add_modify_user.php 23.6 KB
Newer Older
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
1
2
3
4
<?php
/*
#########################################
#
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
5
# Copyright (C) 2017 EyesOfNetwork Team
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
6
# DEV NAME : Quentin HOARAU
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
7
# VERSION : 5.2
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# APPLICATION : eonweb for eyesofnetwork project
#
# LICENCE :
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
#########################################
*/

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
23
24
include("../../header.php");
include("../../side.php");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
25

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
26
?>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
27

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
28
<div id="page-wrapper">
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
29

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
30
	<?php
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
31
		/********************************************************
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
32
		*		FUNCTIONS DECLARATIONS			                *
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
33
34
35
36
37
38
		********************************************************/

		// Retrieve Group Information
		function retrieve_user_info($user_id)
		{
			global $database_eonweb;
Julien1498's avatar
Julien1498 committed
39
			return sqlrequest("$database_eonweb","SELECT user_name, user_descr, group_id, user_passwd, user_type, user_location, user_limitation, user_language, theme FROM users WHERE user_id='$user_id'");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
40
41
		}

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
		// Display user language selection  
		function GetUserLang() {

			global $database_eonweb;
			global $user_id;
			global $path_languages;

			// definition of variables and Research language files
			$path_label_lang = "label.admin_user.user_lang_"; 
			$files = array('en');
			$handler = opendir($path_languages);

			while ($file = readdir($handler)) {
				if(preg_match('#messages-(.+).json#', $file, $matches)){
					$files[] = $matches[1];
				}
			}

			closedir($handler);
			$files = array_filter($files);
			array_unshift($files,"0");
			$files = array_unique($files);

			// creation of a select and catch values
			$langtmp = mysqli_result(sqlrequest("$database_eonweb","SELECT user_language FROM users WHERE user_id='".$user_id."'"),0);
			$res = '<select class="form-control" name="user_language">';
			foreach($files as $v) {
				if($v == $langtmp){
					$res.="<option value='".$v."' selected=selected>".getLabel($path_label_lang.$v)."</option>";
				}
				else{
					$res.="<option value='".$v."'>".getLabel($path_label_lang.$v)."</option>";
				}
			}
			$res .= '</select>';

			return $res;
		}
Julien1498's avatar
Julien1498 committed
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

		// Display theme  
		function GetThemeList() {

			global $database_eonweb;
			global $user_id;

			// creation of a select and catch values
			$conn = connexionDB($database_eonweb);
			$sql = $conn->prepare("SELECT `theme` FROM users WHERE user_id = :userId");
			$sql->bindParam("userId", $user_id);
			$sql->execute();
			$result = $sql->fetch();
			$conn = null;
			$sql = null;

			$dir = "/srv/eyesofnetwork/eonweb/themes/";
			$listTheme = scandir($dir);
			$res = '<select class="form-control" name="theme">';
			foreach($listTheme as $value) {
100
101
102
103
104
105
106
107
108
109
110
				if(is_dir($dir . $value)) {
					if($value != "." && $value != "..") {
						if($value == $result["theme"]){
							$res.="<option value='".$value."' selected=selected>".$value."</option>";
						}
						else if($value == "Default" && $result["theme"] == NULL){
							$res.="<option value='".$value."' id='aa' selected=selected>".$value."</option>";
						}
						else{
							$res.="<option value='".$value."'>".$value."</option>";
						}
Julien1498's avatar
Julien1498 committed
111
112
113
114
115
116
117
					}
				}
			}
			$res .= '</select>';

			return $res;
		}
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
118
		
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
119
120
121
		//--------------------------------------------------------

		// Update User Information & Right
Julien1498's avatar
Julien1498 committed
122
		function update_user($user_id, $user_name, $user_descr, $user_group, $user_password1, $user_password2 ,$user_type, $user_location, $user_mail, $user_limitation, $old_group_id, $old_name, $create_user_in_nagvis, $create_user_in_cacti, $nagvis_role_id, $user_language, $theme)
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
123
		{
124
125
126
127
128
			global $database_host;
			global $database_cacti;
			global $database_username;
			global $database_password;

