diff --git a/install/tpl/config.inc.php.master b/install/tpl/config.inc.php.master
index 4c8e03b423730f52d5bcb3d28cbe2fcc66b1685d..1bcdcad09bbd3b51f39e29cf60e133f945e06c26 100644
--- a/install/tpl/config.inc.php.master
+++ b/install/tpl/config.inc.php.master
@@ -117,6 +117,15 @@ $conf["server_id"] = "{server_id}";
//** Interface
$conf['interface_modules_enabled'] = 'dashboard,mail,sites,dns,tools';
+//** Demo mode
+/* The demo mode is an option to restrict certain actions in the interface like
+* changing the password of users with sys_userid < 3 etc. to be
+* able to run the ISPConfig interface as online demo. It does not
+* affect the server part. The demo mode should be always set to false
+* on every normal installation
+*/
+$conf['demo_mode'] = false;
+
//** Logging
$conf["log_file"] = $conf["logpath"].$conf["fs_div"]."ispconfig.log";
diff --git a/interface/lib/config.inc.php b/interface/lib/config.inc.php
index 26cfd03c6ec8b0f22a5160381a3e073b684f7388..0cb07a49d8b065f09af5c895f1062cd474670f9c 100644
--- a/interface/lib/config.inc.php
+++ b/interface/lib/config.inc.php
@@ -103,6 +103,15 @@ $conf["server_id"] = "1";
//** Interface
$conf['interface_modules_enabled'] = 'dashboard,mail,sites,dns,tools';
+//** Demo mode
+/* The demo mode is an option to restrict certain actions in the interface like
+* changing the password of users with sys_userid < 3 etc. to be
+* able to run the ISPConfig interface as online demo. It does not
+* affect the server part. The demo mode should be always set to false
+* on every normal installation
+*/
+$conf['demo_mode'] = false;
+
//** Logging
$conf["log_file"] = '/var/log/ispconfig/ispconfig.log';
diff --git a/interface/web/admin/language_add.php b/interface/web/admin/language_add.php
index f3fd93f3e47d42327a44eadd8e13c1e7d61cfda3..a2961715a821045e6b44df03e3fa8ff9b5e6e00a 100644
--- a/interface/web/admin/language_add.php
+++ b/interface/web/admin/language_add.php
@@ -35,6 +35,7 @@ $app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
$app->uses('tpl');
diff --git a/interface/web/admin/language_complete.php b/interface/web/admin/language_complete.php
index 7ae926ff8c92abac90e431d10e5fe1846fd5896f..1ac69887dc34c3b117e17944465c9cc47d3e3e08 100644
--- a/interface/web/admin/language_complete.php
+++ b/interface/web/admin/language_complete.php
@@ -32,6 +32,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('admin');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
diff --git a/interface/web/admin/language_edit.php b/interface/web/admin/language_edit.php
index e4a9dc3c4d053cb1b72c9b17e487e97dd7a60ce1..f16ea683cfa249553bf03e10d9a92cb622e3f655 100644
--- a/interface/web/admin/language_edit.php
+++ b/interface/web/admin/language_edit.php
@@ -35,6 +35,7 @@ $app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
$app->uses('tpl');
diff --git a/interface/web/admin/language_export.php b/interface/web/admin/language_export.php
index d252073d399915e47d6ff3f94979c783344b65c8..5c192c3cf61bad84f1155d9012c226e6ee0540a1 100644
--- a/interface/web/admin/language_export.php
+++ b/interface/web/admin/language_export.php
@@ -35,6 +35,7 @@ $app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
$app->uses('tpl');
diff --git a/interface/web/admin/language_import.php b/interface/web/admin/language_import.php
index 10c128ea868ff2c1c5f1b9644a8aab28e04b9a74..0ca11110cfece2afa63bf5784d53d10a3b0c7c5d 100644
--- a/interface/web/admin/language_import.php
+++ b/interface/web/admin/language_import.php
@@ -35,6 +35,7 @@ $app->auth->check_module_permissions('admin');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
$app->uses('tpl');
diff --git a/interface/web/admin/remote_user_edit.php b/interface/web/admin/remote_user_edit.php
index cadee47963b07f7ec7e21b16ceba3168abdc2a8c..a99e9837dc25cf14a3e2e29683009da84da43fbd 100644
--- a/interface/web/admin/remote_user_edit.php
+++ b/interface/web/admin/remote_user_edit.php
@@ -13,6 +13,9 @@ if(!stristr($_SESSION['s']['user']['modules'],'admin')) {
die;
}
+// Disable this function in demo mode
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
+
// Load the templating and form classes
$app->uses('tpl,tform,tform_actions');
$app->load('tform_actions');
diff --git a/interface/web/admin/server_config_del.php b/interface/web/admin/server_config_del.php
index 67c0096af788016df169be532ea5a9cf2053b2bb..7b30ea3e4d969e18fe964d1a9c9c7f34551c585f 100644
--- a/interface/web/admin/server_config_del.php
+++ b/interface/web/admin/server_config_del.php
