/**
* Delete domain with all sub items (usage in admin and reseller)
* @param integer $domain_id
* @param string $goto users.php or manage_users.php
* @param boolean $breseller double check by reseller=current user
*/
function delete_domain($domain_id, $goto, $breseller = false)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
// Get uid and gid of domain user
$query = "\n\t\tSELECT\n\t\t\t`domain_uid`,\n\t\t\t`domain_gid`,\n\t\t\t`domain_admin_id`,\n\t\t\t`domain_name`,\n\t\t\t`domain_created_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
if ($breseller) {
$reseller_id = $_SESSION['user_id'];
$query .= " AND `domain_created_id` = ?";
$res = exec_query($sql, $query, array($domain_id, $reseller_id));
} else {
$res = exec_query($sql, $query, $domain_id);
}
$data = $res->fetchRow();
if (empty($data['domain_uid']) || empty($data['domain_admin_id'])) {
set_page_message(tr('Wrong domain ID!'), 'error');
user_goto($goto);
}
$domain_admin_id = $data['domain_admin_id'];
$domain_name = $data['domain_name'];
$domain_uid = $data['domain_uid'];
$domain_gid = $data['domain_gid'];
if (!$breseller) {
$reseller_id = $data['domain_created_id'];
}
// Mail users:
$query = "\n\t\tUPDATE\n\t\t\t`mail_users`\n\t\tSET\n\t\t\t`status` = ?\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
exec_query($sql, $query, array($cfg->ITEM_DELETE_STATUS, $domain_id));
send_request('130 MAIL ' . $domain_id);
// Delete all protected areas related data (areas, groups and users)
$query = "\n\t\tDELETE\n\t\t\t`areas`,\n\t\t\t`users`,\n\t\t\t`groups`\n\t\tFROM\n\t\t\t`domain` AS `customer`\n\t\tLEFT JOIN\n\t\t\t`htaccess` AS `areas` ON `areas`.`dmn_id` = `customer`.`domain_id`\n\t\tLEFT JOIN\n\t\t\t`htaccess_users` AS `users` ON `users`.`dmn_id` = `customer`.`domain_id`\n\t\tLEFT JOIN\n\t\t\t`htaccess_groups` AS `groups` ON `groups`.`dmn_id` = `customer`.`domain_id`\n\t\tWHERE\n\t\t\t`customer`.`domain_id` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_id);
// Delete subdomain aliases:
$alias_a = array();
$query = "\n\t\tSELECT\n\t\t\t`alias_id`\n\t\tFROM\n\t\t\t`domain_aliasses`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
$res = exec_query($sql, $query, $domain_id);
while (!$res->EOF) {
$alias_a[] = $res->fields['alias_id'];
$res->moveNext();
}
if (count($alias_a) > 0) {
$query = "\n\t\t\tUPDATE\n\t\t\t\t`subdomain_alias`\n\t\t\tSET\n\t\t\t\t`status` = ?\n\t\t\tWHERE\n\t\t\t\t`alias_id` IN (\n\t\t";
$query .= implode(',', $alias_a);
$query .= ")";
exec_query($sql, $query, $cfg->ITEM_DELETE_STATUS);
}
// Delete SQL databases and users
$query = "\n\t\tSELECT\n\t\t\t`sqld_id`\n\t\tFROM\n\t\t\t`sql_database`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
$res = exec_query($sql, $query, $domain_id);
while (!$res->EOF) {
delete_sql_database($sql, $domain_id, $res->fields['sqld_id']);
$res->moveNext();
}
// Domain aliases:
$query = "\n\t\tUPDATE\n\t\t\tdomain_aliasses\n\t\tSET\n\t\t\tstatus = ?\n\t\tWHERE\n\t\t\tdomain_id = ?\n\t\t;\n\t";
exec_query($sql, $query, array($cfg->ITEM_DELETE_STATUS, $domain_id));
// Remove domain traffic
$query = "\n\t\tDELETE FROM\n\t\t\t`domain_traffic`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_id);
// Set domain deletion status
$query = "\n\t\tUPDATE\n\t\t\t`domain`\n\t\tSET\n\t\t\t`status` = 'delete'\n\t\tWHERE\n\t\t`domain_id` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_id);
// Set domain subdomains deletion status
$query = "\n\t\tUPDATE\n\t\t\t`subdomain`\n\t\tSET\n\t\t\t`status` = ?\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
exec_query($sql, $query, array($cfg->ITEM_DELETE_STATUS, $domain_id));
// --- Activate daemon ---
send_request('110 DOMAIN domain ' . $domain_id);
// Delete FTP users:
$query = "\n\t\tDELETE FROM\n\t\t\t`ftp_users`\n\t\tWHERE\n\t\t\t`uid` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_uid);
// Delete FTP groups:
$query = "\n\t\tDELETE FROM\n\t\t\t`ftp_group`\n\t\tWHERE\n\t\t\t`gid` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_gid);
// Delete EasySCP login:
$query = "\n\t\tDELETE FROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_admin_id);
// Delete the quota section:
$query = "\n\t\tDELETE FROM\n\t\t\t`quotalimits`\n\t\tWHERE\n\t\t\t`name` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_name);
// Delete the quota section:
$query = "\n\t\tDELETE FROM\n\t\t\t`quotatallies`\n\t\tWHERE\n\t\t\t`name` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_name);
// Remove support tickets:
$query = "\n\t\tDELETE FROM\n\t\t\t`tickets`\n\t\tWHERE\n\t\t\tticket_from = ?\n\t\tOR\n\t\t\tticket_to = ?\n\t\t;\n\t";
exec_query($sql, $query, array($domain_admin_id, $domain_admin_id));
// Delete user gui properties
$query = "\n\t\tDELETE FROM\n\t\t\t`user_gui_props`\n\t\tWHERE\n\t\t\t`user_id` = ?\n\t\t;\n\t";
exec_query($sql, $query, $domain_admin_id);
write_log($_SESSION['user_logged'] . ': deletes domain ' . $domain_name);
update_reseller_c_props($reseller_id);
$_SESSION['ddel'] = '_yes_';
user_goto($goto);
}
$query = "SELECT COUNT(`mail_id`) AS cnt FROM `mail_users` WHERE (`mail_type` LIKE '" . MT_SUBDOM_MAIL . "%' OR `mail_type` = '" . MT_SUBDOM_FORWARD . "') AND `sub_id` = ?";
$rs = exec_query($sql, $query, $sub_id);
if ($rs->fields['cnt'] > 0) {
set_page_message(tr('The subdomain you are trying to remove has email accounts!<br />Rremove them first!'), 'warning');
user_goto('domains_manage.php');
}
// check for existing aliassubdomains
$sql_param = array(':subdomain_id' => $sub_id);
$query = "\n\t\tSELECT \n\t\t\tCOUNT(subdomain_alias_id) AS cnt\n\t\tFROM\n\t\t\tsubdomain_alias\n\t\tWHERE\n\t\t\tsubdomain_id = :subdomain_id\n\t";
DB::prepare($query);
$row = DB::execute($sql_param)->fetch();
if ($row['cnt'] > 0) {
set_page_message(tr('The subdomain you are trying to remove has aliassubdomains assigned!<br />Rremove them first!'), 'warning');
user_goto('domains_manage.php');
}
$query = "\n\t\tUPDATE\n\t\t\t`subdomain`\n\t\tSET\n\t\t\t`status` = 'delete'\n\t\tWHERE\n\t\t\t`subdomain_id` = ?\n\t";
$rs = exec_query($sql, $query, $sub_id);
$query = "\n\t\tUPDATE\n\t\t\t`domain`\n\t\tSET\n\t\t\t`status` = 'change'\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
$rs = exec_query($sql, $query, $dmn_id);
update_reseller_c_props(get_reseller_id($dmn_id));
if ($_POST['dmn_type'] == 'als') {
send_request('110 DOMAIN alias ' . $dmn_id);
} else {
send_request('110 DOMAIN domain ' . $dmn_id);
}
write_log($_SESSION['user_logged'] . ": deletes subdomain: " . $sub_name);
set_page_message(tr('Subdomain scheduled for deletion!'), 'info');
user_goto('domains_manage.php');
} else {
user_goto('domains_manage.php');
}
$res_tmp = exec_query($sql, "SELECT `subdomain_name` FROM `subdomain` WHERE `subdomain_id` = ?", $data['sub_id']);
$dat_tmp = $res_tmp->fetchRow();
$mail_name = $data['mail_acc'] . '@' . $dat_tmp['subdomain_name'] . '.' . $dmn_name;
} else {
if (preg_match("/" . MT_ALSSUB_MAIL . "/", $data['mail_type']) || preg_match("/" . MT_ALSSUB_FORWARD . "/", $data['mail_type'])) {
// mail to subdomain
$res_tmp = exec_query($sql, "SELECT `subdomain_alias_name`, `alias_name` FROM `subdomain_alias` AS t1, `domain_aliasses` AS t2 WHERE t1.`alias_id` = t2.`alias_id` AND `subdomain_alias_id` = ?", $data['sub_id']);
$dat_tmp = $res_tmp->fetchRow();
$mail_name = $data['mail_acc'] . '@' . $dat_tmp['subdomain_alias_name'] . '.' . $dat_tmp['alias_name'];
}
}
}
}
$query = "SELECT `mail_id` FROM `mail_users` WHERE `mail_acc` = ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ?";
$res_tmp = exec_query($sql, $query, array($mail_name, "{$mail_name},%", "%,{$mail_name},%", "%,{$mail_name}"));
$num = $res_tmp->rowCount();
if ($num > 0) {
set_page_message(tr('First delete the CatchAll account for this email!'), 'warning');
$_SESSION['catchall_assigned'] = 1;
user_goto('mail_accounts.php');
}
$sql_param = array(':status' => $cfg->ITEM_DELETE_STATUS, ':mail_id' => $delete_id);
$sql_query = "\n\tUPDATE\n\t\t`mail_users`\n\tSET\n\t\t`status` = :status\n\tWHERE\n\t\t`mail_id` = :mail_id\n";
DB::prepare($sql_query);
DB::execute($sql_param);
update_reseller_c_props(get_reseller_id($data['domain_id']));
send_request('130 MAIL ' . $data['domain_id']);
$admin_login = decode_idna($_SESSION['user_logged']);
write_log("{$admin_login}: deletes mail account: " . $mail_name);
$_SESSION['maildel'] = 1;
user_goto('mail_accounts.php');
function add_sql_database($sql, $user_id)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
// let's generate database name.
