Gecko [ 167.86.127.34 ]

Name	Size	Permission
help	[ DIR ]	drwxr-xr-x
images	[ DIR ]	drwxr-xr-x
lang	[ DIR ]	drwxr-xr-x
CHANGELOG	5.15 KB	-rw-r--r--
acl-lib.pl	62.4 KB	-rwxr-xr-x
acl_security.pl	2.33 KB	-rwxr-xr-x
backup_config.pl	2.64 KB	-rwxr-xr-x
cert_form.cgi	1.48 KB	-rwxr-xr-x
cert_issue.cgi	1.69 KB	-rwxr-xr-x
cert_output.cgi	445 B	-rwxr-xr-x
cgi_args.pl	767 B	-rwxr-xr-x
config	61 B	-rw-r--r--
config-ALL-linux	42 B	-rw-r--r--
config-freebsd	42 B	-rw-r--r--
config-macos	42 B	-rw-r--r--
config-netbsd	42 B	-rw-r--r--
config-openbsd	42 B	-rw-r--r--
config-solaris-10-ALL	46 B	-rw-r--r--
config-syno-linux	51 B	-rw-r--r--
config.info	258 B	-rw-r--r--
config.info.ar	385 B	-rw-r--r--
config.info.bg	397 B	-rw-r--r--
config.info.ca	295 B	-rw-r--r--
config.info.cs	265 B	-rw-r--r--
config.info.da	259 B	-rw-r--r--
config.info.de	273 B	-rw-r--r--
config.info.es	265 B	-rw-r--r--
config.info.eu	298 B	-rw-r--r--
config.info.fa	394 B	-rw-r--r--
config.info.fr	308 B	-rw-r--r--
config.info.hr	0 B	-rw-r--r--
config.info.hu	353 B	-rw-r--r--
config.info.it	279 B	-rw-r--r--
config.info.ja	319 B	-rw-r--r--
config.info.ko	233 B	-rw-r--r--
config.info.ms	248 B	-rw-r--r--
config.info.nl	268 B	-rw-r--r--
config.info.no	260 B	-rw-r--r--
config.info.pl	270 B	-rw-r--r--
config.info.pt_BR	271 B	-rw-r--r--
config.info.ru	439 B	-rw-r--r--
config.info.sk	278 B	-rw-r--r--
config.info.sv	53 B	-rw-r--r--
config.info.tr	309 B	-rw-r--r--
config.info.uk	303 B	-rw-r--r--
config.info.zh	47 B	-rw-r--r--
config.info.zh_TW	146 B	-rw-r--r--
convert.cgi	3.79 KB	-rwxr-xr-x
convert_form.cgi	1.6 KB	-rwxr-xr-x
defaultacl	239 B	-rw-r--r--
delete_group.cgi	1.36 KB	-rwxr-xr-x
delete_groups.cgi	1.45 KB	-rwxr-xr-x
delete_session.cgi	485 B	-rwxr-xr-x
delete_user.cgi	668 B	-rwxr-xr-x
delete_users.cgi	2.93 KB	-rwxr-xr-x
edit_acl.cgi	2.75 KB	-rwxr-xr-x
edit_group.cgi	4.38 KB	-rwxr-xr-x
edit_pass.cgi	1.82 KB	-rwxr-xr-x
edit_rbac.cgi	951 B	-rwxr-xr-x
edit_sql.cgi	3.78 KB	-rwxr-xr-x
edit_sync.cgi	1.22 KB	-rwxr-xr-x
edit_unix.cgi	2.76 KB	-rwxr-xr-x
edit_user.cgi	14.2 KB	-rwxr-xr-x
feedback_files.pl	336 B	-rwxr-xr-x
index.cgi	8.29 KB	-rwxr-xr-x
list_sessions.cgi	2.39 KB	-rwxr-xr-x
log_parser.pl	1.78 KB	-rwxr-xr-x
makedn.cgi	1.75 KB	-rwxr-xr-x
maketables.cgi	1.23 KB	-rwxr-xr-x
md5-lib.pl	7.58 KB	-rwxr-xr-x
module.info	187 B	-rw-r--r--
module.info.af	0 B	-rw-r--r--
module.info.af.auto	139 B	-rw-r--r--
module.info.ar	193 B	-rw-r--r--
module.info.ar.auto	19 B	-rw-r--r--
module.info.be	0 B	-rw-r--r--
module.info.be.auto	271 B	-rw-r--r--
module.info.bg	43 B	-rw-r--r--
module.info.bg.auto	192 B	-rw-r--r--
module.info.ca	129 B	-rw-r--r--
module.info.ca.auto	19 B	-rw-r--r--
module.info.cs	28 B	-rw-r--r--
module.info.cs.auto	116 B	-rw-r--r--
module.info.da	23 B	-rw-r--r--
module.info.da.auto	115 B	-rw-r--r--
module.info.de	146 B	-rw-r--r--
module.info.de.auto	19 B	-rw-r--r--
