correct Admins.update and Admins.delete
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -124,7 +124,7 @@ class Admins extends ApiCommand implements ResourceEntity
|
|||||||
$tickets_see_all = $this->getParam('tickets_see_all', true, 0);
|
$tickets_see_all = $this->getParam('tickets_see_all', true, 0);
|
||||||
$caneditphpsettings = $this->getParam('caneditphpsettings', true, 0);
|
$caneditphpsettings = $this->getParam('caneditphpsettings', true, 0);
|
||||||
$change_serversettings = $this->getParam('change_serversettings', true, 0);
|
$change_serversettings = $this->getParam('change_serversettings', true, 0);
|
||||||
$ipaddress = intval_ressource($this->getParam('ipaddress', true, -1));
|
$ipaddress = intval_ressource($this->getParam('ipaddress', true, - 1));
|
||||||
|
|
||||||
// validation
|
// validation
|
||||||
$name = validate($name, 'name', '', '', array(), true);
|
$name = validate($name, 'name', '', '', array(), true);
|
||||||
@@ -156,14 +156,18 @@ class Admins extends ApiCommand implements ResourceEntity
|
|||||||
$loginname_check_stmt = Database::prepare("
|
$loginname_check_stmt = Database::prepare("
|
||||||
SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = :login
|
SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = :login
|
||||||
");
|
");
|
||||||
$loginname_check = Database::pexecute_first($loginname_check_stmt, array('login' => $loginname), true, true);
|
$loginname_check = Database::pexecute_first($loginname_check_stmt, array(
|
||||||
|
'login' => $loginname
|
||||||
|
), true, true);
|
||||||
|
|
||||||
// Check if an admin with the loginname already exists
|
// Check if an admin with the loginname already exists
|
||||||
// do not check via api as we skip any permission checks for this task
|
// do not check via api as we skip any permission checks for this task
|
||||||
$loginname_check_admin_stmt = Database::prepare("
|
$loginname_check_admin_stmt = Database::prepare("
|
||||||
SELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = :login
|
SELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = :login
|
||||||
");
|
");
|
||||||
$loginname_check_admin = Database::pexecute_first($loginname_check_admin_stmt, array('login' => $loginname), true, true);
|
$loginname_check_admin = Database::pexecute_first($loginname_check_admin_stmt, array(
|
||||||
|
'login' => $loginname
|
||||||
|
), true, true);
|
||||||
|
|
||||||
if ($loginname == '') {
|
if ($loginname == '') {
|
||||||
standard_error(array(
|
standard_error(array(
|
||||||
@@ -306,7 +310,7 @@ class Admins extends ApiCommand implements ResourceEntity
|
|||||||
*/
|
*/
|
||||||
public function update()
|
public function update()
|
||||||
{
|
{
|
||||||
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
|
if ($this->isAdmin()) {
|
||||||
|
|
||||||
$id = $this->getParam('id', true, 0);
|
$id = $this->getParam('id', true, 0);
|
||||||
$ln_optional = ($id <= 0 ? false : true);
|
$ln_optional = ($id <= 0 ? false : true);
|
||||||
@@ -319,241 +323,243 @@ class Admins extends ApiCommand implements ResourceEntity
|
|||||||
$result = json_decode($json_result, true)['data'];
|
$result = json_decode($json_result, true)['data'];
|
||||||
$id = $result['adminid'];
|
$id = $result['adminid'];
|
||||||
|
|
||||||
// parameters
|
if ($this->getUserDetail('change_serversettings') == 1 || $result['adminid'] == $this->getUserDetail('adminid')) {
|
||||||
$name = $this->getParam('name', true, $result['name']);
|
// parameters
|
||||||
$idna_convert = new idna_convert_wrapper();
|
$name = $this->getParam('name', true, $result['name']);
|
||||||
