From 7d52e00a51450bc4a080d4e21b7dda02c0a65191 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 14 Nov 2013 05:42:06 -0500
Subject: [PATCH] Fixed list sorting
---
interface/lib/classes/remoting.inc.php | 1207 ++++++++++++++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 1,099 insertions(+), 108 deletions(-)
diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php
index c3e0697..55759f4 100644
--- a/interface/lib/classes/remoting.inc.php
+++ b/interface/lib/classes/remoting.inc.php
@@ -39,7 +39,7 @@
//* remote session timeout in seconds
private $session_timeout = 600;
- private $server;
+ protected $server;
public $oldDataRecord;
public $dataRecord;
public $id;
@@ -67,13 +67,21 @@
{
global $app, $conf, $server;
+ // Maintenance mode
+ $app->uses('ini_parser,getconf');
+ $server_config_array = $app->getconf->get_global_config('misc');
+ if($server_config_array['maintenance_mode'] == 'y'){
+ $this->server->fault('maintenance_mode', 'This ISPConfig installation is currently under maintenance. We should be back shortly. Thank you for your patience.');
+ return false;
+ }
+
if(empty($username)) {
- $this->server->fault('login_username_empty', 'The login username is empty');
+ $this->server->fault('login_username_empty', 'The login username is empty.');
return false;
}
if(empty($password)) {
- $this->server->fault('login_password_empty', 'The login password is empty');
+ $this->server->fault('login_password_empty', 'The login password is empty.');
return false;
}
@@ -157,6 +165,38 @@
return $all;
}
+ //* Add a IP address record
+ public function server_ip_add($session_id, $client_id, $params)
+ {
+ if(!$this->checkPerm($session_id, 'server_ip_add')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ return $this->insertQuery('../admin/form/server_ip.tform.php',$client_id,$params);
+ }
+
+ //* Update IP address record
+ public function server_ip_update($session_id, $client_id, $ip_id, $params)
+ {
+ if(!$this->checkPerm($session_id, 'server_ip_update')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->updateQuery('../admin/form/server_ip.tform.php',$client_id,$ip_id,$params);
+ return $affected_rows;
+ }
+
+ //* Delete IP address record
+ public function server_ip_delete($session_id, $ip_id)
+ {
+ if(!$this->checkPerm($session_id, 'server_ip_delete')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->deleteQuery('../admin/form/server_ip.tform.php',$ip_id);
+ return $affected_rows;
+ }
+
//* Get mail domain details
public function mail_domain_get($session_id, $primary_id)
{
@@ -202,6 +242,55 @@
}
$affected_rows = $this->deleteQuery('../mail/form/mail_domain.tform.php', $primary_id);
return $affected_rows;
+ }
+
+ //* Get alias details
+ public function mail_aliasdomain_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'mail_aliasdomain_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../mail/form/mail_aliasdomain.tform.php');
+ return $app->remoting_lib->getDataRecord($primary_id);
+ }
+
+ //* aliasy email
+ public function mail_aliasdomain_add($session_id, $client_id, $params)
+ {
+ if (!$this->checkPerm($session_id, 'mail_aliasdomain_add'))
+ {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->insertQuery('../mail/form/mail_aliasdomain.tform.php', $client_id, $params);
+ return $affected_rows;
+ }
+
+
+ public function mail_aliasdomain_update($session_id, $client_id, $primary_id, $params)
+ {
+ if (!$this->checkPerm($session_id, 'mail_aliasdomain_update'))
+ {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->updateQuery('../mail/form/mail_aliasdomain.tform.php', $client_id, $primary_id, $params);
+ return $affected_rows;
+ }
+
+ public function mail_aliasdomain_delete($session_id, $primary_id)
+ {
+ if (!$this->checkPerm($session_id, 'mail_aliasdomain_delete'))
+ {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->deleteQuery('../mail/form/mail_aliasdomain.tform.php', $primary_id);
+ return $affected_rows;
}
//* Get mail mailinglist details
@@ -266,30 +355,52 @@
}
- //* dodanie uzytkownika email
+ //* Add mail domain
public function mail_user_add($session_id, $client_id, $params){
+ global $app;
+
if (!$this->checkPerm($session_id, 'mail_user_add')){
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
+
+ //* Check if mail domain exists
+ $email_parts = explode('@',$params['email']);
+ $tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = '".$app->db->quote($email_parts[1])."'");
+ if($tmp['domain'] != $email_parts[1]) {
+ $this->server->fault('mail_domain_does_not_exist','Mail domain - '.$email_parts[1].' - does not exist.');
+ return false;
+ }
+
$affected_rows = $this->insertQuery('../mail/form/mail_user.tform.php', $client_id, $params);
return $affected_rows;
}
- //* edycja uzytkownika email
+ //* Update mail user
public function mail_user_update($session_id, $client_id, $primary_id, $params)
{
+ global $app;
+
if (!$this->checkPerm($session_id, 'mail_user_update'))
{
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
+
+ //* Check if mail domain exists
+ $email_parts = explode('@',$params['email']);
+ $tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = '".$app->db->quote($email_parts[1])."'");
+ if($tmp['domain'] != $email_parts[1]) {
+ $this->server->fault('mail_domain_does_not_exist','Mail domain - '.$email_parts[1].' - does not exist.');
+ return false;
+ }
+
$affected_rows = $this->updateQuery('../mail/form/mail_user.tform.php', $client_id, $primary_id, $params);
return $affected_rows;
}
- //*usuniecie uzytkownika emial
+ //* Delete mail user
public function mail_user_delete($session_id, $primary_id)
{
if (!$this->checkPerm($session_id, 'mail_user_delete'))
@@ -348,8 +459,8 @@
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->deleteQuery('../mail/form/mail_user_filter.tform.php', $primary_id);
- $app->plugin->raiseEvent('mail:mail_user_filter:on_after_delete',$this);
+ $affected_rows = $this->deleteQuery('../mail/form/mail_user_filter.tform.php', $primary_id,'mail:mail_user_filter:on_after_delete');
+ // $app->plugin->raiseEvent('mail:mail_user_filter:on_after_delete',$this);
return $affected_rows;
}
@@ -370,11 +481,21 @@
//* aliasy email
public function mail_alias_add($session_id, $client_id, $params)
{
+ global $app;
+
if (!$this->checkPerm($session_id, 'mail_alias_add'))
{
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
+
+ //* Check if there is no active mailbox with this address
+ $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '".$app->db->quote($params["source"])."'");
+ if($tmp['number'] > 0) {
+ $this->server->fault('duplicate','There is already a mailbox with this email address.');
+ }
+ unset($tmp);
+
