| commit | author | age | ||
| 310ec5 | 1 | <?php |
| T | 2 | /* |
| 3 | Copyright (c) 2007, Till Brehm, projektfarm Gmbh | |
| 4 | All rights reserved. | |
| 5 | ||
| 6 | Redistribution and use in source and binary forms, with or without modification, | |
| 7 | are permitted provided that the following conditions are met: | |
| 8 | ||
| 9 | * Redistributions of source code must retain the above copyright notice, | |
| 10 | this list of conditions and the following disclaimer. | |
| 11 | * Redistributions in binary form must reproduce the above copyright notice, | |
| 12 | this list of conditions and the following disclaimer in the documentation | |
| 13 | and/or other materials provided with the distribution. | |
| 14 | * Neither the name of ISPConfig nor the names of its contributors | |
| 15 | may be used to endorse or promote products derived from this software without | |
| 16 | specific prior written permission. | |
| 17 | ||
| 18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND | |
| 19 | ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |
| 20 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
| 21 | IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, | |
| 22 | INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | |
| 23 | BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
| 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY | |
| 25 | OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
| 26 | NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, | |
| 27 | EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 28 | */ | |
| 29 | ||
| 30 | ||
| 31 | /****************************************** | |
| 32 | * Begin Form configuration | |
| 33 | ******************************************/ | |
| 34 | ||
| 35 | $tform_def_file = "form/shell_user.tform.php"; | |
| 36 | ||
| 37 | /****************************************** | |
| 38 | * End Form configuration | |
| 39 | ******************************************/ | |
| 40 | ||
| 7fe908 | 41 | require_once '../../lib/config.inc.php'; |
| MC | 42 | require_once '../../lib/app.inc.php'; |
| 310ec5 | 43 | |
| T | 44 | //* Check permissions for module |
| 45 | $app->auth->check_module_permissions('sites'); | |
| 46 | ||
| 47 | // Loading classes | |
| 48 | $app->uses('tpl,tform,tform_actions'); | |
| 49 | $app->load('tform_actions'); | |
| 50 | ||
| 51 | class page_action extends tform_actions { | |
| 7fe908 | 52 | |
| 310ec5 | 53 | function onShowNew() { |
| T | 54 | global $app, $conf; |
| 7fe908 | 55 | |
| 310ec5 | 56 | // we will check only users, not admins |
| T | 57 | if($_SESSION["s"]["user"]["typ"] == 'user') { |
| 3cebc3 | 58 | if(!$app->tform->checkClientLimit('limit_shell_user')) { |
| T | 59 | $app->error($app->tform->wordbook["limit_shell_user_txt"]); |
| 60 | } | |
| 61 | if(!$app->tform->checkResellerLimit('limit_shell_user')) { | |
| 62 | $app->error('Reseller: '.$app->tform->wordbook["limit_shell_user_txt"]); | |
| 310ec5 | 63 | } |
| T | 64 | } |
| 7fe908 | 65 | |
| 310ec5 | 66 | parent::onShowNew(); |
| T | 67 | } |
| 68 | ||
| 69 | function onShowEnd() { | |
| 70 | global $app, $conf, $interfaceConf; | |
| 71 | /* | |
| 72 | * If the names are restricted -> remove the restriction, so that the | |
| 73 | * data can be edited | |
| 74 | */ | |
| 7fe908 | 75 | |
| 31f6ce | 76 | $app->uses('getconf,tools_sites'); |
| 310ec5 | 77 | $global_config = $app->getconf->get_global_config('sites'); |
| 31f6ce | 78 | $shelluser_prefix = $app->tools_sites->replacePrefix($global_config['shelluser_prefix'], $this->dataRecord); |
| 7fe908 | 79 | |
| 310ec5 | 80 | if ($this->dataRecord['username'] != ""){ |
| T | 81 | /* REMOVE the restriction */ |
