mirror of
https://github.com/rsyslog/loganalyzer.git
synced 2025-09-25 18:59:12 +02:00
Added new Flag readonly into user system, readonly user
This commit is contained in:
Andre Lorbach
parent
fdf23a1c94
commit
a03bbb9236
@ -58,9 +58,11 @@ IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 )
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_NOTALLOWED'] );
|
||||
|
||||
if ( isset($_GET['miniop']) && $_GET['miniop'] == "setisadmin" )
|
||||
if ( isset($_GET['miniop']) )
|
||||
{
|
||||
if ( isset($_GET['id']) && isset($_GET['newval']) )
|
||||
{
|
||||
if ( $_GET['miniop'] == "setisadmin" )
|
||||
{
|
||||
//PreInit these values
|
||||
$content['USERID'] = intval(DB_RemoveBadChars($_GET['id']));
|
||||
@ -94,10 +96,45 @@ if ( isset($_GET['miniop']) && $_GET['miniop'] == "setisadmin" )
|
||||
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_USER_ERROR_IDNOTFOUND'], $content['USERID'] );
|
||||
}
|
||||
}
|
||||
else if ( $_GET['miniop'] == "setisreadonly" )
|
||||
{
|
||||
//PreInit these values
|
||||
$content['USERID'] = intval(DB_RemoveBadChars($_GET['id']));
|
||||
$iNewVal = intval(DB_RemoveBadChars($_GET['newval']));
|
||||
|
||||
// --- handle special case
|
||||
if ( $content['USERID'] == $content['SESSION_USERID'] && (!isset($_GET['verify']) || $_GET['verify'] != "yes") && $iNewVal == 1)
|
||||
{
|
||||
// This will print an additional secure check which the user needs to confirm and exit the script execution.
|
||||
PrintSecureUserCheck( $content['LN_USER_WARNRADYONLYADMIN'], $content['LN_DELETEYES'], $content['LN_DELETENO'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// Perform SQL Query!
|
||||
$sqlquery = "SELECT * " .
|
||||
" FROM " . DB_USERS .
|
||||
" WHERE ID = " . $content['USERID'];
|
||||
$result = DB_Query($sqlquery);
|
||||
$myuser = DB_GetSingleRow($result, true);
|
||||
if ( isset($myuser['username']) )
|
||||
{
|
||||
// Update is_admin setting!
|
||||
$result = DB_Query("UPDATE " . DB_USERS . " SET
|
||||
is_readonly = $iNewVal
|
||||
WHERE ID = " . $content['USERID']);
|
||||
DB_FreeQuery($result);
|
||||
}
|
||||
else
|
||||
{
|
||||
$content['ISERROR'] = true;
|
||||
$content['ERROR_MSG'] = "Error setting is_admin flat, invalid ID, User not found";
|
||||
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_USER_ERROR_IDNOTFOUND'], $content['USERID'] );
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$content['ISERROR'] = true;
|
||||
$content['ERROR_MSG'] = $content['LN_USER_ERROR_SETTINGFLAG'];
|
||||
}
|
||||
}
|
||||
|
||||
@ -145,6 +182,11 @@ if ( isset($_GET['op']) )
|
||||
else
|
||||
$content['CHECKED_ISADMIN'] = "";
|
||||
|
||||
// Set is_readonly flag
|
||||
if ( $myuser['is_readonly'] == 1 )
|
||||
$content['CHECKED_ISREADONLY'] = "checked";
|
||||
else
|
||||
$content['CHECKED_ISREADONLY'] = "";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -228,7 +270,7 @@ if ( isset($_POST['op']) )
|
||||
if ( isset ($_POST['password1']) ) { $content['PASSWORD1'] = DB_RemoveBadChars($_POST['password1']); } else {$content['PASSWORD1'] = ""; }
|
||||
if ( isset ($_POST['password2']) ) { $content['PASSWORD2'] = DB_RemoveBadChars($_POST['password2']); } else {$content['PASSWORD2'] = ""; }
|
||||
if ( isset ($_POST['isadmin']) ) { $content['ISADMIN'] = 1; } else {$content['ISADMIN'] = 0; }
|
||||
|
||||
if ( isset ($_POST['isreadonly']) ) { $content['ISREADONLY'] = 1; } else {$content['ISREADONLY'] = 0; }
|
||||
|
||||
// Check mandotary values
|
||||
if ( $content['USERNAME'] == "" )
|
||||
@ -265,10 +307,11 @@ if ( isset($_POST['op']) )
|
||||
$content['PASSWORDHASH'] = md5( $content['PASSWORD1'] );
|
||||
|
||||
// Add new User now!
