251 lines
9.2 KiB
PHP
251 lines
9.2 KiB
PHP
<?php
|
|
/*****************************************************************************
|
|
IP Reg, a PHP/MySQL IPAM tool
|
|
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
|
|
Copyright (C) 2011-2023 Thomas Hooge
|
|
|
|
SPDX-License-Identifier: GPL-3.0-or-later
|
|
*****************************************************************************/
|
|
|
|
include("includes.php");
|
|
|
|
// ========== ACTIONS START ===================================================
|
|
switch ($submit = form_get_action()) {
|
|
|
|
case NULL: break;
|
|
|
|
case 'edit': $action = ACT_EDIT; break;
|
|
case 'pass': $action = ACT_PASSWORD; break;
|
|
|
|
case 'update':
|
|
$id = $_SESSION['suser_id'];
|
|
$language = $_POST['user_language'];
|
|
$imagesize = sanitize($_POST['user_imagesize']);
|
|
$imagecount = sanitize($_POST['user_imagecount']);
|
|
$mac = sanitize($_POST['user_mac']);
|
|
$dateformat = sanitize($_POST['user_dateformat']);
|
|
$dns1suffix = sanitize($_POST['user_dns1suffix']);
|
|
$dns2suffix = sanitize($_POST['user_dns2suffix']);
|
|
$tooltips = sanitize($_POST['user_tooltips']);
|
|
|
|
$menu_assets = sanitize($_POST['user_menu_assets']);
|
|
$menu_assetclasses = sanitize($_POST['user_menu_assetclasses']);
|
|
$menu_assetclassgroups = sanitize($_POST['user_menu_assetclassgroups']);
|
|
$menu_cables = sanitize($_POST['user_menu_cables']);
|
|
$menu_locations = sanitize($_POST['user_menu_locations']);
|
|
$menu_nodes = sanitize($_POST['user_menu_nodes']);
|
|
$menu_nats = sanitize($_POST['user_menu_nats']);
|
|
$menu_subnets = sanitize($_POST['user_menu_subnets']);
|
|
$menu_vlans = sanitize($_POST['user_menu_vlans']);
|
|
$menu_zones = sanitize($_POST['user_menu_zones']);
|
|
|
|
// construct menu set
|
|
$menu = array();
|
|
if ($menu_assets) $menu[] = 'asset';
|
|
if ($menu_assetclasses) $menu[] = 'class';
|
|
if ($menu_assetclassgroups) $menu[] = 'group';
|
|
if ($menu_cables) $menu[] = 'cable';
|
|
if ($menu_locations) $menu[] = 'location';
|
|
if ($menu_nodes) $menu[] = 'node';
|
|
if ($menu_nats) $menu[] = 'nat';
|
|
if ($menu_subnets) $menu[] = 'subnet';
|
|
if ($menu_vlans) $menu[] = 'vlan';
|
|
if ($menu_zones) $menu[] = 'zone';
|
|
$menu = empty($menu) ? NULL : implode(',', $menu);
|
|
|
|
$sql = "UPDATE user SET
|
|
user_language=?, user_imagesize=?, user_imagecount=?,
|
|
user_mac=?, user_dateformat=?, user_dns1suffix=?,
|
|
user_dns2suffix=?, user_tooltips=?, user_menu=?
