gitlabFork/ISPConfig3.git - Solinfo Gitblit

Disabled function calls to not yet implemented backtrace

Marius Cramer

2013-11-20 56364927166c1a0e15166433613add7f300ef7f6

commit \| author \| age
2dadd2	1	<?php
T	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
bd68aa	10	* Redistributions of source code must retain the above copyright notice,
MC	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
2dadd2	18
T	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	/**
b1a6a5	32	* Formularbehandlung
MC	33	*
	34	* Functions to validate, display and save form values
	35	*
	36	* Database table field definitions
	37	*
	38	* Datatypes:
	39	* - INTEGER (Converts data to int automatically)
	40	* - DOUBLE
	41	* - CURRENCY (Formats digits in currency notation)
	42	* - VARCHAR (No format check)
	43	* - DATE (Date format, converts from and to UNIX timestamps automatically)
	44	*
	45	* Formtype:
	46	* - TEXT (Normal text field)
	47	* - PASSWORD (password field, the content will not be displayed again to the user)
	48	* - SELECT (Option fiield)
	49	* - MULTIPLE (Allows selection of multiple values)
	50	*
	51	* VALUE:
	52	* - Value or array
	53	*
	54	* SEPARATOR
	55	* - separator char used for fileds with multiple values
	56	*
	57	* Hint: The auto increment (ID) filed of the table has not be be definied separately.
	58	*
	59	*/
	60
	61
a0b289	62	global $app;
5bff39	63	$app->load('tform_base');
M	64	class tform extends tform_base {
b1a6a5	65	/*
2332b2	66	This function checks if a user has the parmissions $perm for the data record with the ID $record_id
T	67	If record_id = 0, the the permissions are tested against the defaults of the form file.
	68	*/
b1a6a5	69	function checkPerm($record_id, $perm) {
MC	70	global $app;
2dadd2	71
35509d	72	$record_id = $app->functions->intval($record_id);
b1a6a5	73	if($record_id > 0) {
2dadd2	74	// Add backticks for incomplete table names.
b1a6a5	75	if(stristr($this->formDef['db_table'], '.')) {
05beae	76	$escape = '';
MC	77	} else {
	78	$escape = '`';
	79	}
	80
b1a6a5	81	$sql = "SELECT ".$this->formDef['db_table_idx']." FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$record_id." AND ".$this->getAuthSQL($perm);
MC	82	if($record = $app->db->queryOneRecord($sql)) {
2dadd2	83	return true;
T	84	} else {
	85	return false;
	86	}
b1a6a5	87	} else {
MC	88	$result = false;
	89	if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm, $this->formDef["auth_preset"]["perm_user"])) $result = true;
	90	if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm, $this->formDef["auth_preset"]["perm_group"])) $result = true;
	91	if(@stristr($this->formDef["auth_preset"]["perm_other"], $perm)) $result = true;
	92
	93	// if preset == 0, everyone can insert a record of this type
	94	if($this->formDef["auth_preset"]["userid"] == 0 and $this->formDef["auth_preset"]["groupid"] == 0 and (@stristr($this->formDef["auth_preset"]["perm_user"], $perm) or @stristr($this->formDef["auth_preset"]["perm_group"], $perm))) $result = true;
	95
	96	return $result;
	97
05beae	98	}
MC	99
b1a6a5	100	}
05beae	101
b1a6a5	102	function getNextTab() {
MC	103	// Which tab is shown
	104	if($this->errorMessage == '') {
	105	// If there is no error
	106	if(isset($_REQUEST["next_tab"]) && $_REQUEST["next_tab"] != '') {
	107	// If the next tab is known
	108	$active_tab = $_REQUEST["next_tab"];
2dadd2	109	} else {
b1a6a5	110	// else use the default tab
MC	111	$active_tab = $this->formDef['tab_default'];
2dadd2	112	}
b1a6a5	113	} else {
MC	114	// Show the same tab again in case of an error
	115	$active_tab = $_SESSION["s"]["form"]["tab"];
2dadd2	116	}
05beae	117
b1a6a5	118	return $active_tab;
MC	119	}
05beae	120
b1a6a5	121	function getCurrentTab() {
MC	122	return $_SESSION["s"]["form"]["tab"];
	123	}
05beae	124
b1a6a5	125	function isReadonlyTab($tab, $primary_id) {
MC	126	global $app, $conf;
	127
	128	// Add backticks for incomplete table names.
