v3.5.4

2019-10-11 07:49:55 +03:00 · 2019-10-11 07:49:55 +03:00 · a49e620349
parent 597498ff9c
commit a49e620349
39 changed files with 227 additions and 41 deletions
--- a/app/options.py
+++ b/app/options.py
@ -23,7 +23,7 @@ if act == "checkrestart":
 			sys.exit()
 	sys.exit()

-if form.getvalue('token') is None:
+if not sql.check_token_exists(form.getvalue('token')):
 	print("What the fuck?! U r hacker Oo?!")
 	sys.exit()
 		
--- a/app/sql.py
+++ b/app/sql.py
@ -1369,18 +1369,54 @@ def select_keep_alive(**kwargs):
 		return cur.fetchall()
 	cur.close()    
 	con.close() 
+	
+	
+def check_token_exists(token):
+	try:
+		import http.cookies
+		import os
+		cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+		user_id = cookie.get('uuid')
+		if get_token(user_id.value) == token:
+			return True
+		else:
+			try:
+				funct.logging('localhost', ' tried do action with wrong token', haproxywi=1, login=1)
+			except:
+				funct.logging('localhost', ' An action with wrong token', haproxywi=1)
+				return False
+	except:
+		try:
+			funct.logging('localhost', ' cannot check token', haproxywi=1, login=1)
+		except:
+			funct.logging('localhost', ' Cannot check token', haproxywi=1)
+			return False
+
 				
 form = cgi.FieldStorage()
 error_mess = '<span class="alert alert-danger" id="error">All fields must be completed <a title="Close" id="errorMess"><b>X</b></a></span>'


 def check_token():
-	if form.getvalue('token') is None:
+	if not check_token_exists(form.getvalue('token')):
 		print('Content-type: text/html\n')
-		print("What the fuck?! U r hacker Oo?!")
+		print("What the fuck?! U r hacker Oo?!")		
 		import sys
 		sys.exit()
-
+		
+		
+def check_group(group):
+	import http.cookies
+	import os
+	cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+	user_id = cookie.get('uuid')
+	user_group = get_user_group_by_uuid(user_id.value)
+	if user_group == group or user_group == '1':
+		return True
+	else:
+		funct.logging(new_user, ' tried to change user group', haproxywi=1, login=1)
+		return False
+		

 if form.getvalue('newuser') is not None:
 	email = form.getvalue('newemail')
@ -1394,13 +1430,16 @@ if form.getvalue('newuser') is not None:
 	if password is None or role is None or group is None:
 		print(error_mess)
 	else:		
-		role_id = get_role_id_by_name(role)
-		if funct.is_admin(level=role_id):
-			if add_user(new_user, email, password, role, group, activeuser):
-				show_update_user(new_user, page)
-		else:
-			funct.logging(new_user, ' tried to do privilege escalation', haproxywi=1, login=1)
-		
+		if check_group(group):
+			role_id = get_role_id_by_name(role)
+			if funct.is_admin(level=role_id):
+				if add_user(new_user, email, password, role, group, activeuser):
+					show_update_user(new_user, page)
+			else:
+				funct.logging(new_user, ' tried to privilege escalation', haproxywi=1, login=1)
+
+	
+	
 if form.getvalue('updateuser') is not None:
 	email = form.getvalue('email')
 	role = form.getvalue('role')
@ -1412,12 +1451,14 @@ if form.getvalue('updateuser') is not None:
 	check_token()
 	if new_user is None or role is None or group is None:
 		print(error_mess)
-	else:		
-		role_id = get_role_id_by_name(role)
-		if funct.is_admin(level=role_id):
-			update_user(new_user, email, role, group, id, activeuser)
-		else:
-			funct.logging(new_user, ' tried to do privilege escalation', haproxywi=1, login=1)
+	else:	
+		if check_group(group):
+			role_id = get_role_id_by_name(role)
+			if funct.is_admin(level=role_id):
+				update_user(new_user, email, role, group, id, activeuser)
+			else:
+				funct.logging(new_user, ' tried to privilege escalation', haproxywi=1, login=1)
+		


