0.8.7g-2.1+pia2p9+neutron1
[debian/cacti] / user_admin.php
1 <?php
2 /*
3  +-------------------------------------------------------------------------+
4  | Copyright (C) 2004-2010 The Cacti Group                                 |
5  |                                                                         |
6  | This program is free software; you can redistribute it and/or           |
7  | modify it under the terms of the GNU General Public License             |
8  | as published by the Free Software Foundation; either version 2          |
9  | of the License, or (at your option) any later version.                  |
10  |                                                                         |
11  | This program is distributed in the hope that it will be useful,         |
12  | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
13  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
14  | GNU General Public License for more details.                            |
15  +-------------------------------------------------------------------------+
16  | Cacti: The Complete RRDTool-based Graphing Solution                     |
17  +-------------------------------------------------------------------------+
18  | This code is designed, written, and maintained by the Cacti Group. See  |
19  | about.php and/or the AUTHORS file for specific developer information.   |
20  +-------------------------------------------------------------------------+
21  | http://www.cacti.net/                                                   |
22  +-------------------------------------------------------------------------+
23 */
24
25 include("./include/auth.php");
26
27 define("MAX_DISPLAY_PAGES", 21);
28
29 $user_actions = array(
30         1 => "Delete",
31         2 => "Copy",
32         3 => "Enable",
33         4 => "Disable",
34         5 => "Batch Copy"
35         );
36
37 /* remember the tab we came from */
38 load_current_session_value("tab", "sess_user_admin_tab", "user_realms_edit");
39
40 switch (get_request_var_request("action")) {
41         case 'actions':
42                 form_actions();
43                 break;
44
45         case 'save':
46                 form_save();
47                 break;
48
49         case 'perm_remove':
50                 perm_remove();
51                 break;
52
53         case 'user_edit':
54                 include_once("include/top_header.php");
55                 user_edit();
56                 include_once("include/bottom_footer.php");
57                 break;
58
59         default:
60                 include_once("include/top_header.php");
61                 user();
62                 include_once("include/bottom_footer.php");
63                 break;
64 }
65
66 /* --------------------------
67     Actions Function
68    -------------------------- */
69
70 function form_actions() {
71         global $colors, $user_actions, $auth_realms;
72
73         /* if we are to save this form, instead of display it */
74         if (isset($_POST["selected_items"])) {
75                 if (get_request_var_post("drp_action") != "2") {
76                         $selected_items = unserialize(stripslashes(get_request_var_post("selected_items")));
77                 }
78
79                 if (get_request_var_post("drp_action") == "1") { /* delete */
80                         for ($i=0;($i<count($selected_items));$i++) {
81                                 /* ================= input validation ================= */
82                                 input_validate_input_number($selected_items[$i]);
83                                 /* ==================================================== */
84
85                                 user_remove($selected_items[$i]);
86                         }
87                 }
88
89                 if (get_request_var_post("drp_action") == "2") { /* copy */
90                         /* ================= input validation ================= */
91                         input_validate_input_number(get_request_var_post("selected_items"));
92                         input_validate_input_number(get_request_var_post("new_realm"));
93                         /* ==================================================== */
94
95                         $new_username = get_request_var_post("new_username");
96                         $new_realm = get_request_var_post("new_realm", 0);
97                         $template_user = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . get_request_var_post("selected_items"));
98                         $overwrite = array( "full_name" => get_request_var_post("new_fullname") );
99
100                         if (strlen($new_username)) {
101                                 if (sizeof(db_fetch_assoc("SELECT username FROM user_auth WHERE username = '" . $new_username . "' AND realm = " . $new_realm))) {
102                                         raise_message(19);
103                                 } else {
104                                         if (user_copy($template_user["username"], $new_username, $template_user["realm"], $new_realm, false, $overwrite) === false) {
105                                                 raise_message(2);
106                                         } else {
107                                                 raise_message(1);
108                                         }
109                                 }
110                         }
111                 }
112
113                 if (get_request_var_post("drp_action") == "3") { /* enable */
114                         for ($i=0;($i<count($selected_items));$i++) {
115                                 /* ================= input validation ================= */
116                                 input_validate_input_number($selected_items[$i]);
117                                 /* ==================================================== */
118
119                                 user_enable($selected_items[$i]);
120                         }
121                 }
122
123                 if (get_request_var_post("drp_action") == "4") { /* disable */
124                         for ($i=0;($i<count($selected_items));$i++) {
125                                 /* ================= input validation ================= */
126                                 input_validate_input_number($selected_items[$i]);
127                                 /* ==================================================== */
128
129                                 user_disable($selected_items[$i]);
130                         }
131                 }
132
133                 if (get_request_var_post("drp_action") == "5") { /* batch copy */
134                         /* ================= input validation ================= */
135                         input_validate_input_number(get_request_var_post("template_user"));
136                         /* ==================================================== */
137
138                         $copy_error = false;
139                         $template = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . get_request_var_post("template_user"));
140                         for ($i=0;($i<count($selected_items));$i++) {
141                                 /* ================= input validation ================= */
142                                 input_validate_input_number($selected_items[$i]);
143                                 /* ==================================================== */
144
145                                 $user = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . $selected_items[$i]);
146                                 if ((isset($user)) && (isset($template))) {
147                                         if (user_copy($template["username"], $user["username"], $template["realm"], $user["realm"], true) === false) {
148                                                 $copy_error = true;
149                                         }
150                                 }
151                         }
152                         if ($copy_error) {
153                                 raise_message(2);
154                         } else {
155                                 raise_message(1);
156                         }
157                 }
158
159                 header("Location: user_admin.php");
160                 exit;
161         }
162
163         /* loop through each of the users and process them */
164         $user_list = "";
165         $user_array = array();
166         $i = 0;
167         while (list($var,$val) = each($_POST)) {
168                 if (ereg("^chk_([0-9]+)$", $var, $matches)) {
169                         /* ================= input validation ================= */
170                         input_validate_input_number($matches[1]);