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
			global $database_eonweb;
			global $database_lilac;
			global $path_eonweb;
			global $dir_imgcache;

			// Check if user exist
			if($user_name!=$old_name)	
				$user_exist=mysqli_result(sqlrequest("$database_eonweb","SELECT count('user_name') from users where user_name='$user_name';"),0);
			else
				$user_exist=0;

			// Check user_descr
			if($user_descr=="")
				$user_descr=$user_name;

			if (($user_name != "") && ($user_name != null) && ($user_id != null) && ($user_id != "") && ($user_exist == 0)) {
				if (($user_password1 != "") && ($user_password1 != null) && ($user_password1 == $user_password2)) {

					$eonweb_groupname=mysqli_result(sqlrequest("$database_eonweb","SELECT group_name FROM groups WHERE group_id='$user_group'"),0,"group_name");			
					$eonweb_oldgroupname=mysqli_result(sqlrequest("$database_eonweb","SELECT group_name FROM groups WHERE group_id='$old_group_id'"),0,"group_name");			
					if ($user_password1 != "abcdefghijklmnopqrstuvwxyz") {
						$passwd_temp = md5($user_password1);
						// Update into eonweb
Julien1498's avatar
Julien1498 committed
152
						sqlrequest("$database_eonweb","UPDATE users set user_name='$user_name', user_descr='$user_descr',group_id='$user_group',user_passwd='$passwd_temp',user_type='$user_type',user_location='$user_location',user_limitation='$user_limitation',user_language='$user_language', theme='$theme' WHERE user_id ='$user_id'");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
153
154
155
					}
					else {
						// Update into eonweb
Julien1498's avatar
Julien1498 committed
156
						sqlrequest("$database_eonweb","UPDATE users set user_name='$user_name', user_descr='$user_descr',group_id='$user_group',user_type='$user_type',user_location='$user_location',user_limitation='$user_limitation',user_language='$user_language', theme='$theme' WHERE user_id ='$user_id'");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
157
158
159
160
161
162
					}
			
					// Update into lilac
					$lilac_userid=mysqli_result(sqlrequest("$database_lilac","SELECT id FROM nagios_contact WHERE name='$old_name'"),0,"id");
					$lilac_groupid=mysqli_result(sqlrequest("$database_lilac","SELECT id FROM nagios_contact_group WHERE name='$eonweb_groupname'"),0,"id");
					$lilac_oldgroupid=mysqli_result(sqlrequest("$database_lilac","SELECT id FROM nagios_contact_group WHERE name='$eonweb_oldgroupname'"),0,"id");
163
164
165
166
167
168
169
170
171
					
					require_once('/srv/eyesofnetwork/lilac/includes/config.inc');
					$nc = NagiosContactPeer::getByName($old_name);
					if($nc){
						$nc->setName($user_name);
						$nc->setAlias($user_descr);
						$nc->setEmail($user_mail);
						$nc->save();
					}
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
172
173
174
175
176
177

					sqlrequest("$database_lilac","DELETE from nagios_contact_group_member WHERE contact='$lilac_userid' and contactgroup='$lilac_groupid'");
					sqlrequest("$database_lilac","DELETE from nagios_contact_group_member WHERE contact='$lilac_userid' and contactgroup='$lilac_oldgroupid'");
					if($lilac_groupid!="" and $lilac_userid!="" and $user_limitation!="1")
						sqlrequest("$database_lilac","INSERT into nagios_contact_group_member (contactgroup,contact) values('$lilac_groupid','$lilac_userid')");

