예제 #1
0
/**
* Delete domain with all sub items (usage in admin and reseller)
* @param integer $domain_id
* @param string $goto users.php or manage_users.php
* @param boolean $breseller double check by reseller=current user
*/
function delete_domain($domain_id, $goto, $breseller = false)
{
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    // Get uid and gid of domain user
    $query = "\n\t\tSELECT\n\t\t\t`domain_uid`,\n\t\t\t`domain_gid`,\n\t\t\t`domain_admin_id`,\n\t\t\t`domain_name`,\n\t\t\t`domain_created_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
    if ($breseller) {
        $reseller_id = $_SESSION['user_id'];
        $query .= " AND `domain_created_id` = ?";
        $res = exec_query($sql, $query, array($domain_id, $reseller_id));
    } else {
        $res = exec_query($sql, $query, $domain_id);
    }
    $data = $res->fetchRow();
    if (empty($data['domain_uid']) || empty($data['domain_admin_id'])) {
        set_page_message(tr('Wrong domain ID!'), 'error');
        user_goto($goto);
    }
    $domain_admin_id = $data['domain_admin_id'];
    $domain_name = $data['domain_name'];
    $domain_uid = $data['domain_uid'];
    $domain_gid = $data['domain_gid'];
    if (!$breseller) {
        $reseller_id = $data['domain_created_id'];
    }
    // Mail users:
    $query = "\n\t\tUPDATE\n\t\t\t`mail_users`\n\t\tSET\n\t\t\t`status` = ?\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
    exec_query($sql, $query, array($cfg->ITEM_DELETE_STATUS, $domain_id));
    send_request('130 MAIL ' . $domain_id);
    // Delete all protected areas related data (areas, groups and users)
    $query = "\n\t\tDELETE\n\t\t\t`areas`,\n\t\t\t`users`,\n\t\t\t`groups`\n\t\tFROM\n\t\t\t`domain` AS `customer`\n\t\tLEFT JOIN\n\t\t\t`htaccess` AS `areas` ON `areas`.`dmn_id` = `customer`.`domain_id`\n\t\tLEFT JOIN\n\t\t\t`htaccess_users` AS `users` ON `users`.`dmn_id` = `customer`.`domain_id`\n\t\tLEFT JOIN\n\t\t\t`htaccess_groups` AS `groups` ON `groups`.`dmn_id` = `customer`.`domain_id`\n\t\tWHERE\n\t\t\t`customer`.`domain_id` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_id);
    // Delete subdomain aliases:
    $alias_a = array();
    $query = "\n\t\tSELECT\n\t\t\t`alias_id`\n\t\tFROM\n\t\t\t`domain_aliasses`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
    $res = exec_query($sql, $query, $domain_id);
    while (!$res->EOF) {
        $alias_a[] = $res->fields['alias_id'];
        $res->moveNext();
    }
    if (count($alias_a) > 0) {
        $query = "\n\t\t\tUPDATE\n\t\t\t\t`subdomain_alias`\n\t\t\tSET\n\t\t\t\t`status` = ?\n\t\t\tWHERE\n\t\t\t\t`alias_id` IN (\n\t\t";
        $query .= implode(',', $alias_a);
        $query .= ")";
        exec_query($sql, $query, $cfg->ITEM_DELETE_STATUS);
    }
    // Delete SQL databases and users
    $query = "\n\t\tSELECT\n\t\t\t`sqld_id`\n\t\tFROM\n\t\t\t`sql_database`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
    $res = exec_query($sql, $query, $domain_id);
    while (!$res->EOF) {
        delete_sql_database($sql, $domain_id, $res->fields['sqld_id']);
        $res->moveNext();
    }
    // Domain aliases:
    $query = "\n\t\tUPDATE\n\t\t\tdomain_aliasses\n\t\tSET\n\t\t\tstatus =  ?\n\t\tWHERE\n\t\t\tdomain_id = ?\n\t\t;\n\t";
    exec_query($sql, $query, array($cfg->ITEM_DELETE_STATUS, $domain_id));
    // Remove domain traffic
    $query = "\n\t\tDELETE FROM\n\t\t\t`domain_traffic`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_id);
    // Set domain deletion status
    $query = "\n\t\tUPDATE\n\t\t\t`domain`\n\t\tSET\n\t\t\t`status` = 'delete'\n\t\tWHERE\n\t\t`domain_id` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_id);
    // Set domain subdomains deletion status
    $query = "\n\t\tUPDATE\n\t\t\t`subdomain`\n\t\tSET\n\t\t\t`status` = ?\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
    exec_query($sql, $query, array($cfg->ITEM_DELETE_STATUS, $domain_id));
    // --- Activate daemon ---
    send_request('110 DOMAIN domain ' . $domain_id);
    // Delete FTP users:
    $query = "\n\t\tDELETE FROM\n\t\t\t`ftp_users`\n\t\tWHERE\n\t\t\t`uid` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_uid);
    // Delete FTP groups:
    $query = "\n\t\tDELETE FROM\n\t\t\t`ftp_group`\n\t\tWHERE\n\t\t\t`gid` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_gid);
    // Delete EasySCP login:
    $query = "\n\t\tDELETE FROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_admin_id);
    // Delete the quota section:
    $query = "\n\t\tDELETE FROM\n\t\t\t`quotalimits`\n\t\tWHERE\n\t\t\t`name` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_name);
    // Delete the quota section:
    $query = "\n\t\tDELETE FROM\n\t\t\t`quotatallies`\n\t\tWHERE\n\t\t\t`name` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_name);
    // Remove support tickets:
    $query = "\n\t\tDELETE FROM\n\t\t\t`tickets`\n\t\tWHERE\n\t\t\tticket_from = ?\n\t\tOR\n\t\t\tticket_to = ?\n\t\t;\n\t";
    exec_query($sql, $query, array($domain_admin_id, $domain_admin_id));
    // Delete user gui properties
    $query = "\n\t\tDELETE FROM\n\t\t\t`user_gui_props`\n\t\tWHERE\n\t\t\t`user_id` = ?\n\t\t;\n\t";
    exec_query($sql, $query, $domain_admin_id);
    write_log($_SESSION['user_logged'] . ': deletes domain ' . $domain_name);
    update_reseller_c_props($reseller_id);
    $_SESSION['ddel'] = '_yes_';
    user_goto($goto);
}
예제 #2
0
    $query = "SELECT COUNT(`mail_id`) AS cnt FROM `mail_users` WHERE (`mail_type` LIKE '" . MT_SUBDOM_MAIL . "%' OR `mail_type` = '" . MT_SUBDOM_FORWARD . "') AND `sub_id` = ?";
    $rs = exec_query($sql, $query, $sub_id);
    if ($rs->fields['cnt'] > 0) {
        set_page_message(tr('The subdomain you are trying to remove has email accounts!<br />Rremove them first!'), 'warning');
        user_goto('domains_manage.php');
    }
    // check for existing aliassubdomains
    $sql_param = array(':subdomain_id' => $sub_id);
    $query = "\n\t\tSELECT \n\t\t\tCOUNT(subdomain_alias_id) AS cnt\n\t\tFROM\n\t\t\tsubdomain_alias\n\t\tWHERE\n\t\t\tsubdomain_id = :subdomain_id\n\t";
    DB::prepare($query);
    $row = DB::execute($sql_param)->fetch();
    if ($row['cnt'] > 0) {
        set_page_message(tr('The subdomain you are trying to remove has aliassubdomains assigned!<br />Rremove them first!'), 'warning');
        user_goto('domains_manage.php');
    }
    $query = "\n\t\tUPDATE\n\t\t\t`subdomain`\n\t\tSET\n\t\t\t`status` = 'delete'\n\t\tWHERE\n\t\t\t`subdomain_id` = ?\n\t";
    $rs = exec_query($sql, $query, $sub_id);
    $query = "\n\t\tUPDATE\n\t\t\t`domain`\n\t\tSET\n\t\t\t`status` = 'change'\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
    $rs = exec_query($sql, $query, $dmn_id);
    update_reseller_c_props(get_reseller_id($dmn_id));
    if ($_POST['dmn_type'] == 'als') {
        send_request('110 DOMAIN alias ' . $dmn_id);
    } else {
        send_request('110 DOMAIN domain ' . $dmn_id);
    }
    write_log($_SESSION['user_logged'] . ": deletes subdomain: " . $sub_name);
    set_page_message(tr('Subdomain scheduled for deletion!'), 'info');
    user_goto('domains_manage.php');
} else {
    user_goto('domains_manage.php');
}
예제 #3
0
            $res_tmp = exec_query($sql, "SELECT `subdomain_name` FROM `subdomain` WHERE `subdomain_id` = ?", $data['sub_id']);
            $dat_tmp = $res_tmp->fetchRow();
            $mail_name = $data['mail_acc'] . '@' . $dat_tmp['subdomain_name'] . '.' . $dmn_name;
        } else {
            if (preg_match("/" . MT_ALSSUB_MAIL . "/", $data['mail_type']) || preg_match("/" . MT_ALSSUB_FORWARD . "/", $data['mail_type'])) {
                // mail to subdomain
                $res_tmp = exec_query($sql, "SELECT `subdomain_alias_name`, `alias_name` FROM `subdomain_alias` AS t1, `domain_aliasses` AS t2 WHERE t1.`alias_id` = t2.`alias_id` AND `subdomain_alias_id` = ?", $data['sub_id']);
                $dat_tmp = $res_tmp->fetchRow();
                $mail_name = $data['mail_acc'] . '@' . $dat_tmp['subdomain_alias_name'] . '.' . $dat_tmp['alias_name'];
            }
        }
    }
}
$query = "SELECT `mail_id` FROM `mail_users` WHERE `mail_acc` = ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ?";
$res_tmp = exec_query($sql, $query, array($mail_name, "{$mail_name},%", "%,{$mail_name},%", "%,{$mail_name}"));
$num = $res_tmp->rowCount();
if ($num > 0) {
    set_page_message(tr('First delete the CatchAll account for this email!'), 'warning');
    $_SESSION['catchall_assigned'] = 1;
    user_goto('mail_accounts.php');
}
$sql_param = array(':status' => $cfg->ITEM_DELETE_STATUS, ':mail_id' => $delete_id);
$sql_query = "\n\tUPDATE\n\t\t`mail_users`\n\tSET\n\t\t`status` = :status\n\tWHERE\n\t\t`mail_id` = :mail_id\n";
DB::prepare($sql_query);
DB::execute($sql_param);
update_reseller_c_props(get_reseller_id($data['domain_id']));
send_request('130 MAIL ' . $data['domain_id']);
$admin_login = decode_idna($_SESSION['user_logged']);
write_log("{$admin_login}: deletes mail account: " . $mail_name);
$_SESSION['maildel'] = 1;
user_goto('mail_accounts.php');
예제 #4
0
function add_sql_database($sql, $user_id)
{
    $cfg = EasySCP_Registry::get('Config');
    if (!isset($_POST['uaction'])) {
        return;
    }
    // let's generate database name.
