function padd_user(&$tpl, &$sql, &$dmn_id)
{
if (isset($_POST['uaction']) && $_POST['uaction'] == 'add_user') {
// we have user to add
if (isset($_POST['username']) && isset($_POST['pass']) && isset($_POST['pass_rep'])) {
if (chk_username($_POST['username']) > 0) {
set_page_message(tr('Wrong username!'));
return;
}
if (chk_password($_POST['pass']) > 0) {
set_page_message(tr('Incorrect password range or syntax!'));
return;
}
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr('Passwords does not match!'));
return;
}
$uname = $_POST['username'];
$upass = crypt($_POST['pass']);
$query = <<<SQL_QUERY
select
\t\t\tid
from
htaccess_users
where
uname = ?
\t\t\t and
\t\t\t dmn_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($uname, $dmn_id));
if ($rs->RecordCount() == 0) {
$query = <<<SQL_QUERY
insert into htaccess_users
(dmn_id, uname, upass)
values
(?, ?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_id, $uname, $upass));
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add user (protected areas) -> {$uname}");
header('Location: puser_manage.php');
die;
} else {
set_page_message(tr('User already exist !'));
return;
}
}
} else {
return;
}
}
function padd_group(&$tpl, &$sql, &$dmn_id)
{
if (isset($_POST['uaction']) && $_POST['uaction'] == 'add_group') {
// we have user to add
if (isset($_POST['groupname'])) {
if (chk_username($_POST['groupname']) > 0) {
set_page_message(tr('Wrong username!'));
return;
}
$groupname = $_POST['groupname'];
$query = <<<SQL_QUERY
select
\t\t\tid
from
htaccess_groups
where
ugroup = ?
\t\tand
\t\t\t dmn_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($groupname, $dmn_id));
if ($rs->RecordCount() == 0) {
$query = <<<SQL_QUERY
insert into htaccess_groups
(dmn_id, ugroup)
values
(?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_id, $groupname));
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add group (protected areas) -> {$groupname}");
$gadd = 1;
header('Location: puser_manage.php');
die;
} else {
set_page_message(tr('Group already exist !'));
return;
}
}
} else {
return;
}
}
function check_user_data()
{
global $reseller_ips, $sql;
$username = $_POST['username'];
$query = <<<SQL_QUERY
select
admin_id
from
admin
where
admin_name=?
SQL_QUERY;
$rs = exec_query($sql, $query, array($username));
if ($rs->RecordCount() != 0) {
set_page_message(tr('This user name already exist!'));
return false;
}
if (chk_username($_POST['username'])) {
set_page_message(tr("Incorrect username range or syntax!"));
return false;
}
if (chk_password($_POST['pass'])) {
set_page_message(tr("Incorrect password range or syntax!"));
return false;
}
if ($_POST['pass'] != $_POST['pass_rep']) {
set_page_message(tr("Entered passwords does not match!"));
return false;
}
if (chk_email($_POST['email'])) {
set_page_message(tr("Incorrect email range or syntax!"));
return false;
}
if (!vhcs_limit_check($_POST['nreseller_max_domain_cnt'], 999) || $_POST['nreseller_max_domain_cnt'] == -1) {
set_page_message(tr("Incorrect max domain count or syntax!"));
return false;
}
if (!vhcs_limit_check($_POST['nreseller_max_subdomain_cnt'], 999) || $_POST['nreseller_max_subdomain_cnt'] == -1) {
set_page_message(tr("Incorrect max subdomain count or syntax!"));
return false;
}
if (!vhcs_limit_check($_POST['nreseller_max_alias_cnt'], 999) || $_POST['nreseller_max_alias_cnt'] == -1) {
set_page_message(tr('Incorrect max alias count or syntax!'));
return false;
}
if (!vhcs_limit_check($_POST['nreseller_max_ftp_cnt'], 999) || $_POST['nreseller_max_ftp_cnt'] == -1) {
set_page_message(tr('Incorrect max FTP count or syntax!'));
return false;
}
if (!vhcs_limit_check($_POST['nreseller_max_mail_cnt'], 999) || $_POST['nreseller_max_mail_cnt'] == -1) {
set_page_message(tr('Incorrect max mail count or syntax!'));
return false;
} else {
