$res_tmp = exec_query($sql, "SELECT `subdomain_name` FROM `subdomain` WHERE `subdomain_id` = ?", $data['sub_id']);
$dat_tmp = $res_tmp->fetchRow();
$mail_name = $data['mail_acc'] . '@' . $dat_tmp['subdomain_name'] . '.' . $dmn_name;
} else {
if (preg_match("/" . MT_ALSSUB_MAIL . "/", $data['mail_type']) || preg_match("/" . MT_ALSSUB_FORWARD . "/", $data['mail_type'])) {
// mail to subdomain
$res_tmp = exec_query($sql, "SELECT `subdomain_alias_name`, `alias_name` FROM `subdomain_alias` AS t1, `domain_aliasses` AS t2 WHERE t1.`alias_id` = t2.`alias_id` AND `subdomain_alias_id` = ?", $data['sub_id']);
$dat_tmp = $res_tmp->fetchRow();
$mail_name = $data['mail_acc'] . '@' . $dat_tmp['subdomain_alias_name'] . '.' . $dat_tmp['alias_name'];
}
}
}
}
$query = "SELECT `mail_id` FROM `mail_users` WHERE `mail_acc` = ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ?";
$res_tmp = exec_query($sql, $query, array($mail_name, "{$mail_name},%", "%,{$mail_name},%", "%,{$mail_name}"));
$num = $res_tmp->rowCount();
if ($num > 0) {
set_page_message(tr('First delete the CatchAll account for this email!'), 'warning');
$_SESSION['catchall_assigned'] = 1;
user_goto('mail_accounts.php');
}
$sql_param = array(':status' => $cfg->ITEM_DELETE_STATUS, ':mail_id' => $delete_id);
$sql_query = "\n\tUPDATE\n\t\t`mail_users`\n\tSET\n\t\t`status` = :status\n\tWHERE\n\t\t`mail_id` = :mail_id\n";
DB::prepare($sql_query);
DB::execute($sql_param);
update_reseller_c_props(get_reseller_id($data['domain_id']));
send_request('130 MAIL ' . $data['domain_id']);
$admin_login = decode_idna($_SESSION['user_logged']);
write_log("{$admin_login}: deletes mail account: " . $mail_name);
$_SESSION['maildel'] = 1;
user_goto('mail_accounts.php');
function change_domain_status($domain_id, $domain_name, $action, $location)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
if ($action == 'disable') {
$new_status = $cfg->ITEM_TODISABLED_STATUS;
} else {
if ($action == 'enable') {
$new_status = $cfg->ITEM_TOENABLE_STATUS;
} else {
return;
}
}
// TODO Prüfen wie man das mit den Mails behandeln soll == abschalten / nicht abschalten
$query = "\n\t\tSELECT\n\t\t\t`mail_id`,\n\t\t\t`mail_pass`,\n\t\t\t`mail_type`\n\t\tFROM\n\t\t\t`mail_users`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
$rs = exec_query($sql, $query, $domain_id);
while (!$rs->EOF) {
$mail_id = $rs->fields['mail_id'];
$mail_pass = $rs->fields['mail_pass'];
$mail_type = $rs->fields['mail_type'];
if ($cfg->HARD_MAIL_SUSPENSION) {
$mail_status = $new_status;
} else {
if ($action == 'disable') {
$timestamp = time();
$pass_prefix = substr(md5($timestamp), 0, 4);
if (preg_match('/^' . MT_NORMAL_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALIAS_MAIL . '/', $mail_type) || preg_match('/^' . MT_SUBDOM_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALSSUB_MAIL . '/', $mail_type)) {
$mail_pass = decrypt_db_password($mail_pass);
$mail_pass = $pass_prefix . $mail_pass;
$mail_pass = encrypt_db_password($mail_pass);
}
} else {
if ($action == 'enable') {
if (preg_match('/^' . MT_NORMAL_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALIAS_MAIL . '/', $mail_type) || preg_match('/^' . MT_SUBDOM_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALSSUB_MAIL . '/', $mail_type)) {
$mail_pass = decrypt_db_password($mail_pass);
$mail_pass = substr($mail_pass, 4, 50);
$mail_pass = encrypt_db_password($mail_pass);
}
} else {
return;
}
}
$mail_status = $cfg->ITEM_CHANGE_STATUS;
}
$query = "\n\t\t\tUPDATE\n\t\t\t\t`mail_users`\n\t\t\tSET\n\t\t\t\t`mail_pass` = ?,\n\t\t\t\t`status` = ?\n\t\t\tWHERE\n\t\t\t\t`mail_id` = ?\n\t\t\t;\n\t\t";
// NXW: Unused result so..
