Few tweaks to the plugins system
Few tweaks to the plugins system

<?php <?php
/** Credential related Database functions /** Credential related Database functions
* *
* Copyright (C) 2012 B Tasker * Copyright (C) 2012 B Tasker
* Released under GNU GPL V2 * Released under GNU GPL V2
* See LICENSE * See LICENSE
* *
*/ */
defined('_CREDLOCK') or die; defined('_CREDLOCK') or die;
   
   
class CredDB extends BTDB{ class CredDB extends BTDB{
   
   
/** Check Cred Types are specified /** Check Cred Types are specified
* *
* @return boolean * @return boolean
*/ */
function checkCredTypesDefined(){ function checkCredTypesDefined(){
   
$sql = "SELECT * FROM #__CredTypes"; $sql = "SELECT * FROM #__CredTypes";
$this->setQuery($sql); $this->setQuery($sql);
return $this->loadResult(); return $this->loadResult();
} }
   
   
   
/** Delete the credential specified /** Delete the credential specified
* *
* @arg id INT * @arg id INT
* *
* @return boolena * @return boolena
*/ */
function DelCredential($id){ function DelCredential($id){
// Log the request // Log the request
$log = new Logging; $log = new Logging;
$log->logEntry($id,10); $log->logEntry($id,10);
$ACL = BTMain::buildACLQuery(); $ACL = BTMain::buildACLQuery();
$id = $this->stringEscape($id); $id = $this->stringEscape($id);
$sql = "DELETE FROM #__Cred WHERE id='$id' AND ($ACL)"; $sql = "DELETE FROM #__Cred WHERE id='$id' AND ($ACL)";
$this->setQuery($sql); $this->setQuery($sql);
return $this->runQuery(); return $this->runQuery();
   
} }
   
   
   
/** Retrieve the credential specified /** Retrieve the credential specified
* *
* @arg id INT * @arg id INT
* *
* @return object * @return object
*/ */
function FetchCredential($id){ function FetchCredential($id){
// Log the request // Log the request
$log = new Logging; $log = new Logging;
$log->logEntry($id,9); $log->logEntry($id,9);
   
$ACL = BTMain::buildACLQuery(); $ACL = BTMain::buildACLQuery();
   
$id = $this->stringEscape($id); $id = $this->stringEscape($id);
   
$sql = "SELECT Hash, Clicky, Address, UName, CredType, `Group` FROM #__Cred WHERE id='$id' AND ($ACL)"; $sql = "SELECT Hash, Clicky, Address, UName, CredType, `Group` FROM #__Cred WHERE id='$id' AND ($ACL)";
$this->setQuery($sql); $this->setQuery($sql);
   
   
return $this->loadResult(); return $this->loadResult();
} }
   
   
/** Fetch All Credentials for a given type /** Fetch All Credentials for a given type
* *
* @arg type id * @arg type id
* *
* @return object * @return object
*/ */
function getCredsbyType($id){ function getCredsbyType($id){
$id = $this->stringEscape($id); $id = $this->stringEscape($id);
$ACL = BTMain::buildACLQuery('a'); $ACL = BTMain::buildACLQuery('a');
$CustACL = BTMain::buildACLQuery('b'); $CustACL = BTMain::buildACLQuery('b');
   
$sql = "SELECT a.id, b.Name FROM #__Cred as a LEFT JOIN #__Cust as b on a.cust=b.id WHERE CredType='$id' AND ($ACL) AND ($CustACL)"; $sql = "SELECT a.id, b.Name FROM #__Cred as a LEFT JOIN #__Cust as b on a.cust=b.id WHERE CredType='$id' AND ($ACL) AND ($CustACL)";
$this->setQuery($sql); $this->setQuery($sql);
   
return $this->loadResults(); return $this->loadResults();
   
   
   
} }
   
   
   
   
/** Add a new Credential Type /** Add a new Credential Type
* *
* @arg Name string * @arg Name string
* *
* @return boolean * @return boolean
*/ */
function AddCredType($name){ function AddCredType($name){
$crypt = new Crypto; $crypt = new Crypto;
$name = $crypt->encrypt($name,'CredType'); $name = $crypt->encrypt($name,'CredType');
   
$name = $this->stringEscape($name); $name = $this->stringEscape($name);
   
$sql = "INSERT INTO #__CredTypes (`Name`) VALUES ('$name')"; $sql = "INSERT INTO #__CredTypes (`Name`) VALUES ('$name')";
$this->setQuery($sql); $this->setQuery($sql);
   
$id = $this->insertID(); $id = $this->insertID();
   
if ($id){ if ($id){
$log = new Logging; $log = new Logging;
$log->logEntry($id,15); $log->logEntry($id,15);
return $id; return $id;
}else{ }else{
return false; return false;
} }
} }
   
   
   
