Пример #1
0
            $res_tmp = exec_query($sql, "SELECT `subdomain_name` FROM `subdomain` WHERE `subdomain_id` = ?", $data['sub_id']);
            $dat_tmp = $res_tmp->fetchRow();
            $mail_name = $data['mail_acc'] . '@' . $dat_tmp['subdomain_name'] . '.' . $dmn_name;
        } else {
            if (preg_match("/" . MT_ALSSUB_MAIL . "/", $data['mail_type']) || preg_match("/" . MT_ALSSUB_FORWARD . "/", $data['mail_type'])) {
                // mail to subdomain
                $res_tmp = exec_query($sql, "SELECT `subdomain_alias_name`, `alias_name` FROM `subdomain_alias` AS t1, `domain_aliasses` AS t2 WHERE t1.`alias_id` = t2.`alias_id` AND `subdomain_alias_id` = ?", $data['sub_id']);
                $dat_tmp = $res_tmp->fetchRow();
                $mail_name = $data['mail_acc'] . '@' . $dat_tmp['subdomain_alias_name'] . '.' . $dat_tmp['alias_name'];
            }
        }
    }
}
$query = "SELECT `mail_id` FROM `mail_users` WHERE `mail_acc` = ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ? OR `mail_acc` LIKE ?";
$res_tmp = exec_query($sql, $query, array($mail_name, "{$mail_name},%", "%,{$mail_name},%", "%,{$mail_name}"));
$num = $res_tmp->rowCount();
if ($num > 0) {
    set_page_message(tr('First delete the CatchAll account for this email!'), 'warning');
    $_SESSION['catchall_assigned'] = 1;
    user_goto('mail_accounts.php');
}
$sql_param = array(':status' => $cfg->ITEM_DELETE_STATUS, ':mail_id' => $delete_id);
$sql_query = "\n\tUPDATE\n\t\t`mail_users`\n\tSET\n\t\t`status` = :status\n\tWHERE\n\t\t`mail_id` = :mail_id\n";
DB::prepare($sql_query);
DB::execute($sql_param);
update_reseller_c_props(get_reseller_id($data['domain_id']));
send_request('130 MAIL ' . $data['domain_id']);
$admin_login = decode_idna($_SESSION['user_logged']);
write_log("{$admin_login}: deletes mail account: " . $mail_name);
$_SESSION['maildel'] = 1;
user_goto('mail_accounts.php');
Пример #2
0
function change_domain_status($domain_id, $domain_name, $action, $location)
{
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    if ($action == 'disable') {
        $new_status = $cfg->ITEM_TODISABLED_STATUS;
    } else {
        if ($action == 'enable') {
            $new_status = $cfg->ITEM_TOENABLE_STATUS;
        } else {
            return;
        }
    }
    // TODO Prüfen wie man das mit den Mails behandeln soll == abschalten / nicht abschalten
    $query = "\n\t\tSELECT\n\t\t\t`mail_id`,\n\t\t\t`mail_pass`,\n\t\t\t`mail_type`\n\t\tFROM\n\t\t\t`mail_users`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t\t;\n\t";
    $rs = exec_query($sql, $query, $domain_id);
    while (!$rs->EOF) {
        $mail_id = $rs->fields['mail_id'];
        $mail_pass = $rs->fields['mail_pass'];
        $mail_type = $rs->fields['mail_type'];
        if ($cfg->HARD_MAIL_SUSPENSION) {
            $mail_status = $new_status;
        } else {
            if ($action == 'disable') {
                $timestamp = time();
                $pass_prefix = substr(md5($timestamp), 0, 4);
                if (preg_match('/^' . MT_NORMAL_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALIAS_MAIL . '/', $mail_type) || preg_match('/^' . MT_SUBDOM_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALSSUB_MAIL . '/', $mail_type)) {
                    $mail_pass = decrypt_db_password($mail_pass);
                    $mail_pass = $pass_prefix . $mail_pass;
                    $mail_pass = encrypt_db_password($mail_pass);
                }
            } else {
                if ($action == 'enable') {
                    if (preg_match('/^' . MT_NORMAL_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALIAS_MAIL . '/', $mail_type) || preg_match('/^' . MT_SUBDOM_MAIL . '/', $mail_type) || preg_match('/^' . MT_ALSSUB_MAIL . '/', $mail_type)) {
                        $mail_pass = decrypt_db_password($mail_pass);
                        $mail_pass = substr($mail_pass, 4, 50);
                        $mail_pass = encrypt_db_password($mail_pass);
                    }
                } else {
                    return;
                }
            }
            $mail_status = $cfg->ITEM_CHANGE_STATUS;
        }
        $query = "\n\t\t\tUPDATE\n\t\t\t\t`mail_users`\n\t\t\tSET\n\t\t\t\t`mail_pass` = ?,\n\t\t\t\t`status` = ?\n\t\t\tWHERE\n\t\t\t\t`mail_id` = ?\n\t\t\t;\n\t\t";
        // NXW: Unused result so..