module.info.el	0 B	-rw-r--r--
module.info.el.auto	253 B	-rw-r--r--
module.info.es	125 B	-rw-r--r--
module.info.es.auto	24 B	-rw-r--r--
module.info.eu	0 B	-rw-r--r--
module.info.eu.auto	159 B	-rw-r--r--
module.info.fa	0 B	-rw-r--r--
module.info.fa.auto	238 B	-rw-r--r--
module.info.fi	0 B	-rw-r--r--
module.info.fi.auto	150 B	-rw-r--r--
module.info.fr	28 B	-rw-r--r--
module.info.fr.auto	154 B	-rw-r--r--
module.info.he	0 B	-rw-r--r--
module.info.he.auto	193 B	-rw-r--r--
module.info.hr	0 B	-rw-r--r--
module.info.hr.auto	147 B	-rw-r--r--
module.info.hu	30 B	-rw-r--r--
module.info.hu.auto	152 B	-rw-r--r--
module.info.it	22 B	-rw-r--r--
module.info.it.auto	123 B	-rw-r--r--
module.info.ja	25 B	-rw-r--r--
module.info.ja.auto	137 B	-rw-r--r--
module.info.ko	25 B	-rw-r--r--
module.info.ko.auto	128 B	-rw-r--r--
module.info.lt	0 B	-rw-r--r--
module.info.lt.auto	182 B	-rw-r--r--
module.info.lv	0 B	-rw-r--r--
module.info.lv.auto	177 B	-rw-r--r--
module.info.ms	120 B	-rw-r--r--
module.info.ms.auto	19 B	-rw-r--r--
module.info.mt	0 B	-rw-r--r--
module.info.mt.auto	166 B	-rw-r--r--
module.info.nl	26 B	-rw-r--r--
module.info.nl.auto	119 B	-rw-r--r--
module.info.no	23 B	-rw-r--r--
module.info.no.auto	113 B	-rw-r--r--
module.info.pl	133 B	-rw-r--r--
module.info.pl.auto	19 B	-rw-r--r--
module.info.pt	31 B	-rw-r--r--
module.info.pt.auto	126 B	-rw-r--r--
module.info.pt_BR	31 B	-rw-r--r--
module.info.pt_BR.auto	132 B	-rw-r--r--
module.info.ro	0 B	-rw-r--r--
module.info.ro.auto	156 B	-rw-r--r--
module.info.ru	40 B	-rw-r--r--
module.info.ru.auto	190 B	-rw-r--r--
module.info.sk	29 B	-rw-r--r--
module.info.sk.auto	129 B	-rw-r--r--
module.info.sl	0 B	-rw-r--r--
module.info.sl.auto	156 B	-rw-r--r--
module.info.sv	26 B	-rw-r--r--
module.info.sv.auto	122 B	-rw-r--r--
module.info.th	0 B	-rw-r--r--
module.info.th.auto	248 B	-rw-r--r--
module.info.tr	32 B	-rw-r--r--
module.info.tr.auto	152 B	-rw-r--r--
module.info.uk	0 B	-rw-r--r--
module.info.uk.auto	246 B	-rw-r--r--
module.info.ur	0 B	-rw-r--r--
module.info.ur.auto	240 B	-rw-r--r--
module.info.vi	0 B	-rw-r--r--
module.info.vi.auto	183 B	-rw-r--r--
module.info.zh	28 B	-rw-r--r--
module.info.zh.auto	106 B	-rw-r--r--
module.info.zh_TW	28 B	-rw-r--r--
module.info.zh_TW.auto	112 B	-rw-r--r--
negativeacl	13 B	-rw-r--r--
openssl.cnf	6.02 KB	-rw-r--r--
postinstall.pl	996 B	-rwxr-xr-x
prefs.info	22 B	-rw-r--r--
save_acl.cgi	2.85 KB	-rwxr-xr-x
save_group.cgi	3.76 KB	-rwxr-xr-x
save_pass.cgi	1.72 KB	-rwxr-xr-x
save_sql.cgi	3.38 KB	-rwxr-xr-x
save_sync.cgi	730 B	-rwxr-xr-x
save_twofactor.cgi	2.25 KB	-rwxr-xr-x
save_unix.cgi	2.2 KB	-rwxr-xr-x
save_user.cgi	11.32 KB	-rwxr-xr-x
schema.cgi	612 B	-rwxr-xr-x
switch.cgi	726 B	-rwxr-xr-x
system_info.pl	2.27 KB	-rw-r--r--
twofactor.pl	709 B	-rwxr-xr-x
twofactor_form.cgi	2.01 KB	-rwxr-xr-x
useradmin_update.pl	3.12 KB	-rwxr-xr-x
webmin.schema	1.34 KB	-rw-r--r--