178
					
179
					
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
					// update user into nagvis :
					$bdd = new PDO('sqlite:/srv/eyesofnetwork/nagvis/etc/auth.db');
					$req = $bdd->query("SELECT userId, name FROM users WHERE name='".$_POST["user_name_old"]."'");
                    $nagvis_user_exist = $req->fetch();

                    // this is nagvis default salt for password encryption security
					$nagvis_salt = '29d58ead6a65f5c00342ae03cdc6d26565e20954';

					if($nagvis_user_exist["userId"] > 0){
						// update in nagvis
						if($create_user_in_nagvis=="yes"){
							$nagvis_id = $nagvis_user_exist["userId"];
							$bdd->exec("UPDATE users SET name = '$user_name', password = '".sha1($nagvis_salt.$passwd_temp)."' WHERE userId = $nagvis_id");
							$bdd->exec("UPDATE users2roles SET roleId = $nagvis_role_id WHERE userId = $nagvis_id");
						} else { // delete in nagvis
							$bdd->exec("DELETE FROM users WHERE userId = ".$nagvis_user_exist["userId"]);
							$bdd->exec("DELETE FROM users2roles WHERE userId = ".$nagvis_user_exist["userId"]);
						}
					} else{ // no user found in nagvis, so if checkbox is checked, we create
						if($create_user_in_nagvis=="yes"){
							$bdd->exec("INSERT INTO users (name, password) VALUES ('$user_name', '".sha1($nagvis_salt.$passwd_temp)."')");
							$nagvis_id = $bdd->lastInsertId();
202
							$bdd->exec("INSERT INTO users2roles (userId, roleId) VALUES ('$nagvis_id', $nagvis_role_id)");
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
						}
					}

                     // Update user into cacti
                    $bdd = new PDO('mysql:host='.$database_host.';dbname='.$database_cacti, $database_username, $database_password);
                    $req = $bdd->query("SELECT id FROM user_auth WHERE username='".$_POST["user_name_old"]."'");
                    $cacti_user_exist = $req->fetch();

                    if($cacti_user_exist["id"] > 0){
                    	$cacti_id = $cacti_user_exist["id"];
                    	if($create_user_in_cacti == "yes"){
                    		$bdd->exec("UPDATE user_auth SET username = '$user_name' WHERE id = $cacti_id");
                    	} else {
                    		$bdd->exec("DELETE FROM user_auth WHERE id = $cacti_id");
                    	}
                    } else {
                    	if($create_user_in_cacti == "yes"){
        					$bdd->exec("INSERT INTO user_auth (username,realm,full_name,show_tree,show_list,show_preview,graph_settings,login_opts,policy_graphs,policy_trees,policy_hosts,policy_graph_templates,enabled) VALUES ('$user_name',2,'$user_descr','on','on','on','on',3,2,2,2,2,'on')");
                    	}
                    }
					
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
224
225
226
227
228
					// logging action
					logging("admin_user","UPDATE : $user_id $user_name $user_descr $user_limitation $user_group $user_type $user_location");

					// renaming files
					if($user_name!=$old_name){
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
229
230
						if(file_exists("$path_eonweb/$dir_imgcache/".strtolower($old_name)."-ged.xml"))
							rename("$path_eonweb/$dir_imgcache/".strtolower($old_name)."-ged.xml","$path_eonweb/$dir_imgcache/".strtolower($user_name)."-ged.xml");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
					}
					message(8," : User updated",'ok');
					}
					else
						message(8," : Passwords do not match or are empty",'warning');
			}
			elseif($user_exist != 0 && $user_name!=$old_name)
				message(8," : User $user_name already exists",'warning');
			else
				message(8," : User name can not be empty",'warning');
		}

		/********************************************************
		*		END OF FUNCTIONS DECLARATIONS		*
		********************************************************/


		// Global parameter
		global $database_eonweb;
		global $database_lilac;
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
251

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
		// Get parameter
		$user_change_passord = retrieve_form_data("user_change_passord",null);
		$user_id = retrieve_form_data("user_id",null);