    if (empty($_POST['db_name'])) {
        set_page_message(tr('Please specify a database name!'), 'warning');
        return;
    }
    $dmn_id = get_user_domain_id($user_id);
    if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
        // we'll use domain_id in the name of the database;
        if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
            $db_name = $dmn_id . "_" . clean_input($_POST['db_name']);
        } else {
            if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
                $db_name = clean_input($_POST['db_name']) . "_" . $dmn_id;
            }
        }
    } else {
        $db_name = clean_input($_POST['db_name']);
    }
    if (strlen($db_name) > $cfg->MAX_SQL_DATABASE_LENGTH) {
        set_page_message(tr('Database name is too long!'), 'warning');
        return;
    }
    // have we such database in the system!?
    if (check_db_name($sql, $db_name)) {
        set_page_message(tr('Specified database name already exists!'), 'warning');
        return;
    }
    // are wildcards used?
    if (preg_match("/[%|\\?]+/", $db_name)) {
        set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
        return;
    }
    DB::query('CREATE DATABASE IF NOT EXISTS `' . $db_name . '` DEFAULT CHARACTER SET ' . EasyConfig::$cfg->DATABASE_DEFAULT_CHARACTER_SET . ' COLLATE ' . EasyConfig::$cfg->DATABASE_DEFAULT_COLLATE . ';')->closeCursor();
    $sql_param = array(':domain_id' => $dmn_id, ':sqld_name' => $db_name);
    $sql_query = "\n\t\tINSERT INTO\n\t\t\tsql_database (domain_id, sqld_name, status)\n\t\tVALUES\n\t\t\t(:domain_id, :sqld_name, 'ok');\n\t";
    DB::prepare($sql_query);
    DB::execute($sql_param)->closeCursor();
    update_reseller_c_props(get_reseller_id($dmn_id));
    write_log($_SESSION['user_logged'] . ": adds new SQL database: " . tohtml($db_name));
    set_page_message(tr('SQL database created successfully!'), 'info');
    user_goto('sql_manage.php');
}
예제 #5
0
/**
 * Check and updates domain data
 *
 * @throws iMSCP_Exception_Database
 * @param int $domainId Domain unique identifier
 * @return bool TRUE on success, FALSE otherwise
 */
function reseller_checkAndUpdateData($domainId)
{
    $db = iMSCP_Database::getInstance();
    $errFieldsStack = array();
    try {
        // Getting domain data
        $data =& reseller_getData($domainId, true);
        // Check for expires date
        if ($data['domain_never_expires'] == 'off') {
            if (!preg_match('%^\\d{2}/\\d{2}/\\d{4}$%', $data['domain_expires']) || ($timestamp = strtotime($data['domain_expires'])) === false) {
                $data['domain_expires_ok'] = false;
                set_page_message(tr('Wrong syntax for new expire date.'), 'error');
                $errFieldsStack[] = 'domain_expires';
            } elseif ($timestamp != 0 && $timestamp <= time()) {
                $data['domain_expires'] = $timestamp;
                set_page_message(tr('You cannot set expire date in past.'), 'error');
                $errFieldsStack[] = 'domain_expires';
            } else {
                $data['domain_expires'] = $timestamp;
            }
        } else {
            $data['domain_expires'] = 0;
        }
        // Check for the subdomains limit
        if ($data['fallback_domain_subd_limit'] != -1) {
            if (!imscp_limit_check($data['domain_subd_limit'])) {
                set_page_message(tr('Wrong syntax for the %s limit.', tr('subdomains')), 'error');
                $errFieldsStack[] = 'domain_subd_limit';
            } elseif (!_reseller_isValidServiceLimit($data['domain_subd_limit'], $data['nbSubdomains'], $data["fallback_domain_subd_limit"], $data['current_sub_cnt'], $data['max_sub_cnt'], $data['nbSubdomains'] > 1 ? tr('subdomains') : tr('subdomain'))) {
                $errFieldsStack[] = 'domain_subd_limit';
            }
        }
        // Check for the domain aliases limit
        if ($data['fallback_domain_alias_limit'] != -1) {
            if (!imscp_limit_check($data['domain_alias_limit'])) {
                set_page_message(tr('Wrong syntax for the %s limit.', tr('domain aliases')), 'error');
                $errFieldsStack[] = 'domain_alias_limit';
            } elseif (!_reseller_isValidServiceLimit($data['domain_alias_limit'], $data['nbAliasses'], $data["fallback_domain_alias_limit"], $data['current_als_cnt'], $data['max_als_cnt'], $data['nbAliasses'] > 1 ? tr('domain aliases') : tr('domain alias'))) {
                $errFieldsStack[] = 'domain_alias_limit';
            }
        }
        // Check for the mail accounts limit
        if ($data['fallback_domain_mailacc_limit'] != -1) {
            if (!imscp_limit_check($data['domain_mailacc_limit'])) {
                set_page_message(tr('Wrong syntax for the %s limit.', tr('email accounts')), 'error');
                $errFieldsStack[] = 'domain_mailacc_limit';
            } elseif (!_reseller_isValidServiceLimit($data['domain_mailacc_limit'], $data['nbMailAccounts'], $data["fallback_domain_mailacc_limit"], $data['current_mail_cnt'], $data['max_mail_cnt'], $data["nbMailAccounts"] > 1 ? tr('email accounts') : tr('email account'))) {
                $errFieldsStack[] = 'domain_mailacc_limit';
            }
        }
        // Check for the Ftp accounts limit
        if ($data['fallback_domain_ftpacc_limit'] != -1) {
            if (!imscp_limit_check($data['domain_ftpacc_limit'])) {
                set_page_message(tr('Wrong syntax for the %s limit.', tr('Ftp accounts')), 'error');
                $errFieldsStack[] = 'domain_ftpacc_limit';
            } elseif (!_reseller_isValidServiceLimit($data['domain_ftpacc_limit'], $data['nbFtpAccounts'], $data["fallback_domain_ftpacc_limit"], $data['current_ftp_cnt'], $data['max_ftp_cnt'], $data['nbFtpAccounts'] > 1 ? tr('Ftp accounts') : tr('Ftp account'))) {
                $errFieldsStack[] = 'domain_ftpacc_limit';
            }
        }
        // Check for the Sql databases limit
        if ($data['fallback_domain_sqld_limit'] != -1) {
            if (!imscp_limit_check($data['domain_sqld_limit'])) {
                set_page_message(tr('Wrong syntax for the %s limit.', tr('SQL databases')), 'error');
                $errFieldsStack[] = 'domain_sqld_limit';
            } elseif (!_reseller_isValidServiceLimit($data['domain_sqld_limit'], $data['nbSqlDatabases'], $data["fallback_domain_sqld_limit"], $data['current_sql_db_cnt'], $data['max_sql_db_cnt'], $data['nbSqlDatabases'] > 1 ? tr('SQL databases') : tr('SQL database'))) {
                $errFieldsStack[] = 'domain_sqld_limit';
            } elseif ($data['domain_sqld_limit'] != -1 && $data['domain_sqlu_limit'] == -1) {
                set_page_message(tr('SQL user limit is disabled.'), 'error');
                $errFieldsStack[] = 'domain_sqld_limit';
                $errFieldsStack[] = 'domain_sqlu_limit';
            }
        }
        // Check for the Sql users limit
        if ($data['fallback_domain_sqlu_limit'] != -1) {
            if (!imscp_limit_check($data['domain_sqlu_limit'])) {
                set_page_message(tr('Wrong syntax for the %s limit.', tr('SQL users')), 'error');
                $errFieldsStack[] = 'domain_sqlu_limit';
            } elseif (!_reseller_isValidServiceLimit($data['domain_sqlu_limit'], $data['nbSqlUsers'], $data["fallback_domain_sqlu_limit"], $data['current_sql_user_cnt'], $data['max_sql_user_cnt'], $data['nbSqlUsers'] > 1 ? tr('SQL users') : tr('SQL user'))) {
                $errFieldsStack[] = 'domain_sqlu_limit';
            } elseif ($data['domain_sqlu_limit'] != -1 && $data['domain_sqld_limit'] == -1) {
                set_page_message(tr('SQL database limit is disabled.'), 'error');
                $errFieldsStack[] = 'domain_sqlu_limit';
                $errFieldsStack[] = 'domain_sqld_limit';
            }
        }
        // Check for the monthly traffic limit
        if (!imscp_limit_check($data['domain_traffic_limit'], null)) {
            set_page_message(tr('Wrong syntax for the %s limit.', tr('traffic')), 'error');
            $errFieldsStack[] = 'domain_traffic_limit';
        } elseif (!_reseller_isValidServiceLimit($data['domain_traffic_limit'], $data['domainTraffic'] / 1048576, $data["fallback_domain_traffic_limit"], $data['current_traff_amnt'], $data['max_traff_amnt'], tr('traffic'))) {
            $errFieldsStack[] = 'domain_traffic_limit';
        }
        // Check for the disk space limit
        if (!imscp_limit_check($data['domain_disk_limit'], null)) {
            set_page_message(tr('Wrong syntax for the %s limit.', tr('disk space')), 'error');
            $errFieldsStack[] = 'domain_disk_limit';
        } elseif (!_reseller_isValidServiceLimit($data['domain_disk_limit'], $data['domain_disk_usage'] / 1048576, $data["fallback_domain_disk_limit"], $data['current_disk_amnt'], $data['max_disk_amnt'], tr('disk space'))) {
            $errFieldsStack[] = 'domain_disk_limit';
        }
        // Check for mail quota
        if ($data['fallback_domain_mailacc_limit'] != -1) {
