maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

finished Customer::update(), untested

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2018-02-19 10:45:41 +01:00
parent 133af365bd
commit 603e14913b
7 changed files with 720 additions and 689 deletions
Download Patch File Download Diff File Expand all files Collapse all files

550
admin_customers.php
View File

@@ -375,553 +375,15 @@ if ($page == 'customers'
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
$name = validate($_POST['name'], 'name');
$firstname = validate($_POST['firstname'], 'first name');
$company = validate($_POST['company'], 'company');
$street = validate($_POST['street'], 'street');
$zipcode = validate($_POST['zipcode'], 'zipcode', '/^[0-9 \-A-Z]*$/');
$city = validate($_POST['city'], 'city');
$phone = validate($_POST['phone'], 'phone', '/^[0-9\- \+\(\)\/]*$/');
$fax = validate($_POST['fax'], 'fax', '/^[0-9\- \+\(\)\/]*$/');
$email = $idna_convert->encode(validate($_POST['email'], 'email'));
$customernumber = validate($_POST['customernumber'], 'customer number', '/^[A-Za-z0-9 \-]*$/Di');
$def_language = validate($_POST['def_language'], 'default language');
$password = validate($_POST['new_customer_password'], 'new password');
$gender = intval_ressource($_POST['gender']);
$move_to_admin = isset($_POST['move_to_admin']) ? intval_ressource($_POST['move_to_admin']) : 0;
$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
$custom_notes_show = $result['custom_notes_show'];
if (isset($_POST['custom_notes_show'])) {
$custom_notes_show = intval_ressource($_POST['custom_notes_show']);
try {
Customers::getLocal($userinfo, $_POST)->update();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
$diskspace = intval_ressource($_POST['diskspace']);
if (isset($_POST['diskspace_ul'])) {
$diskspace = - 1;
}
$traffic = doubleval_ressource($_POST['traffic']);
if (isset($_POST['traffic_ul'])) {
$traffic = - 1;
}
$subdomains = intval_ressource($_POST['subdomains']);
if (isset($_POST['subdomains_ul'])) {
$subdomains = - 1;
}
$emails = intval_ressource($_POST['emails']);
if (isset($_POST['emails_ul'])) {
$emails = - 1;
}
$email_accounts = intval_ressource($_POST['email_accounts']);
if (isset($_POST['email_accounts_ul'])) {
$email_accounts = - 1;
}
$email_forwarders = intval_ressource($_POST['email_forwarders']);
if (isset($_POST['email_forwarders_ul'])) {
$email_forwarders = - 1;
}
if (Settings::Get('system.mail_quota_enabled') == '1') {
$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
if (isset($_POST['email_quota_ul'])) {
$email_quota = - 1;
}
} else {
$email_quota = - 1;
}
$email_imap = 0;
if (isset($_POST['email_imap'])) {
$email_imap = intval_ressource($_POST['email_imap']);
}
$email_pop3 = 0;
if (isset($_POST['email_pop3'])) {
$email_pop3 = intval_ressource($_POST['email_pop3']);
}
$ftps = 0;
if (isset($_POST['ftps'])) {
$ftps = intval_ressource($_POST['ftps']);
}
if (isset($_POST['ftps_ul'])) {
$ftps = - 1;
}
$tickets = (Settings::Get('ticket.enabled') == 1 ? intval_ressource($_POST['tickets']) : 0);
if (isset($_POST['tickets_ul'])
&& Settings::Get('ticket.enabled') == '1'
) {
$tickets = - 1;
}
// gender out of range? [0,2]
if ($gender < 0 || $gender > 2) {
$gender = 0;
}
$mysqls = 0;
if (isset($_POST['mysqls'])) {
$mysqls = intval_ressource($_POST['mysqls']);
}
if (isset($_POST['mysqls_ul'])) {
$mysqls = - 1;
}
$createstdsubdomain = 0;
if (isset($_POST['createstdsubdomain'])) {
$createstdsubdomain = intval($_POST['createstdsubdomain']);
}
$deactivated = 0;
if (isset($_POST['deactivated'])) {
$deactivated = intval($_POST['deactivated']);
}
$phpenabled = 0;
if (isset($_POST['phpenabled'])) {
$phpenabled = intval($_POST['phpenabled']);
}
$allowed_phpconfigs = array();
if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
$allowed_phpconfig = intval($allowed_phpconfig);
$allowed_phpconfigs[] = $allowed_phpconfig;
}
}
$perlenabled = 0;
if (isset($_POST['perlenabled'])) {
$perlenabled = intval($_POST['perlenabled']);
}
$dnsenabled = 0;
if (isset($_POST['dnsenabled'])) {
$dnsenabled = intval($_POST['dnsenabled']);
}
$diskspace = $diskspace * 1024;
$traffic = $traffic * 1024 * 1024;
if (((($userinfo['diskspace_used'] + $diskspace - $result['diskspace']) > $userinfo['diskspace']) && ($userinfo['diskspace'] / 1024) != '-1')
|| ((($userinfo['mysqls_used'] + $mysqls - $result['mysqls']) > $userinfo['mysqls']) && $userinfo['mysqls'] != '-1')
|| ((($userinfo['emails_used'] + $emails - $result['emails']) > $userinfo['emails']) && $userinfo['emails'] != '-1')
|| ((($userinfo['email_accounts_used'] + $email_accounts - $result['email_accounts']) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
|| ((($userinfo['email_forwarders_used'] + $email_forwarders - $result['email_forwarders']) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
|| ((($userinfo['email_quota_used'] + $email_quota - $result['email_quota']) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
|| ((($userinfo['ftps_used'] + $ftps - $result['ftps']) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
|| ((($userinfo['tickets_used'] + $tickets - $result['tickets']) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
|| ((($userinfo['subdomains_used'] + $subdomains - $result['subdomains']) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
|| (($diskspace / 1024) == '-1' && ($userinfo['diskspace'] / 1024) != '-1')
|| ($mysqls == '-1' && $userinfo['mysqls'] != '-1')
|| ($emails == '-1' && $userinfo['emails'] != '-1')
|| ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
|| ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
|| ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
|| ($ftps == '-1' && $userinfo['ftps'] != '-1')
|| ($tickets == '-1' && $userinfo['tickets'] != '-1')
|| ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
) {
standard_error('youcantallocatemorethanyouhave');
}
// Either $name and $firstname or the $company must be inserted
if ($name == '' && $company == '') {
standard_error(array('stringisempty', 'myname'));
} elseif($firstname == '' && $company == '') {
standard_error(array('stringisempty', 'myfirstname'));
} elseif($email == '') {
standard_error(array('stringisempty', 'emailadd'));
} elseif(!validateEmail($email)) {
standard_error('emailiswrong', $email);
} else {
if ($password != '') {
$password = validatePassword($password);
$password = makeCryptPassword($password);
} else {
$password = $result['password'];
}
if ($createstdsubdomain != '1') {
$createstdsubdomain = '0';
}
if ($createstdsubdomain == '1'
&& $result['standardsubdomain'] == '0'
) {
if (Settings::Get('system.stdsubdomain') !== null
&& Settings::Get('system.stdsubdomain') != ''
) {
$_stdsubdomain = $result['loginname'] . '.' . Settings::Get('system.stdsubdomain');
} else {
$_stdsubdomain = $result['loginname'] . '.' . Settings::Get('system.hostname');
}
$ins_data = array(
'domain' => $_stdsubdomain,
'customerid' => $result['customerid'],
'adminid' => $userinfo['adminid'],
'docroot' => $result['documentroot'],
'adddate' => time()
);
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
`domain` = :domain,
`customerid` = :customerid,
`adminid` = :adminid,
`parentdomainid` = '0',
`documentroot` = :docroot,
`zonefile` = '',
`isemaildomain` = '0',
`caneditdomain` = '0',
`openbasedir` = '1',
`speciallogfile` = '0',
`specialsettings` = '',
`add_date` = :adddate"
);
Database::pexecute($ins_stmt, $ins_data);
$domainid = Database::lastInsertId();
// set ip <-> domain connection
$defaultips = explode(',', Settings::Get('system.defaultip'));
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_DOMAINTOIP . "` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
);
foreach ($defaultips as $defaultip) {
Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $defaultip));
}
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
);
Database::pexecute($upd_stmt, array('domainid' => $domainid, 'customerid' => $result['customerid']));
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $result['loginname'] . "'");
inserttask('1');
}
if ($createstdsubdomain == '0'
&& $result['standardsubdomain'] != '0'
) {
$del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id` = :stdsub");
Database::pexecute($del_stmt, array('stdsub' => $result['standardsubdomain']));
$del_stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :stdsub");
Database::pexecute($del_stmt, array('stdsub' => $result['standardsubdomain']));
$del_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain`= '0' WHERE `customerid` = :customerid");
Database::pexecute($del_stmt, array('customerid' => $result['customerid']));
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically deleted standardsubdomain for user '" . $result['loginname'] . "'");
inserttask('1');
}
if ($deactivated != '1') {
$deactivated = '0';
}
if ($phpenabled != '0') {
$phpenabled = '1';
}
if ($perlenabled != '0') {
$perlenabled = '1';
}
if ($dnsenabled != '0') {
$dnsenabled = '1';
}
if ($phpenabled != $result['phpenabled']
|| $perlenabled != $result['perlenabled']
) {
inserttask('1');
}
// activate/deactivate customer services
if ($deactivated != $result['deactivated']) {
$yesno = (($deactivated) ? 'N' : 'Y');
$pop3 = (($deactivated) ? '0' : (int)$result['pop3']);
$imap = (($deactivated) ? '0' : (int)$result['imap']);
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`= :yesno, `pop3` = :pop3, `imap` = :imap WHERE `customerid` = :customerid"
);
Database::pexecute($upd_stmt, array('yesno' => $yesno, 'pop3' => $pop3, 'imap' => $imap, 'customerid' => $id));
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled` = :yesno WHERE `customerid` = :customerid"
);
Database::pexecute($upd_stmt, array('yesno' => $yesno, 'customerid' => $id));
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `deactivated`= :deactivated WHERE `customerid` = :customerid"
);
Database::pexecute($upd_stmt, array('deactivated' => $deactivated, 'customerid' => $id));
// Retrieve customer's databases
$databases_stmt = Database::prepare("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid = :customerid ORDER BY `dbserver`");
Database::pexecute($databases_stmt, array('customerid' => $id));
Database::needRoot(true);
$last_dbserver = 0;
$dbm = new DbManager($log);
// For each of them
while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
if ($last_dbserver != $row_database['dbserver']) {
$dbm->getManager()->flushPrivileges();
Database::needRoot(true, $row_database['dbserver']);
$last_dbserver = $row_database['dbserver'];
}
foreach (array_unique(explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
$mysql_access_host = trim($mysql_access_host);
// Prevent access, if deactivated
if ($deactivated) {
// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
$dbm->getManager()->disableUser($row_database['databasename'], $mysql_access_host);
} else {
// Otherwise grant access
$dbm->getManager()->enableUser($row_database['databasename'], $mysql_access_host);
}
}
}
// At last flush the new privileges
$dbm->getManager()->flushPrivileges();
Database::needRoot(false);
$log->logAction(ADM_ACTION, LOG_INFO, "deactivated user '" . $result['loginname'] . "'");
inserttask('1');
}
// Disable or enable POP3 Login for customers Mail Accounts
if ($email_pop3 != $result['pop3']) {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "` SET `pop3` = :pop3 WHERE `customerid` = :customerid");
Database::pexecute($upd_stmt, array('pop3' => $email_pop3, 'customerid' => $id));
}
