/**
* Load a template file.
*
* @throws iMSCP_Exception If template file is not found
* @param string|array $fname Template file path or an array where the second item contain the template file path
* @return mixed|string
*/
public function get_file($fname)
{
static $parentTplDir = null;
if (!is_array($fname)) {
$this->eventManager->dispatch(iMSCP_Events::onBeforeAssembleTemplateFiles, array('context' => $this, 'templatePath' => $this->root_dir . '/' . $fname));
} else {
// INCLUDED file
$fname = $parentTplDir !== null ? $parentTplDir . '/' . $fname[1] : $fname[1];
}
if ($this->is_safe($fname)) {
$prevParentTplDir = $parentTplDir;
$parentTplDir = dirname($fname);
$this->eventManager->dispatch(iMSCP_Events::onBeforeLoadTemplateFile, array('context' => $this, 'templatePath' => $this->root_dir . '/' . $fname));
ob_start();
include $this->root_dir . '/' . $fname;
$fileContent = ob_get_clean();
$this->eventManager->dispatch(iMSCP_Events::onAfterLoadTemplateFile, array('context' => $this, 'templateContent' => $fileContent));
$fileContent = preg_replace_callback($this->tpl_include, array($this, 'get_file'), $fileContent);
$parentTplDir = $prevParentTplDir;
} else {
throw new iMSCP_Exception(sprintf('Unable to find the %s template file', $this->root_dir . '/' . $fname));
}
$this->eventManager->dispatch(iMSCP_Events::onAfterAssembleTemplateFiles, array('context' => $this, 'templateContent' => $fileContent));
return $fileContent;
}
/**
* Return an iMSCP_Events_Manager instance
*
* @param iMSCP_Events_Manager_Interface $events
* @return iMSCP_Events_Manager_Interface
*/
public function getEventManager(iMSCP_Events_Manager_Interface $events = null)
{
if (null !== $events) {
$this->eventManager = $events;
} elseif (null === $this->eventManager) {
$this->eventManager = iMSCP_Events_Aggregator::getInstance();
}
return $this->eventManager;
}
/**
* Generates view
*
* @param iMSCP_ptemplate $tpl
* @return void
*/
function client_generateView($tpl)
{
iMSCP_Events_Aggregator::getInstance()->registerListener(iMSCP_Events::onGetJsTranslations, function ($e) {
/** @var iMSCP_Events_Description $e */
$translations = $e->getParam('translations');
$translations['core']['datatable'] = getDataTablesPluginTranslations(false);
$translations['core']['deactivate_message'] = tr("Are you sure you want to deactivate the external mail server(s) for the '%s' domain?", true, '%s');
});
$tpl->assign(array('TR_PAGE_TITLE' => tr('Client / Email / External Mail Server'), 'TR_DOMAIN' => tr('Domain'), 'TR_STATUS' => tr('Status'), 'TR_ACTION' => tr('Action'), 'TR_DEACTIVATE_SELECTED_ITEMS' => tr('Deactivate selected items'), 'TR_CANCEL' => tr('Cancel')));
$domainProps = get_domain_default_props($_SESSION['user_id']);
$domainId = $domainProps['domain_id'];
$domainName = $domainProps['domain_name'];
_client_generateItemList($tpl, $domainId, $domainName);
}
/**
* @param $tpl iMSCP_pTemplate
* @return void
*/
function add_user($tpl)
{
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') {
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddUser);
if (check_user_data()) {
$upass = cryptPasswordWithSalt(clean_input($_POST['password']));
$user_id = $_SESSION['user_id'];
$username = clean_input($_POST['username']);
$fname = clean_input($_POST['fname']);
$lname = clean_input($_POST['lname']);
$gender = clean_input($_POST['gender']);
$firm = clean_input($_POST['firm']);
$zip = clean_input($_POST['zip']);
$city = clean_input($_POST['city']);
$state = clean_input($_POST['state']);
$country = clean_input($_POST['country']);
$email = clean_input($_POST['email']);
$phone = clean_input($_POST['phone']);
$fax = clean_input($_POST['fax']);
$street1 = clean_input($_POST['street1']);
$street2 = clean_input($_POST['street2']);
if (get_gender_by_code($gender, true) === null) {
$gender = '';
}
$query = "\n\t\t\t\tINSERT INTO `admin` (\n\t\t\t\t\t`admin_name`, `admin_pass`, `admin_type`, `domain_created`, `created_by`, `fname`, `lname`, `firm`,\n\t\t\t\t\t`zip`, `city`, `state`, `country`, `email`, `phone`, `fax`, `street1`, `street2`, `gender`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?, 'admin', unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?\n\t\t\t\t)\n\t\t\t";
exec_query($query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender));
/** @var $db iMSCP_Database */
$db = iMSCP_Registry::get('db');
$new_admin_id = $db->insertId();
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged}: add admin: {$username}", E_USER_WARNING);
$user_def_lang = $cfg->USER_INITIAL_LANG;
$user_theme_color = $cfg->USER_INITIAL_THEME;
$query = "\n\t\t\t\tREPLACE INTO `user_gui_props` (\n\t\t\t\t\t`user_id`, `lang`, `layout`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?, ?\n\t\t\t\t)\n\t\t\t";
exec_query($query, array($new_admin_id, $user_def_lang, $user_theme_color));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddUser);
send_add_user_auto_msg($user_id, clean_input($_POST['username']), clean_input($_POST['password']), clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr('Administrator'));
//$_SESSION['user_added'] = 1;
set_page_message(tr('Admin account successfully created.'), 'success');
redirectTo('manage_users.php');
} else {
// check user data
$tpl->assign(array('EMAIL' => clean_input($_POST['email'], true), 'USERNAME' => clean_input($_POST['username'], true), 'FIRST_NAME' => clean_input($_POST['fname'], true), 'LAST_NAME' => clean_input($_POST['lname'], true), 'FIRM' => clean_input($_POST['firm'], true), 'ZIP' => clean_input($_POST['zip'], true), 'CITY' => clean_input($_POST['city'], true), 'STATE' => clean_input($_POST['state'], true), 'COUNTRY' => clean_input($_POST['country'], true), 'STREET_1' => clean_input($_POST['street1'], true), 'STREET_2' => clean_input($_POST['street2'], true), 'PHONE' => clean_input($_POST['phone'], true), 'FAX' => clean_input($_POST['fax'], true), 'VL_MALE' => $_POST['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $_POST['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $_POST['gender'] == 'U' || empty($_POST['gender']) ? $cfg->HTML_SELECTED : ''));
}
} else {
$tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'STATE' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'VL_MALE' => '', 'VL_FEMALE' => '', 'VL_UNKNOWN' => $cfg->HTML_SELECTED));
}
}
/**
* Protect the given plugin
*
* @param string $name Name of the plugin to protect
* @return bool self::ACTION_SUCCESS|self::ACTION_FAILURE
*/
public function pluginProtect($name)
{
if ($this->pluginIsEnabled($name) && !$this->pluginIsProtected($name)) {
$responses = $this->eventsManager->dispatch(iMSCP_Events::onBeforeProtectPlugin, array('pluginManager' => $this, 'pluginName' => $name));
if (!$responses->isStopped()) {
$protectedPlugins = $this->protectedPlugins;
$this->protectedPlugins[] = $name;
if ($this->pluginUpdateProtectedFile()) {
$this->eventsManager->dispatch(iMSCP_Events::onAfterProtectPlugin, array('pluginManager' => $this, 'pluginName' => $name));
return self::ACTION_SUCCESS;
}
$this->protectedPlugins = $protectedPlugins;
} else {
return self::ACTION_STOPPED;
}
}
return self::ACTION_FAILURE;
}
/**
* Update user data
*
* @param int $userId Customer unique identifier
* @return void
*/
function admin_updateUserData($userId)
{
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $userId));
$fname = isset($_POST['fname']) ? clean_input($_POST['fname']) : '';
$lname = isset($_POST['lname']) ? clean_input($_POST['lname']) : '';
$firm = isset($_POST['firm']) ? clean_input($_POST['firm']) : '';
$gender = isset($_POST['gender']) ? clean_input($_POST['gender']) : '';
$zip = isset($_POST['zip']) ? clean_input($_POST['zip']) : '';
$city = isset($_POST['city']) ? clean_input($_POST['city']) : '';
$state = isset($_POST['state']) ? clean_input($_POST['state']) : '';
$country = isset($_POST['country']) ? clean_input($_POST['country']) : '';
$email = isset($_POST['email']) ? clean_input($_POST['email']) : '';
$phone = isset($_POST['phone']) ? clean_input($_POST['phone']) : '';
$fax = isset($_POST['fax']) ? clean_input($_POST['fax']) : '';
$street1 = isset($_POST['street1']) ? clean_input($_POST['street1']) : '';
$street2 = isset($_POST['street2']) ? clean_input($_POST['street2']) : '';
$userName = get_user_name($userId);
if (empty($_POST['password'])) {
$query = "\n\t\t\tUPDATE\n\t\t\t\t`admin`\n\t\t\tSET\n\t\t\t\t`fname` = ?, `lname` = ?, `firm` = ?, `zip` = ?, `city` = ?, `state` = ?, `country` = ?, `email` = ?,\n\t\t\t\t`phone` = ?, `fax` = ?, `street1` = ?, `street2` = ?, `gender` = ?\n\t\t\tWHERE\n\t\t\t\t`admin_id` = ?\n\t\t";
