gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -38,9 +38,8 @@
			* End Form configuration
			******************************************/

			require_once('../../lib/config.inc.php');
			require_once('../../lib/app.inc.php');
			require_once('tools.inc.php');
			require_once '../../lib/config.inc.php';
			require_once '../../lib/app.inc.php';

			//* Check permissions for module
			$app->auth->check_module_permissions('sites');
			@@ -50,10 +49,10 @@
			$app->load('tform_actions');

			class page_action extends tform_actions {


			function onShowNew() {
			global $app, $conf;


			// we will check only users, not admins
			if($_SESSION["s"]["user"]["typ"] == 'user') {
			if(!$app->tform->checkClientLimit('limit_webdav_user')) {
			@@ -63,7 +62,7 @@
			$app->error('Reseller: '.$app->tform->wordbook["limit_webdav_user_txt"]);
			}
			}


			parent::onShowNew();
			}

			@@ -72,22 +71,22 @@
			/*
			* If the names are restricted -> remove the restriction, so that the
			* data can be edited
			*/

			$app->uses('getconf');
			*/
			$app->uses('getconf,tools_sites');
			$global_config = $app->getconf->get_global_config('sites');
			$webdavuser_prefix = replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);

			if ($this->dataRecord['username'] != ""){
			$webdavuser_prefix = $app->tools_sites->replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);

			if ($this->dataRecord['username'] != "") {
			/* REMOVE the restriction */
			$app->tpl->setVar("username", str_replace($webdavuser_prefix , '', $this->dataRecord['username']));
			$app->tpl->setVar("username", $app->tools_sites->removePrefix($this->dataRecord['username'], $this->dataRecord['username_prefix'], $webdavuser_prefix));
			}
			if($_SESSION["s"]["user"]["typ"] == 'admin' \|\| $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
			$app->tpl->setVar("username_prefix", $global_config['webdavuser_prefix']);
			} else {

			if($this->dataRecord['username'] == "") {
			$app->tpl->setVar("username_prefix", $webdavuser_prefix);
			} else {
			$app->tpl->setVar("username_prefix", $app->tools_sites->getPrefix($this->dataRecord['username_prefix'], $webdavuser_prefix, $global_config['webdavuser_prefix']));
			}


			if($this->id > 0) {
			//* we are editing a existing record
			$app->tpl->setVar("edit_disabled", 1);
			@@ -98,104 +97,125 @@

			parent::onShowEnd();
			}


			function onSubmit() {
			global $app, $conf;

			// Get the record of the parent domain
			$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));

			// Set a few fixed values

			/* Get the record of the parent domain */
			$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ? AND ".$app->tform->getAuthSQL('r'), @$this->dataRecord["parent_domain_id"]);
			if(!$parent_domain \|\| $parent_domain['domain_id'] != @$this->dataRecord['parent_domain_id']) $app->tform->errorMessage .= $app->tform->lng("no_domain_perm");

			/*
			* Set a few fixed values
			*/
			$this->dataRecord["server_id"] = $parent_domain["server_id"];


			/*
			* Are there some errors?
			*/
			if(isset($this->dataRecord['username']) && trim($this->dataRecord['username']) == '') $app->tform->errorMessage .= $app->tform->lng('username_error_empty').'<br />';
			if(isset($this->dataRecord['username']) && empty($this->dataRecord['parent_domain_id'])) $app->tform->errorMessage .= $app->tform->lng('parent_domain_id_error_empty').'<br />';

			if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'], '..')) $app->tform->errorMessage .= $app->tform->lng('dir_dot_error').'<br />';
			if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'], './')) $app->tform->errorMessage .= $app->tform->lng('dir_slashdot_error').'<br />';

			parent::onSubmit();
			}


			function onBeforeInsert() {
			global $app, $conf, $interfaceConf;

			/*
			* If the names should be restricted -> do it!
			*/
			if ($app->tform->errorMessage == ''){

			$app->uses('getconf');
			*/
			if ($app->tform->errorMessage == '') {

			$app->uses('getconf,tools_sites');
			$global_config = $app->getconf->get_global_config('sites');
			$webdavuser_prefix = replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);

			$webdavuser_prefix = $app->tools_sites->replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);