/** Retrieve the available credential types /** Retrieve the available credential types
* *
*/ */
function getCredTypes(){ function getCredTypes(){
   
$sql = "SELECT * FROM #__CredTypes"; $sql = "SELECT * FROM #__CredTypes";
$this->setQuery($sql); $this->setQuery($sql);
return $this->loadResults(); return $this->loadResults();
} }
   
   
/** Retrieve credential type /** Retrieve credential type
* *
* @arg id INT * @arg id INT
* *
* @return object * @return object
*/ */
function getCredType($id){ function getCredType($id){
$id = $this->stringEscape($id); $id = $this->stringEscape($id);
$sql = "SELECT * FROM #__CredTypes WHERE id='$id'"; $sql = "SELECT * FROM #__CredTypes WHERE id='$id'";
$this->setQuery($sql); $this->setQuery($sql);
return $this->loadResult(); return $this->loadResult();
} }
   
   
   
/** Edit Credential Type /** Edit Credential Type
* *
* @arg id - INT * @arg id - INT
* @arg name - string * @arg name - string
* *
* @return boolean * @return boolean
*/ */
function editCredType($id,$name){ function editCredType($id,$name){
$crypt = new Crypto; $crypt = new Crypto;
$id = $this->stringEscape($id); $id = $this->stringEscape($id);
   
$name = $crypt->encrypt($name,'CredType'); $name = $crypt->encrypt($name,'CredType');
$name = $this->stringEscape($name); $name = $this->stringEscape($name);
   
$sql = "UPDATE #__CredTypes SET `Name`='$name' WHERE id='$id'"; $sql = "UPDATE #__CredTypes SET `Name`='$name' WHERE id='$id'";
$this->setQuery($sql); $this->setQuery($sql);
   
return $this->runQuery(); return $this->runQuery();
   
} }
   
   
   
/** Delete credential type and all associated creds /** Delete credential type and all associated creds
* *
* @arg id INT * @arg id INT
* *
* @return boolean * @return boolean
*/ */
function DelCredentialType($id){ function DelCredentialType($id){
$id = $this->stringEscape($id); $id = $this->stringEscape($id);
   
$sql = "DELETE FROM #__Cred WHERE `CredType`='$id'"; $sql = "DELETE FROM #__Cred WHERE `CredType`='$id'";
$this->setQuery($sql); $this->setQuery($sql);
$this->runQuery(); $this->runQuery();
   
$sql = "DELETE FROM #__CredTypes WHERE id='$id'"; $sql = "DELETE FROM #__CredTypes WHERE id='$id'";
$this->setQuery($sql); $this->setQuery($sql);
if ($this->runQuery()){ if ($this->runQuery()){
$log = new Logging; $log = new Logging;
$log->logEntry($id,16); $log->logEntry($id,16);
return true; return true;
}else{ }else{
return false; return false;
} }
   
   
   
   
   
   
} }
   
   
/** Insert a new Credential into the database /** Insert a new Credential into the database
* *
* @arg cust - INT * @arg cust - INT
* @arg credtype - INT * @arg credtype - INT
* @arg cred - string * @arg cred - string
* @arg clicky - tinyint * @arg clicky - tinyint
* @arg group - INT * @arg group - INT
* @arg address - string * @arg address - string
* @arg uname - string * @arg uname - string
* *
* @return object * @return object
*/ */
function addCred($cust,$credtype,$cred,$clicky,$group = 1,$address = '', $uname = '') function addCred($cust,$credtype,$cred,$clicky,$group = 1,$address = '', $uname = '')
{ {
   
   
// Encrypt the relevant parts // Encrypt the relevant parts
$crypt = new Crypto; $crypt = new Crypto;
   
   
if (!empty($address)){ if (!empty($address)){
$address = $crypt->encrypt($address,'Cre'.$credtype); $address = $crypt->encrypt($address,'Cre'.$credtype);
} }
   
if (!empty($uname)){ if (!empty($uname)){
$uname = $crypt->encrypt($uname,'Cre'.$credtype); $uname = $crypt->encrypt($uname,'Cre'.$credtype);
} }
   
if (!empty($cred)){ if (!empty($cred)){
$cred = $crypt->encrypt($cred,'Cre'.$credtype); $cred = $crypt->encrypt($cred,'Cre'.$credtype);
} }
   
$address = $this->stringEscape($address); $address = $this->stringEscape($address);
$uname = $this->stringEscape($uname); $uname = $this->stringEscape($uname);
$credtype = $this->stringEscape($credtype); $credtype = $this->stringEscape($credtype);
$cred = $this->stringEscape($cred); $cred = $this->stringEscape($cred);
$cust = $this->stringEscape($cust); $cust = $this->stringEscape($cust);
$clicky = $this->stringEscape($clicky); $clicky = $this->stringEscape($clicky);
$date = date('Y-m-d H:i:s'); $date = date('Y-m-d H:i:s');
$group = $this->stringEscape($group); $group = $this->stringEscape($group);
   
