/** * Load a template file. * * @throws iMSCP_Exception If template file is not found * @param string|array $fname Template file path or an array where the second item contain the template file path * @return mixed|string */ public function get_file($fname) { static $parentTplDir = null; if (!is_array($fname)) { $this->eventManager->dispatch(iMSCP_Events::onBeforeAssembleTemplateFiles, array('context' => $this, 'templatePath' => $this->root_dir . '/' . $fname)); } else { // INCLUDED file $fname = $parentTplDir !== null ? $parentTplDir . '/' . $fname[1] : $fname[1]; } if ($this->is_safe($fname)) { $prevParentTplDir = $parentTplDir; $parentTplDir = dirname($fname); $this->eventManager->dispatch(iMSCP_Events::onBeforeLoadTemplateFile, array('context' => $this, 'templatePath' => $this->root_dir . '/' . $fname)); ob_start(); include $this->root_dir . '/' . $fname; $fileContent = ob_get_clean(); $this->eventManager->dispatch(iMSCP_Events::onAfterLoadTemplateFile, array('context' => $this, 'templateContent' => $fileContent)); $fileContent = preg_replace_callback($this->tpl_include, array($this, 'get_file'), $fileContent); $parentTplDir = $prevParentTplDir; } else { throw new iMSCP_Exception(sprintf('Unable to find the %s template file', $this->root_dir . '/' . $fname)); } $this->eventManager->dispatch(iMSCP_Events::onAfterAssembleTemplateFiles, array('context' => $this, 'templateContent' => $fileContent)); return $fileContent; }
/** * Return an iMSCP_Events_Manager instance * * @param iMSCP_Events_Manager_Interface $events * @return iMSCP_Events_Manager_Interface */ public function getEventManager(iMSCP_Events_Manager_Interface $events = null) { if (null !== $events) { $this->eventManager = $events; } elseif (null === $this->eventManager) { $this->eventManager = iMSCP_Events_Aggregator::getInstance(); } return $this->eventManager; }
/** * Generates view * * @param iMSCP_ptemplate $tpl * @return void */ function client_generateView($tpl) { iMSCP_Events_Aggregator::getInstance()->registerListener(iMSCP_Events::onGetJsTranslations, function ($e) { /** @var iMSCP_Events_Description $e */ $translations = $e->getParam('translations'); $translations['core']['datatable'] = getDataTablesPluginTranslations(false); $translations['core']['deactivate_message'] = tr("Are you sure you want to deactivate the external mail server(s) for the '%s' domain?", true, '%s'); }); $tpl->assign(array('TR_PAGE_TITLE' => tr('Client / Email / External Mail Server'), 'TR_DOMAIN' => tr('Domain'), 'TR_STATUS' => tr('Status'), 'TR_ACTION' => tr('Action'), 'TR_DEACTIVATE_SELECTED_ITEMS' => tr('Deactivate selected items'), 'TR_CANCEL' => tr('Cancel'))); $domainProps = get_domain_default_props($_SESSION['user_id']); $domainId = $domainProps['domain_id']; $domainName = $domainProps['domain_name']; _client_generateItemList($tpl, $domainId, $domainName); }
/** * @param $tpl iMSCP_pTemplate * @return void */ function add_user($tpl) { /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddUser); if (check_user_data()) { $upass = cryptPasswordWithSalt(clean_input($_POST['password'])); $user_id = $_SESSION['user_id']; $username = clean_input($_POST['username']); $fname = clean_input($_POST['fname']); $lname = clean_input($_POST['lname']); $gender = clean_input($_POST['gender']); $firm = clean_input($_POST['firm']); $zip = clean_input($_POST['zip']); $city = clean_input($_POST['city']); $state = clean_input($_POST['state']); $country = clean_input($_POST['country']); $email = clean_input($_POST['email']); $phone = clean_input($_POST['phone']); $fax = clean_input($_POST['fax']); $street1 = clean_input($_POST['street1']); $street2 = clean_input($_POST['street2']); if (get_gender_by_code($gender, true) === null) { $gender = ''; } $query = "\n\t\t\t\tINSERT INTO `admin` (\n\t\t\t\t\t`admin_name`, `admin_pass`, `admin_type`, `domain_created`, `created_by`, `fname`, `lname`, `firm`,\n\t\t\t\t\t`zip`, `city`, `state`, `country`, `email`, `phone`, `fax`, `street1`, `street2`, `gender`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?, 'admin', unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?\n\t\t\t\t)\n\t\t\t"; exec_query($query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender)); /** @var $db iMSCP_Database */ $db = iMSCP_Registry::get('db'); $new_admin_id = $db->insertId(); $user_logged = $_SESSION['user_logged']; write_log("{$user_logged}: add admin: {$username}", E_USER_WARNING); $user_def_lang = $cfg->USER_INITIAL_LANG; $user_theme_color = $cfg->USER_INITIAL_THEME; $query = "\n\t\t\t\tREPLACE INTO `user_gui_props` (\n\t\t\t\t\t`user_id`, `lang`, `layout`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?, ?\n\t\t\t\t)\n\t\t\t"; exec_query($query, array($new_admin_id, $user_def_lang, $user_theme_color)); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddUser); send_add_user_auto_msg($user_id, clean_input($_POST['username']), clean_input($_POST['password']), clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr('Administrator')); //$_SESSION['user_added'] = 1; set_page_message(tr('Admin account successfully created.'), 'success'); redirectTo('manage_users.php'); } else { // check user data $tpl->assign(array('EMAIL' => clean_input($_POST['email'], true), 'USERNAME' => clean_input($_POST['username'], true), 'FIRST_NAME' => clean_input($_POST['fname'], true), 'LAST_NAME' => clean_input($_POST['lname'], true), 'FIRM' => clean_input($_POST['firm'], true), 'ZIP' => clean_input($_POST['zip'], true), 'CITY' => clean_input($_POST['city'], true), 'STATE' => clean_input($_POST['state'], true), 'COUNTRY' => clean_input($_POST['country'], true), 'STREET_1' => clean_input($_POST['street1'], true), 'STREET_2' => clean_input($_POST['street2'], true), 'PHONE' => clean_input($_POST['phone'], true), 'FAX' => clean_input($_POST['fax'], true), 'VL_MALE' => $_POST['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $_POST['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $_POST['gender'] == 'U' || empty($_POST['gender']) ? $cfg->HTML_SELECTED : '')); } } else { $tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'STATE' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'VL_MALE' => '', 'VL_FEMALE' => '', 'VL_UNKNOWN' => $cfg->HTML_SELECTED)); } }
/** * Protect the given plugin * * @param string $name Name of the plugin to protect * @return bool self::ACTION_SUCCESS|self::ACTION_FAILURE */ public function pluginProtect($name) { if ($this->pluginIsEnabled($name) && !$this->pluginIsProtected($name)) { $responses = $this->eventsManager->dispatch(iMSCP_Events::onBeforeProtectPlugin, array('pluginManager' => $this, 'pluginName' => $name)); if (!$responses->isStopped()) { $protectedPlugins = $this->protectedPlugins; $this->protectedPlugins[] = $name; if ($this->pluginUpdateProtectedFile()) { $this->eventsManager->dispatch(iMSCP_Events::onAfterProtectPlugin, array('pluginManager' => $this, 'pluginName' => $name)); return self::ACTION_SUCCESS; } $this->protectedPlugins = $protectedPlugins; } else { return self::ACTION_STOPPED; } } return self::ACTION_FAILURE; }
/** * Update user data * * @param int $userId Customer unique identifier * @return void */ function admin_updateUserData($userId) { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $userId)); $fname = isset($_POST['fname']) ? clean_input($_POST['fname']) : ''; $lname = isset($_POST['lname']) ? clean_input($_POST['lname']) : ''; $firm = isset($_POST['firm']) ? clean_input($_POST['firm']) : ''; $gender = isset($_POST['gender']) ? clean_input($_POST['gender']) : ''; $zip = isset($_POST['zip']) ? clean_input($_POST['zip']) : ''; $city = isset($_POST['city']) ? clean_input($_POST['city']) : ''; $state = isset($_POST['state']) ? clean_input($_POST['state']) : ''; $country = isset($_POST['country']) ? clean_input($_POST['country']) : ''; $email = isset($_POST['email']) ? clean_input($_POST['email']) : ''; $phone = isset($_POST['phone']) ? clean_input($_POST['phone']) : ''; $fax = isset($_POST['fax']) ? clean_input($_POST['fax']) : ''; $street1 = isset($_POST['street1']) ? clean_input($_POST['street1']) : ''; $street2 = isset($_POST['street2']) ? clean_input($_POST['street2']) : ''; $userName = get_user_name($userId); if (empty($_POST['password'])) { $query = "\n\t\t\tUPDATE\n\t\t\t\t`admin`\n\t\t\tSET\n\t\t\t\t`fname` = ?, `lname` = ?, `firm` = ?, `zip` = ?, `city` = ?, `state` = ?, `country` = ?, `email` = ?,\n\t\t\t\t`phone` = ?, `fax` = ?, `street1` = ?, `street2` = ?, `gender` = ?\n\t\t\tWHERE\n\t\t\t\t`admin_id` = ?\n\t\t"; exec_query($query, array($fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $userId)); } else { $query = "\n\t\t\tUPDATE\n\t\t\t\t`admin`\n\t\t\tSET\n\t\t\t\t`admin_pass` = ?, `fname` = ?, `lname` = ?, `firm` = ?, `zip` = ?, `city` = ?, `state` = ?,\n\t\t\t\t`country` = ?, `email` = ?, `phone` = ?, `fax` = ?, `street1` = ?, `street2` = ?, `gender` = ?\n\t\t\tWHERE\n\t\t\t\t`admin_id` = ?\n\t\t"; exec_query($query, array(cryptPasswordWithSalt($_POST['password']), $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $userId)); $query = "DELETE FROM `login` WHERE `user_name` = ?"; $stmt = exec_query($query, $userName); if ($stmt->rowCount()) { set_page_message(tr('User session successfully killed for password change.'), 'success'); } } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $userId)); if (isset($_POST['send_data']) && !empty($_POST['password'])) { $query = 'SELECT `admin_type` FROM `admin` WHERE `admin_id` = ?'; $stmt = exec_query($query, $userId); if ($stmt->fields['admin_type'] == 'admin') { $admin_type = tr('Administrator'); } elseif ($stmt->fields['admin_type'] == 'reseller') { $admin_type = tr('Reseller'); } else { $admin_type = tr('Customer'); } send_add_user_auto_msg($userId, $userName, $_POST['password'], $_POST['email'], $_POST['fname'], $_POST['lname'], $admin_type); set_page_message(tr('Login data successfully sent to %s.', $userName), 'success'); } }