// $rs2 = exec_query(
// $sql, $query, array($mail_pass, $mail_status, $mail_id)
//);
exec_query($sql, $query, array($mail_pass, $mail_status, $mail_id));
$rs->moveNext();
}
send_request('130 MAIL ' . $domain_id);
$query = "\n\t\tUPDATE\n\t\t\tdomain\n\t\tSET\n\t\t\tstatus = ?\n\t\tWHERE\n\t\t\tdomain_id = ?\n\t\t;\n\t";
exec_query($sql, $query, array($new_status, $domain_id));
send_request('110 DOMAIN domain ' . $domain_id);
$query = "\n\t\tUPDATE\n\t\t\tdomain_aliasses\n\t\tSET\n\t\t\tstatus = ?\n\t\tWHERE\n\t\t\tdomain_id = ?\n\t\t;\n\t";
exec_query($sql, $query, array($new_status, $domain_id));
send_request('110 DOMAIN alias ' . $domain_id);
// let's get back to user overview after the system changes are finished
$user_logged = $_SESSION['user_logged'];
update_reseller_c_props(get_reseller_id($domain_id));
if ($action == 'disable') {
write_log("{$user_logged}: suspended domain: {$domain_name}");
$_SESSION['user_disabled'] = 1;
} else {
if ($action == 'enable') {
write_log("{$user_logged}: enabled domain: {$domain_name}");
$_SESSION['user_enabled'] = 1;
} else {
return;
}
}
if ($location == 'admin') {
header('Location: manage_users.php');
} else {
if ($location == 'reseller') {
header('Location: users.php?psi=last');
}
}
die;
}
function add_sql_database($sql, $user_id)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
// let's generate database name.
if (empty($_POST['db_name'])) {
set_page_message(tr('Please specify a database name!'), 'warning');
return;
}
$dmn_id = get_user_domain_id($user_id);
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
// we'll use domain_id in the name of the database;
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_name = $dmn_id . "_" . clean_input($_POST['db_name']);
} else {
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_name = clean_input($_POST['db_name']) . "_" . $dmn_id;
}
}
} else {
$db_name = clean_input($_POST['db_name']);
}
if (strlen($db_name) > $cfg->MAX_SQL_DATABASE_LENGTH) {
set_page_message(tr('Database name is too long!'), 'warning');
return;
}
// have we such database in the system!?
if (check_db_name($sql, $db_name)) {
set_page_message(tr('Specified database name already exists!'), 'warning');
return;
}
// are wildcards used?
