diff --git a/admin/index.php b/admin/index.php
new file mode 100644
index 00000000000..2331c22f062
--- /dev/null
+++ b/admin/index.php
@@ -0,0 +1,41 @@
+.
+*
+*/
+
+$CONFIG_ERROR='';
+
+require_once('../inc/lib_base.php');
+
+
+OC_UTIL::showheader();
+
+$FIRSTRUN=false;
+
+echo('');
+OC_CONFIG::showadminform();
+echo('
');
+
+
+OC_UTIL::showfooter();
+
+?>
+
diff --git a/admin/index.php~ b/admin/index.php~
new file mode 100644
index 00000000000..8d1c8b69c3f
--- /dev/null
+++ b/admin/index.php~
@@ -0,0 +1 @@
+
diff --git a/inc/lib_base.php b/inc/lib_base.php
index 4f58f946c92..5a70db535db 100755
--- a/inc/lib_base.php
+++ b/inc/lib_base.php
@@ -173,8 +173,9 @@ class OC_UTIL {
}
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('Log | '); else echo('Log | ');
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('Settings | '); else echo('Settings | ');
if(OC_USER::ingroup($_SESSION['username'],'admin')){
- if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('Settings | '); else echo('Settings | ');
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('Admin Panel | '); else echo('Admin Panel | ');
}
echo('Logout | ');
echo('');
diff --git a/inc/lib_config.php b/inc/lib_config.php
index 5fa6b5f7c64..98099cad72a 100755
--- a/inc/lib_config.php
+++ b/inc/lib_config.php
@@ -13,154 +13,230 @@ class OC_CONFIG{
global $CONFIG_DBNAME;
require('templates/configform.php');
}
-
- public static function createuserlisener(){
- if(isset($_POST['new_username']) and isset($_POST['new_password'])){
- if(OC_USER::createuser($_POST['new_username'],$_POST['new_password'])){
- return 'user successfully created';
- }else{
- return 'error while trying to create user';
- }
- }else{
- return false;
- }
- }
-
+
/**
- * lisen for configuration changes and write it to the file
+ * show the configform
*
*/
- public static function writeconfiglisener(){
- global $DOCUMENTROOT;
- global $SERVERROOT;
- global $WEBROOT;
- global $CONFIG_DBHOST;
- global $CONFIG_DBNAME;
- global $CONFIG_DBUSER;
- global $CONFIG_DBPASSWORD;
- global $CONFIG_DBTYPE;
+ public static function showadminform(){
global $CONFIG_ADMINLOGIN;
global $CONFIG_ADMINPASSWORD;
- if(isset($_POST['set_config'])){
+ global $CONFIG_DATADIRECTORY;
+ global $CONFIG_HTTPFORCESSL;
+ global $CONFIG_DATEFORMAT;
+ global $CONFIG_DBNAME;
+ global $CONFIG_INSTALLED;
+ if(OC_USER::ingroup($_SESSION['username'],'admin') or $CONFIG_INSTALLED==false){
+ require('templates/adminform.php');
+ }
+ }
- //checkdata
- $error='';
- $FIRSTRUN=empty($CONFIG_ADMINLOGIN);
- if(!$FIRSTRUN){
- if($_POST['currentpassword']!=$CONFIG_ADMINPASSWORD){
- $error.='wrong password
';
+ public static function createuserlisener(){
+ if(OC_USER::ingroup($_SESSION['username'],'admin')){
+ if(isset($_POST['new_username']) and isset($_POST['new_password'])){
+ if(OC_USER::createuser($_POST['new_username'],$_POST['new_password'])){
+ return 'user successfully created';
+ }else{
+ return 'error while trying to create user';
+ }
+ }else{
+ return false;
}
+ }else{
+ return false;
}
-
- if(!isset($_POST['adminlogin']) or empty($_POST['adminlogin'])) $error.='admin login not set
';
- if((!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])) and $FIRSTRUN) $error.='admin password not set
';
- if((!isset($_POST['adminpassword2']) or empty($_POST['adminpassword2'])) and $FIRSTRUN) $error.='retype admin password not set
';
- if(!isset($_POST['datadirectory']) or empty($_POST['datadirectory'])) $error.='data directory not set
';
- if(!isset($_POST['dateformat']) or empty($_POST['dateformat'])) $error.='dateformat not set
