docs/INSTALL_CENTOS_5.2.txt
@@ -54,6 +54,7 @@ mkdir $HOME/rpm/SRPMS mkdir $HOME/rpm/RPMS mkdir $HOME/rpm/RPMS/i386 mkdir $HOME/rpm/RPMS/x86_64 echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros
@@ -1,1145 +1,1145 @@ <?php /* Copyright (c) 2007, Till Brehm, projektfarm Gmbh All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of ISPConfig nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ class installer_base { var $wb = array(); var $language = 'en'; var $db; public $conf; public $install_ispconfig_interface = true; public $is_update = false; // true if it is an update, falsi if it is a new install public function __construct() { global $conf; //TODO: maybe $conf should be passed to constructor //$this->conf = $conf; } //: TODO Implement the translation function and language files for the installer. public function lng($text) { return $text; } public function error($msg) { die("ERROR: ".$msg."\n"); } public function simple_query($query, $answers, $default) { $finished = false; do { $answers_str = implode(',', $answers); swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: '); $input = sread(); //* Stop the installation if($input == 'quit') { swriteln($this->lng("Installation terminated by user.\n")); die(); } //* Select the default if($input == '') { $answer = $default; $finished = true; } //* Set answer id valid if(in_array($input, $answers)) { $answer = $input; $finished = true; } } while ($finished == false); swriteln(); return $answer; } public function free_query($query,$default) { swrite($this->lng($query).' ['.$default.']: '); $input = sread(); //* Stop the installation if($input == 'quit') { swriteln($this->lng("Installation terminated by user.\n")); die(); } $answer = ($input == '') ? $default : $input; swriteln(); return $answer; } /* // TODO: this function is not used atmo I think - pedro function request_language(){ swriteln(lng('Enter your language')); swriteln(lng('de, en')); } */ //** Detect installed applications public function find_installed_apps() { global $conf; if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true; if(is_installed('postfix')) $conf['postfix']['installed'] = true; if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true; if(is_installed('getmail')) $conf['getmail']['installed'] = true; if(is_installed('couriertcpd')) $conf['courier']['installed'] = true; if(is_installed('saslsauthd')) $conf['saslauthd']['installed'] = true; if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true; if(is_installed('clamdscan')) $conf['clamav']['installed'] = true; if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true; if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true; if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true; } /** Create the database for ISPConfig */ public function configure_database() { global $conf; //** Create the database if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['mysql']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) { $this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.'); } //* Set the database name in the DB library $this->db->dbName = $conf['mysql']['database']; //* Load the database dump into the database, if database contains no tables $db_tables = $this->db->getTables(); if(count($db_tables) > 0) { $this->error('Stopped: Database already contains some tables.'); } else { if($conf['mysql']['admin_password'] == '') { caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null", __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql'); } else { caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null", __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql'); } $db_tables = $this->db->getTables(); if(count($db_tables) == 0) { $this->error('Unable to load SQL-Dump into database table.'); } //* Load system.ini into the sys_ini table $system_ini = $this->db->quote(rf('tpl/system.ini.master')); $this->db->query("UPDATE sys_ini SET config = '$system_ini' WHERE sysini_id = 1"); } } //** Create the server record in the database public function add_database_server_record() { global $conf; if($conf['mysql']['host'] == 'localhost') { $from_host = 'localhost'; } else { $from_host = $conf['hostname']; } // Delete ISPConfig user in the local database, in case that it exists $this->db->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['ispconfig_user']."' AND Host = '".$from_host."';"); $this->db->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['database']."' AND Host = '".$from_host."';"); $this->db->query('FLUSH PRIVILEGES;'); //* Create the ISPConfig database user in the local database $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['database'].".* " ."TO '".$conf['mysql']['ispconfig_user']."'@'".$from_host."' " ."IDENTIFIED BY '".$conf['mysql']['ispconfig_password']."';"; if(!$this->db->query($query)) { $this->error('Unable to create database user: '.$conf['mysql']['ispconfig_user'].' Error: '.$this->db->errorMessage); } //* Reload database privelages $this->db->query('FLUSH PRIVILEGES;'); //* Set the database name in the DB library $this->db->dbName = $conf['mysql']['database']; $tpl_ini_array = ini_to_array(rf('tpl/server.ini.master')); // TODO: Update further distribution specific parameters for server config here $tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir']; $tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir']; $tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs']; $tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path']; $tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path']; $tpl_ini_array['server']['hostname'] = $conf['hostname']; $tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']); $tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir']; $tpl_ini_array['web']['website_path'] = $conf['web']['website_path']; $tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks']; $server_ini_content = array_to_ini($tpl_ini_array); $server_ini_content = mysql_real_escape_string($server_ini_content); $mail_server_enabled = ($conf['services']['mail'])?1:0; $web_server_enabled = ($conf['services']['web'])?1:0; $dns_server_enabled = ($conf['services']['dns'])?1:0; $file_server_enabled = ($conf['services']['file'])?1:0; $db_server_enabled = ($conf['services']['db'])?1:0; $vserver_server_enabled = ($conf['services']['vserver'])?1:0; if($conf['mysql']['master_slave_setup'] == 'y') { //* Insert the server record in master DB $sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);"; $this->dbmaster->query($sql); $conf['server_id'] = $this->dbmaster->insertID(); $conf['server_id'] = $conf['server_id']; //* Insert the same record in the local DB $sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES ('".$conf['server_id']."',1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);"; $this->db->query($sql); //* insert the ispconfig user in the remote server $from_host = $conf['hostname']; $from_ip = gethostbyname($conf['hostname']); //* username for the ispconfig user $conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id']; //* Delete ISPConfig user in the master database, in case that it exists $this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_host."';"); $this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_host."';"); $this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_ip."';"); $this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_ip."';"); $this->dbmaster->query('FLUSH PRIVILEGES;'); //* Create the ISPConfig database user in the remote database $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['master_database'].".* " ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$from_host."' " ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';"; if(!$this->dbmaster->query($query)) { $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage); } $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['master_database'].".* " ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$from_ip."' " ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';"; if(!$this->dbmaster->query($query)) { $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage); } } else { //* Insert the server, if its not a mster / slave setup $sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);"; $this->db->query($sql); $conf['server_id'] = $this->db->insertID(); $conf['server_id'] = $conf['server_id']; } } //** writes postfix configuration files public function process_postfix_config($configfile) { global $conf; $config_dir = $conf['postfix']['config_dir'].'/'; $full_file_name = $config_dir.$configfile; //* Backup exiting file if(is_file($full_file_name)){ copy($full_file_name, $config_dir.$configfile.'~'); } $content = rf('tpl/'.$configfile.'.master'); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); wf($full_file_name, $content); } public function configure_jailkit() { global $conf; $cf = $conf['jailkit']; $config_dir = $cf['config_dir']; $jk_init = $cf['jk_init']; $jk_chrootsh = $cf['jk_chrootsh']; if (is_dir($config_dir)) { if(is_file($config_dir.'/'.$jk_init)) copy($config_dir.'/'.$jk_init, $config_dir.'/'.$jk_init.'~'); if(is_file($config_dir.'/'.$jk_chrootsh.".master")) copy($config_dir.'/'.$jk_chrootsh.".master", $config_dir.'/'.$jk_chrootsh.'~'); copy('tpl/'.$jk_init.".master", $config_dir.'/'.$jk_init); copy('tpl/'.$jk_chrootsh.".master", $config_dir.'/'.$jk_chrootsh); } } public function configure_postfix($options = '') { global $conf; $cf = $conf['postfix']; $config_dir = $cf['config_dir']; if(!is_dir($config_dir)){ $this->error("The postfix configuration directory '$config_dir' does not exist."); } //* mysql-virtual_domains.cf $this->process_postfix_config('mysql-virtual_domains.cf'); //* mysql-virtual_forwardings.cf $this->process_postfix_config('mysql-virtual_forwardings.cf'); //* mysql-virtual_mailboxes.cf $this->process_postfix_config('mysql-virtual_mailboxes.cf'); //* mysql-virtual_email2email.cf $this->process_postfix_config('mysql-virtual_email2email.cf'); //* mysql-virtual_transports.cf $this->process_postfix_config('mysql-virtual_transports.cf'); //* mysql-virtual_recipient.cf $this->process_postfix_config('mysql-virtual_recipient.cf'); //* mysql-virtual_sender.cf $this->process_postfix_config('mysql-virtual_sender.cf'); //* mysql-virtual_client.cf $this->process_postfix_config('mysql-virtual_client.cf'); //* mysql-virtual_relaydomains.cf $this->process_postfix_config('mysql-virtual_relaydomains.cf'); //* Changing mode and group of the new created config files. caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null', __FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed'); caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null', __FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed'); //* Creating virtual mail user and group $command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname']; if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m'; if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $postconf_commands = array ( 'myhostname = '.$conf['hostname'], 'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain', 'mynetworks = 127.0.0.0/8', 'virtual_alias_domains =', 'virtual_alias_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_forwardings.cf, mysql:'.$config_dir.'/mysql-virtual_email2email.cf', 'virtual_mailbox_domains = proxy:mysql:'.$config_dir.'/mysql-virtual_domains.cf', 'virtual_mailbox_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailboxes.cf', 'virtual_mailbox_base = '.$cf['vmail_mailbox_base'], 'virtual_uid_maps = static:'.$cf['vmail_userid'], 'virtual_gid_maps = static:'.$cf['vmail_groupid'], 'smtpd_sasl_auth_enable = yes', 'broken_sasl_auth_clients = yes', 'smtpd_sasl_authenticated_header = yes', 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination', 'smtpd_use_tls = yes', 'smtpd_tls_security_level = may', 'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert', 'smtpd_tls_key_file = '.$config_dir.'/smtpd.key', 'transport_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_transports.cf', 'relay_domains = mysql:'.$config_dir.'/mysql-virtual_relaydomains.cf', 'virtual_create_maildirsize = yes', 'virtual_maildir_extended = yes', 'virtual_mailbox_limit_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailbox_limit_maps.cf', 'virtual_mailbox_limit_override = yes', 'virtual_maildir_limit_message = "The user you are trying to reach is over quota."', 'virtual_overquota_bounce = yes', 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps', 'smtpd_sender_restrictions = check_sender_access mysql:'.$config_dir.'/mysql-virtual_sender.cf', 'smtpd_client_restrictions = check_client_access mysql:'.$config_dir.'/mysql-virtual_client.cf', 'maildrop_destination_concurrency_limit = 1', 'maildrop_destination_recipient_limit = 1', 'virtual_transport = maildrop', 'header_checks = regexp:'.$config_dir.'/header_checks', 'mime_header_checks = regexp:'.$config_dir.'/mime_header_checks', 'nested_header_checks = regexp:'.$config_dir.'/nested_header_checks', 'body_checks = regexp:'.$config_dir.'/body_checks' ); //* Create the header and body check files touch($config_dir.'/header_checks'); touch($config_dir.'/mime_header_checks'); touch($config_dir.'/nested_header_checks'); touch($config_dir.'/body_checks'); //* Make a backup copy of the main.cf file copy($config_dir.'/main.cf', $config_dir.'/main.cf~'); //* Executing the postconf commands foreach($postconf_commands as $cmd) { $command = "postconf -e '$cmd'"; caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command); } if(!stristr($options,'dont-create-certs')) { //* Create the SSL certificate $command = 'cd '.$config_dir.'; ' .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509'; exec($command); $command = 'chmod o= '.$config_dir.'/smtpd.key'; caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command); } //** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop. $command = 'chmod 755 /var/run/courier/authdaemon/'; caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command); //* Changing maildrop lines in posfix master.cf if(is_file($config_dir.'/master.cf')){ copy($config_dir.'/master.cf', $config_dir.'/master.cf~'); } if(is_file($config_dir.'/master.cf~')){ exec('chmod 400 '.$config_dir.'/master.cf~'); } $configfile = $config_dir.'/master.cf'; $content = rf($configfile); $content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}', 'flags=R user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}', $content); wf($configfile, $content); //* Writing the Maildrop mailfilter file $configfile = 'mailfilter'; if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)){ copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~'); } $content = rf("tpl/$configfile.master"); $content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content); wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content); //* Create the directory for the custom mailfilters if(!is_dir($cf['vmail_mailbox_base'].'/mailfilters')) { $command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters'; caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } //* Chmod and chown the .mailfilter file $command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter'; caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter'; caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } public function configure_saslauthd() { global $conf; $configfile = 'sasl_smtpd.conf'; if(is_file($conf["postfix"]["config_dir"].'/sasl/smtpd.conf')) copy($conf["postfix"]["config_dir"].'/sasl/smtpd.conf',$conf["postfix"]["config_dir"].'/sasl/smtpd.conf~'); if(is_file($conf["postfix"]["config_dir"].'/sasl/smtpd.conf~')) exec('chmod 400 '.$conf["postfix"]["config_dir"].'/sasl/smtpd.conf~'); $content = rf("tpl/".$configfile.".master"); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content); wf($conf["postfix"]["config_dir"].'/sasl/smtpd.conf',$content); // TODO: Chmod and chown on the config file // Create the spool directory exec('mkdir -p /var/spool/postfix/var/run/saslauthd'); // Edit the file /etc/default/saslauthd $configfile = $conf["saslauthd"]["config"]; if(is_file($configfile)) copy($configfile,$configfile.'~'); if(is_file($configfile.'~')) exec('chmod 400 '.$configfile.'~'); $content = rf($configfile); $content = str_replace('START=no','START=yes',$content); // Debian $content = str_replace('OPTIONS="-c"','OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"',$content); // Ubuntu $content = str_replace('OPTIONS="-c -m /var/run/saslauthd"','OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"',$content); wf($configfile,$content); // Edit the file /etc/init.d/saslauthd $configfile = $conf["init_scripts"].'/'.$conf["saslauthd"]["init_script"]; $content = rf($configfile); $content = str_replace('PIDFILE=$RUN_DIR/saslauthd.pid','PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"',$content); wf($configfile,$content); // add the postfix user to the sasl group (at least nescessary for ubuntu 8.04 and most likely debian lenny too. exec('adduser postfix sasl'); } public function configure_pam() { global $conf; $pam = $conf['pam']; //* configure pam for SMTP authentication agains the ispconfig database $configfile = 'pamd_smtp'; if(is_file("$pam/smtp")) copy("$pam/smtp", "$pam/smtp~"); if(is_file("$pam/smtp~")) exec("chmod 400 $pam/smtp~"); $content = rf("tpl/$configfile.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content); wf("$pam/smtp", $content); exec("chmod 660 $pam/smtp"); exec("chown daemon:daemon $pam/smtp"); } public function configure_courier() { global $conf; $config_dir = $conf['courier']['config_dir']; //* authmysqlrc $configfile = 'authmysqlrc'; if(is_file("$config_dir/$configfile")){ copy("$config_dir/$configfile", "$config_dir/$configfile~"); } exec("chmod 400 $config_dir/$configfile~"); $content = rf("tpl/$configfile.master"); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content); wf("$config_dir/$configfile", $content); exec("chmod 660 $config_dir/$configfile"); exec("chown daemon:daemon $config_dir/$configfile"); //* authdaemonrc $configfile = $conf['courier']['config_dir'].'/authdaemonrc'; if(is_file($configfile)){ copy($configfile, $configfile.'~'); } if(is_file($configfile.'~')){ exec('chmod 400 '.$configfile.'~'); } $content = rf($configfile); $content = str_replace('authmodulelist="authpam"', 'authmodulelist="authmysql"', $content); wf($configfile, $content); } public function configure_amavis() { global $conf; // amavisd user config file $configfile = 'amavisd_user_config'; if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user')) copy($conf["amavis"]["config_dir"].'/conf.d/50-user',$conf["courier"]["config_dir"].'/50-user~'); if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/conf.d/50-user~'); $content = rf("tpl/".$configfile.".master"); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_port}',$conf["mysql"]["port"],$content); $content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content); wf($conf["amavis"]["config_dir"].'/conf.d/50-user',$content); // TODO: chmod and chown on the config file // Adding the amavisd commands to the postfix configuration $postconf_commands = array ( 'content_filter = amavis:[127.0.0.1]:10024', 'receive_override_options = no_address_mappings' ); // Make a backup copy of the main.cf file copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~2'); // Executing the postconf commands foreach($postconf_commands as $cmd) { $command = "postconf -e '$cmd'"; caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } // Append the configuration for amavisd to the master.cf file if(is_file($conf["postfix"]["config_dir"].'/master.cf')) copy($conf["postfix"]["config_dir"].'/master.cf',$conf["postfix"]["config_dir"].'/master.cf~'); $content = rf($conf["postfix"]["config_dir"].'/master.cf'); // Only add the content if we had not addded it before if(!stristr($content,"127.0.0.1:10025")) { unset($content); $content = rf("tpl/master_cf_amavis.master"); af($conf["postfix"]["config_dir"].'/master.cf',$content); } unset($content); // Add the clamav user to the amavis group exec('adduser clamav amavis'); } public function configure_spamassassin() { global $conf; //* Enable spamasasssin on debian and ubuntu $configfile = '/etc/default/spamassassin'; if(is_file($configfile)){ copy($configfile, $configfile.'~'); } $content = rf($configfile); $content = str_replace('ENABLED=0', 'ENABLED=1', $content); wf($configfile, $content); } public function configure_getmail() { global $conf; $config_dir = $conf['getmail']['config_dir']; if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir)); $command = "useradd -d $config_dir getmail"; if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = "chown -R getmail $config_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = "chmod -R 700 $config_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } public function configure_pureftpd() { global $conf; $config_dir = $conf['pureftpd']['config_dir']; //* configure pam for SMTP authentication agains the ispconfig database $configfile = 'db/mysql.conf'; if(is_file("$config_dir/$configfile")){ copy("$config_dir/$configfile", "$config_dir/$configfile~"); } if(is_file("$config_dir/$configfile~")){ exec("chmod 400 $config_dir/$configfile~"); } $content = rf('tpl/pureftpd_mysql.conf.master'); $content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content); $content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content); $content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content); $content = str_replace('{server_id}', $conf["server_id"], $content); wf("$config_dir/$configfile", $content); exec("chmod 600 $config_dir/$configfile"); exec("chown root:root $config_dir/$configfile"); // **enable chrooting //exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone'); exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone'); exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility'); } public function configure_mydns() { global $conf; // configure pam for SMTP authentication agains the ispconfig database $configfile = 'mydns.conf'; if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile,$conf["mydns"]["config_dir"].'/'.$configfile.'~'); if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~'); $content = rf("tpl/".$configfile.".master"); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_host}',$conf["mysql"]["host"],$content); $content = str_replace('{server_id}',$conf["server_id"],$content); wf($conf["mydns"]["config_dir"].'/'.