gitlabFork/ISPConfig3.git - Solinfo Gitblit

- don't set password via remoting if field is empty

Marius Cramer

2015-08-06 37b29231e47a0c4458dc1c15d98588f16f07e1e2

commit \| author \| age
8500be	1	<?php
T	2
	3	/*
436ed8	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
8500be	5	All rights reserved.
T	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class searchform {
	32
b1a6a5	33	public $debug = 0;
MC	34	public $errorMessage;
	35	public $listDef;
	36	public $searchValues;
	37	public $pagingHTML;
	38	public $pagingValues;
	39	public $searchChanged = 0;
	40	public $module;
8500be	41
b1a6a5	42	public function loadListDef($file, $module = '')
MC	43	{
	44	global $app, $conf;
	45	if(!is_file($file)){
	46	die("List-Definition: $file not found.");
	47	}
	48	include_once $file;
	49	$this->listDef = $liste;
	50	$this->module = $module;
	51
8500be	52	//* Fill datasources
T	53	foreach($this->listDef['item'] as $key => $field) {
	54	if(is_array($field['datasource'])) {
b1a6a5	55	$this->listDef['item'][$key]['value'] = $this->getDatasourceData($field);
MC	56	}
	57	}
	58	return true;
	59	}
	60
8500be	61	/**
b1a6a5	62	* Get the key => value array of a form filed from a datasource definitiom
MC	63	*
	64	* @param field = array with field definition
	65	* @param record = Dataset as array
	66	* @return key => value array for the value field of a form
	67	*/
8500be	68
T	69
b1a6a5	70	public function getDatasourceData($field)
MC	71	{
	72	global $app;
	73	$values = array();
8500be	74
b1a6a5	75	if($field['datasource']['type'] == 'SQL') {
MC	76	//* Preparing SQL string. We will replace some common placeholders
	77	$querystring = $field['datasource']['querystring'];
	78	$querystring = str_replace('{USERID}', $_SESSION['s']['user']['userid'], $querystring);
	79	$querystring = str_replace('{GROUPID}', $_SESSION['s']['user']['default_group'], $querystring);
	80	$querystring = str_replace('{GROUPS}', $_SESSION['s']['user']['groups'], $querystring);
	81	$table_idx = $this->formDef['db_table_idx'];
	82	//$querystring = str_replace('{RECORDID}',$record[$table_idx],$querystring);
	83	$app->uses('tform');
	84	$querystring = str_replace('{AUTHSQL}', $app->tform->getAuthSQL('r'), $querystring);
8500be	85
b1a6a5	86	//* Getting the records
MC	87	$tmp_records = $app->db->queryAllRecords($querystring);
	88	if($app->db->errorMessage != ''){
	89	die($app->db->errorMessage);
	90	}
	91	if(is_array($tmp_records)) {
	92	$key_field = $field['datasource']['keyfield'];
	93	$value_field = $field['datasource']['valuefield'];
	94	foreach($tmp_records as $tmp_rec) {
	95	$values[$tmp_rec[$key_field]] = $tmp_rec[$value_field];
	96	}
	97	}
	98	}
	99	if($field['datasource']['type'] == 'CUSTOM') {
	100	//* Calls a custom class to validate this record
	101	if($field['datasource']['class'] != '' and $field['datasource']['function'] != '') {
	102	$datasource_class = $field['datasource']['class'];
	103	$datasource_function = $field['datasource']['function'];
	104	$app->uses($datasource_class);
	105	$record = array();
	106	$values = $app->$datasource_class->$datasource_function($field, $record);
	107	}else{
	108	$this->errorMessage .= "Custom datasource class or function is empty<br>\r\n";
	109	}
	110	}
	111	return $values;
	112	}
8500be	113
b1a6a5	114	public function getSearchSQL($sql_where = '')
MC	115	{
	116	global $db;
8500be	117
b1a6a5	118	//* Config vars
MC	119	$list_name = $this->listDef['name'];
	120	$search_prefix = $this->listDef['search_prefix'];
8500be	121
b1a6a5	122	//* store retrieval query
MC	123	foreach($this->listDef['item'] as $i) {
	124	$field = $i['field'];
8500be	125
b1a6a5	126	//* TODO ? hat sich die suche ge�ndert - has itself search ?
MC	127	$ki = $search_prefix.$field;
	128	if(isset($_REQUEST) and $_REQUEST[$ki] != $_SESSION['search'][$list_name][$ki]){
	129	$this->searchChanged = 1;
	130	}
8500be	131
b1a6a5	132	//* suchfield in session store.
