From 28cd07d1a75c4e9dcaecac49efee0091f2fc62fa Mon Sep 17 00:00:00 2001
From: A. Täffner <darkalex@firesplash.de>
Date: Thu, 07 Apr 2016 05:30:49 -0400
Subject: [PATCH] Implemented a checkbox "enable DNSSEC" in DNS-Wizard. This Checkbox can be enabled or disabled by template.
---
interface/lib/classes/remote.d/sites.inc.php | 62 +++++++++++++++++++------------
1 files changed, 38 insertions(+), 24 deletions(-)
diff --git a/interface/lib/classes/remote.d/sites.inc.php b/interface/lib/classes/remote.d/sites.inc.php
index 05ba482..22c1657 100644
--- a/interface/lib/classes/remote.d/sites.inc.php
+++ b/interface/lib/classes/remote.d/sites.inc.php
@@ -102,7 +102,8 @@
$app->remoting_lib->loadFormDef('../sites/form/database.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
-
+
+ /* TODO: secure queries! */
//* Add a record
public function sites_database_add($session_id, $client_id, $params)
{
@@ -114,7 +115,7 @@
}
//* Check for duplicates
- $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = '".$app->db->quote($params['database_name'])."' AND server_id = '".intval($params["server_id"])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = ? AND server_id = ?", $params['database_name'], $params["server_id"]);
if($tmp['dbnum'] > 0) {
throw new SoapFault('database_name_error_unique', 'There is already a database with that name on the same server.');
return false;
@@ -126,16 +127,15 @@
$this->id = 0;
$this->dataRecord = $params;
- $app->sites_database_plugin->processDatabaseInsert($this);
$retval = $this->insertQueryExecute($sql, $params);
+ $app->sites_database_plugin->processDatabaseInsert($this);
// set correct values for backup_interval and backup_copies
if(isset($params['backup_interval']) || isset($params['backup_copies'])){
$sql_set = array();
if(isset($params['backup_interval'])) $sql_set[] = "backup_interval = '".$app->db->quote($params['backup_interval'])."'";
if(isset($params['backup_copies'])) $sql_set[] = "backup_copies = ".$app->functions->intval($params['backup_copies']);
- //$app->db->query("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval);
$this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval, $retval, $params);
}
@@ -169,7 +169,6 @@
$sql_set = array();
if(isset($params['backup_interval'])) $sql_set[] = "backup_interval = '".$app->db->quote($params['backup_interval'])."'";
if(isset($params['backup_copies'])) $sql_set[] = "backup_copies = ".$app->functions->intval($params['backup_copies']);
- //$app->db->query("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id);
$this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id, $primary_id, $params);
}
@@ -239,7 +238,7 @@
$new_rec = $app->remoting_lib->getDataRecord($primary_id);
- $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".$app->functions->intval($primary_id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = ? UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = ?", $primary_id, $primary_id);
foreach($records as $rec) {
$tmp_rec = $new_rec;
$tmp_rec['server_id'] = $rec['server_id'];
@@ -265,14 +264,14 @@
$app->db->datalogDelete('web_database_user', 'database_user_id', $primary_id);
$affected_rows = $this->deleteQuery('../sites/form/database_user.tform.php', $primary_id);
- $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = '".$app->functions->intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = ?", $primary_id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database', 'database_user_id=NULL', 'database_id', $rec['database_id']);
+ $app->db->datalogUpdate('web_database', array('database_user_id' => null), 'database_id', $rec['database_id']);
}
- $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = ?", $primary_id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database', 'database_ro_user_id=NULL', 'database_id', $rec['database_id']);
+ $app->db->datalogUpdate('web_database', array('database_ro_user_id' => null), 'database_id', $rec['database_id']);
}
return $affected_rows;
@@ -336,7 +335,7 @@
return false;
}
- $data = $app->db->queryOneRecord("SELECT server_id FROM ftp_user WHERE username = '".$app->db->quote($ftp_user)."'");
+ $data = $app->db->queryOneRecord("SELECT server_id FROM ftp_user WHERE username = ?", $ftp_user);
//file_put_contents('/tmp/test.txt', serialize($data));
if(!isset($data['server_id'])) return false;
@@ -406,7 +405,7 @@
return false;
}
