From 7536c8e4a052bc889e434da3f6df8ae47faedd3d Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Mon, 25 Aug 2014 11:10:10 -0400
Subject: [PATCH] Updated security README.txt
---
interface/web/sites/templates/database_edit.htm | 216 +++++++++++++++++++++++++++++++++--------------------
1 files changed, 133 insertions(+), 83 deletions(-)
diff --git a/interface/web/sites/templates/database_edit.htm b/interface/web/sites/templates/database_edit.htm
index 000a483..5da53db 100644
--- a/interface/web/sites/templates/database_edit.htm
+++ b/interface/web/sites/templates/database_edit.htm
@@ -1,83 +1,133 @@
-<h2><tmpl_var name="list_head_txt"></h2>
-<p><tmpl_var name="list_desc_txt"></p>
-
-<div class="panel panel_database">
-
- <div class="pnl_formsarea">
- <fieldset class="inlineLabels">
- <tmpl_if name="is_admin">
- <div class="ctrlHolder">
- <label for="server_id">{tmpl_var name='server_id_txt'}</label>
- <select name="server_id" id="server_id" class="selectInput">
- {tmpl_var name='server_id'}
- </select>
- </div>
- <div class="ctrlHolder">
- <label for="client_group_id">{tmpl_var name='client_group_id_txt'}</label>
- <select name="client_group_id" id="client_group_id" class="selectInput">
- {tmpl_var name='client_group_id'}
- </select>
- </div>
- </tmpl_if>
- <tmpl_if name="is_reseller">
- <div class="ctrlHolder">
- <label for="client_group_id">{tmpl_var name='client_group_id_txt'}</label>
- <select name="client_group_id" id="client_group_id" class="selectInput">
- {tmpl_var name='client_group_id'}
- </select>
- </div>
- </tmpl_if>
- <div class="ctrlHolder">
- <label for="type">{tmpl_var name='type_txt'}</label>
- <select name="type" id="type" class="selectInput formLengthHalf">
- {tmpl_var name='type'}
- </select>
- </div>
- <div class="ctrlHolder">
- <label for="database_name">{tmpl_var name='database_name_txt'}</label>
- <div style="float: left;">{tmpl_var name='database_name_prefix'} </div>
- <input name="database_name" id="database_name" value="{tmpl_var name='database_name'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
- </div>
- <div class="ctrlHolder">
- <label for="database_user">{tmpl_var name='database_user_txt'}</label>
- <div style="float: left;">{tmpl_var name='database_user_prefix'} </div>
- <input name="database_user" id="database_user" value="{tmpl_var name='database_user'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
- </div>
- <div class="ctrlHolder">
- <label for="database_password">{tmpl_var name='database_password_txt'}</label>
- <input name="database_password" id="database_password" value="{tmpl_var name='database_password'}" size="30" maxlength="255" type="password" class="textInput formLengthHalf" />
- </div>
- <div class="ctrlHolder">
- <p class="label">{tmpl_var name='password_strength_txt'}</p>
- <div id="passBar"></div>
- <p class="formHint"><span id="passText"> </span></p>
- </div>
- <div class="ctrlHolder">
- <label for="database_charset">{tmpl_var name='database_charset_txt'}</label>
- <select name="database_charset" id="database_charset" class="selectInput formLengthHalf">
- {tmpl_var name='database_charset'}
- </select>
- </div>
- <div class="ctrlHolder">
- <p class="label">{tmpl_var name='remote_access_txt'}</p>
- <div class="multiField">
- {tmpl_var name='remote_access'}
- </div>
- </div>
- <div class="ctrlHolder">
- <p class="label">{tmpl_var name='active_txt'}</p>
- <div class="multiField">
- {tmpl_var name='active'}
- </div>
- </div>
- </fieldset>
-
- <input type="hidden" name="id" value="{tmpl_var name='id'}">
-
- <div class="buttonHolder buttons">
- <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','sites/database_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
- <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('sites/database_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
- </div>
- </div>
-
-</div>
+<h2><tmpl_var name="list_head_txt"></h2>
+<p><tmpl_var name="list_desc_txt"></p>
+
+<div class="panel panel_database">
+
+ <div class="pnl_formsarea">
+ <fieldset class="inlineLabels">
+ <tmpl_if name="is_admin">
+ <div class="ctrlHolder">
+ <tmpl_if name="edit_disabled">
+ <label for="server_id_disabled">{tmpl_var name='server_id_txt'}</label>
+ <select name="server_id_disabled" id="server_id_disabled" class="selectInput" disabled="disabled">
+ {tmpl_var name='server_id'}
+ </select>
+ <input type="hidden" name="server_id" value="{tmpl_var name='server_id_value'}" />
+ <tmpl_else>
+ <label for="server_id">{tmpl_var name='server_id_txt'}</label>
+ <select name="server_id" id="server_id" class="selectInput">
+ {tmpl_var name='server_id'}
+ </select>
+ </tmpl_if>
+ </div>
+ </tmpl_if>
+ <div class="ctrlHolder">
+ <label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
