From 80e7b0d7d17b0e9581fa56be484b8772d82261de Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 18 Nov 2009 11:19:42 -0500
Subject: [PATCH] Added code to delete old remote sessions.
---
interface/web/client/client_edit.php | 74 ++++++++++++++++++++++++++++++------
1 files changed, 61 insertions(+), 13 deletions(-)
diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index d1f0561..9808b8f 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -52,6 +52,52 @@
class page_action extends tform_actions {
+ function onShowNew() {
+ global $app, $conf;
+
+ // we will check only users, not admins
+ if($_SESSION["s"]["user"]["typ"] == 'user') {
+
+ // Get the limits of the client
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT limit_client FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ // Check if the user may add another website.
+ if($client["limit_client"] >= 0) {
+ $tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE sys_groupid = $client_group_id");
+ if($tmp["number"] >= $client["limit_client"]) {
+ $app->error($app->tform->wordbook["limit_client_txt"]);
+ }
+ }
+ }
+
+ parent::onShowNew();
+ }
+
+
+ function onSubmit() {
+ global $app, $conf;
+
+ // we will check only users, not admins
+ if($_SESSION["s"]["user"]["typ"] == 'user' && $this->id == 0) {
+
+ // Get the limits of the client
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT limit_client FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ // Check if the user may add another website.
+ if($client["limit_client"] >= 0) {
+ $tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE sys_groupid = $client_group_id");
+ if($tmp["number"] >= $client["limit_client"]) {
+ $app->error($app->tform->wordbook["limit_client_txt"]);
+ }
+ }
+ }
+
+ parent::onSubmit();
+ }
+
+
function onShowEnd() {
global $app;
@@ -90,20 +136,18 @@
function onAfterInsert() {
global $app;
// Create the group for the client
- $sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")";
- $app->db->query($sql);
- $groupid = $app->db->insertID();
+ $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")", 'groupid');
$groups = $groupid;
- $username = mysql_real_escape_string($this->dataRecord["username"]);
- $password = mysql_real_escape_string($this->dataRecord["password"]);
+ $username = $app->db->quote($this->dataRecord["username"]);
+ $password = $app->db->quote($this->dataRecord["password"]);
$modules = ISPC_INTERFACE_MODULES_ENABLED;
if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
$startmodule = 'mail';
- $usertheme = mysql_real_escape_string($this->dataRecord["usertheme"]);
+ $usertheme = $app->db->quote($this->dataRecord["usertheme"]);
$type = 'user';
$active = 1;
- $language = mysql_real_escape_string($this->dataRecord["language"]);
+ $language = $app->db->quote($this->dataRecord["language"]);
// Create the controlpaneluser for the client
$sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
@@ -116,6 +160,8 @@
$app->auth->add_group_to_user($_SESSION['s']['user']['userid'],$groupid);
$app->db->query("UPDATE client SET parent_client_id = ".intval($_SESSION['s']['user']['client_id'])." WHERE client_id = ".$this->id);
}
+
+ $app->db->query("UPDATE client SET created_at = ".time()." WHERE client_id = ".$this->id);
/* If there is a client-template, process it */
applyClientTemplates($this->id);
@@ -133,27 +179,29 @@
// username changed
if(isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
- $username = mysql_real_escape_string($this->dataRecord["username"]);
+ $username = $app->db->quote($this->dataRecord["username"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
$app->db->query($sql);
- $sql = "UPDATE sys_group SET name = '$username' WHERE client_id = $client_id";
- $app->db->query($sql);
+
+ $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = $client_id");
+ $app->db->datalogUpdate("sys_group", "name = '$username'", 'groupid', $tmp['groupid']);
+ unset($tmp);
}
// password changed
if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
- $password = mysql_real_escape_string($this->dataRecord["password"]);
+ $password = $app->db->quote($this->dataRecord["password"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
$app->db->query($sql);
}
// reseller status changed
- if(isset($this->dataRecord["limit_client"])) {
+ if(isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
$modules = ISPC_INTERFACE_MODULES_ENABLED;
if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
- $modules = mysql_real_escape_string($modules);
+ $modules = $app->db->quote($modules);
$client_id = $this->id;
$sql = "UPDATE sys_user SET modules = '$modules' WHERE client_id = $client_id";
$app->db->query($sql);
--
Gitblit v1.9.1