SVN Admin

$name\n"; $pre = "

"; while( list( $var, $val ) = each( $vars ) ) { echo "$pre$var = <$val>\n"; $pre = "
"; } echo "

\n\n"; //echo "

\n"; } function check_referer( $cmd ) { $refurl = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"]; $script = ereg_replace( "^.*/", "", $_SERVER["SCRIPT_NAME"] ); $referer = ereg_replace( "[?].*$", "", $_SERVER["HTTP_REFERER"] ); $referers = ereg_replace( "/$", "", $referer ) . "/" . $script; if( $referer != $refurl && $referers != $refurl ) { $cmd = ""; } return $cmd; } function print_select( $name, $options, $default ) { echo ""; } $colors = array("#FFFFFF", "#FFCCCC", "#FFFFFF", "#CCFFCC", "#FFFFFF", "#CCCCFF", "#FFFFFF", "#FFCCCC", "#FFFFFF", "#CCFFCC", "#FFFFFF", "#CCCCFF" ); function next_color( &$showheader ) { global $colors; if( !($col = next( $colors )) ) { reset( $colors ); $col = current( $colors ); $showheader = 1; } else { $showheader = 0; } return $col; } //============================================================================== // user functions function user_save( $logname, $username, $password ) { $error = ""; if( $logname != "admin" ) { if( $logname != $username ) { $error = "permission denied"; } } if( $error == "" ) { if( !ereg( "^[a-zA-z][a-zA-z0-9-]*$", $username ) ) { $error = "illegal username"; } } if( $error == "" ) { if( strlen( $password ) < 2 ) { $error = "illegal password"; } else if( ereg( "[']", $password ) ) { $error = "illegal character ' in password"; } } if( $error == "" ) { //echo "setting password '$password' for '$username'"; $cmdline = $GLOBALS["HTPASSWD"] . " -b " . $GLOBALS["USER_FILE"] . " '$username' '$password'"; //echo "

cmdline = <$cmdline>

\n"; system( $cmdline, $retcode ); if( $retcode != 0 ) { $error = "problem with htpasswd"; } } if( $error != "" ) { echo "

" . "error setting password for $username: $error" . "

\n"; } return "user"; } function user_chpw( $username ) { ?>

Change Password for ''

Add New User

Error opening users file"; } return $users; } function user_show( $logname ) { $pre = "

"; $users = user_getnames(); $n = count( $users ); $i = 0; while( $i < $n ) { $user = $users[$i]; if( $logname == "admin" || $logname == $user ) { echo "$pre$user\n"; } else { echo "$pre$user\n"; } $pre = "
"; $i++; } if( $logname == "admin" ) { echo "$pre
add new user\n"; } echo "

\n\n"; } //============================================================================== // group functions function group_readgroupsfile() { $groups = array(); $dirgrps = array(); $grpdirs = array(); $fp = @fopen( $GLOBALS["AUTHZ_FILE"], "r" ); if( $fp ) { $groupindex = 0; $secttype = ""; while( $line = fgets( $fp ) ) { // $line = trim($line); $line = ereg_replace( "[\t ]*", "", trim( $line ) ); if( substr( $line, 0, 1 ) == "[" ) { if( $line == "[groups]" ) { $secttype = "group"; } else { $origdir = substr( $line, 1, strlen($line)-2 ); $dir = ereg_replace( "^/(trunk|branches|tags)/", "", $origdir ); $dirprefix = substr( $origdir, 0, strlen($origdir)-strlen($dir) ); if( isset( $dirgrps[$dir] ) ) { $secttype = ""; } else { if( $dirprefix != "/trunk/" ) { $dir = $origdir; } $secttype = "dir"; $dirgrps[$dir] = array(); } } } else if( substr( $line, 0, 1 ) != "#" && $line != "" ) { if( $secttype == "group" ) { $groupname = ereg_replace( "=.*$", "", $line ); $userlist = ereg_replace( "^.*=", "", $line ); $groups[$groupname] = split( ",", $userlist ); } else if( $secttype == "dir" ) { $group = ereg_replace( "=.*$", "", $line ); $access = ereg_replace( "^.*=", "", $line ); if( $access == "" ) { $access = "NA"; } $group = ereg_replace( "^@", "", $group ); $grp = array(); if( isset( $grpdirs[$group] ) ) { $grp = $grpdirs[$group]; } $grp[$dir] = $access; $grpdirs[$group] = $grp; $d = $dirgrps[$dir]; $d[$group] = $access; $dirgrps[$dir] = $d; } } } fclose( $fp ); ksort( $groups ); } else { echo "

