/**
* Generates directories list.
*
* @param iMSCP_pTemplate $tpl Template engine instance
* @return void
*/
function client_generateDirectoriesList($tpl)
{
// Initialize variables
$path = isset($_GET['cur_dir']) ? clean_input($_GET['cur_dir']) : '';
$domain = $_SESSION['user_logged'];
// Create the virtual file system and open it so it can be used
$vfs = new iMSCP_VirtualFileSystem($domain);
// Get the directory listing
$list = $vfs->ls($path);
if (!$list) {
set_page_message(tr('Unable to retrieve directories list for your domain. Please contact your reseller.'), 'error');
$tpl->assign('FTP_CHOOSER', '');
return;
}
// Show parent directory link
$parent = explode('/', $path);
array_pop($parent);
$parent = implode('/', $parent);
$tpl->assign(array('ACTION_LINK' => '', 'ACTION' => '', 'ICON' => 'parent', 'DIR_NAME' => tr('Parent directory'), 'LINK' => "ftp_choose_dir.php?cur_dir={$parent}"));
$tpl->parse('DIR_ITEM', '.dir_item');
// Show directories only
foreach ($list as $entry) {
$directory = $path . '/' . $entry['file'];
if ($entry['type'] != iMSCP_VirtualFileSystem::VFS_TYPE_DIR || ($entry['file'] == '.' || $entry['file'] == '..') || !isAllowedDir(get_user_domain_id($_SESSION['user_id']), $directory)) {
continue;
}
// Create the directory link
$tpl->assign(array('DIR_NAME' => tohtml($entry['file']), 'CHOOSE_IT' => $directory, 'LINK' => 'ftp_choose_dir.php?cur_dir=' . $directory));
$tpl->parse('ACTION_LINK', 'action_link');
$tpl->parse('DIR_ITEM', '.dir_item');
}
}
function gen_db_list(&$tpl, &$sql, $user_id)
{
$dmn_id = get_user_domain_id($sql, $user_id);
$query = <<<SQL_QUERY
select
sqld_id, sqld_name
from
sql_database
where
domain_id = ?
order by
sqld_name
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_id));
if ($rs->RecordCount() == 0) {
set_page_message(tr('Database list is empty!'));
$tpl->assign('DB_LIST', '');
} else {
while (!$rs->EOF) {
$db_id = $rs->fields['sqld_id'];
$db_name = $rs->fields['sqld_name'];
gen_db_user_list($tpl, $sql, $db_id);
$tpl->assign(array('DB_ID' => "{$db_id}", 'DB_NAME' => "{$db_name}"));
$tpl->parse('DB_LIST', '.db_list');
$rs->MoveNext();
}
}
}
/**
* onAfterAddDomainAlias listener
*
* @throws iMSCP_Exception
* @throws iMSCP_Exception_Database
* @param iMSCP_Events_Event $event
* @throws Exception
*/
public function onAfterAddDomainAlias(iMSCP_Events_Event $event)
{
$userIdentity = iMSCP_Authentication::getInstance()->getIdentity();
if ($userIdentity->admin_type == 'user') {
$disallowedDomains = (array) $this->getConfigParam('ignored_domains', array());
$domainAliasNameAscii = $event->getParam('domainAliasName');
# Only domain aliases which are not listed in the ignored_domains list are auto-approved
if (!in_array(decode_idna($domainAliasNameAscii), $disallowedDomains)) {
$username = decode_idna($userIdentity->admin_name);
$approvalRule = $this->getConfigParam('approval_rule', true);
$userAccounts = (array) $this->getConfigParam('user_accounts', array());
if ($approvalRule) {
# Only domain aliases added by user accounts which are listed in the user_accounts list are
# auto-approved
if (!in_array($username, $userAccounts)) {
$username = false;
}
} elseif (in_array($username, $userAccounts)) {
# Only domain aliases added by user accounts which are not listed in the user_accounts list are
# auto-approved
$username = false;
}
if ($username !== false) {
$db = iMSCP_Database::getInstance();
try {
$db->beginTransaction();
$domainAliasId = $event->getParam('domainAliasId');
exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE alias_id = ?', array('toadd', $domainAliasId));
if (iMSCP_Registry::get('config')->CREATE_DEFAULT_EMAIL_ADDRESSES) {
if ($userIdentity->email) {
client_mail_add_default_accounts(get_user_domain_id($userIdentity->admin_id), $userIdentity->email, $domainAliasNameAscii, 'alias', $domainAliasId);
}
}
$db->commit();
send_request();
$domainAliasName = decode_idna($domainAliasNameAscii);
$username = decode_idna($username);
write_log(sprintf('DomainAutoApproval: The %s domain alias has been auto-approved', $domainAliasName), E_USER_NOTICE);
write_log(sprintf('DomainAutoApproval: %s scheduled addition of domain alias: %s', $username, $domainAliasName), E_USER_NOTICE);
set_page_message(tr('Domain alias successfully scheduled for addition.'), 'success');
redirectTo('domains_manage.php');
} catch (iMSCP_Exception $e) {
$db->rollBack();
throw $e;
}
}
}
}
}
/**
* Generate statistics for the given period
*
* @param iMSCP_pTemplate $tpl Template engine instance
* @return void
*/
function generatePage($tpl)
{
$domainId = get_user_domain_id($_SESSION['user_id']);
if (isset($_POST['month']) && isset($_POST['year'])) {
$year = intval($_POST['year']);
$month = intval($_POST['month']);
} else {
if (isset($_GET['month']) && isset($_GET['year'])) {
$month = intval($_GET['month']);
$year = intval($_GET['year']);
} else {
$month = date('m');
$year = date('Y');
}
}
$stmt = exec_query('SELECT dtraff_time FROM domain_traffic WHERE domain_id = ? ORDER BY dtraff_time ASC LIMIT 1', $domainId);
if ($stmt->rowCount()) {
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$numberYears = date('y') - date('y', $row['dtraff_time']);
$numberYears = $numberYears ? $numberYears + 1 : 1;
} else {
$numberYears = 1;
}
generateMonthsAndYearsHtmlList($tpl, $month, $year, $numberYears);
$stmt = exec_query('SELECT domain_id FROM domain_traffic WHERE domain_id = ? AND dtraff_time >= ? AND dtraff_time <= ? LIMIT 1', array($domainId, getFirstDayOfMonth($month, $year), getLastDayOfMonth($month, $year)));
if ($stmt->rowCount()) {
$requestedPeriod = getLastDayOfMonth($month, $year);
$toDay = $requestedPeriod < time() ? date('j', $requestedPeriod) : date('j');
$all = array_fill(0, 8, 0);
$dateFormat = iMSCP_Registry::get('config')->DATE_FORMAT;
for ($fromDay = 1; $fromDay <= $toDay; $fromDay++) {
$beginTime = mktime(0, 0, 0, $month, $fromDay, $year);
$endTime = mktime(23, 59, 59, $month, $fromDay, $year);
list($webTraffic, $ftpTraffic, $smtpTraffic, $popTraffic) = _getUserTraffic($domainId, $beginTime, $endTime);
$tpl->assign(array('DATE' => tohtml(date($dateFormat, strtotime($year . '-' . $month . '-' . $fromDay))), 'WEB_TRAFF' => tohtml(bytesHuman($webTraffic)), 'FTP_TRAFF' => tohtml(bytesHuman($ftpTraffic)), 'SMTP_TRAFF' => tohtml(bytesHuman($smtpTraffic)), 'POP_TRAFF' => tohtml(bytesHuman($popTraffic)), 'SUM_TRAFF' => tohtml(bytesHuman($webTraffic + $ftpTraffic + $smtpTraffic + $popTraffic))));
$all[0] += $webTraffic;
$all[1] += $ftpTraffic;
$all[2] += $smtpTraffic;
$all[3] += $popTraffic;
$tpl->parse('TRAFFIC_TABLE_ITEM', '.traffic_table_item');
}
$tpl->assign(array('WEB_ALL' => tohtml(bytesHuman($all[0])), 'FTP_ALL' => tohtml(bytesHuman($all[1])), 'SMTP_ALL' => tohtml(bytesHuman($all[2])), 'POP_ALL' => tohtml(bytesHuman($all[3])), 'SUM_ALL' => tohtml(bytesHuman(array_sum($all)))));
} else {
set_page_message(tr('No statistics found for the given period. Try another period.'), 'static_info');
