From 9f6339a58df07ea702c353283d866ea2d046026b Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Fri, 12 Dec 2008 13:21:17 -0500
Subject: [PATCH] The names of the database and the database_user can be limited by the system
---
interface/web/sites/templates/database_edit.htm | 2
interface/web/sites/tools.inc.php | 20 ++++
interface/web/sites/database_edit.php | 250 ++++++++++++++++++++++++++++++++++---------------
3 files changed, 193 insertions(+), 79 deletions(-)
diff --git a/interface/web/sites/database_edit.php b/interface/web/sites/database_edit.php
index b537c68..18ace21 100644
--- a/interface/web/sites/database_edit.php
+++ b/interface/web/sites/database_edit.php
@@ -6,14 +6,14 @@
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
- * Neither the name of ISPConfig nor the names of its contributors
- may be used to endorse or promote products derived from this software without
- specific prior written permission.
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
@@ -40,6 +40,7 @@
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
+require_once('tools.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('sites');
@@ -49,17 +50,17 @@
$app->load('tform_actions');
class page_action extends tform_actions {
-
+
function onShowNew() {
global $app, $conf;
-
+
// we will check only users, not admins
if($_SESSION["s"]["user"]["typ"] == 'user') {
-
+
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT limit_database FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-
+
// Check if the user may add another database.
if($client["limit_database"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(database_id) as number FROM web_database WHERE sys_groupid = $client_group_id");
@@ -68,35 +69,35 @@
}
}
}
-
+
parent::onShowNew();
}
-
+
function onShowEnd() {
- global $app, $conf;
-
+ global $app, $conf, $interfaceConf;
+
if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
-
+
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-
+
// Set the webserver to the default server of the client
$tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_dbserver]");
$app->tpl->setVar("server_id","<option value='$client[default_dbserver]'>$tmp[server_name]</option>");
unset($tmp);
-
+
} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
-
+
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT client_id, default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-
+
// Set the webserver to the default server of the client
$tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_dbserver]");
$app->tpl->setVar("server_id","<option value='$client[default_dbserver]'>$tmp[server_name]</option>");
unset($tmp);
-
+
// Fill the client select field
$sql = "SELECT groupid, name FROM sys_group, client WHERE sys_group.client_id = client.parent_client_id AND client.parent_client_id = ".$client['client_id'];
$clients = $app->db->queryAllRecords($sql);
@@ -108,9 +109,9 @@
}
}
$app->tpl->setVar("client_group_id",$client_select);
-
+
} else {
-
+
// The user is admin
if($this->id > 0) {
$server_id = $this->dataRecord["server_id"];
@@ -119,7 +120,7 @@
$tmp = $app->db->queryOneRecord("SELECT server_id FROM server WHERE web_server = 1 ORDER BY server_name LIMIT 0,1");
$server_id = $tmp['server_id'];
}
-
+
$sql = "SELECT ip_address FROM server_ip WHERE server_id = $server_id";
$ips = $app->db->queryAllRecords($sql);
$ip_select = "<option value='*'>*</option>";
@@ -133,7 +134,7 @@
$app->tpl->setVar("ip_address",$ip_select);
unset($tmp);
unset($ips);
-
+
// Fill the client select field
$sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0";
$clients = $app->db->queryAllRecords($sql);
@@ -145,102 +146,193 @@
}
}
$app->tpl->setVar("client_group_id",$client_select);
-
+
}
-
+
+ /*
+ * If the names are restricted -> remove the client, so that the
+ * data can be edited
+ */
+ if ($interfaceConf['restrict_names'] == true){
+ /* Get the group-id */
+ if($_SESSION["s"]["user"]["typ"] != 'admin') {
+ // Get the group-id of the user
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ }
+ else {
+ // Get the group-id from the data itself
+ $client_group_id = $this->dataRecord['sys_groupid'];
+ }
+ /* get the name of the client */