        // $rs2 = exec_query(
        //	$sql, $query, array($mail_pass, $mail_status, $mail_id)
        //);
        exec_query($sql, $query, array($mail_pass, $mail_status, $mail_id));
        $rs->moveNext();
    }
    send_request('130 MAIL ' . $domain_id);
    $query = "\n\t\tUPDATE\n\t\t\tdomain\n\t\tSET\n\t\t\tstatus = ?\n\t\tWHERE\n\t\t\tdomain_id = ?\n\t\t;\n\t";
    exec_query($sql, $query, array($new_status, $domain_id));
    send_request('110 DOMAIN domain ' . $domain_id);
    $query = "\n\t\tUPDATE\n\t\t\tdomain_aliasses\n\t\tSET\n\t\t\tstatus = ?\n\t\tWHERE\n\t\t\tdomain_id = ?\n\t\t;\n\t";
    exec_query($sql, $query, array($new_status, $domain_id));
    send_request('110 DOMAIN alias ' . $domain_id);
    // let's get back to user overview after the system changes are finished
    $user_logged = $_SESSION['user_logged'];
    update_reseller_c_props(get_reseller_id($domain_id));
    if ($action == 'disable') {
        write_log("{$user_logged}: suspended domain: {$domain_name}");
        $_SESSION['user_disabled'] = 1;
    } else {
        if ($action == 'enable') {
            write_log("{$user_logged}: enabled domain: {$domain_name}");
            $_SESSION['user_enabled'] = 1;
        } else {
            return;
        }
    }
    if ($location == 'admin') {
        header('Location: manage_users.php');
    } else {
        if ($location == 'reseller') {
            header('Location: users.php?psi=last');
        }
    }
    die;
}
Пример #3
0
function add_sql_database($sql, $user_id)
{
    $cfg = EasySCP_Registry::get('Config');
    if (!isset($_POST['uaction'])) {
        return;
    }
    // let's generate database name.
    if (empty($_POST['db_name'])) {
        set_page_message(tr('Please specify a database name!'), 'warning');
        return;
    }
    $dmn_id = get_user_domain_id($user_id);
    if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
        // we'll use domain_id in the name of the database;
        if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
            $db_name = $dmn_id . "_" . clean_input($_POST['db_name']);
        } else {
            if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
                $db_name = clean_input($_POST['db_name']) . "_" . $dmn_id;
            }
        }
    } else {
        $db_name = clean_input($_POST['db_name']);
    }
    if (strlen($db_name) > $cfg->MAX_SQL_DATABASE_LENGTH) {
        set_page_message(tr('Database name is too long!'), 'warning');
        return;
    }
    // have we such database in the system!?
    if (check_db_name($sql, $db_name)) {
        set_page_message(tr('Specified database name already exists!'), 'warning');
        return;
    }
    // are wildcards used?