Code Editor : save_user.cgi

#!/usr/bin/perl
# save_user.cgi
# Modify or create a webmin user

use strict;
use warnings;
no warnings 'redefine';
no warnings 'uninitialized';
require './acl-lib.pl';
our (%in, %text, %config, %access, $config_directory, $base_remote_user);
&foreign_require("webmin", "webmin-lib.pl");
&ReadParse();

# Check for special button clicks, and redirect
if ($in{'but_clone'}) {
	&redirect("edit_user.cgi?clone=".&urlize($in{'old'}));
	exit;
	}
elsif ($in{'but_log'}) {
	&redirect("../webminlog/search.cgi?uall=0&mall=1&tall=1&user=".
		  &urlize($in{'old'}));
	exit;
	}
elsif ($in{'but_switch'}) {
	&redirect("switch.cgi?user=".&urlize($in{'old'}));
	exit;
	}
elsif ($in{'but_delete'}) {
	&redirect("delete_user.cgi?user=".&urlize($in{'old'}));
	exit;
	}
elsif ($in{'twofactor'}) {
	&redirect("twofactor_form.cgi?user=".&urlize($in{'old'}));
	exit;
	}

# Get the user object
my (%user, $old);
if ($in{'old'}) {
	%user = ( );
	$in{'name'} = $in{'old'} if (!$access{'rename'});
	&can_edit_user($in{'old'}) || &error($text{'save_euser'});
	$old = &get_user($in{'old'});
	$old || &error($text{'edit_egone'});
	$user{'proto'} = $old->{'proto'};
	$user{'id'} = $old->{'id'};
	$user{'twofactor_provider'} = $old->{'twofactor_provider'};
	$user{'twofactor_id'} = $old->{'twofactor_id'};
	}
else {
	$access{'create'} || &error($text{'save_ecreate'});
	}
&error_setup($text{'save_err'});

# Validate username, and check for a clash
$in{'name'} =~ /^[A-z0-9\-\_\.\@]+$/ && $in{'name'} !~ /^\@/ ||
	&error(&text('save_ename', &html_escape($in{'name'})));
$in{'name'} eq 'webmin' && &error($text{'save_enamewebmin'});
if (!$in{'old'} || $in{'old'} ne $in{'name'}) {
	my $clash = &get_user($in{'name'});
	$clash && &error(&text('save_edup', &html_escape($in{'name'})));
	}
!$access{'logouttime'} || $in{'logouttime_def'} ||
	$in{'logouttime'} =~ /^\d+$/ || &error($text{'save_elogouttime'});
!$access{'minsize'} || $in{'minsize_def'} ||
	$in{'minsize'} =~ /^\d+$/ || &error($text{'save_eminsize'});
if ($in{'safe'} && !$in{'unsafe'}) {
	getpwnam($in{'name'}) ||
		&error(&text('save_eunixname', &html_escape($in{'name'})));
	}

# Validate password
if ($in{'pass_def'} == 0) {
	$in{'pass'} =~ /:/ && &error($text{'save_ecolon'});
	if (!$in{'temp'}) {
		# Check password quality, unless this is a temp password
		my $perr = &check_password_restrictions($in{'name'},
							$in{'pass'});
		$perr && &error(&text('save_epass', $perr));
		}
	}

