add Admins.add()

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
2018-02-22 16:51:56 +01:00
parent b42a7b1b26
commit dfb5d33a56
4 changed files with 237 additions and 268 deletions
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -201,247 +201,12 @@ if ($page == 'admins'
 		if (isset($_POST['send'])
 			&& $_POST['send'] == 'send'
 		) {
-
-			$name = validate($_POST['name'], 'name');
-			$email = $idna_convert->encode(validate($_POST['email'], 'email'));
-
-			$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
-			$custom_notes_show = 0;
-			if (isset($_POST['custom_notes_show'])) {
-			    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+			try {
+				Admins::getLocal($userinfo, $_POST)->add();
+			} catch (Exception $e) {
+				dynamic_error($e->getMessage());
 			}
-
-			$loginname = validate($_POST['loginname'], 'loginname');
-			$password = validate($_POST['admin_password'], 'password');
-			$password = validatePassword($password);
-			$def_language = validate($_POST['def_language'], 'default language');
-
-			$customers = intval_ressource($_POST['customers']);
-			if (isset($_POST['customers_ul'])) {
-				$customers = -1;
-			}
-
-			$domains = intval_ressource($_POST['domains']);
-			if (isset($_POST['domains_ul'])) {
-				$domains = -1;
-			}
-
-			$subdomains = intval_ressource($_POST['subdomains']);
-			if (isset($_POST['subdomains_ul'])) {
-				$subdomains = -1;
-			}
-
-			$emails = intval_ressource($_POST['emails']);
-			if (isset($_POST['emails_ul'])) {
-				$emails = -1;
-			}
-
-			$email_accounts = intval_ressource($_POST['email_accounts']);
-			if (isset($_POST['email_accounts_ul'])) {
-				$email_accounts = -1;
-			}
-
-			$email_forwarders = intval_ressource($_POST['email_forwarders']);
-			if (isset($_POST['email_forwarders_ul'])) {
-				$email_forwarders = -1;
-			}
-
-			if (Settings::Get('system.mail_quota_enabled') == '1') {
-
-				$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
-				if (isset($_POST['email_quota_ul'])) {
-					$email_quota = -1;
-				}
-			} else {
-				$email_quota = -1;
-			}
-
-			$ftps = intval_ressource($_POST['ftps']);
-			if (isset($_POST['ftps_ul'])) {
-				$ftps = -1;
-			}
-
-			if (Settings::Get('ticket.enabled') == 1) {
-
-				$tickets = intval_ressource($_POST['tickets']);
-				if (isset($_POST['tickets_ul'])) {
-					$tickets = -1;
-				}
-			} else {
-				$tickets = 0;
-			}
-
-			$mysqls = intval_ressource($_POST['mysqls']);
-			if (isset($_POST['mysqls_ul'])) {
-				$mysqls = -1;
-			}
-
-			$customers_see_all = 0;
-			if (isset($_POST['customers_see_all'])) {
-				$customers_see_all = intval($_POST['customers_see_all']);
-			}
-
-			$domains_see_all = 0;
-			if (isset($_POST['domains_see_all'])) {
-				$domains_see_all = intval($_POST['domains_see_all']);
-			}
-
-			$caneditphpsettings = 0;
-			if (isset($_POST['caneditphpsettings'])) {
-				$caneditphpsettings = intval($_POST['caneditphpsettings']);
-			}
-
-			$change_serversettings = 0;
-			if (isset($_POST['change_serversettings'])) {
-				$change_serversettings = intval($_POST['change_serversettings']);
-			}
-
-			$diskspace = intval_ressource($_POST['diskspace']);
-			if (isset($_POST['diskspace_ul'])) {
-				$diskspace = -1;
-			}
-
-			$traffic = doubleval_ressource($_POST['traffic']);
-			if (isset($_POST['traffic_ul'])) {
-				$traffic = -1;
-			}
-
-			$tickets_see_all = 0;
-			if (isset($_POST['tickets_see_all'])) {
-				$tickets_see_all = intval($_POST['tickets_see_all']);
-			}
-
-			$diskspace = $diskspace * 1024;
-			$traffic = $traffic * 1024 * 1024;
-			$ipaddress = intval_ressource($_POST['ipaddress']);
-
-			// Check if the account already exists
-			$loginname_check_stmt = Database::prepare("
-				SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = :login
-			");
-			$loginname_check = Database::pexecute_first($loginname_check_stmt, array('login' => $loginname));
-
-			$loginname_check_admin_stmt = Database::prepare("