if (preg_match("/[%|\\?]+/", $db_name)) {
set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
return;
}
DB::query('CREATE DATABASE IF NOT EXISTS `' . $db_name . '` DEFAULT CHARACTER SET ' . EasyConfig::$cfg->DATABASE_DEFAULT_CHARACTER_SET . ' COLLATE ' . EasyConfig::$cfg->DATABASE_DEFAULT_COLLATE . ';')->closeCursor();
$sql_param = array(':domain_id' => $dmn_id, ':sqld_name' => $db_name);
$sql_query = "\n\t\tINSERT INTO\n\t\t\tsql_database (domain_id, sqld_name, status)\n\t\tVALUES\n\t\t\t(:domain_id, :sqld_name, 'ok');\n\t";
DB::prepare($sql_query);
DB::execute($sql_param)->closeCursor();
update_reseller_c_props(get_reseller_id($dmn_id));
write_log($_SESSION['user_logged'] . ": adds new SQL database: " . tohtml($db_name));
set_page_message(tr('SQL database created successfully!'), 'info');
user_goto('sql_manage.php');
}
$query = "SELECT COUNT(`mail_id`) AS cnt FROM `mail_users` WHERE (`mail_type` LIKE '" . MT_SUBDOM_MAIL . "%' OR `mail_type` = '" . MT_SUBDOM_FORWARD . "') AND `sub_id` = ?";
$rs = exec_query($sql, $query, $sub_id);
if ($rs->fields['cnt'] > 0) {
set_page_message(tr('The subdomain you are trying to remove has email accounts!<br />Rremove them first!'), 'warning');
user_goto('domains_manage.php');
}
// check for existing aliassubdomains
$sql_param = array(':subdomain_id' => $sub_id);
$query = "\n\t\tSELECT \n\t\t\tCOUNT(subdomain_alias_id) AS cnt\n\t\tFROM\n\t\t\tsubdomain_alias\n\t\tWHERE\n\t\t\tsubdomain_id = :subdomain_id\n\t";
DB::prepare($query);
$row = DB::execute($sql_param)->fetch();
if ($row['cnt'] > 0) {
set_page_message(tr('The subdomain you are trying to remove has aliassubdomains assigned!<br />Rremove them first!'), 'warning');
user_goto('domains_manage.php');
}
$query = "\n\t\tUPDATE\n\t\t\t`subdomain`\n\t\tSET\n\t\t\t`status` = 'delete'\n\t\tWHERE\n\t\t\t`subdomain_id` = ?\n\t";
$rs = exec_query($sql, $query, $sub_id);
$query = "\n\t\tUPDATE\n\t\t\t`domain`\n\t\tSET\n\t\t\t`status` = 'change'\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
$rs = exec_query($sql, $query, $dmn_id);
update_reseller_c_props(get_reseller_id($dmn_id));
if ($_POST['dmn_type'] == 'als') {
send_request('110 DOMAIN alias ' . $dmn_id);
} else {
send_request('110 DOMAIN domain ' . $dmn_id);
}
write_log($_SESSION['user_logged'] . ": deletes subdomain: " . $sub_name);
set_page_message(tr('Subdomain scheduled for deletion!'), 'info');
user_goto('domains_manage.php');
} else {
user_goto('domains_manage.php');
}
/**
*
* @global <type> $cr_user_id
* @global <type> $alias_name
* @global <type> $domain_ip
* @global <type> $forward
* @global <type> $forward_prefix
* @global <type> $mount_point
* @global <type> $validation_err_msg
* @param <type> $err_al
* @return <type>
*/
function add_domain_alias(&$err_al)
{
global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$cr_user_id = $dmn_id = $_SESSION['dmn_id'];
$alias_name = strtolower(clean_input($_POST['ndomain_name']));
$domain_ip = $_SESSION['dmn_ip'];
$mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
if ($_POST['status'] == 1) {
$forward = encode_idna(strtolower(clean_input($_POST['forward'])));
$forward_prefix = clean_input($_POST['forward_prefix']);
} else {
$forward = 'no';
$forward_prefix = '';
}
// Check if input string is a valid domain names
if (!validates_dname($alias_name)) {
set_page_message($validation_err_msg, 'warning');
return;
}
// Should be perfomed after domain names syntax validation now
$alias_name = encode_idna($alias_name);
if (easyscp_domain_exists($alias_name, $_SESSION['user_id'])) {
$err_al = tr('Domain with that name already exists on the system!');
} else {
if (!validates_mpoint($mount_point) && $mount_point != '/') {
$err_al = tr("Incorrect mount point syntax");
} else {
if ($_POST['status'] == 1) {
$aurl = @parse_url($forward_prefix . decode_idna($forward));
if ($aurl === false) {
$err_al = tr("Wrong address in forward URL!");
} else {
$domain = $aurl['host'];
if (substr_count($domain, '.') <= 2) {
$ret = validates_dname($domain);