    if (preg_match("/[%|\\?]+/", $db_name)) {
        set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
        return;
    }
    DB::query('CREATE DATABASE IF NOT EXISTS `' . $db_name . '` DEFAULT CHARACTER SET ' . EasyConfig::$cfg->DATABASE_DEFAULT_CHARACTER_SET . ' COLLATE ' . EasyConfig::$cfg->DATABASE_DEFAULT_COLLATE . ';')->closeCursor();
    $sql_param = array(':domain_id' => $dmn_id, ':sqld_name' => $db_name);
    $sql_query = "\n\t\tINSERT INTO\n\t\t\tsql_database (domain_id, sqld_name, status)\n\t\tVALUES\n\t\t\t(:domain_id, :sqld_name, 'ok');\n\t";
    DB::prepare($sql_query);
    DB::execute($sql_param)->closeCursor();
    update_reseller_c_props(get_reseller_id($dmn_id));
    write_log($_SESSION['user_logged'] . ": adds new SQL database: " . tohtml($db_name));
    set_page_message(tr('SQL database created successfully!'), 'info');
    user_goto('sql_manage.php');
}
Пример #4
0
    $query = "SELECT COUNT(`mail_id`) AS cnt FROM `mail_users` WHERE (`mail_type` LIKE '" . MT_SUBDOM_MAIL . "%' OR `mail_type` = '" . MT_SUBDOM_FORWARD . "') AND `sub_id` = ?";
    $rs = exec_query($sql, $query, $sub_id);
    if ($rs->fields['cnt'] > 0) {
        set_page_message(tr('The subdomain you are trying to remove has email accounts!<br />Rremove them first!'), 'warning');
        user_goto('domains_manage.php');
    }
    // check for existing aliassubdomains
    $sql_param = array(':subdomain_id' => $sub_id);
    $query = "\n\t\tSELECT \n\t\t\tCOUNT(subdomain_alias_id) AS cnt\n\t\tFROM\n\t\t\tsubdomain_alias\n\t\tWHERE\n\t\t\tsubdomain_id = :subdomain_id\n\t";
    DB::prepare($query);
    $row = DB::execute($sql_param)->fetch();
    if ($row['cnt'] > 0) {
        set_page_message(tr('The subdomain you are trying to remove has aliassubdomains assigned!<br />Rremove them first!'), 'warning');
        user_goto('domains_manage.php');
    }
    $query = "\n\t\tUPDATE\n\t\t\t`subdomain`\n\t\tSET\n\t\t\t`status` = 'delete'\n\t\tWHERE\n\t\t\t`subdomain_id` = ?\n\t";
    $rs = exec_query($sql, $query, $sub_id);
    $query = "\n\t\tUPDATE\n\t\t\t`domain`\n\t\tSET\n\t\t\t`status` = 'change'\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
    $rs = exec_query($sql, $query, $dmn_id);
    update_reseller_c_props(get_reseller_id($dmn_id));
    if ($_POST['dmn_type'] == 'als') {
        send_request('110 DOMAIN alias ' . $dmn_id);
    } else {
        send_request('110 DOMAIN domain ' . $dmn_id);
    }
    write_log($_SESSION['user_logged'] . ": deletes subdomain: " . $sub_name);
    set_page_message(tr('Subdomain scheduled for deletion!'), 'info');
    user_goto('domains_manage.php');
} else {
    user_goto('domains_manage.php');
}
Пример #5
0
/**
 *
 * @global <type> $cr_user_id
 * @global <type> $alias_name
 * @global <type> $domain_ip
 * @global <type> $forward
 * @global <type> $forward_prefix
 * @global <type> $mount_point
 * @global <type> $validation_err_msg
 * @param <type> $err_al
 * @return <type>
 */
function add_domain_alias(&$err_al)
{
    global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    $cr_user_id = $dmn_id = $_SESSION['dmn_id'];
    $alias_name = strtolower(clean_input($_POST['ndomain_name']));
    $domain_ip = $_SESSION['dmn_ip'];
    $mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
    if ($_POST['status'] == 1) {
        $forward = encode_idna(strtolower(clean_input($_POST['forward'])));
        $forward_prefix = clean_input($_POST['forward_prefix']);
    } else {
        $forward = 'no';
        $forward_prefix = '';
    }
    // Check if input string is a valid domain names
    if (!validates_dname($alias_name)) {
        set_page_message($validation_err_msg, 'warning');
        return;
    }
    // Should be perfomed after domain names syntax validation now
    $alias_name = encode_idna($alias_name);
    if (easyscp_domain_exists($alias_name, $_SESSION['user_id'])) {
        $err_al = tr('Domain with that name already exists on the system!');
    } else {
        if (!validates_mpoint($mount_point) && $mount_point != '/') {
            $err_al = tr("Incorrect mount point syntax");
        } else {
            if ($_POST['status'] == 1) {
                $aurl = @parse_url($forward_prefix . decode_idna($forward));