$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
|
$idna_convert = new idna_convert_wrapper();
|
||||||
$password = $this->getParam('admin_password', true, '');
|
$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
|
||||||
$def_language = $this->getParam('def_language', true, $result['def_language']);
|
$password = $this->getParam('admin_password', true, '');
|
||||||
$custom_notes = $this->getParam('custom_notes', true, $result['custom_notes']);
|
$def_language = $this->getParam('def_language', true, $result['def_language']);
|
||||||
$custom_notes_show = $this->getParam('custom_notes_show', true, $result['custom_notes_show']);
|
$custom_notes = $this->getParam('custom_notes', true, $result['custom_notes']);
|
||||||
$theme = $this->getParam('theme', true, $result['theme']);
|
$custom_notes_show = $this->getParam('custom_notes_show', true, $result['custom_notes_show']);
|
||||||
|
$theme = $this->getParam('theme', true, $result['theme']);
|
||||||
|
|
||||||
// you cannot edit some of the details of yourself
|
// you cannot edit some of the details of yourself
|
||||||
if ($result['adminid'] == $this->getUserDetail('userid')) {
|
if ($result['adminid'] == $this->getUserDetail('adminid')) {
|
||||||
$deactivated = $result['deactivated'];
|
$deactivated = $result['deactivated'];
|
||||||
$customers = $result['customers'];
|
$customers = $result['customers'];
|
||||||
$domains = $result['domains'];
|
$domains = $result['domains'];
|
||||||
$subdomains = $result['subdomains'];
|
$subdomains = $result['subdomains'];
|
||||||
$emails = $result['emails'];
|
$emails = $result['emails'];
|
||||||
$email_accounts = $result['email_accounts'];
|
$email_accounts = $result['email_accounts'];
|
||||||
$email_forwarders = $result['email_forwarders'];
|
$email_forwarders = $result['email_forwarders'];
|
||||||
$email_quota = $result['email_quota'];
|
$email_quota = $result['email_quota'];
|
||||||
$ftps = $result['ftps'];
|
$ftps = $result['ftps'];
|
||||||
$tickets = $result['tickets'];
|
$tickets = $result['tickets'];
|
||||||
$mysqls = $result['mysqls'];
|
$mysqls = $result['mysqls'];
|
||||||
$tickets_see_all = $result['tickets_see_all'];
|
$tickets_see_all = $result['tickets_see_all'];
|
||||||
$customers_see_all = $result['customers_see_all'];
|
$customers_see_all = $result['customers_see_all'];
|
||||||
$domains_see_all = $result['domains_see_all'];
|
$domains_see_all = $result['domains_see_all'];
|
||||||
$caneditphpsettings = $result['caneditphpsettings'];
|
$caneditphpsettings = $result['caneditphpsettings'];
|
||||||
$change_serversettings = $result['change_serversettings'];
|
$change_serversettings = $result['change_serversettings'];
|
||||||
$diskspace = $result['diskspace'];
|
$diskspace = $result['diskspace'];
|
||||||
$traffic = $result['traffic'];
|
$traffic = $result['traffic'];
|
||||||
$ipaddress = $result['ip'];
|
$ipaddress = $result['ip'];
|
||||||
} else {
|
|
||||||
$deactivated = $this->getParam('deactivated', true, $result['deactivated']);
|
|
||||||
|
|
||||||
$dec_places = Settings::Get('panel.decimal_places');
|
|
||||||
$diskspace = $this->getUlParam('diskspace', 'diskspace_ul', true, round($result['diskspace'] / 1024, $dec_places));
|
|
||||||
$traffic = $this->getUlParam('traffic', 'traffic_ul', true, round($result['traffic'] / (1024 * 1024), $dec_places));
|
|
||||||
$customers = $this->getUlParam('customers', 'customers_ul', true, $result['customers']);
|
|
||||||
$domains = $this->getUlParam('domains', 'domains_ul', true, $result['domains']);
|
|
||||||
$subdomains = $this->getUlParam('subdomains', 'subdomains_ul', true, $result['subdomains']);
