gitlabFork/ISPConfig3.git - Solinfo Gitblit

Marius Burkard

2016-04-20 4569cae57f127afd093794310ccd290d2d9fdf36

commit \| author \| age
fbdcc4	1	<?php
T	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29
	30	--UPDATED 08.2009--
	31	Full SOAP support for ISPConfig 3.1.4 b
	32	Updated by Arkadiusz Roch & Artur Edelman
	33	Copyright (c) Tri-Plex technology
	34
	35	*/
	36
	37	/**
b1a6a5	38	* Formularbehandlung
MC	39	*
	40	* Functions to validate, display and save form values
	41	*
	42	* Database table field definitions
	43	*
	44	* Datatypes:
	45	* - INTEGER (Converts data to int automatically)
	46	* - DOUBLE
	47	* - CURRENCY (Formats digits in currency notation)
	48	* - VARCHAR (No format check)
	49	* - DATE (Date format, converts from and to UNIX timestamps automatically)
	50	*
	51	* Formtype:
	52	* - TEXT (Normal text field)
	53	* - PASSWORD (password field, the content will not be displayed again to the user)
	54	* - SELECT (Option fiield)
	55	* - MULTIPLE (Allows selection of multiple values)
	56	*
	57	* VALUE:
	58	* - Value or array
	59	*
	60	* SEPARATOR
	61	* - separator char used for fileds with multiple values
	62	*
	63	* Hint: The auto increment (ID) filed of the table has not be be definied separately.
	64	*
	65	*/
	66
	67
a0b289	68	global $app;
5bff39	69	$app->load('tform_base');
M	70	class remoting_lib extends tform_base {
fbdcc4	71
b1a6a5	72
MC	73	// additional class variables
	74	var $sys_username;
	75	var $sys_userid;
	76	var $sys_default_group;
	77	var $sys_groups;
	78	var $client_id;
	79	var $dataRecord;
	80
	81
	82	//* Load the form definition from file. - special version for remoting
	83	// module parameter is only for compatibility with base class
	84	function loadFormDef($file, $module = '') {
	85	global $app, $conf;
	86
	87	include $file;
	88
	89	$this->formDef = $form;
	90	unset($this->formDef['tabs']);
	91
	92	//* Copy all fields from all tabs into one form definition
	93	foreach($form['tabs'] as $tab) {
	94	foreach($tab['fields'] as $key => $value) {
	95	$this->formDef['fields'][$key] = $value;
fbdcc4	96	}
b1a6a5	97	}
MC	98	unset($form);
	99
	100	$this->dateformat = $app->lng('conf_format_dateshort');
	101
	102	return true;
	103	}
	104
	105	//* Load the user profile
	106	function loadUserProfile($client_id_param = 0) {
	107	global $app, $conf;
	108
	109	$client_login = false;
	110	if(isset($_SESSION['client_login']) && isset($_SESSION['client_sys_userid']) && $_SESSION['client_login'] == 1) {
	111	$client_sys_userid = $app->functions->intval($_SESSION['client_sys_userid']);
	112
cc7a82	113	$client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_user, client WHERE sys_user.client_id = client.client_id and sys_user.userid = ?", $client_sys_userid);
b1a6a5	114
MC	115	$this->client_id = $client['client_id'];
	116	$client_login = true;
	117	} else {
	118	$this->client_id = $app->functions->intval($client_id_param);
	119	}
	120
	121	if($this->client_id == 0) {
	122	$this->sys_username = 'admin';
	123	$this->sys_userid = 1;
	124	$this->sys_default_group = 1;
	125	$this->sys_groups = 1;
	126	$_SESSION["s"]["user"]["typ"] = 'admin';
	127	} else {
cc7a82	128	$user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = ?", $this->client_id);
b1a6a5	129	$this->sys_username = $user['username'];
MC	130	$this->sys_userid = $user['userid'];
	131	$this->sys_default_group = $user['default_group'];
	132	$this->sys_groups = $user['groups'];
	133	// we have to force admin priveliges for the remoting API as some function calls might fail otherwise.