if (!vhcs_limit_check($_POST['nreseller_max_sql_db_cnt'], 999) || $_POST['nreseller_max_sql_db_cnt'] == -1) {
set_page_message(tr('Incorrect max SQL databases count or syntax!'));
return false;
} else {
if (!vhcs_limit_check($_POST['nreseller_max_sql_user_cnt'], 999) || $_POST['nreseller_max_sql_user_cnt'] == -1) {
set_page_message(tr('Incorrect max SQL users count or syntax!'));
return false;
} else {
if (!vhcs_limit_check($_POST['nreseller_max_traffic'], 999999) || $_POST['nreseller_max_traffic'] == -1) {
set_page_message(tr('Incorrect max traffic amount or syntax!'));
return false;
} else {
if (!vhcs_limit_check($_POST['nreseller_max_disk'], 999999) || $_POST['nreseller_max_disk'] == -1) {
set_page_message(tr('Incorrect max disk amount or syntax!'));
return false;
} else {
if ($reseller_ips == '') {
set_page_message(tr('You must assign at least one IP number for a reseller!'));
return false;
}
}
}
}
}
}
return true;
}
function check_user_data()
{
global $sql;
$username = $_POST['username'];
$query = <<<SQL_QUERY
select
admin_id
from
admin
where
admin_name = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($username));
if ($rs->RecordCount() != 0) {
set_page_message(tr('This user name already exist!'));
return false;
}
if (chk_username($_POST['username'])) {
set_page_message(tr("Incorrect username range or syntax!"));
return false;
}
if (chk_password($_POST['pass'])) {
set_page_message(tr("Incorrect password range or syntax!"));
return false;
}
if ($_POST['pass'] != $_POST['pass_rep']) {
set_page_message(tr("Entered passwords does not match!"));
return false;
}
if (chk_email($_POST['email'])) {
set_page_message(tr("Incorrect email range or syntax!"));
return false;
}
return true;
}
function add_ftp_user(&$sql, $dmn_name)
{
global $cfg;
$username = strtolower($_POST['username']);
$res_uname = preg_match("/\\./", $username, $match);
if ($res_uname == 1) {
set_page_message(tr("Incorrect username range or syntax!"));
return;
}
$res = preg_match("/\\.\\./", $_POST['other_dir'], $match);
if (chk_username($username)) {
set_page_message(tr("Incorrect username range or syntax!"));
return;
}
if ($_POST['dmn_type'] === 'dmn') {
$ftp_user = $username . $cfg['FTP_USERNAME_SEPARATOR'] . $dmn_name;
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . $_POST['other_dir'];
if (!is_dir($ftp_home) || $res !== 0) {
set_page_message($_POST['other_dir'] . tr(' do not exist'));
return;
}
} else {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}";
}
} else {
if ($_POST['dmn_type'] === 'als') {
$ftp_user = $username . $cfg['FTP_USERNAME_SEPARATOR'] . $_POST['als_id'];
$alias_mount_point = get_alias_mount_point($sql, $_POST['als_id']);
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . $_POST['other_dir'];
if (!is_dir($ftp_home) || $res !== 0) {
set_page_message($_POST['other_dir'] . tr(' do not exist'));
return;
}
} else {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . $alias_mount_point;
}
} else {
if ($_POST['dmn_type'] === 'sub') {
$ftp_user = $username . $cfg['FTP_USERNAME_SEPARATOR'] . $_POST['sub_id'] . '.' . $dmn_name;
if (isset($_POST['use_other_dir']) && $_POST['use_other_dir'] === 'on') {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . $_POST['other_dir'];
if (!is_dir($ftp_home) || $res !== 0) {
set_page_message($_POST['other_dir'] . tr(' do not exist'));
return;
}
} else {
$ftp_home = $cfg['FTP_HOMEDIR'] . "/{$dmn_name}" . "/" . $_POST['sub_id'];
}
}
}
}
$ftp_gid = get_ftp_user_gid($sql, $dmn_name, $ftp_user);
$ftp_uid = get_ftp_user_uid($sql, $dmn_name, $ftp_user, $ftp_gid);
if ($ftp_uid == -1) {
return;
}
$ftp_shell = $cfg['FTP_SHELL'];
$ftp_passwd = crypt_user_ftp_pass($_POST['pass']);
$query = <<<SQL_QUERY
insert into ftp_users
(userid, passwd, uid, gid, shell, homedir)
values