            if (!imscp_limit_check($data['mail_quota'], null)) {
                set_page_message(tr('Wrong syntax for the mail quota value.'), 'error');
                $errFieldsStack[] = 'mail_quota';
            } elseif ($data['domain_disk_limit'] != 0 && $data['mail_quota'] > $data['domain_disk_limit']) {
                set_page_message(tr('Email quota cannot be bigger than disk space limit.'), 'error');
                $errFieldsStack[] = 'mail_quota';
            } elseif ($data['domain_disk_limit'] != 0 && $data['mail_quota'] == 0) {
                set_page_message(tr('Email quota cannot be unlimited. Max value is %d MiB.', $data['domain_disk_limit']), 'error');
                $errFieldsStack[] = 'mail_quota';
            } else {
                $mailData = reseller_getMailData($data['domain_id'], $data['fallback_mail_quota']);
                if ($data['mail_quota'] != 0 && $data['mail_quota'] < $mailData['nb_mailboxes']) {
                    set_page_message(tr('Email quota cannot be lower than %d. Each mailbox should have a least 1 MiB quota.', $mailData['nb_mailboxes']), 'error');
                    $errFieldsStack[] = 'mail_quota';
                }
            }
        } else {
            $data['mail_quota'] = 0;
        }
        // Check for PHP support
        $data['domain_php'] = in_array($data['domain_php'], array('no', 'yes')) ? $data['domain_php'] : $data['fallback_domain_php'];
        // PHP editor
        $phpini = iMSCP_PHPini::getInstance();
        // Needed to track changes
        $phpiniClientPerms = $phpini->getClientPermission();
        $phpiniDomainConf = $phpini->getDomainIni();
        if (isset($_POST['php_ini_system']) && $data['domain_php'] == 'yes' && $phpini->resellerHasPermission('phpiniSystem')) {
            $phpini->setClientPermission('phpiniSystem', clean_input($_POST['php_ini_system']));
            if ($phpini->clientHasPermission('phpiniSystem')) {
                if (isset($_POST['phpini_perm_allow_url_fopen'])) {
                    $phpini->setClientPermission('phpiniAllowUrlFopen', clean_input($_POST['phpini_perm_allow_url_fopen']));
                }
                if (isset($_POST['phpini_perm_display_errors'])) {
                    $phpini->setClientPermission('phpiniDisplayErrors', clean_input($_POST['phpini_perm_display_errors']));
                }
                if (isset($_POST['phpini_perm_disable_functions'])) {
                    $phpini->setClientPermission('phpiniDisableFunctions', clean_input($_POST['phpini_perm_disable_functions']));
                }
                if (isset($_POST['phpini_perm_mail_function'])) {
                    $phpini->setClientPermission('phpiniMailFunction', clean_input($_POST['phpini_perm_mail_function']));
                }
                if (isset($_POST['memory_limit'])) {
                    // Must be set before phpiniPostMaxSize
                    $phpini->setDomainIni('phpiniMemoryLimit', clean_input($_POST['memory_limit']));
                }
                if (isset($_POST['post_max_size'])) {
                    // Must be set before phpiniUploadMaxFileSize
                    $phpini->setDomainIni('phpiniPostMaxSize', clean_input($_POST['post_max_size']));
                }
                if (isset($_POST['upload_max_filezize'])) {
                    $phpini->setDomainIni('phpiniUploadMaxFileSize', clean_input($_POST['upload_max_filezize']));
                }
                if (isset($_POST['max_execution_time'])) {
                    $phpini->setDomainIni('phpiniMaxExecutionTime', clean_input($_POST['max_execution_time']));
                }
                if (isset($_POST['max_input_time'])) {
                    $phpini->setDomainIni('phpiniMaxInputTime', clean_input($_POST['max_input_time']));
                }
            } else {
                $phpini->loadClientPermissions();
                // Reset client PHP permissions
                $phpini->loadDomainIni();
                // Reset domain PHP configuration options
            }
        } else {
            $phpini->loadClientPermissions();
            // Reset client PHP permissions
            $phpini->loadDomainIni();
            // Reset domain PHP configuration options
        }
        // Check for CGI support
        $data['domain_cgi'] = in_array($data['domain_cgi'], array('no', 'yes')) ? $data['domain_cgi'] : $data['fallback_domain_cgi'];
        // Check for custom DNS records support
        $data['domain_dns'] = in_array($data['domain_dns'], array('no', 'yes')) ? $data['domain_dns'] : $data['fallback_domain_dns'];
        // Check for APS support
        $data['domain_software_allowed'] = in_array($data['domain_software_allowed'], array('no', 'yes')) ? $data['domain_software_allowed'] : $data['fallback_domain_software_allowed'];
        // Check for External mail server support
        $data['domain_external_mail'] = in_array($data['domain_external_mail'], array('no', 'yes')) ? $data['domain_external_mail'] : $data['fallback_domain_external_mail'];
        // Check for backup support
        $data['allowbackup'] = is_array($data['allowbackup']) ? array_intersect($data['allowbackup'], array('dmn', 'sql', 'mail')) : $data['fallback_allowbackup'];
        // Check for Web folder protection support
        $data['web_folder_protection'] = in_array($data['web_folder_protection'], array('no', 'yes')) ? $data['web_folder_protection'] : $data['fallback_web_folder_protection'];
        if (empty($errFieldsStack) && !Zend_Session::namespaceIsset('pageMessages')) {
            // Update process begin here
            $oldValues = array();
            $newValues = array();
            foreach ($data as $property => $value) {
                if (strpos($property, 'fallback_') !== false) {
                    $property = substr($property, 9);
                    $oldValues[$property] = $value;
                    $newValues[$property] = $data[$property];
                }
            }
            $needDaemonRequest = false;
            if ($newValues == $oldValues && $phpiniClientPerms == $phpini->getClientPermission() && $phpiniDomainConf == $phpini->getDomainIni()) {
                set_page_message(tr('Nothing has been changed.'), 'info');
                return true;
            }
            iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditDomain, array('domainId' => $domainId));
            $db->beginTransaction();
            if ($phpiniClientPerms != $phpini->getClientPermission() || $phpiniDomainConf != $phpini->getDomainIni()) {
                $phpini->updateDomainConfigOptions($data['admin_id']);
                $needDaemonRequest = true;
            }
            // PHP or CGI was either enabled or disabled or PHP Settings were changed, web folder protection
            // properties have been updated, or domain IP was changed, so we must update the vhosts files
            // of all domain entities (dmn, sub, als, alssub)
            if ($needDaemonRequest || $data['domain_php'] != $data['fallback_domain_php'] || $data['domain_cgi'] != $data['fallback_domain_cgi'] || $data['web_folder_protection'] != $data['fallback_web_folder_protection'] || $data['domain_ip_id'] != $data['fallback_domain_ip_id']) {
                if ($data['domain_alias_limit'] != '-1') {
                    exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE domain_id = ? AND alias_status <> ?', array('tochange', $domainId, 'ordered'));
                }
                $needDaemonRequest = true;
            }
            if ($data['domain_dns'] != $data['fallback_domain_dns'] && $data['domain_dns'] == 'no') {
                // Support for custom DNS records is now disabled - We must delete all custom DNS entries
                // (except those that are protected), and update the DNS zone file
                exec_query('DELETE FROM domain_dns WHERE domain_id = ? AND owned_by = ?', array($domainId, 'custom_dns_feature'));
                $needDaemonRequest = true;
            }
            // Update domain properties
            exec_query('
                    UPDATE
                        domain
                    SET
                        domain_expires = ?, domain_last_modified = ?, domain_mailacc_limit = ?, domain_ftpacc_limit = ?,
                        domain_traffic_limit = ?, domain_sqld_limit = ?, domain_sqlu_limit = ?, domain_status = ?,
                        domain_alias_limit = ?, domain_subd_limit = ?, domain_ip_id = ?, domain_disk_limit = ?,
                        domain_php = ?, domain_cgi = ?, allowbackup = ?, domain_dns = ?,  domain_software_allowed = ?,
                        phpini_perm_system = ?, phpini_perm_allow_url_fopen = ?, phpini_perm_display_errors = ?,
                        phpini_perm_disable_functions = ?, phpini_perm_mail_function = ?, domain_external_mail = ?,
                        web_folder_protection = ?,
                        mail_quota = ?
                    WHERE
                        domain_id = ?