$configfile,$content); exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile); exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile); } public function configure_apache() { global $conf; //* Create the logging directory for the vhost logfiles exec('mkdir -p /var/log/ispconfig/httpd'); if(is_file('/etc/suphp/suphp.conf')) { replaceLine('/etc/suphp/suphp.conf','php=php:/usr/bin','x-httpd-suphp=php:/usr/bin/php-cgi',0); //replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0); } if(is_file('/etc/apache2/sites-enabled/000-default')) { replaceLine('/etc/apache2/sites-available/000-default','NameVirtualHost *','NameVirtualHost *:80',1,0); replaceLine('/etc/apache2/sites-available/000-default','<VirtualHost *>','<VirtualHost *:80>',1,0); } if(is_file('/etc/apache2/ports.conf')) { // add a line "Listen 443" to ports conf if line does not exist replaceLine('/etc/apache2/ports.conf','Listen 443','Listen 443',1); } //* Copy the ISPConfig configuration include $vhost_conf_dir = $conf['apache']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir']; // copy('tpl/apache_ispconfig.conf.master',$vhost_conf_dir.'/ispconfig.conf'); $content = rf("tpl/apache_ispconfig.conf.master"); $records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'"); if(count($records) > 0) { foreach($records as $rec) { $content .= "NameVirtualHost ".$rec["ip_address"].":80\n"; $content .= "NameVirtualHost ".$rec["ip_address"].":443\n"; } } $content .= "\n"; wf($vhost_conf_dir.'/ispconfig.conf',$content); if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) { exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf"); } } public function configure_firewall() { global $conf; $dist_init_scripts = $conf['init_scripts']; if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__); if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__); @mkdir("/etc/Bastille", octdec($directory_mode)); if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__); caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__); caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__); $content = rf("/etc/Bastille/bastille-firewall.cfg"); $content = str_replace("{DNS_SERVERS}", "", $content); $tcp_public_services = ''; $udp_public_services = ''; $row = $this->db->queryOneRecord("SELECT * FROM firewall WHERE server_id = ".intval($conf['server_id'])); if(trim($row["tcp_port"]) != '' || trim($row["udp_port"]) != ''){ $tcp_public_services = trim(str_replace(',',' ',$row["tcp_port"])); $udp_public_services = trim(str_replace(',',' ',$row["udp_port"])); } else { $tcp_public_services = '21 22 25 53 80 110 143 443 3306 8080 10000'; $udp_public_services = '53'; } if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) { $tcp_public_services .= ' '.intval($conf['apache']['vhost_port']); if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id'])); } $content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content); $content = str_replace("{UDP_PUBLIC_SERVICES}", $udp_public_services, $content); wf("/etc/Bastille/bastille-firewall.cfg", $content); if(is_file($dist_init_scripts."/bastille-firewall")) caselog("mv -f $dist_init_scripts/bastille-firewall $dist_init_scripts/bastille-firewall.backup", __FILE__, __LINE__); caselog("cp -f apps/bastille-firewall $dist_init_scripts", __FILE__, __LINE__); caselog("chmod 700 $dist_init_scripts/bastille-firewall", __FILE__, __LINE__); if(is_file("/sbin/bastille-ipchains")) caselog("mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup", __FILE__, __LINE__); caselog("cp -f apps/bastille-ipchains /sbin", __FILE__, __LINE__); caselog("chmod 700 /sbin/bastille-ipchains", __FILE__, __LINE__); if(is_file("/sbin/bastille-netfilter")) caselog("mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup", __FILE__, __LINE__); caselog("cp -f apps/bastille-netfilter /sbin", __FILE__, __LINE__); caselog("chmod 700 /sbin/bastille-netfilter", __FILE__, __LINE__); if(!@is_dir('/var/lock/subsys')) caselog("mkdir /var/lock/subsys", __FILE__, __LINE__); exec("which ipchains &> /dev/null", $ipchains_location, $ret_val); if(!is_file("/sbin/ipchains") && !is_link("/sbin/ipchains") && $ret_val == 0) phpcaselog(@symlink(shell_exec("which ipchains"), "/sbin/ipchains"), 'create symlink', __FILE__, __LINE__); unset($ipchains_location); exec("which iptables &> /dev/null", $iptables_location, $ret_val); if(!is_file("/sbin/iptables") && !is_link("/sbin/iptables") && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec("which iptables")), "/sbin/iptables"), 'create symlink', __FILE__, __LINE__); unset($iptables_location); } public function install_ispconfig() { global $conf; $install_dir = $conf['ispconfig_install_dir']; //* Create the ISPConfig installation directory if(!@is_dir("$install_dir")) { $command = "mkdir $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } //* Create a ISPConfig user and group $command = 'groupadd ispconfig'; if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = "useradd -g ispconfig -d $install_dir ispconfig"; if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* copy the ISPConfig interface part $command = "cp -rf ../interface $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* copy the ISPConfig server part $command = "cp -rf ../server $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Create a symlink, so ISPConfig is accessible via web // Replaced by a separate vhost definition for port 8080 // $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig"; // caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Create the config file for ISPConfig interface $configfile = 'config.inc.php'; if(is_file($install_dir.'/interface/lib/'.$configfile)){ copy("$install_dir/interface/lib/$configfile", "$install_dir/interface/lib/$configfile~"); } $content = rf("tpl/$configfile.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); wf("$install_dir/interface/lib/$configfile", $content); //* Create the config file for ISPConfig server $configfile = 'config.inc.php'; if(is_file($install_dir.'/server/lib/'.$configfile)){ copy("$install_dir/server/lib/$configfile", "$install_dir/interface/lib/$configfile~"); } $content = rf("tpl/$configfile.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); wf("$install_dir/server/lib/$configfile", $content); //* Enable the server modules and plugins. // TODO: Implement a selector which modules and plugins shall be enabled. $dir = $install_dir.'/server/mods-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') { include_once($install_dir.'/server/mods-available/'.$file); $module_name = substr($file,0,-8); $tmp = new $module_name; if($tmp->onInstall()) { if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file); if (strpos($file, '_core_module') !== false) { if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file); } } unset($tmp); } } closedir($dh); } } $dir = $install_dir.'/server/plugins-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') { include_once($install_dir.'/server/plugins-available/'.$file); $plugin_name = substr($file,0,-8); $tmp = new $plugin_name; if(method_exists($tmp,'onInstall') && $tmp->onInstall()) { if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file); if (strpos($file, '_core_plugin') !== false) { if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file); } } unset($tmp); } } closedir($dh); } } // Update the server config $mail_server_enabled = ($conf['services']['mail'])?1:0; $web_server_enabled = ($conf['services']['web'])?1:0; $dns_server_enabled = ($conf['services']['dns'])?1:0; $file_server_enabled = ($conf['services']['file'])?1:0; $db_server_enabled = ($conf['services']['db'])?1:0; $vserver_server_enabled = ($conf['services']['vserver'])?1:0; $sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']); if($conf['mysql']['master_slave_setup'] == 'y') { $this->dbmaster->query($sql); $this->db->query($sql); } else { $this->db->query($sql); } //* Chmod the files $command = "chmod -R 750 $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* chown the files to the ispconfig user and group $command = "chown -R ispconfig:ispconfig $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Make the global language file directory group writable exec("chmod -R 770 $install_dir/interface/lib/lang"); //* Make the temp directory for language file exports writable exec("chmod -R 770 $install_dir/interface/web/temp"); //* Make all interface language file directories group writable $handle = @opendir($install_dir.'/interface/web'); while ($file = @readdir ($handle)) { if ($file != '.' && $file != '..') { if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) { $handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang'); chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang',0770); while ($lang_file = @readdir ($handle2)) { if ($lang_file != '.' && $lang_file != '..') { chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file,0770); } } } } } //* make sure that the server config file (not the interface one) is only readable by the root user exec("chmod 600 $install_dir/server/lib/$configfile"); exec("chown root:root $install_dir/server/lib/$configfile"); if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) { exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf"); exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf"); } // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing // and must be fixed as this will allow the apache user to read the ispconfig files. // Later this must run as own apache server or via suexec! $command = 'adduser www-data ispconfig'; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Make the shell scripts executable $command = "chmod +x $install_dir/server/scripts/*.sh"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Copy the ISPConfig vhost for the controlpanel $vhost_conf_dir = $conf['apache']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $content = rf("tpl/apache_ispconfig.vhost.master"); $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content); // comment out the listen directive if port is 80 or 443 if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) { $content = str_replace('{vhost_port_listen}', '#', $content); } else { $content = str_replace('{vhost_port_listen}', '', $content); } wf("$vhost_conf_dir/ispconfig.vhost", $content); //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost"); //* and create the symlink if($this->install_ispconfig_interface == true && $this->is_update == false) { if(@is_link("$vhost_conf_enabled_dir/ispconfig.vhost")) unlink("$vhost_conf_enabled_dir/ispconfig.vhost"); if(!@is_link("$vhost_conf_enabled_dir/000-ispconfig.vhost")) { exec("ln -s $vhost_conf_dir/ispconfig.vhost $vhost_conf_enabled_dir/000-ispconfig.vhost"); } } if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) { exec('mkdir -p /var/www/php-fcgi-scripts/ispconfig'); exec('cp tpl/apache_ispconfig_fcgi_starter.master /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('ln -s /usr/local/ispconfig/interface/web /var/www/ispconfig'); exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig'); } //* Install the update script if(is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) unlink('/usr/local/bin/ispconfig_update_from_svn.sh'); exec('chown root /usr/local/ispconfig/server/scripts/update_from_svn.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_svn.sh'); exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); if(!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_svn.sh'); if(!is_link('/usr/local/bin/ispconfig_update.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh'); //* Make the logs readable for the ispconfig user if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log'); if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn'); if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err'); if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages'); if(@is_file('/var/log/clamav/clamav.log')) exec('chmod +r /var/log/clamav/clamav.log'); if(@is_file('/var/log/clamav/freshclam.log')) exec('chmod +r /var/log/clamav/freshclam.log'); //* Create the ispconfig log directory if(!is_dir('/var/log/ispconfig')) mkdir('/var/log/ispconfig'); if(!is_file('/var/log/ispconfig/ispconfig.log')) exec('touch /var/log/ispconfig/ispconfig.log'); exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh'); exec('chown getmail /usr/local/bin/run-getmail.sh'); exec('chmod 744 /usr/local/bin/run-getmail.sh'); } public function configure_dbserver() { global $conf; //* If this server shall act as database server for client DB's, we configure this here $install_dir = $conf['ispconfig_install_dir']; // Create a file with the database login details which // are used to create the client databases. if(!is_dir("$install_dir/server/lib")) { $command = "mkdir $install_dir/server/lib"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } $content = rf("tpl/mysql_clientdb.conf.master"); $content = str_replace('{username}',$conf['mysql']['admin_user'],$content); $content = str_replace('{password}',$conf['mysql']['admin_password'], $content); wf("$install_dir/server/lib/mysql_clientdb.conf",$content); exec('chmod 600 '."$install_dir/server/lib/mysql_clientdb.conf"); exec('chown root:root '."$install_dir/server/lib/mysql_clientdb.conf"); } public function install_crontab() { global $conf; //* Root Crontab exec('crontab -u root -l > crontab.txt'); $existing_root_cron_jobs = file('crontab.txt'); // remove existing ispconfig cronjobs, in case the syntax has changed foreach($existing_root_cron_jobs as $key => $val) { if(stristr($val,'/usr/local/ispconfig')) unset($existing_root_cron_jobs[$key]); } $root_cron_jobs = array( '* * * * * /usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log', '30 00 * * * /usr/local/ispconfig/server/cron_daily.sh > /dev/null 2>> /var/log/ispconfig/cron.log' ); foreach($root_cron_jobs as $cron_job) { if(!in_array($cron_job."\n", $existing_root_cron_jobs)) { $existing_root_cron_jobs[] = $cron_job."\n"; } } file_put_contents('crontab.txt', $existing_root_cron_jobs); exec('crontab -u root crontab.txt &> /dev/null'); unlink('crontab.txt'); //* Getmail crontab if(is_user('getmail')) { $cf = $conf['getmail']; exec('crontab -u getmail -l > crontab.txt'); $existing_cron_jobs = file('crontab.txt'); $cron_jobs = array( '*/5 * * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /var/log/ispconfig/cron.log' ); // remove existing ispconfig cronjobs, in case the syntax has changed foreach($existing_cron_jobs as $key => $val) { if(stristr($val,'getmail')) unset($existing_cron_jobs[$key]); } foreach($cron_jobs as $cron_job) { if(!in_array($cron_job."\n", $existing_cron_jobs)) { $existing_cron_jobs[] = $cron_job."\n"; } } file_put_contents('crontab.txt', $existing_cron_jobs); exec('crontab -u getmail crontab.txt &> /dev/null'); unlink('crontab.txt'); } exec('touch /var/log/ispconfig/cron.log'); exec('chmod 666 /var/log/ispconfig/cron.log'); } } <?php /* Copyright (c) 2007, Till Brehm, projektfarm Gmbh All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of ISPConfig nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ class installer_base { var $wb = array(); var $language = 'en'; var $db; public $conf; public $install_ispconfig_interface = true; public $is_update = false; // true if it is an update, falsi if it is a new install public function __construct() { global $conf; //TODO: maybe $conf should be passed to constructor //$this->conf = $conf; } //: TODO Implement the translation function and language files for the installer. public function lng($text) { return $text; } public function error($msg) { die("ERROR: ".$msg."\n"); } public function simple_query($query, $answers, $default) { $finished = false; do { $answers_str = implode(',', $answers); swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: '); $input = sread(); //* Stop the installation if($input == 'quit') { swriteln($this->lng("Installation terminated by user.\n")); die(); } //* Select the default if($input == '') { $answer = $default; $finished = true; } //* Set answer id valid if(in_array($input, $answers)) { $answer = $input; $finished = true; } } while ($finished == false); swriteln(); return $answer; } public function free_query($query,$default) { swrite($this->lng($query).' ['.$default.']: '); $input = sread(); //* Stop the installation if($input == 'quit') { swriteln($this->lng("Installation terminated by user.\n")); die(); } $answer = ($input == '') ? $default : $input; swriteln(); return $answer; } /* // TODO: this function is not used atmo I think - pedro function request_language(){ swriteln(lng('Enter your language')); swriteln(lng('de, en')); } */ //** Detect installed applications public function find_installed_apps() { global $conf; if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true; if(is_installed('postfix')) $conf['postfix']['installed'] = true; if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true; if(is_installed('getmail')) $conf['getmail']['installed'] = true; if(is_installed('couriertcpd')) $conf['courier']['installed'] = true; if(is_installed('saslsauthd')) $conf['saslauthd']['installed'] = true; if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true; if(is_installed('clamdscan')) $conf['clamav']['installed'] = true; if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true; if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true; if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true; } /** Create the database for ISPConfig */ public function configure_database() { global $conf; //** Create the database if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['mysql']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) { $this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.'); } //* Set the database name in the DB library $this->db->dbName = $conf['mysql']['database']; //* Load the database dump into the database, if database contains no tables $db_tables = $this->db->getTables(); if(count($db_tables) > 0) { $this->error('Stopped: Database already contains some tables.'); } else { if($conf['mysql']['admin_password'] == '') { caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null", __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql'); } else { caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null", __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql'); } $db_tables = $this->db->getTables(); if(count($db_tables) == 0) { $this->error('Unable to load SQL-Dump into database table.'); } //* Load system.ini into the sys_ini table $system_ini = $this->db->quote(rf('tpl/system.ini.master')); $this->db->query("UPDATE sys_ini SET config = '$system_ini' WHERE sysini_id = 1"); } } //** Create the server record in the database public function add_database_server_record() { global $conf; if($conf['mysql']['host'] == 'localhost') { $from_host = 'localhost'; } else { $from_host = $conf['hostname']; } // Delete ISPConfig user in the local database, in case that it exists $this->db->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['ispconfig_user']."' AND Host = '".$from_host."';"); $this->db->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['database']."' AND Host = '".$from_host."';"); $this->db->query('FLUSH PRIVILEGES;'); //* Create the ISPConfig database user in the local database $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['database'].".* " ."TO '".$conf['mysql']['ispconfig_user']."'@'".$from_host."' " ."IDENTIFIED BY '".$conf['mysql']['ispconfig_password']."';"; if(!$this->db->query($query)) { $this->error('Unable to create database user: '.$conf['mysql']['ispconfig_user'].' Error: '.$this->db->errorMessage); } //* Reload database privelages $this->db->query('FLUSH PRIVILEGES;'); //* Set the database name in the DB library $this->db->dbName = $conf['mysql']['database']; $tpl_ini_array = ini_to_array(rf('tpl/server.ini.master')); // TODO: Update further distribution specific parameters for server config here $tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir']; $tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir']; $tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs']; $tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path']; $tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path']; $tpl_ini_array['server']['hostname'] = $conf['hostname']; $tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']); $tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir']; $tpl_ini_array['web']['website_path'] = $conf['web']['website_path']; $tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks']; $server_ini_content = array_to_ini($tpl_ini_array); $server_ini_content = mysql_real_escape_string($server_ini_content); $mail_server_enabled = ($conf['services']['mail'])?1:0; $web_server_enabled = ($conf['services']['web'])?1:0; $dns_server_enabled = ($conf['services']['dns'])?1:0; $file_server_enabled = ($conf['services']['file'])?1:0; $db_server_enabled = ($conf['services']['db'])?1:0; $vserver_server_enabled = ($conf['services']['vserver'])?1:0; if($conf['mysql']['master_slave_setup'] == 'y') { //* Insert the server record in master DB $sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);"; $this->dbmaster->query($sql); $conf['server_id'] = $this->dbmaster->insertID(); $conf['server_id'] = $conf['server_id']; //* Insert the same record in the local DB $sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES ('".$conf['server_id']."',1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);"; $this->db->query($sql); //* insert the ispconfig user in the remote server $from_host = $conf['hostname']; $from_ip = gethostbyname($conf['hostname']); //* username for the ispconfig user $conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id']; //* Delete ISPConfig user in the master database, in case that it exists $this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_host."';"); $this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_host."';"); $this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_ip."';"); $this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_ip."';"); $this->dbmaster->query('FLUSH PRIVILEGES;'); //* Create the ISPConfig database user in the remote database $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['master_database'].".* " ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$from_host."' " ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';"; if(!$this->dbmaster->query($query)) { $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage); } $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['master_database'].".* " ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$from_ip."' " ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';"; if(!$this->dbmaster->query($query)) { $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage); } } else { //* Insert the server, if its not a mster / slave setup $sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);"; $this->db->query($sql); $conf['server_id'] = $this->db->insertID(); $conf['server_id'] = $conf['server_id']; } } //** writes postfix configuration files public function process_postfix_config($configfile) { global $conf; $config_dir = $conf['postfix']['config_dir'].'/'; $full_file_name = $config_dir.