Odyssey
hcuusers.prg
1 <?php
2 /* CHANGES:
3  * SPB 11/3/2015-- Force case insensitivity: new users are lowercase.
4  * @TODO file needs whitespace conversion
5  */
6 
7 $monLibrary = dirname(__FILE__) . "/../library";
8 $monIncludes = dirname(__FILE__) . "/../includes";
9 require_once("$monLibrary/cu_top.i");
10 require_once("$monLibrary/ck_hticket.i");
11 require_once("$monIncludes/cu_remote_top.prg");
12 
13 $dms_ok=array('act'=>'string','btnSave'=>'string','Cancel'=>'string',
14 'frm_chg'=>'string','frm_fc'=>'string','frm_fr'=>'digits','frm_ipr'=>'string',
15 'frm_mode'=>'string','frm_pl'=>'string','frm_ll'=>'string','frm_fl'=>'string',
16 'frm_pwd1'=>'string','frm_pwd2'=>'string','frm_pwd_orig'=>'string',
17 'frm_Scr_Avail'=>'array','frm_Scr_Sel'=>'array','frm_un'=>'string',
18 'un'=>'string','Remote_Update'=>'array','msg'=>'string', 'frm_sms' =>'string',
19 'frm_altip' => 'string', 'frm_email' => 'string', 'frm_enabled' => 'array',
20 'frm_start_hour' => 'string', 'frm_start_min' => 'string', 'frm_end_hour' => 'string',
21 'frm_end_min' => 'string', 'frm_pin1' => 'string', 'frm_pin2' => 'string');
22 
23 dms_import($dms_ok);
24 
25  $bgcolor = "#23497A";
26  $act = (isset($act) ? $act : 2);
27 
28  $Full_Access = true;
29  // ** IN THIS CASE ---
30  // ** IF Permissions fail -- then at least allow them to change their password
31 
32  if (!CheckPerm($link, $Hu, basename($_SERVER['SCRIPT_NAME']), $_SERVER['REMOTE_ADDR'])) {
33  // ** Permissions failed
34  // ** redirect to new page
35  // header("Location: /hcuadm/hcu_noperm.prg");
36  // exit;
37  $Full_Access = false;
38  $act = 1; // *** ONLY ALLOWED TO VIEW
39  }
40 
41  $Notify_Minutes = Array("00", "15", "30", "45");
42  $Notify_Items = Array("AlertSMS" => "Appliance SMS Alerts", "AlertEmail" => "Appliance Email Alerts");
43  $Allowed_Scripts = Array(
44  "*" => "All Scripts",
45  "admin_msg" => "admin_msg",
46  "AdminProg" => "AdminProg",
47  "admin_survey" => "admin_survey",
48  "Admin_SurveyView" => "Admin_SurveyView",
49  "adm_reports" => "adm_reports",
50  "adm_ticket" => "adm_ticket",
51  "appReport" => "appReport",
52  "suAdminUser" => "suAdminUser",
53  "arsdump" => "arsdump",
54  "billing" => "billing",
55  "billing_edit" => "billing_edit",
56  "billing_runBilling" => "billing_runBilling",
57  "billing_qbwc" => "billing_qbwc",
58  "miPayReport" => "miPayReport",
59  "combo_reports" => "combo_reports",
60  "ContentMntc" => "ContentMntc",
61  "cuclock" => "cuclock",
62  "cucontactafter" => "cucontactafter",
63  "CU_ColorIndex" => "CU_ColorIndex",
64  "CU_ColorScheme" => "CU_ColorScheme",
65  "cudppacket" => "cudppacket",
66  "cuhavetrans" => "cuhavetrans",
67  "cuilist" => "cuilist",
68  "cuimage" => "cuimage",
69  "cuindex" => "cuindex",
70  "cuinfoedit" => "cuinfoedit",
71  "cuinfoadd" => "cuinfoadd",
72  "cuissuesmntc" => "cuissuesmntc",
73  "cuissues_data" => "cuissues_data",
74  "cuissues_edit" => "cuissues_edit",
75  "cuissues_report" => "cuissues_report",
76  "culist" => "culist",
77  "cumntc" => "cumntc",
78  "cuproduct_report" => "cuproduct_report",
79  "cuprogmntc" => "cuprogmntc",
80  "cuquest" => "cuquest",
81  "cuStatus" => "cuStatus",
82  "cutrans" => "cutrans",
83  "cutrustdetail" => "cutrustdetail",
84  "cuview" => "cuview",
85  "cuvndr" => "cuvndr",
86  "demo_ticket" => "demo_ticket",
87  "DocMaint" => "DocMaint",
88  "domain_email_report" => "domain_email_report",
89  "domainmap" => "domainmap",
90  "enrollms" => "enrollms",
91  "files" => "files",
92  "Fragmntc" => "Fragmntc",
93  "GenKey" => "GenKey",
94  "gomobile.pl" => "gomobile.pl",
95  "hcuTransAm" => "hcuTransAm",
96  "hcu_custom_mntc" => "hcu_custom_mntc",
97  "hcu_prod_edit" => "hcu_prod_edit",
98  "hcu_prod_list" => "hcu_prod_list",
99  "hcu_prod_save" => "hcu_prod_save",
100  "hcu_implist" => "hcu_implist",
101  "hcuusers" => "hcuusers",
102  "home_cu_prod" => "home_cu_prod",
103  "html_hist" => "html_hist",
104  "imp_main" => "imp_main",
105  "imp_menu" => "imp_menu",
106  "imp_cuissues" => "imp_cuissues",
107  "ivr_mntc" => "ivr_mntc",
108  "ivr_mntc_msg" => "ivr_mntc_msg",
109  "ivr_report" => "ivr_report",
110  "upgrade_svs" => "upgrade_svs",
111  "imp_notes" => "imp_notes",
112  "info_reports" => "info_reports",
