Database::pexecute($stmt, $params);
}
}
$log->logAction(USR_ACTION, LOG_INFO, "edited ftp-account '" . $result['username'] . "'");
$description = validate($_POST['ftp_description'], 'description');
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`\n\t\t\t\t\tSET `description` = :desc\n\t\t\t\t\tWHERE `customerid` = :customerid\n\t\t\t\t\tAND `id` = :id");
Database::pexecute($stmt, array("desc" => $description, "customerid" => $userinfo['customerid'], "id" => $id));
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
$homedir = str_replace($userinfo['documentroot'], "/", $result['homedir']);
} else {
$homedir = $result['homedir'];
}
$homedir = makeCorrectDir($homedir);
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $homedir);
if (Settings::Get('customer.ftpatdomain') == '1') {
$domains = '';
$result_domains_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`\n\t\t\t\t\t\tWHERE `customerid` = :customerid");
Database::pexecute($result_domains_stmt, array("customerid" => $userinfo['customerid']));
while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
}
}
$ftp_edit_data = (include_once dirname(__FILE__) . '/lib/formfields/customer/ftp/formfield.ftp_edit.php');
$ftp_edit_form = htmlform::genHTMLForm($ftp_edit_data);
$title = $ftp_edit_data['ftp_edit']['title'];
$image = $ftp_edit_data['ftp_edit']['image'];
eval("echo \"" . getTemplate('ftp/accounts_edit') . "\";");
}
}
} elseif ($path == '') {
standard_error('patherror');
} else {
$userpath = makeCorrectDir($path);
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
$db->query('INSERT INTO `' . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int) $userinfo['customerid'] . "', '" . $db->escape($username) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($path) . "', 'y', '" . (int) $userinfo['guid'] . "', '" . (int) $userinfo['guid'] . "')");
$db->query('UPDATE `' . TABLE_FTP_GROUPS . "` SET `members`=CONCAT_WS(',',`members`,'" . $db->escape($username) . "') WHERE `customerid`='" . $userinfo['customerid'] . "' AND `gid`='" . (int) $userinfo['guid'] . "'");
// $db->query("INSERT INTO `".TABLE_FTP_GROUPS."` (`customerid`, `groupname`, `gid`, `members`) VALUES ('".$userinfo['customerid']."', '$username', '$uid', '$username')");
$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`+1, `ftp_lastaccountnumber`=`ftp_lastaccountnumber`+1 WHERE `customerid`='" . (int) $userinfo['customerid'] . "'");
// $db->query("UPDATE `".TABLE_PANEL_SETTINGS."` SET `value`='$uid' WHERE settinggroup='ftp' AND varname='lastguid'");
$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . ' (' . $path . ")'");
inserttask(5);
redirectTo($filename, array('page' => $page, 's' => $s));
}
} else {
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
if ($settings['customer']['ftpatdomain'] == '1') {
$domains = '';
$result_domains = $db->query('SELECT `domain` FROM `' . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "'");
while ($row_domain = $db->fetch_array($result_domains)) {
$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
}
}
eval('echo "' . getTemplate('ftp/accounts_add') . '";');
}
}
} elseif ($action == 'edit' && $id != 0) {
$result = $db->query_first('SELECT `id`, `username`, `homedir` FROM `' . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'");
if (isset($result['username']) && $result['username'] != '') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$password = validate($_POST['ftp_password'], 'password');
$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `" . TABLE_DOMAINTOIP . "` `dip`\n\t\t\t\t\tWHERE `d`.`aliasdomain` IS NULL\n\t\t\t\t\tAND `d`.`id` <> :id\n\t\t\t\t\tAND `c`.`standardsubdomain` <> `d`.`id`\n\t\t\t\t\tAND `d`.`parentdomainid` = '0'\n\t\t\t\t\tAND `d`.`customerid` = :customerid\n\t\t\t\t\tAND `c`.`customerid` = `d`.`customerid`\n\t\t\t\t\tAND `d`.`id` = `dip`.`id_domain`\n\t\t\t\t\tAND `dip`.`id_ipandports`\n\t\t\t\t\tIN (SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "`\n\t\t\t\t\t\tWHERE `id_domain` = :id)\n\t\t\t\t\tGROUP BY `d`.`id`, `d`.`domain`\n\t\t\t\t\tORDER BY `d`.`domain` ASC");
Database::pexecute($domains_stmt, array("id" => $result['id'], "customerid" => $userinfo['customerid']));
while ($row_domain = $domains_stmt->fetch(PDO::FETCH_ASSOC)) {
$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']);
}
if (preg_match('/^https?\\:\\/\\//', $result['documentroot']) && validateUrl($result['documentroot'])) {
if (Settings::Get('panel.pathedit') == 'Dropdown') {
$urlvalue = $result['documentroot'];
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
} else {
$urlvalue = '';
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $result['documentroot'], true);
}
} else {
$urlvalue = '';
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $result['documentroot']);
}
$redirectcode = '';
if (Settings::Get('customredirect.enabled') == '1') {
$def_code = getDomainRedirectId($id);
$codes = getRedirectCodesArray();
foreach ($codes as $rc) {
$redirectcode .= makeoption($rc['code'] . ' (' . $lng['redirect_desc'][$rc['desc']] . ')', $rc['id'], $def_code);
}
}
// check if we at least have one ssl-ip/port, #1179
$ssl_ipsandports = '';
$ssl_ip_stmt = Database::prepare("SELECT COUNT(*) as countSSL FROM `panel_ipsandports` WHERE `ssl`='1'");
Database::pexecute($ssl_ip_stmt);
$resultX = $ssl_ip_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($resultX['countSSL']) && (int) $resultX['countSSL'] > 0) {