$tpl->assign('STATISTICS_BLOCK', '');
}
}
/**
* @param EasySCP_TemplateEngine $tpl
* @param EasySCP_Database $sql
* @param int $user_id
*/
function gen_db_list($tpl, $sql, $user_id)
{
$dmn_id = get_user_domain_id($user_id);
$query = "\n\t\tSELECT\n\t\t\t`sqld_id`, `sqld_name`\n\t\tFROM\n\t\t\t`sql_database`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\tORDER BY\n\t\t\t`sqld_name`\n\t";
$rs = exec_query($sql, $query, $dmn_id);
if ($rs->recordCount() == 0) {
set_page_message(tr('Database list is empty!'), 'info');
$tpl->assign('DB_LIST', '');
} else {
while (!$rs->EOF) {
$db_id = $rs->fields['sqld_id'];
$db_name = $rs->fields['sqld_name'];
$num = gen_db_user_list($tpl, $sql, $db_id);
$tpl->append(array('DB_ID' => $db_id, 'DB_NAME' => tohtml($db_name), 'DB_NAME_JS' => tojs($db_name), 'DB_MSG' => $num ? '' : tr('Database user list is empty!')));
$rs->moveNext();
}
}
}
/**
* onAfterAddDomainAlias listener
*
* @throws iMSCP_Exception
* @throws iMSCP_Exception_Database
* @param iMSCP_Events_Event $event
* @throws Exception
* @return void
*/
public function onAfterAddDomainAlias(iMSCP_Events_Event $event)
{
$userIdentity = iMSCP_Authentication::getInstance()->getIdentity();
// 1. Do not act if the logged-in user is not the real client (due to changes in i-MSCP v1.2.12)
// 2. Do not act if the event has been triggered from reseller interface
if (isset($_SESSION['logged_from_type']) || $userIdentity->admin_type == 'reseller') {
return;
}
$disallowedDomains = (array) $this->getConfigParam('ignored_domains', array());
$domainAliasNameAscii = $event->getParam('domainAliasName');
if (in_array(decode_idna($domainAliasNameAscii), $disallowedDomains)) {
return;
# Only domain aliases which are not listed in the ignored_domains list are auto-approved
}
$username = decode_idna($userIdentity->admin_name);
$approvalRule = $this->getConfigParam('approval_rule', true);
$userAccounts = (array) $this->getConfigParam('user_accounts', array());
# 1. Only domain aliases added by user which are listed in the 'user_accounts' list are auto-approved
# 2. Only domain aliases added by user which are not listed in the 'user_accounts' list are auto-approved
if ($approvalRule && !in_array($username, $userAccounts) || in_array($username, $userAccounts)) {
return;
}
$db = iMSCP_Database::getInstance();
try {
$db->beginTransaction();
$domainAliasId = $event->getParam('domainAliasId');
exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE alias_id = ?', array('toadd', $domainAliasId));
$config = iMSCP_Registry::get('config');
if ($config['CREATE_DEFAULT_EMAIL_ADDRESSES'] && $userIdentity->email !== '') {
client_mail_add_default_accounts(get_user_domain_id($userIdentity->admin_id), $userIdentity->email, $domainAliasNameAscii, 'alias', $domainAliasId);
}
$db->commit();
send_request();
write_log(sprintf('DomainAutoApproval plugin: The `%s` domain alias has been auto-approved', decode_idna($domainAliasNameAscii)), E_USER_NOTICE);
set_page_message(tr('Domain alias auto-approved.'), 'success');
} catch (iMSCP_Exception $e) {
$db->rollBack();
throw $e;
}
}
$rs = exec_query($sql, $query, array($dmn_id, $uname, $upass));
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add user (protected areas) -> {$uname}");
header('Location: puser_manage.php');
die;
} else {
set_page_message(tr('User already exist !'));
return;
}
}
} else {
return;
}
}
/*
*
* static page messages.
*
*/
gen_client_menu($tpl);
gen_logged_from($tpl);
check_permissions($tpl);
padd_user($tpl, $sql, get_user_domain_id($sql, $_SESSION['user_id']));
$tpl->assign(array('TR_HTACCESS' => tr('Protected areas'), 'TR_ACTION' => tr('Action'), 'TR_USER_MANAGE' => tr('Manage user'), 'TR_USERS' => tr('User'), 'TR_USERNAME' => tr('Username'), 'TR_ADD_USER' => tr('Add user'), 'TR_GROUPNAME' => tr('Group name'), 'TR_GROUP_MEMBERS' => tr('Group members'), 'TR_ADD_GROUP' => tr('Add group'), 'TR_EDIT' => tr('Edit'), 'TR_GROUP' => tr('Group'), 'TR_DELETE' => tr('Delete'), 'TR_GROUPS' => tr('Groups'), 'TR_PASSWORD' => tr('Password'), 'TR_PASSWORD_REPEAT' => tr('Password repeat'), 'TR_CANCEL' => tr('Cancel')));
gen_page_message($tpl);
$tpl->parse('PAGE', 'page');
$tpl->prnt();
if (isset($cfg['DUMP_GUI_DEBUG'])) {
dump_gui_debug();
}
unset_messages();
function add_domain_alias(&$sql, &$err_al)
{
global $cr_user_id, $alias_name, $domain_ip, $forward, $mount_point;
$cr_user_id = $domain_id = get_user_domain_id($sql, $_SESSION['user_id']);
$alias_name = strtolower($_POST['ndomain_name']);
$mount_point = strtolower($_POST['ndomain_mpoint']);
$forward = $_POST['forward'];
$query = <<<SQL_QUERY
select
domain_ip_id
from
domain
where
domain_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($cr_user_id));
$domain_ip = $rs->fields['domain_ip_id'];
$alias_name = get_punny($alias_name);
//$mount_point = "/".$mount_point;
// Fisrt check is the data correct
if (chk_dname($alias_name) > 0) {
$err_al = tr("Incorrect domain name syntax");
} else {
if (vhcs_domain_exists($alias_name, 0)) {
$err_al = tr('Domain with that name already exists on the system!');
} else {
if (chk_mountp($mount_point) > 0) {
$err_al = tr("Incorrect mount point syntax");
} else {
if ($forward != 'no') {
if (chk_url($forward) > 0) {
$err_al = tr("Incorrect forward syntax");
}
} else {
$query = "select domain_id from domain_aliasses where alias_name=?";
$res = exec_query($sql, $query, array($alias_name));
$query = "select domain_id from domain where domain_name=?";
$res2 = exec_query($sql, $query, array($alias_name));
if ($res->RowCount() > 0 or $res2->RowCount() > 0) {
// we already have domain with this name
$err_al = tr("Domain with this name already exist");
}
// all seems ok - add it
$query = "select count(alias_id) as cnt from domain_aliasses where domain_id=? and alias_mount=?";
$mres = exec_query($sql, $query, array($cr_user_id, $mount_point));
$mdata = $mres->FetchRow();
$query = "select count(subdomain_id) as cnt from subdomain where domain_id=? and subdomain_mount=?";
$subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
$subdomdata = $subdomres->FetchRow();
if ($mdata['cnt'] > 0 || $subdomdata['cnt'] > 0) {
// whe have alias with same mount point !!! ERROR
$err_al = tr("There are alias with same mount point");
}
}
}
}
}
if ('_off_' !== $err_al) {
return;
}
// Begin add new alias domain
$alias_name = htmlspecialchars($alias_name, ENT_QUOTES, "UTF-8");
check_for_lock_file();
global $cfg;
$status = $cfg['ITEM_ADD_STATUS'];
$query = "insert into domain_aliasses(domain_id, alias_name, alias_mount, alias_status, alias_ip_id, url_forward) values (?, ?, ?, ?, ?, ?)";
exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $status, $domain_ip, $forward));
send_request();
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add domain alias -> {$alias_name}");
set_page_message(tr('Alias scheduled for addition!'));
header("Location: manage_domains.php");
die;
}
* isp Control Panel. All Rights Reserved.