 if form.getvalue('updatepassowrd') is not None:
@ -1437,6 +1478,7 @@ if form.getvalue('userdel') is not None:
 	check_token()
 	if delete_user(form.getvalue('userdel')):
 		print("Ok")
+
 		
 if form.getvalue('newserver') is not None:
 	hostname = form.getvalue('servername')	
@ -1460,6 +1502,7 @@ if form.getvalue('newserver') is not None:
 	else:	
 		if add_server(hostname, ip, group, typeip, enable, master, cred, alert, metrics, port, desc, active):
 			show_update_server(ip, page)
+
 		
 if form.getvalue('serverdel') is not None:
 	print('Content-type: text/html\n')
@ -1467,6 +1510,7 @@ if form.getvalue('serverdel') is not None:
 	if delete_server(form.getvalue('serverdel')):
 		delete_waf_server(form.getvalue('serverdel'))
 		print("Ok")
+
 	
 if form.getvalue('newgroup') is not None:
 	newgroup = form.getvalue('groupname')	
@ -1479,11 +1523,13 @@ if form.getvalue('newgroup') is not None:
 		if add_group(newgroup, desc):
 			show_update_group(newgroup)

+
 if form.getvalue('groupdel') is not None:
 	print('Content-type: text/html\n')
 	check_token()
 	if delete_group(form.getvalue('groupdel')):
 		print("Ok")
+
 		
 if form.getvalue('updategroup') is not None:
 	name = form.getvalue('updategroup')
@ -1495,6 +1541,7 @@ if form.getvalue('updategroup') is not None:
 		print(error_mess)
 	else:		
 		update_group(name, descript, id)
+
 		
 if form.getvalue('updateserver') is not None:
 	name = form.getvalue('updateserver')
@ -1516,6 +1563,7 @@ if form.getvalue('updateserver') is not None:
 		print(error_mess)
 	else:		
 		update_server(name, ip, group, typeip, enable, master, id, cred, alert, metrics, port, desc, active)
+
 			
 if form.getvalue('updatessh'):
 	id = form.getvalue('id')
@ -1544,7 +1592,8 @@ if form.getvalue('updatessh'):
 			except:
 				pass
 		update_ssh(id, name, enable, group, username, password)
-		
+	
+	
 if form.getvalue('new_ssh'):
 	name = form.getvalue('new_ssh')
 	enable = form.getvalue('ssh_enable')	
@ -1560,6 +1609,7 @@ if form.getvalue('new_ssh'):
 	else:
 		if insert_new_ssh(name, enable, group, username, password):
 			show_update_ssh(name, page)
+
 			
 if form.getvalue('sshdel') is not None:
 	import funct
@ -1580,6 +1630,7 @@ if form.getvalue('sshdel') is not None:
 	if delete_ssh(form.getvalue('sshdel')):
 		print("Ok")

+
 if form.getvalue('newtelegram'):
 	token = form.getvalue('newtelegram')
 	chanel = form.getvalue('chanel')	
@ -1593,12 +1644,14 @@ if form.getvalue('newtelegram'):
 	else:
 		if insert_new_telegram(token, chanel, group):
 			show_update_telegram(token, page)
+
 			
 if form.getvalue('telegramdel') is not None:
 	print('Content-type: text/html\n')
 	check_token()
 	if delete_telegram(form.getvalue('telegramdel')):
 		print("Ok")
+
 	
 if form.getvalue('getoption'):
 	group = form.getvalue('getoption')	
@ -1626,7 +1679,8 @@ if form.getvalue('newtoption'):
 	else:
 		if insert_new_option(option, group):
 			show_update_option(option)
-			
+	
+	
 if form.getvalue('updateoption') is not None:
 	option = form.getvalue('updateoption')
 	id = form.getvalue('id')	
@ -1636,6 +1690,7 @@ if form.getvalue('updateoption') is not None:
 		print(error_mess)
 	else:		
 		update_options(option, id)
+
 			
