function onShowEnd()
{
global $app, $conf;
$rec = $app->tform->getDataRecord($_SESSION['s']['user']['mailuser_id']);
$app->tpl->setVar("email", $rec['email']);
parent::onShowEnd();
}
function onSubmit()
{
global $app, $conf;
// Check the client limits, if user is not the admin
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
// if user is not admin
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT limit_fetchmail FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
// Check if the user may add another transport.
if ($this->id == 0 && $client["limit_fetchmail"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(mailget_id) as number FROM mail_get WHERE sys_groupid = {$client_group_id}");
if ($tmp["number"] >= $client["limit_fetchmail"]) {
$app->tform->errorMessage .= $app->tform->wordbook["limit_fetchmail_txt"] . "<br>";
}
unset($tmp);
}
}
// end if user is not admin
// Set the server ID according to the selected destination
$tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '" . $app->db->quote($this->dataRecord["destination"]) . "'");
$this->dataRecord["server_id"] = $tmp["server_id"];
unset($tmp);
parent::onSubmit();
}
function onShowEnd()
{
global $app, $conf;
$rec = $app->tform->getDataRecord($this->id);
$app->tpl->setVar("email", $rec['email']);
parent::onShowEnd();
}
function onShow()
{
global $app;
// Translate the items, very bad trick... :( because the language file is not loaded yet when the form file gets parsed
foreach ($app->tform->formDef["tabs"]['remote_user']['fields']['remote_functions']['value'] as $key => $val) {
$app->tform->formDef["tabs"]['remote_user']['fields']['remote_functions']['value'][$key] = $app->tform->lng($val) . '<br>';
}
parent::onShow();
}
function onSubmit()
{
global $app, $conf;
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select server_id FROM web_domain WHERE domain_id = " . intval(@$this->dataRecord["parent_domain_id"]));
// Set a few fixed values
$this->dataRecord["server_id"] = $parent_domain["server_id"];
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
// Get the record of the parent domain
$folder = $app->db->queryOneRecord("select server_id FROM web_folder WHERE web_folder_id = " . $app->functions->intval(@$this->dataRecord["web_folder_id"]));
// Set a few fixed values
$this->dataRecord["server_id"] = $folder["server_id"];
parent::onSubmit();
}
function onSubmit()
{
global $app;
//* We do not want to mirror the the server itself
if ($this->id == $this->dataRecord['mirror_server_id']) {
$this->dataRecord['mirror_server_id'] = 0;
}
parent::onSubmit();
}
function onSubmit()
{
global $app;
//* Resellers shall not be able to create another reseller or set reseller specific settings
if ($_SESSION["s"]["user"]["typ"] == 'user') {
$this->dataRecord['limit_client'] = 0;
$this->dataRecord['limit_domainmodule'] = 0;
}
parent::onSubmit();
}
function onShowEnd()
{
global $app;
// Is autoresponder set?
if ($this->dataRecord['autoresponder'] == 'y') {
$app->tpl->setVar("ar_active", 'checked="checked"');
} else {
$app->tpl->setVar("ar_active", '');
}
parent::onShowEnd();
}
function onShow()
{
global $app, $conf;
//* We do not want that messages get edited, so we switch to a
//* read only template if a existing message is loaded
if ($this->id > 0) {
$app->tform->formDef['tabs']['message']['template'] = 'templates/support_message_view.htm';
}
//* call the onShow function of the parent class
parent::onShow();
}
function onDelete()
{
global $app, $conf, $list_def_file, $tform_def_file;
// Loading tform framework
if (!is_object($app->tform)) {
$app->uses('tform');
}
if ($_POST["confirm"] == 'yes') {
parent::onDelete();
} else {
$app->uses('tpl');
$app->tpl->newTemplate("form.tpl.htm");
$app->tpl->setInclude('content_tpl', 'templates/client_del.htm');
include_once $list_def_file;
// Load table definition from file
$app->tform->loadFormDef($tform_def_file);
$this->id = $app->functions->intval($_REQUEST["id"]);
$this->dataRecord = $app->tform->getDataRecord($this->id);
$client_id = $app->functions->intval($this->dataRecord['client_id']);
//$parent_client_id = $app->functions->intval($this->dataRecord['parent_client_id']);
//$parent_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE client_id = $parent_client_id");
$client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = {$client_id}");
// Get all records (sub-clients, mail, web, etc....) of this client.
$tables = 'cron,client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain';
$tables_array = explode(',', $tables);
$client_group_id = $app->functions->intval($client_group['groupid']);
$table_list = array();
if ($client_group_id > 1) {
foreach ($tables_array as $table) {
if ($table != '') {
$records = $app->db->queryAllRecords("SELECT * FROM {$table} WHERE sys_groupid = " . $client_group_id);
$number = count($records);
if ($number > 0) {
$table_list[] = array('table' => $table . "(" . $number . ")");
}
}
}
}
$app->tpl->setVar('id', $this->id);
$app->tpl->setVar('number_records', $number);
$app->tpl->setLoop('records', $table_list);
//* load language file
$lng_file = 'lib/lang/' . $_SESSION['s']['language'] . '_client_del.lng';
include $lng_file;
$app->tpl->setVar($wb);
$app->tpl_defaults();
$app->tpl->pparse();
}
}
function onSubmit()
{
global $app, $conf;
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = " . intval(@$this->dataRecord["parent_domain_id"]));
// Set a few fixed values
$this->dataRecord["type"] = 'subdomain';
$this->dataRecord["server_id"] = $parent_domain["server_id"];
$this->dataRecord["domain"] = $this->dataRecord["domain"] . '.' . $parent_domain["domain"];
$this->parent_domain_record = $parent_domain;
//* make sure that the email domain is lowercase
if (isset($this->dataRecord["domain"])) {
$this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
}
parent::onSubmit();
}
function onSubmit()
{
global $app;
$app->uses('ini_parser,getconf');
$section = $app->tform->getCurrentTab();
$server_config_array = $app->getconf->get_global_config();
$new_config = $app->tform->encode($this->dataRecord, $section);
if ($section == 'mail') {
if ($new_config['smtp_pass'] == '') {
$new_config['smtp_pass'] = $server_config_array['smtp_pass'];
}
if ($new_config['smtp_enabled'] == 'y' && ($new_config['admin_mail'] == '' || $new_config['admin_name'] == '')) {
$app->tform->errorMessage .= $app->tform->lng("smtp_missing_admin_mail_txt");
}
}
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
// Get the record of the parent domain
$folder = $app->db->queryOneRecord("select * FROM web_folder WHERE web_folder_id = " . $app->functions->intval(@$this->dataRecord["web_folder_id"]) . " AND " . $app->tform->getAuthSQL('r'));
if (!$folder || $folder['web_folder_id'] != @$this->dataRecord['web_folder_id']) {
$app->tform->errorMessage .= $app->tform->lng("no_folder_perm");
}
// Set a few fixed values
$this->dataRecord["server_id"] = $folder["server_id"];
// make sure this folder/user combination does not exist already
if ($this->id > 0) {
$user = $app->db->queryOneRecord("SELECT * FROM web_folder_user WHERE web_folder_id = " . $this->dataRecord['web_folder_id'] . " AND username = '******'username'] . "' AND web_folder_user_id != " . $this->id);
} else {
$user = $app->db->queryOneRecord("SELECT * FROM web_folder_user WHERE web_folder_id = " . $this->dataRecord['web_folder_id'] . " AND username = '******'username'] . "'");
}
if (is_array($user) && !empty($user)) {
$app->tform->errorMessage .= $app->tform->lng('error_user_exists_already_txt');
}
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
// Check the client limits, if user is not the admin
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
// if user is not admin
// Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_spamfilter_policy FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
// Check if the user may add another mailbox.