// Disable or enable IMAP Login for customers Mail Accounts
if ($email_imap != $result['imap']) {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "` SET `imap` = :imap WHERE `customerid` = :customerid");
Database::pexecute($upd_stmt, array('imap' => $email_imap, 'customerid' => $id));
}
$upd_data = array(
'customerid' => $id,
'passwd' => $password,
'name' => $name,
'firstname' => $firstname,
'gender' => $gender,
'company' => $company,
'street' => $street,
'zipcode' => $zipcode,
'city' => $city,
'phone' => $phone,
'fax' => $fax,
'email' => $email,
'customerno' => $customernumber,
'lang' => $def_language,
'diskspace' => $diskspace,
'traffic' => $traffic,
'subdomains' => $subdomains,
'emails' => $emails,
'email_accounts' => $email_accounts,
'email_forwarders' => $email_forwarders,
'email_quota' => $email_quota,
'ftps' => $ftps,
'tickets' => $tickets,
'mysqls' => $mysqls,
'deactivated' => $deactivated,
'phpenabled' => $phpenabled,
'allowed_phpconfigs' => empty($allowed_phpconfigs) ? "" : json_encode($allowed_phpconfigs),
'imap' => $email_imap,
'pop3' => $email_pop3,
'perlenabled' => $perlenabled,
'dnsenabled' => $dnsenabled,
'custom_notes' => $custom_notes,
'custom_notes_show' => $custom_notes_show
);
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
`name` = :name,
`firstname` = :firstname,
`gender` = :gender,
`company` = :company,
`street` = :street,
`zipcode` = :zipcode,
`city` = :city,
`phone` = :phone,
`fax` = :fax,
`email` = :email,
`customernumber` = :customerno,
`def_language` = :lang,
`password` = :passwd,
`diskspace` = :diskspace,
`traffic` = :traffic,
`subdomains` = :subdomains,
`emails` = :emails,
`email_accounts` = :email_accounts,
`email_forwarders` = :email_forwarders,
`ftps` = :ftps,
`tickets` = :tickets,
`mysqls` = :mysqls,
`deactivated` = :deactivated,
`phpenabled` = :phpenabled,
`allowed_phpconfigs` = :allowed_phpconfigs,
`email_quota` = :email_quota,
`imap` = :imap,
`pop3` = :pop3,
`perlenabled` = :perlenabled,
`dnsenabled` = :dnsenabled,
`custom_notes` = :custom_notes,
`custom_notes_show` = :custom_notes_show
WHERE `customerid` = :customerid"
);
Database::pexecute($upd_stmt, $upd_data);
// Using filesystem - quota, insert a task which cleans the filesystem - quota
inserttask('10');
$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` ";
if ($mysqls != '-1' || $result['mysqls'] != '-1') {
$admin_update_query.= ", `mysqls_used` = `mysqls_used` ";
if ($mysqls != '-1') {
$admin_update_query.= " + 0" . (int)$mysqls . " ";
}
if ($result['mysqls'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['mysqls'] . " ";
}
}
if($emails != '-1' || $result['emails'] != '-1') {
$admin_update_query.= ", `emails_used` = `emails_used` ";
if ($emails != '-1') {
$admin_update_query.= " + 0" . (int)$emails . " ";
}
if ($result['emails'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['emails'] . " ";
}
}
if ($email_accounts != '-1' || $result['email_accounts'] != '-1') {
$admin_update_query.= ", `email_accounts_used` = `email_accounts_used` ";
if ($email_accounts != '-1') {
$admin_update_query.= " + 0" . (int)$email_accounts . " ";
}
if ($result['email_accounts'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['email_accounts'] . " ";
}
}
if ($email_forwarders != '-1' || $result['email_forwarders'] != '-1') {
$admin_update_query.= ", `email_forwarders_used` = `email_forwarders_used` ";
if ($email_forwarders != '-1') {
$admin_update_query.= " + 0" . (int)$email_forwarders . " ";
}
if ($result['email_forwarders'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['email_forwarders'] . " ";
}
}
if ($email_quota != '-1' || $result['email_quota'] != '-1') {
$admin_update_query.= ", `email_quota_used` = `email_quota_used` ";
if ($email_quota != '-1') {
$admin_update_query.= " + 0" . (int)$email_quota . " ";
}
if ($result['email_quota'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['email_quota'] . " ";
}
}
if ($subdomains != '-1' || $result['subdomains'] != '-1') {
$admin_update_query.= ", `subdomains_used` = `subdomains_used` ";
if ($subdomains != '-1') {
$admin_update_query.= " + 0" . (int)$subdomains . " ";
}
if ($result['subdomains'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['subdomains'] . " ";
}
}
if ($ftps != '-1' || $result['ftps'] != '-1') {
$admin_update_query.= ", `ftps_used` = `ftps_used` ";
if ($ftps != '-1') {
$admin_update_query.= " + 0" . (int)$ftps . " ";
}
if ($result['ftps'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['ftps'] . " ";
}
}
if ($tickets != '-1' || $result['tickets'] != '-1') {
$admin_update_query.= ", `tickets_used` = `tickets_used` ";
if ($tickets != '-1') {
$admin_update_query.= " + 0" . (int)$tickets . " ";
}
if ($result['tickets'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['tickets'] . " ";
}
}
if (($diskspace / 1024) != '-1' || ($result['diskspace'] / 1024) != '-1') {
$admin_update_query.= ", `diskspace_used` = `diskspace_used` ";
if (($diskspace / 1024) != '-1') {
$admin_update_query.= " + 0" . (int)$diskspace . " ";
}
if (($result['diskspace'] / 1024) != '-1') {
$admin_update_query.= " - 0" . (int)$result['diskspace'] . " ";
}
}
$admin_update_query.= " WHERE `adminid` = '" . (int)$result['adminid'] . "'";
Database::query($admin_update_query);
$log->logAction(ADM_ACTION, LOG_INFO, "edited user '" . $result['loginname'] . "'");
/*
* move customer to another admin/reseller; #1166
*/
if ($move_to_admin > 0 && $move_to_admin != $result['adminid']) {
$move_result = moveCustomerToAdmin($id, $move_to_admin);
if ($move_result != true) {
standard_error('moveofcustomerfailed', $move_result);
}
}
$redirect_props = Array(
redirectTo($filename, array(
'page' => $page,
's' => $s
);
redirectTo($filename, $redirect_props);
}
));
} else {
$language_options = '';