171                         /* ==================================================== */
172
173                         if (get_request_var_post("drp_action") != "2") {
174                                 $user_list .= "<li>" . db_fetch_cell("SELECT username FROM user_auth WHERE id=" . $matches[1]) . "<br>";
175                         }
176                         $user_array[$i] = $matches[1];
177
178                         $i++;
179                 }
180         }
181
182         /* Check for deleting of Graph Export User */
183         if ((get_request_var_post("drp_action") == "1") && isset($user_array) && sizeof($user_array)) { /* delete */
184                 $exportuser = read_config_option('export_user_id');
185                 if (in_array($exportuser, $user_array)) {
186                         raise_message(22);
187                         header("Location: user_admin.php");
188                         exit;
189                 }
190         }
191
192         include_once("./include/top_header.php");
193
194         html_start_box("<strong>" . $user_actions[get_request_var_post("drp_action")] . "</strong>", "60%", $colors["header_panel"], "3", "center", "");
195
196         print "<form action='user_admin.php' method='post'>\n";
197
198         if (isset($user_array) && sizeof($user_array)) {
199                 if ((get_request_var_post("drp_action") == "1") && (sizeof($user_array))) { /* delete */
200                         print "
201                                 <tr>
202                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
203                                                 <p>When you click \"Continue\", the selected User(s) will be deleted.</p>
204                                                 <p><ul>$user_list</ul></p>
205                                         </td>
206                                 </tr>\n";
207                         $save_html = "<input type='button' value='Cancel' onClick='window.history.back()'>&nbsp;<input type='submit' value='Continue' title='Delete User(s)'>";
208                 }
209                 $user_id = "";
210
211                 if ((get_request_var_post("drp_action") == "2") && (sizeof($user_array))) { /* copy */
212                         $user_id = $user_array[0];
213                         $user_realm = db_fetch_cell("SELECT realm FROM user_auth WHERE id = " . $user_id);
214
215                         print "
216                                 <tr>
217                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
218                                                 When you click \"Continue\" the selected User will be copied to the new User below<br><br>
219                                         </td>
220                                 </tr><tr>
221                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
222                                                 Template Username: <i>" . db_fetch_cell("SELECT username FROM user_auth WHERE id=" . $user_id) . "</i>
223                                         </td>
224                                 </tr><tr>
225                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
226                                         New Username: ";
227                         print form_text_box("new_username", "", "", 25);
228                         print "                         </td>
229                                 </tr><tr>
230                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
231                                                 New Full Name: ";
232                         print form_text_box("new_fullname", "", "", 35);
233                         print "                         </td>
234                                 </tr><tr>
235                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
236                                                 New Realm: \n";
237                         print form_dropdown("new_realm", $auth_realms, "", "", $user_realm, "", 0);
238                         print "                         </td>
239
240                                 </tr>\n";
241                         $save_html = "<input type='button' value='Cancel' onClick='window.history.back()'>&nbsp;<input type='submit' value='Continue' title='Copy User'>";
242                 }
243
244                 if ((get_request_var_post("drp_action") == "3") && (sizeof($user_array))) { /* enable */
245                         print "
246                                 <tr>
247                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
248                                                 <p>When you click \"Continue\" the selected User(s) will be enabled.</p>
249                                                 <p><ul>$user_list</ul></p>
250                                         </td>
251                                 </tr>\n";
252                         $save_html = "<input type='button' value='Cancel' onClick='window.history.back()'>&nbsp;<input type='submit' value='Continue' title='Enable User(s)'>";
253                 }
254
255                 if ((get_request_var_post("drp_action") == "4") && (sizeof($user_array))) { /* disable */
256                         print "
257                                 <tr>
258                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
259                                                 <p>When you click \"Continue\" the selected User(s) will be disabled.</p>
260                                                 <p><ul>$user_list</ul></p>
261                                         </td>
262                                 </tr>\n";
263                         $save_html = "<input type='button' value='Cancel' onClick='window.history.back()'>&nbsp;<input type='submit' value='Continue' title='Disable User(s)'>";
264                 }
265
266                 if ((get_request_var_post("drp_action") == "5") && (sizeof($user_array))) { /* batch copy */
267                         $usernames = db_fetch_assoc("SELECT id,username FROM user_auth WHERE realm = 0 ORDER BY username");
268                         print "
269                                 <tr>
270                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>When you click \"Continue\" you will overwrite selected the User(s) settings with the selected template User settings and permissions?  Original user Full Name, Password, Realm and Enable status will be retained, all other fields will be overwritten from Template User.<br><br></td>
271                                 </tr><tr>
272                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
273                                                 Template User: \n";
274                         print form_dropdown("template_user", $usernames, "username", "id", "", "", 0);
275                         print "         </td>
276
277                                 </tr><tr>
278                                         <td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
279                                                 <p>User(s) to update:
280                                                 <ul>$user_list</ul></p>
281                                         </td>
282                                 </tr>\n";
283                         $save_html = "<input type='button' value='Cancel' onClick='window.history.back()'>&nbsp;<input type='submit' value='Continue' title='Reset User(s) Settings'>";
284                 }
285         }else{
286                 print "<tr><td bgcolor='#" . $colors["form_alternate1"]. "'><span class='textError'>You must select at least one user.</span></td></tr>\n";
287                 $save_html = "<input type='button' value='Return' onClick='window.history.back()'>";
288         }
289
290         print " <tr>
291                         <td align='right' bgcolor='#eaeaea'>
292                                 <input type='hidden' name='action' value='actions'>";
293         if (get_request_var_post("drp_action") == "2") { /* copy */
294                 print "                         <input type='hidden' name='selected_items' value='" . $user_id . "'>\n";
295         }else{
296                 print "                         <input type='hidden' name='selected_items' value='" . (isset($user_array) ? serialize($user_array) : '') . "'>\n";
297         }
298         print "                         <input type='hidden' name='drp_action' value='" . get_request_var_post("drp_action") . "'>
299                                 $save_html
300                         </td>
301                 </tr>
302                 ";
303
304         html_end_box();
305
306         include_once("./include/bottom_footer.php");
307 }
308
309 /* --------------------------
310     Save Function
311    -------------------------- */
312
313 function form_save() {