   
$sql = "INSERT INTO #__Cred (`cust`,`Added`,`Group`,`Hash`,`CredType`,`Clicky`,`Address`,`UName`) ". $sql = "INSERT INTO #__Cred (`cust`,`Added`,`Group`,`Hash`,`CredType`,`Clicky`,`Address`,`UName`) ".
"VALUES ('$cust','$date','$group','$cred','$credtype','$clicky','$address','$uname')"; "VALUES ('$cust','$date','$group','$cred','$credtype','$clicky','$address','$uname')";
$this->setQuery($sql); $this->setQuery($sql);
   
$id = $this->insertID(); $id = $this->insertID();
   
if ($id){ if ($id){
$log = new Logging; $log = new Logging;
$log->logEntry($id,7); $log->logEntry($id,7);
return true; return $id;
}else{ }else{
return false; return false;
} }
   
} }
   
   
   
   
/** Edit Specified Credential /** Edit Specified Credential
* *
* @arg id - INT * @arg id - INT
* @arg credtype - INT * @arg credtype - INT
* @arg cred - string * @arg cred - string
* @arg clicky - tinyint * @arg clicky - tinyint
* @arg group - INT * @arg group - INT
* @arg address - string * @arg address - string
* @arg uname - string * @arg uname - string
* *
* @return object * @return object
*/ */
function editCred($id,$credtype,$cred,$clicky,$group = 1,$address = '', $uname = '') function editCred($id,$credtype,$cred,$clicky,$group = 1,$address = '', $uname = '')
{ {
   
   
// Initialise some vars // Initialise some vars
$crypt = new Crypto; $crypt = new Crypto;
$ACL = BTMain::buildACLQuery(); $ACL = BTMain::buildACLQuery();
$credtype = $this->stringEscape($credtype); $credtype = $this->stringEscape($credtype);
$id = $this->stringEscape($id); $id = $this->stringEscape($id);
$date = date('Y-m-d H:i:s'); $date = date('Y-m-d H:i:s');
$group = $this->stringEscape($group); $group = $this->stringEscape($group);
   
   
// build the SQL // build the SQL
   
$sql = "UPDATE #__Cred SET `Added`='$date', `Group`='$group',"; $sql = "UPDATE #__Cred SET `Added`='$date', `Group`='$group',";
   
if ($cred){ if ($cred){
$cred = $crypt->encrypt($cred,'Cre'.$credtype); $cred = $crypt->encrypt($cred,'Cre'.$credtype);
$cred = $this->stringEscape($cred); $cred = $this->stringEscape($cred);
$sql .= "`Hash`='$cred',"; $sql .= "`Hash`='$cred',";
} }
   
   
if ($clicky){ if ($clicky){
$clicky = $this->stringEscape($clicky); $clicky = $this->stringEscape($clicky);
$sql .= "`Clicky`='$clicky',"; $sql .= "`Clicky`='$clicky',";
} }
   
if ($address){ if ($address){
$address = $crypt->encrypt($address,'Cre'.$credtype); $address = $crypt->encrypt($address,'Cre'.$credtype);
$address = $this->stringEscape($address); $address = $this->stringEscape($address);
$sql .= "`Address`='$address',"; $sql .= "`Address`='$address',";
} }
   
if ($uname){ if ($uname){
$uname = $crypt->encrypt($uname,'Cre'.$credtype); $uname = $crypt->encrypt($uname,'Cre'.$credtype);
$uname = $this->stringEscape($uname); $uname = $this->stringEscape($uname);
$sql .= "`UName`='$uname',"; $sql .= "`UName`='$uname',";
} }
   
// Get rid of the last comma to prevent a syntax error // Get rid of the last comma to prevent a syntax error
$sql = rtrim($sql,","); $sql = rtrim($sql,",");
   
$sql .= " WHERE id='$id' AND ($ACL)"; $sql .= " WHERE id='$id' AND ($ACL)";
   
$this->setQuery($sql); $this->setQuery($sql);
   
if ($this->runQuery()){ if ($this->runQuery()){
   
$log = new Logging; $log = new Logging;
$log->logEntry($id,8); $log->logEntry($id,8);
return true; return true;
}else{ }else{
return false; return false;
} }
   
} }
   
   
   
   
} }
   
   
   
   
?> ?>
<h2>Contents</h2> <h2>Contents</h2>
   
<ul> <ul>
<li><a href="#about">About AutoAuth</a></li> <li><a href="#about">About AutoAuth</a></li>
<li><a href="#plgConfig">Plugin Configuration</a> <li><a href="#plgConfig">Plugin Configuration</a>
<li><a href="#CredType">CredType Configuration</a></li> <li><a href="#CredType">CredType Configuration</a></li>
<ul><li><a href="#examples">Example Values</li></ul> <ul><li><a href="#examples">Example Values</li></ul>
</li> </li>
<li><a href="#unsupported">Known incompatible systems</a></li> <li><a href="#unsupported">Known incompatible systems</a></li>
   