$configfile; //* Backup exiting file if(is_file($full_file_name)){ copy($full_file_name, $config_dir.$configfile.'~'); } $content = rf('tpl/'.$configfile.'.master'); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); wf($full_file_name, $content); } public function configure_jailkit() { global $conf; $cf = $conf['jailkit']; $config_dir = $cf['config_dir']; $jk_init = $cf['jk_init']; $jk_chrootsh = $cf['jk_chrootsh']; if (is_dir($config_dir)) { if(is_file($config_dir.'/'.$jk_init)) copy($config_dir.'/'.$jk_init, $config_dir.'/'.$jk_init.'~'); if(is_file($config_dir.'/'.$jk_chrootsh.".master")) copy($config_dir.'/'.$jk_chrootsh.".master", $config_dir.'/'.$jk_chrootsh.'~'); copy('tpl/'.$jk_init.".master", $config_dir.'/'.$jk_init); copy('tpl/'.$jk_chrootsh.".master", $config_dir.'/'.$jk_chrootsh); } } public function configure_postfix($options = '') { global $conf; $cf = $conf['postfix']; $config_dir = $cf['config_dir']; if(!is_dir($config_dir)){ $this->error("The postfix configuration directory '$config_dir' does not exist."); } //* mysql-virtual_domains.cf $this->process_postfix_config('mysql-virtual_domains.cf'); //* mysql-virtual_forwardings.cf $this->process_postfix_config('mysql-virtual_forwardings.cf'); //* mysql-virtual_mailboxes.cf $this->process_postfix_config('mysql-virtual_mailboxes.cf'); //* mysql-virtual_email2email.cf $this->process_postfix_config('mysql-virtual_email2email.cf'); //* mysql-virtual_transports.cf $this->process_postfix_config('mysql-virtual_transports.cf'); //* mysql-virtual_recipient.cf $this->process_postfix_config('mysql-virtual_recipient.cf'); //* mysql-virtual_sender.cf $this->process_postfix_config('mysql-virtual_sender.cf'); //* mysql-virtual_client.cf $this->process_postfix_config('mysql-virtual_client.cf'); //* mysql-virtual_relaydomains.cf $this->process_postfix_config('mysql-virtual_relaydomains.cf'); //* Changing mode and group of the new created config files. caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null', __FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed'); caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null', __FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed'); //* Creating virtual mail user and group $command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname']; if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m'; if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $postconf_commands = array ( 'myhostname = '.$conf['hostname'], 'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain', 'mynetworks = 127.0.0.0/8', 'virtual_alias_domains =', 'virtual_alias_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_forwardings.cf, mysql:'.$config_dir.'/mysql-virtual_email2email.cf', 'virtual_mailbox_domains = proxy:mysql:'.$config_dir.'/mysql-virtual_domains.cf', 'virtual_mailbox_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailboxes.cf', 'virtual_mailbox_base = '.$cf['vmail_mailbox_base'], 'virtual_uid_maps = static:'.$cf['vmail_userid'], 'virtual_gid_maps = static:'.$cf['vmail_groupid'], 'smtpd_sasl_auth_enable = yes', 'broken_sasl_auth_clients = yes', 'smtpd_sasl_authenticated_header = yes', 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination', 'smtpd_use_tls = yes', 'smtpd_tls_security_level = may', 'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert', 'smtpd_tls_key_file = '.$config_dir.'/smtpd.key', 'transport_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_transports.cf', 'relay_domains = mysql:'.$config_dir.'/mysql-virtual_relaydomains.cf', 'virtual_create_maildirsize = yes', 'virtual_maildir_extended = yes', 'virtual_mailbox_limit_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailbox_limit_maps.cf', 'virtual_mailbox_limit_override = yes', 'virtual_maildir_limit_message = "The user you are trying to reach is over quota."', 'virtual_overquota_bounce = yes', 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps', 'smtpd_sender_restrictions = check_sender_access mysql:'.$config_dir.'/mysql-virtual_sender.cf', 'smtpd_client_restrictions = check_client_access mysql:'.$config_dir.'/mysql-virtual_client.cf', 'maildrop_destination_concurrency_limit = 1', 'maildrop_destination_recipient_limit = 1', 'virtual_transport = maildrop', 'header_checks = regexp:'.$config_dir.'/header_checks', 'mime_header_checks = regexp:'.$config_dir.'/mime_header_checks', 'nested_header_checks = regexp:'.$config_dir.'/nested_header_checks', 'body_checks = regexp:'.$config_dir.'/body_checks' ); //* Create the header and body check files touch($config_dir.'/header_checks'); touch($config_dir.'/mime_header_checks'); touch($config_dir.'/nested_header_checks'); touch($config_dir.'/body_checks'); //* Make a backup copy of the main.cf file copy($config_dir.'/main.cf', $config_dir.'/main.cf~'); //* Executing the postconf commands foreach($postconf_commands as $cmd) { $command = "postconf -e '$cmd'"; caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command); } if(!stristr($options,'dont-create-certs')) { //* Create the SSL certificate $command = 'cd '.$config_dir.'; ' .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509'; exec($command); $command = 'chmod o= '.$config_dir.'/smtpd.key'; caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command); } //** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop. $command = 'chmod 755 /var/run/courier/authdaemon/'; caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command); //* Changing maildrop lines in posfix master.cf if(is_file($config_dir.'/master.cf')){ copy($config_dir.'/master.cf', $config_dir.'/master.cf~'); } if(is_file($config_dir.'/master.cf~')){ exec('chmod 400 '.$config_dir.'/master.cf~'); } $configfile = $config_dir.'/master.cf'; $content = rf($configfile); $content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}', 'flags=R user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}', $content); wf($configfile, $content); //* Writing the Maildrop mailfilter file $configfile = 'mailfilter'; if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)){ copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~'); } $content = rf("tpl/$configfile.master"); $content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content); wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content); //* Create the directory for the custom mailfilters if(!is_dir($cf['vmail_mailbox_base'].'/mailfilters')) { $command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters'; caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } //* Chmod and chown the .mailfilter file $command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter'; caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter'; caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } public function configure_saslauthd() { global $conf; $configfile = 'sasl_smtpd.conf'; if(is_file($conf["postfix"]["config_dir"].'/sasl/smtpd.conf')) copy($conf["postfix"]["config_dir"].'/sasl/smtpd.conf',$conf["postfix"]["config_dir"].'/sasl/smtpd.conf~'); if(is_file($conf["postfix"]["config_dir"].'/sasl/smtpd.conf~')) exec('chmod 400 '.$conf["postfix"]["config_dir"].'/sasl/smtpd.conf~'); $content = rf("tpl/".$configfile.".master"); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content); wf($conf["postfix"]["config_dir"].'/sasl/smtpd.conf',$content); // TODO: Chmod and chown on the config file // Create the spool directory exec('mkdir -p /var/spool/postfix/var/run/saslauthd'); // Edit the file /etc/default/saslauthd $configfile = $conf["saslauthd"]["config"]; if(is_file($configfile)) copy($configfile,$configfile.'~'); if(is_file($configfile.'~')) exec('chmod 400 '.$configfile.'~'); $content = rf($configfile); $content = str_replace('START=no','START=yes',$content); // Debian $content = str_replace('OPTIONS="-c"','OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"',$content); // Ubuntu $content = str_replace('OPTIONS="-c -m /var/run/saslauthd"','OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"',$content); wf($configfile,$content); // Edit the file /etc/init.d/saslauthd $configfile = $conf["init_scripts"].'/'.$conf["saslauthd"]["init_script"]; $content = rf($configfile); $content = str_replace('PIDFILE=$RUN_DIR/saslauthd.pid','PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"',$content); wf($configfile,$content); // add the postfix user to the sasl group (at least nescessary for ubuntu 8.04 and most likely debian lenny too. exec('adduser postfix sasl'); } public function configure_pam() { global $conf; $pam = $conf['pam']; //* configure pam for SMTP authentication agains the ispconfig database $configfile = 'pamd_smtp'; if(is_file("$pam/smtp")) copy("$pam/smtp", "$pam/smtp~"); if(is_file("$pam/smtp~")) exec("chmod 400 $pam/smtp~"); $content = rf("tpl/$configfile.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content); wf("$pam/smtp", $content); exec("chmod 660 $pam/smtp"); exec("chown daemon:daemon $pam/smtp"); } public function configure_courier() { global $conf; $config_dir = $conf['courier']['config_dir']; //* authmysqlrc $configfile = 'authmysqlrc'; if(is_file("$config_dir/$configfile")){ copy("$config_dir/$configfile", "$config_dir/$configfile~"); } exec("chmod 400 $config_dir/$configfile~"); $content = rf("tpl/$configfile.master"); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content); wf("$config_dir/$configfile", $content); exec("chmod 660 $config_dir/$configfile"); exec("chown daemon:daemon $config_dir/$configfile"); //* authdaemonrc $configfile = $conf['courier']['config_dir'].'/authdaemonrc'; if(is_file($configfile)){ copy($configfile, $configfile.'~'); } if(is_file($configfile.'~')){ exec('chmod 400 '.$configfile.'~'); } $content = rf($configfile); $content = str_replace('authmodulelist="authpam"', 'authmodulelist="authmysql"', $content); wf($configfile, $content); } public function configure_amavis() { global $conf; // amavisd user config file $configfile = 'amavisd_user_config'; if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user')) copy($conf["amavis"]["config_dir"].'/conf.d/50-user',$conf["courier"]["config_dir"].'/50-user~'); if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/conf.d/50-user~'); $content = rf("tpl/".$configfile.".master"); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_port}',$conf["mysql"]["port"],$content); $content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content); wf($conf["amavis"]["config_dir"].'/conf.d/50-user',$content); // TODO: chmod and chown on the config file // Adding the amavisd commands to the postfix configuration $postconf_commands = array ( 'content_filter = amavis:[127.0.0.1]:10024', 'receive_override_options = no_address_mappings' ); // Make a backup copy of the main.cf file copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~2'); // Executing the postconf commands foreach($postconf_commands as $cmd) { $command = "postconf -e '$cmd'"; caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } // Append the configuration for amavisd to the master.cf file if(is_file($conf["postfix"]["config_dir"].'/master.cf')) copy($conf["postfix"]["config_dir"].'/master.cf',$conf["postfix"]["config_dir"].'/master.cf~'); $content = rf($conf["postfix"]["config_dir"].'/master.cf'); // Only add the content if we had not addded it before if(!stristr($content,"127.0.0.1:10025")) { unset($content); $content = rf("tpl/master_cf_amavis.master"); af($conf["postfix"]["config_dir"].'/master.cf',$content); } unset($content); // Add the clamav user to the amavis group exec('adduser clamav amavis'); } public function configure_spamassassin() { global $conf; //* Enable spamasasssin on debian and ubuntu $configfile = '/etc/default/spamassassin'; if(is_file($configfile)){ copy($configfile, $configfile.'~'); } $content = rf($configfile); $content = str_replace('ENABLED=0', 'ENABLED=1', $content); wf($configfile, $content); } public function configure_getmail() { global $conf; $config_dir = $conf['getmail']['config_dir']; if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir)); $command = "useradd -d $config_dir getmail"; if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = "chown -R getmail $config_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = "chmod -R 700 $config_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } public function configure_pureftpd() { global $conf; $config_dir = $conf['pureftpd']['config_dir']; //* configure pam for SMTP authentication agains the ispconfig database $configfile = 'db/mysql.conf'; if(is_file("$config_dir/$configfile")){ copy("$config_dir/$configfile", "$config_dir/$configfile~"); } if(is_file("$config_dir/$configfile~")){ exec("chmod 400 $config_dir/$configfile~"); } $content = rf('tpl/pureftpd_mysql.conf.master'); $content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content); $content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content); $content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content); $content = str_replace('{server_id}', $conf["server_id"], $content); wf("$config_dir/$configfile", $content); exec("chmod 600 $config_dir/$configfile"); exec("chown root:root $config_dir/$configfile"); // **enable chrooting //exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone'); exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone'); exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility'); } public function configure_mydns() { global $conf; // configure pam for SMTP authentication agains the ispconfig database $configfile = 'mydns.conf'; if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile,$conf["mydns"]["config_dir"].'/'.$configfile.'~'); if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~'); $content = rf("tpl/".$configfile.".master"); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_host}',$conf["mysql"]["host"],$content); $content = str_replace('{server_id}',$conf["server_id"],$content); wf($conf["mydns"]["config_dir"].'/'.$configfile,$content); exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile); exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile); } public function configure_apache() { global $conf; //* Create the logging directory for the vhost logfiles exec('mkdir -p /var/log/ispconfig/httpd'); if(is_file('/etc/suphp/suphp.conf')) { replaceLine('/etc/suphp/suphp.conf','php=php:/usr/bin','x-httpd-suphp=php:/usr/bin/php-cgi',0); //replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0); } if(is_file('/etc/apache2/sites-enabled/000-default')) { replaceLine('/etc/apache2/sites-available/000-default','NameVirtualHost *','NameVirtualHost *:80',1,0); replaceLine('/etc/apache2/sites-available/000-default','<VirtualHost *>','<VirtualHost *:80>',1,0); } if(is_file('/etc/apache2/ports.conf')) { // add a line "Listen 443" to ports conf if line does not exist replaceLine('/etc/apache2/ports.conf','Listen 443','Listen 443',1); } //* Copy the ISPConfig configuration include $vhost_conf_dir = $conf['apache']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir']; // copy('tpl/apache_ispconfig.conf.master',$vhost_conf_dir.'/ispconfig.conf'); $content = rf("tpl/apache_ispconfig.conf.master"); $records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'"); if(count($records) > 0) { foreach($records as $rec) { $content .= "NameVirtualHost ".$rec["ip_address"].":80\n"; $content .= "NameVirtualHost ".$rec["ip_address"].":443\n"; } } $content .= "\n"; wf($vhost_conf_dir.'/ispconfig.conf',$content); if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) { exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf"); } } public function configure_firewall() { global $conf; $dist_init_scripts = $conf['init_scripts']; if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__); if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__); @mkdir("/etc/Bastille", octdec($directory_mode)); if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__); caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__); caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__); $content = rf("/etc/Bastille/bastille-firewall.cfg"); $content = str_replace("{DNS_SERVERS}", "", $content); $tcp_public_services = ''; $udp_public_services = ''; $row = $this->db->queryOneRecord("SELECT * FROM firewall WHERE server_id = ".intval($conf['server_id'])); if(trim($row["tcp_port"]) != '' || trim($row["udp_port"]) != ''){ $tcp_public_services = trim(str_replace(',',' ',$row["tcp_port"])); $udp_public_services = trim(str_replace(',',' ',$row["udp_port"])); } else { $tcp_public_services = '21 22 25 53 80 110 143 443 3306 8080 10000'; $udp_public_services = '53'; } if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) { $tcp_public_services .= ' '.intval($conf['apache']['vhost_port']); if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id'])); } $content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content); $content = str_replace("{UDP_PUBLIC_SERVICES}", $udp_public_services, $content); wf("/etc/Bastille/bastille-firewall.cfg", $content); if(is_file($dist_init_scripts."/bastille-firewall")) caselog("mv -f $dist_init_scripts/bastille-firewall $dist_init_scripts/bastille-firewall.backup", __FILE__, __LINE__); caselog("cp -f apps/bastille-firewall $dist_init_scripts", __FILE__, __LINE__); caselog("chmod 700 $dist_init_scripts/bastille-firewall", __FILE__, __LINE__); if(is_file("/sbin/bastille-ipchains")) caselog("mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup", __FILE__, __LINE__); caselog("cp -f apps/bastille-ipchains /sbin", __FILE__, __LINE__); caselog("chmod 700 /sbin/bastille-ipchains", __FILE__, __LINE__); if(is_file("/sbin/bastille-netfilter")) caselog("mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup", __FILE__, __LINE__); caselog("cp -f apps/bastille-netfilter /sbin", __FILE__, __LINE__); caselog("chmod 700 /sbin/bastille-netfilter", __FILE__, __LINE__); if(!@is_dir('/var/lock/subsys')) caselog("mkdir /var/lock/subsys", __FILE__, __LINE__); exec("which ipchains &> /dev/null", $ipchains_location, $ret_val); if(!is_file("/sbin/ipchains") && !is_link("/sbin/ipchains") && $ret_val == 0) phpcaselog(@symlink(shell_exec("which ipchains"), "/sbin/ipchains"), 'create symlink', __FILE__, __LINE__); unset($ipchains_location); exec("which iptables &> /dev/null", $iptables_location, $ret_val); if(!is_file("/sbin/iptables") && !is_link("/sbin/iptables") && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec("which iptables")), "/sbin/iptables"), 'create symlink', __FILE__, __LINE__); unset($iptables_location); } public function install_ispconfig() { global $conf; $install_dir = $conf['ispconfig_install_dir']; //* Create the ISPConfig installation directory if(!@is_dir("$install_dir")) { $command = "mkdir $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } //* Create a ISPConfig user and group $command = 'groupadd ispconfig'; if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); $command = "useradd -g ispconfig -d $install_dir ispconfig"; if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* copy the ISPConfig interface part $command = "cp -rf ../interface $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* copy the ISPConfig server part $command = "cp -rf ../server $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Create a symlink, so ISPConfig is accessible via web // Replaced by a separate vhost definition for port 8080 // $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig"; // caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Create the config file for ISPConfig interface $configfile = 'config.inc.php'; if(is_file($install_dir.'/interface/lib/'.$configfile)){ copy("$install_dir/interface/lib/$configfile", "$install_dir/interface/lib/$configfile~"); } $content = rf("tpl/$configfile.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); wf("$install_dir/interface/lib/$configfile", $content); //* Create the config file for ISPConfig server $configfile = 'config.inc.php'; if(is_file($install_dir.'/server/lib/'.$configfile)){ copy("$install_dir/server/lib/$configfile", "$install_dir/interface/lib/$configfile~"); } $content = rf("tpl/$configfile.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); wf("$install_dir/server/lib/$configfile", $content); //* Enable the server modules and plugins. // TODO: Implement a selector which modules and plugins shall be enabled. $dir = $install_dir.'/server/mods-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') { include_once($install_dir.'/server/mods-available/'.$file); $module_name = substr($file,0,-8); $tmp = new $module_name; if($tmp->onInstall()) { if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file); if (strpos($file, '_core_module') !== false) { if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file); } } unset($tmp); } } closedir($dh); } } $dir = $install_dir.'/server/plugins-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') { include_once($install_dir.'/server/plugins-available/'.$file); $plugin_name = substr($file,0,-8); $tmp = new $plugin_name; if(method_exists($tmp,'onInstall') && $tmp->onInstall()) { if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file); if (strpos($file, '_core_plugin') !== false) { if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file); } } unset($tmp); } } closedir($dh); } } // Update the server config $mail_server_enabled = ($conf['services']['mail'])?1:0; $web_server_enabled = ($conf['services']['web'])?1:0; $dns_server_enabled = ($conf['services']['dns'])?1:0; $file_server_enabled = ($conf['services']['file'])?1:0; $db_server_enabled = ($conf['services']['db'])?1:0; $vserver_server_enabled = ($conf['services']['vserver'])?1:0; $sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']); if($conf['mysql']['master_slave_setup'] == 'y') { $this->dbmaster->query($sql); $this->db->query($sql); } else { $this->db->query($sql); } //* Chmod the files $command = "chmod -R 750 $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* chown the files to the ispconfig user and group $command = "chown -R ispconfig:ispconfig $install_dir"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Make the global language file directory group writable exec("chmod -R 770 $install_dir/interface/lib/lang"); //* Make the temp directory for language file exports writable exec("chmod -R 770 $install_dir/interface/web/temp"); //* Make all interface language file directories group writable $handle = @opendir($install_dir.'