if (empty($_POST['db_name'])) {
set_page_message(tr('Please specify a database name!'), 'warning');
return;
}
$dmn_id = get_user_domain_id($user_id);
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
// we'll use domain_id in the name of the database;
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_name = $dmn_id . "_" . clean_input($_POST['db_name']);
} else {
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_name = clean_input($_POST['db_name']) . "_" . $dmn_id;
}
}
} else {
$db_name = clean_input($_POST['db_name']);
}
if (strlen($db_name) > $cfg->MAX_SQL_DATABASE_LENGTH) {
set_page_message(tr('Database name is too long!'), 'warning');
return;
}
// have we such database in the system!?
if (check_db_name($sql, $db_name)) {
set_page_message(tr('Specified database name already exists!'), 'warning');
return;
}
// are wildcards used?
if (preg_match("/[%|\\?]+/", $db_name)) {
set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
return;
}
DB::query('CREATE DATABASE IF NOT EXISTS `' . $db_name . '` DEFAULT CHARACTER SET ' . EasyConfig::$cfg->DATABASE_DEFAULT_CHARACTER_SET . ' COLLATE ' . EasyConfig::$cfg->DATABASE_DEFAULT_COLLATE . ';')->closeCursor();
$sql_param = array(':domain_id' => $dmn_id, ':sqld_name' => $db_name);
$sql_query = "\n\t\tINSERT INTO\n\t\t\tsql_database (domain_id, sqld_name, status)\n\t\tVALUES\n\t\t\t(:domain_id, :sqld_name, 'ok');\n\t";
DB::prepare($sql_query);
DB::execute($sql_param)->closeCursor();
update_reseller_c_props(get_reseller_id($dmn_id));
write_log($_SESSION['user_logged'] . ": adds new SQL database: " . tohtml($db_name));
set_page_message(tr('SQL database created successfully!'), 'info');
user_goto('sql_manage.php');
}
/**
* Check and updates domain data
*
* @throws iMSCP_Exception_Database
* @param int $domainId Domain unique identifier
* @return bool TRUE on success, FALSE otherwise
*/
function reseller_checkAndUpdateData($domainId)
{
$db = iMSCP_Database::getInstance();
$errFieldsStack = array();
try {
// Getting domain data
$data =& reseller_getData($domainId, true);
// Check for expires date
if ($data['domain_never_expires'] == 'off') {
if (!preg_match('%^\\d{2}/\\d{2}/\\d{4}$%', $data['domain_expires']) || ($timestamp = strtotime($data['domain_expires'])) === false) {
$data['domain_expires_ok'] = false;
set_page_message(tr('Wrong syntax for new expire date.'), 'error');
$errFieldsStack[] = 'domain_expires';
} elseif ($timestamp != 0 && $timestamp <= time()) {
$data['domain_expires'] = $timestamp;
set_page_message(tr('You cannot set expire date in past.'), 'error');
$errFieldsStack[] = 'domain_expires';
} else {
$data['domain_expires'] = $timestamp;
}
} else {
$data['domain_expires'] = 0;
}
// Check for the subdomains limit
if ($data['fallback_domain_subd_limit'] != -1) {
if (!imscp_limit_check($data['domain_subd_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('subdomains')), 'error');
$errFieldsStack[] = 'domain_subd_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_subd_limit'], $data['nbSubdomains'], $data["fallback_domain_subd_limit"], $data['current_sub_cnt'], $data['max_sub_cnt'], $data['nbSubdomains'] > 1 ? tr('subdomains') : tr('subdomain'))) {
$errFieldsStack[] = 'domain_subd_limit';
}
}
// Check for the domain aliases limit
if ($data['fallback_domain_alias_limit'] != -1) {
if (!imscp_limit_check($data['domain_alias_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('domain aliases')), 'error');
$errFieldsStack[] = 'domain_alias_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_alias_limit'], $data['nbAliasses'], $data["fallback_domain_alias_limit"], $data['current_als_cnt'], $data['max_als_cnt'], $data['nbAliasses'] > 1 ? tr('domain aliases') : tr('domain alias'))) {
$errFieldsStack[] = 'domain_alias_limit';
}
}
// Check for the mail accounts limit
if ($data['fallback_domain_mailacc_limit'] != -1) {
if (!imscp_limit_check($data['domain_mailacc_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('email accounts')), 'error');
$errFieldsStack[] = 'domain_mailacc_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_mailacc_limit'], $data['nbMailAccounts'], $data["fallback_domain_mailacc_limit"], $data['current_mail_cnt'], $data['max_mail_cnt'], $data["nbMailAccounts"] > 1 ? tr('email accounts') : tr('email account'))) {
$errFieldsStack[] = 'domain_mailacc_limit';
}
}
// Check for the Ftp accounts limit
if ($data['fallback_domain_ftpacc_limit'] != -1) {
if (!imscp_limit_check($data['domain_ftpacc_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('Ftp accounts')), 'error');
$errFieldsStack[] = 'domain_ftpacc_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_ftpacc_limit'], $data['nbFtpAccounts'], $data["fallback_domain_ftpacc_limit"], $data['current_ftp_cnt'], $data['max_ftp_cnt'], $data['nbFtpAccounts'] > 1 ? tr('Ftp accounts') : tr('Ftp account'))) {
$errFieldsStack[] = 'domain_ftpacc_limit';
}
}
// Check for the Sql databases limit
if ($data['fallback_domain_sqld_limit'] != -1) {
if (!imscp_limit_check($data['domain_sqld_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('SQL databases')), 'error');
$errFieldsStack[] = 'domain_sqld_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_sqld_limit'], $data['nbSqlDatabases'], $data["fallback_domain_sqld_limit"], $data['current_sql_db_cnt'], $data['max_sql_db_cnt'], $data['nbSqlDatabases'] > 1 ? tr('SQL databases') : tr('SQL database'))) {
$errFieldsStack[] = 'domain_sqld_limit';
} elseif ($data['domain_sqld_limit'] != -1 && $data['domain_sqlu_limit'] == -1) {
set_page_message(tr('SQL user limit is disabled.'), 'error');
$errFieldsStack[] = 'domain_sqld_limit';
$errFieldsStack[] = 'domain_sqlu_limit';
}
}
// Check for the Sql users limit
if ($data['fallback_domain_sqlu_limit'] != -1) {
if (!imscp_limit_check($data['domain_sqlu_limit'])) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('SQL users')), 'error');
$errFieldsStack[] = 'domain_sqlu_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_sqlu_limit'], $data['nbSqlUsers'], $data["fallback_domain_sqlu_limit"], $data['current_sql_user_cnt'], $data['max_sql_user_cnt'], $data['nbSqlUsers'] > 1 ? tr('SQL users') : tr('SQL user'))) {
$errFieldsStack[] = 'domain_sqlu_limit';
} elseif ($data['domain_sqlu_limit'] != -1 && $data['domain_sqld_limit'] == -1) {
set_page_message(tr('SQL database limit is disabled.'), 'error');
$errFieldsStack[] = 'domain_sqlu_limit';
$errFieldsStack[] = 'domain_sqld_limit';
}
}
// Check for the monthly traffic limit
if (!imscp_limit_check($data['domain_traffic_limit'], null)) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('traffic')), 'error');
$errFieldsStack[] = 'domain_traffic_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_traffic_limit'], $data['domainTraffic'] / 1048576, $data["fallback_domain_traffic_limit"], $data['current_traff_amnt'], $data['max_traff_amnt'], tr('traffic'))) {
$errFieldsStack[] = 'domain_traffic_limit';
}
// Check for the disk space limit
if (!imscp_limit_check($data['domain_disk_limit'], null)) {
set_page_message(tr('Wrong syntax for the %s limit.', tr('disk space')), 'error');
$errFieldsStack[] = 'domain_disk_limit';
} elseif (!_reseller_isValidServiceLimit($data['domain_disk_limit'], $data['domain_disk_usage'] / 1048576, $data["fallback_domain_disk_limit"], $data['current_disk_amnt'], $data['max_disk_amnt'], tr('disk space'))) {
$errFieldsStack[] = 'domain_disk_limit';
}
// Check for mail quota
if ($data['fallback_domain_mailacc_limit'] != -1) {
if (!imscp_limit_check($data['mail_quota'], null)) {
set_page_message(tr('Wrong syntax for the mail quota value.'), 'error');
$errFieldsStack[] = 'mail_quota';
} elseif ($data['domain_disk_limit'] != 0 && $data['mail_quota'] > $data['domain_disk_limit']) {
set_page_message(tr('Email quota cannot be bigger than disk space limit.'), 'error');
$errFieldsStack[] = 'mail_quota';
} elseif ($data['domain_disk_limit'] != 0 && $data['mail_quota'] == 0) {
set_page_message(tr('Email quota cannot be unlimited. Max value is %d MiB.', $data['domain_disk_limit']), 'error');
$errFieldsStack[] = 'mail_quota';
} else {