113  "loanAppConfig" => "loanAppConfig",
114  "makecu" => "makecu",
115  "mcu_menu" => "mcu_menu",
116  "mem_ticket" => "mem_ticket",
117  "monitor_notes" => "monitor_notes",
118  "mUserList" => "mUserList",
119  "MonPass" => "MonPass",
120  "packetdump" => "packetdump",
121  "Passmntc" => "Passmntc",
122  "ProdImpStat" => "ProdImpStat",
123  "ProdImpStat.data" => "ProdImpStat.data",
124  "quickedit" => "quickedit",
125  "restart" => "restart",
126  "save_cuinfo" => "save_cuinfo",
127  "sehabla.pl" => "sehabla.pl",
128  "servindex" => "servindex",
129  "serv_menu" => "serv_menu",
130  "ShowColors" => "ShowColors",
131  "showflags" => "showflags",
132  "siteSetColor" => "siteSetColor",
133  "siteSettings" => "siteSettings",
134  "stmnt_reports" => "stmnt_reports",
135  "stmntcount.pl" => "stmntcount.pl",
136  "stmntfrags.pl" => "stmntfrags.pl",
137  "stmntstatus.pl" => "stmntstatus.pl",
138  "suCuUser" => "suCuUser",
139  "tfiles" => "tfiles",
140  "tlines" => "tlines",
141  "tlogs" => "tlogs",
142  "totalstats" => "totalstats",
143  "tr_hist" => "tr_hist",
144  "txtbanklog" => "txtbanklog",
145  "unlockbulk" => "unlockbulk",
146  "uplremove" => "uplremove",
147  "view_vend" => "view_vend"
148  );
149  $err_msg = "";
150  if ($act == "1" && isset ($btnSave)) {
151 
152  // ** VALIDATE THE FIELDS
153  // ** Username must be entered
154  // ** Password must be entered for NEW -- Only validate if a value is entered for one of the fields for update
155  // ** IP Address -- Not necessarily required -- possibly be sure it can be broken down correctly
156  // ** Allowed Scripts -- Not required -- Validated they are correct??
157  // ** Failed Remain -- Not Required
158  // ** Force Remain -- Not Required
159 
160  if (strlen(trim(trim($frm_un))) == 0) {
161  $err_msg .= "<li>A username must be entered to continue.<br>";
162  } else {
163  $sql = "SELECT count(user_name) as user_count
164  FROM dmsmonitorusers
165  WHERE lower(user_name) = '" . prep_save(strtolower($frm_un), 12) . "' ";
166  if ($db_result = db_query($sql, $link)) {
167  $db_row = db_fetch_array($db_result, 0);
168  $num_rows = $db_row['user_count'];
169  db_free_result($db_result);
170  } else {
171  $num_rows = 0;
172  }
173 
174  if ($num_rows > 0 && $frm_mode == "NEW") {
175  $err_msg .= "<li>The username you entered is already in use (case insensitive.)<br>";
176  } elseif ($num_rows > 0 && $frm_mode != "EDIT") {
177  $err_msg .= "<li>An unknown error has occurred.<br>";
178  }
179  }
180 
181  // ** Is the password being changed -- for an existing user
182  if (($frm_pwd1 != '' || $frm_pwd2 != '') && $err_msg == "" && $frm_mode == "EDIT") {
183 
184  // ** Validate old password if the password will be changing
185  //
186  $sql = "SELECT passwd
187  FROM dmsmonitorusers
188  WHERE lower(user_name) = '" . prep_save(strtolower($frm_un), 12) . "' ";
189  $pwd_rs = db_query($sql, $link);
190  list($user_pwd) = db_fetch_array($pwd_rs);
191  $user_pwd = preg_replace("/ +$/","", $user_pwd);
192  // ** now test the password
193  if (!password_verify($frm_pwd_orig, $user_pwd)) {
194  $err_msg .= "<li>The old password is not correct.<br>";
195  }
196  db_free_result($pwd_rs);
197  }
198  // ** Password
199  if (($frm_pwd1 != "" || $frm_pwd2 != "") || $frm_mode == "NEW") {
200  if ($frm_pwd1 != $frm_pwd2) {
201  $err_msg .= "<li>The passwords do not match.<br>";
202  }
203  if (preg_match("/['\"]/",$frm_pwd1)){
204  $err_msg .= "<li>There are invalid characters in the new password.<br>";
205  }
206  if (strlen($frm_pwd1) < 4) {
207  $err_msg .= "<li>The new password must be from 4 to 8 characters long.<br>";
208  }
209  if (strlen($frm_pwd1) > 0 && !(preg_match("/\d/",$frm_pwd1) && preg_match("/\D/",$frm_pwd1))) {
210  $err_msg .= "<li>Password must contain both number and letter characters.<br>";
211  }
212  }
213  // ** CHECK for Valid Email
214  if (trim($frm_email) != '') {
215  if (!validateEmail($frm_email)) {
216  $err_msg .= "<li>The notify email entered does not appear to be a valid email.<br>";
217  }
218  }
219  // ** NOTIFICATION CHANGES
220  // ** Allow Changes to the Noify Hours, Notify Enabled, Notify PIN
221  // ** Validate the Notify Enabled
222  // Was Alert SMS Checked?
