gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -39,7 +39,7 @@
			//* remote session timeout in seconds
			private $session_timeout = 600;

			private $server;
			protected $server;
			public $oldDataRecord;
			public $dataRecord;
			public $id;
			@@ -67,13 +67,21 @@
			{
			global $app, $conf, $server;

			// Maintenance mode
			$app->uses('ini_parser,getconf');
			$server_config_array = $app->getconf->get_global_config('misc');
			if($server_config_array['maintenance_mode'] == 'y'){
			$this->server->fault('maintenance_mode', 'This ISPConfig installation is currently under maintenance. We should be back shortly. Thank you for your patience.');
			return false;
			}

			if(empty($username)) {
			$this->server->fault('login_username_empty', 'The login username is empty');
			$this->server->fault('login_username_empty', 'The login username is empty.');
			return false;
			}

			if(empty($password)) {
			$this->server->fault('login_password_empty', 'The login password is empty');
			$this->server->fault('login_password_empty', 'The login password is empty.');
			return false;
			}

			@@ -155,6 +163,38 @@
			$sql = "SELECT server_id FROM server_ip WHERE ip_address = '$ipaddress' LIMIT 1 ";
			$all = $app->db->queryAllRecords($sql);
			return $all;
			}

			//* Add a IP address record
			public function server_ip_add($session_id, $client_id, $params)
			{
			if(!$this->checkPerm($session_id, 'server_ip_add')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}
			return $this->insertQuery('../admin/form/server_ip.tform.php',$client_id,$params);
			}

			//* Update IP address record
			public function server_ip_update($session_id, $client_id, $ip_id, $params)
			{
			if(!$this->checkPerm($session_id, 'server_ip_update')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}
			$affected_rows = $this->updateQuery('../admin/form/server_ip.tform.php',$client_id,$ip_id,$params);
			return $affected_rows;
			}

			//* Delete IP address record
			public function server_ip_delete($session_id, $ip_id)
			{
			if(!$this->checkPerm($session_id, 'server_ip_delete')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}
			$affected_rows = $this->deleteQuery('../admin/form/server_ip.tform.php',$ip_id);
			return $affected_rows;
			}

			//* Get mail domain details
			@@ -348,8 +388,8 @@
			$this->server->fault('permission_denied','You do not have the permissions to access this function.');
			return false;
			}
			$affected_rows = $this->deleteQuery('../mail/form/mail_user_filter.tform.php', $primary_id);
			$app->plugin->raiseEvent('mail:mail_user_filter:on_after_delete',$this);
			$affected_rows = $this->deleteQuery('../mail/form/mail_user_filter.tform.php', $primary_id,'mail:mail_user_filter:on_after_delete');
			// $app->plugin->raiseEvent('mail:mail_user_filter:on_after_delete',$this);
			return $affected_rows;
			}

			@@ -995,6 +1035,26 @@

			}

			public function client_get_groupid($session_id, $client_id)
			{
			global $app;
			if(!$this->checkPerm($session_id, 'client_get_id')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}

			$client_id = intval($client_id);

			$rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client_id);
			if(isset($rec['groupid'])) {
			return intval($rec['groupid']);
			} else {
			$this->server->fault('no_group_found', 'There is no group for this client ID.');
			return false;
			}

			}


			public function client_add($session_id, $reseller_id, $params)
			{
			@@ -1545,6 +1605,116 @@

			// DNS Function --------------------------------------------------------------------------------------------------

			//* Create Zone with Template
			public function dns_templatezone_add($session_id, $client_id, $template_id, $domain, $ip, $ns1, $ns2, $email)
			{
			global $app, $conf;
			if(!$this->checkPerm($session_id, 'dns_templatezone_add')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}

			$client = $app->db->queryOneRecord("SELECT default_dnsserver FROM client WHERE client_id = ".intval($client_id));
			$server_id = $client["default_dnsserver"];
			$template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '$template_id'");
			$fields = explode(',',$template_record['fields']);
			$tform_def_file = "../../web/dns/form/dns_soa.tform.php";
			$app->uses('tform');
			$app->tform->loadFormDef($tform_def_file);
			$app->uses('tpl,validate_dns');

			//* replace template placeholders
			$tpl_content = $template_record['template'];
			if($domain != '') $tpl_content = str_replace('{DOMAIN}',$domain,$tpl_content);
			if($ip != '') $tpl_content = str_replace('{IP}',$ip,$tpl_content);
			if($ns1 != '') $tpl_content = str_replace('{NS1}',$ns1,$tpl_content);
			if($ns2 != '') $tpl_content = str_replace('{NS2}',$ns2,$tpl_content);
			if($email != '') $tpl_content = str_replace('{EMAIL}',$email,$tpl_content);

