gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -29,313 +29,317 @@
			*/

			/**
			* Formularbehandlung
			*
			* Functions to validate, display and save form values
			*
			* Database table field definitions
			*
			* Datatypes:
			* - INTEGER (Converts data to int automatically)
			* - DOUBLE
			* - CURRENCY (Formats digits in currency notation)
			* - VARCHAR (No format check)
			* - DATE (Date format, converts from and to UNIX timestamps automatically)
			*
			* Formtype:
			* - TEXT (Normal text field)
			* - PASSWORD (password field, the content will not be displayed again to the user)
			* - SELECT (Option fiield)
			* - MULTIPLE (Allows selection of multiple values)
			*
			* VALUE:
			* - Value or array
			*
			* SEPARATOR
			* - separator char used for fileds with multiple values
			*
			* Hint: The auto increment (ID) filed of the table has not be be definied separately.
			*
			*/
			* Formularbehandlung
			*
			* Functions to validate, display and save form values
			*
			* Database table field definitions
			*
			* Datatypes:
			* - INTEGER (Converts data to int automatically)
			* - DOUBLE
			* - CURRENCY (Formats digits in currency notation)
			* - VARCHAR (No format check)
			* - DATE (Date format, converts from and to UNIX timestamps automatically)
			*
			* Formtype:
			* - TEXT (Normal text field)
			* - PASSWORD (password field, the content will not be displayed again to the user)
			* - SELECT (Option fiield)
			* - MULTIPLE (Allows selection of multiple values)
			*
			* VALUE:
			* - Value or array
			*
			* SEPARATOR
			* - separator char used for fileds with multiple values
			*
			* Hint: The auto increment (ID) filed of the table has not be be definied separately.
			*
			*/


			global $app;
			$app->load('tform_base');
			class tform extends tform_base {
			/*
			/*
			This function checks if a user has the parmissions $perm for the data record with the ID $record_id
			If record_id = 0, the the permissions are tested against the defaults of the form file.
			*/
			function checkPerm($record_id,$perm) {
			global $app;
			function checkPerm($record_id, $perm) {
			global $app;

			if($record_id > 0) {
			// Add backticks for incomplete table names.
			if(stristr($this->formDef['db_table'],'.')) {
			$escape = '';
			} else {
			$escape = '`';
			}

			$sql = "SELECT ".$this->formDef['db_table_idx']." FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$record_id." AND ".$this->getAuthSQL($perm);
			if($record = $app->db->queryOneRecord($sql)) {
			return true;
			} else {
			return false;
			}
			} else {
			$result = false;
			if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true;
			if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true;
			if(@stristr($this->formDef["auth_preset"]["perm_other"],$perm)) $result = true;

			// if preset == 0, everyone can insert a record of this type
			if($this->formDef["auth_preset"]["userid"] == 0 AND $this->formDef["auth_preset"]["groupid"] == 0 AND (@stristr($this->formDef["auth_preset"]["perm_user"],$perm) OR @stristr($this->formDef["auth_preset"]["perm_group"],$perm))) $result = true;

			return $result;

			}

			}

			function getNextTab() {
			// Which tab is shown
			if($this->errorMessage == '') {
			// If there is no error
			if(isset($_REQUEST["next_tab"]) && $_REQUEST["next_tab"] != '') {
			// If the next tab is known
			$active_tab = $_REQUEST["next_tab"];
			} else {
			// else use the default tab
			$active_tab = $this->formDef['tab_default'];
			}
			} else {
			// Show the same tab again in case of an error
			$active_tab = $_SESSION["s"]["form"]["tab"];
			}

			return $active_tab;
			}

			function getCurrentTab() {
			return $_SESSION["s"]["form"]["tab"];
			}

			function isReadonlyTab($tab, $primary_id) {
			global $app, $conf;

			if($record_id > 0) {
			// Add backticks for incomplete table names.
			if(stristr($this->formDef['db_table'],'.')) {
			if(stristr($this->formDef['db_table'], '.')) {
			$escape = '';
			} else {
			$escape = '`';
			}

			$sql = "SELECT sys_userid FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
			$record = $app->db->queryOneRecord($sql);

			// return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record.
			if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true && $record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) {
			$sql = "SELECT ".$this->formDef['db_table_idx']." FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$record_id." AND ".$this->getAuthSQL($perm);
			if($record = $app->db->queryOneRecord($sql)) {
			return true;
			} else {
			return false;
			}
			} else {
			$result = false;
			if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm, $this->formDef["auth_preset"]["perm_user"])) $result = true;
			if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm, $this->formDef["auth_preset"]["perm_group"])) $result = true;
			if(@stristr($this->formDef["auth_preset"]["perm_other"], $perm)) $result = true;

