/** * Create reseller account * * @throws Exception * @throws iMSCP_Exception * @throws iMSCP_Exception_Database * @return bool */ function admin_checkAndCreateResellerAccount() { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddUser); $cfg = iMSCP_Registry::get('config'); $errFieldsStack = array(); $data =& admin_getData(); /** @var $db iMSCP_Database */ $db = iMSCP_Database::getInstance(); try { $db->beginTransaction(); // Check for reseller name $stmt = exec_query('SELECT COUNT(`admin_id`) `usernameExist` FROM `admin` WHERE `admin_name` = ? LIMIT 1', $data['admin_name']); $row = $stmt->fetchRow(PDO::FETCH_ASSOC); if ($row['usernameExist']) { set_page_message(tr("The username %s is not available.", '<b>' . $data['admin_name'] . '</b>'), 'error'); $errFieldsStack[] = 'admin_name'; } elseif (!validates_username($data['admin_name'])) { set_page_message(tr('Incorrect username length or syntax.'), 'error'); $errFieldsStack[] = 'admin_name'; } // check for password if (empty($data['password'])) { set_page_message(tr('You must provide a password.'), 'error'); $errFieldsStack[] = 'password'; $errFieldsStack[] = 'password_confirmation'; } elseif ($data['password'] != $data['password_confirmation']) { set_page_message(tr("Passwords do not match."), 'error'); $errFieldsStack[] = 'password'; $errFieldsStack[] = 'password_confirmation'; } elseif (!checkPasswordSyntax($data['password'])) { $errFieldsStack[] = 'password'; $errFieldsStack[] = 'password_confirmation'; } // Check for email address if (!chk_email($data['email'])) { set_page_message(tr('Incorrect syntax for email address.'), 'error'); $errFieldsStack[] = 'email'; } // Check for ip addresses - We are safe here $resellerIps = array(); foreach ($data['server_ips'] as $serverIpData) { if (in_array($serverIpData['ip_id'], $data['reseller_ips'])) { $resellerIps[] = $serverIpData['ip_id']; } } sort($resellerIps); if (empty($resellerIps)) { set_page_message(tr('You must assign at least one IP to this reseller.'), 'error'); } // Check for max domains limit if (!imscp_limit_check($data['max_dmn_cnt'], null)) { set_page_message(tr('Incorrect limit for %s.', tr('domain')), 'error'); $errFieldsStack[] = 'max_dmn_cnt'; } // Check for max subdomains limit if (!imscp_limit_check($data['max_sub_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('subdomains')), 'error'); $errFieldsStack[] = 'max_sub_cnt'; } // check for max domain aliases limit if (!imscp_limit_check($data['max_als_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('domain aliases')), 'error'); $errFieldsStack[] = 'max_als_cnt'; } // Check for max mail accounts limit if (!imscp_limit_check($data['max_mail_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('email accounts')), 'error'); $errFieldsStack[] = 'max_mail_cnt'; } // Check for max ftp accounts limit if (!imscp_limit_check($data['max_ftp_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('Ftp accounts')), 'error'); $errFieldsStack[] = 'max_ftp_cnt'; } // Check for max Sql databases limit if (!imscp_limit_check($data['max_sql_db_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('SQL databases')), 'error'); $errFieldsStack[] = 'max_sql_db_cnt'; } elseif ($_POST['max_sql_db_cnt'] == -1 && $_POST['max_sql_user_cnt'] != -1) { set_page_message(tr('SQL database limit is disabled but SQL user limit is not.'), 'error'); $errFieldsStack[] = 'max_sql_db_cnt'; } // Check for max Sql users limit if (!imscp_limit_check($data['max_sql_user_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('SQL users')), 'error'); $errFieldsStack[] = 'max_sql_user_cnt'; } elseif ($_POST['max_sql_user_cnt'] == -1 && $_POST['max_sql_db_cnt'] != -1) { set_page_message(tr('SQL user limit is disabled but SQL database limit is not.'), 'error'); $errFieldsStack[] = 'max_sql_user_cnt'; } // Check for max monthly traffic limit if (!imscp_limit_check($data['max_traff_amnt'], null)) { set_page_message(tr('Incorrect limit for %s.', tr('traffic')), 'error'); $errFieldsStack[] = 'max_traff_amnt'; } // Check for max disk space limit if (!imscp_limit_check($data['max_disk_amnt'], null)) { set_page_message(tr('Incorrect limit for %s.', tr('Disk space')), 'error'); $errFieldsStack[] = 'max_disk_amnt'; } // Check for PHP settings $phpini = iMSCP_PHPini::getInstance(); $phpini->setResellerPermission('phpiniSystem', $data['php_ini_system']); if ($phpini->resellerHasPermission('phpiniSystem')) { $phpini->setResellerPermission('phpiniAllowUrlFopen', $data['php_ini_al_allow_url_fopen']); $phpini->setResellerPermission('phpiniDisplayErrors', $data['php_ini_al_display_errors']); $phpini->setResellerPermission('phpiniDisableFunctions', $data['php_ini_al_disable_functions']); $phpini->setResellerPermission('phpiniMailFunction', $data['php_ini_al_mail_function']); $phpini->setResellerPermission('phpiniMemoryLimit', $data['memory_limit']); // Must be set before phpiniPostMaxSize $phpini->setResellerPermission('phpiniPostMaxSize', $data['post_max_size']); // Must be set before phpiniUploadMaxFileSize $phpini->setResellerPermission('phpiniUploadMaxFileSize', $data['upload_max_filesize']); $phpini->setResellerPermission('phpiniMaxExecutionTime', $data['max_execution_time']); $phpini->setResellerPermission('phpiniMaxInputTime', $data['max_input_time']); } if (empty($errFieldsStack) && !Zend_Session::namespaceIsset('pageMessages')) { // Update process begin here // Insert reseller personal data into database exec_query(' INSERT INTO admin ( admin_name, admin_pass, admin_type, domain_created, created_by, fname, lname, firm, zip, city, state, country, email, phone, fax, street1, street2, gender ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) ', array($data['admin_name'], cryptPasswordWithSalt($data['password']), 'reseller', time(), $_SESSION['user_id'], $data['fname'], $data['lname'], $data['firm'], $data['zip'], $data['city'], $data['state'], $data['country'], $data['email'], $data['phone'], $data['fax'], $data['street1'], $data['street2'], $data['gender'])); // Get new reseller unique identifier $resellerId = $db->insertId(); // Insert reseller GUI properties into database exec_query('INSERT INTO user_gui_props (user_id, lang, layout) VALUES (?, ?, ?)', array($resellerId, $cfg['USER_INITIAL_LANG'], $cfg['USER_INITIAL_THEME'])); // Insert reseller properties into database exec_query(' INSERT INTO reseller_props ( reseller_id, reseller_ips, max_dmn_cnt, current_dmn_cnt, max_sub_cnt, current_sub_cnt, max_als_cnt, current_als_cnt, max_mail_cnt, current_mail_cnt, max_ftp_cnt, current_ftp_cnt, max_sql_db_cnt, current_sql_db_cnt, max_sql_user_cnt, current_sql_user_cnt, max_traff_amnt, current_traff_amnt, max_disk_amnt, current_disk_amnt, support_system, customer_id, software_allowed, softwaredepot_allowed, websoftwaredepot_allowed, php_ini_system, php_ini_al_disable_functions, php_ini_al_mail_function, php_ini_al_allow_url_fopen, php_ini_al_display_errors, php_ini_max_post_max_size, php_ini_max_upload_max_filesize, php_ini_max_max_execution_time, php_ini_max_max_input_time, php_ini_max_memory_limit ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) ', array($resellerId, implode(';', $resellerIps) . ';', $data['max_dmn_cnt'], '0', $data['max_sub_cnt'], '0', $data['max_als_cnt'], '0', $data['max_mail_cnt'], '0', $data['max_ftp_cnt'], '0', $data['max_sql_db_cnt'], '0', $data['max_sql_user_cnt'], '0', $data['max_traff_amnt'], '0', $data['max_disk_amnt'], '0', $data['support_system'], $data['customer_id'], $data['software_allowed'], $data['softwaredepot_allowed'], $data['websoftwaredepot_allowed'], $phpini->getResellerPermission('phpiniSystem'), $phpini->getResellerPermission('phpiniDisableFunctions'), $phpini->getResellerPermission('phpiniMailFunction'), $phpini->getResellerPermission('phpiniAllowUrlFopen'), $phpini->getResellerPermission('phpiniDisplayErrors'), $phpini->getResellerPermission('phpiniPostMaxSize'), $phpini->getResellerPermission('phpiniUploadMaxFileSize'), $phpini->getResellerPermission('phpiniMaxExecutionTime'), $phpini->getResellerPermission('phpiniMaxInputTime'), $phpini->getResellerPermission('phpiniMemoryLimit'))); $db->commit(); // Creating Software repository for reseller if needed if ($data['software_allowed'] == 'yes' && !