2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
<?php
|
|
|
|
|
2009-06-08 20:26:14 +02:00
|
|
|
// Pandora FMS - http://pandorafms.com
|
|
|
|
// ==================================================
|
|
|
|
// Copyright (c) 2005-2009 Artica Soluciones Tecnologicas
|
|
|
|
// Please see http://pandorafms.org for full contribution list
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
|
|
|
|
// This program is free software; you can redistribute it and/or
|
2009-06-08 20:26:14 +02:00
|
|
|
// modify it under the terms of the GNU Lesser General Public License
|
|
|
|
// as published by the Free Software Foundation; version 2
|
|
|
|
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU General Public License for more details.
|
2009-06-08 20:26:14 +02:00
|
|
|
|
2009-08-24 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_menu.php, include/functions_html.php,
include/functions_events.php, include/functions_messages.php,
include/functions_modules.php, include/functions_exportserver.php,
include/functions_reporting.php, include/functions_filemanager.php,
include/pchart_graph.php, include/pandora_graph.php, include/auth/dev.php,
include/auth/ldap.php, include/auth/mysql.php, include/config.inc.php,
include/functions_networkmap.php, include/functions_servers.php,
include/FusionCharts/FusionCharts_Gen.php,
include/FusionCharts/FusionCharts.php,
include/functions_network_profiles.php, include/gettext.php,
include/functions_network_components.php, include/functions_visual_map.php,
include/fgraph2.php, include/Image/image_functions.php,
include/functions_config.php, include/help/en/help_plugin_parameters.php,
include/help/en/help_snmpcommunity.php, include/help/en/help_wmiquery.php,
include/help/en/help_postprocess.php,
include/help/en/help_prediction_source_module.php,
include/help/en/help_date_format.php, include/help/en/help_recontask.php,
include/help/en/help_alert-matches.php, include/help/en/help_tcp_send.php,
include/help/en/help_wmifield.php, include/help/en/help_duplicateconfig.php,
include/help/en/help_agent_status.php,
include/help/en/help_manage_alerts.php, include/help/en/help_wmikey.php,
include/help/en/help_alert_type.php,
include/help/en/help_network_component.php,
include/help/en/help_time_stamp-comparation.php,
include/help/en/help_eventview.php, include/help/en/help_timesource.php,
include/help/en/help_alert_validation.php,
include/help/en/help_map_builder.php,
include/help/en/help_alert_recovery.php,
include/help/en/help_module_type.php,
include/help/en/help_planned_downtime.php,
include/help/en/help_serverlag.php, include/help/en/help_alerts.php,
include/help/en/help_snmpwalk.php,
include/help/en/help_module_definition.php,
include/help/en/help_plugin_definition.php,
include/help/en/help_wminamespace.php, include/help/en/help_snmpoid.php
include/help/en/help_manageconfig.php,
include/help/es/help_alert_validation.php,
include/help/es/help_plugin_parameters.php,
include/help/es/help_snmpcommunity.php, include/help/es/help_wmiquery.php,
include/help/es/help_map_builder.php, include/help/es/help_postprocess.php,
include/help/es/help_date_format.php,
include/help/es/help_alert_recovery.php,
include/help/es/help_prediction_source_module.php,
include/help/es/help_module_type.php,
include/help/es/help_planned_downtime.php,
include/help/es/help_alert-matches.php, include/help/es/help_recontask.php,
include/help/es/help_alerts.php, include/help/es/help_serverlag.php,
include/help/es/help_snmpwalk.php,
include/help/es/help_module_definition.php,
include/help/es/help_tcp_send.php, include/help/es/help_duplicateconfig.php,