+ $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
+ $clientName = $tmp['name'];
+ if ($clientName == "") $clientName = 'default';
+ $clientName = convertClientName($clientName);
+ if ($this->dataRecord['database_name'] != ""){
+ /* REMOVE the restriction */
+ $app->tpl->setVar("database_name", str_replace($clientName . '_' , '', $this->dataRecord['database_name']));
+ $app->tpl->setVar("database_user", str_replace($clientName . '_' , '', $this->dataRecord['database_user']));
+ }
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $app->tpl->setVar("database_name_prefix", '{client}_');
+ $app->tpl->setVar("database_user_prefix", '{client}_');
+ }
+ else {
+ $app->tpl->setVar("database_name_prefix", $clientName . '_');
+ $app->tpl->setVar("database_user_prefix", $clientName . '_');
+ }
+ }
+
parent::onShowEnd();
}
-
+
function onSubmit() {
global $app, $conf;
-
+
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT default_dbserver, limit_database FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-
+
// When the record is updated
if($this->id > 0) {
// restore the server ID if the user is not admin and record is edited
$tmp = $app->db->queryOneRecord("SELECT server_id FROM web_database WHERE database_id = ".intval($this->id));
$this->dataRecord["server_id"] = $tmp["server_id"];
unset($tmp);
- // When the record is inserted
+ // When the record is inserted
} else {
// set the server ID to the default dbserver of the client
$this->dataRecord["server_id"] = $client["default_dbserver"];
-
-
+
+
// Check if the user may add another database
- if($client["limit_web_domain"] >= 0) {
+ if($client["limit_database"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(database_id) as number FROM web_database WHERE sys_groupid = $client_group_id");
if($tmp["number"] >= $client["limit_database"]) {
$app->error($app->tform->wordbook["limit_database_txt"]);
}
}
-
+
}
-
+
// Clients may not set the client_group_id, so we unset them if user is not a admin and the client is not a reseller
if(!$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]);
}
-
-
+
+
parent::onSubmit();
}
function onBeforeUpdate() {
- global $app, $conf;
+ global $app, $conf, $interfaceConf;
+
+ /*
+ * If the names should be restricted -> do it!
+ */
+ if ($interfaceConf['restrict_names'] == true){
+ /* Get the group-id */
+ if($_SESSION["s"]["user"]["typ"] != 'admin') {
+ // Get the group-id of the user
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ }
+ else {
+ // Get the group-id from the data itself
+ $client_group_id = $this->dataRecord['client_group_id'];
+ }
+ /* get the name of the client */
+ $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
+ $clientName = $tmp['name'];
+ if ($clientName == "") $clientName = 'default';
+ $clientName = convertClientName($clientName);
+ $nameSuffix = $clientName . '_';
+ }
+ else {
+ $nameSuffix = '';
+ }
+
+ $error = false;
+
+ //* Prevent that the database name and charset is changed
+ $old_record = $app->tform->getDataRecord($this->id);
+ if($old_record["database_name"] != $nameSuffix . $this->dataRecord["database_name"]) {
+ $app->tform->errorMessage .= $app->tform->wordbook["database_name_change_txt"].'<br />';
+ $error = true;
+ }
+ if($old_record["database_charset"] != $this->dataRecord["database_charset"]) {
+ $app->tform->errorMessage .= $app->tform->wordbook["database_charset_change_txt"].'<br />';
+ $error = true;
+ }
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
- $rec = $app->db->queryOneRecord("SELECT server_id from web_database WHERE database_id = ".$this->id);
- if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ if($old_record["server_id"] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
+ $error = true;
}
- unset($rec);
+ }
+ unset($old_record);
+
+ if ($error == false){
+ /* restrict the names if there is no error */
+ $this->dataRecord['database_name'] = $nameSuffix . $this->dataRecord['database_name'];
+ $this->dataRecord['database_user'] = $nameSuffix . $this->dataRecord['database_user'];
+ }
+
+ parent::onBeforeUpdate();
+ }
+
+ function onBeforeInsert() {
+ global $app, $conf, $interfaceConf;
+ global $interfaceConf;
+
+ /*
+ * If the names should be restricted -> do it!
