function onBeforeUpdate() { global $app, $conf, $interfaceConf; // check if the username is not blacklisted $blacklist = file(ISPC_LIB_PATH . '/shelluser_blacklist'); foreach ($blacklist as $line) { if (strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) { $app->tform->errorMessage .= 'The username is not allowed.'; } } unset($blacklist); /* * If the names should be restricted -> do it! */ if ($app->tform->errorMessage == '') { /* * If the names should be restricted -> do it! */ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); // $shelluser_prefix = ($global_config['shelluser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['shelluser_prefix']); $shelluser_prefix = replacePrefix($global_config['shelluser_prefix'], $this->dataRecord); /* restrict the names */ $this->dataRecord['username'] = $shelluser_prefix . $this->dataRecord['username']; } }
function onBeforeInsert() { global $app, $conf, $interfaceConf; /* * If the names should be restricted -> do it! */ if ($app->tform->errorMessage == '') { $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); $webdavuser_prefix = replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord); /* restrict the names */ $this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username']; /* * We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule needs */ $hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]); $this->dataRecord["password"] = $hash; /* * Get the data of the domain, owning the webdav user */ $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = " . intval($this->dataRecord["parent_domain_id"])); /* The server is the server of the domain */ $this->dataRecord["server_id"] = $web["server_id"]; /* The Webdav user shall be owned by the same group then the website */ $this->dataRecord["sys_groupid"] = $web['sys_groupid']; } parent::onBeforeInsert(); }
function onBeforeUpdate() { global $app, $conf, $interfaceConf; /* * If the names should be restricted -> do it! */ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); //$ftpuser_prefix = ($global_config['ftpuser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['ftpuser_prefix']); $ftpuser_prefix = replacePrefix($global_config['ftpuser_prefix'], $this->dataRecord); /* restrict the names */ if ($app->tform->errorMessage == '') { $this->dataRecord['username'] = $ftpuser_prefix . $this->dataRecord['username']; } }
function onBeforeInsert() { global $app, $conf, $interfaceConf; //* Database username and database name shall not be empty if ($this->dataRecord['database_name'] == '') { $app->tform->errorMessage .= $app->tform->wordbook["database_name_error_empty"] . '<br />'; } if ($this->dataRecord['database_user'] == '') { $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"] . '<br />'; } //* Get the database name and database user prefix $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); $dbname_prefix = replacePrefix($global_config['dbname_prefix'], $this->dataRecord); $dbuser_prefix = replacePrefix($global_config['dbuser_prefix'], $this->dataRecord); if (strlen($dbname_prefix . $this->dataRecord['database_name']) > 64) { $app->tform->errorMessage .= str_replace('{db}', $dbname_prefix . $this->dataRecord['database_name'], $app->tform->wordbook["database_name_error_len"]) . '<br />'; } if (strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) { $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]) . '<br />'; } //* Check database name and user against blacklist $dbname_blacklist = array($conf['db_database'], 'mysql'); if (in_array($dbname_prefix . $this->dataRecord['database_name'], $dbname_blacklist)) { $app->tform->errorMessage .= $app->lng('Database name not allowed.') . '<br />'; } $dbuser_blacklist = array($conf['db_user'], 'mysql', 'root'); if (in_array($dbname_prefix . $this->dataRecord['database_user'], $dbname_blacklist)) { $app->tform->errorMessage .= $app->lng('Database user not allowed.') . '<br />'; } /* restrict the names */ /* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */ if ($app->tform->errorMessage == '') { $this->dataRecord['database_name'] = substr($dbname_prefix . $this->dataRecord['database_name'], 0, 64); $this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16); } //* Check for duplicates $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = '" . $this->dataRecord['database_name'] . "' AND server_id = '" . $this->dataRecord["server_id"] . "'"); if ($tmp['dbnum'] > 0) { $app->tform->errorMessage .= $app->tform->lng('database_name_error_unique') . '<br />'; } parent::onBeforeInsert(); }