 if form.getvalue('optiondel') is not None:
 	print('Content-type: text/html\n')
@ -1675,7 +1730,8 @@ if form.getvalue('newsavedserver'):
 	else:
 		if insert_new_savedserver(savedserver, description, group):
 			show_update_savedserver(savedserver)
-			
+	
+	
 if form.getvalue('updatesavedserver') is not None:
 	savedserver = form.getvalue('updatesavedserver')
 	description = form.getvalue('description')
@ -1686,12 +1742,14 @@ if form.getvalue('updatesavedserver') is not None:
 		print(error_mess)
 	else:		
 		update_savedserver(savedserver, description, id)
-			
+	
+	
 if form.getvalue('savedserverdel') is not None:
 	print('Content-type: text/html\n')
 	check_token()
 	if delete_savedserver(form.getvalue('savedserverdel')):
 		print("Ok")
+
 		
 if form.getvalue('updatetoken') is not None:
 	token = form.getvalue('updatetoken')
@ -1703,7 +1761,8 @@ if form.getvalue('updatetoken') is not None:
 		print(error_mess)
 	else:		
 		update_telegram(token, chanel, group, id)
-		
+	
+	
 if form.getvalue('updatesettings') is not None:
 	print('Content-type: text/html\n')
 	check_token()
--- a/app/templates/add.html
+++ b/app/templates/add.html
@ -823,6 +823,12 @@ h3 {
 		<div id="ajax-option"></div>
 		<div class="add-note addName alert-info" style="width: inherit; margin-right: 15px;">
 			In this section you can create, edit and delete options with given parameters. And after use them as autocomplete in the "Add" sections
+			<br />
+			<br />
+			How to use pre saved option you can see in 
+			<a href="https://haproxy-wi.org/description.py?description=saved" title="How to use pre saved options" target="_blank"> 
+				<b>this video</b>
+			</a>
 		</div>
 	</div>
 	
@ -872,6 +878,12 @@ h3 {
 		<div id="ajax-servers"></div>
 		<div class="add-note addName alert-info" style="width: inherit; margin-right: 15px;">
 			In this section you can create, edit and delete servers. And after use them as autocomplete in the "Add" sections
+			<br />
+			<br />
+			How to use pre saved servers you can see in 
+			<a href="https://haproxy-wi.org/description.py?description=saved" title="How to use pre saved servers" target="_blank"> 
+				<b>this video</b>
+			</a>
 		</div>
 	</div>
 	
--- a/app/templates/ajax/new_option.html
+++ b/app/templates/ajax/new_option.html
@ -4,7 +4,7 @@
 			{{ option.0 }}
 		</td>
 		<td class="first-collumn" style="width: 100%;">
-			<input type="text" id="option-body-{{option.0}}" class="form-control" value="{{option.1}}">	
+			<input type="text" id="option-body-{{option.0}}" class="form-control" value="{{option.1}}" size="100">	