223  $AlertSMSEnabled = false;
224  if (is_array($frm_enabled)) {
225  foreach($frm_enabled as $listKey) {
226  if (array_key_exists($listKey, $Notify_Items) === false) {
227  $err_msg .="<li>The Enabled Notification '$listKey' was not found.</li></br>";
228  }
229  }
230 
231  if ($err_msg == '' && array_search('AlertSMS', $frm_enabled) !== false) {
232  $AlertSMSEnabled = true;
233  // ** If there are NO errors, then lookup the information in the table to
234  // * ensure that if they enable notification they have the notify SMS set
235  if ($frm_sms == '') {
236  $err_msg .= "<li>To Enable Notifications you MUST have a notify SMS set.</li><br/>";
237  }
238  }
239  }
240  // ** Validate the Hours, ONLY WHEN ALERT ENABLED
241  $notify_start = $frm_start_hour . $frm_start_min;
242  $notify_end = $frm_end_hour . $frm_end_min;
243  if ($AlertSMSEnabled) {
244  // * the notify ending MUST be greater than notify starting
245  if ($notify_end <= $notify_start) {
246  $err_msg .= "<li>The Ending Notify Hours must be greater than Start.</li><br/>";
247  }
248  if ($notify_end > '2400') {
249  $err_msg .= "<li>The Ending Notify Hours must NOT be greater than 2400.</li><br/>";
250  }
251  }
252  // ** Validate the PIN CHANGE
253  if ($frm_pin1 != '' || $frm_pin2 != '') {
254  if ($frm_pin1 != $frm_pin2) {
255  $err_msg .= "<li>The New PIN fields were NOT confirmed.</li><br/>";
256  } elseif (strlen($frm_pin1) < 4 || strlen($frm_pin1) > 8) {
257  $err_msg .= "<li>The New PIN must be between 4 and 8 characters long.</li><br/>";
258  }
259  }
260 
261 
262  if ($Full_Access) {
263 
264  // ** Loop through the selected programs -- If All Scripts is one of them, then that will be the only line to add
265  $save_allow = "";
266  if (count($frm_Scr_Sel) > 0) {
267  foreach ($frm_Scr_Sel as $value) {
268  if ($value == $Allowed_Scripts['*']) {
269  // ** All Scripts was selected -- This will be the only option
270  $save_allow = "*";
271  break; // * should break out of foreach
272  } else {
273  // ** Build the string
274  $save_allow .= prep_save($value) . "\n";
275  }
276  }
277  }
278 
279  if ($save_allow > 2000) {
280  // ** If Save Allow is greater than 2000 characters then there is an error --- report it
281  $err_msg = "<li>The Allowed scripts has reached its internal maximum. Fewer scripts will need to be selected.<br>\n";
282  }
283 
284  // ** Validate Failed Remain
285  if (($frm_fr != intval($frm_fr)) && strlen($frm_fr) > 0) {
286  $err_msg .= "<li>The failed remaining must be a numeric value.<br>";
287  }
288  }
289  if ($err_msg == "") {
290  // Everything was validated, we now need to save the information, either insert for new or update for edited.
291 
292  // ** SETUP THE FIELDS FOR SAVING
293  $save_pwd = password_hash(trim($frm_pwd1), PASSWORD_DEFAULT);
294  $save_ipr = prep_save($frm_ipr, 1000);
295  $save_altip = prep_save($frm_altip, 15);
296  $save_fc = prep_save($frm_fc, 1);
297  $save_fr = intval($frm_fr);
298  $save_chg = intval($frm_chg);
299  $save_sms = prep_save($frm_sms, 40);
300  $save_email = prep_save($_POST['frm_email'], 100);
301  // ** NOTIFY Fields
302  // I am seting the save_pin to empty if the pin was not set. This is only
303  // * relevant to the INSERT, as the UPDATE will only include the field
304  // * if frm_pin was set in POST
305  $save_pin = ($frm_pin1 == '' ? '' : crypt(trim($frm_pin1)));
306  if (is_array($frm_enabled)) {
307  // ** The purpose is to save the items as a space delimited string,
308  // * If I got here, then it did NOT fail above
309  $save_enabled = prep_save(implode(" ", $frm_enabled), 100);
310  }
311  $save_notifyhours = prep_save($notify_start . ":". $notify_end);
312 
313  if ($num_rows > 0) {
314  // ** UPDATE
315  $sql_upd = "UPDATE dmsmonitorusers
316  SET ";
317  if (strlen($frm_pin1) > 0) {
318  $sql_upd .= "notifypin = '$save_pin', ";
319  }
320  if ($Full_Access) {
321  if (strlen($frm_pwd1) > 0) {
322  $sql_upd .= "passwd = '$save_pwd', ";
323  }
324  $sql_upd .= "
325  ip_range = '$save_ipr',
326  altipaddress = '$save_altip',
327  allowed_scripts = '$save_allow',
328  usersms = '$save_sms',
329  notifyemail = '$save_email',
330  failedremain = '$save_fr',
331  forcechange = '$save_fc',
332  forceremain = '$save_chg',
333  notifyhours = '$save_notifyhours',