                if ($aurl === false) {
                    $err_al = tr("Wrong address in forward URL!");
                } else {
                    $domain = $aurl['host'];
                    if (substr_count($domain, '.') <= 2) {
                        $ret = validates_dname($domain);
                    } else {
                        $ret = validates_dname($domain, true);
                    }
                    if (!$ret) {
                        $err_al = tr("Wrong domain part in forward URL!");
                    } else {
                        $domain = encode_idna($aurl['host']);
                        $forward = $aurl['scheme'] . '://';
                        if (isset($aurl['user'])) {
                            $forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
                        }
                        $forward .= $domain;
                        if (isset($aurl['port'])) {
                            $forward .= ':' . $aurl['port'];
                        }
                        if (isset($aurl['path'])) {
                            $forward .= $aurl['path'];
                        } else {
                            $forward .= '/';
                        }
                        if (isset($aurl['query'])) {
                            $forward .= '?' . $aurl['query'];
                        }
                        if (isset($aurl['fragment'])) {
                            $forward .= '#' . $aurl['fragment'];
                        }
                    }
                }
            } else {
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
                $res = exec_query($sql, $query, $alias_name);
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
                $res2 = exec_query($sql, $query, $alias_name);
                if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
                    // we already have a domain with this name
                    $err_al = tr("Domain with this name already exist");
                }
                if (mount_point_exists($dmn_id, $mount_point)) {
                    $err_al = tr('Mount point already in use!');
                }
            }
        }
    }
    if ('_off_' !== $err_al) {
        set_page_message($err_al, 'error');
        return;
    }
    // Begin add new alias domain
    $query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
    exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $cfg->ITEM_ADD_STATUS, $domain_ip, $forward));
    $alias_id = $sql->insertId();
    update_reseller_c_props(get_reseller_id($cr_user_id));
    send_request('110 DOMAIN alias ' . $alias_id);
    $admin_login = $_SESSION['user_logged'];
    write_log("{$admin_login}: add domain alias: {$alias_name}");
    $_SESSION['alias_added_succesfully'] = 1;
    user_goto('user_add4.php?accout=' . $cr_user_id);
}
Пример #6
0
/**
 * @param int $user_id
 * @param int $domain_id
 * @param <type> $sub_name
 * @param <type> $sub_mnt_pt
 * @param <type> $forward
 */
function subdomain_schedule($user_id, $domain_id, $sub_name, $sub_mnt_pt, $forward, $sub_id = null)
{
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    $status_add = $cfg->ITEM_ADD_STATUS;
    if ($_POST['dmn_type'] == 'als') {
        $query = "\n\t\t\tINSERT INTO\n\t\t\t\tsubdomain_alias\n\t\t\t\t\t(alias_id,\n\t\t\t\t\tsubdomain_alias_name,\n\t\t\t\t\tsubdomain_alias_mount,\n\t\t\t\t\tsubdomain_alias_url_forward,\n\t\t\t\t\tstatus,subdomain_id)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?, ?)\n\t\t;";
        exec_query($sql, $query, array($domain_id, $sub_name, $sub_mnt_pt, $forward, $status_add, $sub_id));
    } else {
        $query = "\n\t\t\tINSERT INTO\n\t\t\t\t`subdomain`\n\t\t\t\t\t(`domain_id`,\n\t\t\t\t\t`subdomain_name`,\n\t\t\t\t\t`subdomain_mount`,\n\t\t\t\t\t`subdomain_url_forward`,\n\t\t\t\t\t`status`)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?)\n\t\t;";
        exec_query($sql, $query, array($domain_id, $sub_name, $sub_mnt_pt, $forward, $status_add));
    }
    update_reseller_c_props(get_reseller_id($domain_id));
    //	$subdomain_id = $sql->insertId();
    // We do not need to create the default mail addresses, subdomains are
    // related to their domains.
