ISPConfig3 devel
parent: 2a0f3c49 | patch | commit | show whitespace
vogelor
2010-06-09 1cc9f1bd4b01bba44ed57d36597ae2478a9b9796 
Fixed some errors in editing the webdav-user
the pwd is not longer stored in plaintext
1 files modified
86 ■■■■■ changed files
interface/web/sites/webdav_user_edit.php 86 ●●●●● patch | view | raw | blame | history 
 interface/web/sites/webdav_user_edit.php


@@ -73,7 +73,6 @@


         * If the names are restricted -> remove the restriction, so that the


         * data can be edited


         */


		


        $app->uses('getconf');


        $global_config = $app->getconf->get_global_config('sites');


        $webdavuser_prefix = replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);


@@ -102,12 +101,17 @@


    function onSubmit() {


        global $app, $conf;


        


        // Get the record of the parent domain


        /* Get the record of the parent domain */


        $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));


        


        // Set a few fixed values


        /*


         * Set a few fixed values


         */


        $this->dataRecord["server_id"] = $parent_domain["server_id"];


        


        /*


         * Are there some errors?


         */


        if(isset($this->dataRecord['username']) && trim($this->dataRecord['username']) == '') $app->tform->errorMessage .= $app->tform->lng('username_error_empty').'<br />';


        if(isset($this->dataRecord['username']) && empty($this->dataRecord['parent_domain_id'])) $app->tform->errorMessage .= $app->tform->lng('parent_domain_id_error_empty').'<br />';


        


@@ -128,72 +132,56 @@


            


            /* restrict the names */


            $this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username'];




            /*


             * We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule needs


             */


            $hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);


            $this->dataRecord["password"] = $hash;




            /*


            *  Get the data of the domain, owning the webdav user


            */


            $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));


            /* The server is the server of the domain */


            $this->dataRecord["server_id"] = $web["server_id"];


            /* The Webdav user shall be owned by the same group then the website */


            $this->dataRecord["sys_groupid"] = $web['sys_groupid'];


        }




        parent::onBeforeInsert();


    }


    


    function onAfterInsert() {


        global $app, $conf;


        /* change pwd here */


		


        $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));


        $server_id = $web["server_id"];


        $dir = $web["document_root"];


		


        // The Webdav user shall be owned by the same group then the website


        $sys_groupid = $web['sys_groupid'];


		


        $sql = "UPDATE webdav_user SET server_id = $server_id, dir = '$dir', sys_groupid = '$sys_groupid' WHERE shell_user_id = ".$this->id;


        $app->db->query($sql);


		


    }


    


    function onBeforeUpdate() {


        global $app, $conf, $interfaceConf;


        


        /*


         * If the names should be restricted -> do it!


         * we can not change the username and the dir, so get the "old" - data from the db


         * and set it


         */


        if ($app->tform->errorMessage == '') {


            /*


            * If the names should be restricted -> do it!


            */


            $app->uses('getconf');


            $global_config = $app->getconf->get_global_config('sites');


            $webdavuser_prefix = replacePrefix($global_config['webdavuser_prefix'], $this->dataRecord);


        $data = $app->db->queryOneRecord("SELECT * FROM webdav_user WHERE webdav_user_id = ".intval($this->id));


        $this->dataRecord["username"] = $data['username'];


        $this->dataRecord["dir"]      = $data['dir'];


            


            /* restrict the names */


            $this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username'];


        /*


         * We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule


         * needs (only if the pwd is changed


         */


        if (isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {


            $hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);


            $this->dataRecord["password"] = $hash;


        }




        parent::onBeforeUpdate();


    }


    


    function onAfterUpdate() {


        global $app, $conf;


        /* change PWD here */


		


    }


	


    function getClientName() {


        global $app, $conf;


	


        if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {


            // Get the group-id of the user


            $client_group_id = $_SESSION["s"]["user"]["default_group"];


        } else {


            // Get the group-id from the data itself


            $web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord['parent_domain_id']));


            $client_group_id = $web['sys_groupid'];


        }


        /* get the name of the client */


        $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);


        $clientName = $tmp['name'];


        if ($clientName == "") $clientName = 'default';


        $clientName = convertClientName($clientName);


		


        return $clientName;


	


    }


	


}




$page = new page_action;