|
|
||||||
$emails = $this->getUlParam('emails', 'emails_ul', true, $result['emails']);
|
|
||||||
$email_accounts = $this->getUlParam('email_accounts', 'email_accounts_ul', true, $result['email_accounts']);
|
|
||||||
$email_forwarders = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, $result['email_forwarders']);
|
|
||||||
$email_quota = $this->getUlParam('email_quota', 'email_quota_ul', true, $result['email_quota']);
|
|
||||||
$ftps = $this->getUlParam('ftps', 'ftps_ul', true, $result['ftps']);
|
|
||||||
$tickets = $this->getUlParam('tickets', 'tickets_ul', true, $result['tickets']);
|
|
||||||
$mysqls = $this->getUlParam('mysqls', 'mysqls_ul', true, $result['mysqls']);
|
|
||||||
|
|
||||||
$customers_see_all = $this->getParam('customers_see_all', true, $result['customers_see_all']);
|
|
||||||
$domains_see_all = $this->getParam('domains_see_all', true, $result['domains_see_all']);
|
|
||||||
$tickets_see_all = $this->getParam('tickets_see_all', true, $result['tickets_see_all']);
|
|
||||||
$caneditphpsettings = $this->getParam('caneditphpsettings', true, $result['caneditphpsettings']);
|
|
||||||
$change_serversettings = $this->getParam('change_serversettings', true, $result['change_serversettings']);
|
|
||||||
$ipaddress = intval_ressource($this->getParam('ipaddress', true, $result['ip']));
|
|
||||||
|
|
||||||
$diskspace = $diskspace * 1024;
|
|
||||||
$traffic = $traffic * 1024 * 1024;
|
|
||||||
}
|
|
||||||
|
|
||||||
// validation
|
|
||||||
$name = validate($name, 'name', '', '', array(), true);
|
|
||||||
$idna_convert = new idna_convert_wrapper();
|
|
||||||
$email = $idna_convert->encode(validate($email, 'email', '', '', array(), true));
|
|
||||||
$def_language = validate($def_language, 'default language', '', '', array(), true);
|
|
||||||
$custom_notes = validate(str_replace("\r\n", "\n", $custom_notes), 'custom_notes', '/^[^\0]*$/', '', array(), true);
|
|
||||||
$theme = validate($theme, 'theme', '', '', array(), true);
|
|
||||||
$password = validate($password, 'password', '', '', array(), true);
|
|
||||||
|
|
||||||
if (Settings::Get('system.mail_quota_enabled') != '1') {
|
|
||||||
$email_quota = - 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (Settings::Get('ticket.enabled') != '1') {
|
|
||||||
$tickets = - 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (empty($theme)) {
|
|
||||||
$theme = Settings::Get('panel.default_theme');
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($name == '') {
|
|
||||||
standard_error(array(
|
|
||||||
'stringisempty',
|
|
||||||
'myname'
|
|
||||||
), '', true);
|
|
||||||
} elseif ($email == '') {
|
|
||||||
standard_error(array(
|
|
||||||
'stringisempty',
|
|
||||||
'emailadd'
|
|
||||||
), '', true);
|
|
||||||
} elseif (! validateEmail($email)) {
|
|
||||||
standard_error('emailiswrong', $email, true);
|
|
||||||
} else {
|
|
||||||
|
|
||||||
if ($deactivated != '1') {
|
|
||||||
$deactivated = '0';
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($customers_see_all != '1') {
|
|
||||||
$customers_see_all = '0';
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($domains_see_all != '1') {
|
|
||||||
$domains_see_all = '0';
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($caneditphpsettings != '1') {
|
|
||||||
$caneditphpsettings = '0';
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($change_serversettings != '1') {
|
|
||||||
$change_serversettings = '0';
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($tickets_see_all != '1') {
|
|
||||||
$tickets_see_all = '0';