 		</td>
 		<td>
--- a/app/templates/ajax/new_saved_servers.html
+++ b/app/templates/ajax/new_saved_servers.html
@ -1,10 +1,10 @@
 {% for s in server %}
 	<tr style="width: 50%;" id="servers-saved-{{s.0}}" class="newsavedserver update">
 		<td class="padding10 first-collumn">
-			<input type="text" id="servers-ip-{{s.0}}" class="form-control" value="{{s.1}}">	
+			<input type="text" id="servers-ip-{{s.0}}" class="form-control" value="{{s.1}}" size="15">	
 		</td>
-		<td class="first-collumn" style="width: 50%;">
-			<input type="text" id="servers-desc-{{s.0}}" class="form-control" value="{{s.2}}">	
+		<td class="first-collumn" style="width: 100%;">
+			<input type="text" id="servers-desc-{{s.0}}" class="form-control" value="{{s.2}}" size="60">	
 		</td>
 		<td>
 			<a class="delete" onclick="confirmDeleteSavedServer({{s.0}})"  style="cursor: pointer;"></a>
--- a/app/templates/base.html
+++ b/app/templates/base.html
@ -1,11 +1,28 @@
-<html>
+<html lang="en">
 	<head>
 		<title>{{title}} - HAproxy-WI</title>
 		<meta charset="UTF-8">	
 		<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
 		<meta http-equiv="Pragma" content="no-cache" />
 		<meta http-equiv="Expires" content="0" />
-		<link href="/inc/images/favicon.ico" rel="icon" type="image/png" />
+		<link href="/inc/images/favicon/favicon.ico" rel="icon" type="image/png" />
+		<link rel="apple-touch-icon" sizes="57x57" href="/inc/images/favicon/inc/images/favicon/apple-icon-57x57.png">
+		<link rel="apple-touch-icon" sizes="60x60" href="/inc/images/favicon/apple-icon-60x60.png">
+		<link rel="apple-touch-icon" sizes="72x72" href="/inc/images/favicon/apple-icon-72x72.png">
+		<link rel="apple-touch-icon" sizes="76x76" href="/inc/images/favicon/apple-icon-76x76.png">
+		<link rel="apple-touch-icon" sizes="114x114" href="/inc/images/favicon/apple-icon-114x114.png">
+		<link rel="apple-touch-icon" sizes="120x120" href="/inc/images/favicon/apple-icon-120x120.png">
+		<link rel="apple-touch-icon" sizes="144x144" href="/inc/images/favicon/apple-icon-144x144.png">
+		<link rel="apple-touch-icon" sizes="152x152" href="/inc/images/favicon/apple-icon-152x152.png">
+		<link rel="apple-touch-icon" sizes="180x180" href="/inc/images/favicon/apple-icon-180x180.png">
+		<link rel="icon" type="image/png" sizes="192x192"  href="/inc/images/favicon/android-icon-192x192.png">
+		<link rel="icon" type="image/png" sizes="32x32" href="/inc/images/favicon/favicon-32x32.png">
+		<link rel="icon" type="image/png" sizes="96x96" href="/inc/images/favicon/favicon-96x96.png">
+		<link rel="icon" type="image/png" sizes="16x16" href="/inc/images/favicon/favicon-16x16.png">
+		<link rel="manifest" href="/inc/images/favicon/manifest.json">
+		<meta name="msapplication-TileColor" content="#ffffff">
+		<meta name="msapplication-TileImage" content="/inc/images/favicon/ms-icon-144x144.png">