	134	if($client_login == false) $_SESSION["s"]["user"]["typ"] = 'admin';
	135	}
	136
	137	$_SESSION["s"]["user"]["username"] = $this->sys_username;
	138	$_SESSION["s"]["user"]["userid"] = $this->sys_userid;
	139	$_SESSION["s"]["user"]["default_group"] = $this->sys_default_group;
	140	$_SESSION["s"]["user"]["groups"] = $this->sys_groups;
	141	$_SESSION["s"]["user"]["client_id"] = $this->client_id;
03c48f	142
T	143	return true;
b1a6a5	144	}
fbdcc4	145
T	146
b1a6a5	147	/**
MC	148	* Converts the data in the array to human readable format
	149	* Datatype conversion e.g. to show the data in lists
	150	* tab parameter is only there for compatibility with params of base class
	151	*
	152	* @param record
	153	* @return record
	154	*/
	155	function decode($record, $tab = '') {
	156	return $this->_decode($record, '', true);
	157	}
fbdcc4	158
T	159
b1a6a5	160	/**
MC	161	* Get the key => value array of a form filled from a datasource definitiom
	162	* dummy parameter is only there for compatibility with params of base class
	163	*
	164	* @param field = array with field definition
	165	* @param record = Dataset as array
	166	* @return key => value array for the value field of a form
	167	*/
	168	function getDatasourceData($field, $record, $dummy = '') {
	169	return $this->_getDatasourceData($field, $record, true);
	170	}
fbdcc4	171
T	172
b1a6a5	173	/**
MC	174	/**
	175	* Rewrite the record data to be stored in the database
	176	* and check values with regular expressions.
	177	*
	178	* @param record = Datensatz als Array
	179	* @return record
	180	*/
472196	181	function encode($record, $tab = '', $dbencode = true) {
b1a6a5	182	$new_record = $this->_encode($record, '', $dbencode, true);
MC	183	if(isset($record['_ispconfig_pw_crypted'])) $new_record['_ispconfig_pw_crypted'] = $record['_ispconfig_pw_crypted']; // this one is not in form definitions!
fbdcc4	184
b1a6a5	185	return $new_record;
MC	186	}
fbdcc4	187
T	188
b1a6a5	189	/**
MC	190	* Create SQL statement
	191	* dummy parameter is only there for compatibility with params of base class
	192	*
	193	* @param record = Datensatz als Array
	194	* @param action = INSERT oder UPDATE
	195	* @param primary_id
	196	* @return record
	197	*/
	198	function getSQL($record, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '', $dummy = '') {
	199
	200	global $app;
	201
	202	if(!is_array($this->formDef)) $app->error("Form definition not found.");
	203	$this->dataRecord = $record;
	204
	205	return $this->_getSQL($record, '', $action, $primary_id, $sql_ext_where, true);
	206	}
	207
	208	function getDeleteSQL($primary_id) {
	209
	210	if(stristr($this->formDef['db_table'], '.')) {
	211	$escape = '';
	212	} else {
fbdcc4	213	$escape = '`';
T	214	}
	215
b1a6a5	216	$sql = "DELETE FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id. " AND " . $this->getAuthSQL('d', $this->formDef['db_table']);
MC	217	return $sql;
	218	}
	219
	220	function getDataRecord($primary_id) {
	221	global $app;
	222	$escape = '`';
39dd4e	223	$this->loadUserProfile();
b1a6a5	224	if(@is_numeric($primary_id)) {
39dd4e	225	if($primary_id > 0) {
TB	226	// Return a single record
	227	return parent::getDataRecord($primary_id);
	228	} elseif($primary_id == -1) {
	229	// Return a array with all records
cc7a82	230	$sql = "SELECT * FROM ??";
MC	231	return $app->db->queryAllRecords($sql, $this->formDef['db_table']);
39dd4e	232	} else {
TB	233	throw new SoapFault('invalid_id', 'The ID has to be > 0 or -1.');
	234	return array();
	235	}
b1a6a5	236	} elseif (@is_array($primary_id) \|\| @is_object($primary_id)) {
MC	237	if(@is_object($primary_id)) $primary_id = get_object_vars($primary_id); // do not use cast (array)xxx because it returns private and protected properties!