Error opening groups file

"; } return array( $groups, $grpdirs, $dirgrps ); } function group_makecbname( $groupname, $username ) { return "CB_" . $groupname . "_" . $username; } function group_getresponse( &$groups, $users ) { $newgroups = array(); $un = count( $users ); while( list( $groupname, $userlist ) = each( $groups ) ) { if( isset( $GLOBALS["_POST"]["keep_".$groupname] ) ) { $userlist = array(); $i = 0; while( $i < $un ) { $cbname = group_makecbname( $groupname, $users[$i] ); if( isset( $GLOBALS["_POST"][$cbname] ) ) { $userlist[] = $users[$i]; } $i++; } $newgroups[$groupname] = $userlist; } } $groupname = $GLOBALS["_POST"]["newname"]; if( $groupname != "" ) { if( ereg( "^[a-zA-z][a-zA-z0-9-]*$", $groupname ) ) { $userlist = array(); $i = 0; while( $i < $un ) { $cbname = group_makecbname( "newgrp", $users[$i] ); if( isset( $GLOBALS["_POST"][$cbname] ) ) { $userlist[] = $users[$i]; } $i++; } $newgroups[$groupname] = $userlist; } else { echo "

" . "illegal group name '$groupname'" . "

\n"; } } $groups = $newgroups; } function dir_getresponse( &$dirgrps, $groups ) { $newdirgrps = array(); $groupnames = array( "*" ); while( list( $groupname, $tmp ) = each( $groups ) ) { $groupnames[] = $groupname; } $gn = count( $groupnames ); $i = 1; while( isset( $GLOBALS["_POST"]["g_".$i] ) ) { $grpnrs[$GLOBALS["_POST"]["g_".$i]] = $i; $i++; } $i = 1000; while( isset( $GLOBALS["_POST"]["d_".$i] ) ) { $dirnrs[$GLOBALS["_POST"]["d_".$i]] = $i; $i = $i + 1000; } while( list( $dir, $groups ) = each( $dirgrps ) ) { $dirnr = $dirnrs[$dir]; if( isset( $GLOBALS["_POST"]["keep_".$dirnr] ) || $dir == "/" ) { $groups = array(); $i = 0; while( $i < $gn ) { /* $selname = dir_makeselname( $dir, $groupnames[$i] ); */ $grpnr = $grpnrs[$groupnames[$i]]; $selname = "sel_" . ($dirnr + $grpnr); $access = $GLOBALS["_POST"][$selname]; if( $access == "r" || $access == "rw" || $access == "NA" ) { $groups[$groupnames[$i]] = $access; } $i++; } $newdirgrps[$dir] = $groups; } } $dir = $GLOBALS["_POST"]["newname"]; if( $dir != "" ) { $dirnames = split( "/", $dir ); $dirok = 1; $i = count( $dirnames ); while( $i > 0 ) { $i--; if( !ereg( "^[a-zA-z][a-zA-z0-9._-]*$", $dirnames[$i] ) ) { if( $i > 0 || $dirnames[$i] != "" ) { $dirok = 0; } } } if( $dirok == 1 ) { $groups = array(); $i = 0; while( $i < $gn ) { /* $selname = dir_makeselname( "newdir", $groupnames[$i] ); */ $selname = "sel_newdir_" . $grpnrs[$groupnames[$i]]; $access = $GLOBALS["_POST"][$selname]; if( $access == "r" || $access == "rw" || $access == "NA" ) { $groups[$groupnames[$i]] = $access; } $i++; } $newdirgrps[$dir] = $groups; } else { echo "

" . "illegal directory name '$dir'" . "