/** * Generate page * * @param iMSCP_pTemplate $tpl * @return void */ function generatePage($tpl) { $stmt = exec_query('SELECT id, name, status FROM hosting_plans WHERE reseller_id = ? ORDER BY id', $_SESSION['user_id']); if (!$stmt->rowCount()) { $tpl->assign('HOSTING_PLANS', ''); set_page_message(tr('No hosting plan available.'), 'static_info'); return; } $tpl->assign(array('TR_ID' => tr('Id'), 'TR_NAME' => tr('Name'), 'TR_STATUS' => tr('Status'), 'TR_EDIT' => tr('Edit'), 'TR_ACTION' => tr('Actions'), 'TR_DELETE' => tr('Delete'))); iMSCP_Events_Aggregator::getInstance()->registerListener('onGetJsTranslations', function ($e) { /** @var iMSCP_Events_Event $e */ $translations = $e->getParam('translations'); $translations['core']['hp_delete_confirmation'] = tr('Are you sure you want to delete this hosting plan?'); }); while ($row = $stmt->fetchRow()) { $tpl->assign(array('ID' => $row['id'], 'NAME' => tohtml($row['name']), 'STATUS' => $row['status'] ? tr('Available') : tr('Unavailable'))); $tpl->parse('HOSTING_PLAN', '.hosting_plan'); } }
/** * @param $user_id */ function update_reseller_personal_data($user_id) { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $user_id)); $fname = clean_input($_POST['fname']); $lname = clean_input($_POST['lname']); $gender = $_POST['gender']; $firm = clean_input($_POST['firm']); $zip = clean_input($_POST['zip']); $city = clean_input($_POST['city']); $state = clean_input($_POST['state']); $country = clean_input($_POST['country']); $street1 = clean_input($_POST['street1']); $street2 = clean_input($_POST['street2']); $email = clean_input($_POST['email']); $phone = clean_input($_POST['phone']); $fax = clean_input($_POST['fax']); $query = "\n\t\tUPDATE\n\t\t\t`admin`\n\t\tSET\n\t\t\t`fname` = ?,\n\t\t\t`lname` = ?,\n\t\t\t`firm` = ?,\n\t\t\t`zip` = ?,\n\t\t\t`city` = ?,\n\t\t\t`state` = ?,\n\t\t\t`country` = ?,\n\t\t\t`email` = ?,\n\t\t\t`phone` = ?,\n\t\t\t`fax` = ?,\n\t\t\t`street1` = ?,\n\t\t\t`street2` = ?,\n\t\t\t`gender` = ?\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t"; exec_query($query, array($fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $user_id)); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $user_id)); set_page_message(tr('Personal data successfully updated.'), 'success'); redirectTo('profile.php'); }
/** * Schedule deletion of the given mail account * * @throws iMSCP_Exception on error * @param int $mailId Mail account unique identifier * @param array $dmnProps Main domain properties * @return void */ function client_deleteMailAccount($mailId, $dmnProps) { $stmt = exec_query('SELECT `mail_addr` FROM `mail_users` WHERE `mail_id` = ? AND `domain_id` = ?', array($mailId, $dmnProps['domain_id'])); if ($stmt->rowCount()) { $mailAddr = $stmt->fields['mail_addr']; $toDeleteStatus = 'todelete'; iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteMail, array('mailId' => $mailId)); exec_query('UPDATE `mail_users` SET `status` = ? WHERE `mail_id` = ?', array($toDeleteStatus, $mailId)); // Schedule deleltion of all catchall which belong to the mail account exec_query(' UPDATE `mail_users` SET `status` = ? WHERE `mail_acc` = ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ? ', array($toDeleteStatus, $mailAddr, "{$mailAddr},%", "%,{$mailAddr},%", "%,{$mailAddr}")); delete_autoreplies_log_entries($mailAddr); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterDeleteMail, array('mailId' => $mailId)); set_page_message(tr('Mail account %s successfully scheduled for deletion.', '<strong>' . decode_idna($mailAddr) . '</strong>'), 'success'); } else { throw new iMSCP_Exception('Bad request.', 400); } }
/** * Update admin password. * * @return void */ function reseller_updatePassword() { if (!empty($_POST)) { $userId = $_SESSION['user_id']; iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $userId)); if (empty($_POST['current_password']) || empty($_POST['password']) || empty($_POST['password_confirmation'])) { set_page_message(tr('All fields are required.'), 'error'); } else { if (!_reseller_checkCurrentPassword($_POST['current_password'])) { set_page_message(tr('Current password is invalid.'), 'error'); } else { if ($_POST['password'] !== $_POST['password_confirmation']) { set_page_message(tr("Passwords do not match."), 'error'); } elseif (checkPasswordSyntax($_POST['password'])) { $query = 'UPDATE `admin` SET `admin_pass` = ? WHERE `admin_id` = ?'; exec_query($query, array(cryptPasswordWithSalt($_POST['password']), $userId)); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $userId)); write_log($_SESSION['user_logged'] . ': updated password.', E_USER_NOTICE); set_page_message(tr('Password successfully updated.'), 'success'); } } } } }
break; case "reseller": $trUserType = tr('Reseller'); break; case "admin": $trUserType = tr('Admin'); break; default: $trUserType = tr('Unknown user type'); } $tpl->assign(array('TR_ACCOUNT_SUMMARY' => tr('Account summary'), 'TR_USERNAME' => tr('Username'), 'USERNAME' => tohtml($_SESSION['user_logged']), 'TR_ACCOUNT_TYPE' => tr('Account type'), 'ACCOUNT_TYPE' => $trUserType, 'TR_REGISTRATION_DATE' => tr('Registration date'), 'REGISTRATION_DATE' => $stmt->fields['domain_created'] != 0 ? date($cfg->DATE_FORMAT, $stmt->fields['domain_created']) : tr('Unknown'))); } /******************************************************************************* * Main script */ // Include core library require 'imscp-lib.php'; iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart); /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); check_login('user'); $tpl = new iMSCP_pTemplate(); $tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'client/profile.tpl', 'page_message' => 'layout')); $tpl->assign('TR_PAGE_TITLE', tr('Client / Profile / Account Summary')); generateNavigation($tpl); client_generatePage($tpl); generatePageMessage($tpl); $tpl->parse('LAYOUT_CONTENT', 'page'); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptEnd, array('templateEngine' => $tpl)); $tpl->prnt(); unsetMessages();
/** * Update SQL user password * * @param int $id Sql user id * @param string $user Sql user name * @param string $host SQL user host * @çeturn void */ function client_updateSqlUserPassword($id, $user, $host) { if (!isset($_POST['uaction'])) { return; } if (!isset($_POST['password']) || !isset($_POST['password_confirmation'])) { showBadRequestErrorPage(); } $password = clean_input($_POST['password']); $passwordConf = clean_input($_POST['password_confirmation']); if ($password === '') { set_page_message(tr('Password cannot be empty.'), 'error'); return; } if ($passwordConf === '') { set_page_message(tr('Please confirm the password.'), 'error'); return; } if ($password !== $passwordConf) { set_page_message(tr('Passwords do not match.'), 'error'); return; } if (!checkPasswordSyntax($password)) { return; } $config = iMSCP_Registry::get('config'); $mysqlConfig = new iMSCP_Config_Handler_File($config['CONF_DIR'] . '/mysql/mysql.data'); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditSqlUser, array('sqlUserId' => $id)); // Here we cannot use transaction due to statements that cause an implicit commit. Thus we execute // those statements first to let the i-MSCP database in clean state if one of them fails. // See https://dev.mysql.com/doc/refman/5.7/en/implicit-commit.html for more details // Update SQL user password in the mysql system tables; if (strpos('mariadb', $config['SQL_SERVER']) !== false || version_compare($mysqlConfig['SQLD_VERSION'], '5.7.6', '<')) { exec_query('SET PASSWORD FOR ?@? = PASSWORD(?)', array($user, $host, $password)); } else { exec_query('ALTER USER ?@? IDENTIFIED BY ? PASSWORD EXPIRE NEVER', array($user, $host, $password)); } exec_query('UPDATE sql_user SET sqlu_pass = ? WHERE sqlu_name = ? AND sqlu_host = ?', array($password, $user, $host)); set_page_message(tr('SQL user password successfully updated.'), 'success'); write_log(sprintf('%s updated %s@%s SQL user password.', decode_idna($_SESSION['user_logged']), $user, $host), E_USER_NOTICE); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditSqlUser, array('sqlUserId' => $id)); redirectTo('sql_manage.php'); }