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($password != '') {
|
|
||||||
$password = validatePassword($password, true);
|
|
||||||
$password = makeCryptPassword($password);
|
|
||||||
} else {
|
} else {
|
||||||
$password = $result['password'];
|
$deactivated = $this->getParam('deactivated', true, $result['deactivated']);
|
||||||
|
|
||||||
|
$dec_places = Settings::Get('panel.decimal_places');
|
||||||
|
$diskspace = $this->getUlParam('diskspace', 'diskspace_ul', true, round($result['diskspace'] / 1024, $dec_places));
|
||||||
|
$traffic = $this->getUlParam('traffic', 'traffic_ul', true, round($result['traffic'] / (1024 * 1024), $dec_places));
|
||||||
|
$customers = $this->getUlParam('customers', 'customers_ul', true, $result['customers']);
|
||||||
|
$domains = $this->getUlParam('domains', 'domains_ul', true, $result['domains']);
|
||||||
|
$subdomains = $this->getUlParam('subdomains', 'subdomains_ul', true, $result['subdomains']);
|
||||||
|
$emails = $this->getUlParam('emails', 'emails_ul', true, $result['emails']);
|
||||||
|
$email_accounts = $this->getUlParam('email_accounts', 'email_accounts_ul', true, $result['email_accounts']);
|
||||||
|
$email_forwarders = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, $result['email_forwarders']);
|
||||||
|
$email_quota = $this->getUlParam('email_quota', 'email_quota_ul', true, $result['email_quota']);
|
||||||
|
$ftps = $this->getUlParam('ftps', 'ftps_ul', true, $result['ftps']);
|
||||||
|
$tickets = $this->getUlParam('tickets', 'tickets_ul', true, $result['tickets']);
|
||||||
|
$mysqls = $this->getUlParam('mysqls', 'mysqls_ul', true, $result['mysqls']);
|
||||||
|
|
||||||
|
$customers_see_all = $this->getParam('customers_see_all', true, $result['customers_see_all']);
|
||||||
|
$domains_see_all = $this->getParam('domains_see_all', true, $result['domains_see_all']);
|
||||||
|
$tickets_see_all = $this->getParam('tickets_see_all', true, $result['tickets_see_all']);
|
||||||
|
$caneditphpsettings = $this->getParam('caneditphpsettings', true, $result['caneditphpsettings']);
|
||||||
|
$change_serversettings = $this->getParam('change_serversettings', true, $result['change_serversettings']);
|
||||||
|
$ipaddress = intval_ressource($this->getParam('ipaddress', true, $result['ip']));
|
||||||
|
|
||||||
|
$diskspace = $diskspace * 1024;
|
||||||
|
$traffic = $traffic * 1024 * 1024;
|
||||||
}
|
}
|
||||||
|
|
||||||
// check if a resource was set to something lower
|
// validation
|
||||||
// than actually used by the admin/reseller
|
$name = validate($name, 'name', '', '', array(), true);
|
||||||
$res_warning = "";
|
$idna_convert = new idna_convert_wrapper();
|
||||||
if ($customers != $result['customers'] && $customers != -1 && $customers < $result['customers_used']) {
|
$email = $idna_convert->encode(validate($email, 'email', '', '', array(), true));
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'customers');
|
$def_language = validate($def_language, 'default language', '', '', array(), true);
|
||||||
}
|
$custom_notes = validate(str_replace("\r\n", "\n", $custom_notes), 'custom_notes', '/^[^\0]*$/', '', array(), true);
|
||||||
if ($domains != $result['domains'] && $domains != -1 && $domains < $result['domains_used']) {
|
$theme = validate($theme, 'theme', '', '', array(), true);
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'domains');
|
$password = validate($password, 'password', '', '', array(), true);
|
||||||
}
|
|
||||||
if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != -1 && $diskspace < $result['diskspace_used']) {
|
if (Settings::Get('system.mail_quota_enabled') != '1') {
