remoting.inc.php 19.3 KB
Newer Older
latham's avatar
latham committed
1 2 3
<?php

/*
4
Copyright (c) 2007 - 2011, Till Brehm, projektfarm Gmbh
latham's avatar
latham committed
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

--UPDATED 08.2009--
Full SOAP support for ISPConfig 3.1.4 b
Updated by Arkadiusz Roch & Artur Edelman
Copyright (c) Tri-Plex technology

*/

class remoting {
38

latham's avatar
latham committed
39
	//* remote session timeout in seconds
40
	private $session_timeout = 1800;
41

latham's avatar
latham committed
42 43 44
	public $oldDataRecord;
	public $dataRecord;
	public $id;
45 46 47

	private $_methods = array();

latham's avatar
latham committed
48
	/*
49
	These variables shall stay global.
latham's avatar
latham committed
50
	Please do not make them private variables.
51

latham's avatar
latham committed
52 53 54 55
	private $app;
    private $conf;
    */

56 57 58 59 60 61
	public function __construct($methods = array())
	{
		global $app;
		$app->uses('remoting_lib');

		$this->_methods = $methods;
62

63
		/*
latham's avatar
latham committed
64 65 66
        $this->app = $app;
        $this->conf = $conf;
		*/
67 68 69
	}

	//* remote login function
70
	public function login($username, $password, $client_login = false)
71
	{
72
		global $app, $conf;
73

alexalouit's avatar
alexalouit committed
74 75
		$error = array();

76 77 78 79
		// Maintenance mode
		$app->uses('ini_parser,getconf');
		$server_config_array = $app->getconf->get_global_config('misc');
		if($server_config_array['maintenance_mode'] == 'y'){
80
			throw new SoapFault('maintenance_mode', 'This ISPConfig installation is currently under maintenance. We should be back shortly. Thank you for your patience.');
81 82
			return false;
		}
83

latham's avatar
latham committed
84
		if(empty($username)) {
alexalouit's avatar
alexalouit committed
85
			$error = array('faultcode' => 'login_username_empty', 'faultstring' => 'The login username is empty.');
latham's avatar
latham committed
86
		}
87

latham's avatar
latham committed
88
		if(empty($password)) {
alexalouit's avatar
alexalouit committed
89
			$error = array('faultcode' => 'login_password_empty', 'faultstring' => 'The login password is empty.');
latham's avatar
latham committed
90
		}
91

latham's avatar
latham committed
92
		//* Delete old remoting sessions
93
		$sql = "DELETE FROM remote_session WHERE tstamp < UNIX_TIMESTAMP()";
latham's avatar
latham committed
94
		$app->db->query($sql);
95

alexalouit's avatar
alexalouit committed
96 97 98
		$ip = md5($_SERVER['REMOTE_ADDR']);
		$sql = "SELECT * FROM `attempts_login` WHERE `ip`= ? AND  `login_time` > (NOW() - INTERVAL 1 MINUTE) LIMIT 1";
		$alreadyfailed = $app->db->queryOneRecord($sql, $ip);
99

alexalouit's avatar
alexalouit committed
100 101 102 103
		if($alreadyfailed['times'] > 5) {
				throw new SoapFault('error_user_too_many_logins', 'Too many failed logins');
				return false;
		}
104

alexalouit's avatar
alexalouit committed
105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124
		if (empty($error)) {

			if($client_login == true) {
				$sql = "SELECT * FROM sys_user WHERE USERNAME = ?";
				$user = $app->db->queryOneRecord($sql, $username);
				if($user) {
					$saved_password = stripslashes($user['passwort']);

					if(substr($saved_password, 0, 3) == '$1$') {
						//* The password is crypt-md5 encrypted
						$salt = '$1$'.substr($saved_password, 3, 8).'$';