exec_query($query, array($fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $userId));
} else {
$query = "\n\t\t\tUPDATE\n\t\t\t\t`admin`\n\t\t\tSET\n\t\t\t\t`admin_pass` = ?, `fname` = ?, `lname` = ?, `firm` = ?, `zip` = ?, `city` = ?, `state` = ?,\n\t\t\t\t`country` = ?, `email` = ?, `phone` = ?, `fax` = ?, `street1` = ?, `street2` = ?, `gender` = ?\n\t\t\tWHERE\n\t\t\t\t`admin_id` = ?\n\t\t";
exec_query($query, array(cryptPasswordWithSalt($_POST['password']), $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $userId));
$query = "DELETE FROM `login` WHERE `user_name` = ?";
$stmt = exec_query($query, $userName);
if ($stmt->rowCount()) {
set_page_message(tr('User session successfully killed for password change.'), 'success');
}
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $userId));
if (isset($_POST['send_data']) && !empty($_POST['password'])) {
$query = 'SELECT `admin_type` FROM `admin` WHERE `admin_id` = ?';
$stmt = exec_query($query, $userId);
if ($stmt->fields['admin_type'] == 'admin') {
$admin_type = tr('Administrator');
} elseif ($stmt->fields['admin_type'] == 'reseller') {
$admin_type = tr('Reseller');
} else {
$admin_type = tr('Customer');
}
send_add_user_auto_msg($userId, $userName, $_POST['password'], $_POST['email'], $_POST['fname'], $_POST['lname'], $admin_type);
set_page_message(tr('Login data successfully sent to %s.', $userName), 'success');
}
}
/**
* Generate page
*
* @param iMSCP_pTemplate $tpl
* @return void
*/
function generatePage($tpl)
{
$stmt = exec_query('SELECT id, name, status FROM hosting_plans WHERE reseller_id = ? ORDER BY id', $_SESSION['user_id']);
if (!$stmt->rowCount()) {
$tpl->assign('HOSTING_PLANS', '');
set_page_message(tr('No hosting plan available.'), 'static_info');
return;
}
$tpl->assign(array('TR_ID' => tr('Id'), 'TR_NAME' => tr('Name'), 'TR_STATUS' => tr('Status'), 'TR_EDIT' => tr('Edit'), 'TR_ACTION' => tr('Actions'), 'TR_DELETE' => tr('Delete')));
iMSCP_Events_Aggregator::getInstance()->registerListener('onGetJsTranslations', function ($e) {
/** @var iMSCP_Events_Event $e */
$translations = $e->getParam('translations');
$translations['core']['hp_delete_confirmation'] = tr('Are you sure you want to delete this hosting plan?');
});
while ($row = $stmt->fetchRow()) {
$tpl->assign(array('ID' => $row['id'], 'NAME' => tohtml($row['name']), 'STATUS' => $row['status'] ? tr('Available') : tr('Unavailable')));
$tpl->parse('HOSTING_PLAN', '.hosting_plan');
}
}
/**
* @param $user_id
*/
function update_reseller_personal_data($user_id)
{
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $user_id));
$fname = clean_input($_POST['fname']);
$lname = clean_input($_POST['lname']);
$gender = $_POST['gender'];
$firm = clean_input($_POST['firm']);
$zip = clean_input($_POST['zip']);
$city = clean_input($_POST['city']);
$state = clean_input($_POST['state']);
$country = clean_input($_POST['country']);
$street1 = clean_input($_POST['street1']);
$street2 = clean_input($_POST['street2']);
$email = clean_input($_POST['email']);
$phone = clean_input($_POST['phone']);
$fax = clean_input($_POST['fax']);
$query = "\n\t\tUPDATE\n\t\t\t`admin`\n\t\tSET\n\t\t\t`fname` = ?,\n\t\t\t`lname` = ?,\n\t\t\t`firm` = ?,\n\t\t\t`zip` = ?,\n\t\t\t`city` = ?,\n\t\t\t`state` = ?,\n\t\t\t`country` = ?,\n\t\t\t`email` = ?,\n\t\t\t`phone` = ?,\n\t\t\t`fax` = ?,\n\t\t\t`street1` = ?,\n\t\t\t`street2` = ?,\n\t\t\t`gender` = ?\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t";
exec_query($query, array($fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $user_id));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $user_id));
set_page_message(tr('Personal data successfully updated.'), 'success');
redirectTo('profile.php');
}
/**
* Schedule deletion of the given mail account
*
* @throws iMSCP_Exception on error
* @param int $mailId Mail account unique identifier
* @param array $dmnProps Main domain properties
* @return void
*/
function client_deleteMailAccount($mailId, $dmnProps)
{
$stmt = exec_query('SELECT `mail_addr` FROM `mail_users` WHERE `mail_id` = ? AND `domain_id` = ?', array($mailId, $dmnProps['domain_id']));
if ($stmt->rowCount()) {
$mailAddr = $stmt->fields['mail_addr'];
$toDeleteStatus = 'todelete';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteMail, array('mailId' => $mailId));
exec_query('UPDATE `mail_users` SET `status` = ? WHERE `mail_id` = ?', array($toDeleteStatus, $mailId));
// Schedule deleltion of all catchall which belong to the mail account
exec_query('
UPDATE
`mail_users`
SET
`status` = ?
WHERE
`mail_acc` = ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ?
', array($toDeleteStatus, $mailAddr, "{$mailAddr},%", "%,{$mailAddr},%", "%,{$mailAddr}"));
delete_autoreplies_log_entries($mailAddr);
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterDeleteMail, array('mailId' => $mailId));
set_page_message(tr('Mail account %s successfully scheduled for deletion.', '<strong>' . decode_idna($mailAddr) . '</strong>'), 'success');
} else {
throw new iMSCP_Exception('Bad request.', 400);
}
}
/**
* Update admin password.
*
* @return void
*/
function reseller_updatePassword()
{
if (!empty($_POST)) {
$userId = $_SESSION['user_id'];
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $userId));
if (empty($_POST['current_password']) || empty($_POST['password']) || empty($_POST['password_confirmation'])) {
set_page_message(tr('All fields are required.'), 'error');
} else {
if (!_reseller_checkCurrentPassword($_POST['current_password'])) {
set_page_message(tr('Current password is invalid.'), 'error');
} else {
if ($_POST['password'] !== $_POST['password_confirmation']) {
set_page_message(tr("Passwords do not match."), 'error');
} elseif (checkPasswordSyntax($_POST['password'])) {
$query = 'UPDATE `admin` SET `admin_pass` = ? WHERE `admin_id` = ?';
exec_query($query, array(cryptPasswordWithSalt($_POST['password']), $userId));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $userId));
write_log($_SESSION['user_logged'] . ': updated password.', E_USER_NOTICE);
set_page_message(tr('Password successfully updated.'), 'success');
}
}
}
}
}
break;
case "reseller":
$trUserType = tr('Reseller');
break;
case "admin":
$trUserType = tr('Admin');
break;
default:
$trUserType = tr('Unknown user type');
}
$tpl->assign(array('TR_ACCOUNT_SUMMARY' => tr('Account summary'), 'TR_USERNAME' => tr('Username'), 'USERNAME' => tohtml($_SESSION['user_logged']), 'TR_ACCOUNT_TYPE' => tr('Account type'), 'ACCOUNT_TYPE' => $trUserType, 'TR_REGISTRATION_DATE' => tr('Registration date'), 'REGISTRATION_DATE' => $stmt->fields['domain_created'] != 0 ? date($cfg->DATE_FORMAT, $stmt->fields['domain_created']) : tr('Unknown')));
}
/*******************************************************************************
* Main script
*/
// Include core library
require 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
check_login('user');
$tpl = new iMSCP_pTemplate();
$tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'client/profile.tpl', 'page_message' => 'layout'));
$tpl->assign('TR_PAGE_TITLE', tr('Client / Profile / Account Summary'));
generateNavigation($tpl);
client_generatePage($tpl);
generatePageMessage($tpl);
$tpl->parse('LAYOUT_CONTENT', 'page');
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptEnd, array('templateEngine' => $tpl));
$tpl->prnt();
unsetMessages();
/**
* Update SQL user password
*
* @param int $id Sql user id
* @param string $user Sql user name
* @param string $host SQL user host
* @çeturn void
*/
function client_updateSqlUserPassword($id, $user, $host)
{
if (!isset($_POST['uaction'])) {
return;
}
if (!isset($_POST['password']) || !isset($_POST['password_confirmation'])) {
showBadRequestErrorPage();
}
$password = clean_input($_POST['password']);
$passwordConf = clean_input($_POST['password_confirmation']);
if ($password === '') {
set_page_message(tr('Password cannot be empty.'), 'error');
return;
}
if ($passwordConf === '') {
set_page_message(tr('Please confirm the password.'), 'error');
return;
}
if ($password !== $passwordConf) {
set_page_message(tr('Passwords do not match.'), 'error');
return;
}
if (!checkPasswordSyntax($password)) {
return;
}
$config = iMSCP_Registry::get('config');
$mysqlConfig = new iMSCP_Config_Handler_File($config['CONF_DIR'] . '/mysql/mysql.data');
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditSqlUser, array('sqlUserId' => $id));
// Here we cannot use transaction due to statements that cause an implicit commit. Thus we execute
// those statements first to let the i-MSCP database in clean state if one of them fails.
