From dd0130670fe3cab4c7e2c1ab4f3bf0d2b2d512b0 Mon Sep 17 00:00:00 2001
From: Denny Bortfeldt <denny@bortfeldt.net>
Date: Mon, 27 Jun 2016 18:02:16 -0400
Subject: [PATCH] When uploading a logo which is smaller than the current ispconfig one, then the logo will be on the left side of the header. In my opinion it will look better when it's centered. You could vote about it ;)

---
 interface/web/sites/database_user_edit.php |  130 +++++++++++++++++++++++--------------------
 1 files changed, 69 insertions(+), 61 deletions(-)

diff --git a/interface/web/sites/database_user_edit.php b/interface/web/sites/database_user_edit.php
index 4f6979f..02ef7bf 100644
--- a/interface/web/sites/database_user_edit.php
+++ b/interface/web/sites/database_user_edit.php
@@ -38,8 +38,8 @@
 * End Form configuration
 ******************************************/
 
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
 
 //* Check permissions for module
 $app->auth->check_module_permissions('sites');
@@ -49,6 +49,22 @@
 $app->load('tform_actions');
 
 class page_action extends tform_actions {
+
+	function onShowNew() {
+		global $app;
+
+		// we will check only users, not admins
+		if($_SESSION['s']['user']['typ'] == 'user') {
+			if(!$app->tform->checkClientLimit('limit_database_user')) {
+				$app->error($app->tform->wordbook["limit_database_user_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_database_user')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_database_user_txt"]);
+			}
+		}
+
+		parent::onShowNew();
+	}
 
 	function onShowEnd() {
 		global $app, $conf, $interfaceConf;
@@ -63,27 +79,27 @@
 		$global_config = $app->getconf->get_global_config('sites');
 		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
 
-        if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+		if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT client.company_name, client.contact_name, client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+			$client = $app->db->queryOneRecord("SELECT client.company_name, client.contact_name, client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
 
-            // Fill the client select field
-            $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY sys_group.name";
-            $records = $app->db->queryAllRecords($sql);
-            $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
-            $client_select = '<option value="'.$tmp['groupid'].'">'.$client['contact_name'].'</option>';
-            //$tmp_data_record = $app->tform->getDataRecord($this->id);
-            if(is_array($records)) {
-                foreach( $records as $rec) {
-                    $selected = @(is_array($this->dataRecord) && ($rec["groupid"] == $this->dataRecord['client_group_id'] || $rec["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
-                    $client_select .= "<option value='$rec[groupid]' $selected>$rec[contactname]</option>\r\n";
-                }
-            }
-            $app->tpl->setVar("client_group_id",$client_select);
-        } elseif($_SESSION["s"]["user"]["typ"] == 'admin') {
 			// Fill the client select field
-			$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY sys_group.name";
+			$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
+			$records = $app->db->queryAllRecords($sql, $client['client_id']);
+			$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client['client_id']);
+			$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contact_name'].'</option>';
+			//$tmp_data_record = $app->tform->getDataRecord($this->id);
+			if(is_array($records)) {
+				foreach( $records as $rec) {
+					$selected = @(is_array($this->dataRecord) && ($rec["groupid"] == $this->dataRecord['client_group_id'] || $rec["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
+					$client_select .= "<option value='$rec[groupid]' $selected>$rec[contactname]</option>\r\n";
+				}
+			}
+			$app->tpl->setVar("client_group_id", $client_select);
+		} elseif($_SESSION["s"]["user"]["typ"] == 'admin') {
+			// Fill the client select field
+			$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
 			$clients = $app->db->queryAllRecords($sql);
 			$client_select = "<option value='0'></option>";
 			//$tmp_data_record = $app->tform->getDataRecord($this->id);
@@ -94,8 +110,8 @@
 					$client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
 				}
 			}
-			$app->tpl->setVar("client_group_id",$client_select);
-        }
+			$app->tpl->setVar("client_group_id", $client_select);
+		}
 
 
 		if ($this->dataRecord['database_user'] != ""){
@@ -103,19 +119,22 @@
 			$app->tpl->setVar("database_user", $app->tools_sites->removePrefix($this->dataRecord['database_user'], $this->dataRecord['database_user_prefix'], $dbuser_prefix));
 		}
 
-
-		$app->tpl->setVar("database_user_prefix", $app->tools_sites->getPrefix($this->dataRecord['database_user_prefix'], $dbuser_prefix, $global_config['dbuser_prefix']));
+		if($this->dataRecord['database_user'] == "") {
+			$app->tpl->setVar("database_user_prefix", $dbuser_prefix);
+		} else {
+			$app->tpl->setVar("database_user_prefix", $app->tools_sites->getPrefix($this->dataRecord['database_user_prefix'], $dbuser_prefix, $global_config['dbuser_prefix']));
+		}
 
 		parent::onShowEnd();
 	}
 
-    function onSubmit() {
-        global $app;
+	function onSubmit() {
+		global $app;
 