334  notifyenabled = '$save_enabled'
335 
336  WHERE lower(user_name) = '" . prep_save(strtolower($frm_un), 12) . "' ; ";
337  } else {
338  $sql_upd .= "
339  passwd = '$save_pwd',
340  usersms = '$save_sms',
341  notifyemail = '$save_email',
342  notifyhours = '$save_notifyhours',
343  notifyenabled = '$save_enabled'
344  WHERE lower(user_name) = '" . prep_save(strtolower($Hu), 12) . "' ; ";
345  }
346  } else {
347  if (!$Full_Access) {
348  header("Location: /hcuadm/hcu_noperm.prg");
349  exit;
350  }
351  // ** INSERT
352  $sql_ins = "INSERT INTO dmsmonitorusers
353  (user_name, passwd, ip_range, altipaddress, usersms,
354  notifyemail, allowed_scripts, failedremain, forcechange, forceremain, notifypin, notifyhours, notifyenabled )
355  VALUES
356  ('" . prep_save(strtolower($frm_un), 12) . "', '$save_pwd', '$save_ipr', '$save_altip', '$save_sms',
357  '$save_email', '$save_allow', '$save_fr', '$save_fc', '$save_chg', '$save_pin', '$save_notifyhours', '$save_enabled' ); ";
358 
359  }
360  $sql_ask = "SELECT * FROM dmsmonitorusers
361  WHERE lower(user_name) = '" . prep_save(strtolower($frm_un), 12) . "' ";
362  $db_result = db_query($sql_ask, $link);
363  $cnum_rows = db_num_rows($db_result);
364  if ($cnum_rows > 0 ) {
365  $sql=$sql_upd;
366  } else {
367  $sql=$sql_ins;
368  }
369 
370  // Now pass the query to the Database
371  if (!($db_result=db_query($sql, $link))) {
372  // A problem was encoutered with saving the data - report the message
373  $err_msg = "<br>Unable to Save HomeCU Monitor User!<br><br>";
374  } else {
375  $Remote_Results = "";
376  if (Remote_Update_Selected() || (!$Full_Access)) {
377  // ** Now check for saving to a remote server
378  // ** Add each field that will be updated
379  Remote_Field_Add("dmsusers", "user_name", prep_save(strtolower($frm_un), 12)); // ** USERNAME
380  if (strlen($frm_pwd1) > 0) {
381  Remote_Field_Add("dmsusers", "passwd", $save_pwd); // ** Password
382  }
383  if (strlen($frm_pin1) > 0) {
384  Remote_Field_Add("dmsusers", "notifypin", $save_pin); // ** Password
385  }
386  // UPDATE SMS FOR ALL ACCESS
387  Remote_Field_Add("dmsusers", "usersms", $save_sms); // ** IP Range
388  // Notify Info
389  Remote_Field_Add("dmsusers", "notifyhours", $save_notifyhours); // ** Notify hours
390  Remote_Field_Add("dmsusers", "notifyenabled", $save_enabled); // ** Notify Enabled
391  Remote_Field_Add("dmsusers", "notifyemail", $save_email); // ** Notify hours
392 
393  if ($Full_Access) {
394  Remote_Field_Add("dmsusers", "ip_range", $save_ipr); // ** IP Range
395  Remote_Field_Add("dmsusers", "altipaddress", $save_altip); // ** Alternate IP Address
396  Remote_Field_Add("dmsusers", "allowed_scripts", $save_allow); // ** Allowed Scripts
397  }
398 
399  if ($Full_Access) {
400  $Remote_Results = Remote_Update_Send("U", "dmsusers");
401  } else {
402  $Remote_Results = Remote_Update_All("U", "dmsusers");
403  }
404  }
405 
406  header("Location: /hcuadm/hcuusers.prg?act=2&msg=" . urlencode("The HomeCU Monitor User " . strtolower($frm_un) . " was saved successfully.<br><br>$Remote_Results"));
407  exit;
408  }
409  }
410  }
411 
412 
413  switch ($act):
414  case "1": // Edit Homecu Users
415 
416  // * Reset all the form variables
417  $disp_mode = "";
418  $disp_sms = "";
419  $disp_email = "";
420  $disp_un = "";
421  $disp_ipr = "";
422  $disp_altip = "";
423  $disp_allow = array();
424  $disp_select = array();
425  $disp_fr = 5;
426  $disp_fc = "";
427  $disp_chg = 5;
428  $disp_enabled = array();
429  $disp_pin = '';
430  $disp_start_hour = '';
431  $disp_start_min = '';
432  $disp_end_hour = '';
433  $disp_end_min = '';
434 
435 
436  $disp_allow = array_diff($Allowed_Scripts, $disp_allow);
437  $disp_priorlogin = "";
438  $disp_lastlogin = "";
439  $disp_failedlogin = "";
440 
441  /* disp_mode -- options
442  NEW -- New user
443  EDIT -- Edit User
444  */
445  if (isset($frm_mode)) {
446  $disp_mode = $frm_mode;
447  } else {
448  $disp_mode = "NEW";
449  }
450  if (isset($btnSave)) {
451 
452 
453  // * for both full or partial access, allow the user to change there sms entry
454  $disp_sms = dms_disphtml($frm_sms);
455  $disp_email = dms_disphtml($_POST['frm_email']);
456  if ($Full_Access) {
457  $disp_un = dms_disphtml($frm_un);
458  $disp_ipr = dms_disphtml($frm_ipr);