			$this->dataRecord['username_prefix'] = $webdavuser_prefix;

			/* restrict the names */
			$this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username'];

			/*
			* Get the data of the domain, owning the webdav user
			*/
			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"]));
			/* The server is the server of the domain */
			$this->dataRecord["server_id"] = $web["server_id"];
			/* The Webdav user shall be owned by the same group then the website */
			$this->dataRecord["sys_groupid"] = $web['sys_groupid'];
			}

			parent::onBeforeInsert();
			}


			function onAfterInsert() {
			global $app, $conf;

			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
			$server_id = $web["server_id"];
			$dir = $web["document_root"];

			// The Webdav user shall be owned by the same group then the website
			$sys_groupid = $web['sys_groupid'];

			$sql = "UPDATE webdav_user SET server_id = $server_id, dir = '$dir', sys_groupid = '$sys_groupid' WHERE shell_user_id = ".$this->id;
			$app->db->query($sql);

			}

			function onBeforeUpdate() {
			global $app, $conf, $interfaceConf;

			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $this->dataRecord["parent_domain_id"]);
			$server_id = $app->functions->intval($web["server_id"]);

			// The webdav user shall be owned by the same group then the website
			$sys_groupid = $app->functions->intval($web['sys_groupid']);

			/*
			* If the names should be restricted -> do it!
			* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule needs
			*/
			if ($app->tform->errorMessage == '') {
			/*
			* If the names should be restricted -> do it!
			*/
			$app->uses('getconf');
			$global_config = $app->getconf->get_global_config('sites');
			$webdavuser_prefix = replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);

			/* restrict the names */
			$this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username'];
			}
			$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
			$this->dataRecord["password"] = $hash;

			$sql = "UPDATE webdav_user SET server_id = ?, sys_groupid = ?, password = ? WHERE webdav_user_id = ?";
			$app->db->query($sql, $server_id, $sys_groupid, $this->dataRecord["password"], $this->id);
			}


			function onBeforeUpdate() {
			global $app, $conf, $interfaceConf;

			/*
			* we can not change the username and the dir, so get the "old" - data from the db
			* and set it
			*/
			$data = $app->db->queryOneRecord("SELECT * FROM webdav_user WHERE webdav_user_id = ?", $this->id);
			$this->dataRecord["username"] = $data['username'];
			$this->dataRecord["dir"] = $data['dir'];
			$this->dataRecord['username_prefix'] = $data['username_prefix'];
			$this->dataRecord['passwordOld'] = $data['password'];

			parent::onBeforeUpdate();
			}

			function onAfterUpdate() {
			global $app, $conf;


			}

			function getClientName() {
			global $app, $conf;

			if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
			// Get the group-id of the user
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
			} else {
			// Get the group-id from the data itself
			$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord['parent_domain_id']));
			$client_group_id = $web['sys_groupid'];

			//* When the site of the webdav user has been changed
			if(isset($this->dataRecord['parent_domain_id']) && $this->oldDataRecord['parent_domain_id'] != $this->dataRecord['parent_domain_id']) {
			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $this->dataRecord["parent_domain_id"]);
			$server_id = $app->functions->intval($web["server_id"]);

			// The webdav user shall be owned by the same group then the website
			$sys_groupid = $app->functions->intval($web['sys_groupid']);

			$sql = "UPDATE webdav_user SET server_id = ?, sys_groupid = ? WHERE webdav_user_id = ?";
			$app->db->query($sql, $server_id, $sys_groupid, $this->id);
			}
			/* get the name of the client */
			$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
			$clientName = $tmp['name'];
			if ($clientName == "") $clientName = 'default';
			$clientName = convertClientName($clientName);

			return $clientName;

			/*
			* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule
			* needs (only if the pwd is changed)
			*/
			if ((isset($this->dataRecord["password"])) && ($this->dataRecord["password"] != '') && ($this->dataRecord["password"] != $this->dataRecord['passwordOld'])) {
			$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
			$this->dataRecord["password"] = $hash;
			$app->db->query("UPDATE webdav_user SET password = ? WHERE webdav_user_id = ?", $this->dataRecord["password"], $this->id);
			}

			}


			}

			$page = new page_action;
			$page->onLoad();

			?>
			?>