diff --git a/admin_customers.php b/admin_customers.php
index 075b9365..39468b91 100644
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -18,28 +18,18 @@
*/
define('AREA', 'admin');
-
-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-$need_root_db_sql_data = true;
require ("./lib/init.php");
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
$id = intval($_GET['id']);
}
-if($page == 'customers'
- && $userinfo['customers'] != '0')
-{
- if($action == '')
- {
+if ($page == 'customers'
+ && $userinfo['customers'] != '0'
+) {
+ if ($action == '') {
// clear request data
unset($_SESSION['requestData']);
@@ -63,8 +53,19 @@ if($page == 'customers'
$paging = new paging($userinfo, $db, TABLE_PANEL_CUSTOMERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
$customers = '';
- $result = $db->query("SELECT `c`.*, `a`.`loginname` AS `adminname` " . "FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a` " . "WHERE " . ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = '" . (int)$userinfo['adminid'] . "' AND ") . "`c`.`adminid`=`a`.`adminid` " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy($settings['panel']['natsorting']) . " " . $paging->getSqlLimit());
- $paging->setEntries($db->num_rows($result));
+ $result_stmt = Database::prepare("
+ SELECT `c`.*, `a`.`loginname` AS `adminname`
+ FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a`
+ WHERE " .
+ ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = :adminid AND ") . "
+ `c`.`adminid` = `a`.`adminid` " .
+ $paging->getSqlWhere(true) . " " .
+ $paging->getSqlOrderBy($settings['panel']['natsorting']) . " " .
+ $paging->getSqlLimit()
+ );
+ Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid']));
+ $num_rows = Database::num_rows();
+ $paging->setEntries($num_rows);
$sortcode = $paging->getHtmlSortCode($lng, true);
$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
$searchcode = $paging->getHtmlSearchCode($lng);
@@ -72,11 +73,19 @@ if($page == 'customers'
$i = 0;
$count = 0;
- while($row = $db->fetch_array($result))
- {
- if($paging->checkDisplay($i))
- {
- $domains = $db->query_first("SELECT COUNT(`id`) AS `domains` " . "FROM `" . TABLE_PANEL_DOMAINS . "` " . "WHERE `customerid`='" . (int)$row['customerid'] . "' AND `parentdomainid`='0' AND `id`<> '" . (int)$row['standardsubdomain'] . "'");
+ while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+ if ($paging->checkDisplay($i)) {
+
+ $domains_stmt = Database::prepare("
+ SELECT COUNT(`id`) AS `domains`
+ FROM `" . TABLE_PANEL_DOMAINS . "`
+ WHERE `customerid` = :cid
+ AND `parentdomainid` = '0'
+ AND `id`<> :stdd"
+ );
+ Database::pexecute($domains_stmt, array('cid' => $row['customerid'], 'stdd' => $row['standardsubdomain']));
+ $domains = $domains_stmt->fetch(PDO::FETCH_ASSOC);
$row['domains'] = intval($domains['domains']);
$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
@@ -105,7 +114,7 @@ if($page == 'customers'
}
$islocked = 0;
- if($row['loginfail_count'] >= $settings['login']['maxloginattempts']
+ if ($row['loginfail_count'] >= $settings['login']['maxloginattempts']
&& $row['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])
) {
$islocked = 1;
@@ -120,196 +129,253 @@ if($page == 'customers'
$i++;
}
- $customercount = $db->num_rows($result);
+ $customercount = $num_rows;
eval("echo \"" . getTemplate("customers/customers") . "\";");
- }
- elseif($action == 'su'
- && $id != 0)
- {
- $result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$id . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' "));
+
+ } elseif($action == 'su'
+ && $id != 0
+ ) {
+ $result_stmt = Database::prepare("
+ SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`
+ WHERE `customerid` = :id" .
+ ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")
+ );
+ Database::pexecute($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
+ $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
$destination_user = $result['loginname'];
- if($destination_user != '')
- {
+ if ($destination_user != '') {
+
if ($result['deactivated'] == '1') {
standard_error("usercurrentlydeactivated", $destination_user);
}
- $result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid`='" . (int)$userinfo['userid'] . "' AND `hash`='" . $db->escape($s) . "'");
+ $result_stmt = Database::prepare("
+ SELECT * FROM `" . TABLE_PANEL_SESSIONS . "`
+ WHERE `userid` = :id
+ AND `hash` = :hash"
+ );
+ Database::pexecute($result_stmt, array('id' => $userinfo['userid'], 'hash' => $s));
+ $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$s = md5(uniqid(microtime(), 1));
- $db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`) VALUES ('" . $db->escape($s) . "', '" . (int)$id . "', '" . $db->escape($result['ipaddress']) . "', '" . $db->escape($result['useragent']) . "', '" . time() . "', '" . $db->escape($result['language']) . "', '0')");
- $log->logAction(ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'");
- redirectTo('customer_index.php', Array('s' => $s), true);
- }
- else
- {
- redirectTo('index.php', Array('action' => 'login'));
- }
- }
- elseif($action == 'unlock'
- && $id != 0)
- {
- $result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$id . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . $db->escape($userinfo['adminid']) . "' "));
-
- if($result['loginname'] != '')
- {
- if(isset($_POST['send'])
- && $_POST['send'] == 'send')
- {
- $result = $db->query("UPDATE
- `" . TABLE_PANEL_CUSTOMERS . "`
- SET
- `loginfail_count` = '0'
- WHERE
- `customerid`= '" . (int)$id . "'"
+ $insert = Database::prepare("
+ INSERT INTO `" . TABLE_PANEL_SESSIONS . "` SET
+ `hash` = :hash,
+ `userid` = :id,
+ `ipaddress` = :ip,
+ `useragent` = :ua,
+ `lastactivity` = :lastact,
+ `language` = :lang,
+ `adminsession` = '0'"
);
- redirectTo($filename, Array('page' => $page, 's' => $s));
- }
- else
- {
+ Database::pexecute($stmt, array(
+ 'hash' => $s,
+ 'id' => $id,
+ 'ip' => $result['ipaddress'],
+ 'ua' => $result['useragent'],
+ 'lastact' => time(),
+ 'lang' => $result['language']
+ ));
+ $log->logAction(ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'");
+ redirectTo('customer_index.php', array('s' => $s), true);
+
+ } else {
+ redirectTo('index.php', array('action' => 'login'));
+ }
+
+ } elseif($action == 'unlock'
+ && $id != 0
+ ) {
+ $result_stmt = Database::prepare("
+ SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`
+ WHERE `customerid` = :id" .
+ ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")
+ );
+ Database::pexecute($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
+ $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
+ if ($result['loginname'] != '') {
+
+ if (isset($_POST['send'])
+ && $_POST['send'] == 'send'
+ ) {
+ $result_stmt = Database::prepare("
+ UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
+ `loginfail_count` = '0'
+ WHERE `customerid`= :id"
+ );
+ Database::pexecute($result_stmt, array('id' => $id));
+ redirectTo($filename, array('page' => $page, 's' => $s));
+
+ } else {
ask_yesno('customer_reallyunlock', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['loginname']);
}
}
- }
- elseif($action == 'delete'
- && $id != 0)
- {
- $result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$id . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . $db->escape($userinfo['adminid']) . "' "));
- if($result['loginname'] != '')
- {
- if(isset($_POST['send'])
- && $_POST['send'] == 'send')
- {
- $databases = $db->query("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid='" . (int)$id . "' ORDER BY `dbserver`");
- $db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
+ } elseif ($action == 'delete'
+ && $id != 0
+ ) {
+ $result_stmt = Database::prepare("
+ SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`
+ WHERE `customerid` = :id" .
+ ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")
+ );
+ Database::pexecute($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
+ $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
+ if ($result['loginname'] != '') {
+
+ if (isset($_POST['send'])
+ && $_POST['send'] == 'send'
+ ) {
+ $databases_stmt = Database::prepare("
+ SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
+ WHERE `customerid` = :id ORDER BY `dbserver`"
+ );
+ Database::pexecute($databases_stmt, array('id' => $id));
+ Database::needRoot(true);
$last_dbserver = 0;
- while($row_database = $db->fetch_array($databases))
- {
- if($last_dbserver != $row_database['dbserver'])
- {
- $db_root->query('FLUSH PRIVILEGES;');
- $db_root->close();
- $db_root = new db($sql_root[$row_database['dbserver']]['host'], $sql_root[$row_database['dbserver']]['user'], $sql_root[$row_database['dbserver']]['password'], '');
+ while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+ if ($last_dbserver != $row_database['dbserver']) {
+ Database::needRoot(true, $row_database['dbserver']);
+ Database::query('FLUSH PRIVILEGES;');
$last_dbserver = $row_database['dbserver'];
}
- if(mysql_get_server_info() < '5.0.2') {
+ if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
- $db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($row_database['databasename']) .'\'',false,true);
+ $stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
+ Database::pexecute($stmt, array(), false);
}
- $host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($row_database['databasename']) . "'");
- while($host = $db_root->fetch_array($host_res))
- {
+ $host_res_stmt = Database::prepare("
+ SELECT `Host` FROM `mysql`.`user`
+ WHERE `User` = :dbname"
+ );
+ Database::pexecute($host_res_stmt, array('dbname' => $row_database['databasename']));
+ while ($host = $host_res_stmt->fetch(PDO::FETCH_ASSOC)) {
// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
- $db_root->query('DROP USER \'' . $db_root->escape($row_database['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
-
+ $drop_stmt = Database::prepare("DROP USER :dbname@:host");
+ Database::pexecute($drop_stmt, array(':dbname' => $row_database['databasename'], ':host' => $host['Host']), false);
}
- $db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($row_database['databasename']) . '`');
+ $drop_stmt = Database::prepare("DROP DATABASE IF EXISTS `".$row_database['databasename']."`");
+ Database::pexecute($drop_stmt);
}
- $db_root->query('FLUSH PRIVILEGES;');
- $db_root->close();
- $db->query("DELETE FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$id . "'");
- $db->query("DELETE FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid`='" . (int)$id . "'");
- $db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$id . "'");
- $domains_deleted = $db->affected_rows();
- $db->query("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$id . "'");
- $db->query("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$id . "'");
- $db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid`='" . (int)$id . "' AND `adminsession` = '0'");
- $db->query("DELETE FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid`='" . (int)$id . "'");
- $db->query("DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid`='" . (int)$id . "'");
- $db->query("DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$id . "'");
- $result2 = $db->query("SELECT `username` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$id . "'");
- while($row = $db->fetch_array($result2))
- {
- $db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name`='" . $row['username'] . "'");
+ Database::query('FLUSH PRIVILEGES;');
+ Database::needRoot(false);
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $domains_deleted = $stmt->rowCount();
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `customerid` = :id AND `adminsession` = '0'");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $result2_stmt = Database::prepare("SELECT `username` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid` = :id");
+ Database::pexecute($result2_stmt, array('id' => $id));
+ while ($row = $result2_stmt->fetch(PDO::FETCH_ASSOC)) {
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = :name");
+ Database::pexecute($stmt, array('name' => $row['username']));
}
- $db->query("DELETE FROM `" . TABLE_FTP_GROUPS . "` WHERE `customerid`='" . (int)$id . "'");
- $db->query("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$id . "'");
- $db->query("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid`='" . (int)$id . "'");
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_GROUPS . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
+ $stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = :id");
+ Database::pexecute($stmt, array('id' => $id));
// Delete all waiting "create user" -tasks for this user, #276
// Note: the WHERE selects part of a serialized array, but it should be safe this way
- $db->query("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '2' AND `data` LIKE '%:\"" . $db->escape($result['loginname']) . "\";%';");
+ $del_stmt = Database::prepare("
+ DELETE FROM `" . TABLE_PANEL_TASKS . "`
+ WHERE `type` = '2' AND `data` LIKE :loginname"
+ );
+ Database::pexecute($del_stmt, array(':loginname' => "%:{$result['loginname']};%"));
// remove everything APS-related, #216
- $apsresult = $db->query("SELECT `ID` FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID`='".(int)$id."'");
- while($apsrow = $db->fetch_array($apsresult))
- {
+ $apsresult_stmt = Database::prepare("SELECT `ID` FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id");
+ Database::pexecute($apsresult_stmt, array('id' => $id));
+
+ while ($apsrow = $apsresult_stmt->fetch(PDO::FETCH_ASSOC)) {
// remove all package related settings
- $db->query("DELETE FROM `".TABLE_APS_SETTINGS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'");
+ $del_stmt = Database::prepare("DELETE FROM `".TABLE_APS_SETTINGS."` WHERE `InstanceID` = :iid");
+ Database::pexecute($del_stmt, array('iid' => $apsrow['ID']));
// maybe some leftovers in the tasks
- $db->query("DELETE FROM `".TABLE_APS_TASKS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'");
+ $del_stmt = Database::prepare("DELETE FROM `".TABLE_APS_TASKS."` WHERE `InstanceID` = :iid");
+ Database::pexecute($del_stmt, array('iid' => $apsrow['ID']));
}
// now remove all user instances
- $db->query("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID`='".(int)$id."'");
+ $stmt = Database::prepare("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id'");
+ Database::pexecute($stmt, array('id' => $id));
// eventually some temp-setting-leftovers
- $db->query("DELETE FROM `".TABLE_APS_TEMP_SETTINGS."` WHERE `CustomerID`='".(int)$id."'");
+ $stmt = Database::prepare("DELETE FROM `".TABLE_APS_TEMP_SETTINGS."` WHERE `CustomerID` = :id");
+ Database::pexecute($stmt, array('id' => $id));
// eof APS-related removings, #216
$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` - 1 ";
$admin_update_query.= ", `domains_used` = `domains_used` - 0" . (int)($domains_deleted - $result['subdomains_used']);
- if($result['mysqls'] != '-1')
- {
+ if ($result['mysqls'] != '-1') {
$admin_update_query.= ", `mysqls_used` = `mysqls_used` - 0" . (int)$result['mysqls'];
}
- if($result['emails'] != '-1')
- {
+ if ($result['emails'] != '-1') {
$admin_update_query.= ", `emails_used` = `emails_used` - 0" . (int)$result['emails'];
}
- if($result['email_accounts'] != '-1')
- {
+ if ($result['email_accounts'] != '-1') {
$admin_update_query.= ", `email_accounts_used` = `email_accounts_used` - 0" . (int)$result['email_accounts'];
}
- if($result['email_forwarders'] != '-1')
- {
+ if ($result['email_forwarders'] != '-1') {
$admin_update_query.= ", `email_forwarders_used` = `email_forwarders_used` - 0" . (int)$result['email_forwarders'];
}
- if($result['email_quota'] != '-1')
- {
+ if ($result['email_quota'] != '-1') {
$admin_update_query.= ", `email_quota_used` = `email_quota_used` - 0" . (int)$result['email_quota'];
}
- if($result['email_autoresponder'] != '-1')
- {
+ if ($result['email_autoresponder'] != '-1') {
$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` - 0" . (int)$result['email_autoresponder'];
}
- if($result['subdomains'] != '-1')
- {
+ if ($result['subdomains'] != '-1') {
$admin_update_query.= ", `subdomains_used` = `subdomains_used` - 0" . (int)$result['subdomains'];
}
- if($result['ftps'] != '-1')
- {
+ if ($result['ftps'] != '-1') {
$admin_update_query.= ", `ftps_used` = `ftps_used` - 0" . (int)$result['ftps'];
}
- if($result['tickets'] != '-1')
- {
+ if ($result['tickets'] != '-1') {
$admin_update_query.= ", `tickets_used` = `tickets_used` - 0" . (int)$result['tickets'];
}
- if($result['aps_packages'] != '-1')
- {
+ if ($result['aps_packages'] != '-1') {
$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` - 0" . (int)$result['aps_packages'];
}
- if(($result['diskspace'] / 1024) != '-1')
- {
+ if (($result['diskspace'] / 1024) != '-1') {
$admin_update_query.= ", `diskspace_used` = `diskspace_used` - 0" . (int)$result['diskspace'];
}
$admin_update_query.= " WHERE `adminid` = '" . (int)$result['adminid'] . "'";
- $db->query($admin_update_query);
+ Database::query($admin_update_query);
$log->logAction(ADM_ACTION, LOG_INFO, "deleted user '" . $result['loginname'] . "'");
inserttask('1');
@@ -328,13 +394,11 @@ if($page == 'customers'
/*
* move old tickets to archive
*/
- $tickets = ticket::customerHasTickets($db, $id);
- if($tickets !== false && isset($tickets[0]))
- {
- foreach($tickets as $ticket)
- {
+ $tickets = ticket::customerHasTickets($id);
+ if ($tickets !== false && isset($tickets[0])) {
+ foreach ($tickets as $ticket) {
$now = time();
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$ticket);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$ticket);
$mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '3', true, true);
@@ -343,23 +407,21 @@ if($page == 'customers'
$log->logAction(ADM_ACTION, LOG_NOTICE, "archived ticket '" . $mainticket->Get('subject') . "'");
}
}
+ redirectTo($filename, array('page' => $page, 's' => $s));
- redirectTo($filename, Array('page' => $page, 's' => $s));
- }
- else
- {
+ } else {
ask_yesno_withcheckbox('admin_customer_reallydelete', 'admin_customer_alsoremovefiles', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['loginname']);
}
}
- }
- elseif($action == 'add')
- {
- if($userinfo['customers_used'] < $userinfo['customers']
- || $userinfo['customers'] == '-1')
- {
- if(isset($_POST['send'])
- && $_POST['send'] == 'send')
- {
+
+ } elseif($action == 'add') {
+
+ if ($userinfo['customers_used'] < $userinfo['customers']
+ || $userinfo['customers'] == '-1'
+ ) {
+ if (isset($_POST['send'])
+ && $_POST['send'] == 'send'
+ ) {
$name = validate($_POST['name'], 'name');
$firstname = validate($_POST['firstname'], 'first name');
$company = validate($_POST['company'], 'company');
@@ -371,140 +433,113 @@ if($page == 'customers'
$email = $idna_convert->encode(validate($_POST['email'], 'email'));
$customernumber = validate($_POST['customernumber'], 'customer number', '/^[A-Za-z0-9 \-]*$/Di');
$def_language = validate($_POST['def_language'], 'default language');
- $diskspace = intval_ressource($_POST['diskspace']);
$gender = intval_ressource($_POST['gender']);
- if(isset($_POST['diskspace_ul']))
- {
+ $diskspace = intval_ressource($_POST['diskspace']);
+ if (isset($_POST['diskspace_ul'])) {
$diskspace = - 1;
}
$traffic = doubleval_ressource($_POST['traffic']);
-
- if(isset($_POST['traffic_ul']))
- {
+ if (isset($_POST['traffic_ul'])) {
$traffic = - 1;
}
$subdomains = intval_ressource($_POST['subdomains']);
-
- if(isset($_POST['subdomains_ul']))
- {
+ if (isset($_POST['subdomains_ul'])) {
$subdomains = - 1;
}
$emails = intval_ressource($_POST['emails']);
-
- if(isset($_POST['emails_ul']))
- {
+ if (isset($_POST['emails_ul'])) {
$emails = - 1;
}
$email_accounts = intval_ressource($_POST['email_accounts']);
-
- if(isset($_POST['email_accounts_ul']))
