From 4e18bd4210f5c79d341436b1ed026300d59ba208 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Tue, 11 Sep 2012 12:45:53 -0400
Subject: [PATCH] Fixed: FS#2421 - Domain module does not check for valid selection Implemented: FS#2422 - Use domain module when creating subdomains Bugfix: datalog was used in the wrong way on editing aliasdomains Bugfix: missing datalog update for parent domain on editing subdomains
---
interface/web/sites/templates/web_subdomain_edit.htm | 15 +++
interface/web/sites/web_aliasdomain_edit.php | 33 ++++--
interface/web/sites/web_vhost_subdomain_edit.php | 72 +++++++++++++
interface/web/client/domain_new_client.php | 2
interface/web/mail/mail_domain_edit.php | 26 ++++
interface/web/sites/web_subdomain_edit.php | 93 ++++++++++++++++--
interface/web/sites/templates/web_vhost_subdomain_edit.htm | 15 +++
interface/web/sites/web_domain_edit.php | 23 ++++
interface/web/admin/system_config_edit.php | 2
9 files changed, 249 insertions(+), 32 deletions(-)
diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php
index 32e4a8e..0a75028 100644
--- a/interface/web/admin/system_config_edit.php
+++ b/interface/web/admin/system_config_edit.php
@@ -134,7 +134,7 @@
$app->db->query($sql);
$sql = "REPLACE INTO domain (sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, domain ) " .
"SELECT sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, domain " .
- "FROM web_domain";
+ "FROM web_domain WHERE type NOT IN ('subdomain','vhostsubdomain')";
$app->db->query($sql);
}
diff --git a/interface/web/client/domain_new_client.php b/interface/web/client/domain_new_client.php
index 714de7d..81ce075 100644
--- a/interface/web/client/domain_new_client.php
+++ b/interface/web/client/domain_new_client.php
@@ -39,7 +39,7 @@
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
- echo $settings[new_domain_html];
+ echo $settings['new_domain_html'];
}
?>
diff --git a/interface/web/mail/mail_domain_edit.php b/interface/web/mail/mail_domain_edit.php
index ee7eaea..8a43a69 100644
--- a/interface/web/mail/mail_domain_edit.php
+++ b/interface/web/mail/mail_domain_edit.php
@@ -126,7 +126,7 @@
/*
* The admin can select ALL domains, the user only the domains assigned to him
*/
- $sql = "SELECT domain FROM domain ";
+ $sql = "SELECT domain_id, domain FROM domain ";
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "WHERE sys_groupid =" . $client_group_id;
}
@@ -136,7 +136,7 @@
if(is_array($domains) && sizeof($domains) > 0) {
/* We have domains in the list, so create the drop-down-list */
foreach( $domains as $domain) {
- $domain_select .= "<option value=" . $domain['domain'] ;
+ $domain_select .= "<option value=" . $domain['domain_id'] ;
if ($domain['domain'] == $this->dataRecord["domain"]) {
$domain_select .= " selected";
}
@@ -184,7 +184,27 @@
function onSubmit() {
global $app, $conf;
- if($_SESSION["s"]["user"]["typ"] != 'admin') {
+
+ /* check if the domain module is used - and check if the selected domain can be used! */
+ $app->uses('ini_parser,getconf');
+ $settings = $app->getconf->get_global_config('domains');
+ if ($settings['use_domain_module'] == 'y') {
+ $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
+
+ $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
+ if ($_SESSION["s"]["user"]["typ"] != 'admin') {
+ $sql .= "AND sys_groupid =" . $client_group_id;
+ }
+ $domain_check = $app->db->queryOneRecord($sql);
+ if(!$domain_check) {
+ // invalid domain selected
+ $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
+ } else {
+ $this->dataRecord['domain'] = $domain_check['domain'];
+ }
+ }
+
+ if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
diff --git a/interface/web/sites/templates/web_subdomain_edit.htm b/interface/web/sites/templates/web_subdomain_edit.htm
index 4aaae67..d0ab564 100644
--- a/interface/web/sites/templates/web_subdomain_edit.htm
+++ b/interface/web/sites/templates/web_subdomain_edit.htm
@@ -5,14 +5,29 @@
<div class="pnl_formsarea">
<fieldset class="inlineLabels">
+ <tmpl_if name="domain_option">
+ <div class="ctrlHolder">
+ <label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
+ <select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
+ </div>
+ </tmpl_if>
<div class="ctrlHolder">
<label for="domain">{tmpl_var name='host_txt'}</label>
