(legacy) refactor system_usermanager_settings.php

d5e9e0ea · Ad Schellevis · 3b8a3826 · d5e9e0ea
Commit d5e9e0ea authored Dec 08, 2015 by Ad Schellevis
Hide whitespace changes
Inline Side-by-side

Showing with 106 additions and 134 deletions

system_usermanager_settings.php src/www/system_usermanager_settings.php +106 -134

No files found.
--- a/src/www/system_usermanager_settings.php
+++ b/src/www/system_usermanager_settings.php
 <?php
 /*
-	Copyright (C) 2014-2015 Deciso B.V.
+  Copyright (C) 2014-2015 Deciso B.V.
-	Copyright (C) 2007 Scott Ullrich <sullrich@gmail.com>
+  Copyright (C) 2007 Scott Ullrich <sullrich@gmail.com>
-	Copyright (C) 2007 Bill Marquette <bill.marquette@gmail.com>
+  Copyright (C) 2007 Bill Marquette <bill.marquette@gmail.com>
-	All rights reserved.
+  All rights reserved.
-	Redistribution and use in source and binary forms, with or without
+  Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
+  modification, are permitted provided that the following conditions are met:
-	1. Redistributions of source code must retain the above copyright notice,
+  1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
+     this list of conditions and the following disclaimer.
-	2. Redistributions in binary form must reproduce the above copyright
+  2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
+     notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
+     documentation and/or other materials provided with the distribution.
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+  AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+  AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
+  POSSIBILITY OF SUCH DAMAGE.
 */
 require_once("guiconfig.inc");
-$pconfig['session_timeout'] = &$config['system']['webgui']['session_timeout'];
-$pconfig['authmode'] = &$config['system']['webgui']['authmode'];
-$pconfig['backend'] = &$config['system']['webgui']['backend'];
-// Page title for main admin
-$pgtitle = array(gettext('System'), gettext('Users'), gettext('Settings'));
 $save_and_test = false;
-if ($_POST) {
+if ($_SERVER['REQUEST_METHOD'] === 'GET') {
-    unset($input_errors);
+    $pconfig = array();
+    $pconfig['session_timeout'] = $config['system']['webgui']['session_timeout'];
+    $pconfig['authmode'] = $config['system']['webgui']['authmode'];
+    $pconfig['backend'] = $config['system']['webgui']['backend'];
+} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $pconfig = $_POST;
+    $input_errors = array();
-    if (isset($_POST['session_timeout'])) {
+    if (!empty($pconfig['session_timeout']) && (!is_numeric($pconfig['session_timeout']) || $pconfig['session_timeout'] <= 0)) {
-        $timeout = intval($_POST['session_timeout']);
+        $input_errors[] = gettext("Session timeout must be an integer value.");
-        if ($timeout != "" && (!is_numeric($timeout) || $timeout <= 0)) {
-            $input_errors[] = gettext("Session timeout must be an integer value.");
-        }
    }
-    if (!$input_errors) {
+    if (count($input_errors) == 0) {
-        if ($_POST['authmode'] != "local") {
+        $authsrv = auth_get_authserver($pconfig['authmode']);
-            $authsrv = auth_get_authserver($_POST['authmode']);
+        if (!empty($pconfig['savetest'])) {
-            if ($_POST['savetest']) {
+            if ($authsrv['type'] == "ldap") {
-                if ($authsrv['type'] == "ldap") {
+                $save_and_test = true;
-                    $save_and_test = true;
-                }
            } else {
                $savemsg = gettext("The test was not performed because it is supported only for ldap based backends.");
            }
        }
+        if (!empty($pconfig['session_timeout'])) {
-        if (isset($_POST['session_timeout']) && $_POST['session_timeout'] != "") {
+            $config['system']['webgui']['session_timeout'] = intval($pconfig['session_timeout']);
-            $config['system']['webgui']['session_timeout'] = intval($_POST['session_timeout']);
+        } elseif (isset($config['system']['webgui']['session_timeout'])) {
-        } else {
            unset($config['system']['webgui']['session_timeout']);
        }
-        if ($_POST['authmode']) {
+        if (!empty($pconfig['authmode'])) {
-            $config['system']['webgui']['authmode'] = $_POST['authmode'];
+            $config['system']['webgui']['authmode'] = $pconfig['authmode'];
-        } else {
+        } elseif (isset($config['system']['webgui']['authmode'])) {
            unset($config['system']['webgui']['authmode']);
        }
        write_config();
    }
 }
+legacy_html_escape_form_data($pconfig);
 include("head.inc");
 ?>
 <body>
 <?php
-if ($save_and_test) {
+if ($save_and_test):?>
-    echo "<script type=\"text/javascript\">\n";
+<script type="text/javascript">
-    echo "//<![CDATA[\n";
+    myRef = window.open('system_usermanager_settings_test.php?authserver=<?=$pconfig['authmode'];?>','mywin','left=20,top=20,width=700,height=550,toolbar=1,resizable=0');
-    echo "myRef = window.open('system_usermanager_settings_test.php?authserver={$pconfig['authmode']}','mywin', ";
+    if (myRef==null || typeof(myRef)=='undefined') alert('<?=gettext("Popup blocker detected.  Action aborted.");?>');
-    echo "'left=20,top=20,width=700,height=550,toolbar=1,resizable=0');\n";
+</script>;
-    echo "if (myRef==null || typeof(myRef)=='undefined') alert('" . gettext("Popup blocker detected.  Action aborted.") ."');\n";
+<?php
-    echo "//]]>\n";
+endif;?>