$mailData = reseller_getMailData($data['domain_id'], $data['fallback_mail_quota']);
if ($data['mail_quota'] != 0 && $data['mail_quota'] < $mailData['nb_mailboxes']) {
set_page_message(tr('Email quota cannot be lower than %d. Each mailbox should have a least 1 MiB quota.', $mailData['nb_mailboxes']), 'error');
$errFieldsStack[] = 'mail_quota';
}
}
} else {
$data['mail_quota'] = 0;
}
// Check for PHP support
$data['domain_php'] = in_array($data['domain_php'], array('no', 'yes')) ? $data['domain_php'] : $data['fallback_domain_php'];
// PHP editor
$phpini = iMSCP_PHPini::getInstance();
// Needed to track changes
$phpiniClientPerms = $phpini->getClientPermission();
$phpiniDomainConf = $phpini->getDomainIni();
if (isset($_POST['php_ini_system']) && $data['domain_php'] == 'yes' && $phpini->resellerHasPermission('phpiniSystem')) {
$phpini->setClientPermission('phpiniSystem', clean_input($_POST['php_ini_system']));
if ($phpini->clientHasPermission('phpiniSystem')) {
if (isset($_POST['phpini_perm_allow_url_fopen'])) {
$phpini->setClientPermission('phpiniAllowUrlFopen', clean_input($_POST['phpini_perm_allow_url_fopen']));
}
if (isset($_POST['phpini_perm_display_errors'])) {
$phpini->setClientPermission('phpiniDisplayErrors', clean_input($_POST['phpini_perm_display_errors']));
}
if (isset($_POST['phpini_perm_disable_functions'])) {
$phpini->setClientPermission('phpiniDisableFunctions', clean_input($_POST['phpini_perm_disable_functions']));
}
if (isset($_POST['phpini_perm_mail_function'])) {
$phpini->setClientPermission('phpiniMailFunction', clean_input($_POST['phpini_perm_mail_function']));
}
if (isset($_POST['memory_limit'])) {
// Must be set before phpiniPostMaxSize
$phpini->setDomainIni('phpiniMemoryLimit', clean_input($_POST['memory_limit']));
}
if (isset($_POST['post_max_size'])) {
// Must be set before phpiniUploadMaxFileSize
$phpini->setDomainIni('phpiniPostMaxSize', clean_input($_POST['post_max_size']));
}
if (isset($_POST['upload_max_filezize'])) {
$phpini->setDomainIni('phpiniUploadMaxFileSize', clean_input($_POST['upload_max_filezize']));
}
if (isset($_POST['max_execution_time'])) {
$phpini->setDomainIni('phpiniMaxExecutionTime', clean_input($_POST['max_execution_time']));
}
if (isset($_POST['max_input_time'])) {
$phpini->setDomainIni('phpiniMaxInputTime', clean_input($_POST['max_input_time']));
}
} else {
$phpini->loadClientPermissions();
// Reset client PHP permissions
$phpini->loadDomainIni();
// Reset domain PHP configuration options
}
} else {
$phpini->loadClientPermissions();
// Reset client PHP permissions
$phpini->loadDomainIni();
// Reset domain PHP configuration options
}
// Check for CGI support
$data['domain_cgi'] = in_array($data['domain_cgi'], array('no', 'yes')) ? $data['domain_cgi'] : $data['fallback_domain_cgi'];
// Check for custom DNS records support
$data['domain_dns'] = in_array($data['domain_dns'], array('no', 'yes')) ? $data['domain_dns'] : $data['fallback_domain_dns'];
// Check for APS support
$data['domain_software_allowed'] = in_array($data['domain_software_allowed'], array('no', 'yes')) ? $data['domain_software_allowed'] : $data['fallback_domain_software_allowed'];
// Check for External mail server support
$data['domain_external_mail'] = in_array($data['domain_external_mail'], array('no', 'yes')) ? $data['domain_external_mail'] : $data['fallback_domain_external_mail'];
// Check for backup support
$data['allowbackup'] = is_array($data['allowbackup']) ? array_intersect($data['allowbackup'], array('dmn', 'sql', 'mail')) : $data['fallback_allowbackup'];
// Check for Web folder protection support
$data['web_folder_protection'] = in_array($data['web_folder_protection'], array('no', 'yes')) ? $data['web_folder_protection'] : $data['fallback_web_folder_protection'];
if (empty($errFieldsStack) && !Zend_Session::namespaceIsset('pageMessages')) {
// Update process begin here
$oldValues = array();
$newValues = array();
foreach ($data as $property => $value) {
if (strpos($property, 'fallback_') !== false) {
$property = substr($property, 9);
$oldValues[$property] = $value;
$newValues[$property] = $data[$property];
}
}
$needDaemonRequest = false;
if ($newValues == $oldValues && $phpiniClientPerms == $phpini->getClientPermission() && $phpiniDomainConf == $phpini->getDomainIni()) {
set_page_message(tr('Nothing has been changed.'), 'info');
return true;
}
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditDomain, array('domainId' => $domainId));
$db->beginTransaction();
if ($phpiniClientPerms != $phpini->getClientPermission() || $phpiniDomainConf != $phpini->getDomainIni()) {
$phpini->updateDomainConfigOptions($data['admin_id']);
$needDaemonRequest = true;
}
// PHP or CGI was either enabled or disabled or PHP Settings were changed, web folder protection
// properties have been updated, or domain IP was changed, so we must update the vhosts files
// of all domain entities (dmn, sub, als, alssub)
if ($needDaemonRequest || $data['domain_php'] != $data['fallback_domain_php'] || $data['domain_cgi'] != $data['fallback_domain_cgi'] || $data['web_folder_protection'] != $data['fallback_web_folder_protection'] || $data['domain_ip_id'] != $data['fallback_domain_ip_id']) {
if ($data['domain_alias_limit'] != '-1') {
exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE domain_id = ? AND alias_status <> ?', array('tochange', $domainId, 'ordered'));
}
$needDaemonRequest = true;
}
if ($data['domain_dns'] != $data['fallback_domain_dns'] && $data['domain_dns'] == 'no') {
// Support for custom DNS records is now disabled - We must delete all custom DNS entries
// (except those that are protected), and update the DNS zone file
exec_query('DELETE FROM domain_dns WHERE domain_id = ? AND owned_by = ?', array($domainId, 'custom_dns_feature'));
$needDaemonRequest = true;
}
// Update domain properties
exec_query('
UPDATE
domain
SET
domain_expires = ?, domain_last_modified = ?, domain_mailacc_limit = ?, domain_ftpacc_limit = ?,
domain_traffic_limit = ?, domain_sqld_limit = ?, domain_sqlu_limit = ?, domain_status = ?,
domain_alias_limit = ?, domain_subd_limit = ?, domain_ip_id = ?, domain_disk_limit = ?,
domain_php = ?, domain_cgi = ?, allowbackup = ?, domain_dns = ?, domain_software_allowed = ?,
phpini_perm_system = ?, phpini_perm_allow_url_fopen = ?, phpini_perm_display_errors = ?,
phpini_perm_disable_functions = ?, phpini_perm_mail_function = ?, domain_external_mail = ?,
web_folder_protection = ?,
mail_quota = ?
WHERE
domain_id = ?
', array($data['domain_expires'], time(), $data['domain_mailacc_limit'], $data['domain_ftpacc_limit'], $data['domain_traffic_limit'], $data['domain_sqld_limit'], $data['domain_sqlu_limit'], $needDaemonRequest ? 'tochange' : 'ok', $data['domain_alias_limit'], $data['domain_subd_limit'], $data['domain_ip_id'], $data['domain_disk_limit'], $data['domain_php'], $data['domain_cgi'], implode('|', $data['allowbackup']), $data['domain_dns'], $data['domain_software_allowed'], $phpini->getClientPermission('phpiniSystem'), $phpini->getClientPermission('phpiniAllowUrlFopen'), $phpini->getClientPermission('phpiniDisplayErrors'), $phpini->getClientPermission('phpiniDisableFunctions'), $phpini->getClientPermission('phpiniMailFunction'), $data['domain_external_mail'], $data['web_folder_protection'], $data['mail_quota'] * 1048576, $domainId));
//print 'ouch'; exit;
// Sync mailboxes quota if needed
if ($data['fallback_mail_quota'] != $data['mail_quota'] * 1048576) {
sync_mailboxes_quota($domainId, $data['mail_quota'] * 1048576);
}
// Update domain alias IP if needed
if ($data['domain_ip_id'] != $data['fallback_domain_ip_id']) {
if ($data['domain_alias_limit'] != '-1') {
exec_query('UPDATE domain_aliasses SET alias_ip_id = ? WHERE domain_id = ?', array($data['domain_ip_id'], $domainId));
}
}
// Update Ftp quota limit if needed
if ($data['domain_disk_limit'] != $data['fallback_domain_disk_limit']) {
exec_query('
REPLACE INTO quotalimits (
name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail,
bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail
) VALUES (
?, ?, ?, ?, ?, ?, ?, ?, ?, ?
