFound) {
$input_errors[] = gettext("Sorry, you cannot change the password for a non-local user.");
}
if (count($input_errors) == 0) {
// all values are okay --> saving changes // all values are okay --> saving changes
$config['system']['user'][$userindex[$username]]['password'] = crypt($_POST['passwordfld1'], '$6$'); $config['system']['user'][$userindex[$username]]['password'] = crypt($_POST['passwordfld1'], '$6$');
local_user_set($config['system']['user'][$userindex[$username]]); local_user_set($config['system']['user'][$userindex[$username]]);
...@@ -62,75 +74,51 @@ if (isset($_POST['save'])) { ...@@ -62,75 +74,51 @@ if (isset($_POST['save'])) {
session_write_close(); session_write_close();
/* determine if user is not local to system */
$islocal = false;
foreach ($config['system']['user'] as $user) {
if ($user['name'] == $username) {
$islocal = true;
}
}
include("head.inc"); include("head.inc");
?> ?>
<body> <body>
<?php include("fbegin.inc"); ?> <?php include("fbegin.inc"); ?>
<section class="page-content-main"> <section class="page-content-main">
<div class="container-fluid"> <div class="container-fluid">
<div class="row"> <div class="row">
<? <?
if (isset($input_errors) && count($input_errors) > 0) { if (isset($input_errors) && count($input_errors) > 0) {
print_input_errors($input_errors); print_input_errors($input_errors);
} }
if (isset($savemsg)) { if (isset($savemsg)) {
print_info_box($savemsg); print_info_box($savemsg);
} }
?>
if ($islocal == false) {
echo gettext("Sorry, you cannot change the password for a non-local user.");
include("foot.inc");
exit;
}
?>
<section class="col-xs-12"> <section class="col-xs-12">
<div class="content-box"> <div class="content-box">
<form action="system_usermanager_passwordmg.php" method="post" name="iform" id="iform"> <form action="system_usermanager_passwordmg.php" method="post" name="iform" id="iform">
<div class="table-responsive"> <div class="table-responsive">
<table class="table table-striped table-sort"> <table class="table table-striped">
<tr> <tr>
<td colspan="2" valign="top" class="listtopic"><?=$username?>'s <?=gettext("Password"); ?></td> <td colspan="2"><?=$username?>'s <?=gettext("Password"); ?></td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Old password"); ?></td> <td><?=gettext("Old password"); ?></td>
<td width="78%" class="vtable"> <td>
<input name="passwordfld0" type="password" class="formfld pwd" id="passwordfld0" size="20" /> <input name="passwordfld0" type="password" id="passwordfld0" size="20" />
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("New password"); ?></td> <td><?=gettext("New password"); ?></td>
<td width="78%" class="vtable"> <td>
<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" /> <input name="passwordfld1" type="password" id="passwordfld1" size="20" />
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Confirmation");?></td> <td><?=gettext("Confirmation");?></td>
<td width="78%" class="vtable"> <td>
<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" /> <input name="passwordfld2" type="password" id="passwordfld2" size="20" />
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top">&nbsp;</td> <td>&nbsp;</td>
<td width="78%"> <td>
<input name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" /> <input name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
</td> </td>
</tr> </tr>
...@@ -141,5 +129,5 @@ include("head.inc"); ...@@ -141,5 +129,5 @@ include("head.inc");
</section> </section>
</div> </div>
</div> </div>
</section> </section>
<?php include("foot.inc"); <?php include("foot.inc");
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023