gitlabFork/ISPConfig3.git - Solinfo Gitblit

Pascal Dreissen

2016-07-08 f1193b43f4c9fd132741d30f03f0b35841011989

commit \| author \| age
fbdcc4	1	<?php
T	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29
	30	--UPDATED 08.2009--
	31	Full SOAP support for ISPConfig 3.1.4 b
	32	Updated by Arkadiusz Roch & Artur Edelman
	33	Copyright (c) Tri-Plex technology
	34
	35	*/
	36
	37	/**
b1a6a5	38	* Formularbehandlung
MC	39	*
	40	* Functions to validate, display and save form values
	41	*
	42	* Database table field definitions
	43	*
	44	* Datatypes:
	45	* - INTEGER (Converts data to int automatically)
	46	* - DOUBLE
	47	* - CURRENCY (Formats digits in currency notation)
	48	* - VARCHAR (No format check)
	49	* - DATE (Date format, converts from and to UNIX timestamps automatically)
	50	*
	51	* Formtype:
	52	* - TEXT (Normal text field)
	53	* - PASSWORD (password field, the content will not be displayed again to the user)
	54	* - SELECT (Option fiield)
	55	* - MULTIPLE (Allows selection of multiple values)
	56	*
	57	* VALUE:
	58	* - Value or array
	59	*
	60	* SEPARATOR
	61	* - separator char used for fileds with multiple values
	62	*
	63	* Hint: The auto increment (ID) filed of the table has not be be definied separately.
	64	*
	65	*/
	66
	67
a0b289	68	global $app;
5bff39	69	$app->load('tform_base');
M	70	class remoting_lib extends tform_base {
fbdcc4	71
b1a6a5	72
MC	73	// additional class variables
	74	var $sys_username;
	75	var $sys_userid;
	76	var $sys_default_group;
	77	var $sys_groups;
	78	var $client_id;
	79	var $dataRecord;
	80
	81
	82	//* Load the form definition from file. - special version for remoting
	83	// module parameter is only for compatibility with base class
	84	function loadFormDef($file, $module = '') {
	85	global $app, $conf;
	86
	87	include $file;
	88
	89	$this->formDef = $form;
	90	unset($this->formDef['tabs']);
	91
	92	//* Copy all fields from all tabs into one form definition
	93	foreach($form['tabs'] as $tab) {
	94	foreach($tab['fields'] as $key => $value) {
	95	$this->formDef['fields'][$key] = $value;
fbdcc4	96	}
b1a6a5	97	}
MC	98	unset($form);
	99
	100	$this->dateformat = $app->lng('conf_format_dateshort');
33f68a	101	$this->datetimeformat = $app->lng('conf_format_datetime');
b1a6a5	102
MC	103	return true;
	104	}
	105
	106	//* Load the user profile
	107	function loadUserProfile($client_id_param = 0) {
	108	global $app, $conf;
	109
	110	$client_login = false;
	111	if(isset($_SESSION['client_login']) && isset($_SESSION['client_sys_userid']) && $_SESSION['client_login'] == 1) {
	112	$client_sys_userid = $app->functions->intval($_SESSION['client_sys_userid']);
	113
cc7a82	114	$client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_user, client WHERE sys_user.client_id = client.client_id and sys_user.userid = ?", $client_sys_userid);
b1a6a5	115
MC	116	$this->client_id = $client['client_id'];
	117	$client_login = true;
	118	} else {
	119	$this->client_id = $app->functions->intval($client_id_param);
	120	}
	121
	122	if($this->client_id == 0) {
	123	$this->sys_username = 'admin';
	124	$this->sys_userid = 1;
	125	$this->sys_default_group = 1;
	126	$this->sys_groups = 1;
	127	$_SESSION["s"]["user"]["typ"] = 'admin';
	128	} else {
cc7a82	129	$user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = ?", $this->client_id);
b1a6a5	130	$this->sys_username = $user['username'];
MC	131	$this->sys_userid = $user['userid'];
	132	$this->sys_default_group = $user['default_group'];
	133	$this->sys_groups = $user['groups'];
	134	// we have to force admin priveliges for the remoting API as some function calls might fail otherwise.