    write_log($_SESSION['user_logged'] . ": adds new subdomain: " . $sub_name);
    if ($_POST['dmn_type'] == 'als') {
        send_request('110 DOMAIN alias ' . $domain_id);
    } else {
        send_request('110 DOMAIN domain ' . $domain_id);
    }
}
Пример #7
0
/**
 *
 * @global <type> $cr_user_id
 * @global <type> $alias_name
 * @global <type> $domain_ip
 * @global <type> $forward
 * @global <type> $forward_prefix
 * @global <type> $mount_point
 * @global <type> $validation_err_msg
 * @param <type> $err_al
 * @return <type>
 */
function add_domain_alias(&$err_al)
{
    global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    $cr_user_id = $_POST['usraccounts'];
    $alias_name = strtolower($_POST['ndomain_name']);
    $mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
    if ($_POST['status'] == 1) {
        $forward = encode_idna(strtolower(clean_input($_POST['forward'])));
        $forward_prefix = clean_input($_POST['forward_prefix']);
    } else {
        $forward = 'no';
        $forward_prefix = '';
    }
    $query = "\n\t\tSELECT\n\t\t\t`domain_ip_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t;";
    $rs = exec_query($sql, $query, $cr_user_id);
    $domain_ip = $rs->fields['domain_ip_id'];
    // First check if input string is a valid domain names
    if (!validates_dname($alias_name)) {
        $err_al = $validation_err_msg;
        return;
    }
    // Should be perfomed after domain names syntax validation now
    $alias_name = encode_idna($alias_name);
    if (easyscp_domain_exists($alias_name, $_SESSION['user_id'])) {
        $err_al = tr('Domain with that name already exists on the system!');
        //	} else if (!validates_mpoint($mount_point) && $mount_point != '/') {
        //		$err_al = tr("Incorrect mount point syntax");
    } else {
        if ($alias_name == $cfg->BASE_SERVER_VHOST) {
            $err_al = tr('Master domain cannot be used!');
        } else {
            if ($_POST['status'] == 1) {
                $aurl = @parse_url($forward_prefix . decode_idna($forward));
                if ($aurl === false) {
                    $err_al = tr("Wrong address in forward URL!");
                } else {
                    $domain = $aurl['host'];
                    if (substr_count($domain, '.') <= 2) {
                        $ret = validates_dname($domain);
                    } else {
                        $ret = validates_dname($domain, true);
                    }
                    if (!$ret) {
                        $err_al = tr("Wrong domain part in forward URL!");
                    } else {
                        $domain = encode_idna($aurl['host']);
                        $forward = $aurl['scheme'] . '://';
                        if (isset($aurl['user'])) {
                            $forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
                        }
                        $forward .= $domain;
                        if (isset($aurl['port'])) {
                            $forward .= ':' . $aurl['port'];
                        }
                        if (isset($aurl['path'])) {
                            $forward .= $aurl['path'];
                        } else {
                            $forward .= '/';
                        }
                        if (isset($aurl['query'])) {
                            $forward .= '?' . $aurl['query'];
                        }
                        if (isset($aurl['fragment'])) {
                            $forward .= '#' . $aurl['fragment'];
                        }
                    }
                }
            } else {
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
                $res = exec_query($sql, $query, $alias_name);
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
                $res2 = exec_query($sql, $query, $alias_name);
                if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
                    // we already have domain with this name
                    $err_al = tr("Domain with this name already exist");
                }
                $query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`subdomain_id`) AS cnt\n\t\t\tFROM\n\t\t\t\t`subdomain`\n\t\t\tWHERE\n\t\t\t\t\t`domain_id` = ?\n\t\t\t\tAND `subdomain_mount` = ?\n\t\t\t;";
                $subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
                $subdomdata = $subdomres->fetchRow();
                $query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`subdomain_alias_id`) AS alscnt\n\t\t\tFROM\n\t\t\t\t`subdomain_alias`\n\t\t\tWHERE\n\t\t\t\t\t`alias_id`\n\t\t\t\tIN (\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t`alias_id`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t`domain_aliasses`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`domain_id` = ?\n\t\t\t\t\t)\n\t\t\t\tAND\n\t\t\t\t\t`subdomain_alias_mount` = ?\n\t\t;";
                $alssubdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
                $alssubdomdata = $alssubdomres->fetchRow();
                if ($subdomdata['cnt'] > 0 || $alssubdomdata['alscnt'] > 0) {
                    $err_al = tr("There is a subdomain with the same mount point!");
                }
            }
        }
    }
    if ('_off_' !== $err_al) {
        return;
    }
    // Begin add new alias domain
    $alias_name = htmlspecialchars($alias_name, ENT_QUOTES, "UTF-8");