+		<meta name="theme-color" content="#ffffff">
 		<script>
 			FontAwesomeConfig = { searchPseudoElements: true, observeMutations: false };
 		</script>
@ -14,7 +31,7 @@
 		<link href="/inc/awesome.css" rel="stylesheet">
 		<link href="/inc/style.css" rel="stylesheet">
 		<link href="/inc/nprogress.css" rel="stylesheet">
-		<link rel="stylesheet" href="/inc/jquery-ui.css">
+		<link href="/inc/jquery-ui.css" rel="stylesheet">
 		<script src="/inc/jquery-1.12.4.js"></script>
 		<script src="/inc/jquery-ui.js"></script>
 		<script src="/inc/js-cookie.js"></script>
@ -243,7 +260,7 @@
 			<div class="footer-div">
 				<a href="https://github.com/Aidaho12/haproxy-wi/" class="footer-link" target="_blank">Github</a>
 				<a href="https://github.com/Aidaho12/haproxy-wi/issues" class="footer-link" target="_blank">Help</a>
-				<a href="https://github.com/Aidaho12" class="footer-link" target="_blank">Contact</a>
+				<a href="https://haproxy-wi.org/contacts.py" class="footer-link" target="_blank">Contact</a>
 				<a href="http://haproxy-wi.org" class="footer-link" target="_blank">About</a>
 			</div>
 		</div>
--- a/inc/add.js
+++ b/inc/add.js
@ -928,6 +928,7 @@ function resetProxySettings() {
 	$('input:checkbox').checkboxradio("refresh");
 	$('.advance-show').fadeIn();
 	$('.advance').fadeOut();
+	$('[id^=https-hide]').hide();
 	$('[name=mode').val('http');
 	$('select').selectmenu('refresh');
 	replace_text("#optionsInput", ssl_offloading_var);
--- a/inc/images/favicon/android-icon-144x144.png
+++ b/inc/images/favicon/android-icon-144x144.png
--- a/inc/images/favicon/android-icon-192x192.png
+++ b/inc/images/favicon/android-icon-192x192.png
--- a/inc/images/favicon/android-icon-36x36.png
+++ b/inc/images/favicon/android-icon-36x36.png
--- a/inc/images/favicon/android-icon-48x48.png
+++ b/inc/images/favicon/android-icon-48x48.png
--- a/inc/images/favicon/android-icon-72x72.png
+++ b/inc/images/favicon/android-icon-72x72.png
--- a/inc/images/favicon/android-icon-96x96.png
+++ b/inc/images/favicon/android-icon-96x96.png
--- a/inc/images/favicon/apple-icon-114x114.png
+++ b/inc/images/favicon/apple-icon-114x114.png
--- a/inc/images/favicon/apple-icon-120x120.png
+++ b/inc/images/favicon/apple-icon-120x120.png
--- a/inc/images/favicon/apple-icon-144x144.png
+++ b/inc/images/favicon/apple-icon-144x144.png
--- a/inc/images/favicon/apple-icon-152x152.png
+++ b/inc/images/favicon/apple-icon-152x152.png
--- a/inc/images/favicon/apple-icon-180x180.png
+++ b/inc/images/favicon/apple-icon-180x180.png
--- a/inc/images/favicon/apple-icon-57x57.png
+++ b/inc/images/favicon/apple-icon-57x57.png
--- a/inc/images/favicon/apple-icon-60x60.png
+++ b/inc/images/favicon/apple-icon-60x60.png
--- a/inc/images/favicon/apple-icon-72x72.png
