static function CheckForErrors($username, $password) { global $zdbh; $retval = FALSE; // Check to make sure the username and password is not blank before we go any further... if ($username == '' || $password == '') { self::$blank = TRUE; $retval = TRUE; } // Check for invalid username if (!self::IsValidUserName($username)) { self::$badname = true; $retval = TRUE; } // Check to make sure the cron is not a duplicate... $sql = "SELECT COUNT(*) FROM x_ftpaccounts WHERE ft_user_vc=:userid AND ft_deleted_ts IS NULL"; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':userid', $username); if ($numrows->execute()) { if ($numrows->fetchColumn() != 0) { self::$alreadyexists = TRUE; $retval = TRUE; } } return $retval; }
static function CheckCreateForErrors($username, $packageid, $groupid, $email, $password = "") { global $zdbh; $username = strtolower(str_replace(' ', '', $username)); // Check to make sure the username is not blank or exists before we go any further... if (!fs_director::CheckForEmptyValue($username)) { $sql = "SELECT COUNT(*) FROM x_accounts WHERE UPPER(ac_user_vc)=:user AND ac_deleted_ts IS NULL"; $numrows = $zdbh->prepare($sql); $user = strtoupper($username); $numrows->bindParam(':user', $user); if ($numrows->execute()) { if ($numrows->fetchColumn() != 0) { self::$alreadyexists = true; return false; } } if (!self::IsValidUserName($username)) { self::$badname = true; return false; } } else { self::$userblank = true; return false; } // Check to make sure the packagename is not blank and exists before we go any further... if (!fs_director::CheckForEmptyValue($packageid)) { $sql = "SELECT COUNT(*) FROM x_packages WHERE pk_id_pk=:packageid AND pk_deleted_ts IS NULL"; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':packageid', $packageid); if ($numrows->execute()) { if ($numrows->fetchColumn() == 0) { self::$packageblank = true; return false; } } } else { self::$packageblank = true; return false; } // Check to make sure the groupname is not blank and exists before we go any further... if (!fs_director::CheckForEmptyValue($groupid)) { $sql = "SELECT COUNT(*) FROM x_groups WHERE ug_id_pk=:groupid"; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':groupid', $groupid); if ($numrows->execute()) { if ($numrows->fetchColumn() == 0) { self::$groupblank = true; return; } } } else { self::$groupblank = true; return false; } // Check for invalid characters in the email and that it exists... if (!fs_director::CheckForEmptyValue($email)) { if (!self::IsValidEmail($email)) { self::$bademail = true; return false; } } else { self::$emailblank = true; return false; } // Check that the email address is unique to the user's table if (!fs_director::CheckForEmptyValue($email)) { if (ctrl_users::CheckUserEmailIsUnique($email)) { self::$not_unique_email = false; return true; } else { self::$not_unique_email = true; return false; } } else { self::$not_unique_email = true; return false; } // Check for password length... if (!fs_director::CheckForEmptyValue($password)) { if (strlen($password) < ctrl_options::GetSystemOption('password_minlength')) { self::$badpassword = true; return false; } } else { self::$passwordblank = true; return false; } return true; }
static function CheckCreateForErrors($domain) { global $zdbh; // Check for spaces and remove if found... $domain = strtolower(str_replace(' ', '', $domain)); // Check to make sure the domain is not blank before we go any further... if ($domain == '') { self::$blank = TRUE; return FALSE; } // Check for invalid characters in the domain... if (!self::IsValidDomainName($domain)) { self::$badname = TRUE; return FALSE; } // Check to make sure the domain is in the correct format before we go any further... if (strpos($domain, 'www.') === 0) { self::$error = TRUE; return FALSE; } // Check to see if the domain already exists in Sentora somewhere and redirect if it does.... $sql = "SELECT COUNT(*) FROM x_vhosts WHERE vh_name_vc=:domain AND vh_deleted_ts IS NULL"; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':domain', $domain); if ($numrows->execute()) { if ($numrows->fetchColumn() > 0) { self::$alreadyexists = TRUE; return FALSE; } } // Check to make sure user not adding a subdomain and blocks stealing of subdomains.... // Get shared domain list $SharedDomains = array(); $a = explode(',', ctrl_options::GetSystemOption('shared_domains')); foreach ($a as $b) { $SharedDomains[] = $b; } if (substr_count($domain, ".") > 1) { $part = explode('.', $domain); foreach ($part as $check) { if (!in_array($check, $SharedDomains)) { if (strlen($check) > 13) { $sql = $zdbh->prepare("SELECT * FROM x_vhosts WHERE vh_name_vc LIKE :check AND vh_type_in !=2 AND vh_deleted_ts IS NULL"); $checkSql = '%' . $check . '%'; $sql->bindParam(':check', $checkSql); $sql->execute(); while ($rowcheckdomains = $sql->fetch()) { $subpart = explode('.', $rowcheckdomains['vh_name_vc']); foreach ($subpart as $subcheck) { if (strlen($subcheck) > 3) { if ($subcheck == $check) { if (substr($domain, -7) == substr($rowcheckdomains['vh_name_vc'], -7)) { self::$nosub = TRUE; return FALSE; } } } } } } } } } return TRUE; }