- {
+ if (isset($_POST['email_accounts_ul'])) {
$email_accounts = - 1;
}
$email_forwarders = intval_ressource($_POST['email_forwarders']);
-
- if(isset($_POST['email_forwarders_ul']))
- {
+ if (isset($_POST['email_forwarders_ul'])) {
$email_forwarders = - 1;
}
- if($settings['system']['mail_quota_enabled'] == '1')
- {
+ if ($settings['system']['mail_quota_enabled'] == '1') {
$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
-
- if(isset($_POST['email_quota_ul']))
- {
+ if (isset($_POST['email_quota_ul'])) {
$email_quota = - 1;
}
- }
- else
- {
+ } else {
$email_quota = - 1;
}
- if($settings['autoresponder']['autoresponder_active'] == '1')
- {
+ if ($settings['autoresponder']['autoresponder_active'] == '1') {
$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-
- if(isset($_POST['email_autoresponder_ul']))
- {
+ if (isset($_POST['email_autoresponder_ul'])) {
$email_autoresponder = - 1;
}
- }
- else
- {
+ } else {
$email_autoresponder = 0;
}
$email_imap = 0;
- if(isset($_POST['email_imap']))
+ if (isset($_POST['email_imap'])) {
$email_imap = intval_ressource($_POST['email_imap']);
+ }
$email_pop3 = 0;
- if(isset($_POST['email_pop3']))
+ if (isset($_POST['email_pop3'])) {
$email_pop3 = intval_ressource($_POST['email_pop3']);
+ }
$ftps = 0;
- if(isset($_POST['ftps']))
+ if (isset($_POST['ftps'])) {
$ftps = intval_ressource($_POST['ftps']);
-
- if(isset($_POST['ftps_ul']))
- {
+ }
+ if (isset($_POST['ftps_ul'])) {
$ftps = - 1;
}
$tickets = ($settings['ticket']['enabled'] == 1 ? intval_ressource($_POST['tickets']) : 0);
-
- if(isset($_POST['tickets_ul'])
- && $settings['ticket']['enabled'] == '1')
- {
+ if (isset($_POST['tickets_ul'])
+ && $settings['ticket']['enabled'] == '1'
+ ) {
$tickets = - 1;
}
$mysqls = intval_ressource($_POST['mysqls']);
-
- if(isset($_POST['mysqls_ul']))
- {
+ if (isset($_POST['mysqls_ul'])) {
$mysqls = - 1;
}
- if($settings['aps']['aps_active'] == '1')
- {
+ if ($settings['aps']['aps_active'] == '1') {
$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-
- if(isset($_POST['number_of_aps_packages_ul']))
- {
+ if (isset($_POST['number_of_aps_packages_ul'])) {
$number_of_aps_packages = - 1;
}
- }
- else
- {
+ } else {
$number_of_aps_packages = 0;
}
$createstdsubdomain = 0;
- if(isset($_POST['createstdsubdomain']))
+ if(isset($_POST['createstdsubdomain'])) {
$createstdsubdomain = intval($_POST['createstdsubdomain']);
+ }
+
$password = validate($_POST['new_customer_password'], 'password');
// only check if not empty,
// cause empty == generate password automatically
- if($password != '')
- {
+ if ($password != '') {
$password = validatePassword($password);
}
$backup_allowed = 0;
- if(isset($_POST['backup_allowed']))
+ if (isset($_POST['backup_allowed'])) {
$backup_allowed = intval($_POST['backup_allowed']);
+ }
- if ($backup_allowed != 0)
- {
+ if ($backup_allowed != 0) {
$backup_allowed = 1;
}
@@ -514,25 +549,29 @@ if($page == 'customers'
}
$sendpassword = 0;
- if(isset($_POST['sendpassword']))
+ if (isset($_POST['sendpassword'])) {
$sendpassword = intval($_POST['sendpassword']);
+ }
$phpenabled = 0;
- if(isset($_POST['phpenabled']))
+ if (isset($_POST['phpenabled'])) {
$phpenabled = intval($_POST['phpenabled']);
+ }
$perlenabled = 0;
- if(isset($_POST['perlenabled']))
+ if (isset($_POST['perlenabled'])) {
$perlenabled = intval($_POST['perlenabled']);
+ }
$store_defaultindex = 0;
- if(isset($_POST['store_defaultindex']))
+ if (isset($_POST['store_defaultindex'])) {
$store_defaultindex = intval($_POST['store_defaultindex']);
+ }
$diskspace = $diskspace * 1024;
$traffic = $traffic * 1024 * 1024;
- if(((($userinfo['diskspace_used'] + $diskspace) > $userinfo['diskspace']) && ($userinfo['diskspace'] / 1024) != '-1')
+ if (((($userinfo['diskspace_used'] + $diskspace) > $userinfo['diskspace']) && ($userinfo['diskspace'] / 1024) != '-1')
|| ((($userinfo['mysqls_used'] + $mysqls) > $userinfo['mysqls']) && $userinfo['mysqls'] != '-1')
|| ((($userinfo['emails_used'] + $emails) > $userinfo['emails']) && $userinfo['emails'] != '-1')
|| ((($userinfo['email_accounts_used'] + $email_accounts) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
@@ -553,209 +592,246 @@ if($page == 'customers'
|| ($ftps == '-1' && $userinfo['ftps'] != '-1')
|| ($tickets == '-1' && $userinfo['tickets'] != '-1')
|| ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
- || ($number_of_aps_packages == '-1' && $userinfo['aps_packages'] != '-1'))
- {
+ || ($number_of_aps_packages == '-1' && $userinfo['aps_packages'] != '-1')
+ ) {
standard_error('youcantallocatemorethanyouhave');
exit;
}
// Either $name and $firstname or the $company must be inserted
-
- if($name == ''
- && $company == '')
- {
+ if ($name == '' && $company == '') {
standard_error(array('stringisempty', 'myname'));
- }
- elseif($firstname == ''
- && $company == '')
- {
+
+ } elseif($firstname == '' && $company == '') {
standard_error(array('stringisempty', 'myfirstname'));
- }
- elseif($email == '')
- {
+
+ } elseif($email == '') {
standard_error(array('stringisempty', 'emailadd'));
- }
- elseif(!validateEmail($email))
- {
+
+ } elseif(!validateEmail($email)) {
standard_error('emailiswrong', $email);
- }
- else
- {
- if(isset($_POST['new_loginname'])
- && $_POST['new_loginname'] != '')
- {
+
+ } else {
+
+ if (isset($_POST['new_loginname'])
+ && $_POST['new_loginname'] != ''
+ ) {
$accountnumber = intval($settings['system']['lastaccountnumber']);
$loginname = validate($_POST['new_loginname'], 'loginname', '/^[a-z0-9\-_]+$/i');
// Accounts which match systemaccounts are not allowed, filtering them
+ if (preg_match('/^' . preg_quote($settings['customer']['accountprefix'], '/') . '([0-9]+)/', $loginname)) {
+ standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+ }
- if(preg_match('/^' . preg_quote($settings['customer']['accountprefix'], '/') . '([0-9]+)/', $loginname))
- {
+ // Additional filtering for Bug #962
+ if (function_exists('posix_getpwnam')
+ && !in_array("posix_getpwnam", explode(",", ini_get('disable_functions')))
+ && posix_getpwnam($loginname)
+ ) {
standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
}
-
- //Additional filtering for Bug #962
- if(function_exists('posix_getpwnam') && !in_array("posix_getpwnam",explode(",",ini_get('disable_functions'))) && posix_getpwnam($loginname)) {
- standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
- }
- }
- else
- {
+
+ } else {
$accountnumber = intval($settings['system']['lastaccountnumber']) + 1;
$loginname = $settings['customer']['accountprefix'] . $accountnumber;
}
// Check if the account already exists
+ $loginname_check_stmt = Database::prepare("
+ SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = :loginname"
+ );
+ Database::pexecute($loginname_check_stmt, array('loginname' => $loginname));
+ $loginname_check = $loginname_check_stmt->fetch(PDO::FETCH_ASSOC);
- $loginname_check = $db->query_first("SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = '" . $db->escape($loginname) . "'");
- $loginname_check_admin = $db->query_first("SELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = '" . $db->escape($loginname) . "'");
+ $loginname_check_admin_stmt = Database::prepare("
+ SELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = :loginname"
+ );
+ Database::pexecute($loginname_check_admin_stmt, array('loginname' => $loginname));
+ $loginname_check_admin = $loginname_check_admin_stmt->fetch(PDO::FETCH_ASSOC);
- if(strtolower($loginname_check['loginname']) == strtolower($loginname)
- || strtolower($loginname_check_admin['loginname']) == strtolower($loginname))
- {
+ if (strtolower($loginname_check['loginname']) == strtolower($loginname)
+ || strtolower($loginname_check_admin['loginname']) == strtolower($loginname)
+ ) {
standard_error('loginnameexists', $loginname);
- }
- elseif(!validateUsername($loginname, $settings['panel']['unix_names'], 14 - strlen($settings['customer']['mysqlprefix'])))
- {
+
+ } elseif (!validateUsername($loginname, $settings['panel']['unix_names'], 14 - strlen($settings['customer']['mysqlprefix']))) {
standard_error('loginnameiswrong', $loginname);
}
$guid = intval($settings['system']['lastguid']) + 1;
$documentroot = makeCorrectDir($settings['system']['documentroot_prefix'] . '/' . $loginname);
- if(file_exists($documentroot))
- {
+ if (file_exists($documentroot)) {
standard_error('documentrootexists', $documentroot);
}
- if($createstdsubdomain != '1')
- {
+ if ($createstdsubdomain != '1') {
$createstdsubdomain = '0';
}
- if($phpenabled != '0')
- {
+ if ($phpenabled != '0') {
$phpenabled = '1';
}
- if($perlenabled != '0')
- {
+ if ($perlenabled != '0') {
$perlenabled = '1';
}
- if($password == '')
- {
+ if ($password == '') {
$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
}
$_theme = $settings['panel']['default_theme'];
- $result = $db->query(
- "INSERT INTO `" . TABLE_PANEL_CUSTOMERS . "` SET
- `adminid` = '" . (int)$userinfo['adminid'] . "',
- `loginname` = '" . $db->escape($loginname) . "',
- `password` = '" . md5($password) . "',
- `name` = '" . $db->escape($name) . "',
- `firstname` = '" . $db->escape($firstname) . "',
- `gender` = '" . (int)$gender . "',
- `company` = '" . $db->escape($company) . "',
- `street` = '" . $db->escape($street) . "',
- `zipcode` = '" . $db->escape($zipcode) . "',
- `city` = '" . $db->escape($city) . "',
- `phone` = '" . $db->escape($phone) . "',
- `fax` = '" . $db->escape($fax) . "',
- `email` = '" . $db->escape($email) . "',
- `customernumber` = '" . $db->escape($customernumber) . "',
- `def_language` = '" . $db->escape($def_language) . "',
- `documentroot` = '" . $db->escape($documentroot) . "',
- `guid` = '" . $db->escape($guid) . "',
- `diskspace` = '" . $db->escape($diskspace) . "',
- `traffic` = '" . $db->escape($traffic) . "',
- `subdomains` = '" . $db->escape($subdomains) . "',
- `emails` = '" . $db->escape($emails) . "',
- `email_accounts` = '" . $db->escape($email_accounts) . "',
- `email_forwarders` = '" . $db->escape($email_forwarders) . "',
- `email_quota` = '" . $db->escape($email_quota) . "',
- `ftps` = '" . $db->escape($ftps) . "',
- `tickets` = '" . $db->escape($tickets) . "',
- `mysqls` = '" . $db->escape($mysqls) . "',
- `standardsubdomain` = '0',
- `phpenabled` = '" . $db->escape($phpenabled) . "',
- `imap` = '" . $db->escape($email_imap) . "',
- `pop3` = '" . $db->escape($email_pop3) . "',
- `aps_packages` = '" . (int)$number_of_aps_packages . "',
- `perlenabled` = '" . $db->escape($perlenabled) . "',
- `email_autoresponder` = '" . $db->escape($email_autoresponder) . "',
- `backup_allowed` = '" . $db->escape($backup_allowed) . "',
- `theme` = '" . $db->escape($_theme) . "'"
+ $ins_data = array(
+ 'adminid' => $userinfo['adminid'],
+ 'loginname' => $loginname,
+ 'passwd' => md5($password),
+ 'name' => $name,
+ 'firstname' => $firstname,
+ 'gender' => $gender,
+ 'company' => $company,
+ 'street' => $street,
+ 'zipcode' => $zipcode,
+ 'city' => $city,
+ 'phone' => $phone,
+ 'fax' => $fax,
+ 'email' => $email,
+ 'customerno' => $customernumber,
+ 'lang' => $def_language,
+ 'docroot' => $documentroot,
+ 'guid' => $guid,
+ 'diskspace' => $diskspace,
+ 'traffic' => $traffic,
+ 'subdomains' => $subdomains,
+ 'emails' => $emails,
+ 'email_accounts' => $email_accounts,
+ 'email_forwarders' => $email_forwarders,
+ 'email_quota' => $email_quota,
+ 'ftps' => $ftps,
+ 'tickets' => $tickets,
+ 'mysqls' => $mysqls,
+ 'phpenabled' => $phpenabled,
+ 'imap' => $email_imap,
+ 'pop3' => $email_pop3,
+ 'aps' => $number_of_aps_packages,
+ 'perlenabled' => $perlenabled,
+ 'email_autoresponder' => $email_autoresponder,
+ 'backup_allowed' => $backup_allowed,
+ 'theme' => $theme
);
- $customerid = $db->insert_id();
+
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_PANEL_CUSTOMERS . "` SET
+ `adminid` = :adminid,
+ `loginname` = :loginname,
+ `password` = :passwd,
+ `name` = :name,
+ `firstname` = :firstname,
+ `gender` = :gender,
+ `company` = :company,
+ `street` = :street,
+ `zipcode` = :zipcode,
+ `city` = :city,
+ `phone` = :phone,
+ `fax` = :fax,
+ `email` = :email,
+ `customernumber` = :customerno,
+ `def_language` = :lang,
+ `documentroot` = :docroot,
+ `guid` = :guid,
+ `diskspace` = :diskspace,
+ `traffic` = :traffic,
+ `subdomains` = :subdomains,
+ `emails` = :emails,
+ `email_accounts` = :email_accounts,
+ `email_forwarders` = :email_forwarders,
+ `email_quota` = :email_quota,
+ `ftps` = :ftps,
+ `tickets` = :tickets,
+ `mysqls` = :mysqls,
+ `standardsubdomain` = '0',
+ `phpenabled` = :phpenabled,
+ `imap` = :imap,
+ `pop3` = :pop3,
+ `aps_packages` = :aps,
+ `perlenabled` = :perlenabled,
+ `email_autoresponder` = :email_autoresponder,
+ `backup_allowed` = :backup_allowed,
+ `theme` = :theme"
+ );
+ Database::pexecute($ins_stmt, $ins_data);
+
+ $customerid = Database::lastInsertId();
+
$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` + 1";
- if($mysqls != '-1')
- {
+ if ($mysqls != '-1') {
$admin_update_query.= ", `mysqls_used` = `mysqls_used` + 0" . (int)$mysqls;
}
- if($emails != '-1')
- {
+ if ($emails != '-1') {
$admin_update_query.= ", `emails_used` = `emails_used` + 0" . (int)$emails;
}
- if($email_accounts != '-1')
- {
+ if ($email_accounts != '-1') {
$admin_update_query.= ", `email_accounts_used` = `email_accounts_used` + 0" . (int)$email_accounts;
}
- if($email_forwarders != '-1')
- {
+ if ($email_forwarders != '-1') {
$admin_update_query.= ", `email_forwarders_used` = `email_forwarders_used` + 0" . (int)$email_forwarders;
}
- if($email_quota != '-1')
- {
+ if ($email_quota != '-1') {
$admin_update_query.= ", `email_quota_used` = `email_quota_used` + 0" . (int)$email_quota;
}
- if($email_autoresponder != '-1'
- && $settings['autoresponder']['autoresponder_active'] == 1)
- {
+ if ($email_autoresponder != '-1'
+ && $settings['autoresponder']['autoresponder_active'] == 1
+ ) {
$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` + 0" . (int)$email_autoresponder;
}
- if($subdomains != '-1')
- {
+ if ($subdomains != '-1') {
$admin_update_query.= ", `subdomains_used` = `subdomains_used` + 0" . (int)$subdomains;
}
- if($ftps != '-1')
- {
+ if ($ftps != '-1') {
$admin_update_query.= ", `ftps_used` = `ftps_used` + 0" . (int)$ftps;
}
- if($tickets != '-1'
- && $settings['ticket']['enabled'] == 1)
- {
+ if ($tickets != '-1'
+ && $settings['ticket']['enabled'] == 1
+ ) {
$admin_update_query.= ", `tickets_used` = `tickets_used` + 0" . (int)$tickets;
}
- if(($diskspace / 1024) != '-1')
- {
+ if (($diskspace / 1024) != '-1') {
$admin_update_query.= ", `diskspace_used` = `diskspace_used` + 0" . (int)$diskspace;
}
- if($number_of_aps_packages != '-1')
- {
+ if ($number_of_aps_packages != '-1') {
$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` + 0" . (int)$number_of_aps_packages;
}
$admin_update_query.= " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "'";
- $db->query($admin_update_query);
- $db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` " . "SET `value`='" . $db->escape($guid) . "' " . "WHERE `settinggroup`='system' AND `varname`='lastguid'");
+ Database::query($admin_update_query);
- if($accountnumber != intval($settings['system']['lastaccountnumber']))
- {
- $db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` " . "SET `value`='" . $db->escape($accountnumber) . "' " . "WHERE `settinggroup`='system' AND `varname`='lastaccountnumber'");
+ $upd_stmt = Database::prepare("
+ UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
+ `value` = :guid
+ WHERE `settinggroup` = 'system' AND `varname` = 'lastguid'"
+ );
+ Database::pexecute($upd_stmt, array('guid' => $guid));
+
+ if ($accountnumber != intval($settings['system']['lastaccountnumber'])) {
+ $upd_stmt = Database::prepare("
+ UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
+ `value` = :accno
+ WHERE `settinggroup` = 'system' AND `varname` = 'lastaccountnumber'"
+ );
+ Database::pexecute($upd_stmt, array('accno' => $accountnumber));
}
$log->logAction(ADM_ACTION, LOG_INFO, "added user '" . $loginname . "'");
@@ -765,73 +841,120 @@ if($page == 'customers'
inserttask('10');
// Add htpasswd for the webalizer stats
- if(CRYPT_STD_DES == 1)
- {
+ if (CRYPT_STD_DES == 1) {
$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
$htpasswdPassword = crypt($password, $saltfordescrypt);
- }
- else
- {
+ } else {
$htpasswdPassword = crypt($password);
}
- if($settings['system']['awstats_enabled'] == '1')
- {
- $db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` " . "(`customerid`, `username`, `password`, `path`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($htpasswdPassword) . "', '" . $db->escape(makeCorrectDir($documentroot . '/awstats/')) . "')");
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` SET
+ `customerid` = :customerid,
+ `username` = :username,
+ `password` = :passwd,
+ `path` = :path"
+ );
+ $ins_data = array(
+ 'customerid' => $customerid,
+ 'username' => $loginname,
+ 'passwd' => $htpasswdPassword
+ );
+
+ if ($settings['system']['awstats_enabled'] == '1') {
+ $ins_data['path'] = makeCorrectDir($documentroot . '/awstats/');
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added awstats htpasswd for user '" . $loginname . "'");
- }
- else
- {
- $db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` " . "(`customerid`, `username`, `password`, `path`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($htpasswdPassword) . "', '" . $db->escape(makeCorrectDir($documentroot . '/webalizer/')) . "')");
+ } else {
+ $ins_data['path'] = makeCorrectDir($documentroot . '/webalizer/');
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added webalizer htpasswd for user '" . $loginname . "'");
}
+ Database::pexecute($ins_stmt, $ins_data);
inserttask('1');
$cryptPassword = makeCryptPassword($password);
- $result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
- $result = $db->query("INSERT INTO `" . TABLE_FTP_GROUPS . "` " . "(`customerid`, `groupname`, `gid`, `members`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($guid) . "', '" . $db->escape($loginname) . "')");
- $result = $db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($loginname) . "', 'user', '0', '0', '0', '0', '0', '0')");
+ // FTP-User
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_FTP_USERS . "` SET `customerid` = :customerid, `username` = :username,
+ `password` = :passwd, `homedir` = :homedir, `login_enabled` = 'y', `uid` = :guid, `gid` = :guid"
+ );
+ $ins_data = array(
+ 'customerid' => $customerid,
+ 'username' => $loginname,
+ 'passwd' => $cryptPassword,
+ 'homedir' => $documentroot,
+ 'guid' => $guid
+ );
+ Database::pexecute($ins_stmt, $ins_data);
+ // FTP-Group
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_FTP_GROUPS . "` SET `customerid` = :customerid, `groupname` = :groupname, `gid` = :guid, `members` = :members"
+ );
+ $ins_data = array(
+ 'customerid' => $customerid,
+ 'groupname' => $loginname,
+ 'guid' => $guid,
+ 'members' => $loginname
+ );
+ Database::pexecute($ins_stmt, $ins_data);
+ // FTP-Quotatallies
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` SET `name` = :name, `quota_type` = 'user', `bytes_in_used` = '0',
+ `bytes_out_used` = '0', `bytes_xfer_used` = '0', `files_in_used` = '0', `files_out_used` = '0', `files_xfer_used` = '0'"
+ );
+ Database::pexecute($ins_stmt, array('name' => $loginname));
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added ftp-account for user '" . $loginname . "'");
- if($createstdsubdomain == '1')
- {
+ if ($createstdsubdomain == '1') {
+
if (isset($settings['system']['stdsubdomain'])
&& $settings['system']['stdsubdomain'] != ''
) {
$_stdsubdomain = $loginname . '.' . $settings['system']['stdsubdomain'];
- }
- else
- {
+ } else {
$_stdsubdomain = $loginname . '.' . $settings['system']['hostname'];
}
- $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET " .
- "`domain` = '". $db->escape($_stdsubdomain) . "', " .
- "`customerid` = '" . (int)$customerid . "', " .
- "`adminid` = '" . (int)$userinfo['adminid'] . "', " .
- "`parentdomainid` = '-1', " .
- "`documentroot` = '" . $db->escape($documentroot) . "', " .
- "`zonefile` = '', " .
- "`isemaildomain` = '0', " .
- "`caneditdomain` = '0', " .
- "`openbasedir` = '1', " .
- "`speciallogfile` = '0', " .
- "`specialsettings` = '', " .
- "`add_date` = '".date('Y-m-d')."'");
- $domainid = $db->insert_id();
- // set ip <-> domain connection
- $db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET
- `id_domain` = '".$domainid."',
- `id_ipandports` = '".(int)$settings['system']['defaultip']."'"
+ $ins_data = array(
+ 'domain' => $_stdsubdomain,
+ 'customerid' => $customerid,
+ 'adminid' => $userinfo['adminid'],
+ 'docroot' => $documentroot,
+ 'adddate' => date('Y-m-d')
);
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
+ `domain` = :domain,
+ `customerid` = :customerid,
+ `adminid` = :adminid,
+ `parentdomainid` = '-1',
+ `documentroot` = :docroot,
+ `zonefile` = '',
+ `isemaildomain` = '0',
+ `caneditdomain` = '0',
+ `openbasedir` = '1',
+ `speciallogfile` = '0',
+ `specialsettings` = ''
+ `add_date` = :adddate"
+ );
+ Database::pexecute($ins_stmt, $ins_data);
+ $domainid = Database::lastInsertId();
- $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$customerid . '\'');
+ // set ip <-> domain connection
+ $ins_stmt = Database::prepare("
+ INSERT INTO `".TABLE_DOMAINTOIP."` SET `id_domain` = :domainid, `id_ipandports` = :ipid'"
+ );
+ Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $settings['system']['defaultip']));
+
+ $upd_stmt = Database::prepare("
+ UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
+ );
+ Database::pexecute($upd_stmt, array('domainid' => $domainid, 'customerid' => $customerid));
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $loginname . "'");
inserttask('1');
}
- if($sendpassword == '1')
- {
+ if ($sendpassword == '1') {
+
$replace_arr = array(
'FIRSTNAME' => $firstname,
'NAME' => $name,
@@ -842,10 +965,20 @@ if($page == 'customers'
);
// Get mail templates from database; the ones from 'admin' are fetched for fallback
-
- $result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'createcustomer_subject\'');
+ $result_stmt = Database::prepare("
+ SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+ WHERE `adminid` = :adminid AND `language` = :deflang AND `templategroup` = 'mails' AND `varname` = 'createcustomer_subject'"
+ );
+ Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'deflang' => $def_language));
+ $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['createcustomer']['subject']), $replace_arr));
- $result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'createcustomer_mailbody\'');
+
+ $result_stmt = Database::prepare("
+ SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+ WHERE `adminid` = :adminid AND `language` = :deflang AND `templategroup` = 'mails' AND `varname` = 'createcustomer_mailbody'"
+ );
+ Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'deflang' => $def_language));
+ $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['createcustomer']['mailbody']), $replace_arr));
$_mailerror = false;
@@ -871,16 +1004,13 @@ if($page == 'customers'
$mail->ClearAddresses();
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically sent password to user '" . $loginname . "'");
}
-
redirectTo($filename, Array('page' => $page, 's' => $s));
}
- }
- else
- {
+
+ } else {
$language_options = '';
- while(list($language_file, $language_name) = each($languages))
- {
+ while (list($language_file, $language_name) = each($languages)) {
$language_options.= makeoption($language_name, $language_file, $settings['panel']['standardlanguage'], true);
}
@@ -910,17 +1040,27 @@ if($page == 'customers'
eval("echo \"" . getTemplate("customers/customers_add") . "\";");
}
}
- }
- elseif($action == 'edit'
- && $id != 0)
- {
- $result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$id . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' "));
- if($result['loginname'] != '')
- {
- if(isset($_POST['send'])
- && $_POST['send'] == 'send')
- {
+ } elseif($action == 'edit'
+ && $id != 0
+ ) {
+
+ $result_data = array('id' => $id);
+ $result_stmt = Database::prepare("
+ SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`
+ WHERE `customerid` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")
+ );
+ if ($userinfo['customers_see_all'] == '0') {
+ $result_data['adminid'] = $userinfo['adminid'];
+ }
+ $result = Database::pexecute_first($result_stmt, $result_data);
+
+ if ($result['loginname'] != '') {
+
+ if (isset($_POST['send'])
+ && $_POST['send'] == 'send'
+ ) {
+
$name = validate($_POST['name'], 'name');
$firstname = validate($_POST['firstname'], 'first name');
$company = validate($_POST['company'], 'company');
@@ -933,107 +1073,86 @@ if($page == 'customers'
$customernumber = validate($_POST['customernumber'], 'customer number', '/^[A-Za-z0-9 \-]*$/Di');
$def_language = validate($_POST['def_language'], 'default language');
$password = validate($_POST['new_customer_password'], 'new password');
- $diskspace = intval_ressource($_POST['diskspace']);
$gender = intval_ressource($_POST['gender']);
- if(isset($_POST['diskspace_ul']))
- {
+ $diskspace = intval_ressource($_POST['diskspace']);
+ if (isset($_POST['diskspace_ul'])) {
$diskspace = - 1;
}
$traffic = doubleval_ressource($_POST['traffic']);
-
- if(isset($_POST['traffic_ul']))
- {
+ if (isset($_POST['traffic_ul'])) {
$traffic = - 1;
}
$subdomains = intval_ressource($_POST['subdomains']);
-
- if(isset($_POST['subdomains_ul']))
- {
+ if (isset($_POST['subdomains_ul'])) {
$subdomains = - 1;
}
$emails = intval_ressource($_POST['emails']);
-
- if(isset($_POST['emails_ul']))
- {
+ if (isset($_POST['emails_ul'])) {
$emails = - 1;
}
$email_accounts = intval_ressource($_POST['email_accounts']);
-
- if(isset($_POST['email_accounts_ul']))
- {
+ if (isset($_POST['email_accounts_ul'])) {
$email_accounts = - 1;
}
$email_forwarders = intval_ressource($_POST['email_forwarders']);
-
- if(isset($_POST['email_forwarders_ul']))
- {
+ if (isset($_POST['email_forwarders_ul'])) {
$email_forwarders = - 1;
}
- if($settings['system']['mail_quota_enabled'] == '1')
- {
+ if ($settings['system']['mail_quota_enabled'] == '1') {
$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
-
- if(isset($_POST['email_quota_ul']))
- {
+ if (isset($_POST['email_quota_ul'])) {
$email_quota = - 1;
}
- }
- else
- {
+ } else {
$email_quota = - 1;
}
- if($settings['autoresponder']['autoresponder_active'] == '1')
- {
+ if ($settings['autoresponder']['autoresponder_active'] == '1') {
$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-
- if(isset($_POST['email_autoresponder_ul']))
- {
+ if (isset($_POST['email_autoresponder_ul'])) {
$email_autoresponder = - 1;
}
- }
- else
- {
+ } else {
$email_autoresponder = 0;
}
$email_imap = 0;
- if(isset($_POST['email_imap']))
+ if (isset($_POST['email_imap'])) {
$email_imap = intval_ressource($_POST['email_imap']);
+ }
$email_pop3 = 0;
- if(isset($_POST['email_pop3']))
+ if (isset($_POST['email_pop3'])) {
$email_pop3 = intval_ressource($_POST['email_pop3']);
+ }
$ftps = 0;
- if(isset($_POST['ftps']))
+ if (isset($_POST['ftps'])) {
$ftps = intval_ressource($_POST['ftps']);
-
- if(isset($_POST['ftps_ul']))
- {
+ }
+ if (isset($_POST['ftps_ul'])) {
$ftps = - 1;
}
$tickets = ($settings['ticket']['enabled'] == 1 ? intval_ressource($_POST['tickets']) : 0);
-
- if(isset($_POST['tickets_ul'])
- && $settings['ticket']['enabled'] == '1')
- {
+ if (isset($_POST['tickets_ul'])
+ && $settings['ticket']['enabled'] == '1'
+ ) {
$tickets = - 1;
}
$backup_allowed = 0;
- if (isset($_POST['backup_allowed']))
+ if (isset($_POST['backup_allowed'])) {
$backup_allowed = intval($_POST['backup_allowed']);
-
- if($backup_allowed != '0'){
+ }
+ if ($backup_allowed != '0') {
$backup_allowed = 1;
}
@@ -1043,47 +1162,46 @@ if($page == 'customers'
}
$mysqls = 0;
- if(isset($_POST['mysqls']))
+ if (isset($_POST['mysqls'])) {
$mysqls = intval_ressource($_POST['mysqls']);
-
- if(isset($_POST['mysqls_ul']))
- {
+ }
+ if (isset($_POST['mysqls_ul'])) {
$mysqls = - 1;
}
- if($settings['aps']['aps_active'] == '1')
- {
+ if ($settings['aps']['aps_active'] == '1') {
$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-
- if(isset($_POST['number_of_aps_packages_ul']))
- {
+ if (isset($_POST['number_of_aps_packages_ul'])) {
$number_of_aps_packages = - 1;
}
- }
- else
- {
+ } else {
$number_of_aps_packages = 0;
}
$createstdsubdomain = 0;
- if(isset($_POST['createstdsubdomain']))
+ if (isset($_POST['createstdsubdomain'])) {
$createstdsubdomain = intval($_POST['createstdsubdomain']);
+ }
$deactivated = 0;
- if(isset($_POST['deactivated']))
+ if (isset($_POST['deactivated'])) {
$deactivated = intval($_POST['deactivated']);
+ }
$phpenabled = 0;
- if(isset($_POST['phpenabled']))
+ if (isset($_POST['phpenabled'])) {
$phpenabled = intval($_POST['phpenabled']);
+ }
$perlenabled = 0;
- if(isset($_POST['perlenabled']))
+ if (isset($_POST['perlenabled'])) {
$perlenabled = intval($_POST['perlenabled']);
+ }
+
$diskspace = $diskspace * 1024;
$traffic = $traffic * 1024 * 1024;
- if(((($userinfo['diskspace_used'] + $diskspace - $result['diskspace']) > $userinfo['diskspace']) && ($userinfo['diskspace'] / 1024) != '-1')
+ if (((($userinfo['diskspace_used'] + $diskspace - $result['diskspace']) > $userinfo['diskspace']) && ($userinfo['diskspace'] / 1024) != '-1')
|| ((($userinfo['mysqls_used'] + $mysqls - $result['mysqls']) > $userinfo['mysqls']) && $userinfo['mysqls'] != '-1')
|| ((($userinfo['emails_used'] + $emails - $result['emails']) > $userinfo['emails']) && $userinfo['emails'] != '-1')
|| ((($userinfo['email_accounts_used'] + $email_accounts - $result['email_accounts']) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
@@ -1104,371 +1222,394 @@ if($page == 'customers'
|| ($ftps == '-1' && $userinfo['ftps'] != '-1')
|| ($tickets == '-1' && $userinfo['tickets'] != '-1')
|| ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
- || ($number_of_aps_packages == '-1' && $userinfo['aps_packages'] != '-1'))
- {
+ || ($number_of_aps_packages == '-1' && $userinfo['aps_packages'] != '-1')
+ ) {
standard_error('youcantallocatemorethanyouhave');
exit;
}
// Either $name and $firstname or the $company must be inserted
-
- if($name == ''
- && $company == '')
- {
+ if ($name == '' && $company == '') {
standard_error(array('stringisempty', 'myname'));
- }
- elseif($firstname == ''
- && $company == '')
- {
+
+ } elseif($firstname == '' && $company == '') {
standard_error(array('stringisempty', 'myfirstname'));
- }
- elseif($email == '')
- {
+
+ } elseif($email == '') {
standard_error(array('stringisempty', 'emailadd'));
- }
- elseif(!validateEmail($email))
- {
+
+ } elseif(!validateEmail($email)) {
standard_error('emailiswrong', $email);
- }
- else
- {
- if($password != '')
- {
+
+ } else {
+
+ if ($password != '') {
$password = validatePassword($password);
$password = md5($password);
- }
- else
- {
+ } else {
$password = $result['password'];
}
- if($createstdsubdomain != '1')
- {
+ if ($createstdsubdomain != '1') {
$createstdsubdomain = '0';
}
- if($createstdsubdomain == '1'
- && $result['standardsubdomain'] == '0')
- {
+ if ($createstdsubdomain == '1'
+ && $result['standardsubdomain'] == '0'
+ ) {
+
if (isset($settings['system']['stdsubdomain'])
&& $settings['system']['stdsubdomain'] != ''
) {
$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['stdsubdomain'];
- }
- else
- {
+ } else {
$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['hostname'];
}
- $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
- `domain` = '" . $db->escape($_stdsubdomain) . "',
- `customerid` = '" . (int)$result['customerid'] . "',
- `adminid` = '" . (int)$userinfo['adminid'] . "',
+ $ins_data = array(
+ 'domain' => $_stdsubdomain,
+ 'customerid' => $result['customerid'],
+ 'adminid' => $userinfo['adminid'],
+ 'docroot' => $result['documentroot'],
+ 'adddate' => date('Y-m-d')
+ );
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
+ `domain` = :domain,
+ `customerid` = :customerid,
+ `adminid` = :adminid,
`parentdomainid` = '-1',
- `documentroot` = '" . $db->escape($result['documentroot']) . "',
+ `documentroot` = :docroot,
`zonefile` = '',
`isemaildomain` = '0',
`caneditdomain` = '0',
`openbasedir` = '1',
`speciallogfile` = '0',
- `specialsettings` = '',
- `add_date` = '".date('Y-m-d')."'"
+ `specialsettings` = ''
+ `add_date` = :adddate"
);
- $domainid = $db->insert_id();
+ Database::pexecute($ins_stmt, $ins_data);
+ $domainid = Database::lastInsertId();
+
// set ip <-> domain connection
- $db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET
- `id_domain` = '".$domainid."',
- `id_ipandports` = '".(int)$settings['system']['defaultip']."'"