+++ b/inc/images/favicon/apple-icon-72x72.png
--- a/inc/images/favicon/apple-icon-76x76.png
+++ b/inc/images/favicon/apple-icon-76x76.png
--- a/inc/images/favicon/apple-icon-precomposed.png
+++ b/inc/images/favicon/apple-icon-precomposed.png
--- a/inc/images/favicon/apple-icon.png
+++ b/inc/images/favicon/apple-icon.png
--- a/inc/images/favicon/browserconfig.xml
+++ b/inc/images/favicon/browserconfig.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8"?>
+<browserconfig><msapplication><tile><square70x70logo src="/ms-icon-70x70.png"/><square150x150logo src="/ms-icon-150x150.png"/><square310x310logo src="/ms-icon-310x310.png"/><TileColor>#ffffff</TileColor></tile></msapplication></browserconfig>
--- a/inc/images/favicon/favicon-16x16.png
+++ b/inc/images/favicon/favicon-16x16.png
--- a/inc/images/favicon/favicon-32x32.png
+++ b/inc/images/favicon/favicon-32x32.png
--- a/inc/images/favicon/favicon-96x96.png
+++ b/inc/images/favicon/favicon-96x96.png
--- a/inc/images/favicon/favicon.ico
+++ b/inc/images/favicon/favicon.ico
--- a/inc/images/favicon/manifest.json
+++ b/inc/images/favicon/manifest.json
@ -0,0 +1,41 @@
+{
+ "name": "App",
+ "icons": [
+  {
+   "src": "\/android-icon-36x36.png",
+   "sizes": "36x36",
+   "type": "image\/png",
+   "density": "0.75"
+  },
+  {
+   "src": "\/android-icon-48x48.png",
+   "sizes": "48x48",
+   "type": "image\/png",
+   "density": "1.0"
+  },
+  {
+   "src": "\/android-icon-72x72.png",
+   "sizes": "72x72",
+   "type": "image\/png",
+   "density": "1.5"
+  },
+  {
+   "src": "\/android-icon-96x96.png",
+   "sizes": "96x96",
+   "type": "image\/png",
+   "density": "2.0"
+  },
+  {
+   "src": "\/android-icon-144x144.png",
+   "sizes": "144x144",
+   "type": "image\/png",
+   "density": "3.0"
+  },
+  {
+   "src": "\/android-icon-192x192.png",
+   "sizes": "192x192",
+   "type": "image\/png",
+   "density": "4.0"
+  }
+ ]
+}
--- a/inc/images/favicon/ms-icon-144x144.png
+++ b/inc/images/favicon/ms-icon-144x144.png
--- a/inc/images/favicon/ms-icon-150x150.png
+++ b/inc/images/favicon/ms-icon-150x150.png
--- a/inc/images/favicon/ms-icon-310x310.png
+++ b/inc/images/favicon/ms-icon-310x310.png
--- a/inc/images/favicon/ms-icon-70x70.png
+++ b/inc/images/favicon/ms-icon-70x70.png
--- a/inc/images/loading.gif
+++ b/inc/images/loading.gif
--- a/inc/metrics.js
+++ b/inc/metrics.js
@ -7,10 +7,8 @@ function getChartData(server) {
 			token: $('#token').val()
 		},
 		type: "GET",
-        success: function (result) {
-     
+        success: function (result) {    
            var data = [];
-
            data.push(result.chartData.curr_con);
            data.push(result.chartData.curr_ssl_con);
            data.push(result.chartData.sess_rate);
@ -133,9 +131,20 @@ function renderWafChart(data, labels, server) {
 $("#secIntervals").css("display", "none");	

