Temat: php - manager użytkowników
znów mi sie nudziło i znow napisalem skrypcik
jest to manager kont systemowych
pozwala edytować wszystkie parametry kont, usuwać konta i tworzyć nowe.
jeżeli istnieje katalog '/etc/vsftpd_users'(lub inny - do skonfigurowania na początku skryptu), to zostanie włączony edytor kont ftp. mozna je tworzyć, usuwać i zmieniać uprawnienia.
logowanie przy użyciu hasła roota
roota nie można edytować (jak chcecie wersje bez tego zabezpieczenia, to pisać )
utworzenie konta spowoduje dodanie do /etc/passwd mniej wiecej takiego rekordu:
1294011240:*:3000:3000:1294011240:/mnt:/bin/ash
"login" i "real_name" sa domyślnie takie same i w formulażu pojawia sie aktualny time() (mozna zmienić przy tworzeniu, lub potem)
uid i gid bedzie ustawiony na 3000 lub pierwszy wolny po 3000
hasło trzeba sobie ustawić potem z tabelki. 'x' i '*' nie beda hashowane
update: dodałem przenoszenie kont ftp na nową nazwe w przypadku zmiany loginu i wyświetlanie informacji o braku hasła ('*' lub 'x' w formulażu). oprucz tego domyślny shell to '/bin/false' - brak dostępu do shella
<?php
$GLOBALS['ftp_user_dir'] = '/etc/vsftpd_users/'; // katalog z plikami uprawnień użytkowników vsftpd
function get_users() {
//ustawia dla każdego nie pustego rekordu tablice
//$GLOBALS['get_users']['user'][lp]
//(
//'name' => login
//'hash' => hash hasła
//'uid' => nr użytkownika
//'gid' => numer grupy
//'rname' => prawdziwa nazwa
//'home' => katalog domowy
//'shell' => shell
//'rnumber' => numer linii
//)
//$GLOBALS['get_users']['roothash'] = hash roota (np do autentyfikacji)
//$GLOBALS['get_users']['uid'][nr uzytkownika] = 'jest' (dla każdego)
//$GLOBALS['get_users']['login'][login uzytkownika] = 'jest' (dla każdego)
$passwd = file_get_contents('/etc/passwd');
$passwd = explode("\n", $passwd);
$i = 0;
$ii = 0;
while(isset($passwd[$i])) {
if($passwd[$i] != '') {
$tmp = explode(':', $passwd[$i]);
$GLOBALS['get_users']['user'][$ii] = array('name' => $tmp[0], 'hash' => $tmp[1], 'uid' => $tmp[2], 'gid' => $tmp[3], 'rname' => $tmp[4], 'home' => $tmp[5], 'shell' => $tmp[6], 'rnumber' => $i);
$GLOBALS['get_users']['uid'][$tmp[2]] = 'jest';
$GLOBALS['get_users']['login'][$tmp[0]] = 'jest';
if($tmp[2] == 0) {
$GLOBALS['get_users']['roothash'] = $tmp[1];
}
$ii++;
}
$i++;
}
}
function add_sys_user($login, $pass='*', $home='/mnt', $shell='/bin/false', $uid='3000', $gid='*', $name='*') {
if(isset($GLOBALS['get_users']['login'][$login])) {
return FALSE;
}else{
if($name === '*') {
$name = $login;
}
if(isset($GLOBALS['get_users']['uid'][$uid])) {
while(isset($GLOBALS['get_users']['uid'][$uid])) {
$uid++;
}
}
if($gid === '*') {
$gid = $uid;
}
if($pass != '*') {
$pass = crypt($pass);
}
$i = 0;
while(isset($GLOBALS['get_users']['user'][$i])) {
$data .= $GLOBALS['get_users']['user'][$i]['name'] .':'. $GLOBALS['get_users']['user'][$i]['hash'] .':'. $GLOBALS['get_users']['user'][$i]['uid'] .':'. $GLOBALS['get_users']['user'][$i]['gid'] .':'. $GLOBALS['get_users']['user'][$i]['rname'] .':'. $GLOBALS['get_users']['user'][$i]['home'] .':'. $GLOBALS['get_users']['user'][$i]['shell'] . "\n";
$i++;
}
$GLOBALS['get_users']['user'][$i] = array('name' => $login, 'hash' => $pass, 'uid' => $uid, 'gid' => $gid, 'rname' => $name, 'home' => $home, 'shell' => $shell);
$record = $login .':'. $pass .':'. $uid .':'. $gid .':'. $name .':'. $home .':'. $shell;
$data = $data . $record;
if(file_put_contents('/etc/passwd', $data)) {
return TRUE;
}else{
return FALSE;