include/help/es/help_wmifield.php, include/help/es/help_manage_alerts.php,
include/help/es/help_wmikey.php, include/help/es/help_plugin_definition.php,
include/help/es/help_alert_type.php, include/help/es/help_snmpoid.php,
include/help/es/help_wminamespace.php,
include/help/es/help_network_component.php,
include/help/es/help_time_stamp-comparation.php,
include/help/es/help_manageconfig.php, include/help/es/help_timesource.php,
include/config_process.php, include/functions_ui.php, include/htmlawed.php,
include/functions_custom_graphs.php, include/fgraph.php,
include/functions_incidents.php, include/functions.php,
include/functions_agents.php, include/functions_db.php,
include/functions_themes.php, include/streams.php,
include/functions_fsgraph.php, include/functions_alerts.php,
include/functions_reports.php, include/functions_extensions.php,
include/functions_ui_renders.php: change comments blocks for delete the
warnings to construct phpDoc Files, give a struct and order in the
phpDoc files.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1881 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-08-25 19:39:28 +02:00
|
|
|
/**
|
|
|
|
* @package Include/auth
|
|
|
|
*/
|
|
|
|
|
2009-06-08 20:26:14 +02:00
|
|
|
if (!isset ($config)) {
|
2009-12-08 15:48:59 +01:00
|
|
|
die ('
|
|
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
|
|
<html>
|
|
|
|
<head>
|
|
|
|
<title>Pandora FMS - The Flexible Monitoring System - Console error</title>
|
|
|
|
<meta http-equiv="expires" content="0">
|
|
|
|
<meta http-equiv="content-type" content="text/html; charset=utf8">
|
|
|
|
<meta name="resource-type" content="document">
|
|
|
|
<meta name="distribution" content="global">
|
|
|
|
<meta name="author" content="Sancho Lerena">
|
|
|
|
<meta name="copyright" content="This is GPL software. Created by Sancho Lerena and others">
|
|
|
|
<meta name="keywords" content="pandora, monitoring, system, GPL, software">
|
|
|
|
<meta name="robots" content="index, follow">
|
|
|
|
<link rel="icon" href="../../images/pandora.ico" type="image/ico">
|
|
|
|
<link rel="stylesheet" href="../styles/pandora.css" type="text/css">
|
|
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<div id="main" style="float:left; margin-left: 100px">
|
|
|
|
<div align="center">
|
|
|
|
<div id="login_f">
|
|
|
|
<h1 id="log_f" class="error">You cannot access this file</h1>
|
|
|
|
<div>
|
|
|
|
<img src="../../images/pandora_logo.png" border="0"></a>
|
|
|
|
</div>
|
|
|
|
<div class="msg">
|
|
|
|
<span class="error"><b>ERROR:</b>
|
|
|
|
You can\'t access this file directly!</span>
|
|
|
|
</div>
|
|
|
|
</div>
|
|
|
|
</div>
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
');
|
2009-06-08 20:26:14 +02:00
|
|
|
}
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
|
2010-08-10 10:58:03 +02:00
|
|
|
enterprise_include ('include/auth/mysql.php');
|
|
|
|
|
2009-01-22 18:44:33 +01:00
|
|
|
$config["user_can_update_info"] = true;
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
$config["user_can_update_password"] = true;
|
|
|
|
$config["admin_can_add_user"] = true;
|
|
|
|
$config["admin_can_delete_user"] = true;
|
2009-01-22 18:44:33 +01:00
|
|
|
$config["admin_can_disable_user"] = false; //currently not implemented
|
|
|
|
$config["admin_can_make_admin"] = true;
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* process_user_login accepts $login and $pass and handles it according to current authentication scheme
|
|
|
|
*
|
|
|
|
* @param string $login
|
|
|
|
* @param string $pass
|
|
|
|
*
|
|
|
|
* @return mixed False in case of error or invalid credentials, the username in case it's correct.