@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('admin');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
$app->uses("tform_actions");
$app->tform_actions->onDelete();
diff --git a/interface/web/admin/server_config_edit.php b/interface/web/admin/server_config_edit.php
index 1f71ef7c7df79fa9f015a14a6b8ee47dc90d6fde..c034da1550087edf21a9e4998705308451ac43d2 100644
--- a/interface/web/admin/server_config_edit.php
+++ b/interface/web/admin/server_config_edit.php
@@ -71,19 +71,21 @@ class page_action extends tform_actions {
}
function onUpdateSave($sql) {
- global $app;
+ global $app,$conf;
if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
$app->uses('ini_parser,getconf');
- $section = $app->tform->getCurrentTab();
- $server_id = $this->id;
+ if($conf['demo_mode'] != true) {
+ $section = $app->tform->getCurrentTab();
+ $server_id = $this->id;
- $server_config_array = $app->getconf->get_server_config($server_id);
- $server_config_array[$section] = $app->tform->encode($this->dataRecord,$section);
- $server_config_str = $app->ini_parser->get_ini_string($server_config_array);
+ $server_config_array = $app->getconf->get_server_config($server_id);
+ $server_config_array[$section] = $app->tform->encode($this->dataRecord,$section);
+ $server_config_str = $app->ini_parser->get_ini_string($server_config_array);
- $app->db->datalogUpdate('server', "config = '".$app->db->quote($server_config_str)."'", 'server_id', $server_id);
+ $app->db->datalogUpdate('server', "config = '".$app->db->quote($server_config_str)."'", 'server_id', $server_id);
+ }
}
}
diff --git a/interface/web/admin/server_del.php b/interface/web/admin/server_del.php
index 78a0785702107b561d5bfee741bc21cf07e80eb2..d5b3b9639f1a5b2ce9e192d1f2b9741734cb61d5 100644
--- a/interface/web/admin/server_del.php
+++ b/interface/web/admin/server_del.php
@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('admin');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
$app->uses("tform_actions");
$app->tform_actions->onDelete();
diff --git a/interface/web/admin/software_repo_del.php b/interface/web/admin/software_repo_del.php
index 8da40c9c87e28e1c413e39340c8eb892ca4438dc..a6522fa5bdb081bdedf013bbf5e4bc51d25ba8fd 100644
--- a/interface/web/admin/software_repo_del.php
+++ b/interface/web/admin/software_repo_del.php
@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('admin');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
$app->uses("tform_actions");
$app->tform_actions->onDelete();
diff --git a/interface/web/admin/software_repo_edit.php b/interface/web/admin/software_repo_edit.php
index bd0c875f56b34cc7d7624a7c78df0cccaeb1d483..17902f152eb4030c54e40a3c5c6d75ffbb1c9e48 100644
--- a/interface/web/admin/software_repo_edit.php
+++ b/interface/web/admin/software_repo_edit.php
@@ -43,6 +43,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('admin');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
// Loading classes
$app->uses('tpl,tform,tform_actions');
diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php
index 70f26befb4aa485ac8501003f039367a1594b288..22702091da8c7230824a19fa0c09bc7def833062 100644
--- a/interface/web/admin/system_config_edit.php
+++ b/interface/web/admin/system_config_edit.php
@@ -78,7 +78,7 @@ class page_action extends tform_actions {
}
function onUpdateSave($sql) {
- global $app;
+ global $app,$conf;
if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
$app->uses('ini_parser,getconf');
@@ -90,7 +90,7 @@ class page_action extends tform_actions {
$server_config_str = $app->ini_parser->get_ini_string($server_config_array);
$sql = "UPDATE sys_ini SET config = '".$app->db->quote($server_config_str)."' WHERE sysini_id = 1";
- $app->db->query($sql);
+ if($conf['demo_mode'] != true) $app->db->query($sql);
/*
* If we should use the domain-module, we have to insert all existing domains into the table
diff --git a/interface/web/admin/users_del.php b/interface/web/admin/users_del.php
index b4f3e722397989b01b22d55e31f915bced4ea5ae..dfea889740a8d2b96380b386988cc53fb3c99c4e 100644
--- a/interface/web/admin/users_del.php
+++ b/interface/web/admin/users_del.php
@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('admin');
+if($conf['demo_mode'] == true && $_REQUEST['id'] <= 3) $app->error('This function is disabled in demo mode.');
$app->uses("tform_actions");
$app->tform_actions->onDelete();
diff --git a/interface/web/admin/users_edit.php b/interface/web/admin/users_edit.php
index 2bf4dcc6a59585a17bacb370691f82e0c2d03cb7..ae2298615c41005aa2d30f240efcd91adeac8492 100644