                ', array($data['domain_expires'], time(), $data['domain_mailacc_limit'], $data['domain_ftpacc_limit'], $data['domain_traffic_limit'], $data['domain_sqld_limit'], $data['domain_sqlu_limit'], $needDaemonRequest ? 'tochange' : 'ok', $data['domain_alias_limit'], $data['domain_subd_limit'], $data['domain_ip_id'], $data['domain_disk_limit'], $data['domain_php'], $data['domain_cgi'], implode('|', $data['allowbackup']), $data['domain_dns'], $data['domain_software_allowed'], $phpini->getClientPermission('phpiniSystem'), $phpini->getClientPermission('phpiniAllowUrlFopen'), $phpini->getClientPermission('phpiniDisplayErrors'), $phpini->getClientPermission('phpiniDisableFunctions'), $phpini->getClientPermission('phpiniMailFunction'), $data['domain_external_mail'], $data['web_folder_protection'], $data['mail_quota'] * 1048576, $domainId));
            //print 'ouch'; exit;
            // Sync mailboxes quota if needed
            if ($data['fallback_mail_quota'] != $data['mail_quota'] * 1048576) {
                sync_mailboxes_quota($domainId, $data['mail_quota'] * 1048576);
            }
            // Update domain alias IP if needed
            if ($data['domain_ip_id'] != $data['fallback_domain_ip_id']) {
                if ($data['domain_alias_limit'] != '-1') {
                    exec_query('UPDATE domain_aliasses SET alias_ip_id = ? WHERE domain_id = ?', array($data['domain_ip_id'], $domainId));
                }
            }
            // Update Ftp quota limit if needed
            if ($data['domain_disk_limit'] != $data['fallback_domain_disk_limit']) {
                exec_query('
                        REPLACE INTO quotalimits (
                            name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail,
                            bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail
                        ) VALUES (
                            ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
                        )
                    ', array($data['domain_name'], 'group', 'false', 'hard', $data['domain_disk_limit'] * 1048576, 0, 0, 0, 0, 0));
            }
            // Update reseller properties
            update_reseller_c_props($data['reseller_id']);
            $db->commit();
            iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditDomain, array('domainId' => $domainId));
            if ($needDaemonRequest) {
                send_request();
                set_page_message(tr('Domain scheduled for update.'), 'success');
            } else {
                set_page_message(tr('Domain successfully updated.'), 'success');
            }
            $userLogged = isset($_SESSION['logged_from']) ? $_SESSION['logged_from'] : $_SESSION['user_logged'];
            write_log("Domain " . decode_idna($data['domain_name']) . " has been updated by {$userLogged}", E_USER_NOTICE);
            return true;
        }
    } catch (iMSCP_Exception_Database $e) {
        $db->rollBack();
        throw $e;
    }
    if (!empty($errFieldsStack)) {
        iMSCP_Registry::set('errFieldsStack', $errFieldsStack);
    }
    return false;
}
예제 #6
0
/**
 * Save data for new user in db
 */
function add_user_data($reseller_id)
{
    global $hpid, $dmn_name, $dmn_expire, $dmn_user_name, $admin_login, $user_email, $customer_id, $first_name, $last_name, $gender, $firm, $zip, $city, $state, $country, $street_one, $street_two, $phone, $fax, $inpass, $domain_ip, $dns, $backup, $countbackup;
    $sql = EasySCP_Registry::get('Db');
    $cfg = EasySCP_Registry::get('Config');
    // Let's get Desired Hosting Plan Data;
    $err_msg = '';
    if (!empty($err_msg)) {
        set_page_message($err_msg, 'error');
        return false;
    }
    if (isset($_SESSION["ch_hpprops"])) {
        $props = $_SESSION["ch_hpprops"];
        unset($_SESSION["ch_hpprops"]);
    } else {
        if (isset($cfg->HOSTING_PLANS_LEVEL) && $cfg->HOSTING_PLANS_LEVEL === 'admin') {
            $query = 'SELECT `props` FROM `hosting_plans` WHERE `id` = ?';
            $res = exec_query($sql, $query, $hpid);
        } else {
            $query = "SELECT `props` FROM `hosting_plans` WHERE `reseller_id` = ? AND `id` = ?";
            $res = exec_query($sql, $query, array($reseller_id, $hpid));
        }
        $data = $res->fetchRow();
        $props = unserialize($data['props']);
    }
    $php = $props['allow_php'];
    $phpe = $props['allow_php_editor'];
    $cgi = $props['allow_cgi'];
    $sub = $props['subdomain_cnt'];
    $als = $props['alias_cnt'];
    $mail = $props['mail_cnt'];
    $ftp = $props['ftp_cnt'];
    $sql_db = $props['db_cnt'];
    $sql_user = $props['sqluser_cnt'];
    $traff = $props['traffic'];
    $disk = $props['disk'];
    $backup = $props['allow_backup'];
    $countbackup = $props['disk_countbackup'];
    $dns = $props['allow_dns'];
    $ssl = $props['allow_ssl'];
    $php = preg_replace("/\\_/", "", $php);
    $phpe = preg_replace("/\\_/", "", $phpe);
    $cgi = preg_replace("/\\_/", "", $cgi);
    $ssl = preg_replace("/\\_/", "", $ssl);
    $backup = preg_replace("/\\_/", "", $backup);
    $countbackup = preg_replace("/\\_/", "", $countbackup);
    $dns = preg_replace("/\\_/", "", $dns);
    $pure_user_pass = $inpass;
    $inpass = crypt_user_pass($inpass);
    $first_name = clean_input($first_name);
    $last_name = clean_input($last_name);
    $firm = clean_input($firm);
    $zip = clean_input($zip);
    $city = clean_input($city);
    $state = clean_input($state);
    $country = clean_input($country);
    $phone = clean_input($phone);
    $fax = clean_input($fax);
    $street_one = clean_input($street_one);
    $street_two = clean_input($street_two);
    $customer_id = clean_input($customer_id);
    if (!validates_dname(decode_idna($dmn_user_name))) {
        return;
    }
    $query = "\n\t\tINSERT INTO `admin` (\n\t\t\t`admin_name`, `admin_pass`, `admin_type`, `domain_created`,\n\t\t\t`created_by`, `fname`, `lname`,\n\t\t\t`firm`, `zip`, `city`, `state`,\n\t\t\t`country`, `email`, `phone`,\n\t\t\t`fax`, `street1`, `street2`,\n\t\t\t`customer_id`, `gender`\n\t\t)\n\t\tVALUES (\n\t\t\t?, ?, 'user', unix_timestamp(),\n\t\t\t?, ?, ?,\n\t\t\t?, ?, ?, ?,\n\t\t\t?, ?, ?,\n\t\t\t?, ?, ?,\n\t\t\t?, ?\n\t\t)\n\t";
    exec_query($sql, $query, array($dmn_user_name, $inpass, $reseller_id, $first_name, $last_name, $firm, $zip, $city, $state, $country, $user_email, $phone, $fax, $street_one, $street_two, $customer_id, $gender));
    print $sql->errorMsg();
    $record_id = $sql->insertId();
    $query = "\n\t\tINSERT INTO `domain` (\n\t\t\t`domain_name`, `domain_admin_id`,\n\t\t\t`domain_created_id`, `domain_created`, `domain_expires`,\n\t\t\t`domain_mailacc_limit`, `domain_ftpacc_limit`,\n\t\t\t`domain_traffic_limit`, `domain_sqld_limit`,\n\t\t\t`domain_sqlu_limit`, `status`,\n\t\t\t`domain_subd_limit`, `domain_alias_limit`,\n\t\t\t`domain_ip_id`, `domain_disk_limit`,\n\t\t\t`domain_disk_usage`, `domain_php`, `domain_php_edit`, `domain_cgi`,\n\t\t\t`allowbackup`, `domain_dns`, `domain_ssl`, `domain_disk_countbackup`\n\t\t)\n\t\tVALUES (\n\t\t\t:domain_name, :domain_admin_id,\n\t\t\t:domain_created_id, unix_timestamp(), :domain_expires,\n\t\t\t:domain_mailacc_limit, :domain_ftpacc_limit,\n\t\t\t:domain_traffic_limit, :domain_sqld_limit,\n\t\t\t:domain_sqlu_limit, :status,\n\t\t\t:domain_subd_limit, :domain_alias_limit,\n\t\t\t:domain_ip_id, :domain_disk_limit,\n\t\t\t'0', :domain_php, :domain_php_edit, :domain_cgi,\n\t\t\t:allowbackup, :domain_dns, :domain_ssl, :domain_disk_countbackup\n\t\t)\n\t";
    $param = array(':domain_name' => $dmn_name, ':domain_admin_id' => $record_id, ':domain_created_id' => $reseller_id, ':domain_expires' => $dmn_expire, ':domain_mailacc_limit' => $mail, ':domain_ftpacc_limit' => $ftp, ':domain_traffic_limit' => $traff, ':domain_sqld_limit' => $sql_db, ':domain_sqlu_limit' => $sql_user, ':status' => $cfg->ITEM_ADD_STATUS, ':domain_subd_limit' => $sub, ':domain_alias_limit' => $als, ':domain_ip_id' => $domain_ip, ':domain_disk_limit' => $disk, ':domain_php' => $php, ':domain_php_edit' => $phpe, ':domain_cgi' => $cgi, ':allowbackup' => $backup, ':domain_dns' => $dns, ':domain_ssl' => $ssl, ':domain_disk_countbackup' => $countbackup);
    DB::prepare($query);
    DB::execute($param);
    $dmn_id = DB::getInstance()->lastInsertId();
    // AddDefaultDNSEntries($dmn_id, 0, $dmn_name, $domain_ip);
    // TODO: Check if max user and group id is reached
    // update domain and gid
    $domain_gid = $cfg->APACHE_SUEXEC_MIN_GID + $dmn_id;
    $domain_uid = $cfg->APACHE_SUEXEC_MIN_UID + $dmn_id;
    $query = "\n\t\tUPDATE `domain`\n\t\tSET `domain_gid`=?,\n\t\t\t`domain_uid`=?\n\t\tWHERE `domain_id`=?\n\t";
    exec_query($sql, $query, array($domain_gid, $domain_uid, $dmn_id));
    // Add statistics group
    $query = "\n\t\tINSERT INTO `htaccess_users`\n\t\t\t(`dmn_id`, `uname`, `upass`, `status`)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?)\n\t";
    exec_query($sql, $query, array($dmn_id, $dmn_name, crypt_user_pass_with_salt($pure_user_pass), $cfg->ITEM_ADD_STATUS));
    $user_id = $sql->insertId();
    $query = "\n\t\tINSERT INTO `htaccess_groups`\n\t\t\t(`dmn_id`, `ugroup`, `members`, `status`)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?)\n\t";
    exec_query($sql, $query, array($dmn_id, $cfg->AWSTATS_GROUP_AUTH, $user_id, $cfg->ITEM_ADD_STATUS));
    // Create the 3 default addresses if wanted
    if ($cfg->CREATE_DEFAULT_EMAIL_ADDRESSES) {
        client_mail_add_default_accounts($dmn_id, $user_email, $dmn_name);
        // 'domain', 0
    }
    // let's send mail to user
    send_add_user_auto_msg($reseller_id, $dmn_user_name, $pure_user_pass, $user_email, $first_name, $last_name, tr('Domain account'));
    // $user_def_lang = $cfg->USER_INITIAL_LANG;
    $user_def_lang = '';
    // $user_theme_color = $cfg->USER_INITIAL_THEME;
    $user_theme_color = '';
    $query = "\n\t\tINSERT INTO `user_gui_props`\n\t\t\t(`user_id`, `lang`, `layout`)\n\t\tVALUES\n\t\t\t(?, ?, ?)\n\t";
    exec_query($sql, $query, array($record_id, $user_def_lang, $user_theme_color));
    // send request to daemon
    // TODO Prüfen, da es hier zu einem Fehler kommt ("Domain data has been altered. Please enter again.")
    send_request('110 DOMAIN domain ' . $dmn_id);
    send_request('130 MAIL ' . $dmn_id);
    $admin_login = $_SESSION['user_logged'];
    write_log("{$admin_login}: add user: {$dmn_user_name} (for domain {$dmn_name})");
    write_log("{$admin_login}: add domain: {$dmn_name}");
    update_reseller_c_props($reseller_id);
    if (isset($_POST['add_alias']) && $_POST['add_alias'] === 'on') {
        // we have to add some aliases for this looser
        $_SESSION['dmn_id'] = $dmn_id;
        $_SESSION['dmn_ip'] = $domain_ip;
        $_SESSION['user_add3_add_alias'] = "_yes_";
        user_goto('user_add4.php?accout=' . $dmn_id);
    } else {
        // we have not to add alias
        $_SESSION['user_add3_added'] = "_yes_";
        user_goto('users.php?psi=last');
    }
}
예제 #7
0
파일: ftp_add.php 프로젝트: gOOvER/EasySCP
function add_ftp_user($sql, $dmn_name)
{
    $cfg = EasySCP_Registry::get('Config');
    $username = strtolower(clean_input($_POST['username']));
    if (!validates_username($username)) {
        set_page_message(tr("Incorrect username length or syntax!"), 'warning');
        return;
    }
    // Set default values ($ftp_home may be overwritten if user
    // has specified a mount point)
    switch ($_POST['dmn_type']) {
        // Default moint point for a domain
        case 'dmn':
            $ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $dmn_name;
            $ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}";
            break;
            // Default mount point for an alias domain
        // Default mount point for an alias domain
        case 'als':
            $ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $_POST['als_id'];
            $alias_mount_point = get_alias_mount_point($sql, $_POST['als_id']);
            $ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}" . $alias_mount_point;
            break;
            // Default mount point for a subdomain
        // Default mount point for a subdomain
        case 'sub':
            $ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $_POST['sub_id'] . '.' . $dmn_name;
            $ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}/" . clean_input($_POST['sub_id']);
            break;
            // Unknown domain type (?)
