[feladat @ 113]
Password field in users.php is now set to type 'password' instead of 'text'. When typing password '*' are shown instead of the password.
<?php
/* PowerAdmin, a friendly web-based admin tool for PowerDNS.
* See <https://rejo.zenger.nl/poweradmin> for more details.
*
* Copyright 2007, 2008 Rejo Zenger <rejo@zenger.nl>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
require_once("inc/toolkit.inc.php");
if($_POST["submit"]
&& $_POST["username"] != ""
&& $_POST["password"] != ""
&& $_POST["fullname"] != ""
&& $_POST["email"] != ""
&& $_POST["level"] > 0)
{
if(substr_count($_POST["username"], " ") == 0)
{
if(strlen($_POST["password"]) < 8)
{
$error = _('Password length should be at least 8 characters.');
}
else
{
add_user($_POST["username"], $_POST["password"], $_POST["fullname"], $_POST["email"], $_POST["level"], $_POST["description"], $_POST["active"]);
clean_page($BASE_URL . $BASE_PATH . "users.php");
}
}
else
{
$error = _('Usernames can\'t contain spaces');
}
}
elseif($_POST["submit"])
{
$error = _('Please fill in all fields');
}
include_once("inc/header.inc.php");
if ($error != "")
{
?>
<div class="error"><? echo $error ; ?></div>
<?
}
?>
<h2><? echo _('User admin'); ?></h2>
<?
if (!level(10))
{
error(ERR_LEVEL_10);
}
?>
<h3><? echo _('Current users'); ?></h3>
<?
$users = show_users('');
?>
<table>
<tr>
<th> </th>
<th><? echo _('Name'); ?></th>
<th><? echo _('Zones'); ?> (<? echo _('access'); ?>)</th>
<th><? echo _('Zones'); ?> (<? echo _('owner'); ?>)</th>
<th><? echo _('Zone list'); ?></th>
<th><? echo _('Level'); ?></th>
<th><? echo _('Status'); ?></th>
</tr>
<?
$users = show_users('',ROWSTART,ROWAMOUNT);
foreach ($users as $c)
{
$domains = get_domains_from_userid($c["id"]);
$num_zones_access = count($domains);
?>
<tr>
<td class="n"><a href="delete_user.php?id=<? echo $c["id"] ?>"><img src="images/delete.gif" alt="[ <? echo _('Delete user'); ?> ]"></a></td>
<td class="n"><a href="edit_user.php?id=<? echo $c["id"] ?>"><? echo $c["fullname"] ?></A> (<? echo $c["username"] ?>)</td>
<td class="n"><? echo $num_zones_access ?></td>
<td class="n"><? echo $c["numdomains"] ?></td>
<td class="n">
<?
foreach ($domains as $d)
{
?><a href="delete_domain.php?id=<? echo $d["id"] ?>"><img src="images/delete.gif" alt="[ <? echo _('Delete domain'); ?> ]"></a> <a href="edit.php?id=<? echo $d["id"] ?>"><? echo $d["name"] ?><? if ($d["partial"] == "1") { echo " *"; } ; ?></a><br><?
}
?></td>
<td class="n"><? echo $c["level"] ?></td>
<td class="n"><? echo get_status($c["active"]) ?></td>
</tr><?
print "\n";
}
?>
</table>
<p><? echo _('Users may only change some of the records of zones marked with an (*).'); ?></p>
<p><? echo _('Number of users') ;?>: <? echo count($users); ?>.</p>
<div class="showmax">
<?
show_pages(count($users),ROWAMOUNT);
?>
</div> <? // eo div showmax ?>
<h3><? echo _('Create new user'); ?></h3>
<form method="post" action="users.php">
<table>
<tr>
<td class="n"><? echo _('User name'); ?>:</td>
<td class="n"><input type="text" class="input" name="username" value="<? if ($error) print $_POST["username"]; ?>"></td>
</tr>
<tr>
<td class="n"><? echo _('Full name'); ?>:</td>
<td class="n"><input type="text" class="input" NAME="fullname" VALUE="<? if ($error) print $_POST["fullname"]; ?>"></td>
</tr>
<tr>
<td class="n"><? echo _('Password'); ?>:</td>
<td class="n"><input type="password" class="input" NAME="password" VALUE="<? if ($error) print $_POST["password"]; ?>"></td>
</tr>
<tr>
<td class="n"><? echo _('E-mail'); ?>:</td>
<td class="n"><input type="text" class="input" NAME="email" VALUE="<? if ($error) print $_POST["email"]; ?>"></td>
</tr>
<tr>
<td class="n"><? echo _('User level'); ?>:</td>
<td class="n">
<select name="level">
<option value="1">1 (<? echo leveldescription(1) ?>)</option>
<option value="5">5 (<? echo leveldescription(5) ?>)</option>
<option value="10">10 (<? echo leveldescription(10) ?>)</option>
</select>
</td>
</tr>
<tr>
<td class="n"><? echo _('Description'); ?>:</td>
<td class="n"><textarea rows="6" cols="30" class="inputarea" name="description"><? if ($error) print $_POST["description"]; ?></textarea></td>
</tr>
<tr>
<td class="n"><? echo _('Active'); ?>:</td>
<td class="n"><input type="checkbox" name="active" value="1" checked></td>
</tr>
<tr>
<td class="n"> </td>
<td class="n"><input type="submit" class="button" name="submit" value="<? echo _('Add user'); ?>"></td>
</tr>
</table>
</form>
<?
include_once("inc/footer.inc.php");
?>