$affected_rows = $this->insertQuery('../mail/form/mail_alias.tform.php', $client_id, $params);
return $affected_rows;
}
@@ -382,13 +503,23 @@
public function mail_alias_update($session_id, $client_id, $primary_id, $params)
{
- if (!$this->checkPerm($session_id, 'mail_alias_update'))
- {
- $this->server->fault('permission_denied','You do not have the permissions to access this function.');
- return false;
- }
- $affected_rows = $this->updateQuery('../mail/form/mail_alias.tform.php', $client_id, $primary_id, $params);
- return $affected_rows;
+ global $app;
+
+ if (!$this->checkPerm($session_id, 'mail_alias_update'))
+ {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+
+ //* Check if there is no active mailbox with this address
+ $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '".$app->db->quote($params["source"])."'");
+ if($tmp['number'] > 0) {
+ $this->server->fault('duplicate','There is already a mailbox with this email address.');
+ }
+ unset($tmp);
+
+ $affected_rows = $this->updateQuery('../mail/form/mail_alias.tform.php', $client_id, $primary_id, $params);
+ return $affected_rows;
}
public function mail_alias_delete($session_id, $primary_id)
@@ -972,7 +1103,40 @@
}
$app->uses('remoting_lib');
$app->remoting_lib->loadFormDef('../client/form/client.tform.php');
- return $app->remoting_lib->getDataRecord($client_id);
+ $data = $app->remoting_lib->getDataRecord($client_id);
+
+ // we need to get the new-style templates for backwards-compatibility - maybe we remove this in a later version
+ if(is_array($data) && count($data) > 0) {
+ if(isset($data['client_id'])) {
+ // this is a single record
+ if($data['template_additional'] == '') {
+ $tpls = $app->db->queryAllRecords('SELECT CONCAT(`assigned_template_id`, \':\', `client_template_id`) as `item` FROM `client_template_assigned` WHERE `client_id` = ' . $data['client_id']);
+ $tpl_arr = array();
+ if($tpls) {
+ foreach($tpls as $tpl) $tpl_arr[] = $tpl['item'];
+ }
+ $data['template_additional'] = implode('/', $tpl_arr);
+ unset($tpl_arr);
+ unset($tpls);
+ }
+ } elseif(isset($data[0]['client_id'])) {
+ // multiple client records
+ foreach($data as $index => $client) {
+ if($client['template_additional'] == '') {
+ $tpls = $app->db->queryAllRecords('SELECT CONCAT(`assigned_template_id`, \':\', `client_template_id`) as `item` FROM `client_template_assigned` WHERE `client_id` = ' . $client['client_id']);
+ $tpl_arr = array();
+ if($tpls) {
+ foreach($tpls as $tpl) $tpl_arr[] = $tpl['item'];
+ }
+ $data[$index]['template_additional'] = implode('/', $tpl_arr); // dont use the $client array here - changes would not be returned to soap
+ }
+ unset($tpl_arr);
+ unset($tpls);
+ }
+ }
+ }
+
+ return $data;
}
public function client_get_id($session_id, $sys_userid)
@@ -983,13 +1147,33 @@
return false;
}
- $sys_userid = intval($sys_userid);
+ $sys_userid = $app->functions->intval($sys_userid);
$rec = $app->db->queryOneRecord("SELECT client_id FROM sys_user WHERE userid = ".$sys_userid);
if(isset($rec['client_id'])) {
- return intval($rec['client_id']);
+ return $app->functions->intval($rec['client_id']);
} else {
$this->server->fault('no_client_found', 'There is no sysuser account for this client ID.');
+ return false;
+ }
+
+ }
+
+ public function client_get_groupid($session_id, $client_id)
+ {
+ global $app;
+ if(!$this->checkPerm($session_id, 'client_get_id')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $client_id = $app->functions->intval($client_id);
+
+ $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client_id);
+ if(isset($rec['groupid'])) {
+ return $app->functions->intval($rec['groupid']);
+ } else {
+ $this->server->fault('no_group_found', 'There is no group for this client ID.');
return false;
}
@@ -1003,7 +1187,8 @@
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->klientadd('../client/form/client.tform.php',$reseller_id, $params);
+ if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id;
+ $affected_rows = $this->klientadd('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php',$reseller_id, $params);
return $affected_rows;
}
@@ -1017,13 +1202,154 @@
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->updateQuery('../client/form/client.tform.php', $reseller_id, $client_id, $params);
+
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php');
+ $old_rec = $app->remoting_lib->getDataRecord($client_id);
+
+ // we need the previuos templates assigned here
+ $this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ' . $client_id);
+ if(!is_array($this->oldTemplatesAssigned) || count($this->oldTemplatesAssigned) < 1) {
+ // check previous type of storing templates
+ $tpls = explode('/', $old_rec['template_additional']);
+ $this->oldTemplatesAssigned = array();
+ foreach($tpls as $item) {
+ $item = trim($item);
+ if(!$item) continue;
+ $this->oldTemplatesAssigned[] = array('assigned_template_id' => 0, 'client_template_id' => $item, 'client_id' => $client_id);
+ }
+ unset($tpls);
+ }
+ if(isset($params['template_additional'])) {
+ $app->uses('client_templates');
+ $templates = explode('/', $params['template_additional']);
+ $params['template_additional'] = '';
+ $app->client_templates->update_client_templates($client_id, $templates);
+ unset($templates);
+ }
+
+
+ if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id;
+ $affected_rows = $this->updateQuery('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $client_id, $params, 'client:' . ($reseller_id ? 'reseller' : 'client') . ':on_after_update');
$app->remoting_lib->ispconfig_sysuser_update($params,$client_id);
return $affected_rows;
}
+
+ public function client_template_additional_get($session_id, $client_id) {
+ global $app;
+ if(!$this->checkPerm($session_id, 'client_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ if(@is_numeric($client_id)) {
+ $sql = "SELECT * FROM `client_template_assigned` WHERE `client_id` = ".$client_id;
+ return $app->db->queryOneRecord($sql);
+ } else {
+ $this->server->fault('The ID must be an integer.');
+ return array();
+ }
+ }
+
+ private function _set_client_formdata($client_id) {
+ global $app;
+
+ $this->id = $client_id;
+ $this->dataRecord = $app->db->queryOneRecord('SELECT * FROM `client` WHERE `client_id` = ' . $client_id);
+ $this->oldDataRecord = $this->dataRecord;
+
+ $this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ' . $client_id);
+ if(!is_array($this->oldTemplatesAssigned) || count($this->oldTemplatesAssigned) < 1) {
+ // check previous type of storing templates
+ $tpls = explode('/', $this->oldDataRecord['template_additional']);
+ $this->oldTemplatesAssigned = array();
+ foreach($tpls as $item) {
