From e0dc711c2b2dc4e2ec397d7f53910f11e1ca4ade Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Mon, 02 Sep 2013 04:14:56 -0400
Subject: [PATCH] - Changed previous commit to check for read permissions only on download action
---
interface/web/admin/form/users.tform.php | 122 +++++++++++++++++++++++-----------------
1 files changed, 71 insertions(+), 51 deletions(-)
diff --git a/interface/web/admin/form/users.tform.php b/interface/web/admin/form/users.tform.php
index e9bd287..b6ff5f3 100644
--- a/interface/web/admin/form/users.tform.php
+++ b/interface/web/admin/form/users.tform.php
@@ -16,7 +16,7 @@
may be used to endorse or promote products derived from this software without
specific prior written permission.
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
@@ -34,9 +34,9 @@
Tabellendefinition
Datentypen:
- - INTEGER (Wandelt Ausdr�cke in Int um)
+ - INTEGER (Wandelt Ausdr�cke in Int um)
- DOUBLE
- - CURRENCY (Formatiert Zahlen nach W�hrungsnotation)
+ - CURRENCY (Formatiert Zahlen nach W�hrungsnotation)
- VARCHAR (kein weiterer Format Check)
- TEXT (kein weiterer Format Check)
- DATE (Datumsformat, Timestamp Umwandlung)
@@ -55,77 +55,83 @@
- Wert oder Array
Hinweis:
- Das ID-Feld ist nicht bei den Table Values einzuf�gen.
+ Das ID-Feld ist nicht bei den Table Values einzuf�gen.
*/
-$form["title"] = "Users";
-$form["description"] = "Form to edit systemusers.";
-$form["name"] = "users";
-$form["action"] = "users_edit.php";
-$form["db_table"] = "sys_user";
-$form["db_table_idx"] = "userid";
-$form["tab_default"] = "users";
-$form["list_default"] = "users_list.php";
-$form["auth"] = 'yes';
+$form['title'] = 'Users';
+$form['description'] = 'Form to edit systemusers.';
+$form['name'] = 'users';
+$form['action'] = 'users_edit.php';
+$form['db_table'] = 'sys_user';
+$form['db_table_idx'] = 'userid';
+$form["db_history"] = "no";
+$form['tab_default'] = 'users';
+$form['list_default'] = 'users_list.php';
+$form['auth'] = 'yes';
-$form["auth_preset"]["userid"] = 0; // 0 = id of the user, > 0 id must match with id of current user
-$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
-$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
-$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
-$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete
+//* 0 = id of the user, > 0 id must match with id of current user
+$form['auth_preset']['userid'] = 0;
+//* 0 = default groupid of the user, > 0 id must match with groupid of current user
+$form['auth_preset']['groupid'] = 0;
-// lese Module aus
+//** Permissions are: r = read, i = insert, u = update, d = delete
+$form['auth_preset']['perm_user'] = 'riud';
+$form['auth_preset']['perm_group'] = 'riud';
+$form['auth_preset']['perm_other'] = '';
+
+//* Pick out modules
$modules_list = array();
-$handle = @opendir($conf["rootpath"]."/web");
+$handle = @opendir(ISPC_WEB_PATH);
while ($file = @readdir ($handle)) {
- if ($file != "." && $file != "..") {
- if(@is_dir($conf["rootpath"]."/web/".$file)) {
- if(is_file($conf["rootpath"]."/web/".$file."/lib/module.conf.php") and $file != 'login') {
+ if ($file != '.' && $file != '..') {
+ if(@is_dir(ISPC_WEB_PATH."/$file")) {
+ if(is_file(ISPC_WEB_PATH."/$file/lib/module.conf.php") and $file != 'login' && $file != 'designer' && $file != 'mailuser') {
$modules_list[$file] = $file;
}
}
}
}
-// lese Themes aus
+//* Load themes
$themes_list = array();
-$handle = @opendir($conf["rootpath"]."/web/themes");
+$handle = @opendir(ISPC_THEMES_PATH);
while ($file = @readdir ($handle)) {
- if (substr($file,0,1) != '.') {
- if(@is_dir($conf["rootpath"]."/web/themes/".$file)) {
- $themes_list[$file] = $file;
+ if (substr($file, 0, 1) != '.') {
+ if(@is_dir(ISPC_THEMES_PATH."/$file")) {
+ if(!file_exists(ISPC_THEMES_PATH."/$file/ispconfig_version") || (@file_exists(ISPC_THEMES_PATH."/$file/ispconfig_version") && trim(@file_get_contents(ISPC_THEMES_PATH."/$file/ispconfig_version")) == ISPC_APP_VERSION)) {
+ $themes_list[$file] = $file;
+ }
}
}
}
-// lese verf�gbare Sprachen aus
+//* Languages
$language_list = array();
-$handle = @opendir($conf["rootpath"]."/lib/lang");
+$handle = @opendir(ISPC_ROOT_PATH.'/lib/lang');
while ($file = @readdir ($handle)) {
- if ($file != "." && $file != "..") {
- if(@is_file($conf["rootpath"]."/lib/lang/".$file) and substr($file,-4,4) == '.lng') {
- $tmp = substr($file,0,2);
+ if ($file != '.' && $file != '..') {
+ if(@is_file(ISPC_ROOT_PATH.'/lib/lang/'.$file) and substr($file,-4,4) == '.lng') {
+ $tmp = substr($file, 0, 2);
$language_list[$tmp] = $tmp;
}
}
}
-// lese verf�gbare Gruppen aus.
