Fixed: FS#2421 - Domain module does not check for valid selection Impleme...

mcramer

2012-09-11 4e18bd4210f5c79d341436b1ed026300d59ba208

Fixed:  FS#2421 - Domain module does not check for valid selection 
Implemented:  FS#2422 - Use domain module when creating subdomains 
Bugfix: datalog was used in the wrong way on editing aliasdomains
Bugfix: missing datalog update for parent domain on editing subdomains

 interface/web/admin/system_config_edit.php

@@ -134,7 +134,7 @@
            $app->db->query($sql);
            $sql = "REPLACE INTO domain (sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, domain ) " .
                "SELECT sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, domain " .
                "FROM web_domain";
                "FROM web_domain WHERE type NOT IN ('subdomain','vhostsubdomain')";
            $app->db->query($sql);
        }
        

 interface/web/client/domain_new_client.php

@@ -39,7 +39,7 @@
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
    echo $settings[new_domain_html];
    echo $settings['new_domain_html'];
}

?>

 interface/web/mail/mail_domain_edit.php

@@ -126,7 +126,7 @@
            /*
             * The admin can select ALL domains, the user only the domains assigned to him
             */
            $sql = "SELECT domain FROM domain ";
            $sql = "SELECT domain_id, domain FROM domain ";
            if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                $sql .= "WHERE sys_groupid =" . $client_group_id;
            }
@@ -136,7 +136,7 @@
            if(is_array($domains) && sizeof($domains) > 0) {
                /* We have domains in the list, so create the drop-down-list */
                foreach( $domains as $domain) {
                    $domain_select .= "<option value=" . $domain['domain'] ;
                    $domain_select .= "<option value=" . $domain['domain_id'] ;
                    if ($domain['domain'] == $this->dataRecord["domain"]) {
                        $domain_select .= " selected";
                    }
@@ -184,7 +184,27 @@

    function onSubmit() {
        global $app, $conf;
        if($_SESSION["s"]["user"]["typ"] != 'admin') {
		
        /* check if the domain module is used - and check if the selected domain can be used! */
        $app->uses('ini_parser,getconf');
        $settings = $app->getconf->get_global_config('domains');
        if ($settings['use_domain_module'] == 'y') {
            $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
			
            $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
            if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                $sql .= "AND sys_groupid =" . $client_group_id;
            }
            $domain_check = $app->db->queryOneRecord($sql);
            if(!$domain_check) {
                // invalid domain selected
                $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
            } else {
                $this->dataRecord['domain'] = $domain_check['domain'];
            }
        }
        
        if($_SESSION["s"]["user"]["typ"] != 'admin') {

            // Get the limits of the client
            $client_group_id = $_SESSION["s"]["user"]["default_group"];

 interface/web/sites/templates/web_subdomain_edit.htm

@@ -5,14 +5,29 @@

    <div class="pnl_formsarea">
        <fieldset class="inlineLabels">
            <tmpl_if name="domain_option">
            <div class="ctrlHolder">
                <label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
                <select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
            </div>
            </tmpl_if>
            <div class="ctrlHolder">
                <label for="domain">{tmpl_var name='host_txt'}</label>
                <input name="domain" id="domain" value="{tmpl_var name='domain'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
            </div>
            <tmpl_if name="domain_option">
            <div class="ctrlHolder">
                <label for="sel_domain">{tmpl_var name='domain_txt'}</label>
                    <select name="sel_domain" id="sel_domain" class="selectInput">
                        {tmpl_var name='domain_option'}
                    </select>
            </div>
            <tmpl_else>
            <div class="ctrlHolder">
                <label for="parent_domain_id">{tmpl_var name='domain_txt'}</label>
                <select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
            </div>
            </tmpl_if>
            <div class="ctrlHolder">
                <label for="redirect_type">{tmpl_var name='redirect_type_txt'}</label>
                <select name="redirect_type" id="redirect_type" class="selectInput formLengthHalf">

