function onShowEnd()
 {
     global $app, $conf;
     $rec = $app->tform->getDataRecord($_SESSION['s']['user']['mailuser_id']);
     $app->tpl->setVar("email", $rec['email']);
     parent::onShowEnd();
 }
Beispiel #2
0
 function onSubmit()
 {
     global $app, $conf;
     // Check the client limits, if user is not the admin
     if ($_SESSION["s"]["user"]["typ"] != 'admin') {
         // if user is not admin
         // Get the limits of the client
         $client_group_id = $_SESSION["s"]["user"]["default_group"];
         $client = $app->db->queryOneRecord("SELECT limit_fetchmail FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         // Check if the user may add another transport.
         if ($this->id == 0 && $client["limit_fetchmail"] >= 0) {
             $tmp = $app->db->queryOneRecord("SELECT count(mailget_id) as number FROM mail_get WHERE sys_groupid = {$client_group_id}");
             if ($tmp["number"] >= $client["limit_fetchmail"]) {
                 $app->tform->errorMessage .= $app->tform->wordbook["limit_fetchmail_txt"] . "<br>";
             }
             unset($tmp);
         }
     }
     // end if user is not admin
     // Set the server ID according to the selected destination
     $tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '" . $app->db->quote($this->dataRecord["destination"]) . "'");
     $this->dataRecord["server_id"] = $tmp["server_id"];
     unset($tmp);
     parent::onSubmit();
 }
 function onShowEnd()
 {
     global $app, $conf;
     $rec = $app->tform->getDataRecord($this->id);
     $app->tpl->setVar("email", $rec['email']);
     parent::onShowEnd();
 }
 function onShow()
 {
     global $app;
     // Translate the items, very bad trick... :( because the language file is not loaded yet when the form file gets parsed
     foreach ($app->tform->formDef["tabs"]['remote_user']['fields']['remote_functions']['value'] as $key => $val) {
         $app->tform->formDef["tabs"]['remote_user']['fields']['remote_functions']['value'][$key] = $app->tform->lng($val) . '<br>';
     }
     parent::onShow();
 }
 function onSubmit()
 {
     global $app, $conf;
     // Get the record of the parent domain
     $parent_domain = $app->db->queryOneRecord("select server_id FROM web_domain WHERE domain_id = " . intval(@$this->dataRecord["parent_domain_id"]));
     // Set a few fixed values
     $this->dataRecord["server_id"] = $parent_domain["server_id"];
     parent::onSubmit();
 }
 function onSubmit()
 {
     global $app, $conf;
     // Get the record of the parent domain
     $folder = $app->db->queryOneRecord("select server_id FROM web_folder WHERE web_folder_id = " . $app->functions->intval(@$this->dataRecord["web_folder_id"]));
     // Set a few fixed values
     $this->dataRecord["server_id"] = $folder["server_id"];
     parent::onSubmit();
 }
Beispiel #7
0
 function onSubmit()
 {
     global $app;
     //* We do not want to mirror the the server itself
     if ($this->id == $this->dataRecord['mirror_server_id']) {
         $this->dataRecord['mirror_server_id'] = 0;
     }
     parent::onSubmit();
 }
 function onSubmit()
 {
     global $app;
     //* Resellers shall not be able to create another reseller or set reseller specific settings
     if ($_SESSION["s"]["user"]["typ"] == 'user') {
         $this->dataRecord['limit_client'] = 0;
         $this->dataRecord['limit_domainmodule'] = 0;
     }
     parent::onSubmit();
 }
 function onShowEnd()
 {
     global $app;
     // Is autoresponder set?
     if ($this->dataRecord['autoresponder'] == 'y') {
         $app->tpl->setVar("ar_active", 'checked="checked"');
     } else {
         $app->tpl->setVar("ar_active", '');
     }
     parent::onShowEnd();
 }
 function onShow()
 {
     global $app, $conf;
     //* We do not want that messages get edited, so we switch to a
     //*  read only template  if a existing message is loaded
     if ($this->id > 0) {
         $app->tform->formDef['tabs']['message']['template'] = 'templates/support_message_view.htm';
     }
     //* call the onShow function of the parent class
     parent::onShow();
 }
Beispiel #11
0
 function onDelete()
 {
     global $app, $conf, $list_def_file, $tform_def_file;
     // Loading tform framework
     if (!is_object($app->tform)) {
         $app->uses('tform');
     }
     if ($_POST["confirm"] == 'yes') {
         parent::onDelete();
     } else {
         $app->uses('tpl');
         $app->tpl->newTemplate("form.tpl.htm");
         $app->tpl->setInclude('content_tpl', 'templates/client_del.htm');
         include_once $list_def_file;
         // Load table definition from file
         $app->tform->loadFormDef($tform_def_file);
         $this->id = $app->functions->intval($_REQUEST["id"]);
         $this->dataRecord = $app->tform->getDataRecord($this->id);
         $client_id = $app->functions->intval($this->dataRecord['client_id']);
         //$parent_client_id = $app->functions->intval($this->dataRecord['parent_client_id']);
         //$parent_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE client_id = $parent_client_id");
         $client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = {$client_id}");
         // Get all records (sub-clients, mail, web, etc....)  of this client.
         $tables = 'cron,client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain';
         $tables_array = explode(',', $tables);
         $client_group_id = $app->functions->intval($client_group['groupid']);
         $table_list = array();
         if ($client_group_id > 1) {
             foreach ($tables_array as $table) {
                 if ($table != '') {
                     $records = $app->db->queryAllRecords("SELECT * FROM {$table} WHERE sys_groupid = " . $client_group_id);
                     $number = count($records);
                     if ($number > 0) {
                         $table_list[] = array('table' => $table . "(" . $number . ")");
                     }
                 }
             }
         }
         $app->tpl->setVar('id', $this->id);
         $app->tpl->setVar('number_records', $number);
         $app->tpl->setLoop('records', $table_list);
         //* load language file
         $lng_file = 'lib/lang/' . $_SESSION['s']['language'] . '_client_del.lng';
         include $lng_file;
         $app->tpl->setVar($wb);
         $app->tpl_defaults();
         $app->tpl->pparse();
     }
 }
 function onSubmit()
 {
     global $app, $conf;
     // Get the record of the parent domain
     $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = " . intval(@$this->dataRecord["parent_domain_id"]));
     // Set a few fixed values
     $this->dataRecord["type"] = 'subdomain';
     $this->dataRecord["server_id"] = $parent_domain["server_id"];
     $this->dataRecord["domain"] = $this->dataRecord["domain"] . '.' . $parent_domain["domain"];
     $this->parent_domain_record = $parent_domain;
     //* make sure that the email domain is lowercase
     if (isset($this->dataRecord["domain"])) {
         $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
     }
     parent::onSubmit();
 }
 function onSubmit()
 {
     global $app;
     $app->uses('ini_parser,getconf');
     $section = $app->tform->getCurrentTab();
     $server_config_array = $app->getconf->get_global_config();
     $new_config = $app->tform->encode($this->dataRecord, $section);
     if ($section == 'mail') {
         if ($new_config['smtp_pass'] == '') {
             $new_config['smtp_pass'] = $server_config_array['smtp_pass'];
         }
         if ($new_config['smtp_enabled'] == 'y' && ($new_config['admin_mail'] == '' || $new_config['admin_name'] == '')) {
             $app->tform->errorMessage .= $app->tform->lng("smtp_missing_admin_mail_txt");
         }
     }
     parent::onSubmit();
 }
 function onSubmit()
 {
     global $app, $conf;
     // Get the record of the parent domain
     $folder = $app->db->queryOneRecord("select * FROM web_folder WHERE web_folder_id = " . $app->functions->intval(@$this->dataRecord["web_folder_id"]) . " AND " . $app->tform->getAuthSQL('r'));
     if (!$folder || $folder['web_folder_id'] != @$this->dataRecord['web_folder_id']) {
         $app->tform->errorMessage .= $app->tform->lng("no_folder_perm");
     }
     // Set a few fixed values
     $this->dataRecord["server_id"] = $folder["server_id"];
     // make sure this folder/user combination does not exist already
     if ($this->id > 0) {
         $user = $app->db->queryOneRecord("SELECT * FROM web_folder_user WHERE web_folder_id = " . $this->dataRecord['web_folder_id'] . " AND username = '******'username'] . "' AND web_folder_user_id != " . $this->id);
     } else {
         $user = $app->db->queryOneRecord("SELECT * FROM web_folder_user WHERE web_folder_id = " . $this->dataRecord['web_folder_id'] . " AND username = '******'username'] . "'");
     }
     if (is_array($user) && !empty($user)) {
         $app->tform->errorMessage .= $app->tform->lng('error_user_exists_already_txt');
     }
     parent::onSubmit();
 }
 function onSubmit()
 {
     global $app, $conf;
     // Check the client limits, if user is not the admin
     if ($_SESSION["s"]["user"]["typ"] != 'admin') {
         // if user is not admin
         // Get the limits of the client
         $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
         $client = $app->db->queryOneRecord("SELECT limit_spamfilter_policy FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         // Check if the user may add another mailbox.