}
}
}
function del_sys_user($by, $id) {
if($by === 'login') {
if($by != 'root') {
$i = 0;
while(isset($GLOBALS['get_users']['user'][$i])) {
if($GLOBALS['get_users']['user'][$i]['name'] != $id) {
$data .= $GLOBALS['get_users']['user'][$i]['name'] .':'. $GLOBALS['get_users']['user'][$i]['hash'] .':'. $GLOBALS['get_users']['user'][$i]['uid'] .':'. $GLOBALS['get_users']['user'][$i]['gid'] .':'. $GLOBALS['get_users']['user'][$i]['rname'] .':'. $GLOBALS['get_users']['user'][$i]['home'] .':'. $GLOBALS['get_users']['user'][$i]['shell'] . "\n";
}
$i++;
}
file_put_contents('/etc/passwd', $data);
}
}
if($by === 'uid') {
if($by != '0') {
$i = 0;
while(isset($GLOBALS['get_users']['user'][$i])) {
if($GLOBALS['get_users']['user'][$i]['uid'] != $id) {
$data .= $GLOBALS['get_users']['user'][$i]['name'] .':'. $GLOBALS['get_users']['user'][$i]['hash'] .':'. $GLOBALS['get_users']['user'][$i]['uid'] .':'. $GLOBALS['get_users']['user'][$i]['gid'] .':'. $GLOBALS['get_users']['user'][$i]['rname'] .':'. $GLOBALS['get_users']['user'][$i]['home'] .':'. $GLOBALS['get_users']['user'][$i]['shell'] . "\n";
}
$i++;
}
file_put_contents('/etc/passwd', $data);
}
}
}
$GLOBALS['auth'] = FALSE;
get_users();
if(isset($_COOKIE['root_pass'])) {
if($_COOKIE['root_pass'] === $GLOBALS['get_users']['roothash']) {
$GLOBALS['auth'] = TRUE;
}
}else{
if(isset($_POST['root_pass'])) {
if(crypt($_POST['root_pass'], $GLOBALS['get_users']['roothash']) === $GLOBALS['get_users']['roothash']) {
setcookie("root_pass",$GLOBALS['get_users']['roothash'] , time() + 43200, "/"); //12 h
$GLOBALS['auth'] = TRUE;
}
}
}
if(isset($_GET['logout'])) {
setcookie("root_pass", "", time() - 86400, "/"); //-24 h
$GLOBALS['auth'] = FALSE;
}
///////////////////////////////HTML headers//////////////////////////////////////////
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' . "\n";
echo '<html xmlns="http://www.w3.org/1999/xhtml">' . "\n";
echo '<head>' . "\n";
echo '<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2" />' . "\n";
echo '<title>pUMS - php User Management System</title>' . "\n";
echo '<style type="text/css">' . "\n";
echo '<!--' . "\n";
echo '.guzik {' . "\n";
echo ' color:#000000;' . "\n";
echo ' font: bold 84% \'trebuchet ms\',helvetica,sans-serif;' . "\n";
echo ' background-color:#8BB381;' . "\n";
echo ' border: 1px solid;' . "\n";
echo ' border-color: #696 #363 #363 #696;' . "\n";
echo '}' . "\n";
echo "\n";
echo '.ftp {' . "\n";
echo ' color:#050;' . "\n";
echo ' font: bold 84% \'trebuchet ms\',helvetica,sans-serif;' . "\n";
echo ' background-color:#fed;' . "\n";
echo ' border: 1px solid;' . "\n";
echo ' border-color: #696 #363 #363 #696;' . "\n";
echo '}' . "\n";
echo '-->' . "\n";
echo '</style>' . "\n";
echo '</head>' . "\n";
echo '<body>' . "\n";
/////////////////////////end HTML headers///////////////////////////////////////////
if($GLOBALS['auth']) {
//jeżeli autoryzacja OK
if(isset($_POST['save'])) {
if($GLOBALS['get_users']['user'][$_POST['i']]['name'] != stripslashes($_POST['name'])) {
$plik = $GLOBALS['ftp_user_dir'] . $GLOBALS['get_users']['user'][$_POST['i']]['name'];
if(file_exists($plik)) {
$new_file = $GLOBALS['ftp_user_dir'] . stripslashes($_POST['name']);
rename($plik, $new_file);
}
}
$GLOBALS['get_users']['user'][$_POST['i']]['name'] = stripslashes($_POST['name']);
$GLOBALS['get_users']['user'][$_POST['i']]['uid'] = stripslashes($_POST['uid']);
$GLOBALS['get_users']['user'][$_POST['i']]['gid'] = stripslashes($_POST['gid']);