 interface/web/sites/templates/web_vhost_subdomain_edit.htm

@@ -6,14 +6,29 @@
    <div class="pnl_formsarea">
        <fieldset class="inlineLabels">
            <input type="hidden" name="server_id" id="server_id" value="{tmpl_var name='server_id_value'}" />
            <tmpl_if name="domain_option">
            <div class="ctrlHolder">
                <label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
                <select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
            </div>
            </tmpl_if>
            <div class="ctrlHolder">
                <label for="domain">{tmpl_var name='host_txt'}</label>
                <input name="domain" id="domain" value="{tmpl_var name='domain'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
            </div>
            <tmpl_if name="domain_option">
            <div class="ctrlHolder">
                <label for="sel_domain">{tmpl_var name='domain_txt'}</label>
                    <select name="sel_domain" id="sel_domain" class="selectInput">
                        {tmpl_var name='domain_option'}
                    </select>
            </div>
            <tmpl_else>
            <div class="ctrlHolder">
                <label for="parent_domain_id">{tmpl_var name='domain_txt'}</label>
                <select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
            </div>
            </tmpl_if>
            <div class="ctrlHolder">
                <label for="web_folder">{tmpl_var name='web_folder_txt'}</label>
                <input name="web_folder" id="web_folder" value="{tmpl_var name='web_folder'}" size="30" maxlength="100" type="text" class="textInput formLengthHalf"<tmpl_if name='fixed_folder' op='==' value='y'> readonly="readonly"</tmpl_if> />

 interface/web/sites/web_aliasdomain_edit.php

@@ -85,7 +85,7 @@
            /*
             * The admin can select ALL domains, the user only the domains assigned to him
             */
            $sql = "SELECT domain FROM domain ";
            $sql = "SELECT domain_id, domain FROM domain ";
            if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                $sql .= "WHERE sys_groupid =" . $client_group_id;
            }
@@ -95,7 +95,7 @@
            if(is_array($domains) && sizeof($domains) > 0) {
                /* We have domains in the list, so create the drop-down-list */
                foreach( $domains as $domain) {
                    $domain_select .= "<option value=" . $domain['domain'] ;
                    $domain_select .= "<option value=" . $domain['domain_id'] ;
                    if ($domain['domain'] == $this->dataRecord["domain"]) {
                        $domain_select .= " selected";
                    }
@@ -120,6 +120,25 @@
    function onSubmit() {
        global $app, $conf;
        
        /* check if the domain module is used - and check if the selected domain can be used! */
        $app->uses('ini_parser,getconf');
        $settings = $app->getconf->get_global_config('domains');
        if ($settings['use_domain_module'] == 'y') {
            $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
			
            $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
            if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                $sql .= "AND sys_groupid =" . $client_group_id;
            }
            $domain_check = $app->db->queryOneRecord($sql);
            if(!$domain_check) {
                // invalid domain selected
                $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
            } else {
                $this->dataRecord['domain'] = $domain_check['domain'];
            }
        }
        
        // Get the record of the parent domain
        $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
        
@@ -155,15 +174,7 @@
            //* Update the old website, so that the vhost alias gets removed
            //* We force the update by inserting a transaction record without changes manually.
            $old_website = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$this->oldDataRecord['domain_id']);
            $diffrec_full = array();
            $diffrec_full['old'] = $old_website;
            $diffrec_full['new'] = $old_website;
            $diffstr = $app->db->quote(serialize($diffrec_full));
            $username = $app->db->quote($_SESSION['s']['user']['username']);
            $dbidx = 'domsin_id:'.$this->id;
            $server_id = $this->oldDataRecord['server_id'];
            $sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('web_domain','$dbidx','$server_id','u','".time()."','$username','$diffstr')";
            $app->db->query($sql);
            $app->db->datalogSave('web_domain', 'UPDATE', 'domain_id', $this->oldDataRecord['parent_domain_id'], $old_website, $old_website, true);
        }
        
    }

 interface/web/sites/web_domain_edit.php

@@ -418,7 +418,7 @@
            /*
             * The admin can select ALL domains, the user only the domains assigned to him
             */
            $sql = "SELECT domain FROM domain ";
            $sql = "SELECT domain_id, domain FROM domain ";
            if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                $sql .= "WHERE sys_groupid =" . $client_group_id;
            }
@@ -428,7 +428,7 @@
            if(is_array($domains) && sizeof($domains) > 0) {
                /* We have domains in the list, so create the drop-down-list */
                foreach( $domains as $domain) {
                    $domain_select .= "<option value=" . $domain['domain'] ;
                    $domain_select .= "<option value=" . $domain['domain_id'] ;
                    if ($domain['domain'] == $this->dataRecord["domain"]) {
                        $domain_select .= " selected";
                    }
@@ -458,6 +458,25 @@
    function onSubmit() {
        global $app, $conf;

