remove unnecessary parameter-checks as they will never happen; make Customers.update callable for customers
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -63,11 +63,7 @@ class Admins extends ApiCommand implements ResourceEntity
|
||||
{
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$ln_optional = ($id <= 0 ? false : true);
|
||||
$loginname = $this->getParam('loginname', $ln_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($loginname)) {
|
||||
throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
|
||||
}
|
||||
$loginname = trim($this->getParam('loginname', $ln_optional, ''));
|
||||
|
||||
if ($this->isAdmin() && ($this->getUserDetail('change_serversettings') == 1 || ($this->getUserDetail('adminid') == $id || $this->getUserDetail('loginname') == $loginname))) {
|
||||
$result_stmt = Database::prepare("
|
||||
@@ -318,11 +314,7 @@ class Admins extends ApiCommand implements ResourceEntity
|
||||
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$ln_optional = ($id <= 0 ? false : true);
|
||||
$loginname = $this->getParam('loginname', $ln_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($loginname)) {
|
||||
throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
|
||||
}
|
||||
$loginname = trim($this->getParam('loginname', $ln_optional, ''));
|
||||
|
||||
$json_result = Admins::getLocal($this->getUserData(), array(
|
||||
'id' => $id,
|
||||
@@ -583,11 +575,7 @@ class Admins extends ApiCommand implements ResourceEntity
|
||||
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$ln_optional = ($id <= 0 ? false : true);
|
||||
$loginname = $this->getParam('loginname', $ln_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($loginname)) {
|
||||
throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
|
||||
}
|
||||
$loginname = trim($this->getParam('loginname', $ln_optional, ''));
|
||||
|
||||
$json_result = Admins::getLocal($this->getUserData(), array(
|
||||
'id' => $id,
|
||||
@@ -652,11 +640,7 @@ class Admins extends ApiCommand implements ResourceEntity
|
||||
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$ln_optional = ($id <= 0 ? false : true);
|
||||
$loginname = $this->getParam('loginname', $ln_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($loginname)) {
|
||||
throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
|
||||
}
|
||||
$loginname = trim($this->getParam('loginname', $ln_optional, ''));
|
||||
|
||||
$json_result = Admins::getLocal($this->getUserData(), array(
|
||||
'id' => $id,
|
||||
|
||||
@@ -70,11 +70,7 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
{
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$ln_optional = ($id <= 0 ? false : true);
|
||||
$loginname = $this->getParam('loginname', $ln_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($loginname)) {
|
||||
throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
|
||||
}
|
||||
$loginname = trim($this->getParam('loginname', $ln_optional, ''));
|
||||
|
||||
if ($this->isAdmin()) {
|
||||
$result_stmt = Database::prepare("
|
||||
@@ -131,7 +127,7 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
$phone = $this->getParam('phone', true, '');
|
||||
$fax = $this->getParam('fax', true, '');
|
||||
$customernumber = $this->getParam('customernumber', true, '');
|
||||
$def_language = $this->getParam('def_language', true, '');
|
||||
$def_language = $this->getParam('def_language', true, Settings::Get('panel.standardlanguage'));
|
||||
$gender = intval_ressource($this->getParam('gender', true, 0));
|
||||
$custom_notes = $this->getParam('custom_notes', true, '');
|
||||
$custom_notes_show = $this->getParam('custom_notes_show', true, 0);
|
||||
@@ -681,14 +677,9 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
*/
|
||||
public function update()
|
||||
{
|
||||
if ($this->isAdmin()) {
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$ln_optional = ($id <= 0 ? false : true);
|
||||