10
lib/classes/api/abstract.ApiCommand.php
View File

@@ -184,6 +184,16 @@ abstract class ApiCommand
return $this->cmd_params[$param];
}
protected function getUlParam($param = null, $ul_field = null, $optional = false, $default = 0)
{
$param_value = intval_ressource($this->getParam($param, $optional, $default));
$ul_field_value = $this->getParam($ul_field, true, 0);
if ($ul_field_value != 0) {
$param_value = - 1;
}
return $param_value;
}
/**
* returns "module::function()" for better error-messages (missing parameter etc.)
* makes debugging a whole lot more comfortable

638
lib/classes/api/commands/class.Customers.php
View File

@@ -1,5 +1,19 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Panel
*
*/
class Customers extends ApiCommand implements ResourceEntity
{
@@ -40,7 +54,8 @@ class Customers extends ApiCommand implements ResourceEntity
/**
* return a customer entry by id
*
* @param int $id customer-id
* @param int $id
* customer-id
*
* @throws Exception
* @return array
@@ -75,91 +90,72 @@ class Customers extends ApiCommand implements ResourceEntity
if ($this->isAdmin()) {
if ($this->getUserDetail('customers_used') < $this->getUserDetail('customers') || $this->getUserDetail('customers') == '-1') {
$idna_convert = new idna_convert_wrapper();
$name = validate($this->getParam('name', true, ''), 'name', '', '', array(), true);
$firstname = validate($this->getParam('firstname', true, ''), 'first name', '', '', array(), true);
$company_required = (empty($name) && empty($first));
$company = validate($this->getParam('company', $company_required, ''), 'company', '', '', array(), true);
$street = validate($this->getParam('street', true, ''), 'street', '', '', array(), true);
$zipcode = validate($this->getParam('zipcode', true, ''), 'zipcode', '/^[0-9 \-A-Z]*$/', '', array(), true);
$city = validate($this->getParam('city', true, ''), 'city', '', '', array(), true);
$phone = validate($this->getParam('phone', true, ''), 'phone', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
$fax = validate($this->getParam('fax', true, ''), 'fax', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
$email = $idna_convert->encode(validate($this->getParam('email'), 'email', '', '', array(), true));
$customernumber = validate($this->getParam('customernumber', true, ''), 'customer number', '/^[A-Za-z0-9 \-]*$/Di', '', array(), true);
$def_language = validate($this->getParam('def_language', true, ''), 'default language', '', '', array(), true);
$gender = intval_ressource($this->getParam('gender', true, 0));
// required parameters
$email = $this->getParam('email');
$custom_notes = validate(str_replace("\r\n", "\n", $this->getParam('custom_notes', true, '')), 'custom_notes', '/^[^\0]*$/', '', array(), true);
// parameters
$name = $this->getParam('name', true, '');
$firstname = $this->getParam('firstname', true, '');
$company_required = (empty($name) && empty($first));
$company = $this->getParam('company', $company_required, '');
$street = $this->getParam('street', true, '');
$zipcode = $this->getParam('zipcode', true, '');
$city = $this->getParam('city', true, '');
$phone = $this->getParam('phone', true, '');
$fax = $this->getParam('fax', true, '');
$customernumber = $this->getParam('customernumber', true, '');
$def_language = $this->getParam('def_language', true, '');
$gender = intval_ressource($this->getParam('gender', true, 0));
$custom_notes = $this->getParam('custom_notes', true, '');
$custom_notes_show = $this->getParam('custom_notes_show', true, 0);
$diskspace = intval_ressource($this->getParam('diskspace', true, 0));
if ($this->getParam('diskspace_ul', true, 0) == -1) {
$diskspace = - 1;
}
$traffic = doubleval_ressource($this->getParam('traffic', true, 0));
if ($this->getParam('traffic_ul', true, 0) == -1) {
$traffic = - 1;
}
$subdomains = intval_ressource($this->getParam('subdomains', true, 0));
if ($this->getParam('subdomains_ul', true, 0) == -1) {
$subdomains = - 1;
}
$emails = intval_ressource($this->getParam('emails', true, 0));
if ($this->getParam('emails_ul', true, 0) == -1) {
$emails = - 1;
}
$email_accounts = intval_ressource($this->getParam('email_accounts', true, 0));
if ($this->getParam('email_accounts_ul', true, 0) == -1) {
$email_accounts = - 1;
}
$email_forwarders = intval_ressource($this->getParam('email_forwarders', true, 0));
if ($this->getParam('email_forwarders_ul', true, 0) == -1) {
$email_forwarders = - 1;
}
if (Settings::Get('system.mail_quota_enabled') == '1') {
$email_quota = validate($this->getParam('email_quota', true, 0), 'email_quota', '/^\d+$/', 'vmailquotawrong', array(
'0',
''
), true);
if ($this->getParam('email_quota_ul', true, 0) == -1) {
$email_quota = - 1;
}
} else {
$email_quota = - 1;
}
$diskspace = $this->getUlParam('diskspace', 'diskspace_ul', true, 0);
$traffic = $this->getUlParam('traffic', 'traffic_ul', true, 0);
$subdomains = $this->getUlParam('subdomains', 'subdomains_ul', true, 0);
$emails = $this->getUlParam('emails', 'emails_ul', true, 0);
$email_accounts = $this->getUlParam('email_accounts', 'email_accounts_ul', true, 0);
$email_forwarders = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, 0);
$email_quota = $this->getUlParam('email_quota', 'email_quota_ul', true, 0);
$email_imap = $this->getParam('email_imap', true, 0);
$email_pop3 = $this->getParam('email_pop3', true, 0);
$ftps = intval_ressource($this->getParam('ftps', true, 0));
if ($this->getParam('ftps_ul', true, 0) == -1) {
$ftps = - 1;
}
if (Settings::Get('ticket.enabled') == '1') {
$tickets = intval_ressource($this->getParam('tickets', true, 0));
if ($this->getParam('tickets_ul', true, 0) == -1) {
$tickets = - 1;
}
} else {
$tickets = - 1;
}
$mysqls = intval_ressource($this->getParam('mysqls', true, 0));
if ($this->getParam('mysqls_ul', true, 0) == -1) {
$mysqls = - 1;
}
$ftps = $this->getUlParam('ftps', 'ftps_ul', true, 0);
$tickets = $this->getUlParam('tickets', 'tickets_ul', true, 0);
$mysqls = $this->getUlParam('mysqls', 'mysqls_ul', true, 0);
$createstdsubdomain = $this->getParam('createstdsubdomain', true, 0);
$password = $this->getParam('new_customer_password', true, '');
$sendpassword = $this->getParam('sendpassword', true, 0);
$phpenabled = $this->getParam('phpenabled', true, 0);
$p_allowed_phpconfigs = $this->getParam('allowed_phpconfigs', true, array());
$perlenabled = $this->getParam('perlenabled', true, 0);
