function change_domain_status($domain_id, $domain_name, $action, $location)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
if ($action == 'disable') {
$new_status = $cfg->ITEM_TODISABLED_STATUS;
} else {
if ($action == 'enable') {
$new_status = $cfg->ITEM_TOENABLE_STATUS;
} else {
return;
}
}
// TODO Prüfen wie man das mit den Mails behandeln soll == abschalten / nicht abschalten
$query = "\n\t\tSELECT\n\t\t\t`mail_id`,\n\t\t\t`mail_pass`,\n\t\t\t`mail_type`\n\t\tFROM\n\t\t\t`mail_users`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
$rs = exec_query($sql, $query, $domain_id);
while (!$rs->EOF) {
$mail_id = $rs->fields['mail_id'];
$mail_pass = $rs->fields['mail_pass'];
$mail_type = $rs->fields['mail_type'];
if ($cfg->HARD_MAIL_SUSPENSION) {
$mail_status = $new_status;
} else {
if ($action == 'disable') {
$timestamp = time();
$pass_prefix = substr(md5($timestamp), 0, 4);
if (preg_match('/^' . MT_NORMAL_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALIAS_MAIL . '/', $mail_type) || preg_match('/^' . MT_SUBDOM_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALSSUB_MAIL . '/', $mail_type)) {
$mail_pass = decrypt_db_password($mail_pass);
$mail_pass = $pass_prefix . $mail_pass;
$mail_pass = encrypt_db_password($mail_pass);
}
} else {
if ($action == 'enable') {
if (preg_match('/^' . MT_NORMAL_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALIAS_MAIL . '/', $mail_type) || preg_match('/^' . MT_SUBDOM_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALSSUB_MAIL . '/', $mail_type)) {
$mail_pass = decrypt_db_password($mail_pass);
$mail_pass = substr($mail_pass, 4, 50);
$mail_pass = encrypt_db_password($mail_pass);
}
} else {
return;
}
}
$mail_status = $cfg->ITEM_CHANGE_STATUS;
}
$query = "\n\t\t\tUPDATE\n\t\t\t\t`mail_users`\n\t\t\tSET\n\t\t\t\t`mail_pass` = ?,\n\t\t\t\t`status` = ?\n\t\t\tWHERE\n\t\t\t\t`mail_id` = ?\n\t\t\t;\n\t\t";
// NXW: Unused result so..
// $rs2 = exec_query(
// $sql, $query, array($mail_pass, $mail_status, $mail_id)
//);
exec_query($sql, $query, array($mail_pass, $mail_status, $mail_id));
$rs->moveNext();
}
send_request('130 MAIL ' . $domain_id);
$query = "\n\t\tUPDATE\n\t\t\tdomain\n\t\tSET\n\t\t\tstatus = ?\n\t\tWHERE\n\t\t\tdomain_id = ?\n\t\t;\n\t";
exec_query($sql, $query, array($new_status, $domain_id));
send_request('110 DOMAIN domain ' . $domain_id);
$query = "\n\t\tUPDATE\n\t\t\tdomain_aliasses\n\t\tSET\n\t\t\tstatus = ?\n\t\tWHERE\n\t\t\tdomain_id = ?\n\t\t;\n\t";
exec_query($sql, $query, array($new_status, $domain_id));
send_request('110 DOMAIN alias ' . $domain_id);
// let's get back to user overview after the system changes are finished
$user_logged = $_SESSION['user_logged'];
update_reseller_c_props(get_reseller_id($domain_id));
if ($action == 'disable') {
write_log("{$user_logged}: suspended domain: {$domain_name}");
$_SESSION['user_disabled'] = 1;
} else {
if ($action == 'enable') {
write_log("{$user_logged}: enabled domain: {$domain_name}");
$_SESSION['user_enabled'] = 1;
} else {
return;
}
}
if ($location == 'admin') {
header('Location: manage_users.php');
} else {
if ($location == 'reseller') {
header('Location: users.php?psi=last');
}
}
die;
}
function add_ftp_user($sql, $dmn_name)
{
$cfg = EasySCP_Registry::get('Config');
$username = strtolower(clean_input($_POST['username']));
if (!validates_username($username)) {
set_page_message(tr("Incorrect username length or syntax!"), 'warning');
return;
}
// Set default values ($ftp_home may be overwritten if user
// has specified a mount point)
switch ($_POST['dmn_type']) {
// Default moint point for a domain
case 'dmn':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $dmn_name;
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}";
break;
// Default mount point for an alias domain
// Default mount point for an alias domain
case 'als':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $_POST['als_id'];
$alias_mount_point = get_alias_mount_point($sql, $_POST['als_id']);
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}" . $alias_mount_point;
break;
// Default mount point for a subdomain
// Default mount point for a subdomain
case 'sub':
$ftp_user = $username . $cfg->FTP_USERNAME_SEPARATOR . $_POST['sub_id'] . '.' . $dmn_name;
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}/" . clean_input($_POST['sub_id']);
break;
// Unknown domain type (?)