    $query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`,  `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
    exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $cfg->ITEM_ADD_STATUS, $domain_ip, $forward));
    $als_id = $sql->insertId();
    update_reseller_c_props(get_reseller_id($cr_user_id));
    $query = "\n\t\tSELECT\n\t\t\t`email`\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t\tLIMIT 1\n\t;";
    $rs = exec_query($sql, $query, who_owns_this($cr_user_id, 'dmn_id'));
    $user_email = $rs->fields['email'];
    // Create the three default addresses if required
    if ($cfg->CREATE_DEFAULT_EMAIL_ADDRESSES) {
        client_mail_add_default_accounts($cr_user_id, $user_email, $alias_name, 'alias', $als_id);
    }
    send_request('110 DOMAIN alias ' . $als_id);
    $admin_login = $_SESSION['user_logged'];
    write_log("{$admin_login}: add domain alias: {$alias_name}");
    $_SESSION["aladd"] = '_yes_';
    user_goto('alias.php');
}
Пример #8
0
/**
 *
 * @global <type> $cr_user_id
 * @global <type> $alias_name
 * @global <type> $domain_ip
 * @global <type> $forward
 * @global <type> $forward_prefix
 * @global <type> $mount_point
 * @global <type> $validation_err_msg
 * @param <type> $err_al
 * @return <type>
 */
function add_domain_alias(&$err_al)
{
    global $cr_user_id, $alias_name, $domain_ip, $forward, $forward_prefix, $mount_point, $validation_err_msg;
    $cfg = EasySCP_Registry::get('Config');
    $sql = EasySCP_Registry::get('Db');
    $cr_user_id = get_user_domain_id($_SESSION['user_id']);
    $alias_name = strtolower($_POST['ndomain_name']);
    //	$mount_point = array_encode_idna(strtolower($_POST['ndomain_mpoint']), true);
    if ($_POST['status'] == 1) {
        $forward = encode_idna(strtolower(clean_input($_POST['forward'])));
        $forward_prefix = clean_input($_POST['forward_prefix']);
    } else {
        $forward = 'no';
        $forward_prefix = '';
    }
    $query = "\n\t\tSELECT\n\t\t\t`domain_ip_id`\n\t\tFROM\n\t\t\t`domain`\n\t\tWHERE\n\t\t\t`domain_id` = ?\n\t";
    $rs = exec_query($sql, $query, $cr_user_id);
    $domain_ip = $rs->fields['domain_ip_id'];
    // First check if input string is a valid domain names
    if (!validates_dname($alias_name)) {
        $err_al = $validation_err_msg;
        return;
    }
    // Should be perfomed after domain names syntax validation now
    $alias_name = encode_idna($alias_name);
    if (easyscp_domain_exists($alias_name, 0)) {
        $err_al = tr('Domain with that name already exists on the system!');
        //	} else if (!validates_mpoint($mount_point) && $mount_point != '/') {
        //		$err_al = tr("Incorrect mount point syntax");
    } else {
        if ($alias_name == $cfg->BASE_SERVER_VHOST) {
            $err_al = tr('Master domain cannot be used!');
        } else {
            if ($_POST['status'] == 1) {
                $aurl = @parse_url($forward_prefix . decode_idna($forward));
                if ($aurl === false) {
                    $err_al = tr("Wrong address in forward URL!");
                } else {
                    $domain = $aurl['host'];
                    if (substr_count($domain, '.') <= 2) {
                        $ret = validates_dname($domain);
                    } else {
                        $ret = validates_dname($domain, true);
                    }
                    if (!$ret) {
                        $err_al = tr("Wrong domain part in forward URL!");
                    } else {
                        $domain = encode_idna($aurl['host']);
                        $forward = $aurl['scheme'] . '://';
                        if (isset($aurl['user'])) {
                            $forward .= $aurl['user'] . (isset($aurl['pass']) ? ':' . $aurl['pass'] : '') . '@';
                        }
                        $forward .= $domain;
                        if (isset($aurl['port'])) {
                            $forward .= ':' . $aurl['port'];
                        }
                        if (isset($aurl['path'])) {
                            $forward .= $aurl['path'];
                        } else {
                            $forward .= '/';
                        }
                        if (isset($aurl['query'])) {
                            $forward .= '?' . $aurl['query'];
                        }
                        if (isset($aurl['fragment'])) {
                            $forward .= '#' . $aurl['fragment'];
                        }
                    }
                }
            } else {
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses`\n\t\t\tWHERE\n\t\t\t\t`alias_name` = ?\n\t\t;";
                $res = exec_query($sql, $query, $alias_name);
                $query = "\n\t\t\tSELECT\n\t\t\t\t`domain_id`\n\t\t\tFROM\n\t\t\t\t`domain`\n\t\t\tWHERE\n\t\t\t\t`domain_name` = ?\n\t\t;";
                $res2 = exec_query($sql, $query, $alias_name);
                if ($res->rowCount() > 0 || $res2->rowCount() > 0) {
                    // we already have domain with this name
                    $err_al = tr("Domain with this name already exist");
                }
                //		$query = "
                //			SELECT
                //				COUNT(`subdomain_id`) AS cnt
                //			FROM
                //				`subdomain`
                //			WHERE
                //					`domain_id` = ?
