maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

use Ftps.add in webinterface

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2018-02-26 15:55:49 +01:00
parent b0f355ba2f
commit 55ec20be10
2 changed files with 7 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
customer_ftp.php
View File

@@ -104,169 +104,13 @@ if ($page == 'overview') {
}
} elseif ($action == 'add') {
if ($userinfo['ftps_used'] < $userinfo['ftps'] || $userinfo['ftps'] == '-1') {
if (isset($_POST['send'])
&& $_POST['send'] == 'send') {
$description = validate($_POST['ftp_description'], 'description');
// @FIXME use a good path-validating regex here (refs #1231)
$path = validate($_POST['path'], 'path');
$password = validate($_POST['ftp_password'], 'password');
$password = validatePassword($password);
$shell = "/bin/false";
if (Settings::Get('system.allow_customer_shell') == '1') {
$shell = isset($_POST['shell']) ? validate($_POST['shell'], 'shell') : '/bin/false';
}
$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
if ($sendinfomail != 1) {
$sendinfomail = 0;
}
if (Settings::Get('customer.ftpatdomain') == '1') {
$ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
if ($ftpusername == '') {
standard_error(array('stringisempty', 'username'));
}
$ftpdomain = $idna_convert->encode(validate($_POST['ftp_domain'], 'domain'));
$ftpdomain_check_stmt = Database::prepare("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `domain` = :domain
AND `customerid` = :customerid"
);
Database::pexecute($ftpdomain_check_stmt, array("domain" => $ftpdomain, "customerid" => $userinfo['customerid']));
$ftpdomain_check = $ftpdomain_check_stmt->fetch(PDO::FETCH_ASSOC);
if ($ftpdomain_check['domain'] != $ftpdomain) {
standard_error('maindomainnonexist', $domain);
}
$username = $ftpusername . "@" . $ftpdomain;
} else {
$username = $userinfo['loginname'] . Settings::Get('customer.ftpprefix') . (intval($userinfo['ftp_lastaccountnumber']) + 1);
}
$username_check_stmt = Database::prepare("SELECT * FROM `" . TABLE_FTP_USERS . "`
WHERE `username` = :username"
);
Database::pexecute($username_check_stmt, array("username" => $username));
$username_check = $username_check_stmt->fetch(PDO::FETCH_ASSOC);
if (!empty($username_check) && $username_check['username'] = $username) {
standard_error('usernamealreadyexists', $username);
} elseif ($password == '') {
standard_error(array('stringisempty', 'mypassword'));
} elseif ($path == '') {
standard_error('patherror');
} elseif ($username == $password) {
standard_error('passwordshouldnotbeusername');
} else {
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
$cryptPassword = makeCryptPassword($password);
$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`, `shell`)
VALUES (:customerid, :username, :description, :password, :homedir, 'y', :guid, :guid, :shell)"
);
$params = array(
"customerid" => $userinfo['customerid'],
"username" => $username,
"description" => $description,
"password" => $cryptPassword,
"homedir" => $path,
"guid" => $userinfo['guid'],
"shell" => $shell
);
Database::pexecute($stmt, $params);
$result_stmt = Database::prepare("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "`
WHERE `name` = :name"
);
Database::pexecute($result_stmt, array("name" => $userinfo['loginname']));
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "`
(`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`)
VALUES (:name, 'user', :bytes_in_used, '0', '0', '0', '0', '0')"
);
Database::pexecute($stmt, array("name" => $username, "bytes_in_used" => $row['bytes_in_used']));
}
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_GROUPS . "`
SET `members` = CONCAT_WS(',',`members`, :username)
WHERE `customerid`= :customerid
AND `gid`= :guid"
);
$params = array(
"username" => $username,
"customerid" => $userinfo['customerid'],
"guid" => $userinfo['guid']
);
Database::pexecute($stmt, $params);
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
SET `ftps_used` = `ftps_used` + 1,
`ftp_lastaccountnumber` = `ftp_lastaccountnumber` + 1
WHERE `customerid` = :customerid"
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . " (" . $path . ")'");
inserttask(5);
if ($sendinfomail == 1) {
$replace_arr = array(
'SALUTATION' => getCorrectUserSalutation($userinfo),
'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
'USR_NAME' => $username,
'USR_PASS' => $password,
'USR_PATH' => makeCorrectDir(str_replace($userinfo['documentroot'], "/", $path))
);
$def_language = $userinfo['def_language'];
$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
WHERE `adminid` = :adminid
AND `language` = :lang
AND `templategroup`='mails'
AND `varname`='new_ftpaccount_by_customer_subject'"
);
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['subject']), $replace_arr));
$def_language = $userinfo['def_language'];
$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
WHERE `adminid` = :adminid
AND `language` = :lang
AND `templategroup`='mails'
AND `varname`='new_ftpaccount_by_customer_mailbody'"
);
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['mailbody']), $replace_arr));
$_mailerror = false;
try {
$mail->Subject = $mail_subject;
$mail->AltBody = $mail_body;
$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
$mail->AddAddress($userinfo['email'], getCorrectUserSalutation($userinfo));
$mail->Send();
} catch(phpmailerException $e) {
$mailerr_msg = $e->errorMessage();
$_mailerror = true;
} catch (Exception $e) {
$mailerr_msg = $e->getMessage();
$_mailerror = true;
}
if ($_mailerror) {
$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
standard_error('errorsendingmail', $userinfo['email']);
}
$mail->ClearAddresses();
}
redirectTo($filename, array('page' => $page, 's' => $s));
if (isset($_POST['send']) && $_POST['send'] == 'send') {
try {
Ftps::getLocal($userinfo, $_POST)->add();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], '/');

2
lib/classes/api/commands/class.Ftps.php
View File

@@ -24,7 +24,7 @@ class Ftps extends ApiCommand implements ResourceEntity
* @param string $ftp_password
* password for the created database and database-user
* @param string $path
* destination path
* destination path relative to the customers-homedir
* @param string $ftp_description
* optional, description for ftp-user
* @param bool $sendinfomail