// Unknown domain type (?)
default:
set_page_message(tr('Unknown domain type'), 'error');
return;
break;
}
// User-specified mount point
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_vhome = clean_input($_POST['other_dir'], false);
// Strip possible double-slashes
$ftp_vhome = str_replace('//', '/', $ftp_vhome);
// Check for updirs ".."
$res = preg_match("/\\.\\./", $ftp_vhome);
if ($res !== 0) {
set_page_message(tr('Incorrect mount point length or syntax'), 'error');
return;
}
$ftp_home = $cfg->FTP_HOMEDIR . "/{$dmn_name}/" . $ftp_vhome;
// Strip possible double-slashes
$ftp_home = str_replace('//', '/', $ftp_home);
// Check for $ftp_vhome existence
// Create a virtual filesystem (it's important to use =&!)
$vfs = new EasySCP_VirtualFileSystem($dmn_name, $sql);
// Check for directory existence
$res = $vfs->exists($ftp_vhome);
if (!$res) {
set_page_message(tr('%s does not exist', $ftp_vhome), 'error');
return;
}
}
// End of user-specified mount-point
$ftp_gid = get_ftp_user_gid($sql, $dmn_name, $ftp_user);
$ftp_uid = get_ftp_user_uid($sql, $dmn_name, $ftp_user, $ftp_gid);
if ($ftp_uid == -1) {
return;
}
$ftp_shell = $cfg->CMD_SHELL;
$ftp_passwd = crypt_user_pass_with_salt($_POST['pass']);
$ftp_loginpasswd = encrypt_db_password($_POST['pass']);
$query = "\n\t\tINSERT INTO ftp_users\n\t\t\t(`userid`, `passwd`, `net2ftppasswd`, `uid`, `gid`, `shell`, `homedir`)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?, ?)\n\t";
exec_query($sql, $query, array($ftp_user, $ftp_passwd, $ftp_loginpasswd, $ftp_uid, $ftp_gid, $ftp_shell, $ftp_home));
$domain_props = get_domain_default_props($_SESSION['user_id']);
update_reseller_c_props($domain_props['domain_created_id']);
write_log($_SESSION['user_logged'] . ": add new FTP account: {$ftp_user}");
set_page_message(tr('FTP account added!'), 'success');
user_goto('ftp_accounts.php');
}
/**
*
*/
function convertOldData()
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$ispcp_db_pass_key = '';
$ispcp_db_pass_iv = '';
switch ($_POST['migration_version']) {
case '1.0.7 OMEGA':
$oldDBKeysFile = '/var/www/ispcp/gui/include/ispcp-db-keys.php';
require_once $oldDBKeysFile;
break;
default:
$oldDBKeysFile = '/etc/ispcp/ispcp-keys.conf';
$lines = file($oldDBKeysFile);
foreach ($lines as $line) {
$pos = strpos($line, '=');
if ($pos > 0) {
$key = trim(substr($line, 0, $pos));
$value = trim(substr($line, $pos + 1));
if ($key == 'DB_PASS_KEY') {
$ispcp_db_pass_key = $value;
} elseif ($key == 'DB_PASS_IV') {
$ispcp_db_pass_iv = $value;
}
}
}
}
$td = @mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_CBC, '');
$key = $ispcp_db_pass_key;
$iv = $ispcp_db_pass_iv;
$data = array();
$temp = '';
$query = "\n\t\tuse easyscp;\n\t";
exec_query($sql, $query);
$query = "\n\t\tSELECT mail_id, mail_pass FROM `mail_users`;\n\t";
$rs = exec_query($sql, $query);
while (!$rs->EOF) {
if ($rs->fields['mail_pass'] != '_no_') {
// Initialize encryption
@mcrypt_generic_init($td, $key, $iv);
$text = @base64_decode($rs->fields['mail_pass'] . "\n");
// Decrypt encrypted string
$temp = $rs->fields['mail_id'];
$data[$temp] = trim(@mdecrypt_generic($td, $text));
@mcrypt_generic_deinit($td);
}
$rs->moveNext();
}
// Close encryption
@mcrypt_module_close($td);
foreach ($data as $mail_id => $mail_pass) {
$pass = encrypt_db_password(trim($mail_pass));
$status = $cfg->ITEM_CHANGE_STATUS;
$query = "UPDATE `mail_users` SET `mail_pass` = ?, `status` = ? WHERE `mail_id` = ?";
exec_query($sql, $query, array($pass, $status, $mail_id));
}
}
function change_sql_user_pass($sql, $db_user_id, $db_user_name)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
if ($_POST['pass'] === '' && $_POST['pass_rep'] === '') {
set_page_message(tr('Please specify user password!'), 'warning');
return;
}