+ $item = trim($item);
+ if(!$item) continue;
+ $this->oldTemplatesAssigned[] = array('assigned_template_id' => 0, 'client_template_id' => $item, 'client_id' => $client_id);
+ }
+ unset($tpls);
+ }
+ }
+
+ public function client_template_additional_add($session_id, $client_id, $template_id) {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'client_update')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ if(@is_numeric($client_id) && @is_numeric($template_id)) {
+ // check if client exists
+ $check = $app->db->queryOneRecord('SELECT `client_id` FROM `client` WHERE `client_id` = ' . $client_id);
+ if(!$check) {
+ $this->server->fault('Invalid client');
+ return false;
+ }
+ // check if template exists
+ $check = $app->db->queryOneRecord('SELECT `template_id` FROM `client_template` WHERE `template_id` = ' . $template_id);
+ if(!$check) {
+ $this->server->fault('Invalid template');
+ return false;
+ }
+
+ // for the update event we have to cheat a bit
+ $this->_set_client_formdata($client_id);
+
+ $sql = "INSERT INTO `client_template_assigned` (`client_id`, `client_template_id`) VALUES (" . $client_id . ", " . $template_id . ")";
+ $app->db->query($sql);
+ $insert_id = $app->db->insertID();
+
+ $app->plugin->raiseEvent('client:client:on_after_update',$this);
+
+ return $insert_id;
+ } else {
+ $this->server->fault('The IDs must be of type integer.');
+ return false;
+ }
+ }
+
+ public function client_template_additional_delete($session_id, $client_id, $assigned_template_id) {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'client_update')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ if(@is_numeric($client_id) && @is_numeric($template_id)) {
+ // check if client exists
+ $check = $app->db->queryOneRecord('SELECT `client_id` FROM `client` WHERE `client_id` = ' . $client_id);
+ if(!$check) {
+ $this->server->fault('Invalid client');
+ return false;
+ }
+ // check if template exists
+ $check = $app->db->queryOneRecord('SELECT `assigned_template_id` FROM `client_template_assigned` WHERE `assigned_template_id` = ' . $assigned_template_id);
+ if(!$check) {
+ $this->server->fault('Invalid template');
+ return false;
+ }
+
+ // for the update event we have to cheat a bit
+ $this->_set_client_formdata($client_id);
+
+ $sql = "DELETE FROM `client_template_assigned` WHERE `assigned_template_id` = " . $template_id . " AND `client_id` = " . $client_id;
+ $app->db->query($sql);
+ $affected_rows = $app->db->affectedRows();
+
+ $app->plugin->raiseEvent('client:client:on_after_update',$this);
+
+ return $affected_rows;
+ } else {
+ $this->server->fault('The IDs must be of type integer.');
+ return false;
+ }
+ }
public function client_delete($session_id,$client_id)
{
@@ -1046,61 +1372,56 @@
public function client_delete_everything($session_id, $client_id)
{
global $app, $conf;
+
if(!$this->checkPerm($session_id, 'client_delete_everything')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $client_id = intval($client_id);
- $client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
+
+ $client_id = $app->functions->intval($client_id);
- $tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
- $tables_array = explode(',',$tables);
- $client_group_id = intval($client_group['groupid']);
-
- $table_list = array();
- if($client_group_id > 1) {
- foreach($tables_array as $table) {
- if($table != '') {
- $records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ".$client_group_id);
- $number = count($records);
- if($number > 0) $table_list[] = array('table' => $table."(".$number.")");
- }
- }
- }
-
-
- if($client_id > 0) {
- // remove the group of the client from the resellers group
- $parent_client_id = intval($this->dataRecord['parent_client_id']);
+ if($client_id > 0) {
+ //* remove the group of the client from the resellers group
+ $parent_client_id = $app->functions->intval($this->dataRecord['parent_client_id']);
$parent_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE client_id = $parent_client_id");
$client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
$app->auth->remove_group_from_user($parent_user['userid'],$client_group['groupid']);
- // delete the group of the client
+ //* delete the group of the client
$app->db->query("DELETE FROM sys_group WHERE client_id = $client_id");
- // delete the sys user(s) of the client
+ //* delete the sys user(s) of the client
$app->db->query("DELETE FROM sys_user WHERE client_id = $client_id");
- // Delete all records (sub-clients, mail, web, etc....) of this client.
- $tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
+ //* Delete all records (sub-clients, mail, web, etc....) of this client.
+ $tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
$tables_array = explode(',',$tables);
- $client_group_id = intval($client_group['groupid']);
+ $client_group_id = $app->functions->intval($client_group['groupid']);
+
if($client_group_id > 1) {
foreach($tables_array as $table) {
if($table != '') {
$records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ".$client_group_id);
- // find the primary ID of the table
+ //* find the primary ID of the table
$table_info = $app->db->tableInfo($table);
$index_field = '';
foreach($table_info as $tmp) {
if($tmp['option'] == 'primary') $index_field = $tmp['name'];
}
- // Delete the records
+
+ //* Delete the records
if($index_field != '') {
if(is_array($records)) {
foreach($records as $rec) {
$app->db->datalogDelete($table, $index_field, $rec[$index_field]);
+ //* Delete traffic records that dont have a sys_groupid column
+ if($table == 'web_domain') {
+ $app->db->query("DELETE FROM web_traffic WHERE hostname = '".$app->db->quote($rec['domain'])."'");
+ }
+ //* Delete mail_traffic records that dont have a sys_groupid
+ if($table == 'mail_user') {
+ $app->db->query("DELETE FROM mail_traffic WHERE mailuser_id = '".$app->db->quote($rec['mailuser_id'])."'");
+ }
}
}
}
@@ -1109,21 +1430,15 @@
}
}
-
-
}
- if (!$this->checkPerm($session_id, 'client_delete'))
- {
- $this->server->fault('permission_denied','You do not have the permissions to access this function.');
- return false;
- }
- $affected_rows = $this->deleteQuery('../client/form/client.tform.php',$client_id);
-
- // $app->remoting_lib->ispconfig_sysuser_delete($client_id);
+ if (!$this->checkPerm($session_id, 'client_delete')) {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->deleteQuery('../client/form/client.tform.php',$client_id);
-
- return false;
+ return $affected_rows;
}
// Website functions ---------------------------------------------------------------------------------------
@@ -1193,32 +1508,153 @@
//* Add a record