        // Unknown domain type (?)
        default:
            set_page_message(tr('Unknown domain type'), 'error');
            return;
            break;
    }
    // User-specified mount point
    if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
        $ftp_vhome = clean_input($_POST['other_dir'], false);
        // Strip possible double-slashes
        $ftp_vhome = str_replace('//', '/', $ftp_vhome);
        // Check for updirs ".."
        $res = preg_match("/\\.\\./", $ftp_vhome);
        if ($res !== 0) {
            set_page_message(tr('Incorrect mount point length or syntax'), 'error');
            return;
        }
        $ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}/" . $ftp_vhome;
        // Strip possible double-slashes
        $ftp_home = str_replace('//', '/', $ftp_home);
        // Check for $ftp_vhome existence
        // Create a virtual filesystem (it's important to use =&!)
        $vfs = new EasySCP_VirtualFileSystem($dmn_name, $sql);
        // Check for directory existence
        $res = $vfs->exists($ftp_vhome);
        if (!$res) {
            set_page_message(tr('%s does not exist', $ftp_vhome), 'error');
            return;
        }
    }
    // End of user-specified mount-point
    $ftp_gid = get_ftp_user_gid($sql, $dmn_name, $ftp_user);
    $ftp_uid = get_ftp_user_uid($sql, $dmn_name, $ftp_user, $ftp_gid);
    if ($ftp_uid == -1) {
        return;
    }
    $ftp_shell = $cfg->CMD_SHELL;
    $ftp_passwd = crypt_user_pass_with_salt($_POST['pass']);
    $ftp_loginpasswd = encrypt_db_password($_POST['pass']);
    $query = "\n\t\tINSERT INTO ftp_users\n\t\t\t(`userid`, `passwd`, `net2ftppasswd`, `uid`, `gid`, `shell`, `homedir`)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?, ?)\n\t";
    exec_query($sql, $query, array($ftp_user, $ftp_passwd, $ftp_loginpasswd, $ftp_uid, $ftp_gid, $ftp_shell, $ftp_home));
    $domain_props = get_domain_default_props($_SESSION['user_id']);
    update_reseller_c_props($domain_props['domain_created_id']);
    write_log($_SESSION['user_logged'] . ": add new FTP account: {$ftp_user}");
    set_page_message(tr('FTP account added!'), 'success');
    user_goto('ftp_accounts.php');
}
예제 #8
0
/**
 *
 * @global <type> $cr_user_id
 * @global <type> $alias_name
 * @global <type> $domain_ip
 * @global <type> $forward
 * @global <type> $forward_prefix
 * @global <type> $mount_point
 * @global <type> $validation_err_msg
 * @param <type> $err_al
 * @return <type>
 */
function add_domain_alias(&$err_al)
{
    global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    $cr_user_id = $dmn_id = $_SESSION['dmn_id'];
    $alias_name = strtolower(clean_input($_POST['ndomain_name']));
    $domain_ip = $_SESSION['dmn_ip'];
    $mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
    if ($_POST['status'] == 1) {
        $forward = encode_idna(strtolower(clean_input($_POST['forward'])));
        $forward_prefix = clean_input($_POST['forward_prefix']);
    } else {
        $forward = 'no';
        $forward_prefix = '';
    }
    // Check if input string is a valid domain names
    if (!validates_dname($alias_name)) {
        set_page_message($validation_err_msg, 'warning');
        return;
    }
    // Should be perfomed after domain names syntax validation now
    $alias_name = encode_idna($alias_name);
    if (easyscp_domain_exists($alias_name, $_SESSION['user_id'])) {
        $err_al = tr('Domain with that name already exists on the system!');
    } else {
        if (!validates_mpoint($mount_point) && $mount_point != '/') {
            $err_al = tr("Incorrect mount point syntax");
        } else {
            if ($_POST['status'] == 1) {
                $aurl = @parse_url($forward_prefix . decode_idna($forward));
                if ($aurl === false) {
                    $err_al = tr("Wrong address in forward URL!");
                } else {
                    $domain = $aurl['host'];
                    if (substr_count($domain, '.') <= 2) {
                        $ret = validates_dname($domain);
                    } else {
                        $ret = validates_dname($domain, true);
                    }
                    if (!$ret) {
                        $err_al = tr("Wrong domain part in forward URL!");
                    } else {
                        $domain = encode_idna($aurl['host']);
                        $forward = $aurl['scheme'] . '://';
                        if (isset($aurl['user'])) {
                            $forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
                        }
                        $forward .= $domain;
                        if (isset($aurl['port'])) {
                            $forward .= ':' . $aurl['port'];
                        }
                        if (isset($aurl['path'])) {
                            $forward .= $aurl['path'];
                        } else {
                            $forward .= '/';
                        }
                        if (isset($aurl['query'])) {
                            $forward .= '?' . $aurl['query'];
                        }
                        if (isset($aurl['fragment'])) {
                            $forward .= '#' . $aurl['fragment'];
                        }
                    }
                }
            } else {
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
                $res = exec_query($sql, $query, $alias_name);
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
                $res2 = exec_query($sql, $query, $alias_name);
                if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
                    // we already have a domain with this name
                    $err_al = tr("Domain with this name already exist");
                }
                if (mount_point_exists($dmn_id, $mount_point)) {
                    $err_al = tr('Mount point already in use!');
                }
            }
        }
    }
    if ('_off_' !== $err_al) {
        set_page_message($err_al, 'error');
        return;
    }
    // Begin add new alias domain
    $query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
    exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $cfg->ITEM_ADD_STATUS, $domain_ip, $forward));
    $alias_id = $sql->insertId();
    update_reseller_c_props(get_reseller_id($cr_user_id));
    send_request('110 DOMAIN alias ' . $alias_id);
    $admin_login = $_SESSION['user_logged'];
    write_log("{$admin_login}: add domain alias: {$alias_name}");
    $_SESSION['alias_added_succesfully'] = 1;
    user_goto('user_add4.php?accout=' . $cr_user_id);
}
예제 #9
0
/**
 * Add customer
 *
 * @throws iMSCP_Exception_Database
 * @return void
 */
function addCustomer()
{
    global $hpId, $dmnName, $dmnExpire, $domainIp, $adminName, $email, $password, $customerId, $firstName, $lastName, $gender, $firm, $zip, $city, $state, $country, $phone, $fax, $street1, $street2;
    $cfg = iMSCP_Registry::get('config');
    if (isset($_SESSION['ch_hpprops'])) {
        $props = $_SESSION['ch_hpprops'];
        unset($_SESSION['ch_hpprops']);
    } else {
        $stmt = exec_query('SELECT props FROM hosting_plans WHERE reseller_id = ? AND id = ?', array($_SESSION['user_id'], $hpId));
        $data = $stmt->fetchRow();
        $props = $data['props'];
    }
    list($php, $cgi, $sub, $als, $mail, $ftp, $sql_db, $sql_user, $traff, $disk, $backup, $dns, $aps, $phpEditor, $phpiniAllowUrlFopen, $phpiniDisplayErrors, $phpiniDisableFunctions, $phpMailFunction, $phpiniPostMaxSize, $phpiniUploadMaxFileSize, $phpiniMaxExecutionTime, $phpiniMaxInputTime, $phpiniMemoryLimit, $extMailServer, $webFolderProtection, $mailQuota) = explode(';', $props);
    $php = str_replace('_', '', $php);
    $cgi = str_replace('_', '', $cgi);
    $backup = str_replace('_', '', $backup);
    $dns = str_replace('_', '', $dns);
    $aps = str_replace('_', '', $aps);
    $extMailServer = str_replace('_', '', $extMailServer);
    $webFolderProtection = str_replace('_', '', $webFolderProtection);
    $encryptedPassword = cryptPasswordWithSalt($password);
    $db = iMSCP_Database::getInstance();
    try {
        iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddDomain, array('domainName' => $dmnName, 'createdBy' => $_SESSION['user_id'], 'customerId' => $customerId, 'customerEmail' => $email));
        $db->beginTransaction();
        exec_query('
                INSERT INTO admin (
                    admin_name, admin_pass, admin_type, domain_created, created_by, fname, lname, firm, zip, city, state,
                    country, email, phone, fax, street1, street2, customer_id, gender, admin_status
                ) VALUES (
                    ?, ?, ?, unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
                )
            ', array($adminName, $encryptedPassword, 'user', $_SESSION['user_id'], $firstName, $lastName, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $customerId, $gender, 'toadd'));
        $adminId = $db->insertId();
        exec_query('
                INSERT INTO domain (
                    domain_name, domain_admin_id, domain_created, domain_expires, domain_mailacc_limit,
                    domain_ftpacc_limit, domain_traffic_limit, domain_sqld_limit, domain_sqlu_limit, domain_status,
                    domain_alias_limit, domain_subd_limit, domain_ip_id, domain_disk_limit, domain_disk_usage,
                    domain_php, domain_cgi, allowbackup, domain_dns, domain_software_allowed, phpini_perm_system,
                    phpini_perm_allow_url_fopen, phpini_perm_display_errors, phpini_perm_disable_functions,
                    phpini_perm_mail_function, domain_external_mail, web_folder_protection, mail_quota
                ) VALUES (
                    ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
                )