|
|
WHERE
|
|
user_id=?";
|
|
$sth = $dbh->prepare($sql);
|
|
$sth->execute([$language, $imagesize, $imagecount,
|
|
$mac, $dateformat, $dns1suffix,
|
|
$dns2suffix, $tooltips, $menu,
|
|
$id]);
|
|
|
|
$_SESSION['suser_language'] = $language;
|
|
$_SESSION['suser_imagesize'] = $imagesize;
|
|
$_SESSION['suser_imagecount'] = $imagecount;
|
|
$_SESSION['suser_mac'] = $mac;
|
|
$_SESSION['suser_dateformat'] = $dateformat;
|
|
$_SESSION['suser_dns1suffix'] = $dns1suffix;
|
|
$_SESSION['suser_dns2suffix'] = $dns2suffix;
|
|
$_SESSION['suser_menu_assets'] = $menu_assets;
|
|
$_SESSION['suser_menu_assetclasses'] = $menu_assetclasses;
|
|
$_SESSION['suser_menu_assetclassgroups'] = $menu_assetclassgroups;
|
|
$_SESSION['suser_menu_cables'] = $menu_cables;
|
|
$_SESSION['suser_menu_locations'] = $menu_locations;
|
|
$_SESSION['suser_menu_nodes'] = $menu_nodes;
|
|
$_SESSION['suser_menu_nats'] = $menu_nats;
|
|
$_SESSION['suser_menu_subnets'] = $menu_subnets;
|
|
$_SESSION['suser_menu_vlans'] = $menu_vlans;
|
|
$_SESSION['suser_menu_zones'] = $menu_zones;
|
|
$_SESSION['suser_tooltips'] = $tooltips;
|
|
|
|
$action = ACT_DEFAULT;
|
|
break;
|
|
|
|
case 'exec-pass':
|
|
$user_id = $_SESSION['suser_id'];
|
|
$currentpass = sanitize($_POST['user_currentpass']);
|
|
$newpass1 = sanitize($_POST['user_newpass1']);
|
|
$newpass2 = sanitize($_POST['user_newpass2']);
|
|
$sth = $dbh->prepare("SELECT user_pass FROM user WHERE user_id=?");
|
|
$sth->execute([$user_id]);
|
|
$userpass = $sth->fetchColumn();
|
|
$action = ACT_PASSWORD;
|
|
if (password_verify($currentpass, $userpass)) {
|
|
if (strlen($newpass1) >= 5) {
|
|
if (!strcmp($newpass1, $newpass2)) {
|
|
$sth = $dbh->prepare("UPDATE user SET user_pass=? WHERE user_id=?");
|
|
$newhash = password_hash($newpass1, PASSWORD_BCRYPT);
|
|
$sth->execute([$newhash, $user_id]);
|
|
$action = ACT_DEFAULT;
|
|
} else {
|
|
$g_error->Add('New passwords do not match!');
|
|
}
|
|
} else {
|
|
$g_error->Add('New password is to simple!');
|
|
}
|
|
} else {
|
|
$g_error->Add('Current password wrong!');
|
|
}
|
|
break;
|
|
|
|
default:
|
|
$g_error->Add(submit_error($submit));
|
|
$valid = FALSE;
|
|
}
|
|
|
|
// ========== ACTIONS END =====================================================
|
|
include("header.php");
|
|
|
|
if ($action == ACT_DEFAULT):
|
|
// ========== VARIANT: default behavior =======================================
|
|
|
|
$smarty->assign('realm', $_SESSION['suser_realm']);
|
|
$smarty->assign('role_add', $_SESSION['suser_role_add']);
|
|
$smarty->assign('role_edit', $_SESSION['suser_role_edit']);
|
|
$smarty->assign('role_delete', $_SESSION['suser_role_delete']);
|
|
$smarty->assign('role_manage', $_SESSION['suser_role_manage']);
|
|
$smarty->assign('role_admin', $_SESSION['suser_role_admin']);
|
|
$smarty->display("options.tpl");
|
|
|
|
elseif ($action == ACT_EDIT):
|
|
// ========== VARIANT: edit display options ===================================
|
|
|
|
$smarty->assign("language", lang_getfrombrowser($config_lang, $config_lang_default));
|
|
|
|
// available languages
|
|
$lang_options = array();
|
|
foreach ($config_lang as $lang) {
|
|
$lang_options[$lang] = $lang;
|
|
}
|
|
$smarty->assign("lang_options", $lang_options);
|
|
|
|
|
|
if($_SESSION['suser_menu_assets']=='on') {
|
|
$user_menu_assets_checked = 'checked';
|
|
} else {
|
|
$user_menu_assets_checked = '';
|
|
}
|
|
// assetclasses
|
|
if($_SESSION['suser_menu_assetclasses']=='on') {
|
|
$user_menu_assetclasses_checked = 'checked';