<input name="domain" id="domain" value="{tmpl_var name='domain'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
</div>
+ <tmpl_if name="domain_option">
+ <div class="ctrlHolder">
+ <label for="sel_domain">{tmpl_var name='domain_txt'}</label>
+ <select name="sel_domain" id="sel_domain" class="selectInput">
+ {tmpl_var name='domain_option'}
+ </select>
+ </div>
+ <tmpl_else>
<div class="ctrlHolder">
<label for="parent_domain_id">{tmpl_var name='domain_txt'}</label>
<select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
</div>
+ </tmpl_if>
<div class="ctrlHolder">
<label for="redirect_type">{tmpl_var name='redirect_type_txt'}</label>
<select name="redirect_type" id="redirect_type" class="selectInput formLengthHalf">
diff --git a/interface/web/sites/templates/web_vhost_subdomain_edit.htm b/interface/web/sites/templates/web_vhost_subdomain_edit.htm
index f6f84b0..ce89c84 100644
--- a/interface/web/sites/templates/web_vhost_subdomain_edit.htm
+++ b/interface/web/sites/templates/web_vhost_subdomain_edit.htm
@@ -6,14 +6,29 @@
<div class="pnl_formsarea">
<fieldset class="inlineLabels">
<input type="hidden" name="server_id" id="server_id" value="{tmpl_var name='server_id_value'}" />
+ <tmpl_if name="domain_option">
+ <div class="ctrlHolder">
+ <label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
+ <select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
+ </div>
+ </tmpl_if>
<div class="ctrlHolder">
<label for="domain">{tmpl_var name='host_txt'}</label>
<input name="domain" id="domain" value="{tmpl_var name='domain'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
</div>
+ <tmpl_if name="domain_option">
+ <div class="ctrlHolder">
+ <label for="sel_domain">{tmpl_var name='domain_txt'}</label>
+ <select name="sel_domain" id="sel_domain" class="selectInput">
+ {tmpl_var name='domain_option'}
+ </select>
+ </div>
+ <tmpl_else>
<div class="ctrlHolder">
<label for="parent_domain_id">{tmpl_var name='domain_txt'}</label>
<select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
</div>
+ </tmpl_if>
<div class="ctrlHolder">
<label for="web_folder">{tmpl_var name='web_folder_txt'}</label>
<input name="web_folder" id="web_folder" value="{tmpl_var name='web_folder'}" size="30" maxlength="100" type="text" class="textInput formLengthHalf"<tmpl_if name='fixed_folder' op='==' value='y'> readonly="readonly"</tmpl_if> />
diff --git a/interface/web/sites/web_aliasdomain_edit.php b/interface/web/sites/web_aliasdomain_edit.php
index 6cff9e8..6273b37 100644
--- a/interface/web/sites/web_aliasdomain_edit.php
+++ b/interface/web/sites/web_aliasdomain_edit.php
@@ -85,7 +85,7 @@
/*
* The admin can select ALL domains, the user only the domains assigned to him
*/
- $sql = "SELECT domain FROM domain ";
+ $sql = "SELECT domain_id, domain FROM domain ";
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "WHERE sys_groupid =" . $client_group_id;
}
@@ -95,7 +95,7 @@
if(is_array($domains) && sizeof($domains) > 0) {
/* We have domains in the list, so create the drop-down-list */
foreach( $domains as $domain) {
- $domain_select .= "<option value=" . $domain['domain'] ;
+ $domain_select .= "<option value=" . $domain['domain_id'] ;
if ($domain['domain'] == $this->dataRecord["domain"]) {
$domain_select .= " selected";
}
@@ -120,6 +120,25 @@
function onSubmit() {
global $app, $conf;
+ /* check if the domain module is used - and check if the selected domain can be used! */
+ $app->uses('ini_parser,getconf');
+ $settings = $app->getconf->get_global_config('domains');
+ if ($settings['use_domain_module'] == 'y') {
+ $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
+
+ $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
+ if ($_SESSION["s"]["user"]["typ"] != 'admin') {
+ $sql .= "AND sys_groupid =" . $client_group_id;
+ }
+ $domain_check = $app->db->queryOneRecord($sql);
+ if(!$domain_check) {
+ // invalid domain selected
+ $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
+ } else {
+ $this->dataRecord['domain'] = $domain_check['domain'];
+ }
+ }
+
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
@@ -155,15 +174,7 @@
//* Update the old website, so that the vhost alias gets removed
//* We force the update by inserting a transaction record without changes manually.