*/ EventManager::getInstance()->dispatch(Events::onAdminScriptStart); check_login('admin'); $cfg = Registry::get('config'); $tpl = new TemplateEngine(); $tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => '../../plugins/Monitorix/themes/default/view/admin/monitorix.tpl', 'page_message' => 'layout', 'monitorix_item' => 'page', 'monitorix_graph_item' => 'page')); $graphName = isset($_POST['graph_name']) && $_POST['graph_name'] !== '-1' ? clean_input($_POST['graph_name']) : ''; if (isset($_POST['action']) && $_POST['action'] == 'go_show') { if ($graphName == '') { $tpl->assign(array('M_HOUR_SELECTED' => $cfg['HTML_SELECTED'], 'M_DAY_SELECTED' => '', 'M_WEEK_SELECTED' => '', 'M_MONTH_SELECTED' => '', 'M_YEAR_SELECTED' => '', 'MONITORIXGRAPH_SELECTED' => '', 'MONITORIXGRAPH_ERROR' => '')); } else { selectedGraphic($tpl, $graphName, clean_input($_POST['show_when'])); } } else { $tpl->assign(array('M_HOUR_SELECTED' => $cfg['HTML_SELECTED'], 'M_DAY_SELECTED' => '', 'M_WEEK_SELECTED' => '', 'M_MONTH_SELECTED' => '', 'M_YEAR_SELECTED' => '', 'MONITORIXGRAPH_SELECTED' => '', 'MONITORIXGRAPH_ERROR' => '')); } /** @var PluginManager $pluginManager */ $pluginManager = Registry::get('pluginManager'); if (Registry::get('config')->DEBUG) { $assetVersion = time(); } else { $pluginInfo = $pluginManager->pluginGetInfo('Monitorix'); $assetVersion = strtotime($pluginInfo['date']); } $tpl->assign(array('TR_PAGE_TITLE' => tr('Statistics / Monitorix'), 'MONITORIX_ASSET_VERSION' => tohtml($assetVersion), 'MONITORIXGRAPHIC_NOT_EXIST' => tr("The requested graphic doesn't exist."), 'MONITORIXGRAPHIC_NOT_SELECTED' => tr("No monitorix graph selected."), 'TR_MONITORIX_SELECT_NAME_NONE' => tr('Select a graph'), 'M_HOUR' => tr('Hour'), 'M_DAY' => tr('Day'), 'M_WEEK' => tr('Week'), 'M_MONTH' => tr('Month'), 'M_YEAR' => tr('Year'), 'TR_SHOW' => tr('Show graph'))); generateNavigation($tpl); generatePageMessage($tpl); generatePage($tpl, substr($graphName, 1)); $tpl->parse('LAYOUT_CONTENT', 'page'); EventManager::getInstance()->dispatch(Events::onAdminScriptEnd, array('templateEngine' => $tpl)); $tpl->prnt();
$all[1] += $ftpTraffic; $all[2] += $smtpTraffic; $all[3] += $popTraffic; $tpl->parse('TRAFFIC_TABLE_ITEM', '.traffic_table_item'); } $tpl->assign(array('USER_ID' => tohtml($userId), 'USERNAME' => tohtml($adminName), 'ALL_WEB_TRAFFIC' => tohtml(bytesHuman($all[0])), 'ALL_FTP_TRAFFIC' => tohtml(bytesHuman($all[1])), 'ALL_SMTP_TRAFFIC' => tohtml(bytesHuman($all[2])), 'ALL_POP3_TRAFFIC' => tohtml(bytesHuman($all[3])), 'ALL_ALL_TRAFFIC' => tohtml(bytesHuman(array_sum($all))))); } else { set_page_message(tr('No statistics found for the given period. Try another period.'), 'static_info'); $tpl->assign(array('USERNAME' => tohtml($adminName), 'USER_ID' => tohtml($userId), 'RESELLER_USER_STATISTICS_DETAIL_BLOCK' => '')); } } /*********************************************************************************************************************** * Main */ require 'imscp-lib.php'; $eventManager = iMSCP_Events_Aggregator::getInstance(); $eventManager->dispatch(iMSCP_Events::onAdminScriptStart); check_login('admin'); if (systemHasCustomers()) { if (isset($_GET['user_id'])) { $userId = intval($_GET['user_id']); $_SESSION['stats_user_id'] = $userId; } elseif (isset($_SESSION['admin_stats_user_id'])) { redirectTo('reseller_user_statistics_detail.php?user_id=' . $_SESSION['admin_stats_user_id']); exit; } else { showBadRequestErrorPage(); exit; } $tpl = new iMSCP_pTemplate(); $tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'admin/reseller_user_statistics_details.tpl', 'page_message' => 'layout', 'month_list' => 'page', 'year_list' => 'page', 'reseller_user_statistics_detail_block' => 'page', 'traffic_table_item' => 'reseller_user_statistics_detail_block'));
/** * Edit mail account * * @throws iMSCP_Exception * @return bool TRUE on success, FALSE otherwise */ function client_editMailAccount() { if (isset($_POST['password']) && isset($_POST['password_rep']) && isset($_POST['quota']) && isset($_POST['forward_list'])) { $mailData = client_getEmailAccountData(clean_input($_GET['id'])); $mainDmnProps = get_domain_default_props($_SESSION['user_id']); $password = $forwardList = '_no_'; $mailType = ''; $quota = null; if (preg_match('/^(.*?)_(?:mail|forward)/', $mailData['mail_type'], $match)) { $domainType = $match[1]; } else { throw new iMSCP_Exception('Unable to determine mail type'); } $mailTypeNormal = isset($_POST['account_type']) && in_array($_POST['account_type'], array('1', '3')); $mailTypeForward = isset($_POST['account_type']) && in_array($_POST['account_type'], array('2', '3')); if (!$mailTypeNormal && !$mailTypeForward) { showBadRequestErrorPage(); } $mailAddr = $mailData['mail_addr']; if ($mailTypeNormal) { // Check for pasword $password = clean_input($_POST['password']); $password_rep = clean_input($_POST['password_rep']); if ($mailData['mail_pass'] == '_no_' || $password != '' || $password_rep != '') { if ($password == '') { set_page_message(tr('Password is missing.'), 'error'); return false; } elseif ($password_rep == '') { set_page_message(tr('You must confirm your password.'), 'error'); return false; } elseif ($password !== $password_rep) { set_page_message(tr("Passwords do not match."), 'error'); return false; } elseif (!checkPasswordSyntax($password)) { return false; } } else { $password = $mailData['mail_pass']; } // Check for quota $quota = clean_input($_POST['quota']); if (is_number($quota)) { $quota *= 1048576; // MiB to Bytes if ($mainDmnProps['mail_quota'] != '0') { if ($quota == '0') { set_page_message(tr('Incorrect Email quota.'), 'error'); return false; } $stmt = exec_query('SELECT SUM(`quota`) AS `quota` FROM `mail_users` WHERE `domain_id` = ? AND `quota` IS NOT NULL', $mainDmnProps['domain_id']); $quotaLimit = floor($mainDmnProps['mail_quota'] - ($stmt->fields['quota'] - $mailData['quota'])); if ($quota > $quotaLimit) { set_page_message(tr('Email quota cannot be bigger than %s', bytesHuman($quotaLimit, 'MiB')), 'error'); return false; } } } else { set_page_message(tr('Email quota must be a number.'), 'error'); return false; } switch ($domainType) { case 'normal': $mailType = MT_NORMAL_MAIL; break; case 'subdom': $mailType = MT_SUBDOM_MAIL; break; case 'alias': $mailType = MT_ALIAS_MAIL; break; case 'alssub': $mailType = MT_ALSSUB_MAIL; } } if ($mailTypeForward) { // Check forward list $forwardList = clean_input($_POST['forward_list']); if ($forwardList == '') { set_page_message(tr('Forward list is empty.'), 'error'); return false; } $forwardList = preg_split("/[\n,]+/", $forwardList); foreach ($forwardList as $key => &$forwardEmailAddr) { $forwardEmailAddr = encode_idna(trim($forwardEmailAddr)); if ($forwardEmailAddr == '') { unset($forwardList[$key]); } elseif (!chk_email($forwardEmailAddr)) { set_page_message(tr('Wrong mail syntax in forward list.'), 'error'); return false; } elseif ($forwardEmailAddr == $mailAddr) { set_page_message(tr('You cannot forward %s on itself.', $mailAddr), 'error'); return false; } } $forwardList = implode(',', array_unique($forwardList)); switch ($domainType) { case 'normal': $mailType .= ($mailType != '' ? ',' : '') . MT_NORMAL_FORWARD; break; case 'subdom': $mailType .= ($mailType != '' ? ',' : '') . MT_SUBDOM_FORWARD; break; case 'alias': $mailType .= ($mailType != '' ? ',' : '') . MT_ALIAS_FORWARD; break; case 'alssub': $mailType .= ($mailType != '' ? ',' : '') . MT_ALSSUB_FORWARD; } } // Update mail account into database iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditMail, array('mailId' => $mailData['mail_id'])); $query = ' UPDATE `mail_users` SET `mail_pass` = ?, `mail_forward` = ?, `mail_type` = ?, `status` = ?, `quota` = ? WHERE `mail_id` = ? '; exec_query($query, array($password, $forwardList, $mailType, 'tochange', $quota, $mailData['mail_id'])); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditMail, array('mailId' => $mailData['mail_id'])); // Schedule mail account addition send_request(); write_log("{$_SESSION['user_logged']}: Updated Email account: {$mailAddr}", E_USER_NOTICE); set_page_message(tr('Email account successfully scheduled for update.'), 'success'); } else { showBadRequestErrorPage(); } return true; }
$row = $stmt->fetchRow(PDO::FETCH_ASSOC); $name = $row['subdomain_alias_name']; $stmt = exec_query('SELECT mail_id FROM mail_users WHERE (mail_type LIKE ? OR mail_type = ?) AND sub_id = ? LIMIT 1', array(MT_ALSSUB_MAIL . '%', MT_ALSSUB_FORWARD, $id)); if ($stmt->rowCount()) { set_page_message(tr('Subdomain you are trying to remove has email accounts. Please remove them first.'), 'error'); redirectTo('domains_manage.php'); } $stmt = exec_query('SELECT userid FROM ftp_users WHERE userid LIKE ? LIMIT 1', "%@{$name}"); if ($stmt->rowCount()) { set_page_message(tr('Subdomain alias you are trying to remove has Ftp accounts. Please remove them first.'), 'error'); redirectTo('domains_manage.php'); } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteSubdomain, array('subdomainId' => $id, 'subdomainName' => $name, 'type' => 'alssub')); $db = iMSCP_Database::getInstance(); try { $db->beginTransaction(); exec_query('DELETE FROM php_ini WHERE domain_id = ? AND domain_type = ?', array($id, 'subals')); exec_query('UPDATE subdomain_alias SET subdomain_alias_status = ? WHERE subdomain_alias_id = ?', array('todelete', $id)); exec_query('UPDATE ssl_certs SET status = ? WHERE domain_id = ? AND domain_type = ?', array('todelete', $id, 'alssub')); $db->commit(); } catch (iMSCP_Exception_Database $e) { $db->rollBack(); write_log(sprintf('System was unable to remove a subdomain: %s', $e->getMessage()), E_ERROR); set_page_message('Could not remove subdomain. An unexpected error occurred.', 'error'); redirectTo('domains_manage.php'); } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterDeleteSubdomain, array('subdomainId' => $id, 'subdomainName' => $name, 'type' => 'alssub')); send_request(); write_log(sprintf('%s scheduled deletion of the `%s` subdomain alias', decode_idna($_SESSION['user_logged']), $name), E_USER_NOTICE); set_page_message(tr('Subdomain alias scheduled for deletion.'), 'success'); redirectTo('domains_manage.php');