if ($this->id == 0 && $client["limit_spamfilter_policy"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM spamfilter_policy WHERE sys_groupid = {$client_group_id}");
if ($tmp["number"] >= $client["limit_spamfilter_policy"]) {
$app->tform->errorMessage .= $app->tform->wordbook["limit_spamfilter_policy_txt"] . "<br>";
}
unset($tmp);
}
}
// end if user is not admin
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = " . $app->functions->intval(@$this->dataRecord["parent_domain_id"]) . " AND " . $app->tform->getAuthSQL('r'));
if (!$parent_domain || $parent_domain['domain_id'] != @$this->dataRecord['parent_domain_id']) {
$app->tform->errorMessage .= $app->tform->lng("no_domain_perm");
}
// Set a few fixed values
$this->dataRecord["server_id"] = $parent_domain["server_id"];
// make sure this folder isn't protected already
if ($this->id > 0) {
$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE parent_domain_id = " . $this->dataRecord['parent_domain_id'] . " AND path = '" . $this->dataRecord['path'] . "' AND web_folder_id != " . $this->id);
} else {
$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE parent_domain_id = " . $this->dataRecord['parent_domain_id'] . " AND path = '" . $this->dataRecord['path'] . "'");
}
if (is_array($folder) && !empty($folder)) {
$app->tform->errorMessage .= $app->tform->lng('error_folder_already_protected_txt');
}
parent::onSubmit();
}
function onShowEnd()
{
global $app, $conf;
//message variables
$message_variables = '';
$sql = "SHOW COLUMNS FROM client WHERE Field NOT IN ('client_id', 'sys_userid', 'sys_groupid', 'sys_perm_user', 'sys_perm_group', 'sys_perm_other', 'parent_client_id', 'id_rsa', 'ssh_rsa', 'created_at', 'default_mailserver', 'default_webserver', 'web_php_options', 'ssh_chroot', 'default_dnsserver', 'default_dbserver', 'template_master', 'template_additional', 'force_suexec', 'default_slave_dnsserver', 'usertheme', 'locked', 'canceled', 'can_use_api', 'tmp_data', 'customer_no_template', 'customer_no_start', 'customer_no_counter', 'added_date', 'added_by') AND Field NOT LIKE 'limit_%'";
$field_names = $app->db->queryAllRecords($sql);
if (!empty($field_names) && is_array($field_names)) {
foreach ($field_names as $field_name) {
if ($field_name['Field'] != '') {
if ($field_name['Field'] == 'gender') {
$message_variables .= '<a href="javascript:void(0);" class="addPlaceholder">{salutation}</a> ';
} else {
$message_variables .= '<a href="javascript:void(0);" class="addPlaceholder">{' . $field_name['Field'] . '}</a> ';
}
}
}
}
$app->tpl->setVar('message_variables', trim($message_variables));
parent::onShowEnd();
}
function onAfterUpdate()
{
global $app;
// username changed
if ($conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
$username = $app->db->quote($this->dataRecord["username"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET username = '******' WHERE client_id = {$client_id}";
$app->db->query($sql);
$tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = {$client_id}");
$app->db->datalogUpdate("sys_group", "name = '{$username}'", 'groupid', $tmp['groupid']);
unset($tmp);
}
// password changed
if ($conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
$password = $app->db->quote($this->dataRecord["password"]);
$salt = "\$1\$";
$base64_alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
for ($n = 0; $n < 8; $n++) {
$salt .= $base64_alphabet[mt_rand(0, 63)];
}
$salt .= "\$";
$password = crypt(stripslashes($password), $salt);
$client_id = $this->id;
$sql = "UPDATE sys_user SET passwort = '{$password}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
// language changed
if ($conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
$language = $app->db->quote($this->dataRecord["language"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET language = '{$language}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
// reseller status changed
if (isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
$modules = $conf['interface_modules_enabled'];
if ($this->dataRecord["limit_client"] > 0) {
$modules .= ',client';
}
$modules = $app->db->quote($modules);
$client_id = $this->id;
$sql = "UPDATE sys_user SET modules = '{$modules}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
/*
* If there is a client-template, process it */
applyClientTemplates($this->id);
parent::onAfterUpdate();
}
function onAfterUpdate()
{
global $app, $conf;
// username changed
if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
$username = $app->db->quote($this->dataRecord["username"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET username = '******' WHERE client_id = {$client_id}";
$app->db->query($sql);
$tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = {$client_id}");
$app->db->datalogUpdate("sys_group", "name = '{$username}'", 'groupid', $tmp['groupid']);
unset($tmp);
}
// password changed
if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
$password = $app->db->quote($this->dataRecord["password"]);
$salt = "\$1\$";
$base64_alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
for ($n = 0; $n < 8; $n++) {
$salt .= $base64_alphabet[mt_rand(0, 63)];
}
$salt .= "\$";
$password = crypt(stripslashes($password), $salt);
$client_id = $this->id;
$sql = "UPDATE sys_user SET passwort = '{$password}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
if (!isset($this->dataRecord['locked'])) {
$this->dataRecord['locked'] = 'n';
}
if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && $this->dataRecord["locked"] != $this->oldDataRecord['locked']) {
/** lock all the things like web, mail etc. - easy to extend */
// get tmp_data of client
$client_data = $app->db->queryOneRecord('SELECT `tmp_data` FROM `client` WHERE `client_id` = ' . $this->id);
if ($client_data['tmp_data'] == '') {
$tmp_data = array();
} else {
$tmp_data = unserialize($client_data['tmp_data']);
}
if (!is_array($tmp_data)) {
$tmp_data = array();
}
// database tables with their primary key columns
$to_disable = array('cron' => 'id', 'ftp_user' => 'ftp_user_id', 'mail_domain' => 'domain_id', 'mail_user' => 'mailuser_id', 'mail_user_smtp' => 'mailuser_id', 'mail_forwarding' => 'forwarding_id', 'mail_get' => 'mailget_id', 'openvz_vm' => 'vm_id', 'shell_user' => 'shell_user_id', 'webdav_user' => 'webdav_user_id', 'web_database' => 'database_id', 'web_domain' => 'domain_id', 'web_folder' => 'web_folder_id', 'web_folder_user' => 'web_folder_user_id');
$udata = $app->db->queryOneRecord('SELECT `userid` FROM `sys_user` WHERE `client_id` = ' . $this->id);
$gdata = $app->db->queryOneRecord('SELECT `groupid` FROM `sys_group` WHERE `client_id` = ' . $this->id);
$sys_groupid = $gdata['groupid'];
$sys_userid = $udata['userid'];
$entries = array();
if ($this->dataRecord['locked'] == 'y') {
$prev_active = array();
$prev_sysuser = array();
foreach ($to_disable as $current => $keycolumn) {
$active_col = 'active';
$reverse = false;
if ($current == 'mail_user') {
$active_col = 'postfix';
} elseif ($current == 'mail_user_smtp') {
$current = 'mail_user';
$active_col = 'disablesmtp';
$reverse = true;
}
if (!isset($prev_active[$current])) {
$prev_active[$current] = array();
}
if (!isset($prev_sysuser[$current])) {
$prev_sysuser[$current] = array();
}
$entries = $app->db->queryAllRecords('SELECT `' . $keycolumn . '` as `id`, `sys_userid`, `' . $active_col . '` FROM `' . $current . '` WHERE `sys_groupid` = ' . $sys_groupid);
foreach ($entries as $item) {
if ($item[$active_col] != 'y' && $reverse == false) {
