From c52d5fc3048a4177ba5d5223bfb6c62c7d095137 Mon Sep 17 00:00:00 2001
From: David Ramos <dramos@open6hosting.com>
Date: Thu, 18 Jan 2018 13:55:02 +0100
Subject: [PATCH] =?UTF-8?q?Control=20de=20usuarios=20y=20sus=20l=C3=ADmite?=
 =?UTF-8?q?s.=20Solucinado=20el=20mismo=20problema=20del=20usuario=20de=20?=
 =?UTF-8?q?base=20de=20datos=20pero=20con=20el=20usuaro=20ftp,=20faltaba?=
 =?UTF-8?q?=20que=20se=20ejecutasen=20los=20plugins=20que=20insertan=20cor?=
 =?UTF-8?q?rectamente=20entre=20otros=20campos=20el=20sys=5Fuserid,=20sys?=
 =?UTF-8?q?=5Fgroupid=20y=20document=5Froot.=20Funcionamiento=20correcto?=
 =?UTF-8?q?=20de=20WebDNS.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 database_user_edit.php           | 251 -------------------------------
 form/database_user.tform.php     | 134 -----------------
 new_service_webdns.php           |  27 +++-
 templates/database_user_edit.htm |  67 ---------
 4 files changed, 25 insertions(+), 454 deletions(-)
 delete mode 100755 database_user_edit.php
 delete mode 100755 form/database_user.tform.php
 delete mode 100755 templates/database_user_edit.htm

diff --git a/database_user_edit.php b/database_user_edit.php
deleted file mode 100755
index be58678..0000000
--- a/database_user_edit.php
+++ /dev/null
@@ -1,251 +0,0 @@
-<?php
-/*
-Copyright (c) 2008, Till Brehm, projektfarm Gmbh
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
-	* Redistributions of source code must retain the above copyright notice,
-	  this list of conditions and the following disclaimer.
-	* Redistributions in binary form must reproduce the above copyright notice,
-	  this list of conditions and the following disclaimer in the documentation
-	  and/or other materials provided with the distribution.
-	* Neither the name of ISPConfig nor the names of its contributors
-	  may be used to endorse or promote products derived from this software without
-	  specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
-INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
-OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-
-/******************************************
-* Begin Form configuration
-******************************************/
-
-$tform_def_file = "form/database_user.tform.php";
-
-/******************************************
-* End Form configuration
-******************************************/
-
-require_once '../../lib/config.inc.php';
-require_once '../../lib/app.inc.php';
-
-//* Check permissions for module
-$app->auth->check_module_permissions('sites');
-
-// Loading classes
-$app->uses('tpl,tform,tform_actions');
-$app->load('tform_actions');
-
-class page_action extends tform_actions {
-
-	function onShowNew() {
-		global $app;
-
-		// we will check only users, not admins
-	/*	if($_SESSION['s']['user']['typ'] == 'user') {
-			if(!$app->tform->checkClientLimit('limit_database_user')) {
-				$app->error($app->tform->wordbook["limit_database_user_txt"]);
-			}
-			if(!$app->tform->checkResellerLimit('limit_database_user')) {
-				$app->error('Reseller: '.$app->tform->wordbook["limit_database_user_txt"]);
-			}
-		}*/
-
-		parent::onShowNew();
-	}
-
-	function onShowEnd() {
-		global $app, $conf, $interfaceConf;
-
-		/*
-		 * If the names are restricted -> remove the restriction, so that the
-		 * data can be edited
-		 */
-
-		//* Get the database user prefix
-		$app->uses('getconf,tools_sites');
-		$global_config = $app->getconf->get_global_config('sites');
-		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
-
-		if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
-			// Get the limits of the client
-			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
-			$client = $app->db->queryOneRecord("SELECT client.company_name, client.contact_name, client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
-
-			// Fill the client select field
-			$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
