user_chooser.cgi

   1 #!/usr/local/bin/perl
   2 # user_chooser.cgi
   3 # This CGI generated the HTML for choosing a user or list of users.
   4
   5 BEGIN { push(@INC, ".."); };
   6 use WebminCore;
   7
   8 $trust_unknown_referers = 1;
   9 &init_config();
  10 if (&get_product_name() eq 'usermin') {
  11         &switch_to_remote_user();
  12         }
  13 &ReadParse(undef, undef, 2);
  14 %access = &get_module_acl();
  15
  16 if ($in{'multi'}) {
  17         # selecting multiple users.
  18         if ($in{'frame'} == 0) {
  19                 # base frame
  20                 &PrintHeader();
  21                 print "<script>\n";
  22                 @ul = split(/\s+/, $in{'user'});
  23                 $len = @ul;
  24                 print "sel = new Array($len);\n";
  25                 print "selr = new Array($len);\n";
  26                 for($i=0; $i<$len; $i++) {
  27                         print "sel[$i] = \"".
  28                               &quote_escape($ul[$i], '"')."\";\n";
  29                         @uinfo = getpwnam($ul[$i]);
  30                         if (@uinfo) {
  31                                 print "selr[$i] = \"".
  32                                       &quote_escape($uinfo[6])."\";\n";
  33                                 }
  34                         else {
  35                                 print "selr[$i] = \"???\";\n";
  36                                 }
  37                         }
  38                 print "</script>\n";
  39                 print "<title>$text{'users_title1'}</title>\n";
  40                 print "<frameset cols='50%,50%'>\n";
  41                 print "<frame src=\"user_chooser.cgi?frame=1&multi=1\">\n";
  42                 print "<frameset rows='*,50' frameborder=no>\n";
  43                 print " <frame src=\"user_chooser.cgi?frame=2&multi=1\">\n";
  44                 print " <frame src=\"user_chooser.cgi?frame=3&multi=1\" scrolling=no>\n";
  45                 print "</frameset>\n";
  46                 print "</frameset>\n";
  47                 }
  48         elsif ($in{'frame'} == 1) {
  49                 # list of all users to choose from
  50                 &popup_header();
  51                 print "<script>\n";
  52                 print "function adduser(u, r)\n";
  53                 print "{\n";
  54                 print "top.sel[top.sel.length] = u\n";
  55                 print "top.selr[top.selr.length] = r\n";
  56                 print "top.frames[1].location = top.frames[1].location\n";
  57                 print "return false;\n";
  58                 print "}\n";
  59                 print "</script>\n";
  60                 print "<font size=+1>$text{'users_all'}</font>\n";
  61                 print "<table width=100%>\n";
  62                 foreach $u (&get_users_list()) {
  63                         if ($in{'user'} eq $u->[0]) { print "<tr $cb>\n"; }
  64                         else { print "<tr>\n"; }
  65                         $u->[6] =~ s/'/&#39;/g;
  66                         print "<td width=20%><a href=\"\" onClick='return adduser(\"$u->[0]\", \"$u->[6]\")'>$u->[0]</a></td>\n";
  67                         print "<td>$u->[6]</td> </tr>\n";
  68                         }
  69                 print "</table>\n";
  70                 &popup_footer();
  71                 }
  72         elsif ($in{'frame'} == 2) {
  73                 # show chosen users
  74                 &popup_header();
  75                 print "<font size=+1>$text{'users_sel'}</font>\n";
  76                 print <<'EOF';
  77 <table width=100%>
  78 <script>
  79 function sub(j)
  80 {
  81 sel2 = new Array(); selr2 = new Array();
  82 for(k=0,l=0; k<top.sel.length; k++) {
  83         if (k != j) {
  84                 sel2[l] = top.sel[k];
  85                 selr2[l] = top.selr[k];
  86                 l++;
  87                 }
  88         }
  89 top.sel = sel2; top.selr = selr2;
  90 top.frames[1].location = top.frames[1].location;