$prev_active[$current][$item['id']][$active_col] = 'n';
} elseif ($item[$active_col] == 'y' && $reverse == true) {
$prev_active[$current][$item['id']][$active_col] = 'y';
}
if ($item['sys_userid'] != $sys_userid) {
$prev_sysuser[$current][$item['id']] = $item['sys_userid'];
}
// we don't have to store these if y, as everything without previous state gets enabled later
$app->db->datalogUpdate($current, array($active_col => $reverse == true ? 'y' : 'n', 'sys_userid' => $_SESSION["s"]["user"]["userid"]), $keycolumn, $item['id']);
}
}
$tmp_data['prev_active'] = $prev_active;
$tmp_data['prev_sys_userid'] = $prev_sysuser;
$app->db->query("UPDATE `client` SET `tmp_data` = '" . $app->db->quote(serialize($tmp_data)) . "' WHERE `client_id` = " . $this->id);
unset($prev_active);
unset($prev_sysuser);
} elseif ($this->dataRecord['locked'] == 'n') {
foreach ($to_disable as $current => $keycolumn) {
$active_col = 'active';
$reverse = false;
if ($current == 'mail_user') {
$active_col = 'postfix';
} elseif ($current == 'mail_user_smtp') {
$current = 'mail_user';
$active_col = 'disablesmtp';
$reverse = true;
}
$entries = $app->db->queryAllRecords('SELECT `' . $keycolumn . '` as `id` FROM `' . $current . '` WHERE `sys_groupid` = ' . $sys_groupid);
foreach ($entries as $item) {
$set_active = $reverse == true ? 'n' : 'y';
$set_inactive = $reverse == true ? 'y' : 'n';
$set_sysuser = $sys_userid;
if (array_key_exists('prev_active', $tmp_data) == true && array_key_exists($current, $tmp_data['prev_active']) == true && array_key_exists($item['id'], $tmp_data['prev_active'][$current]) == true && $tmp_data['prev_active'][$current][$item['id']][$active_col] == $set_inactive) {
$set_active = $set_inactive;
}
if (array_key_exists('prev_sysuser', $tmp_data) == true && array_key_exists($current, $tmp_data['prev_sysuser']) == true && array_key_exists($item['id'], $tmp_data['prev_sysuser'][$current]) == true && $tmp_data['prev_sysuser'][$current][$item['id']] != $sys_userid) {
$set_sysuser = $tmp_data['prev_sysuser'][$current][$item['id']];
}
$app->db->datalogUpdate($current, array($active_col => $set_active, 'sys_userid' => $set_sysuser), $keycolumn, $item['id']);
}
}
if (array_key_exists('prev_active', $tmp_data)) {
unset($tmp_data['prev_active']);
}
$app->db->query("UPDATE `client` SET `tmp_data` = '" . $app->db->quote(serialize($tmp_data)) . "' WHERE `client_id` = " . $this->id);
}
unset($tmp_data);
unset($entries);
unset($to_disable);
}
if (!isset($this->dataRecord['canceled'])) {
$this->dataRecord['canceled'] = 'n';
}
if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && $this->dataRecord["canceled"] != $this->oldDataRecord['canceled']) {
if ($this->dataRecord['canceled'] == 'y') {
$sql = "UPDATE sys_user SET active = '0' WHERE client_id = " . $this->id;
$app->db->query($sql);
} elseif ($this->dataRecord['canceled'] == 'n') {
$sql = "UPDATE sys_user SET active = '1' WHERE client_id = " . $this->id;
$app->db->query($sql);
}
}
// language changed
if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
$language = $app->db->quote($this->dataRecord["language"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET language = '{$language}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
//* reseller status changed
if (isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
$modules = $conf['interface_modules_enabled'];
if ($this->dataRecord["limit_client"] > 0) {
$modules .= ',client';
}
$modules = $app->db->quote($modules);
$client_id = $this->id;
$sql = "UPDATE sys_user SET modules = '{$modules}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
//* Client has been moved to another reseller
if ($_SESSION['s']['user']['typ'] == 'admin' && isset($this->dataRecord['parent_client_id']) && $this->dataRecord['parent_client_id'] != $this->oldDataRecord['parent_client_id']) {
//* Get groupid of the client
$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = " . intval($this->id));
$groupid = $tmp['groupid'];
unset($tmp);
//* Remove sys_user of old reseller from client group
if ($this->oldDataRecord['parent_client_id'] > 0) {
//* get userid of the old reseller remove it from the group of the client
$tmp = $app->db->queryOneRecord("SELECT sys_user.userid FROM sys_user,sys_group WHERE sys_user.default_group = sys_group.groupid AND sys_group.client_id = " . $app->functions->intval($this->oldDataRecord['parent_client_id']));
$app->auth->remove_group_from_user($tmp['userid'], $groupid);
unset($tmp);
}
//* Add sys_user of new reseller to client group
if ($this->dataRecord['parent_client_id'] > 0) {
//* get userid of the reseller and add it to the group of the client
$tmp = $app->db->queryOneRecord("SELECT sys_user.userid, sys_user.default_group FROM sys_user,sys_group WHERE sys_user.default_group = sys_group.groupid AND sys_group.client_id = " . $app->functions->intval($this->dataRecord['parent_client_id']));
$app->auth->add_group_to_user($tmp['userid'], $groupid);
$app->db->query("UPDATE client SET sys_userid = " . $app->functions->intval($tmp['userid']) . ", sys_groupid = " . $app->functions->intval($tmp['default_group']) . ", parent_client_id = " . $app->functions->intval($this->dataRecord['parent_client_id']) . " WHERE client_id = " . $this->id);
unset($tmp);
} else {
//* Client is not assigned to a reseller anymore, so we assign it to the admin
$app->db->query("UPDATE client SET sys_userid = 1, sys_groupid = 1, parent_client_id = 0 WHERE client_id = " . $this->id);
}
}
if (isset($this->dataRecord['template_master'])) {
$app->uses('client_templates');
$app->client_templates->update_client_templates($this->id, $this->_template_additional);
}
parent::onAfterUpdate();
}
function onSubmit()
{
global $app, $conf;
/* check if the domain module is used - and check if the selected domain can be used! */
if ($app->tform->getCurrentTab() == 'domain') {
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
$domain_check = $app->tools_sites->checkDomainModuleDomain($this->dataRecord['domain']);
if (!$domain_check) {
// invalid domain selected
$app->tform->errorMessage .= $app->tform->lng("domain_error_empty") . "<br />";
} else {
$this->dataRecord['domain'] = $domain_check;
}
}
}
// nginx: if redirect type is proxy and redirect path is no URL, display error
//if($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'],0,1) == '/'){
// $app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
//}
// Set a few fixed values
$this->dataRecord["parent_domain_id"] = 0;
$this->dataRecord["type"] = 'vhost';
$this->dataRecord["vhost_type"] = 'name';
$read_limits = array('limit_cgi', 'limit_ssi', 'limit_perl', 'limit_ruby', 'limit_python', 'force_suexec', 'limit_hterror', 'limit_wildcard', 'limit_ssl');
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_domain, default_webserver, parent_client_id, limit_web_quota, client." . implode(", client.", $read_limits) . " FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
if ($client['limit_cgi'] != 'y') {
$this->dataRecord['cgi'] = 'n';
}
if ($client['limit_ssi'] != 'y') {
$this->dataRecord['ssi'] = 'n';
}
if ($client['limit_perl'] != 'y') {
$this->dataRecord['perl'] = 'n';
}
if ($client['limit_ruby'] != 'y') {
$this->dataRecord['ruby'] = 'n';
}
if ($client['limit_python'] != 'y') {
$this->dataRecord['python'] = 'n';
}
if ($client['force_suexec'] == 'y') {
$this->dataRecord['suexec'] = 'y';
}
if ($client['limit_hterror'] != 'y') {
$this->dataRecord['errordocs'] = 'n';
}
if ($client['limit_wildcard'] != 'y' && $this->dataRecord['subdomain'] == '*') {