            ', array($dmnName, $adminId, time(), $dmnExpire, $mail, $ftp, $traff, $sql_db, $sql_user, 'toadd', $als, $sub, $domainIp, $disk, 0, $php, $cgi, $backup, $dns, $aps, $phpEditor, $phpiniAllowUrlFopen, $phpiniDisplayErrors, $phpiniDisableFunctions, $phpMailFunction, $extMailServer, $webFolderProtection, $mailQuota));
        $dmnId = $db->insertId();
        if ($phpEditor == 'yes') {
            $phpini = iMSCP_PHPini::getInstance();
            $phpini->setDomainIni('phpiniMemoryLimit', $phpiniMemoryLimit);
            // Must be set before phpiniPostMaxSize
            $phpini->setDomainIni('phpiniPostMaxSize', $phpiniPostMaxSize);
            // Must be set before phpiniUploadMaxFileSize
            $phpini->setDomainIni('phpiniUploadMaxFileSize', $phpiniUploadMaxFileSize);
            $phpini->setDomainIni('phpiniMaxExecutionTime', $phpiniMaxExecutionTime);
            $phpini->setDomainIni('phpiniMaxInputTime', $phpiniMaxInputTime);
            $phpini->saveDomainIni($adminId, $dmnId, 'dmn');
        }
        exec_query('INSERT INTO htaccess_users (dmn_id, uname, upass, status) VALUES (?, ?, ?, ?)', array($dmnId, $dmnName, $encryptedPassword, 'toadd'));
        exec_query('INSERT INTO htaccess_groups (dmn_id, ugroup, members, status) VALUES (?, ?, ?, ?)', array($dmnId, 'statistics', $db->insertId(), 'toadd'));
        if ($cfg['CREATE_DEFAULT_EMAIL_ADDRESSES']) {
            client_mail_add_default_accounts($dmnId, $email, $dmnName);
        }
        send_add_user_auto_msg($_SESSION['user_id'], $adminName, $password, $email, $firstName, $lastName, tr('Customer'));
        exec_query('INSERT INTO user_gui_props (user_id, lang, layout) VALUES (?, ?, ?)', array($adminId, $cfg['USER_INITIAL_LANG'], $cfg['USER_INITIAL_THEME']));
        update_reseller_c_props($_SESSION['user_id']);
        $db->commit();
        iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddDomain, array('domainName' => $dmnName, 'createdBy' => $_SESSION['user_id'], 'customerId' => $adminId, 'customerEmail' => $email, 'domainId' => $dmnId));
        send_request();
        write_log("{$_SESSION['user_logged']} added new customer: {$adminName}", E_USER_NOTICE);
        set_page_message(tr('Customer account successfully scheduled for creation.'), 'success');
        redirectTo('users.php');
    } catch (iMSCP_Exception_Database $e) {
        $db->rollBack();
        throw $e;
    }
}
예제 #10
0
/**
 * @param int $user_id
 * @param int $domain_id
 * @param <type> $sub_name
 * @param <type> $sub_mnt_pt
 * @param <type> $forward
 */
function subdomain_schedule($user_id, $domain_id, $sub_name, $sub_mnt_pt, $forward, $sub_id = null)
{
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    $status_add = $cfg->ITEM_ADD_STATUS;
    if ($_POST['dmn_type'] == 'als') {
        $query = "\n\t\t\tINSERT INTO\n\t\t\t\tsubdomain_alias\n\t\t\t\t\t(alias_id,\n\t\t\t\t\tsubdomain_alias_name,\n\t\t\t\t\tsubdomain_alias_mount,\n\t\t\t\t\tsubdomain_alias_url_forward,\n\t\t\t\t\tstatus,subdomain_id)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?, ?)\n\t\t;";
        exec_query($sql, $query, array($domain_id, $sub_name, $sub_mnt_pt, $forward, $status_add, $sub_id));
    } else {
        $query = "\n\t\t\tINSERT INTO\n\t\t\t\t`subdomain`\n\t\t\t\t\t(`domain_id`,\n\t\t\t\t\t`subdomain_name`,\n\t\t\t\t\t`subdomain_mount`,\n\t\t\t\t\t`subdomain_url_forward`,\n\t\t\t\t\t`status`)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?)\n\t\t;";
        exec_query($sql, $query, array($domain_id, $sub_name, $sub_mnt_pt, $forward, $status_add));
    }
    update_reseller_c_props(get_reseller_id($domain_id));
    //	$subdomain_id = $sql->insertId();
    // We do not need to create the default mail addresses, subdomains are
    // related to their domains.
    write_log($_SESSION['user_logged'] . ": adds new subdomain: " . $sub_name);
    if ($_POST['dmn_type'] == 'als') {
        send_request('110 DOMAIN alias ' . $domain_id);
    } else {
        send_request('110 DOMAIN domain ' . $domain_id);
    }
}
예제 #11
0
/**
 * Deletes the given customer
 *
 * @throws iMSCP_Exception
 * @param integer $customerId Customer unique identifier
 * @param boolean $checkCreatedBy Tell whether or not customer must have been created by logged-in user
 * @return bool TRUE on success, FALSE otherwise
 */
function deleteCustomer($customerId, $checkCreatedBy = false)
{
    iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteCustomer, array('customerId' => $customerId));
    // Get username, uid and gid of domain user
    $query = '
		SELECT
			admin_name, created_by, domain_id
		FROM
			admin
		INNER JOIN
			domain ON(domain_admin_id = admin_id)
		WHERE
			admin_id = ?
	';
    if ($checkCreatedBy) {
        $query .= 'AND created_by = ?';
        $stmt = exec_query($query, array($customerId, $_SESSION['user_id']));
    } else {
        $stmt = exec_query($query, $customerId);
    }
    if (!$stmt->rowCount()) {
        return false;
    }
    $customerName = $stmt->fields['admin_name'];
    $mainDomainId = $stmt->fields['domain_id'];
    $resellerId = $stmt->fields['created_by'];
    $deleteStatus = 'todelete';
    $db = iMSCP_Database::getInstance();
    try {
        // First, we remove customer sessions to prevent any problems
        exec_query('DELETE FROM login WHERE user_name = ?', $customerName);
        // Remove customer's databases and Sql users
        $stmt = exec_query('SELECT sqld_id FROM sql_database WHERE domain_id = ?', $mainDomainId);
        while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
            delete_sql_database($mainDomainId, $row['sqld_id']);
        }
        $db->beginTransaction();
        // Deletes all protected areas data (areas, groups and users)
        exec_query('
				DELETE
					t2, t3, t4
				FROM
					domain AS t1
				LEFT JOIN
					htaccess AS t2 ON (t2.dmn_id = t1.domain_id)
				LEFT JOIN
					htaccess_users AS t3 ON (t3.dmn_id = t1.domain_id)
				LEFT JOIN
					htaccess_groups AS t4 ON (t4.dmn_id = t1.domain_id)
				WHERE
					t1.domain_id = ?
			', $mainDomainId);
        // Deletes domain traffic entries
        exec_query('DELETE FROM domain_traffic WHERE domain_id = ?', $mainDomainId);
        // Deletes custom DNS records
        exec_query('DELETE FROM domain_dns WHERE domain_id = ?', $mainDomainId);
        // Deletes FTP accounts (users and groups)
        exec_query('DELETE FROM ftp_users WHERE admin_id = ?', $customerId);
        exec_query('DELETE FROM ftp_group WHERE groupname = ?', $customerName);
        // Deletes quota entries
        exec_query('DELETE FROM quotalimits WHERE name = ?', $customerName);
        exec_query('DELETE FROM quotatallies WHERE name = ?', $customerName);
        // Deletes support tickets
        exec_query('DELETE FROM tickets WHERE ticket_from = ? OR ticket_to = ?', array($customerId, $customerId));
        // Deletes user gui properties
        exec_query('DELETE FROM user_gui_props WHERE user_id = ?', $customerId);
        // Deletes php.ini entries
        exec_query('DELETE FROM php_ini WHERE admin_id = ?', $customerId);
        //
        // Delegated tasks - begin
        //
        // Schedule mail accounts deletion
        exec_query('UPDATE mail_users SET status = ? WHERE domain_id = ?', array($deleteStatus, $mainDomainId));
        // Schedule subdomain's aliasses deletion
        exec_query('
				UPDATE
					subdomain_alias AS t1
				JOIN
					domain_aliasses AS t2 ON(t2.domain_id = ?)
				SET
					t1.subdomain_alias_status = ?
				WHERE
					t1.alias_id = t2.alias_id
			', array($mainDomainId, $deleteStatus));
        // Schedule domain aliases deletion
        exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE domain_id = ?', array($deleteStatus, $mainDomainId));
        // Schedule domain's subdomains deletion
        exec_query('UPDATE subdomain SET subdomain_status = ? WHERE domain_id = ?', array($deleteStatus, $mainDomainId));
        // Schedule domain deletion
        exec_query('UPDATE domain SET domain_status = ? WHERE domain_id = ?', array($deleteStatus, $mainDomainId));
        // Schedule user deletion
        exec_query('UPDATE admin SET admin_status = ? WHERE admin_id = ?', array($deleteStatus, $customerId));
        // Schedule SSL certificates deletion
        exec_query("UPDATE ssl_certs SET status = ? WHERE domain_type = 'dmn' AND domain_id = ?", array($deleteStatus, $mainDomainId));
        exec_query("\n\t\t\t\tUPDATE\n\t\t\t\t\tssl_certs\n\t\t\t\tSET\n\t\t\t\t\tstatus = ?\n\t\t\t\tWHERE\n\t\t\t\t\tdomain_id IN (SELECT alias_id FROM domain_aliasses WHERE domain_id = ?)\n\t\t\t\tAND\n\t\t\t\t\tdomain_type = ?\n\t\t\t", array($deleteStatus, $mainDomainId, 'als'));
        exec_query("\n\t\t\t\tUPDATE\n\t\t\t\t\tssl_certs SET status = ?\n\t\t\t\tWHERE\n\t\t\t\t\tdomain_id IN (SELECT subdomain_id FROM subdomain WHERE domain_id = ?)\n\t\t\t\tAND\n\t\t\t\t\tdomain_type = ?\n\t\t\t", array($deleteStatus, $mainDomainId, 'sub'));
        exec_query("\n\t\t\t\tUPDATE\n\t\t\t\t\tssl_certs SET status = ?\n\t\t\t\tWHERE\n\t\t\t\t\tdomain_id IN (\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tsubdomain_alias_id\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tsubdomain_alias\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\talias_id IN (SELECT alias_id FROM domain_aliasses WHERE domain_id = ?)\n\t\t\t\t\t)\n\t\t\t\tAND\n\t\t\t\t\tdomain_type = ?\n\t\t\t", array($deleteStatus, $mainDomainId, 'alssub'));
        //
        // Delegated tasks - end
        //
        // Updates resellers properties
        update_reseller_c_props($resellerId);
        // Commit all changes to database server
        $db->commit();
        iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterDeleteCustomer, array('customerId' => $customerId));
    } catch (iMSCP_Exception $e) {
        $db->rollBack();
        throw new iMSCP_Exception($e->getMessage(), $e->getCode(), $e);
    }
    // We are now ready to send a request to the daemon for delegated tasks.