-				SELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = :login
-			");
-			$loginname_check_admin = Database::pexecute_first($loginname_check_admin_stmt, array('login' => $loginname));
-
-			if ($loginname == '') {
-				standard_error(array('stringisempty', 'myloginname'));
-			}
-			elseif (strtolower($loginname_check['loginname']) == strtolower($loginname)
-				|| strtolower($loginname_check_admin['loginname']) == strtolower($loginname)
-			) {
-				standard_error('loginnameexists', $loginname);
-			}
-			// Accounts which match systemaccounts are not allowed, filtering them
-			elseif (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
-				standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
-			}
-			elseif (!validateUsername($loginname)) {
-				standard_error('loginnameiswrong', $loginname);
-			}
-			elseif ($name == '') {
-				standard_error(array('stringisempty', 'myname'));
-			}
-			elseif ($email == '') {
-				standard_error(array('stringisempty', 'emailadd'));
-			}
-			elseif ($password == '') {
-				standard_error(array('stringisempty', 'mypassword'));
-			}
-			elseif (!validateEmail($email)) {
-				standard_error('emailiswrong', $email);
-
-			} else {
-
-				if ($customers_see_all != '1') {
-					$customers_see_all = '0';
-				}
-
-				if ($domains_see_all != '1') {
-					$domains_see_all = '0';
-				}
-
-				if ($caneditphpsettings != '1') {
-					$caneditphpsettings = '0';
-				}
-
-				if ($change_serversettings != '1') {
-					$change_serversettings = '0';
-				}
-
-				if ($tickets_see_all != '1') {
-					$tickets_see_all  = '0';
-				}
-
-				$_theme = Settings::Get('panel.default_theme');
-
-				$ins_data = array(
-					'loginname' => $loginname,
-					'password' => makeCryptPassword($password),
-					'name' => $name,
-					'email' => $email,
-					'lang' => $def_language,
-					'change_serversettings' => $change_serversettings,
-					'customers' => $customers,
-					'customers_see_all' => $customers_see_all,
-					'domains' => $domains,
-					'domains_see_all' => $domains_see_all,
-					'caneditphpsettings' => $caneditphpsettings,
-					'diskspace' => $diskspace,
-					'traffic' => $traffic,
-					'subdomains' => $subdomains,
-					'emails' => $emails,
-					'accounts' => $email_accounts,
-					'forwarders' => $email_forwarders,
-					'quota' => $email_quota,
-					'ftps' => $ftps,
-					'tickets' => $tickets,
-					'tickets_see_all' => $tickets_see_all,
-					'mysqls' => $mysqls,
-					'ip' => $ipaddress,
-					'theme' => $_theme,
-					'custom_notes' => $custom_notes,
-					'custom_notes_show' => $custom_notes_show
-				);
-
-				$ins_stmt = Database::prepare("
-					INSERT INTO `" . TABLE_PANEL_ADMINS . "` SET
-					`loginname` = :loginname,
-					`password` = :password,
-					`name` = :name,
-					`email` = :email,
-					`def_language` = :lang,
-					`change_serversettings` = :change_serversettings,
-					`customers` = :customers,
-					`customers_see_all` = :customers_see_all,
-					`domains` = :domains,
-					`domains_see_all` = :domains_see_all,
-					`caneditphpsettings` = :caneditphpsettings,
-					`diskspace` = :diskspace,
-					`traffic` = :traffic,
-					`subdomains` = :subdomains,
-					`emails` = :emails,
-					`email_accounts` = :accounts,
-					`email_forwarders` = :forwarders,
-					`email_quota` = :quota,
-					`ftps` = :ftps,
-					`tickets` = :tickets,
-					`tickets_see_all` = :tickets_see_all,
-					`mysqls` = :mysqls,
-					`ip` = :ip,
-					`theme` = :theme,
-					`custom_notes` = :custom_notes,
-					`custom_notes_show` = :custom_notes_show
-				");
-				Database::pexecute($ins_stmt, $ins_data);
-
-				$adminid = Database::lastInsertId();
-				$log->logAction(ADM_ACTION, LOG_INFO, "added admin '" . $loginname . "'");
-				redirectTo($filename, array('page' => $page, 's' => $s));
-			}
-
+			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {

 			$language_options = '';