)
', array($data['domain_name'], 'group', 'false', 'hard', $data['domain_disk_limit'] * 1048576, 0, 0, 0, 0, 0));
}
// Update reseller properties
update_reseller_c_props($data['reseller_id']);
$db->commit();
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditDomain, array('domainId' => $domainId));
if ($needDaemonRequest) {
send_request();
set_page_message(tr('Domain scheduled for update.'), 'success');
} else {
set_page_message(tr('Domain successfully updated.'), 'success');
}
$userLogged = isset($_SESSION['logged_from']) ? $_SESSION['logged_from'] : $_SESSION['user_logged'];
write_log("Domain " . decode_idna($data['domain_name']) . " has been updated by {$userLogged}", E_USER_NOTICE);
return true;
}
} catch (iMSCP_Exception_Database $e) {
$db->rollBack();
throw $e;
}
if (!empty($errFieldsStack)) {
iMSCP_Registry::set('errFieldsStack', $errFieldsStack);
}
return false;
}
/**
* Save data for new user in db
*/
function add_user_data($reseller_id)
{
global $hpid, $dmn_name, $dmn_expire, $dmn_user_name, $admin_login, $user_email, $customer_id, $first_name, $last_name, $gender, $firm, $zip, $city, $state, $country, $street_one, $street_two, $phone, $fax, $inpass, $domain_ip, $dns, $backup, $countbackup;
$sql = EasySCP_Registry::get('Db');
$cfg = EasySCP_Registry::get('Config');
// Let's get Desired Hosting Plan Data;
$err_msg = '';
if (!empty($err_msg)) {
set_page_message($err_msg, 'error');
return false;
}
if (isset($_SESSION["ch_hpprops"])) {
$props = $_SESSION["ch_hpprops"];
unset($_SESSION["ch_hpprops"]);
} else {
if (isset($cfg->HOSTING_PLANS_LEVEL) && $cfg->HOSTING_PLANS_LEVEL === 'admin') {
$query = 'SELECT `props` FROM `hosting_plans` WHERE `id` = ?';
$res = exec_query($sql, $query, $hpid);
} else {
$query = "SELECT `props` FROM `hosting_plans` WHERE `reseller_id` = ? AND `id` = ?";
$res = exec_query($sql, $query, array($reseller_id, $hpid));
}
$data = $res->fetchRow();
$props = unserialize($data['props']);
}
$php = $props['allow_php'];
$phpe = $props['allow_php_editor'];
$cgi = $props['allow_cgi'];
$sub = $props['subdomain_cnt'];
$als = $props['alias_cnt'];
$mail = $props['mail_cnt'];
$ftp = $props['ftp_cnt'];
$sql_db = $props['db_cnt'];
$sql_user = $props['sqluser_cnt'];
$traff = $props['traffic'];
$disk = $props['disk'];
$backup = $props['allow_backup'];
$countbackup = $props['disk_countbackup'];
$dns = $props['allow_dns'];
$ssl = $props['allow_ssl'];
$php = preg_replace("/\\_/", "", $php);
$phpe = preg_replace("/\\_/", "", $phpe);
$cgi = preg_replace("/\\_/", "", $cgi);
$ssl = preg_replace("/\\_/", "", $ssl);
$backup = preg_replace("/\\_/", "", $backup);
$countbackup = preg_replace("/\\_/", "", $countbackup);
$dns = preg_replace("/\\_/", "", $dns);
$pure_user_pass = $inpass;
$inpass = crypt_user_pass($inpass);
$first_name = clean_input($first_name);
$last_name = clean_input($last_name);
$firm = clean_input($firm);
$zip = clean_input($zip);
$city = clean_input($city);
$state = clean_input($state);
$country = clean_input($country);
$phone = clean_input($phone);
$fax = clean_input($fax);
$street_one = clean_input($street_one);
$street_two = clean_input($street_two);
$customer_id = clean_input($customer_id);
if (!validates_dname(decode_idna($dmn_user_name))) {
return;
}
$query = "\n\t\tINSERT INTO `admin` (\n\t\t\t`admin_name`, `admin_pass`, `admin_type`, `domain_created`,\n\t\t\t`created_by`, `fname`, `lname`,\n\t\t\t`firm`, `zip`, `city`, `state`,\n\t\t\t`country`, `email`, `phone`,\n\t\t\t`fax`, `street1`, `street2`,\n\t\t\t`customer_id`, `gender`\n\t\t)\n\t\tVALUES (\n\t\t\t?, ?, 'user', unix_timestamp(),\n\t\t\t?, ?, ?,\n\t\t\t?, ?, ?, ?,\n\t\t\t?, ?, ?,\n\t\t\t?, ?, ?,\n\t\t\t?, ?\n\t\t)\n\t";
exec_query($sql, $query, array($dmn_user_name, $inpass, $reseller_id, $first_name, $last_name, $firm, $zip, $city, $state, $country, $user_email, $phone, $fax, $street_one, $street_two, $customer_id, $gender));
print $sql->errorMsg();
$record_id = $sql->insertId();
$query = "\n\t\tINSERT INTO `domain` (\n\t\t\t`domain_name`, `domain_admin_id`,\n\t\t\t`domain_created_id`, `domain_created`, `domain_expires`,\n\t\t\t`domain_mailacc_limit`, `domain_ftpacc_limit`,\n\t\t\t`domain_traffic_limit`, `domain_sqld_limit`,\n\t\t\t`domain_sqlu_limit`, `status`,\n\t\t\t`domain_subd_limit`, `domain_alias_limit`,\n\t\t\t`domain_ip_id`, `domain_disk_limit`,\n\t\t\t`domain_disk_usage`, `domain_php`, `domain_php_edit`, `domain_cgi`,\n\t\t\t`allowbackup`, `domain_dns`, `domain_ssl`, `domain_disk_countbackup`\n\t\t)\n\t\tVALUES (\n\t\t\t:domain_name, :domain_admin_id,\n\t\t\t:domain_created_id, unix_timestamp(), :domain_expires,\n\t\t\t:domain_mailacc_limit, :domain_ftpacc_limit,\n\t\t\t:domain_traffic_limit, :domain_sqld_limit,\n\t\t\t:domain_sqlu_limit, :status,\n\t\t\t:domain_subd_limit, :domain_alias_limit,\n\t\t\t:domain_ip_id, :domain_disk_limit,\n\t\t\t'0', :domain_php, :domain_php_edit, :domain_cgi,\n\t\t\t:allowbackup, :domain_dns, :domain_ssl, :domain_disk_countbackup\n\t\t)\n\t";
$param = array(':domain_name' => $dmn_name, ':domain_admin_id' => $record_id, ':domain_created_id' => $reseller_id, ':domain_expires' => $dmn_expire, ':domain_mailacc_limit' => $mail, ':domain_ftpacc_limit' => $ftp, ':domain_traffic_limit' => $traff, ':domain_sqld_limit' => $sql_db, ':domain_sqlu_limit' => $sql_user, ':status' => $cfg->ITEM_ADD_STATUS, ':domain_subd_limit' => $sub, ':domain_alias_limit' => $als, ':domain_ip_id' => $domain_ip, ':domain_disk_limit' => $disk, ':domain_php' => $php, ':domain_php_edit' => $phpe, ':domain_cgi' => $cgi, ':allowbackup' => $backup, ':domain_dns' => $dns, ':domain_ssl' => $ssl, ':domain_disk_countbackup' => $countbackup);
DB::prepare($query);
DB::execute($param);
$dmn_id = DB::getInstance()->lastInsertId();
// AddDefaultDNSEntries($dmn_id, 0, $dmn_name, $domain_ip);
// TODO: Check if max user and group id is reached
// update domain and gid
$domain_gid = $cfg->APACHE_SUEXEC_MIN_GID + $dmn_id;
$domain_uid = $cfg->APACHE_SUEXEC_MIN_UID + $dmn_id;
$query = "\n\t\tUPDATE `domain`\n\t\tSET `domain_gid`=?,\n\t\t\t`domain_uid`=?\n\t\tWHERE `domain_id`=?\n\t";
exec_query($sql, $query, array($domain_gid, $domain_uid, $dmn_id));
// Add statistics group
$query = "\n\t\tINSERT INTO `htaccess_users`\n\t\t\t(`dmn_id`, `uname`, `upass`, `status`)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?)\n\t";
exec_query($sql, $query, array($dmn_id, $dmn_name, crypt_user_pass_with_salt($pure_user_pass), $cfg->ITEM_ADD_STATUS));
$user_id = $sql->insertId();
$query = "\n\t\tINSERT INTO `htaccess_groups`\n\t\t\t(`dmn_id`, `ugroup`, `members`, `status`)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?)\n\t";
exec_query($sql, $query, array($dmn_id, $cfg->AWSTATS_GROUP_AUTH, $user_id, $cfg->ITEM_ADD_STATUS));
// Create the 3 default addresses if wanted
if ($cfg->CREATE_DEFAULT_EMAIL_ADDRESSES) {
client_mail_add_default_accounts($dmn_id, $user_email, $dmn_name);
// 'domain', 0
}
// let's send mail to user
send_add_user_auto_msg($reseller_id, $dmn_user_name, $pure_user_pass, $user_email, $first_name, $last_name, tr('Domain account'));
// $user_def_lang = $cfg->USER_INITIAL_LANG;
$user_def_lang = '';
// $user_theme_color = $cfg->USER_INITIAL_THEME;
$user_theme_color = '';
$query = "\n\t\tINSERT INTO `user_gui_props`\n\t\t\t(`user_id`, `lang`, `layout`)\n\t\tVALUES\n\t\t\t(?, ?, ?)\n\t";
exec_query($sql, $query, array($record_id, $user_def_lang, $user_theme_color));
// send request to daemon
// TODO Prüfen, da es hier zu einem Fehler kommt ("Domain data has been altered. Please enter again.")
send_request('110 DOMAIN domain ' . $dmn_id);
send_request('130 MAIL ' . $dmn_id);
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add user: {$dmn_user_name} (for domain {$dmn_name})");
write_log("{$admin_login}: add domain: {$dmn_name}");
update_reseller_c_props($reseller_id);
if (isset($_POST['add_alias']) && $_POST['add_alias'] === 'on') {
// we have to add some aliases for this looser
$_SESSION['dmn_id'] = $dmn_id;
$_SESSION['dmn_ip'] = $domain_ip;
$_SESSION['user_add3_add_alias'] = "_yes_";
user_goto('user_add4.php?accout=' . $dmn_id);
} else {
// we have not to add alias
$_SESSION['user_add3_added'] = "_yes_";
user_goto('users.php?psi=last');
}
}
function add_ftp_user($sql, $dmn_name)
{
$cfg = EasySCP_Registry::get('Config');
$username = strtolower(clean_input($_POST['username']));
if (!validates_username($username)) {
set_page_message(tr("Incorrect username length or syntax!"), 'warning');
return;
}
// Set default values ($ftp_home may be overwritten if user
// has specified a mount point)
switch ($_POST['dmn_type']) {
// Default moint point for a domain
case 'dmn':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $dmn_name;
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}";
break;
// Default mount point for an alias domain
// Default mount point for an alias domain
case 'als':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $_POST['als_id'];
$alias_mount_point = get_alias_mount_point($sql, $_POST['als_id']);
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}" . $alias_mount_point;
break;
// Default mount point for a subdomain
// Default mount point for a subdomain
case 'sub':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $_POST['sub_id'] . '.' . $dmn_name;
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}/" . clean_input($_POST['sub_id']);
break;
// Unknown domain type (?)
