AlternC/bureau/admin/hta_edit.php

<?php
/*
 ----------------------------------------------------------------------
 LICENSE

 This program is free software; you can redistribute it and/or
 modify it under the terms of the GNU General Public License (GPL)
 as published by the Free Software Foundation; either version 2
 of the License, or (at your option) any later version.

 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.

 To read the license please visit http://www.gnu.org/copyleft/gpl.html
 ----------------------------------------------------------------------
*/

/**
 * Edit a protected folder parameters 
 * 
 * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
 */

require_once("../class/config.php");
include_once("head.php");

if (!isset($is_include)) {
  $fields = array (
	"dir"      => array ("request", "string", ""),
  );
  getFields($fields);
}

if (!$dir) {
  echo "<p class=\"alert alert-warning\">"._("No folder selected!")."</p>";
  require_once('foot.php');
  die();
} else {
  $r=$hta->get_hta_detail($dir);
} // if !$dir

$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['hta']['classcount'];

?>
<h3><?php printf(_("List of authorized user in folder %s"),$dir); ?></h3>
<hr id="topbar"/>
<br />
<?php
  if (!count($r)) {
    $msg->raise("INFO", "hta", _("No authorized user in %s"),$dir);
    echo $msg->msg_html_all();
  } else {
    reset($r);
    echo $msg->msg_html_all();
?>
<form method="post" action="hta_dodeluser.php">
   <?php csrf_get(); ?>
<table cellspacing="0" cellpadding="4" class='tlist'>
  <tr>
    <th colspan="2" ><input type="hidden" name="dir" value="<?php ehe($dir); ?>"> </th>
    <th><?php __("Username"); ?></th>
  </tr>
<?php
for($i=0;$i<count($r);$i++){ ?>
  <tr class="lst">
    <td align="center"><input type="checkbox" class="inc" name="d[]" value="<?php ehe($r[$i]); ?>" /></td>
    <td>
      <div class="ina"><a href="hta_edituser.php?user=<?php eue($r[$i]); ?>&amp;dir=<?php eue($dir); ?>"><img src="icon/encrypted.png" alt="<?php __("Change this user's password"); ?>" /><?php __("Change this user's password"); ?></a></div>
    </td>
    <td><?php ehe($r[$i]); ?></td>
  </tr>
<?php
} // for $i
?>
</table>

<br />
<input type="submit" class="inb" name="submit" value="<?php __("Delete the checked users"); ?>" />
</form>

<?php } // else !count $r ?>
<p>
<span class="inb"><a href="bro_main.php?R=<?php eue($dir); ?>"><?php __("Show this folder's content in the File Browser"); ?></a></span>
</p>

<p>&nbsp;</p>

<fieldset>
  <legend><h3><?php __("Adding an authorized user"); ?></h3></legend>

  <form method="post" action="hta_doadduser.php" name="main" id="main" autocomplete="off">
   <?php csrf_get(); ?>
<!-- honeypot fields -->
<input type="text" style="display: none" id="fakeUsername" name="fakeUsername" value="" />
<input type="password" style="display: none" id="fakePassword" name="fakePassword" value="" />

    <table class="tedit">
      <tr>
        <th><input type="hidden" name="dir" value="<?php ehe($dir); ?>" /><?php __("Folder"); ?></th>
        <td><?php echo '<a href="bro_main.php?R='.eue($dir,false).'">'.ehe($dir,false).'</a>'; ?></td>
      </tr>
      <tr>
        <th><label for="user"><?php __("Username"); ?></label></th>
        <td><input type="text" class="int" name="user" id="user" value="" size="20" maxlength="64" /></td>
      </tr>
      <tr>
        <th><label for="password"><?php __("Password"); ?></label></th>
        <td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf",$passwd_classcount); ?></td>
      </tr>
      <tr>
        <th><label for="passwordconf"><?php __("Confirm password"); ?></label></th>
        <td><input type="password" class="int" name="passwordconf" autocomplete="off" id="passwordconf" value="" size="20" maxlength="64" /></td>
      </tr>
    </table>