        /* check if the domain module is used - and check if the selected domain can be used! */
        $app->uses('ini_parser,getconf');
        $settings = $app->getconf->get_global_config('domains');
        if ($settings['use_domain_module'] == 'y') {
            $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
			
            $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
            if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                $sql .= "AND sys_groupid =" . $client_group_id;
            }
            $domain_check = $app->db->queryOneRecord($sql);
            if(!$domain_check) {
                // invalid domain selected
                $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
            } else {
                $this->dataRecord['domain'] = $domain_check['domain'];
            }
        }

        // Set a few fixed values
        $this->dataRecord["parent_domain_id"] = 0;
        $this->dataRecord["type"] = 'vhost';

 interface/web/sites/web_subdomain_edit.php

@@ -71,12 +71,54 @@
    function onShowEnd() {
        global $app, $conf;
        
        // Get the record of the parent domain
        $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
		
        // remove the parent domain part of the domain name before we show it in the text field.
        $this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
        $app->tpl->setVar("domain",$this->dataRecord["domain"]);
        $app->uses('ini_parser,getconf');
        $settings = $app->getconf->get_global_config('domains');
        if ($settings['use_domain_module'] == 'y') {
            /*
             * The domain-module is in use.
            */
            $client_group_id = $_SESSION["s"]["user"]["default_group"];
            /*
             * The admin can select ALL domains, the user only the domains assigned to him
             */
            $sql = "SELECT domain_id, domain FROM domain ";
            if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                $sql .= "WHERE sys_groupid =" . $client_group_id;
            }
            $sql .= " ORDER BY domain";
            $domains = $app->db->queryAllRecords($sql);
            $domain_select = '';
            $selected_domain = '';
            if(is_array($domains) && sizeof($domains) > 0) {
                /* We have domains in the list, so create the drop-down-list */
                foreach( $domains as $domain) {
                    $domain_select .= "<option value=" . $domain['domain_id'] ;
                    if ('.' . $domain['domain'] == substr($this->dataRecord["domain"], -strlen($domain['domain']) - 1)) {
                        $domain_select .= " selected";
                        $selected_domain = $domain['domain'];
                    }
                    $domain_select .= ">" . $domain['domain'] . "</option>\r\n";
                }
            }
            else {
                /*
                 * We have no domains in the domain-list. This means, we can not add ANY new domain.
                 * To avoid, that the variable "domain_option" is empty and so the user can
                 * free enter a domain, we have to create a empty option!
                */
                $domain_select .= "<option value=''></option>\r\n";
            }
            $app->tpl->setVar("domain_option",$domain_select);
            $this->dataRecord['domain'] = substr($this->dataRecord["domain"], 0, strlen($this->dataRecord['domain']) - strlen($selected_domain) - 1);
        } else {
        
            // Get the record of the parent domain
            $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
            
            // remove the parent domain part of the domain name before we show it in the text field.
            $this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
        }
        $app->tpl->setVar("domain",$this->dataRecord["domain"]);
        
        parent::onShowEnd();
        
@@ -85,17 +127,30 @@
    function onSubmit() {
        global $app, $conf;
        
        // Get the record of the parent domain
        $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
		
        // Get the record of the parent domain
        $parent_domain = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
        
        $app->uses('ini_parser,getconf');
        $settings = $app->getconf->get_global_config('domains');
        if ($settings['use_domain_module'] == 'y') {
            // get the record of the domain module domain
            $domain = $app->db->queryOneRecord("SELECT * FROM domain WHERE domain_id = ".intval($this->dataRecord["sel_domain"]));
            if(!$domain) {
                $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
            } else {
                $this->dataRecord['domain'] = $this->dataRecord['domain'] . '.' . $domain['domain'];
            }
        } else {
            $this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
        }
        
        // Set a few fixed values
        $this->dataRecord["type"] = 'subdomain';
        $this->dataRecord["server_id"] = $parent_domain["server_id"];
        $this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
        
        $this->parent_domain_record = $parent_domain;
        
        //* make sure that the email domain is lowercase
        //* make sure that the domain is lowercase
        if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
        
        parent::onSubmit();
@@ -108,6 +163,22 @@
        
    }
    
    function onAfterUpdate() {
        global $app, $conf;
		
        //* Check if parent domain has been changed
        if($this->dataRecord['parent_domain_id'] != $this->oldDataRecord['parent_domain_id']) {
			