+ $ins_stmt = Database::prepare("
+ INSERT INTO `".TABLE_DOMAINTOIP."` SET `id_domain` = :domainid, `id_ipandports` = :ipid'"
);
- $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
- `standardsubdomain`='" . (int)$domainid . "'
- WHERE `customerid`='" . (int)$result['customerid'] . "'"
+ Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $settings['system']['defaultip']));
+
+ $upd_stmt = Database::prepare("
+ UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
);
+ Database::pexecute($upd_stmt, array('domainid' => $domainid, 'customerid' => $result['customerid']));
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $result['loginname'] . "'");
inserttask('1');
}
- if($createstdsubdomain == '0'
- && $result['standardsubdomain'] != '0')
- {
- $db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "`
- WHERE `id`='" . (int)$result['standardsubdomain'] . "'");
- $db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "`
- WHERE `id_domain`='" . (int)$result['standardsubdomain'] . "'");
- $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
- `standardsubdomain`= '0' WHERE `customerid`= '" . (int)$result['customerid'] . "'");
+ if ($createstdsubdomain == '0'
+ && $result['standardsubdomain'] != '0'
+ ) {
+
+ $del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id` = :stdsub");
+ Database::pexecute($del_stmt, array('stdsub' => $result['standardsubdomain']));
+ $del_stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :stdsub");
+ Database::pexecute($del_stmt, array('stdsub' => $result['standardsubdomain']));
+ $del_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain`= '0' WHERE `customerid` = :customerid");
+ Database::pexecute($del_stmt, array('customerid' => $result['customerid']));
$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically deleted standardsubdomain for user '" . $result['loginname'] . "'");
inserttask('1');
}
- if($deactivated != '1')
- {
+ if ($deactivated != '1') {
$deactivated = '0';
}
- if($phpenabled != '0')
- {
+ if ($phpenabled != '0') {
$phpenabled = '1';
}
- if($perlenabled != '0')
- {
+ if ($perlenabled != '0') {
$perlenabled = '1';
}
- if($phpenabled != $result['phpenabled']
- || $perlenabled != $result['perlenabled'])
- {
+ if ($phpenabled != $result['phpenabled']
+ || $perlenabled != $result['perlenabled']
+ ) {
inserttask('1');
}
- if($deactivated != $result['deactivated'])
- {
- $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`='" . (($deactivated) ? 'N' : 'Y') . "', `pop3`='" . (($deactivated) ? '0' : (int)$result['pop3']) . "', `imap`='" . (($deactivated) ? '0' : (int)$result['imap']) . "' WHERE `customerid`='" . (int)$id . "'");
- $db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled`='" . (($deactivated) ? 'N' : 'Y') . "' WHERE `customerid`='" . (int)$id . "'");
- $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `deactivated`='" . (int)$deactivated . "' WHERE `customerid`='" . (int)$id . "'");
+ // activate/deactivate customer services
+ if ($deactivated != $result['deactivated']) {
- /* Retrieve customer's databases */
- $databases = $db->query("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid='" . (int)$id . "' ORDER BY `dbserver`");
- $db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
+ $yesno = (($deactivated) ? 'N' : 'Y');
+ $pop3 = (($deactivated) ? '0' : (int)$result['pop3']);
+ $imap = (($deactivated) ? '0' : (int)$result['imap']);
+
+ $upd_stmt = Database::prepare("
+ UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`= :yesno, `pop3` = :pop3, `imap` = :imap WHERE `customerid` = :customerid"
+ );
+ Database::pexecute($upd_stmt, array('yesno' => $yesno, 'pop3' => $pop3, 'imap' => $imap, 'customerid' => $id));
+
+ $upd_stmt = Database::prepare("
+ UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled` = :yesno WHERE `customerid` = :customerid"
+ );
+ Database::pexecute($upd_stmt, array('yesno' => $yesno, 'customerid' => $id));
+
+ $upd_stmt = Database::prepare("
+ UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `deactivated`= :deactivated WHERE `customerid` = :customerid"
+ );
+ Database::pexecute($upd_stmt, array('deactivated' => $deactivated, 'customerid' => $id));
+
+ // Retrieve customer's databases
+ $databases_stmt = Database::prepare("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid = :customerid ORDER BY `dbserver`");
+ Database::pexecute($databases_stmt, array('customerid' => $id));
+
+ Database::needRoot(true);
$last_dbserver = 0;
+ // For each of them
+ while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
- /* For each of them */
- while($row_database = $db->fetch_array($databases))
- {
- if($last_dbserver != $row_database['dbserver'])
- {
- $db_root->query('FLUSH PRIVILEGES;');
- $db_root->close();
- $db_root = new db($sql_root[$row_database['dbserver']]['host'], $sql_root[$row_database['dbserver']]['user'], $sql_root[$row_database['dbserver']]['password'], '');
+ if ($last_dbserver != $row_database['dbserver']) {
+ Database::query('FLUSH PRIVILEGES;');
+ Database::needRoot(true, $row_database['dbserver']);
$last_dbserver = $row_database['dbserver'];
}
- foreach(array_unique(explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
- {
+ foreach (array_unique(explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
$mysql_access_host = trim($mysql_access_host);
- /* Prevent access, if deactivated */
- if($deactivated)
- {
+ // Prevent access, if deactivated
+ if ($deactivated) {
// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
- $db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($row_database['databasename']) .'\'',false,true);
- }
- else /* Otherwise grant access */
- {
- $db_root->query('GRANT ALL PRIVILEGES ON `' . $db_root->escape($row_database['databasename']) .'`.* TO `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
- $db_root->query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($row_database['databasename'])) . '` . * TO `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
+ $stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
+ Database::pexecute($stmt, array(), false);
+
+ } else {
+ // Otherwise grant access
+ Database::query('GRANT ALL PRIVILEGES ON `' . $row_database['databasename'] .'`.* TO `' . $row_database['databasename'] . '`@`' . $mysql_access_host . '`');
+ Database::query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $row_database['databasename']) . '` . * TO `' . $row_database['databasename'] . '`@`' . $mysql_access_host . '`');
}
}
}
/* At last flush the new privileges */
- $db_root->query('FLUSH PRIVILEGES;');
- $db_root->close();
+ Database::query('FLUSH PRIVILEGES;');
+ Database::needRoot(false);
$log->logAction(ADM_ACTION, LOG_INFO, "deactivated user '" . $result['loginname'] . "'");
inserttask('1');
}
// Disable or enable POP3 Login for customers Mail Accounts
-
- if($email_pop3 != $result['pop3'])
- {
- $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `pop3`='" . (int)$email_pop3 . "' WHERE `customerid`='" . (int)$id . "'");
+ if ($email_pop3 != $result['pop3']) {
+ $upd_stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "` SET `pop3` = :pop3 WHERE `customerid` = :customerid");
+ Database::pexecute($upd_stmt, array('pop3' => $email_pop3, 'customerid' => $id));
}
// Disable or enable IMAP Login for customers Mail Accounts
-
- if($email_imap != $result['imap'])
- {
- $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `imap`='" . (int)$email_imap . "' WHERE `customerid`='" . (int)$id . "'");
+ if ($email_imap != $result['imap']) {
+ $upd_stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "` SET `imap` = :imap WHERE `customerid` = :customerid");
+ Database::pexecute($upd_stmt, array('pop3' => $email_imap, 'customerid' => $id));
}
- // $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "', `perlenabled`='" . $db->escape($perlenabled) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "' WHERE `customerid`='" . (int)$id . "'");
- $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `gender`='" . $db->escape($gender) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "', `perlenabled`='" . $db->escape($perlenabled) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `backup_allowed`='" . $db->escape($backup_allowed) . "' WHERE `customerid`='" . (int)$id . "'");
- $admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` ";
+ $upd_data = array(
+ 'customerid' => $id,
+ 'passwd' => $password,
+ 'name' => $name,
+ 'firstname' => $firstname,
+ 'gender' => $gender,
+ 'company' => $company,
+ 'street' => $street,
+ 'zipcode' => $zipcode,
+ 'city' => $city,
+ 'phone' => $phone,
+ 'fax' => $fax,
+ 'email' => $email,
+ 'customerno' => $customernumber,
+ 'lang' => $def_language,
+ 'diskspace' => $diskspace,
+ 'traffic' => $traffic,
+ 'subdomains' => $subdomains,
+ 'emails' => $emails,
+ 'email_accounts' => $email_accounts,
+ 'email_forwarders' => $email_forwarders,
+ 'email_quota' => $email_quota,
+ 'ftps' => $ftps,
+ 'tickets' => $tickets,
+ 'mysqls' => $mysqls,
+ 'deactivated' => $deactivated,
+ 'phpenabled' => $phpenabled,
+ 'imap' => $email_imap,
+ 'pop3' => $email_pop3,
+ 'aps' => $number_of_aps_packages,
+ 'perlenabled' => $perlenabled,
+ 'email_autoresponder' => $email_autoresponder,
+ 'backup_allowed' => $backup_allowed
+ );
+ $upd_stmt = Database::prepare("
+ UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
+ `name` = :name,
+ `firstname` = :firstname,
+ `gender` = :gender,
+ `company` = :company,
+ `street` = :street,
+ `zipcode` = :zipcode,
+ `city` = :city,
+ `phone` = :phone,
+ `fax` = :fax,
+ `email` = :email,
+ `customernumber` = :customerno,
+ `def_language` = :lang,
+ `password` = :passwd,
+ `diskspace` = :diskspace,
+ `traffic` = :traffic,
+ `subdomains` = :subdomains,
+ `emails` = :emails,
+ `email_accounts` = :email_accounts,
+ `email_forwarders` = :email_forwarders,
+ `ftps` = :ftps,
+ `tickets` = :tickets,
+ `mysqls` = :mysqls,
+ `deactivated` = :deactivated,
+ `phpenabled` = :phpenabled,
+ `email_quota` = :email_quota,
+ `imap` = :imap,
+ `pop3` = :pop3,
+ `aps_packages` = :aps,
+ `perlenabled` = :perlenabled,
+ `email_autoresponder` = :email_autoresponder,
+ `backup_allowed` = :backup_allowed
+ WHERE `customerid` = :customerid"
+ );
+ Database::pexecute($upd_stmt, $upd_data);
// Using filesystem - quota, insert a task which cleans the filesystem - quota
inserttask('10');
- if($mysqls != '-1'
- || $result['mysqls'] != '-1')
- {
+ $admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` ";
+
+ if ($mysqls != '-1' || $result['mysqls'] != '-1') {
$admin_update_query.= ", `mysqls_used` = `mysqls_used` ";
- if($mysqls != '-1')
- {
+ if ($mysqls != '-1') {
$admin_update_query.= " + 0" . (int)$mysqls . " ";
}
-
- if($result['mysqls'] != '-1')
- {
+ if ($result['mysqls'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['mysqls'] . " ";
}
}
- if($emails != '-1'
- || $result['emails'] != '-1')
- {
+ if($emails != '-1' || $result['emails'] != '-1') {
$admin_update_query.= ", `emails_used` = `emails_used` ";
- if($emails != '-1')
- {
+ if ($emails != '-1') {
$admin_update_query.= " + 0" . (int)$emails . " ";
}
-
- if($result['emails'] != '-1')
- {
+ if ($result['emails'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['emails'] . " ";
}
}
- if($email_accounts != '-1'
- || $result['email_accounts'] != '-1')
- {
+ if ($email_accounts != '-1' || $result['email_accounts'] != '-1') {
$admin_update_query.= ", `email_accounts_used` = `email_accounts_used` ";
- if($email_accounts != '-1')
- {
+ if ($email_accounts != '-1') {
$admin_update_query.= " + 0" . (int)$email_accounts . " ";
}
-
- if($result['email_accounts'] != '-1')
- {
+ if ($result['email_accounts'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['email_accounts'] . " ";
}
}
- if($email_forwarders != '-1'
- || $result['email_forwarders'] != '-1')
- {
+ if ($email_forwarders != '-1' || $result['email_forwarders'] != '-1') {
$admin_update_query.= ", `email_forwarders_used` = `email_forwarders_used` ";
- if($email_forwarders != '-1')
- {
+ if ($email_forwarders != '-1') {
$admin_update_query.= " + 0" . (int)$email_forwarders . " ";
}
-
- if($result['email_forwarders'] != '-1')
- {
+ if ($result['email_forwarders'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['email_forwarders'] . " ";
}
}
- if($email_quota != '-1'
- || $result['email_quota'] != '-1')
- {
+ if ($email_quota != '-1' || $result['email_quota'] != '-1') {
$admin_update_query.= ", `email_quota_used` = `email_quota_used` ";
- if($email_quota != '-1')
- {
+ if ($email_quota != '-1') {
$admin_update_query.= " + 0" . (int)$email_quota . " ";
}
-
- if($result['email_quota'] != '-1')
- {
+ if ($result['email_quota'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['email_quota'] . " ";
}
}
- if($email_autoresponder != '-1'
- || $result['email_autoresponder'] != '-1')
- {
+ if ($email_autoresponder != '-1' || $result['email_autoresponder'] != '-1') {
$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` ";
- if($email_autoresponder != '-1')
- {
+ if ($email_autoresponder != '-1') {
$admin_update_query.= " + 0" . (int)$email_autoresponder . " ";
}
-
- if($result['email_autoresponder'] != '-1')
- {
+ if ($result['email_autoresponder'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['email_autoresponder'] . " ";
}
}
- if($subdomains != '-1'
- || $result['subdomains'] != '-1')
- {
+ if ($subdomains != '-1' || $result['subdomains'] != '-1') {
$admin_update_query.= ", `subdomains_used` = `subdomains_used` ";
- if($subdomains != '-1')
- {
+ if ($subdomains != '-1') {
$admin_update_query.= " + 0" . (int)$subdomains . " ";
}
-
- if($result['subdomains'] != '-1')
- {
+ if ($result['subdomains'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['subdomains'] . " ";
}
}
- if($ftps != '-1'
- || $result['ftps'] != '-1')
- {
+ if ($ftps != '-1' || $result['ftps'] != '-1') {
$admin_update_query.= ", `ftps_used` = `ftps_used` ";
- if($ftps != '-1')
- {
+ if ($ftps != '-1') {
$admin_update_query.= " + 0" . (int)$ftps . " ";
}
-
- if($result['ftps'] != '-1')
- {
+ if ($result['ftps'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['ftps'] . " ";
}
}
- if($tickets != '-1'
- || $result['tickets'] != '-1')
- {
+ if ($tickets != '-1' || $result['tickets'] != '-1') {
$admin_update_query.= ", `tickets_used` = `tickets_used` ";
- if($tickets != '-1')
- {
+ if ($tickets != '-1') {
$admin_update_query.= " + 0" . (int)$tickets . " ";
}
-
- if($result['tickets'] != '-1')
- {
+ if ($result['tickets'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['tickets'] . " ";
}
}
- if(($diskspace / 1024) != '-1'
- || ($result['diskspace'] / 1024) != '-1')
- {
+ if (($diskspace / 1024) != '-1' || ($result['diskspace'] / 1024) != '-1') {
$admin_update_query.= ", `diskspace_used` = `diskspace_used` ";
- if(($diskspace / 1024) != '-1')
- {
+ if (($diskspace / 1024) != '-1') {
$admin_update_query.= " + 0" . (int)$diskspace . " ";
}
-
- if(($result['diskspace'] / 1024) != '-1')
- {
+ if (($result['diskspace'] / 1024) != '-1') {
$admin_update_query.= " - 0" . (int)$result['diskspace'] . " ";
}
}
- if($number_of_aps_packages != '-1'
- || $result['aps_packages'] != '-1')
- {
+ if ($number_of_aps_packages != '-1' || $result['aps_packages'] != '-1') {
$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` ";
- if($number_of_aps_packages != '-1')
- {
+ if ($number_of_aps_packages != '-1') {
$admin_update_query.= " + 0" . (int)$number_of_aps_packages . " ";
}
-
- if($result['aps_packages'] != '-1')
- {
+ if ($result['aps_packages'] != '-1') {
$admin_update_query.= " - 0" . (int)$result['aps_packages'] . " ";
}
}
$admin_update_query.= " WHERE `adminid` = '" . (int)$result['adminid'] . "'";
- $db->query($admin_update_query);
+ Database::query($admin_update_query);
$log->logAction(ADM_ACTION, LOG_INFO, "edited user '" . $result['loginname'] . "'");
$redirect_props = Array(
'page' => $page,
@@ -1477,100 +1618,75 @@ if($page == 'customers'
redirectTo($filename, $redirect_props);
}
- }
- else
- {
+
+ } else {
$language_options = '';
- while(list($language_file, $language_name) = each($languages))
- {
+ while (list($language_file, $language_name) = each($languages)) {
$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);
}
$result['traffic'] = round($result['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
$result['diskspace'] = round($result['diskspace'] / 1024, $settings['panel']['decimal_places']);
$result['email'] = $idna_convert->decode($result['email']);
- $diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, $result['diskspace'], true, true);
- if($result['diskspace'] == '-1')
- {
+ $diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, $result['diskspace'], true, true);
+ if ($result['diskspace'] == '-1') {
$result['diskspace'] = '';
}
$traffic_ul = makecheckbox('traffic_ul', $lng['customer']['unlimited'], '-1', false, $result['traffic'], true, true);
-
- if($result['traffic'] == '-1')
- {
+ if ($result['traffic'] == '-1') {
$result['traffic'] = '';
}
$subdomains_ul = makecheckbox('subdomains_ul', $lng['customer']['unlimited'], '-1', false, $result['subdomains'], true, true);
-
- if($result['subdomains'] == '-1')
- {
+ if ($result['subdomains'] == '-1') {
$result['subdomains'] = '';
}
$emails_ul = makecheckbox('emails_ul', $lng['customer']['unlimited'], '-1', false, $result['emails'], true, true);
-
- if($result['emails'] == '-1')
- {
+ if ($result['emails'] == '-1') {
$result['emails'] = '';
}
$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, $result['email_accounts'], true, true);
-
- if($result['email_accounts'] == '-1')
- {
+ if ($result['email_accounts'] == '-1') {
$result['email_accounts'] = '';
}
$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, $result['email_forwarders'], true, true);
-
- if($result['email_forwarders'] == '-1')
- {
+ if ($result['email_forwarders'] == '-1') {
$result['email_forwarders'] = '';
}
$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, $result['email_quota'], true, true);
-
- if($result['email_quota'] == '-1')
- {
+ if ($result['email_quota'] == '-1') {
$result['email_quota'] = '';
}
$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
-
- if($result['email_autoresponder'] == '-1')
- {
+ if ($result['email_autoresponder'] == '-1') {
$result['email_autoresponder'] = '';
}
$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
-
- if($result['ftps'] == '-1')
- {
+ if ($result['ftps'] == '-1') {
$result['ftps'] = '';
}
$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, $result['tickets'], true, true);
-
- if($result['tickets'] == '-1')
- {
+ if ($result['tickets'] == '-1') {
$result['tickets'] = '';
}
$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, $result['mysqls'], true, true);
-
- if($result['mysqls'] == '-1')
- {
+ if ($result['mysqls'] == '-1') {
$result['mysqls'] = '';
}
$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, $result['aps_packages'], true, true);
-
- if($result['aps_packages'] == '-1')
- {
+ if ($result['aps_packages'] == '-1') {
$result['aps_packages'] = '';
}
@@ -1591,5 +1707,3 @@ if($page == 'customers'
}
}
}
-
-?>
diff --git a/admin_index.php b/admin_index.php
index 1ece7ed7..20f1bc9e 100644
--- a/admin_index.php
+++ b/admin_index.php
@@ -18,10 +18,6 @@
*/
define('AREA', 'admin');
-
-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
require ("./lib/init.php");
if ($action == 'logout') {
@@ -71,8 +67,7 @@ if ($page == 'overview') {
SUM(`traffic_used`) AS `traffic_used`,
SUM(`aps_packages_used`) AS `aps_packages_used`
FROM `" . TABLE_PANEL_CUSTOMERS . "`" . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = :adminid "));
- Database::pexecute($overview_stmt, array('adminid' => $userinfo['adminid']));
- $overview = $overview_stmt->fetch(PDO::FETCH_ASSOC);
+ $overview = Database::pexecute_first($overview_stmt, array('adminid' => $userinfo['adminid']));
$overview['traffic_used'] = round($overview['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
$overview['diskspace_used'] = round($overview['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
@@ -81,8 +76,8 @@ if ($page == 'overview') {
SELECT COUNT(*) AS `number_domains` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `parentdomainid`='0'" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")
);
- Database::pexecute($number_domains_stmt, array('adminid' => $userinfo['adminid']));
- $number_domains = $number_domains_stmt->fetch(PDO::FETCH_ASSOC);
+ $number_domains = Database::pexecute_first($number_domains_stmt, array('adminid' => $userinfo['adminid']));
+
$overview['number_domains'] = $number_domains['number_domains'];
$phpversion = phpversion();
diff --git a/admin_phpsettings.php b/admin_phpsettings.php
index 5aa6527e..a3f1949f 100644
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -148,8 +148,7 @@ if ($page == 'overview') {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
);
- Database::pexecute($result_stmt, array('id' => $id));
- $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+ $result = Database::pexecute_first($result_stmt, array('id' => $id));
if ($result['id'] != 0
&& $result['id'] == $id
@@ -190,8 +189,7 @@ if ($page == 'overview') {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
);
- Database::pexecute($result_stmt, array('id' => $id));
- $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+ $result = Database::pexecute_first($result_stmt, array('id' => $id));
if ($result['id'] != 0
&& $result['id'] == $id
diff --git a/admin_tickets.php b/admin_tickets.php
index db8f598e..92d34424 100644
--- a/admin_tickets.php
+++ b/admin_tickets.php
@@ -18,11 +18,6 @@
*/
define('AREA', 'admin');
-
-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
require ("./lib/init.php");
if (isset($_POST['id'])) {
@@ -42,8 +37,7 @@ if (isset($_POST['id'])) {
SELECT `id` FROM `panel_tickets`
WHERE `id` = :id AND `adminid` = :adminid
");
- Database::pexecute($stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
- $result = $stmt->fetch(PDO::FETCH_ASSOC);
+ $result = Database::pexecute_first($stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
if ($result == null) {
// no rights to see the requested ticket
@@ -62,8 +56,7 @@ if ($page == 'tickets'
FROM `" . TABLE_PANEL_CUSTOMERS . "` " .