    <br />
    <input type="submit" class="inb ok" value="<?php __("Add this user"); ?>" />
  <input type="button" class="inb cancel" name="cancel" value="<?php __("Cancel"); ?>" onclick="document.location='hta_list.php';"/>
  </form>
</fieldset>
  
<script type="text/javascript">
  document.forms['main'].user.focus();
</script>

<?php include_once("foot.php"); ?>
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`<?php`
			`/*`
			`----------------------------------------------------------------------`
			`LICENSE`

			`This program is free software; you can redistribute it and/or`
			`modify it under the terms of the GNU General Public License (GPL)`
			`as published by the Free Software Foundation; either version 2`
			`of the License, or (at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`

			`To read the license please visit http://www.gnu.org/copyleft/gpl.html`
			`----------------------------------------------------------------------`
			`*/`
[cosm] many cosmetic comment fixes, + ensure license and copyright everywhere 2017-10-11 09:58:04 +00:00
			`/**`
			`* Edit a protected folder parameters`
			`*`
			`* @copyright AlternC-Team 2000-2017 https://alternc.com/`
			`*/`

AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`require_once("../class/config.php");`
Merging blue desktop to trunk. 2009-09-08 05:29:38 +00:00			`include_once("head.php");`

classe hta & fichiers section admin associés 2017-08-16 17:34:32 +00:00			`if (!isset($is_include)) {`
			`$fields = array (`
Merging blue desktop to trunk. 2009-09-08 05:29:38 +00:00			`"dir" => array ("request", "string", ""),`
classe hta & fichiers section admin associés 2017-08-16 17:34:32 +00:00			`);`
			`getFields($fields);`
			`}`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00
			`if (!$dir) {`
Some cosmetic 2014-03-26 14:36:36 +00:00			`echo "<p class=\"alert alert-warning\">"._("No folder selected!")."</p>";`
			`require_once('foot.php');`
			`die();`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`} else {`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`$r=$hta->get_hta_detail($dir);`
			`} // if !$dir`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00
classe hta & fichiers section admin associés 2017-08-16 17:34:32 +00:00			`$c=$admin->listPasswordPolicies();`
			`$passwd_classcount = $c['hta']['classcount'];`

AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`?>`
			`<h3><?php printf(_("List of authorized user in folder %s"),$dir); ?></h3>`
modifications ergonomie 2010-04-29 21:31:46 +00:00			`<hr id="topbar"/>`
			`<br />`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`<?php`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`if (!count($r)) {`
[fix] class m_messages fixed to use 'level' instead of 'type' or 'cat' + force CAP on levels + merge OK and INFO 2017-10-06 16:04:36 +00:00			`$msg->raise("INFO", "hta", _("No authorized user in %s"),$dir);`
classe hta & fichiers section admin associés 2017-08-16 17:34:32 +00:00			`echo $msg->msg_html_all();`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`} else {`
classe hta & fichiers section admin associés 2017-08-16 17:34:32 +00:00			`reset($r);`
			`echo $msg->msg_html_all();`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`?>`
			`<form method="post" action="hta_dodeluser.php">`
[wip] securing all forms through CSRF management (requires a new table) 2016-05-20 12:21:47 +00:00			`<?php csrf_get(); ?>`
Style sur m_hta 2013-01-31 17:24:48 +00:00			`<table cellspacing="0" cellpadding="4" class='tlist'>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`<tr>`
[wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 18:14:26 +00:00			`<th colspan="2" ><input type="hidden" name="dir" value="<?php ehe($dir); ?>"> </th>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`<th><?php __("Username"); ?></th>`
			`</tr>`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`<?php`
L'aternance des couleurs dans les listes est maintenant en CSS3 2013-05-23 16:18:56 +00:00			`for($i=0;$i<count($r);$i++){ ?>`
			`<tr class="lst">`
[wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 18:14:26 +00:00			`<td align="center"><input type="checkbox" class="inc" name="d[]" value="<?php ehe($r[$i]); ?>" /></td>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`<td>`
[wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 18:14:26 +00:00			`<div class="ina"><a href="hta_edituser.php?user=<?php eue($r[$i]); ?>&dir=<?php eue($dir); ?>"><img src="icon/encrypted.png" alt="<?php __("Change this user's password"); ?>" /><?php __("Change this user's password"); ?></a></div>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`</td>`
[wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 18:14:26 +00:00			`<td><?php ehe($r[$i]); ?></td>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`</tr>`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`<?php`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`} // for $i`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`?>`
			`</table>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00
CSS / ERGONOMICS suite (et pas fin) 2010-04-06 20:29:08 +00:00			`<br />`
			`<input type="submit" class="inb" name="submit" value="<?php __("Delete the checked users"); ?>" />`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`</form>`

Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`<?php } // else !count $r ?>`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`<p>`
[wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 18:14:26 +00:00			`<span class="inb"><a href="bro_main.php?R=<?php eue($dir); ?>"><?php __("Show this folder's content in the File Browser"); ?></a></span>`
AlternC Plugin are now part of AlternC svn repository\n Migration Phase 2 2006-04-26 12:28:53 +00:00			`</p>`
CSS / ERGONOMICS suite (et pas fin) 2010-04-06 20:29:08 +00:00
			`<p> </p>`

Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`<fieldset>`
			`<legend><h3><?php __("Adding an authorized user"); ?></h3></legend>`
CSS / ERGONOMICS suite (et pas fin) 2010-04-06 20:29:08 +00:00
[fix] autocomplete honeypot field to trick firefox: prevent auto-filing of non-needed form passwords. 2016-01-14 15:24:00 +00:00			`<form method="post" action="hta_doadduser.php" name="main" id="main" autocomplete="off">`
[wip] securing all forms through CSRF management (requires a new table) 2016-05-20 12:21:47 +00:00			`<?php csrf_get(); ?>`
[fix] autocomplete honeypot field to trick firefox: prevent auto-filing of non-needed form passwords. 2016-01-14 15:24:00 +00:00			`<!-- honeypot fields -->`
			`<input type="text" style="display: none" id="fakeUsername" name="fakeUsername" value="" />`
			`<input type="password" style="display: none" id="fakePassword" name="fakePassword" value="" />`

Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`<table class="tedit">`
			`<tr>`
[wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 18:14:26 +00:00			`<th><input type="hidden" name="dir" value="<?php ehe($dir); ?>" /><?php __("Folder"); ?></th>`
			`<td><?php echo '<a href="bro_main.php?R='.eue($dir,false).'">'.ehe($dir,false).'</a>'; ?></td>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`</tr>`
			`<tr>`
			`<th><label for="user"><?php __("Username"); ?></label></th>`
			`<td><input type="text" class="int" name="user" id="user" value="" size="20" maxlength="64" /></td>`
			`</tr>`
			`<tr>`
			`<th><label for="password"><?php __("Password"); ?></label></th>`
classe hta & fichiers section admin associés 2017-08-16 17:34:32 +00:00			`<td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf",$passwd_classcount); ?></td>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`</tr>`
			`<tr>`
			`<th><label for="passwordconf"><?php __("Confirm password"); ?></label></th>`
adding autocomplete='off' to any (non-login) password field, prevents firefox to fill hidden (like in the edit mail form) password field, or even non-hidden, effectively disturbing the user. 2015-06-16 11:48:13 +00:00			`<td><input type="password" class="int" name="passwordconf" autocomplete="off" id="passwordconf" value="" size="20" maxlength="64" /></td>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`</tr>`
			`</table>`

			`<br />`
[css] adding many ok/cancel class to buttons, adding explicit yes/no texts 2013-10-18 13:31:39 +00:00			`<input type="submit" class="inb ok" value="<?php __("Add this user"); ?>" />`
			`<input type="button" class="inb cancel" name="cancel" value="<?php __("Cancel"); ?>" onclick="document.location='hta_list.php';"/>`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`</form>`
			`</fieldset>`

CSS / ERGONOMICS suite (et pas fin) 2010-04-06 20:29:08 +00:00			`<script type="text/javascript">`
Un peu de clean sur hta_edit Ajout de title sur les liens de adm_edit 2013-02-01 17:45:05 +00:00			`document.forms['main'].user.focus();`
CSS / ERGONOMICS suite (et pas fin) 2010-04-06 20:29:08 +00:00			`</script>`

modifications ergonomie 2010-04-29 21:31:46 +00:00			`<?php include_once("foot.php"); ?>`