$this->dataRecord['subdomain'] = 'n';
}
if ($client['limit_ssl'] != 'y') {
$this->dataRecord['ssl'] = 'n';
}
// only generate quota and traffic warnings if value has changed
if ($this->id > 0) {
$old_web_values = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = " . $app->functions->intval($this->id));
} else {
$old_web_values = array();
}
//* Check the website quota of the client
if (isset($_POST["hd_quota"]) && $client["limit_web_quota"] >= 0 && $_POST["hd_quota"] != $old_web_values["hd_quota"]) {
$tmp = $app->db->queryOneRecord("SELECT sum(hd_quota) as webquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND type = 'vhost' AND " . $app->tform->getAuthSQL('u'));
$webquota = $tmp["webquota"];
$new_web_quota = $app->functions->intval($this->dataRecord["hd_quota"]);
if ($webquota + $new_web_quota > $client["limit_web_quota"] || $new_web_quota < 0 && $client["limit_web_quota"] >= 0) {
$max_free_quota = floor($client["limit_web_quota"] - $webquota);
if ($max_free_quota < 0) {
$max_free_quota = 0;
}
$app->tform->errorMessage .= $app->tform->lng("limit_web_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
// Set the quota field to the max free space
$this->dataRecord["hd_quota"] = $max_free_quota;
}
unset($tmp);
unset($tmp_quota);
}
//* Check the traffic quota of the client
if (isset($_POST["traffic_quota"]) && $client["limit_traffic_quota"] > 0 && $_POST["traffic_quota"] != $old_web_values["traffic_quota"]) {
$tmp = $app->db->queryOneRecord("SELECT sum(traffic_quota) as trafficquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
$trafficquota = $tmp["trafficquota"];
$new_traffic_quota = $app->functions->intval($this->dataRecord["traffic_quota"]);
if ($trafficquota + $new_traffic_quota > $client["limit_traffic_quota"] || $new_traffic_quota < 0 && $client["limit_traffic_quota"] >= 0) {
$max_free_quota = floor($client["limit_traffic_quota"] - $trafficquota);
if ($max_free_quota < 0) {
$max_free_quota = 0;
}
$app->tform->errorMessage .= $app->tform->lng("limit_traffic_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
// Set the quota field to the max free space
$this->dataRecord["traffic_quota"] = $max_free_quota;
}
unset($tmp);
unset($tmp_quota);
}
if ($client['parent_client_id'] > 0) {
// Get the limits of the reseller
$reseller = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_domain, default_webserver, limit_web_quota FROM client WHERE client_id = " . $app->functions->intval($client['parent_client_id']));
//* Check the website quota of the client
if (isset($_POST["hd_quota"]) && $reseller["limit_web_quota"] >= 0 && $_POST["hd_quota"] != $old_web_values["hd_quota"]) {
$tmp = $app->db->queryOneRecord("SELECT sum(hd_quota) as webquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND type = 'vhost' AND " . $app->tform->getAuthSQL('u'));
$webquota = $tmp["webquota"];
$new_web_quota = $app->functions->intval($this->dataRecord["hd_quota"]);
if ($webquota + $new_web_quota > $reseller["limit_web_quota"] || $new_web_quota < 0 && $reseller["limit_web_quota"] >= 0) {
$max_free_quota = floor($reseller["limit_web_quota"] - $webquota);
if ($max_free_quota < 0) {
$max_free_quota = 0;
}
$app->tform->errorMessage .= $app->tform->lng("limit_web_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
// Set the quota field to the max free space
$this->dataRecord["hd_quota"] = $max_free_quota;
}
unset($tmp);
unset($tmp_quota);
}
//* Check the traffic quota of the client
if (isset($_POST["traffic_quota"]) && $reseller["limit_traffic_quota"] > 0 && $_POST["traffic_quota"] != $old_web_values["traffic_quota"]) {
$tmp = $app->db->queryOneRecord("SELECT sum(traffic_quota) as trafficquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
$trafficquota = $tmp["trafficquota"];
$new_traffic_quota = $app->functions->intval($this->dataRecord["traffic_quota"]);
if ($trafficquota + $new_traffic_quota > $reseller["limit_traffic_quota"] || $new_traffic_quota < 0 && $reseller["limit_traffic_quota"] >= 0) {
$max_free_quota = floor($reseller["limit_traffic_quota"] - $trafficquota);
if ($max_free_quota < 0) {
$max_free_quota = 0;
}
$app->tform->errorMessage .= $app->tform->lng("limit_traffic_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
// Set the quota field to the max free space
$this->dataRecord["traffic_quota"] = $max_free_quota;
}
unset($tmp);
unset($tmp_quota);
}
}
// When the record is updated
if ($this->id > 0) {
// restore the server ID if the user is not admin and record is edited
$tmp = $app->db->queryOneRecord("SELECT server_id, `system_user`, `system_group`, `cgi`, `ssi`, `perl`, `ruby`, `python`, `suexec`, `errordocs`, `subdomain`, `ssl` FROM web_domain WHERE domain_id = " . $app->functions->intval($this->id));
$this->dataRecord["server_id"] = $tmp["server_id"];
$this->dataRecord['system_user'] = $tmp['system_user'];
$this->dataRecord['system_group'] = $tmp['system_group'];
// set the settings to current if not provided (or cleared due to limits)
if ($this->dataRecord['cgi'] == 'n') {
$this->dataRecord['cgi'] = $tmp['cgi'];
}
if ($this->dataRecord['ssi'] == 'n') {
$this->dataRecord['ssi'] = $tmp['ssi'];
}
if ($this->dataRecord['perl'] == 'n') {
$this->dataRecord['perl'] = $tmp['perl'];
}
if ($this->dataRecord['ruby'] == 'n') {
$this->dataRecord['ruby'] = $tmp['ruby'];
}
if ($this->dataRecord['python'] == 'n') {
$this->dataRecord['python'] = $tmp['python'];
}
if ($this->dataRecord['suexec'] == 'n') {
$this->dataRecord['suexec'] = $tmp['suexec'];
}
if ($this->dataRecord['errordocs'] == 'n') {
$this->dataRecord['errordocs'] = $tmp['errordocs'];
}
if ($this->dataRecord['subdomain'] == 'n') {
$this->dataRecord['subdomain'] = $tmp['subdomain'];
}
if ($this->dataRecord['ssl'] == 'n') {
$this->dataRecord['ssl'] = $tmp['ssl'];
}
unset($tmp);
// When the record is inserted
} else {
//* set the server ID to the default webserver of the client
$this->dataRecord["server_id"] = $client["default_webserver"];
// Check if the user may add another web_domain
if ($client["limit_web_domain"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM web_domain WHERE sys_groupid = {$client_group_id} and type = 'vhost'");
if ($tmp["number"] >= $client["limit_web_domain"]) {
$app->error($app->tform->wordbook["limit_web_domain_txt"]);
}
}
}
// Clients may not set the client_group_id, so we unset them if user is not a admin and the client is not a reseller
if (!$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
unset($this->dataRecord["client_group_id"]);
}
}
//* make sure that the email domain is lowercase
if (isset($this->dataRecord["domain"])) {
$this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
}
//* get the server config for this server
$app->uses("getconf");
if ($this->id > 0) {
$web_rec = $app->tform->getDataRecord($this->id);
$server_id = $web_rec["server_id"];
} else {
// Get the first server ID
$tmp = $app->db->queryOneRecord("SELECT server_id FROM server WHERE web_server = 1 ORDER BY server_name LIMIT 0,1");
$server_id = intval($tmp['server_id']);
}
$web_config = $app->getconf->get_server_config($app->functions->intval(isset($this->dataRecord["server_id"]) ? $this->dataRecord["server_id"] : $server_id), 'web');
//* Check for duplicate ssl certs per IP if SNI is disabled
if (isset($this->dataRecord['ssl']) && $this->dataRecord['ssl'] == 'y' && $web_config['enable_sni'] != 'y') {
$sql = "SELECT count(domain_id) as number FROM web_domain WHERE `ssl` = 'y' AND ip_address = '" . $app->db->quote($this->dataRecord['ip_address']) . "' and domain_id != " . $this->id;