|
||||
$result = DB_Query("INSERT INTO " . DB_USERS . " (username, password, is_admin)
|
||||
$result = DB_Query("INSERT INTO " . DB_USERS . " (username, password, is_admin, is_readonly)
|
||||
VALUES ('" . $content['USERNAME'] . "',
|
||||
'" . $content['PASSWORDHASH'] . "',
|
||||
" . $content['ISADMIN'] . ")");
|
||||
" . $content['ISADMIN'] . ",
|
||||
" . $content['ISREADONLY'] . ")");
|
||||
DB_FreeQuery($result);
|
||||
|
||||
// Do the final redirect
|
||||
@ -306,7 +349,8 @@ if ( isset($_POST['op']) )
|
||||
$result = DB_Query("UPDATE " . DB_USERS . " SET
|
||||
username = '" . $content['USERNAME'] . "',
|
||||
password = '" . $content['PASSWORDHASH'] . "',
|
||||
is_admin = " . $content['ISADMIN'] . "
|
||||
is_admin = " . $content['ISADMIN'] . ",
|
||||
is_readonly = " . $content['ISREADONLY'] . "
|
||||
WHERE ID = " . $content['USERID']);
|
||||
DB_FreeQuery($result);
|
||||
}
|
||||
@ -316,7 +360,8 @@ if ( isset($_POST['op']) )
|
||||
// Edit the User now!
|
||||
$result = DB_Query("UPDATE " . DB_USERS . " SET
|
||||
username = '" . $content['USERNAME'] . "',
|
||||
is_admin = " . $content['ISADMIN'] . "
|
||||
is_admin = " . $content['ISADMIN'] . ",
|
||||
is_readonly = " . $content['ISREADONLY'] . "
|
||||
WHERE ID = " . $content['USERID']);
|
||||
DB_FreeQuery($result);
|
||||
}
|
||||
@ -336,7 +381,8 @@ if ( !isset($_POST['op']) && !isset($_GET['op']) )
|
||||
// Read all Serverentries
|
||||
$sqlquery = "SELECT ID, " .
|
||||
" username, " .
|
||||
" is_admin " .
|
||||
" is_admin, " .
|
||||
" is_readonly " .
|
||||
" FROM " . DB_USERS .
|
||||
" ORDER BY ID ";
|
||||
$result = DB_Query($sqlquery);
|
||||
@ -345,7 +391,7 @@ if ( !isset($_POST['op']) && !isset($_GET['op']) )
|
||||
// --- Process Users
|
||||
for($i = 0; $i < count($content['USERS']); $i++)
|
||||
{
|
||||
// --- Set Image for IsClanMember
|
||||
// --- Set Image for IsAdmin
|
||||
if ( $content['USERS'][$i]['is_admin'] == 1 )
|
||||
{
|
||||
$content['USERS'][$i]['is_isadmin_string'] = $content['MENU_SELECTION_ENABLED'];
|
||||
@ -358,6 +404,19 @@ if ( !isset($_POST['op']) && !isset($_GET['op']) )
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- Set Image for IsReadonly
|
||||
if ( $content['USERS'][$i]['is_readonly'] == 1 )
|
||||
{
|
||||
$content['USERS'][$i]['is_readonly_string'] = $content['MENU_SELECTION_ENABLED'];
|
||||
$content['USERS'][$i]['set_isreadonly'] = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
$content['USERS'][$i]['is_readonly_string'] = $content['MENU_SELECTION_DISABLED'];
|
||||
$content['USERS'][$i]['set_isreadonly'] = 1;
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- Set CSS Class
|
||||
if ( $i % 2 == 0 )
|
||||
$content['USERS'][$i]['cssclass'] = "line1";
|
||||
|
||||
@ -14,6 +14,8 @@ CREATE TABLE `logcon_savedreports` (
|
||||
PRIMARY KEY (`ID`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT = 'Table to store saved reports' AUTO_INCREMENT=1 ;
|
||||
|
||||
ALTER TABLE `logcon_users` ADD `is_readonly` BOOL NOT NULL DEFAULT '0' AFTER `is_admin` ;
|
||||
|
||||
-- Insert data
|
||||
|
||||
-- Updated Data
|
||||
|
||||
@ -130,6 +130,10 @@ $content['LN_USER_ADDEDIT'] = "Add/Edit User";
|
||||