			// if preset == 0, everyone can insert a record of this type
			if($this->formDef["auth_preset"]["userid"] == 0 and $this->formDef["auth_preset"]["groupid"] == 0 and (@stristr($this->formDef["auth_preset"]["perm_user"], $perm) or @stristr($this->formDef["auth_preset"]["perm_group"], $perm))) $result = true;

			return $result;

			}

			}

			// translation function for forms, tries the form wordbook first and if this fails, it tries the global wordbook
			function lng($msg) {
			global $app,$conf;

			if(isset($this->wordbook[$msg])) {
			return $this->wordbook[$msg];
			function getNextTab() {
			// Which tab is shown
			if($this->errorMessage == '') {
			// If there is no error
			if(isset($_REQUEST["next_tab"]) && $_REQUEST["next_tab"] != '') {
			// If the next tab is known
			$active_tab = $_REQUEST["next_tab"];
			} else {
			return $app->lng($msg);
			// else use the default tab
			$active_tab = $this->formDef['tab_default'];
			}

			} else {
			// Show the same tab again in case of an error
			$active_tab = $_SESSION["s"]["form"]["tab"];
			}

			function checkClientLimit($limit_name,$sql_where = '') {
			global $app;
			return $active_tab;
			}

			$check_passed = true;
			$limit_name = $app->db->quote($limit_name);
			if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
			function getCurrentTab() {
			return $_SESSION["s"]["form"]["tab"];
			}

			// Get the limits of the client that is currently logged in
			function isReadonlyTab($tab, $primary_id) {
			global $app, $conf;

			// Add backticks for incomplete table names.
			if(stristr($this->formDef['db_table'], '.')) {
			$escape = '';
			} else {
			$escape = '`';
			}

			$sql = "SELECT sys_userid FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
			$record = $app->db->queryOneRecord($sql);

			// return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record.
			if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true && $record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) {
			return true;
			} else {
			return false;
			}
			}


			// translation function for forms, tries the form wordbook first and if this fails, it tries the global wordbook
			function lng($msg) {
			global $app, $conf;

			if(isset($this->wordbook[$msg])) {
			return $this->wordbook[$msg];
			} else {
			return $app->lng($msg);
			}

			}

			function checkClientLimit($limit_name, $sql_where = '') {
			global $app;

			$check_passed = true;
			$limit_name = $app->db->quote($limit_name);
			if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');

			// Get the limits of the client that is currently logged in
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
			$client = $app->db->queryOneRecord("SELECT $limit_name as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");

			// Check if the user may add another item
			if($client["number"] >= 0) {
			$sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE ".$this->getAuthSQL('u');
			if($sql_where != '') $sql .= ' and '.$sql_where;
			$tmp = $app->db->queryOneRecord($sql);
			if($tmp["number"] >= $client["number"]) $check_passed = false;
			}

			return $check_passed;
			}

			function checkResellerLimit($limit_name, $sql_where = '') {
			global $app;

			$check_passed = true;
			$limit_name = $app->db->quote($limit_name);
			if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');

			// Get the limits of the client that is currently logged in
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
			$client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");

			//* If the client belongs to a reseller, we will check against the reseller Limit too
			if($client['parent_client_id'] != 0) {

			//* first we need to know the groups of this reseller
			$tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
			$reseller_groups = $tmp["groups"];
			$reseller_userid = $tmp["userid"];

			// Get the limits of the reseller of the logged in client
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
			$client = $app->db->queryOneRecord("SELECT $limit_name as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
			$reseller = $app->db->queryOneRecord("SELECT $limit_name as number FROM client WHERE client_id = ".$client['parent_client_id']);

			// Check if the user may add another item
			if($client["number"] >= 0) {
			$sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE ".$this->getAuthSQL('u');
			if($reseller["number"] >= 0) {
			$sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE (sys_groupid IN (".$reseller_groups.") or sys_userid = ".$reseller_userid.")";
			if($sql_where != '') $sql .= ' and '.$sql_where;
			$tmp = $app->db->queryOneRecord($sql);
			if($tmp["number"] >= $client["number"]) $check_passed = false;
			if($tmp["number"] >= $reseller["number"]) $check_passed = false;
			}

			return $check_passed;
			}

			function checkResellerLimit($limit_name,$sql_where = '') {
			global $app;
			return $check_passed;
			}