$tmp = $app->db->queryOneRecord($sql);
if ($tmp['number'] > 0) {
$app->tform->errorMessage .= $app->tform->lng("error_no_sni_txt");
}
}
// Check if pm.max_children >= pm.max_spare_servers >= pm.start_servers >= pm.min_spare_servers > 0
if (isset($this->dataRecord['pm_max_children']) && $this->dataRecord['pm'] == 'dynamic') {
if ($app->functions->intval($this->dataRecord['pm_max_children'], true) >= $app->functions->intval($this->dataRecord['pm_max_spare_servers'], true) && $app->functions->intval($this->dataRecord['pm_max_spare_servers'], true) >= $app->functions->intval($this->dataRecord['pm_start_servers'], true) && $app->functions->intval($this->dataRecord['pm_start_servers'], true) >= $app->functions->intval($this->dataRecord['pm_min_spare_servers'], true) && $app->functions->intval($this->dataRecord['pm_min_spare_servers'], true) > 0) {
} else {
$app->tform->errorMessage .= $app->tform->lng("error_php_fpm_pm_settings_txt") . '<br>';
}
}
// Check rewrite rules
$server_type = $web_config['server_type'];
if ($server_type == 'nginx' && isset($this->dataRecord['rewrite_rules']) && trim($this->dataRecord['rewrite_rules']) != '') {
$rewrite_rules = trim($this->dataRecord['rewrite_rules']);
$rewrites_are_valid = true;
// use this counter to make sure all curly brackets are properly closed
$if_level = 0;
// Make sure we only have Unix linebreaks
$rewrite_rules = str_replace("\r\n", "\n", $rewrite_rules);
$rewrite_rules = str_replace("\r", "\n", $rewrite_rules);
$rewrite_rule_lines = explode("\n", $rewrite_rules);
if (is_array($rewrite_rule_lines) && !empty($rewrite_rule_lines)) {
foreach ($rewrite_rule_lines as $rewrite_rule_line) {
// ignore comments
if (substr(ltrim($rewrite_rule_line), 0, 1) == '#') {
continue;
}
// empty lines
if (trim($rewrite_rule_line) == '') {
continue;
}
// rewrite
if (preg_match('@^\\s*rewrite\\s+(^/)?\\S+(\\$)?\\s+\\S+(\\s+(last|break|redirect|permanent|))?\\s*;\\s*$@', $rewrite_rule_line)) {
continue;
}
if (preg_match('@^\\s*rewrite\\s+(^/)?(\'[^\']+\'|"[^"]+")+(\\$)?\\s+(\'[^\']+\'|"[^"]+")+(\\s+(last|break|redirect|permanent|))?\\s*;\\s*$@', $rewrite_rule_line)) {
continue;
}
if (preg_match('@^\\s*rewrite\\s+(^/)?(\'[^\']+\'|"[^"]+")+(\\$)?\\s+\\S+(\\s+(last|break|redirect|permanent|))?\\s*;\\s*$@', $rewrite_rule_line)) {
continue;
}
if (preg_match('@^\\s*rewrite\\s+(^/)?\\S+(\\$)?\\s+(\'[^\']+\'|"[^"]+")+(\\s+(last|break|redirect|permanent|))?\\s*;\\s*$@', $rewrite_rule_line)) {
continue;
}
// if
if (preg_match('@^\\s*if\\s+\\(\\s*\\$\\S+(\\s+(\\!?(=|~|~\\*))\\s+(\\S+|\\".+\\"))?\\s*\\)\\s*\\{\\s*$@', $rewrite_rule_line)) {
$if_level += 1;
continue;
}
// if - check for files, directories, etc.
if (preg_match('@^\\s*if\\s+\\(\\s*\\!?-(f|d|e|x)\\s+\\S+\\s*\\)\\s*\\{\\s*$@', $rewrite_rule_line)) {
$if_level += 1;
continue;
}
// break
if (preg_match('@^\\s*break\\s*;\\s*$@', $rewrite_rule_line)) {
continue;
}
// return code [ text ]
if (preg_match('@^\\s*return\\s+\\d\\d\\d.*;\\s*$@', $rewrite_rule_line)) {
continue;
}
// return code URL
// return URL
if (preg_match('@^\\s*return(\\s+\\d\\d\\d)?\\s+(http|https|ftp)\\://([a-zA-Z0-9\\.\\-]+(\\:[a-zA-Z0-9\\.&%\\$\\-]+)*\\@)*((25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9])\\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[0-9])|localhost|([a-zA-Z0-9\\-]+\\.)*[a-zA-Z0-9\\-]+\\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(\\:[0-9]+)*(/($|[a-zA-Z0-9\\.\\,\\?\'\\\\+&%\\$#\\=~_\\-]+))*\\s*;\\s*$@', $rewrite_rule_line)) {
continue;
}
// set
if (preg_match('@^\\s*set\\s+\\$\\S+\\s+\\S+\\s*;\\s*$@', $rewrite_rule_line)) {
continue;
}
// closing curly bracket
if (trim($rewrite_rule_line) == '}') {
$if_level -= 1;
continue;
}
$rewrites_are_valid = false;
break;
}
}
if (!$rewrites_are_valid || $if_level != 0) {
$app->tform->errorMessage .= $app->tform->lng("invalid_rewrite_rules_txt") . '<br>';
}
}
// check custom php.ini settings
if (isset($this->dataRecord['custom_php_ini']) && trim($this->dataRecord['custom_php_ini']) != '') {
$custom_php_ini_settings = trim($this->dataRecord['custom_php_ini']);
$custom_php_ini_settings_are_valid = true;
// Make sure we only have Unix linebreaks
$custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
$custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
$custom_php_ini_settings_lines = explode("\n", $custom_php_ini_settings);
if (is_array($custom_php_ini_settings_lines) && !empty($custom_php_ini_settings_lines)) {
foreach ($custom_php_ini_settings_lines as $custom_php_ini_settings_line) {
if (trim($custom_php_ini_settings_line) == '') {
continue;
}
if (substr(trim($custom_php_ini_settings_line), 0, 1) == ';') {
continue;
}
// empty value
if (preg_match('@^\\s*;*\\s*[a-zA-Z0-9._]*\\s*=\\s*;*\\s*$@', $custom_php_ini_settings_line)) {
continue;
}
// value inside ""
if (preg_match('@^\\s*;*\\s*[a-zA-Z0-9._]*\\s*=\\s*".*"\\s*;*\\s*$@', $custom_php_ini_settings_line)) {
continue;
}
// value inside ''
if (preg_match('@^\\s*;*\\s*[a-zA-Z0-9._]*\\s*=\\s*\'.*\'\\s*;*\\s*$@', $custom_php_ini_settings_line)) {
continue;
}
// everything else
if (preg_match('@^\\s*;*\\s*[a-zA-Z0-9._]*\\s*=\\s*[-a-zA-Z0-9~&=_\\@/,.#\\s|()]*\\s*;*\\s*$@', $custom_php_ini_settings_line)) {
continue;
}
$custom_php_ini_settings_are_valid = false;
break;
}
}
if (!$custom_php_ini_settings_are_valid) {
$app->tform->errorMessage .= $app->tform->lng("invalid_custom_php_ini_settings_txt") . '<br>';
}
}
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
/* check if the domain module is used - and check if the selected domain can be used! */
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
$domain_check = $app->tools_sites->checkDomainModuleDomain($this->dataRecord['domain']);
if (!$domain_check) {
// invalid domain selected
$app->tform->errorMessage .= $app->tform->lng("domain_error_empty") . "<br />";
} else {
$this->dataRecord['domain'] = $domain_check;
}
}
// nginx: if redirect type is proxy and redirect path is no URL, display error
if ($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'], 0, 1) == '/') {
$app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url") . "<br />";
}
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = " . $app->functions->intval(@$this->dataRecord["parent_domain_id"]));
// Set a few fixed values
$this->dataRecord["type"] = 'alias';
$this->dataRecord["server_id"] = $parent_domain["server_id"];
//$this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
$this->parent_domain_record = $parent_domain;
//* make sure that the domain is lowercase
if (isset($this->dataRecord["domain"])) {
$this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
}
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
// Get the record of the parent domain
if (!@$this->dataRecord["parent_domain_id"] && $this->id) {
$tmp = $app->db->queryOneRecord("SELECT parent_domain_id FROM web_domain WHERE domain_id = " . $app->functions->intval($this->id));
if ($tmp) {
$this->dataRecord["parent_domain_id"] = $tmp['parent_domain_id'];
}
unset($tmp);
}
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = " . $app->functions->intval(@$this->dataRecord["parent_domain_id"]));
// Set a few fixed values
$this->dataRecord["type"] = 'vhostsubdomain';
$this->dataRecord["server_id"] = $parent_domain["server_id"];
$this->dataRecord["ip_address"] = $parent_domain["ip_address"];
$this->dataRecord["ipv6_address"] = $parent_domain["ipv6_address"];
$this->dataRecord["client_group_id"] = $parent_domain["client_group_id"];