|
|
} else {
|
|
$user_menu_assetclasses_checked = '';
|
|
}
|
|
// assetclassgroups
|
|
if($_SESSION['suser_menu_assetclassgroups']=='on') {
|
|
$user_menu_assetclassgroups_checked = 'checked';
|
|
} else {
|
|
$user_menu_assetclassgroups_checked = '';
|
|
}
|
|
// cables
|
|
if($_SESSION['suser_menu_cables']=='on') {
|
|
$user_menu_cables_checked = 'checked';
|
|
} else {
|
|
$user_menu_cables_checked = '';
|
|
}
|
|
// locations
|
|
if($_SESSION['suser_menu_locations']=='on') {
|
|
$user_menu_locations_checked = 'checked';
|
|
} else {
|
|
$user_menu_locations_checked = '';
|
|
}
|
|
// nodes
|
|
if($_SESSION['suser_menu_nodes']=='on') {
|
|
$user_menu_nodes_checked = 'checked';
|
|
} else {
|
|
$user_menu_nodes_checked = '';
|
|
}
|
|
// nats
|
|
if($_SESSION['suser_menu_nats']=='on') {
|
|
$user_menu_nats_checked = 'checked';
|
|
} else {
|
|
$user_menu_nats_checked = '';
|
|
}
|
|
// subnets
|
|
if($_SESSION['suser_menu_subnets']=='on') {
|
|
$user_menu_subnets_checked = 'checked';
|
|
} else {
|
|
$user_menu_subnets_checked = '';
|
|
}
|
|
// vlans
|
|
if($_SESSION['suser_menu_vlans']=='on') {
|
|
$user_menu_vlans_checked = 'checked';
|
|
} else {
|
|
$user_menu_vlans_checked = '';
|
|
}
|
|
// zones
|
|
if($_SESSION['suser_menu_zones']=='on') {
|
|
$user_menu_zones_checked = 'checked';
|
|
} else {
|
|
$user_menu_zones_checked = '';
|
|
}
|
|
// tooltips
|
|
if($_SESSION['suser_tooltips']=='on') {
|
|
$user_tooltips_checked = 'checked';
|
|
} else {
|
|
$user_tooltips_checked = '';
|
|
}
|
|
|
|
$smarty->assign("user_id", $_SESSION['suser_id']);
|
|
$smarty->assign("user_imagesize", $_SESSION['suser_imagesize']);
|
|
$smarty->assign("user_imagecount", $_SESSION['suser_imagecount']);
|
|
$smarty->assign("user_mac", $_SESSION['suser_mac']);
|
|
$smarty->assign("user_dateformat", $_SESSION['suser_dateformat']);
|
|
$smarty->assign("user_dns1suffix", $_SESSION['suser_dns1suffix']);
|
|
$smarty->assign("user_dns2suffix", $_SESSION['suser_dns2suffix']);
|
|
$smarty->assign("user_language", $_SESSION['suser_language']);
|
|
$smarty->assign("user_menu_assets_checked", $user_menu_assets_checked);
|
|
$smarty->assign("user_menu_assetclasses_checked", $user_menu_assetclasses_checked);
|
|
$smarty->assign("user_menu_assetclassgroups_checked", $user_menu_assetclassgroups_checked);
|
|
$smarty->assign("user_menu_cables_checked", $user_menu_cables_checked);
|
|
$smarty->assign("user_menu_locations_checked", $user_menu_locations_checked);
|
|
$smarty->assign("user_menu_nodes_checked", $user_menu_nodes_checked);
|
|
$smarty->assign("user_menu_nats_checked", $user_menu_nats_checked);
|
|
$smarty->assign("user_menu_subnets_checked", $user_menu_subnets_checked);
|
|
$smarty->assign("user_menu_vlans_checked", $user_menu_vlans_checked);
|
|
$smarty->assign("user_menu_zones_checked", $user_menu_zones_checked);
|
|
$smarty->assign("user_tooltips_checked", $user_tooltips_checked);
|
|
|
|
$smarty->display("optionseditdisplay.tpl");
|
|
|
|
elseif ($action == ACT_PASSWORD):
|
|
// ========== VARIANT: password ===============================================
|
|
|
|
$smarty->display("optionseditpassword.tpl");
|
|
|
|
else:
|
|
// ========== ERROR UNKNOWN VARIANT ===========================================
|
|
|
|
echo "<p>Unknown function call: Please report to system development!</p>\n";
|
|
|
|
endif; // $action == ...
|
|
// ========== END OF VARIANTS =================================================
|
|
|
|
$smarty->display('footer.tpl');
|