static function CheckCreateForErrors($username, $database, $access) { global $zdbh; // Check to make sure the user name is not blank before we go any further... if ($username == '') { self::$blank = true; return false; } // Check to make sure the user name is not blank before we go any further... if ($username == 'root') { self::$rootabuse = true; return false; } // Check to make sure the user name is not blank before we go any further... if ($database == '') { self::$blank = true; return false; } // Check to make sure the user name is not a duplicate... $sql = "SELECT COUNT(*) FROM x_mysql_users WHERE mu_name_vc=:username AND mu_deleted_ts IS NULL"; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':username', $username); if ($numrows->execute()) { if ($numrows->fetchColumn() != 0) { self::$alreadyexists = true; return false; } } // Check to make sure the user name is not a duplicate (checks actual mysql table)... $sql = "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = :username)"; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':username', $username); if ($numrows->execute()) { if ($numrows->fetchColumn() != 0) { self::$alreadyexists = true; return false; } } // Check for invalid username if (!self::IsValidUserName($username)) { self::$badname = true; return false; } // Check for invalid IP address if ($access != "%" && strtolower($access) != "localhost") { if (!sys_monitoring::IsAnyValidIP($access)) { self::$badIP = true; return false; } } return true; }
static function CheckCreateForErrors($subdomain, $domain) { global $zdbh; // Check for spaces and remove if found... $subdomain = strtolower(str_replace(' ', '', $subdomain)); // Check to make sure the domain is not blank before we go any further... if ($subdomain == '') { self::$blank = TRUE; return FALSE; } // Check for invalid characters in the domain... if (!self::IsValidDomainName($subdomain)) { self::$badname = TRUE; return FALSE; } // Check for input manipulation domains that aren't ours if (!self::IsValidDomain($domain)) { self::$badname = TRUE; return FALSE; } // Check to make sure the domain is in the correct format before we go any further... if (strpos($domain, 'www.') === 0) { self::$error = TRUE; return FALSE; } // Check to see if the domain already exists in MADmin somewhere and redirect if it does.... $sql = "SELECT COUNT(*) FROM x_vhosts WHERE vh_name_vc=:domain AND vh_deleted_ts IS NULL"; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':domain', $subdomain); if ($numrows->execute()) { if ($numrows->fetchColumn() > 0) { self::$alreadyexists = TRUE; return FALSE; } } return TRUE; }
static function CheckCreateForErrors($username, $databasename) { global $zdbh; # Check to make sure the database name is not blank before we go any further... if ($databasename == '') { self::$blank = true; return false; } // Check for invalid username if (!self::IsValidUserName($databasename)) { self::$badname = true; return false; } # Check to make sure the database is not a duplicate... $sql = "SELECT COUNT(*) FROM x_mysql_databases WHERE my_name_vc=:dbName AND my_deleted_ts IS NULL"; $dbName = $username . "_" . $databasename; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':dbName', $dbName); if ($numrows->execute()) { if ($numrows->fetchColumn() != 0) { self::$alreadyexists = true; return false; } } return true; }
static function CheckCreateForErrors($packagename, $uid, $pid = 0) { global $zdbh; $packagename = str_replace(' ', '', $packagename); # Check to make sure the packagename is not blank or exists for reseller before we go any further... if (!fs_director::CheckForEmptyValue($packagename)) { $sql = "SELECT COUNT(*) FROM x_packages WHERE UPPER(pk_name_vc)=:packageNameSlashes AND pk_reseller_fk=:uid AND pk_id_pk !=:pid AND pk_deleted_ts IS NULL"; $packageNameSlashes = addslashes(strtoupper($packagename)); $numrows = $zdbh->prepare($sql); $numrows->bindParam(':packageNameSlashes', $packageNameSlashes); $numrows->bindParam(':uid', $uid); $numrows->bindParam(':pid', $pid); if ($numrows->execute()) { if ($numrows->fetchColumn() != 0) { self::$alreadyexists = true; return false; } } } else { self::$blank = true; return false; } // Check packagename format. if (!self::IsValidPackageName($packagename)) { self::$badname = true; return false; } return true; }