			//* Parse the template
			$tpl_rows = explode("\n",$tpl_content);
			$section = '';
			$vars = array();
			$dns_rr = array();
			foreach($tpl_rows as $row) {
			$row = trim($row);
			if(substr($row,0,1) == '[') {
			if($row == '[ZONE]') {
			$section = 'zone';
			} elseif($row == '[DNS_RECORDS]') {
			$section = 'dns_records';
			} else {
			die('Unknown section type');
			}
			} else {
			if($row != '') {
			//* Handle zone section
			if($section == 'zone') {
			$parts = explode('=',$row);
			$key = trim($parts[0]);
			$val = trim($parts[1]);
			if($key != '') $vars[$key] = $val;
			}
			//* Handle DNS Record rows
			if($section == 'dns_records') {
			$parts = explode('\|',$row);
			$dns_rr[] = array(
			'name' => $app->db->quote($parts[1]),
			'type' => $app->db->quote($parts[0]),
			'data' => $app->db->quote($parts[2]),
			'aux' => $app->db->quote($parts[3]),
			'ttl' => $app->db->quote($parts[4])
			);
			}
			}
			}
			} // end foreach

			if($vars['origin'] == '') $error .= $app->lng('error_origin_empty').'<br />';
			if($vars['ns'] == '') $error .= $app->lng('error_ns_empty').'<br />';
			if($vars['mbox'] == '') $error .= $app->lng('error_mbox_empty').'<br />';
			if($vars['refresh'] == '') $error .= $app->lng('error_refresh_empty').'<br />';
			if($vars['retry'] == '') $error .= $app->lng('error_retry_empty').'<br />';
			if($vars['expire'] == '') $error .= $app->lng('error_expire_empty').'<br />';
			if($vars['minimum'] == '') $error .= $app->lng('error_minimum_empty').'<br />';
			if($vars['ttl'] == '') $error .= $app->lng('error_ttl_empty').'<br />';

			if($error == '') {
			// Insert the soa record
			$tmp = $app->db->queryOneRecord("SELECT userid,default_group FROM sys_user WHERE client_id = ".intval($client_id));
			$sys_userid = $tmp['userid'];
			$sys_groupid = $tmp['default_group'];
			unset($tmp);
			$origin = $app->db->quote($vars['origin']);
			$ns = $app->db->quote($vars['ns']);
			$mbox = $app->db->quote(str_replace('@','.',$vars['mbox']));
			$refresh = $app->db->quote($vars['refresh']);
			$retry = $app->db->quote($vars['retry']);
			$expire = $app->db->quote($vars['expire']);
			$minimum = $app->db->quote($vars['minimum']);
			$ttl = $app->db->quote($vars['ttl']);
			$xfer = $app->db->quote($vars['xfer']);
			$also_notify = $app->db->quote($vars['also_notify']);
			$update_acl = $app->db->quote($vars['update_acl']);
			$serial = $app->validate_dns->increase_serial(0);
			$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `origin`, `ns`, `mbox`, `serial`, `refresh`, `retry`, `expire`, `minimum`, `ttl`, `active`, `xfer`, `also_notify`, `update_acl`) VALUES
			('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$origin', '$ns', '$mbox', '$serial', '$refresh', '$retry', '$expire', '$minimum', '$ttl', 'Y', '$xfer', '$also_notify', '$update_acl')";
			$dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id');
			// Insert the dns_rr records
			if(is_array($dns_rr) && $dns_soa_id > 0) {
			foreach($dns_rr as $rr) {
			$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES
			('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')";
			$dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id');
			}
			}
			exit;
			} else {
			$this->server->fault('permission_denied', $error);
			}
			}


			//* Get record details
			public function dns_zone_get($session_id, $primary_id)
			{
			@@ -1558,6 +1728,30 @@
			$app->remoting_lib->loadFormDef('../dns/form/dns_soa.tform.php');
			return $app->remoting_lib->getDataRecord($primary_id);
			}

			//* Get record id by origin
			public function dns_zone_get_id($session_id, $origin)
			{
			global $app;

			if(!$this->checkPerm($session_id, 'dns_zone_get_id')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}

			if (preg_match('/^[a-z0-9][a-z0-9\-]+[a-z0-9](\.[a-z]{2,4})+$/i', $origin)) {
			$this->server->fault('no_domain_found', 'Invalid domain name.');
			return false;
			}

			$rec = $app->db->queryOneRecord("SELECT id FROM dns_soa WHERE origin like '".$origin.'%');
			if(isset($rec['id'])) {
			return intval($rec['id']);
			} else {
			$this->server->fault('no_domain_found', 'There is no domain ID with informed domain name.');
			return false;
			}
			}

			//* Add a record
			public function dns_zone_add($session_id, $client_id, $params)
			@@ -2156,14 +2350,28 @@

			//* Get the SQL query
			$sql = $app->remoting_lib->getSQL($params,'INSERT',0);
			$app->db->query($sql);

			//* Check if no system user with that username exists
			$username = $app->db->quote($params["username"]);
			$tmp = $app->db->queryOneRecord("SELECT count(userid) as number FROM sys_user WHERE username = '$username'");
			if($tmp['number'] > 0) $app->remoting_lib->errorMessage .= "Duplicate username<br />";

			//* Stop on error while preparing the sql query
			if($app->remoting_lib->errorMessage != '') {
			$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
			return false;
			}

			//* Execute the SQL query
			$app->db->query($sql);
			$insert_id = $app->db->insertID();


			//* Stop on error while executing the sql query
			if($app->remoting_lib->errorMessage != '') {
			$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
			return false;
			}