$GLOBALS['get_users']['user'][$_POST['i']]['rname'] = stripslashes($_POST['rname']);
$GLOBALS['get_users']['user'][$_POST['i']]['home'] = stripslashes($_POST['home']);
$GLOBALS['get_users']['user'][$_POST['i']]['shell'] = stripslashes($_POST['shell']);
$i = 0;
while(isset($GLOBALS['get_users']['user'][$i])) {
$data .= $GLOBALS['get_users']['user'][$i]['name'] .':'. $GLOBALS['get_users']['user'][$i]['hash'] .':'. $GLOBALS['get_users']['user'][$i]['uid'] .':'. $GLOBALS['get_users']['user'][$i]['gid'] .':'. $GLOBALS['get_users']['user'][$i]['rname'] .':'. $GLOBALS['get_users']['user'][$i]['home'] .':'. $GLOBALS['get_users']['user'][$i]['shell'] . "\n";
$i++;
}
file_put_contents('/etc/passwd', $data);
unset($GLOBALS['get_users']);
get_users();
}
if(isset($_POST['chpass'])) {
if($_POST['new_pass'] != '') {
if($_POST['new_pass'] === '*') {
$new_pass = '*';
}else{
if($_POST['new_pass'] === 'x') {
$new_pass = 'x';
}else{
$new_pass = crypt(stripslashes($_POST['new_pass']));
}
}
$GLOBALS['get_users']['user'][$_POST['i']]['hash'] = $new_pass;
$i = 0;
while(isset($GLOBALS['get_users']['user'][$i])) {
$data .= $GLOBALS['get_users']['user'][$i]['name'] .':'. $GLOBALS['get_users']['user'][$i]['hash'] .':'. $GLOBALS['get_users']['user'][$i]['uid'] .':'. $GLOBALS['get_users']['user'][$i]['gid'] .':'. $GLOBALS['get_users']['user'][$i]['rname'] .':'. $GLOBALS['get_users']['user'][$i]['home'] .':'. $GLOBALS['get_users']['user'][$i]['shell'] . "\n";
$i++;
}
file_put_contents('/etc/passwd', $data);
}
}
if(isset($_POST['newuser'])) {
if($_POST['new_user'] != '') {
//dodaj użytkownika
add_sys_user($_POST['new_user']);
unset($GLOBALS['get_users']);
get_users();
}
}
if(isset($_POST['del'])) {
//usuwanie użytkownika
del_sys_user('uid', $_POST['uid']);
unset($GLOBALS['get_users']);
$plik = $GLOBALS['ftp_user_dir'] . $_POST['name'];
if(file_exists($plik)) {
unlink($plik);
}
get_users();
}
if(isset($_POST['ftp_make'])) {
//tworzenie użytkownika FTP
$komenda = 'touch ' . $GLOBALS['ftp_user_dir'] . $_POST['name'];
shell_exec($komenda);
}
if(isset($_POST['ftp_del'])) {
//usuwanie użytkownika FTP
$plik = $GLOBALS['ftp_user_dir'] . $_POST['name'];
unlink($plik);
}
if(isset($_POST['ftp_mod'])) {
//modyfikacja uprawnień użytkownika FTP
$plik = $GLOBALS['ftp_user_dir'] . $_POST['name'];
if(isset($_POST['ftp_list'])) {
$data = 'dirlist_enable=yes' . "\n";
}else{
$data = 'dirlist_enable=no' . "\n";
}
if(isset($_POST['ftp_download'])) {
$data .= 'download_enable=yes' . "\n";
}else{
$data .= 'download_enable=no' . "\n";
}
if(isset($_POST['ftp_write'])) {
$data .= 'write_enable=yes' . "\n";
}else{
$data .= 'write_enable=no' . "\n";
}
file_put_contents($plik, $data);
}
echo '<form action="' .$_SERVER['PHP_SELF']. '" method="get"><input name="logout" type="submit" value="--- wyloguj ---" class="guzik" /></form>' ."\n";
echo '<table border="0">' . "\n";
echo '<tr><td>login</td><td>UID</td><td>GID</td><td>info</td><td>home</td><td>shell</td><td align="center"></td></tr>' . "\n";
$i = 0;
while(isset($GLOBALS['get_users']['user'][$i])) {
if($GLOBALS['get_users']['user'][$i]['uid'] === '0') {
//wiersz dla roota
echo '<tr><td>' . $GLOBALS['get_users']['user'][$i]['name'] . '</td><td>' . $GLOBALS['get_users']['user'][$i]['uid'] . '</td><td>' . $GLOBALS['get_users']['user'][$i]['gid'] . '</td><td>' . $GLOBALS['get_users']['user'][$i]['rname'] . '</td><td>' . $GLOBALS['get_users']['user'][$i]['home'] . '</td><td>' . $GLOBALS['get_users']['user'][$i]['shell'] . '</td></tr>' . "\n";