+ */
+ if ($interfaceConf['restrict_names'] == true){
+ /* Get the group-id */
+ if($_SESSION["s"]["user"]["typ"] != 'admin') {
+ // Get the group-id of the user
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ }
+ else {
+ // Get the group-id from the data itself
+ $client_group_id = $this->dataRecord['client_group_id'];
+ }
+ /* get the name of the client */
+ $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
+ $clientName = $tmp['name'];
+ if ($clientName == "") $clientName = 'default';
+ $clientName = convertClientName($clientName);
+ /* restrict the names */
+ $this->dataRecord['database_name'] = $clientName . '_' . $this->dataRecord['database_name'];
+ $this->dataRecord['database_user'] = $clientName . '_' . $this->dataRecord['database_user'];
+ }
+ parent::onBeforeInsert();
+ }
+
+ function onAfterInsert() {
+ global $app, $conf;
+
+ // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
+ // also make sure that the user can not delete domain created by a admin
+ if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
+ $client_group_id = intval($this->dataRecord["client_group_id"]);
+ $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE database_id = ".$this->id);
+ }
+ if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
+ $client_group_id = intval($this->dataRecord["client_group_id"]);
+ $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_id = ".$this->id);
}
}
- function onUpdate() {
- global $app, $conf;
-
- //* Prevent that the database name and charset is changed
- $old_record = $app->tform->getDataRecord($this->id);
- if($old_record["database_name"] != $this->dataRecord["database_name"]) {
- $app->tform->errorMessage .= $app->tform->wordbook["database_name_change_txt"].'<br />';
- }
- if($old_record["database_charset"] != $this->dataRecord["database_charset"]) {
- $app->tform->errorMessage .= $app->tform->wordbook["database_charset_change_txt"].'<br />';
- }
- unset($old_record);
-
- parent::onUpdate();
-
- }
-
- function onAfterInsert() {
- global $app, $conf;
-
- // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
- // also make sure that the user can not delete domain created by a admin
- if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
- $client_group_id = intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE database_id = ".$this->id);
- }
- if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
- $client_group_id = intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_id = ".$this->id);
- }
- }
-
function onAfterUpdate() {
global $app, $conf;
-
- // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
+
+ // make sure that the record belongs to the client group and not the admin group when a admin inserts it
// also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = intval($this->dataRecord["client_group_id"]);
@@ -250,9 +342,9 @@
$client_group_id = intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE web_database SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_id = ".$this->id);
}
-
+
}
-
+
}
$page = new page_action;
diff --git a/interface/web/sites/templates/database_edit.htm b/interface/web/sites/templates/database_edit.htm
index 671edee..d0ec170 100644
--- a/interface/web/sites/templates/database_edit.htm
+++ b/interface/web/sites/templates/database_edit.htm
@@ -26,10 +26,12 @@
</span>
<span class="wf_oneField">
<label for="database_name" class="wf_preField">{tmpl_var name='database_name_txt'}</label>
+ {tmpl_var name='database_name_prefix'}
<input type="text" id="database_name" name="database_name" value="{tmpl_var name='database_name'}" size="30" maxlength="255" class="wf_required"><span class="wf_reqMark">*</span><br>
</span>
<span class="wf_oneField">
<label for="database_user" class="wf_preField">{tmpl_var name='database_user_txt'}</label>
+ {tmpl_var name='database_user_prefix'}
<input type="text" id="database_user" name="database_user" value="{tmpl_var name='database_user'}" size="30" maxlength="255" class="wf_required"><span class="wf_reqMark">*</span><br>
</span>
<span class="wf_oneField">
diff --git a/interface/web/sites/tools.inc.php b/interface/web/sites/tools.inc.php
new file mode 100644
index 0000000..400c05f
--- /dev/null
+++ b/interface/web/sites/tools.inc.php
@@ -0,0 +1,20 @@
+<?php
+function convertClientName($name){
+ /**
+ * only allow 'a'..'z', '_', '0'..'9'
+ */
+ $allowed = 'abcdefghijklmnopqrstuvwxyz0123456789_';
+ $res = '';
+ $name = strtolower(trim($name));
+ for ($i=0; $i < strlen($name); $i++){
+ if ($name[$i] == ' ') continue;
+ if (strpos($allowed, $name[$i]) !== false){
+ $res .= $name[$i];
+ }
+ else {
+ $res .= '_';
+ }
+ }
+ return $res;
+}
+?>
--
Gitblit v1.9.1