         if ($this->id == 0 && $client["limit_spamfilter_policy"] >= 0) {
             $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM spamfilter_policy WHERE sys_groupid = {$client_group_id}");
             if ($tmp["number"] >= $client["limit_spamfilter_policy"]) {
                 $app->tform->errorMessage .= $app->tform->wordbook["limit_spamfilter_policy_txt"] . "<br>";
             }
             unset($tmp);
         }
     }
     // end if user is not admin
     parent::onSubmit();
 }
Beispiel #16
0
 function onSubmit()
 {
     global $app, $conf;
     // Get the record of the parent domain
     $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = " . $app->functions->intval(@$this->dataRecord["parent_domain_id"]) . " AND " . $app->tform->getAuthSQL('r'));
     if (!$parent_domain || $parent_domain['domain_id'] != @$this->dataRecord['parent_domain_id']) {
         $app->tform->errorMessage .= $app->tform->lng("no_domain_perm");
     }
     // Set a few fixed values
     $this->dataRecord["server_id"] = $parent_domain["server_id"];
     // make sure this folder isn't protected already
     if ($this->id > 0) {
         $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE parent_domain_id = " . $this->dataRecord['parent_domain_id'] . " AND path = '" . $this->dataRecord['path'] . "' AND web_folder_id != " . $this->id);
     } else {
         $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE parent_domain_id = " . $this->dataRecord['parent_domain_id'] . " AND path = '" . $this->dataRecord['path'] . "'");
     }
     if (is_array($folder) && !empty($folder)) {
         $app->tform->errorMessage .= $app->tform->lng('error_folder_already_protected_txt');
     }
     parent::onSubmit();
 }
 function onShowEnd()
 {
     global $app, $conf;
     //message variables
     $message_variables = '';
     $sql = "SHOW COLUMNS FROM client WHERE Field NOT IN ('client_id', 'sys_userid', 'sys_groupid', 'sys_perm_user', 'sys_perm_group', 'sys_perm_other', 'parent_client_id', 'id_rsa', 'ssh_rsa', 'created_at', 'default_mailserver', 'default_webserver', 'web_php_options', 'ssh_chroot', 'default_dnsserver', 'default_dbserver', 'template_master', 'template_additional', 'force_suexec', 'default_slave_dnsserver', 'usertheme', 'locked', 'canceled', 'can_use_api', 'tmp_data', 'customer_no_template', 'customer_no_start', 'customer_no_counter', 'added_date', 'added_by') AND Field NOT LIKE 'limit_%'";
     $field_names = $app->db->queryAllRecords($sql);
     if (!empty($field_names) && is_array($field_names)) {
         foreach ($field_names as $field_name) {
             if ($field_name['Field'] != '') {
                 if ($field_name['Field'] == 'gender') {
                     $message_variables .= '<a href="javascript:void(0);" class="addPlaceholder">{salutation}</a> ';
                 } else {
                     $message_variables .= '<a href="javascript:void(0);" class="addPlaceholder">{' . $field_name['Field'] . '}</a> ';
                 }
             }
         }
     }
     $app->tpl->setVar('message_variables', trim($message_variables));
     parent::onShowEnd();
 }
Beispiel #18
0
 function onAfterUpdate()
 {
     global $app;
     // username changed
     if ($conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
         $username = $app->db->quote($this->dataRecord["username"]);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET username = '******' WHERE client_id = {$client_id}";
         $app->db->query($sql);
         $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = {$client_id}");
         $app->db->datalogUpdate("sys_group", "name = '{$username}'", 'groupid', $tmp['groupid']);
         unset($tmp);
     }
     // password changed
     if ($conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
         $password = $app->db->quote($this->dataRecord["password"]);
         $salt = "\$1\$";
         $base64_alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
         for ($n = 0; $n < 8; $n++) {
             $salt .= $base64_alphabet[mt_rand(0, 63)];
         }
         $salt .= "\$";
         $password = crypt(stripslashes($password), $salt);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET passwort = '{$password}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     // language changed
     if ($conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
         $language = $app->db->quote($this->dataRecord["language"]);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET language = '{$language}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     // reseller status changed
     if (isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
         $modules = $conf['interface_modules_enabled'];
         if ($this->dataRecord["limit_client"] > 0) {
             $modules .= ',client';
         }
         $modules = $app->db->quote($modules);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET modules = '{$modules}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     /*
      *  If there is a client-template, process it */
     applyClientTemplates($this->id);
     parent::onAfterUpdate();
 }
Beispiel #19
0
 function onAfterUpdate()
 {
     global $app, $conf;
     // username changed
     if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
         $username = $app->db->quote($this->dataRecord["username"]);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET username = '******' WHERE client_id = {$client_id}";
         $app->db->query($sql);
         $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = {$client_id}");
         $app->db->datalogUpdate("sys_group", "name = '{$username}'", 'groupid', $tmp['groupid']);
         unset($tmp);
     }
     // password changed
     if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
         $password = $app->db->quote($this->dataRecord["password"]);
         $salt = "\$1\$";
         $base64_alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
         for ($n = 0; $n < 8; $n++) {
             $salt .= $base64_alphabet[mt_rand(0, 63)];
         }
         $salt .= "\$";
         $password = crypt(stripslashes($password), $salt);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET passwort = '{$password}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     if (!isset($this->dataRecord['locked'])) {
         $this->dataRecord['locked'] = 'n';
     }
     if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && $this->dataRecord["locked"] != $this->oldDataRecord['locked']) {
         /** lock all the things like web, mail etc. - easy to extend */
         // get tmp_data of client
         $client_data = $app->db->queryOneRecord('SELECT `tmp_data` FROM `client` WHERE `client_id` = ' . $this->id);
         if ($client_data['tmp_data'] == '') {
             $tmp_data = array();
         } else {
             $tmp_data = unserialize($client_data['tmp_data']);
         }
         if (!is_array($tmp_data)) {
             $tmp_data = array();
         }
         // database tables with their primary key columns
         $to_disable = array('cron' => 'id', 'ftp_user' => 'ftp_user_id', 'mail_domain' => 'domain_id', 'mail_user' => 'mailuser_id', 'mail_user_smtp' => 'mailuser_id', 'mail_forwarding' => 'forwarding_id', 'mail_get' => 'mailget_id', 'openvz_vm' => 'vm_id', 'shell_user' => 'shell_user_id', 'webdav_user' => 'webdav_user_id', 'web_database' => 'database_id', 'web_domain' => 'domain_id', 'web_folder' => 'web_folder_id', 'web_folder_user' => 'web_folder_user_id');
         $udata = $app->db->queryOneRecord('SELECT `userid` FROM `sys_user` WHERE `client_id` = ' . $this->id);
         $gdata = $app->db->queryOneRecord('SELECT `groupid` FROM `sys_group` WHERE `client_id` = ' . $this->id);
         $sys_groupid = $gdata['groupid'];
         $sys_userid = $udata['userid'];
         $entries = array();
         if ($this->dataRecord['locked'] == 'y') {
             $prev_active = array();
             $prev_sysuser = array();
             foreach ($to_disable as $current => $keycolumn) {
                 $active_col = 'active';
                 $reverse = false;
                 if ($current == 'mail_user') {
                     $active_col = 'postfix';
                 } elseif ($current == 'mail_user_smtp') {
                     $current = 'mail_user';
                     $active_col = 'disablesmtp';
                     $reverse = true;
                 }
                 if (!isset($prev_active[$current])) {
                     $prev_active[$current] = array();
                 }
                 if (!isset($prev_sysuser[$current])) {
                     $prev_sysuser[$current] = array();
                 }
                 $entries = $app->db->queryAllRecords('SELECT `' . $keycolumn . '` as `id`, `sys_userid`, `' . $active_col . '` FROM `' . $current . '` WHERE `sys_groupid` = ' . $sys_groupid);
                 foreach ($entries as $item) {
                     if ($item[$active_col] != 'y' && $reverse == false) {
                         $prev_active[$current][$item['id']][$active_col] = 'n';
                     } elseif ($item[$active_col] == 'y' && $reverse == true) {
                         $prev_active[$current][$item['id']][$active_col] = 'y';
                     }
                     if ($item['sys_userid'] != $sys_userid) {
                         $prev_sysuser[$current][$item['id']] = $item['sys_userid'];
                     }
                     // we don't have to store these if y, as everything without previous state gets enabled later