						if(crypt(stripslashes($password), $salt) != $saved_password) {
							$error = array('faultcode' => 'client_login_failed', 'faultstring' => 'The login failed. Username or password wrong.');
						}
					} else {
						//* The password is md5 encrypted
						if(md5($password) != $saved_password) {
							$error = array('faultcode' => 'client_login_failed', 'faultstring' => 'The login failed. Username or password wrong.');
						}
125 126
					}
				} else {
alexalouit's avatar
alexalouit committed
127 128 129 130
					$error = array('faultcode' => 'client_login_failed', 'faultstring' => 'The login failed. Username or password wrong.');
				}
				if($user['active'] != 1) {
					$error = array('faultcode' => 'client_login_failed', 'faultstring' => 'The login failed. User is blocked.');
131 132
				}

alexalouit's avatar
alexalouit committed
133 134 135 136 137
				// now we need the client data
				$client = $app->db->queryOneRecord("SELECT client.can_use_api FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $user['default_group']);
				if(!$client || $client['can_use_api'] != 'y') {
					$error = array('faultcode' => 'client_login_failed', 'faultstring' => 'The login failed. Client may not use api.');
				}
138 139 140 141 142 143 144 145

				//* Create a remote user session
				//srand ((double)microtime()*1000000);
				$remote_session = md5(mt_rand().uniqid('ispco'));
				$remote_userid = $remote_user['remote_userid'];
				$remote_functions = $remote_user['remote_functions'];
				$tstamp = time() + $this->session_timeout;
				$sql = 'INSERT INTO remote_session (remote_session,remote_userid,remote_functions,tstamp'
146 147
					.') VALUES (?, ?, ?, ?)';
				$app->db->query($sql, $remote_session,$remote_userid,$remote_functions,$tstamp);
148
			} else {
alexalouit's avatar
alexalouit committed
149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184
				$sql = "SELECT * FROM remote_user WHERE remote_username = ? and remote_password = md5(?)";
				$remote_user = $app->db->queryOneRecord($sql, $username, $password);
				if($remote_user['remote_userid'] > 0) {
					//* Create a remote user session
					//srand ((double)microtime()*1000000);
					$remote_session = md5(mt_rand().uniqid('ispco'));
					$remote_userid = $remote_user['remote_userid'];
					$remote_functions = $remote_user['remote_functions'];
					$tstamp = time() + $this->session_timeout;
					$sql = 'INSERT INTO remote_session (remote_session,remote_userid,remote_functions,tstamp'
						.') VALUES (?, ?, ?, ?)';
					$app->db->query($sql, $remote_session,$remote_userid,$remote_functions,$tstamp);
				} else {
					$error = array('faultcode' => 'login_failed', 'faultstring' => 'The login failed. Username or password wrong.');
				}
			}

		}

			if (! empty($error)) {
				if(! $alreadyfailed['times']) {
					//* user login the first time wrong
					$sql = "INSERT INTO `attempts_login` (`ip`, `times`, `login_time`) VALUES (?, 1, NOW())";
					$app->db->query($sql, $ip);
				} elseif($alreadyfailed['times'] >= 1) {
					//* update times wrong
					$sql = "UPDATE `attempts_login` SET `times`=`times`+1, `login_time`=NOW() WHERE `ip` = ? AND `login_time` < NOW() ORDER BY `login_time` DESC LIMIT 1";
					$app->db->query($sql, $ip);
				}

				$authlog = 'Failed login for user \''. $username .'\' from '. $_SERVER['REMOTE_ADDR'] .' at '. date('Y-m-d H:i:s') . ' (api)';
				$authlog_handle = fopen($conf['ispconfig_log_dir'].'/auth.log', 'a');
				fwrite($authlog_handle, $authlog ."\n");
				fclose($authlog_handle);

				throw new SoapFault($error['faultcode'], $error['faultstring']);
185
				return false;
alexalouit's avatar
alexalouit committed
186 187 188 189 190 191 192 193 194
			} else {
				// User login right, so attempts can be deleted
				$sql = "DELETE FROM `attempts_login` WHERE `ip`=?";
				$app->db->query($sql, $ip);