/** * Update Ftp account * * @param string $userid Ftp userid * @param string $mainDomainName Main domain name * @return bool TRUE on success, FALSE on failure */ function updateFtpAccount($userid, $mainDomainName) { $ret = true; if (!empty($_POST['password'])) { if (empty($_POST['password_repeat']) || $_POST['password'] !== $_POST['password_repeat']) { set_page_message(tr("Passwords do not match."), 'error'); $ret = false; } if (!checkPasswordSyntax($_POST['password'])) { $ret = false; } $rawPassword = $_POST['password']; $password = cryptPasswordWithSalt($rawPassword); } if (isset($_POST['home_dir'])) { $homeDir = clean_input($_POST['home_dir']); if ($homeDir != '/' && $homeDir != '') { // Strip possible double-slashes $homeDir = str_replace('//', '/', $homeDir); // Check for updirs '..' if (strpos($homeDir, '..') !== false) { set_page_message(tr('Invalid home directory.'), 'error'); $ret = false; } if ($ret) { $vfs = new iMSCP_VirtualFileSystem($mainDomainName); // Check for directory existence if (!$vfs->exists($homeDir)) { set_page_message(tr("Home directory '%s' doesn't exist", $homeDir), 'error'); $ret = false; } } } } else { showBadRequestErrorPage(); exit; } if ($ret) { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditFtp, array('ftpUserId' => $userid)); /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); $homeDir = rtrim(str_replace('//', '/', $cfg->USER_WEB_DIR . '/' . $mainDomainName . '/' . $homeDir), '/'); if (isset($rawPassword) && isset($password) && isset($homeDir)) { $query = "UPDATE `ftp_users` SET `passwd` = ?, `rawpasswd` = ?, `homedir` = ? WHERE `userid` = ?"; exec_query($query, array($password, $rawPassword, $homeDir, $userid)); } else { $query = "UPDATE `ftp_users` SET `homedir` = ? WHERE `userid` = ?"; exec_query($query, array($homeDir, $userid)); } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditFtp, array('ftpUserId' => $userid)); write_log(sprintf("%s updated Ftp account: %s", $_SESSION['user_logged'], $userid), E_USER_NOTICE); set_page_message(tr('FTP account successfully updated.'), 'success'); } return $ret; }
/** * Deletes an admin or reseller user * * @throws iMSCP_Exception_Database * @param int $userId User unique identifier */ function admin_deleteUser($userId) { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteUser, array('userId' => $userId)); $userId = (int) $userId; /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); /** @var $db iMSCP_Database */ $db = iMSCP_Database::getInstance(); $stmt = exec_query(' SELECT a.admin_type, b.logo FROM admin a LEFT JOIN user_gui_props b ON (b.user_id = a.admin_id) WHERE admin_id = ? ', $userId); $row = $stmt->fetchRow(PDO::FETCH_ASSOC); $userType = $row['admin_type']; if (empty($userType) || $userType == 'user') { showBadRequestErrorPage(); } // Users (admins/resellers) common items to delete $itemsToDelete = array('admin' => 'admin_id = ?', 'email_tpls' => 'owner_id = ?', 'tickets' => 'ticket_from = ? OR ticket_to = ?', 'user_gui_props' => 'user_id = ?'); // Note: Admin can also have they own hosting_plans bug must not be considerated // as common item since first admin must be never removed if ($userType == 'reseller') { // Getting reseller's software packages to remove if any $stmt = exec_query('SELECT software_id, software_archive FROM web_software WHERE reseller_id = ?', $userId); $swPackages = $stmt->fetchAll(PDO::FETCH_ASSOC); // Getting custom reseller isp logo if set $resellerLogo = $row['logo']; // Add specific reseller items to remove $itemsToDelete = array_merge(array('hosting_plans' => 'reseller_id = ?', 'reseller_props' => 'reseller_id = ?', 'web_software' => 'reseller_id = ?'), $itemsToDelete); } // We are using transaction to ensure data consistency and prevent any garbage in // the database. If one query fail, the whole process is reverted. try { // Cleanup database $db->beginTransaction(); foreach ($itemsToDelete as $table => $where) { // Build the DELETE statement $query = "DELETE FROM " . quoteIdentifier($table) . ($where ? " WHERE {$where}" : ''); exec_query($query, array_fill(0, substr_count($where, '?'), $userId)); } $db->commit(); // Cleanup files system // We are safe here. We don't stop the process even if files cannot be removed. That can result in garbages but // the sysadmin can easily delete them through ssh. // Deleting reseller software instaler local repository if (isset($swPackages) && !empty($swPackages)) { _admin_deleteResellerSwPackages($userId, $swPackages); } elseif ($userType == 'reseller' && is_dir($cfg['GUI_APS_DIR'] . '/' . $userId) && @rmdir($cfg['GUI_APS_DIR'] . '/' . $userId) == false) { write_log('Unable to remove reseller software directory: ' . $cfg['GUI_APS_DIR'] . '/' . $userId, E_USER_ERROR); } // Deleting user logo if (isset($resellerLogo) && !empty($resellerLogo)) { $logoPath = $cfg['GUI_ROOT_DIR'] . '/data/persistent/ispLogos/' . $resellerLogo; if (file_exists($logoPath) && @unlink($logoPath) == false) { write_log('Unable to remove user logo ' . $logoPath, E_USER_ERROR); } } $userTr = $userType == 'reseller' ? tr('Reseller') : tr('Admin'); set_page_message(tr('%s account successfully deleted.', $userTr), 'success'); write_log($_SESSION['user_logged'] . ": deletes user " . $userId, E_USER_NOTICE); } catch (iMSCP_Exception_Database $e) { $db->rollBack(); throw $e; } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterDeleteUser, array('userId' => $userId)); redirectTo('manage_users.php'); }
* by moleSoftware GmbH. All Rights Reserved. * * Portions created by the ispCP Team are Copyright (C) 2006-2010 by * isp Control Panel. All Rights Reserved. * * Portions created by the i-MSCP Team are Copyright (C) 2010-2015 by * i-MSCP - internet Multi Server Control Panel. All Rights Reserved. */ /*********************************************************************************************************************** * Main */ // Include core library require_once 'imscp-lib.php'; iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart); check_login('user'); customerHasFeature('mail') or showBadRequestErrorPage(); if (isset($_GET['id'])) { $catchallId = intval($_GET['id']); $stmt = exec_query('SELECT mail_id FROM mail_users WHERE domain_id = ? AND mail_id = ?', array(get_user_domain_id($_SESSION['user_id']), $catchallId)); if (!$stmt->rowCount()) { showBadRequestErrorPage(); } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeDeleteMailCatchall, array('mailCatchallId' => $catchallId)); exec_query('UPDATE mail_users SET status = ? WHERE mail_id = ?', array('todelete', $catchallId)); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onafterDeleteMailCatchall, array('mailCatchallId' => $catchallId)); send_request(); write_log($_SESSION['user_logged'] . ': deletes email catch all!', E_USER_NOTICE); set_page_message(tr('Catch all successfully scheduled for deletion.'), 'success'); redirectTo('mail_catchall.php'); } showBadRequestErrorPage();
/** * Create reseller account * * @throws Exception * @throws iMSCP_Exception * @throws iMSCP_Exception_Database * @return bool */ function admin_checkAndCreateResellerAccount() { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddUser); $cfg = iMSCP_Registry::get('config'); $errFieldsStack = array(); $data =& admin_getData(); /** @var $db iMSCP_Database */ $db = iMSCP_Database::getInstance(); try { $db->beginTransaction(); // Check for reseller name $stmt = exec_query('SELECT COUNT(`admin_id`) `usernameExist` FROM `admin` WHERE `admin_name` = ? LIMIT 1', $data['admin_name']); $row = $stmt->fetchRow(PDO::FETCH_ASSOC); if ($row['usernameExist']) { set_page_message(tr("The username %s is not available.", '<b>' . $data['admin_name'] . '</b>'), 'error'); $errFieldsStack[] = 'admin_name'; } elseif (!validates_username($data['admin_name'])) { set_page_message(tr('Incorrect username length or syntax.'), 'error'); $errFieldsStack[] = 'admin_name'; } // check for password if (empty($data['password'])) { set_page_message(tr('You must provide a password.'), 'error'); $errFieldsStack[] = 'password'; $errFieldsStack[] = 'password_confirmation'; } elseif ($data['password'] != $data['password_confirmation']) { set_page_message(tr("Passwords do not match."), 'error'); $errFieldsStack[] = 'password'; $errFieldsStack[] = 'password_confirmation'; } elseif (!checkPasswordSyntax($data['password'])) { $errFieldsStack[] = 'password'; $errFieldsStack[] = 'password_confirmation'; } // Check for email address if (!chk_email($data['email'])) { set_page_message(tr('Incorrect syntax for email address.'), 'error'); $errFieldsStack[] = 'email'; } // Check for ip addresses - We are safe here $resellerIps = array(); foreach ($data['server_ips'] as $serverIpData) { if (in_array($serverIpData['ip_id'], $data['reseller_ips'])) { $resellerIps[] = $serverIpData['ip_id']; } } sort($resellerIps); if (empty($resellerIps)) { set_page_message(tr('You must assign at least one IP to this reseller.'), 'error'); } // Check for max domains limit if (!imscp_limit_check($data['max_dmn_cnt'], null)) { set_page_message(tr('Incorrect limit for %s.', tr('domain')), 'error'); $errFieldsStack[] = 'max_dmn_cnt'; } // Check for max subdomains limit if (!imscp_limit_check($data['max_sub_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('subdomains')), 'error'); $errFieldsStack[] = 'max_sub_cnt'; } // check for max domain aliases limit if (!imscp_limit_check($data['max_als_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('domain aliases')), 'error'); $errFieldsStack[] = 'max_als_cnt'; } // Check for max mail accounts limit if (!imscp_limit_check($data['max_mail_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('email