|
|
|
|
*/
|
|
|
|
function process_user_login ($login, $pass) {
|
2010-08-10 10:58:03 +02:00
|
|
|
global $config, $mysql_cache;
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
|
2010-08-10 10:58:03 +02:00
|
|
|
// Always authenticate admins against the local database
|
|
|
|
if (strtolower ($config["auth"]) == 'mysql' || is_user_admin ($login)) {
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
|
2010-08-10 10:58:03 +02:00
|
|
|
// Connect to Database
|
|
|
|
$sql = sprintf ("SELECT `id_user`, `password` FROM `tusuario` WHERE `id_user` = '%s'", $login);
|
|
|
|
$row = get_db_row_sql ($sql);
|
|
|
|
|
|
|
|
//Check that row exists, that password is not empty and that password is the same hash
|
|
|
|
if ($row !== false && $row["password"] !== md5 ("") && $row["password"] == md5 ($pass)) {
|
|
|
|
// Login OK
|
|
|
|
// Nick could be uppercase or lowercase (select in MySQL
|
|
|
|
// is not case sensitive)
|
|
|
|
// We get DB nick to put in PHP Session variable,
|
|
|
|
// to avoid problems with case-sensitive usernames.
|
|
|
|
// Thanks to David Muñiz for Bug discovery :)
|
|
|
|
return $row["id_user"];
|
|
|
|
} else {
|
|
|
|
$mysql_cache["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
// Remote authentication
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
} else {
|
2010-08-10 10:58:03 +02:00
|
|
|
|
|
|
|
switch ($config["auth"]) {
|
|
|
|
|
|
|
|
// LDAP
|
|
|
|
case 'ldap':
|
|
|
|
if (ldap_process_user_login ($login, $pass) === false) {
|
|
|
|
$config["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
// Active Directory
|
|
|
|
case 'ad':
|
|
|
|
if (enterprise_hook ('ad_process_user_login', array ($login, $pass)) === false) {
|
|
|
|
$config["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
// Remote Pandora FMS
|
|
|
|
case 'pandora':
|
|
|
|
if (enterprise_hook ('remote_pandora_process_user_login', array ($login, $pass)) === false) {
|
|
|
|
$config["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
// Remote Babel Enterprise
|
|
|
|
case 'babel':
|
|
|
|
if (enterprise_hook ('remote_babel_process_user_login', array ($login, $pass)) === false) {
|
|
|
|
$config["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
2010-08-10 11:21:20 +02:00
|
|
|
// Remote Integria
|
|
|
|
case 'integria':
|
|
|
|
if (enterprise_hook ('remote_integria_process_user_login', array ($login, $pass)) === false) {
|
|
|
|
$config["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
2010-08-10 10:58:03 +02:00
|
|
|
// Unknown authentication method
|
|
|
|
default:
|
|
|
|
$config["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Authentication ok, check if the user exists in the local database
|
|
|
|
if (is_user ($login)) {
|
|
|
|
return $login;
|
|
|
|
}
|
|
|
|
|
|
|
|
// The user does not exist and can not be created
|
|
|
|
if ($config['autocreate_remote_users'] == 0) {
|
|
|
|
$config["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Create the user in the local database
|
|
|
|
if (create_user ($login, $pass, array ('fullname' => $login, 'comments' => 'Imported from ' . $config['auth'])) === false) {
|
|
|
|
$config["auth_error"] = "User not found in database or incorrect password";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
create_user_profile ($login, $config['default_remote_profile'], $config['default_remote_group']);
|
|
|
|
return $login;
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
}
|
2010-08-10 10:58:03 +02:00
|
|
|
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks if a user is administrator.
|
|
|
|
*
|
|
|
|
* @param string User id.
|
|
|
|
*
|
|
|
|
* @return bool True is the user is admin
|
|
|
|
*/
|
|
|
|
function is_user_admin ($id_user) {
|
2009-11-27 Sancho lerena <slerena@artica.es>
* operation/menu.php: User section has no ACL check, always can be seen.
* index.php: Added suppor for user-defined custom language (this code was
on my disk for 3 months, pending to be commited!).
