maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

let customers edit password, def-language and theme in Customers.edit

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2018-02-24 15:02:49 +01:00
parent d2aaf84eff
commit 0bf430e0c1
2 changed files with 376 additions and 443 deletions
Download Patch File Download Diff File Expand all files Collapse all files

146
customer_mysql.php
View File

@@ -132,134 +132,12 @@ if ($page == 'overview') {
} elseif ($action == 'add') {
if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$password = validate($_POST['mysql_password'], 'password');
$password = validatePassword($password);
$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
if ($sendinfomail != 1) {
$sendinfomail = 0;
}
if ($password == '') {
standard_error(array('stringisempty', 'mypassword'));
} else {
$dbserver = 0;
$dbservers_stmt = Database::query("SELECT COUNT(DISTINCT `dbserver`) as numservers FROM `".TABLE_PANEL_DATABASES."`");
$_dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC);
$count_mysqlservers = $_dbserver['numservers'];
if ($count_mysqlservers > 1) {
$dbserver = validate($_POST['mysql_server'], html_entity_decode($lng['mysql']['mysql_server']), '', '', 0);
Database::needRoot(true, $dbserver);
Database::needSqlData();
$sql_root = Database::getSqlData();
Database::needRoot(false);
if (!isset($sql_root) || !is_array($sql_root)) {
$dbserver = 0;
}
}
// validate description before actual adding the database, #1052
$databasedescription = validate(trim($_POST['description']), 'description');
// create database, user, set permissions, etc.pp.
$dbm = new DbManager($log);
$username = $dbm->createDatabase(
$userinfo['loginname'],
$password,
$userinfo['mysql_lastaccountnumber']
);
// we've checked against the password in dbm->createDatabase
if ($username == false) {
standard_error('passwordshouldnotbeusername');
}
// Statement modified for Database description -- PH 2004-11-29
$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`
(`customerid`, `databasename`, `description`, `dbserver`)
VALUES (:customerid, :databasename, :description, :dbserver)'
);
$params = array(
"customerid" => $userinfo['customerid'],
"databasename" => $username,
"description" => $databasedescription,
"dbserver" => $dbserver
);
Database::pexecute($stmt, $params);
$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
SET `mysqls_used` = `mysqls_used` + 1, `mysql_lastaccountnumber` = `mysql_lastaccountnumber` + 1
WHERE `customerid` = :customerid'
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
if ($sendinfomail == 1) {
$pma = $lng['admin']['notgiven'];
if (Settings::Get('panel.phpmyadmin_url') != '') {
$pma = Settings::Get('panel.phpmyadmin_url');
}
Database::needRoot(true, $dbserver);
Database::needSqlData();
$sql_root = Database::getSqlData();
Database::needRoot(false);
$replace_arr = array(
'SALUTATION' => getCorrectUserSalutation($userinfo),
'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
'DB_NAME' => $username,
'DB_PASS' => $password,
'DB_DESC' => $databasedescription,
'DB_SRV' => $sql_root['host'],
'PMA_URI' => $pma
);
$def_language = $userinfo['def_language'];
$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
WHERE `adminid` = :adminid
AND `language` = :lang
AND `templategroup`='mails'
AND `varname`='new_database_by_customer_subject'"
);
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['subject']), $replace_arr));
$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
WHERE `adminid`= :adminid
AND `language`= :lang
AND `templategroup` = 'mails'
AND `varname` = 'new_database_by_customer_mailbody'"
);
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['mailbody']), $replace_arr));
$_mailerror = false;
try {
$mail->Subject = $mail_subject;
$mail->AltBody = $mail_body;
$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
$mail->AddAddress($userinfo['email'], getCorrectUserSalutation($userinfo));
$mail->Send();
} catch(phpmailerException $e) {
$mailerr_msg = $e->errorMessage();
$_mailerror = true;
} catch (Exception $e) {
$mailerr_msg = $e->getMessage();
$_mailerror = true;
}
if ($_mailerror) {
$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
standard_error('errorsendingmail', $userinfo['email']);
}
$mail->ClearAddresses();
}
redirectTo($filename, array('page' => $page, 's' => $s));
try {
Mysqls::getLocal($userinfo, $_POST)->add();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
$dbservers_stmt = Database::query("SELECT DISTINCT `dbserver` FROM `".TABLE_PANEL_DATABASES."`");
@@ -284,12 +162,14 @@ if ($page == 'overview') {
}
}
} elseif ($action == 'edit' && $id != 0) {
$result_stmt = Database::prepare("SELECT `id`, `databasename`, `description`, `dbserver` FROM `" . TABLE_PANEL_DATABASES . "`
WHERE `customerid` = :customerid
AND `id` = :id"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
try {
$json_result = Mysqls::getLocal($userinfo, array(
'id' => $id
))->get();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
$result = json_decode($json_result, true)['data'];
if (isset($result['databasename']) && $result['databasename'] != '') {
if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {