user_chooser.cgi

   1 #!/usr/local/bin/perl
   2 # user_chooser.cgi
   3 # This CGI generated the HTML for choosing a user or list of users.
   4
   5 BEGIN { push(@INC, ".."); };
   6 use WebminCore;
   7
   8 $trust_unknown_referers = 1;
   9 &init_config();
  10 &ReadParse(undef, undef, 2);
  11 %access = &get_module_acl();
  12
  13 if ($in{'multi'}) {
  14         # selecting multiple users.
  15         if ($in{'frame'} == 0) {
  16                 # base frame
  17                 &PrintHeader();
  18                 print "<script>\n";
  19                 @ul = split(/\s+/, $in{'user'});
  20                 $len = @ul;
  21                 print "sel = new Array($len);\n";
  22                 print "selr = new Array($len);\n";
  23                 for($i=0; $i<$len; $i++) {
  24                         print "sel[$i] = \"".
  25                               &quote_escape($ul[$i], '"')."\";\n";
  26                         @uinfo = getpwnam($ul[$i]);
  27                         if (@uinfo) {
  28                                 print "selr[$i] = \"".
  29                                       &quote_escape($uinfo[6])."\";\n";
  30                                 }
  31                         else {
  32                                 print "selr[$i] = \"???\";\n";
  33                                 }
  34                         }
  35                 print "</script>\n";
  36                 print "<title>$text{'users_title1'}</title>\n";
  37                 print "<frameset cols='50%,50%'>\n";
  38                 print "<frame src=\"/user_chooser.cgi?frame=1&multi=1\">\n";
  39                 print "<frameset rows='*,50' frameborder=no>\n";
  40                 print " <frame src=\"/user_chooser.cgi?frame=2&multi=1\">\n";
  41                 print " <frame src=\"/user_chooser.cgi?frame=3&multi=1\" scrolling=no>\n";
  42                 print "</frameset>\n";
  43                 print "</frameset>\n";
  44                 }
  45         elsif ($in{'frame'} == 1) {
  46                 # list of all users to choose from
  47                 &popup_header();
  48                 print "<script>\n";
  49                 print "function adduser(u, r)\n";
  50                 print "{\n";
  51                 print "top.sel[top.sel.length] = u\n";
  52                 print "top.selr[top.selr.length] = r\n";
  53                 print "top.frames[1].location = top.frames[1].location\n";
  54                 print "return false;\n";
  55                 print "}\n";
  56                 print "</script>\n";
  57                 print "<font size=+1>$text{'users_all'}</font>\n";
  58                 print "<table width=100%>\n";
  59                 foreach $u (&get_users_list()) {
  60                         if ($in{'user'} eq $u->[0]) { print "<tr $cb>\n"; }
  61                         else { print "<tr>\n"; }
  62                         $u->[6] =~ s/'/&#39;/g;
  63                         print "<td width=20%><a href=\"\" onClick='return adduser(\"$u->[0]\", \"$u->[6]\")'>$u->[0]</a></td>\n";
  64                         print "<td>$u->[6]</td> </tr>\n";
  65                         }
  66                 print "</table>\n";
  67                 &popup_footer();
  68                 }
  69         elsif ($in{'frame'} == 2) {
  70                 # show chosen users
  71                 &popup_header();
  72                 print "<font size=+1>$text{'users_sel'}</font>\n";
  73                 print <<'EOF';
  74 <table width=100%>
  75 <script>
  76 function sub(j)
  77 {
  78 sel2 = new Array(); selr2 = new Array();
  79 for(k=0,l=0; k<top.sel.length; k++) {
  80         if (k != j) {
  81                 sel2[l] = top.sel[k];
  82                 selr2[l] = top.selr[k];
  83                 l++;
  84                 }
  85         }
  86 top.sel = sel2; top.selr = selr2;
  87 top.frames[1].location = top.frames[1].location;
  88 return false;
  89 }