-    echo "</script>\n";
-}
-?>
 <?php include("fbegin.inc");?>
+  <section class="page-content-main">
-	<section class="page-content-main">
+    <div class="container-fluid">
-		<div class="container-fluid">
+      <div class="row">
-			<div class="row">
+<?php
+      if (isset($input_errors) && count($input_errors) > 0) {
-				<?php if (isset($input_errors) && count($input_errors) > 0) {
+        print_input_errors($input_errors);
-                    print_input_errors($input_errors);
+      }
-}?>
+      if (isset($savemsg)) {
-				<?php if (isset($savemsg)) {
+        print_info_box($savemsg);
-                    print_info_box($savemsg);
+      }
-}?>
+?>
+        <section class="col-xs-12">
-			    <section class="col-xs-12">
+          <div class="tab-content content-box col-xs-12 table-responsive">
-					<?php
+            <form action="system_usermanager_settings.php" method="post">
-                            /* Default to pfsense backend type if none is defined */
+              <table class="table table-striped table-sort">
-                    if (!$pconfig['backend']) {
+                <tr>
-                        $pconfig['backend'] = "pfsense";
+                  <td width="22%"><a id="help_for_session_timeout" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Session Timeout"); ?></td>
-                    }
+                  <td width="78%">
-                        ?>
+                    <input class="form-control" name="session_timeout" id="session_timeout" type="text" size="8" value="<?=$pconfig['session_timeout'];?>" />
+                    <div class="hidden" for="help_for_session_timeout">
-						<div class="tab-content content-box col-xs-12 table-responsive">
+                      <?=gettext("Time in minutes to expire idle management sessions. The default is 4 hours (240 minutes).");?><br />
+                      <?=gettext("Enter 0 to never expire sessions. NOTE: This is a security risk!");?><br />
-								<form id="iform" name="iform" action="system_usermanager_settings.php" method="post">
+                    </div>
-									<table class="table table-striped table-sort">
+                  </td>
-											<tr>
+                </tr>
-												<td width="22%" valign="top" class="vncell"><?=gettext("Session Timeout"); ?></td>
+                <tr>
-												<td width="78%" class="vtable">
+                  <td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Authentication Server"); ?></td>
-													<input class="form-control" name="session_timeout" id="session_timeout" type="text" size="8" value="<?=htmlspecialchars($pconfig['session_timeout']);?>" />
+                  <td>
-													<br />
+                      <select name="authmode" class="selectpicker" data-style="btn-default" >
-													<?=gettext("Time in minutes to expire idle management sessions. The default is 4 hours (240 minutes).");?><br />
+<?php
-													<?=gettext("Enter 0 to never expire sessions. NOTE: This is a security risk!");?><br />
+                      foreach (auth_get_authserver_list() as $auth_key => $auth_server) :?>
-												</td>
+                        <option value="<?=$auth_key; ?>" <?=$auth_key == $pconfig['authmode'] ? "selected=\"selected\"" : "";?>>
-											</tr>
+                          <?=htmlspecialchars($auth_server['name']);?>
-											<tr>
+                        </option>
-												<td width="22%" valign="top" class="vncell"><?=gettext("Authentication Server"); ?></td>
+<?php
-												<td width="78%" class="vtable">
+                      endforeach; ?>
-													<select name='authmode' id='authmode' class="selectpicker" data-style="btn-default" >
+                      </select>
-				<?php
+                    </td>
-                                                    $auth_servers = auth_get_authserver_list();
+                  </tr>
-                foreach ($auth_servers as $auth_key => $auth_server) :
+                  <tr>
-                    $selected = '';
+                    <td></td>
-                    if ($auth_key == $pconfig['authmode']) {
+                    <td>
-                        $selected = 'selected="selected"';
+                      <input name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
-                    }
+                      <input name="savetest" type="submit" class="btn btn-default" value="<?=gettext("Save and Test");?>" />
-                    if (!isset($pconfig['authmode']) && $auth_key == 'Local Database') {
+                    </td>
-                        $selected = 'selected="selected"';
+                  </tr>
-                    }
+                </table>
-                ?>
+              </form>
-                    <option value="<?=$auth_key; ?>" <?=$selected; ?>><?=$auth_server['name'];?></option>
+            </div>
-				<?php endforeach; ?>
+          </section>
-													</select>
+      </div>
-												</td>
+    </div>
-											</tr>
+  </section>
-											<tr>
-												<td width="22%" valign="top">&nbsp;</td>
-												<td width="78%">
-													<input id="save" name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
-													<input id="savetest" name="savetest" type="submit" class="btn btn-default" value="<?=gettext("Save and Test");?>" />
-												</td>
-											</tr>
-										</table>
-								</form>
-						</div>
-			    </section>
-			</div>
-		</div>
-	</section>
 <?php include("foot.inc");