				$authlog = 'Successful login for user \''. $username .'\' from '. $_SERVER['REMOTE_ADDR'] .' at '. date('Y-m-d H:i:s') . ' (api)';
				$authlog_handle = fopen($conf['ispconfig_log_dir'].'/auth.log', 'a');
				fwrite($authlog_handle, $authlog ."\n");
				fclose($authlog_handle);
195
			}
alexalouit's avatar
alexalouit committed
196 197 198

		if (isset($remote_session)) {
			return $remote_session;
199 200
		}

latham's avatar
latham committed
201
	}
202

latham's avatar
latham committed
203 204
	//* remote logout function
	public function logout($session_id)
205
	{
latham's avatar
latham committed
206
		global $app;
207

latham's avatar
latham committed
208
		if(empty($session_id)) {
209
			throw new SoapFault('session_id_empty', 'The SessionID is empty.');
latham's avatar
latham committed
210 211
			return false;
		}
212

213 214
		$sql = "DELETE FROM remote_session WHERE remote_session = ?";
		if($app->db->query($sql, $session_id) != false) {
215 216 217 218
			return true;
		} else {
			return false;
		}
latham's avatar
latham committed
219
	}
220

221
	//** protected functions -----------------------------------------------------------------------------------
222

223
	protected function klientadd($formdef_file, $reseller_id, $params)
224
	{
latham's avatar
latham committed
225
		global $app;
226

227 228
		//* Load the form definition
		$app->remoting_lib->loadFormDef($formdef_file);
229

230 231
		//* load the user profile of the client
		$app->remoting_lib->loadUserProfile($reseller_id);
232

233
		//* Get the SQL query
234 235
		$sql = $app->remoting_lib->getSQL($params, 'INSERT', 0);

236
		//* Check if no system user with that username exists
237
		$username = $params["username"];
238
		$tmp = $app->db->queryOneRecord("SELECT count(userid) as number FROM sys_user WHERE username = ?", $username);
239
		if($tmp['number'] > 0) $app->remoting_lib->errorMessage .= "Duplicate username<br />";
240

241 242 243
		//* Stop on error while preparing the sql query
		if($app->remoting_lib->errorMessage != '') {
			throw new SoapFault('data_processing_error', $app->remoting_lib->errorMessage);
latham's avatar
latham committed
244 245
			return false;
		}
246

247 248
		//* Execute the SQL query
		$app->db->query($sql);
249 250 251 252
		if($app->db->errorMessage != '') {
			throw new SoapFault('database_error', $app->db->errorMessage . ' '.$sql);
			return false;
		}
253 254 255 256
		if ( isset($params['_primary_id'] ))
			$insert_id = $params['_primary_id'];
		else
			$insert_id = $app->db->insertID();
257 258


259 260 261
		//* Stop on error while executing the sql query
		if($app->remoting_lib->errorMessage != '') {
			throw new SoapFault('data_processing_error', $app->remoting_lib->errorMessage);
262 263
			return false;
		}
264

265 266
		$this->id = $insert_id;
		$this->dataRecord = $params;
267 268 269

		$app->plugin->raiseEvent('client:' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . ':on_after_insert', $this);

270 271 272
		/*
		if($app->db->errorMessage != '') {
			throw new SoapFault('database_error', $app->db->errorMessage . ' '.$sql);
273 274
			return false;
		}
275
		*/
276 277

		/* copied from the client_edit php */
278 279
		$app->uses('functions');
		$app->functions->generate_ssh_key($this->id, $username);
280 281 282



283 284 285 286
		//$app->uses('tform');
		//* Save changes to Datalog
		if($app->remoting_lib->formDef["db_history"] == 'yes') {
			$new_rec = $app->remoting_lib->getDataRecord($insert_id);
287 288
			$app->remoting_lib->datalogSave('INSERT', $primary_id, array(), $new_rec);
			$app->remoting_lib->ispconfig_sysuser_add($params, $insert_id);
289