$dnsenabled = $this->getParam('dnsenabled', true, 0);
$store_defaultindex = $this->getParam('store_defaultindex', true, 0);
$loginname = $this->getParam('new_loginname', true, '');
$password = validate($this->getParam('new_customer_password', true, ''), 'password', '', '', array(), true);
// validation
$idna_convert = new idna_convert_wrapper();
$name = validate($name, 'name', '', '', array(), true);
$firstname = validate($firstname, 'first name', '', '', array(), true);
$company = validate($company, 'company', '', '', array(), true);
$street = validate($street, 'street', '', '', array(), true);
$zipcode = validate($zipcode, 'zipcode', '/^[0-9 \-A-Z]*$/', '', array(), true);
$city = validate($city, 'city', '', '', array(), true);
$phone = validate($phone, 'phone', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
$fax = validate(fax, 'fax', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
$idna_convert = new idna_convert_wrapper();
$email = $idna_convert->encode(validate($email, 'email', '', '', array(), true));
$customernumber = validate($customernumber, 'customer number', '/^[A-Za-z0-9 \-]*$/Di', '', array(), true);
$def_language = validate($def_language, 'default language', '', '', array(), true);
$custom_notes = validate(str_replace("\r\n", "\n", $custom_notes), 'custom_notes', '/^[^\0]*$/', '', array(), true);
if (Settings::Get('system.mail_quota_enabled') != '1') {
$email_quota = - 1;
}
if (Settings::Get('ticket.enabled') != '1') {
$tickets = - 1;
}
$password = validate($password, 'password', '', '', array(), true);
// only check if not empty,
// cause empty == generate password automatically
if ($password != '') {
@@ -171,21 +167,14 @@ class Customers extends ApiCommand implements ResourceEntity
$gender = 0;
}
$sendpassword = $this->getParam('sendpassword', true, 0);
$phpenabled = $this->getParam('phpenabled', true, 0);
$allowed_phpconfigs = array();
if (! empty($this->getParam('allowed_phpconfigs', true, array())) && is_array($this->getParam('allowed_phpconfigs', true, array()))) {
foreach ($this->getParam('allowed_phpconfigs', true, array()) as $allowed_phpconfig) {
if (! empty($p_allowed_phpconfigs) && is_array($p_allowed_phpconfigs)) {
foreach ($p_allowed_phpconfigs as $allowed_phpconfig) {
$allowed_phpconfig = intval($allowed_phpconfig);
$allowed_phpconfigs[] = $allowed_phpconfig;
}
}
$perlenabled = $this->getParam('perlenabled', true, 0);
$dnsenabled = $this->getParam('dnsenabled', true, 0);
$store_defaultindex = $this->getParam('store_defaultindex', true, 0);
$diskspace = $diskspace * 1024;
$traffic = $traffic * 1024 * 1024;
@@ -213,9 +202,9 @@ class Customers extends ApiCommand implements ResourceEntity
standard_error('emailiswrong', $email, true);
} else {
if ($this->getParam('new_loginname', true, '') != '') {
if ($loginname != '') {
$accountnumber = intval(Settings::Get('system.lastaccountnumber'));
$loginname = validate($this->getParam('new_loginname'), 'loginname', '/^[a-z][a-z0-9\-_]+$/i', '', array(), true);
$loginname = validate($loginname, 'loginname', '/^[a-z][a-z0-9\-_]+$/i', '', array(), true);
// Accounts which match systemaccounts are not allowed, filtering them
if (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
@@ -663,17 +652,477 @@ class Customers extends ApiCommand implements ResourceEntity
))->get();
$result = json_decode($json_result, true)['data'];
$this->logger()->logAction(ADM_ACTION, LOG_WARNING, "[API] changed customer '" . $result['loginname'] . "'");
// parameters
$move_to_admin = intval_ressource($this->getParam('move_to_admin', true, 0));
$idna_convert = new idna_convert_wrapper();
$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
$name = $this->getParam('name', true, $result['name']);
$firstname = $this->getParam('firstname', true, $result['firstname']);
$company_required = (empty($name) && empty($first));
$company = $this->getParam('company', $company_required, $result['company']);
$street = $this->getParam('street', true, $result['street']);
$zipcode = $this->getParam('zipcode', true, $result['zipcode']);
$city = $this->getParam('city', true, $result['city']);
$phone = $this->getParam('phone', true, $result['phone']);
$fax = $this->getParam('fax', true, $result['fax']);
$customernumber = $this->getParam('customernumber', true, $result['customernumber']);
$def_language = $this->getParam('def_language', true, $result['def_language']);
$gender = intval_ressource($this->getParam('gender', true, $result['gender']));
$custom_notes = $this->getParam('custom_notes', true, $result['custom_notes']);
$custom_notes_show = $this->getParam('custom_notes_show', true, $result['custom_notes_show']);
$dec_places = Settings::Get('panel.decimal_places');
$diskspace = $this->getUlParam('diskspace', 'diskspace_ul', true, round($result['diskspace'] / 1024, $dec_places));
$traffic = $this->getUlParam('traffic', 'traffic_ul', true, round($result['traffic'] / (1024 * 1024), $dec_places));
$subdomains = $this->getUlParam('subdomains', 'subdomains_ul', true, $result['subdomains']);
$emails = $this->getUlParam('emails', 'emails_ul', true, $result['emails']);
$email_accounts = $this->getUlParam('email_accounts', 'email_accounts_ul', true, $result['email_accounts']);
$email_forwarders = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, $result['email_forwarders']);
$email_quota = $this->getUlParam('email_quota', 'email_quota_ul', true, $result['email_quota']);
$email_imap = $this->getParam('email_imap', true, $result['imap']);
$email_pop3 = $this->getParam('email_pop3', true, $result['pop3']);
$ftps = $this->getUlParam('ftps', 'ftps_ul', true, $result['ftps']);
$tickets = $this->getUlParam('tickets', 'tickets_ul', true, $result['tickets']);
$mysqls = $this->getUlParam('mysqls', 'mysqls_ul', true, $result['mysqls']);
$createstdsubdomain = $this->getParam('createstdsubdomain', true, 0);
$password = $this->getParam('new_customer_password', true, '');
$sendpassword = $this->getParam('sendpassword', true, 0);
$phpenabled = $this->getParam('phpenabled', true, $result['phpenabled']);
$allowed_phpconfigs = $this->getParam('allowed_phpconfigs', true, json_decode($result['allowed_phpconfigs'], true));
$perlenabled = $this->getParam('perlenabled', true, $result['perlenabled']);
$dnsenabled = $this->getParam('dnsenabled', true, $result['dnsenabled']);
$deactivated = $this->getParam('deactivated', true, $result['deactivated']);
