gitlabFork/ISPConfig3.git - Solinfo Gitblit

- don't set password via remoting if field is empty

Marius Cramer

2015-08-06 37b29231e47a0c4458dc1c15d98588f16f07e1e2

commit \| author \| age
443d7e	1	<?php
T	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	/******************************************
	32	* Begin Form configuration
	33	******************************************/
	34
	35	$tform_def_file = "form/dns_soa.tform.php";
	36
	37	/******************************************
	38	* End Form configuration
	39	******************************************/
	40
b1a6a5	41	require_once '../../lib/config.inc.php';
MC	42	require_once '../../lib/app.inc.php';
443d7e	43
T	44	//* Check permissions for module
	45	$app->auth->check_module_permissions('dns');
	46
	47	// Loading classes
	48	$app->uses('tpl,tform,tform_actions,validate_dns');
	49	$app->load('tform_actions');
	50
	51	class page_action extends tform_actions {
b1a6a5	52
b0dec8	53	function onShow() {
T	54	global $app;
	55	//* Reset the page number of the list form for the dns
	56	//* records to 0 if we are on the first tab of the soa form.
	57	if($app->tform->getNextTab() == 'dns_soa') {
	58	$_SESSION['search']['dns_a']['page'] = 0;
	59	}
	60	parent::onShow();
	61	}
b1a6a5	62
443d7e	63	function onShowNew() {
T	64	global $app, $conf;
b1a6a5	65
443d7e	66	// we will check only users, not admins
T	67	if($_SESSION["s"]["user"]["typ"] == 'user') {
3cebc3	68	if(!$app->tform->checkClientLimit('limit_dns_zone')) {
T	69	$app->error($app->tform->wordbook["limit_dns_zone_txt"]);
	70	}
	71	if(!$app->tform->checkResellerLimit('limit_dns_zone')) {
	72	$app->error('Reseller: '.$app->tform->wordbook["limit_dns_zone_txt"]);
443d7e	73	}
41d7d1	74	} else {
SC	75	$settings = $app->getconf->get_global_config('dns');
	76	$app->tform->formDef['tabs']['dns_soa']['fields']['server_id']['default'] = intval($settings['default_dnsserver']);
443d7e	77	}
b1a6a5	78
443d7e	79	parent::onShowNew();
T	80	}
b1a6a5	81
443d7e	82	function onShowEnd() {
T	83	global $app, $conf;
b1a6a5	84
3e94c8	85	$app->uses('ini_parser,getconf');
SC	86	$settings = $app->getconf->get_global_config('domains');
	87
	88	/*
	89	* Now we have to check, if we should use the domain-module to select the domain
	90	* or not
	91	*/
	92	if ($settings['use_domain_module'] != 'y') {
	93	// If user is admin, we will allow him to select to whom this record belongs
	94	if($_SESSION["s"]["user"]["typ"] == 'admin') {
	95	// Getting Domains of the user
	96	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
	97	$clients = $app->db->queryAllRecords($sql);
	98	$client_select = '';
	99	if($_SESSION["s"]["user"]["typ"] == 'admin') $client_select .= "<option value='0'></option>";
	100	//$tmp_data_record = $app->tform->getDataRecord($this->id);
	101	if(is_array($clients)) {
	102	foreach( $clients as $client) {
	103	$selected = @(is_array($this->dataRecord) && ($client["groupid"] == $this->dataRecord['client_group_id'] \|\| $client["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
	104	$client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
	105	}
443d7e	106	}
3e94c8	107	$app->tpl->setVar("client_group_id", $client_select);
SC	108	} else if($app->auth->has_clients($_SESSION['s']['user']['userid'])) {
b1a6a5	109
MC	110	// Get the limits of the client
35509d	111	$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
cc7a82	112	$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
b1a6a5	113
MC	114	// Fill the client select field
cc7a82	115	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
MC	116	$clients = $app->db->queryAllRecords($sql, $client['client_id']);
	117	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client['client_id']);
b1a6a5	118	$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
MC	119	//$tmp_data_record = $app->tform->getDataRecord($this->id);