/interface/web'); while ($file = @readdir ($handle)) { if ($file != '.' && $file != '..') { if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) { $handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang'); chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang',0770); while ($lang_file = @readdir ($handle2)) { if ($lang_file != '.' && $lang_file != '..') { chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file,0770); } } } } } //* make sure that the server config file (not the interface one) is only readable by the root user exec("chmod 600 $install_dir/server/lib/$configfile"); exec("chown root:root $install_dir/server/lib/$configfile"); if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) { exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf"); exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf"); } // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing // and must be fixed as this will allow the apache user to read the ispconfig files. // Later this must run as own apache server or via suexec! $command = 'adduser www-data ispconfig'; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Make the shell scripts executable $command = "chmod +x $install_dir/server/scripts/*.sh"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Copy the ISPConfig vhost for the controlpanel $vhost_conf_dir = $conf['apache']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $content = rf("tpl/apache_ispconfig.vhost.master"); $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content); // comment out the listen directive if port is 80 or 443 if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) { $content = str_replace('{vhost_port_listen}', '#', $content); } else { $content = str_replace('{vhost_port_listen}', '', $content); } wf("$vhost_conf_dir/ispconfig.vhost", $content); //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost"); //* and create the symlink if($this->install_ispconfig_interface == true && $this->is_update == false) { if(@is_link("$vhost_conf_enabled_dir/ispconfig.vhost")) unlink("$vhost_conf_enabled_dir/ispconfig.vhost"); if(!@is_link("$vhost_conf_enabled_dir/000-ispconfig.vhost")) { exec("ln -s $vhost_conf_dir/ispconfig.vhost $vhost_conf_enabled_dir/000-ispconfig.vhost"); } } if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) { exec('mkdir -p /var/www/php-fcgi-scripts/ispconfig'); exec('cp tpl/apache_ispconfig_fcgi_starter.master /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('ln -s /usr/local/ispconfig/interface/web /var/www/ispconfig'); exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig'); } //* Install the update script if(is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) unlink('/usr/local/bin/ispconfig_update_from_svn.sh'); exec('chown root /usr/local/ispconfig/server/scripts/update_from_svn.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_svn.sh'); exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); if(!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_svn.sh'); if(!is_link('/usr/local/bin/ispconfig_update.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh'); //* Make the logs readable for the ispconfig user if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log'); if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn'); if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err'); if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages'); if(@is_file('/var/log/clamav/clamav.log')) exec('chmod +r /var/log/clamav/clamav.log'); if(@is_file('/var/log/clamav/freshclam.log')) exec('chmod +r /var/log/clamav/freshclam.log'); //* Create the ispconfig log directory if(!is_dir('/var/log/ispconfig')) mkdir('/var/log/ispconfig'); if(!is_file('/var/log/ispconfig/ispconfig.log')) exec('touch /var/log/ispconfig/ispconfig.log'); exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh'); exec('chown getmail /usr/local/bin/run-getmail.sh'); exec('chmod 744 /usr/local/bin/run-getmail.sh'); } public function configure_dbserver() { global $conf; //* If this server shall act as database server for client DB's, we configure this here $install_dir = $conf['ispconfig_install_dir']; // Create a file with the database login details which // are used to create the client databases. if(!is_dir("$install_dir/server/lib")) { $command = "mkdir $install_dir/server/lib"; caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); } $content = rf("tpl/mysql_clientdb.conf.master"); $content = str_replace('{username}',$conf['mysql']['admin_user'],$content); $content = str_replace('{password}',$conf['mysql']['admin_password'], $content); wf("$install_dir/server/lib/mysql_clientdb.conf",$content); exec('chmod 600 '."$install_dir/server/lib/mysql_clientdb.conf"); exec('chown root:root '."$install_dir/server/lib/mysql_clientdb.conf"); } public function install_crontab() { global $conf; //* Root Crontab exec('crontab -u root -l > crontab.txt'); $existing_root_cron_jobs = file('crontab.txt'); // remove existing ispconfig cronjobs, in case the syntax has changed foreach($existing_root_cron_jobs as $key => $val) { if(stristr($val,'/usr/local/ispconfig')) unset($existing_root_cron_jobs[$key]); } $root_cron_jobs = array( '* * * * * /usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log', '30 00 * * * /usr/local/ispconfig/server/cron_daily.sh > /dev/null 2>> /var/log/ispconfig/cron.log' ); foreach($root_cron_jobs as $cron_job) { if(!in_array($cron_job."\n", $existing_root_cron_jobs)) { $existing_root_cron_jobs[] = $cron_job."\n"; } } file_put_contents('crontab.txt', $existing_root_cron_jobs); exec('crontab -u root crontab.txt &> /dev/null'); unlink('crontab.txt'); //* Getmail crontab if(is_user('getmail')) { $cf = $conf['getmail']; exec('crontab -u getmail -l > crontab.txt'); $existing_cron_jobs = file('crontab.txt'); $cron_jobs = array( '*/5 * * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /var/log/ispconfig/cron.log' ); // remove existing ispconfig cronjobs, in case the syntax has changed foreach($existing_cron_jobs as $key => $val) { if(stristr($val,'getmail')) unset($existing_cron_jobs[$key]); } foreach($cron_jobs as $cron_job) { if(!in_array($cron_job."\n", $existing_cron_jobs)) { $existing_cron_jobs[] = $cron_job."\n"; } } file_put_contents('crontab.txt', $existing_cron_jobs); exec('crontab -u getmail crontab.txt &> /dev/null'); unlink('crontab.txt'); } exec('touch /var/log/ispconfig/cron.log'); exec('chmod 666 /var/log/ispconfig/cron.log'); } } ?> install/tpl/apache_ispconfig.vhost.master
@@ -41,4 +41,15 @@ </VirtualHost> <Directory /var/www/php-cgi-scripts> AllowOverride None Order Deny,Allow Deny from all </Directory> <Directory /var/www/php-fcgi-scripts> AllowOverride None Order Deny,Allow Deny from all </Directory>
@@ -46,7 +46,7 @@ } # Create a mailsize file `echo $SIZE >> {dist_postfix_vmail_mailbox_base}/$HOST/$USER/.ispconfig_mailsize` `echo $SIZE >> {dist_postfix_vmail_mailbox_base}/$HOST/$USER/ispconfig_mailsize` # install/update.php
@@ -122,11 +122,11 @@ //** export the current database data if( !empty($conf["mysql"]["admin_password"]) ) { system("mysqldump -h ".$conf['mysql']['host']." -u ".$conf['mysql']['admin_user']." -p".$conf['mysql']['admin_password']." -c -t --add-drop-table --all --quick ".$conf['mysql']['database']." > existing_db.sql"); system("mysqldump -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' -c -t --add-drop-table --all --quick ".$conf['mysql']['database']." > existing_db.sql"); } else { system("mysqldump -h ".$conf['mysql']['host']." -u ".$conf['mysql']['admin_user']." -c -t --add-drop-table --all --quick ".$conf['mysql']['database']." > existing_db.sql"); system("mysqldump -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -c -t --add-drop-table --all --quick ".$conf['mysql']['database']." > existing_db.sql"); } @@ -165,10 +165,10 @@ //** load old data back into database if( !empty($conf["mysql"]["admin_password"]) ) { system("mysql --default-character-set=".$conf['mysql']['charset']." -h ".$conf['mysql']['host']." -u ".$conf['mysql']['admin_user']." -p".$conf['mysql']['admin_password']." ".$conf['mysql']['database']." < existing_db.sql"); system("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' ".$conf['mysql']['database']." < existing_db.sql"); } else { system("mysql --default-character-set=".$conf['mysql']['charset']." -h ".$conf['mysql']['host']." -u ".$conf['mysql']['admin_user']." ".$conf['mysql']['database']." < existing_db.sql"); system("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' ".$conf['mysql']['database']." < existing_db.sql"); } // create a backup copy of the ispconfig database in the root folder interface/lib/app.inc.php
@@ -1,206 +1,206 @@ <?php /* Copyright (c) 2007, Till Brehm, projektfarm Gmbh All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of ISPConfig nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /* Application Class */ ob_start('ob_gzhandler'); class app { private $_language_inc = 0; private $_wb; private $_loaded_classes = array(); private $_conf; public function __construct() { global $conf; if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($_REQUEST['s']) || isset($_REQUEST['s_old']) || isset($_REQUEST['conf'])) { die('Internal Error: var override attempt detected'); } $this->_conf = $conf; if($this->_conf['start_db'] == true) { $this->load('db_'.$this->_conf['db_type']); $this->db = new db; } //* Start the session if($this->_conf['start_session'] == true) { session_start(); //* Initialize session variables if(!isset($_SESSION['s']['id']) ) $_SESSION['s']['id'] = session_id(); if(empty($_SESSION['s']['theme'])) $_SESSION['s']['theme'] = $conf['theme']; if(empty($_SESSION['s']['language'])) $_SESSION['s']['language'] = $conf['language']; } $this->uses('auth'); } public function uses($classes) { $cl = explode(',', $classes); if(is_array($cl)) { foreach($cl as $classname){ $classname = trim($classname); //* Class is not loaded so load it if(!array_key_exists($classname, $this->_loaded_classes)){ include_once(ISPC_CLASS_PATH."/$classname.inc.php"); $this->$classname = new $classname(); $this->_loaded_classes[$classname] = true; } } } } public function load($files) { $fl = explode(',', $files); if(is_array($fl)) { foreach($fl as $file){ $file = trim($file); include_once(ISPC_CLASS_PATH."/$file.inc.php"); } } } /** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */ public function log($msg, $priority = 0) { if($priority >= $this->_conf['log_priority']) { if (is_writable($this->_conf['log_file'])) { if (!$fp = fopen ($this->_conf['log_file'], 'a')) { $this->error('Unable to open logfile.'); } if (!fwrite($fp, date('d.m.Y-H:i').' - '. $msg."\r\n")) { $this->error('Unable to write to logfile.'); } fclose($fp); } else { $this->error('Unable to write to logfile.'); } } } /** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */ public function error($msg, $next_link = '', $stop = true, $priority = 1) { //$this->uses("error"); //$this->error->message($msg, $priority); if($stop == true){ $msg = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Error</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="../themes/default/css/central.css" rel="stylesheet" type="text/css" /> </head> <body> <div class="uniForm"> <div id="errorMsg"> <h3>Error</h3> <ol> <li>'.$msg; if($next_link != '') $msg .= '<a href="'.$next_link.'">Next</a>'; $msg .= '</li> </ol> </div> </div> </body> </html>'; die($msg); } else { echo $msg; if($next_link != '') echo "<a href='$next_link'>Next</a>"; } } /** Loads language */ public function lng($text) { if($this->_language_inc != 1) { //* loading global and module Wordbook // TODO: this need to be made clearer somehow - pedro @include_once(ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng'); if(isset($_SESSION['s']['module']['name']) && isset($_SESSION['s']['language'])) { $lng_file = ISPC_ROOT_PATH.'/web/'.$_SESSION['s']['module']['name'].'/lib/lang/'.$_SESSION['s']['language'].'.lng'; if(!file_exists($lng_file)) $lng_file = ISPC_ROOT_PATH.'/web/'.$_SESSION['s']['module']['name'].'/lib/lang/en.lng'; @include_once($lng_file); } $this->_wb = $wb; $this->_language_inc = 1; } if(!empty($this->_wb[$text])) { $text = $this->_wb[$text]; } return $text; } public function tpl_defaults() { $this->tpl->setVar('app_title', $this->_conf['app_title']); $this->tpl->setVar('app_version', $this->_conf['app_version']); $this->tpl->setVar('app_link', $this->_conf['app_link']); if(isset($this->_conf['app_logo']) && $this->_conf['app_logo'] != '' && @is_file($this->_conf['app_logo'])){ $this->tpl->setVar('app_logo', '<img src="'.$this->_conf['app_logo'].'">'); } else { $this->tpl->setVar('app_logo', ' '); } $this->tpl->setVar('phpsessid', session_id()); $this->tpl->setVar('theme', $_SESSION['s']['theme']); $this->tpl->setVar('html_content_encoding', $this->_conf['html_content_encoding']); $this->tpl->setVar('delete_confirmation', $this->lng('delete_confirmation')); //print_r($_SESSION); if(isset($_SESSION['s']['module']['name'])) { $this->tpl->setVar('app_module', $_SESSION['s']['module']['name']); } if(isset($_SESSION['s']['user']) && $_SESSION['s']['user']['typ'] == 'admin') { $this->tpl->setVar('is_admin', 1); } if(isset($_SESSION['s']['user']) && $this->auth->has_clients($_SESSION['s']['user']['userid'])) { $this->tpl->setVar('is_reseller', 1); } } } // end class //** Initialize application (app) object //* possible future = new app($conf); $app = new app(); <?php /* Copyright (c) 2007, Till Brehm, projektfarm Gmbh All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of ISPConfig nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /* Application Class */ ob_start('ob_gzhandler'); class app { private $_language_inc = 0; private $_wb; private $_loaded_classes = array(); private $_conf; public function __construct() { global $conf; if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($_REQUEST['s']) || isset($_REQUEST['s_old']) || isset($_REQUEST['conf'])) { die('Internal Error: var override attempt detected'); } $this->_conf = $conf; if($this->_conf['start_db'] == true) { $this->load('db_'.$this->_conf['db_type']); $this->db = new db; } //* Start the session if($this->_conf['start_session'] == true) { session_start(); //* Initialize session variables if(!isset($_SESSION['s']['id']) ) $_SESSION['s']['id'] = session_id(); if(empty($_SESSION['s']['theme'])) $_SESSION['s']['theme'] = $conf['theme']; if(empty($_SESSION['s']['language'])) $_SESSION['s']['language'] = $conf['language']; } $this->uses('auth'); } public function uses($classes) { $cl = explode(',', $classes); if(is_array($cl)) { foreach($cl as $classname){ $classname = trim($classname); //* Class is not loaded so load it if(!array_key_exists($classname, $this->_loaded_classes)){ include_once(ISPC_CLASS_PATH."/$classname.inc.php"); $this->$classname = new $classname(); $this->_loaded_classes[$classname] = true; } } } } public function load($files) { $fl = explode(',', $files); if(is_array($fl)) { foreach($fl as $file){ $file = trim($file); include_once(ISPC_CLASS_PATH."/$file.inc.php"); } } } /** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */ public function log($msg, $priority = 0) { if($priority >= $this->_conf['log_priority']) { if (is_writable($this->_conf['log_file'])) { if (!$fp = fopen ($this->_conf['log_file'], 'a')) { $this->error('Unable to open logfile.'); } if (!fwrite($fp, date('d.m.Y-H:i').' - '. $msg."\r\n")) { $this->error('Unable to write to logfile.'); } fclose($fp); } else { $this->error('Unable to write to logfile.'); } } } /** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */ public function error($msg, $next_link = '', $stop = true, $priority = 1) { //$this->uses("error"); //$this->error->message($msg, $priority); if($stop == true){ $msg = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Error</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="../themes/default/css/central.css" rel="stylesheet" type="text/css" /> </head> <body> <div class="uniForm"> <div id="errorMsg"> <h3>Error</h3> <ol> <li>'.$msg; if($next_link != '') $msg .= '<a href="'.$next_link.'">Next</a>'; $msg .= '</li> </ol> </div> </div> </body> </html>'; die($msg); } else { echo $msg; if($next_link != '') echo "<a href='$next_link'>Next</a>"; } } /** Loads language */ public function lng($text) { if($this->_language_inc != 1) { //* loading global and module Wordbook // TODO: this need to be made clearer somehow - pedro @include_once(ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng'); if(isset($_SESSION['s']['module']['name']) && isset($_SESSION['s']['language'])) { $lng_file = ISPC_ROOT_PATH.'/web/'.$_SESSION['s']['module']['name'].'/lib/lang/'.$_SESSION['s']['language'].'.lng'; if(!file_exists($lng_file)) $lng_file = ISPC_ROOT_PATH.'/web/'.$_SESSION['s']['module']['name'].'/lib/lang/en.lng'; @include_once($lng_file); } if(isset($wb)) $this->_wb = $wb; $this->_language_inc = 1; } if(!empty($this->_wb[$text])) { $text = $this->_wb[$text]; } return $text; } public function tpl_defaults() { $this->tpl->setVar('app_title', $this->_conf['app_title']); $this->tpl->setVar('app_version', $this->_conf['app_version']); $this->tpl->setVar('app_link', $this->_conf['app_link']); if(isset($this->_conf['app_logo']) && $this->_conf['app_logo'] != '' && @is_file($this->_conf['app_logo'])){ $this->tpl->setVar('app_logo', '<img src="'.$this->_conf['app_logo'].'">'); } else { $this->tpl->setVar('app_logo', ' '); } $this->tpl->setVar('phpsessid', session_id()); $this->tpl->setVar('theme', $_SESSION['s']['theme']); $this->tpl->setVar('html_content_encoding', $this->_conf['html_content_encoding']); $this->tpl->setVar('delete_confirmation', $this->lng('delete_confirmation')); //print_r($_SESSION); if(isset($_SESSION['s']['module']['name'])) { $this->tpl->setVar('app_module', $_SESSION['s']['module']['name']); } if(isset($_SESSION['s']['user']) && $_SESSION['s']['user']['typ'] == 'admin') { $this->tpl->setVar('is_admin', 1); } if(isset($_SESSION['s']['user']) && $this->auth->has_clients($_SESSION['s']['user']['userid'])) { $this->tpl->setVar('is_reseller', 1); } } } // end class //** Initialize application (app) object //* possible future = new app($conf); $app = new app(); ?> interface/lib/classes/tform.inc.php
@@ -1,1152 +1,1154 @@ <?php /* Copyright (c) 2007, Till Brehm, projektfarm Gmbh All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of ISPConfig nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /** * Formularbehandlung * * Functions to validate, display and save form values * * Database table field definitions * * Datatypes: * - INTEGER (Converts data to int automatically) * - DOUBLE * - CURRENCY (Formats digits in currency notation) * - VARCHAR (No format check) * - DATE (Date format, converts from and to linux timestamps automatically) * * Formtype: * - TEXT (Normal text field) * - PASSWORD (password field, the content will not be displayed again to the user) * - SELECT (Option fiield) * - MULTIPLE (Allows selection of multiple values) * * VALUE: * - Value or array * * SEPARATOR * - separator char used for fileds with multiple values * * Hint: The auto increment (ID) filed of the table has not be be definied eoarately. * */ class tform { /** * Table definition (array) * @var tableDef */ var $tableDef; /** * Private * @var action */ var $action; /** * Table name (String) * @var table_name */ var $table_name; /** * Enable debigging * @var debug */ var $debug = 0; /** * name of the primary field of the datbase table (string) * @var table_index */ var $table_index; /** * contains the error message * @var errorMessage */ var $errorMessage = ''; var $dateformat = "d.m.Y"; var $formDef; var $wordbook; var $module; var $primary_id; var $diffrec = array(); /** * Loading of the table definition * * @param file: path to the form definition file * @return true */ /* function loadTableDef($file) { global $app,$conf; include_once($file); $this->tableDef = $table; $this->table_name = $table_name; $this->table_index = $table_index; return true; } */ function loadFormDef($file,$module = '') { global $app,$conf; include_once($file); $this->formDef = $form; $this->module = $module; $wb = array(); include_once(ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng'); if($module == '') { $lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng"; if(!file_exists($lng_file)) $lng_file = "lib/lang/en_".$this->formDef["name"].".lng"; include($lng_file); } else { $lng_file = "../$module/lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng"; if(!file_exists($lng_file)) $lng_file = "../$module/lib/lang/en_".$this->formDef["name"].".lng"; include($lng_file); } $this->wordbook = $wb; return true; } /** * Converts the data in the array to human readable format * Datatype conversion e.g. to show the data in lists * * @param record * @return record */ function decode($record,$tab) { if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab does not exist or the tab is empty (TAB: $tab)."); $new_record = ''; if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { switch ($field['datatype']) { case 'VARCHAR': $new_record[$key] = stripslashes($record[$key]); break; case 'TEXT': $new_record[$key] = stripslashes($record[$key]); break; case 'DATE': if($record[$key] > 0) { $new_record[$key] = date($this->dateformat,$record[$key]); } break; case 'INTEGER': $new_record[$key] = intval($record[$key]); break; case 'DOUBLE': $new_record[$key] = $record[$key]; break; case 'CURRENCY': $new_record[$key] = number_format($record[$key], 2, ',', ''); break; default: $new_record[$key] = stripslashes($record[$key]); } } } return $new_record; } /** * Get the key => value array of a form filed from a datasource definitiom * * @param field = array with field definition * @param record = Dataset as array * @return key => value array for the value field of a form */ function getDatasourceData($field, $record) { global $app; $values = array(); if($field["datasource"]["type"] == 'SQL') { // Preparing SQL string. We will replace some // common placeholders $querystring = $field["datasource"]["querystring"]; $querystring = str_replace("{USERID}",$_SESSION["s"]["user"]["userid"],$querystring); $querystring = str_replace("{GROUPID}",$_SESSION["s"]["user"]["default_group"],$querystring); $querystring = str_replace("{GROUPS}",$_SESSION["s"]["user"]["groups"],$querystring); $table_idx = $this->formDef['db_table_idx']; $tmp_recordid = (isset($record[$table_idx]))?$record[$table_idx]:0; $querystring = str_replace("{RECORDID}",$tmp_recordid,$querystring); unset($tmp_recordid); $querystring = str_replace("{AUTHSQL}",$this->getAuthSQL('r'),$querystring); // Getting the records $tmp_records = $app->db->queryAllRecords($querystring); if($app->db->errorMessage != '') die($app->db->errorMessage); if(is_array($tmp_records)) { $key_field = $field["datasource"]["keyfield"]; $value_field = $field["datasource"]["valuefield"]; foreach($tmp_records as $tmp_rec) { $tmp_id = $tmp_rec[$key_field]; $values[$tmp_id] = $tmp_rec[$value_field]; } } } if($field["datasource"]["type"] == 'CUSTOM') { // Calls a custom class to validate this record if($field["datasource"]['class'] != '' and $field["datasource"]['function'] != '') { $datasource_class = $field["datasource"]['class']; $datasource_function = $field["datasource"]['function']; $app->uses($datasource_class); $values = $app->$datasource_class->$datasource_function($field, $record); } else { $this->errorMessage .