-			$records = $app->db->queryAllRecords($sql, $client['client_id']);
-			$records = $app->functions->htmlentities($records);
-			$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client['client_id']);
-			$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contact_name'].'</option>';
-			//$tmp_data_record = $app->tform->getDataRecord($this->id);
-			if(is_array($records)) {
-				foreach( $records as $rec) {
-					$selected = @(is_array($this->dataRecord) && ($rec["groupid"] == $this->dataRecord['client_group_id'] || $rec["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
-					$client_select .= "<option value='$rec[groupid]' $selected>$rec[contactname]</option>\r\n";
-				}
-			}
-			$app->tpl->setVar("client_group_id", $client_select);
-		} elseif($_SESSION["s"]["user"]["typ"] == 'admin') {
-			// Fill the client select field
-			$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
-			$clients = $app->db->queryAllRecords($sql);
-			$clients = $app->functions->htmlentities($clients);
-			$client_select = "<option value='0'></option>";
-			//$tmp_data_record = $app->tform->getDataRecord($this->id);
-			if(is_array($clients)) {
-				foreach( $clients as $client) {
-					//$selected = @($client["groupid"] == $tmp_data_record["sys_groupid"])?'SELECTED':'';
-					$selected = @(is_array($this->dataRecord) && ($client["groupid"] == $this->dataRecord['client_group_id'] || $client["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
-					$client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
-				}
-			}
-			$app->tpl->setVar("client_group_id", $client_select);
-		}
-
-
-		if ($this->dataRecord['database_user'] != ""){
-			/* REMOVE the restriction */
-			$app->tpl->setVar("database_user", $app->tools_sites->removePrefix($this->dataRecord['database_user'], $this->dataRecord['database_user_prefix'], $dbuser_prefix));
-		}
-
-		if($this->dataRecord['database_user'] == "") {
-			$app->tpl->setVar("database_user_prefix", $dbuser_prefix);
-		} else {
-			$app->tpl->setVar("database_user_prefix", $app->tools_sites->getPrefix($this->dataRecord['database_user_prefix'], $dbuser_prefix, $global_config['dbuser_prefix']));
-		}
-
-		parent::onShowEnd();
-	}
-
-	function onSubmit() {
-		global $app;
-
-		if($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]);
-
-		parent::onSubmit();
-	}
-
-	function onBeforeUpdate() {
-	/*	global $app, $conf, $interfaceConf;
-
-		//* Get the database user prefix
-		$app->uses('getconf,tools_sites');
-		$global_config = $app->getconf->get_global_config('sites');
-		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
-
-		$this->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = ?", $this->id);
-
-		$dbuser_prefix = $app->tools_sites->getPrefix($this->oldDataRecord['database_user_prefix'], $dbuser_prefix);
-		$this->dataRecord['database_user_prefix'] = $dbuser_prefix;
-
-		//* Database username shall not be empty
-		if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />';
-
-		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', htmlentities($dbuser_prefix . $this->dataRecord['database_user'], ENT_QUOTES, 'UTF-8'), $app->tform->wordbook["database_user_error_len"]).'<br />';
-
-		//* Check database user against blacklist
-		$dbuser_blacklist = array($conf['db_user'], 'mysql', 'root');
-		if(in_array($dbuser_prefix . $this->dataRecord['database_user'], $dbuser_blacklist)) {
-			$app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />';
-		}
-
-		if ($app->tform->errorMessage == ''){
-			/* restrict the names if there is no error */
-			/* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */
-	//		$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
-	//	}
-
-		/* prepare password for MongoDB */
-		// TODO: this still doens't work as when only the username changes we have no database_password.
-		// taking the one from oldData doesn't work as it's encrypted...shit!
