let customers edit password, def-language and theme in Customers.edit
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -132,134 +132,12 @@ if ($page == 'overview') {
|
||||
} elseif ($action == 'add') {
|
||||
if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') {
|
||||
if (isset($_POST['send']) && $_POST['send'] == 'send') {
|
||||
$password = validate($_POST['mysql_password'], 'password');
|
||||
$password = validatePassword($password);
|
||||
|
||||
$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
|
||||
if ($sendinfomail != 1) {
|
||||
$sendinfomail = 0;
|
||||
}
|
||||
|
||||
if ($password == '') {
|
||||
standard_error(array('stringisempty', 'mypassword'));
|
||||
} else {
|
||||
$dbserver = 0;
|
||||
$dbservers_stmt = Database::query("SELECT COUNT(DISTINCT `dbserver`) as numservers FROM `".TABLE_PANEL_DATABASES."`");
|
||||
$_dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC);
|
||||
$count_mysqlservers = $_dbserver['numservers'];
|
||||
if ($count_mysqlservers > 1) {
|
||||
$dbserver = validate($_POST['mysql_server'], html_entity_decode($lng['mysql']['mysql_server']), '', '', 0);
|
||||
Database::needRoot(true, $dbserver);
|
||||
Database::needSqlData();
|
||||
$sql_root = Database::getSqlData();
|
||||
Database::needRoot(false);
|
||||
if (!isset($sql_root) || !is_array($sql_root)) {
|
||||
$dbserver = 0;
|
||||
}
|
||||
}
|
||||
|
||||
// validate description before actual adding the database, #1052
|
||||
$databasedescription = validate(trim($_POST['description']), 'description');
|
||||
|
||||
// create database, user, set permissions, etc.pp.
|
||||
$dbm = new DbManager($log);
|
||||
$username = $dbm->createDatabase(
|
||||
$userinfo['loginname'],
|
||||
$password,
|
||||
$userinfo['mysql_lastaccountnumber']
|
||||
);
|
||||
|
||||
// we've checked against the password in dbm->createDatabase
|
||||
if ($username == false) {
|
||||
standard_error('passwordshouldnotbeusername');
|
||||
}
|
||||
|
||||
// Statement modified for Database description -- PH 2004-11-29
|
||||
$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`
|
||||
(`customerid`, `databasename`, `description`, `dbserver`)
|
||||
VALUES (:customerid, :databasename, :description, :dbserver)'
|
||||
);
|
||||
$params = array(
|
||||
"customerid" => $userinfo['customerid'],
|
||||
"databasename" => $username,
|
||||
"description" => $databasedescription,
|
||||
"dbserver" => $dbserver
|
||||
);
|
||||
Database::pexecute($stmt, $params);
|
||||
|
||||
$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
|
||||
SET `mysqls_used` = `mysqls_used` + 1, `mysql_lastaccountnumber` = `mysql_lastaccountnumber` + 1
|
||||
WHERE `customerid` = :customerid'
|
||||
);
|
||||
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
|
||||
|
||||
if ($sendinfomail == 1) {
|
||||
$pma = $lng['admin']['notgiven'];
|
||||
if (Settings::Get('panel.phpmyadmin_url') != '') {
|
||||
$pma = Settings::Get('panel.phpmyadmin_url');
|
||||
}
|
||||
|
||||
Database::needRoot(true, $dbserver);
|
||||
Database::needSqlData();
|
||||
$sql_root = Database::getSqlData();
|
||||
Database::needRoot(false);
|
||||
|
||||
$replace_arr = array(
|
||||
'SALUTATION' => getCorrectUserSalutation($userinfo),
|
||||
'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
|
||||
'DB_NAME' => $username,
|
||||
'DB_PASS' => $password,
|
||||
'DB_DESC' => $databasedescription,
|
||||
'DB_SRV' => $sql_root['host'],
|
||||
'PMA_URI' => $pma
|
||||
);
|
||||
|
||||
$def_language = $userinfo['def_language'];
|
||||
$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
|
||||
WHERE `adminid` = :adminid
|
||||
AND `language` = :lang
|
||||
AND `templategroup`='mails'
|
||||
AND `varname`='new_database_by_customer_subject'"
|
||||
);
|
||||
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
|
||||
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
|
||||
$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['subject']), $replace_arr));
|
||||
|
||||
$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
|
||||
WHERE `adminid`= :adminid
|
||||
AND `language`= :lang
|
||||
AND `templategroup` = 'mails'
|
||||
AND `varname` = 'new_database_by_customer_mailbody'"
|
||||
);
|
||||
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
|
||||
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
|
||||
$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['mailbody']), $replace_arr));
|
||||
|
||||
$_mailerror = false;
|
||||
try {
|
||||
$mail->Subject = $mail_subject;
|
||||
$mail->AltBody = $mail_body;
|
||||
$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
|
||||
$mail->AddAddress($userinfo['email'], getCorrectUserSalutation($userinfo));
