<?php

// vim: ts=2 sw=2

include_once "base_controller.php";

class OSAccountManagementController extends BaseController {

  protected function signinRequired() {

    return true;

  }

  protected function adminRequired() {

    return true;

  }

  protected function doAjaxPost() {

    $response = array();

    $u = $this->curUser();

    $action = $_POST['action'];

    if ($action == 'changePasswd') {

      $this->changePasswd($response);

    } else {

      $this->renderAjaxError($response, sprintf(L("action %s is not supported"), $action));

    }

    $this->renderAjaxSuccess($response);

  }

  # debug command: curl -v -X POST -H "X-Requested-With: XMLHttpRequest" -d "action=changePasswd&account%5Bold_password%5D=123456&account%5Bnew_password%5D=Hi6868Foo" -c cookies.txt http://192.168.1.11/sdcard/cpt/app/os_account_management.php

  protected function changePasswd($response) {

    $old_password = $_POST['account']['old_password'];

    $new_password = $_POST['account']['new_password'];

    $return_val = 0;

    $platform = platformName();

    if ($platform == "FW") {

      $account = "sdcard";

      $return_val = $this->doChangePasswd($account, $old_password, $new_password);

    } else if ($platform == "FS") {

      $account = "easyio";

      $return_val = $this->doChangePasswd($account, $old_password, $new_password);

      if ($return_val != 0)

        $this->renderAjaxError($response, L("failed to change os account password."));

      $account = "webuser";

      $return_val = $this->doChangePasswd($account, $old_password, $new_password);

    } else { //for FG+, FG

      $account = "sdcard";

      $return_val = $this->doChangePasswd($account, $old_password, $new_password);

      if ($return_val != 0)

        $this->renderAjaxError($response, L("failed to change os account password."));

      $account = "webuser";

      $return_val = $this->doChangePasswd($account, $old_password, $new_password);

    }

    if ($return_val == 0)

      $this->renderAjaxSuccess($response);

    else

      $this->renderAjaxError($response, L("failed to change os account password."));

  }

  protected function doChangePasswd($account, $old_password, $new_password) {

    $output = array();

    $return_val = 0;

    $account = escapeshellarg($account);

    $old_password = escapeshellarg($old_password);

    $new_password = escapeshellarg($new_password);

    exec("id ${account}", $output, $return_val)

    // if account does not exist

    if ($return_val != 0) 

      return 0;

    else

      $output = array();

    $shell_cmd = "";

    if (platformName() == "FW") {

      $shell_cmd = <<<EOS

        if [ "$(id)" == "uid=0(root) gid=0(root)" ] ; then 

          echo -e ${old_password}'\n'${new_password}'\n'${new_password} | sudo -u ${account} -s passwd;

        else 

          echo -e ${old_password}'\n'${new_password}'\n'${new_password} | passwd ${account};

         fi

EOS;

    } else {

      $shell_cmd = <<<EOS

        if [ "$(whoami)" == "root" ] ; then 

          echo -e ${old_password}'\n'${new_password}'\n'${new_password} | su -c passwd ${account}; 

        else 

          echo -e ${old_password}'\n'${new_password}'\n'${new_password} | passwd ${account};

        fi

EOS;

    }

    exec($shell_cmd, $output, $return_val)

    // var_export($output);

    return $return_val;

  }

}

$controller = new OSAccountManagementController();

$controller->run();

?>