} else {
$ret = validates_dname($domain, true);
}
if (!$ret) {
$err_al = tr("Wrong domain part in forward URL!");
} else {
$domain = encode_idna($aurl['host']);
$forward = $aurl['scheme'] . '://';
if (isset($aurl['user'])) {
$forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
}
$forward .= $domain;
if (isset($aurl['port'])) {
$forward .= ':' . $aurl['port'];
}
if (isset($aurl['path'])) {
$forward .= $aurl['path'];
} else {
$forward .= '/';
}
if (isset($aurl['query'])) {
$forward .= '?' . $aurl['query'];
}
if (isset($aurl['fragment'])) {
$forward .= '#' . $aurl['fragment'];
}
}
}
} else {
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
$res = exec_query($sql, $query, $alias_name);
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
$res2 = exec_query($sql, $query, $alias_name);
if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
// we already have a domain with this name
$err_al = tr("Domain with this name already exist");
}
if (mount_point_exists($dmn_id, $mount_point)) {
$err_al = tr('Mount point already in use!');
}
}
}
}
if ('_off_' !== $err_al) {
set_page_message($err_al, 'error');
return;
}
// Begin add new alias domain
$query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $cfg->ITEM_ADD_STATUS, $domain_ip, $forward));
$alias_id = $sql->insertId();
update_reseller_c_props(get_reseller_id($cr_user_id));
send_request('110 DOMAIN alias ' . $alias_id);
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add domain alias: {$alias_name}");
$_SESSION['alias_added_succesfully'] = 1;
user_goto('user_add4.php?accout=' . $cr_user_id);
}
/**
* @param int $user_id
* @param int $domain_id
* @param <type> $sub_name
* @param <type> $sub_mnt_pt
* @param <type> $forward
*/
function subdomain_schedule($user_id, $domain_id, $sub_name, $sub_mnt_pt, $forward, $sub_id = null)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$status_add = $cfg->ITEM_ADD_STATUS;
if ($_POST['dmn_type'] == 'als') {
$query = "\n\t\t\tINSERT INTO\n\t\t\t\tsubdomain_alias\n\t\t\t\t\t(alias_id,\n\t\t\t\t\tsubdomain_alias_name,\n\t\t\t\t\tsubdomain_alias_mount,\n\t\t\t\t\tsubdomain_alias_url_forward,\n\t\t\t\t\tstatus,subdomain_id)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?, ?)\n\t\t;";
exec_query($sql, $query, array($domain_id, $sub_name, $sub_mnt_pt, $forward, $status_add, $sub_id));
} else {
$query = "\n\t\t\tINSERT INTO\n\t\t\t\t`subdomain`\n\t\t\t\t\t(`domain_id`,\n\t\t\t\t\t`subdomain_name`,\n\t\t\t\t\t`subdomain_mount`,\n\t\t\t\t\t`subdomain_url_forward`,\n\t\t\t\t\t`status`)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?)\n\t\t;";
exec_query($sql, $query, array($domain_id, $sub_name, $sub_mnt_pt, $forward, $status_add));
}
update_reseller_c_props(get_reseller_id($domain_id));
// $subdomain_id = $sql->insertId();
// We do not need to create the default mail addresses, subdomains are
// related to their domains.
write_log($_SESSION['user_logged'] . ": adds new subdomain: " . $sub_name);
if ($_POST['dmn_type'] == 'als') {
send_request('110 DOMAIN alias ' . $domain_id);
} else {
send_request('110 DOMAIN domain ' . $domain_id);
}
}
/**
*
* @global <type> $cr_user_id
* @global <type> $alias_name
* @global <type> $domain_ip
* @global <type> $forward
* @global <type> $forward_prefix
* @global <type> $mount_point
* @global <type> $validation_err_msg
* @param <type> $err_al
* @return <type>
*/
function add_domain_alias(&$err_al)
{
global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$cr_user_id = $_POST['usraccounts'];
$alias_name = strtolower($_POST['ndomain_name']);
$mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
if ($_POST['status'] == 1) {
$forward = encode_idna(strtolower(clean_input($_POST['forward'])));
$forward_prefix = clean_input($_POST['forward_prefix']);
} else {
$forward = 'no';
$forward_prefix = '';
}
$query = "\n\t\tSELECT\n\t\t\t`domain_ip_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t;";
$rs = exec_query($sql, $query, $cr_user_id);
$domain_ip = $rs->fields['domain_ip_id'];