314         global $settings_graphs;
315
316         /* graph permissions */
317         if ((isset($_POST["save_component_graph_perms"])) && (!is_error_message())) {
318                 /* ================= input validation ================= */
319                 input_validate_input_number(get_request_var_post("id"));
320                 input_validate_input_number(get_request_var_post("perm_graphs"));
321                 input_validate_input_number(get_request_var_post("perm_trees"));
322                 input_validate_input_number(get_request_var_post("perm_hosts"));
323                 input_validate_input_number(get_request_var_post("perm_graph_templates"));
324                 input_validate_input_number(get_request_var_post("policy_graphs"));
325                 input_validate_input_number(get_request_var_post("policy_trees"));
326                 input_validate_input_number(get_request_var_post("policy_hosts"));
327                 input_validate_input_number(get_request_var_post("policy_graph_templates"));
328                 /* ==================================================== */
329
330                 $add_button_clicked = false;
331
332                 if (isset($_POST["add_graph_x"])) {
333                         db_execute("REPLACE INTO user_auth_perms (user_id,item_id,type) VALUES (" . get_request_var_post("id") . "," . get_request_var_post("perm_graphs") . ",1)");
334                         $add_button_clicked = true;
335                 }elseif (isset($_POST["add_tree_x"])) {
336                         db_execute("REPLACE INTO user_auth_perms (user_id,item_id,type) VALUES (" . get_request_var_post("id") . "," . get_request_var_post("perm_trees") . ",2)");
337                         $add_button_clicked = true;
338                 }elseif (isset($_POST["add_host_x"])) {
339                         db_execute("REPLACE INTO user_auth_perms (user_id,item_id,type) VALUES (" . get_request_var_post("id") . "," . get_request_var_post("perm_hosts") . ",3)");
340                         $add_button_clicked = true;
341                 }elseif (isset($_POST["add_graph_template_x"])) {
342                         db_execute("REPLACE INTO user_auth_perms (user_id,item_id,type) VALUES (" . get_request_var_post("id") . "," . get_request_var_post("perm_graph_templates") . ",4)");
343                         $add_button_clicked = true;
344                 }
345
346                 if ($add_button_clicked == true) {
347                         header("Location: user_admin.php?action=user_edit&tab=graph_perms_edit&id=" . get_request_var_post("id"));
348                         exit;
349                 }
350         }
351
352         /* user management save */
353         if (isset($_POST["save_component_user"])) {
354                 /* ================= input validation ================= */
355                 input_validate_input_number(get_request_var_post("id"));
356                 input_validate_input_number(get_request_var_post("realm"));
357                 /* ==================================================== */
358
359                 if ((get_request_var_post("password") == "") && (get_request_var_post("password_confirm") == "")) {
360                         $password = db_fetch_cell("SELECT password FROM user_auth WHERE id = " . get_request_var_post("id"));
361                 }else{
362                         $password = md5(get_request_var_post("password"));
363                 }
364
365                 /* check duplicate username */
366                 if (sizeof(db_fetch_row("select * from user_auth where realm = " . get_request_var_post("realm") . " and username = '" . get_request_var_post("username") . "' and id != " . get_request_var_post("id")))) {
367                         raise_message(12);
368                 }
369
370                 /* check for guest or template user */
371                 $username = db_fetch_cell("select username from user_auth where id = " . get_request_var_post("id"));
372                 if ($username != get_request_var_post("username")) {
373                         if ($username == read_config_option("user_template")) {
374                                 raise_message(20);
375                         }
376                         if ($username == read_config_option("guest_user")) {
377                                 raise_message(20);
378                         }
379                 }
380
381                 /* check to make sure the passwords match; if not error */
382                 if (get_request_var_post("password") != get_request_var_post("password_confirm")) {
383                         raise_message(4);
384                 }
385
386                 form_input_validate(get_request_var_post("password"), "password", "" . preg_quote(get_request_var_post("password_confirm")) . "", true, 4);
387                 form_input_validate(get_request_var_post("password_confirm"), "password_confirm", "" . preg_quote(get_request_var_post("password")) . "", true, 4);
388
389                 $save["id"] = get_request_var_post("id");
390                 $save["username"] = form_input_validate(get_request_var_post("username"), "username", "^[A-Za-z0-9\._\\\@\ -]+$", false, 3);
391                 $save["full_name"] = form_input_validate(get_request_var_post("full_name"), "full_name", "", true, 3);
392                 $save["password"] = $password;
393                 $save["must_change_password"] = form_input_validate(get_request_var_post("must_change_password", ""), "must_change_password", "", true, 3);
394                 $save["show_tree"] = form_input_validate(get_request_var_post("show_tree", ""), "show_tree", "", true, 3);
395                 $save["show_list"] = form_input_validate(get_request_var_post("show_list", ""), "show_list", "", true, 3);
396                 $save["show_preview"] = form_input_validate(get_request_var_post("show_preview", ""), "show_preview", "", true, 3);
397                 $save["graph_settings"] = form_input_validate(get_request_var_post("graph_settings", ""), "graph_settings", "", true, 3);
398                 $save["login_opts"] = form_input_validate(get_request_var_post("login_opts"), "login_opts", "", true, 3);
399                 $save["policy_graphs"] = form_input_validate(get_request_var_post("policy_graphs", get_request_var_post("_policy_graphs")), "policy_graphs", "", true, 3);
400                 $save["policy_trees"] = form_input_validate(get_request_var_post("policy_trees", get_request_var_post("_policy_trees")), "policy_trees", "", true, 3);
401                 $save["policy_hosts"] = form_input_validate(get_request_var_post("policy_hosts", get_request_var_post("_policy_hosts")), "policy_hosts", "", true, 3);
402                 $save["policy_graph_templates"] = form_input_validate(get_request_var_post("policy_graph_templates", get_request_var_post("_policy_graph_templates")), "policy_graph_templates", "", true, 3);
403                 $save["realm"] = get_request_var_post("realm", 0);
404                 $save["enabled"] = form_input_validate(get_request_var_post("enabled", ""), "enabled", "", true, 3);
405
406                 if (!is_error_message()) {
407                         $user_id = sql_save($save, "user_auth");
408
409                         if ($user_id) {
410                                 raise_message(1);
411                         }else{
412                                 raise_message(2);
413                         }
414
415                         if (isset($_POST["save_component_realm_perms"])) {
416                                 db_execute("DELETE FROM user_auth_realm WHERE user_id = " . $user_id);
417
418                                 while (list($var, $val) = each($_POST)) {
419                                         if (eregi("^[section]", $var)) {
420                                                 if (substr($var, 0, 7) == "section") {
421                                                     db_execute("REPLACE INTO user_auth_realm (user_id,realm_id) VALUES (" . $user_id . "," . substr($var, 7) . ")");
422                                                 }
423                                         }
424                                 }
425                         }elseif (isset($_POST["save_component_graph_settings"])) {
426                                 while (list($tab_short_name, $tab_fields) = each($settings_graphs)) {
427                                         while (list($field_name, $field_array) = each($tab_fields)) {
428                                                 if ((isset($field_array["items"])) && (is_array($field_array["items"]))) {
429                                                         while (list($sub_field_name, $sub_field_array) = each($field_array["items"])) {