public function sites_database_add($session_id, $client_id, $params)
{
+ global $app;
+
if(!$this->checkPerm($session_id, 'sites_database_add')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- return $this->insertQuery('../sites/form/database.tform.php',$client_id,$params);
+
+ //* Check for duplicates
+ $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = '".$app->db->quote($params['database_name'])."' AND server_id = '".intval($params["server_id"])."'");
+ if($tmp['dbnum'] > 0) {
+ $this->server->fault('database_name_error_unique', 'There is already a database with that name on the same server.');
+ return false;
+ }
+
+ $sql = $this->insertQueryPrepare('../sites/form/database.tform.php', $client_id, $params);
+ if($sql !== false) {
+ $app->uses('sites_database_plugin');
+
+ $this->id = 0;
+ $this->dataRecord = $params;
+ $app->sites_database_plugin->processDatabaseInsert($this);
+
+ return $this->insertQueryExecute($sql, $params);
+ }
+
+ return false;
}
//* Update a record
public function sites_database_update($session_id, $client_id, $primary_id, $params)
{
+ global $app;
+
if(!$this->checkPerm($session_id, 'sites_database_update')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->updateQuery('../sites/form/database.tform.php',$client_id,$primary_id,$params);
- return $affected_rows;
+
+ $sql = $this->updateQueryPrepare('../sites/form/database.tform.php', $client_id, $primary_id, $params);
+ if($sql !== false) {
+ $app->uses('sites_database_plugin');
+
+ $this->id = $primary_id;
+ $this->dataRecord = $params;
+ $app->sites_database_plugin->processDatabaseUpdate($this);
+ return $this->updateQueryExecute($sql, $primary_id, $params);
+ }
+
+ return false;
}
//* Delete a record
public function sites_database_delete($session_id, $primary_id)
{
+ global $app;
if(!$this->checkPerm($session_id, 'sites_database_delete')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
+
+ $app->uses('sites_database_plugin');
+ $app->sites_database_plugin->processDatabaseDelete($primary_id);
+
$affected_rows = $this->deleteQuery('../sites/form/database.tform.php',$primary_id);
+ return $affected_rows;
+ }
+
+ // ----------------------------------------------------------------------------------------------------------
+
+ //* Get record details
+ public function sites_database_user_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_database_user_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../sites/form/database_user.tform.php');
+ return $app->remoting_lib->getDataRecord($primary_id);
+ }
+
+ //* Add a record
+ public function sites_database_user_add($session_id, $client_id, $params)
+ {
+ if(!$this->checkPerm($session_id, 'sites_database_user_add')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ return $this->insertQuery('../sites/form/database_user.tform.php', $client_id, $params);
+ }
+
+ //* Update a record
+ public function sites_database_user_update($session_id, $client_id, $primary_id, $params)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_database_user_update')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../sites/form/database_user.tform.php');
+ $old_rec = $app->remoting_lib->getDataRecord($primary_id);
+
+ $result = $this->updateQuery('../sites/form/database_user.tform.php', $client_id, $primary_id, $params);
+
+ $new_rec = $app->remoting_lib->getDataRecord($primary_id);
+
+ $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".$app->functions->intval($primary_id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($primary_id)."'");
+ foreach($records as $rec) {
+ $tmp_rec = $new_rec;
+ $tmp_rec['server_id'] = $rec['server_id'];
+ $app->remoting_lib->datalogSave('UPDATE', $primary_id, $old_rec, $tmp_rec);
+ }
+ unset($new_rec);
+ unset($old_rec);
+ unset($records);
+
+ return $result;
+ }
+
+ //* Delete a record
+ public function sites_database_user_delete($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_database_user_delete')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->db->datalogDelete('web_database_user', 'database_user_id', $primary_id);
+ $affected_rows = $this->deleteQuery('../sites/form/database_user.tform.php',$primary_id);
+
+ $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = '".$app->functions->intval($primary_id)."'");
+ foreach($records as $rec) {
+ $app->db->datalogUpdate('web_database','database_user_id=NULL','database_id', $rec['database_id']);
+
+ }
+ $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($primary_id)."'");
+ foreach($records as $rec) {
+ $app->db->datalogUpdate('web_database','database_ro_user_id=NULL','database_id', $rec['database_id']);
+ }
+
return $affected_rows;
}
@@ -1268,6 +1704,26 @@
}
$affected_rows = $this->deleteQuery('../sites/form/ftp_user.tform.php',$primary_id);
return $affected_rows;
+ }
+
+ //* Get server for an ftp user
+ public function sites_ftp_user_server_get($session_id, $ftp_user)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_ftp_user_server_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $data = $app->db->queryOneRecord("SELECT server_id FROM ftp_user WHERE username = '".$app->db->quote($ftp_user)."'");
+ //file_put_contents('/tmp/test.txt', serialize($data));
+ if(!isset($data['server_id'])) return false;
+
+ $server = $this->server_get($session_id, $data['server_id'], 'server');
+ //file_put_contents('/tmp/test2.txt', serialize($server));
+
+ return $server;
}
// ----------------------------------------------------------------------------------------------------------
@@ -1344,7 +1800,7 @@
}
if(!isset($params['client_group_id']) or (isset($params['client_group_id']) && empty($params['client_group_id']))) {
- $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".intval($client_id));
+ $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client_id));
$params['client_group_id'] = $rec['groupid'];
}
@@ -1372,6 +1828,13 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
+
+ //* Set a few defaults for nginx servers
+ if($params['pm_max_children'] == '') $params['pm_max_children'] = 1;
+ if($params['pm_start_servers'] == '') $params['pm_start_servers'] = 1;
+ if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1;
+ if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1;
+
$affected_rows = $this->updateQuery('../sites/form/web_domain.tform.php',$client_id,$primary_id,$params);
return $affected_rows;
}
@@ -1384,6 +1847,75 @@
return false;
}
$affected_rows = $this->deleteQuery('../sites/form/web_domain.tform.php',$primary_id);
+ return $affected_rows;
+ }
+
+ // ----------------------------------------------------------------------------------------------------------
+
+ //* Get record details