                     $app->db->datalogUpdate($current, array($active_col => $reverse == true ? 'y' : 'n', 'sys_userid' => $_SESSION["s"]["user"]["userid"]), $keycolumn, $item['id']);
                 }
             }
             $tmp_data['prev_active'] = $prev_active;
             $tmp_data['prev_sys_userid'] = $prev_sysuser;
             $app->db->query("UPDATE `client` SET `tmp_data` = '" . $app->db->quote(serialize($tmp_data)) . "' WHERE `client_id` = " . $this->id);
             unset($prev_active);
             unset($prev_sysuser);
         } elseif ($this->dataRecord['locked'] == 'n') {
             foreach ($to_disable as $current => $keycolumn) {
                 $active_col = 'active';
                 $reverse = false;
                 if ($current == 'mail_user') {
                     $active_col = 'postfix';
                 } elseif ($current == 'mail_user_smtp') {
                     $current = 'mail_user';
                     $active_col = 'disablesmtp';
                     $reverse = true;
                 }
                 $entries = $app->db->queryAllRecords('SELECT `' . $keycolumn . '` as `id` FROM `' . $current . '` WHERE `sys_groupid` = ' . $sys_groupid);
                 foreach ($entries as $item) {
                     $set_active = $reverse == true ? 'n' : 'y';
                     $set_inactive = $reverse == true ? 'y' : 'n';
                     $set_sysuser = $sys_userid;
                     if (array_key_exists('prev_active', $tmp_data) == true && array_key_exists($current, $tmp_data['prev_active']) == true && array_key_exists($item['id'], $tmp_data['prev_active'][$current]) == true && $tmp_data['prev_active'][$current][$item['id']][$active_col] == $set_inactive) {
                         $set_active = $set_inactive;
                     }
                     if (array_key_exists('prev_sysuser', $tmp_data) == true && array_key_exists($current, $tmp_data['prev_sysuser']) == true && array_key_exists($item['id'], $tmp_data['prev_sysuser'][$current]) == true && $tmp_data['prev_sysuser'][$current][$item['id']] != $sys_userid) {
                         $set_sysuser = $tmp_data['prev_sysuser'][$current][$item['id']];
                     }
                     $app->db->datalogUpdate($current, array($active_col => $set_active, 'sys_userid' => $set_sysuser), $keycolumn, $item['id']);
                 }
             }
             if (array_key_exists('prev_active', $tmp_data)) {
                 unset($tmp_data['prev_active']);
             }
             $app->db->query("UPDATE `client` SET `tmp_data` = '" . $app->db->quote(serialize($tmp_data)) . "' WHERE `client_id` = " . $this->id);
         }
         unset($tmp_data);
         unset($entries);
         unset($to_disable);
     }
     if (!isset($this->dataRecord['canceled'])) {
         $this->dataRecord['canceled'] = 'n';
     }
     if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && $this->dataRecord["canceled"] != $this->oldDataRecord['canceled']) {
         if ($this->dataRecord['canceled'] == 'y') {
             $sql = "UPDATE sys_user SET active = '0' WHERE client_id = " . $this->id;
             $app->db->query($sql);
         } elseif ($this->dataRecord['canceled'] == 'n') {
             $sql = "UPDATE sys_user SET active = '1' WHERE client_id = " . $this->id;
             $app->db->query($sql);
         }
     }
     // language changed
     if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
         $language = $app->db->quote($this->dataRecord["language"]);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET language = '{$language}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     //* reseller status changed
     if (isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
         $modules = $conf['interface_modules_enabled'];
         if ($this->dataRecord["limit_client"] > 0) {
             $modules .= ',client';
         }
         $modules = $app->db->quote($modules);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET modules = '{$modules}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     //* Client has been moved to another reseller
     if ($_SESSION['s']['user']['typ'] == 'admin' && isset($this->dataRecord['parent_client_id']) && $this->dataRecord['parent_client_id'] != $this->oldDataRecord['parent_client_id']) {
         //* Get groupid of the client
         $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = " . intval($this->id));
         $groupid = $tmp['groupid'];
         unset($tmp);
         //* Remove sys_user of old reseller from client group
         if ($this->oldDataRecord['parent_client_id'] > 0) {
             //* get userid of the old reseller remove it from the group of the client
             $tmp = $app->db->queryOneRecord("SELECT sys_user.userid FROM sys_user,sys_group WHERE sys_user.default_group = sys_group.groupid AND sys_group.client_id = " . $app->functions->intval($this->oldDataRecord['parent_client_id']));
             $app->auth->remove_group_from_user($tmp['userid'], $groupid);
             unset($tmp);
         }
         //* Add sys_user of new reseller to client group
         if ($this->dataRecord['parent_client_id'] > 0) {
             //* get userid of the reseller and add it to the group of the client
             $tmp = $app->db->queryOneRecord("SELECT sys_user.userid, sys_user.default_group FROM sys_user,sys_group WHERE sys_user.default_group = sys_group.groupid AND sys_group.client_id = " . $app->functions->intval($this->dataRecord['parent_client_id']));
             $app->auth->add_group_to_user($tmp['userid'], $groupid);
             $app->db->query("UPDATE client SET sys_userid = " . $app->functions->intval($tmp['userid']) . ", sys_groupid = " . $app->functions->intval($tmp['default_group']) . ", parent_client_id = " . $app->functions->intval($this->dataRecord['parent_client_id']) . " WHERE client_id = " . $this->id);
             unset($tmp);
         } else {
             //* Client is not assigned to a reseller anymore, so we assign it to the admin
             $app->db->query("UPDATE client SET sys_userid = 1, sys_groupid = 1, parent_client_id = 0 WHERE client_id = " . $this->id);
         }
     }
     if (isset($this->dataRecord['template_master'])) {
         $app->uses('client_templates');
         $app->client_templates->update_client_templates($this->id, $this->_template_additional);
     }
     parent::onAfterUpdate();
 }
Beispiel #20
0
 function onSubmit()
 {
     global $app, $conf;
     /* check if the domain module is used - and check if the selected domain can be used! */
     if ($app->tform->getCurrentTab() == 'domain') {
         $app->uses('ini_parser,getconf');
         $settings = $app->getconf->get_global_config('domains');
         if ($settings['use_domain_module'] == 'y') {
             $domain_check = $app->tools_sites->checkDomainModuleDomain($this->dataRecord['domain']);
             if (!$domain_check) {
                 // invalid domain selected
                 $app->tform->errorMessage .= $app->tform->lng("domain_error_empty") . "<br />";
             } else {
                 $this->dataRecord['domain'] = $domain_check;
             }
         }
     }
     // nginx: if redirect type is proxy and redirect path is no URL, display error
     //if($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'],0,1) == '/'){
     // $app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
     //}
     // Set a few fixed values
     $this->dataRecord["parent_domain_id"] = 0;
     $this->dataRecord["type"] = 'vhost';
     $this->dataRecord["vhost_type"] = 'name';
     $read_limits = array('limit_cgi', 'limit_ssi', 'limit_perl', 'limit_ruby', 'limit_python', 'force_suexec', 'limit_hterror', 'limit_wildcard', 'limit_ssl');
     if ($_SESSION["s"]["user"]["typ"] != 'admin') {
         // Get the limits of the client
         $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
         $client = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_domain, default_webserver, parent_client_id, limit_web_quota, client." . implode(", client.", $read_limits) . " FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         if ($client['limit_cgi'] != 'y') {
             $this->dataRecord['cgi'] = 'n';
         }
         if ($client['limit_ssi'] != 'y') {
             $this->dataRecord['ssi'] = 'n';
         }
         if ($client['limit_perl'] != 'y') {
             $this->dataRecord['perl'] = 'n';
         }
         if ($client['limit_ruby'] != 'y') {
             $this->dataRecord['ruby'] = 'n';
         }
         if ($client['limit_python'] != 'y') {
             $this->dataRecord['python'] = 'n';
         }
         if ($client['force_suexec'] == 'y') {
             $this->dataRecord['suexec'] = 'y';
         }
         if ($client['limit_hterror'] != 'y') {
             $this->dataRecord['errordocs'] = 'n';
         }
         if ($client['limit_wildcard'] != 'y' && $this->dataRecord['subdomain'] == '*') {
             $this->dataRecord['subdomain'] = 'n';
         }
         if ($client['limit_ssl'] != 'y') {
             $this->dataRecord['ssl'] = 'n';
         }
         // only generate quota and traffic warnings if value has changed
         if ($this->id > 0) {
             $old_web_values = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = " . $app->functions->intval($this->id));
         } else {
             $old_web_values = array();
         }