290
			if($reseller_id) {
291 292
				$client_group = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = ?", $insert_id);
				$reseller_user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = ?", $reseller_id);
293
				$app->auth->add_group_to_user($reseller_user['userid'], $client_group['groupid']);
294
				$app->db->query("UPDATE client SET parent_client_id = ? WHERE client_id = ?", $reseller_id, $insert_id);
295
			}
296

297 298
		}
		return $insert_id;
299 300
	}

301 302 303 304 305 306
	protected function insertQuery($formdef_file, $client_id, $params, $event_identifier = '')
	{
		$sql = $this->insertQueryPrepare($formdef_file, $client_id, $params);
		if($sql !== false) return $this->insertQueryExecute($sql, $params, $event_identifier);
		else return false;
	}
307 308

	protected function insertQueryPrepare($formdef_file, $client_id, $params)
309
	{
310
		global $app;
311

312
		$app->uses('remoting_lib');
313

314 315
		//* load the user profile of the client
		$app->remoting_lib->loadUserProfile($client_id);
316

317 318
		//* Load the form definition
		$app->remoting_lib->loadFormDef($formdef_file);
319

320
		//* Get the SQL query
321
		$sql = $app->remoting_lib->getSQL($params, 'INSERT', 0);
322 323
		if($app->remoting_lib->errorMessage != '') {
			throw new SoapFault('data_processing_error', $app->remoting_lib->errorMessage);
324 325
			return false;
		}
326
		$app->log('Executed insertQueryPrepare', LOGLEVEL_DEBUG);
327
		return $sql;
328
	}
329 330 331

	protected function insertQueryExecute($sql, $params, $event_identifier = '')
	{
332
		global $app;
333

334
		$app->uses('remoting_lib');
335

336
		$app->db->query($sql);
337

338 339
		if($app->db->errorMessage != '') {
			throw new SoapFault('database_error', $app->db->errorMessage . ' '.$sql);
340 341
			return false;
		}
342

343 344 345 346
		if ( isset($params['_primary_id'] ))
			$insert_id = $params['_primary_id'];
		else
			$insert_id = $app->db->insertID();
347

348 349 350 351
		// set a few values for compatibility with tform actions, mostly used by plugins
		$this->id = $insert_id;
		$this->dataRecord = $params;
		$app->log('Executed insertQueryExecute, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
352 353
		if($event_identifier != '') $app->plugin->raiseEvent($event_identifier, $this);

354 355 356 357
		//$app->uses('tform');
		//* Save changes to Datalog
		if($app->remoting_lib->formDef["db_history"] == 'yes') {
			$new_rec = $app->remoting_lib->getDataRecord($insert_id);
358 359
			$app->remoting_lib->datalogSave('INSERT', $primary_id, array(), $new_rec);
		}
360
		return $insert_id;
361
	}
362

363
	protected function updateQuery($formdef_file, $client_id, $primary_id, $params, $event_identifier = '')
364
	{
latham's avatar
latham committed
365
		global $app;
366

367
		$sql = $this->updateQueryPrepare($formdef_file, $client_id, $primary_id, $params);
368 369
		if($sql !== false) return $this->updateQueryExecute($sql, $primary_id, $params, $event_identifier);
		else return false;
latham's avatar
latham committed
370
	}
371

372
	protected function updateQueryPrepare($formdef_file, $client_id, $primary_id, $params)
373
	{
374
		global $app;
375

376
		$app->uses('remoting_lib');
377

378 379
		//* load the user profile of the client
		$app->remoting_lib->loadUserProfile($client_id);
380

381 382
		//* Load the form definition
		$app->remoting_lib->loadFormDef($formdef_file);
383 384 385
		
