From 9f6339a58df07ea702c353283d866ea2d046026b Mon Sep 17 00:00:00 2001 From: vogelor <vogelor@ispconfig3> Date: Fri, 12 Dec 2008 13:21:17 -0500 Subject: [PATCH] The names of the database and the database_user can be limited by the system --- interface/web/sites/templates/database_edit.htm | 2 interface/web/sites/tools.inc.php | 20 ++++ interface/web/sites/database_edit.php | 250 ++++++++++++++++++++++++++++++++++--------------- 3 files changed, 193 insertions(+), 79 deletions(-) diff --git a/interface/web/sites/database_edit.php b/interface/web/sites/database_edit.php index b537c68..18ace21 100644 --- a/interface/web/sites/database_edit.php +++ b/interface/web/sites/database_edit.php @@ -6,14 +6,14 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - * Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - * Neither the name of ISPConfig nor the names of its contributors - may be used to endorse or promote products derived from this software without - specific prior written permission. + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + * Neither the name of ISPConfig nor the names of its contributors + may be used to endorse or promote products derived from this software without + specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED @@ -40,6 +40,7 @@ require_once('../../lib/config.inc.php'); require_once('../../lib/app.inc.php'); +require_once('tools.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('sites'); @@ -49,17 +50,17 @@ $app->load('tform_actions'); class page_action extends tform_actions { - + function onShowNew() { global $app, $conf; - + // we will check only users, not admins if($_SESSION["s"]["user"]["typ"] == 'user') { - + // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT limit_database FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); - + // Check if the user may add another database. if($client["limit_database"] >= 0) { $tmp = $app->db->queryOneRecord("SELECT count(database_id) as number FROM web_database WHERE sys_groupid = $client_group_id"); @@ -68,35 +69,35 @@ } } } - + parent::onShowNew(); } - + function onShowEnd() { - global $app, $conf; - + global $app, $conf, $interfaceConf; + if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) { - + // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); - + // Set the webserver to the default server of the client $tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_dbserver]"); $app->tpl->setVar("server_id","<option value='$client[default_dbserver]'>$tmp[server_name]</option>"); unset($tmp); - + } elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) { - + // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT client_id, default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); - + // Set the webserver to the default server of the client $tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_dbserver]"); $app->tpl->setVar("server_id","<option value='$client[default_dbserver]'>$tmp[server_name]</option>"); unset($tmp); - + // Fill the client select field $sql = "SELECT groupid, name FROM sys_group, client WHERE sys_group.client_id = client.parent_client_id AND client.parent_client_id = ".$client['client_id']; $clients = $app->db->queryAllRecords($sql); @@ -108,9 +109,9 @@ } } $app->tpl->setVar("client_group_id",$client_select); - + } else { - + // The user is admin if($this->id > 0) { $server_id = $this->dataRecord["server_id"]; @@ -119,7 +120,7 @@ $tmp = $app->db->queryOneRecord("SELECT server_id FROM server WHERE web_server = 1 ORDER BY server_name LIMIT 0,1"); $server_id = $tmp['server_id']; } - + $sql = "SELECT ip_address FROM server_ip WHERE server_id = $server_id"; $ips = $app->db->queryAllRecords($sql); $ip_select = "<option value='*'>*</option>"; @@ -133,7 +134,7 @@ $app->tpl->setVar("ip_address",$ip_select); unset($tmp); unset($ips); - + // Fill the client select field $sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0"; $clients = $app->db->queryAllRecords($sql); @@ -145,102 +146,193 @@ } } $app->tpl->setVar("client_group_id",$client_select); - + } - + + /* + * If the names are restricted -> remove the client, so that the + * data can be edited + */ + if ($interfaceConf['restrict_names'] == true){ + /* Get the group-id */ + if($_SESSION["s"]["user"]["typ"] != 'admin') { + // Get the group-id of the user + $client_group_id = $_SESSION["s"]["user"]["default_group"]; + } + else { + // Get the group-id from the data itself + $client_group_id = $this->dataRecord['sys_groupid']; + } + /* get the name of the client */ + $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id); + $clientName = $tmp['name']; + if ($clientName == "") $clientName = 'default'; + $clientName = convertClientName($clientName); + if ($this->dataRecord['database_name'] != ""){ + /* REMOVE the restriction */ + $app->tpl->setVar("database_name", str_replace($clientName . '_' , '', $this->dataRecord['database_name'])); + $app->tpl->setVar("database_user", str_replace($clientName . '_' , '', $this->dataRecord['database_user'])); + } + if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { + $app->tpl->setVar("database_name_prefix", '{client}_'); + $app->tpl->setVar("database_user_prefix", '{client}_'); + } + else { + $app->tpl->setVar("database_name_prefix", $clientName . '_'); + $app->tpl->setVar("database_user_prefix", $clientName . '_'); + } + } + parent::onShowEnd(); } - + function onSubmit() { global $app, $conf; - + if($_SESSION["s"]["user"]["typ"] != 'admin') { // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT default_dbserver, limit_database FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); - + // When the record is updated if($this->id > 0) { // restore the server ID if the user is not admin and record is edited $tmp = $app->db->queryOneRecord("SELECT server_id FROM web_database WHERE database_id = ".intval($this->id)); $this->dataRecord["server_id"] = $tmp["server_id"]; unset($tmp); - // When the record is inserted + // When the record is inserted } else { // set the server ID to the default dbserver of the client $this->dataRecord["server_id"] = $client["default_dbserver"]; - - + + // Check if the user may add another database - if($client["limit_web_domain"] >= 0) { + if($client["limit_database"] >= 0) { $tmp = $app->db->queryOneRecord("SELECT count(database_id) as number FROM web_database WHERE sys_groupid = $client_group_id"); if($tmp["number"] >= $client["limit_database"]) { $app->error($app->tform->wordbook["limit_database_txt"]); } } - + } - + // Clients may not set the client_group_id, so we unset them if user is not a admin and the client is not a reseller if(!$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]); } - - + + parent::onSubmit(); } function onBeforeUpdate() { - global $app, $conf; + global $app, $conf, $interfaceConf; + + /* + * If the names should be restricted -> do it! + */ + if ($interfaceConf['restrict_names'] == true){ + /* Get the group-id */ + if($_SESSION["s"]["user"]["typ"] != 'admin') { + // Get the group-id of the user + $client_group_id = $_SESSION["s"]["user"]["default_group"]; + } + else { + // Get the group-id from the data itself + $client_group_id = $this->dataRecord['client_group_id']; + } + /* get the name of the client */ + $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id); + $clientName = $tmp['name']; + if ($clientName == "") $clientName = 'default'; + $clientName = convertClientName($clientName); + $nameSuffix = $clientName . '_'; + } + else { + $nameSuffix = ''; + } + + $error = false; + + //* Prevent that the database name and charset is changed + $old_record = $app->tform->getDataRecord($this->id); + if($old_record["database_name"] != $nameSuffix . $this->dataRecord["database_name"]) { + $app->tform->errorMessage .= $app->tform->wordbook["database_name_change_txt"].'<br />'; + $error = true; + } + if($old_record["database_charset"] != $this->dataRecord["database_charset"]) { + $app->tform->errorMessage .= $app->tform->wordbook["database_charset_change_txt"].'<br />'; + $error = true; + } //* Check if the server has been changed // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { - $rec = $app->db->queryOneRecord("SELECT server_id from web_database WHERE database_id = ".$this->id); - if($rec['server_id'] != $this->dataRecord["server_id"]) { + if($old_record["server_id"] != $this->dataRecord["server_id"]) { //* Add a error message and switch back to old server $app->tform->errorMessage .= $app->lng('The Server can not be changed.'); $this->dataRecord["server_id"] = $rec['server_id']; + $error = true; } - unset($rec); + } + unset($old_record); + + if ($error == false){ + /* restrict the names if there is no error */ + $this->dataRecord['database_name'] = $nameSuffix . $this->dataRecord['database_name']; + $this->dataRecord['database_user'] = $nameSuffix . $this->dataRecord['database_user']; + } + + parent::onBeforeUpdate(); + } + + function onBeforeInsert() { + global $app, $conf, $interfaceConf; + global $interfaceConf; + + /* + * If the names should be restricted -> do it! + */ + if ($interfaceConf['restrict_names'] == true){ + /* Get the group-id */ + if($_SESSION["s"]["user"]["typ"] != 'admin') { + // Get the group-id of the user + $client_group_id = $_SESSION["s"]["user"]["default_group"]; + } + else { + // Get the group-id from the data itself + $client_group_id = $this->dataRecord['client_group_id']; + } + /* get the name of the client */ + $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id); + $clientName = $tmp['name']; + if ($clientName == "") $clientName = 'default'; + $clientName = convertClientName($clientName); + /* restrict the names */ + $this->dataRecord['database_name'] = $clientName . '_' . $this->dataRecord['database_name']; + $this->dataRecord['database_user'] = $clientName . '_' . $this->dataRecord['database_user']; + } + parent::onBeforeInsert(); + } + + function onAfterInsert() { + global $app, $conf; + + // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it + // also make sure that the user can not delete domain created by a admin + if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { + $client_group_id = intval($this->dataRecord["client_group_id"]); + $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE database_id = ".$this->id); + } + if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) { + $client_group_id = intval($this->dataRecord["client_group_id"]); + $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_id = ".$this->id); } } - function onUpdate() { - global $app, $conf; - - //* Prevent that the database name and charset is changed - $old_record = $app->tform->getDataRecord($this->id); - if($old_record["database_name"] != $this->dataRecord["database_name"]) { - $app->tform->errorMessage .= $app->tform->wordbook["database_name_change_txt"].'<br />'; - } - if($old_record["database_charset"] != $this->dataRecord["database_charset"]) { - $app->tform->errorMessage .= $app->tform->wordbook["database_charset_change_txt"].'<br />'; - } - unset($old_record); - - parent::onUpdate(); - - } - - function onAfterInsert() { - global $app, $conf; - - // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it - // also make sure that the user can not delete domain created by a admin - if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { - $client_group_id = intval($this->dataRecord["client_group_id"]); - $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE database_id = ".$this->id); - } - if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) { - $client_group_id = intval($this->dataRecord["client_group_id"]); - $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_id = ".$this->id); - } - } - function onAfterUpdate() { global $app, $conf; - - // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it + + // make sure that the record belongs to the client group and not the admin group when a admin inserts it // also make sure that the user can not delete domain created by a admin if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = intval($this->dataRecord["client_group_id"]); @@ -250,9 +342,9 @@ $client_group_id = intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_id = ".$this->id); } - + } - + } $page = new page_action; diff --git a/interface/web/sites/templates/database_edit.htm b/interface/web/sites/templates/database_edit.htm index 671edee..d0ec170 100644 --- a/interface/web/sites/templates/database_edit.htm +++ b/interface/web/sites/templates/database_edit.htm @@ -26,10 +26,12 @@ </span> <span class="wf_oneField"> <label for="database_name" class="wf_preField">{tmpl_var name='database_name_txt'}</label> + {tmpl_var name='database_name_prefix'} <input type="text" id="database_name" name="database_name" value="{tmpl_var name='database_name'}" size="30" maxlength="255" class="wf_required"><span class="wf_reqMark">*</span><br> </span> <span class="wf_oneField"> <label for="database_user" class="wf_preField">{tmpl_var name='database_user_txt'}</label> + {tmpl_var name='database_user_prefix'} <input type="text" id="database_user" name="database_user" value="{tmpl_var name='database_user'}" size="30" maxlength="255" class="wf_required"><span class="wf_reqMark">*</span><br> </span> <span class="wf_oneField"> diff --git a/interface/web/sites/tools.inc.php b/interface/web/sites/tools.inc.php new file mode 100644 index 0000000..400c05f --- /dev/null +++ b/interface/web/sites/tools.inc.php @@ -0,0 +1,20 @@ +<?php +function convertClientName($name){ + /** + * only allow 'a'..'z', '_', '0'..'9' + */ + $allowed = 'abcdefghijklmnopqrstuvwxyz0123456789_'; + $res = ''; + $name = strtolower(trim($name)); + for ($i=0; $i < strlen($name); $i++){ + if ($name[$i] == ' ') continue; + if (strpos($allowed, $name[$i]) !== false){ + $res .= $name[$i]; + } + else { + $res .= '_'; + } + } + return $res; +} +?> -- Gitblit v1.9.1