-/*
-		$this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password'];
-
-		$this->dataRecord['server_id'] = 0; // we need this on all servers
-*/
-		//parent::onBeforeUpdate();
-	}
-
-	function onBeforeInsert() {
-	/*	global $app, $conf, $interfaceConf;
-
-		//* Database username shall not be empty
-		if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />';
-		
-		//* Database password shall not be empty
-		if($this->dataRecord['database_password'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_password_error_empty"].'<br />';
-
-		//* Get the database name and database user prefix
-		$app->uses('getconf,tools_sites');
-		$global_config = $app->getconf->get_global_config('sites');
-		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
-
-		$this->dataRecord['database_user_prefix'] = $dbuser_prefix;
-
-		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', htmlentities($dbuser_prefix . $this->dataRecord['database_user'], ENT_QUOTES, 'UTF-8'), $app->tform->wordbook["database_user_error_len"]).'<br />';
-
-		//* Check database user against blacklist
-		$dbuser_blacklist = array($conf['db_user'], 'mysql', 'root');
-		if(is_array($dbuser_blacklist) && in_array($dbuser_prefix . $this->dataRecord['database_user'], $dbuser_blacklist)) {
-			$app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />';
-		}
-
-		/* restrict the names */
-		/* crop user names if they are too long -> mysql: user: 16 chars / db: 64 chars */
-/*		if ($app->tform->errorMessage == ''){
-			$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
-		}
-
-		$this->dataRecord['server_id'] = 0; // we need this on all servers
-
-		/* prepare password for MongoDB */
-//		$this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password'];
-
-		//parent::onBeforeInsert();
-	}
-
-	function onAfterInsert() {
-		global $app, $conf;
-/*
-		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
-			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id);
-		}
-		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
-			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id);
-		}*/
-	}
-
-	function onAfterUpdate() {
-		/*global $app, $conf;
-
-		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
-			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id);
-		}
-		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
-			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id);
-		}*/
-	}
-
-}
-
-$page = new page_action;
-$page->onLoad();
-
-?>
diff --git a/form/database_user.tform.php b/form/database_user.tform.php
deleted file mode 100755
index 09d2c32..0000000
--- a/form/database_user.tform.php
+++ /dev/null
@@ -1,134 +0,0 @@
-<?php
-
-/*
-	Form Definition
-
-	Tabledefinition
-
-	Datatypes:
-	- INTEGER (Forces the input to Int)
-	- DOUBLE
-	- CURRENCY (Formats the values to currency notation)
-	- VARCHAR (no format check, maxlength: 255)
-	- TEXT (no format check)
-	- DATE (Dateformat, automatic conversion to timestamps)
-
-	Formtype:
-	- TEXT (Textfield)
-	- TEXTAREA (Textarea)
-	- PASSWORD (Password textfield, input is not shown when edited)
-	- SELECT (Select option field)
-	- RADIO
-	- CHECKBOX
-	- CHECKBOXARRAY
-	- FILE
-
-	VALUE:
-	- Wert oder Array
-
-	Hint:
-	The ID field of the database table is not part of the datafield definition.
-	The ID field must be always auto incement (int or bigint).
-
-	Search:
-	- searchable = 1 or searchable = 2 include the field in the search
-	- searchable = 1: this field will be the title of the search result
-	- searchable = 2: this field will be included in the description of the search result
-
-
-*/
-
-$form["title"]    = "Database User";
-$form["description"]  = "";
-$form["name"]    = "database_user";
-$form["action"]   = "database_user_edit.php";
-$form["db_table"]  = "web_database_user";
-$form["db_table_idx"] = "database_user_id";
-$form["db_history"]  = "yes";
-$form["tab_default"] = "database_user";
-$form["list_default"] = "database_user_list.php";
-$form["auth"]   = 'yes'; // yes / no
-
-$form["auth_preset"]["userid"]  = 0; // 0 = id of the user, > 0 id must match with id of current user
-$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
-$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
-$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
-$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete
-