| 10b4c8 | 82 | $app->tpl->setVar("username", $app->tools_sites->removePrefix($this->dataRecord['username'], $this->dataRecord['username_prefix'], $shelluser_prefix)); |
| 310ec5 | 83 | } |
| 7fe908 | 84 | |
| MC | 85 | $app->tpl->setVar("username_prefix", $app->tools_sites->getPrefix($this->dataRecord['username_prefix'], $shelluser_prefix, $global_config['shelluser_prefix'])); |
| 86 | ||
| 310ec5 | 87 | if($this->id > 0) { |
| T | 88 | //* we are editing a existing record |
| 89 | $app->tpl->setVar("edit_disabled", 1); | |
| 90 | $app->tpl->setVar("parent_domain_id_value", $this->dataRecord["parent_domain_id"]); | |
| 91 | } else { | |
| 92 | $app->tpl->setVar("edit_disabled", 0); | |
| 93 | } | |
| 94 | ||
| 95 | parent::onShowEnd(); | |
| 96 | } | |
| 7fe908 | 97 | |
| 310ec5 | 98 | function onSubmit() { |
| T | 99 | global $app, $conf; |
| 7fe908 | 100 | |
| 310ec5 | 101 | // Get the record of the parent domain |
| 7b47c0 | 102 | //$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".$app->functions->intval(@$this->dataRecord["parent_domain_id"]) . " AND ".$app->tform->getAuthSQL('r')); |
| 7fe908 | 103 | //if(!$parent_domain || $parent_domain['domain_id'] != @$this->dataRecord['parent_domain_id']) $app->tform->errorMessage .= $app->tform->lng("no_domain_perm"); |
| 7b47c0 | 104 | if(isset($this->dataRecord["parent_domain_id"])) { |
| T | 105 | $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".$app->functions->intval(@$this->dataRecord["parent_domain_id"]) . " AND ".$app->tform->getAuthSQL('r')); |
| 106 | if(!$parent_domain || $parent_domain['domain_id'] != @$this->dataRecord['parent_domain_id']) $app->tform->errorMessage .= $app->tform->lng("no_domain_perm"); | |
| 107 | } else { | |
| 108 | $tmp = $app->tform->getDataRecord($this->id); | |
| 109 | $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".$app->functions->intval($tmp["parent_domain_id"]) . " AND ".$app->tform->getAuthSQL('r')); | |
| 110 | if(!$parent_domain) $app->tform->errorMessage .= $app->tform->lng("no_domain_perm"); | |
| 111 | unset($tmp); | |
| 112 | } | |
| 7fe908 | 113 | |
| 310ec5 | 114 | // Set a few fixed values |
| T | 115 | $this->dataRecord["server_id"] = $parent_domain["server_id"]; |
| 7fe908 | 116 | |
| 951880 | 117 | if(isset($this->dataRecord['username']) && trim($this->dataRecord['username']) == '') $app->tform->errorMessage .= $app->tform->lng('username_error_empty').'<br />'; |
| T | 118 | if(isset($this->dataRecord['username']) && empty($this->dataRecord['parent_domain_id'])) $app->tform->errorMessage .= $app->tform->lng('parent_domain_id_error_empty').'<br />'; |
| 7fe908 | 119 | if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'], '..')) $app->tform->errorMessage .= $app->tform->lng('dir_dot_error').'<br />'; |
| MC | 120 | if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'], './')) $app->tform->errorMessage .= $app->tform->lng('dir_slashdot_error').'<br />'; |
| 121 | ||
| 8ab3cd | 122 | if(isset($this->dataRecord['ssh_rsa'])) $this->dataRecord['ssh_rsa'] = trim($this->dataRecord['ssh_rsa']); |
| 7fe908 | 123 | |
| 310ec5 | 124 | parent::onSubmit(); |
| T | 125 | } |
| 7fe908 | 126 | |
| 310ec5 | 127 | function onBeforeInsert() { |
| T | 128 | global $app, $conf, $interfaceConf; |
| 129 | ||
| 130 | // check if the username is not blacklisted | |
| 131 | $blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist'); | |
| 132 | foreach($blacklist as $line) { | |
| 133 | if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){ | |
| 615a0a | 134 | $app->tform->errorMessage .= $app->tform->lng('username_not_allowed_txt'); |
| 310ec5 | 135 | } |
| T | 136 | } |
| 137 | unset($blacklist); | |
| 7fe908 | 138 | |
| 310ec5 | 139 | /* |
| T | 140 | * If the names should be restricted -> do it! |
| 141 | */ | |