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr('Entered passwords do not match!'), 'warning');
return;
}
if (strlen($_POST['pass']) > $cfg->MAX_SQL_PASS_LENGTH) {
set_page_message(tr('User password too long!'), 'warning');
return;
}
if (isset($_POST['pass']) && !preg_match('/^[[:alnum:]:!\\*\\+\\#_.-]+$/', $_POST['pass'])) {
set_page_message(tr('Don\'t use special chars like "@, $, %..." in the password!'), 'warning');
return;
}
if (!chk_password($_POST['pass'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
return;
}
$user_pass = $_POST['pass'];
// update user pass in the EasySCP sql_user table;
$query = "\n\t\tUPDATE\n\t\t\t`sql_user`\n\t\tSET\n\t\t\t`sqlu_pass` = ?\n\t\tWHERE\n\t\t\t`sqlu_name` = ?\n\t";
exec_query($sql, $query, array(encrypt_db_password($user_pass), $db_user_name));
// update user pass in the mysql system tables;
// TODO use prepared statement for $user_pass
$query = "SET PASSWORD FOR '{$db_user_name}'@'%' = PASSWORD('{$user_pass}')";
execute_query($sql, $query);
// TODO use prepared statement for $user_pass
$query = "SET PASSWORD FOR '{$db_user_name}'@localhost = PASSWORD('{$user_pass}')";
execute_query($sql, $query);
write_log($_SESSION['user_logged'] . ": update SQL user password: " . tohtml($db_user_name));
set_page_message(tr('SQL user password was successfully changed!'), 'warning');
user_goto('sql_manage.php');
}
function update_ftp_account($sql, $ftp_acc, $dmn_name)
{
global $other_dir;
$cfg = EasySCP_Registry::get('Config');
// Create a virtual filesystem (it's important to use =&!)
$vfs = new EasySCP_VirtualFileSystem($dmn_name, $sql);
if (isset($_POST['uaction']) && $_POST['uaction'] === 'edit_user') {
if (!empty($_POST['pass']) || !empty($_POST['pass_rep'])) {
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr('Entered passwords do not match!'), 'warning');
return;
}
if (!chk_password($_POST['pass'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
return;
}
$pass = crypt_user_pass_with_salt($_POST['pass']);
$loginpass = encrypt_db_password($_POST['pass']);
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$other_dir = clean_input($_POST['other_dir']);
$rs = $vfs->exists($other_dir);
if (!$rs) {
set_page_message(tr('%s does not exist', clean_input($_POST['other_dir'])), 'warning');
return;
}
// domain_id
// append the full path (vfs is always checking per ftp so it's logged
// in in the root of the user (no absolute paths are allowed here!)
$other_dir = $cfg->FTP_HOMEDIR . "/" . $_SESSION['user_logged'] . clean_input($_POST['other_dir']);
$query = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`ftp_users`\n\t\t\t\t\tSET\n\t\t\t\t\t\t`passwd` = ?,\n\t\t\t\t\t\t`net2ftppasswd` = ?,\n\t\t\t\t\t\t`homedir` = ?\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`userid` = ?\n\t\t\t\t";
$param = array($pass, $loginpass, $other_dir, $ftp_acc);
} else {
$query = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`ftp_users`\n\t\t\t\t\tSET\n\t\t\t\t\t\t`passwd` = ?,\n\t\t\t\t\t\t`net2ftppasswd` = ?\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`userid` = ?\n\t\t\t\t";
$param = array($pass, $loginpass, $ftp_acc);
}
exec_query($sql, $query, $param);
write_log($_SESSION['user_logged'] . ": updated FTP " . $ftp_acc . " account data");
set_page_message(tr('FTP account data updated!'), 'success');
user_goto('ftp_accounts.php');
} else {
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$other_dir = clean_input($_POST['other_dir']);
// Strip possible double-slashes
$other_dir = str_replace('//', '/', $other_dir);
// Check for updirs ".."
$res = preg_match("/\\.\\./", $other_dir);
if ($res !== 0) {
set_page_message(tr('Incorrect mount point length or syntax'), 'warning');
return;
}
// Check for $other_dir existence
// Create a virtual filesystem (it's important to use =&!)
