From 9edea9976bd605071e0694a90d704266c0b7e0f9 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 14 Aug 2014 11:30:03 -0400
Subject: [PATCH] - Added warning in the interface when a path for a shelluser is set that is outside of the website docroot. - Added security settings feature to allow the root user of a server to control most aspects of whet the admin user of the controlpanel is allowed to do in system settings. This is especially useful for managed severs where the ispconfig admin user and the root user of the server are different persons.

---
 interface/web/admin/users_list.php |   81 +++++-----------------------------------
 1 files changed, 11 insertions(+), 70 deletions(-)

diff --git a/interface/web/admin/users_list.php b/interface/web/admin/users_list.php
index 5f7fe04..1f83258 100644
--- a/interface/web/admin/users_list.php
+++ b/interface/web/admin/users_list.php
@@ -1,6 +1,7 @@
 <?php
+
 /*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -26,8 +27,9 @@
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
 
 /******************************************
 * Begin Form configuration
@@ -39,73 +41,12 @@
 * End Form configuration
 ******************************************/
 
-// Checke Berechtigungen f�r Modul
-if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
-	header("Location: ../index.php");
-	exit;
-}
+//* Check permissions for module
+$app->auth->check_module_permissions('admin');
 
-$app->uses('tpl,listform');
-
-// Listen Definition laden
-$app->listform->loadListDef($list_def_file);
-
-if(!is_file('templates/'.$app->listform->listDef["name"].'_list.htm')) {
-	$app->uses('listform_tpl_generator');
-	$app->listform_tpl_generator->buildHTML($app->listform->listDef);
-}
-
-$app->tpl->newTemplate("form.tpl.htm");
-$app->tpl->setInclude('content_tpl','templates/'.$app->listform->listDef["name"].'_list.htm');
-
-// SQL f�r Suche generieren
-if($app->listform->listDef["name"] != 'no') {
-	if($_SESSION["s"]["user"]["typ"] == "admin") {
-		$sql_where = "";
-	} else {
-		$sql_where = "userid = ".$_SESSION["s"]["user"]["userid"]." and";
-	}
-}
-
-$sql_where = $app->listform->getSearchSQL($sql_where);
-$app->tpl->setVar($app->listform->searchValues);
-
-// SQL f�r Paging generieren
-$limit_sql = $app->listform->getPagingSQL($sql_where);
-$app->tpl->setVar("paging",$app->listform->pagingHTML);
-
-// hole alle Datens�tze
-$records = $app->db->queryAllRecords("SELECT * FROM ".$app->listform->listDef["table"]." WHERE $sql_where $limit_sql");
-
-$bgcolor = "#FFFFFF";
-
-if(is_array($records)) {
-	$idx_key = $app->listform->listDef["table_idx"]; 
-	foreach($records as $rec) {
-	
-		$rec = $app->listform->decode($rec);
-
-		// Farbwechsel
-		$bgcolor = ($bgcolor == "#FFFFFF")?"#EEEEEE":"#FFFFFF";
-		$rec["bgcolor"] = $bgcolor;
-		
-		// die Variable "id" enth�lt immer die Index variable
-		$rec["id"] = $rec[$idx_key];
-
-		$records_new[] = $rec;
-	}
-}
-
-$app->tpl->setLoop('records',$records_new);
-
-// Language File setzen
-$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$app->listform->listDef['name']."_list.lng";
-include($lng_file);
-$app->tpl->setVar($wb);
-
-$app->tpl_defaults();
-$app->tpl->pparse();
+$app->uses('listform_actions');
+$app->listform_actions->SQLOrderBy = 'ORDER BY sys_user.username';
+$app->listform_actions->onLoad();
 
 
-
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1