// Unknown domain type (?)
default:
set_page_message(tr('Unknown domain type'), 'error');
return;
break;
}
// User-specified mount point
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_vhome = clean_input($_POST['other_dir'], false);
// Strip possible double-slashes
$ftp_vhome = str_replace('//', '/', $ftp_vhome);
// Check for updirs ".."
$res = preg_match("/\\.\\./", $ftp_vhome);
if ($res !== 0) {
set_page_message(tr('Incorrect mount point length or syntax'), 'error');
return;
}
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}/" . $ftp_vhome;
// Strip possible double-slashes
$ftp_home = str_replace('//', '/', $ftp_home);
// Check for $ftp_vhome existence
// Create a virtual filesystem (it's important to use =&!)
$vfs = new EasySCP_VirtualFileSystem($dmn_name, $sql);
// Check for directory existence
$res = $vfs->exists($ftp_vhome);
if (!$res) {
set_page_message(tr('%s does not exist', $ftp_vhome), 'error');
return;
}
}
// End of user-specified mount-point
$ftp_gid = get_ftp_user_gid($sql, $dmn_name, $ftp_user);
$ftp_uid = get_ftp_user_uid($sql, $dmn_name, $ftp_user, $ftp_gid);
if ($ftp_uid == -1) {
return;
}
$ftp_shell = $cfg->CMD_SHELL;
$ftp_passwd = crypt_user_pass_with_salt($_POST['pass']);
$ftp_loginpasswd = encrypt_db_password($_POST['pass']);
$query = "\n\t\tINSERT INTO ftp_users\n\t\t\t(`userid`, `passwd`, `net2ftppasswd`, `uid`, `gid`, `shell`, `homedir`)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?, ?)\n\t";
exec_query($sql, $query, array($ftp_user, $ftp_passwd, $ftp_loginpasswd, $ftp_uid, $ftp_gid, $ftp_shell, $ftp_home));
$domain_props = get_domain_default_props($_SESSION['user_id']);
update_reseller_c_props($domain_props['domain_created_id']);
write_log($_SESSION['user_logged'] . ": add new FTP account: {$ftp_user}");
set_page_message(tr('FTP account added!'), 'success');
user_goto('ftp_accounts.php');
}
/**
*
* @global <type> $cr_user_id
* @global <type> $alias_name
* @global <type> $domain_ip
* @global <type> $forward
* @global <type> $forward_prefix
* @global <type> $mount_point
* @global <type> $validation_err_msg
* @param <type> $err_al
* @return <type>
*/
function add_domain_alias(&$err_al)
{
global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$cr_user_id = $dmn_id = $_SESSION['dmn_id'];
$alias_name = strtolower(clean_input($_POST['ndomain_name']));
$domain_ip = $_SESSION['dmn_ip'];
$mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
if ($_POST['status'] == 1) {
$forward = encode_idna(strtolower(clean_input($_POST['forward'])));
$forward_prefix = clean_input($_POST['forward_prefix']);
} else {
$forward = 'no';
$forward_prefix = '';
}
// Check if input string is a valid domain names
if (!validates_dname($alias_name)) {
set_page_message($validation_err_msg, 'warning');
return;
}
// Should be perfomed after domain names syntax validation now
$alias_name = encode_idna($alias_name);
if (easyscp_domain_exists($alias_name, $_SESSION['user_id'])) {
$err_al = tr('Domain with that name already exists on the system!');
} else {
if (!validates_mpoint($mount_point) && $mount_point != '/') {
$err_al = tr("Incorrect mount point syntax");
} else {
if ($_POST['status'] == 1) {
$aurl = @parse_url($forward_prefix . decode_idna($forward));
if ($aurl === false) {
$err_al = tr("Wrong address in forward URL!");
} else {
$domain = $aurl['host'];
if (substr_count($domain, '.') <= 2) {
$ret = validates_dname($domain);
} else {
$ret = validates_dname($domain, true);
}
if (!$ret) {
$err_al = tr("Wrong domain part in forward URL!");
} else {
$domain = encode_idna($aurl['host']);
$forward = $aurl['scheme'] . '://';
if (isset($aurl['user'])) {
$forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
}
$forward .= $domain;
if (isset($aurl['port'])) {
$forward .= ':' . $aurl['port'];
}
if (isset($aurl['path'])) {
$forward .= $aurl['path'];
} else {
$forward .= '/';
}
if (isset($aurl['query'])) {
$forward .= '?' . $aurl['query'];
}
if (isset($aurl['fragment'])) {
$forward .= '#' . $aurl['fragment'];
}
}
}
} else {
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
$res = exec_query($sql, $query, $alias_name);
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
$res2 = exec_query($sql, $query, $alias_name);
if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
// we already have a domain with this name
$err_al = tr("Domain with this name already exist");
}
if (mount_point_exists($dmn_id, $mount_point)) {
$err_al = tr('Mount point already in use!');
}
}
}
}
if ('_off_' !== $err_al) {
set_page_message($err_al, 'error');
return;
}
// Begin add new alias domain
$query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $cfg->ITEM_ADD_STATUS, $domain_ip, $forward));
$alias_id = $sql->insertId();
update_reseller_c_props(get_reseller_id($cr_user_id));
send_request('110 DOMAIN alias ' . $alias_id);
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add domain alias: {$alias_name}");
$_SESSION['alias_added_succesfully'] = 1;
user_goto('user_add4.php?accout=' . $cr_user_id);
}
/**
* Add customer
*
* @throws iMSCP_Exception_Database
* @return void
*/
function addCustomer()
{
global $hpId, $dmnName, $dmnExpire, $domainIp, $adminName, $email, $password, $customerId, $firstName, $lastName, $gender, $firm, $zip, $city, $state, $country, $phone, $fax, $street1, $street2;
$cfg = iMSCP_Registry::get('config');
if (isset($_SESSION['ch_hpprops'])) {
$props = $_SESSION['ch_hpprops'];
unset($_SESSION['ch_hpprops']);
} else {
$stmt = exec_query('SELECT props FROM hosting_plans WHERE reseller_id = ? AND id = ?', array($_SESSION['user_id'], $hpId));
$data = $stmt->fetchRow();
$props = $data['props'];
}
list($php, $cgi, $sub, $als, $mail, $ftp, $sql_db, $sql_user, $traff, $disk, $backup, $dns, $aps, $phpEditor, $phpiniAllowUrlFopen, $phpiniDisplayErrors, $phpiniDisableFunctions, $phpMailFunction, $phpiniPostMaxSize, $phpiniUploadMaxFileSize, $phpiniMaxExecutionTime, $phpiniMaxInputTime, $phpiniMemoryLimit, $extMailServer, $webFolderProtection, $mailQuota) = explode(';', $props);
$php = str_replace('_', '', $php);
$cgi = str_replace('_', '', $cgi);
$backup = str_replace('_', '', $backup);
$dns = str_replace('_', '', $dns);
$aps = str_replace('_', '', $aps);
$extMailServer = str_replace('_', '', $extMailServer);
$webFolderProtection = str_replace('_', '', $webFolderProtection);
$encryptedPassword = cryptPasswordWithSalt($password);
$db = iMSCP_Database::getInstance();
try {
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddDomain, array('domainName' => $dmnName, 'createdBy' => $_SESSION['user_id'], 'customerId' => $customerId, 'customerEmail' => $email));
$db->beginTransaction();
exec_query('
INSERT INTO admin (
admin_name, admin_pass, admin_type, domain_created, created_by, fname, lname, firm, zip, city, state,
country, email, phone, fax, street1, street2, customer_id, gender, admin_status
) VALUES (
?, ?, ?, unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
)
', array($adminName, $encryptedPassword, 'user', $_SESSION['user_id'], $firstName, $lastName, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $customerId, $gender, 'toadd'));
$adminId = $db->insertId();
exec_query('
INSERT INTO domain (
domain_name, domain_admin_id, domain_created, domain_expires, domain_mailacc_limit,
domain_ftpacc_limit, domain_traffic_limit, domain_sqld_limit, domain_sqlu_limit, domain_status,
domain_alias_limit, domain_subd_limit, domain_ip_id, domain_disk_limit, domain_disk_usage,
domain_php, domain_cgi, allowbackup, domain_dns, domain_software_allowed, phpini_perm_system,
phpini_perm_allow_url_fopen, phpini_perm_display_errors, phpini_perm_disable_functions,
phpini_perm_mail_function, domain_external_mail, web_folder_protection, mail_quota
) VALUES (
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
)
', array($dmnName, $adminId, time(), $dmnExpire, $mail, $ftp, $traff, $sql_db, $sql_user, 'toadd', $als, $sub, $domainIp, $disk, 0, $php, $cgi, $backup, $dns, $aps, $phpEditor, $phpiniAllowUrlFopen, $phpiniDisplayErrors, $phpiniDisableFunctions, $phpMailFunction, $extMailServer, $webFolderProtection, $mailQuota));
$dmnId = $db->insertId();
if ($phpEditor == 'yes') {
$phpini = iMSCP_PHPini::getInstance();
$phpini->setDomainIni('phpiniMemoryLimit', $phpiniMemoryLimit);
// Must be set before phpiniPostMaxSize
$phpini->setDomainIni('phpiniPostMaxSize', $phpiniPostMaxSize);