$vfs = new EasySCP_VirtualFileSystem($dmn_name, $sql);
// Check for directory existence
$res = $vfs->exists($other_dir);
if (!$res) {
set_page_message(tr('%s does not exist', $other_dir), 'error');
return;
}
$other_dir = $cfg->FTP_HOMEDIR . "/" . $_SESSION['user_logged'] . $other_dir;
} else {
// End of user-specified mount-point
$other_dir = $cfg->FTP_HOMEDIR . "/" . $_SESSION['user_logged'];
}
$query = "\n\t\t\t\tUPDATE\n\t\t\t\t\t`ftp_users`\n\t\t\t\tSET\n\t\t\t\t\t`homedir` = ?\n\t\t\t\tWHERE\n\t\t\t\t\t`userid` = ?\n\t\t\t";
exec_query($sql, $query, array($other_dir, $ftp_acc));
set_page_message(tr('FTP account data updated!'), 'success');
user_goto('ftp_accounts.php');
}
}
}
/**
* @todo
* * Database user with same name can be added several times
* * If creation of database user fails in MySQL-Table, database user is already
* in loclal EasySCP table -> Error handling
*/
function add_sql_user($sql, $user_id, $db_id)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
// let's check user input
if (empty($_POST['user_name']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Please type user name!'), 'warning');
return;
}
if (empty($_POST['pass']) && empty($_POST['pass_rep']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Please type user password!'), 'warning');
return;
}
if (isset($_POST['pass']) && isset($_POST['pass_rep']) && $_POST['pass'] !== $_POST['pass_rep'] && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Entered passwords do not match!'), 'warning');
return;
}
if (isset($_POST['pass']) && strlen($_POST['pass']) > $cfg->MAX_SQL_PASS_LENGTH && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Too long user password!'), 'warning');
return;
}
if (isset($_POST['pass']) && !preg_match('/^[[:alnum:]:!*+#_.-]+$/', $_POST['pass']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Don\'t use special chars like "@, $, %..." in the password!'), 'warning');
return;
}
if (isset($_POST['pass']) && !chk_password($_POST['pass']) && !isset($_POST['Add_Exist'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
return;
}
if (isset($_POST['Add_Exist'])) {
$query = "SELECT `sqlu_pass` FROM `sql_user` WHERE `sqlu_id` = ?";
$rs = exec_query($sql, $query, $_POST['sqluser_id']);
if ($rs->recordCount() == 0) {
set_page_message(tr('SQL-user not found! It might has been deleted by another user.'), 'warning');
return;
}
$user_pass = decrypt_db_password($rs->fields['sqlu_pass']);
} else {
$user_pass = $_POST['pass'];
}
$dmn_id = get_user_domain_id($user_id);
if (!isset($_POST['Add_Exist'])) {
// we'll use domain_id in the name of the database;
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_user = $dmn_id . "_" . clean_input($_POST['user_name']);
} else {
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_user = clean_input($_POST['user_name']) . "_" . $dmn_id;
} else {
$db_user = clean_input($_POST['user_name']);
}
}
} else {
$query = "SELECT `sqlu_name` FROM `sql_user` WHERE `sqlu_id` = ?";
$rs = exec_query($sql, $query, $_POST['sqluser_id']);
$db_user = $rs->fields['sqlu_name'];
}
if (strlen($db_user) > $cfg->MAX_SQL_USER_LENGTH) {
set_page_message(tr('User name too long!'), 'warning');
return;
}
// are wildcards used?
if (preg_match("/[%|\\?]+/", $db_user)) {
set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
return;
}
// have we such sql user in the system?!
if (check_db_user($sql, $db_user) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Specified SQL username name already exists!'), 'warning');
return;
}
// add user in the EasySCP table;
$query = "\n\t\tINSERT INTO `sql_user`\n\t\t\t(`sqld_id`, `sqlu_name`, `sqlu_pass`)\n\t\tVALUES\n\t\t\t(?, ?, ?)\n\t";
exec_query($sql, $query, array($db_id, $db_user, encrypt_db_password($user_pass)));
update_reseller_c_props(get_reseller_id($dmn_id));
$query = "\n\t\tSELECT\n\t\t\t`sqld_name` AS `db_name`\n\t\tFROM\n\t\t\t`sql_database`\n\t\tWHERE\n\t\t\t`sqld_id` = ?\n\t\tAND\n\t\t\t`domain_id` = ?\n\t";
$rs = exec_query($sql, $query, array($db_id, $dmn_id));
$db_name = $rs->fields['db_name'];
$db_name = preg_replace("/([_%\\?\\*])/", '\\\\$1', $db_name);
// add user in the mysql system tables
$query = "GRANT ALL PRIVILEGES ON " . quoteIdentifier($db_name) . ".* TO ?@? IDENTIFIED BY ?";
exec_query($sql, $query, array($db_user, "localhost", $user_pass));
exec_query($sql, $query, array($db_user, "%", $user_pass));
write_log($_SESSION['user_logged'] . ": add SQL user: " . tohtml($db_user));
set_page_message(tr('SQL user successfully added!'), 'info');
user_goto('sql_manage.php');
}