From cabd6f6205756a51064fb856aca2ed94d28b1cf7 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Fri, 12 Sep 2008 11:31:19 -0400
Subject: [PATCH] Disabled suphp_UserGroup directive by default to make the setup compatible with the suphp compile options from most linux distributions. If you want some extra security, enable this directive again and recompile mod_suphp with the the option --with-setid-mode=paranoid
---
interface/web/client/client_edit.php | 35 +++++++++++++++++++++++++----------
1 files changed, 25 insertions(+), 10 deletions(-)
diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index 473de4b..11b20a7 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -41,11 +41,8 @@
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
-// Checking module permissions
-if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
- header("Location: ../index.php");
- exit;
-}
+//* Check permissions for module
+$app->auth->check_module_permissions('client');
// Loading classes
$app->uses('tpl,tform,tform_actions');
@@ -63,10 +60,12 @@
$sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".addslashes($this->dataRecord["username"])."','',".$this->id.")";
$app->db->query($sql);
$groupid = $app->db->insertID();
+ $groups = $groupid;
$username = addslashes($this->dataRecord["username"]);
$password = addslashes($this->dataRecord["password"]);
- $modules = 'mail,sites,dns';
+ $modules = ISPC_INTERFACE_MODULES_ENABLED;
+ if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
$startmodule = 'mail';
$usertheme = addslashes($this->dataRecord["usertheme"]);
$type = 'user';
@@ -75,8 +74,17 @@
// Create the controlpaneluser for the client
$sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
- VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groupid,$groupid,".$this->id.")";
+ VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,".$this->id.")";
$app->db->query($sql);
+
+ //* If the user who inserted the client is a reseller (not admin), we will have to add this new client group
+ //* to his groups, so he can administrate the records of this client.
+ if($_SESSION['s']['user']['typ'] == 'user') {
+ $app->auth->add_group_to_user($_SESSION['s']['user']['userid'],$groupid);
+ $app->db->query("UPDATE client SET parent_client_id = ".intval($_SESSION['s']['user']['client_id'])." WHERE client_id = ".$this->id);
+ }
+
+
}
@@ -98,15 +106,22 @@
}
// password changed
- if($this->dataRecord["password"] != '') {
+ if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
$password = addslashes($this->dataRecord["password"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
$app->db->query($sql);
}
-
-
+ // reseller status changed
+ if(isset($this->dataRecord["limit_client"])) {
+ $modules = ISPC_INTERFACE_MODULES_ENABLED;
+ if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
+ $modules = addslashes($modules);
+ $client_id = $this->id;
+ $sql = "UPDATE sys_user SET modules = '$modules' WHERE client_id = $client_id";
+ $app->db->query($sql);
+ }
}
--
Gitblit v1.9.1