// Must be set before phpiniUploadMaxFileSize
$phpini->setDomainIni('phpiniUploadMaxFileSize', $phpiniUploadMaxFileSize);
$phpini->setDomainIni('phpiniMaxExecutionTime', $phpiniMaxExecutionTime);
$phpini->setDomainIni('phpiniMaxInputTime', $phpiniMaxInputTime);
$phpini->saveDomainIni($adminId, $dmnId, 'dmn');
}
exec_query('INSERT INTO htaccess_users (dmn_id, uname, upass, status) VALUES (?, ?, ?, ?)', array($dmnId, $dmnName, $encryptedPassword, 'toadd'));
exec_query('INSERT INTO htaccess_groups (dmn_id, ugroup, members, status) VALUES (?, ?, ?, ?)', array($dmnId, 'statistics', $db->insertId(), 'toadd'));
if ($cfg['CREATE_DEFAULT_EMAIL_ADDRESSES']) {
client_mail_add_default_accounts($dmnId, $email, $dmnName);
}
send_add_user_auto_msg($_SESSION['user_id'], $adminName, $password, $email, $firstName, $lastName, tr('Customer'));
exec_query('INSERT INTO user_gui_props (user_id, lang, layout) VALUES (?, ?, ?)', array($adminId, $cfg['USER_INITIAL_LANG'], $cfg['USER_INITIAL_THEME']));
update_reseller_c_props($_SESSION['user_id']);
$db->commit();
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddDomain, array('domainName' => $dmnName, 'createdBy' => $_SESSION['user_id'], 'customerId' => $adminId, 'customerEmail' => $email, 'domainId' => $dmnId));
send_request();
write_log("{$_SESSION['user_logged']} added new customer: {$adminName}", E_USER_NOTICE);
set_page_message(tr('Customer account successfully scheduled for creation.'), 'success');
redirectTo('users.php');
} catch (iMSCP_Exception_Database $e) {
$db->rollBack();
throw $e;
}
}
/**
* @param int $user_id
* @param int $domain_id
* @param <type> $sub_name
* @param <type> $sub_mnt_pt
* @param <type> $forward
*/
function subdomain_schedule($user_id, $domain_id, $sub_name, $sub_mnt_pt, $forward, $sub_id = null)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$status_add = $cfg->ITEM_ADD_STATUS;
if ($_POST['dmn_type'] == 'als') {
$query = "\n\t\t\tINSERT INTO\n\t\t\t\tsubdomain_alias\n\t\t\t\t\t(alias_id,\n\t\t\t\t\tsubdomain_alias_name,\n\t\t\t\t\tsubdomain_alias_mount,\n\t\t\t\t\tsubdomain_alias_url_forward,\n\t\t\t\t\tstatus,subdomain_id)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?, ?)\n\t\t;";
exec_query($sql, $query, array($domain_id, $sub_name, $sub_mnt_pt, $forward, $status_add, $sub_id));
} else {
$query = "\n\t\t\tINSERT INTO\n\t\t\t\t`subdomain`\n\t\t\t\t\t(`domain_id`,\n\t\t\t\t\t`subdomain_name`,\n\t\t\t\t\t`subdomain_mount`,\n\t\t\t\t\t`subdomain_url_forward`,\n\t\t\t\t\t`status`)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?)\n\t\t;";
exec_query($sql, $query, array($domain_id, $sub_name, $sub_mnt_pt, $forward, $status_add));
}
update_reseller_c_props(get_reseller_id($domain_id));
// $subdomain_id = $sql->insertId();
// We do not need to create the default mail addresses, subdomains are
// related to their domains.
write_log($_SESSION['user_logged'] . ": adds new subdomain: " . $sub_name);
if ($_POST['dmn_type'] == 'als') {
send_request('110 DOMAIN alias ' . $domain_id);
} else {
send_request('110 DOMAIN domain ' . $domain_id);
}
}
/**
* Deletes the given customer
*
* @throws iMSCP_Exception
* @param integer $customerId Customer unique identifier
* @param boolean $checkCreatedBy Tell whether or not customer must have been created by logged-in user
* @return bool TRUE on success, FALSE otherwise
*/
function deleteCustomer($customerId, $checkCreatedBy = false)
{
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteCustomer, array('customerId' => $customerId));
// Get username, uid and gid of domain user
$query = '
SELECT
admin_name, created_by, domain_id
FROM
admin
INNER JOIN
domain ON(domain_admin_id = admin_id)
WHERE
admin_id = ?
';
if ($checkCreatedBy) {
$query .= 'AND created_by = ?';
$stmt = exec_query($query, array($customerId, $_SESSION['user_id']));
} else {
$stmt = exec_query($query, $customerId);
}
if (!$stmt->rowCount()) {
return false;
}
$customerName = $stmt->fields['admin_name'];
$mainDomainId = $stmt->fields['domain_id'];
$resellerId = $stmt->fields['created_by'];
$deleteStatus = 'todelete';
$db = iMSCP_Database::getInstance();
try {
// First, we remove customer sessions to prevent any problems
exec_query('DELETE FROM login WHERE user_name = ?', $customerName);
// Remove customer's databases and Sql users
$stmt = exec_query('SELECT sqld_id FROM sql_database WHERE domain_id = ?', $mainDomainId);
while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
delete_sql_database($mainDomainId, $row['sqld_id']);
}
$db->beginTransaction();
// Deletes all protected areas data (areas, groups and users)
exec_query('
DELETE
t2, t3, t4
FROM
domain AS t1
LEFT JOIN
htaccess AS t2 ON (t2.dmn_id = t1.domain_id)
LEFT JOIN
htaccess_users AS t3 ON (t3.dmn_id = t1.domain_id)
LEFT JOIN
htaccess_groups AS t4 ON (t4.dmn_id = t1.domain_id)
WHERE
t1.domain_id = ?
', $mainDomainId);
// Deletes domain traffic entries
exec_query('DELETE FROM domain_traffic WHERE domain_id = ?', $mainDomainId);
// Deletes custom DNS records
exec_query('DELETE FROM domain_dns WHERE domain_id = ?', $mainDomainId);
// Deletes FTP accounts (users and groups)
exec_query('DELETE FROM ftp_users WHERE admin_id = ?', $customerId);
exec_query('DELETE FROM ftp_group WHERE groupname = ?', $customerName);
// Deletes quota entries
exec_query('DELETE FROM quotalimits WHERE name = ?', $customerName);
exec_query('DELETE FROM quotatallies WHERE name = ?', $customerName);
// Deletes support tickets
exec_query('DELETE FROM tickets WHERE ticket_from = ? OR ticket_to = ?', array($customerId, $customerId));
// Deletes user gui properties
exec_query('DELETE FROM user_gui_props WHERE user_id = ?', $customerId);
// Deletes php.ini entries
exec_query('DELETE FROM php_ini WHERE admin_id = ?', $customerId);
//
// Delegated tasks - begin
//
// Schedule mail accounts deletion
exec_query('UPDATE mail_users SET status = ? WHERE domain_id = ?', array($deleteStatus, $mainDomainId));
// Schedule subdomain's aliasses deletion
exec_query('
UPDATE
subdomain_alias AS t1
JOIN
domain_aliasses AS t2 ON(t2.domain_id = ?)
SET
t1.subdomain_alias_status = ?
WHERE
t1.alias_id = t2.alias_id
', array($mainDomainId, $deleteStatus));
// Schedule domain aliases deletion
exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE domain_id = ?', array($deleteStatus, $mainDomainId));
// Schedule domain's subdomains deletion
exec_query('UPDATE subdomain SET subdomain_status = ? WHERE domain_id = ?', array($deleteStatus, $mainDomainId));
// Schedule domain deletion
exec_query('UPDATE domain SET domain_status = ? WHERE domain_id = ?', array($deleteStatus, $mainDomainId));
// Schedule user deletion
exec_query('UPDATE admin SET admin_status = ? WHERE admin_id = ?', array($deleteStatus, $customerId));
// Schedule SSL certificates deletion
exec_query("UPDATE ssl_certs SET status = ? WHERE domain_type = 'dmn' AND domain_id = ?", array($deleteStatus, $mainDomainId));
exec_query("\n\t\t\t\tUPDATE\n\t\t\t\t\tssl_certs\n\t\t\t\tSET\n\t\t\t\t\tstatus = ?\n\t\t\t\tWHERE\n\t\t\t\t\tdomain_id IN (SELECT alias_id FROM domain_aliasses WHERE domain_id = ?)\n\t\t\t\tAND\n\t\t\t\t\tdomain_type = ?\n\t\t\t", array($deleteStatus, $mainDomainId, 'als'));
exec_query("\n\t\t\t\tUPDATE\n\t\t\t\t\tssl_certs SET status = ?\n\t\t\t\tWHERE\n\t\t\t\t\tdomain_id IN (SELECT subdomain_id FROM subdomain WHERE domain_id = ?)\n\t\t\t\tAND\n\t\t\t\t\tdomain_type = ?\n\t\t\t", array($deleteStatus, $mainDomainId, 'sub'));
exec_query("\n\t\t\t\tUPDATE\n\t\t\t\t\tssl_certs SET status = ?\n\t\t\t\tWHERE\n\t\t\t\t\tdomain_id IN (\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tsubdomain_alias_id\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tsubdomain_alias\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\talias_id IN (SELECT alias_id FROM domain_aliasses WHERE domain_id = ?)\n\t\t\t\t\t)\n\t\t\t\tAND\n\t\t\t\t\tdomain_type = ?\n\t\t\t", array($deleteStatus, $mainDomainId, 'alssub'));
//
// Delegated tasks - end
//
// Updates resellers properties
update_reseller_c_props($resellerId);
// Commit all changes to database server
$db->commit();
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterDeleteCustomer, array('customerId' => $customerId));
} catch (iMSCP_Exception $e) {
$db->rollBack();
throw new iMSCP_Exception($e->getMessage(), $e->getCode(), $e);
}
// We are now ready to send a request to the daemon for delegated tasks.