*
* Portions created by the i-MSCP Team are Copyright (C) 2010-2016 by
* i-MSCP - internet Multi Server Control Panel. All Rights Reserved.
*/
/***********************************************************************************************************************
* Main
*/
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
check_login('user');
if (!customerHasFeature('domain_aliases') || !isset($_GET['id'])) {
showBadRequestErrorPage();
}
$id = clean_input($_GET['id']);
$stmt = exec_query("\n SELECT\n t1.subdomain_alias_id, CONCAT(t1.subdomain_alias_name, '.', t2.alias_name) AS subdomain_alias_name\n FROM\n subdomain_alias AS t1\n INNER JOIN\n domain_aliasses AS t2 ON (t2.alias_id = t1.alias_id)\n WHERE\n t2.domain_id = ?\n AND\n t1.subdomain_alias_id = ?\n ", array(get_user_domain_id($_SESSION['user_id']), $id));
if (!$stmt->rowCount()) {
showBadRequestErrorPage();
}
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$name = $row['subdomain_alias_name'];
$stmt = exec_query('SELECT mail_id FROM mail_users WHERE (mail_type LIKE ? OR mail_type = ?) AND sub_id = ? LIMIT 1', array(MT_ALSSUB_MAIL . '%', MT_ALSSUB_FORWARD, $id));
if ($stmt->rowCount()) {
set_page_message(tr('Subdomain you are trying to remove has email accounts. Please remove them first.'), 'error');
redirectTo('domains_manage.php');
}
$stmt = exec_query('SELECT userid FROM ftp_users WHERE userid LIKE ? LIMIT 1', "%@{$name}");
if ($stmt->rowCount()) {
set_page_message(tr('Subdomain alias you are trying to remove has Ftp accounts. Please remove them first.'), 'error');
redirectTo('domains_manage.php');
}
function add_sql_user(&$sql, $user_id, $db_id)
{
global $cfg;
if (!isset($_POST['uaction'])) {
return;
}
//
// let's check user input;
//
if ($_POST['user_name'] === '' && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Please type user name!'));
return;
}
if ($_POST['pass'] === '' && $_POST['pass_rep'] === '' && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Please type user password!'));
return;
}
if ($_POST['pass'] !== $_POST['pass_rep'] && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Entered passwords does not match!'));
return;
}
if (strlen($_POST['pass']) > $cfg['MAX_SQL_PASS_LENGTH'] && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Too user long password!'));
return;
}
if (isset($_POST['Add_Exist'])) {
$query = "SELECT sqlu_pass FROM sql_user WHERE sqlu_id = ?";
$rs = exec_query($sql, $query, array($_POST['sqluser_id']));
if ($rs->RecordCount() == 0) {
set_page_message(tr('SQL-user not found! Maybe it was deleted by another user!'));
return;
}
$user_pass = $rs->fields['sqlu_pass'];
} else {
$user_pass = $_POST['pass'];
}
$dmn_id = get_user_domain_id($sql, $user_id);
if (!isset($_POST['Add_Exist'])) {
//
// we'll use domain_id in the name of the database;
//
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_user = $dmn_id . "_" . $_POST['user_name'];
} else {
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_user = $_POST['user_name'] . "_" . $dmn_id;
} else {
$db_user = $_POST['user_name'];
}
}
} else {
if (isset($_POST['Add_Exist'])) {
$query = "SELECT sqlu_name FROM sql_user WHERE sqlu_id = ?";
$rs = exec_query($sql, $query, array($_POST['sqluser_id']));
$db_user = $rs->fields['sqlu_name'];
}
}
if (strlen($db_user) > $cfg['MAX_SQL_USER_LENGTH']) {
set_page_message(tr('User name too long!'));
return;
}
// are wildcards used?
//
if (ereg("\\%|\\?", $db_user)) {
set_page_message(tr('Wildcards as % and ? are not allowed!'));
return;
}
//
// have we such sql user in the system?!
//
if (check_db_user($sql, $db_user) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Specified SQL username name already exists!'));
return;
}
//
// add user in the vhcs table;
//
$query = <<<SQL_QUERY
insert into sql_user
(sqld_id, sqlu_name, sqlu_pass)
values
(?, ?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($db_id, $db_user, $user_pass));
$query = <<<SQL_QUERY
select
sqld_name as db_name
from
sql_database
where
sqld_id = ?
and
domain_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($db_id, $dmn_id));
$db_name = $rs->fields['db_name'];
//
// add user in the mysql system tables;
//
$new_db_name = ereg_replace("_", "\\_", $db_name);
$query = 'grant all on ' . quoteIdentifier($new_db_name) . '.* to ?@\'localhost\' identified by ?';
$rs = exec_query($sql, $query, array($db_user, $user_pass));
$query = 'grant all on ' . quoteIdentifier($new_db_name) . '.* to ?@\'%\' identified by ?';
$rs = exec_query($sql, $query, array($db_user, $user_pass));
write_log($_SESSION['user_logged'] . " : add SQL user" . $db_name);
set_page_message(tr('SQL user successfully added!'));
user_goto('manage_sql.php');
}
function execute_sql_query(&$tpl, &$sql, $user_id, $db_user_id)
{
// add_sql_user($sql, $_SESSION['user_id'], $db_id);
// $query = "insert into log (log_time, log_message) values ('2', 'def')";
// $query = "select * from mail_users;";
// $rs = execute_query($sql, $query);
// $query_tbl_result = sql_rs2html($rs);
global $cfg;
if (!isset($_POST['uaction'])) {
return;
}
//
// let's check user input;
//
if ($_POST['sql_query'] === '') {
set_page_message(tr('Please enter SQL query!'));
$tpl->assign('SQL_RESULT', '');
return;
}
$dmn_id = get_user_domain_id($sql, $user_id);
$query = <<<SQL_QUERY
select
t1.*,
t2.sqld_name
from
sql_user as t1,
sql_database as t2
where
t1.sqld_id = t2.sqld_id
and
t1.sqlu_id = ?
and
t2.domain_id = ?