	120	if(is_array($clients)) {
	121	foreach( $clients as $client) {
	122	$selected = @(is_array($this->dataRecord) && ($client["groupid"] == $this->dataRecord['client_group_id'] \|\| $client["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':'';
	123	$client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
	124	}
0fd51f	125	}
b1a6a5	126	$app->tpl->setVar("client_group_id", $client_select);
MC	127
0fd51f	128	}
3e94c8	129	}
b1a6a5	130
18f479	131	// }
b1a6a5	132
015dff	133	if($_SESSION["s"]["user"]["typ"] != 'admin')
MC	134	{
	135	$client_group_id = $_SESSION["s"]["user"]["default_group"];
cc7a82	136	$client_dns = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
b1a6a5	137
015dff	138	$client_dns['dns_servers_ids'] = explode(',', $client_dns['dns_servers']);
b1a6a5	139
015dff	140	$only_one_server = count($client_dns['dns_servers_ids']) === 1;
MC	141	$app->tpl->setVar('only_one_server', $only_one_server);
b1a6a5	142
015dff	143	if ($only_one_server) {
MC	144	$app->tpl->setVar('server_id_value', $client_dns['dns_servers_ids'][0]);
	145	}
	146
cc7a82	147	$sql = "SELECT server_id, server_name FROM server WHERE server_id IN ?";
MC	148	$dns_servers = $app->db->queryAllRecords($sql, $client_dns['dns_servers_ids']);
015dff	149
MC	150	$options_dns_servers = "";
	151
	152	foreach ($dns_servers as $dns_server) {
75b7fc	153	$options_dns_servers .= '<option value="'.$dns_server['server_id'].'"'.($this->id > 0 && $this->dataRecord["server_id"] == $dns_server['server_id'] ? ' selected="selected"' : '').'>'.$dns_server['server_name'].'</option>';
015dff	154	}
MC	155
	156	$app->tpl->setVar("client_server_id", $options_dns_servers);
	157	unset($options_dns_servers);
	158
	159	}
	160
021ef6	161	if ($settings['use_domain_module'] == 'y') {
SC	162	/*
	163	* The domain-module is in use.
	164	*/
9ec304	165	$domains = $app->tools_sites->getDomainModuleDomains("dns_soa", $this->dataRecord["origin"]);
021ef6	166	$domain_select = '';
SC	167	if(is_array($domains) && sizeof($domains) > 0) {
	168	/* We have domains in the list, so create the drop-down-list */
	169	foreach( $domains as $domain) {
	170	$domain_select .= "<option value=" . $domain['domain_id'] ;
	171	if ($domain['domain'].'.' == $this->dataRecord["origin"]) {
	172	$domain_select .= " selected";
	173	}
	174	$domain_select .= ">" . $app->functions->idn_decode($domain['domain']) . ".</option>\r\n";
	175	}
	176	}
	177	else {
	178	/*
	179	* We have no domains in the domain-list. This means, we can not add ANY new domain.
	180	* To avoid, that the variable "domain_option" is empty and so the user can
	181	* free enter a domain, we have to create a empty option!
	182	*/
	183	$domain_select .= "<option value=''></option>\r\n";
	184	}
	185	$app->tpl->setVar("domain_option", $domain_select);
	186	}
	187
015dff	188	if($this->id > 0) {
MC	189	//* we are editing a existing record
	190	$app->tpl->setVar("edit_disabled", 1);
	191	$app->tpl->setVar("server_id_value", $this->dataRecord["server_id"]);
	192	} else {
	193	$app->tpl->setVar("edit_disabled", 0);
	194	}
	195
	196	parent::onShowEnd();
	197	}
	198
	199	function onSubmit() {
	200	global $app, $conf;
	201
a67681	202	if ($app->tform->getCurrentTab() == 'dns_soa') {
SC	203	/* check if the domain module is used - and check if the selected domain can be used! */
	204	$app->uses('ini_parser,getconf');
	205	$settings = $app->getconf->get_global_config('domains');
	206	if ($settings['use_domain_module'] == 'y') {
	207	if ($_SESSION["s"]["user"]["typ"] == 'admin' \|\| $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
	208	$this->dataRecord['client_group_id'] = $app->tools_sites->getClientIdForDomain($this->dataRecord['origin']);
	209	}
	210	$domain_check = $app->tools_sites->checkDomainModuleDomain($this->dataRecord['origin']);
	211	if(!$domain_check) {
	212	// invalid domain selected
