From d87f76019fc231ec20d95126a7fee0487e7be5f0 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 14 Aug 2012 10:56:20 -0400
Subject: [PATCH] - Added new web folder named private to web folder layout. The folder is intended to store data that shall not be visible in the web directory, it is owned by the user of the web. - Changed ownership of web root directory to root user in all security modes to prevent symlink attacks. - Apache log files are now owned by user root. - Improved functions in system library.
---
interface/web/vm/openvz_vm_edit.php | 346 ++++++++++++++++++++++-----------------------------------
1 files changed, 136 insertions(+), 210 deletions(-)
diff --git a/interface/web/vm/openvz_vm_edit.php b/interface/web/vm/openvz_vm_edit.php
index bc03249..de2f51f 100644
--- a/interface/web/vm/openvz_vm_edit.php
+++ b/interface/web/vm/openvz_vm_edit.php
@@ -50,51 +50,134 @@
class page_action extends tform_actions {
+ function onShowNew() {
+ global $app, $conf;
+
+ // we will check only users, not admins
+ if($_SESSION["s"]["user"]["typ"] == 'user') {
+ if(!$app->tform->checkClientLimit('limit_openvz_vm')) {
+ $app->error($app->tform->wordbook["limit_openvz_vm_txt"]);
+ }
+ if(!$app->tform->checkResellerLimit('limit_openvz_vm')) {
+ $app->error('Reseller: '.$app->tform->wordbook["limit_openvz_vm_txt"]);
+ }
+ }
+
+ parent::onShowNew();
+ }
+
function onShowEnd() {
global $app, $conf;
//* Client: If the logged in user is not admin and has no sub clients (no rseller)
if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
-
+
+ //* Get the limits of the client
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, client.limit_openvz_vm_template_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ //* Fill the template_id field
+ if($client['limit_openvz_vm_template_id'] == 0) {
+ $sql = 'SELECT template_id,template_name FROM openvz_template WHERE 1 ORDER BY template_name';
+ } else {
+ $sql = 'SELECT template_id,template_name FROM openvz_template WHERE template_id = '.$client['limit_openvz_vm_template_id'].' ORDER BY template_name';
+ }
+ $records = $app->db->queryAllRecords($sql);
+ if(is_array($records)) {
+ foreach( $records as $rec) {
+ $selected = @($rec["template_id"] == $this->dataRecord["template_id"])?'SELECTED':'';
+ $template_id_select .= "<option value='$rec[template_id]' $selected>$rec[template_name]</option>\r\n";
+ }
+ }
+ $app->tpl->setVar("template_id_select",$template_id_select);
+
//* Reseller: If the logged in user is not admin and has sub clients (is a rseller)
} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
- // Get the limits of the client
+ //* Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
- $client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, client.limit_openvz_vm_template_id, CONCAT(client.company_name,' :: ',client.contact_name) as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
- // Fill the client select field
- $sql = "SELECT groupid, name FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY name";
+ //* Fill the client select field
+ $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(client.company_name,' :: ',client.contact_name) as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY sys_group.name";
$records = $app->db->queryAllRecords($sql);
$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
- $client_select = '<option value="'.$tmp['groupid'].'">'.$client['contact_name'].'</option>';
- $tmp_data_record = $app->tform->getDataRecord($this->id);
+ $client_select = '<option value="'.$tmp['groupid'].'">'.$client['name'].' :: '.$client['contactname'].'</option>';