$loginname = $this->getParam('loginname', $ln_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($loginname)) {
|
||||
throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
|
||||
}
|
||||
$loginname = trim($this->getParam('loginname', $ln_optional, ''));
|
||||
|
||||
$json_result = Customers::getLocal($this->getUserData(), array(
|
||||
'id' => $id,
|
||||
@@ -892,7 +883,6 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
}
|
||||
|
||||
if ($createstdsubdomain == '0' && $result['standardsubdomain'] != '0') {
|
||||
|
||||
try {
|
||||
$std_domain = Domains::getLocal($this->getUserData(), array(
|
||||
'id' => $result['standardsubdomain'],
|
||||
@@ -1219,8 +1209,6 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
|
||||
return $this->response(200, "successfull", $upd_data);
|
||||
}
|
||||
throw new Exception("Not allowed to execute given command.", 403);
|
||||
}
|
||||
|
||||
/**
|
||||
* delete a customer entry by either id or loginname
|
||||
@@ -1241,13 +1229,9 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
if ($this->isAdmin()) {
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$ln_optional = ($id <= 0 ? false : true);
|
||||
$loginname = $this->getParam('loginname', $ln_optional, '');
|
||||
$loginname = trim($this->getParam('loginname', $ln_optional, ''));
|
||||
$delete_userfiles = $this->getParam('delete_userfiles', true, 0);
|
||||
|
||||
if ($id <= 0 && empty($loginname)) {
|
||||
throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
|
||||
}
|
||||
|
||||
$json_result = Customers::getLocal($this->getUserData(), array(
|
||||
'id' => $id,
|
||||
'loginname' => $loginname
|
||||
@@ -1487,11 +1471,7 @@ class Customers extends ApiCommand implements ResourceEntity
|
||||
if ($this->isAdmin()) {
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$ln_optional = ($id <= 0 ? false : true);
|
||||
$loginname = $this->getParam('loginname', $ln_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($loginname)) {
|
||||
throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
|
||||
}
|
||||
$loginname = trim($this->getParam('loginname', $ln_optional, ''));
|
||||
|
||||
$json_result = Customers::getLocal($this->getUserData(), array(
|
||||
'id' => $id,
|
||||
|
||||
@@ -73,13 +73,8 @@ class Domains extends ApiCommand implements ResourceEntity
|
||||
if ($this->isAdmin()) {
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$dn_optional = ($id <= 0 ? false : true);
|
||||
$domainname = $this->getParam('domainname', $dn_optional, '');
|
||||
$domainname = trim($this->getParam('domainname', $dn_optional, ''));
|
||||
$no_std_subdomain = $this->getParam('no_std_subdomain', true, false);
|
||||
$this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] get domain #" . $id);
|
||||
|
||||
if ($id <= 0 && empty($domainname)) {
|
||||
throw new Exception("Either 'id' or 'domainname' parameter must be given", 406);
|
||||
}
|
||||
|
||||
// convert possible idn domain to punycode
|
||||
if (substr($domainname, 0, 4) != 'xn--') {
|
||||
@@ -101,6 +96,7 @@ class Domains extends ApiCommand implements ResourceEntity
|
||||
}
|
||||
$result = Database::pexecute_first($result_stmt, $params, true, true);
|
||||
if ($result) {
|
||||
$this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] get domain '" . $result['domain'] . "'");
|
||||
return $this->response(200, "successfull", $result);
|
||||
}
|
||||
$key = ($id > 0 ? "id #" . $id : "domainname '" . $domainname . "'");
|
||||
@@ -778,11 +774,7 @@ class Domains extends ApiCommand implements ResourceEntity
|
||||
// parameters
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$dn_optional = ($id <= 0 ? false : true);
|
||||
$domainname = $this->getParam('domainname', $dn_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($domainname)) {
|
||||
throw new Exception("Either 'id' or 'domainname' parameter must be given", 406);
|
||||
}
|
||||
