maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Update customer_ftp.php

Browse Source
This commit is contained in:
Axel Guckelsberger
2013-04-27 10:15:36 +03:00
parent 016ae12884
commit a7687659cc
1 changed files with 78 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files

212
customer_ftp.php
View File

@@ -22,27 +22,20 @@ define('AREA', 'customer');
/**
* Include our init.php, which manages Sessions, Language etc.
*/
require('./lib/init.php');
require ("./lib/init.php");
if(isset($_POST['id']))
{
$id = 0;
if (isset($_POST['id'])) {
$id = intval($_POST['id']);
}
elseif(isset($_GET['id']))
{
} elseif(isset($_GET['id'])) {
$id = intval($_GET['id']);
}
if($page == 'overview')
{
if ($page == 'overview') {
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp");
eval("echo \"" . getTemplate("ftp/ftp") . "\";");
}
elseif($page == 'accounts')
{
if($action == '')
{
eval("echo \"" . getTemplate('ftp/ftp') . "\";");
} elseif ($page == 'accounts') {
if ($action == '') {
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp::accounts");
$fields = array(
'username' => $lng['login']['username'],
@@ -59,23 +52,18 @@ elseif($page == 'accounts')
$count = 0;
$accounts = '';
while($row = $db->fetch_array($result))
{
if($paging->checkDisplay($i))
{
if(strpos($row['homedir'], $userinfo['documentroot']) === 0)
{
while ($row = $db->fetch_array($result)) {
if ($paging->checkDisplay($i)) {
if (strpos($row['homedir'], $userinfo['documentroot']) === 0) {
$row['documentroot'] = substr($row['homedir'], strlen($userinfo['documentroot']));
}
else
{
} else {
$row['documentroot'] = $row['homedir'];
}
$row['documentroot'] = makeCorrectDir($row['documentroot']);
$row = htmlentities_array($row);
eval("\$accounts.=\"" . getTemplate("ftp/accounts_account") . "\";");
eval("\$accounts.=\"" . getTemplate('ftp/accounts_account') . "\";");
$count++;
}
@@ -83,19 +71,16 @@ elseif($page == 'accounts')
}
$ftps_count = $db->num_rows($result);
eval("echo \"" . getTemplate("ftp/accounts") . "\";");
}
elseif($action == 'delete'
&& $id != 0)
{
eval("echo \"" . getTemplate('ftp/accounts') . "\";");
} elseif ($action == 'delete' && $id != 0) {
$result = $db->query_first("SELECT `id`, `username`, `homedir`, `up_count`, `up_bytes`, `down_count`, `down_bytes` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
if(isset($result['username'])
&& $result['username'] != $userinfo['loginname'])
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
if (isset($result['username'])
&& $result['username'] != $userinfo['loginname']
) {
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `up_count`=`up_count`+'" . (int)$result['up_count'] . "', `up_bytes`=`up_bytes`+'" . (int)$result['up_bytes'] . "', `down_count`=`down_count`+'" . (int)$result['down_count'] . "', `down_bytes`=`down_bytes`+'" . (int)$result['down_bytes'] . "' WHERE `username`='" . $db->escape($userinfo['loginname']) . "'");
$result = $db->query_first("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
$db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $db->escape($result['username']) . "'");
@@ -103,96 +88,69 @@ elseif($page == 'accounts')
$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=REPLACE(`members`,'," . $db->escape($result['username']) . "','') WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
if($userinfo['ftps_used'] == '1')
{
$resetaccnumber = " , `ftp_lastaccountnumber`='0'";
}
else
{
$resetaccnumber = '';
}
$resetaccnumber = ($userinfo['ftps_used'] == '1') ? " , `ftp_lastaccountnumber`='0'" : '';
// refs #293
if(isset($_POST['delete_userfiles'])
&& (int)$_POST['delete_userfiles'] == 1)
{
if (isset($_POST['delete_userfiles'])
&& (int)$_POST['delete_userfiles'] == 1
) {
inserttask('8', $userinfo['loginname'], $result['homedir']);
}
$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`-1 $resetaccnumber WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
redirectTo($filename, Array('page' => $page, 's' => $s));
}
else
{
} else {
ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
}
}
else
{
} else {
standard_error('ftp_cantdeletemainaccount');
}
}
elseif($action == 'add')
{
if($userinfo['ftps_used'] < $userinfo['ftps']
|| $userinfo['ftps'] == '-1')
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
} elseif ($action == 'add') {
if ($userinfo['ftps_used'] < $userinfo['ftps']
|| $userinfo['ftps'] == '-1'
) {
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
$path = validate($_POST['path'], 'path');
$password = validate($_POST['ftp_password'], 'password');
$password = validatePassword($password);
$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
if($sendinfomail != 1)
{
if ($sendinfomail != 1) {
$sendinfomail = 0;
}
if($settings['customer']['ftpatdomain'] == '1')
{
if ($settings['customer']['ftpatdomain'] == '1') {
$ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
if($ftpusername == '')
{
if ($ftpusername == '') {
standard_error(array('stringisempty', 'username'));
}
$ftpdomain = $idna_convert->encode(validate($_POST['ftp_domain'], 'domain'));
$ftpdomain_check = $db->query_first("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($ftpdomain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
if($ftpdomain_check['domain'] != $ftpdomain)
{
if ($ftpdomain_check['domain'] != $ftpdomain) {
standard_error('maindomainnonexist', $domain);
}
$username = $ftpusername . "@" . $ftpdomain;
}
else
{
} else {
