Commit 9100936b authored by tbrehm's avatar tbrehm

- Modified pages to use a global module aurhentification function

- Changed shell of website linux user to /bin/false
parent ee0e1cc0
......@@ -90,6 +90,16 @@ class auth {
return false;
}
}
public function check_module_permissions($module) {
// Check if the current user has the permissions to access this module
if(!stristr($_SESSION["s"]["user"]["modules"],$module)) {
header("Location: ../index.php");
exit;
}
}
}
?>
\ No newline at end of file
......@@ -39,11 +39,7 @@ $list_def_file = "list/dbsync.list.php";
* End Form configuration
******************************************/
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
$app->auth->check_module_permissions('admin');
include_once($list_def_file);
......
......@@ -39,11 +39,8 @@ $tform_def_file = "form/dbsync.tform.php";
* End Form configuration
******************************************/
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
// Lade Template
$app->uses('tpl,tform');
......
......@@ -39,11 +39,8 @@ $list_def_file = "list/dbsync.list.php";
* End Form configuration
******************************************/
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses('tpl,listform');
......
......@@ -39,11 +39,8 @@ $list_def_file = "list/filesync.list.php";
* End Form configuration
******************************************/
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
include_once($list_def_file);
......
......@@ -39,11 +39,8 @@ $tform_def_file = "form/filesync.tform.php";
* End Form configuration
******************************************/
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
// Lade Template
$app->uses('tpl,tform');
......
......@@ -39,11 +39,8 @@ $list_def_file = "list/filesync.list.php";
* End Form configuration
******************************************/
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses('tpl,listform');
......
......@@ -42,11 +42,8 @@ $tform_def_file = "form/groups.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses("tform_actions");
$app->tform_actions->onDelete();
......
......@@ -41,11 +41,8 @@ $tform_def_file = "form/groups.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
// Loading classes
$app->uses('tpl,tform,tform_actions');
......
......@@ -41,11 +41,8 @@ $list_def_file = "list/groups.list.php";
* End Form configuration
******************************************/
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses('listform_actions');
$app->listform_actions->onLoad();
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking permissions for the module
if(!stristr($_SESSION['s']['user']['modules'],'admin')) {
header('Location: ../index.php');
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking permissions for the module
if(!stristr($_SESSION['s']['user']['modules'],'admin')) {
header('Location: ../index.php');
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking permissions for the module
if(!stristr($_SESSION['s']['user']['modules'],'admin')) {
header('Location: ../index.php');
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking permissions for the module
if(!stristr($_SESSION['s']['user']['modules'],'admin')) {
header('Location: ../index.php');
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking permissions for the module
if(!stristr($_SESSION['s']['user']['modules'],'admin')) {
header('Location: ../index.php');
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
......
......@@ -42,11 +42,8 @@ $tform_def_file = "form/server.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses("tform_actions");
$app->tform_actions->onDelete();
......
......@@ -41,11 +41,8 @@ $tform_def_file = "form/server.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
// Loading classes
$app->uses('tpl,tform,tform_actions');
......
......@@ -42,11 +42,8 @@ $tform_def_file = "form/server_ip.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],'admin')) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses("tform_actions");
$app->tform_actions->onDelete();
......
......@@ -41,11 +41,8 @@ $tform_def_file = "form/server_ip.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],'admin')) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
// Loading classes
$app->uses('tpl,tform,tform_actions');
......
......@@ -41,11 +41,8 @@ $list_def_file = "list/server_ip.list.php";
* End Form configuration
******************************************/
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],'admin')) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses('listform_actions');
$app->listform_actions->onLoad();
......
......@@ -41,11 +41,8 @@ $list_def_file = "list/server.list.php";
* End Form configuration
******************************************/
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses('listform_actions');
$app->listform_actions->onLoad();
......
......@@ -42,11 +42,8 @@ $tform_def_file = "form/users.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses("tform_actions");
$app->tform_actions->onDelete();
......
......@@ -41,11 +41,8 @@ $tform_def_file = "form/users.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
// Loading classes
$app->uses('tpl,tform,tform_actions');
......
......@@ -41,11 +41,8 @@ $list_def_file = "list/users.list.php";
* End Form configuration
******************************************/
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('admin');
$app->uses('listform_actions');
$app->listform_actions->onLoad();
......
......@@ -42,11 +42,8 @@ $tform_def_file = "form/client.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('client');
$app->uses('tpl,tform');
$app->load('tform_actions');
......
......@@ -41,11 +41,8 @@ $tform_def_file = "form/client.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('client');
// Loading classes
$app->uses('tpl,tform,tform_actions');
......
......@@ -12,11 +12,8 @@ $list_def_file = "list/client.list.php";
* End Form configuration
******************************************/
// Checking module permissions
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('client');
$app->uses('listform_actions');
$app->listform_actions->onLoad();
......
......@@ -32,11 +32,8 @@ require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
// Lade Template
$app->uses('tpl');
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking permissions for the module
if(!stristr($_SESSION['s']['user']['modules'],$_SESSION['s']['module']['name'])) {
header('Location: ../index.php');
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
$app->uses('tpl');
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking permissions for the module
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
......
......@@ -32,11 +32,8 @@ require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
// Checke Berechtigungen fr Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
// Lade Template
$app->uses('tpl');
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
//* Check permissions for the module
if(!stristr($_SESSION['s']['user']['modules'],$_SESSION['s']['module']['name'])) {
header('Location: ../index.php');
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
$app->uses('tpl');
......
......@@ -32,11 +32,8 @@ require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
// Lade Template
$app->uses('tpl');
......
......@@ -36,10 +36,7 @@ if($_SESSION['s']['user']['typ'] != 'admin'){
}
//* Check permissions for module
if(!stristr($_SESSION['s']['user']['modules'],$_SESSION['s']['module']['name'])) {
header('Location: ../index.php');
exit;
}
$app->auth->check_module_permissions('designer');
//* Load template
$app->uses('tpl');
......
......@@ -32,11 +32,8 @@ require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
// Lade Template
$app->uses('tpl');
......
......@@ -32,11 +32,8 @@ require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
// Lade Template
$app->uses('tpl');
......
......@@ -32,11 +32,8 @@ require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
// Checke Berechtigungen fr Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
// Lade Template
$app->uses('tpl');
......
......@@ -32,11 +32,8 @@ require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
// Checke Berechtigungen für Modul
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
// Lade Template
$app->uses('tpl');
......
......@@ -30,11 +30,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
// Checking permissions for the module
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
header("Location: ../index.php");
exit;
}
//* Check permissions for module
$app->auth->check_module_permissions('designer');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
......