            //* Update the domain owner
            $app->db->query('UPDATE web_domain SET sys_groupid = '.intval($this->parent_domain_record['sys_groupid']).' WHERE domain_id = '.$this->id);
			
            //* Update the old website, so that the vhost alias gets removed
            //* We force the update by inserting a transaction record without changes manually.
            $old_website = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$this->oldDataRecord['domain_id']);
            $app->db->datalogSave('web_domain', 'UPDATE', 'domain_id', $this->oldDataRecord['parent_domain_id'], $old_website, $old_website, true);
        }
		
    }
    
}


 interface/web/sites/web_vhost_subdomain_edit.php

@@ -225,9 +225,52 @@
        $tmp_txt = ($this->dataRecord['traffic_quota_lock'] == 'y')?'<b>('.$app->tform->lng('traffic_quota_exceeded_txt').')</b>':'';
        $app->tpl->setVar("traffic_quota_exceeded_txt", $tmp_txt);

        // remove the parent domain part of the domain name before we show it in the text field.
        $this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
        $app->tpl->setVar("domain",$this->dataRecord["domain"]);

        $app->uses('ini_parser,getconf');
        $settings = $app->getconf->get_global_config('domains');
        if ($settings['use_domain_module'] == 'y') {
            /*
             * The domain-module is in use.
            */
            $client_group_id = $_SESSION["s"]["user"]["default_group"];
            /*
             * The admin can select ALL domains, the user only the domains assigned to him
             */
            $sql = "SELECT domain_id, domain FROM domain ";
            if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                $sql .= "WHERE sys_groupid =" . $client_group_id;
            }
            $sql .= " ORDER BY domain";
            $domains = $app->db->queryAllRecords($sql);
            $domain_select = '';
            $selected_domain = '';
            if(is_array($domains) && sizeof($domains) > 0) {
                /* We have domains in the list, so create the drop-down-list */
                foreach( $domains as $domain) {
                    $domain_select .= "<option value=" . $domain['domain_id'] ;
                    if ('.' . $domain['domain'] == substr($this->dataRecord["domain"], -strlen($domain['domain']) - 1)) {
                        $domain_select .= " selected";
                        $selected_domain = $domain['domain'];
                    }
                    $domain_select .= ">" . $domain['domain'] . "</option>\r\n";
                }
            }
            else {
                /*
                 * We have no domains in the domain-list. This means, we can not add ANY new domain.
                 * To avoid, that the variable "domain_option" is empty and so the user can
                 * free enter a domain, we have to create a empty option!
                */
                $domain_select .= "<option value=''></option>\r\n";
            }
            $app->tpl->setVar("domain_option",$domain_select);
            $this->dataRecord['domain'] = substr($this->dataRecord["domain"], 0, strlen($this->dataRecord['domain']) - strlen($selected_domain) - 1);
        } else {
        
            // remove the parent domain part of the domain name before we show it in the text field.
            $this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
        }
        $app->tpl->setVar("domain",$this->dataRecord["domain"]);

        parent::onShowEnd();
    }
@@ -252,6 +295,29 @@
        $read_limits = array('limit_cgi', 'limit_ssi', 'limit_perl', 'limit_ruby', 'limit_python', 'force_suexec', 'limit_hterror', 'limit_wildcard', 'limit_ssl');
        
        if($app->tform->getCurrentTab() == 'domain') {
            
            /* check if the domain module is used - and check if the selected domain can be used! */
            $app->uses('ini_parser,getconf');
            $settings = $app->getconf->get_global_config('domains');
            if ($settings['use_domain_module'] == 'y') {
                $client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
                
                $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['sel_domain']);
                if ($_SESSION["s"]["user"]["typ"] != 'admin') {
                    $sql .= "AND sys_groupid =" . $client_group_id;
                }
                $domain_check = $app->db->queryOneRecord($sql);
                if(!$domain_check) {
                    // invalid domain selected
                    $app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
                } else {
                    $this->dataRecord['domain'] = $this->dataRecord['domain'] . '.' . $domain_check['domain'];
                }
            } else {
                $this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
            }
            
            
            $this->dataRecord['web_folder'] = strtolower($this->dataRecord['web_folder']);
            $forbidden_folders = array('', 'cgi-bin', 'web', 'log', 'private', 'ssl', 'tmp', 'webdav');
            if(in_array($this->dataRecord['web_folder'], $forbidden_folders)) {