430                                                                 db_execute("REPLACE INTO settings_graphs (user_id,name,value) VALUES (" . (!empty($user_id) ? $user_id : get_request_var_post("id")) . ",'$sub_field_name', '" . get_request_var_post($sub_field_name, "") . "')");
431                                                         }
432                                                 }else{
433                                                         db_execute("REPLACE INTO settings_graphs (user_id,name,value) VALUES (" . (!empty($user_id) ? $user_id : $_POST["id"]) . ",'$field_name', '" . get_request_var_post($field_name) . "')");
434                                                 }
435                                         }
436                                 }
437
438                                 /* reset local settings cache so the user sees the new settings */
439                                 kill_session_var("sess_graph_config_array");
440                         }elseif (isset($_POST["save_component_graph_perms"])) {
441                                 db_execute("UPDATE user_auth SET
442                                         policy_graphs = " . get_request_var_post("policy_graphs") . ",
443                                         policy_trees = " . get_request_var_post("policy_trees") . ",
444                                         policy_hosts = " . get_request_var_post("policy_hosts") . ",
445                                         policy_graph_templates = " . get_request_var_post("policy_graph_templates") . "
446                                         WHERE id = " . get_request_var_post("id"));
447                         }
448                 }
449         }
450
451         /* redirect to the appropriate page */
452         header("Location: user_admin.php?action=user_edit&id=" . (empty($user_id) ? $_POST["id"] : $user_id));
453 }
454
455 /* --------------------------
456     Graph Permissions
457    -------------------------- */
458
459 function perm_remove() {
460         /* ================= input validation ================= */
461         input_validate_input_number(get_request_var("id"));
462         input_validate_input_number(get_request_var("user_id"));
463         /* ==================================================== */
464
465         if (get_request_var("type") == "graph") {
466                 db_execute("DELETE FROM user_auth_perms WHERE type = 1 AND user_id = " . get_request_var("user_id") . " AND item_id = " . get_request_var("id"));
467         }elseif (get_request_var("type") == "tree") {
468                 db_execute("DELETE FROM user_auth_perms WHERE type = 2 AND user_id = " . get_request_var("user_id") . " AND item_id = " . get_request_var("id"));
469         }elseif (get_request_var("type") == "host") {
470                 db_execute("DELETE FROM user_auth_perms WHERE type = 3 AND user_id = " . get_request_var("user_id") . " AND item_id = " . get_request_var("id"));
471         }elseif (get_request_var("type") == "graph_template") {
472                 db_execute("DELETE FROM user_auth_perms WHERE type = 4 AND user_id=" . get_request_var("user_id") . " and item_id = " . get_request_var("id"));
473         }
474
475         header("Location: user_admin.php?action=user_edit&tab=graph_perms_edit&id=" . get_request_var("user_id"));
476 }
477
478 function graph_perms_edit() {
479         global $colors;
480
481         /* ================= input validation ================= */
482         input_validate_input_number(get_request_var("id"));
483         /* ==================================================== */
484
485         $graph_policy_array = array(
486                 1 => "Allow",
487                 2 => "Deny");
488
489         if (!empty($_GET["id"])) {
490                 $policy = db_fetch_row("SELECT policy_graphs,policy_trees,policy_hosts,policy_graph_templates FROM user_auth WHERE id = " . get_request_var("id"));
491
492                 $header_label = "[edit: " . db_fetch_cell("SELECT username FROM user_auth WHERE id = " . get_request_var("id")) . "]";
493         }
494
495         ?>
496         <table width='100%' align='center' cellpadding="5">
497                 <tr>
498                         <td>
499                                 <span style='font-size: 12px; font-weight: bold;'>Graph policies will be evaluated in the order shown until a match is found.</span>
500                         </td>
501                 </tr>
502         </table>
503         <?php
504
505         /* box: graph permissions */
506         html_start_box("<strong>Graph Permissions (By Graph)</strong>", "100%", $colors["header"], "3", "center", "");
507
508         $graphs = db_fetch_assoc("SELECT
509                 graph_templates_graph.local_graph_id,
510                 graph_templates_graph.title_cache
511                 FROM graph_templates_graph
512                 LEFT JOIN user_auth_perms ON (graph_templates_graph.local_graph_id = user_auth_perms.item_id AND user_auth_perms.type = 1)
513                 WHERE graph_templates_graph.local_graph_id > 0
514                 AND user_auth_perms.user_id = " . get_request_var("id", 0) . "
515                 ORDER BY graph_templates_graph.title_cache");
516
517         ?>
518         <form method="post" action="user_admin.php">
519         <tr bgcolor="#<?php print $colors["form_alternate1"];?>">
520                 <td width="50%">
521                         <font class="textEditTitle">Default Policy</font><br>
522                         The default allow/deny graph policy for this user.
523                 </td>
524                 <td align="right">
525                         <?php form_dropdown("policy_graphs",$graph_policy_array,"","",$policy["policy_graphs"],"",""); ?>
526                 </td>
527         </tr>
528         <tr>
529                 <td colspan="2">
530                         <table width="100%" cellpadding="1">
531                                 <?php
532                                 $i = 0;
533                                 if (sizeof($graphs) > 0) {
534                                 foreach ($graphs as $item) {
535                                         $i++;
536                                         print " <tr>
537                                                         <td><span style='font-weight: bold; color: " . (($policy["policy_graphs"] == "1") ? "red" : "blue") . ";'>$i)</span> " . $item["title_cache"] . "</td>
538                                                         <td align='right'><a href='" . htmlspecialchars("user_admin.php?action=perm_remove&type=graph&id=" . $item["local_graph_id"] . "&user_id=" . $_GET["id"]) . "'><img src='images/delete_icon.gif' style='height:10px;width:10px;' border='0' alt='Delete'></a>&nbsp;</td>
539                                                 </tr>\n";
540                                 }
541                                 }else{ print "<tr><td><em>No Graphs</em></td></tr>";
542                                 }
543                                 ?>
544                         </table>
545                 </td>
546         </tr>
547         <?php
548
549         html_end_box(false);
550
551         ?>
552         <table align='center' width='100%'>
553                 <tr>
554                         <td nowrap>Add Graph:&nbsp;
555                                 <?php form_dropdown("perm_graphs",db_fetch_assoc("SELECT local_graph_id, title_cache FROM graph_templates_graph WHERE local_graph_id > 0 AND local_graph_id NOT IN (SELECT item_id FROM user_auth_perms WHERE user_auth_perms.type=1 AND user_auth_perms.user_id=".get_request_var("id",0).") ORDER BY title_cache"),"title_cache","local_graph_id","","","");?>
556                         </td>
557                         <td align="right">
558                                 &nbsp;<input type="submit" value="Add" name="add_graph_x" title="Add New Graph Permission">
559                         </td>
560                 </tr>
561         </table>
562         <br>
563         <?php
564
565         /* box: device permissions */
566         html_start_box("<strong>Graph Permissions (By Device)</strong>", "100%", $colors["header"], "3", "center", "");
567
568         $hosts = db_fetch_assoc("SELECT
569                 host.id,
570                 CONCAT('',host.description,' (',host.hostname,')') as name
571                 FROM host
572                 LEFT JOIN user_auth_perms ON (host.id = user_auth_perms.item_id AND user_auth_perms.type = 3)
573                 WHERE user_auth_perms.user_id = " . get_request_var("id", 0) . "
574                 ORDER BY host.description,host.hostname");
575
576         ?>
577         <tr bgcolor="#<?php print $colors["form_alternate1"];?>">
578                 <td width="50%">
579                         <font class="textEditTitle">Default Policy</font><br>
