From 84569173c9a21ebab5ecdb662d9b4fb98b7c336b Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 16 Apr 2012 12:19:56 +0000
Subject: [PATCH] Fixed: FS#2176 - collision between shell/ftp accounts and
 client accounts named webXX is not checked

---
 interface/lib/classes/validate_client.inc.php | 30 +++++++++++++++++++
 interface/web/client/client_edit.php          |  2 +-
 interface/web/client/form/client.tform.php    |  6 +++-
 interface/web/client/form/reseller.tform.php  |  6 +++-
 interface/web/client/lib/lang/en_client.lng   |  1 +
 interface/web/client/lib/lang/en_reseller.lng |  1 +
 6 files changed, 43 insertions(+), 3 deletions(-)

diff --git a/interface/lib/classes/validate_client.inc.php b/interface/lib/classes/validate_client.inc.php
index 97b922182..fa0f10293 100644
--- a/interface/lib/classes/validate_client.inc.php
+++ b/interface/lib/classes/validate_client.inc.php
@@ -65,6 +65,36 @@ class validate_client {
 		}
 	}
 	
+	function username_collision($field_name, $field_value, $validator) {
+		global $app;
+		
+		if(isset($app->remoting_lib->primary_id)) {
+			$client_id = $app->remoting_lib->primary_id;
+		} else {
+			$client_id = $app->tform->primary_id;
+		}
+		
+		$app->uses('getconf');
+		$global_config = $app->getconf->get_global_config('sites');
+		
+		if(substr($field_value,0,3) == 'web' && 
+		  ($global_config['ftpuser_prefix'] == '[CLIENTNAME]' || 
+		   $global_config['ftpuser_prefix'] == '' ||
+		   $global_config['shelluser_prefix'] == '[CLIENTNAME]' ||
+		   $global_config['shelluser_prefix'] == '' )) {
+			$errmsg = $validator['errmsg'];
+			if(isset($app->tform->wordbook[$errmsg])) {
+				return $app->tform->wordbook[$errmsg]."<br>\r\n";
+			} else {
+				return $errmsg."<br>\r\n";
+			}
+		}
+		
+		
+		
+		
+	}
+	
 	
 	
 	
diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index e3330e588..fc16d4c28 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -1,6 +1,6 @@
 <?php
 /*
-Copyright (c) 2005 - 2008, Till Brehm, projektfarm Gmbh
+Copyright (c) 2005 - 2012, Till Brehm, projektfarm Gmbh, ISPConfig UG
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
diff --git a/interface/web/client/form/client.tform.php b/interface/web/client/form/client.tform.php
index 6e7699250..d35f34fdf 100644
--- a/interface/web/client/form/client.tform.php
+++ b/interface/web/client/form/client.tform.php
@@ -126,7 +126,11 @@ $form["tabs"]['address'] = array (
 														'class' => 'validate_client',
 														'function' => 'username_unique',
 														'errmsg'=> 'username_error_unique'),
-										2 => array (	'type'	=> 'REGEX',
+										2 => array (	'type'	=> 'CUSTOM',
+														'class' => 'validate_client',
+														'function' => 'username_collision',
+														'errmsg'=> 'username_error_collision'),
+										3 => array (	'type'	=> 'REGEX',
 														'regex' => '/^[\w\.\-\_]{0,64}$/',
 														'errmsg'=> 'username_error_regex'),
 										),
diff --git a/interface/web/client/form/reseller.tform.php b/interface/web/client/form/reseller.tform.php
index 5447070f6..a3077914f 100644
--- a/interface/web/client/form/reseller.tform.php
+++ b/interface/web/client/form/reseller.tform.php
@@ -126,7 +126,11 @@ $form["tabs"]['address'] = array (
 														'class' => 'validate_client',
 														'function' => 'username_unique',
 														'errmsg'=> 'username_error_unique'),
-										2 => array (	'type'	=> 'REGEX',
+										2 => array (	'type'	=> 'CUSTOM',
+														'class' => 'validate_client',
+														'function' => 'username_collision',
+														'errmsg'=> 'username_error_collision'),
+										3 => array (	'type'	=> 'REGEX',
 														'regex' => '/^[\w\.\-\_]{0,64}$/',
 														'errmsg'=> 'username_error_regex'),
 										),
diff --git a/interface/web/client/lib/lang/en_client.lng b/interface/web/client/lib/lang/en_client.lng
index ce4805ef6..f2edf1fd7 100644
--- a/interface/web/client/lib/lang/en_client.lng
+++ b/interface/web/client/lib/lang/en_client.lng
@@ -109,4 +109,5 @@ $wb["limit_openvz_vm_template_id_txt"] = 'Force virtual server template';
 $wb["limit_openvz_vm_error_notint"] = 'The virtual server limit must be a number.';
 $wb["web_php_options_notempty"] = 'No PHP option(s) selected. Select at least one PHP option.';
 $wb["ssh_chroot_notempty"] = 'No SSH chroot option selected. Select at least one SSH option.';
+$wb["username_error_collision"] = 'The username may not start with the word - web -';
 ?>
diff --git a/interface/web/client/lib/lang/en_reseller.lng b/interface/web/client/lib/lang/en_reseller.lng
index b93f54ee8..9f1e36c88 100644
--- a/interface/web/client/lib/lang/en_reseller.lng
+++ b/interface/web/client/lib/lang/en_reseller.lng
@@ -108,4 +108,5 @@ $wb["limit_openvz_vm_template_id_txt"] = 'Force virtual server template';
 $wb["limit_openvz_vm_error_notint"] = 'The virtual server limit must be a number.';
 $wb["web_php_options_notempty"] = 'No PHP option(s) selected. Select at least one PHP option.';
 $wb["ssh_chroot_notempty"] = 'No SSH chroot option selected. Select at least one SSH option.';
+$wb["username_error_collision"] = 'The username may not start with the word - web -';
 ?>
-- 
GitLab