459  $disp_altip = dms_disphtml($frm_altip);
460 
461  // ** Figure out the Array information
462  if (count($frm_Scr_Sel) > 0) {
463  $disp_allow = array_diff($Allowed_Scripts, $frm_Scr_Sel);
464  $disp_select = array_intersect($Allowed_Scripts, $frm_Scr_Sel);
465  }
466 
467  $disp_fr = intval($frm_fr);
468  $disp_fc = dms_disphtml(trim($frm_fc));
469  $disp_chg = intval($frm_chg);
470 
471  $disp_priorlogin = trim($frm_pl);
472  $disp_lastlogin = trim($frm_ll);
473  $disp_failedlogin = trim($frm_fl);
474  } else {
475  $disp_un = $Hu;
476 
477  $disp_fr = intval($frm_fr);
478  $disp_fc = dms_disphtml(trim($frm_fc));
479  $disp_chg = intval($frm_chg);
480 
481  $disp_priorlogin = trim($frm_pl);
482  $disp_lastlogin = trim($frm_ll);
483  $disp_failedlogin = trim($frm_fl);
484  }
485  // ** SET THEM to the posted value
486  $disp_enabled = $frm_enabled;
487  $disp_start_hour = $frm_start_hour;
488  $disp_start_min = $frm_start_min;
489  $disp_end_hour = $frm_end_hour;
490  $disp_end_min = $frm_end_min;
491  } elseif (isset($un) || !$Full_Access) {
492  $disp_mode = "EDIT";
493 
494  if ($Full_Access) {
495  $disp_un = strtolower($un);
496  } else {
497  $disp_un = strtolower($Hu);
498  }
499 
500 
501  // ** If we are to load this, then let's load it from the Database
502  $sql = "SELECT *
503  FROM dmsmonitorusers
504  WHERE lower(user_name) = '" . trim(prep_save(strtolower($disp_un), 12)) . "' ";
505  $load_rs = db_query($sql, $link);
506  if ($load_row = db_fetch_array($load_rs)) {
507  $disp_un = dms_disphtml($load_row['user_name']);
508 
509  $disp_sms = dms_disphtml($load_row['usersms']);
510  $disp_email = dms_disphtml($load_row['notifyemail']);
511  if ($Full_Access) {
512  $disp_ipr = dms_disphtml($load_row['ip_range']);
513  $disp_altip = dms_disphtml($load_row['altipaddress']);
514  $disp_fr = dms_disphtml($load_row['failedremain']);
515  $disp_fc = dms_disphtml($load_row['forcechange']);
516  $disp_chg = dms_disphtml($load_row['forceremain']);
517 
518  $disp_select = explode("\n", $load_row['allowed_scripts']);
519  /// --- Use the value saved (which is the key -- and the value to the display text)
520  foreach ($disp_select as $key=>$value) {
521  $disp_select[$key] = $Allowed_Scripts[$value];
522  }
523  // ** IF First element is blank -- then POP it off the array
524  if (count($disp_select) > 0) {
525  if ($disp_select[0] == "") {
526  $disp_select = array_reverse($disp_select);
527  array_pop($disp_select);
528  $disp_select = array_reverse($disp_select);
529  }
530  if (count($disp_select) > 0) {
531  if ($disp_select[count($disp_select) - 1] == "") {
532  if (count($disp_select) > 0) {
533  array_pop($disp_select);
534  }
535  }
536  }
537  }
538 
539 
540  $disp_allow = array_diff($Allowed_Scripts, $disp_select);
541  }
542 
543  // ** SET THEM to the posted value
544  $disp_enabled = explode(" ", $load_row['notifyenabled']);
545  if (strlen(trim($load_row['notifyhours'])) == 9) {
546  // ** ONLY PARSE If the string is 9 characters HHMM:HHMM
547  $disp_start_hour = substr(trim($load_row['notifyhours']), 0, 2);
548  $disp_start_min = substr(trim($load_row['notifyhours']), 2, 2);
549  $disp_end_hour = substr(trim($load_row['notifyhours']), 5, 2);
550  $disp_end_min = substr(trim($load_row['notifyhours']), 7, 2);
551  }
552 
553  $disp_priorlogin = dms_disphtml($load_row['priorlogin']);
554  $disp_lastlogin = dms_disphtml($load_row['lastlogin']);
555  $disp_failedlogin = dms_disphtml($load_row['failedlogin']);
556 
557  } else {
558  // ** UNSUCCESSFUL LOAD
559  // IF THE USER DOES NOT have full access and they got here --
560  // ** THEN SHOW no permissions
561  header("Location: /hcuadm/hcu_noperm.prg");
562  exit;
563  }
564 
565  }
566 
567 
568  cu_header("Edit HomeCU Monitor Users");
569 ?>
570  <form action="hcuusers.prg" method="post" name="hcuform">
571  <input type="hidden" name="act" value="<?php echo $act; ?>">
572  <input type="hidden" name="frm_mode" value="<?php echo $disp_mode; ?>">
573  <br><br>
574  <center>
575  <table cellpadding="3" cellspacing="0" border="0" width="500" class="dmsbg"><tr><td>
576  <table cellpadding="1" cellspacing="0" border="0" width="100%" bgcolor=white>
577  <?php if ($err_msg != ""): ?>
578  <tr>
579  <td colspan="2" class="err" align="center">
