function user($data) { $data = unserialize($data); if (!is_object($data) || !isset($data->user)) { return false; } $cmd = "/usr/sbin/"; $result = false; $USER = $data->user; $PASS = $data->pass; $CGI_SYS = ZH_DATA . "/cgi-system"; if (!is_dir($CGI_SYS)) { mkdir($CGI_SYS, 0700, true); } switch ($data->action) { case 'add': log_msg("Adding user account..."); $pass_crypted = crypt($PASS); $cmd0 = "/usr/sbin/useradd -m -s /bin/bash -p '{$pass_crypted}' {$USER}"; log_msg($cmd0); $result = shell_exec($cmd0); // ADD USER //if(!$result) return; /*echo "Setting password...\n"; $cmd0 = "echo '$USER:$PASS' | chpasswd"; echo "$cmd0\n\n"; $result = shell_exec($cmd0); // SET PASSWORD //if(!$result) return;*/ log_msg("Copying template files..."); $cmd0 = "cp -r {$CGI_SYS}/TEMPLATE {$CGI_SYS}/{$USER}"; log_msg($cmd0); $result = shell_exec($cmd0); // MAKE FASTCGI WRAPPERS //if(!$result) return; log_msg("Updating template files..."); $cmd0 = "sed -i 's/TEMPLATE/{$USER}/g' {$CGI_SYS}/{$USER}/*"; log_msg($cmd0); $result = shell_exec($cmd0); // DO UPDATE //if(!$result) return; log_msg("Fixing ownership..."); $cmd0 = "chown -R {$USER}.{$USER} {$CGI_SYS}/{$USER}"; log_msg($cmd0); $result = shell_exec($cmd0); // FIX PERMISSIONS //if(!$result) return; log_msg("Fixing permissions..."); $cmd0 = "chmod -R 755 {$CGI_SYS}/{$USER}"; log_msg($cmd0); $result = shell_exec($cmd0); // FIX PERMISSIONS //if(!$result) return; log_msg("Fixing ownership..."); $cmd0 = "chmod 711 /home/{$USER}"; log_msg($cmd0); $result = shell_exec($cmd0); // FIX PERMISSIONS //if(!$result) return; $passwd = file_get_contents('/etc/passwd'); preg_match("#\n{$USER}:x:(\\d+):(\\d+)#", $str, $out); $uid = $out[1]; $gid = $out[2]; global $pdo; $pdo->update('user', array('uid' => $uid, 'gid' => $gid), "user='******'"); syncFtpUsers(false); global $zhd; $zhd->proftpd('restart'); break; case 'mod': $pass_crypted = getcrypted($PASS); $cmd .= "/usr/sbin/usermod -p '{$pass_crypted}' {$USER}"; $result = shell_exec($cmd); syncFtpUsers(false); global $zhd; $zhd->proftpd('restart'); break; case 'del': // DANGEROUS log_msg('Backup user\'s files...'); $cmd0 = "mv -f /home/{$USER} /home/backup/"; log_msg($cmd0); $result = shell_exec($cmd0); // DO A BACKUP FIRST log_msg("Deleting user account..."); $cmd0 = "/usr/sbin/userdel -rf {$USER}"; log_msg($cmd0); $result = shell_exec($cmd0); log_msg("Deleting user's fcgid wrappers..."); $cmd0 = "rm -rf {$CGI_SYS}/{$USER}"; log_msg($cmd0); $result = shell_exec($cmd0); break; case 'jail': $service .= $cmd; break; case 'unjail': $service .= $cmd; break; default: return false; } return $result; }
function chpasswd($user, $pass) { global $pdo; if (PHP_OS == 'WINNT') { $uid = getuid($user); if ($uid < 1000 || $uid > 10000) { return false; } $p = "/\n{$user}:([^:]*:\\d+):0:46714:7:::/"; $shadow = getfile('/etc/shadow'); //backupConf('shadow'); $str = file_get_contents($shadow); if (!preg_match($p, $str, $out)) { return false; } $newpass = getcrypted($pass); $last_modified = ceil(time() / 3600 / 24); $from = "\n{$user}:" . $out[1]; $to = "\n{$user}:{$newpass}:{$last_modified}"; $str = str_replace($from, $to, $str); return file_put_contents($shadow, $str); } else { $pass = getcrypted($pass); $cmd = "usermod -p '{$pass}' {$user} 2>&1"; $res = `{$cmd}`; if ($res) { setmsg($res, 'error'); } else { return true; } } sync(); $update = array('pass' => $pass); return $pdo->update('user', $update, " user='******'"); }