($userinfo['customers_see_all'] ? '' : "WHERE `adminid` = :adminid")
);
- Database::pexecute($countcustomers_stmt, array('adminid' => $userinfo['adminid']));
- $countcustomers = $countcustomers_stmt->fetch(PDO::FETCH_ASSOC);
+ $countcustomers = Database::pexecute_first($countcustomers_stmt, array('adminid' => $userinfo['adminid']));
$countcustomers = (int)$countcustomers['countcustomers'];
if ($action == '') {
@@ -135,8 +128,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid'
);
- Database::pexecute($usr_stmt, array('cid' => $cid));
- $usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
+ $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
if (isset($usr['loginname'])) {
$customer = getCorrectFullUserDetails($usr);
@@ -191,7 +183,7 @@ if ($page == 'tickets'
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
- $newticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
+ $newticket = ticket::getInstanceOf($userinfo, $settings, -1);
$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -226,8 +218,7 @@ if ($page == 'tickets'
SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
'.$where.' ORDER BY `logicalorder`, `name` ASC'
);
- Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid']));
- $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+ $result = Database::pexecute_first($result_stmt, array('adminid' => $userinfo['adminid']));
if (isset($result['name'])
&& $result['name'] != ''
@@ -283,7 +274,7 @@ if ($page == 'tickets'
&& $_POST['send'] == 'send'
) {
- $replyticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
+ $replyticket = ticket::getInstanceOf($userinfo, $settings, -1);
$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$replyticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false);
@@ -292,7 +283,7 @@ if ($page == 'tickets'
standard_error(array('stringisempty', 'mymessage'));
} else {
$now = time();
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$replyticket->Set('customerid', $mainticket->Get('customer'), true, true);
$replyticket->Set('lastchange', $now, true, true);
$replyticket->Set('ip', $_SERVER['REMOTE_ADDR'], true, true);
@@ -318,7 +309,7 @@ if ($page == 'tickets'
} else {
$ticket_replies = '';
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
$status = ticket::getStatusText($lng, $mainticket->Get('status'));
@@ -339,8 +330,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid'
);
- Database::pexecute($usr_stmt, array('cid' => $cid));
- $usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
+ $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$by = '';
$by .= getCorrectFullUserDetails($usr).'';
}
@@ -352,8 +342,7 @@ if ($page == 'tickets'
$result_stmt = Database::prepare('
SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :cid'
);
- Database::pexecute($result_stmt, array('cid' => $mainticket->Get('category')));
- $row = $result_stmt->fetch(PDO::FETCH_ASSOC);
+ $row = Database::pexecute_first($result_stmt, array('cid' => $mainticket->Get('category')));
$andere_stmt = Database::prepare('
SELECT * FROM `' . TABLE_PANEL_TICKETS . '`
@@ -364,7 +353,7 @@ if ($page == 'tickets'
while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
- $subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$row2['id']);
+ $subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
if ($subticket->Get('by') == '1') {
@@ -376,8 +365,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid'
);
- Database::pexecute($usr_stmt, array('cid' => $cid));
- $usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
+ $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$by = '';
$by .= getCorrectFullUserDetails($usr).'';
}
@@ -410,15 +398,15 @@ if ($page == 'tickets'
&& $_POST['send'] == 'send'
) {
$now = time();
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '3', true, true);
$mainticket->Update();
$log->logAction(ADM_ACTION, LOG_NOTICE, "closed ticket '" . $mainticket->Get('subject') . "'");
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
} else {
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
}
@@ -426,13 +414,13 @@ if ($page == 'tickets'
&& $id != 0
) {
$now = time();
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '0', true, true);
$mainticket->Update();
$log->logAction(ADM_ACTION, LOG_NOTICE, "reopened ticket '" . $mainticket->Get('subject') . "'");
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
} elseif($action == 'archive'
&& $id != 0
@@ -441,16 +429,16 @@ if ($page == 'tickets'
&& $_POST['send'] == 'send'
) {
$now = time();
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '3', true, true);
$mainticket->Update();
$mainticket->Archive();
$log->logAction(ADM_ACTION, LOG_NOTICE, "archived ticket '" . $mainticket->Get('subject') . "'");
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
} else {
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallyarchive', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
}
@@ -460,12 +448,12 @@ if ($page == 'tickets'
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$log->logAction(ADM_ACTION, LOG_INFO, "deleted ticket '" . $mainticket->Get('subject') . "'");
$mainticket->Delete();
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
} else {
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
}
}
@@ -538,18 +526,18 @@ if ($page == 'tickets'
if ($order < 1 || $order >= 1000) {
// use the latest available
- $order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1;
+ $order = ticket::getHighestOrderNumber($userinfo['adminid']) + 1;
}
if ($category == '') {
standard_error(array('stringisempty', 'mycategory'));
} else {
- ticket::addCategory($db, $category, $userinfo['adminid'], $order);
+ ticket::addCategory($category, $userinfo['adminid'], $order);
$log->logAction(ADM_ACTION, LOG_INFO, "added ticket-category '" . $category . "'");
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
}
} else {
- $order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1;
+ $order = ticket::getHighestOrderNumber($userinfo['adminid']) + 1;
$category_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_new.php';
$category_new_form = htmlform::genHTMLForm($category_new_data);
@@ -577,16 +565,15 @@ if ($page == 'tickets'
if ($category == '') {
standard_error(array('stringisempty', 'mycategory'));
} else {
- ticket::editCategory($db, $category, $id, $order);
+ ticket::editCategory($category, $id, $order);
$log->logAction(ADM_ACTION, LOG_INFO, "edited ticket-category '" . $category . "'");
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
}
} else {
$row_stmt = Database::prepare('
SELECT * FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :id'
);
- Database::pexecute($row_stmt, array('id' => $id));
- $row = $row_stmt->fetch(PDO::FETCH_ASSOC);
+ $row = Database::pexecute_first($row_stmt, array('id' => $id));
$category_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_edit.php';
$category_edit_form = htmlform::genHTMLForm($category_edit_data);
@@ -602,15 +589,15 @@ if ($page == 'tickets'
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
- if (ticket::deleteCategory($db, $id) == false) {
+ if (ticket::deleteCategory($id) == false) {
standard_error('categoryhastickets');
}
$log->logAction(ADM_ACTION, LOG_INFO, "deleted ticket-category #" . $id);
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
} else {
- $name = ticket::getCategoryName($db, $id);
+ $name = ticket::getCategoryName($id);
ask_yesno('ticket_reallydeletecat', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $name);
}
}
@@ -643,8 +630,11 @@ if ($page == 'tickets'
$categories[$x] = isset($_POST['category' . $x]) ? $_POST['category' . $x] : '';
}
- // FIXME migrate to PDO
- $query = ticket::getArchiveSearchStatement($db, $subject, $priority, $fromdate, $todate, $message, $customer, $userinfo['adminid'], $categories);
+ $archive_search = ticket::getArchiveSearchStatement($subject, $priority, $fromdate, $todate, $message, $customer, $userinfo['adminid'], $categories);
+
+ $query = $archive_search[0];
+ $archive_params = $archive_search[1];
+
$fields = array(
'lastchange' => $lng['ticket']['lastchange'],
'ticket_answers' => $lng['ticket']['ticket_answers'],
@@ -653,15 +643,15 @@ if ($page == 'tickets'
'priority' => $lng['ticket']['priority']
);
$paging = new paging($userinfo, $db, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
- // FIXME migrate (the above) to PDO
- $result = $db->query($query . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+ $result_stmt = Database::prepare($query . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+ Database::pexecute($result_stmt, $archive_params);
$sortcode = $paging->getHtmlSortCode($lng);
$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
$searchcode = $paging->getHtmlSearchCode($lng);
$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
$ctickets = array();
- while ($row = $db->fetch_array($result)) {
+ while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if (!isset($ctickets[$row['customerid']])
|| !is_array($ctickets[$row['customerid']])
) {
@@ -691,7 +681,7 @@ if ($page == 'tickets'
ksort($ticketrows);
}
- $_cid = 0;
+ $_cid = -1;
foreach ($ticketrows as $ticket) {
if ($paging->checkDisplay($i)) {
$ticket['lastchange'] = date("d.m.y H:i", $ticket['lastchange']);
@@ -702,8 +692,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid'
);
- Database::pexecute($usr_stmt, array('cid' => $cid));
- $usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
+ $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
if (isset($usr['loginname'])) {
$customer = getCorrectFullUserDetails($usr);
@@ -711,6 +700,8 @@ if ($page == 'tickets'
$customerid = $usr['customerid'];
} else {
$customer = $lng['ticket']['nonexistingcustomer'];
+ $customerid = 0;
+ $customerloginname = '';
}
eval("\$tickets.=\"" . getTemplate("tickets/tickets_customer") . "\";");
}
@@ -750,7 +741,7 @@ if ($page == 'tickets'
} else {
$archived = array();
- $archived = ticket::getLastArchived($db, 6, $userinfo['adminid']);
+ $archived = ticket::getLastArchived(6, $userinfo['adminid']);
$tickets = '';
if ($archived !== false) {
@@ -805,27 +796,22 @@ if ($page == 'tickets'
) {
$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed archived-ticket #" . $id);
$ticket_replies = '';
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$lastchange = date("d.m.Y H:i\h", $mainticket->Get('lastchange'));
$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
$status = ticket::getStatusText($lng, $mainticket->Get('status'));
$isclosed = 1;
- if($mainticket->Get('by') == '1')
- {
+ if ($mainticket->Get('by') == '1') {
$by = $lng['ticket']['staff'];
- }
- else
- {
+ } else {
$cid = $mainticket->Get('customer');
$usr_stmt = Database::prepare('
SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid'
);
- Database::pexecute($usr_stmt, array('cid' => $cid));
- $usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
-
+ $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$by = '';
$by .= getCorrectFullUserDetails($usr).'';
}
@@ -837,8 +823,7 @@ if ($page == 'tickets'
$result_stmt = Database::prepare('
SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :cid'
);
- Database::pexecute($result_stmt, array('cid' => $mainticket->Get('category')));
- $row = $result_stmt->fetch(PDO::FETCH_ASSOC);
+ $row = Database::pexecute_first($result_stmt, array('cid' => $mainticket->Get('category')));
$andere_stmt = Database::prepare('
SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :id'
@@ -848,7 +833,7 @@ if ($page == 'tickets'
while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
- $subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$row2['id']);
+ $subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
if ($subticket->Get('by') == '1') {
@@ -860,9 +845,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid'
);
- Database::pexecute($usr_stmt, array('cid' => $cid));
- $usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
-
+ $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$by = '';
$by .= getCorrectFullUserDetails($usr).'';
}
@@ -887,12 +870,12 @@ if ($page == 'tickets'
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$log->logAction(ADM_ACTION, LOG_INFO, "deleted archived ticket '" . $mainticket->Get('subject') . "'");
$mainticket->Delete();
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
} else {
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
}
}
diff --git a/customer_mysql.php b/customer_mysql.php
index 3c349281..ecce920b 100644
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -211,7 +211,7 @@ if ($page == 'overview') {
);
$params = array(
"customerid" => $userinfo['customerid'],
- "username" => $username,
+ "databasename" => $username,
"description" => $databasedescription,
"dbserver" => $dbserver
);
diff --git a/customer_tickets.php b/customer_tickets.php
index 780a9b8a..d3f0d31a 100644
--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -18,22 +18,18 @@
*/
define('AREA', 'customer');
-
-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
require ("./lib/init.php");
-if(isset($_POST['id'])) {
+if (isset($_POST['id'])) {
+
$id = intval($_POST['id']);
/*
* Check if the current user is allowed to see the current ticket.
*/
$stmt = Database::prepare("SELECT `id` FROM `panel_tickets` WHERE `id` = :id AND `customerid` = :customerid");
- Database::pexecute($stmt, array("id" => $id, "customerid" => $userinfo['customerid']));
- $result = $stmt->fetch(PDO::FETCH_ASSOC);
+ $result = Database::pexecute_first($stmt, array("id" => $id, "customerid" => $userinfo['customerid']));
+
if ($result == null) {
// no rights to see the requested ticket
standard_error(array('ticketnotaccessible'));
@@ -141,8 +137,7 @@ if($page == 'overview') {
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
);
- Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
- $opentickets = $stmt->fetch(PDO::FETCH_ASSOC);
+ $opentickets = Database::pexecute_first($stmt, array("customerid" => $userinfo['customerid']));
if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
@@ -152,10 +147,11 @@ if($page == 'overview') {
$ticketsopen = (int)$opentickets['count'];
eval("echo \"" . getTemplate("tickets/tickets") . "\";");
+
} elseif($action == 'new') {
if($userinfo['tickets_used'] < $userinfo['tickets'] || $userinfo['tickets'] == '-1') {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
- $newticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
+ $newticket = ticket::getInstanceOf($userinfo, $settings, -1);
$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -185,11 +181,9 @@ if($page == 'overview') {
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
// Customer mail
-
$newticket->sendMail((int)$userinfo['customerid'], 'new_ticket_for_customer_subject', $lng['mails']['new_ticket_for_customer']['subject'], 'new_ticket_for_customer_mailbody', $lng['mails']['new_ticket_for_customer']['mailbody']);
// Admin mail
-
$newticket->sendMail(-1, 'new_ticket_by_customer_subject', $lng['mails']['new_ticket_by_customer']['subject'], 'new_ticket_by_customer_mailbody', $lng['mails']['new_ticket_by_customer']['mailbody']);
redirectTo($filename, Array('page' => $page, 's' => $s));
}
@@ -199,10 +193,9 @@ if($page == 'overview') {
WHERE `adminid` = :adminid
ORDER BY `logicalorder`, `name` ASC'
);
- Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid']));
- $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+ $result = Database::pexecute_first($result_stmt, array("adminid" => $userinfo['adminid']));
- if(isset($result['name']) && $result['name'] != '') {
+ if (isset($result['name']) && $result['name'] != '') {
$result2_stmt = Database::prepare('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
WHERE `adminid` = :adminid
ORDER BY `logicalorder`, `name` ASC'
@@ -225,10 +218,11 @@ if($page == 'overview') {
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
);
- Database::pexecute($opentickets_stmt, array("customerid" => $userinfo['customerid']));
- $opentickets = $opentickets_stmt->fetch(PDO::FETCH_ASSOC);
+ $opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));
- if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
+ if ($settings['ticket']['concurrently_open'] != - 1
+ && $settings['ticket']['concurrently_open'] != ''
+ ) {
$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
} else {
$notmorethanxopentickets = '';
@@ -249,7 +243,7 @@ if($page == 'overview') {
}
} elseif($action == 'answer' && $id != 0) {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
- $replyticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
+ $replyticket = ticket::getInstanceOf($userinfo, $settings, -1);
$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
@@ -267,8 +261,7 @@ if($page == 'overview') {
$replyticket->Insert();
// Update priority if changed
-
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
if($replyticket->Get('priority') != $mainticket->Get('priority')) {
$mainticket->Set('priority', $replyticket->Get('priority'), true);
@@ -284,7 +277,7 @@ if($page == 'overview') {
}
} else {
$ticket_replies = '';
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
$status = ticket::getStatusText($lng, $mainticket->Get('status'));
@@ -302,10 +295,8 @@ if($page == 'overview') {
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :customerid '
);
- Database::pexecute($usr_stmt, array("customerid" => $cid));
- $usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
+ $usr = Database::pexecute_first($usr_stmt, array("customerid" => $cid));
$by = getCorrectFullUserDetails($usr);
- //$by = $lng['ticket']['customer'];
}
$subject = $mainticket->Get('subject');
@@ -314,24 +305,23 @@ if($page == 'overview') {
$result_stmt = Database::prepare('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
WHERE `id`= :id '
);
- Database::pexecute($result_stmt, array("id" => $mainticket->Get('category')));
- $row = $result_stmt->fetch(PDO::FETCH_ASSOC);
+ $row = Database::pexecute_first($result_stmt, array("id" => $mainticket->Get('category')));
$andere_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `answerto`= :answerto
ORDER BY `lastchange` ASC'
);
Database::pexecute($andere_stmt, array("answerto" => $id));
-
+ $numrows_andere = Database::num_rows();
+
while($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
- $subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$row2['id']);
+ $subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
if($subticket->Get('by') == '1') {
$by = $lng['ticket']['staff'];
} else {
$by = getCorrectFullUserDetails($usr);
- //$by = $lng['ticket']['customer'];
}
$subject = $subticket->Get('subject');
@@ -343,10 +333,9 @@ if($page == 'overview') {
$priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true);
$priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true);
$subject = $mainticket->Get('subject');
- $ticket_replies_count = $db->num_rows($andere) + 1;
+ $ticket_replies_count = $numrows_andere + 1;
// don't forget the main-ticket!
-
$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/customer/tickets/formfield.ticket_reply.php';
$ticket_reply_form = htmlform::genHTMLForm($ticket_reply_data);
@@ -358,7 +347,7 @@ if($page == 'overview') {
} elseif($action == 'close' && $id != 0) {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$now = time();
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '0', true, true);
$mainticket->Set('status', '3', true, true);
@@ -366,7 +355,7 @@ if($page == 'overview') {
$log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'");
redirectTo($filename, Array('page' => $page, 's' => $s));
} else {
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
}
} elseif($action == 'reopen' && $id != 0) {
@@ -376,8 +365,7 @@ if($page == 'overview') {
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
);
- Database::pexecute($opentickets_stmt, array("customerid" => $userinfo['customerid']));
- $opentickets = $opentickets_stmt->fetch(PDO::FETCH_ASSOC);
+ $opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));
$ticketsopen = (int)$opentickets['count'];
if($ticketsopen > $settings['ticket']['concurrently_open'] && $settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
@@ -385,14 +373,12 @@ if($page == 'overview') {
}
$now = time();
- $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+ $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '0', true, true);
$mainticket->Set('status', '0', true, true);
$mainticket->Update();
$log->logAction(USR_ACTION, LOG_NOTICE, "reopened support-ticket '" . $mainticket->Get('subject') . "'");
- redirectTo($filename, Array('page' => $page, 's' => $s));
+ redirectTo($filename, array('page' => $page, 's' => $s));
}
}
-
-?>
diff --git a/lib/classes/database/class.Database.php b/lib/classes/database/class.Database.php
index 29ef2066..8af62a3b 100644
--- a/lib/classes/database/class.Database.php
+++ b/lib/classes/database/class.Database.php
@@ -69,6 +69,22 @@ class Database {
}
}
+ /**
+ * Wrapper for PDOStatement::execute so we can catch the PDOException
+ * and display the error nicely on the panel - also fetches the
+ * result from the statement and returns the resulting array
+ *
+ * @param PDOStatement $stmt
+ * @param array $params (optional)
+ * @param bool $showerror suppress errordisplay (default true)
+ *
+ * @return array
+ */
+ public static function pexecute_first(&$stmt, $params = null, $showerror = true) {
+ self::pexecute($stmt, $params, $showerror);
+ return $stmt->fetch(PDO::FETCH_ASSOC);
+ }
+
/**
* returns the number of found rows of the last select query
*
@@ -250,4 +266,4 @@ class Database {
die("We are sorry, but a MySQL - error occurred. The administrator may find more information in in the sql-error.log in the logs/ directory");
}
}
-}
\ No newline at end of file
+}
diff --git a/lib/classes/phpinterface/class.phpinterface.php b/lib/classes/phpinterface/class.phpinterface.php
index 01ff1e4c..579bdc80 100644
--- a/lib/classes/phpinterface/class.phpinterface.php
+++ b/lib/classes/phpinterface/class.phpinterface.php
@@ -19,13 +19,7 @@
*
*/
-class phpinterface
-{
- /**
- * Database handler
- * @var object
- */
- private $_db = false;
+class phpinterface {
/**
* Settings array
@@ -54,9 +48,7 @@ class phpinterface
/**
* main constructor
*/
- public function __construct($db, $settings, $domain)
- {
- $this->_db = $db;
+ public function __construct($settings, $domain) {
$this->_settings = $settings;
$this->_domain = $domain;
$this->_setInterface();
@@ -66,8 +58,7 @@ class phpinterface
* returns the interface-object
* from where we can control it
*/
- public function getInterface()
- {
+ public function getInterface() {
return $this->_interface;
}
@@ -76,16 +67,13 @@ class phpinterface
* php-interface: fcgid or php-fpm
* sets private $_interface variable
*/
- private function _setInterface()
- {
+ private function _setInterface() {
// php-fpm
- if((int)$this->_settings['phpfpm']['enabled'] == 1)
- {
- $this->_interface = new phpinterface_fpm($this->_db, $this->_settings, $this->_domain);
- }
- elseif((int)$this->_settings['system']['mod_fcgid'] == 1)
- {
- $this->_interface = new phpinterface_fcgid($this->_db, $this->_settings, $this->_domain);
+ if ((int)$this->_settings['phpfpm']['enabled'] == 1) {
+ $this->_interface = new phpinterface_fpm($this->_settings, $this->_domain);
+
+ } elseif ((int)$this->_settings['system']['mod_fcgid'] == 1) {
+ $this->_interface = new phpinterface_fcgid($this->_settings, $this->_domain);
}
}
@@ -96,23 +84,20 @@ class phpinterface
*
* @return array
*/
- public function getPhpConfig($php_config_id)
- {
+ public function getPhpConfig($php_config_id) {
+
$php_config_id = intval($php_config_id);
// If domain has no config, we will use the default one.