-$form["tabs"]['database_user'] = array (
-	'title'  => "Database User",
-	'width'  => 100,
-	'template'  => "templates/database_user_edit.htm",
-	'fields'  => array (
-		//#################################
-		// Begin Datatable fields
-		//#################################
-		'server_id' => array (
-			'datatype' => 'INTEGER',
-			'formtype' => 'SELECT',
-			'default' => '',
-			'datasource' => array (  'type' => 'SQL',
-				'querystring' => 'SELECT server_id,server_name FROM server WHERE mirror_server_id = 0 AND {AUTHSQL} AND db_server = 1 ORDER BY server_name',
-				'keyfield'=> 'server_id',
-				'valuefield'=> 'server_name'
-			),
-			'value'  => ''
-		),
-		'database_user' => array (
-			'datatype' => 'VARCHAR',
-			'formtype' => 'TEXT',
-			'validators' => array (  0 => array ( 'type' => 'NOTEMPTY',
-					'errmsg'=> 'database_user_error_empty'),
-				1 => array ( 'type' => 'UNIQUE',
-					'errmsg'=> 'database_user_error_unique'),
-				2 => array ( 'type' => 'REGEX',
-					'regex' => '/^[a-zA-Z0-9_]{2,64}$/',
-					'errmsg'=> 'database_user_error_regex'),
-			),
-			'default' => '',
-			'value'  => '',
-			'width'  => '30',
-			'maxlength' => '255',
-			'searchable' => 1
-		),
-		'database_user_prefix' => array (
-			'datatype' => 'VARCHAR',
-			'formtype' => 'TEXT',
-			'default' => '',
-			'value'  => '',
-			'width'  => '30',
-			'maxlength' => '25'
-		),
-		'database_password' => array (
-			'datatype' => 'VARCHAR',
-			'formtype' => 'PASSWORD',
-			'validators' => array(
-				0 => array(
-					'type' => 'CUSTOM',
-					'class' => 'validate_password',
-					'function' => 'password_check',
-					'errmsg' => 'weak_password_txt'
-				)
-			),
-			'encryption' => 'MYSQL',
-			'default' => '',
-			'value'  => '',
-			'width'  => '30',
-			'maxlength' => '255'
-		),
-		'database_password_mongo' => array (
-			'datatype' => 'VARCHAR',
-			'formtype' => 'PASSWORD',
-			'default' => '',
-			'value'  => '',
-			'width'  => '30',
-			'maxlength' => '255'
-		),
-		//#################################
-		// ENDE Datatable fields
-		//#################################
-	)
-);
-
-
-?>
diff --git a/new_service_webdns.php b/new_service_webdns.php
index 4af7c7b..6602778 100755
--- a/new_service_webdns.php
+++ b/new_service_webdns.php
@@ -408,7 +408,8 @@ class page_action extends tform_actions {
 		//print "<br>". $this->pass_db_txt;
 		//print "<pre>"; print_r($fields); print "</pre>\n";
 
-		$db_user_id = $remoto->insert_query('../sites/form/database_user.tform.php', $this->cli_id, $db_user_params, 'sites:web_database_user:on_after_insert');
+		$db_user_id = $remoto->insert_query('../sites/form/database_user.tform.php', 
+											$this->cli_id, $db_user_params, 'sites:web_database_user:on_after_insert');
 		//echo('El id ' . $this->id);
 		$remoto2 = new remote_actions;
 		$remoto->sites_database_user_after_add($this->cli_grupo_id, $db_user_params);
@@ -476,7 +477,7 @@ class page_action extends tform_actions {
 		//print "<pre>"; print_r($site_data); print "</pre>\n";
 		//echo('El grupo del usuario es ' . $this->cli_grupo_id);
 		$remoto->insert_query('../sites/form/ftp_user.tform.php', $this->cli_id,/*$fields['client_group_id'],*/ $ftp_params);
-
+		$remoto->sites_ftp_user_after_insert();
 		echo '<br><div class="alert alert-success"><br>
 		Altas de BBDD y FTP, ¡Correctas!<br><br>
 		Usuario BBDD: <b>'. $this->usuario_db_txt .'</b><br>Contraseña: <b>' . $this->pass_db_txt . '
@@ -1677,6 +1678,28 @@ class remote_actions extends remoting {
 		return $insert_id;
 	}
 
+	function sites_ftp_user_after_insert() {
+		global $app, $conf;
+
+		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $this->dataRecord["parent_domain_id"]);
+		//echo(' Valor FTP ' . $this->dataRecord["parent_domain_id"]);
+		$server_id = $app->functions->intval($web["server_id"]);
+		$dir = $web["document_root"];
+		$uid = $web["system_user"];
+		$gid = $web["system_group"];
+		
+		// Check system user and group
+		if($app->functions->is_allowed_user($uid) == false || $app->functions->is_allowed_group($gid) == false) {
+			$app->error('Invalid system user or group');
+		}
+
+		// The FTP user shall be owned by the same group then the website
+		$sys_groupid = $app->functions->intval($web['sys_groupid']);
+
+		$sql = "UPDATE ftp_user SET server_id = ?, dir = ?, uid = ?, gid = ?, sys_groupid = ? WHERE ftp_user_id = ?";