580                         The default allow/deny graph policy for this user.
581                 </td>
582                 <td align="right">
583                         <?php form_dropdown("policy_hosts",$graph_policy_array,"","",$policy["policy_hosts"],"",""); ?>
584                 </td>
585         </tr>
586         <tr>
587                 <td colspan="2">
588                         <table width="100%" cellpadding="1">
589                                 <?php
590                                 $i = 0;
591                                 if (sizeof($hosts) > 0) {
592                                         foreach ($hosts as $item) {
593                                                 $i++;
594                                                 print " <tr>
595                                                         <td><span style='font-weight: bold; color: " . (($policy["policy_hosts"] == "1") ? "red" : "blue") . ";'>$i)</span> " . $item["name"] . "</td>
596                                                         <td align='right'><a href='" . htmlspecialchars("user_admin.php?action=perm_remove&type=host&id=" . $item["id"] . "&user_id=" . $_GET["id"]) . "'><img src='images/delete_icon.gif' style='height:10px;width:10px;' border='0' alt='Delete'></a>&nbsp;</td>
597                                                 </tr>\n";
598                                         }
599                                 }else{
600                                         print "<tr><td><em>No Devices</em></td></tr>";
601                                 }
602                                 ?>
603                         </table>
604                 </td>
605         </tr>
606
607         <?php
608
609         html_end_box(false);
610
611         ?>
612         <table align='center' width='100%'>
613                 <tr>
614                         <td nowrap>Add Host:&nbsp;
615                                 <?php form_dropdown("perm_hosts",db_fetch_assoc("SELECT id, CONCAT('',description,' (',hostname,')') AS name FROM host WHERE host.id NOT IN (SELECT item_id FROM user_auth_perms WHERE user_auth_perms.type=3 AND user_auth_perms.user_id=".get_request_var("id",0).") ORDER BY description,hostname"),"name","id","","","");?>
616                         </td>
617                         <td align="right">
618                                 &nbsp;<input type="submit" value="Add" name="add_host_x" title="Add New Host Permission">
619                         </td>
620                 </tr>
621         </table>
622         <br>
623         <?php
624
625         /* box: graph template permissions */
626         html_start_box("<strong>Graph Permissions (By Graph Template)</strong>", "100%", $colors["header"], "3", "center", "");
627
628         $graph_templates = db_fetch_assoc("SELECT
629                 graph_templates.id,
630                 graph_templates.name
631                 from graph_templates
632                 LEFT JOIN user_auth_perms ON (graph_templates.id = user_auth_perms.item_id AND user_auth_perms.type = 4)
633                 WHERE user_auth_perms.user_id = " . get_request_var("id", 0) . "
634                 ORDER BY graph_templates.name");
635
636         ?>
637         <tr bgcolor="#<?php print $colors["form_alternate1"];?>">
638                 <td width="50%">
639                         <font class="textEditTitle">Default Policy</font><br>
640                         The default allow/deny graph policy for this user.
641                 </td>
642                 <td align="right">
643                         <?php form_dropdown("policy_graph_templates",$graph_policy_array,"","",$policy["policy_graph_templates"],"",""); ?>
644                 </td>
645         </tr>
646         <tr>
647                 <td colspan="2">
648                         <table width="100%" cellpadding="1">
649                                 <?php
650                                 $i = 0;
651                                 if (sizeof($graph_templates) > 0) {
652                                 foreach ($graph_templates as $item) {
653                                         $i++;
654                                         print " <tr>
655                                                         <td><span style='font-weight: bold; color: " . (($policy["policy_graph_templates"] == "1") ? "red" : "blue") . ";'>$i)</span> " . $item["name"] . "</td>
656                                                         <td align='right'><a href='" . htmlspecialchars("user_admin.php?action=perm_remove&type=graph_template&id=" . $item["id"] . "&user_id=" . $_GET["id"]) . "'><img src='images/delete_icon.gif' style='height:10px;width:10px;' border='0' alt='Delete'></a>&nbsp;</td>
657                                                 </tr>\n";
658                                 }
659                                 }else{ print "<tr><td><em>No Graph Templates</em></td></tr>";
660                                 }
661                                 ?>
662                         </table>
663                 </td>
664         </tr>
665
666         <?php
667
668         html_end_box(false);
669
670         ?>
671         <table align='center' width='100%'>
672                 <tr>
673                         <td nowrap>Add Graph Template:&nbsp;
674                                 <?php form_dropdown("perm_graph_templates",db_fetch_assoc("SELECT id, name FROM graph_templates WHERE id NOT IN (SELECT item_id FROM user_auth_perms WHERE user_auth_perms.type=4 AND user_auth_perms.user_id=".get_request_var("id",0).") ORDER BY name"),"name","id","","","");?>
675                         </td>
676                         <td align="right">
677                                 &nbsp;<input type="submit" value="Add" name="add_graph_template_x" title="Add New Graph Template Permission">
678                         </td>
679                 </tr>
680         </table>
681         <br>
682         <?php
683
684         /* box: tree permissions */
685         html_start_box("<strong>Tree Permissions</strong>", "100%", $colors["header"], "3", "center", "");
686
687         $trees = db_fetch_assoc("SELECT
688                 graph_tree.id,
689                 graph_tree.name
690                 from graph_tree
691                 LEFT JOIN user_auth_perms ON (graph_tree.id = user_auth_perms.item_id AND user_auth_perms.type = 2)
692                 WHERE user_auth_perms.user_id = " . get_request_var("id", 0) . "
693                 ORDER BY graph_tree.name");
694
695         ?>
696         <tr bgcolor="#<?php print $colors["form_alternate1"];?>">
697                 <td width="50%">
698                         <font class="textEditTitle">Default Policy</font><br>
