mirror of
https://github.com/rsyslog/loganalyzer.git
synced 2025-09-25 18:59:12 +02:00
Added Check for Readonly Flag in all Admin panels
This commit is contained in:
Andre Lorbach
parent
a03bbb9236
commit
c3145c5e6e
@ -52,8 +52,23 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "add" ||
|
||||
$_GET['op'] == "delete"
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
if ( isset($_GET['op']) )
|
||||
{
|
||||
if ($_GET['op'] == "add")
|
||||
|
||||
@ -52,8 +52,25 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "add" ||
|
||||
$_GET['op'] == "delete" ||
|
||||
$_GET['op'] == "adduser" ||
|
||||
$_GET['op'] == "removeuser"
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// Only if the user is an admin!
|
||||
if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 )
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_NOTALLOWED'] );
|
||||
|
||||
@ -55,6 +55,21 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
// Init admin langauge file now!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "enableuserops"
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
if ( isset($_SESSION['SESSION_ISADMIN']) && $_SESSION['SESSION_ISADMIN'] == 1 )
|
||||
{
|
||||
|
||||
@ -52,9 +52,24 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "initparser" ||
|
||||
$_GET['op'] == "removeparser"
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// Firts of all init List of Parsers!
|
||||
// --- BEGIN Custom Code
|
||||
// First of all init List of Parsers!
|
||||
InitMessageParsers();
|
||||
|
||||
if ( isset($_GET['op']) )
|
||||
|
||||
@ -52,8 +52,25 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "initreport" ||
|
||||
$_GET['op'] == "removereport" ||
|
||||
$_GET['op'] == "addsavedreport" ||
|
||||
$_GET['op'] == "removesavedreport"
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// Hardcoded settings
|
||||
define('URL_ONLINEREPORTS', 'http://tools.adiscon.net/listreports.php');
|
||||
$content['OPTIONAL_TITLE'] = "";
|
||||
|
||||
@ -52,6 +52,22 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
// ---
|
||||
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "add" ||
|
||||
$_GET['op'] == "delete"
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
if ( isset($_GET['op']) )
|
||||
{
|
||||
|
||||
@ -52,8 +52,24 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "add" ||
|
||||
$_GET['op'] == "delete" ||
|
||||
$_GET['op'] == "cleardata"
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
if ( isset($_GET['op']) )
|
||||
{
|
||||
if ($_GET['op'] == "add")
|
||||
|
||||
@ -52,8 +52,31 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
( isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "add" ||
|
||||
$_GET['op'] == "delete"
|
||||
)
|
||||
)
|
||||
||
|
||||
( isset($_GET['miniop']) &&
|
||||
(
|
||||
$_GET['miniop'] == "setisadmin" ||
|
||||
$_GET['miniop'] == "setisreadonly"
|
||||
)
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
// Only if the user is an admin!
|
||||
if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 )
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_NOTALLOWED'] );
|
||||
|
||||
@ -52,6 +52,22 @@ InitFilterHelpers(); // Helpers for frontend filtering!
|
||||
IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' );
|
||||
// ---
|
||||
|
||||
// --- Deny if User is READONLY!
|
||||
if ( !isset($_SESSION['SESSION_ISREADONLY']) || $_SESSION['SESSION_ISREADONLY'] == 1 )
|
||||
{
|
||||
if ( isset($_POST['op']) ||
|
||||
(
|
||||
isset($_GET['op']) &&
|
||||
(
|
||||
$_GET['op'] == "add" ||
|
||||
$_GET['op'] == "delete"
|
||||
)
|
||||
)
|
||||
)
|
||||
DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_READONLY'] );
|
||||
}
|
||||
// ---
|
||||
|
||||
// --- BEGIN Custom Code
|
||||
|
||||
// Only if the user is an admin!
|
||||
|
||||
@ -75,6 +75,7 @@ function InitUserSession()
|
||||
$content['SESSION_USERNAME'] = $_SESSION['SESSION_USERNAME'];
|
||||
$content['SESSION_USERID'] = $_SESSION['SESSION_USERID'];
|
||||
$content['SESSION_ISADMIN'] = $_SESSION['SESSION_ISADMIN'];
|
||||
$content['SESSION_ISREADONLY'] = $_SESSION['SESSION_ISREADONLY'];
|
||||
if ( isset($_SESSION['SESSION_GROUPIDS']) )
|
||||
$content['SESSION_GROUPIDS'] = $_SESSION['SESSION_GROUPIDS'];
|
||||
|
||||
@ -170,11 +171,17 @@ function CheckUserLogin( $username, $password )
|
||||
$_SESSION['SESSION_USERNAME'] = $username;
|
||||
$_SESSION['SESSION_USERID'] = $myrow['ID'];
|
||||
$_SESSION['SESSION_ISADMIN'] = $myrow['is_admin'];
|
||||
// Check Readonly setting
|
||||
if ( $content['database_installedversion'] > 8 )
|
||||
$_SESSION['SESSION_ISREADONLY'] = $myrow['is_readonly'];
|
||||
else
|
||||
$_SESSION['SESSION_ISREADONLY'] = false;
|
||||
|
||||
$content['SESSION_LOGGEDIN'] = $_SESSION['SESSION_LOGGEDIN'];
|
||||
$content['SESSION_USERNAME'] = $_SESSION['SESSION_USERNAME'];
|
||||
$content['SESSION_USERID'] = $_SESSION['SESSION_USERID'];
|
||||
$content['SESSION_ISADMIN'] = $_SESSION['SESSION_ISADMIN'];
|
||||
$content['SESSION_ISREADONLY'] = $_SESSION['SESSION_ISREADONLY'];
|
||||
|
||||
// --- Read Groupmember ship for the user!
