gitlabFork/ISPConfig3.git - Solinfo Gitblit

- don't set password via remoting if field is empty

Marius Cramer

2015-08-06 37b29231e47a0c4458dc1c15d98588f16f07e1e2

commit \| author \| age
142907	1	<?php
T	2	/*
	3	Copyright (c) 2010 Till Brehm, projektfarm Gmbh and Oliver Vogel www.muv.com
	4	All rights reserved.
	5
	6	Redistribution and use in source and binary forms, with or without modification,
	7	are permitted provided that the following conditions are met:
	8
	9	* Redistributions of source code must retain the above copyright notice,
	10	this list of conditions and the following disclaimer.
	11	* Redistributions in binary form must reproduce the above copyright notice,
	12	this list of conditions and the following disclaimer in the documentation
	13	and/or other materials provided with the distribution.
	14	* Neither the name of ISPConfig nor the names of its contributors
	15	may be used to endorse or promote products derived from this software without
	16	specific prior written permission.
	17
	18	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	19	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	20	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	21	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	22	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	23	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	24	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	25	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	26	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	27	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	28	*/
	29
	30
	31	/******************************************
	32	* Begin Form configuration
	33	******************************************/
	34
	35	$tform_def_file = "form/domain.tform.php";
	36
	37	/******************************************
	38	* End Form configuration
	39	******************************************/
	40
7fe908	41	require_once '../../lib/config.inc.php';
MC	42	require_once '../../lib/app.inc.php';
142907	43
T	44	//* Check permissions for module
	45	$app->auth->check_module_permissions('client');
	46
	47	// Loading classes
	48	$app->uses('tpl,tform,tform_actions');
	49	$app->load('tform_actions');
	50
	51	//* load language file
	52	$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'.lng';
7fe908	53	include $lng_file;
142907	54
554c40	55
142907	56	class page_action extends tform_actions {
T	57
	58	function onShowNew() {
	59	global $app, $conf, $wb;
	60
	61	// Only admins can add domains, so we don't need any check
	62
	63	$app->tpl->setVar($wb);
	64
	65	parent::onShowNew();
	66	}
	67
	68	function onShowEnd() {
	69	global $app, $conf, $wb;
b4284d	70
TB	71	if($_SESSION["s"]["user"]["typ"] != 'admin' && $this->id == 0) {
	72	if(!$app->tform->checkClientLimit('limit_domainmodule')) {
	73	$app->uses('ini_parser,getconf');
	74	$settings = $app->getconf->get_global_config('domains');
	75	if ($settings['use_domain_module'] == 'y') {
	76	$app->error($settings['new_domain_html']);
	77	}
	78	}
	79	}
142907	80
T	81	if($_SESSION["s"]["user"]["typ"] == 'admin') {
	82	// Getting Clients of the user
332ae5	83	//$sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0 ORDER BY name";
ca4b71	84	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
142907	85	$clients = $app->db->queryAllRecords($sql);
T	86	$client_select = '';
	87	if($_SESSION["s"]["user"]["typ"] == 'admin') $client_select .= "<option value='0'></option>";
	88	$tmp_data_record = $app->tform->getDataRecord($this->id);
	89	if(is_array($clients)) {
	90	foreach( $clients as $client) {
	91	$selected = ($client["groupid"] == $tmp_data_record["sys_groupid"])?'SELECTED':'';
56cef7	92	$client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
142907	93	}
T	94	}
7fe908	95	$app->tpl->setVar("client_group_id", $client_select);
142907	96
b4284d	97	} else {
TB	98	// Get the limits of the client
	99	$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
9d9833	100	$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
b4284d	101
TB	102	// Fill the client select field
cc7a82	103	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
b4284d	104	//die($sql);
cc7a82	105	$records = $app->db->queryAllRecords($sql, $client['client_id']);
MC	106	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client['client_id']);
b4284d	107	$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
TB	108	//$tmp_data_record = $app->tform->getDataRecord($this->id);
	109	if(is_array($records)) {
	110	$selected_client_group_id = 0; // needed to get list of PHP versions
	111	foreach( $records as $rec) {
	112	if(is_array($this->dataRecord) && ($rec["groupid"] == $this->dataRecord['client_group_id'] \|\| $rec["groupid"] == $this->dataRecord['sys_groupid']) && !$selected_client_group_id) $selected_client_group_id = $rec["groupid"];
	113	$selected = @(is_array($this->dataRecord) && ($rec["groupid"] == $this->dataRecord['client_group_id'] \|\| $rec["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
	114	if($selected == 'SELECTED') $selected_client_group_id = $rec["groupid"];
	115	$client_select .= "<option value='$rec[groupid]' $selected>$rec[contactname]</option>\r\n";
	116	}
	117	}
	118	$app->tpl->setVar("client_group_id", $client_select);
142907	119	}
T	120
	121	if($this->id > 0) {
	122	//* we are editing a existing record
	123	$app->tpl->setVar("edit_disabled", 1);
	124	} else {
	125	$app->tpl->setVar("edit_disabled", 0);
	126	}
	127
	128	$app->tpl->setVar($wb);
	129
	130	parent::onShowEnd();
	131	}
	132
	133	function onSubmit() {
	134	global $app, $conf, $wb;
	135
	136	if($_SESSION["s"]["user"]["typ"] == 'admin') {