\t\t ORDER BY
\t\t t2.sqld_name asc,
\t\t t1.sqlu_name asc
SQL_QUERY;
$rs = exec_query($sql, $query, array($db_user_id, $dmn_id));
$db_user_name = $rs->fields['sqlu_name'];
$db_user_pass = $rs->fields['sqlu_pass'];
$db_name = $rs->fields['sqld_name'];
$sql_user =& ADONewConnection('mysql');
if (!@$sql_user->Connect($cfg['DB_HOST'], $db_user_name, $db_user_pass, $db_name)) {
set_page_message(tr('Cannot connect as MySQL administrator!'));
$tpl->assign('SQL_RESULT', '');
return;
}
$query = $_POST['sql_query'];
$query = stripslashes($query);
$rs = $sql_user->Execute($query);
if (!$rs) {
$tpl->assign(array('QUERY_STATUS' => tr('SQL query has error'), 'QUERY_RESULT' => $sql_user->ErrorMsg()));
} else {
write_log($_SESSION['user_logged'] . " : execute SQL query");
$tpl->assign(array('QUERY_STATUS' => tr('SQL query is ok'), 'QUERY_RESULT' => sql_rs2html($rs)));
}
}
/**
* Update domain statuses and send request to i-MSCP daemon
*
* @throws iMSCP_Exception
* @throws iMSCP_Exception_Database
* @param string $configLevel PHP configuration level (per_user|per_domain|per_site)
* @param int $adminId Owner uique identifier
* @param int $domainId Domain unique identifier
* @param string $domainType Domain type (dmn|als|sub|subals)
*/
public function updateDomainStatuses($configLevel, $adminId, $domainId, $domainType)
{
if ($configLevel == 'per_user') {
$domainId = get_user_domain_id($adminId);
exec_query("UPDATE domain SET domain_status = ? WHERE domain_id = ? AND domain_status NOT IN('disabled', 'todelete')", array('tochange', $domainId));
exec_query("\n UPDATE domain_aliasses SET alias_status = ?\n WHERE domain_id = ? AND alias_status NOT IN ('disabled', 'todelete')\n ", array('tochange', $domainId));
} else {
switch ($domainType) {
case 'dmn':
$query = "\n UPDATE domain SET domain_status = 'tochange'\n WHERE domain_admin_id = ? AND domain_id = ? AND domain_status NOT IN ('disabled', 'todelete')\n ";
break;
case 'sub':
$query = "\n UPDATE subdomain INNER JOIN domain USING(domain_id) SET subdomain_status = 'tochange'\n WHERE domain_admin_id = ? AND subdomain_id = ?\n AND subdomain_status NOT IN ('disabled','todelete')\n ";
break;
case 'als':
$query = "\n UPDATE domain_aliasses INNER JOIN domain USING(domain_id) SET alias_status = 'tochange'\n WHERE domain_admin_id = ? AND alias_id = ? AND alias_status NOT IN ('disabled','todelete')\n ";
break;
case 'subals':
$query = "\n UPDATE subdomain_alias INNER JOIN domain_aliasses USING(alias_id) INNER JOIN domain USING(domain_id)\n SET subdomain_alias_status = 'tochange'\n WHERE domain_admin_id = ? AND subdomain_alias_id = ? AND subdomain_alias_status NOT IN ('disabled','todelete')\n ";
break;
default:
throw new iMSCP_Exception('Unknown domain type');
}
exec_query($query, array($adminId, $domainId));
}
}
\t\t\tid = ?
\t\tand
\t\t\tuser_id = ?
\t\tand
\t\t\tstatus = 'update'
SQL_QUERY;
$rs = exec_query($sql, $query, array($order_id, $reseller_id));
}
if ($rs->RecordCount() == 0) {
set_page_message(tr('Permission deny!'));
header('Location: orders.php');
die;
}
$hpid = $rs->fields['plan_id'];
$customer_id = $rs->fields['customer_id'];
$dmn_id = get_user_domain_id($sql, $customer_id);
//lets check the reseller limits
$err_msg = '_off_';
if (isset($cfg['HOSTING_PLANS_LEVEL']) && $cfg['HOSTING_PLANS_LEVEL'] === 'admin') {
$query = "select props from hosting_plans where id = ?";
$res = exec_query($sql, $query, array($hpid));
} else {
$query = "select props from hosting_plans where reseller_id = ? and id = ?";
$res = exec_query($sql, $query, array($reseller_id, $hpid));
}
$data = $res->FetchRow();
$props = $data['props'];
$_SESSION["ch_hpprops"] = $props;
reseller_limits_check($sql, $err_msg, $reseller_id, $hpid);
if ($err_msg != '_off_') {
set_page_message($err_msg);
/**
* Add SQL user for the given database
*
* @throws Exception
* @throws iMSCP_Exception_Database
* @param int $customerId Customer unique identifier
* @param int $dbId
* @return void
*/
function client_addSqlUser($customerId, $dbId)
{
if (empty($_POST)) {
return;
}
if (!isset($_POST['uaction'])) {
showBadRequestErrorPage();
}
$dmnId = get_user_domain_id($customerId);
if (!isset($_POST['Add_Exist'])) {
$needUserCreate = true;
if (!isset($_POST['user_name']) || !isset($_POST['user_host']) || !isset($_POST['pass']) || !isset($_POST['pass_rep'])) {
showBadRequestErrorPage();
}
$user = clean_input($_POST['user_name']);
$host = clean_input($_POST['user_host']);
$password = clean_input($_POST['pass']);
$passwordConf = clean_input($_POST['pass_rep']);
if ($user === '') {
set_page_message(tr('Please enter an username.'), 'error');
return;
}
if (preg_match('/[%|\\?]+/', $user)) {
set_page_message(tr("Wildcards such as '%s' and '%s' are not allowed in username.", '%', '?'), 'error');
return;
}
if ($host === '') {
set_page_message(tr('Please enter an SQL user host.'), 'error');
return;
}
$host = encode_idna(clean_input($_POST['user_host']));
if ($host !== '%' && $host !== 'localhost' && !iMSCP_Validate::getInstance()->hostname($host, array('allow' => Zend_Validate_Hostname::ALLOW_DNS | Zend_Validate_Hostname::ALLOW_IP))) {
set_page_message(tr('Invalid SQL user host: %s', iMSCP_Validate::getInstance()->getLastValidationMessages()), 'error');
return;
}
if ($password === '') {
set_page_message(tr('Please enter a password.'), 'error');
return;
}
if ($password !== $passwordConf) {
set_page_message(tr("Passwords do not match."), 'error');
return;
}
if (strlen($password) > 32) {
set_page_message(tr('Password is too long.'), 'error');
return;
}
if (!checkPasswordSyntax($password)) {
set_page_message(tr('Only printable characters from the ASCII table (not extended), excepted the space, are allowed.'), 'error');
return;
}
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] == 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] == 'start') {
$user = $dmnId . '_' . clean_input($_POST['user_name']);
} elseif (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] == 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] == 'end') {
$user = clean_input($_POST['user_name']) . '_' . $dmnId;
} else {
$user = clean_input($_POST['user_name']);
}
if (strlen($user) > 16) {
set_page_message(tr('Username is too long.'), 'error');
return;
}
if (client_isSqlUser($user, $host)) {
set_page_message(tr('SQL user %s already exits.', $user . '@' . decode_idna($host)), 'error');
return;
}
} elseif (isset($_POST['sqluser_id'])) {
// Using existing SQL user as specified in input data
$needUserCreate = false;
$userId = intval($_POST['sqluser_id']);
$stmt = exec_query('SELECT sqlu_name, sqlu_host, sqlu_pass FROM sql_user WHERE sqlu_id = ?', $userId);
if (!$stmt->rowCount()) {
showBadRequestErrorPage();
}
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$user = $row['sqlu_name'];
$host = $row['sqlu_host'];
$password = $row['sqlu_pass'];
} else {
showBadRequestErrorPage();
return;
}
# Retrieve database to which SQL user should be assigned
$stmt = exec_query('SELECT sqld_name FROM sql_database WHERE sqld_id = ? AND domain_id = ?', array($dbId, $dmnId));
if (!$stmt->rowCount()) {
showBadRequestErrorPage();
}
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$dbName = $row['sqld_name'];
$dbName = preg_replace('/([_%\\?\\*])/', '\\\\$1', $dbName);
$config = iMSCP_Registry::get('config');
$mysqlConfig = new iMSCP_Config_Handler_File($config['CONF_DIR'] . '/mysql/mysql.data');
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddSqlUser);
// Here we cannot use transaction due to statements that cause an implicit commit. Thus we execute
// those statements first to let the i-MSCP database in clean state if one of them fails.