			$check_passed = true;
			$limit_name = $app->db->quote($limit_name);
			if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
			//* get the difference record of two arrays
			function getDiffRecord($record_old, $record_new) {

			// Get the limits of the client that is currently logged in
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
			$client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");

			//* If the client belongs to a reseller, we will check against the reseller Limit too
			if($client['parent_client_id'] != 0) {

			//* first we need to know the groups of this reseller
			$tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
			$reseller_groups = $tmp["groups"];
			$reseller_userid = $tmp["userid"];

			// Get the limits of the reseller of the logged in client
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
			$reseller = $app->db->queryOneRecord("SELECT $limit_name as number FROM client WHERE client_id = ".$client['parent_client_id']);

			// Check if the user may add another item
			if($reseller["number"] >= 0) {
			$sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE (sys_groupid IN (".$reseller_groups.") or sys_userid = ".$reseller_userid.")";
			if($sql_where != '') $sql .= ' and '.$sql_where;
			$tmp = $app->db->queryOneRecord($sql);
			if($tmp["number"] >= $reseller["number"]) $check_passed = false;
			}
			}

			return $check_passed;
			}

			//* get the difference record of two arrays
			function getDiffRecord($record_old,$record_new) {

			if(is_array($record_new) && count($record_new) > 0) {
			if(is_array($record_new) && count($record_new) > 0) {
			foreach($record_new as $key => $val) {
			if(@$record_old[$key] != $val) {
			// Record has changed
			$diffrec[$key] = array( 'old' => @$record_old[$key],
			'new' => $val);
			}
			$diffrec[$key] = array( 'old' => @$record_old[$key],
			'new' => $val);
			}
			} elseif(is_array($record_old)) {
			foreach($record_old as $key => $val) {
			if($record_new[$key] != $val) {
			// Record has changed
			$diffrec[$key] = array( 'new' => $record_new[$key],
			'old' => $val);
			}
			}
			}
			} elseif(is_array($record_old)) {
			foreach($record_old as $key => $val) {
			if($record_new[$key] != $val) {
			// Record has changed
			$diffrec[$key] = array( 'new' => $record_new[$key],
			'old' => $val);
			}
			return $diffrec;
			}
			}
			return $diffrec;

			}


			/**
			* Generate HTML for DATETIME fields.
			*
			* @access private
			* @param string $form_element Name of the form element.
			* @param string $default_value Selected value for fields.
			* @param bool $display_secons Include seconds selection.
			* @return string HTML
			*/
			function _getDateTimeHTML($form_element, $default_value, $display_seconds=false)
			{
			$_datetime = strtotime($default_value);
			$_showdate = ($_datetime === false) ? false : true;

			$dselect = array('day', 'month', 'year', 'hour', 'minute');
			if ($display_seconds === true) {
			$dselect[] = 'second';
			}

			/**
			* Generate HTML for DATETIME fields.
			*
			* @access private
			* @param string $form_element Name of the form element.
			* @param string $default_value Selected value for fields.
			* @param bool $display_secons Include seconds selection.
			* @return string HTML
			*/
			function _getDateTimeHTML($form_element, $default_value, $display_seconds=false)
			$out = '';

			foreach ($dselect as $dt_element)
			{
			$_datetime = strtotime($default_value);
			$_showdate = ($_datetime === false) ? false : true;
			$dt_options = array();
			$dt_space = 1;

			$dselect = array('day','month','year','hour','minute');
			if ($display_seconds === true) {
			$dselect[] = 'second';
			}

			$out = '';

			foreach ($dselect as $dt_element)
			{
			$dt_options = array();
			$dt_space = 1;

			switch ($dt_element) {
			case 'day':
			for ($i = 1; $i <= 31; $i++) {
			$dt_options[] = array('name' => sprintf('%02d', $i),
			'value' => sprintf('%d', $i));
			}
			$selected_value = date('d', $_datetime);
			break;

			case 'month':
			for ($i = 1; $i <= 12; $i++) {
			$dt_options[] = array('name' => strftime('%b', mktime(0, 0, 0, $i, 1, 2000)),
			'value' => strftime('%m', mktime(0, 0, 0, $i, 1, 2000)));
			}
			$selected_value = date('n', $_datetime);
			break;

			case 'year':
			$start_year = strftime("%Y");
			$years = range((int)$start_year, (int)($start_year+3));

			foreach ($years as $year) {
			$dt_options[] = array('name' => $year,
			'value' => $year);
			}
			$selected_value = date('Y', $_datetime);
			$dt_space = 2;
			break;