-
- if($php_config_id == 0)
- {
+ if ($php_config_id == 0) {
$php_config_id = 1;
}
- if(!isset($this->php_configs_cache[$php_config_id]))
- {
- $this->_php_configs_cache[$php_config_id] = $this->_db->query_first(
- "SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`
- WHERE `id` = " . (int)$php_config_id
+ if (!isset($this->php_configs_cache[$php_config_id])) {
+ $stmt = Database::prepare("
+ SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
);
+ $this->_php_configs_cache[$php_config_id] = Database::pexecute_first($stmt, array('id' => $php_config_id));
}
return $this->_php_configs_cache[$php_config_id];
diff --git a/lib/classes/phpinterface/class.phpinterface_fcgid.php b/lib/classes/phpinterface/class.phpinterface_fcgid.php
index 690f4da4..aedd20b1 100644
--- a/lib/classes/phpinterface/class.phpinterface_fcgid.php
+++ b/lib/classes/phpinterface/class.phpinterface_fcgid.php
@@ -19,13 +19,7 @@
*
*/
-class phpinterface_fcgid
-{
- /**
- * Database handler
- * @var object
- */
- private $_db = false;
+class phpinterface_fcgid {
/**
* Settings array
@@ -36,27 +30,25 @@ class phpinterface_fcgid
/**
* Domain-Data array
* @var array
- */
+ */
private $_domain = array();
/**
* Admin-Date cache array
* @var array
- */
+ */
private $_admin_cache = array();
/**
* main constructor
- */
- public function __construct($db, $settings, $domain)
- {
- $this->_db = $db;
+ */
+ public function __construct($settings, $domain) {
$this->_settings = $settings;
$this->_domain = $domain;
}
- public function createConfig($phpconfig)
- {
+ public function createConfig($phpconfig) {
+
// create starter
$starter_file = "#!/bin/sh\n\n";
$starter_file.= "#\n";
@@ -68,18 +60,13 @@ class phpinterface_fcgid
$starter_file.= "export PHPRC\n";
// set number of processes for one domain
- if((int)$this->_domain['mod_fcgid_starter'] != - 1)
- {
+ if ((int)$this->_domain['mod_fcgid_starter'] != - 1) {
$starter_file.= "PHP_FCGI_CHILDREN=" . (int)$this->_domain['mod_fcgid_starter'] . "\n";
- }
- else
- {
- if((int)$phpconfig['mod_fcgid_starter'] != - 1)
- {
+
+ } else {
+ if ((int)$phpconfig['mod_fcgid_starter'] != - 1) {
$starter_file.= "PHP_FCGI_CHILDREN=" . (int)$phpconfig['mod_fcgid_starter'] . "\n";
- }
- else
- {
+ } else {
$starter_file.= "PHP_FCGI_CHILDREN=" . (int)$this->_settings['system']['mod_fcgid_starter'] . "\n";
}
}
@@ -87,18 +74,12 @@ class phpinterface_fcgid
$starter_file.= "export PHP_FCGI_CHILDREN\n";
// set number of maximum requests for one domain
- if((int)$this->_domain['mod_fcgid_maxrequests'] != - 1)
- {
+ if ((int)$this->_domain['mod_fcgid_maxrequests'] != - 1) {
$starter_file.= "PHP_FCGI_MAX_REQUESTS=" . (int)$this->_domain['mod_fcgid_maxrequests'] . "\n";
- }
- else
- {
- if((int)$phpconfig['mod_fcgid_maxrequests'] != - 1)
- {
+ } else {
+ if ((int)$phpconfig['mod_fcgid_maxrequests'] != - 1) {
$starter_file.= "PHP_FCGI_MAX_REQUESTS=" . (int)$phpconfig['mod_fcgid_maxrequests'] . "\n";
- }
- else
- {
+ } else {
$starter_file.= "PHP_FCGI_MAX_REQUESTS=" . (int)$this->_settings['system']['mod_fcgid_maxrequests'] . "\n";
}
}
@@ -109,8 +90,7 @@ class phpinterface_fcgid
$starter_file.= "exec " . $phpconfig['binary'] . " -c " . escapeshellarg($this->getConfigDir()) . "\n";
//remove +i attibute, so starter can be overwritten
- if(file_exists($this->getStarterFile()))
- {
+ if (file_exists($this->getStarterFile())) {
removeImmutable($this->getStarterFile());
}
@@ -122,34 +102,36 @@ class phpinterface_fcgid
setImmutable($this->getStarterFile());
}
- public function createIniFile($phpconfig)
- {
+ /**
+ * create customized php.ini
+ *
+ * @param array $phpconfig
+ */
+ public function createIniFile($phpconfig) {
+
$openbasedir = '';
$openbasedirc = ';';
- if($this->_domain['openbasedir'] == '1')
- {
+ if ($this->_domain['openbasedir'] == '1') {
+
$openbasedirc = '';
$_phpappendopenbasedir = '';
$_custom_openbasedir = explode(':', $this->_settings['system']['mod_fcgid_peardir']);
- foreach($_custom_openbasedir as $cobd)
- {
+ foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$_custom_openbasedir = explode(':', $this->_settings['system']['phpappendopenbasedir']);
- foreach($_custom_openbasedir as $cobd)
- {
+ foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
- if($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false)
- {
+ if ($this->_domain['openbasedir_path'] == '0'
+ && strstr($this->_domain['documentroot'], ":") === false
+ ) {
$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
- }
- else
- {
+ } else {
$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
}
@@ -158,34 +140,31 @@ class phpinterface_fcgid
$openbasedir = explode(':', $openbasedir);
$clean_openbasedir = array();
- foreach($openbasedir as $number => $path)
- {
- if(trim($path) != '/')
- {
+ foreach ($openbasedir as $number => $path) {
+ if (trim($path) != '/') {
$clean_openbasedir[] = makeCorrectDir($path);
}
}
$openbasedir = implode(':', $clean_openbasedir);
- }
- else
- {
+
+ } else {
$openbasedir = 'none';
$openbasedirc = ';';
}
$admin = $this->_getAdminData($this->_domain['adminid']);
$php_ini_variables = array(
- 'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
- 'PEAR_DIR' => $this->_settings['system']['mod_fcgid_peardir'],
- 'OPEN_BASEDIR' => $openbasedir,
- 'OPEN_BASEDIR_C' => $openbasedirc,
- 'OPEN_BASEDIR_GLOBAL' => $this->_settings['system']['phpappendopenbasedir'],
- 'TMP_DIR' => $this->getTempDir(),
- 'CUSTOMER_EMAIL' => $this->_domain['email'],
- 'ADMIN_EMAIL' => $admin['email'],
- 'DOMAIN' => $this->_domain['domain'],
- 'CUSTOMER' => $this->_domain['loginname'],
- 'ADMIN' => $admin['loginname']
+ 'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
+ 'PEAR_DIR' => $this->_settings['system']['mod_fcgid_peardir'],
+ 'OPEN_BASEDIR' => $openbasedir,
+ 'OPEN_BASEDIR_C' => $openbasedirc,
+ 'OPEN_BASEDIR_GLOBAL' => $this->_settings['system']['phpappendopenbasedir'],
+ 'TMP_DIR' => $this->getTempDir(),
+ 'CUSTOMER_EMAIL' => $this->_domain['email'],
+ 'ADMIN_EMAIL' => $admin['email'],
+ 'DOMAIN' => $this->_domain['domain'],
+ 'CUSTOMER' => $this->_domain['loginname'],
+ 'ADMIN' => $admin['loginname']
);
//insert a small header for the file
@@ -206,17 +185,16 @@ class phpinterface_fcgid
/**
* fcgid-config directory
- *
+ *
* @param boolean $createifnotexists create the directory if it does not exist
- *
+ *
* @return string the directory
*/
- public function getConfigDir($createifnotexists = true)
- {
+ public function getConfigDir($createifnotexists = true) {
+
$configdir = makeCorrectDir($this->_settings['system']['mod_fcgid_configdir'] . '/' . $this->_domain['loginname'] . '/' . $this->_domain['domain'] . '/');
- if(!is_dir($configdir) && $createifnotexists)
- {
+ if (!is_dir($configdir) && $createifnotexists) {
safe_exec('mkdir -p ' . escapeshellarg($configdir));
safe_exec('chown ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($configdir));
}
@@ -226,66 +204,61 @@ class phpinterface_fcgid
/**
* fcgid-temp directory
- *
+ *
* @param boolean $createifnotexists create the directory if it does not exist
- *
+ *
* @return string the directory
*/
- public function getTempDir($createifnotexists = true)
- {
+ public function getTempDir($createifnotexists = true) {
+
$tmpdir = makeCorrectDir($this->_settings['system']['mod_fcgid_tmpdir'] . '/' . $this->_domain['loginname'] . '/');
- if(!is_dir($tmpdir) && $createifnotexists)
- {
+ if (!is_dir($tmpdir) && $createifnotexists) {
safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
safe_exec('chown -R ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($tmpdir));
safe_exec('chmod 0750 ' . escapeshellarg($tmpdir));
}
-
+
return $tmpdir;
}
/**
* return path of php-starter file
- *
+ *
* @return string the directory
*/
- public function getStarterFile()
- {
+ public function getStarterFile() {
$starter_filename = makeCorrectFile($this->getConfigDir() . '/php-fcgi-starter');
return $starter_filename;
}
/**
* return path of php.ini file
- *
+ *
* @return string full with path file-name
*/
- public function getIniFile()
- {
+ public function getIniFile() {
$phpini_filename = makeCorrectFile($this->getConfigDir() . '/php.ini');
return $phpini_filename;
}
/**
* return the admin-data of a specific admin
- *
+ *
* @param int $adminid id of the admin-user
- *
+ *
* @return array
*/
- private function _getAdminData($adminid)
- {
+ private function _getAdminData($adminid) {
+
$adminid = intval($adminid);
- if(!isset($this->_admin_cache[$adminid]))
- {
- $this->_admin_cache[$adminid] = $this->_db->query_first(
- "SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "`
- WHERE `adminid` = " . (int)$adminid
+ if (!isset($this->_admin_cache[$adminid])) {
+ $stmt = Database::prepare("TABLE_PANEL_ADMINS
+ SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id"
);
+ $this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array('id' => $adminid));
}
-
return $this->_admin_cache[$adminid];
}
}
diff --git a/lib/classes/phpinterface/class.phpinterface_fpm.php b/lib/classes/phpinterface/class.phpinterface_fpm.php
index 00017f29..a458a03a 100644
--- a/lib/classes/phpinterface/class.phpinterface_fpm.php
+++ b/lib/classes/phpinterface/class.phpinterface_fpm.php
@@ -19,13 +19,7 @@
*
*/
-class phpinterface_fpm
-{
- /**
- * Database handler
- * @var object
- */
- private $_db = false;
+class phpinterface_fpm {
/**
* Settings array
@@ -36,80 +30,83 @@ class phpinterface_fpm
/**
* Domain-Data array
* @var array
- */
+ */
private $_domain = array();
/**
* Admin-Date cache array
* @var array
- */
+ */
private $_admin_cache = array();
/**
* defines what can be used for pool-config from php.ini
* @var array
- */
+ */
private $_ini = array(
- 'php_value' => array(
- 'error_reporting',
- 'max_execution_time',
- 'include_path',
- 'upload_max_filesize',
- 'log_errors_max_len'
- ),
- 'php_flag' => array(
- 'short_open_tag',
- 'asp_tags',
- 'display_errors',
- 'display_startup_errors',
- 'log_errors',
- 'track_errors',
- 'html_errors',
- 'magic_quotes_gpc',
- 'magic_quotes_runtime',
- 'magic_quotes_sybase'
- ),
- 'php_admin_value' => array(
- 'precision',
- 'output_buffering',
- 'disable_functions',
- 'max_input_time',
- 'memory_limit',
- 'post_max_size',
- 'variables_order',
- 'gpc_order',
- 'date.timezone'
- ),
- 'php_admin_flag' => array(
- 'allow_call_time_pass_reference',
- 'allow_url_fopen',
- 'cgi.force_redirect',
- 'enable_dl',
- 'expose_php',
- 'ignore_repeated_errors',
- 'ignore_repeated_source',
- 'report_memleaks',
- 'register_argc_argv',
- 'file_uploads',
- 'allow_url_fopen'
- )
+ 'php_value' => array(
+ 'error_reporting',
+ 'max_execution_time',
+ 'include_path',
+ 'upload_max_filesize',
+ 'log_errors_max_len'
+ ),
+ 'php_flag' => array(
+ 'short_open_tag',
+ 'asp_tags',
+ 'display_errors',
+ 'display_startup_errors',
+ 'log_errors',
+ 'track_errors',
+ 'html_errors',
+ 'magic_quotes_gpc',
+ 'magic_quotes_runtime',
+ 'magic_quotes_sybase'
+ ),
+ 'php_admin_value' => array(
+ 'precision',
+ 'output_buffering',
+ 'disable_functions',
+ 'max_input_time',
+ 'memory_limit',
+ 'post_max_size',
+ 'variables_order',
+ 'gpc_order',
+ 'date.timezone'
+ ),
+ 'php_admin_flag' => array(
+ 'allow_call_time_pass_reference',
+ 'allow_url_fopen',
+ 'cgi.force_redirect',
+ 'enable_dl',
+ 'expose_php',
+ 'ignore_repeated_errors',
+ 'ignore_repeated_source',
+ 'report_memleaks',
+ 'register_argc_argv',
+ 'file_uploads',
+ 'allow_url_fopen'
+ )
);
/**
* main constructor
- */
- public function __construct($db, $settings, $domain)
- {
- $this->_db = $db;
+ */
+ public function __construct($settings, $domain) {
$this->_settings = $settings;
$this->_domain = $domain;
}
- public function createConfig($phpconfig)
- {
+ /**
+ * create fpm-pool config
+ *
+ * @param array $phpconfig
+ */
+ public function createConfig($phpconfig) {
+
$fh = @fopen($this->getConfigFile(), 'w');
- if($fh)
- {
+
+ if ($fh) {
$fpm_pm = $this->_settings['phpfpm']['pm'];
$fpm_children = (int)$this->_settings['phpfpm']['max_children'];
$fpm_start_servers = (int)$this->_settings['phpfpm']['start_servers'];
@@ -118,39 +115,34 @@ class phpinterface_fpm
$fpm_requests = (int)$this->_settings['phpfpm']['max_requests'];
$fpm_process_idle_timeout = (int)$this->_settings['phpfpm']['idle_timeout'];
- if($fpm_children == 0) {
+ if ($fpm_children == 0) {
$fpm_children = 1;
}
$fpm_config = ';PHP-FPM configuration for "'.$this->_domain['domain'].'" created on ' . date("Y.m.d H:i:s") . "\n";
$fpm_config.= '['.$this->_domain['domain'].']'."\n";
$fpm_config.= 'listen = '.$this->getSocketFile()."\n";
- if($this->_domain['loginname'] == 'froxlor.panel')
- {
+ if ($this->_domain['loginname'] == 'froxlor.panel') {
$fpm_config.= 'listen.owner = '.$this->_domain['guid']."\n";
$fpm_config.= 'listen.group = '.$this->_domain['guid']."\n";
- }
- else
- {
+ } else {
$fpm_config.= 'listen.owner = '.$this->_domain['loginname']."\n";
$fpm_config.= 'listen.group = '.$this->_domain['loginname']."\n";
}
$fpm_config.= 'listen.mode = 0666'."\n";
- if($this->_domain['loginname'] == 'froxlor.panel')
- {
+ if ($this->_domain['loginname'] == 'froxlor.panel') {
$fpm_config.= 'user = '.$this->_domain['guid']."\n";
$fpm_config.= 'group = '.$this->_domain['guid']."\n";
- }
- else
- {
+ } else {
$fpm_config.= 'user = '.$this->_domain['loginname']."\n";
$fpm_config.= 'group = '.$this->_domain['loginname']."\n";
}
$fpm_config.= 'pm = '.$fpm_pm."\n";
$fpm_config.= 'pm.max_children = '.$fpm_children."\n";
- if($fpm_pm == 'dynamic') {
+
+ if ($fpm_pm == 'dynamic') {
// failsafe, refs #955
if ($fpm_start_servers < $fpm_min_spare_servers) {
$fpm_start_servers = $fpm_min_spare_servers;
@@ -167,12 +159,10 @@ class phpinterface_fpm
}
$fpm_config.= 'pm.max_requests = '.$fpm_requests."\n";
-
$fpm_config.= ';chroot = '.makeCorrectDir($this->_domain['documentroot'])."\n";
$tmpdir = makeCorrectDir($this->_settings['phpfpm']['tmpdir'] . '/' . $this->_domain['loginname'] . '/');
- if(!is_dir($tmpdir))
- {
+ if (!is_dir($tmpdir)) {
$this->getTempDir();
}
//$slowlog = makeCorrectFile($this->_settings['system']['logfiles_directory'] . $this->_domain['loginname'] . '/php-fpm_slow.log');
@@ -182,30 +172,26 @@ class phpinterface_fpm
$fpm_config.= 'env[TEMP] = '.$tmpdir."\n";
$fpm_config.= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f '.$this->_domain['email']."\n";
- if($this->_domain['loginname'] != 'froxlor.panel')
- {
- if($this->_domain['openbasedir'] == '1')
- {
+
+ if ($this->_domain['loginname'] != 'froxlor.panel') {
+ if ($this->_domain['openbasedir'] == '1') {
$openbasedir = '';
$_phpappendopenbasedir = '';
$_custom_openbasedir = explode(':', $this->_settings['phpfpm']['peardir']);
- foreach($_custom_openbasedir as $cobd)
- {
+ foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$_custom_openbasedir = explode(':', $this->_settings['system']['phpappendopenbasedir']);
- foreach($_custom_openbasedir as $cobd)
- {
+ foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
- if($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false)
- {
+ if ($this->_domain['openbasedir_path'] == '0'
+ && strstr($this->_domain['documentroot'], ":") === false
+ ) {
$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
- }
- else
- {
+ } else {
$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
}
@@ -214,10 +200,8 @@ class phpinterface_fpm
$openbasedir = explode(':', $openbasedir);
$clean_openbasedir = array();
- foreach($openbasedir as $number => $path)
- {
- if(trim($path) != '/')
- {
+ foreach ($openbasedir as $number => $path) {
+ if (trim($path) != '/') {
$clean_openbasedir[] = makeCorrectDir($path);
}
}
@@ -230,6 +214,7 @@ class phpinterface_fpm
$fpm_config.= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir($this->_settings['phpfpm']['tmpdir'] . '/' . $this->_domain['loginname'] . '/') . "\n";
$admin = $this->_getAdminData($this->_domain['adminid']);
+
$php_ini_variables = array(
'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
'PEAR_DIR' => $this->_settings['system']['mod_fcgid_peardir'],
@@ -265,8 +250,7 @@ class phpinterface_fpm
*
* @param string $phpconfig
*/
- public function createIniFile($phpconfig)
- {
+ public function createIniFile($phpconfig) {
return;
}
@@ -277,13 +261,12 @@ class phpinterface_fpm
*
* @return string the full path to the file
*/
- public function getConfigFile($createifnotexists = true)
- {
+ public function getConfigFile($createifnotexists = true) {
+
$configdir = makeCorrectDir($this->_settings['phpfpm']['configdir']);
$config = makeCorrectFile($configdir.'/'.$this->_domain['domain'].'.conf');
- if(!is_dir($configdir) && $createifnotexists)
- {
+ if (!is_dir($configdir) && $createifnotexists) {
safe_exec('mkdir -p ' . escapeshellarg($configdir));
}
@@ -297,13 +280,12 @@ class phpinterface_fpm
*
* @return string the full path to the socket
*/
- public function getSocketFile($createifnotexists = true)
- {
+ public function getSocketFile($createifnotexists = true) {
+
$socketdir = makeCorrectDir('/var/run/'.$this->_settings['system']['webserver'].'/');
$socket = makeCorrectFile($socketdir.'/'.$this->_domain['loginname'].'-'.$this->_domain['domain'].'-php-fpm.socket');
- if(!is_dir($socketdir) && $createifnotexists)
- {
+ if (!is_dir($socketdir) && $createifnotexists) {
safe_exec('mkdir -p '.escapeshellarg($socketdir));
safe_exec('chown -R '.$this->_settings['system']['httpuser'].':'.$this->_settings['system']['httpgroup'].' '.escapeshellarg($socketdir));
}
@@ -318,12 +300,11 @@ class phpinterface_fpm
*
* @return string the directory
*/
- public function getTempDir($createifnotexists = true)
- {
+ public function getTempDir($createifnotexists = true) {
+
$tmpdir = makeCorrectDir($this->_settings['phpfpm']['tmpdir'] . '/' . $this->_domain['loginname'] . '/');
- if(!is_dir($tmpdir) && $createifnotexists)
- {
+ if (!is_dir($tmpdir) && $createifnotexists) {
safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
safe_exec('chown -R ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($tmpdir));
safe_exec('chmod 0750 ' . escapeshellarg($tmpdir));
@@ -333,28 +314,27 @@ class phpinterface_fpm
}
/**
- * fastcgi-fakedirectory directory
- *
- * @param boolean $createifnotexists create the directory if it does not exist
- *
- * @return string the directory
- */
- public function getAliasConfigDir($createifnotexists = true)
- {
- // ensure default...
- if (!isset($this->_settings['phpfpm']['aliasconfigdir'])) {
- $this->_settings['phpfpm']['aliasconfigdir'] = '/var/www/php-fpm';
- }
+ * fastcgi-fakedirectory directory
+ *
+ * @param boolean $createifnotexists create the directory if it does not exist
+ *
+ * @return string the directory
+ */
+ public function getAliasConfigDir($createifnotexists = true) {
- $configdir = makeCorrectDir($this->_settings['phpfpm']['aliasconfigdir'] . '/' . $this->_domain['loginname'] . '/' . $this->_domain['domain'] . '/');
- if(!is_dir($configdir) && $createifnotexists)
- {
- safe_exec('mkdir -p ' . escapeshellarg($configdir));
- safe_exec('chown ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($configdir));
- }
+ // ensure default...
