From 9c79079e9cd5c53b61209bed6754ac6c06bbbda2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 07 May 2015 07:52:47 -0400
Subject: [PATCH] Backported password generator patch

---
 interface/lib/classes/validate_ftpuser.inc.php |  119 +++++++++++++++++++++++++++++++++--------------------------
 1 files changed, 66 insertions(+), 53 deletions(-)

diff --git a/interface/lib/classes/validate_ftpuser.inc.php b/interface/lib/classes/validate_ftpuser.inc.php
index 0682650..8e0663e 100644
--- a/interface/lib/classes/validate_ftpuser.inc.php
+++ b/interface/lib/classes/validate_ftpuser.inc.php
@@ -29,63 +29,76 @@
 */
 
 class validate_ftpuser {
-	
+
 	/*
 		Validator function to check if a given dir is ok.
 	*/
 	function ftp_dir($field_name, $field_value, $validator) {
 		global $app;
+
+		$primary_id = (isset($app->tform->primary_id) && $app->tform->primary_id > 0)?$app->tform->primary_id:$app->remoting_lib->primary_id;
+		$primary_id = $app->functions->intval($primary_id);
 		
-        if($app->tform->primary_id == 0) {
-            $errmsg = $validator['errmsg'];
-            if(isset($app->tform->wordbook[$errmsg])) {
-                return $app->tform->wordbook[$errmsg]."<br>\r\n";
-            } else {
-                return $errmsg."<br>\r\n";
-            }
-        }
-        
-        
-        $ftp_data = $app->db->queryOneRecord("SELECT parent_domain_id FROM ftp_user WHERE ftp_user_id = '".$app->db->quote($app->tform->primary_id)."'");
-        if(!$ftp_data["parent_domain_id"]) {
-            $errmsg = $validator['errmsg'];
-            if(isset($app->tform->wordbook[$errmsg])) {
-                return $app->tform->wordbook[$errmsg]."<br>\r\n";
-            } else {
-                return $errmsg."<br>\r\n";
-            }
-        }
-        
-        $domain_data = $app->db->queryOneRecord("SELECT domain_id, document_root FROM web_domain WHERE domain_id = '".$app->db->quote($ftp_data["parent_domain_id"])."'");
-        if(!$domain_data["domain_id"]) {
-            $errmsg = $validator['errmsg'];
-            if(isset($app->tform->wordbook[$errmsg])) {
-                return $app->tform->wordbook[$errmsg]."<br>\r\n";
-            } else {
-                return $errmsg."<br>\r\n";
-            }
-        }
-        
-        $doc_root = $domain_data["document_root"];
-        $is_ok = false;
-        if($doc_root == $field_value) $is_ok = true;
-        
-        $doc_root .= "/";
-        if(substr($field_value, 0, strlen($doc_root)) == $doc_root) $is_ok = true;
-		
-		if(stristr($field_value,'..') or stristr($field_value,'./') or stristr($field_value,'/.')) $is_ok = false;
-        
-        if($is_ok == false) {
-            $errmsg = $validator['errmsg'];
-            if(isset($app->tform->wordbook[$errmsg])) {
-                return $app->tform->wordbook[$errmsg]."<br>\r\n";
-            } else {
-                return $errmsg."<br>\r\n";
-            }
-        }
+		if($primary_id == 0 && !isset($app->remoting_lib->dataRecord['parent_domain_id'])) {
+			$errmsg = $validator['errmsg'];
+			if(isset($app->tform->wordbook[$errmsg])) {
+				return $app->tform->wordbook[$errmsg]."<br>\r\n";
+			} else {
+				return $errmsg."<br>\r\n";
+			}
+		}
+
+		if($primary_id > 0) {
+			//* get parent_domain_id from website
+			$ftp_data = $app->db->queryOneRecord("SELECT parent_domain_id FROM ftp_user WHERE ftp_user_id = '".$app->db->quote($primary_id)."'");
+			if(!is_array($ftp_data) || $ftp_data["parent_domain_id"] < 1) {
+				$errmsg = $validator['errmsg'];
+				if(isset($app->tform->wordbook[$errmsg])) {
+					return $app->tform->wordbook[$errmsg]."<br>\r\n";
+				} else {
+					return $errmsg."<br>\r\n";
+				}
+			} else {
+				$parent_domain_id = $ftp_data["parent_domain_id"];
+			}
+		} else {
+			//* get parent_domain_id from dataRecord when we have a insert operation trough remote API
+			$parent_domain_id = $app->functions->intval($app->remoting_lib->dataRecord['parent_domain_id']);
+		}
+
+		$domain_data = $app->db->queryOneRecord("SELECT domain_id, document_root FROM web_domain WHERE domain_id = '".$app->db->quote($parent_domain_id)."'");
+		if(!is_array($domain_data) || $domain_data["domain_id"] < 1) {
+			$errmsg = $validator['errmsg'];
+			if(isset($app->tform->wordbook[$errmsg])) {
+				return $app->tform->wordbook[$errmsg]."<br>\r\n";
+			} else {
+				return $errmsg."<br>\r\n";
+			}
+		}
+
+		$doc_root = $domain_data["document_root"];
+		$is_ok = false;
+		if($doc_root == $field_value) $is_ok = true;
+
+		$doc_root .= "/";
+		if(substr($field_value, 0, strlen($doc_root)) == $doc_root) $is_ok = true;
+
+		if(stristr($field_value, '..') or stristr($field_value, './') or stristr($field_value, '/.')) $is_ok = false;
+
+		//* Final check if docroot path of website is >= 5 chars
+		if(strlen($doc_root) < 5) $is_ok = false;
+
+		if($is_ok == false) {
+			$errmsg = $validator['errmsg'];
+			if(isset($app->tform->wordbook[$errmsg])) {
+				return $app->tform->wordbook[$errmsg]."<br>\r\n";
+			} else {
+				return $errmsg."<br>\r\n";
+			}
+		}
 	}
-	
-	
-	
-	
-}
\ No newline at end of file
+
+
+
+
+}

--
Gitblit v1.9.1