\n"; } } $dirgrps = $newdirgrps; } function group_save( $cmd, $logname ) { $error = ""; $retcmd = ""; $isadmin = 0; if( $logname == "admin" ) { $users = user_getnames(); list( $groups, $grpdirs, $dirgrps ) = group_readgroupsfile(); switch( $cmd ) { case "group-save": group_getresponse( $groups, $users ); $retcmd = "group"; break; case "dir-save": dir_getresponse( $dirgrps, $groups ); $retcmd = "dir"; break; default: $error = "unknown command"; break; } $authzfile = $GLOBALS["AUTHZ_FILE"]; $newfile = $authzfile . ".new"; $tempfile = tempnam( $GLOBALS["AUTH_DIR"], "tmpgrp" ); if( $error == "" ) { $fp = fopen( $tempfile, "w" ); } else { $fp = false; } if( $fp ) { fwrite( $fp, "\n[groups]\n" ); while( list( $groupname, $userlist ) = each( $groups ) ) { $line = "$groupname ="; $pfx = " "; $i = 0; $un = count( $userlist ); while( $i < $un ) { $line .= $pfx . $userlist[$i]; $pfx = ", "; $i++; } fwrite( $fp, $line . "\n" ); } fwrite( $fp, "\n\n" ); while( list( $dir, $grp ) = each( $dirgrps ) ) { $accessline = ""; while( list( $group, $access ) = each( $grp ) ) { if( $group != "*" ) { $group = "@" . $group; } if( $access == "NA" ) { $access = ""; } $accessline .= "$group = $access\n"; } if( substr( $dir, 0, 1 ) == "/" ) { fwrite( $fp, "[$dir]\n$accessline\n\n" ); } else { fwrite( $fp, "[/trunk/$dir]\n$accessline\n" ); fwrite( $fp, "[/branches/$dir]\n$accessline\n" ); fwrite( $fp, "[/tags/$dir]\n$accessline\n\n" ); } } fclose( $fp ); if( rename( $tempfile, $newfile ) ) { /* */ if( !unlink( $authzfile ) ) { $error = "deleting group file failed"; } else if( !rename( $newfile, $authzfile ) ) { $error = "renaming group file failed"; } /* */ } else { unlink( $tempfile ); $error = "access conflict"; } } } else { $error = "permission denied"; } if( $error != "" ) { echo "

" . "error setting groups: $error" . "

\n"; } return $retcmd; } function group_show( $logname ) { $isadmin = 0; if( $logname == "admin" ) { $isadmin = 1; } $users = user_getnames(); // $groups = group_readgroups(); list( $groups, $grpdirs, $dirgrps ) = group_readgroupsfile(); $un = count( $users ); if( $isadmin ) { echo "

\n"; } echo "\n"; $headerline = "\n"; $headerline .= "\n"; $i = 0; while( $i < $un ) { $headerline .= "\n"; $i++; } $headerline .= "\n"; $headerline .= "\n"; echo $headerline; reset( $groups ); while( list( $groupname, $userlist ) = each( $groups ) ) { $col = next_color( $showheader ); if( $showheader == 1 ) { echo $headerline; } echo "\n"; echo "\n"; $i = 0; while( $i < $un ) { $groupmembers[$users[$i]] = " "; $j = count( $userlist ); $ismember = " "; while( $j > 0 ) { $j--; if( $userlist[$j] == $users[$i] ) { $ismember = "X"; break; } } if( !$isadmin ) { echo "\n"; } else { $cbname = group_makecbname( $groupname, $users[$i] ); if( $ismember == "X" ) { $checked = " checked=\"\""; } else { $checked = ""; } echo "\n"; } $i++; } echo "\n"; echo "\n"; } if( $isadmin ) { $groupname = "newgrp"; $col = next_color( $showheader ); echo "\n"; echo "\n"; $i = 0; while( $i < $un ) { $cbname = group_makecbname( "newgrp", $users[$i] ); echo "\n"; $i++; } echo "\n"; echo "\n"; } $groupname = "*"; $col = next_color( $showheader ); echo "\n"; echo "\n"; $i = 0; while( $i < $un ) { echo "\n"; $i++; } echo "\n"; echo "\n"; echo "

