From 7a694a015cb9d8faa89ec4c64f826ce64b4b0589 Mon Sep 17 00:00:00 2001
From: ptaylor <ptaylor@e36fee2c-cc09-0410-a7cc-ebac5c6737de>
Date: Mon, 8 May 2006 13:59:35 +0000
Subject: [PATCH] added support for 3rd party extensions in the group
 management and dynamic menu system. (Thanks to Leo Fante)

git-svn-id: https://svn.m0n0.ch/wall/trunk@135 e36fee2c-cc09-0410-a7cc-ebac5c6737de
---
 CHANGELOG                      |  3 ++
 phpconf/inc/system.inc         | 20 ++++++++++++++
 webgui/auth.inc                |  6 ++--
 webgui/fbegin.inc              | 50 ++++++++++++++++------------------
 webgui/guiconfig.inc           |  2 +-
 webgui/system_groupmanager.php |  4 +++
 6 files changed, 55 insertions(+), 30 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index e2ebc96..a07a87c 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,6 +3,9 @@ $Id$
 *** Note: Please add new entries to the top of this file. ***
 -------------------------------------------------------------------------------
 
+- added support for 3rd party extensions in the group management and dynamic menu system. (ptaylor)
+  - Thanks to Leo Fante for code modifications
+
 - changes in Captive portal (jdegraeve):
   - Fixes a bug in the way we handle authentication mechanism. (Potentially allowing double logins and faulty locking)
 
diff --git a/phpconf/inc/system.inc b/phpconf/inc/system.inc
index 9a4758d..2293c20 100644
--- a/phpconf/inc/system.inc
+++ b/phpconf/inc/system.inc
@@ -506,6 +506,26 @@ function system_do_extensions($early = false) {
 		}
 		closedir($dh);
 	}
+	
+	// Create the symbolic links for .htpasswd and gui.css
+	// in each www/ext directory.
+	if (!$early) {
+    	$dh = @opendir("{$g['www_path']}/ext");
+    	if ($dh) {
+    		while (($extd = readdir($dh)) !== false) {
+    			if (($extd === ".") || ($extd === ".."))
+    				continue;
+    			if (is_dir("{$g['www_path']}/ext/$extd")) {
+    			    // Create links
+    			    symlink("{$g['www_path']}/.htpasswd",".htpasswd");
+    			    symlink("{$g['www_path']}/gui.css","gui.css");
+    			}
+    		}
+    		closedir($dh);
+    	}
+	}
+	
+	
 }
 
 function system_console_configure() {
diff --git a/webgui/auth.inc b/webgui/auth.inc
index 9cb2f25..e01d11d 100644
--- a/webgui/auth.inc
+++ b/webgui/auth.inc
@@ -64,7 +64,7 @@ $userindex = index_users();
 if (!($_SERVER['REMOTE_USER'] === $config['system']['username'])) {
 	$allowed[] = '';
 	if (isset($config['system']['group'][$groupindex[$config['system']['user'][$userindex[$_SERVER['REMOTE_USER']]]['groupname']]]['pages'])) {
-		$allowed = &$config['system']['group'][$groupindex[$config['system']['user'][$userindex[$_SERVER['REMOTE_USER']]]['groupname']]]['pages'];
+        $allowed = &$config['system']['group'][$groupindex[$config['system']['user'][$userindex[$_SERVER['REMOTE_USER']]]['groupname']]]['pages'];
 	} 
 
 	// If the user is attempting to hit the default page, set it to specifically look for /index.php.
@@ -73,7 +73,8 @@ if (!($_SERVER['REMOTE_USER'] === $config['system']['username'])) {
 		$_SERVER['PHP_SELF'] = '/index.php';
 	
 	// Strip the leading / from the currently requested PHP page
-	if (!in_array(basename($_SERVER['PHP_SELF']),$allowed)) {
+	// With extensions there also is a path to be concerned with
+    if ( !in_array(ltrim($_SERVER['PHP_SELF'],"/"),$allowed) ) {
 		// The currently logged in user is not allowed to access the page
 		// they are attempting to go to.  Redirect them to an allowed page.
 
