From 84569173c9a21ebab5ecdb662d9b4fb98b7c336b Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 16 Apr 2012 08:19:56 -0400
Subject: [PATCH] Fixed: FS#2176 - collision between shell/ftp accounts and client accounts named webXX is not checked

---
 interface/web/client/client_edit.php          |    2 +-
 interface/web/client/form/client.tform.php    |    6 +++++-
 interface/lib/classes/validate_client.inc.php |   30 ++++++++++++++++++++++++++++++
 interface/web/client/lib/lang/en_reseller.lng |    1 +
 interface/web/client/form/reseller.tform.php  |    6 +++++-
 interface/web/client/lib/lang/en_client.lng   |    1 +
 6 files changed, 43 insertions(+), 3 deletions(-)

diff --git a/interface/lib/classes/validate_client.inc.php b/interface/lib/classes/validate_client.inc.php
index 97b9221..fa0f102 100644
--- a/interface/lib/classes/validate_client.inc.php
+++ b/interface/lib/classes/validate_client.inc.php
@@ -65,6 +65,36 @@
 		}
 	}
 	
+	function username_collision($field_name, $field_value, $validator) {
+		global $app;
+		
+		if(isset($app->remoting_lib->primary_id)) {
+			$client_id = $app->remoting_lib->primary_id;
+		} else {
+			$client_id = $app->tform->primary_id;
+		}
+		
+		$app->uses('getconf');
+		$global_config = $app->getconf->get_global_config('sites');
+		
+		if(substr($field_value,0,3) == 'web' && 
+		  ($global_config['ftpuser_prefix'] == '[CLIENTNAME]' || 
+		   $global_config['ftpuser_prefix'] == '' ||
+		   $global_config['shelluser_prefix'] == '[CLIENTNAME]' ||
+		   $global_config['shelluser_prefix'] == '' )) {
+			$errmsg = $validator['errmsg'];
+			if(isset($app->tform->wordbook[$errmsg])) {
+				return $app->tform->wordbook[$errmsg]."<br>\r\n";
+			} else {
+				return $errmsg."<br>\r\n";
+			}
+		}
+		
+		
+		
+		
+	}
+	
 	
 	
 	
diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index e3330e5..fc16d4c 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -1,6 +1,6 @@
 <?php
 /*
-Copyright (c) 2005 - 2008, Till Brehm, projektfarm Gmbh
+Copyright (c) 2005 - 2012, Till Brehm, projektfarm Gmbh, ISPConfig UG
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
diff --git a/interface/web/client/form/client.tform.php b/interface/web/client/form/client.tform.php
index 6e76992..d35f34f 100644
--- a/interface/web/client/form/client.tform.php
+++ b/interface/web/client/form/client.tform.php
@@ -126,7 +126,11 @@
 														'class' => 'validate_client',
 														'function' => 'username_unique',
 														'errmsg'=> 'username_error_unique'),
-										2 => array (	'type'	=> 'REGEX',
+										2 => array (	'type'	=> 'CUSTOM',
+														'class' => 'validate_client',
+														'function' => 'username_collision',
+														'errmsg'=> 'username_error_collision'),
+										3 => array (	'type'	=> 'REGEX',
 														'regex' => '/^[\w\.\-\_]{0,64}$/',
 														'errmsg'=> 'username_error_regex'),
 										),
diff --git a/interface/web/client/form/reseller.tform.php b/interface/web/client/form/reseller.tform.php
index 5447070..a307791 100644
--- a/interface/web/client/form/reseller.tform.php
+++ b/interface/web/client/form/reseller.tform.php
@@ -126,7 +126,11 @@
 														'class' => 'validate_client',
 														'function' => 'username_unique',
 														'errmsg'=> 'username_error_unique'),
-										2 => array (	'type'	=> 'REGEX',
+										2 => array (	'type'	=> 'CUSTOM',
+														'class' => 'validate_client',
+														'function' => 'username_collision',
+														'errmsg'=> 'username_error_collision'),
+										3 => array (	'type'	=> 'REGEX',
 														'regex' => '/^[\w\.\-\_]{0,64}$/',
 														'errmsg'=> 'username_error_regex'),
 										),
diff --git a/interface/web/client/lib/lang/en_client.lng b/interface/web/client/lib/lang/en_client.lng
index ce4805e..f2edf1f 100644
--- a/interface/web/client/lib/lang/en_client.lng
+++ b/interface/web/client/lib/lang/en_client.lng
@@ -109,4 +109,5 @@
 $wb["limit_openvz_vm_error_notint"] = 'The virtual server limit must be a number.';
 $wb["web_php_options_notempty"] = 'No PHP option(s) selected. Select at least one PHP option.';
 $wb["ssh_chroot_notempty"] = 'No SSH chroot option selected. Select at least one SSH option.';
+$wb["username_error_collision"] = 'The username may not start with the word - web -';
 ?>
diff --git a/interface/web/client/lib/lang/en_reseller.lng b/interface/web/client/lib/lang/en_reseller.lng
index b93f54e..9f1e36c 100644
--- a/interface/web/client/lib/lang/en_reseller.lng
+++ b/interface/web/client/lib/lang/en_reseller.lng
@@ -108,4 +108,5 @@
 $wb["limit_openvz_vm_error_notint"] = 'The virtual server limit must be a number.';
 $wb["web_php_options_notempty"] = 'No PHP option(s) selected. Select at least one PHP option.';
 $wb["ssh_chroot_notempty"] = 'No SSH chroot option selected. Select at least one SSH option.';
+$wb["username_error_collision"] = 'The username may not start with the word - web -';
 ?>

--
Gitblit v1.9.1