	135	if($client_login == false) $_SESSION["s"]["user"]["typ"] = 'admin';
	136	}
	137
	138	$_SESSION["s"]["user"]["username"] = $this->sys_username;
	139	$_SESSION["s"]["user"]["userid"] = $this->sys_userid;
	140	$_SESSION["s"]["user"]["default_group"] = $this->sys_default_group;
	141	$_SESSION["s"]["user"]["groups"] = $this->sys_groups;
	142	$_SESSION["s"]["user"]["client_id"] = $this->client_id;
03c48f	143
T	144	return true;
b1a6a5	145	}
fbdcc4	146
T	147
b1a6a5	148	/**
MC	149	* Converts the data in the array to human readable format
	150	* Datatype conversion e.g. to show the data in lists
	151	* tab parameter is only there for compatibility with params of base class
	152	*
	153	* @param record
	154	* @return record
	155	*/
	156	function decode($record, $tab = '') {
	157	return $this->_decode($record, '', true);
	158	}
fbdcc4	159
T	160
b1a6a5	161	/**
MC	162	* Get the key => value array of a form filled from a datasource definitiom
	163	* dummy parameter is only there for compatibility with params of base class
	164	*
	165	* @param field = array with field definition
	166	* @param record = Dataset as array
	167	* @return key => value array for the value field of a form
	168	*/
	169	function getDatasourceData($field, $record, $dummy = '') {
	170	return $this->_getDatasourceData($field, $record, true);
	171	}
fbdcc4	172
T	173
b1a6a5	174	/**
MC	175	/**
	176	* Rewrite the record data to be stored in the database
	177	* and check values with regular expressions.
	178	*
	179	* @param record = Datensatz als Array
	180	* @return record
	181	*/
472196	182	function encode($record, $tab = '', $dbencode = true) {
b1a6a5	183	$new_record = $this->_encode($record, '', $dbencode, true);
MC	184	if(isset($record['_ispconfig_pw_crypted'])) $new_record['_ispconfig_pw_crypted'] = $record['_ispconfig_pw_crypted']; // this one is not in form definitions!
fbdcc4	185
b1a6a5	186	return $new_record;
MC	187	}
fbdcc4	188
T	189
b1a6a5	190	/**
MC	191	* Create SQL statement
	192	* dummy parameter is only there for compatibility with params of base class
	193	*
	194	* @param record = Datensatz als Array
	195	* @param action = INSERT oder UPDATE
	196	* @param primary_id
	197	* @return record
	198	*/
	199	function getSQL($record, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '', $dummy = '') {
	200
	201	global $app;
	202
	203	if(!is_array($this->formDef)) $app->error("Form definition not found.");
	204	$this->dataRecord = $record;
	205
	206	return $this->_getSQL($record, '', $action, $primary_id, $sql_ext_where, true);
	207	}
	208
	209	function getDeleteSQL($primary_id) {
	210
	211	if(stristr($this->formDef['db_table'], '.')) {
	212	$escape = '';
	213	} else {
fbdcc4	214	$escape = '`';
T	215	}
	216
b1a6a5	217	$sql = "DELETE FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id. " AND " . $this->getAuthSQL('d', $this->formDef['db_table']);
MC	218	return $sql;
	219	}
	220
	221	function getDataRecord($primary_id) {
	222	global $app;
	223	$escape = '`';
39dd4e	224	$this->loadUserProfile();
b1a6a5	225	if(@is_numeric($primary_id)) {
39dd4e	226	if($primary_id > 0) {
TB	227	// Return a single record
	228	return parent::getDataRecord($primary_id);
	229	} elseif($primary_id == -1) {
	230	// Return a array with all records
cc7a82	231	$sql = "SELECT * FROM ??";
MC	232	return $app->db->queryAllRecords($sql, $this->formDef['db_table']);
39dd4e	233	} else {
TB	234	throw new SoapFault('invalid_id', 'The ID has to be > 0 or -1.');
	235	return array();
	236	}
b1a6a5	237	} elseif (@is_array($primary_id) \|\| @is_object($primary_id)) {
MC	238	if(@is_object($primary_id)) $primary_id = get_object_vars($primary_id); // do not use cast (array)xxx because it returns private and protected properties!
