From 9c79079e9cd5c53b61209bed6754ac6c06bbbda2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 07 May 2015 07:52:47 -0400
Subject: [PATCH] Backported password generator patch

---
 interface/lib/classes/remoting.inc.php |   77 +++++++++++++++++++++++++++++++++-----
 1 files changed, 67 insertions(+), 10 deletions(-)

diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php
index 0005a3a..b47d9cf 100644
--- a/interface/lib/classes/remoting.inc.php
+++ b/interface/lib/classes/remoting.inc.php
@@ -126,8 +126,11 @@
 		$session_id = $app->db->quote($session_id);
 
 		$sql = "DELETE FROM remote_session WHERE remote_session = '$session_id'";
-		$app->db->query($sql);
-		return $app->db->affectedRows() == 1;
+		if($app->db->query($sql) != false) {
+			return true;
+		} else {
+			return false;
+		}
 	}
 
 
@@ -147,8 +150,8 @@
 			return false;
 		}
 		if (!empty($session_id)) {
+			$app->uses('remoting_lib , getconf');
 			if(!empty($server_id)) {
-				$app->uses('remoting_lib , getconf');
 				$section_config =  $app->getconf->get_server_config($server_id, $section);
 				return $section_config;
 			} else {
@@ -1412,13 +1415,30 @@
 
 	public function client_add($session_id, $reseller_id, $params)
 	{
+		global $app;
+		
 		if (!$this->checkPerm($session_id, 'client_add'))
 		{
 			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
 			return false;
 		}
 		if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id;
-		$affected_rows = $this->klientadd('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $params);
+		
+		if($params['parent_client_id']) {
+			// check if this one is reseller
+			$check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ' . intval($params['parent_client_id']));
+			if($check['limit_client'] == 0) {
+				$this->server->fault('Invalid reseller', 'Selected client is not a reseller.');
+				return false;
+			}
+			
+			if(isset($params['limit_client']) && $params['limit_client'] != 0) {
+				$this->server->fault('Invalid reseller', 'Reseller cannot be client of another reseller.');
+				return false;
+			}
+		}
+		
+		$affected_rows = $this->klientadd('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] != 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $params);
 		return $affected_rows;
 
 	}
@@ -1434,8 +1454,24 @@
 		}
 
 		$app->uses('remoting_lib');
-		$app->remoting_lib->loadFormDef('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php');
+		$app->remoting_lib->loadFormDef('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] != 0 ? 'reseller' : 'client') . '.tform.php');
 		$old_rec = $app->remoting_lib->getDataRecord($client_id);
+
+		if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id;
+
+		if($params['parent_client_id']) {
+			// check if this one is reseller
+			$check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ' . intval($params['parent_client_id']));
+			if($check['limit_client'] == 0) {
+				$this->server->fault('Invalid reseller', 'Selected client is not a reseller.');
+				return false;
+			}
+			
+			if(isset($params['limit_client']) && $params['limit_client'] != 0) {
+				$this->server->fault('Invalid reseller', 'Reseller cannot be client of another reseller.');
+				return false;
+			}
+		}
 
 		// we need the previuos templates assigned here
 		$this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ' . $client_id);
@@ -1459,8 +1495,7 @@
 		}
 
 
-		if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id;
-		$affected_rows = $this->updateQuery('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $client_id, $params, 'client:' . ($reseller_id ? 'reseller' : 'client') . ':on_after_update');
+		$affected_rows = $this->updateQuery('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] != 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $client_id, $params, 'client:' . ($params['parent_client_id'] ? 'reseller' : 'client') . ':on_after_update');
 
 		$app->remoting_lib->ispconfig_sysuser_update($params, $client_id);
 
@@ -1760,7 +1795,18 @@
 			$this->dataRecord = $params;
 			$app->sites_database_plugin->processDatabaseInsert($this);
 
-			return $this->insertQueryExecute($sql, $params);
+			$retval = $this->insertQueryExecute($sql, $params);
+			
+			// set correct values for backup_interval and backup_copies
+			if(isset($params['backup_interval']) || isset($params['backup_copies'])){
+				$sql_set = array();
+				if(isset($params['backup_interval'])) $sql_set[] = "backup_interval = '".$app->db->quote($params['backup_interval'])."'";
+				if(isset($params['backup_copies'])) $sql_set[] = "backup_copies = ".$app->functions->intval($params['backup_copies']);
+				//$app->db->query("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval);
+				$this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval, $retval, $params);
+			}
+			
+			return $retval;
 		}
 
 		return false;
@@ -1783,7 +1829,18 @@
 			$this->id = $primary_id;
 			$this->dataRecord = $params;
 			$app->sites_database_plugin->processDatabaseUpdate($this);
-			return $this->updateQueryExecute($sql, $primary_id, $params);
+			$retval = $this->updateQueryExecute($sql, $primary_id, $params);
+			
+			// set correct values for backup_interval and backup_copies
+			if(isset($params['backup_interval']) || isset($params['backup_copies'])){
+				$sql_set = array();
+				if(isset($params['backup_interval'])) $sql_set[] = "backup_interval = '".$app->db->quote($params['backup_interval'])."'";
+				if(isset($params['backup_copies'])) $sql_set[] = "backup_copies = ".$app->functions->intval($params['backup_copies']);
+				//$app->db->query("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id);
+				$this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id, $primary_id, $params);
+			}
+			
+			return $retval;
 		}
 
 		return false;
@@ -3170,7 +3227,7 @@
 		$this->id = $insert_id;
 		$this->dataRecord = $params;
 
-		$app->plugin->raiseEvent('client:' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . ':on_after_insert', $this);
+		$app->plugin->raiseEvent('client:' . (isset($params['limit_client']) && $params['limit_client'] != 0 ? 'reseller' : 'client') . ':on_after_insert', $this);
 
 		/*
 		if($app->db->errorMessage != '') {

--
Gitblit v1.9.1