+ <select name="parent_domain_id" id="parent_domain_id" class="selectInput">
+ {tmpl_var name='parent_domain_id'}
+ </select>
+ </div>
+ <div class="ctrlHolder">
+ <label for="type">{tmpl_var name='type_txt'}</label>
+ <select name="type" id="type" class="selectInput formLengthHalf">
+ {tmpl_var name='type'}
+ </select>
+ </div>
+ <div class="ctrlHolder">
+ <label for="database_name">{tmpl_var name='database_name_txt'}</label>
+ <p class="prefix">{tmpl_var name='database_name_prefix'}</p>
+ <tmpl_if name="edit_disabled">
+ <input name="database_name" id="database_name" value="{tmpl_var name='database_name'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" disabled="disabled" />
+ <input name="database_name" type="hidden" value="{tmpl_var name='database_name'}" />
+ <tmpl_else>
+ <input name="database_name" id="database_name" value="{tmpl_var name='database_name'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
+ </tmpl_if>
+ </div>
+ <div class="ctrlHolder">
+ <label for="database_user_id">{tmpl_var name='database_user_txt'}</label>
+ <select name="database_user_id" id="database_user_id" class="selectInput">
+ {tmpl_var name='database_user_id'}
+ </select>
+ </div>
+ <div class="ctrlHolder">
+ <label for="database_ro_user_id">{tmpl_var name='database_ro_user_txt'}</label>
+ <select name="database_ro_user_id" id="database_ro_user_id" class="selectInput">
+ {tmpl_var name='database_ro_user_id'}
+ </select> {tmpl_var name='optional_txt'}
+ </div>
+ <div class="ctrlHolder">
+ <tmpl_if name="edit_disabled">
+ <label for="database_charset_disabled">{tmpl_var name='database_charset_txt'}</label>
+ <select name="database_charset_disabled" id="database_charset_disabled" class="selectInput formLengthHalf" disabled="disabled">
+ {tmpl_var name='database_charset'}
+ </select>
+ <input type="hidden" name="database_charset" value="{tmpl_var name='database_charset_value'}" />
+ <tmpl_else>
+ <label for="database_charset">{tmpl_var name='database_charset_txt'}</label>
+ <select name="database_charset" id="database_charset" class="selectInput formLengthHalf">
+ {tmpl_var name='database_charset'}
+ </select>
+ </tmpl_if>
+ </div>
+ <div class="ctrlHolder">
+ <p class="label">{tmpl_var name='remote_access_txt'}</p>
+ <div class="multiField">
+ {tmpl_var name='remote_access'}
+ </div>
+ </div>
+ <div class="ctrlHolder">
+ <label for="remote_ips">{tmpl_var name='remote_ips_txt'}</label>
+ <input name="remote_ips" id="remote_ips" value="{tmpl_var name='remote_ips'}" size="30" type="text" class="textInput" />
+ </div>
+ <div class="ctrlHolder">
+ <p class="label">{tmpl_var name='active_txt'}</p>
+ <div class="multiField">
+ {tmpl_var name='active'}
+ </div>
+ </div>
+ </fieldset>
+
+ <input type="hidden" name="id" value="{tmpl_var name='id'}">
+
+ <div class="buttonHolder buttons">
+ <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onclick="submitForm('pageForm','sites/database_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
+ <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onclick="loadContent('sites/database_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
+ </div>
+ </div>
+
+</div>
+<script language="JavaScript" type="text/javascript">
+ <tmpl_if name="is_admin">
+ function reloadDatabaseUsers() {
+ var parentDomainId = jQuery('#parent_domain_id').val()
+ jQuery.getJSON('sites/ajax_get_json.php'+ '?' + Math.round(new Date().getTime()), {web_id : parentDomainId, 'type': 'getdatabaseusers'}, function(data) {
+ var options = '<option value=""></option>';
+ $.each(data, function(key, val) {
+ options += '<option value="'+key+'"'+ ($('#database_user_id').val() == key ? ' selected="selected"' : '') +'>'+val+'</option>';
+ });
+ $('#database_user_id').html(options).change();
+
+ options = '<option value=""></option>';
+ $.each(data, function(key, val) {
+ options += '<option value="'+key+'"'+ ($('#database_ro_user_id').val() == key ? ' selected="selected"' : '') +'>'+val+'</option>';
+ });
+ $('#database_ro_user_id').html(options).change();
+ });
+ }
+ jQuery('#parent_domain_id').change(function() { reloadDatabaseUsers(); });
+ reloadDatabaseUsers();
+ </tmpl_if>
+ jQuery('#remote_ips').ispconfigSearch({
+ dataSrc: '/sites/ajax_get_json.php?type=get_ipv4',
+ resultsLimit: '$ <tmpl_var name="globalsearch_resultslimit_of_txt"> % <tmpl_var name="globalsearch_resultslimit_results_txt">',
+ ResultsTextPrefix: '<tmpl_var name="globalsearch_suggestions_text_txt">',
+ noResultsText: '<tmpl_var name="globalsearch_noresults_text_txt">',
+ noResultsLimit: '<tmpl_var name="globalsearch_noresults_limit_txt">',
+ minChars: 0,
+ cssPrefix: 'df-',
+ fillSearchField: true,
+ fillSearchFieldWith: 'fill_text',
+ searchFieldWatermark: '',
+ resultBoxPosition: 'e'
+ });
+</script>
\ No newline at end of file
--
Gitblit v1.9.1