$app->uses('remoting_lib');
- $app->remoting_lib->loadFormDef('../sites/form/web_domain.tform.php');
+ $app->remoting_lib->loadFormDef('../sites/form/web_vhost_domain.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
@@ -420,7 +419,7 @@
}
if(!isset($params['client_group_id']) or (isset($params['client_group_id']) && empty($params['client_group_id']))) {
- $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client_id));
+ $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client_id);
$params['client_group_id'] = $rec['groupid'];
}
@@ -435,9 +434,9 @@
if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1;
if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1;
- $domain_id = $this->insertQuery('../sites/form/web_domain.tform.php', $client_id, $params, 'sites:web_domain:on_after_insert');
+ $domain_id = $this->insertQuery('../sites/form/web_vhost_domain.tform.php', $client_id, $params, 'sites:web_domain:on_after_insert');
if ($readonly === true)
- $app->db->query("UPDATE web_domain SET `sys_userid` = '1' WHERE domain_id = ".$domain_id);
+ $app->db->query("UPDATE web_domain SET `sys_userid` = '1' WHERE domain_id = ?", $domain_id);
return $domain_id;
}
@@ -455,7 +454,7 @@
if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1;
if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1;
- $affected_rows = $this->updateQuery('../sites/form/web_domain.tform.php', $client_id, $primary_id, $params);
+ $affected_rows = $this->updateQuery('../sites/form/web_vhost_domain.tform.php', $client_id, $primary_id, $params);
return $affected_rows;
}
@@ -466,7 +465,7 @@
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->deleteQuery('../sites/form/web_domain.tform.php', $primary_id);
+ $affected_rows = $this->deleteQuery('../sites/form/web_vhost_domain.tform.php', $primary_id);
return $affected_rows;
}
@@ -751,7 +750,7 @@
}
// Delete all users that belong to this folder. - taken from web_folder_delete.php
- $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".$app->functions->intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = ?", $primary_id);
foreach($records as $rec) {
$this->deleteQuery('../sites/form/web_folder_user.tform.php', $rec['web_folder_user_id']);
//$app->db->datalogDelete('web_folder_user','web_folder_user_id',$rec['web_folder_user_id']);
@@ -865,11 +864,11 @@
} else {
$status = 'n';
}
- $app->remoting_lib->loadFormDef('../sites/form/web_domain.tform.php');
+ $app->remoting_lib->loadFormDef('../sites/form/web_vhost_domain.tform.php');
$params = $app->remoting_lib->getDataRecord($primary_id);
$params['active'] = $status;
- $affected_rows = $this->updateQuery('../sites/form/web_domain.tform.php', 0, $primary_id, $params);
+ $affected_rows = $this->updateQuery('../sites/form/web_vhost_domain.tform.php', 0, $primary_id, $params);
return $affected_rows;
} else {
throw new SoapFault('status_undefined', 'The status is not available');
@@ -889,8 +888,8 @@
return false;
}
$client_id = $app->functions->intval($client_id);
- $sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = ?";
+ $all = $app->db->queryAllRecords($sql, $client_id);
return $all;
}
@@ -904,7 +903,7 @@
return false;
}
- $result = $app->db->queryAllRecords("SELECT * FROM web_backup".(($site_id != null)?' WHERE parent_domain_id = ?':''), $app->functions->intval($site_id));
+ $result = $app->db->queryAllRecords("SELECT * FROM web_backup".(($site_id != null)?' WHERE parent_domain_id = ?':''), $site_id);
return $result;
}
@@ -932,7 +931,7 @@
return false;
}
- if ($action_type != 'backup_download' and $action_type != 'backup_restore') {
+ if ($action_type != 'backup_download' and $action_type != 'backup_restore' and $action_type != 'backup_delete') {
$this->server->fault('invalid_action', "Invalid action_type $action_type");
return false;
}
@@ -981,6 +980,21 @@
return $app->quota_lib->get_trafficquota_data($client_id, $lastdays);
}
+ public function ftptrafficquota_data($session_id, $client_id, $lastdays = 0)
+ {
+ global $app;
+ $app->uses('quota_lib');
+
+ if(!$this->checkPerm($session_id, 'trafficquota_get_by_user')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ if ($client_id != null)
+ $client_id = $app->functions->intval($client_id);
+
+ return $app->quota_lib->get_ftptrafficquota_data($client_id, $lastdays);
+ }
+
public function databasequota_get_by_user($session_id, $client_id)
{
global $app;
--
Gitblit v1.9.1