Group	" . $users[$i] . "	Directories
$groupname	$ismember	$ismember	"; if( isset( $grpdirs[$groupname] ) ) { $gdirs = $grpdirs[$groupname]; ksort( $gdirs ); $pfx = " "; while( list( $dir, $access ) = each( $gdirs ) ) { echo "$pfx$access $dir"; $pfx = " "; } echo " "; } else { echo " "; } echo "

$groupname		"; if( isset( $grpdirs[$groupname] ) ) { $gdirs = $grpdirs[$groupname]; ksort( $gdirs ); $pfx = " "; while( list( $dir, $access ) = each( $gdirs ) ) { echo "$pfx$access $dir"; $pfx = " "; } echo " "; } else { echo " "; } echo "

\n"; if( $isadmin ) { echo "

\n"; echo "

\n"; } } //============================================================================== // directories function dir_makeselname( $dir, $groupname ) { return "sel_" . $dir . "_" . $groupname; } function dir_show( $logname ) { if( $logname != "admin" ) { return; } list( $groups, $grpdirs, $dirgrps ) = group_readgroupsfile(); echo "

\n"; echo "\n"; $headerline = "\n"; $headerline .= "\n"; $headerline .= "\n"; $groupnames = array( "*" ); while( list( $groupname, $tmp ) = each( $groups ) ) { $groupnames[] = $groupname; $headerline .= "\n"; } $gn = count( $groupnames ); $headerline .= "\n"; echo $headerline; ksort( $dirgrps ); $options = array( "-", "r", "rw", "NA" ); $i = 0; $dirnr = 0; while( list( $dir, $grplist ) = each( $dirgrps ) ) { $dirnr = $dirnr + 1000; $col = next_color( $showheader ); if( $showheader == 1 ) { echo $headerline; } echo "\n"; echo "\n"; $i = 0; while( $i < $gn ) { $grpnr = $i + 1; $groupname = $groupnames[$i]; $access = "-"; if( isset( $grplist[$groupname] ) ) { $access = $grplist[$groupname]; if( $access == "" ) { $access = "-"; } } echo "\n"; $i++; } echo "\n"; } $col = next_color( $showheader ); echo "\n"; echo "\n"; $i = 0; while( $i < $gn ) { $groupname = $groupnames[$i]; echo "\n"; $i++; } echo "\n"; echo "

Directory	*	$groupname
$dir" . "" . "	"; if( $dirnr == 1000 ) { echo ""; } /* $selname = dir_makeselname( $dir, $groupname ); */ $selname = "sel_" . ($dirnr + $grpnr); print_select( $selname, $options, $access ); echo " $access
	"; $selname = "sel_newdir_" . ($i + 1); print_select( $selname, $options, "-" ); echo "

\n"; echo "

\n"; } //============================================================================== // main code $cmd = check_referer( $_GET["cmd"] ); $logname = $_SERVER["PHP_AUTH_USER"]; $backurl = "."; switch( $cmd ) { case "user-save": $cmd = user_save( $logname, $_POST["username"], $_POST["password"] ); //$cmd = "showvars"; break; case "group-save": $cmd = group_save( $cmd, $logname ); //$cmd = "showvars"; break; case "dir-save": //showvars( "_POST", $_POST ); $cmd = group_save( $cmd, $logname ); //$cmd = "showvars"; break; default: break; } switch( $cmd ) { case "user": user_show( $logname ); break; case "user-add": user_add(); break; case "user-chpw": user_chpw( $_GET["username"] ); break; case "group": group_show( $logname ); break; case "dir": dir_show( $logname ); break; case "showvars": showvars( "GLOBALS", $GLOBALS ); showvars( "_GET", $_GET ); showvars( "_POST", $_POST ); showvars( "_COOKIE", $_COOKIE ); showvars( "_SERVER", $_SERVER ); showvars( "_ENV", $_ENV ); showvars( "_FILES", $_FILES ); showvars( "_REQUEST", $_REQUEST ); break; default: echo "

Users
Groups
Directories
Showvars

\n"; $backurl = ".."; break; } echo "

back

\n"; ?>

Password
again

Username
Password
again