maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add Admins.update()

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2018-02-23 11:57:29 +01:00
parent 8930d2a1bf
commit 8e0bfe9d09
3 changed files with 362 additions and 332 deletions
Download Patch File Download Diff File Expand all files Collapse all files

356
admin_admins.php
View File

@@ -107,10 +107,14 @@ if ($page == 'admins'
} elseif($action == 'su') {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid
");
$result = Database::pexecute_first($result_stmt, array('adminid' => $id));
try {
$json_result = Admins::getLocal($userinfo, array(
'id' => $id
))->get();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
$result = json_decode($json_result, true)['data'];
$destination_admin = $result['loginname'];
if ($destination_admin != ''
@@ -147,10 +151,14 @@ if ($page == 'admins'
} elseif ($action == 'delete'
&& $id != 0
) {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid
");
$result = Database::pexecute_first($result_stmt, array('adminid' => $id));
try {
$json_result = Admins::getLocal($userinfo, array(
'id' => $id
))->get();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
$result = json_decode($json_result, true)['data'];
if ($result['loginname'] != '') {
if ($result['adminid'] == $userinfo['userid']) {
@@ -160,37 +168,10 @@ if ($page == 'admins'
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid
");
Database::pexecute($del_stmt, array('adminid' => $id));
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_PANEL_TRAFFIC_ADMINS . "` WHERE `adminid` = :adminid
");
Database::pexecute($del_stmt, array('adminid' => $id));
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_PANEL_DISKSPACE_ADMINS . "` WHERE `adminid` = :adminid
");
Database::pexecute($del_stmt, array('adminid' => $id));
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
`adminid` = :userid WHERE `adminid` = :adminid
");
Database::pexecute($upd_stmt, array('userid' => $userinfo['userid'], 'adminid' => $id));
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
`adminid` = :userid WHERE `adminid` = :adminid
");
Database::pexecute($upd_stmt, array('userid' => $userinfo['userid'], 'adminid' => $id));
$log->logAction(ADM_ACTION, LOG_INFO, "deleted admin '" . $result['loginname'] . "'");
updateCounters();
Admins::getLocal($this->getUserData(), array(
'id' => $id
))->delete();
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('admin_admin_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['loginname']);
}
@@ -249,299 +230,26 @@ if ($page == 'admins'
&& $id != 0
) {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid
");
$result = Database::pexecute_first($result_stmt, array('adminid' => $id));
try {
$json_result = Admins::getLocal($userinfo, array(
'id' => $id
))->get();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
$result = json_decode($json_result, true)['data'];
if ($result['loginname'] != '') {
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
$name = validate($_POST['name'], 'name');
$email = $idna_convert->encode(validate($_POST['email'], 'email'));
$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
$custom_notes_show = $result['custom_notes_show'];
if (isset($_POST['custom_notes_show'])) {
$custom_notes_show = intval_ressource($_POST['custom_notes_show']);
try {
Admins::getLocal($userinfo, $_POST)->update();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
if ($result['adminid'] == $userinfo['userid']) {
$password = '';
$def_language = $result['def_language'];
$deactivated = $result['deactivated'];
$customers = $result['customers'];
$domains = $result['domains'];
$subdomains = $result['subdomains'];
$emails = $result['emails'];
$email_accounts = $result['email_accounts'];
$email_forwarders = $result['email_forwarders'];
$email_quota = $result['email_quota'];
$ftps = $result['ftps'];
$tickets = $result['tickets'];
$mysqls = $result['mysqls'];
$tickets_see_all = $result['tickets_see_all'];
$customers_see_all = $result['customers_see_all'];
$domains_see_all = $result['domains_see_all'];
$caneditphpsettings = $result['caneditphpsettings'];
$change_serversettings = $result['change_serversettings'];
$diskspace = $result['diskspace'];
$traffic = $result['traffic'];
$ipaddress = $result['ip'];
} else {
$password = validate($_POST['admin_password'], 'new password');
$def_language = validate($_POST['def_language'], 'default language');
$deactivated = isset($_POST['deactivated']) ? 1 : 0;
$customers = intval_ressource($_POST['customers']);
if (isset($_POST['customers_ul'])) {
$customers = -1;
}
$domains = intval_ressource($_POST['domains']);
if (isset($_POST['domains_ul'])) {
$domains = -1;
}
$subdomains = intval_ressource($_POST['subdomains']);
if (isset($_POST['subdomains_ul'])) {
$subdomains = -1;
}
$emails = intval_ressource($_POST['emails']);
if (isset($_POST['emails_ul'])) {
$emails = -1;
}
$email_accounts = intval_ressource($_POST['email_accounts']);
if (isset($_POST['email_accounts_ul'])) {
$email_accounts = -1;
}
$email_forwarders = intval_ressource($_POST['email_forwarders']);
if (isset($_POST['email_forwarders_ul'])) {
$email_forwarders = -1;
}
if (Settings::Get('system.mail_quota_enabled') == '1') {
$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
if (isset($_POST['email_quota_ul'])) {
$email_quota = -1;
}
} else {
$email_quota = -1;
}
$ftps = intval_ressource($_POST['ftps']);
if (isset($_POST['ftps_ul'])) {
$ftps = -1;
}
if (Settings::Get('ticket.enabled') == 1) {
$tickets = intval_ressource($_POST['tickets']);
if (isset($_POST['tickets_ul'])) {
$tickets = -1;
}
} else {
$tickets = 0;
}
$mysqls = intval_ressource($_POST['mysqls']);