	213	$app->tform->errorMessage .= $app->tform->lng("origin_error_empty")."<br />";
	214	} else {
	215	$this->dataRecord['origin'] = $domain_check.'.';
	216	}
015dff	217	}
MC	218
a67681	219	if($_SESSION["s"]["user"]["typ"] != 'admin') {
SC	220	// Get the limits of the client
	221	$client_group_id = $_SESSION["s"]["user"]["default_group"];
cc7a82	222	$client = $app->db->queryOneRecord("SELECT limit_dns_zone, dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
a67681	223
SC	224	$client['dns_servers_ids'] = explode(',', $client['dns_servers']);
	225
	226	// Check if chosen server is in authorized servers for this client
	227	if (!(is_array($client['dns_servers_ids']) && in_array($this->dataRecord["server_id"], $client['dns_servers_ids'])) && $_SESSION["s"]["user"]["typ"] != 'admin') {
	228	$app->error($app->tform->wordbook['error_not_allowed_server_id']);
	229	}
	230
	231	// When the record is updated
	232	if($this->id > 0) {
	233	// restore the server ID if the user is not admin and record is edited
cc7a82	234	$tmp = $app->db->queryOneRecord("SELECT server_id FROM dns_soa WHERE id = ?", $this->id);
a67681	235	$this->dataRecord["server_id"] = $tmp["server_id"];
SC	236	unset($tmp);
	237	// When the record is inserted
	238	} else {
	239	// Check if the user may add another maildomain.
	240	if($client["limit_dns_zone"] >= 0) {
cc7a82	241	$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_soa WHERE sys_groupid = ?", $client_group_id);
a67681	242	if($tmp["number"] >= $client["limit_dns_zone"]) {
SC	243	$app->error($app->tform->wordbook["limit_dns_zone_txt"]);
	244	}
443d7e	245	}
T	246	}
	247	}
a67681	248
SC	249	//* Check if soa, ns and mbox have a dot at the end
	250	if(strlen($this->dataRecord["origin"]) > 0 && substr($this->dataRecord["origin"], -1, 1) != '.') $this->dataRecord["origin"] .= '.';
	251	if(strlen($this->dataRecord["ns"]) > 0 && substr($this->dataRecord["ns"], -1, 1) != '.') $this->dataRecord["ns"] .= '.';
	252	if(strlen($this->dataRecord["mbox"]) > 0 && substr($this->dataRecord["mbox"], -1, 1) != '.') $this->dataRecord["mbox"] .= '.';
	253
	254	//* Replace @ in mbox
	255	if(stristr($this->dataRecord["mbox"], '@')) {
	256	$this->dataRecord["mbox"] = str_replace('@', '.', $this->dataRecord["mbox"]);
	257	}
	258
	259	$this->dataRecord["xfer"] = preg_replace('/\s+/', '', $this->dataRecord["xfer"]);
	260	$this->dataRecord["also_notify"] = preg_replace('/\s+/', '', $this->dataRecord["also_notify"]);
	261
	262	//* Check if a secondary zone with the same name already exists
	263	$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_slave WHERE origin = ? AND server_id = ?", $this->dataRecord["origin"], $this->dataRecord["server_id"]);
	264	if($tmp["number"] > 0) {
	265	$app->error($app->tform->wordbook["origin_error_unique"]);
	266	}
015dff	267	}
MC	268	parent::onSubmit();
	269	}
355efb	270
015dff	271	function onBeforeUpdate () {
MC	272	global $app, $conf;
	273
	274	//* Check if the server has been changed
	275	// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
02e7ea	276	if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord['origin'])) {
015dff	277	//* We do not allow users to change a domain which has been created by the admin
cc7a82	278	$rec = $app->db->queryOneRecord("SELECT origin from dns_soa WHERE id = ?", $this->id);
02e7ea	279	$drOrigin = $app->functions->idn_encode($this->dataRecord['origin']);
eebf5b	280
PA	281	if($rec['origin'] !== $drOrigin && $app->tform->checkPerm($this->id, 'u')) {
015dff	282	//* Add a error message and switch back to old server
02e7ea	283	$app->tform->errorMessage .= $app->tform->wordbook["soa_cannot_be_changed_txt"];
015dff	284	$this->dataRecord["origin"] = $rec['origin'];
MC	285	}
	286	unset($rec);
	287	}
	288	}
b1a6a5	289
443d7e	290	}
T	291
	292	$page = new page_action;
	293	$page->onLoad();
	294
a59731	295	?>