+ if (!isset($this->_settings['phpfpm']['aliasconfigdir'])) {
+ $this->_settings['phpfpm']['aliasconfigdir'] = '/var/www/php-fpm';
+ }
- return $configdir;
- }
+ $configdir = makeCorrectDir($this->_settings['phpfpm']['aliasconfigdir'] . '/' . $this->_domain['loginname'] . '/' . $this->_domain['domain'] . '/');
+ if (!is_dir($configdir) && $createifnotexists) {
+ safe_exec('mkdir -p ' . escapeshellarg($configdir));
+ safe_exec('chown ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($configdir));
+ }
+
+ return $configdir;
+ }
/**
* return the admin-data of a specific admin
@@ -364,15 +344,15 @@ class phpinterface_fpm
* @return array
*/
private function _getAdminData($adminid) {
+
$adminid = intval($adminid);
if (!isset($this->_admin_cache[$adminid])) {
- $this->_admin_cache[$adminid] = $this->_db->query_first(
- "SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "`
- WHERE `adminid` = " . (int)$adminid
+ $stmt = Database::prepare("TABLE_PANEL_ADMINS
+ SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id"
);
+ $this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array('id' => $adminid));
}
-
return $this->_admin_cache[$adminid];
}
}
diff --git a/lib/classes/ticket/class.ticket.php b/lib/classes/ticket/class.ticket.php
index e6e2aefe..ff107d15 100644
--- a/lib/classes/ticket/class.ticket.php
+++ b/lib/classes/ticket/class.ticket.php
@@ -20,20 +20,14 @@
* Support Tickets - Tickets-Class
*/
-class ticket
-{
+class ticket {
+
/**
* Userinfo
* @var array
*/
private $userinfo = array();
- /**
- * Database handler
- * @var db
- */
- private $db = false;
-
/**
* Settings array
* @var settings
@@ -68,14 +62,11 @@ class ticket
* Class constructor.
*
* @param array userinfo
- * @param resource database
* @param array settings
* @param int ticket id
*/
- private function __construct($userinfo, $db, $settings, $tid = - 1)
- {
+ private function __construct($userinfo, $settings, $tid = - 1) {
$this->userinfo = $userinfo;
- $this->db = $db;
$this->settings = $settings;
$this->tid = $tid;
@@ -96,23 +87,22 @@ class ticket
/**
* Singleton ftw ;-)
*
+ * @param array userinfo
+ * @param array settings
* @param int ticket id
*/
- static public function getInstanceOf($_usernfo, $_db, $_settings, $_tid)
- {
- if(!isset(self::$tickets[$_tid]))
- {
- self::$tickets[$_tid] = new ticket($_usernfo, $_db, $_settings, $_tid);
+ static public function getInstanceOf($_usernfo, $_settings, $_tid) {
+ if (!isset(self::$tickets[$_tid])) {
+ self::$tickets[$_tid] = new ticket($_usernfo, $_settings, $_tid);
}
-
return self::$tickets[$_tid];
}
/**
* Initialize data-array
*/
- private function initData()
- {
+ private function initData() {
+
$this->Set('customer', 0, true, true);
$this->Set('admin', 1, true, true);
$this->Set('subject', '', true, true);
@@ -132,12 +122,16 @@ class ticket
/**
* Read ticket data from database.
*/
- private function readData()
- {
- if(isset($this->tid)
- && $this->tid != - 1)
- {
- $_ticket = $this->db->query_first('SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = "' . $this->tid . '"');
+ private function readData() {
+
+ if (isset($this->tid)
+ && $this->tid != - 1
+ ) {
+ $_ticket_stmt = Database::prepare('
+ SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid'
+ );
+ $_ticket = Database::pexecute_first($_ticket_stmt, array('tid' => $this->tid));
+
$this->Set('customer', $_ticket['customerid'], true, false);
$this->Set('admin', $_ticket['adminid'], true, false);
$this->Set('subject', $_ticket['subject'], true, false);
@@ -158,79 +152,104 @@ class ticket
/**
* Insert data to database
*/
- public function Insert()
- {
- $this->db->query("INSERT INTO `" . TABLE_PANEL_TICKETS . "`
- (`customerid`,
- `adminid`,
- `category`,
- `priority`,
- `subject`,
- `message`,
- `dt`,
- `lastchange`,
- `ip`,
- `status`,
- `lastreplier`,
- `by`,
- `answerto`)
- VALUES
- ('" . (int)$this->Get('customer') . "',
- '" . (int)$this->Get('admin') . "',
- '" . (int)$this->Get('category') . "',
- '" . (int)$this->Get('priority') . "',
- '" . $this->db->escape($this->Get('subject')) . "',
- '" . $this->db->escape($this->Get('message')) . "',
- '" . (int)$this->Get('dt') . "',
- '" . (int)$this->Get('lastchange') . "',
- '" . $this->db->escape($this->Get('ip')) . "',
- '" . (int)$this->Get('status') . "',
- '" . (int)$this->Get('lastreplier') . "',
- '" . (int)$this->Get('by') . "',
- '" . (int)$this->Get('answerto') . "');");
- $this->tid = $this->db->insert_id();
+ public function Insert() {
+
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_PANEL_TICKETS . "` SET
+ `customerid` = :customerid,
+ `adminid` = :adminid,
+ `category` = :category,
+ `priority` = :priority,
+ `subject` = :subject,
+ `message` = :message,
+ `dt` = :dt,
+ `lastchange` = :lastchange,
+ `ip` = :ip,
+ `status` = :status,
+ `lastreplier` = :lastreplier,
+ `by` = :by,
+ `answerto` = :answerto"
+ );
+ $ins_data = array(
+ 'customerid' => $this->Get('customer'),
+ 'adminid' => $this->Get('admin'),
+ 'category' => $this->Get('category'),
+ 'priority' => $this->Get('priority'),
+ 'subject' => $this->Get('subject'),
+ 'message' => $this->Get('message'),
+ 'dt' => $this->Get('dt'),
+ 'lastchange' => $this->Get('lastchange'),
+ 'ip' => $this->Get('ip'),
+ 'status' => $this->Get('status'),
+ 'lastreplier' => $this->Get('lastreplier'),
+ 'by' => $this->Get('by'),
+ 'answerto' => $this->Get('answerto')
+ );
+ Database::pexecute($ins_stmt, $ins_data);
+ $this->tid = Database::lastInsertId();
return true;
}
/**
* Update data in database
*/
- public function Update()
- {
- // Update "main" ticket
+ public function Update() {
- $this->db->query('UPDATE `' . TABLE_PANEL_TICKETS . '` SET
- `priority` = "' . (int)$this->Get('priority') . '",
- `lastchange` = "' . (int)$this->Get('lastchange') . '",
- `status` = "' . (int)$this->Get('status') . '",
- `lastreplier` = "' . (int)$this->Get('lastreplier') . '"
- WHERE `id` = "' . (int)$this->tid . '";');
+ // Update "main" ticket
+ $upd_stmt = Database::prepare('
+ UPDATE `' . TABLE_PANEL_TICKETS . '` SET
+ `priority` = :priority,
+ `lastchange` = :lastchange,
+ `status` = :status,
+ `lastreplier` = :lastreplier
+ WHERE `id` = :tid'
+ );
+ $upd_data = array(
+ 'priority' => $this->Get('priority'),
+ 'lastchange' => $this->Get('lastchange'),
+ 'status' => $this->Get('status'),
+ 'lastreplier' => $this->Get('lastreplier'),
+ 'tid' => $this->tid
+ );
+ Database::pexecute($upd_stmt, $upd_data);
return true;
}
/**
* Moves a ticket to the archive
*/
- public function Archive()
- {
+ public function Archive() {
+
// Update "main" ticket
- $this->db->query('UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `id` = "' . (int)$this->tid . '";');
+ $upd_stmt = Database::prepare('
+ UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `id` = :tid'
+ );
+ Database::pexecute($upd_stmt, array('tid' => $this->tid));
// Update "answers" to ticket
- $this->db->query('UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `answerto` = "' . (int)$this->tid . '";');
+ $upd_stmt = Database::prepare('
+ UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `answerto` = :tid'
+ );
+ Database::pexecute($upd_stmt, array('tid' => $this->tid));
return true;
}
/**
* Remove ticket from database
*/
- public function Delete()
- {
+ public function Delete() {
+
// Delete "main" ticket
- $this->db->query('DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = "' . (int)$this->tid . '";');
+ $del_stmt = Database::prepare('
+ DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid'
+ );
+ Database::pexecute($del_stmt, array('tid' => $this->tid));
// Delete "answers" to ticket"
- $this->db->query('DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = "' . (int)$this->tid . '";');
+ $del_stmt = Database::prepare('
+ DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :tid'
+ );
+ Database::pexecute($del_stmt, array('tid' => $this->tid));
return true;
}
@@ -242,12 +261,14 @@ class ticket
global $mail, $theme;
// Some checks are to be made here in the future
- if($customerid != - 1)
- {
+ if ($customerid != - 1) {
// Get e-mail message for customer
- $usr = $this->db->query_first('SELECT `name`, `firstname`, `company`, `email`
- FROM `' . TABLE_PANEL_CUSTOMERS . '`
- WHERE `customerid` = "' . (int)$customerid . '"');
+ $usr_stmt = Database::prepare('
+ SELECT `name`, `firstname`, `company`, `email`
+ FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `customerid` = :customerid'
+ );
+ $usr = Database::pexecute_first($usr_stmt, array('customerid' => $customerid));
+
$replace_arr = array(
'FIRSTNAME' => $usr['firstname'],
'NAME' => $usr['name'],
@@ -255,29 +276,38 @@ class ticket
'SALUTATION' => getCorrectUserSalutation($usr),
'SUBJECT' => $this->Get('subject', true)
);
- }
- else
- {
+ } else {
$replace_arr = array(
'SUBJECT' => $this->Get('subject', true)
);
}
-
- $result = $this->db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
- WHERE `adminid`=\'' . (int)$this->userinfo['adminid'] . '\'
- AND `language`=\'' . $this->db->escape($this->userinfo['def_language']) . '\'
- AND `templategroup`=\'mails\'
- AND `varname`=\'' . $template_subject . '\'');
+ $tpl_seldata = array(
+ 'adminid' => $this->userinfo['adminid'],
+ 'lang' => $this->userinfo['def_language'],
+ 'tplsubject' => $template_subject
+ );
+ $result_stmt = Database::prepare("
+ SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+ WHERE `adminid`= :adminid
+ AND `language`= :lang
+ AND `templategroup`= 'mails' AND `varname`= :tplsubject"
+ );
+ $result = Database::pexecute_first($result_stmt, $tpl_seldata);
$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_subject), $replace_arr));
- $result = $this->db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
- WHERE `adminid`=\'' . (int)$this->userinfo['adminid'] . '\'
- AND `language`=\'' . $this->db->escape($this->userinfo['def_language']) . '\'
- AND `templategroup`=\'mails\'
- AND `varname`=\'' . $template_body . '\'');
+
+ unset($tpl_seldata['tplsubject']);
+ $tpl_seldata['tplbody'] = $template_body;
+
+ $result_stmt = Database::prepare("
+ SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+ WHERE `adminid`= :adminid
+ AND `language`= :lang
+ AND `templategroup`= 'mails' AND `varname`= :tplmailbody"
+ );
+ $result = Database::pexecute_first($result_stmt, $tpl_seldata);
$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_body), $replace_arr));
- if($customerid != - 1)
- {
+ if ($customerid != - 1) {
$_mailerror = false;
try {
$mail->SetFrom($this->settings['ticket']['noreply_email'], $this->settings['ticket']['noreply_name']);
@@ -299,13 +329,15 @@ class ticket
$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
standard_error('errorsendingmail', $usr['email']);
}
-
$mail->ClearAddresses();
- }
- else
- {
- $admin = $this->db->query_first("SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid`='" . (int)$this->userinfo['adminid'] . "'");
+ } else {
+
+ $admin_stmt = Database::prepare("
+ SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "`
+ WHERE `adminid` = :adminid"
+ );
+ $admin = Database::pexecute_first($admin_stmt, array('adminid' => $userinfo['adminid']));
$_mailerror = false;
try {
$mail->SetFrom($this->settings['ticket']['noreply_email'], $this->settings['ticket']['noreply_name']);
@@ -335,65 +367,77 @@ class ticket
/**
* Add a support-categories
*/
- static public function addCategory($_db, $_category = null, $_admin = 1, $_order = 1)
- {
- if($_category != null
- && $_category != '')
- {
- if($_order < 1) {
+ static public function addCategory($_category = null, $_admin = 1, $_order = 1) {
+
+ if ($_category != null
+ && $_category != ''
+ ) {
+ if ($_order < 1) {
$_order = 1;
}
- $_db->query('INSERT INTO `' . TABLE_PANEL_TICKET_CATS . '` SET
- `name` = "' . $_db->escape($_category) . '",
- `adminid` = "' . (int)$_admin . '",
- `logicalorder` = "' . (int)$_order . '"');
+ $ins_stmt = Database::prepare("
+ INSERT INTO `" . TABLE_PANEL_TICKET_CATS . "` SET
+ `name` = :name,
+ `adminid` = :adminid,
+ `logicalorder` = :lo"
+ );
+ $ins_data = array(
+ 'name' => $_category,
+ 'adminid' => $_admin,
+ 'lo' => $_order
+ );
+ Database::pexecute($ins_stmt, $ins_data);
return true;
}
-
return false;
}
/**
* Edit a support-categories
*/
- static public function editCategory($_db, $_category = null, $_id = 0, $_order = 1)
- {
- if($_category != null
- && $_category != ''
- && $_id != 0)
- {
- if($_order < 1) {
+ static public function editCategory($_category = null, $_id = 0, $_order = 1) {
+
+ if ($_category != null
+ && $_category != ''
+ && $_id != 0
+ ) {
+ if ($_order < 1) {
$_order = 1;
}
- $_db->query('UPDATE `' . TABLE_PANEL_TICKET_CATS . '` SET
- `name` = "' . $_db->escape($_category) . '",
- `logicalorder` = "' . (int)$_order . '"
- WHERE `id` = "' . (int)$_id . '"');
+ $upd_stmt = Database::prepare("
+ UPDATE `' . TABLE_PANEL_TICKET_CATS . '` SET
+ `name` = :name,
+ `logicalorder` = :lo
+ WHERE `id` = :id"
+ );
+ Database::pexecute($upd_stmt, array('name' => $_category, 'lo' => $_order, 'id' => $_id));
return true;
}
-
return false;
}
/**
* Delete a support-categories
*/
- static public function deleteCategory($_db, $_id = 0)
- {
- if($_id != 0)
- {
- $result = $_db->query_first('SELECT COUNT(`id`) as `numtickets` FROM `' . TABLE_PANEL_TICKETS . '`
- WHERE `category` = "' . (int)$_id . '"');
+ static public function deleteCategory($_id = 0) {
- if($result['numtickets'] == "0")
- {
- $_db->query('DELETE FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = "' . (int)$_id . '"');
+ if ($_id != 0) {
+
+ $result_stmt = Database::prepare("
+ SELECT COUNT(`id`) as `numtickets` FROM `" . TABLE_PANEL_TICKETS . "`
+ WHERE `category` = :cat"
+ );
+ $result = Database::pexecute_first($result_stmt, array('cat' => $_id));
+
+ if ($result['numtickets'] == "0") {
+ $del_stmt = Database::prepare("
+ DELETE FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id"
+ );
+ Database::pexecute($del_stmt, array('id' => $_id));
return true;
- }
- else
- {
+ } else {
return false;
}
}
@@ -404,55 +448,63 @@ class ticket
/**
* Return a support-category-name
*/
- static public function getCategoryName($_db, $_id = 0)
- {
- if($_id != 0)
- {
- $category = $_db->query_first('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = "' . (int)$_id . '"');
+ static public function getCategoryName($_id = 0) {
+
+ if ($_id != 0) {
+ $stmt = Database::prepare("
+ SELECT `name` FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id"
+ );
+ $category = Database::pexecute_first($stmt, array('id' => $_id));
return $category['name'];
}
-
return null;
}
/**
* get the highest order number
*
- * @param object $_db database-object
+ * @param object $_uid admin-id (optional)
*
* @return int highest order number
*/
- static public function getHighestOrderNumber($_db = null, $_uid = 0)
- {
+ static public function getHighestOrderNumber($_uid = 0) {
+
$where = '';
+ $sel_data = array();
if ($_uid > 0) {
- $where = ' WHERE `adminid` = "'.(int)$_uid.'"';
+ $where = " WHERE `adminid` = :adminid";
+ $sel_data['adminid'] = $_uid;
}
$sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`".$where.";";
- $result = $_db->query_first($sql);
+ $result_stmt = Database::prepare($sql);
+ $result = Database::pexecute_first($result_stmt, $sel_data);
return (isset($result['highestorder']) ? (int)$result['highestorder'] : 0);
}
/**
* returns the last x archived tickets
*/
- static public function getLastArchived($_db, $_num = 10, $_admin = 1)
- {
- if($_num > 0)
- {
+ static public function getLastArchived($_num = 10, $_admin = 1) {
+
+ if ($_num > 0) {
+
$archived = array();
$counter = 0;
- $result = $_db->query('SELECT *,
- (SELECT COUNT(`sub`.`id`)
- FROM `' . TABLE_PANEL_TICKETS . '` `sub`
- WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`
- FROM `' . TABLE_PANEL_TICKETS . '` `main`
- WHERE `main`.`answerto` = "0"
- AND `main`.`archived` = "1" AND `main`.`adminid` = "' . (int)$_admin . '"
- ORDER BY `main`.`lastchange` DESC LIMIT 0, ' . (int)$_num);
+ $result_stmt = Database::prepare("
+ SELECT *, (
+ SELECT COUNT(`sub`.`id`)
+ FROM `" . TABLE_PANEL_TICKETS . "` `sub`
+ WHERE `sub`.`answerto` = `main`.`id`
+ ) as `ticket_answers`
+ FROM `" . TABLE_PANEL_TICKETS . "` `main`
+ WHERE `main`.`answerto` = '0' AND `main`.`archived` = '1'
+ AND `main`.`adminid` = :adminid
+ ORDER BY `main`.`lastchange` DESC LIMIT 0, ".(int)$_num
+ );
+ Database::pexecute($result_stmt, array('adminid' => $_admin));
+
+ while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
- while($row = $_db->fetch_array($result))
- {
$archived[$counter]['id'] = $row['id'];
$archived[$counter]['customerid'] = $row['customerid'];
$archived[$counter]['adminid'] = $row['adminid'];
@@ -469,12 +521,9 @@ class ticket
$counter++;
}
- if(isset($archived[0]['id']))
- {
+ if (isset($archived[0]['id'])) {
return $archived;
- }
- else
- {
+ } else {
return false;
}
}
@@ -482,131 +531,136 @@ class ticket
/**
* Returns a sql-statement to search the archive
+ * including necessary parameter-array for PDO
+ *
+ * @return array 0 = query, 1 = params-array
*/
- static public function getArchiveSearchStatement($db, $subject = NULL, $priority = NULL, $fromdate = NULL, $todate = NULL, $message = NULL, $customer = - 1, $admin = 1, $categories = NULL)
+ static public function getArchiveSearchStatement($subject = null, $priority = null, $fromdate = null, $todate = null, $message = null, $customer = - 1, $admin = 1, $categories = null)
{
- $query = 'SELECT `main`.*,
- (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub`
- WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`
- FROM `' . TABLE_PANEL_TICKETS . '` `main`
- WHERE `main`.`archived` = "1" AND `main`.`adminid` = "' . (int)$admin . '" ';
+ $search_params = array();
- if($subject != NULL
- && $subject != '')
- {
- $query.= 'AND `main`.`subject` LIKE "' . $db->escape("%$subject%") . '" ';
+ $query = "
+ SELECT `main`.*, (
+ SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
+ WHERE `sub`.`answerto` = `main`.`id`
+ ) as `ticket_answers`
+ FROM `" . TABLE_PANEL_TICKETS . "` `main`
+ WHERE `main`.`archived` = '1' AND `main`.`adminid` = :admin"
+ ;
+
+ $search_params['admin'] = $admin;
+
+ if ($subject != NULL
+ && $subject != ''
