gitlabFork/ISPConfig3.git - Solinfo Gitblit

Merge remote-tracking branch 'ispc/stable-3.0.5' into stable-3.0.5

Marius Cramer

2014-08-13 42539643c396f9d8865dcf9a51b13dc869709d16

commit \| author \| age
532ae5	1	<?php
L	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class auth {
	32	var $client_limits = null;
	33
	34	public function get_user_id()
	35	{
5308a8	36	global $app;
604c0c	37	return $app->functions->intval($_SESSION['s']['user']['userid']);
532ae5	38	}
7fe908	39
532ae5	40	public function is_admin() {
L	41	if($_SESSION['s']['user']['typ'] == 'admin') {
	42	return true;
	43	} else {
	44	return false;
	45	}
7fe908	46	}
MC	47
532ae5	48	public function has_clients($userid) {
L	49	global $app, $conf;
7fe908	50
65ea2e	51	$userid = $app->functions->intval($userid);
532ae5	52	$client = $app->db->queryOneRecord("SELECT client.limit_client FROM sys_user, client WHERE sys_user.userid = $userid AND sys_user.client_id = client.client_id");
71c5c2	53	if($client['limit_client'] != 0) {
532ae5	54	return true;
L	55	} else {
	56	return false;
	57	}
	58	}
7fe908	59
532ae5	60	//** This function adds a given group id to a given user.
7fe908	61	public function add_group_to_user($userid, $groupid) {
532ae5	62	global $app;
7fe908	63
65ea2e	64	$userid = $app->functions->intval($userid);
M	65	$groupid = $app->functions->intval($groupid);
7fe908	66
532ae5	67	if($userid > 0 && $groupid > 0) {
L	68	$user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $userid");
7fe908	69	$groups = explode(',', $user['groups']);
MC	70	if(!in_array($groupid, $groups)) $groups[] = $groupid;
	71	$groups_string = implode(',', $groups);
532ae5	72	$sql = "UPDATE sys_user SET groups = '$groups_string' WHERE userid = $userid";
L	73	$app->db->query($sql);
	74	return true;
	75	} else {
	76	return false;
	77	}
	78	}
	79
	80	//** This function returns given client limit as integer, -1 means no limit
	81	public function get_client_limit($userid, $limitname)
	82	{
	83	global $app;
604c0c	84
TB	85	$userid = $app->functions->intval($userid);
	86
532ae5	87	// simple query cache
7fe908	88	if($this->client_limits===null)
532ae5	89	$this->client_limits = $app->db->queryOneRecord("SELECT client.* FROM sys_user, client WHERE sys_user.userid = $userid AND sys_user.client_id = client.client_id");
7fe908	90
532ae5	91	// isn't client -> no limit
L	92	if(!$this->client_limits)
	93	return -1;
7fe908	94
532ae5	95	if(isset($this->client_limits['limit_'.$limitname])) {
L	96	return $this->client_limits['limit_'.$limitname];
7fe908	97	}
MC	98	}
	99
532ae5	100	//** This function removes a given group id from a given user.
7fe908	101	public function remove_group_from_user($userid, $groupid) {
532ae5	102	global $app;
7fe908	103
65ea2e	104	$userid = $app->functions->intval($userid);
M	105	$groupid = $app->functions->intval($groupid);
7fe908	106
532ae5	107	if($userid > 0 && $groupid > 0) {
L	108	$user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $userid");
7fe908	109	$groups = explode(',', $user['groups']);
MC	110	$key = array_search($groupid, $groups);
532ae5	111	unset($groups[$key]);
7fe908	112	$groups_string = implode(',', $groups);
532ae5	113	$sql = "UPDATE sys_user SET groups = '$groups_string' WHERE userid = $userid";
L	114	$app->db->query($sql);
	115	return true;
	116	} else {
	117	return false;
	118	}
	119	}
7fe908	120
532ae5	121	public function check_module_permissions($module) {
L	122	// Check if the current user has the permissions to access this module
7fe908	123	if(!stristr($_SESSION["s"]["user"]["modules"], $module)) {
532ae5	124	// echo "LOGIN_REDIRECT:/index.php";
L	125	header("Location: /index.php");
	126	exit;
	127	}
	128	}
7fe908	129
f9c7f3	130	public function get_random_password($length = 8) {
T	131	$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
	132	$password = '';
	133	for ($n=0;$n<$length;$n++) {
7fe908	134	$password.=$base64_alphabet[mt_rand(0, 63)];
f9c7f3	135	}
T	136	return $password;
	137	}
7fe908	138
c614f1	139	public function crypt_password($cleartext_password) {
T	140	$salt="$1$";
	141	$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
	142	for ($n=0;$n<8;$n++) {
7fe908	143	$salt.=$base64_alphabet[mt_rand(0, 63)];
c614f1	144	}
T	145	$salt.="$";
7fe908	146	return crypt($cleartext_password, $salt);
c614f1	147	}
7fe908	148
532ae5	149	}
L	150
7fe908	151	?>