From 2bbc4c7761a6d0e97cc8f22bccbea94835fcbc7d Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Fri, 28 Aug 2009 06:55:06 -0400
Subject: [PATCH] Add the website user and group also to the passwd and group files in chroot enviroment.
---
interface/lib/classes/tform_actions.inc.php | 93 +++++++++++++++++++++++++++++-----------------
1 files changed, 59 insertions(+), 34 deletions(-)
diff --git a/interface/lib/classes/tform_actions.inc.php b/interface/lib/classes/tform_actions.inc.php
index 0ef8ec0..0593c03 100644
--- a/interface/lib/classes/tform_actions.inc.php
+++ b/interface/lib/classes/tform_actions.inc.php
@@ -1,7 +1,7 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -28,19 +28,13 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/**
-* Action framework for the tform library.
-*
-* @author Till Brehm <t.brehm@scrigo.org>
-* @copyright Copyright © 2005, Till Brehm
-*/
-
class tform_actions {
- var $id;
- var $activeTab;
- var $dataRecord;
- var $plugins = array();
+ public $id;
+ public $activeTab;
+ public $dataRecord;
+ public $plugins = array();
+ public $oldDataRecord; // This array is only filled during updates and when db_history is enabled.
function onLoad() {
global $app, $conf, $tform_def_file;
@@ -59,11 +53,13 @@
// show print version of the form
if(isset($_GET["print_form"]) && $_GET["print_form"] == 1) {
+ die('Function disabled.');
$this->onPrintForm();
}
// send this form by email
if(isset($_GET["send_form_by_mail"]) && $_GET["send_form_by_mail"] == 1) {
+ die('Function disabled.');
$this->onMailSendForm();
}
@@ -84,9 +80,11 @@
// Calling the action functions
if($this->id > 0) {
- $this->onUpdate();
+ $app->tform->action == 'EDIT';
+ $this->onUpdate();
} else {
- $this->onInsert();
+ $app->tform->action == 'NEW';
+ $this->onInsert();
}
}
@@ -98,19 +96,17 @@
global $app, $conf;
$this->onBeforeUpdate();
-
+
$ext_where = '';
$sql = $app->tform->getSQL($this->dataRecord,$app->tform->getCurrentTab(),'UPDATE',$this->id,$ext_where);
if($app->tform->errorMessage == '') {
if($app->tform->formDef['db_history'] == 'yes') {
- $old_data_record = $app->tform->getDataRecord($this->id);
+ $this->oldDataRecord = $app->tform->getDataRecord($this->id);
}
-
- if(!empty($sql)) {
- $app->db->query($sql);
- if($app->db->errorMessage != '') die($app->db->errorMessage);
- }
+
+ // Save record in database
+ $this->onUpdateSave($sql);
// loading plugins
$next_tab = $app->tform->getCurrentTab();
@@ -120,13 +116,13 @@
foreach($this->plugins as $plugin) {
$plugin->onInsert();
}
-
- $this->onAfterUpdate();
+
+ $this->onAfterUpdate();
// Write data history (sys_datalog)
if($app->tform->formDef['db_history'] == 'yes') {
$new_data_record = $app->tform->getDataRecord($this->id);
- $app->tform->datalogSave('UPDATE',$this->id,$old_data_record,$new_data_record);
+ $app->tform->datalogSave('UPDATE',$this->id,$this->oldDataRecord,$new_data_record);
unset($new_data_record);
unset($old_data_record);
}
@@ -160,6 +156,19 @@
$this->onError();
}
}
+
+ /*
+ Save record in database
+ */
+
+ function onUpdateSave($sql) {
+ global $app;
+ if(!empty($sql) && !$app->tform->isReadonlyTab($app->tform->getCurrentTab(),$this->id)) {
+ $app->db->query($sql);
+ if($app->db->errorMessage != '') die($app->db->errorMessage);
+ }
+ }
+
/**
* Function called on data insert
@@ -173,9 +182,8 @@
$ext_where = '';
$sql = $app->tform->getSQL($this->dataRecord,$app->tform->getCurrentTab(),'INSERT',$this->id,$ext_where);
if($app->tform->errorMessage == '') {
- $app->db->query($sql);
- if($app->db->errorMessage != '') die($app->db->errorMessage);
- $this->id = $app->db->insertID();
+
+ $this->id = $this->onInsertSave($sql);
// loading plugins
$next_tab = $app->tform->getCurrentTab();
@@ -221,6 +229,17 @@
$this->onError();
}
}
+
+ /*
+ Save record in database
+ */
+
+ function onInsertSave($sql) {
+ global $app, $conf;
+ $app->db->query($sql);
+ if($app->db->errorMessage != '') die($app->db->errorMessage);
+ return $app->db->insertID();
+ }
function onBeforeUpdate() {
global $app, $conf;
@@ -246,7 +265,7 @@
function onError() {
global $app, $conf;
- $app->tpl->setVar("error","<b>".$app->lng('Error').":</b><br>".$app->tform->errorMessage);
+ $app->tpl->setVar("error","<li>".$app->tform->errorMessage."</li>");
$app->tpl->setVar($this->dataRecord);
$this->onShow();
}
@@ -278,6 +297,8 @@
//$this->dataRecord = $app->db->queryOneRecord("SELECT * FROM ".$liste["table"]." WHERE ".$liste["table_idx"]." = ".$this->id);
$this->dataRecord = $app->tform->getDataRecord($this->id);
+
+ $this->onBeforeDelete();
// Saving record to datalog when db_history enabled
if($app->tform->formDef["db_history"] == 'yes') {
@@ -315,6 +336,10 @@
}
+ function onBeforeDelete() {
+ global $app, $conf;
+ }
+
function onAfterDelete() {
global $app, $conf;
}
@@ -334,7 +359,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -375,7 +400,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -395,11 +420,11 @@
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
$headers .= "From: $sender\n";
- if (!ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $sender)) {
+ if (!preg_match('/^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$/', $sender)) {
$sender = 'noreply@iprguard.de';
}
- if (ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $email)) {
+ if (preg_match('/^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$/', $email)) {
mail($email, 'Domainrecherche Statement '.$record["domain"], $email_message, $headers);
}
echo "<p> </p><p>Email wurde versand.</p>";
@@ -411,7 +436,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -502,7 +527,7 @@
// bestehenden Datensatz anzeigen
if($app->tform->errorMessage == '') {
if($app->tform->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
} else {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
}
--
Gitblit v1.9.1