* include/functions_db.php,
* include/functions_agents.php,
* godmode/alerts/alert_list.php,
* godmode/agentes/modificar_agente.php,
* godmode/agentes/configurar_agente.php: Added audit calls to several
management operations who don't have or have insufficient audit info.
* godmode/users/configure_user.php: Fixed several annoyings bugs. Added
custom language support, and added more audit info on management operations.
* godmode/users/user_list.php: More audit info.
* include/config_process.php: Add new debug option to render error log to
/pandora_console.log. Also set timezone if not defined (this makes warnings
on several PHP 5.x setups). Added user custom language support.
* include/functions_events.php: More audit info. Fixed problems with HTML
encoding render.
* functions_io.php: Some cleaning.
* include/functions_messages.php: Fixed problems with HTML
encoding render.
* functions_ui.php: Fixed problems with HTML encoding render in
print_string_substr() function.
* auth/mysql.php: is_user_admin() functions seems to be broken ¿?¿!. Fixed.
* styles/pandora.css: removed green colored left border in default style.
* message.php, incident*: Fixed problems with HTML encoding render.
* user.php: Better ACL check before let user to view/edit another user.
* user_edit: Removed some un-used form fields, some arrangements in layout,
and FIXED forever problems with password change (new code written).
* users/user_statistics.php: Now user can see its own audit records.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2139 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-11-27 21:02:12 +01:00
|
|
|
/* This code below was here, but I don't understand WHY. This always returns TRUE ¿?¿?
|
|
|
|
|
2009-03-12 10:20:49 +01:00
|
|
|
static $is_admin = -1;
|
|
|
|
|
|
|
|
if ($is_admin !== -1)
|
|
|
|
return $is_admin;
|
2009-11-27 Sancho lerena <slerena@artica.es>
* operation/menu.php: User section has no ACL check, always can be seen.
* index.php: Added suppor for user-defined custom language (this code was
on my disk for 3 months, pending to be commited!).
* include/functions_db.php,
* include/functions_agents.php,
* godmode/alerts/alert_list.php,
* godmode/agentes/modificar_agente.php,
* godmode/agentes/configurar_agente.php: Added audit calls to several
management operations who don't have or have insufficient audit info.
* godmode/users/configure_user.php: Fixed several annoyings bugs. Added
custom language support, and added more audit info on management operations.
* godmode/users/user_list.php: More audit info.
* include/config_process.php: Add new debug option to render error log to
/pandora_console.log. Also set timezone if not defined (this makes warnings
on several PHP 5.x setups). Added user custom language support.
* include/functions_events.php: More audit info. Fixed problems with HTML
encoding render.
* functions_io.php: Some cleaning.
* include/functions_messages.php: Fixed problems with HTML
encoding render.
* functions_ui.php: Fixed problems with HTML encoding render in
print_string_substr() function.
* auth/mysql.php: is_user_admin() functions seems to be broken ¿?¿!. Fixed.
* styles/pandora.css: removed green colored left border in default style.
* message.php, incident*: Fixed problems with HTML encoding render.
* user.php: Better ACL check before let user to view/edit another user.
* user_edit: Removed some un-used form fields, some arrangements in layout,
and FIXED forever problems with password change (new code written).
* users/user_statistics.php: Now user can see its own audit records.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2139 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-11-27 21:02:12 +01:00
|
|
|
*/
|
|
|
|
|
2009-03-12 10:20:49 +01:00
|
|
|
$is_admin = (bool) get_db_value ('is_admin', 'tusuario', 'id_user', $id_user);
|
|
|
|
return $is_admin;
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
}
|
|
|
|
|
2009-02-24 12:20:34 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the user id field on a mixed structure.
|
|
|
|
*
|
|
|
|
* This function is needed to make auth system more compatible and independant.
|
|
|
|
*
|
|
|
|
* @param mixed User structure to get id. It might be a row returned from
|
|
|
|
* tusuario or tusuario_perfil. If it's not a row, the int value is returned.
|
|
|
|
*
|
|
|
|
* @return int User id of the mixed parameter.