accounts')), 'error'); $errFieldsStack[] = 'max_mail_cnt'; } // Check for max ftp accounts limit if (!imscp_limit_check($data['max_ftp_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('Ftp accounts')), 'error'); $errFieldsStack[] = 'max_ftp_cnt'; } // Check for max Sql databases limit if (!imscp_limit_check($data['max_sql_db_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('SQL databases')), 'error'); $errFieldsStack[] = 'max_sql_db_cnt'; } elseif ($_POST['max_sql_db_cnt'] == -1 && $_POST['max_sql_user_cnt'] != -1) { set_page_message(tr('SQL database limit is disabled but SQL user limit is not.'), 'error'); $errFieldsStack[] = 'max_sql_db_cnt'; } // Check for max Sql users limit if (!imscp_limit_check($data['max_sql_user_cnt'])) { set_page_message(tr('Incorrect limit for %s.', tr('SQL users')), 'error'); $errFieldsStack[] = 'max_sql_user_cnt'; } elseif ($_POST['max_sql_user_cnt'] == -1 && $_POST['max_sql_db_cnt'] != -1) { set_page_message(tr('SQL user limit is disabled but SQL database limit is not.'), 'error'); $errFieldsStack[] = 'max_sql_user_cnt'; } // Check for max monthly traffic limit if (!imscp_limit_check($data['max_traff_amnt'], null)) { set_page_message(tr('Incorrect limit for %s.', tr('traffic')), 'error'); $errFieldsStack[] = 'max_traff_amnt'; } // Check for max disk space limit if (!imscp_limit_check($data['max_disk_amnt'], null)) { set_page_message(tr('Incorrect limit for %s.', tr('Disk space')), 'error'); $errFieldsStack[] = 'max_disk_amnt'; } // Check for PHP settings $phpini = iMSCP_PHPini::getInstance(); $phpini->setResellerPermission('phpiniSystem', $data['php_ini_system']); if ($phpini->resellerHasPermission('phpiniSystem')) { $phpini->setResellerPermission('phpiniAllowUrlFopen', $data['php_ini_al_allow_url_fopen']); $phpini->setResellerPermission('phpiniDisplayErrors', $data['php_ini_al_display_errors']); $phpini->setResellerPermission('phpiniDisableFunctions', $data['php_ini_al_disable_functions']); $phpini->setResellerPermission('phpiniMailFunction', $data['php_ini_al_mail_function']); $phpini->setResellerPermission('phpiniMemoryLimit', $data['memory_limit']); // Must be set before phpiniPostMaxSize $phpini->setResellerPermission('phpiniPostMaxSize', $data['post_max_size']); // Must be set before phpiniUploadMaxFileSize $phpini->setResellerPermission('phpiniUploadMaxFileSize', $data['upload_max_filesize']); $phpini->setResellerPermission('phpiniMaxExecutionTime', $data['max_execution_time']); $phpini->setResellerPermission('phpiniMaxInputTime', $data['max_input_time']); } if (empty($errFieldsStack) && !Zend_Session::namespaceIsset('pageMessages')) { // Update process begin here // Insert reseller personal data into database exec_query(' INSERT INTO admin ( admin_name, admin_pass, admin_type, domain_created, created_by, fname, lname, firm, zip, city, state, country, email, phone, fax, street1, street2, gender ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) ', array($data['admin_name'], cryptPasswordWithSalt($data['password']), 'reseller', time(), $_SESSION['user_id'], $data['fname'], $data['lname'], $data['firm'], $data['zip'], $data['city'], $data['state'], $data['country'], $data['email'], $data['phone'], $data['fax'], $data['street1'], $data['street2'], $data['gender'])); // Get new reseller unique identifier $resellerId = $db->insertId(); // Insert reseller GUI properties into database exec_query('INSERT INTO user_gui_props (user_id, lang, layout) VALUES (?, ?, ?)', array($resellerId, $cfg['USER_INITIAL_LANG'], $cfg['USER_INITIAL_THEME'])); // Insert reseller properties into database exec_query(' INSERT INTO reseller_props ( reseller_id, reseller_ips, max_dmn_cnt, current_dmn_cnt, max_sub_cnt, current_sub_cnt, max_als_cnt, current_als_cnt, max_mail_cnt, current_mail_cnt, max_ftp_cnt, current_ftp_cnt, max_sql_db_cnt, current_sql_db_cnt, max_sql_user_cnt, current_sql_user_cnt, max_traff_amnt, current_traff_amnt, max_disk_amnt, current_disk_amnt, support_system, customer_id, software_allowed, softwaredepot_allowed, websoftwaredepot_allowed, php_ini_system, php_ini_al_disable_functions, php_ini_al_mail_function, php_ini_al_allow_url_fopen, php_ini_al_display_errors, php_ini_max_post_max_size, php_ini_max_upload_max_filesize, php_ini_max_max_execution_time, php_ini_max_max_input_time, php_ini_max_memory_limit ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) ', array($resellerId, implode(';', $resellerIps) . ';', $data['max_dmn_cnt'], '0', $data['max_sub_cnt'], '0', $data['max_als_cnt'], '0', $data['max_mail_cnt'], '0', $data['max_ftp_cnt'], '0', $data['max_sql_db_cnt'], '0', $data['max_sql_user_cnt'], '0', $data['max_traff_amnt'], '0', $data['max_disk_amnt'], '0', $data['support_system'], $data['customer_id'], $data['software_allowed'], $data['softwaredepot_allowed'], $data['websoftwaredepot_allowed'], $phpini->getResellerPermission('phpiniSystem'), $phpini->getResellerPermission('phpiniDisableFunctions'), $phpini->getResellerPermission('phpiniMailFunction'), $phpini->getResellerPermission('phpiniAllowUrlFopen'), $phpini->getResellerPermission('phpiniDisplayErrors'), $phpini->getResellerPermission('phpiniPostMaxSize'), $phpini->getResellerPermission('phpiniUploadMaxFileSize'), $phpini->getResellerPermission('phpiniMaxExecutionTime'), $phpini->getResellerPermission('phpiniMaxInputTime'), $phpini->getResellerPermission('phpiniMemoryLimit'))); $db->commit(); // Creating Software repository for reseller if needed if ($data['software_allowed'] == 'yes' && !@mkdir($cfg['GUI_APS_DIR'] . '/' . $resellerId, 0750, true)) { write_log(sprintf('System was unable to create the %s directory for reseller software repository', "{$cfg['GUI_APS_DIR']}/{$resellerId}"), E_USER_ERROR); } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddUser); send_add_user_auto_msg($_SESSION['user_id'], $data['admin_name'], $data['password'], $data['email'], $data['fname'], $data['lname'], tr('Reseller')); write_log(sprintf('A new reseller account (%s) has been created by %s', $data['admin_name'], $_SESSION['user_logged']), E_USER_NOTICE); set_page_message(tr('Reseller account successfully created.'), 'success'); return true; } } catch (iMSCP_Exception_Database $e) { $db->rollBack(); throw $e; } if (!empty($errFieldsStack)) { iMSCP_Registry::set('errFieldsStack', $errFieldsStack); } return false; }
/** * Check and updates domain data * * @throws iMSCP_Exception_Database * @param int $domainId Domain unique identifier * @return bool TRUE on success, FALSE otherwise */ function reseller_checkAndUpdateData($domainId) { $db = iMSCP_Database::getInstance(); $errFieldsStack = array(); try { // Getting domain data $data =& reseller_getData($domainId, true); // Check for expires date if ($data['domain_never_expires'] == 'off') { if (!preg_match('%^\\d{2}/\\d{2}/\\d{4}$%', $data['domain_expires']) || ($timestamp = strtotime($data['domain_expires'])) === false) { $data['domain_expires_ok'] = false; set_page_message(tr('Wrong syntax for new expire date.'), 'error'); $errFieldsStack[] = 'domain_expires'; } elseif ($timestamp != 0 && $timestamp <= time()) { $data['domain_expires'] = $timestamp; set_page_message(tr('You cannot set expire date in past.'), 'error'); $errFieldsStack[] = 'domain_expires'; } else { $data['domain_expires'] = $timestamp; } } else { $data['domain_expires'] = 0; } // Check for the subdomains limit if ($data['fallback_domain_subd_limit'] != -1) { if (!imscp_limit_check($data['domain_subd_limit'])) { set_page_message(tr('Wrong syntax for the %s limit.', tr('subdomains')), 'error'); $errFieldsStack[] = 'domain_subd_limit'; } elseif (!_reseller_isValidServiceLimit($data['domain_subd_limit'], $data['nbSubdomains'], $data["fallback_domain_subd_limit"], $data['current_sub_cnt'], $data['max_sub_cnt'], $data['nbSubdomains'] > 1 ? tr('subdomains') : tr('subdomain'))) { $errFieldsStack[] = 'domain_subd_limit'; } } // Check for the domain aliases limit if ($data['fallback_domain_alias_limit'] != -1) { if (!imscp_limit_check($data['domain_alias_limit'])) { set_page_message(tr('Wrong syntax for the %s limit.', tr('domain aliases')), 'error'); $errFieldsStack[] = 'domain_alias_limit'; } elseif (!_reseller_isValidServiceLimit($data['domain_alias_limit'], $data['nbAliasses'], $data["fallback_domain_alias_limit"], $data['current_als_cnt'], $data['max_als_cnt'], $data['nbAliasses'] > 1 ? tr('domain aliases') : tr('domain alias'))) { $errFieldsStack[] = 'domain_alias_limit'; } } // Check for the mail accounts limit if ($data['fallback_domain_mailacc_limit'] != -1) { if (!imscp_limit_check($data['domain_mailacc_limit'])) { set_page_message(tr('Wrong syntax for the %s limit.', tr('email accounts')), 'error'); $errFieldsStack[] = 'domain_mailacc_limit'; } elseif (!_reseller_isValidServiceLimit($data['domain_mailacc_limit'], $data['nbMailAccounts'], $data["fallback_domain_mailacc_limit"], $data['current_mail_cnt'], $data['max_mail_cnt'], $data["nbMailAccounts"] > 1 ? tr('email accounts') : tr('email account'))) { $errFieldsStack[] = 'domain_mailacc_limit'; } } // Check for the Ftp accounts limit if ($data['fallback_domain_ftpacc_limit'] != -1) { if (!imscp_limit_check($data['domain_ftpacc_limit'])) { set_page_message(tr('Wrong syntax for the %s limit.', tr('Ftp accounts')), 'error'); $errFieldsStack[] = 'domain_ftpacc_limit'; } elseif (!