+		$app->db->query($sql, $server_id, $dir, $uid, $gid, $sys_groupid, $this->id);
+	}
+
 	public function sites_database_user_after_add($client_id, $params){
 		global $app, $conf;
 		//echo('Plugeando');
diff --git a/templates/database_user_edit.htm b/templates/database_user_edit.htm
deleted file mode 100755
index c9ae106..0000000
--- a/templates/database_user_edit.htm
+++ /dev/null
@@ -1,67 +0,0 @@
-<div class='page-header'>
-	<h1><tmpl_var name="list_head_txt"></h1>
-</div>
-<p><tmpl_var name="list_desc_txt"></p>
-
-
-        
-            <tmpl_if name="is_admin">
-                <div class="form-group">
-                    <label for="client_group_id" class="col-sm-3 control-label">{tmpl_var name='client_txt'}</label>
-                    <div class="col-sm-9"><select name="client_group_id" id="client_group_id" class="form-control">
-                        {tmpl_var name='client_group_id'}
-                    </select></div>
-                </div>
-            </tmpl_if>
-            <tmpl_if name="is_reseller">
-                <div class="form-group">
-                    <label for="client_group_id" class="col-sm-3 control-label">{tmpl_var name='client_txt'}</label>
-                    <div class="col-sm-9"><select name="client_group_id" id="client_group_id" class="form-control">
-                        {tmpl_var name='client_group_id'}
-                    </select></div>
-                </div>
-            </tmpl_if>
-			<div class="form-group">
-                <label for="database_user" class="col-sm-3 control-label">{tmpl_var name='database_user_txt'}</label>
-                <div class="col-sm-9">
-					<div class="input-group">
-						<span class="input-group-addon" id="database_user-desc">{tmpl_var name='database_user_prefix'}</span>
-						<input type="text" name="database_user" id="database_user" value="{tmpl_var name='database_user'}" class="form-control" aria-describedby="database_user-desc" />
-					</div>
-				</div>
-            </div>
-			<div class="form-group">
-                <label for="database_password" class="col-sm-3 control-label">{tmpl_var name='database_password_txt'}</label>
-                <div class="col-sm-9">
-				<div class="input-group">
-					<input type="password" name="database_password" id="database_password" value="{tmpl_var name='database_password'}" class="form-control" autocomplete="off" onkeyup="pass_check(this.value);checkPassMatch('database_password','repeat_password');" />
-					<span class="input-group-btn">
-						<button class="btn btn-default" type="button" onclick="generatePassword('database_password','repeat_password');">{tmpl_var name='generate_password_txt'}</button>
-					</span>
-				</div>
-				</div>
-            </div>
-            <div class="form-group">
-                <label class="col-sm-3 control-label">{tmpl_var name='password_strength_txt'}</label>
-                <div class="col-sm-9 checkbox">
-                <div id="passBar"></div>
-                <span id="passText">&nbsp;</span>
-                </div>
-            </div>
-            <div class="form-group">
-                <label for="repeat_password" class="col-sm-3 control-label">{tmpl_var name='repeat_password_txt'}</label>
-                <div class="col-sm-9"><input type="password" name="repeat_password" id="repeat_password" value="" class="form-control" autocomplete="off" onkeyup="checkPassMatch('database_password','repeat_password');" /></div></div>
-            <div class="form-group">
-				<div class="col-sm-offset-3 col-sm-9">
-					<div id="confirmpasswordError" style="display:none;" class="confirmpassworderror">{tmpl_var name='password_mismatch_txt'}</div>
-					<div id="confirmpasswordOK" style="display:none;" class="confirmpasswordok">{tmpl_var name='password_match_txt'}</div>
-				</div>
-			</div>
-        
-
-        <input type="hidden" name="id" value="{tmpl_var name='id'}">
-
-        <div class="clear"><div class="right">
-            <button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="sites/database_user_edit.php">{tmpl_var name='btn_save_txt'}</button>
-            <button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="sites/database_user_list.php">{tmpl_var name='btn_cancel_txt'}</button>
-        </div></div>
\ No newline at end of file