gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -38,9 +38,8 @@
			* End Form configuration
			******************************************/

			require_once('../../lib/config.inc.php');
			require_once('../../lib/app.inc.php');
			require_once('tools.inc.php');
			require_once '../../lib/config.inc.php';
			require_once '../../lib/app.inc.php';

			//* Check permissions for module
			$app->auth->check_module_permissions('sites');
			@@ -73,18 +72,19 @@
			* If the names are restricted -> remove the restriction, so that the
			* data can be edited
			*/
			$app->uses('getconf');
			$app->uses('getconf,tools_sites');
			$global_config = $app->getconf->get_global_config('sites');
			$webdavuser_prefix = replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);
			$webdavuser_prefix = $app->tools_sites->replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);

			if ($this->dataRecord['username'] != "") {
			/* REMOVE the restriction */
			$app->tpl->setVar("username", str_replace($webdavuser_prefix , '', $this->dataRecord['username']));
			$app->tpl->setVar("username", $app->tools_sites->removePrefix($this->dataRecord['username'], $this->dataRecord['username_prefix'], $webdavuser_prefix));
			}
			if($_SESSION["s"]["user"]["typ"] == 'admin' \|\| $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
			$app->tpl->setVar("username_prefix", $global_config['webdavuser_prefix']);
			} else {

			if($this->dataRecord['username'] == "") {
			$app->tpl->setVar("username_prefix", $webdavuser_prefix);
			} else {
			$app->tpl->setVar("username_prefix", $app->tools_sites->getPrefix($this->dataRecord['username_prefix'], $webdavuser_prefix, $global_config['webdavuser_prefix']));
			}

			if($this->id > 0) {
			@@ -102,7 +102,8 @@
			global $app, $conf;

			/* Get the record of the parent domain */
			$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
			$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ? AND ".$app->tform->getAuthSQL('r'), @$this->dataRecord["parent_domain_id"]);
			if(!$parent_domain \|\| $parent_domain['domain_id'] != @$this->dataRecord['parent_domain_id']) $app->tform->errorMessage .= $app->tform->lng("no_domain_perm");

			/*
			* Set a few fixed values
			@@ -114,9 +115,9 @@
			*/
			if(isset($this->dataRecord['username']) && trim($this->dataRecord['username']) == '') $app->tform->errorMessage .= $app->tform->lng('username_error_empty').'<br />';
			if(isset($this->dataRecord['username']) && empty($this->dataRecord['parent_domain_id'])) $app->tform->errorMessage .= $app->tform->lng('parent_domain_id_error_empty').'<br />';
			if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'],'..')) $app->tform->errorMessage .= $app->tform->lng('dir_dot_error').'<br />';
			if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'],'./')) $app->tform->errorMessage .= $app->tform->lng('dir_slashdot_error').'<br />';

			if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'], '..')) $app->tform->errorMessage .= $app->tform->lng('dir_dot_error').'<br />';
			if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'], './')) $app->tform->errorMessage .= $app->tform->lng('dir_slashdot_error').'<br />';

			parent::onSubmit();
			}

			@@ -128,23 +129,19 @@
			*/
			if ($app->tform->errorMessage == '') {

			$app->uses('getconf');
			$app->uses('getconf,tools_sites');
			$global_config = $app->getconf->get_global_config('sites');
			$webdavuser_prefix = replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);
			$webdavuser_prefix = $app->tools_sites->replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);

			$this->dataRecord['username_prefix'] = $webdavuser_prefix;

			/* restrict the names */
			$this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username'];

			/*
			* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule needs
			*/
			$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
			$this->dataRecord["password"] = $hash;

			/*
			* Get the data of the domain, owning the webdav user
			*/
			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"]));
			/* The server is the server of the domain */
			$this->dataRecord["server_id"] = $web["server_id"];
			/* The Webdav user shall be owned by the same group then the website */
			@@ -156,6 +153,21 @@

			function onAfterInsert() {
			global $app, $conf;

			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $this->dataRecord["parent_domain_id"]);
			$server_id = $app->functions->intval($web["server_id"]);

			// The webdav user shall be owned by the same group then the website
			$sys_groupid = $app->functions->intval($web['sys_groupid']);

			/*
			* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule needs
			*/
			$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
			$this->dataRecord["password"] = $hash;

			$sql = "UPDATE webdav_user SET server_id = ?, sys_groupid = ?, password = ? WHERE webdav_user_id = ?";
			$app->db->query($sql, $server_id, $sys_groupid, $this->dataRecord["password"], $this->id);
			}

			function onBeforeUpdate() {
			@@ -165,29 +177,45 @@
			* we can not change the username and the dir, so get the "old" - data from the db
			* and set it
			*/
			$data = $app->db->queryOneRecord("SELECT * FROM webdav_user WHERE webdav_user_id = ".intval($this->id));
			$data = $app->db->queryOneRecord("SELECT * FROM webdav_user WHERE webdav_user_id = ?", $this->id);
			$this->dataRecord["username"] = $data['username'];
			$this->dataRecord["dir"] = $data['dir'];
			$passwordOld = $data['password'];

			/*
			* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule
			* needs (only if the pwd is changed)
			*/
			if ((isset($this->dataRecord["password"])) && ($this->dataRecord["password"] != '') && ($this->dataRecord["password"] != $passwordOld)) {
			$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
			$this->dataRecord["password"] = $hash;
			}
			$this->dataRecord['username_prefix'] = $data['username_prefix'];
			$this->dataRecord['passwordOld'] = $data['password'];

			parent::onBeforeUpdate();
			}

			function onAfterUpdate() {
			global $app, $conf;

			//* When the site of the webdav user has been changed
			if(isset($this->dataRecord['parent_domain_id']) && $this->oldDataRecord['parent_domain_id'] != $this->dataRecord['parent_domain_id']) {
			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $this->dataRecord["parent_domain_id"]);
			$server_id = $app->functions->intval($web["server_id"]);

			// The webdav user shall be owned by the same group then the website
			$sys_groupid = $app->functions->intval($web['sys_groupid']);

			$sql = "UPDATE webdav_user SET server_id = ?, sys_groupid = ? WHERE webdav_user_id = ?";
			$app->db->query($sql, $server_id, $sys_groupid, $this->id);
			}

			/*
			* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule
			* needs (only if the pwd is changed)
			*/
			if ((isset($this->dataRecord["password"])) && ($this->dataRecord["password"] != '') && ($this->dataRecord["password"] != $this->dataRecord['passwordOld'])) {
			$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
			$this->dataRecord["password"] = $hash;
			$app->db->query("UPDATE webdav_user SET password = ? WHERE webdav_user_id = ?", $this->dataRecord["password"], $this->id);
			}

			}

			}

			$page = new page_action;
			$page->onLoad();

			?>
			?>