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'diskspace');
|
$email_quota = - 1;
|
||||||
}
|
|
||||||
if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != -1 && $traffic < $result['traffic_used']) {
|
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'traffic');
|
|
||||||
}
|
|
||||||
if ($emails != $result['emails'] && $emails != -1 && $emails < $result['emails_used']) {
|
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'emails');
|
|
||||||
}
|
|
||||||
if ($email_accounts != $result['email_accounts'] && $email_accounts != -1 && $email_accounts < $result['email_accounts_used']) {
|
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email accounts');
|
|
||||||
}
|
|
||||||
if ($email_forwarders != $result['email_forwarders'] && $email_forwarders != -1 && $email_forwarders < $result['email_forwarders_used']) {
|
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email forwarders');
|
|
||||||
}
|
|
||||||
if ($email_quota != $result['email_quota'] && $email_quota != -1 && $email_quota < $result['email_quota_used']) {
|
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email quota');
|
|
||||||
}
|
|
||||||
if ($ftps != $result['ftps'] && $ftps != -1 && $ftps < $result['ftps_used']) {
|
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'ftps');
|
|
||||||
}
|
|
||||||
if ($tickets != $result['tickets'] && $tickets != -1 && $tickets < $result['tickets_used']) {
|
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'tickets');
|
|
||||||
}
|
|
||||||
if ($mysqls != $result['mysqls'] && $mysqls != -1 && $mysqls < $result['mysqls_used']) {
|
|
||||||
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'mysqls');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($res_warning)) {
|
if (Settings::Get('ticket.enabled') != '1') {
|
||||||
throw new Exception($res_warning, 406);
|
$tickets = - 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
$upd_data = array(
|
if (empty($theme)) {
|
||||||
'password' => $password,
|
$theme = Settings::Get('panel.default_theme');
|
||||||
'name' => $name,
|
}
|
||||||
'email' => $email,
|
|
||||||
'lang' => $def_language,
|
|
||||||
'change_serversettings' => $change_serversettings,
|
|
||||||
'customers' => $customers,
|
|
||||||
'customers_see_all' => $customers_see_all,
|
|
||||||
'domains' => $domains,
|
|
||||||
'domains_see_all' => $domains_see_all,
|
|
||||||
'caneditphpsettings' => $caneditphpsettings,
|
|
||||||
'diskspace' => $diskspace,
|
|
||||||
'traffic' => $traffic,
|
|
||||||
'subdomains' => $subdomains,
|
|
||||||
'emails' => $emails,
|
|
||||||
'accounts' => $email_accounts,
|
|
||||||
'forwarders' => $email_forwarders,
|
|
||||||
'quota' => $email_quota,
|
|
||||||
'ftps' => $ftps,
|
|
||||||
'tickets' => $tickets,
|
|
||||||
'tickets_see_all' => $tickets_see_all,
|
|
||||||
'mysqls' => $mysqls,
|
|
||||||
'ip' => $ipaddress,
|
|
||||||
'deactivated' => $deactivated,
|
|
||||||
'custom_notes' => $custom_notes,
|
|
||||||
'custom_notes_show' => $custom_notes_show,
|
|
||||||
'theme' => $theme,
|
|
||||||
'adminid' => $id
|
|
||||||
);
|
|
||||||
|
|
||||||
$upd_stmt = Database::prepare("
|
if ($name == '') {
|
||||||
UPDATE `" . TABLE_PANEL_ADMINS . "` SET
|
standard_error(array(
|
||||||
`password` = :password,
|
'stringisempty',
|
||||||
`name` = :name,
|
'myname'
|
||||||
`email` = :email,
|
), '', true);
|
||||||
`def_language` = :lang,
|
} elseif ($email == '') {
|
||||||
`change_serversettings` = :change_serversettings,
|
standard_error(array(
|
||||||
`customers` = :customers,
|
'stringisempty',
|
||||||
`customers_see_all` = :customers_see_all,