= "Custom datasource class or function is empty<br />\r\n"; } } return $values; } //* If the parameter 'valuelimit' is set function applyValueLimit($limit,$values) { global $app; $limit_parts = explode(':',$limit); //* values are limited to a comma separated list if($limit_parts[0] == 'list') { $allowed = explode(',',$limit_parts[1]); } //* values are limited to a field in the client settings if($limit_parts[0] == 'client') { if($_SESSION["s"]["user"]["typ"] == 'admin') { return $values; } else { $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); $allowed = explode(',',$client['lm']); } } //* values are limited to a field in the system settings if($limit_parts[0] == 'system') { $app->uses('getconf'); $tmp_conf = $app->getconf->get_global_config($limit_parts[1]); $tmp_key = $limit_parts[2]; $allowed = $tmp_conf[$tmp_key]; } $values_new = array(); foreach($values as $key => $val) { if(in_array($key,$allowed)) $values_new[$key] = $val; } return $values_new; } /** * Prepare the data record to show the data in a form. * * @param record = Datensatz als Array * @param action = NEW oder EDIT * @return record */ function getHTML($record, $tab, $action = 'NEW') { global $app; $this->action = $action; if(!is_array($this->formDef)) $app->error("No form definition found."); if(!is_array($this->formDef['tabs'][$tab])) $app->error("The tab is empty or does not exist (TAB: $tab)."); $new_record = array(); if($action == 'EDIT') { $record = $this->decode($record,$tab); if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { $val = $record[$key]; // If Datasource is set, get the data from there if(isset($field['datasource']) && is_array($field['datasource'])) { $field["value"] = $this->getDatasourceData($field, $record); } // If a limitation for the values is set if(isset($field['valuelimit']) && is_array($field["value"])) { $field["value"] = $this->applyValueLimit($field['valuelimit'],$field["value"]); } switch ($field['formtype']) { case 'SELECT': $out = ''; if(is_array($field['value'])) { foreach($field['value'] as $k => $v) { $selected = ($k == $val)?' SELECTED':''; $out .= "<option value='$k'$selected>$v</option>\r\n"; } } $new_record[$key] = $out; break; case 'MULTIPLE': if(is_array($field['value'])) { // Split $vals = explode($field['separator'],$val); // write HTML $out = ''; foreach($field['value'] as $k => $v) { $selected = ''; foreach($vals as $tvl) { if(trim($tvl) == trim($k)) $selected = ' SELECTED'; } $out .= "<option value='$k'$selected>$v</option>\r\n"; } } $new_record[$key] = $out; break; case 'PASSWORD': $new_record[$key] = ''; break; case 'CHECKBOX': $checked = ($val == $field['value'][1])?' CHECKED':''; $new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n"; break; case 'CHECKBOXARRAY': if(is_array($field['value'])) { // aufsplitten ergebnisse $vals = explode($field['separator'],$val); // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $checked = ''; foreach($vals as $tvl) { if(trim($tvl) == trim($k)) $checked = ' CHECKED'; } $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n"; } } $new_record[$key] = $out; break; case 'RADIO': if(is_array($field['value'])) { // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $checked = ($k == $val)?' CHECKED':''; //$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n"; $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v\r\n"; } } $new_record[$key] = $out; break; default: $new_record[$key] = htmlspecialchars($record[$key]); } } } } else { // Action: NEW foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { // If Datasource is set, get the data from there if(@is_array($field['datasource'])) { $field["value"] = $this->getDatasourceData($field, $record); } // If a limitation for the values is set if(isset($field['valuelimit']) && is_array($field["value"])) { $field["value"] = $this->applyValueLimit($field['valuelimit'],$field["value"]); } switch ($field['formtype']) { case 'SELECT': if(is_array($field['value'])) { $out = ''; foreach($field['value'] as $k => $v) { //$selected = ($k == $val)?' SELECTED':''; $selected = ''; $out .= "<option value='$k'$selected>$v</option>\r\n"; } } if(isset($out)) $new_record[$key] = $out; break; case 'MULTIPLE': if(is_array($field['value'])) { // aufsplitten ergebnisse $vals = explode($field['separator'],$val); // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $out .= "<option value='$k'>$v</option>\r\n"; } } $new_record[$key] = $out; break; case 'PASSWORD': $new_record[$key] = ''; break; case 'CHECKBOX': // $checked = (empty($field["default"]))?'':' CHECKED'; $checked = ($field["default"] == $field['value'][1])?' CHECKED':''; $new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n"; break; case 'CHECKBOXARRAY': if(is_array($field['value'])) { // aufsplitten ergebnisse $vals = explode($field['separator'],$field["default"]); // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $checked = ''; foreach($vals as $tvl) { if(trim($tvl) == trim($k)) $checked = ' CHECKED'; } $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n"; } } $new_record[$key] = $out; break; case 'RADIO': if(is_array($field['value'])) { // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $checked = ($k == $field["default"])?' CHECKED':''; //$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n"; $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v\r\n"; } } $new_record[$key] = $out; break; default: $new_record[$key] = htmlspecialchars($field['default']); } } } if($this->debug == 1) $this->dbg($new_record); return $new_record; } /** * Rewrite the record data to be stored in the database * and check values with regular expressions. * * @param record = Datensatz als Array * @return record */ function encode($record,$tab) { global $app; if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab is empty or does not exist (TAB: $tab)."); //$this->errorMessage = ''; if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { if(isset($field['validators']) && is_array($field['validators'])) $this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']); switch ($field['datatype']) { case 'VARCHAR': if(!@is_array($record[$key])) { $new_record[$key] = (isset($record[$key]))?$app->db->quote($record[$key]):''; } else { $new_record[$key] = implode($field['separator'],$record[$key]); } break; case 'TEXT': if(!is_array($record[$key])) { $new_record[$key] = $app->db->quote($record[$key]); } else { $new_record[$key] = implode($field['separator'],$record[$key]); } break; case 'DATE': if($record[$key] > 0) { list($tag,$monat,$jahr) = explode('.',$record[$key]); $new_record[$key] = mktime(0,0,0,$monat,$tag,$jahr); } else { $new_record[$key] = 0; } break; case 'INTEGER': $new_record[$key] = (isset($record[$key]))?$record[$key]:0; //if($new_record[$key] != $record[$key]) $new_record[$key] = $field['default']; //if($key == 'refresh') die($record[$key]); break; case 'DOUBLE': $new_record[$key] = $app->db->quote($record[$key]); break; case 'CURRENCY': $new_record[$key] = str_replace(",",".",$record[$key]); break; } // The use of the field value is deprecated, use validators instead if(isset($field['regex']) && $field['regex'] != '') { // Enable that "." matches also newlines $field['regex'] .= 's'; if(!preg_match($field['regex'], $record[$key])) { $errmsg = $field['errmsg']; $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } } } } return $new_record; } /** * process the validators for a given field. * * @param field_name = Name of the field * @param field_value = value of the field * @param validatoors = Array of validators * @return record */ function validateField($field_name, $field_value, $validators) { global $app; $escape = '`'; // loop trough the validators foreach($validators as $validator) { switch ($validator['type']) { case 'REGEX': $validator['regex'] .= 's'; if(!preg_match($validator['regex'], $field_value)) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'UNIQUE': if($this->action == 'NEW') { $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'"); if($num_rec["number"] > 0) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } } else { $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."' AND ".$this->formDef['db_table_idx']." != ".$this->primary_id); if($num_rec["number"] > 0) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } } break; case 'NOTEMPTY': if(empty($field_value)) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'ISEMAIL': if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $field_value)) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'ISINT': $tmpval = intval($field_value); if($tmpval === 0 and !empty($field_value)) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'ISPOSITIVE': if(!is_numeric($field_value) || $field_value <= 0){ $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'ISIPV4': $vip=1; if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){ $groups=explode(".",$field_value); foreach($groups as $group){ if($group<0 OR $group>255) $vip=0; } }else{$vip=0;} if($vip==0) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'CUSTOM': // Calls a custom class to validate this record if($validator['class'] != '' and $validator['function'] != '') { $validator_class = $validator['class']; $validator_function = $validator['function']; $app->uses($validator_class); $this->errorMessage .= $app->$validator_class->$validator_function($field_name, $field_value, $validator); } else { $this->errorMessage .= "Custom validator class or function is empty<br />\r\n"; } break; default: $this->errorMessage .= "Unknown Validator: ".$validator['type']; break; } } return true; } /** * Create the SQL staement. * * @param record = Datensatz als Array * @param action = INSERT oder UPDATE * @param primary_id * @return record */ function getSQL($record, $tab, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '') { global $app; // If there are no data records on the tab, return empty sql string if(count($this->formDef['tabs'][$tab]['fields']) == 0) return ''; // checking permissions if($this->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') { if($action == "INSERT") { if(!$this->checkPerm($primary_id,'i')) $this->errorMessage .= "Insert denied.<br />\r\n"; } else { if(!$this->checkPerm($primary_id,'u')) $this->errorMessage .= "Update denied.<br />\r\n"; } } $this->action = $action; $this->primary_id = $primary_id; $record = $this->encode($record,$tab); $sql_insert_key = ''; $sql_insert_val = ''; $sql_update = ''; if(!is_array($this->formDef)) $app->error("Form definition not found."); if(!is_array($this->formDef['tabs'][$tab])) $app->error("The tab is empty or does not exist (TAB: $tab)."); // go trough all fields of the tab if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { // Wenn es kein leeres Passwortfeld ist if (!($field['formtype'] == 'PASSWORD' and $record[$key] == '')) { // Erzeuge Insert oder Update Quelltext if($action == "INSERT") { if($field['formtype'] == 'PASSWORD') { $sql_insert_key .= "`$key`, "; if($field['encryption'] == 'CRYPT') { $salt="$1$"; for ($n=0;$n<11;$n++) { $salt.=chr(mt_rand(64,126)); } $salt.="$"; // $salt = substr(md5(time()),0,2); $record[$key] = crypt($record[$key],$salt); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } elseif ($field['encryption'] == 'MYSQL') { $sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), "; } elseif ($field['encryption'] == 'CLEARTEXT') { $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } else { $record[$key] = md5($record[$key]); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } } elseif ($field['formtype'] == 'CHECKBOX') { $sql_insert_key .= "`$key`, "; if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value $sql_insert_val .= "'".$field['value'][0]."', "; $record[$key] = $field['value'][0]; } else { $sql_insert_val .= "'".$record[$key]."', "; } } else { $sql_insert_key .= "`$key`, "; $sql_insert_val .= "'".$record[$key]."', "; } } else { if($field['formtype'] == 'PASSWORD') { if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') { $salt="$1$"; for ($n=0;$n<11;$n++) { $salt.=chr(mt_rand(64,126)); } $salt.="$"; // $salt = substr(md5(time()),0,2); $record[$key] = crypt($record[$key],$salt); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') { $sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), "; } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') { $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } else { $record[$key] = md5($record[$key]); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } } elseif ($field['formtype'] == 'CHECKBOX') { if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value $sql_update .= "`$key` = '".$field['value'][0]."', "; $record[$key] = $field['value'][0]; } else { $sql_update .= "`$key` = '".$record[$key]."', "; } } else { $sql_update .= "`$key` = '".$record[$key]."', "; } } } else { // we unset the password filed, if empty to tell the datalog function // that the password has not been changed unset($record[$key]); } } } // Add backticks for incomplete table names if(stristr($this->formDef['db_table'],'.')) { $escape = ''; } else { $escape = '`'; } if($action == "INSERT") { if($this->formDef['auth'] == 'yes') { // Set user and group $sql_insert_key .= "`sys_userid`, "; $sql_insert_val .= ($this->formDef["auth_preset"]["userid"] > 0)?"'".$this->formDef["auth_preset"]["userid"]."', ":"'".$_SESSION["s"]["user"]["userid"]."', "; $sql_insert_key .= "`sys_groupid`, "; $sql_insert_val .= ($this->formDef["auth_preset"]["groupid"] > 0)?"'".$this->formDef["auth_preset"]["groupid"]."', ":"'".$_SESSION["s"]["user"]["default_group"]."', "; $sql_insert_key .= "`sys_perm_user`, "; $sql_insert_val .= "'".$this->formDef["auth_preset"]["perm_user"]."', "; $sql_insert_key .= "`sys_perm_group`, "; $sql_insert_val .= "'".$this->formDef["auth_preset"]["perm_group"]."', "; $sql_insert_key .= "`sys_perm_other`, "; $sql_insert_val .= "'".$this->formDef["auth_preset"]["perm_other"]."', "; } $sql_insert_key = substr($sql_insert_key,0,-2); $sql_insert_val = substr($sql_insert_val,0,-2); $sql = "INSERT INTO ".$escape.$this->formDef['db_table'].$escape." ($sql_insert_key) VALUES ($sql_insert_val)"; } else { if($this->formDef['auth'] == 'yes') { if($primary_id != 0) { $sql_update = substr($sql_update,0,-2); $sql = "UPDATE ".$escape.$this->formDef['db_table'].$escape." SET ".$sql_update." WHERE ".$this->getAuthSQL('u')." AND ".$this->formDef['db_table_idx']." = ".$primary_id; if($sql_ext_where != '') $sql .= " and ".$sql_ext_where; } else { $app->error("Primary ID fehlt!"); } } else { if($primary_id != 0) { $sql_update = substr($sql_update,0,-2); $sql = "UPDATE ".$escape.$this->formDef['db_table'].$escape." SET ".$sql_update." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; if($sql_ext_where != '') $sql .= " and ".$sql_ext_where; } else { $app->error("Primary ID fehlt!"); } } //* return a empty string if there is nothing to update if(trim($sql_update) == '') $sql = ''; } return $sql; } /** * Debugging arrays. * * @param array_data */ function dbg($array_data) { echo "<pre>"; print_r($array_data); echo "</pre>"; } function showForm() { global $app,$conf; if(!is_array($this->formDef)) die("Form Definition wurde nicht geladen."); $active_tab = $this->getNextTab(); // go trough the tabs foreach( $this->formDef["tabs"] as $key => $tab) { $tab['name'] = $key; if($tab['name'] == $active_tab) { // If module is set, then set the template path relative to the module.. if($this->module != '') $tab["template"] = "../".$this->module."/".$tab["template"]; // Generate the template if it does not exist yet. // Translate the title of the tab $tab['title'] = $this->lng($tab['title']); if(!is_file($tab["template"])) { $app->uses('tform_tpl_generator'); $app->tform_tpl_generator->buildHTML($this->formDef,$tab['name']); } $app->tpl->setInclude('content_tpl',$tab["template"]); $tab["active"] = 1; $_SESSION["s"]["form"]["tab"] = $tab['name']; } else { $tab["active"] = 0; } // Unset unused variables. unset($tab["fields"]); unset($tab["plugins"]); $frmTab[] = $tab; } // setting form tabs $app->tpl->setLoop("formTab", $frmTab); // Set form action $app->tpl->setVar('form_action',$this->formDef["action"]); $app->tpl->setVar('form_active_tab',$active_tab); // Set form title $form_hint = $this->lng($this->formDef["title"]); if($this->formDef["description"] != '') $form_hint .= '<div class="pageForm_description">'.$this->lng($this->formDef["description"]).'</div>'; $app->tpl->setVar('form_hint',$form_hint); // Set Wordbook for this form $app->tpl->setVar($this->wordbook); } function getDataRecord($primary_id) { global $app; $escape = '`'; $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; return $app->db->queryOneRecord($sql); } function datalogSave($action,$primary_id, $record_old, $record_new) { global $app,$conf; // Add backticks for incomplete table names. if(stristr($this->formDef['db_table'],'.')) { $escape = ''; } else { $escape = '`'; } $this->diffrec = array(); /* if(is_array($record_new) && count($record_new) > 0) { foreach($record_new as $key => $val) { if(@$record_old[$key] != $val) { // Record has changed $diffrec[$key] = array('old' => @$record_old[$key], 'new' => $val); } } } elseif(is_array($record_old)) { foreach($record_old as $key => $val) { if($record_new[$key] != $val) { // Record has changed $diffrec[$key] = array('new' => $record_new[$key], 'old' => $val); } } } $this->diffrec = $diffrec; */ // Full diff records for ISPConfig, they have a different format then the simple diffrec $diffrec_full = array(); if(is_array($record_old) && count($record_old) > 0) { foreach($record_old as $key => $val) { //if(isset($record_new[$key]) && $record_new[$key] != $val) { if(!isset($record_new[$key]) || $record_new[$key] != $val) { // Record has changed $diffrec_full['old'][$key] = $val; $diffrec_full['new'][$key] = $record_new[$key]; $this->diffrec[$key] = array( 'new' => $record_new[$key], 'old' => $val); } else { $diffrec_full['old'][$key] = $val; $diffrec_full['new'][$key] = $val; } } } elseif(is_array($record_new)) { foreach($record_new as $key => $val) { if(isset($record_new[$key]) && $record_old[$key] != $val) { // Record has changed $diffrec_full['new'][$key] = $val; $diffrec_full['old'][$key] = $record_old[$key]; $this->diffrec[$key] = array( 'old' => @$record_old[$key], 'new' => $val); } else { $diffrec_full['new'][$key] = $val; $diffrec_full['old'][$key] = $val; } } } //$this->diffrec = $diffrec; // Insert the server_id, if the record has a server_id $server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0; if(isset($record_new["server_id"])) $server_id = $record_new["server_id"]; if(count($this->diffrec) > 0) { $diffstr = addslashes(serialize($diffrec_full)); $username = $app->db->quote($_SESSION["s"]["user"]["username"]); $dbidx = $this->formDef['db_table_idx'].":".$primary_id; // $action = ($action == 'INSERT')?'i':'u'; if($action == 'INSERT') $action = 'i'; if($action == 'UPDATE') $action = 'u'; if($action == 'DELETE') $action = 'd'; $sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('".$this->formDef['db_table']."','$dbidx','$server_id','$action','".time()."','$username','$diffstr')"; $app->db->query($sql); } return true; } function getAuthSQL($perm) { if($_SESSION["s"]["user"]["typ"] == 'admin') { return '1'; } else { $groups = ( $_SESSION["s"]["user"]["groups"] ) ? $_SESSION["s"]["user"]["groups"] : 0; $sql = '('; $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR "; $sql .= "(sys_groupid IN (".$groups.") AND sys_perm_group like '%$perm%') OR "; $sql .= "sys_perm_other like '%$perm%'"; $sql .= ')'; return $sql; } } /* This function checks if a user has the parmissions $perm for the data record with the ID $record_id If record_id = 0, the the permissions are tested against the defaults of the form file. */ function checkPerm($record_id,$perm) { global $app; if($record_id > 0) { // Add backticks for incomplete table names. if(stristr($this->formDef['db_table'],'.')) { $escape = ''; } else { $escape = '`'; } $sql = "SELECT ".$this->formDef['db_table_idx']." FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$record_id." AND ".$this->getAuthSQL($perm); if($record = $app->db->queryOneRecord($sql)) { return true; } else { return false; } } else { $result = false; if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true; if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true; if(@stristr($this->formDef["auth_preset"]["perm_other"],$perm)) $result = true; // if preset == 0, everyone can insert a record of this type if($this->formDef["auth_preset"]["userid"] == 0 AND $this->formDef["auth_preset"]["groupid"] == 0 AND (@stristr($this->formDef["auth_preset"]["perm_user"],$perm) OR @stristr($this->formDef["auth_preset"]["perm_group"],$perm))) $result = true; return $result; } } function getNextTab() { // Which tab is shown if($this->errorMessage == '') { // If there is no error if(isset($_REQUEST["next_tab"]) && $_REQUEST["next_tab"] != '') { // If the next tab is known $active_tab = $_REQUEST["next_tab"]; } else { // else use the default tab $active_tab = $this->formDef['tab_default']; } } else { // Show the same tab again in case of an error $active_tab = $_SESSION["s"]["form"]["tab"]; } return $active_tab; } function getCurrentTab() { return $_SESSION["s"]["form"]["tab"]; } function isReadonlyTab($tab, $primary_id) { global $app, $conf; // Add backticks for incomplete table names. if(stristr($this->formDef['db_table'],'.')) { $escape = ''; } else { $escape = '`'; } $sql = "SELECT sys_userid FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; $record = $app->db->queryOneRecord($sql); // return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record. if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true && $record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) { return true; } else { return false; } } // translation function for forms, tries the form wordbook first and if this fails, it tries the global wordbook function lng($msg) { global $app; if(isset($this->wordbook[$msg])) { return $this->wordbook[$msg]; } else { return $app->lng($msg); } } } <?php /* Copyright (c) 2007, Till Brehm, projektfarm Gmbh All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of ISPConfig nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /** * Formularbehandlung * * Functions to validate, display and save form values * * Database table field definitions * * Datatypes: * - INTEGER (Converts data to int automatically) * - DOUBLE * - CURRENCY (Formats digits in currency notation) * - VARCHAR (No format check) * - DATE (Date format, converts from and to linux timestamps automatically) * * Formtype: * - TEXT (Normal text field) * - PASSWORD (password field, the content will not be displayed again to the user) * - SELECT (Option fiield) * - MULTIPLE (Allows selection of multiple values) * * VALUE: * - Value or array * * SEPARATOR * - separator char used for fileds with multiple values * * Hint: The auto increment (ID) filed of the table has not be be definied eoarately. * */ class tform { /** * Table definition (array) * @var tableDef */ var $tableDef; /** * Private * @var action */ var $action; /** * Table name (String) * @var table_name */ var $table_name; /** * Enable debigging * @var debug */ var $debug = 0; /** * name of the primary field of the datbase table (string) * @var table_index */ var $table_index; /** * contains the error message * @var errorMessage */ var $errorMessage = ''; var $dateformat = "d.m.Y"; var $formDef; var $wordbook; var $module; var $primary_id; var $diffrec = array(); /** * Loading of the table definition * * @param file: path to the form definition file * @return true */ /* function loadTableDef($file) { global $app,$conf; include_once($file); $this->tableDef = $table; $this->table_name = $table_name; $this->table_index = $table_index; return true; } */ function loadFormDef($file,$module = '') { global $app,$conf; include_once($file); $this->formDef = $form; $this->module = $module; $wb = array(); include_once(ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng'); if($module == '') { $lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng"; if(!file_exists($lng_file)) $lng_file = "lib/lang/en_".