                //				AND
                //					`subdomain_mount` = ?
                //		;";
                //		$subdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
                //		$subdomdata = $subdomres->fetchRow();
                //
                //		$query = "
                //			SELECT
                //				COUNT(`subdomain_alias_id`) AS alscnt
                //			FROM
                //				`subdomain_alias`
                //			WHERE
                //					`alias_id`
                //				IN (
                //					SELECT
                //						`alias_id`
                //					FROM
                //						`domain_aliasses`
                //					WHERE
                //						`domain_id` = ?
                //				)
                //				AND
                //					`subdomain_alias_mount` = ?
                //		;";
                //		$alssubdomres = exec_query($sql, $query, array($cr_user_id, $mount_point));
                //		$alssubdomdata = $alssubdomres->fetchRow();
                //
                //		if ($subdomdata['cnt'] > 0 || $alssubdomdata['alscnt'] > 0) {
                //			$err_al = tr("There is a subdomain with the same mount point!");
                //		}
            }
        }
    }
    if ('_off_' !== $err_al) {
        return;
    }
    // Begin add new alias domain
    $status = $cfg->ITEM_ORDERED_STATUS;
    $query = "\n\t\tINSERT INTO\n\t\t\t`domain_aliasses` (\n\t\t\t\t`domain_id`, `alias_name`, `alias_mount`, `status`,\n\t\t\t\t`alias_ip_id`, `url_forward`\n\t\t\t)\n\t\tVALUES\n\t\t\t(?, ?, ?, ?, ?, ?)\n\t;";
    exec_query($sql, $query, array($cr_user_id, $alias_name, $mount_point, $status, $domain_ip, $forward));
    $dmn_id = $sql->insertId();
    AddDefaultDNSEntries(0, $dmn_id, $alias_name, $domain_ip);
    update_reseller_c_props(get_reseller_id($cr_user_id));
    $admin_login = $_SESSION['user_logged'];
    if ($status == $cfg->ITEM_ORDERED_STATUS) {
        // notify the reseller:
        send_alias_order_email($alias_name);
        write_log("{$admin_login}: add domain alias for activation: {$alias_name}.");
        set_page_message(tr('Alias scheduled for activation!'), 'success');
    } else {
        // TODO: Check
        //		send_request('110 DOMAIN alias '.$dmn_id);
        write_log("{$admin_login}: domain alias scheduled for addition: {$alias_name}.");
        set_page_message(tr('Alias scheduled for addition!'), 'success');
    }
    user_goto('domains_manage.php');
}
Пример #9
0
/**
 * @todo
 * 	* Database user with same name can be added several times
 *  * If creation of database user fails in MySQL-Table, database user is already
 * 		in loclal EasySCP table -> Error handling
 */
function add_sql_user($sql, $user_id, $db_id)
{
    $cfg = EasySCP_Registry::get('Config');
    if (!isset($_POST['uaction'])) {
        return;
    }
    // let's check user input
    if (empty($_POST['user_name']) && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Please type user name!'), 'warning');
        return;
    }
    if (empty($_POST['pass']) && empty($_POST['pass_rep']) && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Please type user password!'), 'warning');
        return;
    }
    if (isset($_POST['pass']) && isset($_POST['pass_rep']) && $_POST['pass'] !== $_POST['pass_rep'] && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Entered passwords do not match!'), 'warning');
        return;
    }
    if (isset($_POST['pass']) && strlen($_POST['pass']) > $cfg->MAX_SQL_PASS_LENGTH && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Too long user password!'), 'warning');