// See https://dev.mysql.com/doc/refman/5.7/en/implicit-commit.html for more details
// Update SQL user password in the mysql system tables;
if (strpos('mariadb', $config['SQL_SERVER']) !== false || version_compare($mysqlConfig['SQLD_VERSION'], '5.7.6', '<')) {
exec_query('SET PASSWORD FOR ?@? = PASSWORD(?)', array($user, $host, $password));
} else {
exec_query('ALTER USER ?@? IDENTIFIED BY ? PASSWORD EXPIRE NEVER', array($user, $host, $password));
}
exec_query('UPDATE sql_user SET sqlu_pass = ? WHERE sqlu_name = ? AND sqlu_host = ?', array($password, $user, $host));
set_page_message(tr('SQL user password successfully updated.'), 'success');
write_log(sprintf('%s updated %s@%s SQL user password.', decode_idna($_SESSION['user_logged']), $user, $host), E_USER_NOTICE);
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditSqlUser, array('sqlUserId' => $id));
redirectTo('sql_manage.php');
}
*/
EventManager::getInstance()->dispatch(Events::onAdminScriptStart);
check_login('admin');
$cfg = Registry::get('config');
$tpl = new TemplateEngine();
$tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => '../../plugins/Monitorix/themes/default/view/admin/monitorix.tpl', 'page_message' => 'layout', 'monitorix_item' => 'page', 'monitorix_graph_item' => 'page'));
$graphName = isset($_POST['graph_name']) && $_POST['graph_name'] !== '-1' ? clean_input($_POST['graph_name']) : '';
if (isset($_POST['action']) && $_POST['action'] == 'go_show') {
if ($graphName == '') {
$tpl->assign(array('M_HOUR_SELECTED' => $cfg['HTML_SELECTED'], 'M_DAY_SELECTED' => '', 'M_WEEK_SELECTED' => '', 'M_MONTH_SELECTED' => '', 'M_YEAR_SELECTED' => '', 'MONITORIXGRAPH_SELECTED' => '', 'MONITORIXGRAPH_ERROR' => ''));
} else {
selectedGraphic($tpl, $graphName, clean_input($_POST['show_when']));
}
} else {
$tpl->assign(array('M_HOUR_SELECTED' => $cfg['HTML_SELECTED'], 'M_DAY_SELECTED' => '', 'M_WEEK_SELECTED' => '', 'M_MONTH_SELECTED' => '', 'M_YEAR_SELECTED' => '', 'MONITORIXGRAPH_SELECTED' => '', 'MONITORIXGRAPH_ERROR' => ''));
}
/** @var PluginManager $pluginManager */
$pluginManager = Registry::get('pluginManager');
if (Registry::get('config')->DEBUG) {
$assetVersion = time();
} else {
$pluginInfo = $pluginManager->pluginGetInfo('Monitorix');
$assetVersion = strtotime($pluginInfo['date']);
}
$tpl->assign(array('TR_PAGE_TITLE' => tr('Statistics / Monitorix'), 'MONITORIX_ASSET_VERSION' => tohtml($assetVersion), 'MONITORIXGRAPHIC_NOT_EXIST' => tr("The requested graphic doesn't exist."), 'MONITORIXGRAPHIC_NOT_SELECTED' => tr("No monitorix graph selected."), 'TR_MONITORIX_SELECT_NAME_NONE' => tr('Select a graph'), 'M_HOUR' => tr('Hour'), 'M_DAY' => tr('Day'), 'M_WEEK' => tr('Week'), 'M_MONTH' => tr('Month'), 'M_YEAR' => tr('Year'), 'TR_SHOW' => tr('Show graph')));
generateNavigation($tpl);
generatePageMessage($tpl);
generatePage($tpl, substr($graphName, 1));
$tpl->parse('LAYOUT_CONTENT', 'page');
EventManager::getInstance()->dispatch(Events::onAdminScriptEnd, array('templateEngine' => $tpl));
$tpl->prnt();
$all[1] += $ftpTraffic;
$all[2] += $smtpTraffic;
$all[3] += $popTraffic;
$tpl->parse('TRAFFIC_TABLE_ITEM', '.traffic_table_item');
}
$tpl->assign(array('USER_ID' => tohtml($userId), 'USERNAME' => tohtml($adminName), 'ALL_WEB_TRAFFIC' => tohtml(bytesHuman($all[0])), 'ALL_FTP_TRAFFIC' => tohtml(bytesHuman($all[1])), 'ALL_SMTP_TRAFFIC' => tohtml(bytesHuman($all[2])), 'ALL_POP3_TRAFFIC' => tohtml(bytesHuman($all[3])), 'ALL_ALL_TRAFFIC' => tohtml(bytesHuman(array_sum($all)))));
} else {
set_page_message(tr('No statistics found for the given period. Try another period.'), 'static_info');
$tpl->assign(array('USERNAME' => tohtml($adminName), 'USER_ID' => tohtml($userId), 'RESELLER_USER_STATISTICS_DETAIL_BLOCK' => ''));
}
}
/***********************************************************************************************************************
* Main
*/
require 'imscp-lib.php';
$eventManager = iMSCP_Events_Aggregator::getInstance();
$eventManager->dispatch(iMSCP_Events::onAdminScriptStart);
check_login('admin');
if (systemHasCustomers()) {
if (isset($_GET['user_id'])) {
$userId = intval($_GET['user_id']);
$_SESSION['stats_user_id'] = $userId;
} elseif (isset($_SESSION['admin_stats_user_id'])) {
redirectTo('reseller_user_statistics_detail.php?user_id=' . $_SESSION['admin_stats_user_id']);
exit;
} else {
showBadRequestErrorPage();
exit;
}
$tpl = new iMSCP_pTemplate();
$tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'admin/reseller_user_statistics_details.tpl', 'page_message' => 'layout', 'month_list' => 'page', 'year_list' => 'page', 'reseller_user_statistics_detail_block' => 'page', 'traffic_table_item' => 'reseller_user_statistics_detail_block'));
/**
* Edit mail account
*
* @throws iMSCP_Exception
* @return bool TRUE on success, FALSE otherwise
*/
function client_editMailAccount()
{
if (isset($_POST['password']) && isset($_POST['password_rep']) && isset($_POST['quota']) && isset($_POST['forward_list'])) {
$mailData = client_getEmailAccountData(clean_input($_GET['id']));
$mainDmnProps = get_domain_default_props($_SESSION['user_id']);
$password = $forwardList = '_no_';
$mailType = '';
$quota = null;
if (preg_match('/^(.*?)_(?:mail|forward)/', $mailData['mail_type'], $match)) {
$domainType = $match[1];
} else {
throw new iMSCP_Exception('Unable to determine mail type');
}
$mailTypeNormal = isset($_POST['account_type']) && in_array($_POST['account_type'], array('1', '3'));
$mailTypeForward = isset($_POST['account_type']) && in_array($_POST['account_type'], array('2', '3'));
if (!$mailTypeNormal && !$mailTypeForward) {
showBadRequestErrorPage();
}
$mailAddr = $mailData['mail_addr'];
if ($mailTypeNormal) {
// Check for pasword
$password = clean_input($_POST['password']);
$password_rep = clean_input($_POST['password_rep']);
if ($mailData['mail_pass'] == '_no_' || $password != '' || $password_rep != '') {
if ($password == '') {
set_page_message(tr('Password is missing.'), 'error');
return false;
} elseif ($password_rep == '') {
set_page_message(tr('You must confirm your password.'), 'error');
return false;
} elseif ($password !== $password_rep) {
set_page_message(tr("Passwords do not match."), 'error');
return false;
} elseif (!checkPasswordSyntax($password)) {
return false;
}
} else {
$password = $mailData['mail_pass'];
}
// Check for quota
$quota = clean_input($_POST['quota']);
if (is_number($quota)) {
$quota *= 1048576;
// MiB to Bytes
if ($mainDmnProps['mail_quota'] != '0') {
if ($quota == '0') {
set_page_message(tr('Incorrect Email quota.'), 'error');
return false;
}
$stmt = exec_query('SELECT SUM(`quota`) AS `quota` FROM `mail_users` WHERE `domain_id` = ? AND `quota` IS NOT NULL', $mainDmnProps['domain_id']);
$quotaLimit = floor($mainDmnProps['mail_quota'] - ($stmt->fields['quota'] - $mailData['quota']));
if ($quota > $quotaLimit) {
set_page_message(tr('Email quota cannot be bigger than %s', bytesHuman($quotaLimit, 'MiB')), 'error');
return false;
}
}
} else {
set_page_message(tr('Email quota must be a number.'), 'error');
return false;
}
switch ($domainType) {
case 'normal':
$mailType = MT_NORMAL_MAIL;
break;
case 'subdom':
$mailType = MT_SUBDOM_MAIL;
break;
case 'alias':
$mailType = MT_ALIAS_MAIL;
break;
case 'alssub':
$mailType = MT_ALSSUB_MAIL;
}
}
if ($mailTypeForward) {
// Check forward list
$forwardList = clean_input($_POST['forward_list']);
if ($forwardList == '') {
set_page_message(tr('Forward list is empty.'), 'error');
return false;
}
$forwardList = preg_split("/[\n,]+/", $forwardList);
foreach ($forwardList as $key => &$forwardEmailAddr) {
$forwardEmailAddr = encode_idna(trim($forwardEmailAddr));
if ($forwardEmailAddr == '') {
unset($forwardList[$key]);
} elseif (!chk_email($forwardEmailAddr)) {
set_page_message(tr('Wrong mail syntax in forward list.'), 'error');
return false;
} elseif ($forwardEmailAddr == $mailAddr) {
set_page_message(tr('You cannot forward %s on itself.', $mailAddr), 'error');
return false;
}
}
$forwardList = implode(',', array_unique($forwardList));
switch ($domainType) {
case 'normal':
$mailType .= ($mailType != '' ? ',' : '') . MT_NORMAL_FORWARD;
break;
case 'subdom':
$mailType .= ($mailType != '' ? ',' : '') . MT_SUBDOM_FORWARD;
break;
case 'alias':
$mailType .= ($mailType != '' ? ',' : '') . MT_ALIAS_FORWARD;
break;
case 'alssub':
$mailType .= ($mailType != '' ? ',' : '') . MT_ALSSUB_FORWARD;
}
}
// Update mail account into database
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditMail, array('mailId' => $mailData['mail_id']));
$query = '
UPDATE
`mail_users`
SET
`mail_pass` = ?, `mail_forward` = ?, `mail_type` = ?, `status` = ?, `quota` = ?
WHERE
`mail_id` = ?
';
exec_query($query, array($password, $forwardList, $mailType, 'tochange', $quota, $mailData['mail_id']));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditMail, array('mailId' => $mailData['mail_id']));
// Schedule mail account addition
send_request();
write_log("{$_SESSION['user_logged']}: Updated Email account: {$mailAddr}", E_USER_NOTICE);
set_page_message(tr('Email account successfully scheduled for update.'), 'success');
} else {
showBadRequestErrorPage();
}
return true;
}
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$name = $row['subdomain_alias_name'];
$stmt = exec_query('SELECT mail_id FROM mail_users WHERE (mail_type LIKE ? OR mail_type = ?) AND sub_id = ? LIMIT 1', array(MT_ALSSUB_MAIL . '%', MT_ALSSUB_FORWARD, $id));
if ($stmt->rowCount()) {
set_page_message(tr('Subdomain you are trying to remove has email accounts. Please remove them first.'), 'error');
redirectTo('domains_manage.php');
}
$stmt = exec_query('SELECT userid FROM ftp_users WHERE userid LIKE ? LIMIT 1', "%@{$name}");
if ($stmt->rowCount()) {
set_page_message(tr('Subdomain alias you are trying to remove has Ftp accounts. Please remove them first.'), 'error');
redirectTo('domains_manage.php');
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteSubdomain, array('subdomainId' => $id, 'subdomainName' => $name, 'type' => 'alssub'));
$db = iMSCP_Database::getInstance();
try {
$db->beginTransaction();
exec_query('DELETE FROM php_ini WHERE domain_id = ? AND domain_type = ?', array($id, 'subals'));
exec_query('UPDATE subdomain_alias SET subdomain_alias_status = ? WHERE subdomain_alias_id = ?', array('todelete', $id));
exec_query('UPDATE ssl_certs SET status = ? WHERE domain_id = ? AND domain_type = ?', array('todelete', $id, 'alssub'));
$db->commit();
} catch (iMSCP_Exception_Database $e) {
$db->rollBack();
write_log(sprintf('System was unable to remove a subdomain: %s', $e->getMessage()), E_ERROR);
set_page_message('Could not remove subdomain. An unexpected error occurred.', 'error');
redirectTo('domains_manage.php');
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterDeleteSubdomain, array('subdomainId' => $id, 'subdomainName' => $name, 'type' => 'alssub'));
send_request();
write_log(sprintf('%s scheduled deletion of the `%s` subdomain alias', decode_idna($_SESSION['user_logged']), $name), E_USER_NOTICE);
set_page_message(tr('Subdomain alias scheduled for deletion.'), 'success');
redirectTo('domains_manage.php');
/**
* Update Ftp account
*
* @param string $userid Ftp userid
* @param string $mainDomainName Main domain name
* @return bool TRUE on success, FALSE on failure
*/
function updateFtpAccount($userid, $mainDomainName)
{
$ret = true;
if (!empty($_POST['password'])) {
if (empty($_POST['password_repeat']) || $_POST['password'] !== $_POST['password_repeat']) {
set_page_message(tr("Passwords do not match."), 'error');
$ret = false;
}
if (!checkPasswordSyntax($_POST['password'])) {
$ret = false;
}
$rawPassword = $_POST['password'];
$password = cryptPasswordWithSalt($rawPassword);
}
if (isset($_POST['home_dir'])) {
$homeDir = clean_input($_POST['home_dir']);
if ($homeDir != '/' && $homeDir != '') {
// Strip possible double-slashes
$homeDir = str_replace('//', '/', $homeDir);
// Check for updirs '..'
