From 24f38b424a3d12c7f4fac1829c83725b200b1e97 Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Wed, 26 May 2010 05:42:11 -0400
Subject: [PATCH] Enhancement of the Website-List. The user can only select the server as filter, he has some sites at (and not ALL Servers of the server-farm)
---
interface/lib/classes/remoting_lib.inc.php | 180 ++++++++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 139 insertions(+), 41 deletions(-)
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 0908275..06a4d6d 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -26,6 +26,12 @@
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+--UPDATED 08.2009--
+Full SOAP support for ISPConfig 3.1.4 b
+Updated by Arkadiusz Roch & Artur Edelman
+Copyright (c) Tri-Plex technology
+
*/
/**
@@ -58,14 +64,10 @@
*
* Hinweis:
* Das ID-Feld ist nicht bei den Table Values einzuf�gen.
-*
-* @package form
-* @author Till Brehm
-* @version 1.1
*/
class remoting_lib {
-
+
/**
* Definition of the database atble (array)
* @var tableDef
@@ -138,36 +140,37 @@
//* Load the user profile
function loadUserProfile($client_id = 0) {
global $app,$conf;
-
+
$client_id = intval($client_id);
-
+
if($client_id == 0) {
- $this->sys_username = 'admin';
- $this->sys_userid = 1;
- $this->sys_default_group = 1;
- $this->sys_groups = 1;
+ $this->sys_username = 'admin';
+ $this->sys_userid = 1;
+ $this->sys_default_group = 1;
+ $this->sys_groups = 1;
+ $_SESSION["s"]["user"]["typ"] = 'admin';
} else {
- //* Load the client data
- $client = $app->db->queryOneRecord("SELECT username FROM client WHERE client_id = $client_id");
- if($client["username"] == '') {
- $this->errorMessage .= 'No client with ID $client_id found.';
- return false;
- }
- //* load system user
- $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE username = '".$app->db->quote($client["username"])."'");
+ //* load system user - try with sysuser and before with userid (workarrond)
+ /*
+ $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE sysuser_id = $client_id");
if(empty($user["userid"])) {
- $this->errorMessage .= 'No user with the username '.$client['username'].' found.';
- return false;
- }
- $this->sys_username = $user['username'];
- $this->sys_userid = $user['userid'];
- $this->sys_default_group = $user['default_group'];
- $this->sys_groups = $user['groups'];
+ $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $client_id");
+ if(empty($user["userid"])) {
+ $this->errorMessage .= "No sysuser with the ID $client_id found.";
+ return false;
+ }
+ }*/
+
+ $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = $client_id");
+ $this->sys_username = $user['username'];
+ $this->sys_userid = $user['userid'];
+ $this->sys_default_group = $user['default_group'];
+ $this->sys_groups = $user['groups'];
+ $_SESSION["s"]["user"]["typ"] = $user['typ'];
}
-
- return true;
-
- }
+
+ return true;
+ }
/**
@@ -189,9 +192,16 @@
$new_record[$key] = stripslashes($record[$key]);
break;
- case 'DATE':
+ case 'DATETSTAMP':
if($record[$key] > 0) {
$new_record[$key] = date($this->dateformat,$record[$key]);
+ }
+ break;
+
+ case 'DATE':
+ if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ $tmp = explode('-',$record[$key]);
+ $new_record[$key] = date($this->dateformat,mktime(0, 0, 0, $tmp[1] , $tmp[2], $tmp[0]));
}
break;
@@ -291,24 +301,34 @@
switch ($field['datatype']) {
case 'VARCHAR':
if(!@is_array($record[$key])) {
- $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):'';
+ $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):'';
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
break;
case 'TEXT':
if(!is_array($record[$key])) {
- $new_record[$key] = addslashes($record[$key]);
+ $new_record[$key] = mysql_real_escape_string($record[$key]);
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
break;
- case 'DATE':
+ case 'DATETSTAMP':
if($record[$key] > 0) {
list($tag,$monat,$jahr) = explode('.',$record[$key]);
$new_record[$key] = mktime(0,0,0,$monat,$tag,$jahr);
} else {
$new_record[$key] = 0;
+ }
+ break;
+ case 'DATE':
+ if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ list($tag,$monat,$jahr) = explode('.',$record[$key]);
+ $new_record[$key] = $jahr.'-'.$monat.'-'.$tag;