// Note: We are safe here. If the daemon doesn't answer, some entities will not be removed. In such case the
// sysadmin will have to fix the problem causing deletion break and send a request to the daemon manually via the
// panel, or run the imscp-rqst-mngr script manually.
send_request();
return true;
}
/**
*
* @global <type> $cr_user_id
* @global <type> $alias_name
* @global <type> $domain_ip
* @global <type> $forward
* @global <type> $forward_prefix
* @global <type> $mount_point
* @global <type> $validation_err_msg
* @param <type> $err_al
* @return <type>
*/
function add_domain_alias(&$err_al)
{
global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$cr_user_id = $_POST['usraccounts'];
$alias_name = strtolower($_POST['ndomain_name']);
$mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
if ($_POST['status'] == 1) {
$forward = encode_idna(strtolower(clean_input($_POST['forward'])));
$forward_prefix = clean_input($_POST['forward_prefix']);
} else {
$forward = 'no';
$forward_prefix = '';
}
$query = "\n\t\tSELECT\n\t\t\t`domain_ip_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t;";
$rs = exec_query($sql, $query, $cr_user_id);
$domain_ip = $rs->fields['domain_ip_id'];
// First check if input string is a valid domain names
if (!validates_dname($alias_name)) {
$err_al = $validation_err_msg;
return;
}
// Should be perfomed after domain names syntax validation now
$alias_name = encode_idna($alias_name);
if (easyscp_domain_exists($alias_name, $_SESSION['user_id'])) {
$err_al = tr('Domain with that name already exists on the system!');
// } else if (!validates_mpoint($mount_point) && $mount_point != '/') {
// $err_al = tr("Incorrect mount point syntax");
} else {
if ($alias_name == $cfg->BASE_SERVER_VHOST) {
$err_al = tr('Master domain cannot be used!');
} else {
if ($_POST['status'] == 1) {
$aurl = @parse_url($forward_prefix . decode_idna($forward));
if ($aurl === false) {
$err_al = tr("Wrong address in forward URL!");
} else {
$domain = $aurl['host'];
if (substr_count($domain, '.') <= 2) {
$ret = validates_dname($domain);
} else {
$ret = validates_dname($domain, true);
}
if (!$ret) {
$err_al = tr("Wrong domain part in forward URL!");
} else {
$domain = encode_idna($aurl['host']);
$forward = $aurl['scheme'] . '://';
if (isset($aurl['user'])) {
$forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
}
$forward .= $domain;
if (isset($aurl['port'])) {
$forward .= ':' . $aurl['port'];
}
if (isset($aurl['path'])) {
$forward .= $aurl['path'];
} else {
$forward .= '/';
}
if (isset($aurl['query'])) {
$forward .= '?' . $aurl['query'];
}
if (isset($aurl['fragment'])) {
$forward .= '#' . $aurl['fragment'];
}
}
}
} else {
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
$res = exec_query($sql, $query, $alias_name);
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
$res2 = exec_query($sql, $query, $alias_name);
if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
// we already have domain with this name
$err_al = tr("Domain with this name already exist");
}
$query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`subdomain_id`) AS cnt\n\t\t\tFROM\n\t\t\t\t`subdomain`\n\t\t\tWHERE\n\t\t\t\t\t`domain_id` = ?\n\t\t\t\tAND `subdomain_mount` = ?\n\t\t\t;";
$subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
$subdomdata = $subdomres->fetchRow();
$query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`subdomain_alias_id`) AS alscnt\n\t\t\tFROM\n\t\t\t\t`subdomain_alias`\n\t\t\tWHERE\n\t\t\t\t\t`alias_id`\n\t\t\t\tIN (\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t`alias_id`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t`domain_aliasses`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`domain_id` = ?\n\t\t\t\t\t)\n\t\t\t\tAND\n\t\t\t\t\t`subdomain_alias_mount` = ?\n\t\t;";
$alssubdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
$alssubdomdata = $alssubdomres->fetchRow();
if ($subdomdata['cnt'] > 0 || $alssubdomdata['alscnt'] > 0) {
$err_al = tr("There is a subdomain with the same mount point!");
}
}
}
}
if ('_off_' !== $err_al) {
return;
}
// Begin add new alias domain
$alias_name = htmlspecialchars($alias_name, ENT_QUOTES, "UTF-8");
$query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $cfg->ITEM_ADD_STATUS, $domain_ip, $forward));
$als_id = $sql->insertId();
update_reseller_c_props(get_reseller_id($cr_user_id));
$query = "\n\t\tSELECT\n\t\t\t`email`\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t\tLIMIT 1\n\t;";
$rs = exec_query($sql, $query, who_owns_this($cr_user_id, 'dmn_id'));
$user_email = $rs->fields['email'];
// Create the three default addresses if required
if ($cfg->CREATE_DEFAULT_EMAIL_ADDRESSES) {
client_mail_add_default_accounts($cr_user_id, $user_email, $alias_name, 'alias', $als_id);
}
send_request('110 DOMAIN alias ' . $als_id);
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add domain alias: {$alias_name}");
$_SESSION["aladd"] = '_yes_';
user_goto('alias.php');
}
/**
*
* @global <type> $cr_user_id
* @global <type> $alias_name
* @global <type> $domain_ip
* @global <type> $forward
* @global <type> $forward_prefix
* @global <type> $mount_point
* @global <type> $validation_err_msg
* @param <type> $err_al
* @return <type>
*/
function add_domain_alias(&$err_al)
{
global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$cr_user_id = get_user_domain_id($_SESSION['user_id']);
$alias_name = strtolower($_POST['ndomain_name']);
// $mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
if ($_POST['status'] == 1) {
$forward = encode_idna(strtolower(clean_input($_POST['forward'])));
$forward_prefix = clean_input($_POST['forward_prefix']);
} else {
$forward = 'no';
$forward_prefix = '';
}
$query = "\n\t\tSELECT\n\t\t\t`domain_ip_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
$rs = exec_query($sql, $query, $cr_user_id);
$domain_ip = $rs->fields['domain_ip_id'];
// First check if input string is a valid domain names
if (!validates_dname($alias_name)) {
$err_al = $validation_err_msg;
return;
}
// Should be perfomed after domain names syntax validation now
$alias_name = encode_idna($alias_name);
if (easyscp_domain_exists($alias_name, 0)) {
$err_al = tr('Domain with that name already exists on the system!');
// } else if (!validates_mpoint($mount_point) && $mount_point != '/') {
// $err_al = tr("Incorrect mount point syntax");
} else {
if ($alias_name == $cfg->BASE_SERVER_VHOST) {
$err_al = tr('Master domain cannot be used!');
} else {
if ($_POST['status'] == 1) {
$aurl = @parse_url($forward_prefix . decode_idna($forward));
if ($aurl === false) {
$err_al = tr("Wrong address in forward URL!");
} else {
$domain = $aurl['host'];
if (substr_count($domain, '.') <= 2) {
$ret = validates_dname($domain);
} else {
$ret = validates_dname($domain, true);
}
if (!$ret) {
$err_al = tr("Wrong domain part in forward URL!");
} else {
$domain = encode_idna($aurl['host']);
$forward = $aurl['scheme'] . '://';
if (isset($aurl['user'])) {
$forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
}
$forward .= $domain;
if (isset($aurl['port'])) {
$forward .= ':' . $aurl['port'];
}
if (isset($aurl['path'])) {
$forward .= $aurl['path'];
} else {
$forward .= '/';
}
if (isset($aurl['query'])) {
$forward .= '?' . $aurl['query'];
}
if (isset($aurl['fragment'])) {
$forward .= '#' . $aurl['fragment'];
}
}
}
} else {
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
$res = exec_query($sql, $query, $alias_name);
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
$res2 = exec_query($sql, $query, $alias_name);
if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
// we already have domain with this name
$err_al = tr("Domain with this name already exist");
}
// $query = "
// SELECT
// COUNT(`subdomain_id`) AS cnt
// FROM
// `subdomain`
// WHERE
// `domain_id` = ?
// AND
// `subdomain_mount` = ?
// ;";
// $subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
// $subdomdata = $subdomres->fetchRow();
//
// $query = "
// SELECT
// COUNT(`subdomain_alias_id`) AS alscnt
// FROM
// `subdomain_alias`
// WHERE
// `alias_id`
// IN (
// SELECT
// `alias_id`
// FROM
// `domain_aliasses`
// WHERE
// `domain_id` = ?
// )
// AND
// `subdomain_alias_mount` = ?
