when editing an admin/reseller check if the changed resources are still at least as much as the admin/reseller used already
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
218
admin_admins.php
218
admin_admins.php
@@ -47,26 +47,6 @@ if($page == 'admins'
|
||||
'diskspace_used' => $lng['customer']['diskspace'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'traffic' => $lng['customer']['traffic'],
|
||||
'traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
|
||||
/*
|
||||
'mysqls' => $lng['customer']['mysqls'],
|
||||
'mysqls_used' => $lng['customer']['mysqls'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'ftps' => $lng['customer']['ftps'],
|
||||
'ftps_used' => $lng['customer']['ftps'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'tickets' => $lng['customer']['tickets'],
|
||||
'tickets_used' => $lng['customer']['tickets'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'subdomains' => $lng['customer']['subdomains'],
|
||||
'subdomains_used' => $lng['customer']['subdomains'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'emails' => $lng['customer']['emails'],
|
||||
'emails_used' => $lng['customer']['emails'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'email_accounts' => $lng['customer']['accounts'],
|
||||
'email_accounts_used' => $lng['customer']['accounts'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'email_forwarders' => $lng['customer']['forwarders'],
|
||||
'email_forwarders_used' => $lng['customer']['forwarders'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'email_quota' => $lng['customer']['email_quota'],
|
||||
'email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
|
||||
'email_autoresponder' => $lng['customer']['autoresponder'],
|
||||
'email_autoresponder_used' => $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')',
|
||||
*/
|
||||
'deactivated' => $lng['admin']['deactivated']
|
||||
);
|
||||
$paging = new paging($userinfo, $db, TABLE_PANEL_ADMINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
|
||||
@@ -545,113 +525,84 @@ if($page == 'admins'
|
||||
$password = validate($_POST['admin_password'], 'new password');
|
||||
$def_language = validate($_POST['def_language'], 'default language');
|
||||
$deactivated = isset($_POST['deactivated']) ? 1 : 0;
|
||||
$customers = intval_ressource($_POST['customers']);
|
||||
|
||||
if(isset($_POST['customers_ul']))
|
||||
{
|
||||
$customers = - 1;
|
||||
$customers = intval_ressource($_POST['customers']);
|
||||
if (isset($_POST['customers_ul'])) {
|
||||
$customers = -1;
|
||||
}
|
||||
|
||||
$domains = intval_ressource($_POST['domains']);
|
||||
|
||||
if(isset($_POST['domains_ul']))
|
||||
{
|
||||
$domains = - 1;
|
||||
if (isset($_POST['domains_ul'])) {
|
||||
$domains = -1;
|
||||
}
|
||||
|
||||
$subdomains = intval_ressource($_POST['subdomains']);
|
||||
|
||||
if(isset($_POST['subdomains_ul']))
|
||||
{
|
||||
$subdomains = - 1;
|
||||
if (isset($_POST['subdomains_ul'])) {
|
||||
$subdomains = -1;
|
||||
}
|
||||
|
||||
$emails = intval_ressource($_POST['emails']);
|
||||
|
||||
if(isset($_POST['emails_ul']))
|
||||
{
|
||||
$emails = - 1;
|
||||
if (isset($_POST['emails_ul'])) {
|
||||
$emails = -1;
|
||||
}
|
||||
|
||||
$email_accounts = intval_ressource($_POST['email_accounts']);
|
||||
|
||||
if(isset($_POST['email_accounts_ul']))
|
||||
{
|
||||
$email_accounts = - 1;
|
||||
if (isset($_POST['email_accounts_ul'])) {
|
||||
$email_accounts = -1;
|
||||
}
|
||||
|
||||
$email_forwarders = intval_ressource($_POST['email_forwarders']);
|
||||
|
||||
if(isset($_POST['email_forwarders_ul']))
|
||||
{
|
||||
$email_forwarders = - 1;
|
||||
if (isset($_POST['email_forwarders_ul'])) {
|
||||
$email_forwarders = -1;
|
||||
}
|
||||
|
||||
if($settings['system']['mail_quota_enabled'] == '1')
|
||||
{
|
||||
if ($settings['system']['mail_quota_enabled'] == '1') {
|
||||
$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
|
||||
|
||||