	238	$sql_offset = 0;
	239	$sql_limit = 0;
	240	$sql_where = '';
3a11d2	241	$params = array($this->formDef['db_table']);
b1a6a5	242	foreach($primary_id as $key => $val) {
MC	243	if($key == '#OFFSET#') $sql_offset = $app->functions->intval($val);
	244	elseif($key == '#LIMIT#') $sql_limit = $app->functions->intval($val);
	245	elseif(stristr($val, '%')) {
6c2436	246	$sql_where .= "?? like ? AND ";
b1a6a5	247	} else {
6c2436	248	$sql_where .= "?? = ? AND ";
dbbaff	249	}
3a11d2	250	$params[] = $key;
MC	251	$params[] = $val;
dbbaff	252	}
b1a6a5	253	$sql_where = substr($sql_where, 0, -5);
MC	254	if($sql_where == '') $sql_where = '1';
cc7a82	255	$sql = "SELECT * FROM ?? WHERE ".$sql_where. " AND " . $this->getAuthSQL('r', $this->formDef['db_table']);
b1a6a5	256	if($sql_offset >= 0 && $sql_limit > 0) $sql .= ' LIMIT ' . $sql_offset . ',' . $sql_limit;
3a11d2	257	return $app->db->queryAllRecords($sql, true, $params);
b1a6a5	258	} else {
MC	259	$this->errorMessage = 'The ID must be either an integer or an array.';
	260	return array();
	261	}
	262	}
	263
	264	function ispconfig_sysuser_add($params, $insert_id){
	265	global $conf, $app, $sql1;
2af58c	266	$username = $params["username"];
MC	267	$password = $params["password"];
b1a6a5	268	if(!isset($params['modules'])) {
MC	269	$modules = $conf['interface_modules_enabled'];
	270	} else {
2af58c	271	$modules = $params['modules'];
b1a6a5	272	}
MC	273	if(isset($params['limit_client']) && $params['limit_client'] > 0) {
	274	$modules .= ',client';
	275	}
	276
	277	if(!isset($params['startmodule'])) {
	278	$startmodule = 'dashboard';
	279	} else {
2af58c	280	$startmodule = $params["startmodule"];
b1a6a5	281	if(!preg_match('/'.$startmodule.'/', $modules)) {
MC	282	$_modules = explode(',', $modules);
	283	$startmodule=$_modules[0];
	284	}
	285	}
2af58c	286	$usertheme = $params["usertheme"];
b1a6a5	287	$type = 'user';
MC	288	$active = 1;
	289	$insert_id = $app->functions->intval($insert_id);
2af58c	290	$language = $params["language"];
MC	291	$groupid = $app->db->datalogInsert('sys_group', array("name" => $username, "description" => "", "client_id" => $insert_id), 'groupid');
b1a6a5	292	$groups = $groupid;
MC	293	if(!isset($params['_ispconfig_pw_crypted']) \|\| $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($password));
	294	$sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
cc7a82	295	VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
MC	296	$app->db->query($sql1, $username,$password,$modules,$startmodule,$usertheme,$type,$active,$language,$groups,$groupid,$insert_id);
b1a6a5	297	}
MC	298
	299	function ispconfig_sysuser_update($params, $client_id){
	300	global $app;
2af58c	301	$username = $params["username"];
MC	302	$clear_password = $params["password"];
b1a6a5	303	$client_id = $app->functions->intval($client_id);
MC	304	if(!isset($params['_ispconfig_pw_crypted']) \|\| $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($clear_password));
	305	else $password = $clear_password;
cc7a82	306	$params = array($username);
MC	307	if ($clear_password) {
	308	$pwstring = ", passwort = ?";
	309	$params[] = $password;
	310	} else {
	311	$pwstring ="" ;
	312	}
	313	$params[] = $client_id;
	314	$sql = "UPDATE sys_user set username = ? $pwstring WHERE client_id = ?";
	315	$app->db->query($sql, true, $params);
b1a6a5	316	}
MC	317
	318	function ispconfig_sysuser_delete($client_id){
	319	global $app;
	320	$client_id = $app->functions->intval($client_id);
cc7a82	321	$sql = "DELETE FROM sys_user WHERE client_id = ?";
MC	322	$app->db->query($sql, $client_id);
	323	$sql = "DELETE FROM sys_group WHERE client_id = ?";
	324	$app->db->query($sql, $client_id);
b1a6a5	325	}
fbdcc4	326
T	327	}
	328
	329	?>