|
|
|
|
*/
|
|
|
|
function get_user_id ($user) {
|
|
|
|
if (is_array ($user)){
|
|
|
|
if (isset ($user['id_user']))
|
2009-03-25 11:54:45 +01:00
|
|
|
return $user['id_user'];
|
2009-02-24 12:20:34 +01:00
|
|
|
elseif (isset ($user['id_usuario']))
|
2009-03-25 11:54:45 +01:00
|
|
|
return $user['id_usuario'];
|
2009-02-24 12:20:34 +01:00
|
|
|
else
|
|
|
|
return false;
|
|
|
|
} else {
|
2009-03-25 11:54:45 +01:00
|
|
|
return $user;
|
2009-02-24 12:20:34 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
/**
|
|
|
|
* Check is a user exists in the system
|
|
|
|
*
|
2009-02-24 12:20:34 +01:00
|
|
|
* @param mixed User id.
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
*
|
|
|
|
* @return bool True if the user exists.
|
|
|
|
*/
|
2009-02-24 12:20:34 +01:00
|
|
|
function is_user ($user) {
|
|
|
|
$user = get_db_row ('tusuario', 'id_user', get_user_id ($user));
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
if (! $user)
|
|
|
|
return false;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Gets the users real name
|
|
|
|
*
|
2009-02-24 12:20:34 +01:00
|
|
|
* @param mixed User id.
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
*
|
|
|
|
* @return string The users full name
|
|
|
|
*/
|
2009-02-24 12:20:34 +01:00
|
|
|
function get_user_fullname ($user) {
|
|
|
|
return (string) get_db_value ('fullname', 'tusuario', 'id_user', get_user_id ($user));
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Gets the users email
|
|
|
|
*
|
2009-02-24 12:20:34 +01:00
|
|
|
* @param mixed User id.
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
*
|
|
|
|
* @return string The users email address
|
|
|
|
*/
|
2009-02-24 12:20:34 +01:00
|
|
|
function get_user_email ($user) {
|
|
|
|
return (string) get_db_value ('email', 'tusuario', 'id_user', get_user_id ($user));
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Gets a Users info
|
|
|
|
*
|
2009-02-24 12:20:34 +01:00
|
|
|
* @param mixed User id
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
*
|
|
|
|
* @return mixed An array of users
|
|
|
|
*/
|
2009-02-24 12:20:34 +01:00
|
|
|
function get_user_info ($user) {
|
|
|
|
return get_db_row ("tusuario", "id_user", get_user_id ($user));
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get a list of all users in an array [username] => array (userinfo)
|
|
|
|
* We can't simplify this because some auth schemes (like LDAP) automatically (or it's at least cheaper to) return all the information
|
|
|
|
* Functions like get_user_info allow selection of specifics (in functions_db)
|
|
|
|
*
|
2009-01-22 18:44:33 +01:00
|
|
|
* @param string Field to order by (id_user, fullname or registered)
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
*
|
|
|
|
* @return array An array of user information
|
|
|
|
*/
|
2010-06-23 11:15:45 +02:00
|
|
|
function get_users ($order = "fullname", $filter = false, $fields = false) {
|
2010-07-19 10:55:29 +02:00
|
|
|
if (is_array($order)) {
|
|
|
|
$filter['order'] = $order['field'] . ' ' . $order['order'];
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
switch ($order) {
|
|
|
|
case "registered":
|
|
|
|
case "last_connect":
|
|
|
|
case "fullname":
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
$order = "fullname";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
$filter['order'] = $order." ASC";
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
}
|
2010-06-23 11:15:45 +02:00
|
|
|
|
|
|
|
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
$output = array();
|
|
|
|
|
2010-06-23 11:15:45 +02:00
|
|
|
$result = get_db_all_rows_filter ("tusuario", $filter, $fields);
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
if ($result !== false) {
|
|
|
|
foreach ($result as $row) {
|
2009-01-22 18:44:33 +01:00
|
|
|
$output[$row["id_user"]] = $row;