$this->formDef["name"].".lng"; include($lng_file); } else { $lng_file = "../$module/lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng"; if(!file_exists($lng_file)) $lng_file = "../$module/lib/lang/en_".$this->formDef["name"].".lng"; include($lng_file); } $this->wordbook = $wb; return true; } /** * Converts the data in the array to human readable format * Datatype conversion e.g. to show the data in lists * * @param record * @return record */ function decode($record,$tab) { if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab does not exist or the tab is empty (TAB: $tab)."); $new_record = ''; if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { switch ($field['datatype']) { case 'VARCHAR': $new_record[$key] = stripslashes($record[$key]); break; case 'TEXT': $new_record[$key] = stripslashes($record[$key]); break; case 'DATE': if($record[$key] > 0) { $new_record[$key] = date($this->dateformat,$record[$key]); } break; case 'INTEGER': $new_record[$key] = intval($record[$key]); break; case 'DOUBLE': $new_record[$key] = $record[$key]; break; case 'CURRENCY': $new_record[$key] = number_format($record[$key], 2, ',', ''); break; default: $new_record[$key] = stripslashes($record[$key]); } } } return $new_record; } /** * Get the key => value array of a form filed from a datasource definitiom * * @param field = array with field definition * @param record = Dataset as array * @return key => value array for the value field of a form */ function getDatasourceData($field, $record) { global $app; $values = array(); if($field["datasource"]["type"] == 'SQL') { // Preparing SQL string. We will replace some // common placeholders $querystring = $field["datasource"]["querystring"]; $querystring = str_replace("{USERID}",$_SESSION["s"]["user"]["userid"],$querystring); $querystring = str_replace("{GROUPID}",$_SESSION["s"]["user"]["default_group"],$querystring); $querystring = str_replace("{GROUPS}",$_SESSION["s"]["user"]["groups"],$querystring); $table_idx = $this->formDef['db_table_idx']; $tmp_recordid = (isset($record[$table_idx]))?$record[$table_idx]:0; $querystring = str_replace("{RECORDID}",$tmp_recordid,$querystring); unset($tmp_recordid); $querystring = str_replace("{AUTHSQL}",$this->getAuthSQL('r'),$querystring); // Getting the records $tmp_records = $app->db->queryAllRecords($querystring); if($app->db->errorMessage != '') die($app->db->errorMessage); if(is_array($tmp_records)) { $key_field = $field["datasource"]["keyfield"]; $value_field = $field["datasource"]["valuefield"]; foreach($tmp_records as $tmp_rec) { $tmp_id = $tmp_rec[$key_field]; $values[$tmp_id] = $tmp_rec[$value_field]; } } } if($field["datasource"]["type"] == 'CUSTOM') { // Calls a custom class to validate this record if($field["datasource"]['class'] != '' and $field["datasource"]['function'] != '') { $datasource_class = $field["datasource"]['class']; $datasource_function = $field["datasource"]['function']; $app->uses($datasource_class); $values = $app->$datasource_class->$datasource_function($field, $record); } else { $this->errorMessage .= "Custom datasource class or function is empty<br />\r\n"; } } return $values; } //* If the parameter 'valuelimit' is set function applyValueLimit($limit,$values) { global $app; $limit_parts = explode(':',$limit); //* values are limited to a comma separated list if($limit_parts[0] == 'list') { $allowed = explode(',',$limit_parts[1]); } //* values are limited to a field in the client settings if($limit_parts[0] == 'client') { if($_SESSION["s"]["user"]["typ"] == 'admin') { return $values; } else { $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); $allowed = explode(',',$client['lm']); } } //* values are limited to a field in the system settings if($limit_parts[0] == 'system') { $app->uses('getconf'); $tmp_conf = $app->getconf->get_global_config($limit_parts[1]); $tmp_key = $limit_parts[2]; $allowed = $tmp_conf[$tmp_key]; } $values_new = array(); foreach($values as $key => $val) { if(in_array($key,$allowed)) $values_new[$key] = $val; } return $values_new; } /** * Prepare the data record to show the data in a form. * * @param record = Datensatz als Array * @param action = NEW oder EDIT * @return record */ function getHTML($record, $tab, $action = 'NEW') { global $app; $this->action = $action; if(!is_array($this->formDef)) $app->error("No form definition found."); if(!is_array($this->formDef['tabs'][$tab])) $app->error("The tab is empty or does not exist (TAB: $tab)."); $new_record = array(); if($action == 'EDIT') { $record = $this->decode($record,$tab); if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { $val = $record[$key]; // If Datasource is set, get the data from there if(isset($field['datasource']) && is_array($field['datasource'])) { $field["value"] = $this->getDatasourceData($field, $record); } // If a limitation for the values is set if(isset($field['valuelimit']) && is_array($field["value"])) { $field["value"] = $this->applyValueLimit($field['valuelimit'],$field["value"]); } switch ($field['formtype']) { case 'SELECT': $out = ''; if(is_array($field['value'])) { foreach($field['value'] as $k => $v) { $selected = ($k == $val)?' SELECTED':''; $out .= "<option value='$k'$selected>$v</option>\r\n"; } } $new_record[$key] = $out; break; case 'MULTIPLE': if(is_array($field['value'])) { // Split $vals = explode($field['separator'],$val); // write HTML $out = ''; foreach($field['value'] as $k => $v) { $selected = ''; foreach($vals as $tvl) { if(trim($tvl) == trim($k)) $selected = ' SELECTED'; } $out .= "<option value='$k'$selected>$v</option>\r\n"; } } $new_record[$key] = $out; break; case 'PASSWORD': $new_record[$key] = ''; break; case 'CHECKBOX': $checked = ($val == $field['value'][1])?' CHECKED':''; $new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n"; break; case 'CHECKBOXARRAY': if(is_array($field['value'])) { // aufsplitten ergebnisse $vals = explode($field['separator'],$val); // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $checked = ''; foreach($vals as $tvl) { if(trim($tvl) == trim($k)) $checked = ' CHECKED'; } // $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n"; $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v \r\n"; } } $new_record[$key] = $out; break; case 'RADIO': if(is_array($field['value'])) { // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $checked = ($k == $val)?' CHECKED':''; //$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n"; $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v\r\n"; } } $new_record[$key] = $out; break; default: $new_record[$key] = htmlspecialchars($record[$key]); } } } } else { // Action: NEW foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { // If Datasource is set, get the data from there if(@is_array($field['datasource'])) { $field["value"] = $this->getDatasourceData($field, $record); } // If a limitation for the values is set if(isset($field['valuelimit']) && is_array($field["value"])) { $field["value"] = $this->applyValueLimit($field['valuelimit'],$field["value"]); } switch ($field['formtype']) { case 'SELECT': if(is_array($field['value'])) { $out = ''; foreach($field['value'] as $k => $v) { //$selected = ($k == $val)?' SELECTED':''; $selected = ''; $out .= "<option value='$k'$selected>$v</option>\r\n"; } } if(isset($out)) $new_record[$key] = $out; break; case 'MULTIPLE': if(is_array($field['value'])) { // aufsplitten ergebnisse $vals = explode($field['separator'],$val); // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $out .= "<option value='$k'>$v</option>\r\n"; } } $new_record[$key] = $out; break; case 'PASSWORD': $new_record[$key] = ''; break; case 'CHECKBOX': // $checked = (empty($field["default"]))?'':' CHECKED'; $checked = ($field["default"] == $field['value'][1])?' CHECKED':''; $new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n"; break; case 'CHECKBOXARRAY': if(is_array($field['value'])) { // aufsplitten ergebnisse $vals = explode($field['separator'],$field["default"]); // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $checked = ''; foreach($vals as $tvl) { if(trim($tvl) == trim($k)) $checked = ' CHECKED'; } // $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n"; $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v \r\n"; } } $new_record[$key] = $out; break; case 'RADIO': if(is_array($field['value'])) { // HTML schreiben $out = ''; foreach($field['value'] as $k => $v) { $checked = ($k == $field["default"])?' CHECKED':''; //$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n"; $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v\r\n"; } } $new_record[$key] = $out; break; default: $new_record[$key] = htmlspecialchars($field['default']); } } } if($this->debug == 1) $this->dbg($new_record); return $new_record; } /** * Rewrite the record data to be stored in the database * and check values with regular expressions. * * @param record = Datensatz als Array * @return record */ function encode($record,$tab) { global $app; if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab is empty or does not exist (TAB: $tab)."); //$this->errorMessage = ''; if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { if(isset($field['validators']) && is_array($field['validators'])) $this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']); switch ($field['datatype']) { case 'VARCHAR': if(!@is_array($record[$key])) { $new_record[$key] = (isset($record[$key]))?$app->db->quote($record[$key]):''; } else { $new_record[$key] = implode($field['separator'],$record[$key]); } break; case 'TEXT': if(!is_array($record[$key])) { $new_record[$key] = $app->db->quote($record[$key]); } else { $new_record[$key] = implode($field['separator'],$record[$key]); } break; case 'DATE': if($record[$key] > 0) { list($tag,$monat,$jahr) = explode('.',$record[$key]); $new_record[$key] = mktime(0,0,0,$monat,$tag,$jahr); } else { $new_record[$key] = 0; } break; case 'INTEGER': $new_record[$key] = (isset($record[$key]))?$record[$key]:0; //if($new_record[$key] != $record[$key]) $new_record[$key] = $field['default']; //if($key == 'refresh') die($record[$key]); break; case 'DOUBLE': $new_record[$key] = $app->db->quote($record[$key]); break; case 'CURRENCY': $new_record[$key] = str_replace(",",".",$record[$key]); break; } // The use of the field value is deprecated, use validators instead if(isset($field['regex']) && $field['regex'] != '') { // Enable that "." matches also newlines $field['regex'] .= 's'; if(!preg_match($field['regex'], $record[$key])) { $errmsg = $field['errmsg']; $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } } } } return $new_record; } /** * process the validators for a given field. * * @param field_name = Name of the field * @param field_value = value of the field * @param validatoors = Array of validators * @return record */ function validateField($field_name, $field_value, $validators) { global $app; $escape = '`'; // loop trough the validators foreach($validators as $validator) { switch ($validator['type']) { case 'REGEX': $validator['regex'] .= 's'; if(!preg_match($validator['regex'], $field_value)) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'UNIQUE': if($this->action == 'NEW') { $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'"); if($num_rec["number"] > 0) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } } else { $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."' AND ".$this->formDef['db_table_idx']." != ".$this->primary_id); if($num_rec["number"] > 0) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } } break; case 'NOTEMPTY': if(empty($field_value)) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'ISEMAIL': if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $field_value)) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'ISINT': $tmpval = intval($field_value); if($tmpval === 0 and !empty($field_value)) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'ISPOSITIVE': if(!is_numeric($field_value) || $field_value <= 0){ $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'ISIPV4': $vip=1; if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){ $groups=explode(".",$field_value); foreach($groups as $group){ if($group<0 OR $group>255) $vip=0; } }else{$vip=0;} if($vip==0) { $errmsg = $validator['errmsg']; if(isset($this->wordbook[$errmsg])) { $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n"; } else { $this->errorMessage .= $errmsg."<br />\r\n"; } } break; case 'CUSTOM': // Calls a custom class to validate this record if($validator['class'] != '' and $validator['function'] != '') { $validator_class = $validator['class']; $validator_function = $validator['function']; $app->uses($validator_class); $this->errorMessage .= $app->$validator_class->$validator_function($field_name, $field_value, $validator); } else { $this->errorMessage .= "Custom validator class or function is empty<br />\r\n"; } break; default: $this->errorMessage .= "Unknown Validator: ".$validator['type']; break; } } return true; } /** * Create the SQL staement. * * @param record = Datensatz als Array * @param action = INSERT oder UPDATE * @param primary_id * @return record */ function getSQL($record, $tab, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '') { global $app; // If there are no data records on the tab, return empty sql string if(count($this->formDef['tabs'][$tab]['fields']) == 0) return ''; // checking permissions if($this->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') { if($action == "INSERT") { if(!$this->checkPerm($primary_id,'i')) $this->errorMessage .= "Insert denied.<br />\r\n"; } else { if(!$this->checkPerm($primary_id,'u')) $this->errorMessage .= "Update denied.<br />\r\n"; } } $this->action = $action; $this->primary_id = $primary_id; $record = $this->encode($record,$tab); $sql_insert_key = ''; $sql_insert_val = ''; $sql_update = ''; if(!is_array($this->formDef)) $app->error("Form definition not found."); if(!is_array($this->formDef['tabs'][$tab])) $app->error("The tab is empty or does not exist (TAB: $tab)."); // go trough all fields of the tab if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { // Wenn es kein leeres Passwortfeld ist if (!($field['formtype'] == 'PASSWORD' and $record[$key] == '')) { // Erzeuge Insert oder Update Quelltext if($action == "INSERT") { if($field['formtype'] == 'PASSWORD') { $sql_insert_key .= "`$key`, "; if($field['encryption'] == 'CRYPT') { $salt="$1$"; for ($n=0;$n<11;$n++) { $salt.=chr(mt_rand(64,126)); } $salt.="$"; // $salt = substr(md5(time()),0,2); $record[$key] = crypt($record[$key],$salt); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } elseif ($field['encryption'] == 'MYSQL') { $sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), "; } elseif ($field['encryption'] == 'CLEARTEXT') { $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } else { $record[$key] = md5($record[$key]); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } } elseif ($field['formtype'] == 'CHECKBOX') { $sql_insert_key .= "`$key`, "; if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value $sql_insert_val .= "'".$field['value'][0]."', "; $record[$key] = $field['value'][0]; } else { $sql_insert_val .= "'".$record[$key]."', "; } } else { $sql_insert_key .= "`$key`, "; $sql_insert_val .= "'".$record[$key]."', "; } } else { if($field['formtype'] == 'PASSWORD') { if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') { $salt="$1$"; for ($n=0;$n<11;$n++) { $salt.=chr(mt_rand(64,126)); } $salt.="$"; // $salt = substr(md5(time()),0,2); $record[$key] = crypt($record[$key],$salt); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') { $sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), "; } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') { $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } else { $record[$key] = md5($record[$key]); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } } elseif ($field['formtype'] == 'CHECKBOX') { if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value $sql_update .= "`$key` = '".$field['value'][0]."', "; $record[$key] = $field['value'][0]; } else { $sql_update .= "`$key` = '".$record[$key]."', "; } } else { $sql_update .= "`$key` = '".$record[$key]."', "; } } } else { // we unset the password filed, if empty to tell the datalog function // that the password has not been changed unset($record[$key]); } } } // Add backticks for incomplete table names if(stristr($this->formDef['db_table'],'.')) { $escape = ''; } else { $escape = '`'; } if($action == "INSERT") { if($this->formDef['auth'] == 'yes') { // Set user and group $sql_insert_key .= "`sys_userid`, "; $sql_insert_val .= ($this->formDef["auth_preset"]["userid"] > 0)?"'".$this->formDef["auth_preset"]["userid"]."', ":"'".$_SESSION["s"]["user"]["userid"]."', "; $sql_insert_key .= "`sys_groupid`, "; $sql_insert_val .= ($this->formDef["auth_preset"]["groupid"] > 0)?"'".$this->formDef["auth_preset"]["groupid"]."', ":"'".$_SESSION["s"]["user"]["default_group"]."', "; $sql_insert_key .= "`sys_perm_user`, "; $sql_insert_val .= "'".$this->formDef["auth_preset"]["perm_user"]."', "; $sql_insert_key .= "`sys_perm_group`, "; $sql_insert_val .= "'".$this->formDef["auth_preset"]["perm_group"]."', "; $sql_insert_key .= "`sys_perm_other`, "; $sql_insert_val .= "'".$this->formDef["auth_preset"]["perm_other"]."', "; } $sql_insert_key = substr($sql_insert_key,0,-2); $sql_insert_val = substr($sql_insert_val,0,-2); $sql = "INSERT INTO ".$escape.$this->formDef['db_table'].$escape." ($sql_insert_key) VALUES ($sql_insert_val)"; } else { if($this->formDef['auth'] == 'yes') { if($primary_id != 0) { $sql_update = substr($sql_update,0,-2); $sql = "UPDATE ".$escape.$this->formDef['db_table'].$escape." SET ".$sql_update." WHERE ".$this->getAuthSQL('u')." AND ".$this->formDef['db_table_idx']." = ".$primary_id; if($sql_ext_where != '') $sql .= " and ".$sql_ext_where; } else { $app->error("Primary ID fehlt!"); } } else { if($primary_id != 0) { $sql_update = substr($sql_update,0,-2); $sql = "UPDATE ".$escape.$this->formDef['db_table'].$escape." SET ".$sql_update." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; if($sql_ext_where != '') $sql .= " and ".$sql_ext_where; } else { $app->error("Primary ID fehlt!"); } } //* return a empty string if there is nothing to update if(trim($sql_update) == '') $sql = ''; } return $sql; } /** * Debugging arrays. * * @param array_data */ function dbg($array_data) { echo "<pre>"; print_r($array_data); echo "</pre>"; } function showForm() { global $app,$conf; if(!is_array($this->formDef)) die("Form Definition wurde nicht geladen."); $active_tab = $this->getNextTab(); // go trough the tabs foreach( $this->formDef["tabs"] as $key => $tab) { $tab['name'] = $key; if($tab['name'] == $active_tab) { // If module is set, then set the template path relative to the module.. if($this->module != '') $tab["template"] = "../".$this->module."/".$tab["template"]; // Generate the template if it does not exist yet. // Translate the title of the tab $tab['title'] = $this->lng($tab['title']); if(!is_file($tab["template"])) { $app->uses('tform_tpl_generator'); $app->tform_tpl_generator->buildHTML($this->formDef,$tab['name']); } $app->tpl->setInclude('content_tpl',$tab["template"]); $tab["active"] = 1; $_SESSION["s"]["form"]["tab"] = $tab['name']; } else { $tab["active"] = 0; } // Unset unused variables. unset($tab["fields"]); unset($tab["plugins"]); $frmTab[] = $tab; } // setting form tabs $app->tpl->setLoop("formTab", $frmTab); // Set form action $app->tpl->setVar('form_action',$this->formDef["action"]); $app->tpl->setVar('form_active_tab',$active_tab); // Set form title $form_hint = $this->lng($this->formDef["title"]); if($this->formDef["description"] != '') $form_hint .= '<div class="pageForm_description">'.$this->lng($this->formDef["description"]).'</div>'; $app->tpl->setVar('form_hint',$form_hint); // Set Wordbook for this form $app->tpl->setVar($this->wordbook); } function getDataRecord($primary_id) { global $app; $escape = '`'; $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; return $app->db->queryOneRecord($sql); } function datalogSave($action,$primary_id, $record_old, $record_new) { global $app,$conf; // Add backticks for incomplete table names. if(stristr($this->formDef['db_table'],'.')) { $escape = ''; } else { $escape = '`'; } $this->diffrec = array(); /* if(is_array($record_new) && count($record_new) > 0) { foreach($record_new as $key => $val) { if(@$record_old[$key] != $val) { // Record has changed $diffrec[$key] = array('old' => @$record_old[$key], 'new' => $val); } } } elseif(is_array($record_old)) { foreach($record_old as $key => $val) { if($record_new[$key] != $val) { // Record has changed $diffrec[$key] = array('new' => $record_new[$key], 'old' => $val); } } } $this->diffrec = $diffrec; */ // Full diff records for ISPConfig, they have a different format then the simple diffrec $diffrec_full = array(); if(is_array($record_old) && count($record_old) > 0) { foreach($record_old as $key => $val) { //if(isset($record_new[$key]) && $record_new[$key] != $val) { if(!isset($record_new[$key]) || $record_new[$key] != $val) { // Record has changed $diffrec_full['old'][$key] = $val; $diffrec_full['new'][$key] = $record_new[$key]; $this->diffrec[$key] = array( 'new' => $record_new[$key], 'old' => $val); } else { $diffrec_full['old'][$key] = $val; $diffrec_full['new'][$key] = $val; } } } elseif(is_array($record_new)) { foreach($record_new as $key => $val) { if(isset($record_new[$key]) && $record_old[$key] != $val) { // Record has changed $diffrec_full['new'][$key] = $val; $diffrec_full['old'][$key] = $record_old[$key]; $this->diffrec[$key] = array( 'old' => @$record_old[$key], 'new' => $val); } else { $diffrec_full['new'][$key] = $val; $diffrec_full['old'][$key] = $val; } } } //$this->diffrec = $diffrec; // Insert the server_id, if the record has a server_id $server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0; if(isset($record_new["server_id"])) $server_id = $record_new["server_id"]; if(count($this->diffrec) > 0) { $diffstr = addslashes(serialize($diffrec_full)); $username = $app->db->quote($_SESSION["s"]["user"]["username"]); $dbidx = $this->formDef['db_table_idx'].":".