$old_website = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$this->oldDataRecord['domain_id']);
- $diffrec_full = array();
- $diffrec_full['old'] = $old_website;
- $diffrec_full['new'] = $old_website;
- $diffstr = $app->db->quote(serialize($diffrec_full));
- $username = $app->db->quote($_SESSION['s']['user']['username']);
- $dbidx = 'domsin_id:'.$this->id;
- $server_id = $this->oldDataRecord['server_id'];
- $sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('web_domain','$dbidx','$server_id','u','".time()."','$username','$diffstr')";
- $app->db->query($sql);
+ $app->db->datalogSave('web_domain', 'UPDATE', 'domain_id', $this->oldDataRecord['parent_domain_id'], $old_website, $old_website, true);
}
}
diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php
index bd357dc..92a5c08 100644
--- a/interface/web/sites/web_domain_edit.php
+++ b/interface/web/sites/web_domain_edit.php
@@ -418,7 +418,7 @@
/*
* The admin can select ALL domains, the user only the domains assigned to him
*/
- $sql = "SELECT domain FROM domain ";
+ $sql = "SELECT domain_id, domain FROM domain ";
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "WHERE sys_groupid =" . $client_group_id;
}
@@ -428,7 +428,7 @@
if(is_array($domains) && sizeof($domains) > 0) {
/* We have domains in the list, so create the drop-down-list */
foreach( $domains as $domain) {
- $domain_select .= "<option value=" . $domain['domain'] ;
+ $domain_select .= "<option value=" . $domain['domain_id'] ;
if ($domain['domain'] == $this->dataRecord["domain"]) {
$domain_select .= " selected";
}
@@ -458,6 +458,25 @@
function onSubmit() {
global $app, $conf;
+ /* check if the domain module is used - and check if the selected domain can be used! */
+ $app->uses('ini_parser,getconf');
+ $settings = $app->getconf->get_global_config('domains');
+ if ($settings['use_domain_module'] == 'y') {
+ $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
+
+ $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
+ if ($_SESSION["s"]["user"]["typ"] != 'admin') {
+ $sql .= "AND sys_groupid =" . $client_group_id;
+ }
+ $domain_check = $app->db->queryOneRecord($sql);
+ if(!$domain_check) {
+ // invalid domain selected
+ $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
+ } else {
+ $this->dataRecord['domain'] = $domain_check['domain'];
+ }
+ }
+
// Set a few fixed values
$this->dataRecord["parent_domain_id"] = 0;
$this->dataRecord["type"] = 'vhost';
diff --git a/interface/web/sites/web_subdomain_edit.php b/interface/web/sites/web_subdomain_edit.php
index 0f2e6f1..6e9db86 100644
--- a/interface/web/sites/web_subdomain_edit.php
+++ b/interface/web/sites/web_subdomain_edit.php
@@ -71,12 +71,54 @@
function onShowEnd() {
global $app, $conf;
- // Get the record of the parent domain
- $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
-
- // remove the parent domain part of the domain name before we show it in the text field.
- $this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
- $app->tpl->setVar("domain",$this->dataRecord["domain"]);
+ $app->uses('ini_parser,getconf');
+ $settings = $app->getconf->get_global_config('domains');
+ if ($settings['use_domain_module'] == 'y') {
+ /*
+ * The domain-module is in use.