		//* get old record and merge with params, so only new values have to be set in $params
		$old_rec = $app->remoting_lib->getDataRecord($primary_id);
386 387 388 389 390 391 392 393
		
		foreach ($app->remoting_lib->formDef['fields'] as $fieldName => $fieldConf)
        {
            if ($fieldConf['formtype'] === 'PASSWORD' && empty($params[$fieldName])) {
                unset($old_rec[$fieldName]);
            }
        }
		
394
		$params = $app->functions->array_merge($old_rec,$params);
395

396
		//* Get the SQL query
397
		$sql = $app->remoting_lib->getSQL($params, 'UPDATE', $primary_id);
Marius Cramer's avatar
Marius Cramer committed
398
		
399 400 401
		// throw new SoapFault('debug', $sql);
		if($app->remoting_lib->errorMessage != '') {
			throw new SoapFault('data_processing_error', $app->remoting_lib->errorMessage);
402 403
			return false;
		}
404 405

		return $sql;
406
	}
latham's avatar
latham committed
407

408
	protected function updateQueryExecute($sql, $primary_id, $params, $event_identifier = '')
409
	{
410
		global $app;
411

412
		$app->uses('remoting_lib');
413

414
		$old_rec = $app->remoting_lib->getDataRecord($primary_id);
415

416 417 418 419
		// set a few values for compatibility with tform actions, mostly used by plugins
		$this->oldDataRecord = $old_rec;
		$this->id = $primary_id;
		$this->dataRecord = $params;
420

421
		$app->db->query($sql);
422

423 424
		if($app->db->errorMessage != '') {
			throw new SoapFault('database_error', $app->db->errorMessage . ' '.$sql);
425 426
			return false;
		}
427

428 429
		$affected_rows = $app->db->affectedRows();
		$app->log('Executed updateQueryExecute, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
430 431 432

		if($event_identifier != '') $app->plugin->raiseEvent($event_identifier, $this);

433 434 435
		//* Save changes to Datalog
		if($app->remoting_lib->formDef["db_history"] == 'yes') {
			$new_rec = $app->remoting_lib->getDataRecord($primary_id);
436
			$app->remoting_lib->datalogSave('UPDATE', $primary_id, $old_rec, $new_rec);
latham's avatar
latham committed
437
		}
438

latham's avatar
latham committed
439 440 441
		return $affected_rows;
	}

442
	protected function deleteQuery($formdef_file, $primary_id, $event_identifier = '')
443
	{
latham's avatar
latham committed
444
		global $app;
445

latham's avatar
latham committed
446
		$app->uses('remoting_lib');
447

448 449
		//* load the user profile of the client
		$app->remoting_lib->loadUserProfile(0);
450

451 452
		//* Load the form definition
		$app->remoting_lib->loadFormDef($formdef_file);
453

454
		$old_rec = $app->remoting_lib->getDataRecord($primary_id);
455

456 457 458 459 460 461
		// set a few values for compatibility with tform actions, mostly used by plugins
		$this->oldDataRecord = $old_rec;
		$this->id = $primary_id;
		$this->dataRecord = $old_rec;
		$app->log('Executed deleteQuery, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
		//$this->dataRecord = $params;
462

463 464 465 466 467
		//* Get the SQL query
		$sql = $app->remoting_lib->getDeleteSQL($primary_id);
		$app->db->errorMessage = '';
		$app->db->query($sql);
		$affected_rows = $app->db->affectedRows();
468

469 470
		if($app->db->errorMessage != '') {
			throw new SoapFault('database_error', $app->db->errorMessage . ' '.$sql);
latham's avatar
latham committed
471 472
			return false;
		}
473

474
		if($event_identifier != '') {
475
			$app->plugin->raiseEvent($event_identifier, $this);
latham's avatar
latham committed
476
		}
477

478 479
		//* Save changes to Datalog
		if($app->remoting_lib->formDef["db_history"] == 'yes') {
480
			$app->remoting_lib->datalogSave('DELETE', $primary_id, $old_rec, array());
latham's avatar
latham committed
481
		}
482 483