        return;
    }
    if (isset($_POST['pass']) && !preg_match('/^[[:alnum:]:!*+#_.-]+$/', $_POST['pass']) && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Don\'t use special chars like "@, $, %..." in the password!'), 'warning');
        return;
    }
    if (isset($_POST['pass']) && !chk_password($_POST['pass']) && !isset($_POST['Add_Exist'])) {
        if ($cfg->PASSWD_STRONG) {
            set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
        } else {
            set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
        }
        return;
    }
    if (isset($_POST['Add_Exist'])) {
        $query = "SELECT `sqlu_pass` FROM `sql_user` WHERE `sqlu_id` = ?";
        $rs = exec_query($sql, $query, $_POST['sqluser_id']);
        if ($rs->recordCount() == 0) {
            set_page_message(tr('SQL-user not found! It might has been deleted by another user.'), 'warning');
            return;
        }
        $user_pass = decrypt_db_password($rs->fields['sqlu_pass']);
    } else {
        $user_pass = $_POST['pass'];
    }
    $dmn_id = get_user_domain_id($user_id);
    if (!isset($_POST['Add_Exist'])) {
        // we'll use domain_id in the name of the database;
        if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
            $db_user = $dmn_id . "_" . clean_input($_POST['user_name']);
        } else {
            if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on' && isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
                $db_user = clean_input($_POST['user_name']) . "_" . $dmn_id;
            } else {
                $db_user = clean_input($_POST['user_name']);
            }
        }
    } else {
        $query = "SELECT `sqlu_name` FROM `sql_user` WHERE `sqlu_id` = ?";
        $rs = exec_query($sql, $query, $_POST['sqluser_id']);
        $db_user = $rs->fields['sqlu_name'];
    }
    if (strlen($db_user) > $cfg->MAX_SQL_USER_LENGTH) {
        set_page_message(tr('User name too long!'), 'warning');
        return;
    }
    // are wildcards used?
    if (preg_match("/[%|\\?]+/", $db_user)) {
        set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
        return;
    }
    // have we such sql user in the system?!
    if (check_db_user($sql, $db_user) && !isset($_POST['Add_Exist'])) {
        set_page_message(tr('Specified SQL username name already exists!'), 'warning');
        return;
    }
    // add user in the EasySCP table;
    $query = "\n\t\tINSERT INTO `sql_user`\n\t\t\t(`sqld_id`, `sqlu_name`, `sqlu_pass`)\n\t\tVALUES\n\t\t\t(?, ?, ?)\n\t";
    exec_query($sql, $query, array($db_id, $db_user, encrypt_db_password($user_pass)));
    update_reseller_c_props(get_reseller_id($dmn_id));
    $query = "\n\t\tSELECT\n\t\t\t`sqld_name` AS `db_name`\n\t\tFROM\n\t\t\t`sql_database`\n\t\tWHERE\n\t\t\t`sqld_id` = ?\n\t\tAND\n\t\t\t`domain_id` = ?\n\t";
    $rs = exec_query($sql, $query, array($db_id, $dmn_id));
    $db_name = $rs->fields['db_name'];
    $db_name = preg_replace("/([_%\\?\\*])/", '\\\\$1', $db_name);
    // add user in the mysql system tables
    $query = "GRANT ALL PRIVILEGES ON " . quoteIdentifier($db_name) . ".* TO ?@? IDENTIFIED BY ?";
    exec_query($sql, $query, array($db_user, "localhost", $user_pass));
    exec_query($sql, $query, array($db_user, "%", $user_pass));
    write_log($_SESSION['user_logged'] . ": add SQL user: " . tohtml($db_user));
    set_page_message(tr('SQL user successfully added!'), 'info');
    user_goto('sql_manage.php');
}