  90 for(i=0; i<top.sel.length; i++) {
  91         document.write("<tr>\n");
  92         document.write("<td><a href=\"\" onClick='return sub("+i+")'>"+top.sel[i]+"</a></td>\n");
  93         document.write("<td>"+top.selr[i]+"</td>\n");
  94         }
  95 </script>
  96 </table>
  97 EOF
  98                 &popup_footer();
  99                 }
 100         elsif ($in{'frame'} == 3) {
 101                 # output OK and Cancel buttons
 102                 &popup_header();
 103                 print "<script>\n";
 104                 print "function qjoin(l)\n";
 105                 print "{\n";
 106                 print "rv = \"\";\n";
 107                 print "for(i=0; i<l.length; i++) {\n";
 108                 print "    if (rv != '') rv += ' ';\n";
 109                 print "    if (l[i].indexOf(' ') < 0) rv += l[i];\n";
 110                 print "    else rv += '\"'+l[i]+'\"'\n";
 111                 print "    }\n";
 112                 print "return rv;\n";
 113                 print "}\n";
 114                 print "</script>\n";
 115                 print "<form>\n";
 116                 print "<input type=button value=\"$text{'users_ok'}\" ",
 117                       "onClick='top.opener.ifield.value = qjoin(top.sel); ",
 118                       "top.close()'>\n";
 119                 print "<input type=button value=\"$text{'users_cancel'}\" ",
 120                       "onClick='top.close()'>\n";
 121                 print "&nbsp;&nbsp;<input type=button value=\"$text{'users_clear'}\" onClick='top.sel = new Array(); top.selr = new Array(); top.frames[1].location = top.frames[1].location'>\n";
 122                 print "</form>\n";
 123                 &popup_footer();
 124                 }
 125         }
 126 else {
 127         # selecting just one user .. display a list of all users to choose from
 128         &popup_header($text{'users_title2'});
 129         print "<script>\n";
 130         print "function select(f)\n";
 131         print "{\n";
 132         print "top.opener.ifield.value = f;\n";
 133         print "top.close();\n";
 134         print "return false;\n";
 135         print "}\n";
 136         print "</script>\n";
 137         print "<table width=100%>\n";
 138         foreach $u (&get_users_list()) {
 139                 if ($in{'user'} eq $u->[0]) { print "<tr $cb>\n"; }
 140                 else { print "<tr>\n"; }
 141                 print "<td width=20%><a href=\"\" onClick='return select(\"$u->[0]\")'>$u->[0]</a></td>\n";
 142                 print "<td>$u->[6]</td> </tr>\n";
 143                 }
 144         print "</table>\n";
 145         &popup_footer();
 146         }
 147
 148 sub get_users_list
 149 {
 150 local(@uinfo, @users, %ucan, %found);
 151 if ($access{'uedit_mode'} == 2 || $access{'uedit_mode'} == 3) {
 152         map { $ucan{$_}++ } split(/\s+/, $access{'uedit'});
 153         }
 154 setpwent();
 155 while(@uinfo = getpwent()) {
 156         if ($access{'uedit_mode'} == 5 && $access{'uedit'} !~ /^\d+$/) {
 157                 # Get group for matching by group name
 158                 @ginfo = getgrgid($uinfo[3]);
 159                 }
 160         if ($access{'uedit_mode'} == 0 ||
 161             $access{'uedit_mode'} == 2 && $ucan{$uinfo[0]} ||
 162             $access{'uedit_mode'} == 3 && !$ucan{$uinfo[0]} ||
 163             $access{'uedit_mode'} == 4 &&
 164                 (!$access{'uedit'} || $uinfo[2] >= $access{'uedit'}) &&
 165                 (!$access{'uedit2'} || $uinfo[2] <= $access{'uedit2'}) ||
 166             $access{'uedit_mode'} == 5 &&
 167              ($access{'uedit'} =~ /^\d+$/ && $uinfo[3] == $access{'uedit'} ||
 168               $ginfo[0] eq $access{'uedit'})) {
 169                 push(@users, [ @uinfo ]) if (!$found{$uinfo[0]}++);
 170                 }
 171         }
 172 endpwent() if ($gconfig{'os_type'} ne 'hpux');
 173 return sort { $a->[0] cmp $b->[0] } @users;
 174 }
 175