Esempio n. 1
0
    tunablesListRequestCheck($ctrl_dir, "delheaders");
    tunablesTextareaRequestCheck($ctrl_dir, "footer");
    tunablesSUBTextareaRequestCheck($list_dir, "sub");
    tunablesUNSUBTextareaRequestCheck($list_dir, "unsub");
    tunablesWABooleanRequestCheck($list_dir, "webarchive");
    tunablesTextareaRequestCheck($list_dir, "rcfile");
    tunablesWABooleanRequestCheck($ctrl_dir, "spammode");
    tunablesWABooleanActionsRequestCheck($list_dir);
}
//////////////////////////////////
// $edit_domain $editmail_login
//////////////////////////////////
if (isset($_REQUEST["dellist"]) && $_REQUEST["dellist"] == "Del") {
    checkLoginPassAndDomain($adm_login, $adm_pass, $edit_domain);
    // Verify strings given
    if (!isMailbox($_REQUEST["edit_mailbox"])) {
        die($_REQUEST["edit_mailbox"] . _(" does not look like a mailbox login..."));
    }
    //Some vars
    $name = $_REQUEST["edit_mailbox"];
    $admin_path = getAdminPath($adm_login);
    $folder_name = $edit_domain . "_" . $name;
    $list_full_path = $admin_path . "/" . $edit_domain . "/lists/" . $folder_name;
    //I delete all files of this mailing list
    $del_spool = "rm /var/spool/mlmmj/" . $folder_name;
    exec($del_spool);
    $del_etc = "rm -rf /etc/mlmmj/lists/" . $folder_name;
    exec($del_etc);
    $del_ml = "rm -rf " . $list_full_path;
    exec($del_ml);
    // i need to add the postfix's aliases deletion
Esempio n. 2
0
function validateWaitingUser($waiting_login_id)
{
    global $conf_administrative_site;
    global $conf_use_ssl;
    global $pro_mysql_admin_table;
    global $pro_mysql_client_table;
    global $pro_mysql_new_admin_table;
    global $pro_mysql_product_table;
    global $pro_mysql_vps_ip_table;
    global $pro_mysql_vps_server_table;
    global $pro_mysql_completedorders_table;
    global $pro_mysql_domain_table;
    global $dtcshared_path;
    global $txt_userwaiting_account_activated_subject;
    global $txt_userwaiting_account_activated_text_header;
    global $conf_site_root_host_path;
    global $conf_demo_version;
    global $conf_use_ssl;
    global $conf_webmaster_email_addr;
    global $conf_this_server_country_code;
    global $conf_message_subject_header;
    global $console;
    //get affiliate cookie
    if (isset($_COOKIE["affiliate"]) && isMailbox($affiliatename)) {
        $affiliatename = $_COOKIE["affiliate"];
    }
    if (isset($affiliatename)) {
        //Step 1: validate that the affiliatename exists
        $q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
        $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        if (mysql_num_rows($r) != 1) {
            unset($affiliatename);
        }
        // at this point, we should have an affiliatename
    }
    // Get the informations from the user waiting table
    $q = "SELECT * FROM {$pro_mysql_new_admin_table} WHERE id='{$waiting_login_id}';";
    //	$q = "SELECT * FROM $pro_mysql_new_admin_table WHERE reqadm_login='******';";
    $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n != 1) {
        die("I can't find username with id {$waiting_login_id} in the userwaiting table line: " . __LINE__ . " file: " . __FILE__ . "!");
    }
    $a = mysql_fetch_array($r);
    $waiting_login = $a["reqadm_login"];
    $last_used_lang = $a["last_used_lang"];
    // Check if there is a user by that name
    $q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
    $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($a["add_service"] == "yes") {
        if ($n != 1) {
            die("There is no user with name {$waiting_login} in database: I can't add a service to it line: " . __LINE__ . " file: " . __FILE__ . "!");
        }
        $existing_admin = mysql_fetch_array($r);
        $cid = $existing_admin["id_client"];
        $vps_root_pass = $existing_admin["adm_pass"];
    } else {
        if ($n != 0) {
            die("There is already a user with name {$waiting_login} in database: I can't add another one line: " . __LINE__ . " file: " . __FILE__ . "!");
