From b33d7d56dfc4490f83b896ba99de3c1aca99854e Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Wed, 15 Jun 2016 04:22:08 -0400
Subject: [PATCH] Fixed issue #3955 DNS module: Limit for maximum zones can be circumvented with "import zone file" function. Removed TODO string in error template.

---
 interface/web/dns/lib/lang/en_dns_wizard.lng         |    1 +
 interface/web/dns/lib/lang/de_dns_wizard.lng         |    3 ++-
 interface/web/dns/dns_wizard.php                     |   14 +++++++++++++-
 interface/web/dns/dns_import.php                     |   14 +++++++++++++-
 interface/web/themes/default/templates/error.tpl.htm |    1 -
 5 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/interface/web/dns/dns_import.php b/interface/web/dns/dns_import.php
index bd8cc84..6bb738e 100644
--- a/interface/web/dns/dns_import.php
+++ b/interface/web/dns/dns_import.php
@@ -38,11 +38,23 @@
 $error = '';
 
 // Loading the template
-$app->uses('tpl,validate_dns');
+$app->uses('tform,tpl,validate_dns');
 $app->tpl->newTemplate("form.tpl.htm");
 $app->tpl->setInclude('content_tpl', 'templates/dns_import.htm');
 $app->load_language_file('/web/dns/lib/lang/'.$_SESSION['s']['language'].'_dns_wizard.lng');
 
+// Check if dns record limit has been reached. We will check only users, not admins
+if($_SESSION["s"]["user"]["typ"] == 'user') {
+	$app->tform->formDef['db_table_idx'] = 'id';
+	$app->tform->formDef['db_table'] = 'dns_soa';
+	if(!$app->tform->checkClientLimit('limit_dns_zone')) {
+		$app->error($app->lng('limit_dns_zone_txt'));
+	}
+	if(!$app->tform->checkResellerLimit('limit_dns_zone')) {
+		$app->error('Reseller: '.$app->lng('limit_dns_zone_txt'));
+	}
+}
+
 // import variables
 $template_id = (isset($_POST['template_id']))?$app->functions->intval($_POST['template_id']):0;
 $sys_groupid = (isset($_POST['client_group_id']))?$app->functions->intval($_POST['client_group_id']):0;
diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
index 3cfc397..a0fd131 100644
--- a/interface/web/dns/dns_wizard.php
+++ b/interface/web/dns/dns_wizard.php
@@ -36,11 +36,23 @@
 
 
 // Loading the template
-$app->uses('tpl,validate_dns');
+$app->uses('tpl,validate_dns,tform');
 $app->tpl->newTemplate("form.tpl.htm");
 $app->tpl->setInclude('content_tpl', 'templates/dns_wizard.htm');
 $app->load_language_file('/web/dns/lib/lang/'.$_SESSION['s']['language'].'_dns_wizard.lng');
 
+// Check if dns record limit has been reached. We will check only users, not admins
+if($_SESSION["s"]["user"]["typ"] == 'user') {
+	$app->tform->formDef['db_table_idx'] = 'id';
+	$app->tform->formDef['db_table'] = 'dns_soa';
+	if(!$app->tform->checkClientLimit('limit_dns_zone')) {
+		$app->error($app->lng('limit_dns_zone_txt'));
+	}
+	if(!$app->tform->checkResellerLimit('limit_dns_zone')) {
+		$app->error('Reseller: '.$app->lng('limit_dns_zone_txt'));
+	}
+}
+
 // import variables
 $template_id = (isset($_POST['template_id']))?$app->functions->intval($_POST['template_id']):0;
 $sys_groupid = (isset($_POST['client_group_id']))?$app->functions->intval($_POST['client_group_id']):0;
diff --git a/interface/web/dns/lib/lang/de_dns_wizard.lng b/interface/web/dns/lib/lang/de_dns_wizard.lng
index 7f664ca..e34604a 100644
--- a/interface/web/dns/lib/lang/de_dns_wizard.lng
+++ b/interface/web/dns/lib/lang/de_dns_wizard.lng
@@ -40,5 +40,6 @@
 $wb['globalsearch_searchfield_watermark_txt'] = 'Suche';
 $wb['globalsearch_suggestions_text_txt'] = 'Vorschläge';
 $wb['error_no_server_id'] = 'No server provided.';
-$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
+$wb['error_not_allowed_server_id'] = 'Der ausgewählte Server ist in diesem Konto nicht verfügbar.';
+$wb['limit_dns_zone_txt'] = 'Die maximale Anzahl an DNS Einträgen für Ihr Konto wurde erreicht.';
 ?>
diff --git a/interface/web/dns/lib/lang/en_dns_wizard.lng b/interface/web/dns/lib/lang/en_dns_wizard.lng
index a2cec08..6a63e21 100644
--- a/interface/web/dns/lib/lang/en_dns_wizard.lng
+++ b/interface/web/dns/lib/lang/en_dns_wizard.lng
@@ -41,4 +41,5 @@
 $wb['globalsearch_suggestions_text_txt'] = "Suggestions";
 $wb['error_no_server_id'] = 'No server provided.';
 $wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
+$wb["limit_dns_zone_txt"] = 'The max. number of DNS zones for your account is reached.';
 ?>
diff --git a/interface/web/themes/default/templates/error.tpl.htm b/interface/web/themes/default/templates/error.tpl.htm
index f0c1081..dbb730f 100644
--- a/interface/web/themes/default/templates/error.tpl.htm
+++ b/interface/web/themes/default/templates/error.tpl.htm
@@ -4,6 +4,5 @@
 	<ol>
 		<li>###ERRORMSG###</li>
 	</ol>
-	<div>TODO: WRONG HTML ELEMENTS</div>
   </div>
 </div>

--
Gitblit v1.9.1