+ ) {
+ $query .= " AND `main`.`subject` LIKE :subject";
+ $search_params['subject'] = "%".$subject."%";
}
- if($priority != NULL
- && isset($priority[0])
- && $priority[0] != '')
- {
- if(isset($priority[1])
- && $priority[1] != '')
- {
- if(isset($priority[2])
- && $priority[2] != '')
- {
- $query.= 'AND (`main`.`priority` = "1"
- OR `main`.`priority` = "2"
- OR `main`.`priority` = "3") ';
- }
- else
- {
- $query.= 'AND (`main`.`priority` = "1"
- OR `main`.`priority` = "2") ';
+ if ($priority != null
+ && isset($priority[0])
+ && $priority[0] != ''
+ ) {
+
+ if (isset($priority[1])
+ && $priority[1] != ''
+ ) {
+
+ if (isset($priority[2])
+ && $priority[2] != ''
+ ) {
+
+ $query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '2' OR `main`.`priority` = '3')";
+
+ } else {
+
+ $query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '1')";
}
+
+ } elseif (isset($priority[2])
+ && $priority[2] != ''
+ ) {
+
+ $query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '3')";
+
+ } else {
+ $query .= " AND `main`.`priority` = '1'";
}
- elseif(isset($priority[2])
- && $priority[2] != '')
- {
- $query.= 'AND (`main`.`priority` = "1"
- OR `main`.`priority` = "3") ';
+
+ } elseif($priority != null
+ && isset($priority[1])
+ && $priority[1] != ''
+ ) {
+ if (isset($priority[2])
+ && $priority[2] != ''
+ ) {
+ $query .= " AND (`main`.`priority` = '2' OR `main`.`priority` = '3')";
+ } else {
+ $query .= " AND `main`.`priority` = '2'";
}
- else
- {
- $query.= 'AND `main`.`priority` = "1" ';
- }
- }
- elseif($priority != NULL
- && isset($priority[1])
- && $priority[1] != '')
- {
- if(isset($priority[2])
- && $priority[2] != '')
- {
- $query.= 'AND (`main`.`priority` = "2" OR `main`.`priority` = "3") ';
- }
- else
- {
- $query.= 'AND `main`.`priority` = "2" ';
- }
- }
- elseif($priority != NULL)
- {
- if(isset($priority[3])
- && $priority[3] != '')
- {
- $query.= 'AND `main`.`priority` = "3" ';
+
+ } elseif($priority != null) {
+
+ if (isset($priority[3])
+ && $priority[3] != ''
+ ) {
+ $query .= " AND `main`.`priority` = '3'";
}
}
- if($fromdate != NULL
- && $fromdate > 0)
- {
- $query.= 'AND `main`.`lastchange` > "' . $db->escape(strtotime($fromdate)) . '" ';
+ if ($fromdate != null
+ && $fromdate > 0
+ ) {
+ $query .= " AND `main`.`lastchange` > :fromdate";
+ $search_params['fromdate'] = strtotime($fromdate);
}
- if($todate != NULL
- && $todate > 0)
- {
- $query.= 'AND `main`.`lastchange` < "' . $db->escape(strtotime($todate)) . '" ';
+ if ($todate != null
+ && $todate > 0
+ ) {
+ $query .= " AND `main`.`lastchange` < :todate";
+ $search_params['todate'] = strtotime($todate);
}
- if($message != NULL
- && $message != '')
- {
- $query.= 'AND `main`.`message` LIKE "' . $db->escape("%$message%") . '" ';
+ if ($message != null
+ && $message != ''
+ ) {
+ $query .= " AND `main`.`message` LIKE :message";
+ $search_params['message'] = "%".$message."%";
}
- if($customer != - 1)
- {
- $query.= 'AND `main`.`customerid` = "' . (int)$customer . '" ';
+ if ($customer != - 1) {
+ $query .= " AND `main`.`customerid` = :customer";
+ $search_params['customer'] = $customer;
}
- if($categories != NULL)
- {
+ if ($categories != null) {
+
$cats = array();
- foreach($categories as $index => $catid)
- {
- if ($catid != "")
- {
+ foreach ($categories as $index => $catid) {
+ if ($catid != "") {
$cats[] = $catid;
}
}
- if (count($cats) > 0)
- {
- $query.= 'AND (';
+ if (count($cats) > 0) {
+ $query .= " AND (";
}
- foreach($cats as $catid)
- {
- if(isset($catid)
- && $catid > 0)
- {
- $query.= '`main`.`category` = "' . (int)$catid . '" OR ';
+ foreach ($cats as $catid) {
+ if (isset($catid) && $catid > 0) {
+ $query .= "`main`.`category` = :catid_".$catid." OR ";
+ $search_params['catid_'.$catid] = $catid;
}
}
- if (count($cats) > 0)
- {
+ if (count($cats) > 0) {
$query = substr($query, 0, strlen($query) - 3);
- $query.= ') ';
+ $query .= ") ";
}
}
- return $query;
+ return array('0' => $query, '1' => $search_params);
}
/**
@@ -674,20 +728,20 @@ class ticket
/**
* function customerHasTickets
*
- * @param object mysql-db-object
* @param int customer-id
*
* @return array/bool array of ticket-ids if customer has any, else false
*/
- static public function customerHasTickets($_db = null, $_cid = 0)
- {
- if($_cid != 0)
- {
- $result = $_db->query('SELECT `id` FROM `' . TABLE_PANEL_TICKETS . '` WHERE `customerid` ="'.(int)$_cid.'"');
+ static public function customerHasTickets($_cid = 0) {
+
+ if ($_cid != 0) {
+ $result_stmt = Database::prepare("
+ SELECT `id` FROM `" . TABLE_PANEL_TICKETS . "` WHERE `customerid` = :cid"
+ );
+ Database::pexecute($result_stmt, array('cid' => $_cid));
$tickets = array();
- while($row = $_db->fetch_array($result))
- {
+ while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$tickets[] = $row['id'];
}
@@ -700,32 +754,22 @@ class ticket
/**
* Get a data-var
*/
- public function Get($_var = '', $_vartrusted = false)
- {
- if($_var != '')
- {
- if(!$_vartrusted)
- {
+ public function Get($_var = '', $_vartrusted = false) {
+
+ if ($_var != '') {
+ if (!$_vartrusted) {
$_var = htmlspecialchars($_var);
}
- if(isset($this->t_data[$_var]))
- {
- if(strtolower($_var) == 'message')
- {
+ if (isset($this->t_data[$_var])) {
+ if (strtolower($_var) == 'message') {
return nl2br($this->t_data[$_var]);
- }
- elseif(strtolower($_var) == 'subject')
- {
+ } elseif(strtolower($_var) == 'subject') {
return nl2br($this->t_data[$_var]);
- }
- else
- {
+ } else {
return $this->t_data[$_var];
}
- }
- else
- {
+ } else {
return null;
}
}
@@ -734,23 +778,22 @@ class ticket
/**
* Set a data-var
*/
- public function Set($_var = '', $_value = '', $_vartrusted = false, $_valuetrusted = false)
- {
- if($_var != ''
- && $_value != '')
- {
- if(!$_vartrusted)
- {
+ public function Set($_var = '', $_value = '', $_vartrusted = false, $_valuetrusted = false) {
+
+ if ($_var != ''
+ && $_value != ''
+ ) {
+ if (!$_vartrusted) {
$_var = $this->_purifier->purify($_var);
}
- if(!$_valuetrusted)
- {
+ if (!$_valuetrusted) {
$_value = $this->_purifier->purify($_value);
}
- if(strtolower($_var) == 'message' || strtolower($_var) == 'subject')
- {
+ if (strtolower($_var) == 'message'
+ || strtolower($_var) == 'subject'
+ ) {
$_value = $this->convertLatin1ToHtml($_value);
}
diff --git a/lib/functions/aps/function.domainHasApsInstances.php b/lib/functions/aps/function.domainHasApsInstances.php
index 4d20de6e..dd0e0bab 100644
--- a/lib/functions/aps/function.domainHasApsInstances.php
+++ b/lib/functions/aps/function.domainHasApsInstances.php
@@ -26,17 +26,19 @@
*
* @return boolean
*/
-function domainHasApsInstances($domainid = 0)
-{
- global $db, $settings, $theme;
+function domainHasApsInstances($domainid = 0) {
+
+ global $settings, $theme;
- if($settings['aps']['aps_active'] == '1')
- {
- if($domainid > 0)
- {
- $instances = $db->query_first("SELECT COUNT(`ID`) AS `count` FROM `" . TABLE_APS_SETTINGS . "` WHERE `Name`='main_domain' AND `Value`='" . (int)$domainid . "'");
- if((int)$instances['count'] != 0)
- {
+ if ($settings['aps']['aps_active'] == '1') {
+ if ($domainid > 0) {
+ $instances_stmt = Database::prepare("
+ SELECT COUNT(`ID`) AS `count` FROM `" . TABLE_APS_SETTINGS . "`
+ WHERE `Name` = 'main_domain' AND `Value` = :domainid"
+ );
+ $instances = Database::pexecute_first($instances_stmt, array('domainid' => $domainid));
+
+ if ((int)$instances['count'] != 0) {
return true;
}
}
diff --git a/lib/functions/froxlor/function.domainHasMainSubDomains.php b/lib/functions/froxlor/function.domainHasMainSubDomains.php
index 62295a43..d6d162ae 100644
--- a/lib/functions/froxlor/function.domainHasMainSubDomains.php
+++ b/lib/functions/froxlor/function.domainHasMainSubDomains.php
@@ -29,8 +29,7 @@ function domainHasMainSubDomains($id = 0) {
SELECT COUNT(`id`) as `mainsubs` FROM `".TABLE_PANEL_DOMAINS."`
WHERE `ismainbutsubto` = :id"
);
- Database::pexecute($result_stmt, array('id' => $id));
- $result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+ $result = Database::pexecute_first($result_stmt, array('id' => $id));
if (isset($result['mainsubs'])
&& $result['mainsubs'] > 0
diff --git a/scripts/jobs/cron_tasks.inc.http.10.apache.php b/scripts/jobs/cron_tasks.inc.http.10.apache.php
index 8f36388d..f4afc5fe 100644
--- a/scripts/jobs/cron_tasks.inc.http.10.apache.php
+++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php
@@ -234,7 +234,7 @@ class apache
'loginname' => 'froxlor.panel',
'documentroot' => $mypath
);
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
$phpconfig = $php->getPhpConfig($this->settings['system']['mod_fcgid_defaultini_ownvhost']);
$starter_filename = makeCorrectFile($configdir . '/php-fcgi-starter');
@@ -273,7 +273,7 @@ class apache
'documentroot' => $mypath,
);
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
$phpconfig = $php->getPhpConfig($this->settings['phpfpm']['vhost_defaultini']);
$srvName = substr(md5($ipport),0,4).'.fpm.external';
if ($row_ipsandports['ssl']) {
@@ -809,7 +809,7 @@ class apache
GROUP BY `id_domain`
) AS p ON p.`id_domain` = `d`.`id`
- WHERE `d`.`aliasdomain` IS NULL
+ WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` = '0'
ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
$result_domains = $this->db->query($query);
diff --git a/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php b/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php
index 8caa27c5..215769fc 100644
--- a/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php
+++ b/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php
@@ -32,7 +32,7 @@ class apache_fcgid extends apache
if($domain['phpenabled'] == '1')
{
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
$phpconfig = $php->getPhpConfig((int)$domain['phpsettingid']);
if((int)$this->settings['phpfpm']['enabled'] == 1)
@@ -93,8 +93,8 @@ class apache_fcgid extends apache
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
- // create php.ini
- // @TODO make php-fpm support this
+ // create php.ini (fpm does nothing here, as it
+ // defines ini-settings in its pool config)
$php->getInterface()->createIniFile($phpconfig);
}
else
@@ -143,7 +143,7 @@ class apache_fcgid extends apache
safe_exec('chown -R ' . $user . ':' . $group . ' ' . escapeshellarg($mypath));
// get php.ini for our own vhost
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
// get php-config
if ($this->settings['phpfpm']['enabled'] == '1') {
@@ -157,8 +157,8 @@ class apache_fcgid extends apache
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
- // create php.ini
- // @TODO make php-fpm support this
+ // create php.ini (fpm does nothing here, as it
+ // defines ini-settings in its pool config)
$php->getInterface()->createIniFile($phpconfig);
}
}
diff --git a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
index ed9544bc..a5c9dc9a 100644
--- a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
+++ b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
@@ -151,7 +151,7 @@ class lighttpd
'documentroot' => $mypath
);
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
$this->lighttpd_data[$vhost_filename].= ' fastcgi.server = ( '."\n";
$this->lighttpd_data[$vhost_filename].= "\t".'".php" => ('."\n";
@@ -324,7 +324,7 @@ class lighttpd
GROUP BY `id_domain`
) AS p ON p.`id_domain` = `d`.`id`
- WHERE `d`.`aliasdomain` IS NULL
+ WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` = '0'
ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
$included_vhosts = array();
diff --git a/scripts/jobs/cron_tasks.inc.http.25.lighttpd_fcgid.php b/scripts/jobs/cron_tasks.inc.http.25.lighttpd_fcgid.php
index 160d4ef7..5b56175e 100644
--- a/scripts/jobs/cron_tasks.inc.http.25.lighttpd_fcgid.php
+++ b/scripts/jobs/cron_tasks.inc.http.25.lighttpd_fcgid.php
@@ -15,10 +15,6 @@
*
*/
-/*
- * This script creates the php.ini's used by mod_suPHP+php-cgi
- */
-
if(@php_sapi_name() != 'cli'
&& @php_sapi_name() != 'cgi'
&& @php_sapi_name() != 'cgi-fcgi')
@@ -34,7 +30,7 @@ class lighttpd_fcgid extends lighttpd
if($domain['phpenabled'] == '1')
{
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
$phpconfig = $php->getPhpConfig((int)$domain['phpsettingid']);
// vhost data for php-fpm
@@ -105,8 +101,8 @@ class lighttpd_fcgid extends lighttpd
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
- // create php.ini
- // @TODO make php-fpm support this
+ // create php.ini (fpm does nothing here, as it
+ // defines ini-settings in its pool config)
$php->getInterface()->createIniFile($phpconfig);
}
else
@@ -145,7 +141,7 @@ class lighttpd_fcgid extends lighttpd
safe_exec('chown -R ' . $user . ':' . $group . ' ' . escapeshellarg($mypath));
// get php.ini for our own vhost
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
// get php-config
if ($this->settings['phpfpm']['enabled'] == '1') {
@@ -159,8 +155,8 @@ class lighttpd_fcgid extends lighttpd
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
- // create php.ini
- // @TODO make php-fpm support this
+ // create php.ini (fpm does nothing here, as it
+ // defines ini-settings in its pool config)
$php->getInterface()->createIniFile($phpconfig);
}
}
diff --git a/scripts/jobs/cron_tasks.inc.http.30.nginx.php b/scripts/jobs/cron_tasks.inc.http.30.nginx.php
index 1fe93709..10187b1b 100644
--- a/scripts/jobs/cron_tasks.inc.http.30.nginx.php
+++ b/scripts/jobs/cron_tasks.inc.http.30.nginx.php
@@ -242,7 +242,7 @@ class nginx
'documentroot' => $mypath,
);
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
$this->nginx_data[$vhost_filename] .= "\t\t".'fastcgi_pass unix:' . $php->getInterface()->getSocketFile() . ';' . "\n";
} else {
$this->nginx_data[$vhost_filename] .= "\t\t".'fastcgi_pass ' . $this->settings['system']['nginx_php_backend'] . ';' . "\n";
@@ -284,7 +284,7 @@ class nginx
GROUP BY `id_domain`
) AS p ON p.`id_domain` = `d`.`id`
- WHERE `d`.`aliasdomain` IS NULL
+ WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` = '0'
ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
$result_domains = $this->db->query($query);
diff --git a/scripts/jobs/cron_tasks.inc.http.35.nginx_phpfpm.php b/scripts/jobs/cron_tasks.inc.http.35.nginx_phpfpm.php
index 391c7b10..93e10410 100644
--- a/scripts/jobs/cron_tasks.inc.http.35.nginx_phpfpm.php
+++ b/scripts/jobs/cron_tasks.inc.http.35.nginx_phpfpm.php
@@ -15,10 +15,6 @@
*
*/
-/*
- * This script creates the php.ini's used by mod_suPHP+php-cgi
- */
-
if(@php_sapi_name() != 'cli'
&& @php_sapi_name() != 'cgi'
&& @php_sapi_name() != 'cgi-fcgi')
@@ -34,7 +30,7 @@ class nginx_phpfpm extends nginx
if($domain['phpenabled'] == '1')
{
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
$phpconfig = $php->getPhpConfig((int)$domain['phpsettingid']);
$php_options_text = "\t".'location ~ \.php$ {'."\n";
@@ -52,8 +48,8 @@ class nginx_phpfpm extends nginx
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
- // create php.ini
- // @TODO make php-fpm support this
+ // create php.ini (fpm does nothing here, as it
+ // defines ini-settings in its pool config)
$php->getInterface()->createIniFile($phpconfig);
}
else
@@ -92,7 +88,7 @@ class nginx_phpfpm extends nginx
safe_exec('chown -R ' . $user . ':' . $group . ' ' . escapeshellarg($mypath));
// get php.ini for our own vhost
- $php = new phpinterface($this->getDB(), $this->settings, $domain);
+ $php = new phpinterface($this->settings, $domain);
// get php-config
if ($this->settings['phpfpm']['enabled'] == '1') {
@@ -106,8 +102,8 @@ class nginx_phpfpm extends nginx
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
- // create php.ini
- // @TODO make php-fpm support this
+ // create php.ini (fpm does nothing here, as it
+ // defines ini-settings in its pool config)
$php->getInterface()->createIniFile($phpconfig);
}
}
diff --git a/scripts/jobs/cron_ticketarchive.php b/scripts/jobs/cron_ticketarchive.php
index a85b4f0c..6a2a8a58 100644
--- a/scripts/jobs/cron_ticketarchive.php
+++ b/scripts/jobs/cron_ticketarchive.php
@@ -20,22 +20,23 @@
/**
* ARCHIVING CLOSED TICKETS
*/
-
fwrite($debugHandler, 'Ticket-archiving run started...' . "\n");
-$result_tickets = $db->query("SELECT `id`, `lastchange`, `subject` FROM `" . TABLE_PANEL_TICKETS . "`
- WHERE `status` = '3' AND `answerto` = '0';");
+$result_tickets_stmt = Database::query("
+ SELECT `id`, `lastchange`, `subject` FROM `" . TABLE_PANEL_TICKETS . "`
+ WHERE `status` = '3' AND `answerto` = '0';"
+);
$archiving_count = 0;
-while($row_ticket = $db->fetch_array($result_tickets))
-{
+while($row_ticket = $result_tickets_stmt->fetch(PDO::FETCH_ASSOC)) {
+
$lastchange = $row_ticket['lastchange'];
$now = time();
$days = (int)(($now - $lastchange) / 86400);
- if($days >= $settings['ticket']['archiving_days'])
- {
+ if ($days >= $settings['ticket']['archiving_days']) {
+
fwrite($debugHandler, 'archiving ticket "' . $row_ticket['subject'] . '" (ID #' . $row_ticket['id'] . ')' . "\n");
- $mainticket = ticket::getInstanceOf(null, $db, $settings, (int)$row_ticket['id']);
+ $mainticket = ticket::getInstanceOf(null, $settings, (int)$row_ticket['id']);
$mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '3', true, true);
@@ -46,6 +47,7 @@ while($row_ticket = $db->fetch_array($result_tickets))
}
fwrite($debugHandler, 'Archived ' . $archiving_count . ' tickets' . "\n");
-$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . '` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = \'system\' AND `varname` = \'last_archive_run\' ');
-
-?>
\ No newline at end of file
+Database::query("
+ UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = UNIX_TIMESTAMP()
+ WHERE `settinggroup` = 'system' AND `varname` = 'last_archive_run'"
+);
diff --git a/scripts/jobs/cron_used_tickets_reset.php b/scripts/jobs/cron_used_tickets_reset.php
index c4470cd6..83e28278 100644
--- a/scripts/jobs/cron_used_tickets_reset.php
+++ b/scripts/jobs/cron_used_tickets_reset.php
@@ -20,7 +20,6 @@
/**
* RESET USED TICKETS COUNTER
*/
-
fwrite($debugHandler, 'Resetting customers used ticket counter' . "\n");
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Resetting customers used ticket counter");
-$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `tickets_used` = '0'");
+Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `tickets_used` = '0'");