';
- if(!isset($_POST['dbname']) or empty($_POST['dbname'])) $error.='databasename not set
';
- if($_POST['adminpassword']<>$_POST['adminpassword2'] ) $error.='admin passwords are not the same
';
- $dbtype=$_POST['dbtype'];
- if($dbtype=='mysql'){
- if(!isset($_POST['dbhost']) or empty($_POST['dbhost'])) $error.='database host not set
';
- if(!isset($_POST['dbuser']) or empty($_POST['dbuser'])) $error.='database user not set
';
- if($_POST['dbpassword']<>$_POST['dbpassword2'] ) $error.='database passwords are not the same
';
-
- }
- if(!$FIRSTRUN){
- if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])){
- $_POST['adminpassword']=$CONFIG_ADMINPASSWORD;
- }
- if(!isset($_POST['dbpassword']) or empty($_POST['dbpassword'])){
- $_POST['dbpassword']=$CONFIG_DBPASSWORD;
+ }
+
+ public static function creategrouplisener(){
+ if(OC_USER::isLoggedIn()){
+ if(isset($_POST['creategroup']) and $_POST['creategroup']==1){
+ if(OC_USER::creategroup($_POST['groupname'])){
+ if(OC_USER::addtogroup($_SESSION['username'],$_POST['groupname'])){
+ return 'group successfully created';
+ }else{
+ return 'error while trying to add user to the new created group';
+ }
+ }else{
+ return 'error while trying to create group';
+ }
+ }else{
+ return false;
}
+ }else{
+ return false;
}
- if(!is_dir($_POST['datadirectory'])){
- try{
- mkdir($_POST['datadirectory']);
- }catch(Exception $e){
- $error.='error while trying to create data directory
';
+ }
+
+
+ /**
+ * lisen for configuration changes
+ *
+ */
+ public static function configlisener(){
+ if(OC_USER::isLoggedIn()){
+ if(isset($_POST['config']) and $_POST['config']==1){
+ $error='';
+ if(!OC_USER::checkpassword($_SESSION['username'],$_POST['currentpassword'])){
+ $error.='wrong password
';
+ }else{
+ if(isset($_POST['changepass']) and $_POST['changepass']==1){
+ if(!isset($_POST['password']) or empty($_POST['password'])) $error.='password not set
';
+ if(!isset($_POST['password2']) or empty($_POST['password2'])) $error.='retype password not set
';
+ if($_POST['password']<>$_POST['password2'] ) $error.='passwords are not the same
';
+ if(empty($error)){
+ if(!OC_USER::setpassword($_SESSION['username'],$_POST['password'])){
+ $error.='error while trying to set password
';
+ }
+ }
+ }
+ }
+ return $error;
+ }else{
+ return false;
}
+ }else{
+ return false;
}
- if(empty($error)) {
- //create/fill database
- $CONFIG_DBTYPE=$dbtype;
- $CONFIG_DBNAME=$_POST['dbname'];
- if($dbtype=='mysql'){
- $CONFIG_DBHOST=$_POST['dbhost'];
- $CONFIG_DBUSER=$_POST['dbuser'];
- $CONFIG_DBPASSWORD=$_POST['dbpassword'];
- }
- try{
- if(isset($_POST['createdatabase']) and $CONFIG_DBTYPE=='mysql'){
- self::createdatabase($_POST['dbadminuser'],$_POST['dbadminpwd']);
+ }
+
+
+ /**
+ * lisen for admin configuration changes and write it to the file
+ *4bd0be1185e76
+ */
+ public static function writeadminlisener(){
+ global $CONFIG_INSTALLED;
+ if(OC_USER::ingroup($_SESSION['username'],'admin') or $CONFIG_INSTALLED==false){
+ global $DOCUMENTROOT;
+ global $SERVERROOT;
+ global $WEBROOT;
+ global $CONFIG_DBHOST;
+ global $CONFIG_DBNAME;
+ global $CONFIG_DBUSER;
+ global $CONFIG_DBPASSWORD;
+ global $CONFIG_DBTYPE;
+ global $CONFIG_ADMINLOGIN;
+ global $CONFIG_ADMINPASSWORD;
+ if(isset($_POST['set_config'])){
+
+ //checkdata
+ $error='';
+ $FIRSTRUN=empty($CONFIG_ADMINLOGIN);
+ if(!$FIRSTRUN){
+ if($_POST['currentpassword']!=$CONFIG_ADMINPASSWORD){
+ $error.='wrong password
';
+ }
}
- }catch(Exception $e){
- $error.='error while trying to create the database