|
'emailadd'
|
||||||
`domains` = :domains,
|
), '', true);
|
||||||
`domains_see_all` = :domains_see_all,
|
} elseif (! validateEmail($email)) {
|
||||||
`caneditphpsettings` = :caneditphpsettings,
|
standard_error('emailiswrong', $email, true);
|
||||||
`diskspace` = :diskspace,
|
} else {
|
||||||
`traffic` = :traffic,
|
|
||||||
`subdomains` = :subdomains,
|
|
||||||
`emails` = :emails,
|
|
||||||
`email_accounts` = :accounts,
|
|
||||||
`email_forwarders` = :forwarders,
|
|
||||||
`email_quota` = :quota,
|
|
||||||
`ftps` = :ftps,
|
|
||||||
`tickets` = :tickets,
|
|
||||||
`tickets_see_all` = :tickets_see_all,
|
|
||||||
`mysqls` = :mysqls,
|
|
||||||
`ip` = :ip,
|
|
||||||
`deactivated` = :deactivated,
|
|
||||||
`custom_notes` = :custom_notes,
|
|
||||||
`custom_notes_show` = :custom_notes_show,
|
|
||||||
`theme` = :theme
|
|
||||||
WHERE `adminid` = :adminid
|
|
||||||
");
|
|
||||||
Database::pexecute($upd_stmt, $upd_data, true, true);
|
|
||||||
$this->logger()->logAction(ADM_ACTION, LOG_INFO, "[API] edited admin '" . $result['loginname'] . "'");
|
|
||||||
|
|
||||||
// get all admin-data for return-array
|
if ($deactivated != '1') {
|
||||||
$json_result = Admins::getLocal($this->getUserData(), array(
|
$deactivated = '0';
|
||||||
'id' => $adminid
|
}
|
||||||
))->get();
|
|
||||||
$result = json_decode($json_result, true)['data'];
|
if ($customers_see_all != '1') {
|
||||||
return $this->response(200, "successfull", $result);
|
$customers_see_all = '0';
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($domains_see_all != '1') {
|
||||||
|
$domains_see_all = '0';
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($caneditphpsettings != '1') {
|
||||||
|
$caneditphpsettings = '0';
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($change_serversettings != '1') {
|
||||||
|
$change_serversettings = '0';
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($tickets_see_all != '1') {
|
||||||
|
$tickets_see_all = '0';
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($password != '') {
|
||||||
|
$password = validatePassword($password, true);
|
||||||
|
$password = makeCryptPassword($password);
|
||||||
|
} else {
|
||||||
|
$password = $result['password'];
|
||||||
|
}
|
||||||
|
|
||||||
|
// check if a resource was set to something lower
|
||||||
|
// than actually used by the admin/reseller
|
||||||
|
$res_warning = "";
|
||||||
|
if ($customers != $result['customers'] && $customers != - 1 && $customers < $result['customers_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'customers');
|
||||||
|
}
|
||||||
|
if ($domains != $result['domains'] && $domains != - 1 && $domains < $result['domains_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'domains');
|
||||||
|
}
|
||||||
|
if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != - 1 && $diskspace < $result['diskspace_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'diskspace');
|
||||||
|
}
|
||||||
|
if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != - 1 && $traffic < $result['traffic_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'traffic');
|
||||||
|
}
|
||||||
|
if ($emails != $result['emails'] && $emails != - 1 && $emails < $result['emails_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'emails');
|
||||||
|
}
|
||||||
|
if ($email_accounts != $result['email_accounts'] && $email_accounts != - 1 && $email_accounts < $result['email_accounts_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email accounts');
|
||||||
|
}
|
||||||
|
