| | |
|---|
| | | OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
|---|
| | | NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, |
|---|
| | | EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|---|
| | | |
|---|
| | | --UPDATED 08.2009-- |
|---|
| | | Full SOAP support for ISPConfig 3.1.4 b |
|---|
| | | Updated by Arkadiusz Roch & Artur Edelman |
|---|
| | | Copyright (c) Tri-Plex technology |
|---|
| | | |
|---|
| | | */ |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | * |
|---|
| | | * Hinweis: |
|---|
| | | * Das ID-Feld ist nicht bei den Table Values einzufügen. |
|---|
| | | * |
|---|
| | | * @package form |
|---|
| | | * @author Till Brehm |
|---|
| | | * @version 1.1 |
|---|
| | | */ |
|---|
| | | |
|---|
| | | class remoting_lib { |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Definition of the database atble (array) |
|---|
| | | * @var tableDef |
|---|
| | |
|---|
| | | //* Load the user profile |
|---|
| | | function loadUserProfile($client_id = 0) { |
|---|
| | | global $app,$conf; |
|---|
| | | |
|---|
| | | |
|---|
| | | $client_id = intval($client_id); |
|---|
| | | |
|---|
| | | |
|---|
| | | if($client_id == 0) { |
|---|
| | | $this->sys_username = 'admin'; |
|---|
| | | $this->sys_userid = 1; |
|---|
| | | $this->sys_default_group = 1; |
|---|
| | | $this->sys_groups = 1; |
|---|
| | | $this->sys_username = 'admin'; |
|---|
| | | $this->sys_userid = 1; |
|---|
| | | $this->sys_default_group = 1; |
|---|
| | | $this->sys_groups = 1; |
|---|
| | | $_SESSION["s"]["user"]["typ"] = 'admin'; |
|---|
| | | } else { |
|---|
| | | //* Load the client data |
|---|
| | | $client = $app->db->queryOneRecord("SELECT username FROM client WHERE client_id = $client_id"); |
|---|
| | | if($client["username"] == '') { |
|---|
| | | $this->errorMessage .= 'No client with ID $client_id found.'; |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | //* load system user |
|---|
| | | $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE username = '".$app->db->quote($client["username"])."'"); |
|---|
| | | //* load system user - try with sysuser and before with userid (workarrond) |
|---|
| | | /* |
|---|
| | | $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE sysuser_id = $client_id"); |
|---|
| | | if(empty($user["userid"])) { |
|---|
| | | $this->errorMessage .= 'No user with the username '.$client['username'].' found.'; |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | $this->sys_username = $user['username']; |
|---|
| | | $this->sys_userid = $user['userid']; |
|---|
| | | $this->sys_default_group = $user['default_group']; |
|---|
| | | $this->sys_groups = $user['groups']; |
|---|
| | | $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $client_id"); |
|---|
| | | if(empty($user["userid"])) { |
|---|
| | | $this->errorMessage .= "No sysuser with the ID $client_id found."; |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | }*/ |
|---|
| | | |
|---|
| | | $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = $client_id"); |
|---|
| | | $this->sys_username = $user['username']; |
|---|
| | | $this->sys_userid = $user['userid']; |
|---|
| | | $this->sys_default_group = $user['default_group']; |
|---|
| | | $this->sys_groups = $user['groups']; |
|---|
| | | // $_SESSION["s"]["user"]["typ"] = $user['typ']; |
|---|
| | | // we have to force admin priveliges for the remoting API as some function calls might fail otherwise. |
|---|
| | | $_SESSION["s"]["user"]["typ"] = 'admin'; |
|---|
| | | } |
|---|
| | | |
|---|
| | | return true; |
|---|
| | | |
|---|
| | | } |
|---|
| | | |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | $new_record[$key] = stripslashes($record[$key]); |
|---|
| | | break; |
|---|
| | | |
|---|
| | | case 'DATE': |
|---|
| | | case 'DATETSTAMP': |
|---|
| | | if($record[$key] > 0) { |
|---|
| | | $new_record[$key] = date($this->dateformat,$record[$key]); |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | |
|---|
| | | case 'DATE': |
|---|
| | | if($record[$key] != '' && $record[$key] != '0000-00-00') { |
|---|
| | | $tmp = explode('-',$record[$key]); |
|---|
| | | $new_record[$key] = date($this->dateformat,mktime(0, 0, 0, $tmp[1] , $tmp[2], $tmp[0])); |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | |
|---|
| | |
|---|