';
- }
- if($CONFIG_DBTYPE=='sqlite'){
- $f=@fopen($SERVERROOT.'/'.$CONFIG_DBNAME,'a+');
- if(!$f){
- $error.='path of sqlite database not writable by server
';
+
+ if(!isset($_POST['adminlogin']) or empty($_POST['adminlogin'])) $error.='admin login not set
';
+ if((!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])) and $FIRSTRUN) $error.='admin password not set
';
+ if((!isset($_POST['adminpassword2']) or empty($_POST['adminpassword2'])) and $FIRSTRUN) $error.='retype admin password not set
';
+ if(!isset($_POST['datadirectory']) or empty($_POST['datadirectory'])) $error.='data directory not set
';
+ if(!isset($_POST['dateformat']) or empty($_POST['dateformat'])) $error.='dateformat not set
';
+ if(!isset($_POST['dbname']) or empty($_POST['dbname'])) $error.='databasename not set
';
+ if($_POST['adminpassword']<>$_POST['adminpassword2'] ) $error.='admin passwords are not the same
';
+ $dbtype=$_POST['dbtype'];
+ if($dbtype=='mysql'){
+ if(!isset($_POST['dbhost']) or empty($_POST['dbhost'])) $error.='database host not set
';
+ if(!isset($_POST['dbuser']) or empty($_POST['dbuser'])) $error.='database user not set
';
+ if($_POST['dbpassword']<>$_POST['dbpassword2'] ) $error.='database passwords are not the same
';
+
}
- }
- try{
- if(isset($_POST['filldb'])){
- self::filldatabase();
+ if(!$FIRSTRUN){
+ if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])){
+ $_POST['adminpassword']=$CONFIG_ADMINPASSWORD;
+ }
+ if(!isset($_POST['dbpassword']) or empty($_POST['dbpassword'])){
+ $_POST['dbpassword']=$CONFIG_DBPASSWORD;
+ }
}
- }catch(Exception $e){
- $error.='error while trying to fill the database
';
- }
-
- if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){
- $error.='error while trying to create the admin user
';
- }
-
- if(OC_USER::getgroupid('admin')==0){
- if(!OC_USER::creategroup('admin')){
- $error.='error while trying to create the admin group
';
+ if(!is_dir($_POST['datadirectory'])){
+ try{
+ mkdir($_POST['datadirectory']);
+ }catch(Exception $e){
+ $error.='error while trying to create data directory
';
+ }
}
- }
-
- if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){
- $error.='error while trying to add the admin user to the admin group
';
- }
-
- //storedata
- $config=' ';
+ if(empty($error)) {
+ //create/fill database
+ $CONFIG_DBTYPE=$dbtype;
+ $CONFIG_DBNAME=$_POST['dbname'];
+ if($dbtype=='mysql'){
+ $CONFIG_DBHOST=$_POST['dbhost'];
+ $CONFIG_DBUSER=$_POST['dbuser'];
+ $CONFIG_DBPASSWORD=$_POST['dbpassword'];
+ }
+ try{
+ if(isset($_POST['createdatabase']) and $CONFIG_DBTYPE=='mysql'){
+ self::createdatabase($_POST['dbadminuser'],$_POST['dbadminpwd']);
+ }
+ }catch(Exception $e){
+ $error.='error while trying to create the database
';
+ }
+ if($CONFIG_DBTYPE=='sqlite'){
+ $f=@fopen($SERVERROOT.'/'.$CONFIG_DBNAME,'a+');
+ if(!$f){
+ $error.='path of sqlite database not writable by server
';
+ }
+ }
+ try{
+ if(isset($_POST['filldb'])){
+ self::filldatabase();
+ }
+ }catch(Exception $e){
+ $error.='error while trying to fill the database
';
+ }
+
+ if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){
+ $error.='error while trying to create the admin user
';
+ }
+
+ if(OC_USER::getgroupid('admin')==0){
+ if(!OC_USER::creategroup('admin')){
+ $error.='error while trying to create the admin group
';
+ }
+ }
+
+ if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){
+ $error.='error while trying to add the admin user to the admin group
';
+ }
+
+ //storedata
+ $config=' ';
+
+ $filename=$SERVERROOT.'/config/config.php';