			$this->id = $insert_id;
			$this->dataRecord = $params;
			@@ -2254,6 +2462,7 @@

			//* Get the SQL query
			$sql = $app->remoting_lib->getSQL($params,'UPDATE',$primary_id);
			// $this->server->fault('debug', $sql);
			if($app->remoting_lib->errorMessage != '') {
			$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
			return false;
			@@ -2303,22 +2512,23 @@
			// set a few values for compatibility with tform actions, mostly used by plugins
			$this->oldDataRecord = $old_rec;
			$this->id = $primary_id;
			$this->dataRecord = $params;
			$this->dataRecord = $old_rec;
			//$this->dataRecord = $params;

			//* Get the SQL query
			$sql = $app->remoting_lib->getDeleteSQL($primary_id);

			$app->db->errorMessage = '';
			$app->db->query($sql);
			$affected_rows = $app->db->affectedRows();

			if($app->db->errorMessage != '') {

			if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);

			$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
			return false;
			}

			$affected_rows = $app->db->affectedRows();
			if($event_identifier != '') {
			$app->plugin->raiseEvent($event_identifier,$this);
			}

			//* Save changes to Datalog
			if($app->remoting_lib->formDef["db_history"] == 'yes') {
			@@ -2979,8 +3189,152 @@
			return $affected_rows;
			}

			//* Start VM
			public function openvz_vm_start($session_id, $vm_id)
			{
			global $app;

			if(!$this->checkPerm($session_id, 'vm_openvz')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}

			$app->uses('remoting_lib');
			$app->remoting_lib->loadFormDef('../vm/form/openvz_vm.tform.php');
			$vm = $app->remoting_lib->getDataRecord($vm_id);

			if(!is_array($vm)) {
			$this->server->fault('action_pending', 'No VM with this ID available.');
			return false;
			}

			if($vm['active'] == 'n') {
			$this->server->fault('action_pending', 'VM is not in active state.');
			return false;
			}

			$action = 'openvz_start_vm';

			$tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
			WHERE server_id = '".$vm['server_id']."'
			AND action_type = '$action'
			AND action_param = '".$vm['veid']."'
			AND action_state = 'pending'");

			if($tmp['actions'] > 0) {
			$this->server->fault('action_pending', 'There is already a action pending for this VM.');
			return false;
			} else {
			$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
			"VALUES (".
			(int)$vm['server_id'] . ", ".
			time() . ", ".
			"'".$action."', ".
			$vm['veid'].", ".
			"'pending', ".
			"''".
			")";
			$app->db->query($sql);
			}
			}

			//* Stop VM
			public function openvz_vm_stop($session_id, $vm_id)
			{
			global $app;

			if(!$this->checkPerm($session_id, 'vm_openvz')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}

			$app->uses('remoting_lib');
			$app->remoting_lib->loadFormDef('../vm/form/openvz_vm.tform.php');
			$vm = $app->remoting_lib->getDataRecord($vm_id);

			if(!is_array($vm)) {
			$this->server->fault('action_pending', 'No VM with this ID available.');
			return false;
			}

			if($vm['active'] == 'n') {
			$this->server->fault('action_pending', 'VM is not in active state.');
			return false;
			}

			$action = 'openvz_stop_vm';

			$tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
			WHERE server_id = '".$vm['server_id']."'
			AND action_type = '$action'
			AND action_param = '".$vm['veid']."'
			AND action_state = 'pending'");

			if($tmp['actions'] > 0) {
			$this->server->fault('action_pending', 'There is already a action pending for this VM.');
			return false;
			} else {
			$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
			"VALUES (".
			(int)$vm['server_id'] . ", ".
			time() . ", ".
			"'".$action."', ".
			$vm['veid'].", ".
			"'pending', ".
			"''".
			")";
			$app->db->query($sql);
			}
			}

			//* Restart VM
			public function openvz_vm_restart($session_id, $vm_id)
			{
			global $app;

			if(!$this->checkPerm($session_id, 'vm_openvz')) {
			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
			return false;
			}

			$app->uses('remoting_lib');
			$app->remoting_lib->loadFormDef('../vm/form/openvz_vm.tform.php');
			$vm = $app->remoting_lib->getDataRecord($vm_id);

			if(!is_array($vm)) {
			$this->server->fault('action_pending', 'No VM with this ID available.');
			return false;
			}

			if($vm['active'] == 'n') {
			$this->server->fault('action_pending', 'VM is not in active state.');
			return false;
			}

			$action = 'openvz_restart_vm';

			$tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
			WHERE server_id = '".$vm['server_id']."'
			AND action_type = '$action'
			AND action_param = '".$vm['veid']."'
			AND action_state = 'pending'");

			if($tmp['actions'] > 0) {
			$this->server->fault('action_pending', 'There is already a action pending for this VM.');
			return false;
			} else {
			$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
			"VALUES (".
			(int)$vm['server_id'] . ", ".
			time() . ", ".
			"'".$action."', ".
			$vm['veid'].", ".
			"'pending', ".
			"''".
			")";
			$app->db->query($sql);
			}
			}