        }
        $vps_root_pass = $a["reqadm_pass"];
    }
    // Calculate user's path with default path
    $newadmin_path = $conf_site_root_host_path . "/" . $waiting_login;
    // Create admin's directory
    if ($conf_demo_version == "no" && $a["add_service"] != "yes") {
        $oldumask = umask(0);
        if (!file_exists($newadmin_path)) {
            mkdir("{$newadmin_path}", 0750);
            $console .= "mkdir {$newadmin_path};<br>";
        }
    }
    // Get the informations from the product table
    $q2 = "SELECT * FROM {$pro_mysql_product_table} WHERE id='" . $a["product_id"] . "'";
    $r2 = mysql_query($q2) or die("Cannot execute query \"{$q2}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    $n2 = mysql_num_rows($r2);
    if ($n2 != 1) {
        die("I can't find the product in the table line: " . __LINE__ . " file: " . __FILE__ . "!");
    }
    $a2 = mysql_fetch_array($r2);
    // Add customer's info to production table
    if ($a["add_service"] != "yes") {
        $adm_query = "INSERT INTO {$pro_mysql_client_table}\n(id,is_company,company_name,vat_num,familyname,christname,addr1,addr2,addr3,\ncity,zipcode,state,country,phone,fax,email,\ndisk_quota_mb,bw_quota_per_month_gb,\nspecial_note) VALUES ('','" . $a["iscomp"] . "',\n'" . addslashes($a["comp_name"]) . "','" . addslashes($a["vat_num"]) . "','" . addslashes($a["family_name"]) . "','" . addslashes($a["first_name"]) . "',\n'" . addslashes($a["addr1"]) . "','" . addslashes($a["addr2"]) . "','" . addslashes($a["addr3"]) . "','" . addslashes($a["city"]) . "',\n'" . addslashes($a["zipcode"]) . "','" . addslashes($a["state"]) . "','" . addslashes($a["country"]) . "','" . addslashes($a["phone"]) . "',\n'" . addslashes($a["fax"]) . "','" . addslashes($a["email"]) . "','" . $a2["quota_disk"] . "','" . $a2["bandwidth"] / 1024 . "',\n'" . addslashes($a["restricted_ftp_path"]) . "','" . addslashes($a["allow_dns_and_mx_change"]) . "',\n'" . addslashes($a["ftp_login_flag"]) . "','" . addslashes($a["allow_mailing_list_edit"]) . "','" . addslashes($a["allow_subdomain_edit"]) . "',\n'" . addslashes($a["custom_notes"]) . "');";
        $r = mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        $cid = mysql_insert_id();
    }
    // Add user in database
    $expires = calculateExpirationDate(date("Y-m-d"), $a2["period"]);
    if ($a2["heb_type"] == "vps") {
        $admtbl_added1 = ",expire,prod_id";
        $admtbl_added2 = ",'0000-00-00','0'";
    } else {
        if ($a2["heb_type"] == "server") {
            $admtbl_added1 = ",expire,prod_id";
            $admtbl_added2 = ",'0000-00-00','0'";
        } else {
            $admtbl_added1 = ",expire,prod_id";
            $admtbl_added2 = ",'{$expires}','" . $a2["id"] . "'";
            $admtbl_added3 = ", expire='{$expires}', prod_id='" . $a2["id"] . "' ";
        }
    }
    if ($a["add_service"] != "yes") {
        $adm_query = "INSERT INTO {$pro_mysql_admin_table}\n(adm_login        ,adm_pass              ,last_used_lang   ,path            ,id_client,bandwidth_per_month_mb,quota,nbrdb,allow_add_domain,max_domain,restricted_ftp_path,allow_dns_and_mx_change,ftp_login_flag,allow_mailing_list_edit,allow_subdomain_edit,max_email{$admtbl_added1}) VALUES\n('{$waiting_login}','" . $a["reqadm_pass"] . "','{$last_used_lang}','{$newadmin_path}','{$cid}','" . $a2["bandwidth"] . "','" . $a2["quota_disk"] . "','" . $a2["nbr_database"] . "','" . $a2["allow_add_domain"] . "','" . $a2["max_domain"] . "',\n'" . $a2["restricted_ftp_path"] . "','" . $a2["allow_dns_and_mx_change"] . "','" . $a2["ftp_login_flag"] . "','" . $a2["allow_mailing_list_edit"] . "','" . $a2["allow_subdomain_edit"] . "','" . $a2["nbr_email"] . "'{$admtbl_added2});";
        mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    } else {
        if ($a2["heb_type"] == "shared") {