MC	133	if(isset($_REQUEST[$ki])){
	134	$_SESSION['search'][$list_name][$ki] = $_REQUEST[$ki];
	135	}
8500be	136
b1a6a5	137	if($i['formtype'] == 'SELECT'){
MC	138	if(is_array($i['value'])) {
	139	$out = '<option value=""></option>';
	140	foreach($i['value'] as $k => $v) {
	141	$selected = ($k == $_SESSION['search'][$list_name][$ki] && $_SESSION['search'][$list_name][$ki] != '') ? ' SELECTED' : '';
	142	$out .= "<option value='$k'$selected>$v</option>\r\n";
	143	}
	144	}
	145	$this->searchValues[$ki] = $out;
	146	}else{
	147	$this->searchValues[$ki] = $_SESSION['search'][$list_name][$ki];
	148	}
	149	}
	150
	151	//* store variables in object. $this->searchValues = $_SESSION["search"][$list_name];
	152	foreach($this->listDef['item'] as $i) {
	153	$field = $i['field'];
	154	//if($_REQUEST[$search_prefix.$field] != '') $sql_where .= " $field ".$i["op"]." '".$i["prefix"].$_REQUEST[$search_prefix.$field].$i["suffix"]."' and";
8500be	155	if($_SESSION['search'][$list_name][$ki] != ''){
b1a6a5	156	$sql_where .= " $field ".$i['op']." '".$i['prefix'].$_SESSION['search'][$list_name][$ki].$i['suffix']."' and";
MC	157	}
	158	}
	159	return ($sql_where != '') ? substr($sql_where, 0, -3) : '1';
	160	}
8500be	161
b1a6a5	162	public function getPagingSQL($sql_where = '1') {
8500be	163	global $app, $conf;
b1a6a5	164
MC	165	$list_name = $this->listDef['name'];
	166	$search_prefix = $this->listDef['search_prefix'];
	167	$records_per_page = $this->listDef['records_per_page'];
	168	$table = $this->listDef['table'];
	169
	170	//* set page to seror id session not set
	171	if($_SESSION['search'][$list_name]['page'] == '') $_SESSION['search'][$list_name]['page'] = 0;
	172
	173	//* Set page size to request if set
	174	if(isset($_REQUEST['page'])) $_SESSION['search'][$list_name]['page'] = $_REQUEST['page'];
	175
	176	//* TODO PAGE to 0 set, if look for themselves ge?ndert. = page auf 0 setzen, wenn suche sich ge�ndert hat.
	177	if($this->searchChanged == 1) $_SESSION['search'][$list_name]['page'] = 0;
	178
	179	$sql_von = $_SESSION['search'][$list_name]['page'] * $records_per_page;
2af58c	180	$record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM ?? WHERE $sql_where", $table);
b1a6a5	181	$pages = $app->functions->intval(($record_count['anzahl'] - 1) / $records_per_page);
MC	182
	183	$vars['list_file'] = $this->listDef['file'];
	184	$vars['page'] = $_SESSION['search'][$list_name]['page'];
	185	$vars['last_page'] = $_SESSION['search'][$list_name]['page'] - 1;
	186	$vars['next_page'] = $_SESSION['search'][$list_name]['page'] + 1;
	187	$vars['pages'] = $pages;
	188	$vars['max_pages'] = $pages + 1;
	189	$vars['records_gesamt'] = $record_count['anzahl'];
	190	$vars['page_params'] = $this->listDef['page_params'];
	191
	192	if($_SESSION['search'][$list_name]['page'] > 0) $vars['show_page_back'] = 1;
	193	if($_SESSION['search'][$list_name]['page'] <= $vars['pages'] - 1) $vars['show_page_next'] = 1;
	194
	195	$this->pagingValues = $vars;
	196	$this->pagingHTML = $this->getPagingHTML($vars);
	197
	198	return "LIMIT $sql_von, $records_per_page";
	199	}
	200
	201	public function getPagingHTML($vars) {
	202	global $app;
	203	$page_params = $vars['page_params'];
	204	$list_file = $vars['list_file'];
	205	$content = '<a href="'.$list_file.'?page=0'.$page_params.'"><img src="../themes/iprg/images/btn_left.png" border="0"></a>   ';
	206	if($vars['show_page_back'] == 1){
	207	$content .= '<a href="'.$list_file.'?page='.$vars['last_page'].$page_params.'"><img src="../themes/iprg/images/btn_back.png" border="0"></a> ';
	208	}
	209	$content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
	210	if($vars['show_page_next'] == 1){
	211	$content .= '<a href="'.$list_file.'?page='.$vars['next_page'].$page_params.'"><img src="../themes/iprg/images/btn_next.png" border="0"></a>   ';
	212	} else{
	213	$content .= ' ';
	214	}
	215	$content .= '<a href="'.$list_file.'?page='.$vars['pages'].$page_params.'"> <img src="../themes/iprg/images/btn_right.png" border="0"></a>';