if (isset($_POST['mysqls_ul'])) {
$mysqls = -1;
}
$customers_see_all = 0;
if (isset($_POST['customers_see_all'])) {
$customers_see_all = intval($_POST['customers_see_all']);
}
$domains_see_all = 0;
if (isset($_POST['domains_see_all'])) {
$domains_see_all = intval($_POST['domains_see_all']);
}
$caneditphpsettings = 0;
if (isset($_POST['caneditphpsettings'])) {
$caneditphpsettings = intval($_POST['caneditphpsettings']);
}
$change_serversettings = 0;
if (isset($_POST['change_serversettings'])) {
$change_serversettings = isset($_POST['change_serversettings']) ? 1 : 0;
}
$tickets_see_all = 0;
if (isset($_POST['tickets_see_all'])) {
$tickets_see_all = intval($_POST['tickets_see_all']);
}
$diskspace = intval($_POST['diskspace']);
if (isset($_POST['diskspace_ul'])) {
$diskspace = -1;
}
$traffic = doubleval_ressource($_POST['traffic']);
if (isset($_POST['traffic_ul'])) {
$traffic = -1;
}
$diskspace = $diskspace * 1024;
$traffic = $traffic * 1024 * 1024;
$ipaddress = intval_ressource($_POST['ipaddress']);
}
if ($name == '') {
standard_error(array('stringisempty', 'myname'));
} elseif($email == '') {
standard_error(array('stringisempty', 'emailadd'));
} elseif(!validateEmail($email)) {
standard_error('emailiswrong', $email);
} else {
if ($password != '') {
$password = validatePassword($password);
$password = makeCryptPassword($password);
} else {
$password = $result['password'];
}
if ($deactivated != '1') {
$deactivated = '0';
}
if ($customers_see_all != '1') {
$customers_see_all = '0';
}
if ($domains_see_all != '1') {
$domains_see_all = '0';
}
if ($caneditphpsettings != '1') {
$caneditphpsettings = '0';
}
if ($change_serversettings != '1') {
$change_serversettings = '0';
}
if ($tickets_see_all != '1') {
$tickets_see_all = '0';
}
// check if a resource was set to something lower
// than actually used by the admin/reseller
$res_warning = "";
if ($customers != $result['customers'] && $customers != -1 && $customers < $result['customers_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'customers');
}
if ($domains != $result['domains'] && $domains != -1 && $domains < $result['domains_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'domains');
}
if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != -1 && $diskspace < $result['diskspace_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'diskspace');
}
if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != -1 && $traffic < $result['traffic_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'traffic');
}
if ($emails != $result['emails'] && $emails != -1 && $emails < $result['emails_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'emails');
}
if ($email_accounts != $result['email_accounts'] && $email_accounts != -1 && $email_accounts < $result['email_accounts_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email accounts');
}
if ($email_forwarders != $result['email_forwarders'] && $email_forwarders != -1 && $email_forwarders < $result['email_forwarders_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email forwarders');
}
if ($email_quota != $result['email_quota'] && $email_quota != -1 && $email_quota < $result['email_quota_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email quota');
}
if ($ftps != $result['ftps'] && $ftps != -1 && $ftps < $result['ftps_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'ftps');
}
if ($tickets != $result['tickets'] && $tickets != -1 && $tickets < $result['tickets_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'tickets');
}
if ($mysqls != $result['mysqls'] && $mysqls != -1 && $mysqls < $result['mysqls_used']) {
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'mysqls');
}
if ($res_warning != "") {
$link = '';
$error = $res_warning;
eval("echo \"" . getTemplate('misc/error', '1') . "\";");
exit;
}
$upd_data = array(
'password' => $password,
'name' => $name,
'email' => $email,
'lang' => $def_language,
'change_serversettings' => $change_serversettings,
'customers' => $customers,
'customers_see_all' => $customers_see_all,
'domains' => $domains,
'domains_see_all' => $domains_see_all,
'caneditphpsettings' => $caneditphpsettings,
'diskspace' => $diskspace,
'traffic' => $traffic,
'subdomains' => $subdomains,
'emails' => $emails,
'accounts' => $email_accounts,
'forwarders' => $email_forwarders,
'quota' => $email_quota,
'ftps' => $ftps,
'tickets' => $tickets,
'tickets_see_all' => $tickets_see_all,
'mysqls' => $mysqls,
'ip' => $ipaddress,
'deactivated' => $deactivated,
'custom_notes' => $custom_notes,
'custom_notes_show' => $custom_notes_show,
'adminid' => $id
);
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_ADMINS . "` SET
`password` = :password,
`name` = :name,
`email` = :email,
`def_language` = :lang,
`change_serversettings` = :change_serversettings,
`customers` = :customers,
`customers_see_all` = :customers_see_all,
`domains` = :domains,
`domains_see_all` = :domains_see_all,
`caneditphpsettings` = :caneditphpsettings,
`diskspace` = :diskspace,
`traffic` = :traffic,
`subdomains` = :subdomains,
`emails` = :emails,
`email_accounts` = :accounts,
`email_forwarders` = :forwarders,
`email_quota` = :quota,
`ftps` = :ftps,
`tickets` = :tickets,
`tickets_see_all` = :tickets_see_all,
`mysqls` = :mysqls,
`ip` = :ip,
`deactivated` = :deactivated,
`custom_notes` = :custom_notes,
`custom_notes_show` = :custom_notes_show
WHERE `adminid` = :adminid
");
Database::pexecute($upd_stmt, $upd_data);
$log->logAction(ADM_ACTION, LOG_INFO, "edited admin '#" . $id . "'");
redirectTo($filename, array('page' => $page, 's' => $s));
}
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
$dec_places = Settings::Get('panel.decimal_places');