  91 return false;
  92 }
  93 for(i=0; i<top.sel.length; i++) {
  94         document.write("<tr>\n");
  95         document.write("<td><a href=\"\" onClick='return sub("+i+")'>"+top.sel[i]+"</a></td>\n");
  96         document.write("<td>"+top.selr[i]+"</td>\n");
  97         }
  98 </script>
  99 </table>
 100 EOF
 101                 &popup_footer();
 102                 }
 103         elsif ($in{'frame'} == 3) {
 104                 # output OK and Cancel buttons
 105                 &popup_header();
 106                 print "<script>\n";
 107                 print "function qjoin(l)\n";
 108                 print "{\n";
 109                 print "rv = \"\";\n";
 110                 print "for(i=0; i<l.length; i++) {\n";
 111                 print "    if (rv != '') rv += ' ';\n";
 112                 print "    if (l[i].indexOf(' ') < 0) rv += l[i];\n";
 113                 print "    else rv += '\"'+l[i]+'\"'\n";
 114                 print "    }\n";
 115                 print "return rv;\n";
 116                 print "}\n";
 117                 print "</script>\n";
 118                 print "<form>\n";
 119                 print "<input type=button value=\"$text{'users_ok'}\" ",
 120                       "onClick='top.opener.ifield.value = qjoin(top.sel); ",
 121                       "top.close()'>\n";
 122                 print "<input type=button value=\"$text{'users_cancel'}\" ",
 123                       "onClick='top.close()'>\n";
 124                 print "&nbsp;&nbsp;<input type=button value=\"$text{'users_clear'}\" onClick='top.sel = new Array(); top.selr = new Array(); top.frames[1].location = top.frames[1].location'>\n";
 125                 print "</form>\n";
 126                 &popup_footer();
 127                 }
 128         }
 129 else {
 130         # selecting just one user .. display a list of all users to choose from
 131         &popup_header($text{'users_title2'});
 132         print "<script>\n";
 133         print "function select(f)\n";
 134         print "{\n";
 135         print "top.opener.ifield.value = f;\n";
 136         print "top.close();\n";
 137         print "return false;\n";
 138         print "}\n";
 139         print "</script>\n";
 140         print "<table width=100%>\n";
 141         foreach $u (&get_users_list()) {
 142                 if ($in{'user'} eq $u->[0]) { print "<tr $cb>\n"; }
 143                 else { print "<tr>\n"; }
 144                 print "<td width=20%><a href=\"\" onClick='return select(\"$u->[0]\")'>$u->[0]</a></td>\n";
 145                 print "<td>$u->[6]</td> </tr>\n";
 146                 }
 147         print "</table>\n";
 148         &popup_footer();
 149         }
 150
 151 sub get_users_list
 152 {
 153 local(@uinfo, @users, %ucan, %found);
 154 if ($access{'uedit_mode'} == 2 || $access{'uedit_mode'} == 3) {
 155         map { $ucan{$_}++ } split(/\s+/, $access{'uedit'});
 156         }
 157 setpwent();
 158 while(@uinfo = getpwent()) {
 159         if ($access{'uedit_mode'} == 5 && $access{'uedit'} !~ /^\d+$/) {
 160                 # Get group for matching by group name
 161                 @ginfo = getgrgid($uinfo[3]);
 162                 }
 163         if ($access{'uedit_mode'} == 0 ||
 164             $access{'uedit_mode'} == 2 && $ucan{$uinfo[0]} ||
 165             $access{'uedit_mode'} == 3 && !$ucan{$uinfo[0]} ||
 166             $access{'uedit_mode'} == 4 &&
 167                 (!$access{'uedit'} || $uinfo[2] >= $access{'uedit'}) &&
 168                 (!$access{'uedit2'} || $uinfo[2] <= $access{'uedit2'}) ||
 169             $access{'uedit_mode'} == 5 &&
 170              ($access{'uedit'} =~ /^\d+$/ && $uinfo[3] == $access{'uedit'} ||
 171               $ginfo[0] eq $access{'uedit'})) {
 172                 push(@users, [ @uinfo ]) if (!$found{$uinfo[0]}++);
 173                 }
 174         }
 175 endpwent() if ($gconfig{'os_type'} ne 'hpux');
 176 return sort { $a->[0] cmp $b->[0] } @users;
 177 }
 178