# Validate force change
if ($in{'temp'}) {
	my %miniserv;
	&get_miniserv_config(\%miniserv);
	$miniserv{'passwd_mode'} == 2 ||
		&error(&text('save_etemp', '../webmin/edit_session.cgi'));
	}

# Find logged-in webmin user
my @ulist = &list_users();
my $me;
foreach my $u (@ulist) {
	if ($u->{'name'} eq $base_remote_user) {
		$me = $u;
		}
	}

# Find the current group
my $oldgroup = $in{'old'} ? &get_users_group($in{'old'}) : undef;

if (&supports_rbac()) {
	# Save RBAC mode
	$user{'rbacdeny'} = $in{'rbacdeny'};
	}

my $newgroup;
if (defined($in{'group'})) {
	# Check if group is allowed
	if ($access{'gassign'} ne '*') {
		my @gcan = split(/\s+/, $access{'gassign'});
		$in{'group'} && &indexof($in{'group'}, @gcan) >= 0 ||
		  !$in{'group'} && &indexof('_none', @gcan) >= 0 ||
		  $oldgroup && $oldgroup->{'name'} eq $in{'group'} ||
			&error($text{'save_egroup'});
		}

# Store group membership
	$newgroup = &get_group($in{'group'});
	if ($in{'group'} ne ($oldgroup ? $oldgroup->{'name'} : '')) {
		# Group has changed - update the member lists
		if ($oldgroup) {
			# Take out of old
			$oldgroup->{'members'} =
				[ grep { $_ ne $in{'old'} }
				  @{$oldgroup->{'members'}} ];
			&modify_group($oldgroup->{'name'}, $oldgroup);
			}
		if ($newgroup) {
			# Put into new
			push(@{$newgroup->{'members'}}, $in{'name'});
			&modify_group($in{'group'}, $newgroup);
			}
		}
	elsif ($in{'old'} ne $in{'name'} && $oldgroup && $newgroup) {
		# Name has changed - rename in group
		my $idx = &indexof(
			$in{'old'}, @{$oldgroup->{'members'}});
		$oldgroup->{'members'}->[$idx] = $in{'name'};
		&modify_group($oldgroup->{'name'}, $oldgroup);
		}
	}

# Store manually selected modules
my @mcan = $access{'mode'} == 1 ? @{$me->{'modules'}} :
	   $access{'mode'} == 2 ? split(/\s+/, $access{'mods'}) :
				  &list_modules();
my %mcan = map { $_, 1 } @mcan;

my @mods = split(/\0/, $in{'mod'});
foreach my $m (@mods) {
	$mcan{$m} || &error(&text('save_emod', $m));
	}
if ($in{'old'}) {
	# Add modules that this user already has, but were not
	# allowed to be changed or are not available for this OS
	foreach my $m (@{$old->{'modules'}}) {
		push(@mods, $m) if (!$mcan{$m});
		}
	}

if ($oldgroup) {
	# Remove modules from the old group
	@mods = grep { &indexof($_, @{$oldgroup->{'modules'}}) < 0 }
		     @mods;
	}

if ($base_remote_user eq $in{'old'} &&
    &indexof("acl", @mods) == -1 &&
    (!$newgroup || &indexof("acl", @{$newgroup->{'modules'}}) == -1)) {
	&error($text{'save_edeny'});
	}

if (!$in{'old'} && $access{'perms'}) {
	# Copy .acl files from creator to new user
	&copy_acl_files($me->{'name'}, $in{'name'}, $me->{'modules'});
	}

if ($newgroup) {
	# Add modules from group to list
	my @ownmods;
	foreach my $m (@mods) {
		push(@ownmods, $m)
			if (&indexof($m, @{$newgroup->{'modules'}}) < 0);
		}
	@mods = &unique(@mods, @{$newgroup->{'modules'}});
	$user{'ownmods'} = \@ownmods;

# Copy ACL files for group
	my $name = $in{'old'} ? $in{'old'} : $in{'name'};
	&copy_group_user_acl_files($in{'group'}, $name,
			      [ @{$newgroup->{'modules'}}, "" ]);
	}
$user{'modules'} = \@mods;