@@ -92,5 +93,4 @@ if (!($_SERVER['REMOTE_USER'] === $config['system']['username'])) {
 }
 
 
-
 ?>
\ No newline at end of file
diff --git a/webgui/fbegin.inc b/webgui/fbegin.inc
index 34bb316..d2508c3 100644
--- a/webgui/fbegin.inc
+++ b/webgui/fbegin.inc
@@ -44,12 +44,12 @@ function genhtmltitle($title) {
 
 function dynamic_menu(&$menu, $menu_title) {
 	global $allowed, $config;
-	
+
 	// Make sure the admin can see everything
 	if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {
 		unset($allowed);
-		foreach ($menu as $item) {
-			$allowed[] = $item[0];
+   		foreach ($menu as $item) {
+        			$allowed[] = $item[0];
 		}
 	}
 	
@@ -85,7 +85,7 @@ function dynamic_menu(&$menu, $menu_title) {
 		}
 	}
 }
-
+        
 // Check for issues when changing the web admin username
 // $allowed is set in auth.inc *IF* the user is not the webGUI admin
 // so, if it's not set here, they were the admin user when they submited the admin username change.
@@ -94,7 +94,8 @@ if ((!is_array($allowed)) and
     ($_SERVER['REMOTE_USER'] != $config['system']['username'])) {
 	// webGUI username was just changed, let us change what PHP sees the remote user as so
 	// the menu will build properly.  When user hits next link, they will be prompted to reauthenticate.
-	$_SERVER['REMOTE_USER'] = $config['system']['username'];		
+	$_SERVER['REMOTE_USER'] = $config['system']['username'];	
+   
 }
 
 $menu['System']['General setup'] = array('system.php');
@@ -148,6 +149,20 @@ if (isset($config['captiveportal']['enable'])) {
 	$menu['Status']['Captive portal']	= array('status_captiveportal.php');
 }
 
+// Add Extensions, if they exist
+if (is_dir("{$g['www_path']}/ext")){
+      $dh = @opendir("{$g['www_path']}/ext");
+      if ($dh) {
+        while (($extd = readdir($dh)) !== false) {
+          if (($extd === ".") || ($extd === ".."))
+            continue;
+          $extfiles=explode("\n",trim(file_get_contents("{$g['www_path']}/ext/" . $extd . "/menu2.inc")));
+          $menu['Extensions'][array_shift($extfiles)]=$extfiles;
+         }
+        closedir($dh);
+      }
+}
+
 $menu['Diagnostics']['Logs']			= array('diag_logs.php',
 												'diag_logs_filter.php',
 							  					'diag_logs_dhcp.php',
@@ -261,27 +276,9 @@ dynamic_menu($menu['Firewall'], 'Firewall');
 dynamic_menu($menu['Services'], 'Services');
 dynamic_menu($menu['VPN'], 'VPN');
 dynamic_menu($menu['Status'], 'Status');
-?>
-			  
-<?php
-/* extensions section */
-if (is_dir("{$g['www_path']}/ext")):
-?>
-              <strong>Extensions</strong><br>
-<?php
-$dh = @opendir("{$g['www_path']}/ext");
-if ($dh) {
-	while (($extd = readdir($dh)) !== false) {
-		if (($extd === ".") || ($extd === ".."))
-			continue;
-		@include("{$g['www_path']}/ext/" . $extd . "/menu.inc");
-	}
-	closedir($dh);
-}
-endif;
-?>
-
-<?php 
+// If Extensions exist, add them to the menu
+if (isset($menu['Extensions'])) 
+    dynamic_menu($menu['Extensions'], 'Extensions');
 dynamic_menu($menu['Diagnostics'], 'Diagnostics');
 ?>
 			  </span>
@@ -293,3 +290,4 @@ dynamic_menu($menu['Diagnostics'], 'Diagnostics');
 <?php if (!$pgtitle_omit): ?>
       <p class="pgtitle"><?=gentitle($pgtitle);?></p>
 <?php endif; ?>
+
diff --git a/webgui/guiconfig.inc b/webgui/guiconfig.inc
index 2eaed9b..012fb47 100644
--- a/webgui/guiconfig.inc
+++ b/webgui/guiconfig.inc
@@ -513,7 +513,7 @@ function dynamic_tab_menu(&$tabs) {
     $linkStyle = '1';
    	foreach ($tabs as $desc => $link) {
    		if (in_array($link,$authorized)) {
-   			if ($link == str_replace('/','',$_SERVER['PHP_SELF'])) {
+            if ($link == basename($_SERVER['PHP_SELF'])) {
    				// special handling for diagnostic Logs tabs.
    				if ((strpos($link,'diag_logs') > -1) && ($link != 'diag_logs_settings.php')) {
 	   				if ($desc == "Firewall") {
diff --git a/webgui/system_groupmanager.php b/webgui/system_groupmanager.php
index 8b3d1ab..0740a3d 100755
--- a/webgui/system_groupmanager.php
+++ b/webgui/system_groupmanager.php
@@ -88,6 +88,10 @@ function getAdminPageList() {
         $tmp['diag_logs_dhcp.php'] = "Diagnostics: Logs: DHCP";
         $tmp['diag_logs.php'] = "Diagnostics: Logs: System";
         
+        // Add appropriate descriptions for extensions, if they exist
+        if(file_exists("extensions.inc")){
+	   	   include("extensions.inc");
+		}
 
         asort($tmp);
         return $tmp;
-- 
2.25.1