commit | author | age
|
381520
|
1 |
<?php |
M |
2 |
/* |
|
3 |
Copyright (c) 2008, Till Brehm, projektfarm Gmbh |
|
4 |
All rights reserved. |
|
5 |
|
|
6 |
Redistribution and use in source and binary forms, with or without modification, |
|
7 |
are permitted provided that the following conditions are met: |
|
8 |
|
|
9 |
* Redistributions of source code must retain the above copyright notice, |
|
10 |
this list of conditions and the following disclaimer. |
|
11 |
* Redistributions in binary form must reproduce the above copyright notice, |
|
12 |
this list of conditions and the following disclaimer in the documentation |
|
13 |
and/or other materials provided with the distribution. |
|
14 |
* Neither the name of ISPConfig nor the names of its contributors |
|
15 |
may be used to endorse or promote products derived from this software without |
|
16 |
specific prior written permission. |
|
17 |
|
|
18 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND |
|
19 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
20 |
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
|
21 |
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
|
22 |
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|
23 |
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
24 |
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
|
25 |
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
|
26 |
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, |
|
27 |
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
28 |
*/ |
|
29 |
|
|
30 |
|
|
31 |
/****************************************** |
|
32 |
* Begin Form configuration |
|
33 |
******************************************/ |
|
34 |
|
|
35 |
$tform_def_file = "form/database_user.tform.php"; |
|
36 |
|
|
37 |
/****************************************** |
|
38 |
* End Form configuration |
|
39 |
******************************************/ |
|
40 |
|
b1a6a5
|
41 |
require_once '../../lib/config.inc.php'; |
MC |
42 |
require_once '../../lib/app.inc.php'; |
381520
|
43 |
|
M |
44 |
//* Check permissions for module |
|
45 |
$app->auth->check_module_permissions('sites'); |
|
46 |
|
|
47 |
// Loading classes |
|
48 |
$app->uses('tpl,tform,tform_actions'); |
|
49 |
$app->load('tform_actions'); |
|
50 |
|
|
51 |
class page_action extends tform_actions { |
|
52 |
|
7e2a3f
|
53 |
function onShowNew() { |
FS |
54 |
global $app; |
|
55 |
|
|
56 |
// we will check only users, not admins |
|
57 |
if($_SESSION['s']['user']['typ'] == 'user') { |
2527d2
|
58 |
if(!$app->tform->checkClientLimit('limit_database_user')) { |
7e2a3f
|
59 |
$app->error($app->tform->wordbook["limit_database_user_txt"]); |
FS |
60 |
} |
2527d2
|
61 |
if(!$app->tform->checkResellerLimit('limit_database_user')) { |
7e2a3f
|
62 |
$app->error('Reseller: '.$app->tform->wordbook["limit_database_user_txt"]); |
FS |
63 |
} |
|
64 |
} |
|
65 |
|
|
66 |
parent::onShowNew(); |
|
67 |
} |
|
68 |
|
381520
|
69 |
function onShowEnd() { |
M |
70 |
global $app, $conf, $interfaceConf; |
|
71 |
|
|
72 |
/* |
|
73 |
* If the names are restricted -> remove the restriction, so that the |
|
74 |
* data can be edited |
|
75 |
*/ |
bd68aa
|
76 |
|
381520
|
77 |
//* Get the database user prefix |
31f6ce
|
78 |
$app->uses('getconf,tools_sites'); |
381520
|
79 |
$global_config = $app->getconf->get_global_config('sites'); |
31f6ce
|
80 |
$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord); |
bd68aa
|
81 |
|
b1a6a5
|
82 |
if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) { |
381520
|
83 |
// Get the limits of the client |
604c0c
|
84 |
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); |
cc7a82
|
85 |
$client = $app->db->queryOneRecord("SELECT client.company_name, client.contact_name, client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id); |
bd68aa
|
86 |
|
b1a6a5
|
87 |
// Fill the client select field |
2af58c
|
88 |
$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name"; |