@mkdir($cfg['GUI_APS_DIR'] . '/' . $resellerId, 0750, true)) { write_log(sprintf('System was unable to create the %s directory for reseller software repository', "{$cfg['GUI_APS_DIR']}/{$resellerId}"), E_USER_ERROR); } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddUser); send_add_user_auto_msg($_SESSION['user_id'], $data['admin_name'], $data['password'], $data['email'], $data['fname'], $data['lname'], tr('Reseller')); write_log(sprintf('A new reseller account (%s) has been created by %s', $data['admin_name'], $_SESSION['user_logged']), E_USER_NOTICE); set_page_message(tr('Reseller account successfully created.'), 'success'); return true; } } catch (iMSCP_Exception_Database $e) { $db->rollBack(); throw $e; } if (!empty($errFieldsStack)) { iMSCP_Registry::set('errFieldsStack', $errFieldsStack); } return false; }
/** * Check and updates reseller data * * @throws iMSCP_Exception_Database * @param int $resellerId Reseller unique identifier * @return bool TRUE on success, FALSE otherwise */ function admin_checkAndUpdateData($resellerId) { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $resellerId)); $errFieldsStack = array(); $data =& admin_getData($resellerId, true); $db = iMSCP_Database::getInstance(); try { $db->beginTransaction(); // check for password (if needed) if ($data['password'] !== '' && $data['pasword_confirmation'] !== '') { if ($data['password'] !== $data['password_confirmation']) { set_page_message(tr('Passwords do not match.'), 'error'); } checkPasswordSyntax($data['password']); if (Zend_Session::namespaceIsset('pageMessages')) { $errFieldsStack[] = 'password'; $errFieldsStack[] = 'password_confirmation'; } } // Check for email address if (!chk_email($data['email'])) { set_page_message(tr('Incorrect syntax for email address.'), 'error'); $errFieldsStack[] = 'email'; } // Check for ip addresses $resellerIps = array(); foreach ($data['server_ips'] as $serverIpData) { if (in_array($serverIpData['ip_id'], $data['reseller_ips'], true)) { $resellerIps[] = $serverIpData['ip_id']; } } $resellerIps = array_unique(array_merge($resellerIps, $data['used_ips'])); sort($resellerIps); if (empty($resellerIps)) { set_page_message(tr('You must assign at least one IP to this reseller.'), 'error'); } // Check for max domains limit if (imscp_limit_check($data['max_dmn_cnt'], null)) { $rs = admin_checkResellerLimit($data['max_dmn_cnt'], $data['current_dmn_cnt'], $data['nbDomains'], '0', tr('domains')); } else { set_page_message(tr('Incorrect limit for %s.', tr('domain')), 'error'); $rs = false; } if (!$rs) { $errFieldsStack[] = 'max_dmn_cnt'; } // Check for max subdomains limit if (imscp_limit_check($data['max_sub_cnt'])) { $rs = admin_checkResellerLimit($data['max_sub_cnt'], $data['current_sub_cnt'], $data['nbSubdomains'], $data['unlimitedSubdomains'], tr('subdomains')); } else { set_page_message(tr('Incorrect limit for %s.', tr('subdomains')), 'error'); $rs = false; } if (!$rs) { $errFieldsStack[] = 'max_sub_cnt'; } // check for max domain aliases limit if (imscp_limit_check($data['max_als_cnt'])) { $rs = admin_checkResellerLimit($data['max_als_cnt'], $data['current_als_cnt'], $data['nbDomainAliases'], $data['unlimitedDomainAliases'], tr('domain aliases')); } else { set_page_message(tr('Incorrect limit for %s.', tr('domain aliases')), 'error'); $rs = false; } if (!$rs) { $errFieldsStack[] = 'max_als_cnt'; } // Check for max mail accounts limit if (imscp_limit_check($data['max_mail_cnt'])) { $rs = admin_checkResellerLimit($data['max_mail_cnt'], $data['current_mail_cnt'], $data['nbMailAccounts'], $data['unlimitedMailAccounts'], tr('mail')); } else { set_page_message(tr('Incorrect limit for %s.', tr('email accounts')), 'error'); $rs = false; } if (!$rs) { $errFieldsStack[] = 'max_mail_cnt'; } // Check for max ftp accounts limit if (imscp_limit_check($data['max_ftp_cnt'])) { $rs = admin_checkResellerLimit($data['max_ftp_cnt'], $data['current_ftp_cnt'], $data['nbFtpAccounts'], $data['unlimitedFtpAccounts'], tr('Ftp')); } else { set_page_message(tr('Incorrect limit for %s.', tr('Ftp accounts')), 'error'); $rs = false; } if (!