static function doUpdatePassword()
{
global $zdbh;
global $controller;
runtime_csfr::Protect();
$currentuser = ctrl_users::GetUserDetail();
$current_pass = $controller->GetControllerRequest('FORM', 'inCurPass');
$newpass = $controller->GetControllerRequest('FORM', 'inNewPass');
$conpass = $controller->GetControllerRequest('FORM', 'inConPass');
$crypto = new runtime_hash();
$crypto->SetPassword($newpass);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$new_secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
$sql = $zdbh->prepare("SELECT ac_pass_vc, ac_passsalt_vc FROM x_accounts WHERE ac_id_pk= :uid");
$sql->bindParam(':uid', $currentuser['userid']);
$sql->execute();
$result = $sql->fetch();
$userpasshash = new runtime_hash();
$userpasshash->SetPassword($current_pass);
$userpasshash->SetSalt($result['ac_passsalt_vc']);
$current_secure_password = $userpasshash->CryptParts($userpasshash->Crypt())->Hash;
if (fs_director::CheckForEmptyValue($newpass)) {
// Current password is blank!
self::$error = "error";
} elseif ($current_secure_password != $result['ac_pass_vc']) {
// Current password does not match!
self::$error = "nomatch";
} else {
if ($newpass == $conpass) {
// Check for password length...
if (strlen($newpass) < ctrl_options::GetSystemOption('password_minlength')) {
self::$badpassword = true;
return false;
}
// Check that the new password matches the confirmation box.
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_pass_vc=:new_secure_password, ac_passsalt_vc= :randomsalt WHERE ac_id_pk=:userid");
$sql->bindParam(':randomsalt', $randomsalt);
$sql->bindParam(':new_secure_password', $new_secure_password);
$sql->bindParam(':userid', $currentuser['userid']);
$sql->execute();
self::$error = "ok";
} else {
self::$error = "error";
}
}
}
static function doDeleteCron()
{
global $zdbh;
global $controller;
runtime_csfr::Protect();
$currentuser = ctrl_users::GetUserDetail();
$sql = "SELECT COUNT(*) FROM x_cronjobs WHERE ct_acc_fk=:userid AND ct_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $currentuser['userid']);
if ($numrows->execute()) {
if ($numrows->fetchColumn() != 0) {
$sql = $zdbh->prepare("SELECT * FROM x_cronjobs WHERE ct_acc_fk=:userid AND ct_deleted_ts IS NULL");
$sql->bindParam(':userid', $currentuser['userid']);
$sql->execute();
while ($rowcrons = $sql->fetch()) {
if (!fs_director::CheckForEmptyValue($controller->GetControllerRequest('FORM', 'inDelete_' . $rowcrons['ct_id_pk'] . ''))) {
$sql2 = $zdbh->prepare("UPDATE x_cronjobs SET ct_deleted_ts=:time WHERE ct_id_pk=:cronid");
$sql2->bindParam(':cronid', $rowcrons['ct_id_pk']);
$sql2->bindParam(':time', time());
$sql2->execute();
(new Cronfile())->writeToFile();
self::$ok = TRUE;
return;
}
}
}
}
self::$error = TRUE;
return;
}
static function CheckCreateForErrors($domain)
{
global $zdbh;
// Check for spaces and remove if found...
$domain = strtolower(str_replace(' ', '', $domain));
// Check to make sure the domain is not blank before we go any further...
if ($domain == '') {
self::$blank = TRUE;
return FALSE;
}
// Check for invalid characters in the domain...
if (!self::IsValidDomainName($domain)) {
self::$badname = TRUE;
return FALSE;
}
// Check to make sure the domain is in the correct format before we go any further...
if (strpos($domain, 'www.') === 0) {
self::$error = TRUE;
return FALSE;
}
// Check to see if the domain already exists in Sentora somewhere and redirect if it does....
$sql = "SELECT COUNT(*) FROM x_vhosts WHERE vh_name_vc=:domain AND vh_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':domain', $domain);
if ($numrows->execute()) {
if ($numrows->fetchColumn() > 0) {
self::$alreadyexists = TRUE;
return FALSE;
}
}
// Check to make sure user not adding a subdomain and blocks stealing of subdomains....