$this->dataRecord["vhost_type"] = 'name';
$this->parent_domain_record = $parent_domain;
$read_limits = array('limit_cgi', 'limit_ssi', 'limit_perl', 'limit_ruby', 'limit_python', 'force_suexec', 'limit_hterror', 'limit_wildcard', 'limit_ssl');
if ($app->tform->getCurrentTab() == 'domain') {
/* check if the domain module is used - and check if the selected domain can be used! */
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
$domain_check = $app->tools_sites->checkDomainModuleDomain($this->dataRecord['sel_domain']);
if (!$domain_check) {
// invalid domain selected
$app->tform->errorMessage .= $app->tform->lng("domain_error_empty") . "<br />";
} else {
$this->dataRecord['domain'] = $this->dataRecord['domain'] . '.' . $domain_check;
}
} else {
$this->dataRecord["domain"] = $this->dataRecord["domain"] . '.' . $parent_domain["domain"];
}
$this->dataRecord['web_folder'] = strtolower($this->dataRecord['web_folder']);
if (substr($this->dataRecord['web_folder'], 0, 1) === '/') {
$this->dataRecord['web_folder'] = substr($this->dataRecord['web_folder'], 1);
}
if (substr($this->dataRecord['web_folder'], -1) === '/') {
$this->dataRecord['web_folder'] = substr($this->dataRecord['web_folder'], 0, -1);
}
$forbidden_folders = array('', 'cgi-bin', 'log', 'private', 'ssl', 'tmp', 'webdav');
$check_folder = strtolower($this->dataRecord['web_folder']);
if (substr($check_folder, 0, 1) === '/') {
$check_folder = substr($check_folder, 1);
}
// strip / at beginning to check against forbidden entries
if (strpos($check_folder, '/') !== false) {
$check_folder = substr($check_folder, 0, strpos($check_folder, '/'));
}
// get the first part of the path to check it
if (in_array($check_folder, $forbidden_folders)) {
$app->tform->errorMessage .= $app->tform->lng("web_folder_invalid_txt") . "<br>";
}
// check for duplicate folder usage
/*
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_domain` WHERE `type` = 'vhostsubdomain' AND `parent_domain_id` = '" . $app->functions->intval($this->dataRecord['parent_domain_id']) . "' AND `web_folder` = '" . $app->db->quote($this->dataRecord['web_folder']) . "' AND `domain_id` != '" . $app->functions->intval($this->id) . "'");
if($check && $check['cnt'] > 0) {
$app->tform->errorMessage .= $app->tform->lng("web_folder_unique_txt")."<br>";
}
*/
} else {
$this->dataRecord["domain"] = $this->dataRecord["domain"] . '.' . $parent_domain["domain"];
}
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_subdomain, default_webserver, parent_client_id, limit_web_quota, client." . implode(", client.", $read_limits) . " FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
if ($client['limit_cgi'] != 'y') {
$this->dataRecord['cgi'] = '-';
}
if ($client['limit_ssi'] != 'y') {
$this->dataRecord['ssi'] = '-';
}
if ($client['limit_perl'] != 'y') {
$this->dataRecord['perl'] = '-';
}
if ($client['limit_ruby'] != 'y') {
$this->dataRecord['ruby'] = '-';
}
if ($client['limit_python'] != 'y') {
$this->dataRecord['python'] = '-';
}
if ($client['force_suexec'] != 'n') {
$this->dataRecord['suexec'] = '-';
}
if ($client['limit_hterror'] != 'y') {
$this->dataRecord['errordocs'] = '-';
}
if ($client['limit_wildcard'] != 'y' && $this->dataRecord['subdomain'] == '*') {
$this->dataRecord['subdomain'] = '-';
}
if ($client['limit_ssl'] != 'y') {
$this->dataRecord['ssl'] = '-';
}
//* Check the website quota of the client
if (isset($_POST["hd_quota"]) && $client["limit_web_quota"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT sum(hd_quota) as webquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
$webquota = $tmp["webquota"];
$new_web_quota = $app->functions->intval($this->dataRecord["hd_quota"]);
if ($webquota + $new_web_quota > $client["limit_web_quota"] || $new_web_quota < 0 && $client["limit_web_quota"] >= 0) {
$max_free_quota = floor($client["limit_web_quota"] - $webquota);
if ($max_free_quota < 0) {
$max_free_quota = 0;
}
$app->tform->errorMessage .= $app->tform->lng("limit_web_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
// Set the quota field to the max free space
$this->dataRecord["hd_quota"] = $max_free_quota;
}
unset($tmp);
unset($tmp_quota);
}
//* Check the traffic quota of the client
if (isset($_POST["traffic_quota"]) && $client["limit_traffic_quota"] > 0) {
$tmp = $app->db->queryOneRecord("SELECT sum(traffic_quota) as trafficquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
$trafficquota = $tmp["trafficquota"];
$new_traffic_quota = $app->functions->intval($this->dataRecord["traffic_quota"]);
if ($trafficquota + $new_traffic_quota > $client["limit_traffic_quota"] || $new_traffic_quota < 0 && $client["limit_traffic_quota"] >= 0) {
$max_free_quota = floor($client["limit_traffic_quota"] - $trafficquota);
if ($max_free_quota < 0) {
$max_free_quota = 0;
}
$app->tform->errorMessage .= $app->tform->lng("limit_traffic_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
// Set the quota field to the max free space
$this->dataRecord["traffic_quota"] = $max_free_quota;
}
unset($tmp);
unset($tmp_quota);
}
if ($client['parent_client_id'] > 0) {
// Get the limits of the reseller
$reseller = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_subdomain, default_webserver, limit_web_quota FROM client WHERE client_id = " . $client['parent_client_id']);
//* Check the website quota of the client
if (isset($_POST["hd_quota"]) && $reseller["limit_web_quota"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT sum(hd_quota) as webquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
$webquota = $tmp["webquota"];
$new_web_quota = $app->functions->intval($this->dataRecord["hd_quota"]);
if ($webquota + $new_web_quota > $reseller["limit_web_quota"] || $new_web_quota < 0 && $reseller["limit_web_quota"] >= 0) {
$max_free_quota = floor($reseller["limit_web_quota"] - $webquota);
if ($max_free_quota < 0) {
$max_free_quota = 0;
}
$app->tform->errorMessage .= $app->tform->lng("limit_web_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
// Set the quota field to the max free space
$this->dataRecord["hd_quota"] = $max_free_quota;
}
unset($tmp);
unset($tmp_quota);
}
//* Check the traffic quota of the client
if (isset($_POST["traffic_quota"]) && $reseller["limit_traffic_quota"] > 0) {
$tmp = $app->db->queryOneRecord("SELECT sum(traffic_quota) as trafficquota FROM web_domain WHERE domain_id != " . $app->functions->intval($this->id) . " AND " . $app->tform->getAuthSQL('u'));
$trafficquota = $tmp["trafficquota"];
$new_traffic_quota = $app->functions->intval($this->dataRecord["traffic_quota"]);
if ($trafficquota + $new_traffic_quota > $reseller["limit_traffic_quota"] || $new_traffic_quota < 0 && $reseller["limit_traffic_quota"] >= 0) {
$max_free_quota = floor($reseller["limit_traffic_quota"] - $trafficquota);
if ($max_free_quota < 0) {
$max_free_quota = 0;
}
$app->tform->errorMessage .= $app->tform->lng("limit_traffic_quota_free_txt") . ": " . $max_free_quota . " MB<br>";
// Set the quota field to the max free space
$this->dataRecord["traffic_quota"] = $max_free_quota;
}
unset($tmp);
unset($tmp_quota);
}
}
// When the record is updated
if ($this->id > 0) {
// restore the server ID if the user is not admin and record is edited
$tmp = $app->db->queryOneRecord("SELECT server_id, `web_folder`, `cgi`, `ssi`, `perl`, `ruby`, `python`, `suexec`, `errordocs`, `subdomain`, `ssl` FROM web_domain WHERE domain_id = " . $app->functions->intval($this->id));
$this->dataRecord['web_folder'] = $tmp['web_folder'];
// cannot be changed!