// First check if input string is a valid domain names
if (!validates_dname($alias_name)) {
$err_al = $validation_err_msg;
return;
}
// Should be perfomed after domain names syntax validation now
$alias_name = encode_idna($alias_name);
if (easyscp_domain_exists($alias_name, $_SESSION['user_id'])) {
$err_al = tr('Domain with that name already exists on the system!');
// } else if (!validates_mpoint($mount_point) && $mount_point != '/') {
// $err_al = tr("Incorrect mount point syntax");
} else {
if ($alias_name == $cfg->BASE_SERVER_VHOST) {
$err_al = tr('Master domain cannot be used!');
} else {
if ($_POST['status'] == 1) {
$aurl = @parse_url($forward_prefix . decode_idna($forward));
if ($aurl === false) {
$err_al = tr("Wrong address in forward URL!");
} else {
$domain = $aurl['host'];
if (substr_count($domain, '.') <= 2) {
$ret = validates_dname($domain);
} else {
$ret = validates_dname($domain, true);
}
if (!$ret) {
$err_al = tr("Wrong domain part in forward URL!");
} else {
$domain = encode_idna($aurl['host']);
$forward = $aurl['scheme'] . '://';
if (isset($aurl['user'])) {
$forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
}
$forward .= $domain;
if (isset($aurl['port'])) {
$forward .= ':' . $aurl['port'];
}
if (isset($aurl['path'])) {
$forward .= $aurl['path'];
} else {
$forward .= '/';
}
if (isset($aurl['query'])) {
$forward .= '?' . $aurl['query'];
}
if (isset($aurl['fragment'])) {
$forward .= '#' . $aurl['fragment'];
}
}
}
} else {
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
$res = exec_query($sql, $query, $alias_name);
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
$res2 = exec_query($sql, $query, $alias_name);
if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
// we already have domain with this name
$err_al = tr("Domain with this name already exist");
}
$query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`subdomain_id`) AS cnt\n\t\t\tFROM\n\t\t\t\t`subdomain`\n\t\t\tWHERE\n\t\t\t\t\t`domain_id` = ?\n\t\t\t\tAND `subdomain_mount` = ?\n\t\t\t;";
$subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
$subdomdata = $subdomres->fetchRow();
$query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`subdomain_alias_id`) AS alscnt\n\t\t\tFROM\n\t\t\t\t`subdomain_alias`\n\t\t\tWHERE\n\t\t\t\t\t`alias_id`\n\t\t\t\tIN (\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t`alias_id`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t`domain_aliasses`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`domain_id` = ?\n\t\t\t\t\t)\n\t\t\t\tAND\n\t\t\t\t\t`subdomain_alias_mount` = ?\n\t\t;";
$alssubdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
$alssubdomdata = $alssubdomres->fetchRow();
if ($subdomdata['cnt'] > 0 || $alssubdomdata['alscnt'] > 0) {
$err_al = tr("There is a subdomain with the same mount point!");
}
}
}
}
if ('_off_' !== $err_al) {
return;
}
// Begin add new alias domain
$alias_name = htmlspecialchars($alias_name, ENT_QUOTES, "UTF-8");
$query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $cfg->ITEM_ADD_STATUS, $domain_ip, $forward));
$als_id = $sql->insertId();
update_reseller_c_props(get_reseller_id($cr_user_id));
$query = "\n\t\tSELECT\n\t\t\t`email`\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t\tLIMIT 1\n\t;";
$rs = exec_query($sql, $query, who_owns_this($cr_user_id, 'dmn_id'));
$user_email = $rs->fields['email'];
// Create the three default addresses if required
if ($cfg->CREATE_DEFAULT_EMAIL_ADDRESSES) {
client_mail_add_default_accounts($cr_user_id, $user_email, $alias_name, 'alias', $als_id);
}
send_request('110 DOMAIN alias ' . $als_id);
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add domain alias: {$alias_name}");
$_SESSION["aladd"] = '_yes_';
user_goto('alias.php');
}
/**
*
* @global <type> $cr_user_id
* @global <type> $alias_name
* @global <type> $domain_ip
* @global <type> $forward
* @global <type> $forward_prefix
* @global <type> $mount_point
* @global <type> $validation_err_msg
* @param <type> $err_al