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return $output;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Sets the last login for a user
|
|
|
|
*
|
|
|
|
* @param string User id
|
|
|
|
*/
|
2009-01-22 18:44:33 +01:00
|
|
|
function process_user_contact ($id_user) {
|
2009-03-27 12:33:11 +01:00
|
|
|
return process_sql_update ("tusuario",
|
|
|
|
array ("last_connect" => get_system_time ()),
|
|
|
|
array ("id_user" => $id_user));
|
2009-01-22 18:44:33 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Create a new user
|
|
|
|
*
|
|
|
|
* @return bool false
|
|
|
|
*/
|
|
|
|
function create_user ($id_user, $password, $user_info) {
|
2009-02-24 12:20:34 +01:00
|
|
|
$values = $user_info;
|
2009-01-22 18:44:33 +01:00
|
|
|
$values["id_user"] = $id_user;
|
|
|
|
$values["password"] = md5 ($password);
|
|
|
|
$values["last_connect"] = 0;
|
|
|
|
$values["registered"] = get_system_time ();
|
|
|
|
|
2009-03-27 12:33:11 +01:00
|
|
|
return (@process_sql_insert ("tusuario", $values)) !== false;
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Deletes the user
|
|
|
|
*
|
|
|
|
* @param string User id
|
|
|
|
*/
|
|
|
|
function delete_user ($id_user) {
|
2009-01-22 18:44:33 +01:00
|
|
|
$sql = "DELETE FROM tusuario_perfil WHERE id_usuario = '".$id_user."'";
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
$result = process_sql ($sql);
|
|
|
|
if ($result === false) {
|
|
|
|
return false;
|
|
|
|
}
|
2009-01-22 18:44:33 +01:00
|
|
|
$sql = "DELETE FROM tusuario WHERE id_user = '".$id_user."'";
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
$result = process_sql ($sql);
|
|
|
|
if ($result === false) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2009-08-24 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_menu.php, include/functions_html.php,
include/functions_events.php, include/functions_messages.php,
include/functions_modules.php, include/functions_exportserver.php,
include/functions_reporting.php, include/functions_filemanager.php,
include/pchart_graph.php, include/pandora_graph.php, include/auth/ldap.php,
include/auth/mysql.php, include/config.inc.php,
include/functions_networkmap.php, include/functions_servers.php,
include/functions_network_profiles.php, include/gettext.php,
include/functions_network_components.php, include/functions_visual_map.php,
include/fgraph2.php, include/Image/image_functions.php,
include/functions_config.php, include/config_process.php,
include/functions_ui.php, include/htmlawed.php,
include/functions_custom_graphs.php, include/fgraph.php,
include/functions_incidents.php, include/functions.php,
include/functions_agents.php, include/functions_db.php,
include/functions_themes.php, include/streams.php,
include/functions_fsgraph.php, include/functions_alerts.php,
include/functions_reports.php, include/functions_extensions.php,
include/functions_ui_renders.php: change or add the subpackage in phpdoc
comment blocks for to organize more the result phpdoc files. Start to
document undocument functions.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1882 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-08-26 17:37:47 +02:00
|
|
|
/**
|
|
|
|
* Update the password in MD5 for user pass as id_user with
|
|
|
|
* password in plain text.
|
|
|
|
*
|
|
|
|
* @param string user User ID
|
|
|
|
* @param string password Password in plain text.
|
|
|
|
*
|
|
|
|
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
|
|
|
|
*/
|
2009-03-26 Esteban Sanchez <estebans@artica.es>
* godmode/users/configure_user.php: Complete rewritten to fix minor
errors and fit the Pandora style.
* include/auth/ldap.php: Removed process_user_isadmin(). Renamed
process_user_password() to update_user_password(). Renamed
process_user_info to update_user(). update_user_password() does not
require old password anymore.
