function user($data)
{
$data = unserialize($data);
if (!is_object($data) || !isset($data->user)) {
return false;
}
$cmd = "/usr/sbin/";
$result = false;
$USER = $data->user;
$PASS = $data->pass;
$CGI_SYS = ZH_DATA . "/cgi-system";
if (!is_dir($CGI_SYS)) {
mkdir($CGI_SYS, 0700, true);
}
switch ($data->action) {
case 'add':
log_msg("Adding user account...");
$pass_crypted = crypt($PASS);
$cmd0 = "/usr/sbin/useradd -m -s /bin/bash -p '{$pass_crypted}' {$USER}";
log_msg($cmd0);
$result = shell_exec($cmd0);
// ADD USER
//if(!$result) return;
/*echo "Setting password...\n";
$cmd0 = "echo '$USER:$PASS' | chpasswd";
echo "$cmd0\n\n";
$result = shell_exec($cmd0); // SET PASSWORD
//if(!$result) return;*/
log_msg("Copying template files...");
$cmd0 = "cp -r {$CGI_SYS}/TEMPLATE {$CGI_SYS}/{$USER}";
log_msg($cmd0);
$result = shell_exec($cmd0);
// MAKE FASTCGI WRAPPERS
//if(!$result) return;
log_msg("Updating template files...");
$cmd0 = "sed -i 's/TEMPLATE/{$USER}/g' {$CGI_SYS}/{$USER}/*";
log_msg($cmd0);
$result = shell_exec($cmd0);
// DO UPDATE
//if(!$result) return;
log_msg("Fixing ownership...");
$cmd0 = "chown -R {$USER}.{$USER} {$CGI_SYS}/{$USER}";
log_msg($cmd0);
$result = shell_exec($cmd0);
// FIX PERMISSIONS
//if(!$result) return;
log_msg("Fixing permissions...");
$cmd0 = "chmod -R 755 {$CGI_SYS}/{$USER}";
log_msg($cmd0);
$result = shell_exec($cmd0);
// FIX PERMISSIONS
//if(!$result) return;
log_msg("Fixing ownership...");
$cmd0 = "chmod 711 /home/{$USER}";
log_msg($cmd0);
$result = shell_exec($cmd0);
// FIX PERMISSIONS
//if(!$result) return;
$passwd = file_get_contents('/etc/passwd');
preg_match("#\n{$USER}:x:(\\d+):(\\d+)#", $str, $out);
$uid = $out[1];
$gid = $out[2];
global $pdo;
$pdo->update('user', array('uid' => $uid, 'gid' => $gid), "user='******'");
syncFtpUsers(false);
global $zhd;
$zhd->proftpd('restart');
break;
case 'mod':
$pass_crypted = getcrypted($PASS);
$cmd .= "/usr/sbin/usermod -p '{$pass_crypted}' {$USER}";
$result = shell_exec($cmd);
syncFtpUsers(false);
global $zhd;
$zhd->proftpd('restart');
break;
case 'del':
// DANGEROUS
log_msg('Backup user\'s files...');
$cmd0 = "mv -f /home/{$USER} /home/backup/";
log_msg($cmd0);
$result = shell_exec($cmd0);
// DO A BACKUP FIRST
log_msg("Deleting user account...");
$cmd0 = "/usr/sbin/userdel -rf {$USER}";
log_msg($cmd0);
$result = shell_exec($cmd0);
log_msg("Deleting user's fcgid wrappers...");
$cmd0 = "rm -rf {$CGI_SYS}/{$USER}";
log_msg($cmd0);
$result = shell_exec($cmd0);
break;
case 'jail':
$service .= $cmd;
break;
case 'unjail':
$service .= $cmd;
break;
default:
return false;
}
return $result;
}
function chpasswd($user, $pass)
{
global $pdo;
if (PHP_OS == 'WINNT') {
$uid = getuid($user);
if ($uid < 1000 || $uid > 10000) {
return false;
}
$p = "/\n{$user}:([^:]*:\\d+):0:46714:7:::/";
$shadow = getfile('/etc/shadow');
//backupConf('shadow');
$str = file_get_contents($shadow);
if (!preg_match($p, $str, $out)) {
return false;
}
$newpass = getcrypted($pass);
$last_modified = ceil(time() / 3600 / 24);
$from = "\n{$user}:" . $out[1];
$to = "\n{$user}:{$newpass}:{$last_modified}";
$str = str_replace($from, $to, $str);
return file_put_contents($shadow, $str);
} else {
$pass = getcrypted($pass);
$cmd = "usermod -p '{$pass}' {$user} 2>&1";
$res = `{$cmd}`;
if ($res) {
setmsg($res, 'error');
} else {
return true;
}
}
sync();
$update = array('pass' => $pass);
return $pdo->update('user', $update, " user='******'");
}