         //* Check the website quota of the client
         if (isset($_POST["hd_quota"]) && $client["limit_web_quota"] >= 0 && $_POST["hd_quota"] != $old_web_values["hd_quota"]) {
             $tmp = $app->db->queryOneRecord("SELECT sum(hd_quota) as webquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND type = 'vhost' AND " . $app->tform->getAuthSQL('u'));
             $webquota = $tmp["webquota"];
             $new_web_quota = $app->functions->intval($this->dataRecord["hd_quota"]);
             if ($webquota + $new_web_quota > $client["limit_web_quota"] || $new_web_quota < 0 && $client["limit_web_quota"] >= 0) {
                 $max_free_quota = floor($client["limit_web_quota"] - $webquota);
                 if ($max_free_quota < 0) {
                     $max_free_quota = 0;
                 }
                 $app->tform->errorMessage .= $app->tform->lng("limit_web_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
                 // Set the quota field to the max free space
                 $this->dataRecord["hd_quota"] = $max_free_quota;
             }
             unset($tmp);
             unset($tmp_quota);
         }
         //* Check the traffic quota of the client
         if (isset($_POST["traffic_quota"]) && $client["limit_traffic_quota"] > 0 && $_POST["traffic_quota"] != $old_web_values["traffic_quota"]) {
             $tmp = $app->db->queryOneRecord("SELECT sum(traffic_quota) as trafficquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
             $trafficquota = $tmp["trafficquota"];
             $new_traffic_quota = $app->functions->intval($this->dataRecord["traffic_quota"]);
             if ($trafficquota + $new_traffic_quota > $client["limit_traffic_quota"] || $new_traffic_quota < 0 && $client["limit_traffic_quota"] >= 0) {
                 $max_free_quota = floor($client["limit_traffic_quota"] - $trafficquota);
                 if ($max_free_quota < 0) {
                     $max_free_quota = 0;
                 }
                 $app->tform->errorMessage .= $app->tform->lng("limit_traffic_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
                 // Set the quota field to the max free space
                 $this->dataRecord["traffic_quota"] = $max_free_quota;
             }
             unset($tmp);
             unset($tmp_quota);
         }
         if ($client['parent_client_id'] > 0) {
             // Get the limits of the reseller
             $reseller = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_domain, default_webserver, limit_web_quota FROM client WHERE client_id = " . $app->functions->intval($client['parent_client_id']));
             //* Check the website quota of the client
             if (isset($_POST["hd_quota"]) && $reseller["limit_web_quota"] >= 0 && $_POST["hd_quota"] != $old_web_values["hd_quota"]) {
                 $tmp = $app->db->queryOneRecord("SELECT sum(hd_quota) as webquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND type = 'vhost' AND " . $app->tform->getAuthSQL('u'));
                 $webquota = $tmp["webquota"];
                 $new_web_quota = $app->functions->intval($this->dataRecord["hd_quota"]);
                 if ($webquota + $new_web_quota > $reseller["limit_web_quota"] || $new_web_quota < 0 && $reseller["limit_web_quota"] >= 0) {
                     $max_free_quota = floor($reseller["limit_web_quota"] - $webquota);
                     if ($max_free_quota < 0) {
                         $max_free_quota = 0;
                     }
                     $app->tform->errorMessage .= $app->tform->lng("limit_web_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
                     // Set the quota field to the max free space
                     $this->dataRecord["hd_quota"] = $max_free_quota;
                 }
                 unset($tmp);
                 unset($tmp_quota);
             }
             //* Check the traffic quota of the client
             if (isset($_POST["traffic_quota"]) && $reseller["limit_traffic_quota"] > 0 && $_POST["traffic_quota"] != $old_web_values["traffic_quota"]) {
                 $tmp = $app->db->queryOneRecord("SELECT sum(traffic_quota) as trafficquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
                 $trafficquota = $tmp["trafficquota"];
                 $new_traffic_quota = $app->functions->intval($this->dataRecord["traffic_quota"]);
                 if ($trafficquota + $new_traffic_quota > $reseller["limit_traffic_quota"] || $new_traffic_quota < 0 && $reseller["limit_traffic_quota"] >= 0) {
                     $max_free_quota = floor($reseller["limit_traffic_quota"] - $trafficquota);
                     if ($max_free_quota < 0) {
                         $max_free_quota = 0;
                     }
                     $app->tform->errorMessage .= $app->tform->lng("limit_traffic_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
                     // Set the quota field to the max free space
                     $this->dataRecord["traffic_quota"] = $max_free_quota;
                 }
                 unset($tmp);
                 unset($tmp_quota);
             }
         }
         // When the record is updated
         if ($this->id > 0) {
             // restore the server ID if the user is not admin and record is edited
             $tmp = $app->db->queryOneRecord("SELECT server_id, `system_user`, `system_group`, `cgi`, `ssi`, `perl`, `ruby`, `python`, `suexec`, `errordocs`, `subdomain`, `ssl` FROM web_domain WHERE domain_id = " . $app->functions->intval($this->id));
             $this->dataRecord["server_id"] = $tmp["server_id"];
             $this->dataRecord['system_user'] = $tmp['system_user'];
             $this->dataRecord['system_group'] = $tmp['system_group'];
             // set the settings to current if not provided (or cleared due to limits)
             if ($this->dataRecord['cgi'] == 'n') {
                 $this->dataRecord['cgi'] = $tmp['cgi'];
             }
             if ($this->dataRecord['ssi'] == 'n') {
                 $this->dataRecord['ssi'] = $tmp['ssi'];
             }
             if ($this->dataRecord['perl'] == 'n') {
                 $this->dataRecord['perl'] = $tmp['perl'];
             }
             if ($this->dataRecord['ruby'] == 'n') {
                 $this->dataRecord['ruby'] = $tmp['ruby'];
             }
             if ($this->dataRecord['python'] == 'n') {
                 $this->dataRecord['python'] = $tmp['python'];
             }
             if ($this->dataRecord['suexec'] == 'n') {
                 $this->dataRecord['suexec'] = $tmp['suexec'];
             }
             if ($this->dataRecord['errordocs'] == 'n') {
                 $this->dataRecord['errordocs'] = $tmp['errordocs'];
             }
             if ($this->dataRecord['subdomain'] == 'n') {
                 $this->dataRecord['subdomain'] = $tmp['subdomain'];
             }
             if ($this->dataRecord['ssl'] == 'n') {
                 $this->dataRecord['ssl'] = $tmp['ssl'];
             }
             unset($tmp);
             // When the record is inserted
         } else {
             //* set the server ID to the default webserver of the client
             $this->dataRecord["server_id"] = $client["default_webserver"];
             // Check if the user may add another web_domain
             if ($client["limit_web_domain"] >= 0) {
                 $tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM web_domain WHERE sys_groupid = {$client_group_id} and type = 'vhost'");
                 if ($tmp["number"] >= $client["limit_web_domain"]) {
                     $app->error($app->tform->wordbook["limit_web_domain_txt"]);
                 }
             }
         }
         // Clients may not set the client_group_id, so we unset them if user is not a admin and the client is not a reseller
         if (!$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
             unset($this->dataRecord["client_group_id"]);
         }
     }
     //* make sure that the email domain is lowercase
     if (isset($this->dataRecord["domain"])) {
         $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
     }
     //* get the server config for this server
     $app->uses("getconf");
     if ($this->id > 0) {
         $web_rec = $app->tform->getDataRecord($this->id);
         $server_id = $web_rec["server_id"];
     } else {
         // Get the first server ID
         $tmp = $app->db->queryOneRecord("SELECT server_id FROM server WHERE web_server = 1 ORDER BY server_name LIMIT 0,1");
         $server_id = intval($tmp['server_id']);
     }
     $web_config = $app->getconf->get_server_config($app->functions->intval(isset($this->dataRecord["server_id"]) ? $this->dataRecord["server_id"] : $server_id), 'web');
     //* Check for duplicate ssl certs per IP if SNI is disabled
     if (isset($this->dataRecord['ssl']) && $this->dataRecord['ssl'] == 'y' && $web_config['enable_sni'] != 'y') {
         $sql = "SELECT count(domain_id) as number FROM web_domain WHERE `ssl` = 'y' AND ip_address = '" . $app->db->quote($this->dataRecord['ip_address']) . "' and domain_id != " . $this->id;
         $tmp = $app->db->queryOneRecord($sql);
         if ($tmp['number'] > 0) {
             $app->tform->errorMessage .= $app->tform->lng("error_no_sni_txt");
         }
     }
     // Check if pm.max_children >= pm.max_spare_servers >= pm.start_servers >= pm.min_spare_servers > 0
     if (isset($this->dataRecord['pm_max_children']) && $this->dataRecord['pm'] == 'dynamic') {