// See https://dev.mysql.com/doc/refman/5.7/en/implicit-commit.html for more details
if ($needUserCreate) {
if (strpos('mariadb', $config['SQL_SERVER']) !== false || version_compare($mysqlConfig['SQLD_VERSION'], '5.7.6', '<')) {
exec_query('CREATE USER ?@? IDENTIFIED BY ?', array($user, $host, $password));
} else {
exec_query('CREATE USER ?@? IDENTIFIED BY ? PASSWORD EXPIRE NEVER', array($user, $host, $password));
}
}
execute_query(sprintf('GRANT ALL PRIVILEGES ON %s.* to %s@%s', quoteIdentifier($dbName), quoteValue($user), quoteValue($host)));
exec_query('INSERT INTO sql_user (sqld_id, sqlu_name, sqlu_host, sqlu_pass) VALUES (?, ?, ?, ?)', array($dbId, $user, $host, $password));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddSqlUser);
set_page_message(tr('SQL user successfully added.'), 'success');
write_log(sprintf("%s added new SQL user: %s", $_SESSION['user_logged'], tohtml($user)), E_USER_NOTICE);
redirectTo('sql_manage.php');
}
/**
* Add SQL database
*
* @param int $userId
* @return void
*/
function client_addSqlDb($userId)
{
if (!isset($_POST['uaction'])) {
return;
}
if (!isset($_POST['db_name'])) {
showBadRequestErrorPage();
}
$dbName = clean_input($_POST['db_name']);
if ($_POST['db_name'] === '') {
set_page_message(tr('Please type database name.'), 'error');
return;
}
$mainDmnId = get_user_domain_id($userId);
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$dbName = $mainDmnId . '_' . $dbName;
} elseif (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$dbName = $dbName . '_' . $mainDmnId;
}
}
if (strlen($dbName) > 64) {
set_page_message(tr('Database name is too long.'), 'error');
return;
}
if ($dbName === 'test' || client_isDatabase($dbName)) {
set_page_message(tr('Database name is unavailable.'), 'error');
return;
}
if (preg_match('/[%|\\?]+/', $dbName)) {
set_page_message(tr("Wildcards such as 's%' and 's%' are not allowed.", '%', '?'), 'error');
return;
}
$responses = iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddSqlDb, array('dbName' => $dbName));
if (!$responses->isStopped()) {
execute_query(sprintf('CREATE DATABASE IF NOT EXISTS %s', quoteIdentifier($dbName)));
exec_query('INSERT INTO sql_database (domain_id, sqld_name) VALUES (?, ?)', array($mainDmnId, $dbName));
set_page_message(tr('SQL database successfully created.'), 'success');
write_log(sprintf('%s added new SQL database: %s', decode_idna($_SESSION['user_logged']), $dbName), E_USER_NOTICE);
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddSqlDb, array('dbName' => $dbName));
}
redirectTo('sql_manage.php');
}
/**
* @param EasySCP_TemplateEngine $tpl
* @param int $user_id
*/
function gen_user_als_list($tpl, $user_id)
{
$sql = EasySCP_Registry::get('Db');
$domain_id = get_user_domain_id($user_id);
$query = "\n\t\tSELECT\n\t\t\t`alias_id`,\n\t\t\t`alias_name`,\n\t\t\t`status`,\n\t\t\t`alias_mount`,\n\t\t\t`alias_ip_id`,\n\t\t\t`url_forward`\n\t\tFROM\n\t\t\t`domain_aliasses`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\tORDER BY\n\t\t\t`alias_mount`,\n\t\t\t`alias_name`\n\t;";
$rs = exec_query($sql, $query, $domain_id);
if ($rs->recordCount() == 0) {
$tpl->assign(array('ALS_MSG' => tr('Alias list is empty!'), 'ALS_MSG_TYPE' => 'info', 'ALS_LIST' => ''));
} else {
while (!$rs->EOF) {
list($als_action, $als_action_script) = gen_user_als_action($rs->fields['alias_id'], $rs->fields['status']);
list($als_forward, $alias_edit_link, $als_edit) = gen_user_als_forward($rs->fields['alias_id'], $rs->fields['status'], $rs->fields['url_forward']);
$alias_name = decode_idna($rs->fields['alias_name']);
$als_forward = decode_idna($als_forward);
$tpl->append(array('ALS_NAME' => tohtml($alias_name), 'ALS_MOUNT' => tohtml($rs->fields['alias_mount']), 'ALS_STATUS' => translate_dmn_status($rs->fields['status']), 'ALS_FORWARD' => tohtml($als_forward), 'ALS_EDIT_LINK' => $alias_edit_link, 'ALS_EDIT' => $als_edit, 'ALS_ACTION' => $als_action, 'ALS_ACTION_SCRIPT' => $als_action_script));
$rs->moveNext();
}
$tpl->assign('ALS_MESSAGE', '');
}
}
function add_sql_database(&$sql, $user_id)
{
global $cfg;
if (!isset($_POST['uaction'])) {
return;
}
$root_sql =& ADONewConnection('mysql');
if (!@$root_sql->Connect($cfg['DB_HOST'], $cfg['DB_USER'], $cfg['DB_PASS'])) {
set_page_message(tr('Can not connect as MySQL administrator!'));
return;
}
//
// let's generate database name.
//
if ($_POST['db_name'] === '') {
set_page_message(tr('Please type database name!'));
return;
}
$dmn_id = get_user_domain_id($sql, $user_id);
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
//
// we'll use domain_id in the name of the database;
//
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_name = $dmn_id . "_" . $_POST['db_name'];
} else {
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_name = $_POST['db_name'] . "_" . $dmn_id;
}
}
} else {
$db_name = $_POST['db_name'];
}
if (strlen($db_name) > $cfg['MAX_SQL_DATABASE_LENGTH']) {
set_page_message(tr('Too long database name!'));
return;
}
//
// have we such database in the system!?
//
if (check_db_name($root_sql, $db_name)) {
set_page_message(tr('Specified database name already exists!'));
return;
}
// are wildcards used?
//
if (ereg("\\%|\\?", $db_name)) {
set_page_message(tr('Wildcards as % and ? are not allowed!'));
return;
}
$query = 'create database ' . quoteIdentifier($db_name);
$rs = exec_query($root_sql, $query, array());
$query = <<<SQL_QUERY
insert into sql_database
(domain_id, sqld_name)
values
(?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_id, $db_name));
write_log($_SESSION['user_logged'] . " : add new SQL database -> " . $db_name);
set_page_message(tr('SQL database created successfully!'));
user_goto('manage_sql.php');
}
/**
* Generate page
*
* @param iMSCP_pTemplate $tpl Template engine
* @param iMSCP_PHPini $phpini PHP editor instance
* @param iMSCP_Config_Handler_File $config Configuration handler
* @param string $configLevel PHP configuration level
* @return void
*/
function generatePage($tpl, $phpini, $config, $configLevel)
{
$mainDmnId = get_user_domain_id($_SESSION['user_id']);
if (isset($_GET['domain_id']) && isset($_GET['domain_type'])) {
$dmnId = intval($_GET['domain_id']);
$dmnType = clean_input($_GET['domain_type']);
} else {
$dmnId = $mainDmnId;
$dmnType = 'dmn';
}
if ($configLevel == 'per_user' && $dmnType != 'dmn' || $configLevel == 'per_domain' && !in_array($dmnType, array('dmn', 'als'))) {
showBadRequestErrorPage();
}
$dmnsData = getDomainData($configLevel);
$knowDomain = false;
foreach ($dmnsData as $dmnData) {
if ($dmnData['domain_id'] == $dmnId && $dmnData['domain_type'] == $dmnType) {
$knowDomain = true;
}
}
if (!$knowDomain) {
showBadRequestErrorPage();
}
$phpini->loadDomainIni($_SESSION['user_id'], $dmnId, $dmnType);
if ($configLevel != 'per_user') {
foreach ($dmnsData as $dmnData) {