+ public function sites_web_vhost_subdomain_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_web_subdomain_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../sites/form/web_vhost_subdomain.tform.php');
+ return $app->remoting_lib->getDataRecord($primary_id);
+ }
+
+ //* Add a record
+ public function sites_web_vhost_subdomain_add($session_id, $client_id, $params)
+ {
+ global $app;
+ if(!$this->checkPerm($session_id, 'sites_web_subdomain_add')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ //* Set a few params to "not empty" values which get overwritten by the sites_web_domain_plugin
+ if($params['document_root'] == '') $params['document_root'] = '-';
+ if($params['system_user'] == '') $params['system_user'] = '-';
+ if($params['system_group'] == '') $params['system_group'] = '-';
+
+ //* Set a few defaults for nginx servers
+ if($params['pm_max_children'] == '') $params['pm_max_children'] = 1;
+ if($params['pm_start_servers'] == '') $params['pm_start_servers'] = 1;
+ if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1;
+ if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1;
+
+ $domain_id = $this->insertQuery('../sites/form/web_vhost_subdomain.tform.php',$client_id,$params, 'sites:web_vhost_subdomain:on_after_insert');
+ return $domain_id;
+ }
+
+ //* Update a record
+ public function sites_web_vhost_subdomain_update($session_id, $client_id, $primary_id, $params)
+ {
+ if(!$this->checkPerm($session_id, 'sites_web_subdomain_update')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ //* Set a few defaults for nginx servers
+ if($params['pm_max_children'] == '') $params['pm_max_children'] = 1;
+ if($params['pm_start_servers'] == '') $params['pm_start_servers'] = 1;
+ if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1;
+ if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1;
+
+ $affected_rows = $this->updateQuery('../sites/form/web_vhost_subdomain.tform.php',$client_id,$primary_id,$params, 'sites:web_vhost_subdomain:on_after_insert');
+ return $affected_rows;
+ }
+
+ //* Delete a record
+ public function sites_web_vhost_subdomain_delete($session_id, $primary_id)
+ {
+ if(!$this->checkPerm($session_id, 'sites_web_subdomain_delete')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->deleteQuery('../sites/form/web_vhost_subdomain.tform.php',$primary_id);
return $affected_rows;
}
@@ -1483,6 +2015,112 @@
return $affected_rows;
}
+ // ----------------------------------------------------------------------------------------------------------
+
+ //* Get record details
+ public function sites_web_folder_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_web_folder_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../sites/form/web_folder.tform.php');
+ return $app->remoting_lib->getDataRecord($primary_id);
+ }
+
+ //* Add a record
+ public function sites_web_folder_add($session_id, $client_id, $params)
+ {
+ if(!$this->checkPerm($session_id, 'sites_web_folder_add')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ return $this->insertQuery('../sites/form/web_folder.tform.php',$client_id,$params);
+ }
+
+ //* Update a record
+ public function sites_web_folder_update($session_id, $client_id, $primary_id, $params)
+ {
+ if(!$this->checkPerm($session_id, 'sites_web_folder_update')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->updateQuery('../sites/form/web_folder.tform.php',$client_id,$primary_id,$params);
+ return $affected_rows;
+ }
+
+ //* Delete a record
+ public function sites_web_folder_delete($session_id, $primary_id)
+ {
+ global $app;
+ if(!$this->checkPerm($session_id, 'sites_web_folder_delete')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ // Delete all users that belong to this folder. - taken from web_folder_delete.php
+ $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".$app->functions->intval($primary_id)."'");
+ foreach($records as $rec) {
+ $this->deleteQuery('../sites/form/web_folder_user.tform.php',$rec['web_folder_user_id']);
+ //$app->db->datalogDelete('web_folder_user','web_folder_user_id',$rec['web_folder_user_id']);
+ }
+ unset($records);
+
+ $affected_rows = $this->deleteQuery('../sites/form/web_folder.tform.php',$primary_id);
+ return $affected_rows;
+ }
+
+ // -----------------------------------------------------------------------------------------------
+
+ //* Get record details
+ public function sites_web_folder_user_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_web_folder_user_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../sites/form/web_folder_user.tform.php');
+ return $app->remoting_lib->getDataRecord($primary_id);
+ }
+
+ //* Add a record
+ public function sites_web_folder_user_add($session_id, $client_id, $params)
+ {
+ if(!$this->checkPerm($session_id, 'sites_web_folder_user_add')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ return $this->insertQuery('../sites/form/web_folder_user.tform.php',$client_id,$params);
+ }
+
+ //* Update a record
+ public function sites_web_folder_user_update($session_id, $client_id, $primary_id, $params)
+ {
+ if(!$this->checkPerm($session_id, 'sites_web_folder_user_update')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->updateQuery('../sites/form/web_folder_user.tform.php',$client_id,$primary_id,$params);
+ return $affected_rows;
+ }
+
+ //* Delete a record
+ public function sites_web_folder_user_delete($session_id, $primary_id)
+ {
+ if(!$this->checkPerm($session_id, 'sites_web_folder_user_delete')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->deleteQuery('../sites/form/web_folder_user.tform.php',$primary_id);
+ return $affected_rows;
+ }
+
// -----------------------------------------------------------------------------------------------
//* Get record details
@@ -1495,7 +2133,7 @@
return false;
}
$app->uses('remoting_lib');
- $app->remoting_lib->loadFormDef('../domain/form/domain.tform.php');
+ $app->remoting_lib->loadFormDef('../client/form/domain.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
@@ -1506,7 +2144,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- return $this->insertQuery('../domain/form/domain.tform.php',$client_id,$params);
+ return $this->insertQuery('../client/form/domain.tform.php',$client_id,$params);
}
//* Delete a record
@@ -1516,7 +2154,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->deleteQuery('../domain/form/domain.tform.php',$primary_id);
+ $affected_rows = $this->deleteQuery('../client/form/domain.tform.php',$primary_id);
return $affected_rows;
}
@@ -1529,7 +2167,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $group_id = intval($group_id);
+ $group_id = $app->functions->intval($group_id);