</ul> </ul>
   
   
<h3><a name="about">About AutoAuth</a></h3> <h3><a name="about">About AutoAuth</a></h3>
AutoAuth Plugin is a plugin allowing system admins to configure PHPCredLocker to AutoAuth Plugin is a plugin allowing system admins to configure PHPCredLocker to
display a 'Log In' button for specific credtypes. When enabled, the plugin display a 'Log In' button for specific credtypes. When enabled, the plugin
simply generates a form containing the credentials so that users can log into simply generates a form containing the credentials so that users can log into
linked systems with one click. linked systems with one click.
<br /> <br />
<br /> <br />
   
Thanks to <a href="http://www.joomlasuffolk.co.uk/" target=_blank>Joomla User Thanks to <a href="http://www.joomlasuffolk.co.uk/" target=_blank>Joomla User
Group Suffolk (JUGS)</a> for the feature suggestion! Group Suffolk (JUGS)</a> for the feature suggestion!
<br /> <br />
   
   
   
<h3><a name="plgConfig">Plugin Configuration</a></h3> <h3><a name="plgConfig">Plugin Configuration</a></h3>
   
The configuration file contains two options<br /> The configuration file contains two options<br />
   
<ul> <ul>
<li><b><i>active</i></b> - Is the plugin enabled?</li> <li><b><i>active</i></b> - Is the plugin enabled?</li>
<li><b><i>warnredirect</i></b> - Should a Javascript confirm box be displayed before redirecting the user</li> <li><b><i>warnredirect</i></b> - Should a Javascript confirm box be displayed before redirecting the user</li>
</ul> </ul>
   
   
   
<h3><a name="CredType">CredType Configuration</a></h3> <h3><a name="CredType">CredType Configuration</a></h3>
   
When enabled, the plugin will display additional fields when adding or editing a Credential Type. When enabled, the plugin will display additional fields when adding or editing a Credential Type.
The settings specified in these will define how credentials are passed to the login script of the linked system, The settings specified in these will define how credentials are passed to the login script of the linked system,
getting them wrong will result in a failed login.<br /> getting them wrong will result in a failed login.<br />
   
<ul> <ul>
<li><b><i>Enable Auto Login button:</b></i> Should the plugin be enabled for this CredType?</li> <li><b><i>Enable Auto Login button:</b></i> Should the plugin be enabled for this CredType?</li>
<li><b><i>Additional address path: </b></i> Specifies any additional URL params that need to be specified to enable login</li> <li><b><i>Additional address path: </b></i> Specifies any additional URL params that need to be specified to enable login</li>
<li><b><i>User Field:</b></i> The field name used by the login form of the linked system</li> <li><b><i>User Field:</b></i> The field name used by the login form of the linked system</li>
<li><b><i>Password Field:</b></i> The field name use by the login form of the linked system</li> <li><b><i>Password Field:</b></i> The field name use by the login form of the linked system</li>
  <li><b><i>Requires Cookies:</b></i> Some systems require a specific cookie to exist. If this is checked, the target page will be loaded as part of the form (the user won't see it) to ensure all relevant cookies are set. </li>
<li><b><i>Additional Fields:</b></i> Some systems require additional hidden fields to be submitted. This field allows you to specify names and values in CSV format using key=value (i.e. <i>page=home,action=login</i>) <li><b><i>Additional Fields:</b></i> Some systems require additional hidden fields to be submitted. This field allows you to specify names and values in CSV format using key=value (i.e. <i>page=home,action=login</i>)
</ul> </ul>
<br /> <br />
<h4><a name="examples">Example configurations</a></h4> <h4><a name="examples">Example configurations</a></h4>
   
<br /><i>Note: These examples assume you've stored the address of the server without a trailing slash (i.e. mysite:2082 rather than mysite:2082/)</i><br /> <br /><i>Note: These examples assume you've stored the address of the server without a trailing slash (i.e. mysite:2082 rather than mysite:2082/)</i><br />
   
   
<table class="table table-hover"> <table class="table table-hover">
<tr><th></th><th>CPanel</th><th>Webmin</th><th>WordPress</th></tr> <tr><th></th><th>CPanel</th><th>Webmin</th><th>WordPress</th></tr>
   
<tr class='confVal'><th>Additional Address Path</th><td>/login</td><td>/session_login.cgi</td><td>/wp-login.php</td></tr> <tr class='confVal'><th>Additional Address Path</th><td>/login</td><td>/session_login.cgi</td><td>/wp-login.php</td></tr>
   