if (strpos($homeDir, '..') !== false) {
set_page_message(tr('Invalid home directory.'), 'error');
$ret = false;
}
if ($ret) {
$vfs = new iMSCP_VirtualFileSystem($mainDomainName);
// Check for directory existence
if (!$vfs->exists($homeDir)) {
set_page_message(tr("Home directory '%s' doesn't exist", $homeDir), 'error');
$ret = false;
}
}
}
} else {
showBadRequestErrorPage();
exit;
}
if ($ret) {
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditFtp, array('ftpUserId' => $userid));
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
$homeDir = rtrim(str_replace('//', '/', $cfg->USER_WEB_DIR . '/' . $mainDomainName . '/' . $homeDir), '/');
if (isset($rawPassword) && isset($password) && isset($homeDir)) {
$query = "UPDATE `ftp_users` SET `passwd` = ?, `rawpasswd` = ?, `homedir` = ? WHERE `userid` = ?";
exec_query($query, array($password, $rawPassword, $homeDir, $userid));
} else {
$query = "UPDATE `ftp_users` SET `homedir` = ? WHERE `userid` = ?";
exec_query($query, array($homeDir, $userid));
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditFtp, array('ftpUserId' => $userid));
write_log(sprintf("%s updated Ftp account: %s", $_SESSION['user_logged'], $userid), E_USER_NOTICE);
set_page_message(tr('FTP account successfully updated.'), 'success');
}
return $ret;
}
/**
* Deletes an admin or reseller user
*
* @throws iMSCP_Exception_Database
* @param int $userId User unique identifier
*/
function admin_deleteUser($userId)
{
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteUser, array('userId' => $userId));
$userId = (int) $userId;
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
/** @var $db iMSCP_Database */
$db = iMSCP_Database::getInstance();
$stmt = exec_query('
SELECT
a.admin_type, b.logo
FROM
admin a
LEFT JOIN
user_gui_props b ON (b.user_id = a.admin_id)
WHERE
admin_id = ?
', $userId);
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$userType = $row['admin_type'];
if (empty($userType) || $userType == 'user') {
showBadRequestErrorPage();
}
// Users (admins/resellers) common items to delete
$itemsToDelete = array('admin' => 'admin_id = ?', 'email_tpls' => 'owner_id = ?', 'tickets' => 'ticket_from = ? OR ticket_to = ?', 'user_gui_props' => 'user_id = ?');
// Note: Admin can also have they own hosting_plans bug must not be considerated
// as common item since first admin must be never removed
if ($userType == 'reseller') {
// Getting reseller's software packages to remove if any
$stmt = exec_query('SELECT software_id, software_archive FROM web_software WHERE reseller_id = ?', $userId);
$swPackages = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Getting custom reseller isp logo if set
$resellerLogo = $row['logo'];
// Add specific reseller items to remove
$itemsToDelete = array_merge(array('hosting_plans' => 'reseller_id = ?', 'reseller_props' => 'reseller_id = ?', 'web_software' => 'reseller_id = ?'), $itemsToDelete);
}
// We are using transaction to ensure data consistency and prevent any garbage in
// the database. If one query fail, the whole process is reverted.
try {
// Cleanup database
$db->beginTransaction();
foreach ($itemsToDelete as $table => $where) {
// Build the DELETE statement
$query = "DELETE FROM " . quoteIdentifier($table) . ($where ? " WHERE {$where}" : '');
exec_query($query, array_fill(0, substr_count($where, '?'), $userId));
}
$db->commit();
// Cleanup files system
// We are safe here. We don't stop the process even if files cannot be removed. That can result in garbages but
// the sysadmin can easily delete them through ssh.
// Deleting reseller software instaler local repository
if (isset($swPackages) && !empty($swPackages)) {
_admin_deleteResellerSwPackages($userId, $swPackages);
} elseif ($userType == 'reseller' && is_dir($cfg['GUI_APS_DIR'] . '/' . $userId) && @rmdir($cfg['GUI_APS_DIR'] . '/' . $userId) == false) {
write_log('Unable to remove reseller software directory: ' . $cfg['GUI_APS_DIR'] . '/' . $userId, E_USER_ERROR);
}
// Deleting user logo
if (isset($resellerLogo) && !empty($resellerLogo)) {
$logoPath = $cfg['GUI_ROOT_DIR'] . '/data/persistent/ispLogos/' . $resellerLogo;
if (file_exists($logoPath) && @unlink($logoPath) == false) {
write_log('Unable to remove user logo ' . $logoPath, E_USER_ERROR);
}
}
$userTr = $userType == 'reseller' ? tr('Reseller') : tr('Admin');
set_page_message(tr('%s account successfully deleted.', $userTr), 'success');
write_log($_SESSION['user_logged'] . ": deletes user " . $userId, E_USER_NOTICE);
} catch (iMSCP_Exception_Database $e) {
$db->rollBack();
throw $e;
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterDeleteUser, array('userId' => $userId));
redirectTo('manage_users.php');
}
* by moleSoftware GmbH. All Rights Reserved.
*
* Portions created by the ispCP Team are Copyright (C) 2006-2010 by
* isp Control Panel. All Rights Reserved.
*
* Portions created by the i-MSCP Team are Copyright (C) 2010-2015 by
* i-MSCP - internet Multi Server Control Panel. All Rights Reserved.
*/
/***********************************************************************************************************************
* Main
*/
// Include core library
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
check_login('user');
customerHasFeature('mail') or showBadRequestErrorPage();
if (isset($_GET['id'])) {
$catchallId = intval($_GET['id']);
$stmt = exec_query('SELECT mail_id FROM mail_users WHERE domain_id = ? AND mail_id = ?', array(get_user_domain_id($_SESSION['user_id']), $catchallId));
if (!$stmt->rowCount()) {
showBadRequestErrorPage();
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteMailCatchall, array('mailCatchallId' => $catchallId));
exec_query('UPDATE mail_users SET status = ? WHERE mail_id = ?', array('todelete', $catchallId));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onafterDeleteMailCatchall, array('mailCatchallId' => $catchallId));
send_request();
write_log($_SESSION['user_logged'] . ': deletes email catch all!', E_USER_NOTICE);
set_page_message(tr('Catch all successfully scheduled for deletion.'), 'success');
redirectTo('mail_catchall.php');
}
showBadRequestErrorPage();
/**
* Create reseller account
*
* @throws Exception
* @throws iMSCP_Exception
* @throws iMSCP_Exception_Database
* @return bool
*/
function admin_checkAndCreateResellerAccount()
{
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddUser);
$cfg = iMSCP_Registry::get('config');
$errFieldsStack = array();
$data =& admin_getData();
/** @var $db iMSCP_Database */
$db = iMSCP_Database::getInstance();
try {
$db->beginTransaction();
// Check for reseller name
$stmt = exec_query('SELECT COUNT(`admin_id`) `usernameExist` FROM `admin` WHERE `admin_name` = ? LIMIT 1', $data['admin_name']);
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
if ($row['usernameExist']) {
set_page_message(tr("The username %s is not available.", '<b>' . $data['admin_name'] . '</b>'), 'error');
$errFieldsStack[] = 'admin_name';
} elseif (!validates_username($data['admin_name'])) {
set_page_message(tr('Incorrect username length or syntax.'), 'error');
$errFieldsStack[] = 'admin_name';
}
// check for password
if (empty($data['password'])) {
set_page_message(tr('You must provide a password.'), 'error');
$errFieldsStack[] = 'password';
$errFieldsStack[] = 'password_confirmation';
} elseif ($data['password'] != $data['password_confirmation']) {
set_page_message(tr("Passwords do not match."), 'error');
$errFieldsStack[] = 'password';
$errFieldsStack[] = 'password_confirmation';
} elseif (!checkPasswordSyntax($data['password'])) {
$errFieldsStack[] = 'password';
$errFieldsStack[] = 'password_confirmation';
}
// Check for email address
if (!chk_email($data['email'])) {
set_page_message(tr('Incorrect syntax for email address.'), 'error');
$errFieldsStack[] = 'email';
}
// Check for ip addresses - We are safe here
$resellerIps = array();
foreach ($data['server_ips'] as $serverIpData) {
if (in_array($serverIpData['ip_id'], $data['reseller_ips'])) {
$resellerIps[] = $serverIpData['ip_id'];
}
}
sort($resellerIps);
if (empty($resellerIps)) {
set_page_message(tr('You must assign at least one IP to this reseller.'), 'error');
}
// Check for max domains limit
if (!imscp_limit_check($data['max_dmn_cnt'], null)) {
set_page_message(tr('Incorrect limit for %s.', tr('domain')), 'error');
$errFieldsStack[] = 'max_dmn_cnt';
}
// Check for max subdomains limit
if (!imscp_limit_check($data['max_sub_cnt'])) {
set_page_message(tr('Incorrect limit for %s.', tr('subdomains')), 'error');
$errFieldsStack[] = 'max_sub_cnt';
}
// check for max domain aliases limit
if (!imscp_limit_check($data['max_als_cnt'])) {
set_page_message(tr('Incorrect limit for %s.', tr('domain aliases')), 'error');
$errFieldsStack[] = 'max_als_cnt';
}
// Check for max mail accounts limit
if (!imscp_limit_check($data['max_mail_cnt'])) {
set_page_message(tr('Incorrect limit for %s.', tr('email accounts')), 'error');
$errFieldsStack[] = 'max_mail_cnt';
}
// Check for max ftp accounts limit
if (!imscp_limit_check($data['max_ftp_cnt'])) {
set_page_message(tr('Incorrect limit for %s.', tr('Ftp accounts')), 'error');
$errFieldsStack[] = 'max_ftp_cnt';
}
// Check for max Sql databases limit
if (!imscp_limit_check($data['max_sql_db_cnt'])) {
set_page_message(tr('Incorrect limit for %s.', tr('SQL databases')), 'error');
$errFieldsStack[] = 'max_sql_db_cnt';