if ($email_forwarders != $result['email_forwarders'] && $email_forwarders != - 1 && $email_forwarders < $result['email_forwarders_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email forwarders');
|
||||||
|
}
|
||||||
|
if ($email_quota != $result['email_quota'] && $email_quota != - 1 && $email_quota < $result['email_quota_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email quota');
|
||||||
|
}
|
||||||
|
if ($ftps != $result['ftps'] && $ftps != - 1 && $ftps < $result['ftps_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'ftps');
|
||||||
|
}
|
||||||
|
if ($tickets != $result['tickets'] && $tickets != - 1 && $tickets < $result['tickets_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'tickets');
|
||||||
|
}
|
||||||
|
if ($mysqls != $result['mysqls'] && $mysqls != - 1 && $mysqls < $result['mysqls_used']) {
|
||||||
|
$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'mysqls');
|
||||||
|
}
|
||||||
|
|
||||||
|
if (! empty($res_warning)) {
|
||||||
|
throw new Exception($res_warning, 406);
|
||||||
|
}
|
||||||
|
|
||||||
|
$upd_data = array(
|
||||||
|
'password' => $password,
|
||||||
|
'name' => $name,
|
||||||
|
'email' => $email,
|
||||||
|
'lang' => $def_language,
|
||||||
|
'change_serversettings' => $change_serversettings,
|
||||||
|
'customers' => $customers,
|
||||||
|
'customers_see_all' => $customers_see_all,
|
||||||
|
'domains' => $domains,
|
||||||
|
'domains_see_all' => $domains_see_all,
|
||||||
|
'caneditphpsettings' => $caneditphpsettings,
|
||||||
|
'diskspace' => $diskspace,
|
||||||
|
'traffic' => $traffic,
|
||||||
|
'subdomains' => $subdomains,
|
||||||
|
'emails' => $emails,
|
||||||
|
'accounts' => $email_accounts,
|
||||||
|
'forwarders' => $email_forwarders,
|
||||||
|
'quota' => $email_quota,
|
||||||
|
'ftps' => $ftps,
|
||||||
|
'tickets' => $tickets,
|
||||||
|
'tickets_see_all' => $tickets_see_all,
|
||||||
|
'mysqls' => $mysqls,
|
||||||
|
'ip' => $ipaddress,
|
||||||
|
'deactivated' => $deactivated,
|
||||||
|
'custom_notes' => $custom_notes,
|
||||||
|
'custom_notes_show' => $custom_notes_show,
|
||||||
|
'theme' => $theme,
|
||||||
|
'adminid' => $id
|
||||||
|
);
|
||||||
|
|
||||||
|
$upd_stmt = Database::prepare("
|
||||||
|
UPDATE `" . TABLE_PANEL_ADMINS . "` SET
|
||||||
|
`password` = :password,
|
||||||
|
`name` = :name,
|
||||||
|
`email` = :email,
|
||||||
|
`def_language` = :lang,
|
||||||
|
`change_serversettings` = :change_serversettings,
|
||||||
|
`customers` = :customers,
|
||||||
|
`customers_see_all` = :customers_see_all,
|
||||||
|
`domains` = :domains,
|
||||||
|
`domains_see_all` = :domains_see_all,
|
||||||
|
`caneditphpsettings` = :caneditphpsettings,
|
||||||
|
`diskspace` = :diskspace,
|
||||||
|
`traffic` = :traffic,
|
||||||
|
`subdomains` = :subdomains,
|
||||||
|
`emails` = :emails,
|
||||||
|
`email_accounts` = :accounts,
|
||||||
|
`email_forwarders` = :forwarders,
|
||||||
|
`email_quota` = :quota,
|
||||||
|
`ftps` = :ftps,
|
||||||
|
`tickets` = :tickets,
|
||||||
|
`tickets_see_all` = :tickets_see_all,
|
||||||
|
`mysqls` = :mysqls,
|
||||||
|
`ip` = :ip,
|
||||||
|
`deactivated` = :deactivated,
|
||||||
|
`custom_notes` = :custom_notes,
|
||||||
|
`custom_notes_show` = :custom_notes_show,
|
||||||
|
`theme` = :theme
|
||||||
|
WHERE `adminid` = :adminid
|
||||||
|
");
|
||||||
|
Database::pexecute($upd_stmt, $upd_data, true, true);
|
||||||
|
$this->logger()->logAction(ADM_ACTION, LOG_INFO, "[API] edited admin '" . $result['loginname'] . "'");
|
||||||
|
|
||||||
|
// get all admin-data for return-array
|
||||||
|
$json_result = Admins::getLocal($this->getUserData(), array(
|
||||||
|
'id' => $adminid
|
||||||
|
))->get();
|