_reseller_isValidServiceLimit($data['domain_ftpacc_limit'], $data['nbFtpAccounts'], $data["fallback_domain_ftpacc_limit"], $data['current_ftp_cnt'], $data['max_ftp_cnt'], $data['nbFtpAccounts'] > 1 ? tr('Ftp accounts') : tr('Ftp account'))) { $errFieldsStack[] = 'domain_ftpacc_limit'; } } // Check for the Sql databases limit if ($data['fallback_domain_sqld_limit'] != -1) { if (!imscp_limit_check($data['domain_sqld_limit'])) { set_page_message(tr('Wrong syntax for the %s limit.', tr('SQL databases')), 'error'); $errFieldsStack[] = 'domain_sqld_limit'; } elseif (!_reseller_isValidServiceLimit($data['domain_sqld_limit'], $data['nbSqlDatabases'], $data["fallback_domain_sqld_limit"], $data['current_sql_db_cnt'], $data['max_sql_db_cnt'], $data['nbSqlDatabases'] > 1 ? tr('SQL databases') : tr('SQL database'))) { $errFieldsStack[] = 'domain_sqld_limit'; } elseif ($data['domain_sqld_limit'] != -1 && $data['domain_sqlu_limit'] == -1) { set_page_message(tr('SQL user limit is disabled.'), 'error'); $errFieldsStack[] = 'domain_sqld_limit'; $errFieldsStack[] = 'domain_sqlu_limit'; } } // Check for the Sql users limit if ($data['fallback_domain_sqlu_limit'] != -1) { if (!imscp_limit_check($data['domain_sqlu_limit'])) { set_page_message(tr('Wrong syntax for the %s limit.', tr('SQL users')), 'error'); $errFieldsStack[] = 'domain_sqlu_limit'; } elseif (!_reseller_isValidServiceLimit($data['domain_sqlu_limit'], $data['nbSqlUsers'], $data["fallback_domain_sqlu_limit"], $data['current_sql_user_cnt'], $data['max_sql_user_cnt'], $data['nbSqlUsers'] > 1 ? tr('SQL users') : tr('SQL user'))) { $errFieldsStack[] = 'domain_sqlu_limit'; } elseif ($data['domain_sqlu_limit'] != -1 && $data['domain_sqld_limit'] == -1) { set_page_message(tr('SQL database limit is disabled.'), 'error'); $errFieldsStack[] = 'domain_sqlu_limit'; $errFieldsStack[] = 'domain_sqld_limit'; } } // Check for the monthly traffic limit if (!imscp_limit_check($data['domain_traffic_limit'], null)) { set_page_message(tr('Wrong syntax for the %s limit.', tr('traffic')), 'error'); $errFieldsStack[] = 'domain_traffic_limit'; } elseif (!_reseller_isValidServiceLimit($data['domain_traffic_limit'], $data['domainTraffic'] / 1048576, $data["fallback_domain_traffic_limit"], $data['current_traff_amnt'], $data['max_traff_amnt'], tr('traffic'))) { $errFieldsStack[] = 'domain_traffic_limit'; } // Check for the disk space limit if (!imscp_limit_check($data['domain_disk_limit'], null)) { set_page_message(tr('Wrong syntax for the %s limit.', tr('disk space')), 'error'); $errFieldsStack[] = 'domain_disk_limit'; } elseif (!_reseller_isValidServiceLimit($data['domain_disk_limit'], $data['domain_disk_usage'] / 1048576, $data["fallback_domain_disk_limit"], $data['current_disk_amnt'], $data['max_disk_amnt'], tr('disk space'))) { $errFieldsStack[] = 'domain_disk_limit'; } // Check for mail quota if ($data['fallback_domain_mailacc_limit'] != -1) { if (!imscp_limit_check($data['mail_quota'], null)) { set_page_message(tr('Wrong syntax for the mail quota value.'), 'error'); $errFieldsStack[] = 'mail_quota'; } elseif ($data['domain_disk_limit'] != 0 && $data['mail_quota'] > $data['domain_disk_limit']) { set_page_message(tr('Email quota cannot be bigger than disk space limit.'), 'error'); $errFieldsStack[] = 'mail_quota'; } elseif ($data['domain_disk_limit'] != 0 && $data['mail_quota'] == 0) { set_page_message(tr('Email quota cannot be unlimited. Max value is %d MiB.', $data['domain_disk_limit']), 'error'); $errFieldsStack[] = 'mail_quota'; } else { $mailData = reseller_getMailData($data['domain_id'], $data['fallback_mail_quota']); if ($data['mail_quota'] != 0 && $data['mail_quota'] < $mailData['nb_mailboxes']) { set_page_message(tr('Email quota cannot be lower than %d. Each mailbox should have a least 1 MiB quota.', $mailData['nb_mailboxes']), 'error'); $errFieldsStack[] = 'mail_quota'; } } } else { $data['mail_quota'] = 0; } // Check for PHP support $data['domain_php'] = in_array($data['domain_php'], array('no', 'yes')) ? $data['domain_php'] : $data['fallback_domain_php']; // PHP editor $phpini = iMSCP_PHPini::getInstance(); // Needed to track changes $phpiniClientPerms = $phpini->getClientPermission(); $phpiniDomainConf = $phpini->getDomainIni(); if (isset($_POST['php_ini_system']) && $data['domain_php'] == 'yes' && $phpini->resellerHasPermission('phpiniSystem')) { $phpini->setClientPermission('phpiniSystem', clean_input($_POST['php_ini_system'])); if ($phpini->clientHasPermission('phpiniSystem')) { if (isset($_POST['phpini_perm_allow_url_fopen'])) { $phpini->setClientPermission('phpiniAllowUrlFopen', clean_input($_POST['phpini_perm_allow_url_fopen'])); } if (isset($_POST['phpini_perm_display_errors'])) { $phpini->setClientPermission('phpiniDisplayErrors', clean_input($_POST['phpini_perm_display_errors'])); } if (isset($_POST['phpini_perm_disable_functions'])) { $phpini->setClientPermission('phpiniDisableFunctions', clean_input($_POST['phpini_perm_disable_functions'])); } if (isset($_POST['phpini_perm_mail_function'])) { $phpini->setClientPermission('phpiniMailFunction', clean_input($_POST['phpini_perm_mail_function'])); } if (isset($_POST['memory_limit'])) { // Must be set before phpiniPostMaxSize $phpini->setDomainIni('phpiniMemoryLimit', clean_input($_POST['memory_limit'])); } if (isset($_POST['post_max_size'])) { // Must be set before phpiniUploadMaxFileSize $phpini->setDomainIni('phpiniPostMaxSize', clean_input($_POST['post_max_size'])); } if (isset($_POST['upload_max_filezize'])) { $phpini->setDomainIni('phpiniUploadMaxFileSize', clean_input($_POST['upload_max_filezize'])); } if (isset($_POST['max_execution_time'])) { $phpini->setDomainIni('phpiniMaxExecutionTime', clean_input($_POST['max_execution_time'])); } if (isset($_POST['max_input_time'])) { $phpini->setDomainIni('phpiniMaxInputTime', clean_input($_POST['max_input_time'])); } } else { $phpini->loadClientPermissions(); // Reset client PHP permissions $phpini->loadDomainIni(); // Reset domain PHP configuration options } } else { $phpini->loadClientPermissions(); // Reset client PHP permissions $phpini->loadDomainIni(); // Reset domain PHP configuration options } // Check for CGI support $data['domain_cgi'] = in_array($data['domain_cgi'], array('no', 'yes')) ? $data['domain_cgi'] : $data['fallback_domain_cgi']; // Check for custom DNS records support $data['domain_dns'] = in_array($data['domain_dns'], array('no', 'yes')) ? $data['domain_dns'] : $data['fallback_domain_dns']; // Check for APS support $data['domain_software_allowed'] = in_array($data['domain_software_allowed'], array('no', 'yes')) ? $data['domain_software_allowed'] : $data['fallback_domain_software_allowed']; // Check for External mail server support $data['domain_external_mail'] = in_array($data['domain_external_mail'], array('no', 'yes')) ? $data['domain_external_mail'] : $data['fallback_domain_external_mail']; // Check for backup support $data['allowbackup'] = is_array($data['allowbackup']) ? array_intersect($data['allowbackup'], array('dmn', 'sql', 'mail')) : $data['fallback_allowbackup']; // Check for Web folder protection support $data['web_folder_protection'] = in_array($data['web_folder_protection'], array('no', 'yes')) ? $data['web_folder_protection'] : $data['fallback_web_folder_protection']; if (empty($errFieldsStack) && !Zend_Session::namespaceIsset('pageMessages')) { // Update process begin here $oldValues = array(); $newValues = array(); foreach ($data as $property => $value) { if (strpos($property, 'fallback_') !== false) { $property = substr($property, 9); $oldValues[$property] = $value; $newValues[$property] = $data[$property]; } } $needDaemonRequest = false; if ($newValues == $oldValues && $phpiniClientPerms == $phpini->getClientPermission() && $phpiniDomainConf == $phpini->getDomainIni()) { set_page_message(tr('Nothing has been changed.'), 'info'); return true; } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditDomain, array('domainId' => $domainId)); $db->beginTransaction(); if ($phpiniClientPerms != $phpini->getClientPermission() || $phpiniDomainConf != $phpini->getDomainIni()) { $phpini->updateDomainConfigOptions($data['admin_id']); $needDaemonRequest = true; } // PHP or CGI was either enabled or disabled or PHP Settings were changed, web folder protection // properties have been updated, or domain IP was changed, so we must update the vhosts files // of all domain entities (dmn, sub, als, alssub) if ($needDaemonRequest || $data['domain_php'] != $data['fallback_domain_php'] || $data['domain_cgi'] != $data['fallback_domain_cgi'] || $data['web_folder_protection'] != $data['fallback_web_folder_protection'] || $data['domain_ip_id'] != $data['fallback_domain_ip_id']) { if ($data['domain_alias_limit'] != '-1') { exec_query('UPDATE domain_aliasses SET alias_status = ? WHERE domain_id = ? AND alias_status <> ?', array('tochange', $domainId, 'ordered')); } $needDaemonRequest = true; } if ($data['domain_dns'] != $data['fallback_domain_dns'] && $data['domain_dns'] == 'no') { // Support for custom DNS records is now disabled - We must delete all custom DNS entries // (except those that are protected), and update the DNS zone file exec_query('DELETE FROM domain_dns WHERE domain_id = ? AND owned_by = ?', array($domainId, 'custom_dns_feature')); $needDaemonRequest = true; } // Update domain properties exec_query(' UPDATE domain SET domain_expires = ?, domain_last_modified = ?, domain_mailacc_limit = ?, domain_ftpacc_limit = ?, domain_traffic_limit = ?, domain_sqld_limit = ?, domain_sqlu_limit = ?, domain_status = ?, domain_alias_limit = ?, domain_subd_limit = ?, domain_ip_id = ?, domain_disk_limit = ?, domain_php = ?, domain_cgi = ?, allowbackup = ?, domain_dns = ?, domain_software_allowed = ?, phpini_perm_system = ?, phpini_perm_allow_url_fopen = ?, phpini_perm_display_errors = ?, phpini_perm_disable_functions = ?, phpini_perm_mail_function = ?, domain_external_mail = ?, web_folder_protection = ?, mail_quota = ? WHERE domain_id = ? ', array($data['domain_expires'], time(), $data['domain_mailacc_limit'], $data['domain_ftpacc_limit'], $data['domain_traffic_limit'], $data['domain_sqld_limit'], $data['domain_sqlu_limit'], $needDaemonRequest ? 