+ */
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ /*
+ * The admin can select ALL domains, the user only the domains assigned to him
+ */
+ $sql = "SELECT domain_id, domain FROM domain ";
+ if ($_SESSION["s"]["user"]["typ"] != 'admin') {
+ $sql .= "WHERE sys_groupid =" . $client_group_id;
+ }
+ $sql .= " ORDER BY domain";
+ $domains = $app->db->queryAllRecords($sql);
+ $domain_select = '';
+ $selected_domain = '';
+ if(is_array($domains) && sizeof($domains) > 0) {
+ /* We have domains in the list, so create the drop-down-list */
+ foreach( $domains as $domain) {
+ $domain_select .= "<option value=" . $domain['domain_id'] ;
+ if ('.' . $domain['domain'] == substr($this->dataRecord["domain"], -strlen($domain['domain']) - 1)) {
+ $domain_select .= " selected";
+ $selected_domain = $domain['domain'];
+ }
+ $domain_select .= ">" . $domain['domain'] . "</option>\r\n";
+ }
+ }
+ else {
+ /*
+ * We have no domains in the domain-list. This means, we can not add ANY new domain.
+ * To avoid, that the variable "domain_option" is empty and so the user can
+ * free enter a domain, we have to create a empty option!
+ */
+ $domain_select .= "<option value=''></option>\r\n";
+ }
+ $app->tpl->setVar("domain_option",$domain_select);
+ $this->dataRecord['domain'] = substr($this->dataRecord["domain"], 0, strlen($this->dataRecord['domain']) - strlen($selected_domain) - 1);
+ } else {
+
+ // Get the record of the parent domain
+ $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
+
+ // remove the parent domain part of the domain name before we show it in the text field.
+ $this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
+ }
+ $app->tpl->setVar("domain",$this->dataRecord["domain"]);
parent::onShowEnd();
@@ -85,17 +127,30 @@
function onSubmit() {
global $app, $conf;
- // Get the record of the parent domain
- $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
-
+ // Get the record of the parent domain
+ $parent_domain = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
+
+ $app->uses('ini_parser,getconf');
+ $settings = $app->getconf->get_global_config('domains');
+ if ($settings['use_domain_module'] == 'y') {
+ // get the record of the domain module domain
+ $domain = $app->db->queryOneRecord("SELECT * FROM domain WHERE domain_id = ".intval($this->dataRecord["sel_domain"]));
+ if(!$domain) {
+ $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
+ } else {
+ $this->dataRecord['domain'] = $this->dataRecord['domain'] . '.' . $domain['domain'];
+ }
+ } else {
+ $this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
+ }
+
// Set a few fixed values
$this->dataRecord["type"] = 'subdomain';
$this->dataRecord["server_id"] = $parent_domain["server_id"];
- $this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
$this->parent_domain_record = $parent_domain;
- //* make sure that the email domain is lowercase
+ //* make sure that the domain is lowercase
if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
parent::onSubmit();
@@ -108,6 +163,22 @@
}
+ function onAfterUpdate() {
+ global $app, $conf;
+
+ //* Check if parent domain has been changed
+ if($this->dataRecord['parent_domain_id'] != $this->oldDataRecord['parent_domain_id']) {
+
+ //* Update the domain owner
+ $app->db->query('UPDATE web_domain SET sys_groupid = '.intval($this->parent_domain_record['sys_groupid']).' WHERE domain_id = '.$this->id);
+
+ //* Update the old website, so that the vhost alias gets removed
+ //* We force the update by inserting a transaction record without changes manually.