// set the settings to current if not provided (or cleared due to limits)
if ($this->dataRecord['cgi'] == '-') {
$this->dataRecord['cgi'] = $tmp['cgi'];
}
if ($this->dataRecord['ssi'] == '-') {
$this->dataRecord['ssi'] = $tmp['ssi'];
}
if ($this->dataRecord['perl'] == '-') {
$this->dataRecord['perl'] = $tmp['perl'];
}
if ($this->dataRecord['ruby'] == '-') {
$this->dataRecord['ruby'] = $tmp['ruby'];
}
if ($this->dataRecord['python'] == '-') {
$this->dataRecord['python'] = $tmp['python'];
}
if ($this->dataRecord['suexec'] == '-') {
$this->dataRecord['suexec'] = $tmp['suexec'];
}
if ($this->dataRecord['errordocs'] == '-') {
$this->dataRecord['errordocs'] = $tmp['errordocs'];
}
if ($this->dataRecord['subdomain'] == '-') {
$this->dataRecord['subdomain'] = $tmp['subdomain'];
}
if ($this->dataRecord['ssl'] == '-') {
$this->dataRecord['ssl'] = $tmp['ssl'];
}
unset($tmp);
// When the record is inserted
} else {
// Check if the user may add another web_domain
if ($client["limit_web_subdomain"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM web_domain WHERE sys_groupid = {$client_group_id} and (type = 'subdomain' OR type = 'vhostsubdomain')");
if ($tmp["number"] >= $client["limit_web_subdomain"]) {
$app->error($app->tform->wordbook["limit_web_subdomain_txt"]);
}
}
}
}
//* make sure that the domain is lowercase
if (isset($this->dataRecord["domain"])) {
$this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
}
//* get the server config for this server
$app->uses("getconf");
$web_config = $app->getconf->get_server_config($app->functions->intval(isset($this->dataRecord["server_id"]) ? $this->dataRecord["server_id"] : 0), 'web');
//* Check for duplicate ssl certs per IP if SNI is disabled
if (isset($this->dataRecord['ssl']) && $this->dataRecord['ssl'] == 'y' && $web_config['enable_sni'] != 'y') {
$sql = "SELECT count(domain_id) as number FROM web_domain WHERE `ssl` = 'y' AND ip_address = '" . $app->db->quote($this->dataRecord['ip_address']) . "' and domain_id != " . $this->id;
$tmp = $app->db->queryOneRecord($sql);
if ($tmp['number'] > 0) {
$app->tform->errorMessage .= $app->tform->lng("error_no_sni_txt");
}
}
// Check if pm.max_children >= pm.max_spare_servers >= pm.start_servers >= pm.min_spare_servers > 0
if (isset($this->dataRecord['pm_max_children']) && $this->dataRecord['pm'] == 'dynamic') {
if ($app->functions->intval($this->dataRecord['pm_max_children'], true) >= $app->functions->intval($this->dataRecord['pm_max_spare_servers'], true) && $app->functions->intval($this->dataRecord['pm_max_spare_servers'], true) >= $app->functions->intval($this->dataRecord['pm_start_servers'], true) && $app->functions->intval($this->dataRecord['pm_start_servers'], true) >= $app->functions->intval($this->dataRecord['pm_min_spare_servers'], true) && $app->functions->intval($this->dataRecord['pm_min_spare_servers'], true) > 0) {
} else {
$app->tform->errorMessage .= $app->tform->lng("error_php_fpm_pm_settings_txt") . '<br>';
}
}
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
// Get the parent soa record of the domain
$soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = '" . intval($_POST["zone"]) . "' AND " . $app->tform->getAuthSQL('r'));
// Check if Domain belongs to user
if ($soa["id"] != $_POST["zone"]) {
$app->tform->errorMessage .= $app->tform->wordbook["no_zone_perm"];
}
// Check the client limits, if user is not the admin
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
// if user is not admin
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
// Check if the user may add another mailbox.
if ($this->id == 0 && $client["limit_dns_record"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = {$client_group_id}");
if ($tmp["number"] >= $client["limit_dns_record"]) {
$app->error($app->tform->wordbook["limit_dns_record_txt"]);
}
}
}
// end if user is not admin
// Set the server ID of the rr record to the same server ID as the parent record.
$this->dataRecord["server_id"] = $soa["server_id"];
// Update the serial number and timestamp of the RR record
$soa = $app->db->queryOneRecord("SELECT serial FROM dns_rr WHERE id = " . $this->id);
$this->dataRecord["serial"] = $app->validate_dns->increase_serial($soa["serial"]);
$this->dataRecord["stamp"] = date('Y-m-d H:i:s');
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
// Check if Domain belongs to user
$domain = $app->db->queryOneRecord("SELECT server_id, domain FROM mail_domain WHERE domain = '" . $app->db->quote($_POST["email_domain"]) . "' AND " . $app->tform->getAuthSQL('r'));
if ($domain["domain"] != $_POST["email_domain"]) {
$app->tform->errorMessage .= $app->tform->wordbook["no_domain_perm"];
}
// Check the client limits, if user is not the admin
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
// if user is not admin
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT limit_mailalias FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
// Check if the user may add another mailbox.
if ($this->id == 0 && $client["limit_mailalias"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE sys_groupid = {$client_group_id} AND type = 'alias'");
if ($tmp["number"] >= $client["limit_mailalias"]) {
$app->tform->errorMessage .= $app->tform->wordbook["limit_mailalias_txt"] . "<br>";
}
unset($tmp);
}
}
// end if user is not admin
// compose the email field
$this->dataRecord["source"] = $_POST["email_local_part"] . "@" . $_POST["email_domain"];
// Set the server id of the mailbox = server ID of mail domain.