$sql = "SELECT domain_id, domain FROM domain WHERE sys_groupid = $group_id ";
$all = $app->db->queryAllRecords($sql);
return $all;
@@ -1537,6 +2175,116 @@
// DNS Function --------------------------------------------------------------------------------------------------
+
+ //* Create Zone with Template
+ public function dns_templatezone_add($session_id, $client_id, $template_id, $domain, $ip, $ns1, $ns2, $email)
+ {
+ global $app, $conf;
+ if(!$this->checkPerm($session_id, 'dns_templatezone_add')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $client = $app->db->queryOneRecord("SELECT default_dnsserver FROM client WHERE client_id = ".$app->functions->intval($client_id));
+ $server_id = $client["default_dnsserver"];
+ $template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '$template_id'");
+ $fields = explode(',',$template_record['fields']);
+ $tform_def_file = "../../web/dns/form/dns_soa.tform.php";
+ $app->uses('tform');
+ $app->tform->loadFormDef($tform_def_file);
+ $app->uses('tpl,validate_dns');
+
+ //* replace template placeholders
+ $tpl_content = $template_record['template'];
+ if($domain != '') $tpl_content = str_replace('{DOMAIN}',$domain,$tpl_content);
+ if($ip != '') $tpl_content = str_replace('{IP}',$ip,$tpl_content);
+ if($ns1 != '') $tpl_content = str_replace('{NS1}',$ns1,$tpl_content);
+ if($ns2 != '') $tpl_content = str_replace('{NS2}',$ns2,$tpl_content);
+ if($email != '') $tpl_content = str_replace('{EMAIL}',$email,$tpl_content);
+
+ //* Parse the template
+ $tpl_rows = explode("\n",$tpl_content);
+ $section = '';
+ $vars = array();
+ $dns_rr = array();
+ foreach($tpl_rows as $row) {
+ $row = trim($row);
+ if(substr($row,0,1) == '[') {
+ if($row == '[ZONE]') {
+ $section = 'zone';
+ } elseif($row == '[DNS_RECORDS]') {
+ $section = 'dns_records';
+ } else {
+ die('Unknown section type');
+ }
+ } else {
+ if($row != '') {
+ //* Handle zone section
+ if($section == 'zone') {
+ $parts = explode('=',$row);
+ $key = trim($parts[0]);
+ $val = trim($parts[1]);
+ if($key != '') $vars[$key] = $val;
+ }
+ //* Handle DNS Record rows
+ if($section == 'dns_records') {
+ $parts = explode('|',$row);
+ $dns_rr[] = array(
+ 'name' => $app->db->quote($parts[1]),
+ 'type' => $app->db->quote($parts[0]),
+ 'data' => $app->db->quote($parts[2]),
+ 'aux' => $app->db->quote($parts[3]),
+ 'ttl' => $app->db->quote($parts[4])
+ );
+ }
+ }
+ }
+ } // end foreach
+
+ if($vars['origin'] == '') $error .= $app->lng('error_origin_empty').'<br />';
+ if($vars['ns'] == '') $error .= $app->lng('error_ns_empty').'<br />';
+ if($vars['mbox'] == '') $error .= $app->lng('error_mbox_empty').'<br />';
+ if($vars['refresh'] == '') $error .= $app->lng('error_refresh_empty').'<br />';
+ if($vars['retry'] == '') $error .= $app->lng('error_retry_empty').'<br />';
+ if($vars['expire'] == '') $error .= $app->lng('error_expire_empty').'<br />';
+ if($vars['minimum'] == '') $error .= $app->lng('error_minimum_empty').'<br />';
+ if($vars['ttl'] == '') $error .= $app->lng('error_ttl_empty').'<br />';
+
+ if($error == '') {
+ // Insert the soa record
+ $tmp = $app->db->queryOneRecord("SELECT userid,default_group FROM sys_user WHERE client_id = ".$app->functions->intval($client_id));
+ $sys_userid = $tmp['userid'];
+ $sys_groupid = $tmp['default_group'];
+ unset($tmp);
+ $origin = $app->db->quote($vars['origin']);
+ $ns = $app->db->quote($vars['ns']);
+ $mbox = $app->db->quote(str_replace('@','.',$vars['mbox']));
+ $refresh = $app->db->quote($vars['refresh']);
+ $retry = $app->db->quote($vars['retry']);
+ $expire = $app->db->quote($vars['expire']);
+ $minimum = $app->db->quote($vars['minimum']);
+ $ttl = $app->db->quote($vars['ttl']);
+ $xfer = $app->db->quote($vars['xfer']);
+ $also_notify = $app->db->quote($vars['also_notify']);
+ $update_acl = $app->db->quote($vars['update_acl']);
+ $serial = $app->validate_dns->increase_serial(0);
+ $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `origin`, `ns`, `mbox`, `serial`, `refresh`, `retry`, `expire`, `minimum`, `ttl`, `active`, `xfer`, `also_notify`, `update_acl`) VALUES
+ ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$origin', '$ns', '$mbox', '$serial', '$refresh', '$retry', '$expire', '$minimum', '$ttl', 'Y', '$xfer', '$also_notify', '$update_acl')";
+ $dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id');
+ // Insert the dns_rr records
+ if(is_array($dns_rr) && $dns_soa_id > 0) {
+ foreach($dns_rr as $rr) {
+ $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES
+ ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')";
+ $dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id');
+ }
+ }
+ exit;
+ } else {
+ $this->server->fault('permission_denied', $error);
+ }
+ }
+
//* Get record details
public function dns_zone_get($session_id, $primary_id)
@@ -1551,6 +2299,30 @@
$app->remoting_lib->loadFormDef('../dns/form/dns_soa.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
+
+ //* Get record id by origin
+ public function dns_zone_get_id($session_id, $origin)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'dns_zone_get_id')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ if(!preg_match('/^[a-z0-9][a-z0-9\-]+[a-z0-9](\.[a-z]{2,4})+$/i', $origin)){
+ $this->server->fault('no_domain_found', 'Invalid domain name.');
+ return false;
+ }
+
+ $rec = $app->db->queryOneRecord("SELECT id FROM dns_soa WHERE origin like '".$origin."%'");
+ if(isset($rec['id'])) {
+ return $app->functions->intval($rec['id']);
+ } else {
+ $this->server->fault('no_domain_found', 'There is no domain ID with informed domain name.');
+ return false;
+ }
+ }
//* Add a record
public function dns_zone_add($session_id, $client_id, $params)
@@ -2131,7 +2903,7 @@
protected function klientadd($formdef_file, $reseller_id, $params)
{
- global $app, $tform, $remoting_lib;
+ global $app;
$app->uses('remoting_lib');
//* Load the form definition
@@ -2140,28 +2912,35 @@
//* load the user profile of the client
$app->remoting_lib->loadUserProfile($reseller_id);
- //* load the client template
- if(isset($params['template_master']) and $params['template_master'] > 0)
- {
- $template=$app->db->queryOneRecord("SELECT * FROM client_template WHERE template_id=".intval($params['template_master']));
- if(is_array($template)) $params=array_merge($params,$template);
- }
-
//* Get the SQL query
$sql = $app->remoting_lib->getSQL($params,'INSERT',0);
- $app->db->query($sql);
+ //* Check if no system user with that username exists
+ $username = $app->db->quote($params["username"]);
+ $tmp = $app->db->queryOneRecord("SELECT count(userid) as number FROM sys_user WHERE username = '$username'");