 function loadMetrics() {
-	$.get( "options.py?table_metrics=1&token="+$('#token').val(), function( data ) {
-		$( "#table_metrics" ).html( data );
-	});
+	 $.ajax({
+        url: "options.py",
+		data: {
+			table_metrics: '1',
+			token: $('#token').val()
+		},
+		beforeSend: function() {
+			$('#table_metrics').prepend('<img class="loading_full_page" src="/inc/images/loading.gif" />')
+		},
+		type: "GET",
+        success: function (data) {   
+           $( "#table_metrics" ).html( data );
+        }
+    });
 }


--- a/inc/script.js
+++ b/inc/script.js
@ -198,6 +198,9 @@ function showOverview() {
 			act: "overview",
 			token: $('#token').val()
 		},
+		beforeSend: function() {
+			$('#ajaxstatus').html('<img class="loading" src="/inc/images/loading.gif" />')
+		},
 		type: "GET",
 		success: function( data ) {
 			$("#ajaxstatus").empty();
@ -218,6 +221,9 @@ function showOverviewServer(name,ip,id) {
 			page: 'hapservers.py',
 			token: $('#token').val()
 		},
+		beforeSend: function() {
+			$("#ajax-server-"+id).html('<img class="loading" src="/inc/images/loading.gif" />')
+		},
 		type: "GET",
 		success: function( data ) {
 			$("#ajax-server-"+id).empty();
@ -255,6 +261,14 @@ function showOverviewWaf() {
 			page: cur_url[0],
 			token: $('#token').val()
 		},
+		beforeSend: function() {
+			if (cur_url[0] == "waf.py") {
+				var load_class = 'loading_full_page'
+			} else {
+				var load_class = 'loading'
+			}
+			$('#ajaxwafstatus').html('<img class="'+load_class+'" src="/inc/images/loading.gif" />')
+		},
 		type: "GET",
 		success: function( data ) {
 			$("#ajaxwafstatus").empty();
@ -277,6 +291,9 @@ function showOverviewServers() {
 			act: "overviewServers",
 			token: $('#token').val()
 		},
+		beforeSend: function() {
+			$('#ajaxservers').html('<img class="loading" src="/inc/images/loading.gif" />')
+		},
 		type: "GET",
 		success: function( data ) {
 			$("#ajaxservers").html(data);
@ -290,6 +307,9 @@ function showOverviewHapWI() {
 			act: "overviewHapwi",
 			token: $('#token').val()
 		},
+		beforeSend: function() {
+			$('#ajaxHapwi').html('<img class="loading_hapwi_overview" src="/inc/images/loading.gif" />')
+		},
 		type: "GET",
 		success: function( data ) {
 			$("#ajaxHapwi").html(data);
@ -307,7 +327,7 @@ function showStats() {
 		type: "GET",
 		success: function( data ) {
 			$("#ajax").html(data);			
-			// window.history.pushState("Stats", "Stats", cur_url[0]+"?serv="+$("#serv").val());
+			window.history.pushState("Stats", "Stats", cur_url[0]+"?serv="+$("#serv").val());
 			wait();
 		}					
 	} );
--- a/inc/style.css
+++ b/inc/style.css
@ -309,7 +309,7 @@ pre {
 	font-size: 13px !important;
 }
 .advance-show  a{
-	color: #9d9d9d !important;
+	color: #23527c !important;
 }
 .addButton {
 	padding-top: 15px;
@ -810,6 +810,10 @@ label {
  #logo_span {
 	margin-left: 17%;
 	}	
+	.chart-container {
+		height: 290px;
+		width: 32.4%;
+	}
 }
@media (max-width: 1080px) {
 	#logo_span {
@ -869,3 +873,23 @@ label {
 		max-width: 95%;
 	}
 }
+.loading, .loading_full_page, .loading_hapwi_overview {
+	width: 100px;
+	height: 100px;
+	margin-left: 100%;
+}
+.loading_full_page {
+	margin-left: 45%;
+}
+.loading_hapwi_overview{
+	margin-left: 40%;
+}
+.tooltip {
+	font-size: 12px; 
+	padding-bottom: 10px;
+}
+.tooltipTop {
+	margin-bottom: -20px; 
+	padding-top: 10px;
+	color: #9d9d9d;
+}
--- a/inc/users.js
+++ b/inc/users.js
@ -770,7 +770,8 @@ function cloneServer(id) {
 	$('#slavefor').selectmenu("refresh");
 	$('#credentials').val($('#credentials-'+id+' option:selected').val()).change()
 	$('#credentials').selectmenu("refresh");
-	if (cur_url[0] == 'users.py') {
+	cur_url = cur_url[0].split('#')[0]
+	if (cur_url == 'users.py') {
 		$('#new-server-group-add').val($('#servergroup-'+id+' option:selected').val()).change()
 		$('#new-server-group-add').selectmenu("refresh");
 	}
@ -785,7 +786,8 @@ function cloneUser(id) {
 	$('#activeuser').checkboxradio("refresh");
 	$('#new-role').val($('#role-'+id+' option:selected').val()).change()
 	$('#new-role').selectmenu("refresh");
-	if (cur_url[0] == 'users.py') {
+	cur_url = cur_url[0].split('#')[0]
+	if (cur_url == 'users.py') {
 		$('#new-group').val($('#usergroup-'+id+' option:selected').val()).change();
 		$('#new-group').selectmenu("refresh");
 	}
@ -1191,7 +1193,6 @@ function changeUserPasswordDialog(id) {
 				effect: "fade",
 				duration: 200
 			},
-			// beforeClose: function( event, ui ) {return changeUserPassword(id);},
 			buttons: {
 				"Change": function() {	
 					changeUserPassword(id, $(this));