| | | switch ($field['datatype']) { |
|---|
| | | case 'VARCHAR': |
|---|
| | | if(!@is_array($record[$key])) { |
|---|
| | | $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):''; |
|---|
| | | $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):''; |
|---|
| | | } else { |
|---|
| | | $new_record[$key] = implode($field['separator'],$record[$key]); |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'TEXT': |
|---|
| | | if(!is_array($record[$key])) { |
|---|
| | | $new_record[$key] = addslashes($record[$key]); |
|---|
| | | $new_record[$key] = mysql_real_escape_string($record[$key]); |
|---|
| | | } else { |
|---|
| | | $new_record[$key] = implode($field['separator'],$record[$key]); |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'DATE': |
|---|
| | | case 'DATETSTAMP': |
|---|
| | | if($record[$key] > 0) { |
|---|
| | | list($tag,$monat,$jahr) = explode('.',$record[$key]); |
|---|
| | | $new_record[$key] = mktime(0,0,0,$monat,$tag,$jahr); |
|---|
| | | } else { |
|---|
| | | $new_record[$key] = 0; |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'DATE': |
|---|
| | | if($record[$key] != '' && $record[$key] != '0000-00-00') { |
|---|
| | | list($tag,$monat,$jahr) = explode('.',$record[$key]); |
|---|
| | | $new_record[$key] = $jahr.'-'.$monat.'-'.$tag; |
|---|
| | | //$tmp = strptime($record[$key],$this->dateformat); |
|---|
| | | //$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday']; |
|---|
| | | } else { |
|---|
| | | $new_record[$key] = '0000-00-00'; |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'INTEGER': |
|---|
| | |
|---|
| | | //if($key == 'refresh') die($record[$key]); |
|---|
| | | break; |
|---|
| | | case 'DOUBLE': |
|---|
| | | $new_record[$key] = addslashes($record[$key]); |
|---|
| | | $new_record[$key] = mysql_real_escape_string($record[$key]); |
|---|
| | | break; |
|---|
| | | case 'CURRENCY': |
|---|
| | | $new_record[$key] = str_replace(",",".",$record[$key]); |
|---|
| | | break; |
|---|
| | | |
|---|
| | | case 'DATETIME': |
|---|
| | | if (is_array($record[$key])) |
|---|
| | | { |
|---|
| | | $filtered_values = array_map(create_function('$item','return (int)$item;'), $record[$key]); |
|---|
| | | extract($filtered_values, EXTR_PREFIX_ALL, '_dt'); |
|---|
| | | |
|---|
| | | if ($_dt_day != 0 && $_dt_month != 0 && $_dt_year != 0) { |
|---|
| | | $new_record[$key] = date( 'Y-m-d H:i:s', mktime($_dt_hour, $_dt_minute, $_dt_second, $_dt_month, $_dt_day, $_dt_year) ); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | } |
|---|
| | | break; |
|---|
| | | case 'UNIQUE': |
|---|
| | | if($this->action == 'NEW') { |
|---|
| | | if($this->action == 'INSERT') { |
|---|
| | | $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'"); |
|---|
| | | if($num_rec["number"] > 0) { |
|---|
| | | $errmsg = $validator['errmsg']; |
|---|
| | |
|---|
| | | $sql_insert_key .= "`$key`, "; |
|---|
| | | if($field['encryption'] == 'CRYPT') { |
|---|
| | | $salt="$1$"; |
|---|
| | | $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; |
|---|
| | | for ($n=0;$n<8;$n++) { |
|---|
| | | $salt.=chr(mt_rand(64,126)); |
|---|
| | | //$salt.=chr(mt_rand(64,126)); |
|---|
| | | $salt.=$base64_alphabet[mt_rand(0,63)]; |
|---|
| | | } |
|---|
| | | $salt.="$"; |
|---|
| | | // $salt = substr(md5(time()),0,2); |
|---|
| | |
|---|
| | | if($field['formtype'] == 'PASSWORD') { |
|---|
| | | if($field['encryption'] == 'CRYPT') { |
|---|
| | | $salt="$1$"; |
|---|
| | | $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; |
|---|
| | | for ($n=0;$n<8;$n++) { |
|---|
| | | $salt.=chr(mt_rand(64,126)); |
|---|
| | | //$salt.=chr(mt_rand(64,126)); |
|---|
| | | $salt.=$base64_alphabet[mt_rand(0,63)]; |
|---|
| | | } |
|---|
| | | $salt.="$"; |
|---|
| | | // $salt = substr(md5(time()),0,2); |
|---|
| | |
|---|
| | | function getDataRecord($primary_id) { |
|---|
| | | global $app; |
|---|
| | | $escape = '`'; |
|---|
| | | $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; |
|---|
| | | return $app->db->queryOneRecord($sql); |
|---|
| | | if(@is_numeric($primary_id)) { |
|---|
| | | $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; |
|---|
| | | return $app->db->queryOneRecord($sql); |
|---|
| | | } elseif (@is_array($primary_id)) { |
|---|
| | | $sql_where = ''; |
|---|
| | | foreach($primary_id as $key => $val) { |