$this->dataRecord["server_id"] = $domain["server_id"];
unset($this->dataRecord["email_local_part"]);
unset($this->dataRecord["email_domain"]);
//* Check if there is no active mailbox with this address
$tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '" . $app->db->quote($this->dataRecord["source"]) . "'");
if ($tmp['number'] > 0) {
$app->tform->errorMessage .= $app->tform->lng("duplicate_mailbox_txt") . "<br>";
}
unset($tmp);
parent::onSubmit();
}
function onShow()
{
global $app, $conf;
//* We do not want that messages get edited, so we switch to a
//* read only template if a existing message is loaded
if ($this->id > 0) {
$app->tform->formDef['tabs']['message']['template'] = 'templates/support_message_view.htm';
$record = $app->db->queryOneRecord("SELECT * FROM support_message WHERE support_message_id = " . $this->id);
if ($record['tstamp'] > 0) {
// is value int?
if (preg_match("/^[0-9]+[\\.]?[0-9]*\$/", $record['tstamp'], $p)) {
$record['tstamp'] = date($app->lng('conf_format_datetime'), $record['tstamp']);
} else {
$record['tstamp'] = date($app->lng('conf_format_datetime'), strtotime($record['tstamp']));
}
}
$app->tpl->setVar("date", $record['tstamp']);
//die(print_r($this->dataRecord));
}
//* call the onShow function of the parent class
parent::onShow();
}
function onBeforeInsert()
{
global $app, $conf, $interfaceConf;
$app->uses('getconf,tools_sites');
$global_config = $app->getconf->get_global_config('sites');
$ftpuser_prefix = $app->tools_sites->replacePrefix($global_config['ftpuser_prefix'], $this->dataRecord);
$this->dataRecord['username_prefix'] = $ftpuser_prefix;
if ($app->tform->errorMessage == '') {
$this->dataRecord['username'] = $ftpuser_prefix . $this->dataRecord['username'];
}
parent::onBeforeInsert();
}
function onAfterUpdate()
{
global $app, $conf;
// username changed
if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
$username = $app->db->quote($this->dataRecord["username"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET username = '******' WHERE client_id = {$client_id}";
$app->db->query($sql);
$tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = {$client_id}");
$app->db->datalogUpdate("sys_group", "name = '{$username}'", 'groupid', $tmp['groupid']);
unset($tmp);
}
// password changed
if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
$password = $app->db->quote($this->dataRecord["password"]);
$client_id = $this->id;
$salt = "\$1\$";
$base64_alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
for ($n = 0; $n < 8; $n++) {
$salt .= $base64_alphabet[mt_rand(0, 63)];
}
$salt .= "\$";
$password = crypt(stripslashes($password), $salt);
$sql = "UPDATE sys_user SET passwort = '{$password}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
// language changed
if (isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
$language = $app->db->quote($this->dataRecord["language"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET language = '{$language}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
// ensure that a reseller is not converted to a client in demo mode when client_id <= 2
if (isset($conf['demo_mode']) && $conf['demo_mode'] == true && $this->id <= 2) {
if (isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != -1) {
$app->db->query('UPDATE client set limit_client = -1 WHERE client_id = ' . $this->id);
}
}
// reseller status changed
if (isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
$modules = $app->db->quote($conf['interface_modules_enabled'] . ',client');
$modules = $app->db->quote($modules);
$client_id = $this->id;
$sql = "UPDATE sys_user SET modules = '{$modules}' WHERE client_id = {$client_id}";
$app->db->query($sql);
}
if (isset($this->dataRecord['template_master'])) {
$app->uses('client_templates');
$app->client_templates->update_client_templates($this->id, $this->_template_additional);
}
parent::onAfterUpdate();
}
function onSubmit()
{
global $app, $conf;
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT limit_dns_slave_zone, default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
// When the record is updated
if ($this->id > 0) {
// restore the server ID if the user is not admin and record is edited
$tmp = $app->db->queryOneRecord("SELECT server_id FROM dns_slave WHERE id = " . intval($this->id));
$this->dataRecord["server_id"] = $tmp["server_id"];
unset($tmp);
// When the record is inserted
} else {
// set the server ID to the default dnsserver of the client
$this->dataRecord["server_id"] = $client["default_dnsserver"];
// Check if the user may add anoter secondary domain.
if (!$app->tform->checkClientLimit('limit_dns_slave_zone')) {
$app->error($app->tform->wordbook["limit_dns_slave_zone_txt"]);
}
if (!$app->tform->checkResellerLimit('limit_dns_slave_zone')) {
$app->error('Reseller: ' . $app->tform->wordbook["limit_dns_slave_zone_txt"]);
}
}
}
//* Check if the zone name has a dot at the end
if (strlen($this->dataRecord["origin"]) > 0 && substr($this->dataRecord["origin"], -1, 1) != '.') {
$this->dataRecord["origin"] .= '.';
}
//* Check if a primary zone with the same name already exists
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_soa WHERE origin = \"" . $this->dataRecord["origin"] . "\" AND server_id= \"" . $this->dataRecord["server_id"] . "\"");
if ($tmp["number"] > 0) {
$app->error($app->tform->wordbook["origin_error_unique"]);
}
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
//* Check if destination email belongs to user
if (isset($_POST["destination"])) {
$email = $app->db->queryOneRecord("SELECT email FROM mail_user WHERE email = '" . $app->db->quote($app->functions->idn_encode($_POST["destination"])) . "' AND " . $app->tform->getAuthSQL('r'));
if ($email["email"] != $app->functions->idn_encode($_POST["destination"])) {
$app->tform->errorMessage .= $app->tform->lng("no_destination_perm");
}
}
// Check the client limits, if user is not the admin
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
// if user is not admin
// Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_fetchmail FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
// Check if the user may add another transport.
if ($this->id == 0 && $client["limit_fetchmail"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(mailget_id) as number FROM mail_get WHERE sys_groupid = {$client_group_id}");
if ($tmp["number"] >= $client["limit_fetchmail"]) {
$app->tform->errorMessage .= $app->tform->wordbook["limit_fetchmail_txt"] . "<br>";
}
unset($tmp);
}
}
// end if user is not admin
// Set the server ID according to the selected destination
$tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '" . $app->db->quote($this->dataRecord["destination"]) . "'");
$this->dataRecord["server_id"] = $tmp["server_id"];
unset($tmp);
//* Check that no illegal combination of options is set
if ((!isset($this->dataRecord['source_delete']) || @$this->dataRecord['source_delete'] == 'n') && $this->dataRecord['source_read_all'] == 'y') {
$app->tform->errorMessage .= $app->tform->lng('error_delete_read_all_combination') . "<br>";
}
parent::onSubmit();
}
function onSubmit()
{
global $app, $conf;
// Get the parent mail_user record
$mailuser = $app->db->queryOneRecord("SELECT * FROM mail_user WHERE mailuser_id = '" . $app->functions->intval($_SESSION['s']['user']['mailuser_id']) . "'");
// Set the mailuser_id
$this->dataRecord["mailuser_id"] = $mailuser["mailuser_id"];
// Remove leading dots
if (substr($this->dataRecord['target'], 0, 1) == '.') {
$this->dataRecord['target'] = substr($this->dataRecord['target'], 1);
}
// Check the client limits if the email address is assigned to a client
if ($_SESSION["s"]["user"]["default_group"] > 0) {
// if user is not admin
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT limit_mailfilter FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
// Check if the user may add another filter
if ($this->id == 0 && $client["limit_mailfilter"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(filter_id) as number FROM mail_user_filter WHERE sys_groupid = {$client_group_id}");
if ($tmp["number"] >= $client["limit_mailfilter"]) {
$app->tform->errorMessage .= $app->tform->lng("limit_mailfilter_txt") . "<br>";
}
unset($tmp);
}
}
// end if user is not admin
parent::onSubmit();
}