--- a/interface/web/admin/users_edit.php
+++ b/interface/web/admin/users_edit.php
@@ -61,6 +61,8 @@ class page_action extends tform_actions {
function onBeforeUpdate() {
global $app, $conf;
+ if($conf['demo_mode'] == true && $_REQUEST['id'] <= 3) $app->error('This function is disabled in demo mode.');
+
if(@is_array($this->dataRecord['modules']) && !in_array($this->dataRecord['startmodule'],$this->dataRecord['modules'])) {
$app->tform->errorMessage .= $app->tform->wordbook['startmodule_err'];
}
diff --git a/interface/web/client/client_del.php b/interface/web/client/client_del.php
index 11cfdb7e5b1cc0aa1688f49b6cf64d51eb2cbc71..184b8f2488069a352067f1729dacbc8109c94ff9 100644
--- a/interface/web/client/client_del.php
+++ b/interface/web/client/client_del.php
@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('client');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
$app->uses('tpl,tform');
$app->load('tform_actions');
diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index 5714220234e5518d575615bdb5e6a4b2de3de214..5da71107e0b232e80d06bc59e8bb928bd5c0d044 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -178,7 +178,7 @@ class page_action extends tform_actions {
global $app;
// username changed
- if(isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
+ if($conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
$username = $app->db->quote($this->dataRecord["username"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
@@ -190,7 +190,7 @@ class page_action extends tform_actions {
}
// password changed
- if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
+ if($conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
$password = $app->db->quote($this->dataRecord["password"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
@@ -198,7 +198,7 @@ class page_action extends tform_actions {
}
// language changed
- if(isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
+ if($conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
$language = $app->db->quote($this->dataRecord["language"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET language = '$language' WHERE client_id = $client_id";
diff --git a/interface/web/client/reseller_del.php b/interface/web/client/reseller_del.php
index f75eceab8f8e1837fea916733981ecbe3f1be22c..fefd3706065ee04dfe44711634403290024e755a 100644
--- a/interface/web/client/reseller_del.php
+++ b/interface/web/client/reseller_del.php
@@ -55,6 +55,8 @@ class page_action extends tform_actions {
function onBeforeDelete() {
global $app, $conf;
+ if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
+
$client_id = intval($this->dataRecord['client_id']);
$tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE parent_client_id = ".$client_id);
diff --git a/interface/web/client/reseller_edit.php b/interface/web/client/reseller_edit.php
index b58ba8f7c5cb69af2a70c64d1e9863f7e9d70bf7..44c65be45174430e77b5d858375dcf36982e2448 100644
--- a/interface/web/client/reseller_edit.php
+++ b/interface/web/client/reseller_edit.php
@@ -173,7 +173,7 @@ class page_action extends tform_actions {
global $app, $conf;
// username changed
- if(isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
+ if($conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
$username = $app->db->quote($this->dataRecord["username"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
@@ -185,7 +185,7 @@ class page_action extends tform_actions {
}
// password changed
- if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
+ if($conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
$password = $app->db->quote($this->dataRecord["password"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
@@ -193,7 +193,7 @@ class page_action extends tform_actions {
}
// language changed
- if(isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
+ if($conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
$language = $app->db->quote($this->dataRecord["language"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET language = '$language' WHERE client_id = $client_id";
diff --git a/interface/web/designer/form_edit.php b/interface/web/designer/form_edit.php
index 4ea74c2e0cca4c5cc072704285104440f3d91186..90acd2e1b51c910a4c92db242a2ad7401e5d071f 100644
--- a/interface/web/designer/form_edit.php
+++ b/interface/web/designer/form_edit.php
@@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
//* Check permissions for module
$app->auth->check_module_permissions('designer');
diff --git a/interface/web/designer/module_edit.php b/interface/web/designer/module_edit.php
