From fe9a23f542bc56c1c0b6dc30257418e38ff7bd3a Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Sat, 08 Jun 2013 18:57:40 -0400
Subject: [PATCH] - Fixed FS#2936 - Please check and limit username input length.
---
interface/web/dashboard/dashboard.php | 126 ++++++++++++++++++++++++++++++++---------
1 files changed, 97 insertions(+), 29 deletions(-)
diff --git a/interface/web/dashboard/dashboard.php b/interface/web/dashboard/dashboard.php
index 53a745c..b0bb809 100644
--- a/interface/web/dashboard/dashboard.php
+++ b/interface/web/dashboard/dashboard.php
@@ -48,7 +48,14 @@
/*
* Let the user welcome
*/
-$welcome = sprintf($wb['welcome_user_txt'], $_SESSION['s']['user']['username']);
+if($_SESSION['s']['user']['typ'] == 'admin') {
+ $name = $_SESSION['s']['user']['username'];
+} else {
+ $tmp = $app->db->queryOneRecord("SELECT contact_name FROM client WHERE username = '".$app->db->quote($_SESSION['s']['user']['username'])."'");
+ $name = $tmp['contact_name'];
+}
+
+$welcome = sprintf($wb['welcome_user_txt'], htmlentities($name, ENT_QUOTES, 'UTF-8'));
$app->tpl->setVar('welcome_user', $welcome);
@@ -79,39 +86,100 @@
//
//$app->tpl->setloop('warning', $warning);
//
-///*
-// * If there is any information to display, do it...
-//*/
-//$info = array();
-//
-//$info[] = array('info_msg' => 'IClaus1');
-//$info[] = array('info_msg' => 'IClaus2');
-//$info[] = array('info_msg' => 'IClaus3');
-//$info[] = array('info_msg' => 'IClaus4');
-//
-//$app->tpl->setloop('info', $info);
+
/*
- * Show all modules, the user is allowed to use
+ * If there is any information to display, do it...
*/
-$modules = explode(',', $_SESSION['s']['user']['modules']);
-$mod = array();
-if(is_array($modules)) {
- foreach($modules as $mt) {
- if(is_file('../' . $mt . '/lib/module.conf.php')) {
- if(!preg_match("/^[a-z]{2,20}$/i", $mt)) die('module name contains unallowed chars.');
- include_once('../' . $mt.'/lib/module.conf.php');
- /* We don't want to show the dashboard */
- if ($mt != 'dashboard') {
- $mod[] = array( 'modules_title' => $app->lng($module['title']),
- 'modules_startpage' => $module['startpage'],
- 'modules_name' => $module['name']);
- }
- }
- }
+$info = array();
- $app->tpl->setloop('modules', $mod);
+if(isset($_SESSION['show_info_msg'])) {
+ $info[] = array('info_msg' => '<p>'.$_SESSION['show_info_msg'].'</p>');
+ unset($_SESSION['show_info_msg']);
}
+if(isset($_SESSION['show_error_msg'])) {
+ $app->tpl->setloop('error', array(array('error_msg' => '<p>'.$_SESSION['show_error_msg'].'</p>')));
+ unset($_SESSION['show_error_msg']);
+}
+
+
+/*
+ * Check the ISPConfig-Version (only for the admin)
+*/
+if($_SESSION["s"]["user"]["typ"] == 'admin') {
+ if(!isset($_SESSION['s']['new_ispconfig_version'])) {
+ $new_version = @file_get_contents('http://www.ispconfig.org/downloads/ispconfig3_version.txt');
+ $_SESSION['s']['new_ispconfig_version'] = trim($new_version);
+ }
+ $v1 = ISPC_APP_VERSION;
+ $v2 = $_SESSION['s']['new_ispconfig_version'];
+ $this_version = explode(".",$v1);
+ /*
+ $this_fullversion = (($this_version[0] < 10) ? '0'.$this_version[0] : $this_version[0]) .
+ ((isset($this_version[1]) && $this_version[1] < 10) ? '0'.$this_version[1] : $this_version[1]) .
+ ((isset($this_version[2]) && $this_version[2] < 10) ? '0'.$this_version[2] : $this_version[2]) .
+ ((isset($this_version[3]) && $this_version[3] < 10) ? (($this_version[3] < 1) ? '00' : '0'.$this_version[3]) : @$this_version[3]);
+
+ */
+
+ $new_version = explode(".",$v2);
+ /*
+ $new_fullversion = (($new_version[0] < 10) ? '0'.$new_version[0] : $new_version[0]) .
+ ((isset($new_version[1]) && $new_version[1] < 10) ? '0'.$new_version[1] : $new_version[1]) .
+ ((isset($new_version[2]) && $new_version[2] < 10) ? '0'.$new_version[2] : $new_version[2]) .
+ ((isset($new_version[3]) && $new_version[3] < 10) ? (($new_version[3] < 1) ? '00' : '0'.$new_version[3]) : @$new_version[3]);
+ */
+
+ $this_fullversion = str_pad($this_version[0], 2,'0',STR_PAD_LEFT).str_pad($this_version[1], 2,'0',STR_PAD_LEFT).@str_pad($this_version[2], 2,'0',STR_PAD_LEFT).@str_pad($this_version[3], 2,'0',STR_PAD_LEFT);
+ $new_fullversion = str_pad($new_version[0], 2,'0',STR_PAD_LEFT).str_pad($new_version[1], 2,'0',STR_PAD_LEFT).@str_pad($new_version[2], 2,'0',STR_PAD_LEFT).@str_pad($new_version[3], 2,'0',STR_PAD_LEFT);
+ if($new_fullversion > $this_fullversion) {
+ $info[] = array('info_msg' => '<p>There is a new Version of ISPConfig 3 available!</p>' .
+ '<p>This Version: <b>' . $v1 . '</b></p>' .
+ '<p>New Version : <b>' . $v2 . '</b></p>' .
+ '<p><a href="http://www.ispconfig.org/ispconfig-3/download" target="ISPC">See more...</a></p>');
+ }
+}
+
+$app->tpl->setloop('info', $info);
+
+/* Load the dashlets*/
+$dashlet_list = array();
+$handle = @opendir(ISPC_WEB_PATH.'/dashboard/dashlets');
+while ($file = @readdir ($handle)) {
+ if ($file != '.' && $file != '..' && !is_dir($file)) {
+ $dashlet_name = substr($file,0,-4);
+ $dashlet_class = 'dashlet_'.$dashlet_name;
+ include_once(ISPC_WEB_PATH.'/dashboard/dashlets/'.$file);
+ $dashlet_list[$dashlet_name] = new $dashlet_class;
+ }
+}
+
+
+/* Which dashlets in which column */
+/******************************************************************************/
+$leftcol_dashlets = array('modules','invoices');
+$rightcol_dashlets = array('limits');
+/******************************************************************************/
+
+
+/* Fill the left column */
+$leftcol = array();
+foreach($leftcol_dashlets as $name) {
+ if(isset($dashlet_list[$name])) {
+ $leftcol[]['content'] = $dashlet_list[$name]->show();
+ }
+}
+$app->tpl->setloop('leftcol', $leftcol);
+
+/* Fill the right columnn */
+$rightcol = array();
+foreach($rightcol_dashlets as $name) {
+ if(isset($dashlet_list[$name])) {
+ $rightcol[]['content'] = $dashlet_list[$name]->show();
+ }
+}
+$app->tpl->setloop('rightcol', $rightcol);
+
//* Do Output
$app->tpl->pparse();
--
Gitblit v1.9.1