+ //$tmp_data_record = $app->tform->getDataRecord($this->id);
if(is_array($records)) {
foreach( $records as $rec) {
- $selected = @($rec["groupid"] == $tmp_data_record["sys_groupid"])?'SELECTED':'';
- $client_select .= "<option value='$rec[groupid]' $selected>$rec[name]</option>\r\n";
+ $selected = @(is_array($this->dataRecord) && ($client["groupid"] == $this->dataRecord['client_group_id'] || $client["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
+ $client_select .= "<option value='$rec[groupid]' $selected>$rec[name] :: $rec[contactname]</option>\r\n";
}
}
$app->tpl->setVar("client_group_id",$client_select);
+
+ //* Fill the template_id field
+ if($client['limit_openvz_vm_template_id'] == 0) {
+ $sql = 'SELECT template_id,template_name FROM openvz_template WHERE 1 ORDER BY template_name';
+ } else {
+ $sql = 'SELECT template_id,template_name FROM openvz_template WHERE template_id = '.$client['limit_openvz_vm_template_id'].' ORDER BY template_name';
+ }
+ $records = $app->db->queryAllRecords($sql);
+ if(is_array($records)) {
+ foreach( $records as $rec) {
+ $selected = @($rec["template_id"] == $this->dataRecord["template_id"])?'SELECTED':'';
+ $template_id_select .= "<option value='$rec[template_id]' $selected>$rec[template_name]</option>\r\n";
+ }
+ }
+ $app->tpl->setVar("template_id_select",$template_id_select);
//* Admin: If the logged in user is admin
} else {
- // Fill the client select field
- $sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0 ORDER BY name";
+ //* Fill the client select field
+ $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(client.company_name,' :: ',client.contact_name) as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY sys_group.name";
$clients = $app->db->queryAllRecords($sql);
$client_select = "<option value='0'></option>";
- $tmp_data_record = $app->tform->getDataRecord($this->id);
+ //$tmp_data_record = $app->tform->getDataRecord($this->id);
if(is_array($clients)) {
foreach( $clients as $client) {
- $selected = @($client["groupid"] == $tmp_data_record["sys_groupid"])?'SELECTED':'';
- $client_select .= "<option value='$client[groupid]' $selected>$client[name]</option>\r\n";
+ $selected = @(is_array($this->dataRecord) && ($client["groupid"] == $this->dataRecord['client_group_id'] || $client["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
+ $client_select .= "<option value='$client[groupid]' $selected>$client[name] :: $client[contactname]</option>\r\n";
}
}
$app->tpl->setVar("client_group_id",$client_select);
+
+ //* Fill the template_id field
+ $sql = 'SELECT template_id,template_name FROM openvz_template WHERE 1 ORDER BY template_name';
+ $records = $app->db->queryAllRecords($sql);
+ if(is_array($records)) {
+ $template_id_select='';
+ foreach( $records as $rec) {
+ $selected = @($rec["template_id"] == $this->dataRecord["template_id"])?'SELECTED':'';
+ $template_id_select .= "<option value='$rec[template_id]' $selected>$rec[template_name]</option>\r\n";
+ }
+ }
+ $app->tpl->setVar("template_id_select",$template_id_select);
}
+
+ //* Fill the IPv4 select field with the IP addresses that are allowed for this client
+ //$sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$client['default_webserver']." AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")";
+ if(isset($this->dataRecord["server_id"])) {
+ $vm_server_id = intval($this->dataRecord["server_id"]);
+ } else {
+ $tmp = $app->db->queryOneRecord('SELECT server_id FROM server WHERE vserver_server = 1 AND mirror_server_id = 0 ORDER BY server_name LIMIT 0,1');
+ $vm_server_id = $tmp['server_id'];
+ }
