gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -29,7 +29,14 @@
			*/

			class auth {

			var $client_limits = null;

			public function get_user_id()
			{
			global $app;
			return $app->functions->intval($_SESSION['s']['user']['userid']);
			}

			public function is_admin() {
			if($_SESSION['s']['user']['typ'] == 'admin') {
			return true;
			@@ -38,30 +45,38 @@
			}
			}

			public function is_superadmin() {
			if($_SESSION['s']['user']['typ'] == 'admin' && $_SESSION['s']['user']['userid'] == 1) {
			return true;
			} else {
			return false;
			}
			}

			public function has_clients($userid) {
			global $app, $conf;

			$userid = intval($userid);

			$userid = $app->functions->intval($userid);
			$client = $app->db->queryOneRecord("SELECT client.limit_client FROM sys_user, client WHERE sys_user.userid = $userid AND sys_user.client_id = client.client_id");
			if($client['limit_client'] > 0) {
			if($client['limit_client'] != 0) {
			return true;
			} else {
			return false;
			}
			}


			//** This function adds a given group id to a given user.
			public function add_group_to_user($userid,$groupid) {
			public function add_group_to_user($userid, $groupid) {
			global $app;

			$userid = intval($userid);
			$groupid = intval($groupid);


			$userid = $app->functions->intval($userid);
			$groupid = $app->functions->intval($groupid);

			if($userid > 0 && $groupid > 0) {
			$user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $userid");
			$groups = explode(',',$user['groups']);
			if(!in_array($groupid,$groups)) $groups[] = $groupid;
			$groups_string = implode(',',$groups);
			$groups = explode(',', $user['groups']);
			if(!in_array($groupid, $groups)) $groups[] = $groupid;
			$groups_string = implode(',', $groups);
			$sql = "UPDATE sys_user SET groups = '$groups_string' WHERE userid = $userid";
			$app->db->query($sql);
			return true;
			@@ -69,20 +84,41 @@
			return false;
			}
			}


			//** This function returns given client limit as integer, -1 means no limit
			public function get_client_limit($userid, $limitname)
			{
			global $app;

			$userid = $app->functions->intval($userid);
			if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$limitname)) $app->error('Invalid limit name '.$limitname);

			// simple query cache
			if($this->client_limits===null)
			$this->client_limits = $app->db->queryOneRecord("SELECT client.* FROM sys_user, client WHERE sys_user.userid = $userid AND sys_user.client_id = client.client_id");

			// isn't client -> no limit
			if(!$this->client_limits)
			return -1;

			if(isset($this->client_limits['limit_'.$limitname])) {
			return $this->client_limits['limit_'.$limitname];
			}
			}

			//** This function removes a given group id from a given user.
			public function remove_group_from_user($userid,$groupid) {
			public function remove_group_from_user($userid, $groupid) {
			global $app;

			$userid = intval($userid);
			$groupid = intval($groupid);


			$userid = $app->functions->intval($userid);
			$groupid = $app->functions->intval($groupid);

			if($userid > 0 && $groupid > 0) {
			$user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $userid");
			$groups = explode(',',$user['groups']);
			$key = array_search($groupid,$groups);
			$groups = explode(',', $user['groups']);
			$key = array_search($groupid, $groups);
			unset($groups[$key]);
			$groups_string = implode(',',$groups);
			$groups_string = implode(',', $groups);
			$sql = "UPDATE sys_user SET groups = '$groups_string' WHERE userid = $userid";
			$app->db->query($sql);
			return true;
			@@ -90,17 +126,83 @@
			return false;
			}
			}


			public function check_module_permissions($module) {
			// Check if the current user has the permissions to access this module
			if(!stristr($_SESSION["s"]["user"]["modules"],$module)) {
			$user_modules = explode(',',$_SESSION["s"]["user"]["modules"]);
			if(!in_array($module,$user_modules)) {
			// echo "LOGIN_REDIRECT:/index.php";
			header("Location: /index.php");
			exit;
			}
			}


			public function check_security_permissions($permission) {

			global $app;

			$app->uses('getconf');
			$security_config = $app->getconf->get_security_config('permissions');

			$security_check = false;
			if($security_config[$permission] == 'yes') $security_check = true;
			if($security_config[$permission] == 'superadmin' && $app->auth->is_superadmin()) $security_check = true;
			if($security_check !== true) {
			$app->error($app->lng('security_check1_txt').' '.$permission.' '.$app->lng('security_check2_txt'));
			}

			}

			public function get_random_password($minLength = 8, $special = false) {
			$minLength = $minLength \|\| 10;
			if($minLength < 8) $minLength = 8;
			$maxLength = $minLength + 5;
			$length = mt_rand($minLength, $maxLength);

			$alphachars = "abcdefghijklmnopqrstuvwxyz";
			$upperchars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
			$numchars = "1234567890";
			$specialchars = "!@#_";

			$num_special = 0;
			if($special == true) {
			$num_special = intval(mt_rand(0, round($length / 4))) + 1;
			}
			$numericlen = mt_rand(1, 2);
			$alphalen = $length - $num_special - $numericlen;
			$upperlen = intval($alphalen / 2);
			$alphalen = $alphalen - $upperlen;
			$password = '';

			for($i = 0; $i < $alphalen; $i++) {
			$password .= substr($alphachars, mt_rand(0, strlen($alphachars) - 1), 1);
			}

			for($i = 0; $i < $upperlen; $i++) {
			$password .= substr($upperchars, mt_rand(0, strlen($upperchars) - 1), 1);
			}

			for($i = 0; $i < $num_special; $i++) {
			$password .= substr($specialchars, mt_rand(0, strlen($specialchars) - 1), 1);
			}

			for($i = 0; $i < $numericlen; $i++) {
			$password .= substr($numchars, mt_rand(0, strlen($numchars) - 1), 1);
			}

			return str_shuffle($password);
			}

			public function crypt_password($cleartext_password) {
			$salt="$1$";
			$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
			for ($n=0;$n<8;$n++) {
			$salt.=$base64_alphabet[mt_rand(0, 63)];
			}
			$salt.="$";
			return crypt($cleartext_password, $salt);
			}

			}

			?>
			?>