$rs) { $errFieldsStack[] = 'max_ftp_cnt'; } // Check for max Sql databases limit if (!($rs = imscp_limit_check($data['max_sql_db_cnt']))) { set_page_message(tr('Incorrect limit for %s.', tr('SQL databases')), 'error'); } elseif ($data['max_sql_db_cnt'] == -1 && $data['max_sql_user_cnt'] != -1) { set_page_message(tr('SQL database limit is disabled but SQL user limit is not.'), 'error'); $rs = false; } else { $rs = admin_checkResellerLimit($data['max_sql_db_cnt'], $data['current_sql_db_cnt'], $data['nbSqlDatabases'], $data['unlimitedSqlDatabases'], tr('SQL databases')); } if (!$rs) { $errFieldsStack[] = 'max_sql_db_cnt'; } // Check for max Sql users limit if (!($rs = imscp_limit_check($data['max_sql_user_cnt']))) { set_page_message(tr('Incorrect limit for %s.', tr('SQL users')), 'error'); } elseif ($data['max_sql_db_cnt'] != -1 && $data['max_sql_user_cnt'] == -1) { set_page_message(tr('SQL user limit is disabled but SQL database limit is not.'), 'error'); $rs = false; } else { $rs = admin_checkResellerLimit($data['max_sql_user_cnt'], $data['current_sql_user_cnt'], $data['nbSqlUsers'], $data['unlimitedSqlUsers'], tr('SQL users')); } if (!$rs) { $errFieldsStack[] = 'max_sql_user_cnt'; } // Check for max monthly traffic limit if (imscp_limit_check($data['max_traff_amnt'], null)) { $rs = admin_checkResellerLimit($data['max_traff_amnt'], $data['current_traff_amnt'], $data['totalTraffic'] / 1048576, $data['unlimitedTraffic'], tr('traffic')); } else { set_page_message(tr('Incorrect limit for %s.', tr('traffic')), 'error'); $rs = false; } if (!$rs) { $errFieldsStack[] = 'max_traff_amnt'; } // Check for max disk space limit if (imscp_limit_check($data['max_disk_amnt'], null)) { $rs = admin_checkResellerLimit($data['max_disk_amnt'], $data['current_disk_amnt'], $data['totalDiskspace'] / 1048576, $data['unlimitedDiskspace'], tr('disk space')); } else { set_page_message(tr('Incorrect limit for %s.', tr('disk space')), 'error'); $rs = false; } if (!$rs) { $errFieldsStack[] = 'max_disk_amnt'; } $needDaemonRequest = false; // Check for PHP settings $phpini = iMSCP_PHPini::getInstance(); $resellerPhpPermissions = $phpini->getResellerPermission(); $phpini->setResellerPermission('phpiniSystem', $data['php_ini_system']); if ($phpini->resellerHasPermission('phpiniSystem')) { // We are safe here; If a value is not valid, previous value is used $phpini->setResellerPermission('phpiniDisableFunctions', $data['php_ini_al_disable_functions']); $phpini->setResellerPermission('phpiniMailFunction', $data['php_ini_al_mail_function']); $phpini->setResellerPermission('phpiniAllowUrlFopen', $data['php_ini_al_allow_url_fopen']); $phpini->setResellerPermission('phpiniDisplayErrors', $data['php_ini_al_display_errors']); $phpini->setResellerPermission('phpiniMemoryLimit', $data['memory_limit']); // Must be set before phpiniPostMaxSize $phpini->setResellerPermission('phpiniPostMaxSize', $data['post_max_size']); // Must be set before phpiniUploadMaxFileSize $phpini->setResellerPermission('phpiniUploadMaxFileSize', $data['upload_max_filesize']); $phpini->setResellerPermission('phpiniMaxExecutionTime', $data['max_execution_time']); $phpini->setResellerPermission('phpiniMaxInputTime', $data['max_input_time']); } else { $phpini->loadResellerPermissions(); // Reset reseller PHP permissions to default values } if (array_diff_assoc($resellerPhpPermissions, $phpini->getResellerPermission())) { // A least one reseller permission has changed. We must synchronize customers permissions $phpini->syncClientPermissionsWithResellerPermissions($resellerId); $needDaemonRequest = true; } unset($resellerPhpPermissions); if (empty($errFieldsStack) && !Zend_Session::namespaceIsset('pageMessages')) { // Update process begin here $oldValues = $newValues = array(); foreach ($data as $property => $value) { if (strpos($property, 'fallback_') !