|
||||
$mail->Send();
|
||||
} catch(phpmailerException $e) {
|
||||
$mailerr_msg = $e->errorMessage();
|
||||
$_mailerror = true;
|
||||
Mysqls::getLocal($userinfo, $_POST)->add();
|
||||
} catch (Exception $e) {
|
||||
$mailerr_msg = $e->getMessage();
|
||||
$_mailerror = true;
|
||||
dynamic_error($e->getMessage());
|
||||
}
|
||||
|
||||
if ($_mailerror) {
|
||||
$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
|
||||
standard_error('errorsendingmail', $userinfo['email']);
|
||||
}
|
||||
|
||||
$mail->ClearAddresses();
|
||||
}
|
||||
|
||||
redirectTo($filename, array('page' => $page, 's' => $s));
|
||||
}
|
||||
} else {
|
||||
|
||||
$dbservers_stmt = Database::query("SELECT DISTINCT `dbserver` FROM `".TABLE_PANEL_DATABASES."`");
|
||||
@@ -284,12 +162,14 @@ if ($page == 'overview') {
|
||||
}
|
||||
}
|
||||
} elseif ($action == 'edit' && $id != 0) {
|
||||
$result_stmt = Database::prepare("SELECT `id`, `databasename`, `description`, `dbserver` FROM `" . TABLE_PANEL_DATABASES . "`
|
||||
WHERE `customerid` = :customerid
|
||||
AND `id` = :id"
|
||||
);
|
||||
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
|
||||
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
|
||||
try {
|
||||
$json_result = Mysqls::getLocal($userinfo, array(
|
||||
'id' => $id
|
||||
))->get();
|
||||
} catch (Exception $e) {
|
||||
dynamic_error($e->getMessage());
|
||||
}
|
||||
$result = json_decode($json_result, true)['data'];
|
||||
|
||||
if (isset($result['databasename']) && $result['databasename'] != '') {
|
||||
if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
|
||||
|
||||
@@ -697,6 +697,7 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
$result = json_decode($json_result, true)['data'];
|
||||
$id = $result['customerid'];
|
||||
|
||||
if ($this->isAdmin()) {
|
||||
// parameters
|
||||
$move_to_admin = intval_ressource($this->getParam('move_to_admin', true, 0));
|
||||
|
||||
@@ -738,6 +739,52 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
$dnsenabled = $this->getParam('dnsenabled', true, $result['dnsenabled']);
|
||||
$deactivated = $this->getParam('deactivated', true, $result['deactivated']);
|
||||
$theme = $this->getParam('theme', true, $result['theme']);
|
||||
} else {
|
||||
// allowed parameters
|
||||
$def_language = $this->getParam('def_language', true, $result['def_language']);
|
||||
$password = $this->getParam('new_customer_password', true, '');
|
||||
$theme = $this->getParam('theme', true, $result['theme']);
|
||||
|
||||
// unchangeable parameters for customers
|
||||
$move_to_admin = 0;
|
||||
$idna_convert = new idna_convert_wrapper();
|
||||
$email = $idna_convert->decode($result['email']);
|
||||
$name = $result['name'];
|
||||
$firstname = $result['firstname'];
|
||||
$company = $result['company'];
|
||||
$street = $result['street'];
|
||||
$zipcode = $result['zipcode'];
|
||||
$city = $result['city'];
|
||||
$phone = $result['phone'];
|
||||
$fax = $result['fax'];
|
||||
$customernumber = $result['customernumber'];
|
||||
$gender = $result['gender'];
|
||||
$custom_notes = $result['custom_notes'];
|
||||
$custom_notes_show = $result['custom_notes_show'];
|
||||
|
||||
$dec_places = Settings::Get('panel.decimal_places');
|
||||
$diskspace = round($result['diskspace'] / 1024, $dec_places);
|
||||
$traffic = round($result['traffic'] / (1024 * 1024), $dec_places);
|
||||
$subdomains = $result['subdomains'];
|
||||
$emails = $result['emails'];
|
||||
$email_accounts = $result['email_accounts'];
|
||||
$email_forwarders = $result['email_forwarders'];
|
||||
$email_quota = $result['email_quota'];
|
||||
$email_imap = $result['imap'];
|
||||
$email_pop3 = $result['pop3'];
|
||||
$ftps = $result['ftps'];
|
||||
$tickets = $result['tickets'];
|
||||
$mysqls = $result['mysqls'];
|
||||
// if we got one, it's true so none will be generated (it exists already)
|
||||
// if not, none will be generated
|
||||
$createstdsubdomain = ($result['standardsubdomain'] > 0 ? 1 : 0);
|
||||
$sendpassword = 0;
|
||||
$phpenabled = $result['phpenabled'];
|
||||
$allowed_phpconfigs = json_decode($result['allowed_phpconfigs'], true);
|
||||
$perlenabled = $result['perlenabled'];
|
||||
$dnsenabled = $result['dnsenabled'];
|
||||
$deactivated = $result['deactivated'];
|
||||
}
|
||||
|
||||
// validation
|
||||
$idna_convert = new idna_convert_wrapper();
|
||||
@@ -770,6 +817,7 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
$diskspace = $diskspace * 1024;
|
||||
$traffic = $traffic * 1024 * 1024;
|
||||
|
||||
if ($this->isAdmin()) {
|
||||