         if ($app->functions->intval($this->dataRecord['pm_max_children'], true) >= $app->functions->intval($this->dataRecord['pm_max_spare_servers'], true) && $app->functions->intval($this->dataRecord['pm_max_spare_servers'], true) >= $app->functions->intval($this->dataRecord['pm_start_servers'], true) && $app->functions->intval($this->dataRecord['pm_start_servers'], true) >= $app->functions->intval($this->dataRecord['pm_min_spare_servers'], true) && $app->functions->intval($this->dataRecord['pm_min_spare_servers'], true) > 0) {
         } else {
             $app->tform->errorMessage .= $app->tform->lng("error_php_fpm_pm_settings_txt") . '<br>';
         }
     }
     // Check rewrite rules
     $server_type = $web_config['server_type'];
     if ($server_type == 'nginx' && isset($this->dataRecord['rewrite_rules']) && trim($this->dataRecord['rewrite_rules']) != '') {
         $rewrite_rules = trim($this->dataRecord['rewrite_rules']);
         $rewrites_are_valid = true;
         // use this counter to make sure all curly brackets are properly closed
         $if_level = 0;
         // Make sure we only have Unix linebreaks
         $rewrite_rules = str_replace("\r\n", "\n", $rewrite_rules);
         $rewrite_rules = str_replace("\r", "\n", $rewrite_rules);
         $rewrite_rule_lines = explode("\n", $rewrite_rules);
         if (is_array($rewrite_rule_lines) && !empty($rewrite_rule_lines)) {
             foreach ($rewrite_rule_lines as $rewrite_rule_line) {
                 // ignore comments
                 if (substr(ltrim($rewrite_rule_line), 0, 1) == '#') {
                     continue;
                 }
                 // empty lines
                 if (trim($rewrite_rule_line) == '') {
                     continue;
                 }
                 // rewrite
                 if (preg_match('@^\\s*rewrite\\s+(^/)?\\S+(\\$)?\\s+\\S+(\\s+(last|break|redirect|permanent|))?\\s*;\\s*$@', $rewrite_rule_line)) {
                     continue;
                 }
                 if (preg_match('@^\\s*rewrite\\s+(^/)?(\'[^\']+\'|"[^"]+")+(\\$)?\\s+(\'[^\']+\'|"[^"]+")+(\\s+(last|break|redirect|permanent|))?\\s*;\\s*$@', $rewrite_rule_line)) {
                     continue;
                 }
                 if (preg_match('@^\\s*rewrite\\s+(^/)?(\'[^\']+\'|"[^"]+")+(\\$)?\\s+\\S+(\\s+(last|break|redirect|permanent|))?\\s*;\\s*$@', $rewrite_rule_line)) {
                     continue;
                 }
                 if (preg_match('@^\\s*rewrite\\s+(^/)?\\S+(\\$)?\\s+(\'[^\']+\'|"[^"]+")+(\\s+(last|break|redirect|permanent|))?\\s*;\\s*$@', $rewrite_rule_line)) {
                     continue;
                 }
                 // if
                 if (preg_match('@^\\s*if\\s+\\(\\s*\\$\\S+(\\s+(\\!?(=|~|~\\*))\\s+(\\S+|\\".+\\"))?\\s*\\)\\s*\\{\\s*$@', $rewrite_rule_line)) {
                     $if_level += 1;
                     continue;
                 }
                 // if - check for files, directories, etc.
                 if (preg_match('@^\\s*if\\s+\\(\\s*\\!?-(f|d|e|x)\\s+\\S+\\s*\\)\\s*\\{\\s*$@', $rewrite_rule_line)) {
                     $if_level += 1;
                     continue;
                 }
                 // break
                 if (preg_match('@^\\s*break\\s*;\\s*$@', $rewrite_rule_line)) {
                     continue;
                 }
                 // return code [ text ]
                 if (preg_match('@^\\s*return\\s+\\d\\d\\d.*;\\s*$@', $rewrite_rule_line)) {
                     continue;
                 }
                 // return code URL
                 // return URL
                 if (preg_match('@^\\s*return(\\s+\\d\\d\\d)?\\s+(http|https|ftp)\\://([a-zA-Z0-9\\.\\-]+(\\:[a-zA-Z0-9\\.&%\\$\\-]+)*\\@)*((25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9])\\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[0-9])|localhost|([a-zA-Z0-9\\-]+\\.)*[a-zA-Z0-9\\-]+\\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(\\:[0-9]+)*(/($|[a-zA-Z0-9\\.\\,\\?\'\\\\+&%\\$#\\=~_\\-]+))*\\s*;\\s*$@', $rewrite_rule_line)) {
                     continue;
                 }
                 // set
                 if (preg_match('@^\\s*set\\s+\\$\\S+\\s+\\S+\\s*;\\s*$@', $rewrite_rule_line)) {
                     continue;
                 }
                 // closing curly bracket
                 if (trim($rewrite_rule_line) == '}') {
                     $if_level -= 1;
                     continue;
                 }
                 $rewrites_are_valid = false;
                 break;
             }
         }
         if (!$rewrites_are_valid || $if_level != 0) {
             $app->tform->errorMessage .= $app->tform->lng("invalid_rewrite_rules_txt") . '<br>';
         }
     }
     // check custom php.ini settings
     if (isset($this->dataRecord['custom_php_ini']) && trim($this->dataRecord['custom_php_ini']) != '') {
         $custom_php_ini_settings = trim($this->dataRecord['custom_php_ini']);
         $custom_php_ini_settings_are_valid = true;
         // Make sure we only have Unix linebreaks
         $custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
         $custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
         $custom_php_ini_settings_lines = explode("\n", $custom_php_ini_settings);
         if (is_array($custom_php_ini_settings_lines) && !empty($custom_php_ini_settings_lines)) {
             foreach ($custom_php_ini_settings_lines as $custom_php_ini_settings_line) {
                 if (trim($custom_php_ini_settings_line) == '') {
                     continue;
                 }
                 if (substr(trim($custom_php_ini_settings_line), 0, 1) == ';') {
                     continue;
                 }
                 // empty value
                 if (preg_match('@^\\s*;*\\s*[a-zA-Z0-9._]*\\s*=\\s*;*\\s*$@', $custom_php_ini_settings_line)) {
                     continue;
                 }
                 // value inside ""
                 if (preg_match('@^\\s*;*\\s*[a-zA-Z0-9._]*\\s*=\\s*".*"\\s*;*\\s*$@', $custom_php_ini_settings_line)) {
                     continue;
                 }
                 // value inside ''
                 if (preg_match('@^\\s*;*\\s*[a-zA-Z0-9._]*\\s*=\\s*\'.*\'\\s*;*\\s*$@', $custom_php_ini_settings_line)) {
                     continue;
                 }
                 // everything else
                 if (preg_match('@^\\s*;*\\s*[a-zA-Z0-9._]*\\s*=\\s*[-a-zA-Z0-9~&=_\\@/,.#\\s|()]*\\s*;*\\s*$@', $custom_php_ini_settings_line)) {
                     continue;
                 }
                 $custom_php_ini_settings_are_valid = false;
                 break;
             }
         }
         if (!$custom_php_ini_settings_are_valid) {
             $app->tform->errorMessage .= $app->tform->lng("invalid_custom_php_ini_settings_txt") . '<br>';
         }
     }
     parent::onSubmit();
 }
 function onSubmit()
 {
     global $app, $conf;
     /* check if the domain module is used - and check if the selected domain can be used! */
     $app->uses('ini_parser,getconf');
     $settings = $app->getconf->get_global_config('domains');
     if ($settings['use_domain_module'] == 'y') {
         $domain_check = $app->tools_sites->checkDomainModuleDomain($this->dataRecord['domain']);
         if (!$domain_check) {
             // invalid domain selected
             $app->tform->errorMessage .= $app->tform->lng("domain_error_empty") . "<br />";
         } else {
             $this->dataRecord['domain'] = $domain_check;
         }
     }
     // nginx: if redirect type is proxy and redirect path is no URL, display error
     if ($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'], 0, 1) == '/') {
         $app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url") . "<br />";
     }
     // Get the record of the parent domain
     $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = " . $app->functions->intval(@$this->dataRecord["parent_domain_id"]));
     // Set a few fixed values
     $this->dataRecord["type"] = 'alias';
     $this->dataRecord["server_id"] = $parent_domain["server_id"];
     //$this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
     $this->parent_domain_record = $parent_domain;
     //* make sure that the domain is lowercase
     if (isset($this->dataRecord["domain"])) {
         $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
     }
     parent::onSubmit();
 }
 function onSubmit()
 {
     global $app, $conf;
     // Get the record of the parent domain
     if (!@$this->dataRecord["parent_domain_id"] && $this->id) {
         $tmp = $app->db->queryOneRecord("SELECT parent_domain_id FROM web_domain WHERE domain_id = " . $app->functions->intval($this->id));
         if ($tmp) {
             $this->dataRecord["parent_domain_id"] = $tmp['parent_domain_id'];
         }
         unset($tmp);
     }
     $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = " . $app->functions->intval(@$this->dataRecord["parent_domain_id"]));
     // Set a few fixed values
     $this->dataRecord["type"] = 'vhostsubdomain';
     $this->dataRecord["server_id"] = $parent_domain["server_id"];
     $this->dataRecord["ip_address"] = $parent_domain["ip_address"];
     $this->dataRecord["ipv6_address"] = $parent_domain["ipv6_address"];
     $this->dataRecord["client_group_id"] = $parent_domain["client_group_id"];
     $this->dataRecord["vhost_type"] = 'name';
     $this->parent_domain_record = $parent_domain;