$content['LN_USER_WARNREMOVEADMIN'] = "You are about to revoke your own administrative priviledges. Are you sure to remove your admin status?";
|
||||
$content['LN_USER_WARNDELETEUSER'] = "Are you sure that you want to delete the User '%1'? All his personal settings will be deleted as well.";
|
||||
$content['LN_USER_ERROR_INVALIDSESSIONS'] = "Invalid User Session.";
|
||||
$content['LN_USER_ERROR_SETTINGFLAG'] = "Error setting flag, invalid ID or User not found";
|
||||
$content['LN_USER_WARNRADYONLYADMIN'] = "You are about to set your account to readonly! This will prevent you from changing any settings! Are you sure that you want to proceed?";
|
||||
$content['LN_USER_ISREADONLY'] = "Readonly User?";
|
||||
$content['LN_USER_'] = "";
|
||||
$content['LN_USER_'] = "";
|
||||
|
||||
// Group center
|
||||
|
||||
@ -27,6 +27,7 @@
|
||||
<td align="center" width="50" class="cellmenu1"><b>{LN_USER_ID}</b></td>
|
||||
<td align="center" width="300" class="cellmenu1"><b>{LN_USER_NAME}</b></td>
|
||||
<td align="center" width="100" class="cellmenu1"><b>{LN_USER_ISADMIN}</b></td>
|
||||
<td align="center" width="100" class="cellmenu1"><b>{LN_USER_ISREADONLY}</b></td>
|
||||
<td align="center" width="200" class="cellmenu1"><b>{LN_GEN_ACTIONS}</b></td>
|
||||
</tr>
|
||||
<!-- BEGIN USERS -->
|
||||
@ -34,6 +35,7 @@
|
||||
<td align="center" class="{cssclass}"><b>{ID}</b></td>
|
||||
<td align="center" class="{cssclass}"><a href="{BASEPATH}admin/users.php?op=edit&id={ID}">{username}</a></td>
|
||||
<td align="center" class="{cssclass}"><a href="{BASEPATH}admin/users.php?miniop=setisadmin&id={ID}&newval={set_isadmin}"><img src="{is_isadmin_string}" width="16"></a></td>
|
||||
<td align="center" class="{cssclass}"><a href="{BASEPATH}admin/users.php?miniop=setisreadonly&id={ID}&newval={set_isreadonly}"><img src="{is_readonly_string}" width="16"></a></td>
|
||||
<td align="center" class="{cssclass}">
|
||||
<a href="{BASEPATH}admin/users.php?op=edit&id={ID}"><img src="{MENU_EDIT}" width="16" title="{LN_USER_EDIT}"></a>
|
||||
<a href="{BASEPATH}admin/users.php?op=delete&id={ID}"><img src="{MENU_DELETE}" width="16" title="{LN_USER_DELETE}"></a>
|
||||
@ -41,7 +43,7 @@
|
||||
</tr>
|
||||
<!-- END USERS -->
|
||||
<tr>
|
||||
<td align="center" colspan="4" class="line0"><b><a href="{BASEPATH}admin/users.php?op=add"><img src="{MENU_ADDUSER}" title="{LN_USER_ADD}"> {LN_USER_ADD}</a></b></td>
|
||||
<td align="center" colspan="5" class="line0"><b><a href="{BASEPATH}admin/users.php?op=add"><img src="{MENU_ADDUSER}" title="{LN_USER_ADD}"> {LN_USER_ADD}</a></b></td>
|
||||
</tr>
|
||||
</table>
|
||||
<!-- ENDIF LISTUSERS="true" -->
|
||||
@ -68,6 +70,10 @@
|
||||
<td align="left" class="cellmenu2" nowrap><b>{LN_USER_ISADMIN}</b></td>
|
||||
<td align="right" class="line1"><input type="checkbox" name="isadmin" value="yes" {CHECKED_ISADMIN}></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td align="left" class="cellmenu2" nowrap><b>{LN_USER_ISREADONLY}</b></td>
|
||||
<td align="right" class="line1"><input type="checkbox" name="isreadonly" value="yes" {CHECKED_ISREADONLY}></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td align="center" colspan="2">
|
||||
<input type="submit" value="{USER_SENDBUTTON}">
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user