// validation
$idna_convert = new idna_convert_wrapper();
$name = validate($name, 'name', '', '', array(), true);
$firstname = validate($firstname, 'first name', '', '', array(), true);
$company = validate($company, 'company', '', '', array(), true);
$street = validate($street, 'street', '', '', array(), true);
$zipcode = validate($zipcode, 'zipcode', '/^[0-9 \-A-Z]*$/', '', array(), true);
$city = validate($city, 'city', '', '', array(), true);
$phone = validate($phone, 'phone', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
$fax = validate(fax, 'fax', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
$email = $idna_convert->encode(validate($email, 'email', '', '', array(), true));
$customernumber = validate($customernumber, 'customer number', '/^[A-Za-z0-9 \-]*$/Di', '', array(), true);
$def_language = validate($def_language, 'default language', '', '', array(), true);
$custom_notes = validate(str_replace("\r\n", "\n", $custom_notes), 'custom_notes', '/^[^\0]*$/', '', array(), true);
if (Settings::Get('system.mail_quota_enabled') != '1') {
$email_quota = - 1;
}
if (Settings::Get('ticket.enabled') != '1') {
$tickets = - 1;
}
// Either $name and $firstname or the $company must be inserted
if ($name == '' && $company == '') {
standard_error(array(
'stringisempty',
'myname'
));
} elseif ($firstname == '' && $company == '') {
standard_error(array(
'stringisempty',
'myfirstname'
));
} elseif ($email == '') {
standard_error(array(
'stringisempty',
'emailadd'
));
} elseif (! validateEmail($email)) {
standard_error('emailiswrong', $email);
} else {
if ($password != '') {
$password = validatePassword($password);
$password = makeCryptPassword($password);
} else {
$password = $result['password'];
}
if ($createstdsubdomain != '1') {
$createstdsubdomain = '0';
}
if ($createstdsubdomain == '1' && $result['standardsubdomain'] == '0') {
if (Settings::Get('system.stdsubdomain') !== null && Settings::Get('system.stdsubdomain') != '') {
$_stdsubdomain = $result['loginname'] . '.' . Settings::Get('system.stdsubdomain');
} else {
$_stdsubdomain = $result['loginname'] . '.' . Settings::Get('system.hostname');
}
$ins_data = array(
'domain' => $_stdsubdomain,
'customerid' => $result['customerid'],
'adminid' => $this->getUserDetail('adminid'),
'parentdomainid' => '0',
'docroot' => $result['documentroot'],
'adddate' => time(),
'phpenabled' => $phpenabled,
'zonefile' => '',
'isemaildomain' => '0',
'caneditdomain' => '0',
'openbasedir' => '1',
'speciallogfile' => '0',
'dkim_id' => '0',
'dkim_privkey' => '',
'dkim_pubkey' => '',
'ipandport' => explode(',', Settings::Get('system.defaultip'))
);
$domainid = - 1;
try {
$std_domain = Domains::getLocal($this->getUserData(), $ins_data)->add();
$domainid = json_decode($std_domain, true)['data']['id'];
} catch (Exception $e) {
$this->logger()->logAction(ADM_ACTION, LOG_ERR, "[API] Unable to add standard-subdomain: " . $e->getMessage());
}
if ($domainid > 0) {
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid
");
Database::pexecute($upd_stmt, array(
'domainid' => $domainid,
'customerid' => $result['customerid']
), true, true);
$this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] automatically added standardsubdomain for user '" . $result['loginname'] . "'");
inserttask('1');
}
}
if ($createstdsubdomain == '0' && $result['standardsubdomain'] != '0') {
try {
$std_domain = Domains::getLocal($this->getUserData(), array(
'id' => $result['standardsubdomain'],
'is_stdsubdomain' => 1
))->delete();
} catch (Exception $e) {
$this->logger()->logAction(ADM_ACTION, LOG_ERR, "[API] Unable to delete standard-subdomain: " . $e->getMessage());
}
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically deleted standardsubdomain for user '" . $result['loginname'] . "'");
inserttask('1');
}
if ($deactivated != '1') {
$deactivated = '0';
}
if ($phpenabled != '0') {
$phpenabled = '1';
}
if ($perlenabled != '0') {
$perlenabled = '1';
}
if ($dnsenabled != '0') {
$dnsenabled = '1';
}
if ($phpenabled != $result['phpenabled'] || $perlenabled != $result['perlenabled']) {
inserttask('1');
}
// activate/deactivate customer services
if ($deactivated != $result['deactivated']) {
$yesno = (($deactivated) ? 'N' : 'Y');
$pop3 = (($deactivated) ? '0' : (int) $result['pop3']);
$imap = (($deactivated) ? '0' : (int) $result['imap']);
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`= :yesno, `pop3` = :pop3, `imap` = :imap WHERE `customerid` = :customerid");
Database::pexecute($upd_stmt, array(
'yesno' => $yesno,
'pop3' => $pop3,
'imap' => $imap,
'customerid' => $id
));
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled` = :yesno WHERE `customerid` = :customerid");
Database::pexecute($upd_stmt, array(
'yesno' => $yesno,
'customerid' => $id
));
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `deactivated`= :deactivated WHERE `customerid` = :customerid");
Database::pexecute($upd_stmt, array(
'deactivated' => $deactivated,
'customerid' => $id
));
// Retrieve customer's databases
$databases_stmt = Database::prepare("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid = :customerid ORDER BY `dbserver`");
Database::pexecute($databases_stmt, array(
'customerid' => $id
));
Database::needRoot(true);
$last_dbserver = 0;
$dbm = new DbManager($log);
// For each of them
while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
if ($last_dbserver != $row_database['dbserver']) {
$dbm->getManager()->flushPrivileges();
Database::needRoot(true, $row_database['dbserver']);
$last_dbserver = $row_database['dbserver'];
}
foreach (array_unique(explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
$mysql_access_host = trim($mysql_access_host);
// Prevent access, if deactivated
if ($deactivated) {
// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
$dbm->getManager()->disableUser($row_database['databasename'], $mysql_access_host);
} else {
// Otherwise grant access
$dbm->getManager()->enableUser($row_database['databasename'], $mysql_access_host);
}
}
}
// At last flush the new privileges
$dbm->getManager()->flushPrivileges();
Database::needRoot(false);
$log->logAction(ADM_ACTION, LOG_INFO, "deactivated user '" . $result['loginname'] . "'");
inserttask('1');
}
// Disable or enable POP3 Login for customers Mail Accounts
if ($email_pop3 != $result['pop3']) {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "` SET `pop3` = :pop3 WHERE `customerid` = :customerid");