580  The following errors will need to be fixed before saving can complete.<Br><br><?php echo $err_msg; ?>
581  </td>
582  </tr>
583  <?php endif; ?>
584  <tr>
585  <td colspan="2" class="bar" align="center">
586  <?php if($disp_mode == "EDIT"): ?>
587  Edit HomeCU Monitor User
588  <?php else: ?>
589  Add HomeCU Monitor User
590  <?php endif; ?>
591  </td>
592  </tr>
593  <?php if (isset($msg)): ?>
594  <tr>
595  <td colspan="5" class="msg" align="center">
596  <?php echo $msg; ?>
597  </td>
598  </tr>
599  <?php endif; ?>
600  <tr>
601  <td nowrap align="right" class="hdr">
602  Username:
603  </td>
604  <td nowrap class='dtl'>
605  <?php if ($disp_mode == "NEW"): ?>
606  <input type="text" name="frm_un" size="12" maxlength="12" value="<?php echo strtolower($disp_un); ?>">
607  <?php else: ?>
608  <?php echo strtolower($disp_un); ?>
609  <input type="hidden" name="frm_un"value="<?php echo strtolower($disp_un); ?>">
610  <?php endif; ?>
611  </td>
612  </tr>
613  <tr>
614  <td nowrap align="right" class="hdr"> &nbsp; </td>
615  <td nowrap class='dtl'> &nbsp; </td>
616  </tr>
617  <?php if ($disp_mode == "EDIT"): ?>
618  <tr>
619  <td nowrap align="right" class="hdr">
620  Old Password:
621  </td>
622  <td nowrap class='dtl'>
623  <input type="password" name="frm_pwd_orig" size="10" maxlength="12">
624  <span class="iegreen">* Only required for new password</span>
625  </td>
626  </tr>
627  <?php endif; ?>
628  <tr>
629  <td nowrap align="right" class="hdr">
630  New Password:
631  </td>
632  <td nowrap class='dtl'>
633  <input type="password" name="frm_pwd1" size="10" maxlength="12">
634  </td>
635  </tr>
636  <tr>
637  <td nowrap align="right" class="hdr">
638  Confirm New Password:
639  </td>
640  <td nowrap class='dtl'>
641  <input type="password" name="frm_pwd2" size="10" maxlength="12">
642  </td>
643  </tr>
644  <tr>
645  <td nowrap align="center" class="hdr" colspan ="2" style="font-size:1.5em">
646  NOTIFICATION
647  </td>
648  </tr>
649  <tr>
650  <td nowrap align="right" class="hdr" valign="top">
651  Notify SMS:
652  </td>
653  <td nowrap class='dtl' valign="top">
654  <input type="text" name="frm_sms" size=25 maxlength=40 value="<?php echo $disp_sms; ?>">
655  <span class="iegreen">ie. 2085551234@vtext.com</span>
656  </td>
657  </tr>
658  <tr>
659  <td nowrap align="right" class="hdr" valign="top">
660  Notify Email:
661  </td>
662  <td nowrap class='dtl' valign="top">
663  <input type="text" name="frm_email" size=25 maxlength=70 value="<?php echo $disp_email; ?>">
664  <span class="iegreen">ie. name@homecu.net</span>
665  </td>
666  </tr>
667  <tr>
668  <td align="right" class="hdr" valign="top">
669  Notify Enabled:
670  </td>
671  <td class='dtl' valign='top'>
672  <?php foreach ($Notify_Items as $itemKey => $itemList) : ?>
673  <input type="checkbox" name="frm_enabled[]" <?php echo (is_array($disp_enabled) ? (array_search($itemKey, $disp_enabled) !== false ? "CHECKED" : "") : "" ); ?> value="<?php echo dms_disphtml($itemKey); ?>"><?php echo dms_disphtml($itemList); ?><br/>
674  <?php endforeach; ?>
675  </td>
676  </tr>
677  <tr>
678  <td align="right" class="hdr" valign="top">
679  Notify Hours:
680  </td>
681  <td class='dtl' valign='top'>
682  <select name='frm_start_hour'>
683  <?php for ($x=0; $x <= 24; $x++): ?>
684  <option value='<?php echo substr('00' . $x, -2); ?>' <?php echo ($disp_start_hour == substr('00' . $x, -2) ? "SELECTED" : ""); ?>><?php echo substr('00' . $x, -2); ?></option>
685  <?php endfor; ?>
686  </select>:
687  <select name='frm_start_min'>
688  <?php foreach ($Notify_Minutes as $list_min): ?>
689  <option value='<?php echo $list_min; ?>' <?php echo ($disp_start_min == $list_min ? "SELECTED" : ""); ?>><?php echo $list_min; ?></option>
690  <?php endforeach; ?>
691  </select>
692  &nbsp;to&nbsp;
693  <select name='frm_end_hour'>
694  <?php for ($x=0; $x <= 24; $x++): ?>
695  <option value='<?php echo substr('00' . $x, -2); ?>' <?php echo ($disp_end_hour == substr('00' . $x, -2) ? "SELECTED" : ""); ?>><?php echo substr('00' . $x, -2); ?></option>
696  <?php endfor; ?>
697  </select>:
698  <select name='frm_end_min'>
699  <?php reset($Notify_Minutes); foreach ($Notify_Minutes as $list_min): ?>
700  <option value='<?php echo $list_min; ?>' <?php echo ($disp_end_min == $list_min ? "SELECTED" : ""); ?>><?php echo $list_min; ?></option>