'tochange' : 'ok', $data['domain_alias_limit'], $data['domain_subd_limit'], $data['domain_ip_id'], $data['domain_disk_limit'], $data['domain_php'], $data['domain_cgi'], implode('|', $data['allowbackup']), $data['domain_dns'], $data['domain_software_allowed'], $phpini->getClientPermission('phpiniSystem'), $phpini->getClientPermission('phpiniAllowUrlFopen'), $phpini->getClientPermission('phpiniDisplayErrors'), $phpini->getClientPermission('phpiniDisableFunctions'), $phpini->getClientPermission('phpiniMailFunction'), $data['domain_external_mail'], $data['web_folder_protection'], $data['mail_quota'] * 1048576, $domainId)); //print 'ouch'; exit; // Sync mailboxes quota if needed if ($data['fallback_mail_quota'] != $data['mail_quota'] * 1048576) { sync_mailboxes_quota($domainId, $data['mail_quota'] * 1048576); } // Update domain alias IP if needed if ($data['domain_ip_id'] != $data['fallback_domain_ip_id']) { if ($data['domain_alias_limit'] != '-1') { exec_query('UPDATE domain_aliasses SET alias_ip_id = ? WHERE domain_id = ?', array($data['domain_ip_id'], $domainId)); } } // Update Ftp quota limit if needed if ($data['domain_disk_limit'] != $data['fallback_domain_disk_limit']) { exec_query(' REPLACE INTO quotalimits ( name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) ', array($data['domain_name'], 'group', 'false', 'hard', $data['domain_disk_limit'] * 1048576, 0, 0, 0, 0, 0)); } // Update reseller properties update_reseller_c_props($data['reseller_id']); $db->commit(); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditDomain, array('domainId' => $domainId)); if ($needDaemonRequest) { send_request(); set_page_message(tr('Domain scheduled for update.'), 'success'); } else { set_page_message(tr('Domain successfully updated.'), 'success'); } $userLogged = isset($_SESSION['logged_from']) ? $_SESSION['logged_from'] : $_SESSION['user_logged']; write_log("Domain " . decode_idna($data['domain_name']) . " has been updated by {$userLogged}", E_USER_NOTICE); return true; } } catch (iMSCP_Exception_Database $e) { $db->rollBack(); throw $e; } if (!empty($errFieldsStack)) { iMSCP_Registry::set('errFieldsStack', $errFieldsStack); } return false; }
/** * Function to update changes into db * * @param int $adminId Customer unique identifier * @return void */ function reseller_updateUserData($adminId) { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditUser, array('userId' => $adminId)); global $adminName, $email, $customerId, $firstName, $lastName, $firm, $zip, $gender, $city, $state, $country, $street1, $street2, $phone, $fax, $password, $passwordRepeat; $resellerId = intval($_SESSION['user_id']); if ($password === '' && $passwordRepeat === '') { // Save without password exec_query(' UPDATE admin SET fname = ?, lname = ?, firm = ?, zip = ?, city = ?, state = ?, country = ?, email = ?, phone = ?, fax = ?, street1 = ?, street2 = ?, gender = ?, customer_id = ? WHERE admin_id = ? AND created_by = ? ', array($firstName, $lastName, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $customerId, $adminId, $resellerId)); } else { // Change password if ($password != $passwordRepeat) { set_page_message(tr("Passwords do not match."), 'error'); redirectTo('user_edit.php?edit_id=' . $adminId); } if (!checkPasswordSyntax($password)) { redirectTo('user_edit.php?edit_id=' . $adminId); } $encryptedPassword = cryptPasswordWithSalt($password); exec_query(' UPDATE admin SET admin_pass = ?, fname = ?, lname = ?, firm = ?, zip = ?, city = ?, state = ?, country = ?, email = ?, phone = ?, fax = ?, street1 = ?, street2 = ?, gender = ?, customer_id = ? WHERE admin_id = ? AND created_by = ? ', array($encryptedPassword, $firstName, $lastName, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $customerId, $adminId, $resellerId)); $adminName = get_user_name($adminId); exec_query('DELETE FROM login WHERE user_name = ?', $adminName); } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditUser, array('userId' => $adminId)); set_page_message(tr('User data successfully updated'), 'success'); write_log("{$_SESSION['user_logged']} updated data for {$adminName}.", E_USER_NOTICE); if (isset($_POST['send_data']) && $password !== '') { send_add_user_auto_msg($resellerId, $adminName, $password, $email, $firstName, $lastName, tr('Customer')); } redirectTo('users.php'); }
/** * Edit domain alias * * @return bool TRUE on success, FALSE on failure */ function client_editDomainAlias() { if (isset($_GET['id'])) { $domainAliasId = clean_input($_GET['id']); if ($domainAliasData = _client_getAliasData($domainAliasId)) { // Check for URL forwarding option $forwardUrl = 'no'; if (isset($_POST['url_forwarding']) && $_POST['url_forwarding'] == 'yes') { // We are safe here if (isset($_POST['forward_url_scheme']) && isset($_POST['forward_url'])) { $forwardUrl = clean_input($_POST['forward_url_scheme']) . clean_input($_POST['forward_url']); try { try { $uri = iMSCP_Uri_Redirect::fromString($forwardUrl); } catch (Zend_Uri_Exception $e) { throw new iMSCP_Exception(tr('Forward URL %s is not valid.', "<strong>{$forwardUrl}</strong>")); } $uri->setHost(encode_idna($uri->getHost())); if ($uri->getHost() == $domainAliasData['alias_name'] && $uri->getPath() == '/') { throw new iMSCP_Exception(tr('Forward URL %s is not valid.', "<strong>{$forwardUrl}</strong>") . ' ' . tr('Domain alias %s cannot be forwarded on itself.', "<strong>{$domainAliasData['alias_name_utf8']}</strong>")); } $forwardUrl = $uri->getUri(); } catch (Exception $e) { set_page_message($e->getMessage(), 'error'); return false; } } else { showBadRequestErrorPage(); } } iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeEditDomainAlias, array('domainAliasId' => $domainAliasId)); exec_query('UPDATE `domain_aliasses` SET `url_forward` = ?, `alias_status` = ? WHERE `alias_id` = ?', array($forwardUrl, 'tochange', $domainAliasId)); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterEditDomainALias, array('domainAliasId' => $domainAliasId)); send_request(); write_log("{$_SESSION['user_logged']}: scheduled update of domain alias: {$domainAliasData['alias_name_utf8']}.", E_USER_NOTICE); } else { showBadRequestErrorPage(); } } else { showBadRequestErrorPage(); } return true; }
/** * Generate page * * @param $tpl iMSCP_pTemplate * @return void */ function generatePage($tpl) { global $id, $name, $description, $sub, $als, $mail, $mailQuota, $ftp, $sqld, $sqlu, $traffic, $diskSpace, $php, $cgi, $backup, $dns, $aps, $extMail, $webFolderProtection, $status; $tpl->assign(array('ID' => tohtml($id, 'htmlAttr'), 'NAME' => tohtml($name, 'htmlAttr'), 'DESCRIPTION' => tohtml($description), 'MAX_SUB' => tohtml($sub, 'htmlAttr'), 'MAX_ALS' => tohtml($als, 'htmlAttr'), 'MAX_MAIL' => tohtml($mail, 'htmlAttr'), 'MAIL_QUOTA' => tohtml($mailQuota, 'htmlAttr'), 'MAX_FTP' => tohtml($ftp, 'htmlAttr'), 'MAX_SQLD' => tohtml($sqld, 'htmlAttr'), 'MAX_SQLU' => tohtml($sqlu, 'htmlAttr'), 'MONTHLY_TRAFFIC' => tohtml($traffic, 'htmlAttr'), 'MAX_DISKSPACE' => tohtml($diskSpace, 'htmlAttr'), 'PHP_YES' => $php == '_yes_' ? ' checked' : '', 'PHP_NO' => $php == '_yes_' ? '' : ' checked', 'CGI_YES' => $cgi == '_yes_' ? ' checked' : '', 'CGI_NO' => $cgi == '_yes_' ? '' : ' checked', 'DNS_YES' => $dns == '_yes_' ? ' checked' : '', 'DNS_NO' => $dns == '_yes_' ? '' : ' checked', 'TR_SOFTWARE_YES' => $aps == '_yes_' ? ' checked' : '', 'TR_SOFTWARE_NO' => $aps == '_yes_' ? '' : ' checked', 'SOFTWARE_YES' => $aps == '_yes_' ? ' checked' : '', 'SOFTWARE_NO' => $aps == '_yes_' ? '' : ' checked', 'EXTMAIL_YES' => $extMail == '_yes_' ? ' checked' : '', 'EXTMAIL_NO' => $extMail == '_yes_' ? '' : ' checked', 'BACKUPD' => in_array('_dmn_', $backup) ? ' checked' : '', 'BACKUPS' => in_array('_sql_', $backup) ? ' checked' : '', 'BACKUPM' => in_array('_mail_', $backup) ? ' checked' : '', 'PROTECT_WEB_FOLDERS_YES' => $webFolderProtection == '_yes_' ? ' checked' : '', 'PROTECT_WEB_FOLDERS_NO' => $webFolderProtection == '_yes_' ? '' : ' checked', 'STATUS_YES' => $status ? ' checked' : '', 'STATUS_NO' => !$status ? ' checked' : '')); iMSCP_Events_Aggregator::getInstance()->registerListener('onGetJsTranslations', function ($e) { /** @var iMSCP_Events_Event $e */ $translations = $e->getParam('translations'); $translations['core']['error_field_stack'] = iMSCP_Registry::isRegistered('errFieldsStack') ? iMSCP_Registry::get('errFieldsStack') : array(); }); if (!resellerHasFeature('subdomains')) { $tpl->assign('NB_SUBDOMAIN', ''); } if (!resellerHasFeature('domain_aliases')) { $tpl->assign('NB_DOMAIN_ALIASES', ''); } if (!resellerHasFeature('mail')) { $tpl->assign('NB_MAIL', ''); } if (!resellerHasFeature('ftp')) { $tpl->assign('NB_FTP', ''); } if (!resellerHasFeature('sql_db')) { $tpl->assign('NB_SQLD', ''); } if (!resellerHasFeature('sql_user')) { $tpl->assign('NB_SQLU', ''); } if (!resellerHasFeature('php')) { $tpl->assign('PHP_FEATURE', ''); } if (!resellerHasFeature('php_editor')) { $tpl->assign('PHP_EDITOR_FEATURE', ''); } if (!resellerHasFeature('cgi')) { $tpl->assign('CGI_FEATURE', ''); } if (!resellerHasFeature('custom_dns_records')) { $tpl->assign('CUSTOM_DNS_RECORDS_FEATURE', ''); } if (!resellerHasFeature('aps')) { $tpl->assign('APS_FEATURE', ''); } if (!resellerHasFeature('external_mail')) { $tpl->assign('EXT_MAIL_FEATURE', ''); } if (!resellerHasFeature('backup')) { $tpl->assign('BACKUP_FEATURE', ''); } generatePhpBlock($tpl); }
* modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ // Include core library require 'imscp-lib.php'; iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAdminScriptStart); check_login('admin'); if (isset($_GET['id']) and is_numeric($_GET['id'])) { $query = "\n\t\tSELECT\n\t\t\t`software_id`,\n\t\t\t`software_archive`,\n\t\t\t`reseller_id`\n\t\tFROM\n\t\t\t`web_software`\n\t\tWHERE\n\t\t\t`software_id` = ?\n\t\tAND\n\t\t\t`software_active` = 0\n\t"; $rs = exec_query($query, $_GET['id']); if ($rs->recordCount() != 1) { set_page_message(tr('Wrong software id.'), 'error'); redirectTo('software_manage.php'); } else { $update = "\n\t\t\tUPDATE\n\t\t\t\t`web_software`\n\t\t\tSET\n\t\t\t\t`software_active` = 1\n\t\t\tWHERE\n\t\t\t\t`software_id` = ?\n\t\t"; $res = exec_query($update, $_GET['id']); $query = "\n\t\t\tSELECT\n\t\t\t\t`software_id`,\n\t\t\t\t`software_name`,\n\t\t\t\t`software_version`,\n\t\t\t\t`software_language`,\n\t\t\t\t`reseller_id`,\n\t\t\t\t`software_archive`\n\t\t\tFROM\n\t\t\t\t`web_software`\n\t\t\tWHERE\n\t\t\t\t`software_id` = ?\n\t\t"; $res = exec_query($query, $_GET['id']); send_activated_sw($res->fields['reseller_id'], $res->fields['software_archive'] . ".tar.gz", $res->fields['software_id']); set_page_message(tr('Software was activated.'), 'success'); redirectTo('software_manage.php');
/** * Send circular * * @return bool TRUE on success, FALSE otherwise */ function reseller_sendCircular() { if (isset($_POST['sender_name']) && isset($_POST['sender_email']) && isset($_POST['subject']) && isset($_POST['body'])) { $senderName = clean_input($_POST['sender_name']); $senderEmail = clean_input($_POST['sender_email']); $subject = clean_input($_POST['subject'], false); $body = clean_input($_POST['body'], false); if (reseller_isValidCircular($senderName, $senderEmail, $subject, $body)) { $responses = iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeSendCircular, array('sender_name' => $senderName, 'sender_email' => $senderEmail, 'rcpt_to' => 'customers', 'subject' => $subject, 'body' => $body)); if (!$responses->isStopped()) { reseller_sendToCustomers($senderName, $senderEmail, $subject, $body); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterSendCircular, array('sender_name' => $senderName, 'sender_email' => $senderEmail, 'rcpt_to' => 'customers', 'subject' => $subject, 'body' => $body)); set_page_message(tr('Circular successfully sent.'), 'success'); write_log('A circular has been sent by reseller: ' . tohtml("{$senderName} <{$senderEmail}>"), E_USER_NOTICE); } } else { return false; } } else { showBadRequestErrorPage(); } return true; }
/** * Reset instance * * @static * @return void */ public static function resetInstance() { self::$instance = null; }
/** * Return iMSCP_Events_Aggregator instance * * @return iMSCP_Events_Aggregator * @deprecated 1.1.6 (will be removed in later version */ public static function getInstance() { return iMSCP_Events_Aggregator::getInstance(); }
/** * Add new domain alias * * @return bool TRUE on success, FALSE on failure */ function addDomainAlias() { global $mainDmnProps; // Basic check if (empty($_POST['domain_alias_name'])) { set_page_message(tr('You must enter a domain alias name.'), 'error'); return false; } $domainAliasName = clean_input(strtolower($_POST['domain_alias_name'])); // Check for domain alias name syntax global $dmnNameValidationErrMsg; if (!isValidDomainName($domainAliasName)) { set_page_message($dmnNameValidationErrMsg, 'error'); return false; } // www is considered as an alias of the domain alias while (strpos($domainAliasName, 'www.') !== false) { $domainAliasName = substr($domainAliasName, 4); } // Check for domain alias existence if (imscp_domain_exists($domainAliasName, $_SESSION['user_created_by'])) { set_page_message(tr('Domain %s is unavailable.', "<strong>{$domainAliasName}</strong>"), 'error'); return false; } $domainAliasNameAscii = encode_idna($domainAliasName); // Set default mount point $mountPoint = "/{$domainAliasNameAscii}"; // Check for shared mount point option if (isset($_POST['shared_mount_point']) && $_POST['shared_mount_point'] == 'yes') { // We are safe here if (!isset($_POST['shared_mount_point_domain'])) { showBadRequestErrorPage(); } $sharedMountPointDomain = clean_input($_POST['shared_mount_point_domain']); $domainList = _client_getDomainsList(); // Get shared mount point foreach ($domainList as $domain) { if ($domain['name'] == $sharedMountPointDomain) { $mountPoint = $domain['mount_point']; } } } // Check for URL forwarding option $forwardUrl = 'no'; if (isset($_POST['url_forwarding']) && $_POST['url_forwarding'] == 'yes') { if (!isset($_POST['forward_url_scheme']) || isset($_POST['forward_url'])) { showBadRequestErrorPage(); } $forwardUrl = clean_input($_POST['forward_url_scheme']) . clean_input($_POST['forward_url']); try { try { $uri = iMSCP_Uri_Redirect::fromString($forwardUrl); } catch (Zend_Uri_Exception $e) { throw new iMSCP_Exception(tr('Forward URL %s is not valid.', "<strong>{$forwardUrl}</strong>")); } $uri->setHost(encode_idna($uri->getHost())); if ($uri->getHost() == $domainAliasNameAscii && $uri->getPath() == '/') { throw new iMSCP_Exception(tr('Forward URL %s is not valid.', "<strong>{$forwardUrl}</strong>") . ' ' . tr('Domain alias %s cannot be forwarded on itself.', "<strong>{$domainAliasName}</strong>")); } $forwardUrl = $uri->getUri(); } catch (Exception $e) { set_page_message($e->getMessage(), 'error'); return false; } } $isSuUser = isset($_SESSION['logged_from_type']); # See http://youtrack.i-mscp.net/issue/IP-1486 $userEmail = isset($_SESSION['user_email']) ? $_SESSION['user_email'] : ''; $db = iMSCP_Database::getInstance(); try { $db->beginTransaction(); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddDomainAlias, array('domainId' => $mainDmnProps['domain_id'], 'domainAliasName' => $domainAliasNameAscii)); exec_query(' INSERT INTO domain_aliasses ( domain_id, alias_name, alias_mount, alias_status, alias_ip_id, url_forward ) VALUES ( ?, ?, ?, ?, ?, ? ) ', array($mainDmnProps['domain_id'], $domainAliasNameAscii, $mountPoint, $isSuUser ? 'toadd' : 'ordered', $mainDmnProps['domain_ip_id'], $forwardUrl)); $id = $db->insertId(); // Create the phpini entry for that domain alias $phpini = iMSCP_PHPini::getInstance(); $phpini->loadResellerPermissions($_SESSION['user_created_by']); // Load reseller PHP permissions $phpini->loadClientPermissions($_SESSION['user_id']); // Load client PHP permissions $phpini->loadDomainIni($_SESSION['user_id'], $mainDmnProps['domain_id'], 'dmn'); // Load main domain PHP configuration options $phpini->saveDomainIni($_SESSION['user_id'], $id, 'als'); if ($isSuUser) { $cfg = iMSCP_Registry::get('config'); if ($cfg['CREATE_DEFAULT_EMAIL_ADDRESSES'] && $userEmail !== '') { client_mail_add_default_accounts($mainDmnProps['domain_id'], $userEmail, $domainAliasNameAscii, 'alias', $id); } } $db->commit(); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddDomainAlias, array('domainId' => $mainDmnProps['domain_id'], 'domainAliasName' => $domainAliasNameAscii, 'domainAliasId' => $id)); if ($isSuUser) { send_request(); write_log(sprintf('A new `%s` domain alias has been created by: %s', $domainAliasName, $_SESSION['user_logged']), E_USER_NOTICE); set_page_message(tr('Domain alias successfully created.'), 'success'); } else { send_alias_order_email($domainAliasName); write_log(sprintf('A new `%s` domain alias has been ordered by: %s', $domainAliasName, decode_idna($_SESSION['user_logged'])), E_USER_NOTICE); set_page_message(tr('Domain alias successfully ordered.'), 'success'); } } catch (iMSCP_Exception_Database $e) { $db->rollBack(); write_log(sprintf('System was unable to create the `%s` domain alias: %s', $domainAliasName, $e->getMessage()), E_USER_ERROR); set_page_message(tr('Could not create domain alias. An unexpected error occurred.'), 'error'); return false; } return true; }
/** * Load navigation file for current UI level * * @return void */ function layout_LoadNavigation() { if (isset($_SESSION['user_type'])) { /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); $locale = iMSCP_Registry::get('translator')->getLocale(); switch ($_SESSION['user_type']) { case 'admin': $userLevel = 'admin'; $filepath = CACHE_PATH . '/translations/navigation/admin_' . $locale . '.php'; break; case 'reseller': $userLevel = 'reseller'; $filepath = CACHE_PATH . '/translations/navigation/reseller_' . $locale . '.php'; break; default: $userLevel = 'client'; $filepath = CACHE_PATH . '/translations/navigation/client_' . $locale . '.php'; } if (!file_exists($filepath)) { layout_createNavigationFile($cfg->ROOT_TEMPLATE_PATH . "/{$userLevel}/navigation.php", $locale, $userLevel); } iMSCP_Registry::set('navigation', new Zend_Navigation(include $filepath)); // Set main menu labels visibility for the current environment iMSCP_Events_Aggregator::getInstance()->registerListener(iMSCP_Events::onBeforeGenerateNavigation, 'layout_setMainMenuLabelsVisibilityEvt'); } }