<tr class='confVal'><th>User Field</th><td>user</td><td>user</td><td>log</td></tr> <tr class='confVal'><th>User Field</th><td>user</td><td>user</td><td>log</td></tr>
   
<tr class='confVal'><th>Password Field</th><td>pass</td><td>pass</td><td>pwd</td></tr> <tr class='confVal'><th>Password Field</th><td>pass</td><td>pass</td><td>pwd</td></tr>
   
  <tr class='confVal'><th>Requires Cookie</th><td>No</td><td>Yes</td><td>Yes</td></tr>
   
<tr class='confVal'><th>Additional Fields</th><td>none</td><td>page=/,</td><td></td></tr> <tr class='confVal'><th>Additional Fields</th><td>none</td><td>page=/,</td><td></td></tr>
</table> </table>
   
   
   
<h3><a name="unsupported">Known Incompatible</a></h3> <h3><a name="unsupported">Known Incompatible</a></h3>
   
Systems known not to be compatible with AutoAuth's one-click login are Systems known not to be compatible with AutoAuth's one-click login are
   
<ul> <ul>
<li>Joomla! - Requires a unique form token to be submitted</li> <li>Joomla! - Requires a unique form token to be submitted</li>
<li>PHPCredLocker - Requires a unique form token to be submitted</li> <li>PHPCredLocker - Requires a unique form token to be submitted</li>
</ul> </ul>
   
Any system which requires a unique form token to be submitted (such as Joomla!) cannot be supported as the token changes with each session/request. Any system which requires a unique form token to be submitted (such as Joomla!) cannot be supported as the token changes with each session/request.
Systems which simply require a specific cookie to be set (such as Webmin) are supported however, as are those which allow login details Systems which simply require a specific cookie to be set (such as Webmin) are supported however, as are those which allow login details
to be submitted without further information (such as CPanel/WHM). to be submitted without further information (such as CPanel/WHM).
   
   
   
<h3>Login button not displaying</h3> <h3>Login button not displaying</h3>
   
There are essentially three reasons why the login button may not display after a user has clicked 'Display Password'.<br> There are essentially three reasons why the login button may not display after a user has clicked 'Display Password'.<br>
   
<ol> <ol>
<li>Plugin not enabled - Check plugins.conf and conf/plugins/AutoAuth/config.php</li> <li>Plugin not enabled - Check plugins.conf and conf/plugins/AutoAuth/config.php</li>
<li>Required field not included - Credential must have URL, User and Password stored for the plugin to trigger</li> <li>Required field not included - Credential must have URL, User and Password stored for the plugin to trigger</li>
<li>Internal plugin fault - Sorry! These have been well tested for, but it's possible something's been missed</li> <li>Internal plugin fault - Sorry! These have been well tested for, but it's possible something's been missed</li>
</ol> </ol>
<?php <?php
/** Add Credential /** Add Credential
* *
* Copyright (C) 2012 B Tasker * Copyright (C) 2012 B Tasker
* Released under GNU GPL V2 * Released under GNU GPL V2
* See LICENSE * See LICENSE
* *
*/ */
defined('_CREDLOCK') or die; defined('_CREDLOCK') or die;
   
   
   
$creds = new CredDB; $creds = new CredDB;
global $notifications; global $notifications;
$notifications->setPageTitle("Add ". Lang::_('Credential')); $notifications->setPageTitle("Add ". Lang::_('Credential'));
  $plg = new Plugins;
   
if (BTMain::getVar('addCredSubmitted')){ if (BTMain::getVar('addCredSubmitted')){
   
$cred = BTMain::getVar('frmCredential'); $cred = BTMain::getVar('frmCredential');
$addr = BTMain::getVar('frmAddress'); $addr = BTMain::getVar('frmAddress');
$user = BTMain::getVar('frmUser'); $user = BTMain::getVar('frmUser');
if (!BTMain::getConnTypeSSL()){ if (!BTMain::getConnTypeSSL()){
$crypt = new Crypto; $crypt = new Crypto;
$tlskey = BTMain::getsessVar('tls'); $tlskey = BTMain::getsessVar('tls');
$cred = $crypt->xordstring(base64_decode($cred),$tlskey); $cred = $crypt->xordstring(base64_decode($cred),$tlskey);
$addr = $crypt->xordstring(base64_decode($addr),$tlskey); $addr = $crypt->xordstring(base64_decode($addr),$tlskey);
$user = $crypt->xordstring(base64_decode($user),$tlskey); $user = $crypt->xordstring(base64_decode($user),$tlskey);
} }
   