		// Secure the change password
		if (($user_change_passord != null) && ($user_id != $_COOKIE['user_id']))
			message(0,"No Access Right","critical");

		$user_location = retrieve_form_data("user_location","");
		$user_location = ldap_escape($user_location);
		$user_mail = retrieve_form_data("user_mail","");
		$user_descr = retrieve_form_data("user_descr","");
		$user_descr = htmlspecialchars($user_descr, ENT_QUOTES);
		$user_group = retrieve_form_data("user_group","");
		$user_type = retrieve_form_data("user_type","");
		$user_limitation = retrieve_form_data("user_limitation","");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
268
		$user_language = retrieve_form_data("user_language","");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
269
270
		$old_group_id = mysqli_result(sqlrequest($database_eonweb,"select group_id from users where user_id='$user_id'"),0,"group_id");
		$old_name = retrieve_form_data("user_name_old","");
Julien1498's avatar
Julien1498 committed
271
		$theme = retrieve_form_data("theme","");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
272

273
274
275
276
		$create_user_in_nagvis = retrieve_form_data("create_user_in_nagvis","");
		$nagvis_role_id = retrieve_form_data("nagvis_group","");
		$create_user_in_cacti = retrieve_form_data("create_user_in_cacti","");

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
		if($user_type=="1"){
			$result = sqlrequest($database_eonweb,"select login from ldap_users_extended where dn='$user_location'");
			$username = mysqli_result($result,0,"login");
			$user_name = strtolower($username);
			//message(8,"User location1: $user_location",'ok');	// For debug pupose, to be removed
			//message(8,"User name1: $user_name",'ok');		// For debug pupose, to be removed
			$user_password1 = "abcdefghijklmnopqrstuvwxyz";
			$user_password2 = "abcdefghijklmnopqrstuvwxyz";		
		}
		else{
			$user_name = retrieve_form_data("user_name",null);
			$user_password1 = retrieve_form_data("user_password1","");
			$user_password2 = retrieve_form_data("user_password2","");
		}

		if ($user_id == null) 
		{
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
294
295
296
297
298
			echo '<div class="row">
					<div class="col-lg-12">
						<h1 class="page-header">'.getLabel("label.admin_user.title_new").'</h1>
					</div>
				</div>';
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
299
300
301
302
303
304
			
			//------------------------------------------------------------------------------------------------
			// ACCOUNT CREATION (New user ID)
			//------------------------------------------------------------------------------------------------
			if 	(isset($_POST['add']))
			{
305
306
307
308
309
310
311
				$create_user_in_nagvis = retrieve_form_data("create_user_in_nagvis","");
				$create_user_in_cacti = retrieve_form_data("create_user_in_cacti","");
				if($create_user_in_nagvis == "yes"){ $nagvis_user = true; }
				else { $nagvis_user = false; }
				if($create_user_in_cacti == "yes"){ $cacti_user = true; }
				else { $cacti_user = false; }
				
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
312
				$user_group = retrieve_form_data("user_group","");
313
				$nagvis_grp = retrieve_form_data("nagvis_group", "");
Julien1498's avatar
Julien1498 committed
314
				$user_id=insert_user(stripAccents($user_name), $user_descr, $user_group, $user_password1, $user_password2, $user_type, $user_location,$user_mail,$user_limitation, true, $create_user_in_nagvis, $create_user_in_cacti, $nagvis_grp, $user_language, $theme);
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
315
				//message(8,"User location: $user_location",'ok');	// For debug pupose, to be removed
Julien1498's avatar
Julien1498 committed
316
				