// Get shared domain list
$SharedDomains = array();
$a = explode(',', ctrl_options::GetSystemOption('shared_domains'));
foreach ($a as $b) {
$SharedDomains[] = $b;
}
if (substr_count($domain, ".") > 1) {
$part = explode('.', $domain);
foreach ($part as $check) {
if (!in_array($check, $SharedDomains)) {
if (strlen($check) > 13) {
$sql = $zdbh->prepare("SELECT * FROM x_vhosts WHERE vh_name_vc LIKE :check AND vh_type_in !=2 AND vh_deleted_ts IS NULL");
$checkSql = '%' . $check . '%';
$sql->bindParam(':check', $checkSql);
$sql->execute();
while ($rowcheckdomains = $sql->fetch()) {
$subpart = explode('.', $rowcheckdomains['vh_name_vc']);
foreach ($subpart as $subcheck) {
if (strlen($subcheck) > 3) {
if ($subcheck == $check) {
if (substr($domain, -7) == substr($rowcheckdomains['vh_name_vc'], -7)) {
self::$nosub = TRUE;
return FALSE;
}
}
}
}
}
}
}
}
}
return TRUE;
}
static function doInstallModule()
{
self::$error_message = "";
self::$error = false;
if ($_FILES['modulefile']['error'] > 0) {
self::$error_message = "Couldn't upload the file, " . $_FILES['modulefile']['error'] . "";
} else {
$archive_ext = fs_director::GetFileExtension($_FILES['modulefile']['name']);
$module_folder = fs_director::GetFileNameNoExtentsion($_FILES['modulefile']['name']);
$module_dir = ctrl_options::GetSystemOption('sentora_root') . 'modules/' . $module_folder;
if (!fs_director::CheckFolderExists($module_dir)) {
if ($archive_ext != 'zpp') {
self::$error_message = "Package type was not detected as a .zpp (Sentora Package) archive.";
} else {
if (fs_director::CreateDirectory($module_dir)) {
if (sys_archive::Unzip($_FILES['modulefile']['tmp_name'], $module_dir . '/')) {
if (!fs_director::CheckFileExists($module_dir . '/module.xml')) {
self::$error_message = "No module.xml file found in the unzipped archive.";
} else {
ui_module::ModuleInfoToDB($module_folder);
$extra_config = $module_dir . "/deploy/install.run";
if (fs_director::CheckFileExists($extra_config)) {
exec(ctrl_options::GetSystemOption('php_exer') . " " . $extra_config . "");
}
self::$ok = true;
}
} else {
self::$error_message = "Couldn't unzip the archive (" . $_FILES['modulefile']['tmp_name'] . ") to " . $module_dir . '/';
}
} else {
self::$error_message = "Couldn't create module folder in " . $module_dir;
}
}
} else {
self::$error_message = "The module " . $module_folder . " is already installed on this server!";
}
}
return;
}
static function CheckCreateForErrors($subdomain, $domain)
{
global $zdbh;
// Check for spaces and remove if found...
$subdomain = strtolower(str_replace(' ', '', $subdomain));
// Check to make sure the domain is not blank before we go any further...
if ($subdomain == '') {
self::$blank = TRUE;
return FALSE;
}
// Check for invalid characters in the domain...
if (!self::IsValidDomainName($subdomain)) {
self::$badname = TRUE;
return FALSE;
}
// Check for input manipulation domains that aren't ours
if (!self::IsValidDomain($domain)) {
self::$badname = TRUE;
return FALSE;
}
// Check to make sure the domain is in the correct format before we go any further...
if (strpos($domain, 'www.') === 0) {
self::$error = TRUE;
return FALSE;
}
// Check to see if the domain already exists in MADmin somewhere and redirect if it does....
$sql = "SELECT COUNT(*) FROM x_vhosts WHERE vh_name_vc=:domain AND vh_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':domain', $subdomain);
if ($numrows->execute()) {
if ($numrows->fetchColumn() > 0) {
self::$alreadyexists = TRUE;
return FALSE;
}
}
return TRUE;
}
static function ExecuteAddFaq($question, $answer, $userid, $global)
{
global $zdbh;
if ($question != "" && $answer != "") {
$sql = "INSERT INTO x_faqs (fq_acc_fk, fq_question_tx, fq_answer_tx, fq_global_in, fq_created_ts) VALUES (:userid, :question, :answer, :global, :time)";
$sql = $zdbh->prepare($sql);
$sql->bindParam(':userid', $userid);
$sql->bindParam(':question', $question);
$sql->bindParam(':answer', $answer);
$sql->bindParam(':global', $global);
$time = time();
$sql->bindParam(':time', $time);
$sql->execute();
self::$ok = true;
return true;
} else {
self::$error = true;
return false;
}
}
static function CheckNumeric($EnablePHP, $Domains, $SubDomains, $ParkedDomains, $Mailboxes, $Fowarders, $DistLists, $FTPAccounts, $MySQL, $DiskQuota, $BandQuota)
{
if (!is_numeric($EnablePHP) || !is_numeric($Domains) || !is_numeric($SubDomains) || !is_numeric($ParkedDomains) || !is_numeric($Mailboxes) || !is_numeric($Fowarders) || !is_numeric($DistLists) || !is_numeric($FTPAccounts) || !is_numeric($MySQL) || !is_numeric($DiskQuota) || !is_numeric($BandQuota)) {
self::$error = true;
return false;
} else {
return true;
}
}