$tpl->assign(array('DOMAIN_ID' => tohtml($dmnData['domain_id'], 'htmlAttr'), 'DOMAIN_TYPE' => tohtml($dmnData['domain_type'], 'htmlAttr'), 'DOMAIN_NAME_UNICODE' => tohtml(decode_idna($dmnData['domain_name'])), 'SELECTED' => $dmnData['domain_id'] == $dmnId && $dmnData['domain_type'] == $dmnType ? ' selected' : ''));
$tpl->parse('DOMAIN_NAME_BLOCK', '.domain_name_block');
}
$tpl->assign('DOMAIN_TYPE', $dmnType);
} else {
$tpl->assign('DOMAIN_LIST_BLOCK', '');
}
if (!$phpini->clientHasPermission('phpiniAllowUrlFopen')) {
$tpl->assign('ALLOW_URL_FOPEN_BLOCK', '');
} else {
$tpl->assign(array('TR_ALLOW_URL_FOPEN' => tr('Allow URL fopen'), 'ALLOW_URL_FOPEN_ON' => $phpini->getDomainIni('phpiniAllowUrlFopen') == 'on' ? ' checked' : '', 'ALLOW_URL_FOPEN_OFF' => $phpini->getDomainIni('phpiniAllowUrlFopen') == 'off' ? ' checked' : ''));
}
if (!$phpini->clientHasPermission('phpiniDisplayErrors')) {
$tpl->assign('DISPLAY_ERRORS_BLOCK', '');
} else {
$tpl->assign(array('TR_DISPLAY_ERRORS' => tr('Display errors'), 'DISPLAY_ERRORS_ON' => $phpini->getDomainIni('phpiniDisplayErrors') == 'on' ? ' checked' : '', 'DISPLAY_ERRORS_OFF' => $phpini->getDomainIni('phpiniDisplayErrors') == 'off' ? ' checked' : ''));
}
if (!$phpini->clientHasPermission('phpiniDisplayErrors') || $config['HTTPD_SERVER'] == 'apache_itk') {
$tpl->assign('ERROR_REPORTING_BLOCK', '');
} else {
$errorReporting = $phpini->getDomainIni('phpiniErrorReporting');
$tpl->assign(array('TR_ERROR_REPORTING' => tohtml(tr('Error reporting')), 'TR_ERROR_REPORTING_DEFAULT' => tohtml(tr('All errors, except E_NOTICES, E_STRICT AND E_DEPRECATED (Default)'), 'htmlAttr'), 'TR_ERROR_REPORTING_DEVELOPEMENT' => tohtml(tr('All errors (Development)'), 'htmlAttr'), 'TR_ERROR_REPORTING_PRODUCTION' => tohtml(tr('All errors, except E_DEPRECATED and E_STRICT (Production)'), 'htmlAttr'), 'ERROR_REPORTING_0' => $errorReporting == 'E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED' ? ' selected' : '', 'ERROR_REPORTING_1' => $errorReporting == 'E_ALL & ~E_DEPRECATED & ~E_STRICT' ? ' selected' : '', 'ERROR_REPORTING_2' => $errorReporting == '-1' ? ' selected' : ''));
}
if ($config['HTTPD_SERVER'] == 'apache_itk' || !$phpini->clientHasPermission('phpiniDisableFunctions')) {
$tpl->assign(array('DISABLE_FUNCTIONS_BLOCK' => '', 'DISABLE_EXEC_BLOCK' => ''));
} elseif ($phpini->getClientPermission('phpiniDisableFunctions') == 'exec') {
$disableFunctions = explode(',', $phpini->getDomainIni('phpiniDisableFunctions'));
$execYes = in_array('exec', $disableFunctions) ? false : true;
$tpl->assign(array('TR_DISABLE_FUNCTIONS_EXEC' => tohtml(tr('PHP exec() function')), 'TR_EXEC_HELP' => tohtml(tr("When set to 'yes', your PHP scripts can call the PHP exec() function."), 'htmlAttr'), 'EXEC_YES' => $execYes ? ' checked' : '', 'EXEC_NO' => $execYes ? '' : ' checked', 'DISABLE_FUNCTIONS_BLOCK' => ''));
} else {
$disableableFunctions = array('EXEC', 'PASSTHRU', 'PHPINFO', 'POPEN', 'PROC_OPEN', 'SHOW_SOURCE', 'SYSTEM', 'SHELL', 'SHELL_EXEC', 'SYMLINK');
if ($phpini->clientHasPermission('phpiniMailFunction')) {
$disableableFunctions[] = 'MAIL';
} else {
$tpl->assign('MAIL_FUNCTION_BLOCK', '');
}
$disabledFunctions = explode(',', $phpini->getDomainIni('phpiniDisableFunctions'));
foreach ($disableableFunctions as $function) {
$tpl->assign($function, in_array(strtolower($function), $disabledFunctions, true) ? ' checked' : '');
}
$tpl->assign(array('TR_DISABLE_FUNCTIONS' => tohtml(tr('Disabled functions')), 'DISABLE_EXEC_BLOCK' => ''));
}
$tpl->assign(array('TR_PHP_SETTINGS' => tohtml(tr('PHP Settings')), 'TR_YES' => tohtml(tr('Yes')), 'TR_NO' => tohtml(tr('No'))));
}
* by moleSoftware GmbH. All Rights Reserved.
*
* Portions created by the ispCP Team are Copyright (C) 2006-2010 by
* isp Control Panel. All Rights Reserved.
*
* Portions created by the i-MSCP Team are Copyright (C) 2010-2015 by
* i-MSCP - internet Multi Server Control Panel. All Rights Reserved.
*/
/***********************************************************************************************************************
* Main
*/
// Include core library
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
check_login('user');
customerHasFeature('mail') or showBadRequestErrorPage();
if (isset($_GET['id'])) {
$catchallId = intval($_GET['id']);
$stmt = exec_query('SELECT mail_id FROM mail_users WHERE domain_id = ? AND mail_id = ?', array(get_user_domain_id($_SESSION['user_id']), $catchallId));
if (!$stmt->rowCount()) {
showBadRequestErrorPage();
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteMailCatchall, array('mailCatchallId' => $catchallId));
exec_query('UPDATE mail_users SET status = ? WHERE mail_id = ?', array('todelete', $catchallId));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onafterDeleteMailCatchall, array('mailCatchallId' => $catchallId));
send_request();
write_log($_SESSION['user_logged'] . ': deletes email catch all!', E_USER_NOTICE);
set_page_message(tr('Catch all successfully scheduled for deletion.'), 'success');
redirectTo('mail_catchall.php');
}
showBadRequestErrorPage();
write_log("{$admin_login}: added new htaccess user: {$uname}", E_USER_NOTICE);
redirectTo('protected_user_manage.php');
} else {
set_page_message(tr('This htaccess user already exist.'), 'error');
return;
}
}
} else {
return;
}
}
/******************************************************************************
* Main script
*/
// Include core library
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
check_login('user');
customerHasFeature('protected_areas') or showBadRequestErrorPage();
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
$tpl = new iMSCP_pTemplate();
$tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'client/puser_uadd.tpl', 'page_message' => 'layout', 'usr_msg' => 'page', 'grp_msg' => 'page', 'pusres' => 'page', 'pgroups' => 'page'));
$tpl->assign(array('TR_PAGE_TITLE' => tr('Client / Webtools / Protected Areas / Manage Users and Groups / Add User'), 'TR_HTACCESS_USER' => tr('Htaccess user'), 'TR_USERS' => tr('User'), 'TR_USERNAME' => tr('Username'), 'TR_PASSWORD' => tr('Password'), 'TR_PASSWORD_REPEAT' => tr('Repeat password'), 'TR_ADD_USER' => tr('Add'), 'TR_CANCEL' => tr('Cancel')));
generateNavigation($tpl);
client_addHtaccessUser(get_user_domain_id($_SESSION['user_id']));
generatePageMessage($tpl);
$tpl->parse('LAYOUT_CONTENT', 'page');
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptEnd, array('templateEngine' => $tpl));
$tpl->prnt();
unsetMessages();
*
* The Original Code is "VHCS - Virtual Hosting Control System".
*
* The Initial Developer of the Original Code is moleSoftware GmbH.
* Portions created by Initial Developer are Copyright (C) 2001-2006
* by moleSoftware GmbH. All Rights Reserved.
*
* Portions created by the ispCP Team are Copyright (C) 2006-2010 by
* isp Control Panel. All Rights Reserved.
*
* Portions created by the i-MSCP Team are Copyright (C) 2010-2016 by
* i-MSCP - internet Multi Server Control Panel. All Rights Reserved.