* @return <type>
*/
function add_domain_alias(&$err_al)
{
global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$cr_user_id = get_user_domain_id($_SESSION['user_id']);
$alias_name = strtolower($_POST['ndomain_name']);
// $mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
if ($_POST['status'] == 1) {
$forward = encode_idna(strtolower(clean_input($_POST['forward'])));
$forward_prefix = clean_input($_POST['forward_prefix']);
} else {
$forward = 'no';
$forward_prefix = '';
}
$query = "\n\t\tSELECT\n\t\t\t`domain_ip_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
$rs = exec_query($sql, $query, $cr_user_id);
$domain_ip = $rs->fields['domain_ip_id'];
// First check if input string is a valid domain names
if (!validates_dname($alias_name)) {
$err_al = $validation_err_msg;
return;
}
// Should be perfomed after domain names syntax validation now
$alias_name = encode_idna($alias_name);
if (easyscp_domain_exists($alias_name, 0)) {
$err_al = tr('Domain with that name already exists on the system!');
// } else if (!validates_mpoint($mount_point) && $mount_point != '/') {
// $err_al = tr("Incorrect mount point syntax");
} else {
if ($alias_name == $cfg->BASE_SERVER_VHOST) {
$err_al = tr('Master domain cannot be used!');
} else {
if ($_POST['status'] == 1) {
$aurl = @parse_url($forward_prefix . decode_idna($forward));
if ($aurl === false) {
$err_al = tr("Wrong address in forward URL!");
} else {
$domain = $aurl['host'];
if (substr_count($domain, '.') <= 2) {
$ret = validates_dname($domain);
} else {
$ret = validates_dname($domain, true);
}
if (!$ret) {
$err_al = tr("Wrong domain part in forward URL!");
} else {
$domain = encode_idna($aurl['host']);
$forward = $aurl['scheme'] . '://';
if (isset($aurl['user'])) {
$forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
}
$forward .= $domain;
if (isset($aurl['port'])) {
$forward .= ':' . $aurl['port'];
}
if (isset($aurl['path'])) {
$forward .= $aurl['path'];
} else {
$forward .= '/';
}
if (isset($aurl['query'])) {
$forward .= '?' . $aurl['query'];
}
if (isset($aurl['fragment'])) {
$forward .= '#' . $aurl['fragment'];
}
}
}
} else {
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
$res = exec_query($sql, $query, $alias_name);
$query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
$res2 = exec_query($sql, $query, $alias_name);
if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
// we already have domain with this name
$err_al = tr("Domain with this name already exist");
}
// $query = "
// SELECT
// COUNT(`subdomain_id`) AS cnt
// FROM
// `subdomain`
// WHERE
// `domain_id` = ?
// AND
// `subdomain_mount` = ?
// ;";
// $subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
// $subdomdata = $subdomres->fetchRow();
//
// $query = "
// SELECT
// COUNT(`subdomain_alias_id`) AS alscnt
// FROM
// `subdomain_alias`
// WHERE
// `alias_id`
// IN (
// SELECT
// `alias_id`
// FROM
// `domain_aliasses`
// WHERE
// `domain_id` = ?
// )
// AND
// `subdomain_alias_mount` = ?
// ;";
// $alssubdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
// $alssubdomdata = $alssubdomres->fetchRow();
//
// if ($subdomdata['cnt'] > 0 || $alssubdomdata['alscnt'] > 0) {
// $err_al = tr("There is a subdomain with the same mount point!");
// }
}
}
}
if ('_off_' !== $err_al) {
return;
}
// Begin add new alias domain
$status = $cfg->ITEM_ORDERED_STATUS;
$query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $status, $domain_ip, $forward));
$dmn_id = $sql->insertId();
AddDefaultDNSEntries(0, $dmn_id, $alias_name, $domain_ip);
update_reseller_c_props(get_reseller_id($cr_user_id));
$admin_login = $_SESSION['user_logged'];
if ($status == $cfg->ITEM_ORDERED_STATUS) {
// notify the reseller:
send_alias_order_email($alias_name);
write_log("{$admin_login}: add domain alias for activation: {$alias_name}.");
set_page_message(tr('Alias scheduled for activation!'), 'success');
} else {
// TODO: Check
// send_request('110 DOMAIN alias '.$dmn_id);