# Update user object
my $salt = chr(int(rand(26))+65).chr(int(rand(26))+65);
$user{'name'} = $in{'name'};
$user{'lang'} = !$access{'lang'} ? $old->{'lang'} :
		$in{'lang_def'} ? undef : $in{'lang'};
$user{'locale'} = !$access{'locale'} ? $old->{'locale'} :
		$in{'locale_def'} ? undef : $in{'locale'};
if (!$access{'theme'}) {
	$user{'theme'} = $old->{'theme'};
	$user{'overlay'} = $old->{'overlay'};
	}
else {
	$user{'theme'} = $in{'theme_def'} ? undef : $in{'theme'};
	$user{'overlay'} = $in{'overlay_def'} ? undef : $in{'overlay'};
	if ($user{'overlay'} && !$user{'theme'}) {
		&error($text{'save_eoverlay'});
		}
	}
$user{'cert'} = !$access{'chcert'} ? $old->{'cert'} :
		$in{'cert_def'} ? undef : $in{'cert'};
$user{'notabs'} = !$access{'cats'} ? $old->{'notabs'} : $in{'notabs'};
$user{'logouttime'} = !$access{'logouttime'} ? $old->{'logouttime'} :
			$in{'logouttime_def'} ? undef : $in{'logouttime'};
$user{'minsize'} = !$access{'minsize'} ? $old->{'minsize'} :
			$in{'minsize_def'} ? undef : $in{'minsize'};
$user{'nochange'} = !$access{'nochange'} || !defined($in{'nochange'}) ?
			$old->{'nochange'} : $in{'nochange'};
$user{'lastchange'} = $old->{'lastchange'};
$user{'olds'} = $old->{'olds'};
$user{'real'} = $in{'real'} =~ /\S/ ? $in{'real'} : undef;
my $raddr = $ENV{'REMOTE_ADDR'};
my @ips;
if ($access{'ips'}) {
	if ($in{'ipmode'}) {
		my @hosts = split(/\s+/, $in{"ips"});
		@hosts || &error($text{'save_enone'});
		foreach my $h (@hosts) {
			my $err = &webmin::valid_allow($h);
			&error($err) if ($err);
			push(@ips, $h);
			}
		}
	if ($in{'ipmode'} == 1) {
		$user{'allow'} = join(" ", @ips);
		if ($old->{'name'} eq $base_remote_user &&
		    !&webmin::ip_match($raddr, @ips)) {
			&error(&text('save_eself', $raddr));
			}
		}
	elsif ($in{'ipmode'} == 2) {
		$user{'deny'} = join(" ", @ips);
		if ($old->{'name'} eq $base_remote_user &&
		    &webmin::ip_match($raddr, @ips)) {
			&error(&text('save_eself', $raddr));
			}
		}
	}
else {
	$user{'allow'} = $old->{'allow'};
	$user{'deny'} = $old->{'deny'};
	}
if ($in{'pass_def'} == 0) {
	# New password
	$user{'pass'} = &encrypt_password($in{'pass'});
	$user{'sync'} = 0;
	}
elsif ($in{'pass_def'} == 1) {
	# No change in password
	$user{'pass'} = $in{'oldpass'};
	$user{'sync'} = 0;
	}
elsif ($in{'pass_def'} == 3) {
	# Unix authentication
	$user{'pass'} = 'x';
	$user{'sync'} = 0;
	}
elsif ($in{'pass_def'} == 4) {
	# Account is locked
	$user{'pass'} = '*LK*';
	$user{'sync'} = 0;
	}
elsif ($in{'pass_def'} == 5) {
	# External authentcation
	$user{'pass'} = 'e';
	$user{'sync'} = 0;
	}
else {
	# Password synchronization (deprecated)
	&foreign_check("useradmin") || &error($text{'save_eos'});
	&foreign_require("useradmin", "user-lib.pl");
	foreach my $uu (&useradmin::list_users()) {
		$user{'pass'} = $uu->{'pass'}
			if ($uu->{'user'} eq $in{'name'});
		}
	defined($user{'pass'}) ||
		&error(&text('save_eunix', $in{'name'}));
	$user{'sync'} = 1;
	}