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
317
318
319
320
321
322
323
324
325
				// Retrieve Group Information from database
				if($user_id){
					$user_name_descr = retrieve_user_info($user_id);
					$user_name=mysqli_result($user_name_descr,0,"user_name");
					$user_mail=mysqli_result(sqlrequest("$database_lilac","SELECT email FROM nagios_contact WHERE name='$user_name'"),0,"email");
					$user_descr=mysqli_result($user_name_descr,0,"user_descr");
					$user_group=mysqli_result($user_name_descr,0,"group_id");
					$user_type=mysqli_result($user_name_descr,0,"user_type");
					$user_limitation = retrieve_form_data("user_limitation","");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
326
					$user_language = retrieve_form_data("user_language","");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
327
328
329
					$user_location=mysqli_result($user_name_descr,0,"user_location");
					$user_password1= "abcdefghijklmnopqrstuvwxyz";
					$user_password2= "abcdefghijklmnopqrstuvwxyz";
Julien1498's avatar
Julien1498 committed
330
					$theme = retrieve_form_data("theme","");
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
331
332
333
334
335
336
				}
			}
			//------------------------------------------------------------------------------------------------
		}
		else
		{
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
337
338
339
340
341
			echo '<div class="row">
					<div class="col-lg-12">
						<h1 class="page-header">'.getLabel("label.admin_user.title_upd").'</h1>
					</div>
				</div>';
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
342
343

			//------------------------------------------------------------------------------------------------
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
344
345
						// ACCOUNT UPDATE (and retrieve parameters)
						//------------------------------------------------------------------------------------------------
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
346
			if (isset($_POST['update'])){
Julien1498's avatar
Julien1498 committed
347
				update_user($user_id, stripAccents($user_name), $user_descr, $user_group, $user_password1, $user_password2, $user_type, $user_location, $user_mail, $user_limitation, $old_group_id, $old_name, $create_user_in_nagvis, $create_user_in_cacti, $nagvis_role_id, $user_language, $theme);	
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
				//message(8,"Update: User location = $user_location",'ok');	// For debug pupose, to be removed
				//message(8,"Update: User name =  $user_name",'ok');			// For debug pupose, to be removed
			}

			// Retrieve Group Information from database
			$user_name_descr = retrieve_user_info($user_id);
			$user_name=mysqli_result($user_name_descr,0,"user_name");
			$user_mail=mysqli_result(sqlrequest("$database_lilac","SELECT email FROM nagios_contact WHERE name='$user_name'"),0,"email");
			$user_descr=mysqli_result($user_name_descr,0,"user_descr");
			$user_group=mysqli_result($user_name_descr,0,"group_id");
			$user_type=mysqli_result($user_name_descr,0,"user_type");
			$user_limitation=mysqli_result($user_name_descr,0,"user_limitation");
			$user_location=mysqli_result($user_name_descr,0,"user_location");
			$user_password1="abcdefghijklmnopqrstuvwxyz";
			$user_password2="abcdefghijklmnopqrstuvwxyz";
363
364
365
366
367
368
369
370
371
372
373
374
375
376

			// search the user in Cacti (to check the checkbox if he's found)
			$cacti_user = sqlrequest($database_cacti, "SELECT id FROM user_auth WHERE username = '$user_name'");
			$cacti_user_found = mysqli_num_rows($cacti_user);
			if($cacti_user_found > 0){ $cacti_user = true; }
			else { $cacti_user = false; }

			// search the user in Nagvis (to check the checkbox if he's found)
			$bdd = new PDO('sqlite:/srv/eyesofnetwork/nagvis/etc/auth.db');
            $req = $bdd->query("SELECT count(*) FROM users WHERE name='$user_name'");
            $nagvis_user_exist = $req->fetch();
            if ($nagvis_user_exist["count(*)"] > 0){ $nagvis_user = true; }
            else { $nagvis_user = false; }

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
377
			//message(8,"Mod: User location = $user_location",'ok');       // For debug pupose, to be removed
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
378
			//message(8,"Mod: User name =  $user_name",'ok');                      // For debug pupose, to be removed
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
379
380
381

			//------------------------------------------------------------------------------------------------
		}
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402