701  <?php endforeach; ?>
702  </select>
703  </td>
704  </tr>
705  <tr>
706  <td nowrap align="right" class="hdr">
707  New Notify PIN:
708  </td>
709  <td nowrap class='dtl'>
710  <input type="password" name="frm_pin1" size="8" maxlength="6">
711  </td>
712  </tr>
713  <tr>
714  <td nowrap align="right" class="hdr">
715  Confirm PIN:
716  </td>
717  <td nowrap class='dtl'>
718  <input type="password" name="frm_pin2" size="8" maxlength="6">
719  </td>
720  </tr>
721  <tr>
722  <td nowrap align="right" class="hdr"> &nbsp; </td>
723  <td nowrap class='dtl'> &nbsp; </td>
724  </tr>
725  <?php if ($Full_Access): ?>
726  <tr>
727  <td nowrap align="center" class="hdr" colspan ="2" style="font-size:1.5em">
728  SCRIPT PERMISSIONS
729  </td>
730  </tr>
731  <tr>
732  <td nowrap align="right" class="hdr" valign="top">
733  IP Address:
734  <span class="iegreen"><br><br>ie.<br>192.168.168<Br>192.168.169.11<br></span>
735  </td>
736  <td nowrap class='dtl' valign="top">
737  <textarea rows=6 cols=20 name="frm_ipr"><?php echo $disp_ipr; ?></textarea>
738  </td>
739  </tr>
740  <tr>
741  <td nowrap align="right" class="hdr" valign="top">
742  Single alternate IP Address:
743  </td>
744  <td nowrap class='dtl' valign="top">
745  <input type="text" name="frm_altip" size=15 maxlength=15 value="<?php echo $disp_altip; ?>">
746  <span class="iegreen">ie.192.168.168 or 192.168.169.11</span>
747  </td>
748  </tr>
749  <tr>
750  <td nowrap align="right" class="hdr" valign="top">
751  Allowed Scripts:
752  </td>
753  <td nowrap class='dtl'>
754  <!-- show available Scripts -->
755  <script language='javascript'>
756 
757  function selectOption(pDirect, pTo, pFrom) {
758  var i;
759  var pos;
760  var option;
761  var text;
762  var value;
763  var offset = 0;
764  var elementcount;
765 
766  elementcount = document.hcuform.elements[pFrom].options.length;
767 
768  // get value of selected item
769  for (i = 0; i < elementcount; i++) {
770  if (document.hcuform.elements[pFrom].options[i - offset].selected) {
771  value = document.hcuform.elements[pFrom].options[i - offset].value;
772  text = document.hcuform.elements[pFrom].options[i - offset].text;
773  document.hcuform.elements[pFrom].options[i - offset] = null;
774  pos = document.hcuform.elements[pTo].options.length;
775  option = new Option(text,value);
776  document.hcuform.elements[pTo].options[pos] = option;
777  offset++;
778  }
779  }
780 
781  selectAll();
782  }
783  function selectAll() {
784  // ** select all the options in the Selected option
785  for (i=0; i < document.hcuform.elements['frm_Scr_Sel[]'].options.length; i++) {
786  document.hcuform.elements['frm_Scr_Sel[]'].options[i].selected = true;
787  }
788  }
789  </script>
790  <table cellspacing="3" cellpadding="0" border="0">
791  <tr>
792  <td>
793  <select name="frm_Scr_Avail[]" multiple size="10" >
794  <?php foreach ($disp_allow as $key => $value) { ?>
795  <option value="<?php echo dms_disphtml($value); ?>"><?php echo dms_disphtml($value); ?></option>
796  <?php } ?>
797  </select>
798  </td>
799  <td valign='center'>
800  <input type="button" value="&gt;&gt;" onClick="selectOption('Add','frm_Scr_Sel[]','frm_Scr_Avail[]')"><br>
801  <input type="button" value="&lt;&lt;" onClick="selectOption('Remove', 'frm_Scr_Avail[]','frm_Scr_Sel[]')">
802  </td>
803  <td>
804  <!-- show selected scripts -->
805  <select name="frm_Scr_Sel[]" multiple size="10">
806  <?php foreach ($disp_select as $key => $value) { ?>
807  <option value="<?php echo dms_disphtml($value); ?>"><?php echo dms_disphtml($value); ?></option>
808  <?php } ?>
809  </select>
810  </td>
811  </tr>
812  </table>
813  </td>
814  </tr>
815  <tr>
816  <td nowrap align="right" class="hdr">
817  Failed Remain:
818  </td>
819  <td nowrap class='dtl'>
820  <input type="text" name="frm_fr" size="2" maxlength="2" value="<?php echo $disp_fr?>">
821  </td>
822  </tr>
823  <tr>
824  <td nowrap align="right" class="hdr">
825  Force Change:
826  </td>
827  <td nowrap class='dtl'>
828  <input type="checkbox" name="frm_fc" <?php echo ($disp_fc == "Y" ? "CHECKED" : ""); ?> value="Y">
829  </td>
830  </tr>
831  <tr>
832  <td nowrap align="right" class="hdr">
833  Force Remain:
834  </td>
835  <td nowrap class='dtl'>