+ if(empty($error)){
+ header("Location: ".$WEBROOT."/");
+ try{
+ file_put_contents($filename,$config);
+ }catch(Exception $e){
+ $error.='error while trying to save the configuration file
';
+ return $error;
+ }
+ }else{
+ return $error;
+ }
- $filename=$SERVERROOT.'/config/config.php';
- if(empty($error)){
- header("Location: ".$WEBROOT."/");
- try{
- file_put_contents($filename,$config);
- }catch(Exception $e){
- $error.='error while trying to save the configuration file
';
- return $error;
}
- }else{
- return $error;
- }
+ return($error);
+ }
}
- return($error);
-
- }
-
- }
+ }
/**
* Fills the database with the initial tables
diff --git a/inc/lib_user.php b/inc/lib_user.php
index e7855b5b7b3..30dbdcd2fec 100644
--- a/inc/lib_user.php
+++ b/inc/lib_user.php
@@ -152,6 +152,21 @@ class OC_USER {
}
}
+ /**
+ * get the name of a group
+ *
+ */
+ public static function getgroupname($groupid){
+ $groupid=(integer)$groupid;
+ $query="SELECT group_name FROM `groups` WHERE `group_id` = '$groupid' LIMIT 1";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['group_name'])){
+ return $result[0]['group_name'];
+ }else{
+ return 0;
+ }
+ }
+
/**
* check if a user belongs to a group
*
@@ -195,6 +210,58 @@ class OC_USER {
public static function generatepassword(){
return uniqid();
}
+
+ /**
+ * get all groups the user belongs to
+ *
+ */
+ public static function getusergroups($username){
+ $userid=OC_USER::getuserid($username);
+ $query="SELECT group_id FROM `user_group` WHERE `user_id` = '$userid'";
+ $result=OC_DB::select($query);
+ $groups=array();
+ if(is_array($result)){
+ foreach($result as $group){
+ $groupid=$group['group_id'];
+ $groups[]=OC_USER::getgroupname($groupid);
+ }
+ }
+ return $groups;
+ }
+
+ /**
+ * set the password of a user
+ *
+ */
+ public static function setpassword($username,$password){
+ $password=sha1($password);
+ $userid=OC_USER::getuserid($username);
+ $query="UPDATE `users` SET `user_password` = '$password' WHERE `user_id` =$userid LIMIT 1 ;";
+ $result=OC_DB::query($query);
+ if($result){
+ return true;
+ }else{
+ return false;
+ }
+ }
+
+ /**
+ * check the password of a user
+ *
+ */
+ public static function checkpassword($username,$password){
+ $password=sha1($password);
+ $usernameclean=strtolower($username);
+ $username=mysql_escape_string($username);
+ $usernameclean=mysql_escape_string($usernameclean);
+ $query="SELECT user_id FROM `users` WHERE `user_name_clean` = '$usernameclean' AND `user_password` = '$password' LIMIT 1";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){
+ return true;
+ }else{
+ return false;
+ }
+ }
}
?>
\ No newline at end of file
diff --git a/inc/templates/adminform.php b/inc/templates/adminform.php
new file mode 100644
index 00000000000..38d2b14a57e
--- /dev/null
+++ b/inc/templates/adminform.php
@@ -0,0 +1,106 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/inc/templates/configform.php b/inc/templates/configform.php
index ba946fc67b0..037249a84a2 100755
--- a/inc/templates/configform.php
+++ b/inc/templates/configform.php
@@ -7,92 +7,45 @@ if(!isset($CONFIG_DBUSER)) $CONFIG_DBUSER='owncloud';
$newuserpassword=OC_USER::generatepassword();
?>
+Groups:
+
-
-
-
\ No newline at end of file
diff --git a/inc/templates/header.php b/inc/templates/header.php
index 46c64bfd645..51e729cb8e1 100755
--- a/inc/templates/header.php
+++ b/inc/templates/header.php
@@ -32,9 +32,15 @@ echo(''.$error.'
');
echo('First Run Wizard
');
- OC_CONFIG::showconfigform();
+ OC_CONFIG::showadminform();
echo('');
OC_UTIL::showfooter();
exit();