== false) { $property = substr($property, 9); $oldValues[$property] = $value; $newValues[$property] = $data[$property]; } } // Nothing has been changed ? if ($newValues == $oldValues) { set_page_message(tr('Nothing has been changed.'), 'info'); return true; } // Update reseller personal data (including password if needed) $bindParams = array($data['fname'], $data['lname'], $data['gender'], $data['firm'], $data['zip'], $data['city'], $data['state'], $data['country'], $data['email'], $data['phone'], $data['fax'], $data['street1'], $data['street2'], $resellerId); if ($data['password'] != '') { $setPassword = '******'; array_unshift($bindParams, cryptPasswordWithSalt($data['password'])); } else { $setPassword = ''; } exec_query("\n UPDATE admin SET {$setPassword} fname = ?, lname = ?, gender = ?, firm = ?, zip = ?, city = ?,\n state = ?, country = ?, email = ?, phone = ?, fax = ?, street1 = ?, street2 = ?\n WHERE admin_id = ?\n ", $bindParams); // Update reseller properties exec_query(' UPDATE reseller_props SET max_dmn_cnt = ?, max_sub_cnt = ?, max_als_cnt = ?, max_mail_cnt = ?, max_ftp_cnt = ?, max_sql_db_cnt = ?, max_sql_user_cnt = ?, max_traff_amnt = ?, max_disk_amnt = ?, reseller_ips = ?, customer_id = ?, software_allowed = ?, softwaredepot_allowed = ?, websoftwaredepot_allowed = ?, support_system = ?, php_ini_system = ?, php_ini_al_disable_functions = ?, php_ini_al_mail_function = ?, php_ini_al_allow_url_fopen = ?, php_ini_al_display_errors = ?, php_ini_max_post_max_size = ?, php_ini_max_upload_max_filesize = ?, php_ini_max_max_execution_time = ?, php_ini_max_max_input_time = ?, php_ini_max_memory_limit = ? WHERE reseller_id = ? ', array($data['max_dmn_cnt'], $data['max_sub_cnt'], $data['max_als_cnt'], $data['max_mail_cnt'], $data['max_ftp_cnt'], $data['max_sql_db_cnt'], $data['max_sql_user_cnt'], $data['max_traff_amnt'], $data['max_disk_amnt'], implode(';', $resellerIps) . ';', $data['customer_id'], $data['software_allowed'], $data['softwaredepot_allowed'], $data['websoftwaredepot_allowed'], $data['support_system'], $phpini->getResellerPermission('phpiniSystem'), $phpini->getResellerPermission('phpiniDisableFunctions'), $phpini->getResellerPermission('phpiniMailFunction'), $phpini->getResellerPermission('phpiniAllowUrlFopen'), $phpini->getResellerPermission('phpiniDisplayErrors'), $phpini->getResellerPermission('phpiniPostMaxSize'), $phpini->getResellerPermission('phpiniUploadMaxFileSize'), $phpini->getResellerPermission('phpiniMaxExecutionTime'), $phpini->getResellerPermission('phpiniMaxInputTime'), $phpini->getResellerPermission('phpiniMemoryLimit'), $resellerId)); // Updating software installer properties if ($data['software_allowed'] == 'no') { exec_query(' UPDATE domain INNER JOIN admin ON(admin_id = domain_admin_id) SET domain_software_allowed = ? WHERE created_by = ? ', array($data['softwaredepot_allowed'], $resellerId)); } if ($data['websoftwaredepot_allowed'] == 'no') { $stmt = exec_query('SELECT software_id FROM web_software WHERE software_depot = ? AND reseller_id = ?', array('yes', $resellerId)); if ($stmt->rowCount()) { while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) { exec_query('UPDATE web_software_inst SET software_res_del = ? WHERE software_id = ?', array('1', $row['software_id'])); } exec_query('DELETE FROM web_software WHERE software_depot = ? AND reseller_id = ?', array('yes', $resellerId)); } } $db->commit(); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $resellerId)); // Send mail to reseller for new password if ($data['password'] != '') { send_add_user_auto_msg($_SESSION['user_id'], $data['admin_name'], $data['password'], $data['email'], $data['fname'], $data['lname'], tr('Reseller')); } if ($needDaemonRequest) { send_request(); } write_log(sprintf('The %s reseller account has been updated by %s', $data['admin_name'], $_SESSION['user_logged']), E_USER_NOTICE); set_page_message(tr('Reseller account successfully updated.'), 'success'); return true; } } catch (iMSCP_Exception_Database $e) { $db->rollBack(); throw $e; } if (!empty($errFieldsStack)) { iMSCP_Registry::set('errFieldsStack', $errFieldsStack); } return false; }