+ if($tmp['number'] > 0) $app->remoting_lib->errorMessage .= "Duplicate username<br />";
+
+ //* Stop on error while preparing the sql query
if($app->remoting_lib->errorMessage != '') {
$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
return false;
}
+ //* Execute the SQL query
+ $app->db->query($sql);
$insert_id = $app->db->insertID();
+
+
+ //* Stop on error while executing the sql query
+ if($app->remoting_lib->errorMessage != '') {
+ $this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
+ return false;
+ }
$this->id = $insert_id;
$this->dataRecord = $params;
- $app->plugin->raiseEvent('client:client:on_after_insert',$this);
+ $app->plugin->raiseEvent('client:' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . ':on_after_insert',$this);
/*
if($app->db->errorMessage != '') {
@@ -2170,6 +2949,12 @@
}
*/
+ /* copied from the client_edit php */
+ exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f /tmp/id_rsa -N ""');
+ $app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".$app->db->quote(@file_get_contents('/tmp/id_rsa'))."', ssh_rsa = '".$app->db->quote(@file_get_contents('/tmp/id_rsa.pub'))."' WHERE client_id = ".$this->id);
+ exec('rm -f /tmp/id_rsa /tmp/id_rsa.pub');
+
+
//$app->uses('tform');
//* Save changes to Datalog
@@ -2189,9 +2974,16 @@
return $insert_id;
}
- protected function insertQuery($formdef_file, $client_id, $params,$event_identifier = '')
+ protected function insertQuery($formdef_file, $client_id, $params,$event_identifier = '')
{
- global $app, $tform, $remoting_lib;
+ $sql = $this->insertQueryPrepare($formdef_file, $client_id, $params);
+ if($sql !== false) return $this->insertQueryExecute($sql, $params,$event_identifier);
+ else return false;
+ }
+
+ protected function insertQueryPrepare($formdef_file, $client_id, $params)
+ {
+ global $app;
$app->uses('remoting_lib');
@@ -2207,7 +2999,16 @@
$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
return false;
}
+ $app->log('Executed insertQueryPrepare', LOGLEVEL_DEBUG);
+ return $sql;
+ }
+
+ protected function insertQueryExecute($sql, $params,$event_identifier = '')
+ {
+ global $app;
+ $app->uses('remoting_lib');
+
$app->db->query($sql);
if($app->db->errorMessage != '') {
@@ -2220,7 +3021,7 @@
// set a few values for compatibility with tform actions, mostly used by plugins
$this->id = $insert_id;
$this->dataRecord = $params;
-
+ $app->log('Executed insertQueryExecute, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
//$app->uses('tform');
@@ -2231,9 +3032,17 @@
}
return $insert_id;
}
-
-
+
protected function updateQuery($formdef_file, $client_id, $primary_id, $params, $event_identifier = '')
+ {
+ global $app;
+
+ $sql = $this->updateQueryPrepare($formdef_file, $client_id, $primary_id, $params);
+ if($sql !== false) return $this->updateQueryExecute($sql, $primary_id, $params,$event_identifier);
+ else return false;
+ }
+
+ protected function updateQueryPrepare($formdef_file, $client_id, $primary_id, $params)
{
global $app;
@@ -2247,10 +3056,20 @@
//* Get the SQL query
$sql = $app->remoting_lib->getSQL($params,'UPDATE',$primary_id);
+ // $this->server->fault('debug', $sql);
if($app->remoting_lib->errorMessage != '') {
$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
return false;
}
+
+ return $sql;
+ }
+
+ protected function updateQueryExecute($sql, $primary_id, $params, $event_identifier = '')
+ {
+ global $app;
+
+ $app->uses('remoting_lib');
$old_rec = $app->remoting_lib->getDataRecord($primary_id);
@@ -2267,6 +3086,7 @@
}
$affected_rows = $app->db->affectedRows();
+ $app->log('Executed updateQueryExecute, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
@@ -2278,7 +3098,7 @@
return $affected_rows;
}
-
+
protected function deleteQuery($formdef_file, $primary_id, $event_identifier = '')
{
global $app;
@@ -2296,22 +3116,24 @@
// set a few values for compatibility with tform actions, mostly used by plugins
$this->oldDataRecord = $old_rec;
$this->id = $primary_id;
- $this->dataRecord = $params;
+ $this->dataRecord = $old_rec;
+ $app->log('Executed deleteQuery, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
+ //$this->dataRecord = $params;
//* Get the SQL query
$sql = $app->remoting_lib->getDeleteSQL($primary_id);
-
+ $app->db->errorMessage = '';
$app->db->query($sql);
+ $affected_rows = $app->db->affectedRows();
if($app->db->errorMessage != '') {
-
- if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
-
$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
return false;
}
- $affected_rows = $app->db->affectedRows();
+ if($event_identifier != '') {
+ $app->plugin->raiseEvent($event_identifier,$this);
+ }
//* Save changes to Datalog
if($app->remoting_lib->formDef["db_history"] == 'yes') {
@@ -2325,6 +3147,7 @@
protected function checkPerm($session_id, $function_name)
{
+ global $app;
$dobre=array();
$session = $this->getSession($session_id);
if(!$session){
@@ -2332,7 +3155,11 @@
}
$dobre= str_replace(';',',',$session['remote_functions']);
- return in_array($function_name, explode(',', $dobre) );
+ $check = in_array($function_name, explode(',', $dobre) );
+ if(!$check) {
+ $app->log("REMOTE-LIB DENY: ".$session_id ." /". $function_name, LOGLEVEL_WARN);
+ }
+ return $check;
}
@@ -2375,11 +3202,11 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $sys_userid = intval($sys_userid);
+ $sys_userid = $app->functions->intval($sys_userid);
$sys_groupid = explode(',', $sys_groupid);
$new_group = array();
foreach($sys_groupid as $group_id) {
- $new_group[] = intval( $group_id);
+ $new_group[] = $app->functions->intval( $group_id);
}
$group_list = implode(',', $new_group);
$sql ="SELECT domain, domain_id, document_root, active FROM web_domain WHERE ( (sys_userid = $sys_userid AND sys_perm_user LIKE '%r%') OR (sys_groupid IN ($group_list) AND sys_perm_group LIKE '%r%') OR sys_perm_other LIKE '%r%') AND type = 'vhost'";
@@ -2413,7 +3240,7 @@
} else {
$status = 'n';
}
- $sql = "UPDATE web_domain SET active = '$status' WHERE domain_id = ".intval($primary_id);
+ $sql = "UPDATE web_domain SET active = '$status' WHERE domain_id = ".$app->functions->intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
@@ -2445,6 +3272,26 @@
return false;
}
}
+ /**
+ * Get All client_id's from database
+ * @param int session_id
+ * @return Array of all client_id's
+ */
+ public function client_get_all($session_id) {
+ global $app;
+ if(!$this->checkPerm($session_id, 'client_get_all')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $result = $app->db->queryAllRecords("SELECT client_id FROM client WHERE 1");
+ if(!$result) {
+ return false;
+ }
+ foreach( $result as $record) {
+ $rarrary[] = $record['client_id'];