(?, ?, ?, ?, ?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($ftp_user, $ftp_passwd, $ftp_uid, $ftp_gid, $ftp_shell, $ftp_home));
write_log($_SESSION['user_logged'] . " : add new FTP account -> {$ftp_user}");
set_page_message(tr('FTP account added!'));
header('Location: ftp_accounts.php');
exit(0);
}
function schedule_mail_account(&$sql, $dmn_id, $dmn_name)
{
global $cfg;
$domain_id = $dmn_id;
// standard whithoz encoding
//$mail_acc = $_POST['username'];
// lets encode the mail
$mail_acc_tmp = strtolower($_POST['username']);
$mail_acc = get_punny($mail_acc_tmp);
//encoded
$status = $cfg['ITEM_ADD_STATUS'];
$mail_auto_respond = '_no_';
if ($_POST['mail_type'] === 'normal') {
if ($_POST['dmn_type'] === 'dmn') {
$mail_pass = $_POST['pass'];
$mail_forward = '_no_';
$mail_type = 'normal_mail';
$sub_id = '0';
} else {
if ($_POST['dmn_type'] === 'sub') {
$mail_pass = $_POST['pass'];
$mail_forward = '_no_';
$mail_type = 'subdom_mail';
$sub_id = $_POST['sub_id'];
} else {
if ($_POST['dmn_type'] === 'als') {
$mail_pass = $_POST['pass'];
$mail_forward = '_no_';
$mail_type = 'alias_mail';
$sub_id = $_POST['als_id'];
}
}
}
$check_acc_query = <<<SQL_QUERY
select
count(mail_id) as cnt
from
mail_users
where
mail_acc = ?
and
domain_id = ?
and
mail_type = ?
and
sub_id = ?
SQL_QUERY;
$rs = exec_query($sql, $check_acc_query, array($mail_acc, $domain_id, $mail_type, $sub_id));
} else {
if ($_POST['mail_type'] === 'forward') {
if ($_POST['dmn_type'] === 'dmn') {
$mail_pass = '******';
$mail_forward = $_POST['forward_list'];
$faray = preg_split("/[\n]+/", $mail_forward);
foreach ($faray as $value) {
$value = trim($value);
if (chk_email($value) > 0 && $value !== '') {
/* ERR .. strange :) not email in this line - warrning */
set_page_message(tr("Mail forward list error!"));
return;
} else {
if ($value === '') {
set_page_message(tr("Mail forward list error!"));
return;
}
}
}
$mail_type = 'normal_forward';
$sub_id = '0';
} else {
if ($_POST['dmn_type'] === 'sub') {
$mail_pass = '******';
$mail_forward = $_POST['forward_list'];
$faray = preg_split("/[\n]+/", $mail_forward);
foreach ($faray as $value) {
$value = trim($value);
if (chk_email($value) > 0 && $value !== '') {
/* ERR .. strange :) not email in this line - warrning */
set_page_message(tr("Mail forward list error!"));
return;
}
}
$mail_type = 'subdom_forward';
$sub_id = $_POST['sub_id'];
} else {
if ($_POST['dmn_type'] === 'als') {
$mail_pass = '******';
$mail_forward = $_POST['forward_list'];
$faray = preg_split("/[\n]+/", $mail_forward);
foreach ($faray as $value) {
$value = trim($value);
if (chk_email($value) > 0 && $value !== '') {
/* ERR .. strange :) not email in this line - warrning */
set_page_message(tr("Mail forward list error!"));
return;
}
}
$mail_type = 'alias_forward';
$sub_id = $_POST['als_id'];
}
}
}
$check_acc_query = <<<SQL_QUERY
select
count(mail_id) as cnt
from
mail_users
where
mail_acc = ?
and
domain_id = ?
and
sub_id = ?
SQL_QUERY;
$rs = exec_query($sql, $check_acc_query, array($mail_acc, $domain_id, $sub_id));
}
}
if ($rs->fields['cnt'] > 0) {
set_page_message(tr('Mail account already exists!'));
return;
}
if (chk_username($mail_acc)) {
set_page_message(tr("Incorrect username range or syntax!"));
return;
}
check_for_lock_file();
$query = <<<SQL_QUERY
insert into mail_users
(mail_acc,
mail_pass,
mail_forward,
domain_id,
mail_type,
sub_id,
status,
mail_auto_respond)
values
(?, ?, ?, ?, ?, ?, ?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($mail_acc, $mail_pass, $mail_forward, $domain_id, $mail_type, $sub_id, $status, $mail_auto_respond));
write_log($_SESSION['user_logged'] . " : add new mail account -> " . $mail_acc . "@" . $dmn_name);
set_page_message(tr('Mail account scheduled for addition!'));
send_request();
header("Location: email_accounts.php");
exit(0);
}