+ //$tmp = strptime($record[$key],$this->dateformat);
+ //$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday'];
+ } else {
+ $new_record[$key] = '0000-00-00';
}
break;
case 'INTEGER':
@@ -317,10 +337,22 @@
//if($key == 'refresh') die($record[$key]);
break;
case 'DOUBLE':
- $new_record[$key] = addslashes($record[$key]);
+ $new_record[$key] = mysql_real_escape_string($record[$key]);
break;
case 'CURRENCY':
$new_record[$key] = str_replace(",",".",$record[$key]);
+ break;
+
+ case 'DATETIME':
+ if (is_array($record[$key]))
+ {
+ $filtered_values = array_map(create_function('$item','return (int)$item;'), $record[$key]);
+ extract($filtered_values, EXTR_PREFIX_ALL, '_dt');
+
+ if ($_dt_day != 0 && $_dt_month != 0 && $_dt_year != 0) {
+ $new_record[$key] = date( 'Y-m-d H:i:s', mktime($_dt_hour, $_dt_minute, $_dt_second, $_dt_month, $_dt_day, $_dt_year) );
+ }
+ }
break;
}
@@ -371,7 +403,7 @@
}
break;
case 'UNIQUE':
- if($this->action == 'NEW') {
+ if($this->action == 'INSERT') {
$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'");
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
@@ -489,8 +521,10 @@
$sql_insert_key .= "`$key`, ";
if($field['encryption'] == 'CRYPT') {
$salt="$1$";
+ $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
for ($n=0;$n<8;$n++) {
- $salt.=chr(mt_rand(64,126));
+ //$salt.=chr(mt_rand(64,126));
+ $salt.=$base64_alphabet[mt_rand(0,63)];
}
$salt.="$";
// $salt = substr(md5(time()),0,2);
@@ -516,8 +550,10 @@
if($field['formtype'] == 'PASSWORD') {
if($field['encryption'] == 'CRYPT') {
$salt="$1$";
+ $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
for ($n=0;$n<8;$n++) {
- $salt.=chr(mt_rand(64,126));
+ //$salt.=chr(mt_rand(64,126));
+ $salt.=$base64_alphabet[mt_rand(0,63)];
}
$salt.="$";
// $salt = substr(md5(time()),0,2);
@@ -584,15 +620,77 @@
return $sql;
}
+
+ function getDeleteSQL($primary_id) {
+
+ if(stristr($this->formDef['db_table'],'.')) {
+ $escape = '';
+ } else {
+ $escape = '`';
+ }
+
+ $sql = "DELETE FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
+ return $sql;
+ }
function getDataRecord($primary_id) {
global $app;
$escape = '`';
- $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
- return $app->db->queryOneRecord($sql);
+ if(@is_numeric($primary_id)) {
+ $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
+ return $app->db->queryOneRecord($sql);
+ } elseif (@is_array($primary_id)) {
+ $sql_where = '';
+ foreach($primary_id as $key => $val) {
+ $key = $app->db->quote($key);
+ $val = $app->db->quote($val);
+ $sql_where .= "$key = '$val' AND ";
+ }
+ $sql_where = substr($sql_where,0,-5);
+ $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$sql_where;
+ return $app->db->queryAllRecords($sql);
+ } else {
+ $this->errorMessage = 'The ID must be either an integer or an array.';
+ return array();
+ }
+
+
+ }
+
+ function ispconfig_sysuser_add($params,$insert_id){
+ global $app,$sql1;
+ $username = $app->db->quote($params["username"]);
+ $password = $app->db->quote($params["password"]);
+ $modules = 'mail,sites,dns,tools';
+ $startmodule = 'mail';
+ $usertheme = $app->db->quote($params["usertheme"]);
+ $type = 'user';
+ $active = 1;
+ $insert_id = intval($insert_id);
+ $language = $app->db->quote($params["language"]);
+ $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('$username','','$insert_id')", 'groupid');
+ $groups = $groupid;
+ $sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
+ VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
+ $app->db->query($sql1);
}
+ function ispconfig_sysuser_update($params,$client_id){
+ global $app;
+ $username = $app->db->quote($params["username"]);
+ $password = $app->db->quote($params["password"]);
+ $client_id = intval($client_id);
+ $sql = "UPDATE sys_user set username = '$username', passwort = md5('$password') WHERE client_id = $client_id";
+ $app->db->query($sql);
+ }
+
+ function ispconfig_sysuser_delete($client_id){
+ global $app;
+ $client_id = intval($client_id);
+ $sql = "DELETE FROM sys_user WHERE client_id = $client_id";
+ $app->db->query($sql);
+ }
function datalogSave($action,$primary_id, $record_old, $record_new) {
global $app,$conf;
@@ -681,4 +779,4 @@
}
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1