if(isset($_POST['email_quota_ul']))
|
||||
{
|
||||
$email_quota = - 1;
|
||||
if (isset($_POST['email_quota_ul'])) {
|
||||
$email_quota = -1;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$email_quota = - 1;
|
||||
} else {
|
||||
$email_quota = -1;
|
||||
}
|
||||
|
||||
if($settings['autoresponder']['autoresponder_active'] == '1')
|
||||
{
|
||||
if ($settings['autoresponder']['autoresponder_active'] == '1') {
|
||||
$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
|
||||
|
||||
if(isset($_POST['email_autoresponder_ul']))
|
||||
{
|
||||
$email_autoresponder = - 1;
|
||||
if (isset($_POST['email_autoresponder_ul'])) {
|
||||
$email_autoresponder = -1;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
} else {
|
||||
$email_autoresponder = 0;
|
||||
}
|
||||
|
||||
$ftps = intval_ressource($_POST['ftps']);
|
||||
|
||||
if(isset($_POST['ftps_ul']))
|
||||
{
|
||||
$ftps = - 1;
|
||||
if (isset($_POST['ftps_ul'])) {
|
||||
$ftps = -1;
|
||||
}
|
||||
|
||||
if($settings['ticket']['enabled'] == 1)
|
||||
{
|
||||
if ($settings['ticket']['enabled'] == 1) {
|
||||
$tickets = intval_ressource($_POST['tickets']);
|
||||
|
||||
if(isset($_POST['tickets_ul']))
|
||||
{
|
||||
$tickets = - 1;
|
||||
if (isset($_POST['tickets_ul'])) {
|
||||
$tickets = -1;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
} else {
|
||||
$tickets = 0;
|
||||
}
|
||||
|
||||
$mysqls = intval_ressource($_POST['mysqls']);
|
||||
|
||||
if(isset($_POST['mysqls_ul']))
|
||||
{
|
||||
if (isset($_POST['mysqls_ul'])) {
|
||||
$mysqls = - 1;
|
||||
}
|
||||
|
||||
$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
|
||||
|
||||
if(isset($_POST['number_of_aps_packages_ul']))
|
||||
{
|
||||
$number_of_aps_packages = - 1;
|
||||
if ($settings['aps']['aps_active'] == '1') {
|
||||
$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
|
||||
if (isset($_POST['number_of_aps_packages_ul'])) {
|
||||
$number_of_aps_packages = -1;
|
||||
}
|
||||
$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
|
||||
} else {
|
||||
$number_of_aps_packages = 0;
|
||||
}
|
||||
|
||||
$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
|
||||
|
||||
$customers_see_all = 0;
|
||||
if(isset($_POST['customers_see_all']))
|
||||
$customers_see_all = intval($_POST['customers_see_all']);
|
||||
@@ -663,27 +614,23 @@ if($page == 'admins'
|
||||
$caneditphpsettings = 0;
|
||||
if(isset($_POST['caneditphpsettings']))
|
||||
$caneditphpsettings = intval($_POST['caneditphpsettings']);
|
||||
|
||||
|
||||
$change_serversettings = 0;
|
||||
if(isset($_POST['change_serversettings']))
|
||||
$change_serversettings = isset($_POST['change_serversettings']) ? 1 : 0;
|
||||
|
||||
$diskspace = intval($_POST['diskspace']);
|
||||
|
||||
$tickets_see_all = 0;
|
||||
if (isset($_POST['tickets_see_all']))
|
||||
$tickets_see_all = intval($_POST['tickets_see_all']);
|
||||
|
||||
if(isset($_POST['diskspace_ul']))
|
||||
{
|
||||
$diskspace = - 1;
|
||||
$diskspace = intval($_POST['diskspace']);
|
||||
if (isset($_POST['diskspace_ul'])) {
|
||||
$diskspace = -1;
|
||||
}
|
||||
|
||||
$traffic = doubleval_ressource($_POST['traffic']);
|
||||
|
||||
if(isset($_POST['traffic_ul']))
|
||||
{
|
||||
$traffic = - 1;
|
||||
if (isset($_POST['traffic_ul'])) {
|
||||
$traffic = -1;
|
||||
}
|
||||
|
||||
$diskspace = $diskspace * 1024;
|
||||
@@ -744,7 +691,84 @@ if($page == 'admins'
|
||||
$tickets_see_all = '0';
|
||||
}
|
||||
|
||||
$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `tickets_see_all`='".$db->escape($tickets_see_all) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
|
||||
// check if a resource was set to something lower
|
||||
// than actually used by the admin/reseller
|
||||
$res_warning = "";
|
||||
if ($customers != $result['customers'] && $customers < $result['customers_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'customers');
|
||||
}
|
||||