||||||
|
$result = json_decode($json_result, true)['data'];
|
||||||
|
return $this->response(200, "successfull", $result);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
throw new Exception("Not allowed to execute given command.", 403);
|
throw new Exception("Not allowed to execute given command.", 403);
|
||||||
@@ -586,36 +592,48 @@ class Admins extends ApiCommand implements ResourceEntity
|
|||||||
$id = $result['adminid'];
|
$id = $result['adminid'];
|
||||||
|
|
||||||
// don't be stupid
|
// don't be stupid
|
||||||
if ($id == $this->getUserDetail('userid')) {
|
if ($id == $this->getUserDetail('adminid')) {
|
||||||
standard_error('youcantdeleteyourself', '', true);
|
standard_error('youcantdeleteyourself', '', true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$del_stmt = Database::prepare("
|
$del_stmt = Database::prepare("
|
||||||
DELETE FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid
|
DELETE FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid
|
||||||
");
|
");
|
||||||
Database::pexecute($del_stmt, array('adminid' => $id), true, true);
|
Database::pexecute($del_stmt, array(
|
||||||
|
'adminid' => $id
|
||||||
|
), true, true);
|
||||||
|
|
||||||
$del_stmt = Database::prepare("
|
$del_stmt = Database::prepare("
|
||||||
DELETE FROM `" . TABLE_PANEL_TRAFFIC_ADMINS . "` WHERE `adminid` = :adminid
|
DELETE FROM `" . TABLE_PANEL_TRAFFIC_ADMINS . "` WHERE `adminid` = :adminid
|
||||||
");
|
");
|
||||||
Database::pexecute($del_stmt, array('adminid' => $id), true, true);
|
Database::pexecute($del_stmt, array(
|
||||||
|
'adminid' => $id
|
||||||
|
), true, true);
|
||||||
|
|
||||||
$del_stmt = Database::prepare("
|
$del_stmt = Database::prepare("
|
||||||
DELETE FROM `" . TABLE_PANEL_DISKSPACE_ADMINS . "` WHERE `adminid` = :adminid
|
DELETE FROM `" . TABLE_PANEL_DISKSPACE_ADMINS . "` WHERE `adminid` = :adminid
|
||||||
");
|
");
|
||||||
Database::pexecute($del_stmt, array('adminid' => $id), true, true);
|
Database::pexecute($del_stmt, array(
|
||||||
|
'adminid' => $id
|
||||||
|
), true, true);
|
||||||
|
|
||||||
$upd_stmt = Database::prepare("
|
$upd_stmt = Database::prepare("
|
||||||
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
|
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
|
||||||
`adminid` = :userid WHERE `adminid` = :adminid
|
`adminid` = :userid WHERE `adminid` = :adminid
|
||||||
");
|
");
|
||||||
Database::pexecute($upd_stmt, array('userid' => $this->getUserDetail('userid'), 'adminid' => $id), true, true);
|
Database::pexecute($upd_stmt, array(
|
||||||
|
'userid' => $this->getUserDetail('adminid'),
|
||||||
|
'adminid' => $id
|
||||||
|
), true, true);
|
||||||
|
|
||||||
$upd_stmt = Database::prepare("
|
$upd_stmt = Database::prepare("
|
||||||
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
|
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
|
||||||
`adminid` = :userid WHERE `adminid` = :adminid
|
`adminid` = :userid WHERE `adminid` = :adminid
|
||||||
");
|
");
|
||||||
Database::pexecute($upd_stmt, array('userid' => $this->getUserDetail('userid'), 'adminid' => $id), true, true);
|
Database::pexecute($upd_stmt, array(
|
||||||
|
'userid' => $this->getUserDetail('adminid'),
|
||||||
|
'adminid' => $id
|
||||||
|
), true, true);
|
||||||
|
|
||||||
$this->logger()->logAction(ADM_ACTION, LOG_WARNING, "[API] deleted admin '" . $result['loginname'] . "'");
|
$this->logger()->logAction(ADM_ACTION, LOG_WARNING, "[API] deleted admin '" . $result['loginname'] . "'");
|
||||||
updateCounters();
|
updateCounters();
|
||||||
|
|||||||
Reference in New Issue
Block a user