}else{
//wiersz dla nie-roota
echo '<tr><form action="' . $_SERVER['PHP_SELF'] . '" method="post">';
echo '<td><input name="name" type="text" value="' . $GLOBALS['get_users']['user'][$i]['name'] . '" size="8" /></td>';
echo '<td><input name="uid" type="text" value="' . $GLOBALS['get_users']['user'][$i]['uid'] . '" size="2" /></td>';
echo '<td><input name="gid" type="text" value="' . $GLOBALS['get_users']['user'][$i]['gid'] . '" size="2" /></td>';
echo '<td><input name="rname" type="text" value="' . $GLOBALS['get_users']['user'][$i]['rname'] . '" size="8" /></td>';
echo '<td><input name="home" type="text" value="' . $GLOBALS['get_users']['user'][$i]['home'] . '" size="8" /></td>';
echo '<td><input name="shell" type="text" value="' . $GLOBALS['get_users']['user'][$i]['shell'] . '" size="7" /></td>';
echo '<td><input name="rnumber" type="hidden" value="' . $GLOBALS['get_users']['user'][$i]['rnumber'] . '" />';
echo '<input name="i" type="hidden" value="' . $i . '" />';
echo '<input name="save" type="submit" value="zapisz" class="guzik" TITLE="System: Zapisz zmiany na koncie
(hasło pozostanie nie zmienione)" />';
echo '<input name="del" type="submit" value="usuń" class="guzik" TITLE="System: Usuń konto" />';
echo '<input name="new_pass" type="text" ';
if($GLOBALS['get_users']['user'][$i]['hash'] === '*') {
echo 'value="*" ';
}
if($GLOBALS['get_users']['user'][$i]['hash'] === 'x') {
echo 'value="x" ';
}
echo 'size="5" TITLE="System: Wprowadź nowe hasło" />';
echo '<input name="chpass" type="submit" value="zmień hasło" class="guzik" TITLE="System: zmiana hasła" />';
if(is_dir($GLOBALS['ftp_user_dir'])) {
$ftp_user = $GLOBALS['ftp_user_dir'] . $GLOBALS['get_users']['user'][$i]['name'];
if(file_exists($ftp_user)) {
$ftp_data = file_get_contents($ftp_user);
if(strstr($ftp_data, 'dirlist_enable=yes')) {
echo '<input name="ftp_list" type="checkbox" value="yes" checked TITLE="FTP: Listing" />';
}else{
echo '<input name="ftp_list" type="checkbox" value="yes" TITLE="FTP: Listing" />';
}
if(strstr($ftp_data, 'download_enable=yes')) {
echo '<input name="ftp_download" type="checkbox" value="yes" checked TITLE="FTP: Download" />';
}else{
echo '<input name="ftp_download" type="checkbox" value="yes" TITLE="FTP: Download" />';
}
if(strstr($ftp_data, 'write_enable=yes')) {
echo '<input name="ftp_write" type="checkbox" value="yes" checked TITLE="FTP: Zapis" />';
}else{
echo '<input name="ftp_write" type="checkbox" value="yes" TITLE="FTP: Zapis" />';
}
echo '<input name="ftp_mod" type="submit" value="mod" class="ftp" TITLE="FTP: Zapisz zmiany" />';
echo '<input name="ftp_del" type="submit" value="x" class="ftp" TITLE="FTP: Usuń konto" />';
}else{
echo '<input name="ftp_make" type="submit" value="utwórz konto ftp" class="ftp" TITLE="FTP: Tworzenie nowego konta" />';
}
}
echo '</form></td></tr>' . "\n";
}
$i++;
}
echo '</table>' . "\n";
echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="post"><input name="new_user" type="text" value="' . time() . '" size="10" /><input name="newuser" type="submit" value="utwórz konto" class="guzik_ftp" /></form>';
}else{
//jezeli brak autoryzacji
echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="post">' . "\n";
echo '<input name="root_pass" type="password" size="20" />' . "\n";
echo '<input name="submit" type="submit" value="zaloguj" />' . "\n";
echo '</form>' . "\n";
}
echo '</body>' . "\n";
echo '</html>' . "\n";
?>