-        if($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]);
+		if($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]);
 
-        parent::onSubmit();
-    }
+		parent::onSubmit();
+	}
 
 	function onBeforeUpdate() {
 		global $app, $conf, $interfaceConf;
@@ -125,35 +144,36 @@
 		$global_config = $app->getconf->get_global_config('sites');
 		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
 
-        $this->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = '".$this->id."'");
+		$this->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = ?", $this->id);
 
-        $dbuser_prefix = $app->tools_sites->getPrefix($this->oldDataRecord['database_user_prefix'], $dbuser_prefix);
-        $this->dataRecord['database_user_prefix'] = $dbuser_prefix;
+		$dbuser_prefix = $app->tools_sites->getPrefix($this->oldDataRecord['database_user_prefix'], $dbuser_prefix);
+		$this->dataRecord['database_user_prefix'] = $dbuser_prefix;
 
 		//* Database username shall not be empty
 		if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />';
 
-		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}',$dbuser_prefix . $this->dataRecord['database_user'],$app->tform->wordbook["database_user_error_len"]).'<br />';
+		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]).'<br />';
 
 		//* Check database user against blacklist
-		$dbuser_blacklist = array($conf['db_user'],'mysql','root');
-		if(in_array($dbuser_prefix . $this->dataRecord['database_user'],$dbuser_blacklist)) {
+		$dbuser_blacklist = array($conf['db_user'], 'mysql', 'root');
+		if(in_array($dbuser_prefix . $this->dataRecord['database_user'], $dbuser_blacklist)) {
 			$app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />';
 		}
 
 		if ($app->tform->errorMessage == ''){
 			/* restrict the names if there is no error */
-            /* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */
+			/* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */
 			$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
 		}
 
 		/* prepare password for MongoDB */
 		// TODO: this still doens't work as when only the username changes we have no database_password.
 		// taking the one from oldData doesn't work as it's encrypted...shit!
+/*
 		$this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password'];
 
-        $this->dataRecord['server_id'] = 0; // we need this on all servers
-
+		$this->dataRecord['server_id'] = 0; // we need this on all servers
+*/
 		parent::onBeforeUpdate();
 	}
 
@@ -168,18 +188,18 @@
 		$global_config = $app->getconf->get_global_config('sites');
 		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
 
-        $this->dataRecord['database_user_prefix'] = $dbuser_prefix;
+		$this->dataRecord['database_user_prefix'] = $dbuser_prefix;
 
-		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}',$dbuser_prefix . $this->dataRecord['database_user'],$app->tform->wordbook["database_user_error_len"]).'<br />';
+		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]).'<br />';
 
 		//* Check database user against blacklist
-		$dbuser_blacklist = array($conf['db_user'],'mysql','root');
-		if(is_array($dbuser_blacklist) && in_array($dbuser_prefix . $this->dataRecord['database_user'],$dbuser_blacklist)) {
+		$dbuser_blacklist = array($conf['db_user'], 'mysql', 'root');
+		if(is_array($dbuser_blacklist) && in_array($dbuser_prefix . $this->dataRecord['database_user'], $dbuser_blacklist)) {
 			$app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />';
 		}
 
 		/* restrict the names */
-        /* crop user names if they are too long -> mysql: user: 16 chars / db: 64 chars */
+		/* crop user names if they are too long -> mysql: user: 16 chars / db: 64 chars */
 		if ($app->tform->errorMessage == ''){
 			$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
 		}
@@ -187,7 +207,7 @@
 		$this->dataRecord['server_id'] = 0; // we need this on all servers
 
 		/* prepare password for MongoDB */
-		$this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password'];
+//		$this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password'];
 
 		parent::onBeforeInsert();
 	}
@@ -197,11 +217,11 @@
 
 		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);
+			$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id);
 		}
 		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);
+			$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id);
 		}
 	}
 
@@ -210,24 +230,12 @@
 
 		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);
+			$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id);
 		}
 		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);
+			$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id);
 		}
-
-		/*$password = $app->db->queryOneRecord("SELECT database_password FROM web_database_user WHERE database_user_id = ".$this->id);
-
-        $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".$app->functions->intval($this->id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($this->id)."'");
-        foreach($records as $rec) {
-            $new_rec = $this->dataRecord;
-            $new_rec['server_id'] = $rec['server_id'];
-			// Make sure to store the password in encrypted form in sys_datalog
-			$new_rec['database_password'] = $password['database_password'];
-            $app->db->datalogSave('web_database_user', 'UPDATE', 'database_user_id', $this->id, $this->oldDataRecord, $new_rec);
-        }
-        unset($new_rec);*/
 	}
 
 }
@@ -235,4 +243,4 @@
 $page = new page_action;
 $page->onLoad();
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1