+ $sql = "SELECT ip_address FROM openvz_ip WHERE reserved = 'n' AND (vm_id = 0 or vm_id = '".$this->id."') AND server_id = ".$vm_server_id." ORDER BY ip_address";
+ $ips = $app->db->queryAllRecords($sql);
+ $ip_select = "";
+ if(is_array($ips)) {
+ foreach( $ips as $ip) {
+ $selected = ($ip["ip_address"] == $this->dataRecord["ip_address"])?'SELECTED':'';
+ $ip_select .= "<option value='$ip[ip_address]' $selected>$ip[ip_address]</option>\r\n";
+ }
+ }
+ $app->tpl->setVar("ip_address",$ip_select);
+ unset($tmp);
+ unset($ips);
if($this->id > 0) {
//* we are editing a existing record
@@ -105,211 +188,54 @@
$app->tpl->setVar("edit_disabled", 0);
}
+ // Datepicker
+ $date_format = $app->lng('conf_format_dateshort');
+ $trans = array("d" => "dd", "m" => "mm", "Y" => "yy");
+ $date_format = strtr($date_format, $trans);
+ $app->tpl->setVar("date_format", $date_format);
+
+ $app->tpl->setVar("daynamesmin_su", $app->lng('daynamesmin_su'));
+ $app->tpl->setVar("daynamesmin_mo", $app->lng('daynamesmin_mo'));
+ $app->tpl->setVar("daynamesmin_tu", $app->lng('daynamesmin_tu'));
+ $app->tpl->setVar("daynamesmin_we", $app->lng('daynamesmin_we'));
+ $app->tpl->setVar("daynamesmin_th", $app->lng('daynamesmin_th'));
+ $app->tpl->setVar("daynamesmin_fr", $app->lng('daynamesmin_fr'));
+ $app->tpl->setVar("daynamesmin_sa", $app->lng('daynamesmin_sa'));
+
+ $app->tpl->setVar("daynames_sunday", $app->lng('daynames_sunday'));
+ $app->tpl->setVar("daynames_monday", $app->lng('daynames_monday'));
+ $app->tpl->setVar("daynames_tuesday", $app->lng('daynames_tuesday'));
+ $app->tpl->setVar("daynames_wednesday", $app->lng('daynames_wednesday'));
+ $app->tpl->setVar("daynames_thursday", $app->lng('daynames_thursday'));
+ $app->tpl->setVar("daynames_friday", $app->lng('daynames_friday'));
+ $app->tpl->setVar("daynames_saturday", $app->lng('daynames_saturday'));
+
+ $app->tpl->setVar("monthnamesshort_jan", $app->lng('monthnamesshort_jan'));
+ $app->tpl->setVar("monthnamesshort_feb", $app->lng('monthnamesshort_feb'));
+ $app->tpl->setVar("monthnamesshort_mar", $app->lng('monthnamesshort_mar'));
+ $app->tpl->setVar("monthnamesshort_apr", $app->lng('monthnamesshort_apr'));
+ $app->tpl->setVar("monthnamesshort_may", $app->lng('monthnamesshort_may'));
+ $app->tpl->setVar("monthnamesshort_jun", $app->lng('monthnamesshort_jun'));
+ $app->tpl->setVar("monthnamesshort_jul", $app->lng('monthnamesshort_jul'));
+ $app->tpl->setVar("monthnamesshort_aug", $app->lng('monthnamesshort_aug'));
+ $app->tpl->setVar("monthnamesshort_sep", $app->lng('monthnamesshort_sep'));
+ $app->tpl->setVar("monthnamesshort_oct", $app->lng('monthnamesshort_oct'));
+ $app->tpl->setVar("monthnamesshort_nov", $app->lng('monthnamesshort_nov'));
+ $app->tpl->setVar("monthnamesshort_dec", $app->lng('monthnamesshort_dec'));
+
+ $app->tpl->setVar("datepicker_nextText", $app->lng('datepicker_nextText'));
+ $app->tpl->setVar("datepicker_prevText", $app->lng('datepicker_prevText'));
+
parent::onShowEnd();
}
function onSubmit() {
global $app, $conf;
- // Clients may not set the client_group_id, so we unset them if user is not a admin and the client is not a reseller
+ //* Clients may not set the client_group_id, so we unset them if user is not a admin and the client is not a reseller
if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]);
parent::onSubmit();
- }
-
- function onAfterInsert() {
- global $app, $conf;
-
- // make sure that the record belongs to the clinet group and not the admin group when admin inserts it
- // also make sure that the user can not delete domain created by a admin
- if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