+ }
+ return $rarrary;
+ }
/**
* Changes client password
@@ -2463,7 +3310,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $client_id = intval($client_id);
+ $client_id = $app->functions->intval($client_id);
$client = $app->db->queryOneRecord("SELECT client_id FROM client WHERE client_id = ".$client_id);
if($client['client_id'] > 0) {
$new_password = $app->db->quote($new_password);
@@ -2526,8 +3373,8 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $client_id = intval($client_id);
- $sql = "SELECT d.database_id, d.database_name, d.database_user, d.database_password FROM web_database d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
+ $client_id = $app->functions->intval($client_id);
+ $sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
$all = $app->db->queryAllRecords($sql);
return $all;
}
@@ -2559,8 +3406,8 @@
return false;
}
if (!empty($client_id) && !empty($server_id)) {
- $server_id = intval($server_id);
- $client_id = intval($client_id);
+ $server_id = $app->functions->intval($server_id);
+ $client_id = $app->functions->intval($client_id);
$sql = "SELECT id, origin FROM dns_soa d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id AND server_id = $server_id";
$result = $app->db->queryAllRecords($sql);
return $result;
@@ -2580,7 +3427,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $sql = "SELECT * FROM dns_rr WHERE zone = ".intval($zone_id);;
+ $sql = "SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($zone_id);;
$result = $app->db->queryAllRecords($sql);
return $result;
}
@@ -2605,7 +3452,7 @@
} else {
$status = 'N';
}
- $sql = "UPDATE dns_soa SET active = '$status' WHERE id = ".intval($primary_id);
+ $sql = "UPDATE dns_soa SET active = '$status' WHERE id = ".$app->functions->intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
@@ -2627,7 +3474,7 @@
} else {
$status = 'n';
}
- $sql = "UPDATE mail_domain SET active = '$status' WHERE domain_id = ".intval($primary_id);
+ $sql = "UPDATE mail_domain SET active = '$status' WHERE domain_id = ".$app->functions->intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
@@ -2754,7 +3601,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $server_id = intval($server_id);
+ $server_id = $app->functions->intval($server_id);
if($server_id > 0) {
$tmp = $app->db->queryOneRecord("SELECT ip_address_id, server_id, ip_address FROM openvz_ip WHERE reserved = 'n' AND vm_id = 0 AND server_id = $server_id LIMIT 0,1");
@@ -2826,9 +3673,9 @@
}
if (!empty($client_id)) {
- $client_id = intval($client_id);
+ $client_id = $app->functions->intval($client_id);
$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
- $sql = "SELECT * FROM openvz_vm WHERE sys_groupid = ".intval($tmp['groupid']);
+ $sql = "SELECT * FROM openvz_vm WHERE sys_groupid = ".$app->functions->intval($tmp['groupid']);
$result = $app->db->queryAllRecords($sql);
return $result;
}
@@ -2856,8 +3703,8 @@
}
- $template_id = intval($template_id);
- $ostemplate_id = intval($ostemplate_id);
+ $template_id = $app->functions->intval($template_id);
+ $ostemplate_id = $app->functions->intval($ostemplate_id);
//* Verify parameters
if($template_id == 0) {
@@ -2947,11 +3794,155 @@
return $affected_rows;
}
+ //* Start VM
+ public function openvz_vm_start($session_id, $vm_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'vm_openvz')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../vm/form/openvz_vm.tform.php');
+ $vm = $app->remoting_lib->getDataRecord($vm_id);
+
+ if(!is_array($vm)) {
+ $this->server->fault('action_pending', 'No VM with this ID available.');
+ return false;
+ }
+
+ if($vm['active'] == 'n') {
+ $this->server->fault('action_pending', 'VM is not in active state.');
+ return false;
+ }
+
+ $action = 'openvz_start_vm';
+
+ $tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
+ WHERE server_id = '".$vm['server_id']."'
+ AND action_type = '$action'
+ AND action_param = '".$vm['veid']."'
+ AND action_state = 'pending'");
+
+ if($tmp['actions'] > 0) {
+ $this->server->fault('action_pending', 'There is already a action pending for this VM.');
+ return false;
+ } else {
+ $sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
+ "VALUES (".
+ (int)$vm['server_id'] . ", ".
+ time() . ", ".
+ "'".$action."', ".
+ $vm['veid'].", ".
+ "'pending', ".
+ "''".
+ ")";
+ $app->db->query($sql);
+ }
+ }
+ //* Stop VM
+ public function openvz_vm_stop($session_id, $vm_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'vm_openvz')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../vm/form/openvz_vm.tform.php');
+ $vm = $app->remoting_lib->getDataRecord($vm_id);
+
+ if(!is_array($vm)) {
+ $this->server->fault('action_pending', 'No VM with this ID available.');
+ return false;
+ }
+
+ if($vm['active'] == 'n') {
+ $this->server->fault('action_pending', 'VM is not in active state.');
+ return false;
+ }
+
+ $action = 'openvz_stop_vm';
+
+ $tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
+ WHERE server_id = '".$vm['server_id']."'
+ AND action_type = '$action'
+ AND action_param = '".$vm['veid']."'
+ AND action_state = 'pending'");
+
+ if($tmp['actions'] > 0) {
+ $this->server->fault('action_pending', 'There is already a action pending for this VM.');
+ return false;
+ } else {
+ $sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
+ "VALUES (".
+ (int)$vm['server_id'] . ", ".
+ time() . ", ".
+ "'".$action."', ".
+ $vm['veid'].", ".
+ "'pending', ".
+ "''".
+ ")";
+ $app->db->query($sql);
+ }
+ }
+ //* Restart VM
+ public function openvz_vm_restart($session_id, $vm_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'vm_openvz')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../vm/form/openvz_vm.tform.php');
+ $vm = $app->remoting_lib->getDataRecord($vm_id);
+
+ if(!is_array($vm)) {
+ $this->server->fault('action_pending', 'No VM with this ID available.');
+ return false;
+ }
+
+ if($vm['active'] == 'n') {
+ $this->server->fault('action_pending', 'VM is not in active state.');
+ return false;
+ }
+
+ $action = 'openvz_restart_vm';
+
+ $tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
+ WHERE server_id = '".$vm['server_id']."'
+ AND action_type = '$action'
+ AND action_param = '".$vm['veid']."'
+ AND action_state = 'pending'");
+
+ if($tmp['actions'] > 0) {
+ $this->server->fault('action_pending', 'There is already a action pending for this VM.');
+ return false;
+ } else {
+ $sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
+ "VALUES (".
+ (int)$vm['server_id'] . ", ".
+ time() . ", ".
+ "'".$action."', ".
+ $vm['veid'].", ".
+ "'pending', ".
+ "''".
+ ")";
+ $app->db->query($sql);
+ }
+ }
}
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1