* include/functions_db.php: Added empty checks on
create_user_profile().
* include/functions_ui.php: print_error_message() renamed to
print_result_message().
* godmode/agentes/configurar_agente.php,
godmode/alerts/alert_actions.php, godmode/alerts/alert_commands.php,
godmode/alerts/alert_compounds.php, godmode/alerts/alert_list.php,
godmode/alerts/alert_templates.php,
godmode/alerts/configure_alert_template.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/reporting/map_builder_wizard.php,
godmode/reporting/reporting_builder.php,
operation/agentes/alerts_status.php, operation/events/events.php,
operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/messages/message.php, operation/snmpconsole/snmp_view.php,
operation/users/user_edit.php: Renamed print_result_message(). Some
translatable strings reused to simplify i18n work.
* godmode/users/user_list.php: Renamed print_result_message(). Use
cross.png for deletion links. Style corrections.
* godmode/setup/news.php: Renamed print_result_message(). Use
process_sql_delete() instead of direct mysql_query.
* godmode/reporting/map_builder.php: Renamed print_result_message().
Style correction on process_sql_update().
* godmode/alerts/configure_alert_compound.php: Renamed
print_result_message(). Fixed steps_clean div.
* godmode/setup/setup.php: Return control to index instead of exit.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1567 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-03-26 12:14:49 +01:00
|
|
|
function update_user_password ($user, $password_new) {
|
|
|
|
return process_sql_update ('tusuario',
|
|
|
|
array ('password' => md5 ($password_new)),
|
|
|
|
array ('id_user' => $user));
|
2009-01-22 18:44:33 +01:00
|
|
|
}
|
|
|
|
|
2009-08-24 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_menu.php, include/functions_html.php,
include/functions_events.php, include/functions_messages.php,
include/functions_modules.php, include/functions_exportserver.php,
include/functions_reporting.php, include/functions_filemanager.php,
include/pchart_graph.php, include/pandora_graph.php, include/auth/ldap.php,
include/auth/mysql.php, include/config.inc.php,
include/functions_networkmap.php, include/functions_servers.php,
include/functions_network_profiles.php, include/gettext.php,
include/functions_network_components.php, include/functions_visual_map.php,
include/fgraph2.php, include/Image/image_functions.php,
include/functions_config.php, include/config_process.php,
include/functions_ui.php, include/htmlawed.php,
include/functions_custom_graphs.php, include/fgraph.php,
include/functions_incidents.php, include/functions.php,
include/functions_agents.php, include/functions_db.php,
include/functions_themes.php, include/streams.php,
include/functions_fsgraph.php, include/functions_alerts.php,
include/functions_reports.php, include/functions_extensions.php,
include/functions_ui_renders.php: change or add the subpackage in phpdoc
comment blocks for to organize more the result phpdoc files. Start to
document undocument functions.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1882 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-08-26 17:37:47 +02:00
|
|
|
/**
|
|
|
|
* Update the data of a user that user is choose with
|
|
|
|
* id_user.
|
|
|
|
*
|
|
|
|
* @param string user User ID
|
|
|
|
* @param array values Associative array with index as name of field and content.
|
|
|
|
*
|
|
|
|
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
|
|
|
|
*/
|
2009-03-26 Esteban Sanchez <estebans@artica.es>
* godmode/users/configure_user.php: Complete rewritten to fix minor
errors and fit the Pandora style.
* include/auth/ldap.php: Removed process_user_isadmin(). Renamed
process_user_password() to update_user_password(). Renamed
process_user_info to update_user(). update_user_password() does not
require old password anymore.
* include/functions_db.php: Added empty checks on
create_user_profile().
* include/functions_ui.php: print_error_message() renamed to
print_result_message().