484
		return $affected_rows;
latham's avatar
latham committed
485
	}
486 487


488
	protected function checkPerm($session_id, $function_name)
489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507
	{
		global $app;
		$dobre=array();
		$session = $this->getSession($session_id);
		if(!$session){
			return false;
		}

		$_SESSION['client_login'] = $session['client_login'];
		if($session['client_login'] == 1) {
			// permissions are checked at an other place
			$_SESSION['client_sys_userid'] = $session['remote_userid'];
			$app->remoting_lib->loadUserProfile(); // load the profile - we ALWAYS need this on client logins!
			return true;
		} else {
			$_SESSION['client_sys_userid'] = 0;
		}

		$dobre= str_replace(';', ',', $session['remote_functions']);
508 509
		$check = in_array($function_name, explode(',', $dobre) );
		if(!$check) {
510
			$app->log("REMOTE-LIB DENY: ".$session_id ." /". $function_name, LOGLEVEL_WARN);
latham's avatar
latham committed
511
		}
512
		return $check;
latham's avatar
latham committed
513
	}
514 515


516
	protected function getSession($session_id)
517
	{
latham's avatar
latham committed
518
		global $app;
519

520
		if(empty($session_id)) {
521
			throw new SoapFault('session_id_empty', 'The SessionID is empty.');
latham's avatar
latham committed
522 523
			return false;
		}
524

525
		$sql = "SELECT * FROM remote_session WHERE remote_session = ? AND tstamp >= UNIX_TIMESTAMP()";
526
		$session = $app->db->queryOneRecord($sql, $session_id);
527 528
		if($session['remote_userid'] > 0) {
			return $session;
latham's avatar
latham committed
529
		} else {
530
			throw new SoapFault('session_does_not_exist', 'The Session is expired or does not exist.');
latham's avatar
latham committed
531 532 533
			return false;
		}
	}
534

535
	public function server_get($session_id, $server_id = null, $section ='') {
536 537
		global $app;
		if(!$this->checkPerm($session_id, 'server_get')) {
538
			throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557
			return false;
		}
		if (!empty($session_id)) {
			if(!empty($server_id)) {
				$app->uses('remoting_lib , getconf');
				$section_config =  $app->getconf->get_server_config($server_id, $section);
				return $section_config;
			} else {
				$servers = array();
				$sql = "SELECT server_id FROM server WHERE 1";
				$all = $app->db->queryAllRecords($sql);
				foreach($all as $s) {
					$servers[$s['server_id']] = $app->getconf->get_server_config($s['server_id'], $section);
				}
				unset($all);
				unset($s);
				return $servers;
			}
		} else {
558 559
			return false;
		}
560 561 562 563 564 565 566 567 568 569 570 571
	}
	
	/**
	    Gets a list of all servers
	    @param int session_id
	    @param int server_name
	    @author Marius Cramer <m.cramer@pixcept.de> 2014
    */
	public function server_get_all($session_id)
    {
        global $app;
		if(!$this->checkPerm($session_id, 'server_get')) {
572
        	throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
573 574 575 576 577 578
            return false;
		}
		if (!empty($session_id)) {
			$sql = "SELECT server_id, server_name FROM server WHERE 1";
			$servers = $app->db->queryAllRecords($sql);
			return $servers;
579 580 581 582 583
		} else {
			return false;
		}
	}

584
	/**
585 586 587 588 589 590 591 592 593 594
	 * Get a list of functions
	 * @param  int  session id
	 * @return mixed array of the available functions
	 * @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
	 */


	public function get_function_list($session_id)
	{
		if(!$this->checkPerm($session_id, 'get_function_list')) {
595
			throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
596
			return false;
597 598 599 600
		}
		return $this->_methods;
	}

latham's avatar
latham committed
601
}
602

alexalouit's avatar
alexalouit committed
603
?>