|---|
| | | $key = $app->db->quote($key); |
|---|
| | | $val = $app->db->quote($val); |
|---|
| | | $sql_where .= "$key = '$val' AND "; |
|---|
| | | } |
|---|
| | | $sql_where = substr($sql_where,0,-5); |
|---|
| | | $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$sql_where; |
|---|
| | | return $app->db->queryAllRecords($sql); |
|---|
| | | } else { |
|---|
| | | $this->errorMessage = 'The ID must be either an integer or an array.'; |
|---|
| | | return array(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | } |
|---|
| | | |
|---|
| | | function ispconfig_sysuser_add($params,$insert_id){ |
|---|
| | | global $conf,$app,$sql1; |
|---|
| | | $username = $app->db->quote($params["username"]); |
|---|
| | | $password = $app->db->quote($params["password"]); |
|---|
| | | if(!isset($params['modules'])) { |
|---|
| | | $modules = $conf['interface_modules_enabled']; |
|---|
| | | } else { |
|---|
| | | $modules = $app->db->quote($params['modules']); |
|---|
| | | } |
|---|
| | | if(!isset($params['startmodule'])) { |
|---|
| | | $startmodule = 'dashboard'; |
|---|
| | | } else { |
|---|
| | | $startmodule = $app->db->quote($params["startmodule"]); |
|---|
| | | if(!preg_match('/'.$startmodule.'/',$modules)) { |
|---|
| | | $_modules = explode(',',$modules); |
|---|
| | | $startmodule=$_modules[0]; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | $usertheme = $app->db->quote($params["usertheme"]); |
|---|
| | | $type = 'user'; |
|---|
| | | $active = 1; |
|---|
| | | $insert_id = intval($insert_id); |
|---|
| | | $language = $app->db->quote($params["language"]); |
|---|
| | | $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('$username','','$insert_id')", 'groupid'); |
|---|
| | | $groups = $groupid; |
|---|
| | | |
|---|
| | | $salt="$1$"; |
|---|
| | | $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; |
|---|
| | | for ($n=0;$n<8;$n++) { |
|---|
| | | $salt.=$base64_alphabet[mt_rand(0,63)]; |
|---|
| | | } |
|---|
| | | $salt.="$"; |
|---|
| | | $password = crypt(stripslashes($password),$salt); |
|---|
| | | $sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id) |
|---|
| | | VALUES ('$username','$password','$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)"; |
|---|
| | | $app->db->query($sql1); |
|---|
| | | } |
|---|
| | | |
|---|
| | | function ispconfig_sysuser_update($params,$client_id){ |
|---|
| | | global $app; |
|---|
| | | $username = $app->db->quote($params["username"]); |
|---|
| | | $password = $app->db->quote($params["password"]); |
|---|
| | | $client_id = intval($client_id); |
|---|
| | | $salt="$1$"; |
|---|
| | | $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; |
|---|
| | | for ($n=0;$n<8;$n++) { |
|---|
| | | $salt.=$base64_alphabet[mt_rand(0,63)]; |
|---|
| | | } |
|---|
| | | $salt.="$"; |
|---|
| | | $password = crypt(stripslashes($password),$salt); |
|---|
| | | $sql = "UPDATE sys_user set username = '$username', passwort = '$password' WHERE client_id = $client_id"; |
|---|
| | | $app->db->query($sql); |
|---|
| | | } |
|---|
| | | |
|---|
| | | function ispconfig_sysuser_delete($client_id){ |
|---|
| | | global $app; |
|---|
| | | $client_id = intval($client_id); |
|---|
| | | $sql = "DELETE FROM sys_user WHERE client_id = $client_id"; |
|---|
| | | $app->db->query($sql); |
|---|
| | | } |
|---|
| | | |
|---|
| | | function datalogSave($action,$primary_id, $record_old, $record_new) { |
|---|
| | | global $app,$conf; |
|---|
| | | |
|---|
| | | $app->db->datalogSave($this->formDef['db_table'], $action, $this->formDef['db_table_idx'], $primary_id, $record_old, $record_new); |
|---|
| | | return true; |
|---|
| | | /* |
|---|
| | | |
|---|
| | | if(stristr($this->formDef['db_table'],'.')) { |
|---|
| | | $escape = ''; |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* |
|---|
| | | echo "<pre>"; |
|---|
| | | print_r($diffrec_full); |
|---|
| | | echo "</pre>"; |
|---|
| | | */ |
|---|
| | | |
|---|
| | | // Insert the server_id, if the record has a server_id |
|---|
| | | $server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0; |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | return true; |
|---|
| | | */ |
|---|
| | | |
|---|
| | | } |
|---|
| | | |
|---|
| | | } |
|---|
| | | |
|---|
| | | ?> |
|---|
| | | ?> |
|---|