            $adm_query = "UPDATE {$pro_mysql_admin_table}\n\t\t\tSET bandwidth_per_month_mb='" . $a2["bandwidth"] . "', quota='" . $a2["quota_disk"] . "', nbrdb='" . $a2["nbr_database"] . "',\n\t\t\tallow_add_domain='" . $a2["allow_add_domain"] . "', max_domain='" . $a2["max_domain"] . "', restricted_ftp_path='" . $a2["restricted_ftp_path"] . "',\n\t\t\tallow_dns_and_mx_change='" . $a2["allow_dns_and_mx_change"] . "', ftp_login_flag='" . $a2["ftp_login_flag"] . "', allow_mailing_list_edit='" . $a2["allow_mailing_list_edit"] . "',\n\t\t\tallow_subdomain_edit='" . $a2["allow_subdomain_edit"] . "', max_email='" . $a2["nbr_email"] . "' {$admtbl_added3}\n\t\t\tWHERE adm_login='******';";
            mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        }
    }
    if ($a2["heb_type"] == "vps") {
        $vps_xen_name = addVPSToUser($waiting_login, $a["vps_location"], $a2["id"], $a["vps_os"]);
        $soap_client = connectToVPSServer($a["vps_location"]);
        if ($soap_client == false) {
            echo "Could not connect to the VPS server for doing the setup: please contact the administrator!";
        } else {
            $image_type = "lvm";
            if (isVPSNodeLVMEnabled($a["vps_location"]) == "no") {
                $image_type = "vbd";
            }
            $r = $soap_client->call("setupLVMDisks", array("vpsname" => $vps_xen_name, "hddsize" => $a2["quota_disk"], "swapsize" => $a2["memory_size"], "imagetype" => $image_type), "", "", "");
            $qvps = "SELECT * FROM {$pro_mysql_vps_ip_table} WHERE vps_server_hostname='" . $a["vps_location"] . "' AND vps_xen_name='{$vps_xen_name}' LIMIT 1;";
            $rvps = mysql_query($qvps) or die("Cannot execute query \"{$qvps}\" line " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
            $nvps = mysql_num_rows($rvps);
            if ($nvps != 1) {
                echo "Cannot find VPS IP: wont be able to setup the os, please get in touch with the administrator!";
            } else {
                $avps = mysql_fetch_array($rvps);
                $r = $soap_client->call("reinstallVPSos", array("vpsname" => $vps_xen_name, "ostype" => $a["vps_os"], "hddsize" => $a2["quota_disk"], "ramsize" => $a2["memory_size"], "ipaddr" => $avps["ip_addr"], "password" => $vps_root_pass), "", "", "");
                $qcountry = "SELECT * FROM {$pro_mysql_vps_server_table} WHERE hostname='" . $a["vps_location"] . "';";
                $rcountry = mysql_query($qcountry) or die("Cannot execute query \"{$qcountry}\" line " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
                $ncountry = mysql_num_rows($rcountry);
                if ($ncountry != 1) {
                    echo "Cannot find VPS server country!";
                    $country = 'US';
                } else {
                    $acountry = mysql_fetch_array($rcountry);
                    $country = $acountry["country_code"];
                }
            }
        }
        // Read the (customizable) registration message to send
        $txt_welcome_message = readCustomizedMessage("registration_msg/vps_open", $waiting_login);
    } else {
        if ($a2["heb_type"] == "server") {
            // As there is currently no dedicated server provision system, we just do this:
            $country = $conf_this_server_country_code;
            addDedicatedToUser($waiting_login, $a["domain_name"], $a2["id"]);
            // Read the (customizable) registration message to send
            $txt_welcome_message = readCustomizedMessage("registration_msg/dedicated_open", $waiting_login);
        } else {
            $country = $conf_this_server_country_code;
            addDomainToUser($waiting_login, $a["reqadm_pass"], $a["domain_name"]);
            // Read the (customizable) registration message to send
            $txt_welcome_message = readCustomizedMessage("registration_msg/shared_open", $waiting_login);
            $q = "UPDATE {$pro_mysql_domain_table} SET max_email='" . $a2["nbr_email"] . "',quota='" . $a2["quota_disk"] . "' WHERE name='" . $a["domain_name"] . "';";
            $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        }
    }
    // Send a mail to user with how to login and use interface.