	137	if ($this->id == 0) {
	138	/*
	139	* We create a new record
	140	*/
	141	// Check if the user is empty
	142	if(isset($this->dataRecord['client_group_id']) && $this->dataRecord['client_group_id'] == 0) {
	143	$app->tform->errorMessage .= $wb['error_client_group_id_empty'];
	144	}
	145	//* make sure that the domain is lowercase
	146	if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
	147	}
	148	else {
	149	/*
e9bb05	150	* We edit a existing one, but domain name can't be changed
142907	151	*/
e9bb05	152	$oldData = $app->tform->getDataRecord($this->id);
SC	153	$this->dataRecord["domain"] = $oldData["domain"];
142907	154	}
b4284d	155	} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
TB	156	if ($this->id == 0) {
	157	/*
	158	* We create a new record
	159	*/
	160	// Check if the user is empty
	161	if(isset($this->dataRecord['client_group_id']) && $this->dataRecord['client_group_id'] == 0) {
	162	$app->tform->errorMessage .= $wb['error_client_group_id_empty'];
	163	}
	164	//* make sure that the domain is lowercase
	165	if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
	166	}
	167	else {
	168	/*
5dc7c8	169	* We edit a existing one, but domain name can't be changed
b4284d	170	*/
5dc7c8	171	$oldData = $app->tform->getDataRecord($this->id);
SC	172	$this->dataRecord["domain"] = $oldData["domain"];
b4284d	173	}
142907	174	} else {
T	175	if($this->id > 0) {
	176	/*
	177	* Clients may not edit anything, so we reset the old data
	178	*/
	179	$this->dataRecord = $app->tform->getDataRecord($this->id);
	180	} else {
	181	/*
	182	* clients may not create a new domain
	183	*/
	184	$app->error($wb['error_client_can_not_add_domain']);
	185	}
	186	}
	187
	188	$app->tpl->setVar($wb);
	189
	190	parent::onSubmit();
	191	}
	192
	193	function onAfterInsert() {
	194	global $app, $conf;
	195
	196	// make sure that the record belongs to the client group and not the admin group when admin inserts it
	197	// also make sure that the user can not delete domain created by a admin
6227d7	198	if(($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) \|\| ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid']))) {
65ea2e	199	$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
cc7a82	200	$app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
142907	201	}
T	202	}
7fe908	203
e9bb05	204	function onAfterUpdate() {
SC	205	global $app, $conf;
	206
5dc7c8	207	if($_SESSION["s"]["user"]["typ"] != 'admin' && isset($this->dataRecord["client_group_id"])) {
SC	208	$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
cc7a82	209	$client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
MC	210	$group = $app->db->queryOneRecord("SELECT sys_group.groupid FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? AND sys_group.groupid = ? ORDER BY client.company_name, client.contact_name, sys_group.name", $client['client_id'], $this->dataRecord["client_group_id"]);
5dc7c8	211	$this->dataRecord["client_group_id"] = $group["groupid"];
cc7a82	212	}
5dc7c8	213
e9bb05	214	// make sure that the record belongs to the client group and not the admin group when admin inserts it
SC	215	// also make sure that the user can not delete domain created by a admin
5dc7c8	216	if(isset($this->dataRecord["client_group_id"])) {
e9bb05	217	$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
cc7a82	218	$app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
03aed0	219
SC	220	$data = new tform_actions();
	221	$tform = $app->tform;
	222	$app->tform = new tform();
	223
	224	$app->tform->loadFormDef("../dns/form/dns_soa.tform.php");
cc7a82	225	$data->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE origin = ?", $this->dataRecord['domain'].".");
03aed0	226	if ($data->oldDataRecord) {
SC	227	$data->dataRecord = array_merge($data->oldDataRecord, array('client_group_id' => $this->dataRecord["client_group_id"]));
	228	$data->id = $data->dataRecord['id'];
	229	$app->plugin->raiseEvent("dns:dns_soa:on_after_update", $data);
	230	}
	231
	232	$app->tform->loadFormDef("../dns/form/dns_slave.tform.php");
cc7a82	233	$data->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM dns_slave WHERE origin = ?", $this->dataRecord['domain'].".");
03aed0	234	if ($data->oldDataRecord) {
SC	235	$data->dataRecord = array_merge($data->oldDataRecord, array('client_group_id' => $this->dataRecord["client_group_id"]));
	236	$data->id = $data->dataRecord['id'];
	237	$app->plugin->raiseEvent("dns:dns_slave:on_after_update", $data);
	238	}
	239
	240	$app->tform->loadFormDef("../mail/form/mail_domain.tform.php");
cc7a82	241	$data->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM mail_domain WHERE domain = ?", $this->dataRecord['domain']);
03aed0	242	if ($data->oldDataRecord) {
SC	243	$data->dataRecord = array_merge($data->oldDataRecord, array('client_group_id' => $this->dataRecord["client_group_id"]));
	244	$data->id = $data->dataRecord['domain_id'];
	245	$app->plugin->raiseEvent("mail:mail_domain:on_after_update", $data);
	246	}
	247
	248	$app->tform->loadFormDef("../sites/form/web_vhost_domain.tform.php");
cc7a82	249	$data->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain = ?", $this->dataRecord['domain']);
03aed0	250	if ($data->oldDataRecord) {
SC	251	$data->dataRecord = array_merge($data->oldDataRecord, array('client_group_id' => $this->dataRecord["client_group_id"]));
	252	$data->id = $data->dataRecord['domain_id'];
	253	$app->plugin->raiseEvent("sites:web_vhost_domain:on_after_update", $data);
	254	}
	255
	256	$app->tform = $tform;
e9bb05	257	}
SC	258	}
	259
142907	260	}
T	261
	262	$page = new page_action;
	263	$page->onLoad();
	264
7fe908	265	?>