699                         The default allow/deny graph policy for this user.
700                 </td>
701                 <td align="right">
702                         <?php form_dropdown("policy_trees",$graph_policy_array,"","",$policy["policy_trees"],"",""); ?>
703                 </td>
704         </tr>
705         <tr>
706                 <td colspan="2">
707                         <table width="100%" cellpadding="1">
708                                 <?php
709                                 $i = 0;
710                                 if (sizeof($trees) > 0) {
711                                 foreach ($trees as $item) {
712                                         $i++;
713                                         print " <tr>
714                                                         <td><span style='font-weight: bold; color: " . (($policy["policy_trees"] == "1") ? "red" : "blue") . ";'>$i)</span> " . $item["name"] . "</td>
715                                                         <td align='right'><a href='" . htmlspecialchars("user_admin.php?action=perm_remove&type=tree&id=" . $item["id"] . "&user_id=" . $_GET["id"]) . "'><img src='images/delete_icon.gif' style='height:10px;width:10px;' border='0' alt='Delete'></a>&nbsp;</td>
716                                                 </tr>\n";
717                                 }
718                                 }else{ print "<tr><td><em>No Trees</em></td></tr>";
719                                 }
720                                 ?>
721                         </table>
722                 </td>
723         </tr>
724
725         <?php
726
727         html_end_box(false);
728
729         ?>
730         <table align='center' width='100%'>
731                 <tr>
732                         <td nowrap>Add Tree:&nbsp;
733                                 <?php form_dropdown("perm_trees",db_fetch_assoc("SELECT id, name FROM graph_tree WHERE id NOT IN (SELECT item_id FROM user_auth_perms WHERE user_auth_perms.type=2 AND user_auth_perms.user_id=".get_request_var("id",0)." ) ORDER BY name"),"name","id","","","");?>
734                         </td>
735                         <td align="right">
736                                 &nbsp;<input type="submit" value="Add" name="add_tree_x" title="Add New Tree Permission">
737                         </td>
738                 </tr>
739         </table>
740         <br>
741
742         <?php
743         form_hidden_box("save_component_graph_perms","1","");
744 }
745
746 function user_realms_edit() {
747         global $colors, $user_auth_realms;
748
749         /* ================= input validation ================= */
750         input_validate_input_number(get_request_var("id"));
751         /* ==================================================== */
752
753         ?>
754         <table width='100%' align='center' cellpadding="5">
755                 <tr>
756                         <td>
757                                 <span style='font-size: 12px; font-weight: bold;'>Realm permissions control which sections of Cacti this user will have access to.</span>
758                         </td>
759                 </tr>
760         </table>
761         <?php
762
763         html_start_box("", "100%", $colors["header"], "3", "center", "");
764
765         print " <tr bgcolor='#" . $colors["header"] . "'>
766                         <td class='textHeaderDark'><strong>Realm Permissions</strong></td>
767                         <td width='1%' align='center' bgcolor='#819bc0' style='" . get_checkbox_style() . "'><input type='checkbox' style='margin: 0px;' name='all' title='Select All' onClick='SelectAll(\"section\",this.checked)'></td>\n
768                 </tr>\n";
769
770         ?>
771
772         <tr>
773                 <td colspan="2" width="100%">
774                         <table width="100%">
775                                 <tr>
776                                         <td align="top" width="50%">
777                                                 <?php
778                                                 $i = 0;
779                                                 while (list($realm_id, $realm_name) = each($user_auth_realms)) {
780                                                         if (sizeof(db_fetch_assoc("SELECT realm_id FROM user_auth_realm WHERE user_id = " . get_request_var("id", 0) . " AND realm_id = " . $realm_id)) > 0) {
781                                                                 $old_value = "on";
782                                                         }else{
783                                                                 $old_value = "";
784                                                         }
785
786                                                         $column1 = floor((sizeof($user_auth_realms) / 2) + (sizeof($user_auth_realms) % 2));
787
788                                                         if ($i == $column1) {
789                                                                 print "</td><td valign='top' width='50%'>";
790                                                         }
791
792                                                         form_checkbox("section" . $realm_id, $old_value, $realm_name, "", "", "", (!empty($_GET["id"]) ? 1 : 0)); print "<br>";
793
794                                                         $i++;
795                                                 }
796                                                 ?>
797                                         </td>
798                                 </tr>
799                         </table>
800                 </td>
801         </tr>
802
803         <?php
804         html_end_box();
805
806         form_hidden_box("save_component_realm_perms","1","");
807 }
808
809 function graph_settings_edit() {
810         global $settings_graphs, $tabs_graphs, $colors, $graph_views, $graph_tree_views;
811
812         /* ================= input validation ================= */
813         input_validate_input_number(get_request_var("id"));
814         /* ==================================================== */
815
816         ?>
817         <table width='100%' align='center' cellpadding="5">
818                 <tr>
819                         <td>
820                                 <span style='font-size: 12px; font-weight: bold;'>Graph settings control how graphs are displayed for this user.</span>
821                         </td>
822                 </tr>
823         </table>
824         <?php
825
826         html_start_box("<strong>Graph Settings</strong>", "100%", $colors["header"], "3", "center", "");
827
828         while (list($tab_short_name, $tab_fields) = each($settings_graphs)) {
829                 ?>
830                 <tr bgcolor='#<?php print $colors["header_panel"];?>'>
831                         <td colspan='2' class='textSubHeaderDark' style='padding: 3px;'>
832                                 <?php print $tabs_graphs[$tab_short_name];?>
833                         </td>
834                 </tr>
835                 <?php
836
837                 $form_array = array();
838
839                 while (list($field_name, $field_array) = each($tab_fields)) {
840                         $form_array += array($field_name => $tab_fields[$field_name]);
841
842                         if ((isset($field_array["items"])) && (is_array($field_array["items"]))) {
843                                 while (list($sub_field_name, $sub_field_array) = each($field_array["items"])) {
844                                         if (graph_config_value_exists($sub_field_name, $_GET["id"])) {
845                                                 $form_array[$field_name]["items"][$sub_field_name]["form_id"] = 1;
846                                         }
847
848                                         $form_array[$field_name]["items"][$sub_field_name]["value"] =  db_fetch_cell("SELECT value FROM settings_graphs WHERE name = '" . $sub_field_name . "' AND user_id = " . get_request_var("id"));
849                                 }
850                         }else{
851                                 if (graph_config_value_exists($field_name, $_GET["id"])) {
852                                         $form_array[$field_name]["form_id"] = 1;
853                                 }
854
855                                 $form_array[$field_name]["value"] = db_fetch_cell("select value from settings_graphs where name='$field_name' and user_id=" . $_GET["id"]);
856                         }
857                 }
858
859                 draw_edit_form(
860                         array(
861                                 "config" => array(
862                                         "no_form_tag" => true
863                                         ),