Database::pexecute($upd_stmt, array(
'pop3' => $email_pop3,
'customerid' => $id
));
}
// Disable or enable IMAP Login for customers Mail Accounts
if ($email_imap != $result['imap']) {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "` SET `imap` = :imap WHERE `customerid` = :customerid");
Database::pexecute($upd_stmt, array(
'imap' => $email_imap,
'customerid' => $id
));
}
$upd_data = array(
'customerid' => $id,
'passwd' => $password,
'name' => $name,
'firstname' => $firstname,
'gender' => $gender,
'company' => $company,
'street' => $street,
'zipcode' => $zipcode,
'city' => $city,
'phone' => $phone,
'fax' => $fax,
'email' => $email,
'customerno' => $customernumber,
'lang' => $def_language,
'diskspace' => $diskspace,
'traffic' => $traffic,
'subdomains' => $subdomains,
'emails' => $emails,
'email_accounts' => $email_accounts,
'email_forwarders' => $email_forwarders,
'email_quota' => $email_quota,
'ftps' => $ftps,
'tickets' => $tickets,
'mysqls' => $mysqls,
'deactivated' => $deactivated,
'phpenabled' => $phpenabled,
'allowed_phpconfigs' => empty($allowed_phpconfigs) ? "" : json_encode($allowed_phpconfigs),
'imap' => $email_imap,
'pop3' => $email_pop3,
'perlenabled' => $perlenabled,
'dnsenabled' => $dnsenabled,
'custom_notes' => $custom_notes,
'custom_notes_show' => $custom_notes_show
);
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
`name` = :name,
`firstname` = :firstname,
`gender` = :gender,
`company` = :company,
`street` = :street,
`zipcode` = :zipcode,
`city` = :city,
`phone` = :phone,
`fax` = :fax,
`email` = :email,
`customernumber` = :customerno,
`def_language` = :lang,
`password` = :passwd,
`diskspace` = :diskspace,
`traffic` = :traffic,
`subdomains` = :subdomains,
`emails` = :emails,
`email_accounts` = :email_accounts,
`email_forwarders` = :email_forwarders,
`ftps` = :ftps,
`tickets` = :tickets,
`mysqls` = :mysqls,
`deactivated` = :deactivated,
`phpenabled` = :phpenabled,
`allowed_phpconfigs` = :allowed_phpconfigs,
`email_quota` = :email_quota,
`imap` = :imap,
`pop3` = :pop3,
`perlenabled` = :perlenabled,
`dnsenabled` = :dnsenabled,
`custom_notes` = :custom_notes,
`custom_notes_show` = :custom_notes_show
WHERE `customerid` = :customerid
");
Database::pexecute($upd_stmt, $upd_data);
// Using filesystem - quota, insert a task which cleans the filesystem - quota
inserttask('10');
$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` ";
if ($mysqls != '-1' || $result['mysqls'] != '-1') {
$admin_update_query .= ", `mysqls_used` = `mysqls_used` ";
if ($mysqls != '-1') {
$admin_update_query .= " + 0" . (int) $mysqls . " ";
}
if ($result['mysqls'] != '-1') {
$admin_update_query .= " - 0" . (int) $result['mysqls'] . " ";
}
}
if ($emails != '-1' || $result['emails'] != '-1') {
$admin_update_query .= ", `emails_used` = `emails_used` ";
if ($emails != '-1') {
$admin_update_query .= " + 0" . (int) $emails . " ";
}
if ($result['emails'] != '-1') {
$admin_update_query .= " - 0" . (int) $result['emails'] . " ";
}
}
if ($email_accounts != '-1' || $result['email_accounts'] != '-1') {
$admin_update_query .= ", `email_accounts_used` = `email_accounts_used` ";
if ($email_accounts != '-1') {
$admin_update_query .= " + 0" . (int) $email_accounts . " ";
}
if ($result['email_accounts'] != '-1') {
$admin_update_query .= " - 0" . (int) $result['email_accounts'] . " ";
}
}
if ($email_forwarders != '-1' || $result['email_forwarders'] != '-1') {
$admin_update_query .= ", `email_forwarders_used` = `email_forwarders_used` ";
if ($email_forwarders != '-1') {
$admin_update_query .= " + 0" . (int) $email_forwarders . " ";
}
if ($result['email_forwarders'] != '-1') {
$admin_update_query .= " - 0" . (int) $result['email_forwarders'] . " ";
}
}
if ($email_quota != '-1' || $result['email_quota'] != '-1') {
$admin_update_query .= ", `email_quota_used` = `email_quota_used` ";
if ($email_quota != '-1') {
$admin_update_query .= " + 0" . (int) $email_quota . " ";
}
if ($result['email_quota'] != '-1') {
$admin_update_query .= " - 0" . (int) $result['email_quota'] . " ";
}
}
if ($subdomains != '-1' || $result['subdomains'] != '-1') {
$admin_update_query .= ", `subdomains_used` = `subdomains_used` ";
if ($subdomains != '-1') {
$admin_update_query .= " + 0" . (int) $subdomains . " ";
}
if ($result['subdomains'] != '-1') {
$admin_update_query .= " - 0" . (int) $result['subdomains'] . " ";
}
}
if ($ftps != '-1' || $result['ftps'] != '-1') {
$admin_update_query .= ", `ftps_used` = `ftps_used` ";
if ($ftps != '-1') {
$admin_update_query .= " + 0" . (int) $ftps . " ";
}
if ($result['ftps'] != '-1') {
$admin_update_query .= " - 0" . (int) $result['ftps'] . " ";
}
}
if ($tickets != '-1' || $result['tickets'] != '-1') {
$admin_update_query .= ", `tickets_used` = `tickets_used` ";
if ($tickets != '-1') {
$admin_update_query .= " + 0" . (int) $tickets . " ";
}
if ($result['tickets'] != '-1') {
$admin_update_query .= " - 0" . (int) $result['tickets'] . " ";
}
}
if (($diskspace / 1024) != '-1' || ($result['diskspace'] / 1024) != '-1') {
$admin_update_query .= ", `diskspace_used` = `diskspace_used` ";
if (($diskspace / 1024) != '-1') {
$admin_update_query .= " + 0" . (int) $diskspace . " ";
}
if (($result['diskspace'] / 1024) != '-1') {
$admin_update_query .= " - 0" . (int) $result['diskspace'] . " ";
}
}
$admin_update_query .= " WHERE `adminid` = '" . (int) $result['adminid'] . "'";
Database::query($admin_update_query);
$this->logger()->logAction(ADM_ACTION, LOG_INFO, "[API] edited user '" . $result['loginname'] . "'");
/*
* move customer to another admin/reseller; #1166
*/
if ($move_to_admin > 0 && $move_to_admin != $result['adminid']) {
$move_result = moveCustomerToAdmin($id, $move_to_admin);
if ($move_result != true) {
standard_error('moveofcustomerfailed', $move_result, true);
}
}
return $this->response(200, "successfull", $upd_data);
}
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* delete a customer entry by id
*
* @param int $id customer-id
* @param bool $delete_userfiles optional, default false
* @param int $id
* customer-id
* @param bool $delete_userfiles
* optional, default false
*
* @throws Exception
* @return array
@@ -907,7 +1356,8 @@ class Customers extends ApiCommand implements ResourceEntity
/**
* unlock a locked customer by id
*
* @param int $id customer-id
* @param int $id
* customer-id
*
* @throws Exception
* @return array