	216	return $content;
	217	}
	218
	219	public function getPagingHTMLasTXT($vars)
	220	{
	221	global $app;
	222	$page_params = $vars['page_params'];
	223	$list_file = $vars['list_file'];
	224	$content = '[<a href="'.$list_file.'?page=0'.$page_params.'">\|<< </a>]';
	225	if($vars['show_page_back'] == 1){
	226	$content .= '[<< <a href="'.$list_file.'?page='.$vars['last_page'].$page_params.'">'.$app->lng('Back').'</a>] ';
	227	}
	228	$content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
	229	if($vars['show_page_next'] == 1){
	230	$content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$page_params.'">'.$app->lng('Next').' >></a>] ';
	231	}
	232	$content .= '[<a href="'.$list_file.'?page='.$vars['pages'].$page_params.'"> >>\|</a>]';
	233	return $content;
	234	}
	235
	236	public function getSortSQL()
	237	{
	238	$sort_field = $this->listDef['sort_field'];
	239	$sort_direction = $this->listDef['sort_direction'];
	240	return ($sort_field != '' && $sort_direction != '') ? "ORDER BY $sort_field $sort_direction" : '';
	241	}
	242
	243	public function saveSearchSettings($searchresult_name)
	244	{
	245	global $app, $conf;
	246
8500be	247	$list_name = $this->listDef['name'];
T	248	$settings = $_SESSION['search'][$list_name];
	249	unset($settings['page']);
2af58c	250	$data = serialize($settings);
b1a6a5	251
8500be	252	$userid = $_SESSION['s']['user']['userid'];
T	253	$groupid = $_SESSION['s']['user']['default_group'];
	254	$sys_perm_user = 'riud';
	255	$sys_perm_group = 'r';
	256	$sys_perm_other = '';
	257	$module = $_SESSION['s']['module']['name'];
	258	$searchform = $this->listDef['name'];
	259	$title = $searchresult_name;
b1a6a5	260
8500be	261	$sql = 'INSERT INTO `searchform` ( '
b1a6a5	262	.'`sys_userid` , `sys_groupid` , `sys_perm_user` , `sys_perm_group` , `sys_perm_other` , `module` , `searchform` , `title` , `data` '
2af58c	263	.')VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)';
MC	264	$app->db->query($sql, $userid, $groupid, $sys_perm_user, $sys_perm_group, $sys_perm_other, $module, $searchform, $title, $data);
8500be	265	}
T	266
b1a6a5	267	public function decode($record)
MC	268	{
	269	global $app;
	270	if(is_array($record)) {
	271	foreach($this->listDef['item'] as $field) {
	272	$key = $field['field'];
	273	switch ($field['datatype'])
	274	{
	275	case 'DATE':
	276	if($val > 0) {
	277	$record[$key] = date($this->dateformat, $record[$key]);
	278	}
	279	break;
8500be	280
b1a6a5	281	case 'INTEGER':
MC	282	$record[$key] = $app->functions->intval($record[$key]);
	283	break;
8500be	284
b1a6a5	285	case 'DOUBLE':
MC	286	$record[$key] = $record[$key];
	287	break;
8500be	288
b1a6a5	289	case 'CURRENCY':
MC	290	$record[$key] = number_format($record[$key], 2, ',', '');
	291	break;
8500be	292
T	293
b1a6a5	294	case 'VARCHAR':
MC	295	case 'TEXT':
	296	default:
	297	$record[$key] = stripslashes($record[$key]);
	298	break;
	299	}
	300	}
	301	}
	302	return $record;
	303	}
	304
2af58c	305	/* TODO: check for double quoting mysql value */
b1a6a5	306	public function encode($record)
MC	307	{
	308	global $app;
	309	if(is_array($record)) {
	310	foreach($this->listDef['item'] as $field) {
	311	$key = $field['field'];
	312	switch ($field['datatype'])
	313	{
	314	case 'VARCHAR':
	315	case 'TEXT':
	316	if(!is_array($record[$key])) {
	317	$record[$key] = $app->db->quote($record[$key]);
	318	} else {
	319	$record[$key] = implode($this->tableDef[$key]['separator'], $record[$key]);
	320	}
	321	break;
	322
	323	case 'DATE':
	324	if($record[$key] > 0) {
	325	list($tag, $monat, $jahr) = explode('.', $record[$key]);
	326	$record[$key] = mktime(0, 0, 0, $monat, $tag, $jahr);
	327	}
	328	break;
	329
	330	case 'INTEGER':
	331	$record[$key] = $app->functions->intval($record[$key]);
	332	break;
	333
	334	case 'DOUBLE':
	335	$record[$key] = $app->db->quote($record[$key]);
	336	break;
	337
	338	case 'CURRENCY':
	339	$record[$key] = str_replace(',', '.', $record[$key]);
	340	break;
	341	}
	342	}
	343	}
	344	return $record;
	345	}
	346
8500be	347	}
T	348
29c974	349	?>