     $read_limits = array('limit_cgi', 'limit_ssi', 'limit_perl', 'limit_ruby', 'limit_python', 'force_suexec', 'limit_hterror', 'limit_wildcard', 'limit_ssl');
     if ($app->tform->getCurrentTab() == 'domain') {
         /* check if the domain module is used - and check if the selected domain can be used! */
         $app->uses('ini_parser,getconf');
         $settings = $app->getconf->get_global_config('domains');
         if ($settings['use_domain_module'] == 'y') {
             $domain_check = $app->tools_sites->checkDomainModuleDomain($this->dataRecord['sel_domain']);
             if (!$domain_check) {
                 // invalid domain selected
                 $app->tform->errorMessage .= $app->tform->lng("domain_error_empty") . "<br />";
             } else {
                 $this->dataRecord['domain'] = $this->dataRecord['domain'] . '.' . $domain_check;
             }
         } else {
             $this->dataRecord["domain"] = $this->dataRecord["domain"] . '.' . $parent_domain["domain"];
         }
         $this->dataRecord['web_folder'] = strtolower($this->dataRecord['web_folder']);
         if (substr($this->dataRecord['web_folder'], 0, 1) === '/') {
             $this->dataRecord['web_folder'] = substr($this->dataRecord['web_folder'], 1);
         }
         if (substr($this->dataRecord['web_folder'], -1) === '/') {
             $this->dataRecord['web_folder'] = substr($this->dataRecord['web_folder'], 0, -1);
         }
         $forbidden_folders = array('', 'cgi-bin', 'log', 'private', 'ssl', 'tmp', 'webdav');
         $check_folder = strtolower($this->dataRecord['web_folder']);
         if (substr($check_folder, 0, 1) === '/') {
             $check_folder = substr($check_folder, 1);
         }
         // strip / at beginning to check against forbidden entries
         if (strpos($check_folder, '/') !== false) {
             $check_folder = substr($check_folder, 0, strpos($check_folder, '/'));
         }
         // get the first part of the path to check it
         if (in_array($check_folder, $forbidden_folders)) {
             $app->tform->errorMessage .= $app->tform->lng("web_folder_invalid_txt") . "<br>";
         }
         // check for duplicate folder usage
         /*
                     $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_domain` WHERE `type` = 'vhostsubdomain' AND `parent_domain_id` = '" . $app->functions->intval($this->dataRecord['parent_domain_id']) . "' AND `web_folder` = '" . $app->db->quote($this->dataRecord['web_folder']) . "' AND `domain_id` != '" . $app->functions->intval($this->id) . "'");
                     if($check && $check['cnt'] > 0) {
                         $app->tform->errorMessage .= $app->tform->lng("web_folder_unique_txt")."<br>";
                     }
         */
     } else {
         $this->dataRecord["domain"] = $this->dataRecord["domain"] . '.' . $parent_domain["domain"];
     }
     if ($_SESSION["s"]["user"]["typ"] != 'admin') {
         // Get the limits of the client
         $client_group_id = $_SESSION["s"]["user"]["default_group"];
         $client = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_subdomain, default_webserver, parent_client_id, limit_web_quota, client." . implode(", client.", $read_limits) . " FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         if ($client['limit_cgi'] != 'y') {
             $this->dataRecord['cgi'] = '-';
         }
         if ($client['limit_ssi'] != 'y') {
             $this->dataRecord['ssi'] = '-';
         }
         if ($client['limit_perl'] != 'y') {
             $this->dataRecord['perl'] = '-';
         }
         if ($client['limit_ruby'] != 'y') {
             $this->dataRecord['ruby'] = '-';
         }
         if ($client['limit_python'] != 'y') {
             $this->dataRecord['python'] = '-';
         }
         if ($client['force_suexec'] != 'n') {
             $this->dataRecord['suexec'] = '-';
         }
         if ($client['limit_hterror'] != 'y') {
             $this->dataRecord['errordocs'] = '-';
         }
         if ($client['limit_wildcard'] != 'y' && $this->dataRecord['subdomain'] == '*') {
             $this->dataRecord['subdomain'] = '-';
         }
         if ($client['limit_ssl'] != 'y') {
             $this->dataRecord['ssl'] = '-';
         }
         //* Check the website quota of the client
         if (isset($_POST["hd_quota"]) && $client["limit_web_quota"] >= 0) {
             $tmp = $app->db->queryOneRecord("SELECT sum(hd_quota) as webquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
             $webquota = $tmp["webquota"];
             $new_web_quota = $app->functions->intval($this->dataRecord["hd_quota"]);
             if ($webquota + $new_web_quota > $client["limit_web_quota"] || $new_web_quota < 0 && $client["limit_web_quota"] >= 0) {
                 $max_free_quota = floor($client["limit_web_quota"] - $webquota);
                 if ($max_free_quota < 0) {
                     $max_free_quota = 0;
                 }
                 $app->tform->errorMessage .= $app->tform->lng("limit_web_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
                 // Set the quota field to the max free space
                 $this->dataRecord["hd_quota"] = $max_free_quota;
             }
             unset($tmp);
             unset($tmp_quota);
         }
         //* Check the traffic quota of the client
         if (isset($_POST["traffic_quota"]) && $client["limit_traffic_quota"] > 0) {
             $tmp = $app->db->queryOneRecord("SELECT sum(traffic_quota) as trafficquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
             $trafficquota = $tmp["trafficquota"];
             $new_traffic_quota = $app->functions->intval($this->dataRecord["traffic_quota"]);
             if ($trafficquota + $new_traffic_quota > $client["limit_traffic_quota"] || $new_traffic_quota < 0 && $client["limit_traffic_quota"] >= 0) {
                 $max_free_quota = floor($client["limit_traffic_quota"] - $trafficquota);
                 if ($max_free_quota < 0) {
                     $max_free_quota = 0;
                 }
                 $app->tform->errorMessage .= $app->tform->lng("limit_traffic_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
                 // Set the quota field to the max free space
                 $this->dataRecord["traffic_quota"] = $max_free_quota;
             }
             unset($tmp);
             unset($tmp_quota);
         }
         if ($client['parent_client_id'] > 0) {
             // Get the limits of the reseller
             $reseller = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_subdomain, default_webserver, limit_web_quota FROM client WHERE client_id = " . $client['parent_client_id']);
             //* Check the website quota of the client
             if (isset($_POST["hd_quota"]) && $reseller["limit_web_quota"] >= 0) {
                 $tmp = $app->db->queryOneRecord("SELECT sum(hd_quota) as webquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
                 $webquota = $tmp["webquota"];
                 $new_web_quota = $app->functions->intval($this->dataRecord["hd_quota"]);
                 if ($webquota + $new_web_quota > $reseller["limit_web_quota"] || $new_web_quota < 0 && $reseller["limit_web_quota"] >= 0) {
                     $max_free_quota = floor($reseller["limit_web_quota"] - $webquota);
                     if ($max_free_quota < 0) {
                         $max_free_quota = 0;
                     }
                     $app->tform->errorMessage .= $app->tform->lng("limit_web_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
                     // Set the quota field to the max free space
                     $this->dataRecord["hd_quota"] = $max_free_quota;
                 }
                 unset($tmp);
                 unset($tmp_quota);
             }
             //* Check the traffic quota of the client
             if (isset($_POST["traffic_quota"]) && $reseller["limit_traffic_quota"] > 0) {
                 $tmp = $app->db->queryOneRecord("SELECT sum(traffic_quota) as trafficquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
                 $trafficquota = $tmp["trafficquota"];
                 $new_traffic_quota = $app->functions->intval($this->dataRecord["traffic_quota"]);
                 if ($trafficquota + $new_traffic_quota > $reseller["limit_traffic_quota"] || $new_traffic_quota < 0 && $reseller["limit_traffic_quota"] >= 0) {
                     $max_free_quota = floor($reseller["limit_traffic_quota"] - $trafficquota);
                     if ($max_free_quota < 0) {
                         $max_free_quota = 0;
                     }
                     $app->tform->errorMessage .= $app->tform->lng("limit_traffic_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
                     // Set the quota field to the max free space
                     $this->dataRecord["traffic_quota"] = $max_free_quota;
                 }
                 unset($tmp);
                 unset($tmp_quota);
             }
         }
         // When the record is updated
         if ($this->id > 0) {
             // restore the server ID if the user is not admin and record is edited
             $tmp = $app->db->queryOneRecord("SELECT server_id, `web_folder`, `cgi`, `ssi`, `perl`, `ruby`, `python`, `suexec`, `errordocs`, `subdomain`, `ssl` FROM web_domain WHERE domain_id = " . $app->functions->intval($this->id));
             $this->dataRecord['web_folder'] = $tmp['web_folder'];
             // cannot be changed!