25
lib/classes/api/commands/class.Domains.php
View File

@@ -1,5 +1,19 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Panel
*
*/
class Domains extends ApiCommand implements ResourceEntity
{
@@ -1525,7 +1539,10 @@ class Domains extends ApiCommand implements ResourceEntity
*
* @param int $id
* domain-id
* @param bool $delete_mainsubdomains optional, remove also domains that are subdomains of this domain but added as main domains; default false
* @param bool $delete_mainsubdomains
* optional, remove also domains that are subdomains of this domain but added as main domains; default false
* @param bool $is_stdsubdomain
* optional, default false, specify whether it's a std-subdomain you are deleting as it does not count as subdomain-resource
*
* @throws Exception
* @return array
@@ -1534,11 +1551,11 @@ class Domains extends ApiCommand implements ResourceEntity
{
if ($this->isAdmin()) {
$id = $this->getParam('id');
$is_stdsubdomain = $this->getParam('is_stdsubdomain', true, 0);
$remove_subbutmain_domains = $this->getParam('delete_mainsubdomains', true, 0);
$json_result = Domains::getLocal($this->getUserData(), array(
'id' => $id,
'no_std_subdomain' => true
'id' => $id
))->get();
$result = json_decode($json_result, true)['data'];
@@ -1595,6 +1612,7 @@ class Domains extends ApiCommand implements ResourceEntity
$deleted_domains = $del_stmt->rowCount();
if ($is_stdsubdomain == 0) {
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
`subdomains_used` = `subdomains_used` - :domaincount
@@ -1611,6 +1629,7 @@ class Domains extends ApiCommand implements ResourceEntity
Database::pexecute($upd_stmt, array(
'adminid' => $this->getUserDetail('adminid')
), true, true);
}
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET

79
lib/classes/api/commands/class.Froxlor.php
View File

@@ -1,19 +1,91 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Panel
*
*/
class Froxlor extends ApiCommand
{
public function checkUpdate()
{
global $version, $branding;
if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
// log our actions
$this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] checking for updates");
// check for new version
define('UPDATE_URI', "https://version.froxlor.org/Froxlor/api/" . $version);
$latestversion = HttpClient::urlGet(UPDATE_URI);
$latestversion = explode('|', $latestversion);
if (is_array($latestversion) && count($latestversion) >= 1) {
$_version = $latestversion[0];
$_message = isset($latestversion[1]) ? $latestversion[1] : '';
$_link = isset($latestversion[2]) ? $latestversion[2] : '';
// add the branding so debian guys are not gettings confused
// about their version-number
$version_label = $_version . $branding;
$version_link = $_link;
$message_addinfo = $_message;
// not numeric -> error-message
if (! preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
// check for customized version to not output
// "There is a newer version of froxlor" besides the error-message
$isnewerversion = - 1;
} elseif (version_compare2($version, $_version) == - 1) {
// there is a newer version - yay
$isnewerversion = 1;
} else {
// nothing new
$isnewerversion = 0;
}
// anzeige über version-status mit ggfls. formular
// zum update schritt #1 -> download
if ($isnewerversion == 1) {
$text = 'There is a newer version available: "' . $_version . '" (Your current version is: ' . $version . ')';
return $this->response(200, "successfull", array(
'message' => $text,
'link' => $version_link,
'additional_info' => $message_addinfo
));
} elseif ($isnewerversion == 0) {
// all good
standard_success('noupdatesavail', '', array(), true);
} else {
standard_error('customized_version', '', true);
}
}
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* returns a list of all available api functions
*
* @param string $module optional, return list of functions for a specific module
* @param string $module
* optional, return list of functions for a specific module
*
* @throws Exception
* @return array
*/
public function listFunctions()
{
$module = $this->getParam('module');
$module = $this->getParam('module', true, '');
$functions = array();
if ($module != null) {
@@ -87,7 +159,7 @@ class Froxlor extends ApiCommand
private function _getParamListFromDoc($module = null, $function = null)
{
try {
// set the module to be in our namespace
// set the module
$cls = new \ReflectionMethod($module, $function);
$comment = $cls->getDocComment();
if ($comment == false) {
@@ -95,6 +167,7 @@ class Froxlor extends ApiCommand
'head' => 'There is no comment-block for "' . $module . '.' . $function . '"'
);
}
$clines = explode("\n", $comment);
$result = array();
$result['params'] = array();

20
lib/classes/api/commands/class.IpsAndPorts.php
View File

@@ -1,5 +1,19 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Panel
*
*/
class IpsAndPorts extends ApiCommand implements ResourceEntity
{
@@ -31,7 +45,8 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity
/**
* return an ip/port entry by id
*
* @param int $id ip-port-id
* @param int $id
* ip-port-id
*
* @throws Exception
* @return array
@@ -331,7 +346,8 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity
/**
* delete an ip/port entry by id
*
* @param int $id ip-port-id
* @param int $id
* ip-port-id
*
* @throws Exception
* @return array

35
lib/functions/output/function.standard_success.php
View File

@@ -20,38 +20,39 @@
/**
* Prints one ore more errormessages on screen
*
* @param array Errormessages
* @param string A %s in the errormessage will be replaced by this string.
* @param
* array Errormessages
* @param
* string A %s in the errormessage will be replaced by this string.
* @author Florian Lippert <flo@syscp.org>
*/
function standard_success($success_message = '', $replacer = '', $params = array())
function standard_success($success_message = '', $replacer = '', $params = array(), $throw_exception = false)
{
global $s, $header, $footer, $lng, $theme;
if(isset($lng['success'][$success_message]))
{
$success_message = strtr($lng['success'][$success_message], array('%s' => htmlentities($replacer)));
if (isset($lng['success'][$success_message])) {
$success_message = strtr($lng['success'][$success_message], array(
'%s' => htmlentities($replacer)
));
}
if(is_array($params) && isset($params['filename']))
{
if ($throw_exception) {
throw new Exception(strip_tags($success_message), 200);
}
if (is_array($params) && isset($params['filename'])) {
$redirect_url = $params['filename'] . '?s=' . $s;
unset($params['filename']);
foreach($params as $varname => $value)
{
if($value != '')
{
foreach ($params as $varname => $value) {
if ($value != '') {
$redirect_url .= '&amp;' . $varname . '=' . $value;
}
}
}
else
{
} else {
$redirect_url = '';
}
eval("echo \"" . getTemplate('misc/success', '1') . "\";");
exit;
exit();
}