	129	if(stristr($this->formDef['db_table'], '.')) {
	130	$escape = '';
	131	} else {
	132	$escape = '`';
	133	}
	134
	135	$sql = "SELECT sys_userid FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
	136	$record = $app->db->queryOneRecord($sql);
	137
	138	// return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record.
	139	if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true && $record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) {
	140	return true;
	141	} else {
	142	return false;
	143	}
	144	}
	145
	146
	147	// translation function for forms, tries the form wordbook first and if this fails, it tries the global wordbook
	148	function lng($msg) {
	149	global $app, $conf;
	150
	151	if(isset($this->wordbook[$msg])) {
	152	return $this->wordbook[$msg];
	153	} else {
	154	return $app->lng($msg);
	155	}
	156
	157	}
	158
	159	function checkClientLimit($limit_name, $sql_where = '') {
	160	global $app;
	161
	162	$check_passed = true;
	163	$limit_name = $app->db->quote($limit_name);
	164	if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
	165
	166	// Get the limits of the client that is currently logged in
35509d	167	$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
b1a6a5	168	$client = $app->db->queryOneRecord("SELECT $limit_name as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
MC	169
	170	// Check if the user may add another item
	171	if($client["number"] >= 0) {
	172	$sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE ".$this->getAuthSQL('u');
	173	if($sql_where != '') $sql .= ' and '.$sql_where;
	174	$tmp = $app->db->queryOneRecord($sql);
	175	if($tmp["number"] >= $client["number"]) $check_passed = false;
	176	}
	177
	178	return $check_passed;
	179	}
	180
	181	function checkResellerLimit($limit_name, $sql_where = '') {
	182	global $app;
	183
	184	$check_passed = true;
	185	$limit_name = $app->db->quote($limit_name);
	186	if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
	187
	188	// Get the limits of the client that is currently logged in
35509d	189	$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
b1a6a5	190	$client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
MC	191
	192	//* If the client belongs to a reseller, we will check against the reseller Limit too
	193	if($client['parent_client_id'] != 0) {
	194
	195	//* first we need to know the groups of this reseller
	196	$tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
	197	$reseller_groups = $tmp["groups"];
	198	$reseller_userid = $tmp["userid"];
	199
	200	// Get the limits of the reseller of the logged in client
3cebc3	201	$client_group_id = $_SESSION["s"]["user"]["default_group"];
b1a6a5	202	$reseller = $app->db->queryOneRecord("SELECT $limit_name as number FROM client WHERE client_id = ".$client['parent_client_id']);
05beae	203
3cebc3	204	// Check if the user may add another item
b1a6a5	205	if($reseller["number"] >= 0) {
MC	206	$sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE (sys_groupid IN (".$reseller_groups.") or sys_userid = ".$reseller_userid.")";
3cebc3	207	if($sql_where != '') $sql .= ' and '.$sql_where;
T	208	$tmp = $app->db->queryOneRecord($sql);
b1a6a5	209	if($tmp["number"] >= $reseller["number"]) $check_passed = false;
3cebc3	210	}
T	211	}
05beae	212
b1a6a5	213	return $check_passed;
MC	214	}
05beae	215
b1a6a5	216	//* get the difference record of two arrays
MC	217	function getDiffRecord($record_old, $record_new) {
05beae	218
b1a6a5	219	if(is_array($record_new) && count($record_new) > 0) {
11b3da	220	foreach($record_new as $key => $val) {
T	221	if(@$record_old[$key] != $val) {
	222	// Record has changed
b1a6a5	223	$diffrec[$key] = array( 'old' => @$record_old[$key],
MC	224	'new' => $val);
11b3da	225	}
b1a6a5	226	}
MC	227	} elseif(is_array($record_old)) {
	228	foreach($record_old as $key => $val) {
	229	if($record_new[$key] != $val) {
	230	// Record has changed
	231	$diffrec[$key] = array( 'new' => $record_new[$key],
	232	'old' => $val);
11b3da	233	}
b1a6a5	234	}
MC	235	}
	236	return $diffrec;
05beae	237
b1a6a5	238	}
MC	239
	240
	241	/**
	242	* Generate HTML for DATETIME fields.