	239	$sql_offset = 0;
	240	$sql_limit = 0;
	241	$sql_where = '';
3a11d2	242	$params = array($this->formDef['db_table']);
b1a6a5	243	foreach($primary_id as $key => $val) {
MC	244	if($key == '#OFFSET#') $sql_offset = $app->functions->intval($val);
	245	elseif($key == '#LIMIT#') $sql_limit = $app->functions->intval($val);
	246	elseif(stristr($val, '%')) {
6c2436	247	$sql_where .= "?? like ? AND ";
b1a6a5	248	} else {
6c2436	249	$sql_where .= "?? = ? AND ";
dbbaff	250	}
3a11d2	251	$params[] = $key;
MC	252	$params[] = $val;
dbbaff	253	}
b1a6a5	254	$sql_where = substr($sql_where, 0, -5);
MC	255	if($sql_where == '') $sql_where = '1';
cc7a82	256	$sql = "SELECT * FROM ?? WHERE ".$sql_where. " AND " . $this->getAuthSQL('r', $this->formDef['db_table']);
b1a6a5	257	if($sql_offset >= 0 && $sql_limit > 0) $sql .= ' LIMIT ' . $sql_offset . ',' . $sql_limit;
3a11d2	258	return $app->db->queryAllRecords($sql, true, $params);
b1a6a5	259	} else {
MC	260	$this->errorMessage = 'The ID must be either an integer or an array.';
	261	return array();
	262	}
	263	}
	264
	265	function ispconfig_sysuser_add($params, $insert_id){
	266	global $conf, $app, $sql1;
2af58c	267	$username = $params["username"];
MC	268	$password = $params["password"];
b1a6a5	269	if(!isset($params['modules'])) {
MC	270	$modules = $conf['interface_modules_enabled'];
	271	} else {
2af58c	272	$modules = $params['modules'];
b1a6a5	273	}
MC	274	if(isset($params['limit_client']) && $params['limit_client'] > 0) {
	275	$modules .= ',client';
	276	}
	277
	278	if(!isset($params['startmodule'])) {
	279	$startmodule = 'dashboard';
	280	} else {
2af58c	281	$startmodule = $params["startmodule"];
b1a6a5	282	if(!preg_match('/'.$startmodule.'/', $modules)) {
MC	283	$_modules = explode(',', $modules);
	284	$startmodule=$_modules[0];
	285	}
	286	}
2af58c	287	$usertheme = $params["usertheme"];
b1a6a5	288	$type = 'user';
MC	289	$active = 1;
	290	$insert_id = $app->functions->intval($insert_id);
2af58c	291	$language = $params["language"];
MC	292	$groupid = $app->db->datalogInsert('sys_group', array("name" => $username, "description" => "", "client_id" => $insert_id), 'groupid');
b1a6a5	293	$groups = $groupid;
MC	294	if(!isset($params['_ispconfig_pw_crypted']) \|\| $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($password));
	295	$sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
cc7a82	296	VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
MC	297	$app->db->query($sql1, $username,$password,$modules,$startmodule,$usertheme,$type,$active,$language,$groups,$groupid,$insert_id);
b1a6a5	298	}
MC	299
	300	function ispconfig_sysuser_update($params, $client_id){
	301	global $app;
2af58c	302	$username = $params["username"];
MC	303	$clear_password = $params["password"];
b1a6a5	304	$client_id = $app->functions->intval($client_id);
MC	305	if(!isset($params['_ispconfig_pw_crypted']) \|\| $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($clear_password));
	306	else $password = $clear_password;
cc7a82	307	$params = array($username);
MC	308	if ($clear_password) {
	309	$pwstring = ", passwort = ?";
	310	$params[] = $password;
	311	} else {
	312	$pwstring ="" ;
	313	}
	314	$params[] = $client_id;
	315	$sql = "UPDATE sys_user set username = ? $pwstring WHERE client_id = ?";
	316	$app->db->query($sql, true, $params);
b1a6a5	317	}
MC	318
	319	function ispconfig_sysuser_delete($client_id){
	320	global $app;
	321	$client_id = $app->functions->intval($client_id);
cc7a82	322	$sql = "DELETE FROM sys_user WHERE client_id = ?";
MC	323	$app->db->query($sql, $client_id);
	324	$sql = "DELETE FROM sys_group WHERE client_id = ?";
	325	$app->db->query($sql, $client_id);
b1a6a5	326	}
fbdcc4	327
T	328	}
	329
	330	?>