} elseif ($_POST['max_sql_db_cnt'] == -1 && $_POST['max_sql_user_cnt'] != -1) {
set_page_message(tr('SQL database limit is disabled but SQL user limit is not.'), 'error');
$errFieldsStack[] = 'max_sql_db_cnt';
}
// Check for max Sql users limit
if (!imscp_limit_check($data['max_sql_user_cnt'])) {
set_page_message(tr('Incorrect limit for %s.', tr('SQL users')), 'error');
$errFieldsStack[] = 'max_sql_user_cnt';
} elseif ($_POST['max_sql_user_cnt'] == -1 && $_POST['max_sql_db_cnt'] != -1) {
set_page_message(tr('SQL user limit is disabled but SQL database limit is not.'), 'error');
$errFieldsStack[] = 'max_sql_user_cnt';
}
// Check for max monthly traffic limit
if (!imscp_limit_check($data['max_traff_amnt'], null)) {
set_page_message(tr('Incorrect limit for %s.', tr('traffic')), 'error');
$errFieldsStack[] = 'max_traff_amnt';
}
// Check for max disk space limit
if (!imscp_limit_check($data['max_disk_amnt'], null)) {
set_page_message(tr('Incorrect limit for %s.', tr('Disk space')), 'error');
$errFieldsStack[] = 'max_disk_amnt';
}
// Check for PHP settings
$phpini = iMSCP_PHPini::getInstance();
$phpini->setResellerPermission('phpiniSystem', $data['php_ini_system']);
if ($phpini->resellerHasPermission('phpiniSystem')) {
$phpini->setResellerPermission('phpiniAllowUrlFopen', $data['php_ini_al_allow_url_fopen']);
$phpini->setResellerPermission('phpiniDisplayErrors', $data['php_ini_al_display_errors']);
$phpini->setResellerPermission('phpiniDisableFunctions', $data['php_ini_al_disable_functions']);
$phpini->setResellerPermission('phpiniMailFunction', $data['php_ini_al_mail_function']);
$phpini->setResellerPermission('phpiniMemoryLimit', $data['memory_limit']);
// Must be set before phpiniPostMaxSize
$phpini->setResellerPermission('phpiniPostMaxSize', $data['post_max_size']);
// Must be set before phpiniUploadMaxFileSize
$phpini->setResellerPermission('phpiniUploadMaxFileSize', $data['upload_max_filesize']);
$phpini->setResellerPermission('phpiniMaxExecutionTime', $data['max_execution_time']);
$phpini->setResellerPermission('phpiniMaxInputTime', $data['max_input_time']);
}
if (empty($errFieldsStack) && !Zend_Session::namespaceIsset('pageMessages')) {
// Update process begin here
// Insert reseller personal data into database
exec_query('
INSERT INTO admin (
admin_name, admin_pass, admin_type, domain_created, created_by, fname, lname, firm, zip, city,
state, country, email, phone, fax, street1, street2, gender
) VALUES (
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
)
', array($data['admin_name'], cryptPasswordWithSalt($data['password']), 'reseller', time(), $_SESSION['user_id'], $data['fname'], $data['lname'], $data['firm'], $data['zip'], $data['city'], $data['state'], $data['country'], $data['email'], $data['phone'], $data['fax'], $data['street1'], $data['street2'], $data['gender']));
// Get new reseller unique identifier
$resellerId = $db->insertId();
// Insert reseller GUI properties into database
exec_query('INSERT INTO user_gui_props (user_id, lang, layout) VALUES (?, ?, ?)', array($resellerId, $cfg['USER_INITIAL_LANG'], $cfg['USER_INITIAL_THEME']));
// Insert reseller properties into database
exec_query('
INSERT INTO reseller_props (
reseller_id, reseller_ips, max_dmn_cnt, current_dmn_cnt, max_sub_cnt, current_sub_cnt,
max_als_cnt, current_als_cnt, max_mail_cnt, current_mail_cnt, max_ftp_cnt, current_ftp_cnt,
max_sql_db_cnt, current_sql_db_cnt, max_sql_user_cnt, current_sql_user_cnt, max_traff_amnt,
current_traff_amnt, max_disk_amnt, current_disk_amnt, support_system, customer_id,
software_allowed, softwaredepot_allowed, websoftwaredepot_allowed, php_ini_system,
php_ini_al_disable_functions, php_ini_al_mail_function, php_ini_al_allow_url_fopen,
php_ini_al_display_errors, php_ini_max_post_max_size, php_ini_max_upload_max_filesize,
php_ini_max_max_execution_time, php_ini_max_max_input_time, php_ini_max_memory_limit
) VALUES (
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?
)
', array($resellerId, implode(';', $resellerIps) . ';', $data['max_dmn_cnt'], '0', $data['max_sub_cnt'], '0', $data['max_als_cnt'], '0', $data['max_mail_cnt'], '0', $data['max_ftp_cnt'], '0', $data['max_sql_db_cnt'], '0', $data['max_sql_user_cnt'], '0', $data['max_traff_amnt'], '0', $data['max_disk_amnt'], '0', $data['support_system'], $data['customer_id'], $data['software_allowed'], $data['softwaredepot_allowed'], $data['websoftwaredepot_allowed'], $phpini->getResellerPermission('phpiniSystem'), $phpini->getResellerPermission('phpiniDisableFunctions'), $phpini->getResellerPermission('phpiniMailFunction'), $phpini->getResellerPermission('phpiniAllowUrlFopen'), $phpini->getResellerPermission('phpiniDisplayErrors'), $phpini->getResellerPermission('phpiniPostMaxSize'), $phpini->getResellerPermission('phpiniUploadMaxFileSize'), $phpini->getResellerPermission('phpiniMaxExecutionTime'), $phpini->getResellerPermission('phpiniMaxInputTime'), $phpini->getResellerPermission('phpiniMemoryLimit')));
$db->commit();
// Creating Software repository for reseller if needed
if ($data['software_allowed'] == 'yes' && !@mkdir($cfg['GUI_APS_DIR'] . '/' . $resellerId, 0750, true)) {
write_log(sprintf('System was unable to create the %s directory for reseller software repository', "{$cfg['GUI_APS_DIR']}/{$resellerId}"), E_USER_ERROR);
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddUser);
send_add_user_auto_msg($_SESSION['user_id'], $data['admin_name'], $data['password'], $data['email'], $data['fname'], $data['lname'], tr('Reseller'));
write_log(sprintf('A new reseller account (%s) has been created by %s', $data['admin_name'], $_SESSION['user_logged']), E_USER_NOTICE);
set_page_message(tr('Reseller account successfully created.'), 'success');
return true;
}
} catch (iMSCP_Exception_Database $e) {
$db->rollBack();
throw $e;
}
if (!empty($errFieldsStack)) {
iMSCP_Registry::set('errFieldsStack', $errFieldsStack);
}
return false;
}
/**
* Check and updates domain data
*
* @throws iMSCP_Exception_Database
* @param int $domainId Domain unique identifier
* @return bool TRUE on success, FALSE otherwise
*/
function reseller_checkAndUpdateData($domainId)
{
$db = iMSCP_Database::getInstance();
$errFieldsStack = array();
try {
// Getting domain data
$data =& reseller_getData($domainId, true);
// Check for expires date
if ($data['domain_never_expires'] == 'off') {
if (!preg_match('%^\\d{2}/\\d{2}/\\d{4}$%', $data['domain_expires']) || ($timestamp = strtotime($data['domain_expires'])) === false) {
$data['domain_expires_ok'] = false;
set_page_message(tr('Wrong syntax for new expire date.'), 'error');
$errFieldsStack[] = 'domain_expires';
} elseif ($timestamp != 0 && $timestamp <= time()) {
$data['domain_expires'] = $timestamp;
set_page_message(tr('You cannot set expire date in past.'), 'error');
$errFieldsStack[] = 'domain_expires';
} else {
$data['domain_expires'] = $timestamp;
}
} else {
$data['domain_expires'] = 0;
}
// Check for the subdomains limit
if ($data['fallback_domain_subd_limit'] != -1) {
if (!imscp_limit_check($data['domain_subd_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('subdomains')), 'error');
$errFieldsStack[] = 'domain_subd_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_subd_limit'], $data['nbSubdomains'], $data["fallback_domain_subd_limit"], $data['current_sub_cnt'], $data['max_sub_cnt'], $data['nbSubdomains'] > 1 ? tr('subdomains') : tr('subdomain'))) {
$errFieldsStack[] = 'domain_subd_limit';
}
}
// Check for the domain aliases limit
if ($data['fallback_domain_alias_limit'] != -1) {
if (!imscp_limit_check($data['domain_alias_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('domain aliases')), 'error');
$errFieldsStack[] = 'domain_alias_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_alias_limit'], $data['nbAliasses'], $data["fallback_domain_alias_limit"], $data['current_als_cnt'], $data['max_als_cnt'], $data['nbAliasses'] > 1 ? tr('domain aliases') : tr('domain alias'))) {
$errFieldsStack[] = 'domain_alias_limit';
}
}
// Check for the mail accounts limit
if ($data['fallback_domain_mailacc_limit'] != -1) {
if (!imscp_limit_check($data['domain_mailacc_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('email accounts')), 'error');
$errFieldsStack[] = 'domain_mailacc_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_mailacc_limit'], $data['nbMailAccounts'], $data["fallback_domain_mailacc_limit"], $data['current_mail_cnt'], $data['max_mail_cnt'], $data["nbMailAccounts"] > 1 ? tr('email accounts') : tr('email account'))) {
$errFieldsStack[] = 'domain_mailacc_limit';
}
}
// Check for the Ftp accounts limit
if ($data['fallback_domain_ftpacc_limit'] != -1) {
if (!imscp_limit_check($data['domain_ftpacc_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('Ftp accounts')), 'error');
$errFieldsStack[] = 'domain_ftpacc_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_ftpacc_limit'], $data['nbFtpAccounts'], $data["fallback_domain_ftpacc_limit"], $data['current_ftp_cnt'], $data['max_ftp_cnt'], $data['nbFtpAccounts'] > 1 ? tr('Ftp accounts') : tr('Ftp account'))) {
$errFieldsStack[] = 'domain_ftpacc_limit';
}
}
// Check for the Sql databases limit
if ($data['fallback_domain_sqld_limit'] != -1) {
if (!imscp_limit_check($data['domain_sqld_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('SQL databases')), 'error');