	243	*
	244	* @access private
	245	* @param string $form_element Name of the form element.
	246	* @param string $default_value Selected value for fields.
	247	* @param bool $display_secons Include seconds selection.
	248	* @return string HTML
	249	*/
	250	function _getDateTimeHTML($form_element, $default_value, $display_seconds=false)
	251	{
	252	$_datetime = strtotime($default_value);
	253	$_showdate = ($_datetime === false) ? false : true;
	254
	255	$dselect = array('day', 'month', 'year', 'hour', 'minute');
	256	if ($display_seconds === true) {
	257	$dselect[] = 'second';
11b3da	258	}
05beae	259
b1a6a5	260	$out = '';
MC	261
	262	foreach ($dselect as $dt_element)
75ae20	263	{
b1a6a5	264	$dt_options = array();
MC	265	$dt_space = 1;
2dadd2	266
b1a6a5	267	switch ($dt_element) {
MC	268	case 'day':
	269	for ($i = 1; $i <= 31; $i++) {
	270	$dt_options[] = array('name' => sprintf('%02d', $i),
	271	'value' => sprintf('%d', $i));
75ae20	272	}
b1a6a5	273	$selected_value = date('d', $_datetime);
MC	274	break;
05beae	275
b1a6a5	276	case 'month':
MC	277	for ($i = 1; $i <= 12; $i++) {
	278	$dt_options[] = array('name' => strftime('%b', mktime(0, 0, 0, $i, 1, 2000)),
	279	'value' => strftime('%m', mktime(0, 0, 0, $i, 1, 2000)));
	280	}
	281	$selected_value = date('n', $_datetime);
	282	break;
	283
	284	case 'year':
	285	$start_year = strftime("%Y");
	286	$years = range((int)$start_year, (int)($start_year+3));
	287
	288	foreach ($years as $year) {
	289	$dt_options[] = array('name' => $year,
	290	'value' => $year);
	291	}
	292	$selected_value = date('Y', $_datetime);
	293	$dt_space = 2;
	294	break;
	295
	296	case 'hour':
	297	foreach(range(0, 23) as $hour) {
	298	$dt_options[] = array('name' => sprintf('%02d', $hour),
	299	'value' => sprintf('%d', $hour));
	300	}
	301	$selected_value = date('G', $_datetime);
	302	break;
	303
	304	case 'minute':
	305	foreach(range(0, 59) as $minute) {
	306	if (($minute % 5) == 0) {
	307	$dt_options[] = array('name' => sprintf('%02d', $minute),
	308	'value' => sprintf('%d', $minute));
75ae20	309	}
W	310	}
b1a6a5	311	$selected_value = (int)floor(date('i', $_datetime));
MC	312	break;
05beae	313
b1a6a5	314	case 'second':
MC	315	foreach(range(0, 59) as $second) {
	316	$dt_options[] = array('name' => sprintf('%02d', $second),
	317	'value' => sprintf('%d', $second));
	318	}
	319	$selected_value = (int)floor(date('s', $_datetime));
	320	break;
75ae20	321	}
05beae	322
b1a6a5	323	$out .= "<select name=\"".$form_element."[$dt_element]\" id=\"".$form_element."_$dt_element\" class=\"selectInput\" style=\"width: auto; float: none;\">";
MC	324	if (!$_showdate) {
	325	$out .= "<option value=\"-\" selected=\"selected\">--</option>" . PHP_EOL;
	326	} else {
	327	$out .= "<option value=\"-\">--</option>" . PHP_EOL;
	328	}
	329
	330	foreach ($dt_options as $dt_opt) {
	331	if ( $_showdate && ($selected_value == $dt_opt['value']) ) {
	332	$out .= "<option value=\"{$dt_opt['value']}\" selected=\"selected\">{$dt_opt['name']}</option>" . PHP_EOL;
	333	} else {
	334	$out .= "<option value=\"{$dt_opt['value']}\">{$dt_opt['name']}</option>" . PHP_EOL;
	335	}
	336	}
	337
	338	$out .= '</select>' . str_repeat(' ', $dt_space);
75ae20	339	}
b1a6a5	340
MC	341	return $out;
	342	}
	343
2dadd2	344	}
T	345
d7ef36	346	?>