MC |
89 |
$records = $app->db->queryAllRecords($sql, $client['client_id']); |
|
90 |
$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client['client_id']); |
b1a6a5
|
91 |
$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contact_name'].'</option>'; |
MC |
92 |
//$tmp_data_record = $app->tform->getDataRecord($this->id); |
|
93 |
if(is_array($records)) { |
|
94 |
foreach( $records as $rec) { |
|
95 |
$selected = @(is_array($this->dataRecord) && ($rec["groupid"] == $this->dataRecord['client_group_id'] || $rec["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':''; |
|
96 |
$client_select .= "<option value='$rec[groupid]' $selected>$rec[contactname]</option>\r\n"; |
|
97 |
} |
|
98 |
} |
|
99 |
$app->tpl->setVar("client_group_id", $client_select); |
|
100 |
} elseif($_SESSION["s"]["user"]["typ"] == 'admin') { |
381520
|
101 |
// Fill the client select field |
ca4b71
|
102 |
$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name"; |
381520
|
103 |
$clients = $app->db->queryAllRecords($sql); |
M |
104 |
$client_select = "<option value='0'></option>"; |
|
105 |
//$tmp_data_record = $app->tform->getDataRecord($this->id); |
|
106 |
if(is_array($clients)) { |
|
107 |
foreach( $clients as $client) { |
|
108 |
//$selected = @($client["groupid"] == $tmp_data_record["sys_groupid"])?'SELECTED':''; |
|
109 |
$selected = @(is_array($this->dataRecord) && ($client["groupid"] == $this->dataRecord['client_group_id'] || $client["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':''; |
615a0a
|
110 |
$client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n"; |
381520
|
111 |
} |
M |
112 |
} |
b1a6a5
|
113 |
$app->tpl->setVar("client_group_id", $client_select); |
MC |
114 |
} |
bd68aa
|
115 |
|
MC |
116 |
|
381520
|
117 |
if ($this->dataRecord['database_user'] != ""){ |
M |
118 |
/* REMOVE the restriction */ |
10b4c8
|
119 |
$app->tpl->setVar("database_user", $app->tools_sites->removePrefix($this->dataRecord['database_user'], $this->dataRecord['database_user_prefix'], $dbuser_prefix)); |
381520
|
120 |
} |
bd68aa
|
121 |
|
ba18a8
|
122 |
if($this->dataRecord['database_user'] == "") { |
07c297
|
123 |
$app->tpl->setVar("database_user_prefix", $dbuser_prefix); |
SC |
124 |
} else { |
|
125 |
$app->tpl->setVar("database_user_prefix", $app->tools_sites->getPrefix($this->dataRecord['database_user_prefix'], $dbuser_prefix, $global_config['dbuser_prefix'])); |
|
126 |
} |
bd68aa
|
127 |
|
381520
|
128 |
parent::onShowEnd(); |
M |
129 |
} |
bd68aa
|
130 |
|
b1a6a5
|
131 |
function onSubmit() { |
MC |
132 |
global $app; |
bd68aa
|
133 |
|
b1a6a5
|
134 |
if($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]); |
bd68aa
|
135 |
|
b1a6a5
|
136 |
parent::onSubmit(); |
MC |
137 |
} |
381520
|
138 |
|
M |
139 |
function onBeforeUpdate() { |
|
140 |
global $app, $conf, $interfaceConf; |
|
141 |
|
|
142 |
//* Get the database user prefix |
31f6ce
|
143 |
$app->uses('getconf,tools_sites'); |
381520
|
144 |
$global_config = $app->getconf->get_global_config('sites'); |
31f6ce
|
145 |
$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord); |
381520
|
146 |
|
2af58c
|
147 |
$this->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = ?", $this->id); |
bd68aa
|
148 |
|
b1a6a5
|
149 |
$dbuser_prefix = $app->tools_sites->getPrefix($this->oldDataRecord['database_user_prefix'], $dbuser_prefix); |
MC |
150 |
$this->dataRecord['database_user_prefix'] = $dbuser_prefix; |
bd68aa
|
151 |
|
381520
|
152 |
//* Database username shall not be empty |
M |
153 |
if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />'; |
|
154 |
|
b1a6a5
|
155 |
if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]).'<br />'; |
bd68aa
|
156 |
|
381520
|
157 |
//* Check database user against blacklist |
b1a6a5
|
158 |
$dbuser_blacklist = array($conf['db_user'], 'mysql', 'root'); |
MC |
159 |
if(in_array($dbuser_prefix . $this->dataRecord['database_user'], $dbuser_blacklist)) { |