$errFieldsStack[] = 'domain_sqld_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_sqld_limit'], $data['nbSqlDatabases'], $data["fallback_domain_sqld_limit"], $data['current_sql_db_cnt'], $data['max_sql_db_cnt'], $data['nbSqlDatabases'] > 1 ? tr('SQL databases') : tr('SQL database'))) {
$errFieldsStack[] = 'domain_sqld_limit';
} elseif ($data['domain_sqld_limit'] != -1 && $data['domain_sqlu_limit'] == -1) {
set_page_message(tr('SQL user limit is disabled.'), 'error');
$errFieldsStack[] = 'domain_sqld_limit';
$errFieldsStack[] = 'domain_sqlu_limit';
}
}
// Check for the Sql users limit
if ($data['fallback_domain_sqlu_limit'] != -1) {
if (!imscp_limit_check($data['domain_sqlu_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('SQL users')), 'error');
$errFieldsStack[] = 'domain_sqlu_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_sqlu_limit'], $data['nbSqlUsers'], $data["fallback_domain_sqlu_limit"], $data['current_sql_user_cnt'], $data['max_sql_user_cnt'], $data['nbSqlUsers'] > 1 ? tr('SQL users') : tr('SQL user'))) {
$errFieldsStack[] = 'domain_sqlu_limit';
} elseif ($data['domain_sqlu_limit'] != -1 && $data['domain_sqld_limit'] == -1) {
set_page_message(tr('SQL database limit is disabled.'), 'error');
$errFieldsStack[] = 'domain_sqlu_limit';
$errFieldsStack[] = 'domain_sqld_limit';
}
}
// Check for the monthly traffic limit
if (!imscp_limit_check($data['domain_traffic_limit'], null)) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('traffic')), 'error');
$errFieldsStack[] = 'domain_traffic_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_traffic_limit'], $data['domainTraffic'] / 1048576, $data["fallback_domain_traffic_limit"], $data['current_traff_amnt'], $data['max_traff_amnt'], tr('traffic'))) {
$errFieldsStack[] = 'domain_traffic_limit';
}
// Check for the disk space limit
if (!imscp_limit_check($data['domain_disk_limit'], null)) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('disk space')), 'error');
$errFieldsStack[] = 'domain_disk_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_disk_limit'], $data['domain_disk_usage'] / 1048576, $data["fallback_domain_disk_limit"], $data['current_disk_amnt'], $data['max_disk_amnt'], tr('disk space'))) {
$errFieldsStack[] = 'domain_disk_limit';
}
// Check for mail quota
if ($data['fallback_domain_mailacc_limit'] != -1) {
if (!imscp_limit_check($data['mail_quota'], null)) {
set_page_message(tr('Wrong syntax for the mail quota value.'), 'error');
$errFieldsStack[] = 'mail_quota';
} elseif ($data['domain_disk_limit'] != 0 && $data['mail_quota'] > $data['domain_disk_limit']) {
set_page_message(tr('Email quota cannot be bigger than disk space limit.'), 'error');
$errFieldsStack[] = 'mail_quota';
} elseif ($data['domain_disk_limit'] != 0 && $data['mail_quota'] == 0) {
set_page_message(tr('Email quota cannot be unlimited. Max value is %d MiB.', $data['domain_disk_limit']), 'error');
$errFieldsStack[] = 'mail_quota';
} else {
$mailData = reseller_getMailData($data['domain_id'], $data['fallback_mail_quota']);
if ($data['mail_quota'] != 0 && $data['mail_quota'] < $mailData['nb_mailboxes']) {
set_page_message(tr('Email quota cannot be lower than %d. Each mailbox should have a least 1 MiB quota.', $mailData['nb_mailboxes']), 'error');
$errFieldsStack[] = 'mail_quota';
}
}
} else {
$data['mail_quota'] = 0;
}
// Check for PHP support
$data['domain_php'] = in_array($data['domain_php'], array('no', 'yes')) ? $data['domain_php'] : $data['fallback_domain_php'];
// PHP editor
$phpini = iMSCP_PHPini::getInstance();
// Needed to track changes
$phpiniClientPerms = $phpini->getClientPermission();
$phpiniDomainConf = $phpini->getDomainIni();
if (isset($_POST['php_ini_system']) && $data['domain_php'] == 'yes' && $phpini->resellerHasPermission('phpiniSystem')) {
$phpini->setClientPermission('phpiniSystem', clean_input($_POST['php_ini_system']));
if ($phpini->clientHasPermission('phpiniSystem')) {
if (isset($_POST['phpini_perm_allow_url_fopen'])) {
$phpini->setClientPermission('phpiniAllowUrlFopen', clean_input($_POST['phpini_perm_allow_url_fopen']));
}
if (isset($_POST['phpini_perm_display_errors'])) {
$phpini->setClientPermission('phpiniDisplayErrors', clean_input($_POST['phpini_perm_display_errors']));
}
if (isset($_POST['phpini_perm_disable_functions'])) {
$phpini->setClientPermission('phpiniDisableFunctions', clean_input($_POST['phpini_perm_disable_functions']));
}
if (isset($_POST['phpini_perm_mail_function'])) {
$phpini->setClientPermission('phpiniMailFunction', clean_input($_POST['phpini_perm_mail_function']));
}
if (isset($_POST['memory_limit'])) {
// Must be set before phpiniPostMaxSize
$phpini->setDomainIni('phpiniMemoryLimit', clean_input($_POST['memory_limit']));
}
if (isset($_POST['post_max_size'])) {
// Must be set before phpiniUploadMaxFileSize
$phpini->setDomainIni('phpiniPostMaxSize', clean_input($_POST['post_max_size']));
}
if (isset($_POST['upload_max_filezize'])) {
$phpini->setDomainIni('phpiniUploadMaxFileSize', clean_input($_POST['upload_max_filezize']));
}
if (isset($_POST['max_execution_time'])) {
$phpini->setDomainIni('phpiniMaxExecutionTime', clean_input($_POST['max_execution_time']));
}
if (isset($_POST['max_input_time'])) {
$phpini->setDomainIni('phpiniMaxInputTime', clean_input($_POST['max_input_time']));
}
} else {
$phpini->loadClientPermissions();
// Reset client PHP permissions
$phpini->loadDomainIni();
// Reset domain PHP configuration options
}
} else {
$phpini->loadClientPermissions();
// Reset client PHP permissions
$phpini->loadDomainIni();
// Reset domain PHP configuration options
}
// Check for CGI support
$data['domain_cgi'] = in_array($data['domain_cgi'], array('no', 'yes')) ? $data['domain_cgi'] : $data['fallback_domain_cgi'];
// Check for custom DNS records support
$data['domain_dns'] = in_array($data['domain_dns'], array('no', 'yes')) ? $data['domain_dns'] : $data['fallback_domain_dns'];
// Check for APS support
$data['domain_software_allowed'] = in_array($data['domain_software_allowed'], array('no', 'yes')) ? $data['domain_software_allowed'] : $data['fallback_domain_software_allowed'];
// Check for External mail server support
$data['domain_external_mail'] = in_array($data['domain_external_mail'], array('no', 'yes')) ? $data['domain_external_mail'] : $data['fallback_domain_external_mail'];
// Check for backup support
$data['allowbackup'] = is_array($data['allowbackup']) ? array_intersect($data['allowbackup'], array('dmn', 'sql', 'mail')) : $data['fallback_allowbackup'];
// Check for Web folder protection support
$data['web_folder_protection'] = in_array($data['web_folder_protection'], array('no', 'yes')) ? $data['web_folder_protection'] : $data['fallback_web_folder_protection'];
if (empty($errFieldsStack) && !Zend_Session::namespaceIsset('pageMessages')) {
// Update process begin here
$oldValues = array();
$newValues = array();
foreach ($data as $property => $value) {
if (strpos($property, 'fallback_') !== false) {
$property = substr($property, 9);
$oldValues[$property] = $value;
$newValues[$property] = $data[$property];
}
}
$needDaemonRequest = false;
if ($newValues == $oldValues && $phpiniClientPerms == $phpini->getClientPermission() && $phpiniDomainConf == $phpini->getDomainIni()) {
set_page_message(tr('Nothing has been changed.'), 'info');
return true;
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditDomain, array('domainId' => $domainId));
$db->beginTransaction();
if ($phpiniClientPerms != $phpini->getClientPermission() || $phpiniDomainConf != $phpini->getDomainIni()) {
$phpini->updateDomainConfigOptions($data['admin_id']);
$needDaemonRequest = true;
}
// PHP or CGI was either enabled or disabled or PHP Settings were changed, web folder protection
// properties have been updated, or domain IP was changed, so we must update the vhosts files
// of all domain entities (dmn, sub, als, alssub)
if ($needDaemonRequest || $data['domain_php'] != $data['fallback_domain_php'] || $data['domain_cgi'] != $data['fallback_domain_cgi'] || $data['web_folder_protection'] != $data['fallback_web_folder_protection'] || $data['domain_ip_id'] != $data['fallback_domain_ip_id']) {
if ($data['domain_alias_limit'] != '-1') {
exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE domain_id = ? AND alias_status <> ?', array('tochange', $domainId, 'ordered'));
}
$needDaemonRequest = true;
}
if ($data['domain_dns'] != $data['fallback_domain_dns'] && $data['domain_dns'] == 'no') {
// Support for custom DNS records is now disabled - We must delete all custom DNS entries
// (except those that are protected), and update the DNS zone file
exec_query('DELETE FROM domain_dns WHERE domain_id = ? AND owned_by = ?', array($domainId, 'custom_dns_feature'));
$needDaemonRequest = true;
}
// Update domain properties
exec_query('
UPDATE
domain
SET
domain_expires = ?, domain_last_modified = ?, domain_mailacc_limit = ?, domain_ftpacc_limit = ?,
domain_traffic_limit = ?, domain_sqld_limit = ?, domain_sqlu_limit = ?, domain_status = ?,
domain_alias_limit = ?, domain_subd_limit = ?, domain_ip_id = ?, domain_disk_limit = ?,
domain_php = ?, domain_cgi = ?, allowbackup = ?, domain_dns = ?, domain_software_allowed = ?,
phpini_perm_system = ?, phpini_perm_allow_url_fopen = ?, phpini_perm_display_errors = ?,
phpini_perm_disable_functions = ?, phpini_perm_mail_function = ?, domain_external_mail = ?,
web_folder_protection = ?,
mail_quota = ?
WHERE
domain_id = ?