$username = $userinfo['loginname'] . $settings['customer']['ftpprefix'] . (intval($userinfo['ftp_lastaccountnumber']) + 1);
}
$username_check = $db->query_first('SELECT * FROM `' . TABLE_FTP_USERS .'` WHERE `username` = \'' . $db->escape($username) . '\'');
if(!empty($username_check) && $username_check['username'] = $username)
{
if (!empty($username_check) && $username_check['username'] = $username) {
standard_error('usernamealreadyexists', $username);
}
elseif($password == '')
{
} elseif ($password == '') {
standard_error(array('stringisempty', 'mypassword'));
}
elseif($path == '')
{
} elseif ($path == '') {
standard_error('patherror');
}
else
{
} else {
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
$cryptPassword = makeCryptPassword($password);
$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
$result = $db->query("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $userinfo['loginname'] . "'");
while($row = $db->fetch_array($result))
{
while ($row = $db->fetch_array($result)) {
$db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($username) . "', 'user', '" . $db->escape($row['bytes_in_used']) . "', '0', '0', '0', '0', '0')");
}
$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=CONCAT_WS(',',`members`,'" . $db->escape($username) . "') WHERE `customerid`='" . $userinfo['customerid'] . "' AND `gid`='" . (int)$userinfo['guid'] . "'");
@@ -201,8 +159,7 @@ elseif($page == 'accounts')
$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . " (" . $path . ")'");
inserttask(5);
if($sendinfomail == 1)
{
if ($sendinfomail == 1) {
$replace_arr = array(
'SALUTATION' => getCorrectUserSalutation($userinfo),
'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
@@ -242,29 +199,23 @@ elseif($page == 'accounts')
redirectTo($filename, Array('page' => $page, 's' => $s));
}
}
else
{
} else {
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], '/');
if($settings['customer']['ftpatdomain'] == '1')
{
if ($settings['customer']['ftpatdomain'] == '1') {
$domainlist = array();
$domains = '';
$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
while($row_domain = $db->fetch_array($result_domains))
{
while ($row_domain = $db->fetch_array($result_domains)) {
$domainlist[] = $row_domain['domain'];
}
sort($domainlist);
if(isset($domainlist[0]) && $domainlist[0] != '')
{
foreach($domainlist as $dom)
{
if (isset($domainlist[0]) && $domainlist[0] != '') {
foreach ($domainlist as $dom) {
$domains .= makeoption($idna_convert->decode($dom), $dom);
}
}
@@ -278,40 +229,32 @@ elseif($page == 'accounts')
$title = $ftp_add_data['ftp_add']['title'];
$image = $ftp_add_data['ftp_add']['image'];
eval("echo \"" . getTemplate("ftp/accounts_add") . "\";");
eval("echo \"" . getTemplate('ftp/accounts_add') . "\";");
}
}
}
elseif($action == 'edit'
&& $id != 0)
{
} elseif ($action == 'edit' && $id != 0) {
$result = $db->query_first("SELECT `id`, `username`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
if(isset($result['username'])
&& $result['username'] != '')
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
if (isset($result['username'])
&& $result['username'] != ''
) {
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
$path = validate($_POST['path'], 'path');
$_setnewpass = false;
if(isset($_POST['ftp_password']) && $_POST['ftp_password'] != '')
{
if (isset($_POST['ftp_password']) && $_POST['ftp_password'] != '') {
$password = validate($_POST['ftp_password'], 'password');
$password = validatePassword($password);
$_setnewpass = true;
}
if($_setnewpass)
{
if($password == '')
{
if ($_setnewpass) {
if ($password == '') {
standard_error(array('stringisempty', 'mypassword'));
exit;
}
else
{
$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
$cryptPassword = makeCryptPassword($password);
$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
@@ -321,16 +264,12 @@ elseif($page == 'accounts')
$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $result['username'] . "_backup'");
}
}
}
if($path != '')
{
if ($path != '') {
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
if($path != $result['homedir'])
{
if(!file_exists($path))
{
if ($path != $result['homedir']) {
if (!file_exists($path)) {
mkDirWithCorrectOwnership($userinfo['documentroot'], $path, $result['uid'], $result['gid']);
inserttask(5); /* Let the cronjob do the rest */
}
@@ -341,30 +280,23 @@ elseif($page == 'accounts')
}
redirectTo($filename, Array('page' => $page, 's' => $s));
}
else
{
if(strpos($result['homedir'], $userinfo['documentroot']) === 0)
{
} else {
if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
}
else
{
} else {
$homedir = $result['homedir'];
}
$homedir = makeCorrectDir($homedir);
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $homedir);
if($settings['customer']['ftpatdomain'] == '1')
{
if ($settings['customer']['ftpatdomain'] == '1') {
$domains = '';
$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
while($row_domain = $db->fetch_array($result_domains))
{
$domains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
while ($row_domain = $db->fetch_array($result_domains)) {
$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
}
}
@@ -374,10 +306,8 @@ elseif($page == 'accounts')
$title = $ftp_edit_data['ftp_edit']['title'];
$image = $ftp_edit_data['ftp_edit']['image'];
eval("echo \"" . getTemplate("ftp/accounts_edit") . "\";");
eval("echo \"" . getTemplate('ftp/accounts_edit') . "\";");
}
}
}
}
?>