function checkDedicatedAdmin($adm_login, $adm_pass, $dedicated_server_hostname) { global $pro_mysql_dedicated_table; checkLoginPass($adm_login, $adm_pass); $q = "SELECT * FROM {$pro_mysql_dedicated_table} WHERE owner='{$adm_login}' AND server_hostname='" . addslashes($dedicated_server_hostname) . "';"; $r = mysql_query($q) or die("Cannot query \"{$q}\" line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n == 1) { return true; } else { return false; } }
} } // action=new_ticket&subject=test+subject&server_hostname=test.vpsserver.com%3A01&issue_cat_id=network&ticketbody=I+can%27t+connect+to+my+VPS%21 if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "new_ticket") { checkLoginPass($adm_login, $adm_pass); if (strlen($_REQUEST["subject"]) == 0) { echo _("Subject line empty: cannot send ticket!"); } else { $hash = createSupportHash(); $q = "INSERT INTO {$pro_mysql_tik_queries_table} (id,adm_login,date,time,subject,text,cat_id,initial_ticket,server_hostname,hash)\n\t\tVALUES ('','{$adm_login}','" . date("Y-m-d") . "','" . date("H:i:s") . "','" . addslashes($_REQUEST["subject"]) . "','" . addslashes($_REQUEST["ticketbody"]) . "','" . addslashes($_REQUEST["issue_cat_id"]) . "','yes','" . addslashes($_REQUEST["server_hostname"]) . "','{$hash}');"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); mailTicketToAllAdmins($_REQUEST["subject"], $_REQUEST["ticketbody"], $adm_login); } } if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "add_ticket_reply") { checkLoginPass($adm_login, $adm_pass); if (!isRandomNum($_REQUEST["last_tik_id"]) || !isRandomNum($_REQUEST["tik_id"])) { echo _("last_tick_id or tik_id is not a number: hacking attempt!"); } else { // Insert the new ticket $q = "INSERT INTO {$pro_mysql_tik_queries_table} (id,adm_login,date,time,subject,text,cat_id,initial_ticket,server_hostname,in_reply_of_id,request_close)\n\t\tVALUES ('','{$adm_login}','" . date("Y-m-d") . "','" . date("H:i:s") . "','" . addslashes($_REQUEST["subject"]) . "','" . addslashes($_REQUEST["ticketbody"]) . "','" . addslashes($_REQUEST["cat_id"]) . "','no','" . addslashes($_REQUEST["server_hostname"]) . "','" . addslashes($_REQUEST["last_tik_id"]) . "','" . addslashes($_REQUEST["request_to_close"]) . "');"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); $ins_id = mysql_insert_id(); // Update the chained list of tickets $q = "UPDATE {$pro_mysql_tik_queries_table} SET reply_id='{$ins_id}' WHERE id='" . $_REQUEST["last_tik_id"] . "';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); // Set the initial ticket as reopen in case it was closed $q = "UPDATE {$pro_mysql_tik_queries_table} SET closed='no' WHERE id='" . $_REQUEST["tik_id"] . "';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); mailTicketToAllAdmins($_REQUEST["subject"], $_REQUEST["ticketbody"], $adm_login); }
function addDomainToUser($adm_login, $adm_pass, $domain_name, $domain_password = "") { global $pro_mysql_admin_table; global $conf_demo_version; global $pro_mysql_domain_table; global $pro_mysql_subdomain_table; global $pro_mysql_cronjob_table; global $conf_main_site_ip; global $conf_chroot_path; global $conf_generated_file_path; global $conf_root_admin_random_pass; global $conf_pass_expire; global $conf_unix_type; checkLoginPass($adm_login, $adm_pass); $query = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';"; $result = mysql_query($query) or die("Cannot query : \"{$query}\" line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); $numrows = mysql_num_rows($result); if ($numrows != 1) { die("Cannot fetch admin path (maybe rotative random password expired) line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); } $row = mysql_fetch_array($result); $admin_path = $row["path"]; // Create subdirectorys & html front page if ($conf_demo_version == "no") { if (!file_exists($admin_path)) { mkdir($admin_path, 0755); } make_new_adm_domain_dir("{$admin_path}/{$domain_name}"); if ($conf_unix_type == "bsd") { // no -u in freebsd, blows away custom changes, NEEDFIX: KC exec("cp -flpRv {$conf_chroot_path}/* {$admin_path}/{$domain_name}/subdomains/www"); createSymLink("subdomains/www/libexec", "{$admin_path}/{$domain_name}/libexec"); // also symlink libexec for fbsd while we're here: KC createSymLink("{$domain_name}/subdomains/www/libexec", "{$admin_path}/libexec"); } else { exec("cp -fulpRv {$conf_chroot_path}/* {$admin_path}/{$domain_name}/subdomains/www"); } exec("cp -fulpRv {$conf_chroot_path}/* {$admin_path}/{$domain_name}/subdomains/www"); // create a link so that the user can log in via SSH to $admin_path or $admin_path/$domain_name // typo renamed to foreach *steveetm* $folder_list = "bin var lib sbin tmp usr dev etc"; $unamestring = exec("uname -m", $unameout, $unameret); $arch = $unameout[0]; if ($arch == "x86_64") { $folder_list = " lib64"; } foreach (explode(" ", $folder_list) as $subdir) { createSymLink("subdomains/www/{$subdir}", "{$admin_path}/{$domain_name}/{$subdir}"); createSymLink("{$domain_name}/subdomains/www/{$subdir}", "{$admin_path}/{$subdir}"); } if ($conf_unix_type == "bsd") { // no -u in freebsd, could blow away custom changes, NEEDFIX: KC $cp_opt = "p"; } else { $cp_opt = "up"; } system("cp -r{$cp_opt} {$conf_generated_file_path}/template/* {$admin_path}/{$domain_name}/subdomains/www/html"); if (file_exists("{$conf_generated_file_path}/template/.htaccess")) { system("cp -{$cp_opt} {$conf_generated_file_path}/template/.htaccess {$admin_path}/{$domain_name}/subdomains/www/html"); } } // Create domain in database $domupdate_query = "INSERT INTO {$pro_mysql_domain_table} (name,owner,default_subdomain,ip_addr,registrar_password) VALUES ('" . $domain_name . "','{$adm_login}','www','" . $conf_main_site_ip . "','{$domain_password}');"; $domupdate_result = mysql_query($domupdate_query) or die("Cannot execute query \"{$domupdate_query}\"! line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); // Create default domain www $adm_query = "INSERT INTO {$pro_mysql_subdomain_table} (id,domain_name,subdomain_name,path) VALUES ('','" . $domain_name . "','www','www');"; mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" !!!" . mysql_error()); // Tell the cron job to activate the changes $adm_query = "UPDATE {$pro_mysql_cronjob_table} SET qmail_newu='yes',restart_qmail='yes',reload_named='yes',restart_apache='yes',gen_vhosts='yes',gen_named='yes',gen_qmail='yes',gen_webalizer='yes',gen_backup='yes' WHERE 1;"; mysql_query($adm_query); }