index 9a8df309e901efeb2da1092114d02a19cd27c122..26e229a7d8b90f6800b816f53a3f569d60f708e0 100644
--- a/interface/web/designer/module_edit.php
+++ b/interface/web/designer/module_edit.php
@@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
//* Check permissions for module
$app->auth->check_module_permissions('designer');
diff --git a/interface/web/designer/module_nav_del.php b/interface/web/designer/module_nav_del.php
index 18c5bf4d14c09f3968446e6c14d95a9cfd4d7e40..b0fd55a7be45f7a4044282a7cb0ddd30a46dc978 100644
--- a/interface/web/designer/module_nav_del.php
+++ b/interface/web/designer/module_nav_del.php
@@ -34,6 +34,7 @@ if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
//* Check permissions for module
$app->auth->check_module_permissions('designer');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
// Lade Template
$app->uses('tpl');
diff --git a/interface/web/designer/module_nav_edit.php b/interface/web/designer/module_nav_edit.php
index 73c010e821457c4f4165811932dbe5fbf6fed61e..a7acf40c10e7a6a5b2c054a6cf77f43b3865f2b6 100644
--- a/interface/web/designer/module_nav_edit.php
+++ b/interface/web/designer/module_nav_edit.php
@@ -34,6 +34,7 @@ require_once('../../lib/app.inc.php');
if($_SESSION['s']['user']['typ'] != 'admin'){
die('Admin permissions required.');
}
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
//* Check permissions for module
$app->auth->check_module_permissions('designer');
diff --git a/interface/web/designer/module_nav_flip.php b/interface/web/designer/module_nav_flip.php
index f3fc164d94c0068f0ade0e18834ff779f8f6f7e8..6599a5ff6b19e7b8b7a9c8eafbb389665f1404e7 100644
--- a/interface/web/designer/module_nav_flip.php
+++ b/interface/web/designer/module_nav_flip.php
@@ -34,6 +34,7 @@ if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
//* Check permissions for module
$app->auth->check_module_permissions('designer');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
// Lade Template
$app->uses('tpl');
diff --git a/interface/web/designer/module_nav_item_del.php b/interface/web/designer/module_nav_item_del.php
index cd458cd21e0d930628a6262778b6270dbb830c51..6360c46edb00e7012786d44015e7177b9a84949e 100644
--- a/interface/web/designer/module_nav_item_del.php
+++ b/interface/web/designer/module_nav_item_del.php
@@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
//* Check permissions for module
$app->auth->check_module_permissions('designer');
diff --git a/interface/web/designer/module_nav_item_edit.php b/interface/web/designer/module_nav_item_edit.php
index 5948aba5b87d6df4c172a09fbd6d44d463b07591..21e1e3594e885d4b5b4bc7ec2aa6c53e959ba848 100644
--- a/interface/web/designer/module_nav_item_edit.php
+++ b/interface/web/designer/module_nav_item_edit.php
@@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
//* Check permissions for module
$app->auth->check_module_permissions('designer');
diff --git a/interface/web/designer/module_nav_item_flip.php b/interface/web/designer/module_nav_item_flip.php
index 2ec0566af4db9ea6d51f2a06ac4befc93cdc978f..1aec179fff65b70c13bc02e9429c805f5248fac4 100644
--- a/interface/web/designer/module_nav_item_flip.php
+++ b/interface/web/designer/module_nav_item_flip.php
@@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
//* Check permissions for module
$app->auth->check_module_permissions('designer');
diff --git a/interface/web/remote/index.php b/interface/web/remote/index.php
index 78e8d0134f775cf528f4f1fcdd433e4f2c664373..1fa5e607b9eeb52e9b5879efa6405e11499946b2 100644
--- a/interface/web/remote/index.php
+++ b/interface/web/remote/index.php
@@ -4,6 +4,8 @@ require_once('../../lib/config.inc.php');
$conf['start_session'] = false;
require_once('../../lib/app.inc.php');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
+
$app->load('remoting');
$server = new SoapServer(null, array('uri' => $_SERVER['REQUEST_URI']));
diff --git a/interface/web/tools/user_settings.php b/interface/web/tools/user_settings.php
index d6638141507327ac7112992a79a517eabcb0df8d..b67a1abb5c973a4e1721435d975d53d7a7a464a7 100644
--- a/interface/web/tools/user_settings.php
+++ b/interface/web/tools/user_settings.php
@@ -81,6 +81,8 @@ class page_action extends tform_actions {
function onBeforeUpdate() {
global $app, $conf;
+ if($conf['demo_mode'] == true && $this->id <= 3) $app->tform->errorMessage .= 'This function is disabled in demo mode.';
+
if($_POST['passwort'] != $_POST['passwort2']) {
$app->tform->errorMessage = $app->tform->lng('password_mismatch');
}