864                                 "fields" => $form_array
865                                 )
866                         );
867         }
868
869         html_end_box();
870
871         form_hidden_box("save_component_graph_settings","1","");
872 }
873
874 /* --------------------------
875     User Administration
876    -------------------------- */
877
878 function user_edit() {
879         global $colors, $fields_user_user_edit_host;
880
881         /* ================= input validation ================= */
882         input_validate_input_number(get_request_var("id"));
883         /* ==================================================== */
884
885         if (!empty($_GET["id"])) {
886                 $user = db_fetch_row("SELECT * FROM user_auth WHERE id = " . get_request_var("id"));
887                 $header_label = "[edit: " . $user["username"] . "]";
888         }else{
889                 $header_label = "[new]";
890         }
891
892         html_start_box("<strong>User Management</strong> $header_label", "100%", $colors["header"], "3", "center", "");
893
894         draw_edit_form(array(
895                 "config" => array("form_name" => "chk"),
896                 "fields" => inject_form_variables($fields_user_user_edit_host, (isset($user) ? $user : array()))
897                 ));
898
899         html_end_box();
900
901         if (!empty($_GET["id"])) {
902                 /* draw user admin nav tabs */
903                 ?>
904                 <table class='tabs' width='100%' cellspacing='0' cellpadding='3' align='center'>
905                         <tr>
906                                 <td width='1'></td>
907                                 <td <?php print ((get_request_var_request("tab") == "user_realms_edit") ? "bgcolor='silver'" : "bgcolor='#DFDFDF'");?> nowrap='nowrap' width='150' align='center' class='tab'>
908                                         <span class='textHeader'><a href='<?php print htmlspecialchars("user_admin.php?action=user_edit&tab=user_realms_edit&id=" . $_GET["id"]);?>'>Realm Permissions</a></span>
909                                 </td>
910                                 <td width='1'></td>
911                                 <td <?php print ((get_request_var_request("tab") == "graph_perms_edit") ? "bgcolor='silver'" : "bgcolor='#DFDFDF'");?> nowrap='nowrap' width='150' align='center' class='tab'>
912                                         <span class='textHeader'><a href='<?php print htmlspecialchars("user_admin.php?action=user_edit&tab=graph_perms_edit&id=" . $_GET["id"]);?>'>Graph Permissions</a></span>
913                                 </td>
914                                 <td width='1'></td>
915                                 <td <?php print ((get_request_var_request("tab") == "graph_settings_edit") ? "bgcolor='silver'" : "bgcolor='#DFDFDF'");?> nowrap='nowrap' width='130' align='center' class='tab'>
916                                         <span class='textHeader'><a href='<?php print htmlspecialchars("user_admin.php?action=user_edit&tab=graph_settings_edit&id=" . $_GET["id"]);?>'>Graph Settings</a></span>
917                                 </td>
918                                 <td></td>
919                         </tr>
920                 </table>
921                 <?php
922         }
923
924         if (get_request_var_request("tab") == "graph_settings_edit") {
925                 graph_settings_edit();
926         }elseif (get_request_var_request("tab") == "user_realms_edit") {
927                 user_realms_edit();
928         }elseif (get_request_var_request("tab") == "graph_perms_edit") {
929                 graph_perms_edit();
930         }else{
931                 user_realms_edit();
932         }
933
934         form_save_button("user_admin.php", "return");
935 }
936
937 function user() {
938         global $colors, $auth_realms, $user_actions;
939
940         /* ================= input validation ================= */
941         input_validate_input_number(get_request_var_request("page"));
942         /* ==================================================== */
943
944         /* clean up search string */
945         if (isset($_REQUEST["filter"])) {
946                 $_REQUEST["filter"] = sanitize_search_string(get_request_var("filter"));
947         }
948
949         /* clean up sort_column */
950         if (isset($_REQUEST["sort_column"])) {
951                 $_REQUEST["sort_column"] = sanitize_search_string(get_request_var("sort_column"));
952         }
953
954         /* clean up sort_direction string */
955         if (isset($_REQUEST["sort_direction"])) {
956                 $_REQUEST["sort_direction"] = sanitize_search_string(get_request_var("sort_direction"));
957         }
958
959         /* if the user pushed the 'clear' button */
960         if (isset($_REQUEST["clear_x"])) {
961                 kill_session_var("sess_user_admin_current_page");
962                 kill_session_var("sess_user_admin_filter");
963                 kill_session_var("sess_user_admin_sort_column");
964                 kill_session_var("sess_user_admin_sort_direction");
965
966                 unset($_REQUEST["page"]);
967                 unset($_REQUEST["filter"]);
968                 unset($_REQUEST["sort_column"]);
969                 unset($_REQUEST["sort_direction"]);
970         }
971
972         /* remember these search fields in session vars so we don't have to keep passing them around */
973         load_current_session_value("page", "sess_user_admin_current_page", "1");
974         load_current_session_value("filter", "sess_user_admin_filter", "");
975         load_current_session_value("sort_column", "sess_user_admin_sort_column", "username");
976         load_current_session_value("sort_direction", "sess_user_admin_sort_direction", "ASC");
977
978         html_start_box("<strong>User Management</strong>", "100%", $colors["header"], "3", "center", "user_admin.php?action=user_edit");
979
980         ?>
981         <tr bgcolor="#<?php print $colors["panel"];?>">
982                 <td>
983                 <form name="form_user_admin" action="user_admin.php">
984                         <table width="100%" cellpadding="0" cellspacing="0">
985                                 <tr>
986                                         <td nowrap style='white-space: nowrap;' width="50">
987                                                 Search:&nbsp;
988                                         </td>
989                                         <td width="1">
990                                                 <input type="text" name="filter" size="40" value="<?php print htmlspecialchars(get_request_var_request("filter"));?>">
991                                         </td>
992                                         <td nowrap style='white-space: nowrap;'>
993                                                 &nbsp;<input type="submit" value="Go" title="Set/Refresh Filters">
994                                                 <input type="submit" name="clear_x" value="Clear" title="Clear Filters">
995                                         </td>
996                                 </tr>
997                         </table>
998                         <input type='hidden' name='page' value='1'>
999                 </form>
1000                 </td>
1001         </tr>
1002         <?php
1003
1004         html_end_box();
1005
1006         /* form the 'where' clause for our main sql query */
1007         if (strlen(get_request_var_request("filter"))) {
1008                 $sql_where = "WHERE (user_auth.username LIKE '%" . get_request_var_request("filter") . "%' OR user_auth.full_name LIKE '%" . get_request_var_request("filter") . "%')";
1009         }else{
1010                 $sql_where = "";
1011         }
1012
1013         /* print checkbox form for validation */
1014         print "<form name='chk' method='post' action='user_admin.php'>\n";
1015
1016         html_start_box("", "100%", $colors["header"], "3", "center", "");
1017
1018         $total_rows = db_fetch_cell("SELECT
1019                 COUNT(user_auth.id)
1020                 FROM user_auth
1021                 $sql_where");
1022
1023         $user_list = db_fetch_assoc("SELECT
1024                 id,
1025                 user_auth.username,
1026                 full_name,
1027                 realm,
1028                 enabled,
1029                 policy_graphs,
1030                 time,
1031                 max(time) as dtime
1032                 FROM user_auth
1033                 LEFT JOIN user_log ON (user_auth.id = user_log.user_id)
1034                 $sql_where
1035                 GROUP BY id
1036                 ORDER BY " . get_request_var_request("sort_column") . " " . get_request_var_request("sort_direction") .