             // set the settings to current if not provided (or cleared due to limits)
             if ($this->dataRecord['cgi'] == '-') {
                 $this->dataRecord['cgi'] = $tmp['cgi'];
             }
             if ($this->dataRecord['ssi'] == '-') {
                 $this->dataRecord['ssi'] = $tmp['ssi'];
             }
             if ($this->dataRecord['perl'] == '-') {
                 $this->dataRecord['perl'] = $tmp['perl'];
             }
             if ($this->dataRecord['ruby'] == '-') {
                 $this->dataRecord['ruby'] = $tmp['ruby'];
             }
             if ($this->dataRecord['python'] == '-') {
                 $this->dataRecord['python'] = $tmp['python'];
             }
             if ($this->dataRecord['suexec'] == '-') {
                 $this->dataRecord['suexec'] = $tmp['suexec'];
             }
             if ($this->dataRecord['errordocs'] == '-') {
                 $this->dataRecord['errordocs'] = $tmp['errordocs'];
             }
             if ($this->dataRecord['subdomain'] == '-') {
                 $this->dataRecord['subdomain'] = $tmp['subdomain'];
             }
             if ($this->dataRecord['ssl'] == '-') {
                 $this->dataRecord['ssl'] = $tmp['ssl'];
             }
             unset($tmp);
             // When the record is inserted
         } else {
             // Check if the user may add another web_domain
             if ($client["limit_web_subdomain"] >= 0) {
                 $tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM web_domain WHERE sys_groupid = {$client_group_id} and (type = 'subdomain' OR type = 'vhostsubdomain')");
                 if ($tmp["number"] >= $client["limit_web_subdomain"]) {
                     $app->error($app->tform->wordbook["limit_web_subdomain_txt"]);
                 }
             }
         }
     }
     //* make sure that the domain is lowercase
     if (isset($this->dataRecord["domain"])) {
         $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
     }
     //* get the server config for this server
     $app->uses("getconf");
     $web_config = $app->getconf->get_server_config($app->functions->intval(isset($this->dataRecord["server_id"]) ? $this->dataRecord["server_id"] : 0), 'web');
     //* Check for duplicate ssl certs per IP if SNI is disabled
     if (isset($this->dataRecord['ssl']) && $this->dataRecord['ssl'] == 'y' && $web_config['enable_sni'] != 'y') {
         $sql = "SELECT count(domain_id) as number FROM web_domain WHERE `ssl` = 'y' AND ip_address = '" . $app->db->quote($this->dataRecord['ip_address']) . "' and domain_id != " . $this->id;
         $tmp = $app->db->queryOneRecord($sql);
         if ($tmp['number'] > 0) {
             $app->tform->errorMessage .= $app->tform->lng("error_no_sni_txt");
         }
     }
     // Check if pm.max_children >= pm.max_spare_servers >= pm.start_servers >= pm.min_spare_servers > 0
     if (isset($this->dataRecord['pm_max_children']) && $this->dataRecord['pm'] == 'dynamic') {
         if ($app->functions->intval($this->dataRecord['pm_max_children'], true) >= $app->functions->intval($this->dataRecord['pm_max_spare_servers'], true) && $app->functions->intval($this->dataRecord['pm_max_spare_servers'], true) >= $app->functions->intval($this->dataRecord['pm_start_servers'], true) && $app->functions->intval($this->dataRecord['pm_start_servers'], true) >= $app->functions->intval($this->dataRecord['pm_min_spare_servers'], true) && $app->functions->intval($this->dataRecord['pm_min_spare_servers'], true) > 0) {
         } else {
             $app->tform->errorMessage .= $app->tform->lng("error_php_fpm_pm_settings_txt") . '<br>';
         }
     }
     parent::onSubmit();
 }
Beispiel #23
0
 function onSubmit()
 {
     global $app, $conf;
     // Get the parent soa record of the domain
     $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = '" . intval($_POST["zone"]) . "' AND " . $app->tform->getAuthSQL('r'));
     // Check if Domain belongs to user
     if ($soa["id"] != $_POST["zone"]) {
         $app->tform->errorMessage .= $app->tform->wordbook["no_zone_perm"];
     }
     // Check the client limits, if user is not the admin
     if ($_SESSION["s"]["user"]["typ"] != 'admin') {
         // if user is not admin
         // Get the limits of the client
         $client_group_id = $_SESSION["s"]["user"]["default_group"];
         $client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         // Check if the user may add another mailbox.
         if ($this->id == 0 && $client["limit_dns_record"] >= 0) {
             $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = {$client_group_id}");
             if ($tmp["number"] >= $client["limit_dns_record"]) {
                 $app->error($app->tform->wordbook["limit_dns_record_txt"]);
             }
         }
     }
     // end if user is not admin
     // Set the server ID of the rr record to the same server ID as the parent record.
     $this->dataRecord["server_id"] = $soa["server_id"];
     // Update the serial number  and timestamp of the RR record
     $soa = $app->db->queryOneRecord("SELECT serial FROM dns_rr WHERE id = " . $this->id);
     $this->dataRecord["serial"] = $app->validate_dns->increase_serial($soa["serial"]);
     $this->dataRecord["stamp"] = date('Y-m-d H:i:s');
     parent::onSubmit();
 }
Beispiel #24
0
 function onSubmit()
 {
     global $app, $conf;
     // Check if Domain belongs to user
     $domain = $app->db->queryOneRecord("SELECT server_id, domain FROM mail_domain WHERE domain = '" . $app->db->quote($_POST["email_domain"]) . "' AND " . $app->tform->getAuthSQL('r'));
     if ($domain["domain"] != $_POST["email_domain"]) {
         $app->tform->errorMessage .= $app->tform->wordbook["no_domain_perm"];
     }
     // Check the client limits, if user is not the admin
     if ($_SESSION["s"]["user"]["typ"] != 'admin') {
         // if user is not admin
         // Get the limits of the client
         $client_group_id = $_SESSION["s"]["user"]["default_group"];
         $client = $app->db->queryOneRecord("SELECT limit_mailalias FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         // Check if the user may add another mailbox.
         if ($this->id == 0 && $client["limit_mailalias"] >= 0) {
             $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE sys_groupid = {$client_group_id} AND type = 'alias'");
             if ($tmp["number"] >= $client["limit_mailalias"]) {
                 $app->tform->errorMessage .= $app->tform->wordbook["limit_mailalias_txt"] . "<br>";
             }
             unset($tmp);
         }
     }
     // end if user is not admin
     // compose the email field
     $this->dataRecord["source"] = $_POST["email_local_part"] . "@" . $_POST["email_domain"];
     // Set the server id of the mailbox = server ID of mail domain.