* godmode/agentes/configurar_agente.php,
godmode/alerts/alert_actions.php, godmode/alerts/alert_commands.php,
godmode/alerts/alert_compounds.php, godmode/alerts/alert_list.php,
godmode/alerts/alert_templates.php,
godmode/alerts/configure_alert_template.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/reporting/map_builder_wizard.php,
godmode/reporting/reporting_builder.php,
operation/agentes/alerts_status.php, operation/events/events.php,
operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/messages/message.php, operation/snmpconsole/snmp_view.php,
operation/users/user_edit.php: Renamed print_result_message(). Some
translatable strings reused to simplify i18n work.
* godmode/users/user_list.php: Renamed print_result_message(). Use
cross.png for deletion links. Style corrections.
* godmode/setup/news.php: Renamed print_result_message(). Use
process_sql_delete() instead of direct mysql_query.
* godmode/reporting/map_builder.php: Renamed print_result_message().
Style correction on process_sql_update().
* godmode/alerts/configure_alert_compound.php: Renamed
print_result_message(). Fixed steps_clean div.
* godmode/setup/setup.php: Return control to index instead of exit.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1567 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-03-26 12:14:49 +01:00
|
|
|
function update_user ($id_user, $values) {
|
|
|
|
if (! is_array ($values))
|
|
|
|
return false;
|
|
|
|
|
2009-01-22 18:44:33 +01:00
|
|
|
return process_sql_update ("tusuario", $values, array ("id_user" => $id_user));
|
|
|
|
}
|
|
|
|
|
2010-08-10 10:58:03 +02:00
|
|
|
/**
|
|
|
|
* Authenticate against an LDAP server.
|
|
|
|
*
|
|
|
|
* @param string User login
|
|
|
|
* @param string User password (plain text)
|
|
|
|
*
|
|
|
|
* @return bool True if the login is correct, false in other case
|
|
|
|
*/
|
|
|
|
function ldap_process_user_login ($login, $password) {
|
|
|
|
global $config;
|
|
|
|
|
|
|
|
if (! function_exists ("ldap_connect")) {
|
|
|
|
$config["auth_error"] = 'Your installation of PHP does not support LDAP';
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Connect to the LDAP server
|
|
|
|
$ds = @ldap_connect ($config["ldap_server"], $config["ldap_port"]);
|
|
|
|
if (!$ds) {
|
|
|
|
$config["auth_error"] = 'Error connecting to LDAP server';
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Set the LDAP version
|
|
|
|
ldap_set_option ($ds, LDAP_OPT_PROTOCOL_VERSION, $config["ldap_version"]);
|
|
|
|
|
|
|
|
if ($config["ldap_start_tls"]) {
|
|
|
|
if (!@ldap_start_tls ($ds)) {
|
|
|
|
$config["auth_error"] = 'Could not start TLS for LDAP connection';
|
|
|
|
@ldap_close ($ds);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!@ldap_bind ($ds, $config["ldap_login_attr"]."=".$login.",".$config["ldap_base_dn"], $password)) {
|
|
|
|
$config["auth_error"] = 'User not found in database or incorrect password';
|
|
|
|
@ldap_close ($ds);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
@ldap_close ($ds);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2009-01-22 18:44:33 +01:00
|
|
|
//Reference the global use authorization error to last auth error.
|
2009-01-20 Evi Vanoost <vanooste@rcbi.rochester.edu>
* ajax.php, include/config.inc.php, include/config_process.php,
include/functions.php, include/functions_db.php,
include/functions_ui.php, index.php, install.php,
operation/users/user.php, operation/users/user_edit.php,
reporting/fgraph.php: Added pluggable authentication and moved functions
* general/login_page.php, general/logon_ok.php,
godmode/agentes/modificar_agente.php,
godmode/users/configure_users.php, godmode/users/user_list.php,
operation/agentes/estado_agente.php, operation/incidents/incident.php,
operation/incidents/incident_search.php: Updated functions
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1366 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-01-20 19:21:20 +01:00
|
|
|
$config["auth_error"] = &$mysql_cache["auth_error"];
|
2009-01-22 20:34:11 +01:00
|
|
|
?>
|