# Update allowed days and hours
if ($access{'times'}) {
	# Save the allowed days
	if (!$in{'days_def'}) {
		my @days = split(/\0/, $in{'days'});
		@days || &error($text{'save_edays'});
		$user{'days'} = join(",", @days);
		}
	if (!$in{'hours_def'}) {
		my %mins;
		foreach my $t ('from', 'to') {
			my $h = $in{'hours_h'.$t};
			my $m = $in{'hours_m'.$t};
			$h =~ /^\d+$/ && $h >= 0 &&
			  $h < 24 || &error($text{'save_ehours'});
			$m =~ /^\d+$/ && $m >= 0 &&
			  $m < 60 || &error($text{'save_ehours'});
			$user{'hours'.$t} = "$h.$m";
			$mins{$t} = $h*60+$m;
			}
		$mins{'from'} < $mins{'to'} || &error($text{'save_ehours2'});
		}
	}
else {
	$user{'days'} = $old->{'days'};
	$user{'hoursfrom'} = $old->{'hoursfrom'};
	$user{'hoursto'} = $old->{'hoursto'};
	}

# Check for temporary password lock
if (!$in{'lock'} && $user{'pass'} =~ /^\!(.*)$/) {
	$user{'pass'} = $1;
	}
elsif ($in{'lock'} && $user{'pass'} !~ /^\!/ && $in{'pass_def'} <= 1) {
	$user{'pass'} = "!".$user{'pass'};
	}

# Check for force change
$user{'temppass'} = $in{'temp'};

# Cancel two-factor if requested
if ($in{'cancel'}) {
	$user{'twofactor_provider'} = undef;
	$user{'twofactor_id'} = undef;
	$user{'twofactor_apikey'} = undef;
	}

if ($in{'old'}) {
	# update user and all ACLs
	&modify_user($in{'old'}, \%user);
	if ($in{'old'} ne $user{'name'}) {
		# Change username in other user's ACLs
		foreach my $u (&list_users()) {
			my %uaccess = &get_module_acl($u->{'name'});
			my @au = split(/\s+/, $uaccess{'users'});
			my $idx = &indexof($in{'old'}, @au);
			if ($idx != -1) {
				$au[$idx] = $in{'name'};
				$uaccess{'users'} = join(" ", @au);
				&save_module_acl(\%uaccess, $u->{'name'});
				}
			}
		}
	}
else {
	# create and add to access list
	&create_user(\%user, $in{'clone'});
	if ($access{'users'} ne '*') {
		$access{'users'} .= " ".$in{'name'};
		&save_module_acl(\%access);
		}
	}

my $aclfile = "$config_directory/$in{'name'}.acl";
if ($in{'old'} && $in{'acl_security_form'} && !$newgroup && !$in{'safe'}) {
	# Update user's global ACL
	&foreign_require("", "acl_security.pl");
	my %uaccess;
	&foreign_call("", "acl_security_save", \%uaccess, \%in);
	&lock_file($aclfile);
	&save_module_acl(\%uaccess, $in{'name'}, "", 1);
	&set_ownership_permissions(undef, undef, 0640, $aclfile);
	&unlock_file($aclfile);
	}

# Clear safe setting
if ($in{'unsafe'}) {
	&lock_file($aclfile);
	my %uaccess = &get_module_acl($in{'name'}, "", 1, 1);
	delete($uaccess{'_safe'});
	&save_module_acl(\%uaccess, $in{'name'}, "", 1);
	&unlock_file($aclfile);
	}

# If the user is in safe mode, set ACLs on all new modules
if ($in{'safe'}) {
	foreach my $m ("", @mods) {
		my %macl = &get_module_acl($in{'name'}, $m, 0, 1);
		my $safe = &get_safe_acl($m);
		if (!%macl && $safe) {
			%macl = %$safe;
			$macl{'_safe'} = 1;
			$macl{'noconfig'} = 1;
			&save_module_acl(\%macl, $in{'name'}, $m);
			}
		}
	}

# Log the event
delete($in{'pass'});
delete($in{'oldpass'});
if ($in{'old'}) {
	&webmin_log("modify", "user", $in{'old'}, \%in);
	}
else {
	&webmin_log("create", "user", $user{'name'}, \%in);
	}
&reload_miniserv();
&redirect("index.cgi?refresh=1");

${this.title}

Code Editor : save_user.cgi