+//* Pick out groups
$groups_list = array();
-$tmp_records = $app->db->queryAllRecords("SELECT groupid, name FROM sys_group ORDER BY name");
+$tmp_records = $app->db->queryAllRecords('SELECT groupid, name FROM sys_group ORDER BY name');
if(is_array($tmp_records)) {
foreach($tmp_records as $tmp_rec) {
- $tmp_id = $tmp_rec["groupid"];
- $groups_list[$tmp_id] = $tmp_rec["name"];
+ $groups_list[$tmp_rec['groupid']] = $tmp_rec['name'];
}
}
-$form["tabs"]['users'] = array (
- 'title' => "Users",
+$form['tabs']['users'] = array (
+ 'title' => 'Users',
'width' => 80,
- 'template' => "templates/users_user_edit.htm",
+ 'template' => 'templates/users_user_edit.htm',
'fields' => array (
##################################
# Beginn Datenbankfelder
@@ -133,8 +139,20 @@
'username' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
- 'regex' => '/^.{1,30}$/',
- 'errmsg' => 'username_err',
+ 'validators' => array ( 0 => array ( 'type' => 'NOTEMPTY',
+ 'errmsg'=> 'username_empty'),
+ 1 => array ( 'type' => 'UNIQUE',
+ 'errmsg'=> 'username_unique'),
+ 2 => array ( 'type' => 'REGEX',
+ 'regex' => '/^[\w\.\-\_]{0,64}$/',
+ 'errmsg'=> 'username_err'),
+ 3 => array ( 'type' => 'CUSTOM',
+ 'class' => 'validate_client',
+ 'function' => 'username_collision',
+ 'errmsg'=> 'username_error_collision'),
+ ),
+ 'regex' => '',
+ 'errmsg' => '',
'default' => '',
'value' => '',
'separator' => '',
@@ -146,6 +164,7 @@
'passwort' => array (
'datatype' => 'VARCHAR',
'formtype' => 'PASSWORD',
+ 'encryption' => 'CRYPT',
'regex' => '',
'errmsg' => '',
'default' => '',
@@ -214,7 +233,7 @@
'regex' => '',
'errmsg' => '',
'default' => '',
- 'value' => '1',
+ 'value' => array(0 => 0,1 => 1),
'separator' => '',
'width' => '30',
'maxlength' => '255',
@@ -239,11 +258,11 @@
##################################
)
);
-
-$form["tabs"]['address'] = array (
- 'title' => "Address",
+/*
+$form['tabs']['address'] = array (
+ 'title' => 'Address',
'width' => 80,
- 'template' => "templates/users_address_edit.htm",
+ 'template' => 'templates/users_address_edit.htm',
'fields' => array (
##################################
# Beginn Datenbankfelder
@@ -397,11 +416,12 @@
##################################
)
);
+*/
-$form["tabs"]['groups'] = array (
- 'title' => "Groups",
+$form['tabs']['groups'] = array (
+ 'title' => 'Groups',
'width' => 80,
- 'template' => "templates/users_groups_edit.htm",
+ 'template' => 'templates/users_groups_edit.htm',
'fields' => array (
##################################
# Beginn Datenbankfelder
@@ -412,7 +432,7 @@
'regex' => '',
'errmsg' => '',
'default' => '',
- 'value' => array_merge(array(0=>''),$groups_list),
+ 'value' => $groups_list,
'separator' => ',',
'width' => '30',
'maxlength' => '255',
--
Gitblit v1.9.1