    $txt_userwaiting_account_activated_subject = "{$conf_message_subject_header} Account {$waiting_login} has been activated!";
    // Manage the signature of all registration messages
    $signature = readCustomizedMessage("signature", $waiting_login);
    $msg_2_send = str_replace("%%%SIGNATURE%%%", $signature, $txt_welcome_message);
    // Manage the login info part of the message
    if ($conf_use_ssl == "yes") {
        $surl = "s";
    } else {
        $surl = "";
    }
    $dtc_login_info = "URL: http{$surl}://{$conf_administrative_site}/dtc/\nLogin: {$waiting_login}\nPassword: "******"reqadm_pass"];
    $msg_2_send = str_replace("%%%DTC_LOGIN_INFO%%%", $dtc_login_info, $msg_2_send);
    // Manage the header of the messages
    $head = readCustomizedMessage("messages_header", $waiting_login);
    $msg_2_send = $head . "\n" . $msg_2_send;
    $headers = "From: " . $conf_webmaster_email_addr;
    mail($a["email"], $txt_userwaiting_account_activated_subject, $msg_2_send, $headers);
    // Now add a command to the user so we keep tracks of payments
    $q = "INSERT INTO {$pro_mysql_completedorders_table} (id,id_client,domain_name,quantity,date,product_id,payment_id,country_code,last_expiry_date)\n\tVALUES ('','{$cid}','" . $a["domain_name"] . "','1','" . date("Y-m-d") . "','" . $a["product_id"] . "','" . $a["paiement_id"] . "','{$country}','" . date("Y-d-m") . "');";
    mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    if (isset($affiliatename)) {
        // Step 2) retrieve the kickback from the products table
        $kickback = $a2["affiliate_kickback"];
        $orderid = mysql_insert_id();
        if ($kickback) {
            // Step 3) if a kickback exists, store it in the affiliate transaction table
            $kickback = 1.0 + $kickback - 1.0;
            //cast to float.  I hate PHP.
            $xxs = "INSERT INTO affiliate_payments (adm_login,order_id,kickback) VALUES('{$affiliatename}',{$orderid},{$kickback});";
            mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        }
    }
    // Finaly delete the user from the userwaiting table
    $q = "DELETE FROM {$pro_mysql_new_admin_table} WHERE id='{$waiting_login_id}';";
    mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
Esempio n. 3
0
<?php

///////////////////////////////////////////////
// Email account submition to mysql database //
///////////////////////////////////////////////
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "set_catchall_account") {
    checkLoginPassAndDomain($adm_login, $adm_pass, $edit_domain);
    if ($_REQUEST["catchall_popup"] == "no-mail-account") {
        $q = "UPDATE {$pro_mysql_domain_table} SET catchall_email='' WHERE name='{$edit_domain}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said :" . mysql_error());
    } else {
        if (!isMailbox($_REQUEST["catchall_popup"])) {
            $submit_err .= _("Incorect mail login format: it should consist of only lowercase letters, numbers, or the \"-\" sign.<br>\n");
            $commit_flag = "no";
        } else {
            // Check if mail exists...
            if ($_REQUEST["catchall_popup"] != "no-mail-account") {
                $test_query = "SELECT * FROM {$pro_mysql_pop_table} WHERE id='" . $_REQUEST["catchall_popup"] . "' AND mbox_host='{$edit_domain}'";
                $test_result = mysql_query($test_query) or die("Cannot execute query \"{$test_query}\"");
                $testnum_rows = mysql_num_rows($test_result);
                if ($testnum_rows != 1) {
                    $submit_err .= _("Mailbox does not exists in database!<br>\n");
                    $commit_flag = "no";
                } else {
                    $catch = $_REQUEST["catchall_popup"];
                    writeCatchallDotQmailFile($catch, $edit_domain);
                }
            } else {
                $catch = "";
            }
        }