|
||||
$sqlquery = "SELECT " .
|
||||
|
||||
@ -103,6 +103,7 @@ $content['LN_GEN_INJECTHTMLHEADER'] = "Voranstellen von HTML Code in <head>
|
||||
$content['LN_GEN_INJECTBODYHEADER'] = "Voranstellen von HTML Code am Anfang des <body> Bereichs.";
|
||||
$content['LN_GEN_INJECTBODYFOOTER'] = "Voranstellen von HTML Code Am Ende des <body> Bereichs.";
|
||||
$content['LN_ADMIN_PHPLOGCON_LOGOURL'] = "Optionale LogAnalyzer-Logo-URL. Bitte für das Standard-Logo leer lassen.";
|
||||
$content['LN_ADMIN_ERROR_READONLY'] = "This is a READONLY User, you are not allowed to perform any change operations.";
|
||||
|
||||
// User Center
|
||||
$content['LN_USER_CENTER'] = "Benutzer Optionen";
|
||||
|
||||
@ -105,6 +105,7 @@ $content['LN_GEN_INJECTHTMLHEADER'] = "Inject this html code into the <head&g
|
||||
$content['LN_GEN_INJECTBODYHEADER'] = "Inject this html code at the beginning of the <body> area.";
|
||||
$content['LN_GEN_INJECTBODYFOOTER'] = "Inject this html code at the end <body> area.";
|
||||
$content['LN_ADMIN_PHPLOGCON_LOGOURL'] = "Optional LogAnalyzer Logo URL. Leave empty to use the default one.";
|
||||
$content['LN_ADMIN_ERROR_READONLY'] = "This is a READONLY User, you are not allowed to perform any change operations.";
|
||||
|
||||
// User Center
|
||||
$content['LN_USER_CENTER'] = "User Options";
|
||||
@ -134,7 +135,6 @@ $content['LN_USER_ERROR_SETTINGFLAG'] = "Error setting flag, invalid ID or User
|
||||
$content['LN_USER_WARNRADYONLYADMIN'] = "You are about to set your account to readonly! This will prevent you from changing any settings! Are you sure that you want to proceed?";
|
||||
$content['LN_USER_ISREADONLY'] = "Readonly User?";
|
||||
$content['LN_USER_'] = "";
|
||||
$content['LN_USER_'] = "";
|
||||
|
||||
// Group center
|
||||
$content['LN_GROUP_CENTER'] = "Group Center";
|
||||
|
||||
@ -105,6 +105,7 @@ $content['LN_GEN_INJECTHTMLHEADER'] = "Inject this html code into the <head&g
|
||||
$content['LN_GEN_INJECTBODYHEADER'] = "Inject this html code at the beginning of the <body> area.";
|
||||
$content['LN_GEN_INJECTBODYFOOTER'] = "Inject this html code at the end <body> area.";
|
||||
$content['LN_ADMIN_PHPLOGCON_LOGOURL'] = "Optional LogAnalyzer Logo URL. Leave empty to use the default one.";
|
||||
$content['LN_ADMIN_ERROR_READONLY'] = "This is a READONLY User, you are not allowed to perform any change operations.";
|
||||
|
||||
// User Center
|
||||
$content['LN_USER_CENTER'] = "User Options";
|
||||
|
||||
@ -103,6 +103,7 @@ $content['LN_GEN_INJECTHTMLHEADER'] = "Inject this html code into the <head&g
|
||||
$content['LN_GEN_INJECTBODYHEADER'] = "Inject this html code at the beginning of the <body> area.";
|
||||
$content['LN_GEN_INJECTBODYFOOTER'] = "Inject this html code at the end <body> area.";
|
||||
$content['LN_ADMIN_PHPLOGCON_LOGOURL'] = "Optional LogAnalyzer Logo URL. Leave empty to use the default one.";
|
||||
$content['LN_ADMIN_ERROR_READONLY'] = "This is a READONLY User, you are not allowed to perform any change operations.";
|
||||
|
||||
// User Center
|
||||
$content['LN_USER_CENTER'] = "User Options";
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user