write_log("{$admin_login}: domain alias scheduled for addition: {$alias_name}.");
set_page_message(tr('Alias scheduled for addition!'), 'success');
}
user_goto('domains_manage.php');
}
/**
* @todo
* * Database user with same name can be added several times
* * If creation of database user fails in MySQL-Table, database user is already
* in loclal EasySCP table -> Error handling
*/
function add_sql_user($sql, $user_id, $db_id)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
// let's check user input
if (empty($_POST['user_name']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Please type user name!'), 'warning');
return;
}
if (empty($_POST['pass']) && empty($_POST['pass_rep']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Please type user password!'), 'warning');
return;
}
if (isset($_POST['pass']) && isset($_POST['pass_rep']) && $_POST['pass'] !== $_POST['pass_rep'] && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Entered passwords do not match!'), 'warning');
return;
}
if (isset($_POST['pass']) && strlen($_POST['pass']) > $cfg->MAX_SQL_PASS_LENGTH && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Too long user password!'), 'warning');
return;
}
if (isset($_POST['pass']) && !preg_match('/^[[:alnum:]:!*+#_.-]+$/', $_POST['pass']) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Don\'t use special chars like "@, $, %..." in the password!'), 'warning');
return;
}
if (isset($_POST['pass']) && !chk_password($_POST['pass']) && !isset($_POST['Add_Exist'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
return;
}
if (isset($_POST['Add_Exist'])) {
$query = "SELECT `sqlu_pass` FROM `sql_user` WHERE `sqlu_id` = ?";
$rs = exec_query($sql, $query, $_POST['sqluser_id']);
if ($rs->recordCount() == 0) {
set_page_message(tr('SQL-user not found! It might has been deleted by another user.'), 'warning');
return;
}
$user_pass = decrypt_db_password($rs->fields['sqlu_pass']);
} else {
$user_pass = $_POST['pass'];
}
$dmn_id = get_user_domain_id($user_id);
if (!isset($_POST['Add_Exist'])) {
// we'll use domain_id in the name of the database;
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_user = $dmn_id . "_" . clean_input($_POST['user_name']);
} else {
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_user = clean_input($_POST['user_name']) . "_" . $dmn_id;
} else {
$db_user = clean_input($_POST['user_name']);
}
}
} else {
$query = "SELECT `sqlu_name` FROM `sql_user` WHERE `sqlu_id` = ?";
$rs = exec_query($sql, $query, $_POST['sqluser_id']);
$db_user = $rs->fields['sqlu_name'];
}
if (strlen($db_user) > $cfg->MAX_SQL_USER_LENGTH) {
set_page_message(tr('User name too long!'), 'warning');
return;
}
// are wildcards used?
if (preg_match("/[%|\\?]+/", $db_user)) {
set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
return;
}
// have we such sql user in the system?!
if (check_db_user($sql, $db_user) && !isset($_POST['Add_Exist'])) {
set_page_message(tr('Specified SQL username name already exists!'), 'warning');
return;
}
// add user in the EasySCP table;
$query = "\n\t\tINSERT INTO `sql_user`\n\t\t\t(`sqld_id`, `sqlu_name`, `sqlu_pass`)\n\t\tVALUES\n\t\t\t(?, ?, ?)\n\t";
exec_query($sql, $query, array($db_id, $db_user, encrypt_db_password($user_pass)));
update_reseller_c_props(get_reseller_id($dmn_id));
$query = "\n\t\tSELECT\n\t\t\t`sqld_name` AS `db_name`\n\t\tFROM\n\t\t\t`sql_database`\n\t\tWHERE\n\t\t\t`sqld_id` = ?\n\t\tAND\n\t\t\t`domain_id` = ?\n\t";
$rs = exec_query($sql, $query, array($db_id, $dmn_id));
$db_name = $rs->fields['db_name'];
$db_name = preg_replace("/([_%\\?\\*])/", '\\\\$1', $db_name);
// add user in the mysql system tables
$query = "GRANT ALL PRIVILEGES ON " . quoteIdentifier($db_name) . ".* TO ?@? IDENTIFIED BY ?";
exec_query($sql, $query, array($db_user, "localhost", $user_pass));
exec_query($sql, $query, array($db_user, "%", $user_pass));
write_log($_SESSION['user_logged'] . ": add SQL user: " . tohtml($db_user));
set_page_message(tr('SQL user successfully added!'), 'info');
user_goto('sql_manage.php');
}