if (((($this->getUserDetail('diskspace_used') + $diskspace - $result['diskspace']) > $this->getUserDetail('diskspace')) && ($this->getUserDetail('diskspace') / 1024) != '-1') || ((($this->getUserDetail('mysqls_used') + $mysqls - $result['mysqls']) > $this->getUserDetail('mysqls')) && $this->getUserDetail('mysqls') != '-1') || ((($this->getUserDetail('emails_used') + $emails - $result['emails']) > $this->getUserDetail('emails')) && $this->getUserDetail('emails') != '-1') || ((($this->getUserDetail('email_accounts_used') + $email_accounts - $result['email_accounts']) > $this->getUserDetail('email_accounts')) && $this->getUserDetail('email_accounts') != '-1') || ((($this->getUserDetail('email_forwarders_used') + $email_forwarders - $result['email_forwarders']) > $this->getUserDetail('email_forwarders')) && $this->getUserDetail('email_forwarders') != '-1') || ((($this->getUserDetail('email_quota_used') + $email_quota - $result['email_quota']) > $this->getUserDetail('email_quota')) && $this->getUserDetail('email_quota') != '-1' && Settings::Get('system.mail_quota_enabled') == '1') || ((($this->getUserDetail('ftps_used') + $ftps - $result['ftps']) > $this->getUserDetail('ftps')) && $this->getUserDetail('ftps') != '-1') || ((($this->getUserDetail('tickets_used') + $tickets - $result['tickets']) > $this->getUserDetail('tickets')) && $this->getUserDetail('tickets') != '-1') || ((($this->getUserDetail('subdomains_used') + $subdomains - $result['subdomains']) > $this->getUserDetail('subdomains')) && $this->getUserDetail('subdomains') != '-1') || (($diskspace / 1024) == '-1' && ($this->getUserDetail('diskspace') / 1024) != '-1') || ($mysqls == '-1' && $this->getUserDetail('mysqls') != '-1') || ($emails == '-1' && $this->getUserDetail('emails') != '-1') || ($email_accounts == '-1' && $this->getUserDetail('email_accounts') != '-1') || ($email_forwarders == '-1' && $this->getUserDetail('email_forwarders') != '-1') || ($email_quota == '-1' && $this->getUserDetail('email_quota') != '-1' && Settings::Get('system.mail_quota_enabled') == '1') || ($ftps == '-1' && $this->getUserDetail('ftps') != '-1') || ($tickets == '-1' && $this->getUserDetail('tickets') != '-1') || ($subdomains == '-1' && $this->getUserDetail('subdomains') != '-1')) {
|
||||
standard_error('youcantallocatemorethanyouhave', '', true);
|
||||
}
|
||||
@@ -792,7 +840,8 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
), '', true);
|
||||
} elseif (! validateEmail($email)) {
|
||||
standard_error('emailiswrong', $email, true);
|
||||
} else {
|
||||
}
|
||||
}
|
||||
|
||||
if ($password != '') {
|
||||
$password = validatePassword($password, true);
|
||||
@@ -884,7 +933,8 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
$imap = (($deactivated) ? '0' : (int) $result['imap']);
|
||||
|
||||
$upd_stmt = Database::prepare("
|
||||
UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`= :yesno, `pop3` = :pop3, `imap` = :imap WHERE `customerid` = :customerid");
|
||||
UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`= :yesno, `pop3` = :pop3, `imap` = :imap WHERE `customerid` = :customerid
|
||||
");
|
||||
Database::pexecute($upd_stmt, array(
|
||||
'yesno' => $yesno,
|
||||
'pop3' => $pop3,
|
||||
@@ -893,7 +943,8 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
));
|
||||
|
||||
$upd_stmt = Database::prepare("
|
||||
UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled` = :yesno WHERE `customerid` = :customerid");
|
||||
UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled` = :yesno WHERE `customerid` = :customerid
|
||||
");
|
||||
Database::pexecute($upd_stmt, array(
|
||||
'yesno' => $yesno,
|
||||
'customerid' => $id
|
||||
@@ -1041,6 +1092,7 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
");
|
||||
Database::pexecute($upd_stmt, $upd_data);
|
||||
|
||||
if ($this->isAdmin()) {
|
||||
// Using filesystem - quota, insert a task which cleans the filesystem - quota
|
||||
inserttask('10');
|
||||
|
||||
@@ -1147,7 +1199,9 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
|
||||
$admin_update_query .= " WHERE `adminid` = '" . (int) $result['adminid'] . "'";
|
||||
Database::query($admin_update_query);
|
||||
$this->logger()->logAction(ADM_ACTION, LOG_INFO, "[API] edited user '" . $result['loginname'] . "'");
|
||||
}
|
||||
|
||||
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_INFO, "[API] edited user '" . $result['loginname'] . "'");
|
||||
|
||||
/*
|
||||
* move customer to another admin/reseller; #1166
|
||||
@@ -1161,7 +1215,6 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
|
||||
return $this->response(200, "successfull", $upd_data);
|
||||
}
|
||||
}
|
||||
throw new Exception("Not allowed to execute given command.", 403);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user