$primary_id; // $action = ($action == 'INSERT')?'i':'u'; if($action == 'INSERT') $action = 'i'; if($action == 'UPDATE') $action = 'u'; if($action == 'DELETE') $action = 'd'; $sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('".$this->formDef['db_table']."','$dbidx','$server_id','$action','".time()."','$username','$diffstr')"; $app->db->query($sql); } return true; } function getAuthSQL($perm) { if($_SESSION["s"]["user"]["typ"] == 'admin') { return '1'; } else { $groups = ( $_SESSION["s"]["user"]["groups"] ) ? $_SESSION["s"]["user"]["groups"] : 0; $sql = '('; $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR "; $sql .= "(sys_groupid IN (".$groups.") AND sys_perm_group like '%$perm%') OR "; $sql .= "sys_perm_other like '%$perm%'"; $sql .= ')'; return $sql; } } /* This function checks if a user has the parmissions $perm for the data record with the ID $record_id If record_id = 0, the the permissions are tested against the defaults of the form file. */ function checkPerm($record_id,$perm) { global $app; if($record_id > 0) { // Add backticks for incomplete table names. if(stristr($this->formDef['db_table'],'.')) { $escape = ''; } else { $escape = '`'; } $sql = "SELECT ".$this->formDef['db_table_idx']." FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$record_id." AND ".$this->getAuthSQL($perm); if($record = $app->db->queryOneRecord($sql)) { return true; } else { return false; } } else { $result = false; if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true; if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true; if(@stristr($this->formDef["auth_preset"]["perm_other"],$perm)) $result = true; // if preset == 0, everyone can insert a record of this type if($this->formDef["auth_preset"]["userid"] == 0 AND $this->formDef["auth_preset"]["groupid"] == 0 AND (@stristr($this->formDef["auth_preset"]["perm_user"],$perm) OR @stristr($this->formDef["auth_preset"]["perm_group"],$perm))) $result = true; return $result; } } function getNextTab() { // Which tab is shown if($this->errorMessage == '') { // If there is no error if(isset($_REQUEST["next_tab"]) && $_REQUEST["next_tab"] != '') { // If the next tab is known $active_tab = $_REQUEST["next_tab"]; } else { // else use the default tab $active_tab = $this->formDef['tab_default']; } } else { // Show the same tab again in case of an error $active_tab = $_SESSION["s"]["form"]["tab"]; } return $active_tab; } function getCurrentTab() { return $_SESSION["s"]["form"]["tab"]; } function isReadonlyTab($tab, $primary_id) { global $app, $conf; // Add backticks for incomplete table names. if(stristr($this->formDef['db_table'],'.')) { $escape = ''; } else { $escape = '`'; } $sql = "SELECT sys_userid FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; $record = $app->db->queryOneRecord($sql); // return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record. if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true && $record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) { return true; } else { return false; } } // translation function for forms, tries the form wordbook first and if this fails, it tries the global wordbook function lng($msg) { global $app; if(isset($this->wordbook[$msg])) { return $this->wordbook[$msg]; } else { return $app->lng($msg); } } } ?> interface/web/client/lib/lang/en_client.lng
@@ -1,87 +1,87 @@ <?php $wb["limit_maildomain_txt"] = 'Max. number of email domains'; $wb["limit_mailbox_txt"] = 'Max. number of mailboxes'; $wb["limit_mailalias_txt"] = 'Max. number of email aliases'; $wb["limit_mailforward_txt"] = 'Max. number of email forwarders'; $wb["limit_mailcatchall_txt"] = 'Max. number of email catchall accounts'; $wb["limit_mailrouting_txt"] = 'Max. number of email routes'; $wb["limit_mailfilter_txt"] = 'Max. number of email filters'; $wb["limit_fetchmail_txt"] = 'Max. number of fetchmail accounts'; $wb["limit_mailquota_txt"] = 'Mailbox quota'; $wb["limit_spamfilter_wblist_txt"] = 'Max. number of spamfilter white / blacklist filters'; $wb["limit_spamfilter_user_txt"] = 'Max. number of spamfilter users'; $wb["limit_spamfilter_policy_txt"] = 'Max. number of spamfilter policys'; $wb["default_mailserver_txt"] = 'Default Mailserver'; $wb["company_name_txt"] = 'Company name'; $wb["contact_name_txt"] = 'Contact name'; $wb["username_txt"] = 'Username'; $wb["password_txt"] = 'Password'; $wb["password_strength_txt"] = 'Password strength'; $wb["language_txt"] = 'Language'; $wb["usertheme_txt"] = 'Theme'; $wb["street_txt"] = 'Street'; $wb["zip_txt"] = 'ZIP'; $wb["city_txt"] = 'City'; $wb["state_txt"] = 'State'; $wb["country_txt"] = 'Country'; $wb["telephone_txt"] = 'Telephone'; $wb["mobile_txt"] = 'Mobile'; $wb["fax_txt"] = 'Fax'; $wb["email_txt"] = 'Email'; $wb["internet_txt"] = 'Internet'; $wb["icq_txt"] = 'ICQ'; $wb["notes_txt"] = 'Notes'; $wb["company_txt"] = 'Company'; $wb["title_txt"] = 'Title'; $wb["firstname_txt"] = 'Firstname'; $wb["surname_txt"] = 'Surname'; $wb["limit_domain_txt"] = 'limit_domain'; $wb["limit_subdomain_txt"] = 'limit_subdomain'; $wb["limit_webquota_txt"] = 'limit_webquota'; $wb["limit_database_txt"] = 'limit_database'; $wb["ip_address_txt"] = 'ip_address'; $wb["limit_client_error_notint"] = 'Client Limit is not a number.'; $wb["firstname_error_empty"] = 'Firstname is empty.'; $wb["contact_error_empty"] = 'Contact name is empty.'; $wb["default_webserver_txt"] = 'Default Webserver'; $wb["limit_web_domain_txt"] = 'Max. number of web domains'; $wb["limit_web_aliasdomain_txt"] = 'Max. number of web aliasdomains'; $wb["limit_web_subdomain_txt"] = 'Max. number of web subdomains'; $wb["limit_ftp_user_txt"] = 'Max. number of FTP users'; $wb["default_dnsserver_txt"] = 'Default DNS Server'; $wb["limit_dns_zone_txt"] = 'Max. number of DNS zones'; $wb["limit_dns_record_txt"] = 'Max. number DNS records'; $wb["limit_shell_user_txt"] = 'Max. number of Shell users'; $wb["limit_client_txt"] = 'Max. number of Clients'; $wb["username_error_empty"] = 'Username is empty.'; $wb["username_error_unique"] = 'The username must be unique.'; $wb["limit_maildomain_error_notint"] = 'The email domain limit must be a number.'; $wb["limit_mailbox_error_notint"] = 'The mailbox limit must be a number.'; $wb["limit_mailalias_error_notint"] = 'The email alias limit must be a number.'; $wb["limit_mailforward_error_notint"] = 'The email forward limit must be a number.'; $wb["limit_mailcatchall_error_notint"] = 'The email catchall limit must be a number.'; $wb["limit_mailrouting_error_notint"] = 'The email routing limit must be a number.'; $wb["limit_mailfilter_error_notint"] = 'The email filter limit must be a number.'; $wb["limit_mailfetchmail_error_notint"] = 'The fetchmail limit must be a number.'; $wb["limit_mailquota_error_notint"] = 'The email quota limit must be a number.'; $wb["limit_spamfilter_wblist_error_notint"] = 'The spamfilter white / blacklist limit must be a number.'; $wb["limit_spamfilter_user_error_notint"] = 'The spamfilter user limit must be a number.'; $wb["limit_spamfilter_policy_error_notint"] = 'The spamfilter policy limit must be a number.'; $wb["limit_web_domain_error_notint"] = 'The website limit must be a number.'; $wb["limit_web_aliasdomain_error_notint"] = 'The website alias domain limit must be a number.'; $wb["limit_web_subdomain_error_notint"] = 'The website subdomain limit must be a number.'; $wb["limit_ftp_user_error_notint"] = 'The ftp user limit must be a number.'; $wb["limit_shell_user_error_notint"] = 'The shell user limit must be a number.'; $wb["limit_dns_zone_error_notint"] = 'The dns zone limit must be a number.'; $wb["limit_dns_zone_error_notint"] = 'The dns record limit must be a number.'; $wb["limit_client_error_notint"] = 'The sub client limit must be a number.'; $wb["default_dbserver_txt"] = 'Default Database Server'; $wb["limit_database_txt"] = 'Max. number of Databases'; $wb["limit_database_error_notint"] = 'The database limit must be a number.'; $wb["username_error_regex"] = 'The Username contains invalid chracaters.'; $wb["template_master_txt"] = 'Master template'; $wb["template_additional_txt"] = 'Addon template'; $wb["ssh_chroot_txt"] = 'SSH-Chroot Options'; $wb["web_php_options_txt"] = 'PHP Options'; $wb["limit_client_txt"] = 'The max. number of clients is reached.'; ?> <?php $wb["limit_maildomain_txt"] = 'Max. number of email domains'; $wb["limit_mailbox_txt"] = 'Max. number of mailboxes'; $wb["limit_mailalias_txt"] = 'Max. number of email aliases'; $wb["limit_mailforward_txt"] = 'Max. number of email forwarders'; $wb["limit_mailcatchall_txt"] = 'Max. number of email catchall accounts'; $wb["limit_mailrouting_txt"] = 'Max. number of email routes'; $wb["limit_mailfilter_txt"] = 'Max. number of email filters'; $wb["limit_fetchmail_txt"] = 'Max. number of fetchmail accounts'; $wb["limit_mailquota_txt"] = 'Mailbox quota'; $wb["limit_spamfilter_wblist_txt"] = 'Max. number of spamfilter white / blacklist filters'; $wb["limit_spamfilter_user_txt"] = 'Max. number of spamfilter users'; $wb["limit_spamfilter_policy_txt"] = 'Max. number of spamfilter policys'; $wb["default_mailserver_txt"] = 'Default Mailserver'; $wb["company_name_txt"] = 'Company name'; $wb["contact_name_txt"] = 'Contact name'; $wb["username_txt"] = 'Username'; $wb["password_txt"] = 'Password'; $wb["password_strength_txt"] = 'Password strength'; $wb["language_txt"] = 'Language'; $wb["usertheme_txt"] = 'Theme'; $wb["street_txt"] = 'Street'; $wb["zip_txt"] = 'ZIP'; $wb["city_txt"] = 'City'; $wb["state_txt"] = 'State'; $wb["country_txt"] = 'Country'; $wb["telephone_txt"] = 'Telephone'; $wb["mobile_txt"] = 'Mobile'; $wb["fax_txt"] = 'Fax'; $wb["email_txt"] = 'Email'; $wb["internet_txt"] = 'Internet'; $wb["icq_txt"] = 'ICQ'; $wb["notes_txt"] = 'Notes'; $wb["company_txt"] = 'Company'; $wb["title_txt"] = 'Title'; $wb["firstname_txt"] = 'Firstname'; $wb["surname_txt"] = 'Surname'; $wb["limit_domain_txt"] = 'limit_domain'; $wb["limit_subdomain_txt"] = 'limit_subdomain'; $wb["limit_webquota_txt"] = 'limit_webquota'; $wb["limit_database_txt"] = 'limit_database'; $wb["ip_address_txt"] = 'ip_address'; $wb["limit_client_error_notint"] = 'Client Limit is not a number.'; $wb["firstname_error_empty"] = 'Firstname is empty.'; $wb["contact_error_empty"] = 'Contact name is empty.'; $wb["default_webserver_txt"] = 'Default Webserver'; $wb["limit_web_domain_txt"] = 'Max. number of web domains'; $wb["limit_web_aliasdomain_txt"] = 'Max. number of web aliasdomains'; $wb["limit_web_subdomain_txt"] = 'Max. number of web subdomains'; $wb["limit_ftp_user_txt"] = 'Max. number of FTP users'; $wb["default_dnsserver_txt"] = 'Default DNS Server'; $wb["limit_dns_zone_txt"] = 'Max. number of DNS zones'; $wb["limit_dns_record_txt"] = 'Max. number DNS records'; $wb["limit_shell_user_txt"] = 'Max. number of Shell users'; $wb["limit_client_txt"] = 'Max. number of Clients'; $wb["username_error_empty"] = 'Username is empty.'; $wb["username_error_unique"] = 'The username must be unique.'; $wb["limit_maildomain_error_notint"] = 'The email domain limit must be a number.'; $wb["limit_mailbox_error_notint"] = 'The mailbox limit must be a number.'; $wb["limit_mailalias_error_notint"] = 'The email alias limit must be a number.'; $wb["limit_mailforward_error_notint"] = 'The email forward limit must be a number.'; $wb["limit_mailcatchall_error_notint"] = 'The email catchall limit must be a number.'; $wb["limit_mailrouting_error_notint"] = 'The email routing limit must be a number.'; $wb["limit_mailfilter_error_notint"] = 'The email filter limit must be a number.'; $wb["limit_mailfetchmail_error_notint"] = 'The fetchmail limit must be a number.'; $wb["limit_mailquota_error_notint"] = 'The email quota limit must be a number.'; $wb["limit_spamfilter_wblist_error_notint"] = 'The spamfilter white / blacklist limit must be a number.'; $wb["limit_spamfilter_user_error_notint"] = 'The spamfilter user limit must be a number.'; $wb["limit_spamfilter_policy_error_notint"] = 'The spamfilter policy limit must be a number.'; $wb["limit_web_domain_error_notint"] = 'The website limit must be a number.'; $wb["limit_web_aliasdomain_error_notint"] = 'The website alias domain limit must be a number.'; $wb["limit_web_subdomain_error_notint"] = 'The website subdomain limit must be a number.'; $wb["limit_ftp_user_error_notint"] = 'The ftp user limit must be a number.'; $wb["limit_shell_user_error_notint"] = 'The shell user limit must be a number.'; $wb["limit_dns_zone_error_notint"] = 'The dns zone limit must be a number.'; $wb["limit_dns_zone_error_notint"] = 'The dns record limit must be a number.'; $wb["limit_client_error_notint"] = 'The sub client limit must be a number.'; $wb["default_dbserver_txt"] = 'Default Database Server'; $wb["limit_database_txt"] = 'Max. number of Databases'; $wb["limit_database_error_notint"] = 'The database limit must be a number.'; $wb["username_error_regex"] = 'The Username contains invalid chracaters.'; $wb["template_master_txt"] = 'Master template'; $wb["template_additional_txt"] = 'Addon template'; $wb["ssh_chroot_txt"] = 'SSH-Chroot Options'; $wb["web_php_options_txt"] = 'PHP Options'; $wb["limit_client_error"] = 'The max. number of clients is reached.'; ?> interface/web/login/lib/lang/bg.lng
@@ -9,4 +9,6 @@ $wb['pw_error_noinput'] = 'Моля въведете потребителско име и електронна поща.'; $wb['pw_reset_mail_msg'] = 'Новата парола за вашия ISPConfig 3 контролен панел е:'; $wb['pw_reset_mail_title'] = 'Нова парола за вашия ISPConfig 3 контролен панел'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/login/lib/lang/de.lng
@@ -9,4 +9,6 @@ $wb['pw_error_noinput'] = 'Bitte geben sie ihr Emailadresse und Benutzernamen ein.'; $wb['pw_reset_mail_msg'] = 'The password to your ISPConfig 3 control panel account has been reset. The new password is: '; $wb['pw_reset_mail_title'] = 'ISPConfig 3 Controlpanel Passwort wurde zurückgesetzt.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/login/lib/lang/es.lng
@@ -1,14 +1,14 @@ <?php $wb['1001'] = 'Usuario o contraseña vacíos.'; $wb['1002'] = 'Usuario o contraseña incorrectos.'; $wb['1003'] = 'El usuario está bloqueado'; $wb['1004'] = 'Demasiados intentos erroneos, por favor, inténtelo dentro de 15 minutos.'; $wb['pass_reset_txt'] = 'Se generará una nueva contraseña que se le enviará a la cuenta de correo que tiene configurada.'; $wb['pw_reset'] = 'La contraseña ha sido reseteada y enviada a su cuenta de correo.'; $wb['pw_error'] = 'El usuario o la cuenta de correo no coinciden.'; $wb['pw_error_noinput'] = 'Por favor, introduzca la dirección de correo y el nombre de usuario.'; $wb['pw_reset_mail_msg'] = 'La contraseña de su cuenta de panel de control ISPConfig 3 ha sido reseteada. La nueva contraseña es: '; $wb['pw_reset_mail_title'] = 'La contraseña del panel de control ISPConfig 3 ha sido reseteada.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> <?php $wb['1001'] = 'Usuario o contraseña vacíos.'; $wb['1002'] = 'Usuario o contraseña incorrectos.'; $wb['1003'] = 'El usuario está bloqueado'; $wb['1004'] = 'Demasiados intentos erroneos, por favor, inténtelo dentro de 15 minutos.'; $wb['pass_reset_txt'] = 'Se generará una nueva contraseña que se le enviará a la cuenta de correo que tiene configurada.'; $wb['pw_reset'] = 'La contraseña ha sido reseteada y enviada a su cuenta de correo.'; $wb['pw_error'] = 'El usuario o la cuenta de correo no coinciden.'; $wb['pw_error_noinput'] = 'Por favor, introduzca la dirección de correo y el nombre de usuario.'; $wb['pw_reset_mail_msg'] = 'La contraseña de su cuenta de panel de control ISPConfig 3 ha sido reseteada. La nueva contraseña es: '; $wb['pw_reset_mail_title'] = 'La contraseña del panel de control ISPConfig 3 ha sido reseteada.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/login/lib/lang/fi.lng
@@ -9,4 +9,6 @@ $wb['pw_error_noinput'] = 'Anna sähköpostiosoite ja käyttäjätunnus.'; $wb['pw_reset_mail_msg'] = 'Käyttäjätunnuksesi salasana ISPConfi3 Hallintapaneeliin on vaihdettu. Uusi salasanasi: '; $wb['pw_reset_mail_title'] = 'ISPConfi3 Hallintapaneelin salasana on vaihdettu.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/login/lib/lang/fr.lng
@@ -1,14 +1,14 @@ <?php $wb['1001'] = 'Nom dutilisateur ou mot de passe vide.'; $wb['1002'] = 'Nom dutilisateur ou mot de passe faux.'; $wb['1003'] = 'Utilisateur bloqué.'; $wb['1004'] = 'To many wrong logins, Please retry it after 15 minutes'; $wb['pass_reset_txt'] = 'A new password will be generated and send to your email address if the email address entered below matches the email address in your client settings.'; $wb['pw_reset'] = 'The password has been reset and send to your email address.'; $wb['pw_error'] = 'Username or email address does not match.'; $wb['pw_error_noinput'] = 'Please enter email address and username.'; $wb['pw_reset_mail_msg'] = 'The password to your ISPConfig 3 control panel account has been reset. The new password is: '; $wb['pw_reset_mail_title'] = 'ISPConfig 3 Control panel password has been reset.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> <?php $wb['1001'] = 'Nom dutilisateur ou mot de passe vide.'; $wb['1002'] = 'Nom dutilisateur ou mot de passe faux.'; $wb['1003'] = 'Utilisateur bloqué.'; $wb['1004'] = 'To many wrong logins, Please retry it after 15 minutes'; $wb['pass_reset_txt'] = 'A new password will be generated and send to your email address if the email address entered below matches the email address in your client settings.'; $wb['pw_reset'] = 'The password has been reset and send to your email address.'; $wb['pw_error'] = 'Username or email address does not match.'; $wb['pw_error_noinput'] = 'Please enter email address and username.'; $wb['pw_reset_mail_msg'] = 'The password to your ISPConfig 3 control panel account has been reset. The new password is: '; $wb['pw_reset_mail_title'] = 'ISPConfig 3 Control panel password has been reset.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/login/lib/lang/it.lng
@@ -1,14 +1,14 @@ <?php $wb['1001'] = 'Nome utente o Password vuoti.'; $wb['1002'] = 'Nome utente o Password errati.'; $wb['1003'] = 'Utente bloccato.'; $wb['1004'] = 'Troppi tentativi di login errati, Riprova tra 15 minuti'; $wb['pass_reset_txt'] = 'Una nuova password sarà generata e spedita alla tua email se l`email inserita corrisponde a quella delle impostazioni dell`utente.'; $wb['pw_reset'] = 'La password è stata reimpostata e spedita al tuo indirizzo mail.'; $wb['pw_error'] = 'Nome utente o email non corrispondenti.'; $wb['pw_error_noinput'] = 'Inserisci nome utente e indirizzo email.'; $wb['pw_reset_mail_msg'] = 'La password nel tuo pannello di controllo ISPConfig 3 è stata reimpostata. La nuova password è: '; $wb['pw_reset_mail_title'] = 'Password del pannello di controllo ISPConfig 3 reimpostata.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> <?php $wb['1001'] = 'Nome utente o Password vuoti.'; $wb['1002'] = 'Nome utente o Password errati.'; $wb['1003'] = 'Utente bloccato.'; $wb['1004'] = 'Troppi tentativi di login errati, Riprova tra 15 minuti'; $wb['pass_reset_txt'] = 'Una nuova password sarà generata e spedita alla tua email se l`email inserita corrisponde a quella delle impostazioni dell`utente.'; $wb['pw_reset'] = 'La password è stata reimpostata e spedita al tuo indirizzo mail.'; $wb['pw_error'] = 'Nome utente o email non corrispondenti.'; $wb['pw_error_noinput'] = 'Inserisci nome utente e indirizzo email.'; $wb['pw_reset_mail_msg'] = 'La password nel tuo pannello di controllo ISPConfig 3 è stata reimpostata. La nuova password è: '; $wb['pw_reset_mail_title'] = 'Password del pannello di controllo ISPConfig 3 reimpostata.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/login/lib/lang/nl.lng
@@ -1,14 +1,14 @@ <?php $wb['1001'] = 'Gebruikersnaam of wachtwoord is leeg.'; $wb['1002'] = 'Gebruikersnaam of wachtwoord ongeldig.'; $wb['1003'] = 'Gebruiker is geblokkeerd.'; $wb['1004'] = 'Teveel ongeldige login pogingen, Probeer het na 15 minuten opnieuw.'; $wb['pass_reset_txt'] = 'Een nieuw wachtwoord zal worden gegenereerd en na het hierboven ingevulde Emailadres worden gestuurd, op voorwaarde dat het Emailadres overeenkomt met het Emailadres in uw klanten-settings'; $wb['pw_reset'] = 'Het wachtwoord is gereset en is verzonden aan uw Emailadres.'; $wb['pw_error'] = 'Gebruikersnaam of Emailadres komen niet overeen.'; $wb['pw_error_noinput'] = 'Voer a.u.b. uw Emailadres en gebruikersnaam in.'; $wb['pw_reset_mail_msg'] = 'Het wachtwoord dat toegang biedt tot ISPConfig 3 is gereset. Het nieuwe wachtwoord is: '; $wb['pw_reset_mail_title'] = 'Het wachtwoord dat toegang biedt tot ISPConfig 3 is gereset.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> <?php $wb['1001'] = 'Gebruikersnaam of wachtwoord is leeg.'; $wb['1002'] = 'Gebruikersnaam of wachtwoord ongeldig.'; $wb['1003'] = 'Gebruiker is geblokkeerd.'; $wb['1004'] = 'Teveel ongeldige login pogingen, Probeer het na 15 minuten opnieuw.'; $wb['pass_reset_txt'] = 'Een nieuw wachtwoord zal worden gegenereerd en na het hierboven ingevulde Emailadres worden gestuurd, op voorwaarde dat het Emailadres overeenkomt met het Emailadres in uw klanten-settings'; $wb['pw_reset'] = 'Het wachtwoord is gereset en is verzonden aan uw Emailadres.'; $wb['pw_error'] = 'Gebruikersnaam of Emailadres komen niet overeen.'; $wb['pw_error_noinput'] = 'Voer a.u.b. uw Emailadres en gebruikersnaam in.'; $wb['pw_reset_mail_msg'] = 'Het wachtwoord dat toegang biedt tot ISPConfig 3 is gereset. Het nieuwe wachtwoord is: '; $wb['pw_reset_mail_title'] = 'Het wachtwoord dat toegang biedt tot ISPConfig 3 is gereset.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/login/lib/lang/ru.lng
@@ -9,4 +9,6 @@ $wb['pw_error_noinput'] = 'Please enter email address and username.'; $wb['pw_reset_mail_msg'] = 'The password to your ISPConfig 3 control panel account has been reset. The new password is: '; $wb['pw_reset_mail_title'] = 'ISPConfig 3 Control panel password has been reset.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/login/lib/lang/se.lng