*/
/***********************************************************************************************************************
* Main
*/
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
check_login('user');
if (!customerHasFeature('sql') || !isset($_GET['id'])) {
showBadRequestErrorPage();
}
$userId = intval($_GET['id']);
if (!sql_delete_user(get_user_domain_id($_SESSION['user_id']), $userId)) {
write_log(sprintf('Could not delete SQL user with ID %d. An unexpected error occurred.', $userId), E_USER_ERROR);
set_page_message(tr('Could not delete SQL user. An unexpected error occurred.'), 'error');
redirectTo('sql_manage.php');
}
set_page_message(tr('SQL user successfully deleted.'), 'success');
write_log(sprintf('%s deleted SQL user with ID %d', decode_idna($_SESSION['user_logged']), $userId), E_USER_NOTICE);
redirectTo('sql_manage.php');
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* @link http://www.easyscp.net
* @author EasySCP Team
*/
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'client/protected_group_add.tpl';
padd_group($tpl, $sql, get_user_domain_id($_SESSION['user_id']));
// static page messages
gen_logged_from($tpl);
check_permissions($tpl);
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - Client/Webtools'), 'TR_HTACCESS' => tr('Protected areas'), 'TR_ACTION' => tr('Action'), 'TR_USER_MANAGE' => tr('Manage user'), 'TR_USERS' => tr('User'), 'TR_USERNAME' => tr('Username'), 'TR_ADD_USER' => tr('Add user'), 'TR_GROUPNAME' => tr('Group name'), 'TR_GROUP_MEMBERS' => tr('Group members'), 'TR_ADD_GROUP' => tr('Add group'), 'TR_EDIT' => tr('Edit'), 'TR_GROUP' => tr('Group'), 'TR_DELETE' => tr('Delete'), 'TR_GROUPS' => tr('Groups'), 'TR_PASSWORD' => tr('Password'), 'TR_PASSWORD_REPEAT' => tr('Repeat password'), 'TR_CANCEL' => tr('Cancel')));
gen_client_mainmenu($tpl, 'client/main_menu_webtools.tpl');
gen_client_menu($tpl, 'client/menu_webtools.tpl');
gen_page_message($tpl);
if ($cfg->DUMP_GUI_DEBUG) {
dump_gui_debug($tpl);
}
$tpl->display($template);
unset_messages();
function padd_group($tpl, $sql, $dmn_id)
{
$cfg = EasySCP_Registry::get('Config');
function check_subdomain_data(&$tpl, &$sql, $user_id)
{
$domain_id = get_user_domain_id($sql, $user_id);
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_subd') {
if ($_POST['subdomain_name'] === '') {
set_page_message(tr('Please specify subdomain name!'));
return;
}
$sub_name = strtolower($_POST['subdomain_name']);
$sub_name = get_punny($sub_name);
if (isset($_POST['subdomain_mnt_pt']) && $_POST['subdomain_mnt_pt'] !== '') {
$sub_mnt_pt = strtolower($_POST['subdomain_mnt_pt']);
$sub_mnt_pt = decode_idna($sub_mnt_pt);
}
if (subdmn_exists($sql, $user_id, $domain_id, $sub_name) > 0) {
set_page_message(tr('Subdomain already exists!'));
} else {
if (chk_subdname($sub_name . "." . $_SESSION['user_logged']) > 0) {
set_page_message(tr('Wrong subdomain syntax!'));
} else {
if (subdmn_mnt_pt_exists($sql, $user_id, $domain_id, $sub_name, $sub_mnt_pt)) {
set_page_message(tr('Subdomain mount point already exists!'));
} else {
if (chk_mountp($sub_mnt_pt) > 0) {
set_page_message(tr('Incorrect mount point syntax'));
} else {
subdomain_schedule($sql, $user_id, $domain_id, $sub_name, $sub_mnt_pt);
set_page_message(tr('Subdomain scheduled for addition!'));
header('Location:manage_domains.php');
exit(0);
}
}
}
}
}
}
$grp_selected = '';
}
}
$tpl->assign(array('GROUP_VALUE' => $rs->fields['id'], 'GROUP_LABEL' => tohtml($rs->fields['ugroup']), 'GROUP_SELECTED' => $grp_selected));
$tpl->parse('GROUP_ITEM', '.group_item');
$rs->moveNext();
}
}
}
/*************************************************************************
* Main script
*/
// Include core library
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
check_login('user');
customerHasFeature('protected_areas') or showBadRequestErrorPage();
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
$tpl = new iMSCP_pTemplate();
$tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'client/protect_it.tpl', 'page_message' => 'layout', 'group_item' => 'page', 'user_item' => 'page', 'unprotect_it' => 'page'));
$tpl->assign(array('TR_PAGE_TITLE' => tr('Client / Webtools / Protected Areas / {TR_DYNAMIC_TITLE}'), 'TR_FTP_DIRECTORIES' => tojs('Ftp directories'), 'TR_CLOSE' => tojs(tr('Close')), 'TR_DYNAMIC_TITLE' => isset($_GET['id']) ? tr('Edit protected area') : tr('Add protected area'), 'TR_PROTECTED_AREA' => tr('Protected areas'), 'TR_AREA_NAME' => tr('Area name'), 'TR_PATH' => tr('Path'), 'CHOOSE_DIR' => tr('Choose dir'), 'TR_USER' => tr('Users'), 'TR_GROUPS' => tr('Groups'), 'TR_USER_AUTH' => tr('User auth'), 'TR_GROUP_AUTH' => tr('Group auth'), 'TR_PROTECT_IT' => tr('Protect it'), 'TR_UNPROTECT_IT' => tr('Unprotect it'), 'TR_CANCEL' => tr('Cancel'), 'TR_MANAGE_USERS_AND_GROUPS' => tr('Users and groups')));
generateNavigation($tpl);
$domainId = get_user_domain_id($_SESSION['user_id']);
protect_area($domainId);
gen_protect_it($tpl, get_user_domain_id($domainId));
generatePageMessage($tpl);
$tpl->parse('LAYOUT_CONTENT', 'page');
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptEnd, array('templateEngine' => $tpl));
$tpl->prnt();
unsetMessages();
* Copyright (C) 2010-2016 by Easy Server Control Panel - http://www.easyscp.net
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* @link http://www.easyscp.net
* @author EasySCP Team
*/
require '../../include/easyscp-lib.php';
check_login(__FILE__);
if (isset($_GET['del_id']) && !empty($_GET['del_id'])) {
$del_id = $_GET['del_id'];
} else {
$_SESSION['orderaldel'] = '_no_';
user_goto('domains_manage.php');
}
$domainId = get_user_domain_id($_SESSION['user_id']);
$query = "\n\tDELETE FROM\n\t\t`domain_aliasses`\n\tWHERE\n\t\t`alias_id` = ?\n\tAND\n\t\t`domain_id` = ?\n\tAND\n\t\t`status` = ?\n\t";
$rs = exec_query($sql, $query, array($domainAliasId, $domainId, $cfg->ITEM_ORDERED_STATUS));
user_goto('domains_manage.php');
function add_sql_database($sql, $user_id)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
// let's generate database name.
if (empty($_POST['db_name'])) {
set_page_message(tr('Please specify a database name!'), 'warning');
return;
}
$dmn_id = get_user_domain_id($user_id);
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
// we'll use domain_id in the name of the database;
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_name = $dmn_id . "_" . clean_input($_POST['db_name']);
} else {
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_name = clean_input($_POST['db_name']) . "_" . $dmn_id;
}
}
} else {
$db_name = clean_input($_POST['db_name']);
}
if (strlen($db_name) > $cfg->MAX_SQL_DATABASE_LENGTH) {
set_page_message(tr('Database name is too long!'), 'warning');
return;
}
// have we such database in the system!?
if (check_db_name($sql, $db_name)) {
set_page_message(tr('Specified database name already exists!'), 'warning');
return;
}
// are wildcards used?
if (preg_match("/[%|\\?]+/", $db_name)) {
set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
return;
}
DB::query('CREATE DATABASE IF NOT EXISTS `' . $db_name . '` DEFAULT CHARACTER SET ' . EasyConfig::$cfg->DATABASE_DEFAULT_CHARACTER_SET . ' COLLATE ' . EasyConfig::$cfg->DATABASE_DEFAULT_COLLATE . ';')->closeCursor();
$sql_param = array(':domain_id' => $dmn_id, ':sqld_name' => $db_name);
$sql_query = "\n\t\tINSERT INTO\n\t\t\tsql_database (domain_id, sqld_name, status)\n\t\tVALUES\n\t\t\t(:domain_id, :sqld_name, 'ok');\n\t";
DB::prepare($sql_query);
DB::execute($sql_param)->closeCursor();
update_reseller_c_props(get_reseller_id($dmn_id));
write_log($_SESSION['user_logged'] . ": adds new SQL database: " . tohtml($db_name));
set_page_message(tr('SQL database created successfully!'), 'info');
user_goto('sql_manage.php');
}
\t\t\t\tset
\t\t\t\t\tstatus = ?