    // Note: We are safe here. If the daemon doesn't answer, some entities will not be removed. In such case the
    // sysadmin will have to fix the problem causing deletion break and send a request to the daemon manually via the
    // panel, or run the imscp-rqst-mngr script manually.
    send_request();
    return true;
}
예제 #12
0
/**
 *
 * @global <type> $cr_user_id
 * @global <type> $alias_name
 * @global <type> $domain_ip
 * @global <type> $forward
 * @global <type> $forward_prefix
 * @global <type> $mount_point
 * @global <type> $validation_err_msg
 * @param <type> $err_al
 * @return <type>
 */
function add_domain_alias(&$err_al)
{
    global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    $cr_user_id = $_POST['usraccounts'];
    $alias_name = strtolower($_POST['ndomain_name']);
    $mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
    if ($_POST['status'] == 1) {
        $forward = encode_idna(strtolower(clean_input($_POST['forward'])));
        $forward_prefix = clean_input($_POST['forward_prefix']);
    } else {
        $forward = 'no';
        $forward_prefix = '';
    }
    $query = "\n\t\tSELECT\n\t\t\t`domain_ip_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t;";
    $rs = exec_query($sql, $query, $cr_user_id);
    $domain_ip = $rs->fields['domain_ip_id'];
    // First check if input string is a valid domain names
    if (!validates_dname($alias_name)) {
        $err_al = $validation_err_msg;
        return;
    }
    // Should be perfomed after domain names syntax validation now
    $alias_name = encode_idna($alias_name);
    if (easyscp_domain_exists($alias_name, $_SESSION['user_id'])) {
        $err_al = tr('Domain with that name already exists on the system!');
        //	} else if (!validates_mpoint($mount_point) && $mount_point != '/') {
        //		$err_al = tr("Incorrect mount point syntax");
    } else {
        if ($alias_name == $cfg->BASE_SERVER_VHOST) {
            $err_al = tr('Master domain cannot be used!');
        } else {
            if ($_POST['status'] == 1) {
                $aurl = @parse_url($forward_prefix . decode_idna($forward));
                if ($aurl === false) {
                    $err_al = tr("Wrong address in forward URL!");
                } else {
                    $domain = $aurl['host'];
                    if (substr_count($domain, '.') <= 2) {
                        $ret = validates_dname($domain);
                    } else {
                        $ret = validates_dname($domain, true);
                    }
                    if (!$ret) {
                        $err_al = tr("Wrong domain part in forward URL!");
                    } else {
                        $domain = encode_idna($aurl['host']);
                        $forward = $aurl['scheme'] . '://';
                        if (isset($aurl['user'])) {
                            $forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
                        }
                        $forward .= $domain;
                        if (isset($aurl['port'])) {
                            $forward .= ':' . $aurl['port'];
                        }
                        if (isset($aurl['path'])) {
                            $forward .= $aurl['path'];
                        } else {
                            $forward .= '/';
                        }
                        if (isset($aurl['query'])) {
                            $forward .= '?' . $aurl['query'];
                        }
                        if (isset($aurl['fragment'])) {
                            $forward .= '#' . $aurl['fragment'];
                        }
                    }
                }
            } else {
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
                $res = exec_query($sql, $query, $alias_name);
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
                $res2 = exec_query($sql, $query, $alias_name);
                if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
                    // we already have domain with this name
                    $err_al = tr("Domain with this name already exist");
                }
                $query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`subdomain_id`) AS cnt\n\t\t\tFROM\n\t\t\t\t`subdomain`\n\t\t\tWHERE\n\t\t\t\t\t`domain_id` = ?\n\t\t\t\tAND `subdomain_mount` = ?\n\t\t\t;";
                $subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
                $subdomdata = $subdomres->fetchRow();
                $query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`subdomain_alias_id`) AS alscnt\n\t\t\tFROM\n\t\t\t\t`subdomain_alias`\n\t\t\tWHERE\n\t\t\t\t\t`alias_id`\n\t\t\t\tIN (\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t`alias_id`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t`domain_aliasses`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`domain_id` = ?\n\t\t\t\t\t)\n\t\t\t\tAND\n\t\t\t\t\t`subdomain_alias_mount` = ?\n\t\t;";
                $alssubdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
                $alssubdomdata = $alssubdomres->fetchRow();
                if ($subdomdata['cnt'] > 0 || $alssubdomdata['alscnt'] > 0) {
                    $err_al = tr("There is a subdomain with the same mount point!");
                }
            }
        }
    }
    if ('_off_' !== $err_al) {
        return;
    }
    // Begin add new alias domain
    $alias_name = htmlspecialchars($alias_name, ENT_QUOTES, "UTF-8");
    $query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`,  `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
    exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $cfg->ITEM_ADD_STATUS, $domain_ip, $forward));
    $als_id = $sql->insertId();
    update_reseller_c_props(get_reseller_id($cr_user_id));
    $query = "\n\t\tSELECT\n\t\t\t`email`\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t\tLIMIT 1\n\t;";
    $rs = exec_query($sql, $query, who_owns_this($cr_user_id, 'dmn_id'));
    $user_email = $rs->fields['email'];
    // Create the three default addresses if required
    if ($cfg->CREATE_DEFAULT_EMAIL_ADDRESSES) {
        client_mail_add_default_accounts($cr_user_id, $user_email, $alias_name, 'alias', $als_id);
    }
    send_request('110 DOMAIN alias ' . $als_id);
    $admin_login = $_SESSION['user_logged'];
    write_log("{$admin_login}: add domain alias: {$alias_name}");
    $_SESSION["aladd"] = '_yes_';
    user_goto('alias.php');
}
예제 #13
0
/**
 *
 * @global <type> $cr_user_id
 * @global <type> $alias_name
 * @global <type> $domain_ip
 * @global <type> $forward
 * @global <type> $forward_prefix
 * @global <type> $mount_point
 * @global <type> $validation_err_msg
 * @param <type> $err_al
 * @return <type>
 */
function add_domain_alias(&$err_al)
{
    global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    $cr_user_id = get_user_domain_id($_SESSION['user_id']);
    $alias_name = strtolower($_POST['ndomain_name']);
    //	$mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
    if ($_POST['status'] == 1) {
        $forward = encode_idna(strtolower(clean_input($_POST['forward'])));
        $forward_prefix = clean_input($_POST['forward_prefix']);
    } else {
        $forward = 'no';
        $forward_prefix = '';
    }
    $query = "\n\t\tSELECT\n\t\t\t`domain_ip_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
    $rs = exec_query($sql, $query, $cr_user_id);
    $domain_ip = $rs->fields['domain_ip_id'];
    // First check if input string is a valid domain names
    if (!validates_dname($alias_name)) {
        $err_al = $validation_err_msg;
        return;
    }
    // Should be perfomed after domain names syntax validation now
    $alias_name = encode_idna($alias_name);
    if (easyscp_domain_exists($alias_name, 0)) {
        $err_al = tr('Domain with that name already exists on the system!');
        //	} else if (!validates_mpoint($mount_point) && $mount_point != '/') {
        //		$err_al = tr("Incorrect mount point syntax");
    } else {
        if ($alias_name == $cfg->BASE_SERVER_VHOST) {
            $err_al = tr('Master domain cannot be used!');
        } else {
            if ($_POST['status'] == 1) {
                $aurl = @parse_url($forward_prefix . decode_idna($forward));
                if ($aurl === false) {
                    $err_al = tr("Wrong address in forward URL!");
                } else {
                    $domain = $aurl['host'];
                    if (substr_count($domain, '.') <= 2) {
                        $ret = validates_dname($domain);
                    } else {
                        $ret = validates_dname($domain, true);
                    }
                    if (!$ret) {
                        $err_al = tr("Wrong domain part in forward URL!");
                    } else {
                        $domain = encode_idna($aurl['host']);
                        $forward = $aurl['scheme'] . '://';
                        if (isset($aurl['user'])) {
                            $forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
                        }
                        $forward .= $domain;
                        if (isset($aurl['port'])) {
                            $forward .= ':' . $aurl['port'];
                        }
                        if (isset($aurl['path'])) {
                            $forward .= $aurl['path'];
                        } else {
                            $forward .= '/';
                        }
                        if (isset($aurl['query'])) {
                            $forward .= '?' . $aurl['query'];
                        }
                        if (isset($aurl['fragment'])) {
                            $forward .= '#' . $aurl['fragment'];
                        }
                    }
                }
            } else {
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
                $res = exec_query($sql, $query, $alias_name);
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
                $res2 = exec_query($sql, $query, $alias_name);
                if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
                    // we already have domain with this name
                    $err_al = tr("Domain with this name already exist");
                }
                //		$query = "
                //			SELECT
                //				COUNT(`subdomain_id`) AS cnt
                //			FROM
                //				`subdomain`
                //			WHERE
                //					`domain_id` = ?
                //				AND
                //					`subdomain_mount` = ?
                //		;";
                //		$subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
                //		$subdomdata = $subdomres->fetchRow();
                //
                //		$query = "
                //			SELECT
                //				COUNT(`subdomain_alias_id`) AS alscnt
                //			FROM
                //				`subdomain_alias`
                //			WHERE
                //					`alias_id`
                //				IN (
                //					SELECT
                //						`alias_id`
                //					FROM
                //						`domain_aliasses`
                //					WHERE
                //						`domain_id` = ?
                //				)
                //				AND
                //					`subdomain_alias_mount` = ?