@@ -1,14 +1,14 @@ <?php $wb['1001'] = 'Användarnamn eller Lösenord är tomt.'; $wb['1002'] = 'Felaktigt Användarnamn eller Lösenord.'; $wb['1003'] = 'Användaren är spärrad.'; $wb['1004'] = 'To many wrong logins, Please retry it after 15 minutes'; $wb['pass_reset_txt'] = 'A new password will be generated and send to your email address if the email address entered below matches the email address in your client settings.'; $wb['pw_reset'] = 'The password has been reset and send to your email address.'; $wb['pw_error'] = 'Username or email address does not match.'; $wb['pw_error_noinput'] = 'Please enter email address and username.'; $wb['pw_reset_mail_msg'] = 'The password to your ISPConfig 3 control panel account has been reset. The new password is: '; $wb['pw_reset_mail_title'] = 'ISPConfig 3 Control panel password has been reset.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> <?php $wb['1001'] = 'Användarnamn eller Lösenord är tomt.'; $wb['1002'] = 'Felaktigt Användarnamn eller Lösenord.'; $wb['1003'] = 'Användaren är spärrad.'; $wb['1004'] = 'To many wrong logins, Please retry it after 15 minutes'; $wb['pass_reset_txt'] = 'A new password will be generated and send to your email address if the email address entered below matches the email address in your client settings.'; $wb['pw_reset'] = 'The password has been reset and send to your email address.'; $wb['pw_error'] = 'Username or email address does not match.'; $wb['pw_error_noinput'] = 'Please enter email address and username.'; $wb['pw_reset_mail_msg'] = 'The password to your ISPConfig 3 control panel account has been reset. The new password is: '; $wb['pw_reset_mail_title'] = 'ISPConfig 3 Control panel password has been reset.'; $wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.'; $wb['pw_error_length'] = 'The password length is > 64 characters.'; ?> interface/web/mail/mail_domain_edit.php
@@ -75,7 +75,7 @@ function onShowEnd() { global $app, $conf; if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { if($_SESSION["s"]["user"]["typ"] == 'admin') { // Getting Clients of the user if($_SESSION["s"]["user"]["typ"] == 'admin') { $sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0"; @@ -92,9 +92,36 @@ $client_select .= "<option value='$client[groupid]' $selected>$client[name]</option>\r\n"; } } $app->tpl->setVar("client_group_id",$client_select); $app->tpl->setVar("client_group_id",$client_select); } elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) { // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT client.client_id, limit_web_domain, default_webserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); // Set the webserver to the default server of the client $tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_webserver]"); $app->tpl->setVar("server_id","<option value='$client[default_webserver]'>$tmp[server_name]</option>"); unset($tmp); // Fill the client select field $sql = "SELECT groupid, name FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']; $clients = $app->db->queryAllRecords($sql); $client_select = ''; if(is_array($clients)) { foreach( $clients as $client) { $selected = @($client["groupid"] == $this->dataRecord["sys_groupid"])?'SELECTED':''; $client_select .= "<option value='$client[groupid]' $selected>$client[name]</option>\r\n"; } } $app->tpl->setVar("client_group_id",$client_select); } // Get the spamfilter policys for the user $tmp_user = $app->db->queryOneRecord("SELECT policy_id FROM spamfilter_users WHERE email = '@".$this->dataRecord["domain"]."'"); $sql = "SELECT id, policy_name FROM spamfilter_policy WHERE ".$app->tform->getAuthSQL('r'); interface/web/sites/database_edit.php
@@ -91,15 +91,15 @@ // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT client_id, default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); $client = $app->db->queryOneRecord("SELECT client.client_id, limit_web_domain, default_webserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); // Set the webserver to the default server of the client $tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_dbserver]"); $app->tpl->setVar("server_id","<option value='$client[default_dbserver]'>$tmp[server_name]</option>"); $tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_webserver]"); $app->tpl->setVar("server_id","<option value='$client[default_webserver]'>$tmp[server_name]</option>"); unset($tmp); // Fill the client select field $sql = "SELECT groupid, name FROM sys_group, client WHERE sys_group.client_id = client.parent_client_id AND client.parent_client_id = ".$client['client_id']; $sql = "SELECT groupid, name FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']; $clients = $app->db->queryAllRecords($sql); $client_select = ''; if(is_array($clients)) { interface/web/sites/ftp_user_edit.php
@@ -82,7 +82,8 @@ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); $ftpuser_prefix = ($global_config['ftpuser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['ftpuser_prefix']); // $ftpuser_prefix = ($global_config['ftpuser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['ftpuser_prefix']); $ftpuser_prefix = replacePrefix($global_config['ftpuser_prefix'], $this->dataRecord); if ($this->dataRecord['username'] != ""){ /* REMOVE the restriction */ @@ -115,7 +116,8 @@ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); $ftpuser_prefix = ($global_config['ftpuser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['ftpuser_prefix']); //$ftpuser_prefix = ($global_config['ftpuser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['ftpuser_prefix']); $ftpuser_prefix = replacePrefix($global_config['ftpuser_prefix'], $this->dataRecord); if ($app->tform->errorMessage == '') { $this->dataRecord['username'] = $ftpuser_prefix . $this->dataRecord['username']; @@ -151,7 +153,8 @@ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); $ftpuser_prefix = ($global_config['ftpuser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['ftpuser_prefix']); //$ftpuser_prefix = ($global_config['ftpuser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['ftpuser_prefix']); $ftpuser_prefix = replacePrefix($global_config['ftpuser_prefix'], $this->dataRecord); /* restrict the names */ if ($app->tform->errorMessage == '') { interface/web/sites/lib/lang/bg_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Не е посочен домейн.'; $wb['domain_error_unique'] = 'Вече съществува такъв домейн.'; $wb['domain_error_regex'] = 'Невалидно име на домейн.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/lib/lang/de_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Domain ist leer.'; $wb['domain_error_unique'] = 'Domain muss eindeutig sein.'; $wb['domain_error_regex'] = 'Domainname ist ungültig.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/lib/lang/es_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Domain is empty.'; $wb['domain_error_unique'] = 'Domain must be unique.'; $wb['domain_error_regex'] = 'Domain name invalid.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/lib/lang/fi_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Verkkotunnus-kenttä on tyhjä.'; $wb['domain_error_unique'] = 'Tämä verkkotunnus on jo olemassa.'; $wb['domain_error_regex'] = 'Verkkotunnus on vääränlainen.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/lib/lang/fr_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Domain is empty.'; $wb['domain_error_unique'] = 'Domain must be unique.'; $wb['domain_error_regex'] = 'Domain name invalid.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/lib/lang/it_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Domain is empty.'; $wb['domain_error_unique'] = 'Domain must be unique.'; $wb['domain_error_regex'] = 'Domain name invalid.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/lib/lang/nl_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Domein is leeg.'; $wb['domain_error_unique'] = 'Domein moet uniek zijn.'; $wb['domain_error_regex'] = 'Domeinnaam ongeldig.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/lib/lang/ru_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Домен пустой.'; $wb['domain_error_unique'] = 'Домен должен быть уникальным.'; $wb['domain_error_regex'] = 'Имя домена неправильно.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/lib/lang/se_web_subdomain.lng
@@ -35,4 +35,5 @@ $wb['domain_error_empty'] = 'Domain is empty.'; $wb['domain_error_unique'] = 'Domain must be unique.'; $wb['domain_error_regex'] = 'Domain name invalid.'; $wb['host_txt'] = 'Host'; ?> interface/web/sites/shell_user_edit.php
@@ -1,224 +1,227 @@ <?php /* Copyright (c) 2007, Till Brehm, projektfarm Gmbh All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of ISPConfig nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /****************************************** * Begin Form configuration ******************************************/ $tform_def_file = "form/shell_user.tform.php"; /****************************************** * End Form configuration ******************************************/ require_once('../../lib/config.inc.php'); require_once('../../lib/app.inc.php'); require_once('tools.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('sites'); // Loading classes $app->uses('tpl,tform,tform_actions'); $app->load('tform_actions'); class page_action extends tform_actions { function onShowNew() { global $app, $conf; // we will check only users, not admins if($_SESSION["s"]["user"]["typ"] == 'user') { // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT limit_shell_user FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); // Check if the user may add another shell user. if($client["limit_shell_user"] >= 0) { $tmp = $app->db->queryOneRecord("SELECT count(shell_user_id) as number FROM shell_user WHERE sys_groupid = $client_group_id"); if($tmp["number"] >= $client["limit_shell_user"]) { $app->error($app->tform->wordbook["limit_shell_user_txt"]); } } } parent::onShowNew(); } function onShowEnd() { global $app, $conf, $interfaceConf; /* * If the names are restricted -> remove the restriction, so that the * data can be edited */ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); $shelluser_prefix = ($global_config['shelluser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['shelluser_prefix']); if ($this->dataRecord['username'] != ""){ /* REMOVE the restriction */ $app->tpl->setVar("username", str_replace($shelluser_prefix , '', $this->dataRecord['username'])); } if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { $app->tpl->setVar("username_prefix", $global_config['shelluser_prefix']); } else { $app->tpl->setVar("username_prefix", $shelluser_prefix); } if($this->id > 0) { //* we are editing a existing record $app->tpl->setVar("edit_disabled", 1); $app->tpl->setVar("parent_domain_id_value", $this->dataRecord["parent_domain_id"]); } else { $app->tpl->setVar("edit_disabled", 0); } parent::onShowEnd(); } function onSubmit() { global $app, $conf; // Get the record of the parent domain $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"])); // Set a few fixed values $this->dataRecord["server_id"] = $parent_domain["server_id"]; parent::onSubmit(); } function onBeforeInsert() { global $app, $conf, $interfaceConf; // check if the username is not blacklisted $blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist'); foreach($blacklist as $line) { if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){ $app->tform->errorMessage .= 'The username is not allowed.'; } } unset($blacklist); /* * If the names should be restricted -> do it! */ if ($app->tform->errorMessage == ''){ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); $shelluser_prefix = ($global_config['shelluser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['shelluser_prefix']); /* restrict the names */ $this->dataRecord['username'] = $shelluser_prefix . $this->dataRecord['username']; } parent::onBeforeInsert(); } function onAfterInsert() { global $app, $conf; $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"])); $server_id = $web["server_id"]; $dir = $web["document_root"]; $puser = $web["system_user"]; $pgroup = $web["system_group"]; // The FTP user shall be owned by the same group then the website $sys_groupid = $web['sys_groupid']; $sql = "UPDATE shell_user SET server_id = $server_id, dir = '$dir', puser = '$puser', pgroup = '$pgroup', sys_groupid = '$sys_groupid' WHERE shell_user_id = ".$this->id; $app->db->query($sql); } function onBeforeUpdate() { global $app, $conf, $interfaceConf; // check if the username is not blacklisted $blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist'); foreach($blacklist as $line) { if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){ $app->tform->errorMessage .= 'The username is not allowed.'; } } unset($blacklist); /* * If the names should be restricted -> do it! */ if ($app->tform->errorMessage == '') { /* * If the names should be restricted -> do it! */ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); $shelluser_prefix = ($global_config['shelluser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['shelluser_prefix']); /* restrict the names */ $this->dataRecord['username'] = $shelluser_prefix . $this->dataRecord['username']; } } function onAfterUpdate() { global $app, $conf; } function getClientName() { global $app, $conf; if($_SESSION["s"]["user"]["typ"] != 'admin') { // Get the group-id of the user $client_group_id = $_SESSION["s"]["user"]["default_group"]; } else { // Get the group-id from the data itself $web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord['parent_domain_id'])); $client_group_id = $web['sys_groupid']; } /* get the name of the client */ $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id); $clientName = $tmp['name']; if ($clientName == "") $clientName = 'default'; $clientName = convertClientName($clientName); return $clientName; } } $page = new page_action; $page->onLoad(); <?php /* Copyright (c) 2007, Till Brehm, projektfarm Gmbh All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of ISPConfig nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /****************************************** * Begin Form configuration ******************************************/ $tform_def_file = "form/shell_user.tform.php"; /****************************************** * End Form configuration ******************************************/ require_once('../../lib/config.inc.php'); require_once('../../lib/app.inc.php'); require_once('tools.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('sites'); // Loading classes $app->uses('tpl,tform,tform_actions'); $app->load('tform_actions'); class page_action extends tform_actions { function onShowNew() { global $app, $conf; // we will check only users, not admins if($_SESSION["s"]["user"]["typ"] == 'user') { // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT limit_shell_user FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); // Check if the user may add another shell user. if($client["limit_shell_user"] >= 0) { $tmp = $app->db->queryOneRecord("SELECT count(shell_user_id) as number FROM shell_user WHERE sys_groupid = $client_group_id"); if($tmp["number"] >= $client["limit_shell_user"]) { $app->error($app->tform->wordbook["limit_shell_user_txt"]); } } } parent::onShowNew(); } function onShowEnd() { global $app, $conf, $interfaceConf; /* * If the names are restricted -> remove the restriction, so that the * data can be edited */ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); //$shelluser_prefix = ($global_config['shelluser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['shelluser_prefix']); $shelluser_prefix = replacePrefix($global_config['shelluser_prefix'], $this->dataRecord); if ($this->dataRecord['username'] != ""){ /* REMOVE the restriction */ $app->tpl->setVar("username", str_replace($shelluser_prefix , '', $this->dataRecord['username'])); } if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { $app->tpl->setVar("username_prefix", $global_config['shelluser_prefix']); } else { $app->tpl->setVar("username_prefix", $shelluser_prefix); } if($this->id > 0) { //* we are editing a existing record $app->tpl->setVar("edit_disabled", 1); $app->tpl->setVar("parent_domain_id_value", $this->dataRecord["parent_domain_id"]); } else { $app->tpl->setVar("edit_disabled", 0); } parent::onShowEnd(); } function onSubmit() { global $app, $conf; // Get the record of the parent domain $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"])); // Set a few fixed values $this->dataRecord["server_id"] = $parent_domain["server_id"]; parent::onSubmit(); } function onBeforeInsert() { global $app, $conf, $interfaceConf; // check if the username is not blacklisted $blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist'); foreach($blacklist as $line) { if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){ $app->tform->errorMessage .= 'The username is not allowed.'; } } unset($blacklist); /* * If the names should be restricted -> do it! */ if ($app->tform->errorMessage == ''){ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); // $shelluser_prefix = ($global_config['shelluser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['shelluser_prefix']); $shelluser_prefix = replacePrefix($global_config['shelluser_prefix'], $this->dataRecord); /* restrict the names */ $this->dataRecord['username'] = $shelluser_prefix . $this->dataRecord['username']; } parent::onBeforeInsert(); } function onAfterInsert() { global $app, $conf; $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"])); $server_id = $web["server_id"]; $dir = $web["document_root"]; $puser = $web["system_user"]; $pgroup = $web["system_group"]; // The FTP user shall be owned by the same group then the website $sys_groupid = $web['sys_groupid']; $sql = "UPDATE shell_user SET server_id = $server_id, dir = '$dir', puser = '$puser', pgroup = '$pgroup', sys_groupid = '$sys_groupid' WHERE shell_user_id = ".$this->id; $app->db->query($sql); } function onBeforeUpdate() { global $app, $conf, $interfaceConf; // check if the username is not blacklisted $blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist'); foreach($blacklist as $line) { if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){ $app->tform->errorMessage .= 'The username is not allowed.'; } } unset($blacklist); /* * If the names should be restricted -> do it! */ if ($app->tform->errorMessage == '') { /* * If the names should be restricted -> do it! */ $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); // $shelluser_prefix = ($global_config['shelluser_prefix'] == '')?'':str_replace('[CLIENTNAME]', $this->getClientName(), $global_config['shelluser_prefix']); $shelluser_prefix = replacePrefix($global_config['shelluser_prefix'], $this->dataRecord); /* restrict the names */ $this->dataRecord['username'] = $shelluser_prefix . $this->dataRecord['username']; } } function onAfterUpdate() { global $app, $conf; } function getClientName() { global $app, $conf; if($_SESSION["s"]["user"]["typ"] != 'admin') { // Get the group-id of the user $client_group_id = $_SESSION["s"]["user"]["default_group"]; } else { // Get the group-id from the data itself $web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord['parent_domain_id'])); $client_group_id = $web['sys_groupid']; } /* get the name of the client */ $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id); $clientName = $tmp['name']; if ($clientName == "") $clientName = 'default'; $clientName = convertClientName($clientName); return $clientName; } } $page = new page_action; $page->onLoad(); ?> interface/web/sites/templates/web_domain_advanced.htm
@@ -8,11 +8,13 @@ <input name="document_root" id="document_root" value="{tmpl_var name='document_root'}" size="30" maxlength="255" type="hidden" class="textInput" /> <div class="ctrlHolder"> <label for="system_user">{tmpl_var name='system_user_txt'}</label> <input name="system_user" id="system_user" value="{tmpl_var name='system_user'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" /> <label for="system_user">{tmpl_var name='system_user'}</label> <input name="system_user" id="system_user" value="{tmpl_var name='system_user'}" type="hidden" /> </div> <div class="ctrlHolder"> <label for="system_group">{tmpl_var name='system_group_txt'}</label> <input name="system_group" id="system_group" value="{tmpl_var name='system_group'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" /> <label for="system_group">{tmpl_var name='system_group'}</label> <input name="system_group" id="system_group" value="{tmpl_var name='system_group'}" type="hidden" /> </div> <div class="ctrlHolder"> <label for="apache_directives">{tmpl_var name='apache_directives_txt'}</label> server/conf/index/standard_index.html_en
@@ -50,7 +50,7 @@ <div id="content"> <h2>This is the default index page of your website.</h2> <p>This file may be deleted or overwritten without any difficulty. This is produced by the file <b>index.html</b> in the <b>web</b> directory.</p> <p>For questions or problems please contact the <!--SUPPORT//-->support<!--SUPPORT//-->.</p> <p>For questions or problems please contact <!--SUPPORT//-->support<!--SUPPORT//-->.</p> </div> <div id="footer"> <p>Powered by <a href="http://www.ispconfig.org">ISPConfig</a></p> server/cron_daily.php
@@ -48,13 +48,13 @@ $sql = "SELECT mailuser_id,maildir FROM mail_user WHERE server_id = ".$conf["server_id"]; $records = $app->db->queryAllRecords($sql); foreach($records as $rec) { if(@is_file($rec["maildir"].'/.ispconfig_mailsize')) { if(@is_file($rec["maildir"].'/ispconfig_mailsize')) { // rename file rename($rec["maildir"].'/.ispconfig_mailsize',$rec["maildir"].'/.ispconfig_mailsize_save'); rename($rec["maildir"].'/ispconfig_mailsize',$rec["maildir"].'/ispconfig_mailsize_save'); // Read the file $lines = file($rec["maildir"].'/.ispconfig_mailsize_save'); $lines = file($rec["maildir"].'/ispconfig_mailsize_save'); $mail_traffic = 0; foreach($lines as $line) { $mail_traffic += intval($line); @@ -62,7 +62,7 @@ unset($lines); // Delete backup file if(@is_file($rec["maildir"].'/.ispconfig_mailsize_save')) unlink($rec["maildir"].'/.ispconfig_mailsize_save'); if(@is_file($rec["maildir"].'/ispconfig_mailsize_save')) unlink($rec["maildir"].'/ispconfig_mailsize_save'); // Save the traffic stats in the sql database $tstamp = date("Y-m"); server/plugins-available/shelluser_base_plugin.inc.php
@@ -148,11 +148,14 @@ // Get the UID of the user $userid = intval($app->system->getuid($data['old']['username'])); if($userid > $this->min_uid) { $command = 'userdel -f -r'; $command .= ' '.escapeshellcmd($data['old']['username']); // We delete only non jailkit users, jailkit users will be deleted by the jailkit plugin. if ($data['old']['chroot'] != "jailkit") { $command = 'userdel -f'; $command .= ' '.escapeshellcmd($data['old']['username']); exec($command); $app->log("Deleted shelluser: ".$data['old']['username'],LOGLEVEL_DEBUG); exec($command); $app->log("Deleted shelluser: ".$data['old']['username'],LOGLEVEL_DEBUG); } } else { $app->log("UID = $userid for shelluser:".$data['old']['username']." not allowed.",LOGLEVEL_ERROR);