		// search all nagvis groups
		$bdd = new PDO('sqlite:/srv/eyesofnetwork/nagvis/etc/auth.db');
		$req = $bdd->query("SELECT * FROM roles");
		$nagvis_groups = $req->fetchAll(PDO::FETCH_OBJ);

		// get userId in Nagvis
		$req = $bdd->query("SELECT userId from users WHERE name = '$user_name'");
		$result = $req->fetch(PDO::FETCH_OBJ);

		$id_nagvis = false;
		$role_id = false;
		if($result){
			$id_nagvis = $result->userId;
			$req = $bdd->query("SELECT roleId FROM users2roles WHERE userId = $id_nagvis");
			$result = $req->fetch(PDO::FETCH_OBJ);

			if($result){
				$role_id = $result->roleId;
			}
		}
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
403
	?>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
404

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
405
406
407
	<form id="form_user" action='./add_modify_user.php' method='POST' name='form_user'>
		<input type='hidden' name='user_id' value='<?php echo $user_id?>'>
		<div class="row form-group">
408
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_name") ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
409
410
411
412
413
414
415
416
			<div class="col-md-9">
				<input class="form-control" type='text' name='user_name' value='<?php echo $user_name?>'>
				<input type='hidden' name='user_name_old' value='<?php echo $user_name?>'>
			</div>
		</div>
			
		<?php if($user_id!="1"){ ?>
			<div class="row form-group">
417
				<label class="col-md-3"><?php echo getLabel("label.admin_user.user_limit"); ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
418
419
420
421
422
423
424
425
426
427
				<div class="col-md-9">
					<?php
						if($user_limitation=="1") $checked="checked='yes'";
						else $checked="";
						echo "<input type='checkbox' class='checkbox' name='user_limitation' value='1' $checked onclick='disable_group()'>";
					?>
				</div>
			</div>
			
			<div class="row form-group">
428
				<label class="col-md-3"><?php echo getLabel("label.admin_user.user_ldap"); ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
429
430
				<div class="col-md-9">
					<?php
431
						if($user_type=="1") $checked="checked='checked'";
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
432
433
434
435
436
437
438
						else $checked="";
						echo "<input type='checkbox' class='checkbox' name='user_type' value='1' $checked onclick='disable()'>";
					?>
				</div>
			</div>
			
			<div class="row form-group">
439
				<label class="col-md-3"><?php echo getLabel("label.admin_user.ldap_log"); ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
440
441
442
443
444
445
446
447
448
449
450
				<div class="col-md-9">
					<?php
						echo "<input class='form-control' id='user_location' name='user_location' type='text' value='".htmlspecialchars($user_location, ENT_QUOTES)."'>";
					?>
				</div>
			</div>
		<?php 
		} 
		else {
			echo "<input type='hidden' name='user_type' value='0'>";
			echo "<input type='hidden' name='user_group' value='1'>";
451
			echo "<input type='hidden' name='create_user_in_nagvis' value='yes'>";
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
452
			echo "<input type='hidden' name='nagvis_group' value='1'>";
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
453
		}
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
454
		?>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
455
		<div class="row form-group">
456
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_mail"); ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
457
458
459
460
			<div class="col-md-9">
				<input class="form-control" type='text' name='user_mail' value='<?php echo $user_mail?>'>
			</div>
		</div>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
461

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
462
		<div class="row form-group">
463
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_desc"); ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
464
465
466
467
468
469
			<div class="col-md-9">
				<input class="form-control" type='text' name='user_descr' value='<?php echo $user_descr?>'>
			</div>
		</div>
		
		<div class="row form-group">
470
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_pwd"); ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
471
472
473
474
475
476
			<div class="col-md-9">
				<input class="form-control" type='password' name='user_password1' value='<?php echo $user_password1?>'>
			</div>
		</div>
		