   
  $newcred = $creds->addCred(BTMain::getVar('cust'),BTMain::getVar('FrmCredType'),$cred,BTMain::getVar('frmClicky'),BTMain::getVar('frmGroup'),$addr,$user);
// Add the cred to the db // Add the cred to the db
if ($creds->addCred(BTMain::getVar('cust'),BTMain::getVar('FrmCredType'),$cred,BTMain::getVar('frmClicky'),BTMain::getVar('frmGroup'),$addr,$user)){ if ($newcred){
// Success // Success
$notifications->setNotification("addCredSuccess"); $notifications->setNotification("addCredSuccess");
   
  $data->cred->id = $newcred;
  $data->action = 'edit';
   
   
  echo $plg->loadPlugins("Creds",$data)->plgOutput;
   
   
}else{ }else{
$notifications->setNotification("addCredFail"); $notifications->setNotification("addCredFail");
} }
   
   
   
   
   
} }
   
$path = array(array('name'=>Lang::_("Credentials"),'url'=>'#'),array('name'=>'Add','url'=>'index.php?option=addCred&cust='.BTMain::getVar('cust'))); $path = array(array('name'=>Lang::_("Credentials"),'url'=>'#'),array('name'=>'Add','url'=>'index.php?option=addCred&cust='.BTMain::getVar('cust')));
   
$notifications->setBreadcrumb($path); $notifications->setBreadcrumb($path);
   
$auth = new AuthDB; $auth = new AuthDB;
$credtypes = $creds->getCredTypes(); $credtypes = $creds->getCredTypes();
$cust = BTMain::getVar('cust'); $cust = BTMain::getVar('cust');
$custs = new CustDB; $custs = new CustDB;
$customers = $custs->getAllCustomers(); $customers = $custs->getAllCustomers();
   
   
   
?> ?>
   
<form method="POST" onsubmit="return checkNewCred();"> <form method="POST" onsubmit="return checkNewCred();">
   
<input type="hidden" name="option" value="addCred"> <input type="hidden" name="option" value="addCred">
<input type="hidden" name="addCredSubmitted" value="1"> <input type="hidden" name="addCredSubmitted" value="1">
<input type="hidden" name="frmClicky" id="frmClicky" value="0"> <input type="hidden" name="frmClicky" id="frmClicky" value="0">
   
   
   
   
<label for='FrmCustomer'><?php echo Lang::_("Customer");?></label><select name="cust" id="FrmCustomer"> <label for='FrmCustomer'><?php echo Lang::_("Customer");?></label><select name="cust" id="FrmCustomer">
   
<?php <?php
$crypt = new Crypto; $crypt = new Crypto;
$crypt->safety = 0; $crypt->safety = 0;
   
foreach ($customers as $customer){ foreach ($customers as $customer){
   
$plaintext = $crypt->decrypt($customer->Name,'Customer'); $plaintext = $crypt->decrypt($customer->Name,'Customer');
   
$custdets[$plaintext] = "<option value='{$customer->id}'" ; $custdets[$plaintext] = "<option value='{$customer->id}'" ;
   
if ($customer->id == $cust){ if ($customer->id == $cust){
$custdets[$plaintext] .= " selected"; $custdets[$plaintext] .= " selected";
} }
   
$custdets[$plaintext] .= ">$plaintext</option>"; $custdets[$plaintext] .= ">$plaintext</option>";
   
} }
   
ksort($cust); ksort($cust);
echo implode("\n",$custdets); echo implode("\n",$custdets);
?> ?>
   
   
</select> </select>
   
<label for='FrmCredType'><?php echo Lang::_("Credential Type");?></label><select id="FrmCredType" name="FrmCredType"> <label for='FrmCredType'><?php echo Lang::_("Credential Type");?></label><select id="FrmCredType" name="FrmCredType">
<?php <?php
foreach ($credtypes as $cred){ foreach ($credtypes as $cred){
   
?> ?>
<option value="<?php echo $cred->id;?>"><?php echo $crypt->decrypt($cred->Name,'CredType');?></option> <option value="<?php echo $cred->id;?>"><?php echo $crypt->decrypt($cred->Name,'CredType');?></option>
<?php <?php
   
} }
unset($crypt); unset($crypt);
?> ?>
</select> </select>
   
<label for="frmUser"><?php echo Lang::_("User");?></label><input type="text" name="frmUser" id="frmUser"> <label for="frmUser"><?php echo Lang::_("User");?></label><input type="text" name="frmUser" id="frmUser">
   
<label for="frmCredential"><?php echo Lang::_("Password");?></label><textarea id="frmCredential" name="frmCredential"></textarea> <label for="frmCredential"><?php echo Lang::_("Password");?></label><textarea id="frmCredential" name="frmCredential"></textarea>
<a href="javascript: genPwd('frmCredential',10);">Generate Password</a> <a href="javascript: genPwd('frmCredential',10);">Generate Password</a>
   