// ;";
// $alssubdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
// $alssubdomdata = $alssubdomres->fetchRow();
//
// if ($subdomdata['cnt'] > 0 || $alssubdomdata['alscnt'] > 0) {
// $err_al = tr("There is a subdomain with the same mount point!");
// }
}
}
}
if ('_off_' !== $err_al) {
return;
}
// Begin add new alias domain
$status = $cfg->ITEM_ORDERED_STATUS;
$query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $status, $domain_ip, $forward));
$dmn_id = $sql->insertId();
AddDefaultDNSEntries(0, $dmn_id, $alias_name, $domain_ip);
update_reseller_c_props(get_reseller_id($cr_user_id));
$admin_login = $_SESSION['user_logged'];
if ($status == $cfg->ITEM_ORDERED_STATUS) {
// notify the reseller:
send_alias_order_email($alias_name);
write_log("{$admin_login}: add domain alias for activation: {$alias_name}.");
set_page_message(tr('Alias scheduled for activation!'), 'success');
} else {
// TODO: Check
// send_request('110 DOMAIN alias '.$dmn_id);
write_log("{$admin_login}: domain alias scheduled for addition: {$alias_name}.");
set_page_message(tr('Alias scheduled for addition!'), 'success');
}
user_goto('domains_manage.php');
}
$query = "\n\t\tSELECT\n\t\t\t`t1`.`userid`, `t1`.`uid`, `t2`.`domain_uid`\n\t\tFROM\n\t\t\t`ftp_users` AS `t1`, `domain` AS `t2`\n\t\tWHERE\n\t\t\t`t1`.`userid` = ?\n\t\tAND\n\t\t\t`t1`.`uid` = t2.`domain_uid`\n\t\tAND\n\t\t\t`t2`.`domain_name` = ?\n\t\t;\n\t";
$rs = exec_query($sql, $query, array($ftp_id, $dmn_name));
$ftp_name = $rs->fields['userid'];
if ($rs->recordCount() == 0) {
user_goto('ftp_accounts.php');
}
$query = "\n\t\tSELECT\n\t\t\t`t1`.`gid`, t2.`members`\n\t\tFROM\n\t\t\t`ftp_users` AS `t1`, `ftp_group` AS `t2`\n\t\tWHERE\n\t\t\t`t1`.`gid` = `t2`.`gid`\n\t\tAND\n\t\t\t`t1`.`userid` = ?\n\t\t;\n\t";
$rs = exec_query($sql, $query, $ftp_id);
$ftp_gid = $rs->fields['gid'];
$ftp_members = $rs->fields['members'];
$members = preg_replace("/{$ftp_id}/", "", "{$ftp_members}");
$members = preg_replace("/,,/", ",", "{$members}");
$members = preg_replace("/^,/", "", "{$members}");
$members = preg_replace("/,\$/", "", "{$members}");
if (strlen($members) == 0) {
$query = "\n\t\t\tDELETE FROM\n\t\t\t\t`ftp_group`\n\t\t\tWHERE\n\t\t\t\t`gid` = ?\n\t\t\t;\n\t\t";
$rs = exec_query($sql, $query, $ftp_gid);
} else {
$query = "\n\t\t\tUPDATE\n\t\t\t\t`ftp_group`\n\t\t\tSET\n\t\t\t\t`members` = ?\n\t\t\tWHERE\n\t\t\t\t`gid` = ?\n\t\t\t;\n\t\t";
$rs = exec_query($sql, $query, array($members, $ftp_gid));
}
$query = "\n\t\tDELETE FROM\n\t\t\t`ftp_users`\n\t\tWHERE\n\t\t\t`userid` = ?\n\t\t;\n\t";
$rs = exec_query($sql, $query, $ftp_id);
$domain_props = get_domain_default_props($_SESSION['user_id']);
update_reseller_c_props($domain_props['domain_created_id']);
write_log($_SESSION['user_logged'] . ": deletes FTP account: " . $ftp_name);
set_page_message(tr('FTP account deleted successfully!'), 'success');
user_goto('ftp_accounts.php');
} else {
user_goto('ftp_accounts.php');
}
/**
* @todo
* * Database user with same name can be added several times
* * If creation of database user fails in MySQL-Table, database user is already
* in loclal EasySCP table -> Error handling
*/
function add_sql_user($sql, $user_id, $db_id)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
// let's check user input
if (empty($_POST['user_name']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Please type user name!'), 'warning');
return;
}
if (empty($_POST['pass']) && empty($_POST['pass_rep']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Please type user password!'), 'warning');
return;
}
if (isset($_POST['pass']) && isset($_POST['pass_rep']) && $_POST['pass'] !== $_POST['pass_rep'] && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Entered passwords do not match!'), 'warning');
return;
}
if (isset($_POST['pass']) && strlen($_POST['pass']) > $cfg->MAX_SQL_PASS_LENGTH && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Too long user password!'), 'warning');
return;
}
if (isset($_POST['pass']) && !preg_match('/^[[:alnum:]:!*+#_.-]+$/', $_POST['pass']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Don\'t use special chars like "@, $, %..." in the password!'), 'warning');
return;
}
if (isset($_POST['pass']) && !chk_password($_POST['pass']) && !isset($_POST['Add_Exist'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
return;
}
if (isset($_POST['Add_Exist'])) {
$query = "SELECT `sqlu_pass` FROM `sql_user` WHERE `sqlu_id` = ?";
$rs = exec_query($sql, $query, $_POST['sqluser_id']);
if ($rs->recordCount() == 0) {
set_page_message(tr('SQL-user not found! It might has been deleted by another user.'), 'warning');
return;
}
$user_pass = decrypt_db_password($rs->fields['sqlu_pass']);
} else {
$user_pass = $_POST['pass'];
}
$dmn_id = get_user_domain_id($user_id);
if (!isset($_POST['Add_Exist'])) {
// we'll use domain_id in the name of the database;
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_user = $dmn_id . "_" . clean_input($_POST['user_name']);
} else {
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_user = clean_input($_POST['user_name']) . "_" . $dmn_id;
} else {
$db_user = clean_input($_POST['user_name']);
}
}
} else {
$query = "SELECT `sqlu_name` FROM `sql_user` WHERE `sqlu_id` = ?";
$rs = exec_query($sql, $query, $_POST['sqluser_id']);
$db_user = $rs->fields['sqlu_name'];
}
if (strlen($db_user) > $cfg->MAX_SQL_USER_LENGTH) {
set_page_message(tr('User name too long!'), 'warning');
return;
}
// are wildcards used?
if (preg_match("/[%|\\?]+/", $db_user)) {
set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
return;
}
// have we such sql user in the system?!
if (check_db_user($sql, $db_user) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Specified SQL username name already exists!'), 'warning');
return;
}
// add user in the EasySCP table;
$query = "\n\t\tINSERT INTO `sql_user`\n\t\t\t(`sqld_id`, `sqlu_name`, `sqlu_pass`)\n\t\tVALUES\n\t\t\t(?, ?, ?)\n\t";
exec_query($sql, $query, array($db_id, $db_user, encrypt_db_password($user_pass)));
update_reseller_c_props(get_reseller_id($dmn_id));
$query = "\n\t\tSELECT\n\t\t\t`sqld_name` AS `db_name`\n\t\tFROM\n\t\t\t`sql_database`\n\t\tWHERE\n\t\t\t`sqld_id` = ?\n\t\tAND\n\t\t\t`domain_id` = ?\n\t";
$rs = exec_query($sql, $query, array($db_id, $dmn_id));
$db_name = $rs->fields['db_name'];
$db_name = preg_replace("/([_%\\?\\*])/", '\\\\$1', $db_name);
// add user in the mysql system tables
$query = "GRANT ALL PRIVILEGES ON " . quoteIdentifier($db_name) . ".* TO ?@? IDENTIFIED BY ?";
exec_query($sql, $query, array($db_user, "localhost", $user_pass));
exec_query($sql, $query, array($db_user, "%", $user_pass));
write_log($_SESSION['user_logged'] . ": add SQL user: " . tohtml($db_user));
set_page_message(tr('SQL user successfully added!'), 'info');
user_goto('sql_manage.php');
}
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
if (isset($_GET['del_id'])) {
$del_id = $_GET['del_id'];
} else {
$_SESSION['aldel'] = '_no_';
user_goto('alias.php');
}
$reseller_id = $_SESSION['user_id'];
$query = "\n\tSELECT\n\t\tt1.`domain_id`, t1.`alias_id`, t1.`alias_name`,\n\t\tt2.`domain_id`, t2.`domain_created_id`\n\tFROM\n\t\t`domain_aliasses` AS t1,\n\t\t`domain` AS t2\n\tWHERE\n\t\tt1.`alias_id` = ?\n\tAND\n\t\tt1.`domain_id` = t2.`domain_id`\n\tAND\n\t\tt2.`domain_created_id` = ?\n";
$rs = exec_query($sql, $query, array($del_id, $reseller_id));
if ($rs->recordCount() == 0) {
user_goto('alias.php');
}
$alias_name = $rs->fields['alias_name'];
// check for mail acc in ALIAS domain (ALIAS MAIL) and delete them
$query = "\n\tUPDATE\n\t\t`mail_users`\n\tSET\n\t\t`status` = ?\n\tWHERE\n\t\t(`sub_id` = ?\n\t\tAND\n\t\t`mail_type` LIKE '%alias_%')\n\tOR\n\t\t(`sub_id` IN (SELECT `subdomain_alias_id` FROM `subdomain_alias` WHERE `alias_id` = ?)\n\t\tAND\n\t\t`mail_type` LIKE '%alssub_%')\n";
exec_query($sql, $query, array($cfg->ITEM_DELETE_STATUS, $del_id, $del_id));
$res = exec_query($sql, "SELECT `alias_name` FROM `domain_aliasses` WHERE `alias_id` = ?", $del_id);
$dat = $res->fetchRow();
// TODO Use prepared statements
exec_query($sql, "UPDATE `subdomain_alias` SET `status` = '" . $cfg->ITEM_DELETE_STATUS . "' WHERE `alias_id` = ?", $del_id);
// TODO Use prepared statements
exec_query($sql, "UPDATE `domain_aliasses` SET `status` = '" . $cfg->ITEM_DELETE_STATUS . "' WHERE `alias_id` = ?", $del_id);
update_reseller_c_props($reseller_id);
send_request('110 DOMAIN alias ' . $del_id);
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: deletes domain alias: " . $dat['alias_name']);
$_SESSION['aldel'] = '_yes_';
user_goto('alias.php');
