From 1ca823723668e01b1b998faec5f8d8153545cfa8 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 04 Apr 2011 08:22:29 -0400
Subject: [PATCH] Merged revisions 2181-2262 from stable branch.
---
interface/lib/classes/remoting_lib.inc.php | 51 ++++++++++++++++++++++++++++++++++++++++-----------
1 files changed, 40 insertions(+), 11 deletions(-)
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 06a4d6d..57ff998 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -166,7 +166,9 @@
$this->sys_userid = $user['userid'];
$this->sys_default_group = $user['default_group'];
$this->sys_groups = $user['groups'];
- $_SESSION["s"]["user"]["typ"] = $user['typ'];
+ // $_SESSION["s"]["user"]["typ"] = $user['typ'];
+ // we have to force admin priveliges for the remoting API as some function calls might fail otherwise.
+ $_SESSION["s"]["user"]["typ"] = 'admin';
}
return true;
@@ -659,11 +661,23 @@
}
function ispconfig_sysuser_add($params,$insert_id){
- global $app,$sql1;
+ global $conf,$app,$sql1;
$username = $app->db->quote($params["username"]);
$password = $app->db->quote($params["password"]);
- $modules = 'mail,sites,dns,tools';
- $startmodule = 'mail';
+ if(!isset($params['modules'])) {
+ $modules = $conf['interface_modules_enabled'];
+ } else {
+ $modules = $app->db->quote($params['modules']);
+ }
+ if(!isset($params['startmodule'])) {
+ $startmodule = 'dashboard';
+ } else {
+ $startmodule = $app->db->quote($params["startmodule"]);
+ if(!preg_match('/'.$startmodule.'/',$modules)) {
+ $_modules = explode(',',$modules);
+ $startmodule=$_modules[0];
+ }
+ }
$usertheme = $app->db->quote($params["usertheme"]);
$type = 'user';
$active = 1;
@@ -671,8 +685,16 @@
$language = $app->db->quote($params["language"]);
$groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('$username','','$insert_id')", 'groupid');
$groups = $groupid;
+
+ $salt="$1$";
+ $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+ for ($n=0;$n<8;$n++) {
+ $salt.=$base64_alphabet[mt_rand(0,63)];
+ }
+ $salt.="$";
+ $password = crypt(stripslashes($password),$salt);
$sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
- VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
+ VALUES ('$username','$password','$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
$app->db->query($sql1);
}
@@ -681,7 +703,14 @@
$username = $app->db->quote($params["username"]);
$password = $app->db->quote($params["password"]);
$client_id = intval($client_id);
- $sql = "UPDATE sys_user set username = '$username', passwort = md5('$password') WHERE client_id = $client_id";
+ $salt="$1$";
+ $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+ for ($n=0;$n<8;$n++) {
+ $salt.=$base64_alphabet[mt_rand(0,63)];
+ }
+ $salt.="$";
+ $password = crypt(stripslashes($password),$salt);
+ $sql = "UPDATE sys_user set username = '$username', passwort = '$password' WHERE client_id = $client_id";
$app->db->query($sql);
}
@@ -694,6 +723,10 @@
function datalogSave($action,$primary_id, $record_old, $record_new) {
global $app,$conf;
+
+ $app->db->datalogSave($this->formDef['db_table'], $action, $this->formDef['db_table_idx'], $primary_id, $record_old, $record_new);
+ return true;
+ /*
if(stristr($this->formDef['db_table'],'.')) {
$escape = '';
@@ -750,11 +783,6 @@
}
}
- /*
- echo "<pre>";
- print_r($diffrec_full);
- echo "</pre>";
- */
// Insert the server_id, if the record has a server_id
$server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0;
@@ -774,6 +802,7 @@
}
return true;
+ */
}
--
Gitblit v1.9.1