836  <input type="text" name="frm_chg" size="2" maxlength="2" value="<?php echo $disp_chg; ?>">
837  </td>
838  </tr>
839  <?php endif; ?>
840  <tr>
841  <td nowrap align="center" class="hdr" colspan ="2" style="font-size:1.5em">
842  LOGIN DETAILS
843  </td>
844  </tr>
845  <tr>
846  <td colspan="2">
847  <table width='100%' border=0 cellpadding=0 cellspacing=0>
848  <tr>
849  <td class="hdr" align="center" width="33%">Last Login</td>
850  <td class="hdr" align="center" width="33%">Prior Login</td>
851  <td class="hdr" align="center" width="33%">Failed Login</td>
852  </tr>
853  <tr>
854  <td class="dtl" align="center">&nbsp;<?php echo $disp_lastlogin; ?><input type="hidden" name="frm_ll" value="<?php echo $disp_lastlogin; ?>"></td>
855  <td class="dtl" align="center">&nbsp;<?php echo $disp_priorlogin; ?><input type="hidden" name="frm_pl" value="<?php echo $disp_priorlogin; ?>"></td>
856  <td class="dtl" align="center">&nbsp;<?php echo $disp_failedlogin; ?><input type="hidden" name="frm_fl" value="<?php echo $disp_failedlogin; ?>"></td>
857  </tr>
858  </table>
859  </td>
860  </tr>
861  <?php if ($Full_Access): ?>
862  <tr>
863  <td class='dtl'>&nbsp;</td>
864  <td nowrap class='dtl'>
865  <?php remote_update_list(); ?>
866  </td>
867  </tr>
868  <?php endif; ?>
869  <tr>
870  <td class='dtl'>&nbsp;</td>
871  <td nowrap class='dtl'>
872  <input type="submit" name="btnSave" Value="Save" onClick="selectAll();">
873  <input type="button" name="Cancel" Value="Cancel" onClick="document.location='hcuusers.prg'">
874  </td>
875  </tr>
876  </table>
877  </td></tr></table>
878 
879  <?php
880  break;
881  case "2":
882  cu_header("HomeCU Users");
883  ?>
884  <form>
885 
886  <?php
887  // Connect to the data and retrieve the current list of Home CU Products
888  $query = "SELECT user_name, failedremain, forcechange, forceremain,
889  lastlogin, priorlogin, failedlogin
890  FROM dmsmonitorusers ORDER BY user_name ";
891  $prod_result = db_query($query, $link);
892 
893  ?>
894 
895  <!-- Print out the top of the table -->
896 
897  <table border="0" cellpadding="3" cellspacing="0" align="center" class='dmsbg' width="500"><tr><td>
898  <table border="0" cellpadding="1" cellspacing="0" align="center" width="100%" bgcolor=white>
899  <tr>
900  <td colspan="5" class="bar" align="center">
901  HomeCU Monitor Users List
902  </td>
903  </tr>
904  <?php if (isset($msg)): ?>
905  <tr>
906  <td colspan="5" class="msg" align="center">
907  <?php echo $msg; ?>
908  </td>
909  </tr>
910  <?php endif; ?>
911  <tr>
912  <td class="hdr" align="left">
913  User Name
914  </td>
915  <td class="hdr" align="left">
916  Last Login
917  </td>
918  <td class="hdr" align="left">
919  Fail Remain
920  </td>
921  <td class="hdr" align="left">
922  Fail Login
923  </td>
924  <td class="hdr" align="center">
925  &nbsp;
926  </td>
927  </tr>
928  <?php
929  $RGB = "odd";
930  $row = 0;
931  while ($prod_row = db_fetch_object($prod_result, $row)):
932  $row++;
933  ?>
934  <tr class="<?php echo $RGB; ?>">
935  <td nowrap class="dtl">
936  <a href="hcuusers.prg?act=1&un=<?php echo strtolower(trim($prod_row->user_name)) ?>">
937  <?php echo trim($prod_row->user_name) ?>
938  </a>
939  </td>
940  <td nowrap class="dtl">
941  <?php echo trim($prod_row->lastlogin) ?>
942  </td>
943  <td nowrap class="dtl">
944  <?php echo trim($prod_row->failedremain) ?>
945  </td>
946  <td nowrap class="dtl">
947  <?php echo trim($prod_row->failedlogin) ?>
948  </td>
949  <td nowrap class="dtl">
950  <?php /*&nbsp;|&nbsp;
951  <a href="hcuusers.prg?act=1&un=<?php echo trim($prod_row->user_name) ?>">Edit</a>
952  <a href="">Delete</a>
953  */ ?>
954  </td>
955  </tr>
956  <?php
957  $RGB = ($RGB == "odd" ? "even" : "odd");
958  endwhile; ?>
959 
960  <tr>
961  <td colspan="3">
962  <a href="hcuusers.prg?act=1">Add HomeCU Monitor User</a>
963  &nbsp;|&nbsp;
964  <a href="<?php echo $infourl ?>/hcuadm/cuilist.prg" target="parent">Credit Union List</a>
965  </td>
966  </tr>
967  </table>
968  </td></tr></table>
969 <?php
970  break;
971  default:
972  cu_header("Error Displaying Form");
973  print ("<form>");
974  printError("Requested form not found!<br>Cancelling action.");
975  endswitch;
976  ?>
977  </form>
978  </body>
979 </html>
User
Definition: User.php:7
Generated by   doxygen 1.8.15