ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
Marius Cramer
2015-08-06 37b29231e47a0c4458dc1c15d98588f16f07e1e2 
 interface/web/admin/users_edit.php


@@ -1,6 +1,6 @@


<?php


/*


Copyright (c) 2007, Till Brehm, projektfarm Gmbh


Copyright (c) 2008, Till Brehm, projektfarm Gmbh


All rights reserved.




Redistribution and use in source and binary forms, with or without modification,


@@ -38,19 +38,105 @@


* End Form configuration


******************************************/




require_once('../../lib/config.inc.php');


require_once('../../lib/app.inc.php');


require_once '../../lib/config.inc.php';


require_once '../../lib/app.inc.php';




// Checking module permissions


if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {


   header("Location: ../index.php");


   exit;


}


//* Check permissions for module


$app->auth->check_module_permissions('admin');




// Loading classes


$app->uses('tpl,tform,tform_actions');


$app->load('tform_actions');




// let tform_actions handle the page


$app->tform_actions->onLoad();


class page_action extends tform_actions {




?>


   function onBeforeInsert() {


      global $app, $conf;


		


      //* Security settings check


      if(isset($this->dataRecord['typ']) && $this->dataRecord['typ'][0] == 'admin') {


         $app->auth->check_security_permissions('admin_allow_new_admin');


      }




      if(!in_array($this->dataRecord['startmodule'], $this->dataRecord['modules'])) {


         $app->tform->errorMessage .= $app->tform->wordbook['startmodule_err'];


      }


		


		


		


   }




   function onBeforeUpdate() {


      global $app, $conf;




      if($conf['demo_mode'] == true && $_REQUEST['id'] <= 3) $app->error('This function is disabled in demo mode.');




      //* Security settings check


      if(isset($this->dataRecord['typ']) && $this->dataRecord['typ'][0] == 'admin') {


         $app->auth->check_security_permissions('admin_allow_new_admin');


      }




      if(@is_array($this->dataRecord['modules']) && !in_array($this->dataRecord['startmodule'], $this->dataRecord['modules'])) {


         $app->tform->errorMessage .= $app->tform->wordbook['startmodule_err'];


      }


		


      $this->oldDataRecord = $app->tform->getDataRecord($this->id);


		


      //* A user that belongs to a client record (client or reseller) may not have typ admin


      if(isset($this->dataRecord['typ']) && $this->dataRecord['typ'][0] == 'admin'  && $this->oldDataRecord['client_id'] > 0) {


         $app->tform->errorMessage .= $app->tform->wordbook['client_not_admin_err'];


      }


		


   }




   /*


    This function is called automatically right after


    the data was successful updated in the database.


   */


   function onAfterUpdate() {


      global $app, $conf;




      $client = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ?", $this->id);


      $client_id = $app->functions->intval($client['client_id']);


      $username = $this->dataRecord["username"];


      $old_username = $this->oldDataRecord['username'];




      // username changed


      if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {


         $sql = "UPDATE client SET username = ? WHERE client_id = ? AND username = ?";


         $app->db->query($sql, $username, $client_id, $old_username);


         $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = ?", $client_id);


         $app->db->datalogUpdate("sys_group", array("name" => $username), 'groupid', $tmp['groupid']);


         unset($tmp);


      }




      // password changed


      if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["passwort"]) && $this->dataRecord["passwort"] != '') {


         $password = $this->dataRecord["passwort"];


         $salt="$1$";


         $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';


         for ($n=0;$n<8;$n++) {


            $salt.=$base64_alphabet[mt_rand(0, 63)];


         }


         $salt.="$";


         $password = crypt(stripslashes($password), $salt);


         $sql = "UPDATE client SET password = ? WHERE client_id = ? AND username = ?";


         $app->db->query($sql, $password, $client_id, $username);


      }




      // language changed


      if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {


         $language = $this->dataRecord["language"];


         $sql = "UPDATE client SET language = ? WHERE client_id = ? AND username = ?";


         $app->db->query($sql, $language, $client_id, $username);


      }




      parent::onAfterUpdate();


   }




}




$page = new page_action;


$page->onLoad();




?>