if ($domains != $result['domains'] && $domains < $result['domains_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'domains');
|
||||
}
|
||||
if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != -1 && $diskspace < $result['diskspace_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'diskspace');
|
||||
}
|
||||
if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != -1 && $traffic < $result['traffic_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'traffic');
|
||||
}
|
||||
if ($emails != $result['emails'] && $emails < $result['emails_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'emails');
|
||||
}
|
||||
if ($email_accounts != $result['email_accounts'] && $email_accounts < $result['email_accounts_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email accounts');
|
||||
}
|
||||
if ($email_forwarders != $result['email_forwarders'] && $email_forwarders < $result['email_forwarders_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email forwarders');
|
||||
}
|
||||
if ($email_quota != $result['email_quota'] && $email_quota < $result['email_quota_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email quota');
|
||||
}
|
||||
if ($email_autoresponder != $result['email_autoresponder'] && $email_autoresponder < $result['email_autoresponder_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email autoresponder');
|
||||
}
|
||||
if ($ftps != $result['ftps'] && $ftps < $result['ftps_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'ftps');
|
||||
}
|
||||
if ($tickets != $result['tickets'] && $tickets < $result['tickets_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'tickets');
|
||||
}
|
||||
if ($mysqls != $result['mysqls'] && $mysqls < $result['mysqls_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'mysqls');
|
||||
}
|
||||
if ($number_of_aps_packages != $result['aps_packages'] && $number_of_aps_packages < $result['aps_packages_used']) {
|
||||
$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'aps packages');
|
||||
}
|
||||
|
||||
if ($res_warning != "") {
|
||||
$link = '';
|
||||
$error = $res_warning;
|
||||
eval("echo \"" . getTemplate('misc/error', '1') . "\";");
|
||||
exit;
|
||||
}
|
||||
|
||||
$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET
|
||||
`name`='" . $db->escape($name) . "',
|
||||
`email`='" . $db->escape($email) . "',
|
||||
`def_language`='" . $db->escape($def_language) . "',
|
||||
`change_serversettings` = '" . $db->escape($change_serversettings) . "',
|
||||
`customers` = '" . $db->escape($customers) . "',
|
||||
`customers_see_all` = '" . $db->escape($customers_see_all) . "',
|
||||
`domains` = '" . $db->escape($domains) . "',
|
||||
`domains_see_all` = '" . $db->escape($domains_see_all) . "',
|
||||
`caneditphpsettings` = '" . (int)$caneditphpsettings . "',
|
||||
`password` = '" . $password . "',
|
||||
`diskspace`='" . $db->escape($diskspace) . "',
|
||||
`traffic`='" . $db->escape($traffic) . "',
|
||||
`subdomains`='" . $db->escape($subdomains) . "',
|
||||
`emails`='" . $db->escape($emails) . "',
|
||||
`email_accounts` = '" . $db->escape($email_accounts) . "',
|
||||
`email_forwarders`='" . $db->escape($email_forwarders) . "',
|
||||
`email_quota`='" . $db->escape($email_quota) . "',
|
||||
`email_autoresponder`='" . $db->escape($email_autoresponder) . "',
|
||||
`ftps`='" . $db->escape($ftps) . "',
|
||||
`tickets`='" . $db->escape($tickets) . "',
|
||||
`tickets_see_all`='".$db->escape($tickets_see_all) . "',
|
||||
`mysqls`='" . $db->escape($mysqls) . "',
|
||||
`ip`='" . (int)$ipaddress . "',
|
||||
`deactivated`='" . $db->escape($deactivated) . "',
|
||||
`can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ",
|
||||
`aps_packages`=" . (int)$number_of_aps_packages . "
|
||||
WHERE `adminid`='" . $db->escape($id) . "'");
|
||||
$log->logAction(ADM_ACTION, LOG_INFO, "edited admin '#" . $id . "'");
|
||||
$redirect_props = Array(
|
||||
'page' => $page,
|
||||
|
||||
Reference in New Issue
Block a user