1037                 " LIMIT " . (read_config_option("num_rows_device") * (get_request_var_request("page") - 1)) . "," . read_config_option("num_rows_device"));
1038
1039         /* generate page list */
1040         $url_page_select = get_page_list(get_request_var_request("page"), MAX_DISPLAY_PAGES, read_config_option("num_rows_device"), $total_rows, "user_admin.php?filter=" . get_request_var_request("filter"));
1041
1042         $nav = "<tr bgcolor='#" . $colors["header"] . "'>
1043                 <td colspan='7'>
1044                         <table width='100%' cellspacing='0' cellpadding='0' border='0'>
1045                                 <tr>
1046                                         <td align='left' class='textHeaderDark'>
1047                                                 <strong>&lt;&lt; "; if (get_request_var_request("page") > 1) { $nav .= "<a class='linkOverDark' href='" . htmlspecialchars("user_admin.php?filter=" . get_request_var_request("filter") . "&page=" . (get_request_var_request("page") - 1)) . "'>"; } $nav .= "Previous"; if (get_request_var_request("page") > 1) { $nav .= "</a>"; } $nav .= "</strong>
1048                                         </td>\n
1049                                         <td align='center' class='textHeaderDark'>
1050                                                 Showing Rows " . ((read_config_option("num_rows_device") * (get_request_var_request("page") - 1)) + 1) . " to " . ((($total_rows < read_config_option("num_rows_device")) || ($total_rows < (read_config_option("num_rows_device") * get_request_var_request("page")))) ? $total_rows : (read_config_option("num_rows_device") * get_request_var_request("page"))) . " of $total_rows [$url_page_select]
1051                                         </td>\n
1052                                         <td align='right' class='textHeaderDark'>
1053                                                 <strong>"; if ((get_request_var_request("page") * read_config_option("num_rows_device")) < $total_rows) { $nav .= "<a class='linkOverDark' href='" . htmlspecialchars("user_admin.php?filter=" . get_request_var_request("filter") . "&page=" . (get_request_var_request("page") + 1)) . "'>"; } $nav .= "Next"; if ((get_request_var_request("page") * read_config_option("num_rows_device")) < $total_rows) { $nav .= "</a>"; } $nav .= " &gt;&gt;</strong>
1054                                         </td>\n
1055                                 </tr>
1056                         </table>
1057                 </td>
1058                 </tr>\n";
1059
1060         print $nav;
1061
1062         $display_text = array(
1063                 "username" => array("User Name", "ASC"),
1064                 "full_name" => array("Full Name", "ASC"),
1065                 "enabled" => array("Enabled", "ASC"),
1066                 "realm" => array("Realm", "ASC"),
1067                 "policy_graphs" => array("Default Graph Policy", "ASC"),
1068                 "dtime" => array("Last Login", "DESC"));
1069
1070         html_header_sort_checkbox($display_text, get_request_var_request("sort_column"), get_request_var_request("sort_direction"), false);
1071
1072         $i = 0;
1073         if (sizeof($user_list) > 0) {
1074                 foreach ($user_list as $user) {
1075                         if (empty($user["dtime"]) || ($user["dtime"] == "12/31/1969")) {
1076                                 $last_login = "N/A";
1077                         }else{
1078                                 $last_login = strftime("%A, %B %d, %Y %H:%M:%S ", strtotime($user["dtime"]));;
1079                         }
1080                         if ($user["enabled"] == "on") {
1081                                 $enabled = "Yes";
1082                         }else{
1083                                 $enabled = "No";
1084                         }
1085
1086                         form_alternate_row_color($colors["alternate"], $colors["light"], $i, 'line' . $user["id"]); $i++;
1087                         form_selectable_cell("<a class='linkEditMain' href='" . htmlspecialchars("user_admin.php?action=user_edit&tab=user_realms_edit&id=" . $user["id"]) . "'>" .
1088                         (strlen(get_request_var_request("filter")) ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>",  htmlspecialchars($user["username"])) : htmlspecialchars($user["username"]))
1089                         , $user["id"]);
1090                         form_selectable_cell((strlen(get_request_var_request("filter")) ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", htmlspecialchars($user["full_name"])) : htmlspecialchars($user["full_name"])), $user["id"]);
1091                         form_selectable_cell($enabled, $user["id"]);
1092                         form_selectable_cell($auth_realms[$user["realm"]], $user["id"]);
1093                         if ($user["policy_graphs"] == "1") {
1094                                 form_selectable_cell("ALLOW", $user["id"]);
1095                         }else{
1096                                 form_selectable_cell("DENY", $user["id"]);
1097                         }
1098                         form_selectable_cell($last_login, $user["id"]);
1099                         form_checkbox_cell($user["username"], $user["id"]);
1100                         form_end_row();
1101                 }
1102
1103                 print $nav;
1104         }else{
1105                 print "<tr><td><em>No Users</em></td></tr>";
1106         }
1107         html_end_box(false);
1108
1109         draw_actions_dropdown($user_actions);
1110
1111 }
1112 ?>
1113