			case 'hour':
			foreach(range(0, 23) as $hour) {
			$dt_options[] = array('name' => sprintf('%02d', $hour),
			'value' => sprintf('%d', $hour));
			}
			$selected_value = date('G', $_datetime);
			break;

			case 'minute':
			foreach(range(0, 59) as $minute) {
			if (($minute % 5) == 0) {
			$dt_options[] = array('name' => sprintf('%02d', $minute),
			'value' => sprintf('%d', $minute));
			}
			}
			$selected_value = (int)floor(date('i', $_datetime));
			break;

			case 'second':
			foreach(range(0, 59) as $second) {
			$dt_options[] = array('name' => sprintf('%02d', $second),
			'value' => sprintf('%d', $second));
			}
			$selected_value = (int)floor(date('s', $_datetime));
			break;
			}

			$out .= "<select name=\"".$form_element."[$dt_element]\" id=\"".$form_element."_$dt_element\" class=\"selectInput\" style=\"width: auto; float: none;\">";
			if (!$_showdate) {
			$out .= "<option value=\"-\" selected=\"selected\">--</option>" . PHP_EOL;
			} else {
			$out .= "<option value=\"-\">--</option>" . PHP_EOL;
			switch ($dt_element) {
			case 'day':
			for ($i = 1; $i <= 31; $i++) {
			$dt_options[] = array('name' => sprintf('%02d', $i),
			'value' => sprintf('%d', $i));
			}
			$selected_value = date('d', $_datetime);
			break;

			foreach ($dt_options as $dt_opt) {
			if ( $_showdate && ($selected_value == $dt_opt['value']) ) {
			$out .= "<option value=\"{$dt_opt['value']}\" selected=\"selected\">{$dt_opt['name']}</option>" . PHP_EOL;
			} else {
			$out .= "<option value=\"{$dt_opt['value']}\">{$dt_opt['name']}</option>" . PHP_EOL;
			case 'month':
			for ($i = 1; $i <= 12; $i++) {
			$dt_options[] = array('name' => strftime('%b', mktime(0, 0, 0, $i, 1, 2000)),
			'value' => strftime('%m', mktime(0, 0, 0, $i, 1, 2000)));
			}
			$selected_value = date('n', $_datetime);
			break;

			case 'year':
			$start_year = strftime("%Y");
			$years = range((int)$start_year, (int)($start_year+3));

			foreach ($years as $year) {
			$dt_options[] = array('name' => $year,
			'value' => $year);
			}
			$selected_value = date('Y', $_datetime);
			$dt_space = 2;
			break;

			case 'hour':
			foreach(range(0, 23) as $hour) {
			$dt_options[] = array('name' => sprintf('%02d', $hour),
			'value' => sprintf('%d', $hour));
			}
			$selected_value = date('G', $_datetime);
			break;

			case 'minute':
			foreach(range(0, 59) as $minute) {
			if (($minute % 5) == 0) {
			$dt_options[] = array('name' => sprintf('%02d', $minute),
			'value' => sprintf('%d', $minute));
			}
			}
			$selected_value = (int)floor(date('i', $_datetime));
			break;

			$out .= '</select>' . str_repeat(' ', $dt_space);
			case 'second':
			foreach(range(0, 59) as $second) {
			$dt_options[] = array('name' => sprintf('%02d', $second),
			'value' => sprintf('%d', $second));
			}
			$selected_value = (int)floor(date('s', $_datetime));
			break;
			}

			return $out;
			$out .= "<select name=\"".$form_element."[$dt_element]\" id=\"".$form_element."_$dt_element\" class=\"selectInput\" style=\"width: auto; float: none;\">";
			if (!$_showdate) {
			$out .= "<option value=\"-\" selected=\"selected\">--</option>" . PHP_EOL;
			} else {
			$out .= "<option value=\"-\">--</option>" . PHP_EOL;
			}

			foreach ($dt_options as $dt_opt) {
			if ( $_showdate && ($selected_value == $dt_opt['value']) ) {
			$out .= "<option value=\"{$dt_opt['value']}\" selected=\"selected\">{$dt_opt['name']}</option>" . PHP_EOL;
			} else {
			$out .= "<option value=\"{$dt_opt['value']}\">{$dt_opt['name']}</option>" . PHP_EOL;
			}
			}

			$out .= '</select>' . str_repeat(' ', $dt_space);
			}

			return $out;
			}

			}

			?>