\t\t\t\twhere
\t\t\t\t\tgroup_id rlike ?
\t\t\t\t\tand
\t\t\t\t\tdmn_id = ?
SQL_QUERY;
check_for_lock_file();
$rs_update_htaccess = exec_query($sql, $query, array($change_status, $group_id, $dmn_id));
send_request();
set_page_message(tr('User was deleted from group ') . "- " . $rs->fields['ugroup']);
} else {
return;
}
}
// ** end of funcfions
gen_client_menu($tpl);
gen_logged_from($tpl);
check_permissions($tpl);
$dmn_id = get_user_domain_id($sql, $_SESSION['user_id']);
add_user_to_group($tpl, $sql, $dmn_id);
delete_user_from_group($tpl, $sql, $dmn_id);
gen_user_assign($tpl, $sql, $dmn_id);
$tpl->assign(array('TR_HTACCESS' => tr('Protected areas'), 'TR_DELETE' => tr('Delete'), 'TR_USER_ASSIGN' => tr('User assign'), 'TR_ALLREADY' => tr('Already in:'), 'TR_MEMBER_OF_GROUP' => tr('Member of group:'), 'TR_BACK' => tr('Back'), 'TR_REMOVE' => tr('Remove'), 'TR_ADD' => tr('Add'), 'TR_SELECT_GROUP' => tr('Select group:')));
gen_page_message($tpl);
$tpl->parse('PAGE', 'page');
$tpl->prnt();
if (isset($cfg['DUMP_GUI_DEBUG'])) {
dump_gui_debug();
}
unset_messages();
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* @link http://www.easyscp.net
* @author EasySCP Team
*/
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'client/dns_overview.tpl';
// static page messages.
gen_logged_from($tpl);
check_permissions($tpl);
$dmn_default_id = get_user_domain_id($_SESSION['user_id']);
$dmn_alias = 0;
$dmn_id = $dmn_default_id;
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - Client/Manage DNS'), 'TR_DNS' => tr("DNS zone's records"), 'TR_DNS_NAME' => tr('Name'), 'TR_DNS_CLASS' => tr('Class'), 'TR_DNS_TYPE' => tr('Type'), 'TR_DNS_ACTION' => tr('Actions'), 'TR_DNS_DATA' => tr('Record data'), 'TR_DNS_STATUS' => tr('Status'), 'TR_DOMAIN_NAME' => tr('Domain'), 'TR_SELECT' => tr('Select'), 'TR_DNS_ADD' => tr('Add DNS record'), 'D_USER_DOMAINS' => get_user_domains($_SESSION['user_id']), 'TR_MESSAGE_DELETE' => tr('Are you sure you want to delete %s?')));
if (isset($_GET['select_domain']) && $_GET['select_domain']) {
$dmn_data = explode('-', $_GET['domain_id']);
$dmn_alias = $dmn_data[0];
$dmn_id = $dmn_data[1];
}
$dmn_zone_data = get_dns_zone($dmn_alias, $dmn_id);
$tpl->assign(array('D_USER_DOMAIN_SELECTED' => $dmn_alias . '-' . $dmn_id, 'D_DNS_ZONE' => $dmn_zone_data));
gen_client_mainmenu($tpl, 'client/main_menu_manage_domains.tpl');
gen_client_menu($tpl, 'client/menu_manage_domains.tpl');
gen_page_message($tpl);
if ($cfg->DUMP_GUI_DEBUG) {
dump_gui_debug($tpl);
function gen_user_als_list(&$tpl, &$sql, $user_id)
{
$domain_id = get_user_domain_id($sql, $user_id);
$query = <<<SQL_QUERY
select
alias_id, alias_name, alias_status, alias_mount, alias_ip_id, url_forward
from
domain_aliasses
where
domain_id = ?
order by
alias_name
SQL_QUERY;
$rs = exec_query($sql, $query, array($domain_id));
if ($rs->RecordCount() == 0) {
$tpl->assign(array('ALS_MSG' => tr('Alias list is empty!'), 'ALS_LIST' => ''));
$tpl->parse('ALS_MESSAGE', 'als_message');
} else {
$counter = 0;
while (!$rs->EOF) {
if ($counter % 2 == 0) {
$tpl->assign('ITEM_CLASS', 'content');
} else {
$tpl->assign('ITEM_CLASS', 'content2');
}
list($als_action, $als_action_script) = gen_user_als_action($rs->fields['alias_id'], $rs->fields['alias_status']);
list($als_forward, $als_forward_script) = gen_user_als_forward($rs->fields['alias_id'], $rs->fields['alias_status'], $rs->fields['url_forward']);
$IDN = new idna_convert();
$alias_name = $IDN->decode($rs->fields['alias_name']);
$alias_name = utf8_decode($alias_name);
$tpl->assign(array('ALS_NAME' => $alias_name, 'ALS_MOUNT' => $rs->fields['alias_mount'], 'ALS_STATUS' => translate_dmn_status($rs->fields['alias_status']), 'ALS_FORWARD' => $als_forward, 'ALS_FWD_SCRIPT' => $als_forward_script, 'ALS_ACTION' => $als_action, 'ALS_ACTION_SCRIPT' => $als_action_script));
$tpl->parse('ALS_ITEM', '.als_item');
$rs->MoveNext();
$counter++;
}
$tpl->parse('ALS_LIST', 'als_list');
$tpl->assign('ALS_MESSAGE', '');
}
}
*
* The Original Code is "VHCS - Virtual Hosting Control System".
*
* The Initial Developer of the Original Code is moleSoftware GmbH.
* Portions created by Initial Developer are Copyright (C) 2001-2006
* by moleSoftware GmbH. All Rights Reserved.
*
* Portions created by the ispCP Team are Copyright (C) 2006-2010 by
* isp Control Panel. All Rights Reserved.
*
* Portions created by the i-MSCP Team are Copyright (C) 2010-2016 by
* i-MSCP - internet Multi Server Control Panel. All Rights Reserved.
*/
/***********************************************************************************************************************
* Main
*/
require_once 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart);
check_login('user');
if (!customerHasFeature('sql') || !isset($_GET['id'])) {
showBadRequestErrorPage();
}
$dbId = intval($_GET['id']);
if (!delete_sql_database(get_user_domain_id($_SESSION['user_id']), $dbId)) {
write_log(sprintf('Could not delete SQL database with ID %s. An unexpected error occurred.', $dbId), E_USER_NOTICE);
set_page_message(tr('Could not delete SQL database. An unexpected error occurred.'), 'error');
redirectTo('sql_manage.php');
}
set_page_message(tr('SQL database successfully deleted.'), 'success');
write_log(sprintf('%s deleted SQL database with ID %s', decode_idna($_SESSION['user_logged']), $dbId), E_USER_NOTICE);
redirectTo('sql_manage.php');