', array($data['domain_expires'], time(), $data['domain_mailacc_limit'], $data['domain_ftpacc_limit'], $data['domain_traffic_limit'], $data['domain_sqld_limit'], $data['domain_sqlu_limit'], $needDaemonRequest ? 'tochange' : 'ok', $data['domain_alias_limit'], $data['domain_subd_limit'], $data['domain_ip_id'], $data['domain_disk_limit'], $data['domain_php'], $data['domain_cgi'], implode('|', $data['allowbackup']), $data['domain_dns'], $data['domain_software_allowed'], $phpini->getClientPermission('phpiniSystem'), $phpini->getClientPermission('phpiniAllowUrlFopen'), $phpini->getClientPermission('phpiniDisplayErrors'), $phpini->getClientPermission('phpiniDisableFunctions'), $phpini->getClientPermission('phpiniMailFunction'), $data['domain_external_mail'], $data['web_folder_protection'], $data['mail_quota'] * 1048576, $domainId));
//print 'ouch'; exit;
// Sync mailboxes quota if needed
if ($data['fallback_mail_quota'] != $data['mail_quota'] * 1048576) {
sync_mailboxes_quota($domainId, $data['mail_quota'] * 1048576);
}
// Update domain alias IP if needed
if ($data['domain_ip_id'] != $data['fallback_domain_ip_id']) {
if ($data['domain_alias_limit'] != '-1') {
exec_query('UPDATE domain_aliasses SET alias_ip_id = ? WHERE domain_id = ?', array($data['domain_ip_id'], $domainId));
}
}
// Update Ftp quota limit if needed
if ($data['domain_disk_limit'] != $data['fallback_domain_disk_limit']) {
exec_query('
REPLACE INTO quotalimits (
name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail,
bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail
) VALUES (
?, ?, ?, ?, ?, ?, ?, ?, ?, ?
)
', array($data['domain_name'], 'group', 'false', 'hard', $data['domain_disk_limit'] * 1048576, 0, 0, 0, 0, 0));
}
// Update reseller properties
update_reseller_c_props($data['reseller_id']);
$db->commit();
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditDomain, array('domainId' => $domainId));
if ($needDaemonRequest) {
send_request();
set_page_message(tr('Domain scheduled for update.'), 'success');
} else {
set_page_message(tr('Domain successfully updated.'), 'success');
}
$userLogged = isset($_SESSION['logged_from']) ? $_SESSION['logged_from'] : $_SESSION['user_logged'];
write_log("Domain " . decode_idna($data['domain_name']) . " has been updated by {$userLogged}", E_USER_NOTICE);
return true;
}
} catch (iMSCP_Exception_Database $e) {
$db->rollBack();
throw $e;
}
if (!empty($errFieldsStack)) {
iMSCP_Registry::set('errFieldsStack', $errFieldsStack);
}
return false;
}
/**
* Function to update changes into db
*
* @param int $adminId Customer unique identifier
* @return void
*/
function reseller_updateUserData($adminId)
{
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $adminId));
global $adminName, $email, $customerId, $firstName, $lastName, $firm, $zip, $gender, $city, $state, $country, $street1, $street2, $phone, $fax, $password, $passwordRepeat;
$resellerId = intval($_SESSION['user_id']);
if ($password === '' && $passwordRepeat === '') {
// Save without password
exec_query('
UPDATE
admin
SET
fname = ?, lname = ?, firm = ?, zip = ?, city = ?, state = ?, country = ?, email = ?, phone = ?,
fax = ?, street1 = ?, street2 = ?, gender = ?, customer_id = ?
WHERE
admin_id = ?
AND
created_by = ?
', array($firstName, $lastName, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $customerId, $adminId, $resellerId));
} else {
// Change password
if ($password != $passwordRepeat) {
set_page_message(tr("Passwords do not match."), 'error');
redirectTo('user_edit.php?edit_id=' . $adminId);
}
if (!checkPasswordSyntax($password)) {
redirectTo('user_edit.php?edit_id=' . $adminId);
}
$encryptedPassword = cryptPasswordWithSalt($password);
exec_query('
UPDATE
admin
SET
admin_pass = ?, fname = ?, lname = ?, firm = ?, zip = ?, city = ?, state = ?, country = ?, email = ?,
phone = ?, fax = ?, street1 = ?, street2 = ?, gender = ?, customer_id = ?
WHERE
admin_id = ?
AND
created_by = ?
', array($encryptedPassword, $firstName, $lastName, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $customerId, $adminId, $resellerId));
$adminName = get_user_name($adminId);
exec_query('DELETE FROM login WHERE user_name = ?', $adminName);
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $adminId));
set_page_message(tr('User data successfully updated'), 'success');
write_log("{$_SESSION['user_logged']} updated data for {$adminName}.", E_USER_NOTICE);
if (isset($_POST['send_data']) && $password !== '') {
send_add_user_auto_msg($resellerId, $adminName, $password, $email, $firstName, $lastName, tr('Customer'));
}
redirectTo('users.php');
}
/**
* Edit domain alias
*
* @return bool TRUE on success, FALSE on failure
*/
function client_editDomainAlias()
{
if (isset($_GET['id'])) {
$domainAliasId = clean_input($_GET['id']);
if ($domainAliasData = _client_getAliasData($domainAliasId)) {
// Check for URL forwarding option
$forwardUrl = 'no';
if (isset($_POST['url_forwarding']) && $_POST['url_forwarding'] == 'yes') {
// We are safe here
if (isset($_POST['forward_url_scheme']) && isset($_POST['forward_url'])) {
$forwardUrl = clean_input($_POST['forward_url_scheme']) . clean_input($_POST['forward_url']);
try {
try {
$uri = iMSCP_Uri_Redirect::fromString($forwardUrl);
} catch (Zend_Uri_Exception $e) {
throw new iMSCP_Exception(tr('Forward URL %s is not valid.', "<strong>{$forwardUrl}</strong>"));
}
$uri->setHost(encode_idna($uri->getHost()));
if ($uri->getHost() == $domainAliasData['alias_name'] && $uri->getPath() == '/') {
throw new iMSCP_Exception(tr('Forward URL %s is not valid.', "<strong>{$forwardUrl}</strong>") . ' ' . tr('Domain alias %s cannot be forwarded on itself.', "<strong>{$domainAliasData['alias_name_utf8']}</strong>"));
}
$forwardUrl = $uri->getUri();
} catch (Exception $e) {
set_page_message($e->getMessage(), 'error');
return false;
}
} else {
showBadRequestErrorPage();
}
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditDomainAlias, array('domainAliasId' => $domainAliasId));
exec_query('UPDATE `domain_aliasses` SET `url_forward` = ?, `alias_status` = ? WHERE `alias_id` = ?', array($forwardUrl, 'tochange', $domainAliasId));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditDomainALias, array('domainAliasId' => $domainAliasId));
send_request();
write_log("{$_SESSION['user_logged']}: scheduled update of domain alias: {$domainAliasData['alias_name_utf8']}.", E_USER_NOTICE);
} else {
showBadRequestErrorPage();
}
} else {
showBadRequestErrorPage();
}
return true;
}
/**
* Generate page
*
* @param $tpl iMSCP_pTemplate
* @return void
*/
function generatePage($tpl)
{
global $id, $name, $description, $sub, $als, $mail, $mailQuota, $ftp, $sqld, $sqlu, $traffic, $diskSpace, $php, $cgi, $backup, $dns, $aps, $extMail, $webFolderProtection, $status;
$tpl->assign(array('ID' => tohtml($id, 'htmlAttr'), 'NAME' => tohtml($name, 'htmlAttr'), 'DESCRIPTION' => tohtml($description), 'MAX_SUB' => tohtml($sub, 'htmlAttr'), 'MAX_ALS' => tohtml($als, 'htmlAttr'), 'MAX_MAIL' => tohtml($mail, 'htmlAttr'), 'MAIL_QUOTA' => tohtml($mailQuota, 'htmlAttr'), 'MAX_FTP' => tohtml($ftp, 'htmlAttr'), 'MAX_SQLD' => tohtml($sqld, 'htmlAttr'), 'MAX_SQLU' => tohtml($sqlu, 'htmlAttr'), 'MONTHLY_TRAFFIC' => tohtml($traffic, 'htmlAttr'), 'MAX_DISKSPACE' => tohtml($diskSpace, 'htmlAttr'), 'PHP_YES' => $php == '_yes_' ? ' checked' : '', 'PHP_NO' => $php == '_yes_' ? '' : ' checked', 'CGI_YES' => $cgi == '_yes_' ? ' checked' : '', 'CGI_NO' => $cgi == '_yes_' ? '' : ' checked', 'DNS_YES' => $dns == '_yes_' ? ' checked' : '', 'DNS_NO' => $dns == '_yes_' ? '' : ' checked', 'TR_SOFTWARE_YES' => $aps == '_yes_' ? ' checked' : '', 'TR_SOFTWARE_NO' => $aps == '_yes_' ? '' : ' checked', 'SOFTWARE_YES' => $aps == '_yes_' ? ' checked' : '', 'SOFTWARE_NO' => $aps == '_yes_' ? '' : ' checked', 'EXTMAIL_YES' => $extMail == '_yes_' ? ' checked' : '', 'EXTMAIL_NO' => $extMail == '_yes_' ? '' : ' checked', 'BACKUPD' => in_array('_dmn_', $backup) ? ' checked' : '', 'BACKUPS' => in_array('_sql_', $backup) ? ' checked' : '', 'BACKUPM' => in_array('_mail_', $backup) ? ' checked' : '', 'PROTECT_WEB_FOLDERS_YES' => $webFolderProtection == '_yes_' ? ' checked' : '', 'PROTECT_WEB_FOLDERS_NO' => $webFolderProtection == '_yes_' ? '' : ' checked', 'STATUS_YES' => $status ? ' checked' : '', 'STATUS_NO' => !$status ? ' checked' : ''));
iMSCP_Events_Aggregator::getInstance()->registerListener('onGetJsTranslations', function ($e) {
/** @var iMSCP_Events_Event $e */
$translations = $e->getParam('translations');
$translations['core']['error_field_stack'] = iMSCP_Registry::isRegistered('errFieldsStack') ? iMSCP_Registry::get('errFieldsStack') : array();
});
if (!resellerHasFeature('subdomains')) {
$tpl->assign('NB_SUBDOMAIN', '');
}
if (!resellerHasFeature('domain_aliases')) {
$tpl->assign('NB_DOMAIN_ALIASES', '');
}
if (!resellerHasFeature('mail')) {
$tpl->assign('NB_MAIL', '');
}
if (!resellerHasFeature('ftp')) {
$tpl->assign('NB_FTP', '');
}
if (!resellerHasFeature('sql_db')) {
$tpl->assign('NB_SQLD', '');
}
if (!resellerHasFeature('sql_user')) {
$tpl->assign('NB_SQLU', '');
}
if (!resellerHasFeature('php')) {
$tpl->assign('PHP_FEATURE', '');
}
if (!resellerHasFeature('php_editor')) {
$tpl->assign('PHP_EDITOR_FEATURE', '');
}
if (!resellerHasFeature('cgi')) {
$tpl->assign('CGI_FEATURE', '');
}