381520
|
160 |
$app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />'; |
M |
161 |
} |
bd68aa
|
162 |
|
381520
|
163 |
if ($app->tform->errorMessage == ''){ |
M |
164 |
/* restrict the names if there is no error */ |
b1a6a5
|
165 |
/* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */ |
381520
|
166 |
$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16); |
M |
167 |
} |
bd68aa
|
168 |
|
MC |
169 |
/* prepare password for MongoDB */ |
|
170 |
// TODO: this still doens't work as when only the username changes we have no database_password. |
|
171 |
// taking the one from oldData doesn't work as it's encrypted...shit! |
e7ae4e
|
172 |
/* |
bd68aa
|
173 |
$this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password']; |
MC |
174 |
|
b1a6a5
|
175 |
$this->dataRecord['server_id'] = 0; // we need this on all servers |
e7ae4e
|
176 |
*/ |
381520
|
177 |
parent::onBeforeUpdate(); |
M |
178 |
} |
|
179 |
|
|
180 |
function onBeforeInsert() { |
|
181 |
global $app, $conf, $interfaceConf; |
bd68aa
|
182 |
|
381520
|
183 |
//* Database username shall not be empty |
M |
184 |
if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />'; |
|
185 |
|
|
186 |
//* Get the database name and database user prefix |
31f6ce
|
187 |
$app->uses('getconf,tools_sites'); |
381520
|
188 |
$global_config = $app->getconf->get_global_config('sites'); |
31f6ce
|
189 |
$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord); |
bd68aa
|
190 |
|
b1a6a5
|
191 |
$this->dataRecord['database_user_prefix'] = $dbuser_prefix; |
bd68aa
|
192 |
|
b1a6a5
|
193 |
if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]).'<br />'; |
bd68aa
|
194 |
|
381520
|
195 |
//* Check database user against blacklist |
b1a6a5
|
196 |
$dbuser_blacklist = array($conf['db_user'], 'mysql', 'root'); |
MC |
197 |
if(is_array($dbuser_blacklist) && in_array($dbuser_prefix . $this->dataRecord['database_user'], $dbuser_blacklist)) { |
381520
|
198 |
$app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />'; |
M |
199 |
} |
|
200 |
|
|
201 |
/* restrict the names */ |
b1a6a5
|
202 |
/* crop user names if they are too long -> mysql: user: 16 chars / db: 64 chars */ |
381520
|
203 |
if ($app->tform->errorMessage == ''){ |
M |
204 |
$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16); |
|
205 |
} |
bd68aa
|
206 |
|
MC |
207 |
$this->dataRecord['server_id'] = 0; // we need this on all servers |
|
208 |
|
|
209 |
/* prepare password for MongoDB */ |
e7ae4e
|
210 |
// $this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password']; |
bd68aa
|
211 |
|
381520
|
212 |
parent::onBeforeInsert(); |
M |
213 |
} |
|
214 |
|
|
215 |
function onAfterInsert() { |
|
216 |
global $app, $conf; |
bd68aa
|
217 |
|
381520
|
218 |
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { |
65ea2e
|
219 |
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); |
2af58c
|
220 |
$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id); |
381520
|
221 |
} |
M |
222 |
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) { |
65ea2e
|
223 |
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); |
2af58c
|
224 |
$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id); |
381520
|
225 |
} |
M |
226 |
} |
|
227 |
|
|
228 |
function onAfterUpdate() { |
|
229 |
global $app, $conf; |
|
230 |
|
|
231 |
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { |
65ea2e
|
232 |
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); |
2af58c
|
233 |
$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id); |
381520
|
234 |
} |
M |
235 |
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) { |
65ea2e
|
236 |
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); |
2af58c
|
237 |
$app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $this->id); |
381520
|
238 |
} |
M |
239 |
} |
|
240 |
|
|
241 |
} |
|
242 |
|
|
243 |
$page = new page_action; |
|
244 |
$page->onLoad(); |
|
245 |
|
b1a6a5
|
246 |
?> |