- $client_group_id = intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE openvz_vm SET sys_groupid = $client_group_id WHERE vm_id = ".$this->id);
- }
- if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
- $client_group_id = intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE openvz_vm SET sys_groupid = $client_group_id WHERE vm_id = ".$this->id);
- }
-
- // Set the VEID
- $tmp = $app->db->queryOneRecord('SELECT MAX(veid) + 1 as newveid FROM openvz_vm');
- $veid = ($tmp['newveid'] > 100)?$tmp['newveid']:101;
- $app->db->query("UPDATE openvz_vm SET veid = ".$veid." WHERE vm_id = ".$this->id);
- unset($tmp);
-
- // Apply template values to the advanced tab settings
- $this->applyTemplate();
-
- // Set the IP address
- $app->db->query("UPDATE openvz_ip SET vm_id = ".$this->id." WHERE ip_address = '".$this->dataRecord['ip_address']."'");
-
- // Create the OpenVZ config file and store it in config field
- $this->makeOpenVZConfig();
-
- // Create the DNS record
- $this->createDNS();
-
- }
-
- function onAfterUpdate() {
- global $app, $conf;
-
- // make sure that the record belongs to the clinet group and not the admin group when a admin inserts it
- // also make sure that the user can not delete domain created by a admin
- if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
- $client_group_id = intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE openvz_vm SET sys_groupid = $client_group_id WHERE vm_id = ".$this->id);
- }
- if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
- $client_group_id = intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE openvz_vm SET sys_groupid = $client_group_id WHERE vm_id = ".$this->id);
- }
-
- if(isset($this->dataRecord["ostemplate_id"]) && $this->oldDataRecord["ostemplate_id"] != $this->dataRecord["ostemplate_id"]) {
- $this->applyTemplate();
- }
-
- // Set the IP address
- if(isset($this->dataRecord['ip_address'])) $app->db->query("UPDATE openvz_ip SET vm_id = ".$this->id." WHERE ip_address = '".$this->dataRecord['ip_address']."'");
-
- // Create the OpenVZ config file and store it in config field
- $this->makeOpenVZConfig();
-
- // Create the DNS record
- if((isset($this->dataRecord['hostname']) && $this->dataRecord['hostname'] != $this->oldDataRecord['hostname'])
- or (isset($this->dataRecord['create_dns']) && $this->dataRecord['create_dns'] != $this->oldDataRecord['create_dns'])) {
- $this->createDNS();
- }
-
- }
-
- function applyTemplate() {
- global $app, $conf;
-
- $tpl = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = ".$this->dataRecord["template_id"]);
-
- $sql = "UPDATE openvz_vm SET ";
- $sql .= "diskspace = '".$tpl['diskspace']."', ";
- $sql .= "ram = '".$tpl['ram']."', ";
- $sql .= "ram_burst = '".$tpl['ram_burst']."', ";
- $sql .= "cpu_units = '".$tpl['cpu_units']."', ";
- $sql .= "cpu_num = '".$tpl['cpu_num']."', ";
- $sql .= "cpu_limit = '".$tpl['cpu_limit']."', ";
- $sql .= "io_priority = '".$tpl['io_priority']."', ";
- $sql .= "nameserver = '".$tpl['nameserver']."', ";
- $sql .= "create_dns = '".$tpl['create_dns']."', ";
- $sql .= "capability = '".$tpl['capability']."' ";
- $sql .= "WHERE vm_id = ".$this->id;
- $app->db->query($sql);
-
- }
-
- function makeOpenVZConfig() {
- global $app, $conf;
-
- $vm = $app->tform->getDataRecord($this->id);
- $vm_template = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = ".$vm['template_id']);
- $burst_ram = $vm['ram_burst']*256;
- $guar_ram = $vm['ram']*256;
-
- $tpl = new tpl();
- $tpl->newTemplate('templates/openvz.conf.tpl');
-
- $onboot = ($vm['start_boot'] == 'y')?'yes':'no';