<label for="frmAddress"><?php echo Lang::_("Address");?></label><input type="text" name="frmAddress" id="frmAddress"> <label for="frmAddress"><?php echo Lang::_("Address");?></label><input type="text" name="frmAddress" id="frmAddress">
   
   
   
<?php include 'lib/includes/groupSelection.php'; ?> <?php include 'lib/includes/groupSelection.php'; ?>
   
   
  <?php
   
  // Call any configured plugins
   
  $data->action = 'editfrmnew';
   
   
  echo $plg->loadPlugins("Creds",$data)->plgOutput;
   
   
  ?>
   
<input type="submit" class="btn btn-primary" value="Add <?php echo Lang::_("Credential");?>"> <input type="submit" class="btn btn-primary" value="Add <?php echo Lang::_("Credential");?>">
</form> </form>
<?php <?php
/** Edit Credential /** Edit Credential
* *
* Copyright (C) 2012 B Tasker * Copyright (C) 2012 B Tasker
* Released under GNU GPL V2 * Released under GNU GPL V2
* See LICENSE * See LICENSE
* *
*/ */
   
defined('_CREDLOCK') or die; defined('_CREDLOCK') or die;
   
   
global $notifications; global $notifications;
$creds = new CredDB; $creds = new CredDB;
$id = BTMain::getVar('id'); $id = BTMain::getVar('id');
  $plg = new Plugins;
   
   
   
$notifications->setPageTitle("Edit " .Lang::_('Credential')); $notifications->setPageTitle("Edit " .Lang::_('Credential'));
   
   
if (BTMain::getVar('editCredSubmitted')){ if (BTMain::getVar('editCredSubmitted')){
   
$id = BTMain::getVar('id'); $id = BTMain::getVar('id');
$credtype = BTMain::getVar('FrmCredType'); $credtype = BTMain::getVar('FrmCredType');
$cred = BTMain::getVar('frmCredential'); $cred = BTMain::getVar('frmCredential');
$clicky = BTMain::getVar('frmClicky'); $clicky = BTMain::getVar('frmClicky');
$group = BTMain::getVar('frmGroup'); $group = BTMain::getVar('frmGroup');
$address = BTMain::getVar('frmAddress'); $address = BTMain::getVar('frmAddress');
$uname = BTMain::getVar('frmUser'); $uname = BTMain::getVar('frmUser');
$group = BTMain::getVar('frmGroup'); $group = BTMain::getVar('frmGroup');
if (!BTMain::getConnTypeSSL()){ if (!BTMain::getConnTypeSSL()){
$crypt = new Crypto; $crypt = new Crypto;
$tlskey = BTMain::getsessVar('tls'); $tlskey = BTMain::getsessVar('tls');
$cred = $crypt->xordstring(base64_decode($cred),$tlskey); $cred = $crypt->xordstring(base64_decode($cred),$tlskey);
$address = $crypt->xordstring(base64_decode($address),$tlskey); $address = $crypt->xordstring(base64_decode($address),$tlskey);
$uname = $crypt->xordstring(base64_decode($uname),$tlskey); $uname = $crypt->xordstring(base64_decode($uname),$tlskey);
} }
   
   
   
if ($id == "NOCHANGE"){ $id = false; } if ($id == "NOCHANGE"){ $id = false; }
if ($cred == "NOCHANGE"){ $cred = false; } if ($cred == "NOCHANGE"){ $cred = false; }
if ($credtype == "NOCHANGE"){ $credtype = false; } if ($credtype == "NOCHANGE"){ $credtype = false; }
if ($clicky == "NOCHANGE"){ $clicky = false; } if ($clicky == "NOCHANGE"){ $clicky = false; }
if ($group == "NOCHANGE"){ $group = false; } if ($group == "NOCHANGE"){ $group = false; }
if ($address == "NOCHANGE"){ $address = false; } if ($address == "NOCHANGE"){ $address = false; }
if ($uname == "NOCHANGE"){ $uname = false; } if ($uname == "NOCHANGE"){ $uname = false; }
   
   
// Add the cred to the db // Add the cred to the db
if ($creds->editCred($id,$credtype,$cred,$clicky,$group,$address,$uname)){ if ($creds->editCred($id,$credtype,$cred,$clicky,$group,$address,$uname)){
// Success // Success
$notifications->setNotification("addCredSuccess"); $notifications->setNotification("addCredSuccess");
  $data->cred->id = $id;
  $data->action = 'edit';
  echo $plg->loadPlugins("Creds",$data)->plgOutput;
   
}else{ }else{
$notifications->setNotification("addCredFail"); $notifications->setNotification("addCredFail");
} }
   
   
   
   
   
} }
   
$cred = $creds->FetchCredential($id); $cred = $creds->FetchCredential($id);
$preselect = $cred->Group; $preselect = $cred->Group;
   
if (!$cred){ if (!$cred){
// Invalid credential // Invalid credential
$notifications->setNotification("NoSuchCustomer"); $notifications->setNotification("NoSuchCustomer");
return; return;
   