$domainname = trim($this->getParam('domainname', $dn_optional, ''));
|
||||
|
||||
// get requested domain
|
||||
$json_result = Domains::getLocal($this->getUserData(), array(
|
||||
@@ -1595,14 +1587,10 @@ class Domains extends ApiCommand implements ResourceEntity
|
||||
if ($this->isAdmin()) {
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$dn_optional = ($id <= 0 ? false : true);
|
||||
$domainname = $this->getParam('domainname', $dn_optional, '');
|
||||
$domainname = trim($this->getParam('domainname', $dn_optional, ''));
|
||||
$is_stdsubdomain = $this->getParam('is_stdsubdomain', true, 0);
|
||||
$remove_subbutmain_domains = $this->getParam('delete_mainsubdomains', true, 0);
|
||||
|
||||
if ($id <= 0 && empty($domainname)) {
|
||||
throw new Exception("Either 'id' or 'domainname' parameter must be given", 406);
|
||||
}
|
||||
|
||||
$json_result = Domains::getLocal($this->getUserData(), array(
|
||||
'id' => $id,
|
||||
'domainname' => $domainname
|
||||
|
||||
@@ -37,11 +37,7 @@ class Ftps extends ApiCommand implements ResourceEntity
|
||||
{
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$un_optional = ($id <= 0 ? false : true);
|
||||
$username = $this->getParam('username', $un_optional, '');
|
||||
|
||||
if ($id <= 0 && empty($username)) {
|
||||
throw new Exception("Either 'id' or 'username' parameter must be given", 406);
|
||||
}
|
||||
$username = trim($this->getParam('username', $un_optional, ''));
|
||||
|
||||
$params = array();
|
||||
if ($this->isAdmin()) {
|
||||
|
||||
@@ -238,13 +238,9 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
||||
{
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$dn_optional = ($id <= 0 ? false : true);
|
||||
$dbname = $this->getParam('dbname', $dn_optional, '');
|
||||
$dbname = trim($this->getParam('dbname', $dn_optional, ''));
|
||||
$dbserver = $this->getParam('mysql_server', true, - 1);
|
||||
|
||||
if ($id <= 0 && empty($dbname)) {
|
||||
throw new Exception("Either 'id' or 'dbname' parameter must be given", 406);
|
||||
}
|
||||
|
||||
if ($this->isAdmin()) {
|
||||
if ($this->getUserDetail('customers_see_all') != 1) {
|
||||
// if it's a reseller or an admin who cannot see all customers, we need to check
|
||||
@@ -341,13 +337,9 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
||||
{
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$dn_optional = ($id <= 0 ? false : true);
|
||||
$dbname = $this->getParam('dbname', $dn_optional, '');
|
||||
$dbname = trim($this->getParam('dbname', $dn_optional, ''));
|
||||
$dbserver = $this->getParam('mysql_server', true, - 1);
|
||||
|
||||
if ($id <= 0 && empty($dbname)) {
|
||||
throw new Exception("Either 'id' or 'dbname' parameter must be given", 406);
|
||||
}
|
||||
|
||||
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) {
|
||||
throw new Exception("You cannot access this resource", 405);
|
||||
}
|
||||
@@ -549,13 +541,9 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
||||
{
|
||||
$id = $this->getParam('id', true, 0);
|
||||
$dn_optional = ($id <= 0 ? false : true);
|
||||
$dbname = $this->getParam('dbname', $dn_optional, '');
|
||||
$dbname = trim($this->getParam('dbname', $dn_optional, ''));
|
||||
$dbserver = $this->getParam('mysql_server', true, - 1);
|
||||
|
||||
if ($id <= 0 && empty($dbname)) {
|
||||
throw new Exception("Either 'id' or 'dbname' parameter must be given", 406);
|
||||
}
|
||||
|
||||
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) {
|
||||
throw new Exception("You cannot access this resource", 405);
|
||||
}
|
||||
|
||||
@@ -61,7 +61,7 @@ function standard_error($errors = '', $replacer = '', $throw_exception = false)
|
||||
}
|
||||
|
||||
if ($throw_exception) {
|
||||
throw new Exception($error, 400);
|
||||
throw new Exception(strip_tags($error), 400);
|
||||
}
|
||||
eval("echo \"" . getTemplate('misc/error', '1') . "\";");
|
||||
exit;
|
||||
|
||||
Reference in New Issue
Block a user