From 84569173c9a21ebab5ecdb662d9b4fb98b7c336b Mon Sep 17 00:00:00 2001 From: tbrehm <t.brehm@ispconfig.org> Date: Mon, 16 Apr 2012 08:19:56 -0400 Subject: [PATCH] Fixed: FS#2176 - collision between shell/ftp accounts and client accounts named webXX is not checked --- interface/web/client/client_edit.php | 2 +- interface/web/client/form/client.tform.php | 6 +++++- interface/lib/classes/validate_client.inc.php | 30 ++++++++++++++++++++++++++++++ interface/web/client/lib/lang/en_reseller.lng | 1 + interface/web/client/form/reseller.tform.php | 6 +++++- interface/web/client/lib/lang/en_client.lng | 1 + 6 files changed, 43 insertions(+), 3 deletions(-) diff --git a/interface/lib/classes/validate_client.inc.php b/interface/lib/classes/validate_client.inc.php index 97b9221..fa0f102 100644 --- a/interface/lib/classes/validate_client.inc.php +++ b/interface/lib/classes/validate_client.inc.php @@ -65,6 +65,36 @@ } } + function username_collision($field_name, $field_value, $validator) { + global $app; + + if(isset($app->remoting_lib->primary_id)) { + $client_id = $app->remoting_lib->primary_id; + } else { + $client_id = $app->tform->primary_id; + } + + $app->uses('getconf'); + $global_config = $app->getconf->get_global_config('sites'); + + if(substr($field_value,0,3) == 'web' && + ($global_config['ftpuser_prefix'] == '[CLIENTNAME]' || + $global_config['ftpuser_prefix'] == '' || + $global_config['shelluser_prefix'] == '[CLIENTNAME]' || + $global_config['shelluser_prefix'] == '' )) { + $errmsg = $validator['errmsg']; + if(isset($app->tform->wordbook[$errmsg])) { + return $app->tform->wordbook[$errmsg]."<br>\r\n"; + } else { + return $errmsg."<br>\r\n"; + } + } + + + + + } + diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php index e3330e5..fc16d4c 100644 --- a/interface/web/client/client_edit.php +++ b/interface/web/client/client_edit.php @@ -1,6 +1,6 @@ <?php /* -Copyright (c) 2005 - 2008, Till Brehm, projektfarm Gmbh +Copyright (c) 2005 - 2012, Till Brehm, projektfarm Gmbh, ISPConfig UG All rights reserved. Redistribution and use in source and binary forms, with or without modification, diff --git a/interface/web/client/form/client.tform.php b/interface/web/client/form/client.tform.php index 6e76992..d35f34f 100644 --- a/interface/web/client/form/client.tform.php +++ b/interface/web/client/form/client.tform.php @@ -126,7 +126,11 @@ 'class' => 'validate_client', 'function' => 'username_unique', 'errmsg'=> 'username_error_unique'), - 2 => array ( 'type' => 'REGEX', + 2 => array ( 'type' => 'CUSTOM', + 'class' => 'validate_client', + 'function' => 'username_collision', + 'errmsg'=> 'username_error_collision'), + 3 => array ( 'type' => 'REGEX', 'regex' => '/^[\w\.\-\_]{0,64}$/', 'errmsg'=> 'username_error_regex'), ), diff --git a/interface/web/client/form/reseller.tform.php b/interface/web/client/form/reseller.tform.php index 5447070..a307791 100644 --- a/interface/web/client/form/reseller.tform.php +++ b/interface/web/client/form/reseller.tform.php @@ -126,7 +126,11 @@ 'class' => 'validate_client', 'function' => 'username_unique', 'errmsg'=> 'username_error_unique'), - 2 => array ( 'type' => 'REGEX', + 2 => array ( 'type' => 'CUSTOM', + 'class' => 'validate_client', + 'function' => 'username_collision', + 'errmsg'=> 'username_error_collision'), + 3 => array ( 'type' => 'REGEX', 'regex' => '/^[\w\.\-\_]{0,64}$/', 'errmsg'=> 'username_error_regex'), ), diff --git a/interface/web/client/lib/lang/en_client.lng b/interface/web/client/lib/lang/en_client.lng index ce4805e..f2edf1f 100644 --- a/interface/web/client/lib/lang/en_client.lng +++ b/interface/web/client/lib/lang/en_client.lng @@ -109,4 +109,5 @@ $wb["limit_openvz_vm_error_notint"] = 'The virtual server limit must be a number.'; $wb["web_php_options_notempty"] = 'No PHP option(s) selected. Select at least one PHP option.'; $wb["ssh_chroot_notempty"] = 'No SSH chroot option selected. Select at least one SSH option.'; +$wb["username_error_collision"] = 'The username may not start with the word - web -'; ?> diff --git a/interface/web/client/lib/lang/en_reseller.lng b/interface/web/client/lib/lang/en_reseller.lng index b93f54e..9f1e36c 100644 --- a/interface/web/client/lib/lang/en_reseller.lng +++ b/interface/web/client/lib/lang/en_reseller.lng @@ -108,4 +108,5 @@ $wb["limit_openvz_vm_error_notint"] = 'The virtual server limit must be a number.'; $wb["web_php_options_notempty"] = 'No PHP option(s) selected. Select at least one PHP option.'; $wb["ssh_chroot_notempty"] = 'No SSH chroot option selected. Select at least one SSH option.'; +$wb["username_error_collision"] = 'The username may not start with the word - web -'; ?> -- Gitblit v1.9.1