function add_ftp_user($sql, $dmn_name)
{
$cfg = EasySCP_Registry::get('Config');
$username = strtolower(clean_input($_POST['username']));
if (!validates_username($username)) {
set_page_message(tr("Incorrect username length or syntax!"), 'warning');
return;
}
// Set default values ($ftp_home may be overwritten if user
// has specified a mount point)
switch ($_POST['dmn_type']) {
// Default moint point for a domain
case 'dmn':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $dmn_name;
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}";
break;
// Default mount point for an alias domain
// Default mount point for an alias domain
case 'als':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $_POST['als_id'];
$alias_mount_point = get_alias_mount_point($sql, $_POST['als_id']);
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}" . $alias_mount_point;
break;
// Default mount point for a subdomain
// Default mount point for a subdomain
case 'sub':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $_POST['sub_id'] . '.' . $dmn_name;
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}/" . clean_input($_POST['sub_id']);
break;
// Unknown domain type (?)
// Unknown domain type (?)
default:
set_page_message(tr('Unknown domain type'), 'error');
return;
break;
}
// User-specified mount point
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_vhome = clean_input($_POST['other_dir'], false);
// Strip possible double-slashes
$ftp_vhome = str_replace('//', '/', $ftp_vhome);
// Check for updirs ".."
$res = preg_match("/\\.\\./", $ftp_vhome);
if ($res !== 0) {
set_page_message(tr('Incorrect mount point length or syntax'), 'error');
return;
}
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}/" . $ftp_vhome;
// Strip possible double-slashes
$ftp_home = str_replace('//', '/', $ftp_home);
// Check for $ftp_vhome existence
// Create a virtual filesystem (it's important to use =&!)
$vfs = new EasySCP_VirtualFileSystem($dmn_name, $sql);
// Check for directory existence
$res = $vfs->exists($ftp_vhome);
if (!$res) {
set_page_message(tr('%s does not exist', $ftp_vhome), 'error');
return;
}
}
// End of user-specified mount-point
$ftp_gid = get_ftp_user_gid($sql, $dmn_name, $ftp_user);
$ftp_uid = get_ftp_user_uid($sql, $dmn_name, $ftp_user, $ftp_gid);
if ($ftp_uid == -1) {
return;
}
$ftp_shell = $cfg->CMD_SHELL;
$ftp_passwd = crypt_user_pass_with_salt($_POST['pass']);
$ftp_loginpasswd = encrypt_db_password($_POST['pass']);
$query = "\n\t\tINSERT INTO ftp_users\n\t\t\t(`userid`, `passwd`, `net2ftppasswd`, `uid`, `gid`, `shell`, `homedir`)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?, ?)\n\t";
exec_query($sql, $query, array($ftp_user, $ftp_passwd, $ftp_loginpasswd, $ftp_uid, $ftp_gid, $ftp_shell, $ftp_home));
$domain_props = get_domain_default_props($_SESSION['user_id']);
update_reseller_c_props($domain_props['domain_created_id']);
write_log($_SESSION['user_logged'] . ": add new FTP account: {$ftp_user}");
set_page_message(tr('FTP account added!'), 'success');
user_goto('ftp_accounts.php');
}
function add_ftp_user(&$sql, $dmn_name)
{
global $cfg;
$username = strtolower($_POST['username']);
$res_uname = preg_match("/\\./", $username, $match);
if ($res_uname == 1) {
set_page_message(tr("Incorrect username range or syntax!"));
return;
}
$res = preg_match("/\\.\\./", $_POST['other_dir'], $match);
if (chk_username($username)) {
set_page_message(tr("Incorrect username range or syntax!"));
return;
}
if ($_POST['dmn_type'] === 'dmn') {
$ftp_user = $username . $cfg['FTP_USERNAME_SEPARATOR'] . $dmn_name;
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . $_POST['other_dir'];
if (!is_dir($ftp_home) || $res !== 0) {
set_page_message($_POST['other_dir'] . tr(' do not exist'));
return;
}
} else {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}";
}
} else {
if ($_POST['dmn_type'] === 'als') {
$ftp_user = $username . $cfg['FTP_USERNAME_SEPARATOR'] . $_POST['als_id'];
$alias_mount_point = get_alias_mount_point($sql, $_POST['als_id']);
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . $_POST['other_dir'];
if (!is_dir($ftp_home) || $res !== 0) {
set_page_message($_POST['other_dir'] . tr(' do not exist'));
return;
}
} else {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . $alias_mount_point;
}
} else {
if ($_POST['dmn_type'] === 'sub') {
$ftp_user = $username . $cfg['FTP_USERNAME_SEPARATOR'] . $_POST['sub_id'] . '.' . $dmn_name;
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . $_POST['other_dir'];
if (!is_dir($ftp_home) || $res !== 0) {
set_page_message($_POST['other_dir'] . tr(' do not exist'));
return;
}
} else {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . "/" . $_POST['sub_id'];
}
}
}
}
$ftp_gid = get_ftp_user_gid($sql, $dmn_name, $ftp_user);
$ftp_uid = get_ftp_user_uid($sql, $dmn_name, $ftp_user, $ftp_gid);
if ($ftp_uid == -1) {
return;
}
$ftp_shell = $cfg['FTP_SHELL'];
$ftp_passwd = crypt_user_ftp_pass($_POST['pass']);
$query = <<<SQL_QUERY
insert into ftp_users
(userid, passwd, uid, gid, shell, homedir)
values
(?, ?, ?, ?, ?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($ftp_user, $ftp_passwd, $ftp_uid, $ftp_gid, $ftp_shell, $ftp_home));
write_log($_SESSION['user_logged'] . " : add new FTP account -> {$ftp_user}");
set_page_message(tr('FTP account added!'));
header('Location: ftp_accounts.php');
exit(0);
}