+ $old_website = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$this->oldDataRecord['domain_id']);
+ $app->db->datalogSave('web_domain', 'UPDATE', 'domain_id', $this->oldDataRecord['parent_domain_id'], $old_website, $old_website, true);
+ }
+
+ }
}
diff --git a/interface/web/sites/web_vhost_subdomain_edit.php b/interface/web/sites/web_vhost_subdomain_edit.php
index eb65f04..45371ee 100644
--- a/interface/web/sites/web_vhost_subdomain_edit.php
+++ b/interface/web/sites/web_vhost_subdomain_edit.php
@@ -225,9 +225,52 @@
$tmp_txt = ($this->dataRecord['traffic_quota_lock'] == 'y')?'<b>('.$app->tform->lng('traffic_quota_exceeded_txt').')</b>':'';
$app->tpl->setVar("traffic_quota_exceeded_txt", $tmp_txt);
- // remove the parent domain part of the domain name before we show it in the text field.
- $this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
- $app->tpl->setVar("domain",$this->dataRecord["domain"]);
+
+ $app->uses('ini_parser,getconf');
+ $settings = $app->getconf->get_global_config('domains');
+ if ($settings['use_domain_module'] == 'y') {
+ /*
+ * The domain-module is in use.
+ */
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ /*
+ * The admin can select ALL domains, the user only the domains assigned to him
+ */
+ $sql = "SELECT domain_id, domain FROM domain ";
+ if ($_SESSION["s"]["user"]["typ"] != 'admin') {
+ $sql .= "WHERE sys_groupid =" . $client_group_id;
+ }
+ $sql .= " ORDER BY domain";
+ $domains = $app->db->queryAllRecords($sql);
+ $domain_select = '';
+ $selected_domain = '';
+ if(is_array($domains) && sizeof($domains) > 0) {
+ /* We have domains in the list, so create the drop-down-list */
+ foreach( $domains as $domain) {
+ $domain_select .= "<option value=" . $domain['domain_id'] ;
+ if ('.' . $domain['domain'] == substr($this->dataRecord["domain"], -strlen($domain['domain']) - 1)) {
+ $domain_select .= " selected";
+ $selected_domain = $domain['domain'];
+ }
+ $domain_select .= ">" . $domain['domain'] . "</option>\r\n";
+ }
+ }
+ else {
+ /*
+ * We have no domains in the domain-list. This means, we can not add ANY new domain.
+ * To avoid, that the variable "domain_option" is empty and so the user can
+ * free enter a domain, we have to create a empty option!
+ */
+ $domain_select .= "<option value=''></option>\r\n";
+ }
+ $app->tpl->setVar("domain_option",$domain_select);
+ $this->dataRecord['domain'] = substr($this->dataRecord["domain"], 0, strlen($this->dataRecord['domain']) - strlen($selected_domain) - 1);
+ } else {
+
+ // remove the parent domain part of the domain name before we show it in the text field.
+ $this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
+ }
+ $app->tpl->setVar("domain",$this->dataRecord["domain"]);
parent::onShowEnd();
}
@@ -252,6 +295,29 @@
$read_limits = array('limit_cgi', 'limit_ssi', 'limit_perl', 'limit_ruby', 'limit_python', 'force_suexec', 'limit_hterror', 'limit_wildcard', 'limit_ssl');
if($app->tform->getCurrentTab() == 'domain') {
+
+ /* check if the domain module is used - and check if the selected domain can be used! */
+ $app->uses('ini_parser,getconf');
+ $settings = $app->getconf->get_global_config('domains');
+ if ($settings['use_domain_module'] == 'y') {
+ $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
+
+ $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['sel_domain']);
+ if ($_SESSION["s"]["user"]["typ"] != 'admin') {
+ $sql .= "AND sys_groupid =" . $client_group_id;
+ }
+ $domain_check = $app->db->queryOneRecord($sql);
+ if(!$domain_check) {
+ // invalid domain selected
+ $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
+ } else {
+ $this->dataRecord['domain'] = $this->dataRecord['domain'] . '.' . $domain_check['domain'];
+ }
+ } else {
+ $this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
+ }
+
+
$this->dataRecord['web_folder'] = strtolower($this->dataRecord['web_folder']);
$forbidden_folders = array('', 'cgi-bin', 'web', 'log', 'private', 'ssl', 'tmp', 'webdav');
if(in_array($this->dataRecord['web_folder'], $forbidden_folders)) {
--
Gitblit v1.9.1