if (!resellerHasFeature('custom_dns_records')) {
$tpl->assign('CUSTOM_DNS_RECORDS_FEATURE', '');
}
if (!resellerHasFeature('aps')) {
$tpl->assign('APS_FEATURE', '');
}
if (!resellerHasFeature('external_mail')) {
$tpl->assign('EXT_MAIL_FEATURE', '');
}
if (!resellerHasFeature('backup')) {
$tpl->assign('BACKUP_FEATURE', '');
}
generatePhpBlock($tpl);
}
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
// Include core library
require 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAdminScriptStart);
check_login('admin');
if (isset($_GET['id']) and is_numeric($_GET['id'])) {
$query = "\n\t\tSELECT\n\t\t\t`software_id`,\n\t\t\t`software_archive`,\n\t\t\t`reseller_id`\n\t\tFROM\n\t\t\t`web_software`\n\t\tWHERE\n\t\t\t`software_id` = ?\n\t\tAND\n\t\t\t`software_active` = 0\n\t";
$rs = exec_query($query, $_GET['id']);
if ($rs->recordCount() != 1) {
set_page_message(tr('Wrong software id.'), 'error');
redirectTo('software_manage.php');
} else {
$update = "\n\t\t\tUPDATE\n\t\t\t\t`web_software`\n\t\t\tSET\n\t\t\t\t`software_active` = 1\n\t\t\tWHERE\n\t\t\t\t`software_id` = ?\n\t\t";
$res = exec_query($update, $_GET['id']);
$query = "\n\t\t\tSELECT\n\t\t\t\t`software_id`,\n\t\t\t\t`software_name`,\n\t\t\t\t`software_version`,\n\t\t\t\t`software_language`,\n\t\t\t\t`reseller_id`,\n\t\t\t\t`software_archive`\n\t\t\tFROM\n\t\t\t\t`web_software`\n\t\t\tWHERE\n\t\t\t\t`software_id` = ?\n\t\t";
$res = exec_query($query, $_GET['id']);
send_activated_sw($res->fields['reseller_id'], $res->fields['software_archive'] . ".tar.gz", $res->fields['software_id']);
set_page_message(tr('Software was activated.'), 'success');
redirectTo('software_manage.php');
/**
* Send circular
*
* @return bool TRUE on success, FALSE otherwise
*/
function reseller_sendCircular()
{
if (isset($_POST['sender_name']) && isset($_POST['sender_email']) && isset($_POST['subject']) && isset($_POST['body'])) {
$senderName = clean_input($_POST['sender_name']);
$senderEmail = clean_input($_POST['sender_email']);
$subject = clean_input($_POST['subject'], false);
$body = clean_input($_POST['body'], false);
if (reseller_isValidCircular($senderName, $senderEmail, $subject, $body)) {
$responses = iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeSendCircular, array('sender_name' => $senderName, 'sender_email' => $senderEmail, 'rcpt_to' => 'customers', 'subject' => $subject, 'body' => $body));
if (!$responses->isStopped()) {
reseller_sendToCustomers($senderName, $senderEmail, $subject, $body);
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterSendCircular, array('sender_name' => $senderName, 'sender_email' => $senderEmail, 'rcpt_to' => 'customers', 'subject' => $subject, 'body' => $body));
set_page_message(tr('Circular successfully sent.'), 'success');
write_log('A circular has been sent by reseller: ' . tohtml("{$senderName} <{$senderEmail}>"), E_USER_NOTICE);
}
} else {
return false;
}
} else {
showBadRequestErrorPage();
}
return true;
}
/**
* Reset instance
*
* @static
* @return void
*/
public static function resetInstance()
{
self::$instance = null;
}
/**
* Return iMSCP_Events_Aggregator instance
*
* @return iMSCP_Events_Aggregator
* @deprecated 1.1.6 (will be removed in later version
*/
public static function getInstance()
{
return iMSCP_Events_Aggregator::getInstance();
}
/**
* Add new domain alias
*
* @return bool TRUE on success, FALSE on failure
*/
function addDomainAlias()
{
global $mainDmnProps;
// Basic check
if (empty($_POST['domain_alias_name'])) {
set_page_message(tr('You must enter a domain alias name.'), 'error');
return false;
}
$domainAliasName = clean_input(strtolower($_POST['domain_alias_name']));
// Check for domain alias name syntax
global $dmnNameValidationErrMsg;
if (!isValidDomainName($domainAliasName)) {
set_page_message($dmnNameValidationErrMsg, 'error');
return false;
}
// www is considered as an alias of the domain alias
while (strpos($domainAliasName, 'www.') !== false) {
$domainAliasName = substr($domainAliasName, 4);
}
// Check for domain alias existence
if (imscp_domain_exists($domainAliasName, $_SESSION['user_created_by'])) {
set_page_message(tr('Domain %s is unavailable.', "<strong>{$domainAliasName}</strong>"), 'error');
return false;
}
$domainAliasNameAscii = encode_idna($domainAliasName);
// Set default mount point
$mountPoint = "/{$domainAliasNameAscii}";
// Check for shared mount point option
if (isset($_POST['shared_mount_point']) && $_POST['shared_mount_point'] == 'yes') {
// We are safe here
if (!isset($_POST['shared_mount_point_domain'])) {
showBadRequestErrorPage();
}
$sharedMountPointDomain = clean_input($_POST['shared_mount_point_domain']);
$domainList = _client_getDomainsList();
// Get shared mount point
foreach ($domainList as $domain) {
if ($domain['name'] == $sharedMountPointDomain) {
$mountPoint = $domain['mount_point'];
}
}
}
// Check for URL forwarding option
$forwardUrl = 'no';
if (isset($_POST['url_forwarding']) && $_POST['url_forwarding'] == 'yes') {
if (!isset($_POST['forward_url_scheme']) || isset($_POST['forward_url'])) {
showBadRequestErrorPage();
}
$forwardUrl = clean_input($_POST['forward_url_scheme']) . clean_input($_POST['forward_url']);
try {
try {
$uri = iMSCP_Uri_Redirect::fromString($forwardUrl);
} catch (Zend_Uri_Exception $e) {
throw new iMSCP_Exception(tr('Forward URL %s is not valid.', "<strong>{$forwardUrl}</strong>"));
}
$uri->setHost(encode_idna($uri->getHost()));
if ($uri->getHost() == $domainAliasNameAscii && $uri->getPath() == '/') {
throw new iMSCP_Exception(tr('Forward URL %s is not valid.', "<strong>{$forwardUrl}</strong>") . ' ' . tr('Domain alias %s cannot be forwarded on itself.', "<strong>{$domainAliasName}</strong>"));
}
$forwardUrl = $uri->getUri();
} catch (Exception $e) {
set_page_message($e->getMessage(), 'error');
return false;
}
}
$isSuUser = isset($_SESSION['logged_from_type']);
# See http://youtrack.i-mscp.net/issue/IP-1486
$userEmail = isset($_SESSION['user_email']) ? $_SESSION['user_email'] : '';
$db = iMSCP_Database::getInstance();
try {
$db->beginTransaction();
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddDomainAlias, array('domainId' => $mainDmnProps['domain_id'], 'domainAliasName' => $domainAliasNameAscii));
exec_query('
INSERT INTO domain_aliasses (
domain_id, alias_name, alias_mount, alias_status, alias_ip_id, url_forward
) VALUES (
?, ?, ?, ?, ?, ?
)
', array($mainDmnProps['domain_id'], $domainAliasNameAscii, $mountPoint, $isSuUser ? 'toadd' : 'ordered', $mainDmnProps['domain_ip_id'], $forwardUrl));
$id = $db->insertId();
// Create the phpini entry for that domain alias
$phpini = iMSCP_PHPini::getInstance();
$phpini->loadResellerPermissions($_SESSION['user_created_by']);
// Load reseller PHP permissions
$phpini->loadClientPermissions($_SESSION['user_id']);
// Load client PHP permissions
$phpini->loadDomainIni($_SESSION['user_id'], $mainDmnProps['domain_id'], 'dmn');
// Load main domain PHP configuration options
$phpini->saveDomainIni($_SESSION['user_id'], $id, 'als');
if ($isSuUser) {
$cfg = iMSCP_Registry::get('config');
if ($cfg['CREATE_DEFAULT_EMAIL_ADDRESSES'] && $userEmail !== '') {
client_mail_add_default_accounts($mainDmnProps['domain_id'], $userEmail, $domainAliasNameAscii, 'alias', $id);
}
}
$db->commit();
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddDomainAlias, array('domainId' => $mainDmnProps['domain_id'], 'domainAliasName' => $domainAliasNameAscii, 'domainAliasId' => $id));
if ($isSuUser) {
send_request();
write_log(sprintf('A new `%s` domain alias has been created by: %s', $domainAliasName, $_SESSION['user_logged']), E_USER_NOTICE);
set_page_message(tr('Domain alias successfully created.'), 'success');
} else {
send_alias_order_email($domainAliasName);
write_log(sprintf('A new `%s` domain alias has been ordered by: %s', $domainAliasName, decode_idna($_SESSION['user_logged'])), E_USER_NOTICE);
set_page_message(tr('Domain alias successfully ordered.'), 'success');
}
} catch (iMSCP_Exception_Database $e) {
$db->rollBack();
write_log(sprintf('System was unable to create the `%s` domain alias: %s', $domainAliasName, $e->getMessage()), E_USER_ERROR);
set_page_message(tr('Could not create domain alias. An unexpected error occurred.'), 'error');
return false;
}
return true;
}
/**
* Load navigation file for current UI level
*
* @return void
*/
function layout_LoadNavigation()
{
if (isset($_SESSION['user_type'])) {
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
$locale = iMSCP_Registry::get('translator')->getLocale();
switch ($_SESSION['user_type']) {
case 'admin':
$userLevel = 'admin';
$filepath = CACHE_PATH . '/translations/navigation/admin_' . $locale . '.php';
break;
case 'reseller':
$userLevel = 'reseller';
$filepath = CACHE_PATH . '/translations/navigation/reseller_' . $locale . '.php';
break;
default:
$userLevel = 'client';
$filepath = CACHE_PATH . '/translations/navigation/client_' . $locale . '.php';
}
if (!file_exists($filepath)) {
layout_createNavigationFile($cfg->ROOT_TEMPLATE_PATH . "/{$userLevel}/navigation.php", $locale, $userLevel);
}
iMSCP_Registry::set('navigation', new Zend_Navigation(include $filepath));
// Set main menu labels visibility for the current environment
iMSCP_Events_Aggregator::getInstance()->registerListener(iMSCP_Events::onBeforeGenerateNavigation, 'layout_setMainMenuLabelsVisibilityEvt');
}
}