                //		;";
                //		$alssubdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
                //		$alssubdomdata = $alssubdomres->fetchRow();
                //
                //		if ($subdomdata['cnt'] > 0 || $alssubdomdata['alscnt'] > 0) {
                //			$err_al = tr("There is a subdomain with the same mount point!");
                //		}
            }
        }
    }
    if ('_off_' !== $err_al) {
        return;
    }
    // Begin add new alias domain
    $status = $cfg->ITEM_ORDERED_STATUS;
    $query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
    exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $status, $domain_ip, $forward));
    $dmn_id = $sql->insertId();
    AddDefaultDNSEntries(0, $dmn_id, $alias_name, $domain_ip);
    update_reseller_c_props(get_reseller_id($cr_user_id));
    $admin_login = $_SESSION['user_logged'];
    if ($status == $cfg->ITEM_ORDERED_STATUS) {
        // notify the reseller:
        send_alias_order_email($alias_name);
        write_log("{$admin_login}: add domain alias for activation: {$alias_name}.");
        set_page_message(tr('Alias scheduled for activation!'), 'success');
    } else {
        // TODO: Check
        //		send_request('110 DOMAIN alias '.$dmn_id);
        write_log("{$admin_login}: domain alias scheduled for addition: {$alias_name}.");
        set_page_message(tr('Alias scheduled for addition!'), 'success');
    }
    user_goto('domains_manage.php');
}
예제 #14
0
    $query = "\n\t\tSELECT\n\t\t\t`t1`.`userid`, `t1`.`uid`, `t2`.`domain_uid`\n\t\tFROM\n\t\t\t`ftp_users` AS `t1`, `domain` AS `t2`\n\t\tWHERE\n\t\t\t`t1`.`userid` = ?\n\t\tAND\n\t\t\t`t1`.`uid` = t2.`domain_uid`\n\t\tAND\n\t\t\t`t2`.`domain_name` = ?\n\t\t;\n\t";
    $rs = exec_query($sql, $query, array($ftp_id, $dmn_name));
    $ftp_name = $rs->fields['userid'];
    if ($rs->recordCount() == 0) {
        user_goto('ftp_accounts.php');
    }
    $query = "\n\t\tSELECT\n\t\t\t`t1`.`gid`, t2.`members`\n\t\tFROM\n\t\t\t`ftp_users` AS `t1`, `ftp_group` AS `t2`\n\t\tWHERE\n\t\t\t`t1`.`gid` = `t2`.`gid`\n\t\tAND\n\t\t\t`t1`.`userid` = ?\n\t\t;\n\t";
    $rs = exec_query($sql, $query, $ftp_id);
    $ftp_gid = $rs->fields['gid'];
    $ftp_members = $rs->fields['members'];
    $members = preg_replace("/{$ftp_id}/", "", "{$ftp_members}");
    $members = preg_replace("/,,/", ",", "{$members}");
    $members = preg_replace("/^,/", "", "{$members}");
    $members = preg_replace("/,\$/", "", "{$members}");
    if (strlen($members) == 0) {
        $query = "\n\t\t\tDELETE FROM\n\t\t\t\t`ftp_group`\n\t\t\tWHERE\n\t\t\t\t`gid` = ?\n\t\t\t;\n\t\t";
        $rs = exec_query($sql, $query, $ftp_gid);
    } else {
        $query = "\n\t\t\tUPDATE\n\t\t\t\t`ftp_group`\n\t\t\tSET\n\t\t\t\t`members` = ?\n\t\t\tWHERE\n\t\t\t\t`gid` = ?\n\t\t\t;\n\t\t";
        $rs = exec_query($sql, $query, array($members, $ftp_gid));
    }
    $query = "\n\t\tDELETE FROM\n\t\t\t`ftp_users`\n\t\tWHERE\n\t\t\t`userid` = ?\n\t\t;\n\t";
    $rs = exec_query($sql, $query, $ftp_id);
    $domain_props = get_domain_default_props($_SESSION['user_id']);
    update_reseller_c_props($domain_props['domain_created_id']);
    write_log($_SESSION['user_logged'] . ": deletes FTP account: " . $ftp_name);
    set_page_message(tr('FTP account deleted successfully!'), 'success');
    user_goto('ftp_accounts.php');
} else {
    user_goto('ftp_accounts.php');
}
예제 #15
0
/**
 * @todo
 * 	* Database user with same name can be added several times
 *  * If creation of database user fails in MySQL-Table, database user is already
 * 		in loclal EasySCP table -> Error handling
 */
function add_sql_user($sql, $user_id, $db_id)
{
    $cfg = EasySCP_Registry::get('Config');
    if (!isset($_POST['uaction'])) {
        return;
    }
    // let's check user input
    if (empty($_POST['user_name']) && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Please type user name!'), 'warning');
        return;
    }
    if (empty($_POST['pass']) && empty($_POST['pass_rep']) && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Please type user password!'), 'warning');
        return;
    }
    if (isset($_POST['pass']) && isset($_POST['pass_rep']) && $_POST['pass'] !== $_POST['pass_rep'] && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Entered passwords do not match!'), 'warning');
        return;
    }
    if (isset($_POST['pass']) && strlen($_POST['pass']) > $cfg->MAX_SQL_PASS_LENGTH && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Too long user password!'), 'warning');
        return;
    }
    if (isset($_POST['pass']) && !preg_match('/^[[:alnum:]:!*+#_.-]+$/', $_POST['pass']) && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Don\'t use special chars like "@, $, %..." in the password!'), 'warning');
        return;
    }
    if (isset($_POST['pass']) && !chk_password($_POST['pass']) && !isset($_POST['Add_Exist'])) {
        if ($cfg->PASSWD_STRONG) {
            set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
        } else {
            set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
        }
        return;
    }
    if (isset($_POST['Add_Exist'])) {
        $query = "SELECT `sqlu_pass` FROM `sql_user` WHERE `sqlu_id` = ?";
        $rs = exec_query($sql, $query, $_POST['sqluser_id']);
        if ($rs->recordCount() == 0) {
            set_page_message(tr('SQL-user not found! It might has been deleted by another user.'), 'warning');
            return;
        }
        $user_pass = decrypt_db_password($rs->fields['sqlu_pass']);
    } else {
        $user_pass = $_POST['pass'];
    }
    $dmn_id = get_user_domain_id($user_id);
    if (!isset($_POST['Add_Exist'])) {
        // we'll use domain_id in the name of the database;
        if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
            $db_user = $dmn_id . "_" . clean_input($_POST['user_name']);
        } else {
            if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
                $db_user = clean_input($_POST['user_name']) . "_" . $dmn_id;
            } else {
                $db_user = clean_input($_POST['user_name']);
            }
        }
    } else {
        $query = "SELECT `sqlu_name` FROM `sql_user` WHERE `sqlu_id` = ?";
        $rs = exec_query($sql, $query, $_POST['sqluser_id']);
        $db_user = $rs->fields['sqlu_name'];
    }
    if (strlen($db_user) > $cfg->MAX_SQL_USER_LENGTH) {
        set_page_message(tr('User name too long!'), 'warning');
        return;
    }
    // are wildcards used?
    if (preg_match("/[%|\\?]+/", $db_user)) {
        set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
        return;
    }
    // have we such sql user in the system?!
    if (check_db_user($sql, $db_user) && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Specified SQL username name already exists!'), 'warning');
        return;
    }
    // add user in the EasySCP table;
    $query = "\n\t\tINSERT INTO `sql_user`\n\t\t\t(`sqld_id`, `sqlu_name`, `sqlu_pass`)\n\t\tVALUES\n\t\t\t(?, ?, ?)\n\t";
    exec_query($sql, $query, array($db_id, $db_user, encrypt_db_password($user_pass)));
    update_reseller_c_props(get_reseller_id($dmn_id));
    $query = "\n\t\tSELECT\n\t\t\t`sqld_name` AS `db_name`\n\t\tFROM\n\t\t\t`sql_database`\n\t\tWHERE\n\t\t\t`sqld_id` = ?\n\t\tAND\n\t\t\t`domain_id` = ?\n\t";
    $rs = exec_query($sql, $query, array($db_id, $dmn_id));
    $db_name = $rs->fields['db_name'];
    $db_name = preg_replace("/([_%\\?\\*])/", '\\\\$1', $db_name);
    // add user in the mysql system tables
    $query = "GRANT ALL PRIVILEGES ON " . quoteIdentifier($db_name) . ".* TO ?@? IDENTIFIED BY ?";
    exec_query($sql, $query, array($db_user, "localhost", $user_pass));
    exec_query($sql, $query, array($db_user, "%", $user_pass));
    write_log($_SESSION['user_logged'] . ": add SQL user: " . tohtml($db_user));
    set_page_message(tr('SQL user successfully added!'), 'info');
    user_goto('sql_manage.php');
}
예제 #16
0
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
if (isset($_GET['del_id'])) {
    $del_id = $_GET['del_id'];
} else {
    $_SESSION['aldel'] = '_no_';
    user_goto('alias.php');
}
$reseller_id = $_SESSION['user_id'];
$query = "\n\tSELECT\n\t\tt1.`domain_id`, t1.`alias_id`, t1.`alias_name`,\n\t\tt2.`domain_id`, t2.`domain_created_id`\n\tFROM\n\t\t`domain_aliasses` AS t1,\n\t\t`domain` AS t2\n\tWHERE\n\t\tt1.`alias_id` = ?\n\tAND\n\t\tt1.`domain_id` = t2.`domain_id`\n\tAND\n\t\tt2.`domain_created_id` = ?\n";
$rs = exec_query($sql, $query, array($del_id, $reseller_id));
if ($rs->recordCount() == 0) {
    user_goto('alias.php');
}
$alias_name = $rs->fields['alias_name'];
// check for mail acc in ALIAS domain (ALIAS MAIL) and delete them
$query = "\n\tUPDATE\n\t\t`mail_users`\n\tSET\n\t\t`status` = ?\n\tWHERE\n\t\t(`sub_id` = ?\n\t\tAND\n\t\t`mail_type` LIKE '%alias_%')\n\tOR\n\t\t(`sub_id` IN (SELECT `subdomain_alias_id` FROM `subdomain_alias` WHERE `alias_id` = ?)\n\t\tAND\n\t\t`mail_type` LIKE '%alssub_%')\n";
exec_query($sql, $query, array($cfg->ITEM_DELETE_STATUS, $del_id, $del_id));
$res = exec_query($sql, "SELECT `alias_name` FROM `domain_aliasses` WHERE `alias_id` = ?", $del_id);
$dat = $res->fetchRow();
// TODO Use prepared statements
exec_query($sql, "UPDATE `subdomain_alias` SET `status` = '" . $cfg->ITEM_DELETE_STATUS . "' WHERE `alias_id` = ?", $del_id);
// TODO Use prepared statements
exec_query($sql, "UPDATE `domain_aliasses` SET `status` = '" . $cfg->ITEM_DELETE_STATUS . "' WHERE `alias_id` = ?", $del_id);
update_reseller_c_props($reseller_id);
send_request('110 DOMAIN alias ' . $del_id);
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: deletes domain alias: " . $dat['alias_name']);
$_SESSION['aldel'] = '_yes_';
user_goto('alias.php');