     $this->dataRecord["server_id"] = $domain["server_id"];
     unset($this->dataRecord["email_local_part"]);
     unset($this->dataRecord["email_domain"]);
     //* Check if there is no active mailbox with this address
     $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '" . $app->db->quote($this->dataRecord["source"]) . "'");
     if ($tmp['number'] > 0) {
         $app->tform->errorMessage .= $app->tform->lng("duplicate_mailbox_txt") . "<br>";
     }
     unset($tmp);
     parent::onSubmit();
 }
 function onShow()
 {
     global $app, $conf;
     //* We do not want that messages get edited, so we switch to a
     //*  read only template  if a existing message is loaded
     if ($this->id > 0) {
         $app->tform->formDef['tabs']['message']['template'] = 'templates/support_message_view.htm';
         $record = $app->db->queryOneRecord("SELECT * FROM support_message WHERE support_message_id = " . $this->id);
         if ($record['tstamp'] > 0) {
             // is value int?
             if (preg_match("/^[0-9]+[\\.]?[0-9]*\$/", $record['tstamp'], $p)) {
                 $record['tstamp'] = date($app->lng('conf_format_datetime'), $record['tstamp']);
             } else {
                 $record['tstamp'] = date($app->lng('conf_format_datetime'), strtotime($record['tstamp']));
             }
         }
         $app->tpl->setVar("date", $record['tstamp']);
         //die(print_r($this->dataRecord));
     }
     //* call the onShow function of the parent class
     parent::onShow();
 }
Beispiel #26
0
 function onBeforeInsert()
 {
     global $app, $conf, $interfaceConf;
     $app->uses('getconf,tools_sites');
     $global_config = $app->getconf->get_global_config('sites');
     $ftpuser_prefix = $app->tools_sites->replacePrefix($global_config['ftpuser_prefix'], $this->dataRecord);
     $this->dataRecord['username_prefix'] = $ftpuser_prefix;
     if ($app->tform->errorMessage == '') {
         $this->dataRecord['username'] = $ftpuser_prefix . $this->dataRecord['username'];
     }
     parent::onBeforeInsert();
 }
Beispiel #27
0
 function onAfterUpdate()
 {
     global $app, $conf;
     // username changed
     if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
         $username = $app->db->quote($this->dataRecord["username"]);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET username = '******' WHERE client_id = {$client_id}";
         $app->db->query($sql);
         $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = {$client_id}");
         $app->db->datalogUpdate("sys_group", "name = '{$username}'", 'groupid', $tmp['groupid']);
         unset($tmp);
     }
     // password changed
     if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
         $password = $app->db->quote($this->dataRecord["password"]);
         $client_id = $this->id;
         $salt = "\$1\$";
         $base64_alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
         for ($n = 0; $n < 8; $n++) {
             $salt .= $base64_alphabet[mt_rand(0, 63)];
         }
         $salt .= "\$";
         $password = crypt(stripslashes($password), $salt);
         $sql = "UPDATE sys_user SET passwort = '{$password}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     // language changed
     if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
         $language = $app->db->quote($this->dataRecord["language"]);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET language = '{$language}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     // ensure that a reseller is not converted to a client in demo mode when client_id <= 2
     if (isset($conf['demo_mode']) && $conf['demo_mode'] == true && $this->id <= 2) {
         if (isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != -1) {
             $app->db->query('UPDATE client set limit_client = -1 WHERE client_id = ' . $this->id);
         }
     }
     // reseller status changed
     if (isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
         $modules = $app->db->quote($conf['interface_modules_enabled'] . ',client');
         $modules = $app->db->quote($modules);
         $client_id = $this->id;
         $sql = "UPDATE sys_user SET modules = '{$modules}' WHERE client_id = {$client_id}";
         $app->db->query($sql);
     }
     if (isset($this->dataRecord['template_master'])) {
         $app->uses('client_templates');
         $app->client_templates->update_client_templates($this->id, $this->_template_additional);
     }
     parent::onAfterUpdate();
 }
Beispiel #28
0
 function onSubmit()
 {
     global $app, $conf;
     if ($_SESSION["s"]["user"]["typ"] != 'admin') {
         // Get the limits of the client
         $client_group_id = $_SESSION["s"]["user"]["default_group"];
         $client = $app->db->queryOneRecord("SELECT limit_dns_slave_zone, default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         // When the record is updated
         if ($this->id > 0) {
             // restore the server ID if the user is not admin and record is edited
             $tmp = $app->db->queryOneRecord("SELECT server_id FROM dns_slave WHERE id = " . intval($this->id));
             $this->dataRecord["server_id"] = $tmp["server_id"];
             unset($tmp);
             // When the record is inserted
         } else {
             // set the server ID to the default dnsserver of the client
             $this->dataRecord["server_id"] = $client["default_dnsserver"];
             // Check if the user may add anoter secondary domain.
             if (!$app->tform->checkClientLimit('limit_dns_slave_zone')) {
                 $app->error($app->tform->wordbook["limit_dns_slave_zone_txt"]);
             }
             if (!$app->tform->checkResellerLimit('limit_dns_slave_zone')) {
                 $app->error('Reseller: ' . $app->tform->wordbook["limit_dns_slave_zone_txt"]);
             }
         }
     }
     //* Check if the zone name has a dot at the end
     if (strlen($this->dataRecord["origin"]) > 0 && substr($this->dataRecord["origin"], -1, 1) != '.') {
         $this->dataRecord["origin"] .= '.';
     }
     //* Check if a primary zone with the same name already exists
     $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_soa WHERE origin = \"" . $this->dataRecord["origin"] . "\" AND server_id= \"" . $this->dataRecord["server_id"] . "\"");
     if ($tmp["number"] > 0) {
         $app->error($app->tform->wordbook["origin_error_unique"]);
     }
     parent::onSubmit();
 }
Beispiel #29
0
 function onSubmit()
 {
     global $app, $conf;
     //* Check if destination email belongs to user
     if (isset($_POST["destination"])) {
         $email = $app->db->queryOneRecord("SELECT email FROM mail_user WHERE email = '" . $app->db->quote($app->functions->idn_encode($_POST["destination"])) . "' AND " . $app->tform->getAuthSQL('r'));
         if ($email["email"] != $app->functions->idn_encode($_POST["destination"])) {
             $app->tform->errorMessage .= $app->tform->lng("no_destination_perm");
         }
     }
     // Check the client limits, if user is not the admin
     if ($_SESSION["s"]["user"]["typ"] != 'admin') {
         // if user is not admin
         // Get the limits of the client
         $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
         $client = $app->db->queryOneRecord("SELECT limit_fetchmail FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         // Check if the user may add another transport.
         if ($this->id == 0 && $client["limit_fetchmail"] >= 0) {
             $tmp = $app->db->queryOneRecord("SELECT count(mailget_id) as number FROM mail_get WHERE sys_groupid = {$client_group_id}");
             if ($tmp["number"] >= $client["limit_fetchmail"]) {
                 $app->tform->errorMessage .= $app->tform->wordbook["limit_fetchmail_txt"] . "<br>";
             }
             unset($tmp);
         }
     }
     // end if user is not admin
     // Set the server ID according to the selected destination
     $tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '" . $app->db->quote($this->dataRecord["destination"]) . "'");
     $this->dataRecord["server_id"] = $tmp["server_id"];
     unset($tmp);
     //* Check that no illegal combination of options is set
     if ((!isset($this->dataRecord['source_delete']) || @$this->dataRecord['source_delete'] == 'n') && $this->dataRecord['source_read_all'] == 'y') {
         $app->tform->errorMessage .= $app->tform->lng('error_delete_read_all_combination') . "<br>";
     }
     parent::onSubmit();
 }
 function onSubmit()
 {
     global $app, $conf;
     // Get the parent mail_user record
     $mailuser = $app->db->queryOneRecord("SELECT * FROM mail_user WHERE mailuser_id = '" . $app->functions->intval($_SESSION['s']['user']['mailuser_id']) . "'");
     // Set the mailuser_id
     $this->dataRecord["mailuser_id"] = $mailuser["mailuser_id"];
     // Remove leading dots
     if (substr($this->dataRecord['target'], 0, 1) == '.') {
         $this->dataRecord['target'] = substr($this->dataRecord['target'], 1);
     }
     // Check the client limits if the email address is assigned to a client
     if ($_SESSION["s"]["user"]["default_group"] > 0) {
         // if user is not admin
         // Get the limits of the client
         $client_group_id = $_SESSION["s"]["user"]["default_group"];
         $client = $app->db->queryOneRecord("SELECT limit_mailfilter FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
         // Check if the user may add another filter
         if ($this->id == 0 && $client["limit_mailfilter"] >= 0) {
             $tmp = $app->db->queryOneRecord("SELECT count(filter_id) as number FROM mail_user_filter WHERE sys_groupid = {$client_group_id}");
             if ($tmp["number"] >= $client["limit_mailfilter"]) {
                 $app->tform->errorMessage .= $app->tform->lng("limit_mailfilter_txt") . "<br>";
             }
             unset($tmp);
         }
     }
     // end if user is not admin
     parent::onSubmit();
 }