		<div class="row form-group">
477
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_pwd2"); ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
478
479
480
481
482
			<div class="col-md-9">
				<input class="form-control" type='password' name='user_password2' value='<?php echo $user_password2?>'>
			</div>
		</div>
		
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
483
484
485
486
487
488
489
		<!-- Adding a language defined by user -->
		<div class="row form-group">
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_lang"); ?></label>
			<div class="col-md-9">
				<?php echo GetUserLang(); ?>
			</div>
		</div>
Julien1498's avatar
Julien1498 committed
490
491
492
493
494
495
496
497

		<!-- Choose a theme -->
		<div class="row form-group">
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_theme"); ?></label>
			<div class="col-md-9">
				<?php echo GetThemeList(); ?>
			</div>
		</div>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
498
499
		
		<!-- If not user admin -->
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
500
501
		<?php if($user_id!="1") { ?>
		<div class="row form-group">
502
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_group"); ?></label>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
503
504
505
506
507
508
509
510
511
512
			<div class="col-md-9">
				<select class="form-control" name='user_group' size=1>
					<?php
						$result=sqlrequest("$database_eonweb","SELECT group_id,group_name from groups");
						while ($line = mysqli_fetch_array($result))
						{
							if ($user_group == $line[0])
								echo "<OPTION value='$line[0]' SELECTED>$line[1] </OPTION>";
							else
								echo "<OPTION value='$line[0]'>$line[1] </OPTION>";					
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
513
						}
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
514
515
516
517
					?>
				</select>
			</div>
		</div>
518
519

		<div class="row form-group">
520
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_nagvis"); ?></label>
521
522
523
524
			<div class="col-md-9">
				<div class="input-group col-md-5">
					<span class="input-group-addon">
		                <?php
525
							if(isset($nagvis_user) && $nagvis_user=="yes") $checked="checked='checked'";
526
527
528
529
530
531
532
		                    else $checked="";
		                    echo "<input type='checkbox' class='checkbox' name='create_user_in_nagvis' value='yes' $checked>";
						?>
					</span>
					<select class="form-control" name="nagvis_group">
						<?php foreach ($nagvis_groups as $group):
							$selected = "";
533
							if(!isset($_GET["user_id"]) && $group->name == "Guests" && !$role_id){
534
535
536
537
538
539
540
541
542
543
544
545
546
547
								$selected = "selected";
							}
							if($role_id == $group->roleId){
								$selected = "selected";
							}
						?>
							<option value="<?php echo $group->roleId; ?>" <?php echo $selected; ?>><?php echo $group->name; ?></option>
						<?php endforeach ?>
					</select>
				</div>
			</div>
		</div>

		<div class="row form-group">
548
			<label class="col-md-3"><?php echo getLabel("label.admin_user.user_cacti"); ?></label>
549
550
			<div class="col-md-9">
				<?php
551
					if(isset($cacti_user) && $cacti_user == "yes") $checked = "checked='checked'";
552
553
554
555
556
                    else $checked = "";
                    echo "<input type='checkbox' class='checkbox' name='create_user_in_cacti' value='yes' $checked>";
				?>
			</div>
		</div>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
557
		
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
558
559
560
561
562
563
564
565
566
567
568
		<?php } ?>
		<div class="form-group">
			<?php
				if ($user_id !=null)
					echo "<button class='btn btn-primary' type='submit' name='update' value='update'>".getLabel("action.update")."</button>";
				else
					echo "<button class='btn btn-primary' type='submit' name='add' value='add'>".getLabel("action.add")."</button>";
				echo "<button class='btn btn-default' style='margin-left: 10px;' type='button' name='back' value='back' onclick='location.href=\"index.php\"'>".getLabel("action.cancel")."</button>";
			?>
		</div>
	</form>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
569

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
570
</div>
Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
571

Jean-Philippe Levy's avatar
Jean-Philippe Levy committed
572
<?php include("../../footer.php"); ?>