} }
   
   
   
   
   
$path = array(array('name'=>Lang::_("Credentials"),'url'=>'#'),array('name'=>'Edit','url'=>'index.php?option=editCred&id='.$id)); $path = array(array('name'=>Lang::_("Credentials"),'url'=>'#'),array('name'=>'Edit','url'=>'index.php?option=editCred&id='.$id));
   
$notifications->setBreadcrumb($path); $notifications->setBreadcrumb($path);
   
   
$credtype = $cred->CredType; $credtype = $cred->CredType;
   
$auth = new AuthDB; $auth = new AuthDB;
$credtypes = $creds->getCredTypes(); $credtypes = $creds->getCredTypes();
   
   
   
   
$cust = BTMain::getVar('cust'); $cust = BTMain::getVar('cust');
$custs = new CustDB; $custs = new CustDB;
$customers = $custs->getAllCustomers(); $customers = $custs->getAllCustomers();
   
$crypt = new Crypto; $crypt = new Crypto;
$crypt->safety = 0; $crypt->safety = 0;
   
   
?> ?>
<h1>Edit <?php echo Lang::_("Credential");?></h1> <h1>Edit <?php echo Lang::_("Credential");?></h1>
   
<i>Leave a field blank to delete the <?php echo Lang::_("Credential");?> element</i> <i>Leave a field blank to delete the <?php echo Lang::_("Credential");?> element</i>
   
<form method="POST" onsubmit="return checkEditCred();"> <form method="POST" onsubmit="return checkEditCred();">
   
<input type="hidden" name="option" value="editCred"> <input type="hidden" name="option" value="editCred">
<input type="hidden" name="editCredSubmitted" value="1"> <input type="hidden" name="editCredSubmitted" value="1">
<input type="hidden" name="frmClicky" id="frmClicky" value="NOCHANGE"> <input type="hidden" name="frmClicky" id="frmClicky" value="NOCHANGE">
<input type="hidden" name="id" value="<?php echo $id; ?>"> <input type="hidden" name="id" value="<?php echo $id; ?>">
   
   
   
<label for='FrmCredType'><?php echo Lang::_("Credential Type");?></label><select id="FrmCredType" name="FrmCredType" readonly='readonly'> <label for='FrmCredType'><?php echo Lang::_("Credential Type");?></label><select id="FrmCredType" name="FrmCredType" readonly='readonly'>
<?php <?php
foreach ($credtypes as $cred){ foreach ($credtypes as $cred){
   
?> ?>
<option value="<?php echo $cred->id;?>" <option value="<?php echo $cred->id;?>"
<?php if ($credtype == $cred->id):?> <?php if ($credtype == $cred->id):?>
selected selected
<?php endif; ?> <?php endif; ?>
><?php echo htmlspecialchars($crypt->decrypt($cred->Name,'CredType'));?></option> ><?php echo htmlspecialchars($crypt->decrypt($cred->Name,'CredType'));?></option>
<?php <?php
   
} }
unset($crypt); unset($crypt);
?> ?>
</select> </select>
   
<label for="frmUser"><?php echo Lang::_("User");?></label><input type="text" name="frmUser" id="frmUser" value="NOCHANGE"> <label for="frmUser"><?php echo Lang::_("User");?></label><input type="text" name="frmUser" id="frmUser" value="NOCHANGE">
   
<label for="frmCredential"><?php echo Lang::_("Password");?></label><textarea id="frmCredential" name="frmCredential">NOCHANGE</textarea> <label for="frmCredential"><?php echo Lang::_("Password");?></label><textarea id="frmCredential" name="frmCredential">NOCHANGE</textarea>
<a href="javascript: genPwd('frmCredential',10);">Generate Password</a> <a href="javascript: genPwd('frmCredential',10);">Generate Password</a>
<label for="frmAddress"><?php echo Lang::_("Address");?></label><input type="text" name="frmAddress" id="frmAddress" value="NOCHANGE"> <label for="frmAddress"><?php echo Lang::_("Address");?></label><input type="text" name="frmAddress" id="frmAddress" value="NOCHANGE">
   
  <?php
   
  // Call any configured plugins
   
  $data->action = 'editfrmnew';
  $data->cred->id = $id;
  echo $plg->loadPlugins("Creds",$data)->plgOutput;
   
  ?>
   
   
<?php include 'lib/includes/groupSelection.php'; ?> <?php include 'lib/includes/groupSelection.php'; ?>
   
<input type="submit" class="btn btn-primary" value="Edit <?php echo Lang::_("Credential");?>"> <input type="submit" class="btn btn-primary" value="Edit <?php echo Lang::_("Credential");?>">
</form> </form>