| 142 | if ($app->tform->errorMessage == ''){ | |
| 7fe908 | 143 | |
| 31f6ce | 144 | $app->uses('getconf,tools_sites'); |
| 310ec5 | 145 | $global_config = $app->getconf->get_global_config('sites'); |
| 31f6ce | 146 | $shelluser_prefix = $app->tools_sites->replacePrefix($global_config['shelluser_prefix'], $this->dataRecord); |
| 7fe908 | 147 | |
| MC | 148 | $this->dataRecord['username_prefix'] = $shelluser_prefix; |
| 310ec5 | 149 | /* restrict the names */ |
| T | 150 | $this->dataRecord['username'] = $shelluser_prefix . $this->dataRecord['username']; |
| 7fe908 | 151 | |
| 615a0a | 152 | if(strlen($this->dataRecord['username']) > 32) $app->tform->errorMessage .= $app->tform->lng("username_must_not_exceed_32_chars_txt"); |
| 310ec5 | 153 | } |
| T | 154 | parent::onBeforeInsert(); |
| 155 | } | |
| 7fe908 | 156 | |
| 310ec5 | 157 | function onAfterInsert() { |
| T | 158 | global $app, $conf; |
| 7fe908 | 159 | |
| 65ea2e | 160 | $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"])); |
| ae0707 | 161 | |
| 604c0c | 162 | $server_id = $app->functions->intval($web["server_id"]); |
| TB | 163 | $dir = $app->db->quote($web["document_root"]); |
| 164 | $uid = $app->db->quote($web["system_user"]); | |
| 165 | $gid = $app->db->quote($web["system_group"]); | |
| 7fe908 | 166 | |
| 310ec5 | 167 | // The FTP user shall be owned by the same group then the website |
| 604c0c | 168 | $sys_groupid = $app->functions->intval($web['sys_groupid']); |
| 7fe908 | 169 | |
| ae0707 | 170 | $sql = "UPDATE shell_user SET server_id = $server_id, dir = '$dir', puser = '$uid', pgroup = '$gid', sys_groupid = '$sys_groupid' WHERE shell_user_id = ".$this->id; |
| 310ec5 | 171 | $app->db->query($sql); |
| 7fe908 | 172 | |
| 310ec5 | 173 | } |
| 7fe908 | 174 | |
| 310ec5 | 175 | function onBeforeUpdate() { |
| T | 176 | global $app, $conf, $interfaceConf; |
| 7fe908 | 177 | |
| 310ec5 | 178 | // check if the username is not blacklisted |
| T | 179 | $blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist'); |
| 180 | foreach($blacklist as $line) { | |
| 181 | if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){ | |
| 615a0a | 182 | $app->tform->errorMessage .= $app->tform->lng('username_not_allowed_txt'); |
| 310ec5 | 183 | } |
| T | 184 | } |
| 185 | unset($blacklist); | |
| 186 | ||
| 187 | /* | |
| 188 | * If the names should be restricted -> do it! | |
| 189 | */ | |
| 190 | if ($app->tform->errorMessage == '') { | |
| 191 | /* | |
| 192 | * If the names should be restricted -> do it! | |
| 193 | */ | |
| 31f6ce | 194 | $app->uses('getconf,tools_sites'); |
| 310ec5 | 195 | $global_config = $app->getconf->get_global_config('sites'); |
| 31f6ce | 196 | $shelluser_prefix = $app->tools_sites->replacePrefix($global_config['shelluser_prefix'], $this->dataRecord); |
| 7fe908 | 197 | |
| MC | 198 | $old_record = $app->tform->getDataRecord($this->id); |
| 199 | $shelluser_prefix = $app->tools_sites->getPrefix($old_record['username_prefix'], $shelluser_prefix); | |
| 200 | $this->dataRecord['username_prefix'] = $shelluser_prefix; | |
| 201 | ||
| 310ec5 | 202 | /* restrict the names */ |
| T | 203 | $this->dataRecord['username'] = $shelluser_prefix . $this->dataRecord['username']; |
| 7fe908 | 204 | |
| 615a0a | 205 | if(strlen($this->dataRecord['username']) > 32) $app->tform->errorMessage .= $app->tform->lng("username_must_not_exceed_32_chars_txt"); |
| 310ec5 | 206 | } |
| T | 207 | } |
| 7fe908 | 208 | |
| 310ec5 | 209 | function onAfterUpdate() { |
| T | 210 | global $app, $conf; |
| 7fe908 | 211 | |
| MC | 212 | |
| 310ec5 | 213 | } |
| 7fe908 | 214 | |
| 310ec5 | 215 | } |
| T | 216 | |
| 217 | $page = new page_action; | |
| 218 | $page->onLoad(); | |
| 219 | ||
| 7fe908 | 220 | ?> |