- $tpl->setVar('onboot',$onboot);
-
- $tpl->setVar('kmemsize',$vm_template['kmemsize']);
- $tpl->setVar('lockedpages',$vm_template['lockedpages']);
- $tpl->setVar('privvmpages',$burst_ram.':'.$burst_ram);
- $tpl->setVar('shmpages',$guar_ram.':'.$guar_ram);
- $tpl->setVar('numproc',$vm_template['numproc']);
- $tpl->setVar('physpages',$vm_template['physpages']);
- $tpl->setVar('vmguarpages',$guar_ram.':'.$guar_ram);
- $tpl->setVar('oomguarpages',$guar_ram.':'.$guar_ram);
- $tpl->setVar('numtcpsock',$vm_template['numtcpsock']);
- $tpl->setVar('numflock',$vm_template['numflock']);
- $tpl->setVar('numpty',$vm_template['numpty']);
- $tpl->setVar('numsiginfo',$vm_template['numsiginfo']);
- $tpl->setVar('tcpsndbuf',$vm_template['tcpsndbuf']);
- $tpl->setVar('tcprcvbuf',$vm_template['tcprcvbuf']);
- $tpl->setVar('othersockbuf',$vm_template['othersockbuf']);
- $tpl->setVar('dgramrcvbuf',$vm_template['dgramrcvbuf']);
- $tpl->setVar('numothersock',$vm_template['numothersock']);
- $tpl->setVar('dcachesize',$vm_template['dcachesize']);
- $tpl->setVar('numfile',$vm_template['numfile']);
- $tpl->setVar('avnumproc',$vm_template['avnumproc']);
- $tpl->setVar('numiptent',$vm_template['numiptent']);
-
- $diskspace = $vm['diskspace']*1048576;
- $diskinodes = $vm['diskspace']*524288;
-
- $tpl->setVar('diskspace',$diskspace.":".$diskspace);
- $tpl->setVar('diskinodes',$diskinodes.":".$diskinodes);
- $tpl->setVar('io_priority',$vm['io_priority']);
-
- $tpl->setVar('cpu_num',$vm['cpu_num']);
- $tpl->setVar('cpu_units',$vm['cpu_units']);
- $tpl->setVar('cpu_limit',$vm['cpu_limit']);
-
- $hostname = str_replace('{VEID}',$vm['veid'],$vm['hostname']);
-
- $tpl->setVar('hostname',$hostname);
- $tpl->setVar('ip_address',$vm['ip_address']);
- $tpl->setVar('nameserver',$vm['nameserver']);
- $tpl->setVar('capability',$vm['capability']);
-
- $tmp = $app->db->queryOneRecord("SELECT template_file FROM openvz_ostemplate WHERE ostemplate_id = ".$vm['ostemplate_id']);
- $tpl->setVar('ostemplate',$tmp['template_file']);
- unset($tmp);
-
- $openvz_config = $app->db->quote($tpl->grab());
- $app->db->query("UPDATE openvz_vm SET config = '".$openvz_config."' WHERE vm_id = ".$this->id);
-
- unset($tpl);
-
- }
-
- function createDNS() {
- global $app, $conf;
-
- $vm = $app->tform->getDataRecord($this->id);
-
- if($vm['create_dns'] != 'y') return;
-
- $full_hostname = str_replace('{VEID}',$vm['veid'],$vm['hostname']);
- $hostname_parts = explode('.',$full_hostname);
- $hostname = $hostname_parts[0];
- unset($hostname_parts[0]);
- $zone = implode('.',$hostname_parts);
- unset($hostname_parts);
-
- // Find the dns zone
- $zone_rec = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE origin = '$zone.'");
- $rr_rec = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = '".$zone_rec['id']."' AND name = '$hostname'");
-
- if($zone_rec['id'] > 0) {
- $ip_address = $vm['ip_address'];
- $sys_userid = $zone_rec['sys_userid'];
- $sys_groupid = $zone_rec['sys_groupid'];
- $server_id = $zone_rec['server_id'];
- $dns_soa_id = $zone_rec['id'];
-
- if($rr_rec['id'] > 0) {
- $app->uses('validate_dns');
- $app->db->datalogUpdate('dns_rr', "data = '$ip_address'", 'id', $rr_rec['id']);
- $serial = $app->validate_dns->increase_serial($zone_rec['serial']);
- $app->db->datalogUpdate('dns_soa', "serial = '$serial'", 'id', $zone_rec['id']);
- } else {
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES
- ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$hostname', 'A', '$ip_address', '0', '3600', 'Y')";
- $dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id');
- }
-
- }
-
-
-
-
}
}
--
Gitblit v1.9.1