Commit 4e18bd42 authored by mcramer's avatar mcramer
Browse files

Fixed: FS#2421 - Domain module does not check for valid selection

Implemented:  FS#2422 - Use domain module when creating subdomains 
Bugfix: datalog was used in the wrong way on editing aliasdomains
Bugfix: missing datalog update for parent domain on editing subdomains
parent 864ba9a5
......@@ -134,7 +134,7 @@ class page_action extends tform_actions {
$app->db->query($sql);
$sql = "REPLACE INTO domain (sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, domain ) " .
"SELECT sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, domain " .
"FROM web_domain";
"FROM web_domain WHERE type NOT IN ('subdomain','vhostsubdomain')";
$app->db->query($sql);
}
......
......@@ -39,7 +39,7 @@ $app->auth->check_module_permissions('client');
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
echo $settings[new_domain_html];
echo $settings['new_domain_html'];
}
?>
......@@ -126,7 +126,7 @@ class page_action extends tform_actions {
/*
* The admin can select ALL domains, the user only the domains assigned to him
*/
$sql = "SELECT domain FROM domain ";
$sql = "SELECT domain_id, domain FROM domain ";
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "WHERE sys_groupid =" . $client_group_id;
}
......@@ -136,7 +136,7 @@ class page_action extends tform_actions {
if(is_array($domains) && sizeof($domains) > 0) {
/* We have domains in the list, so create the drop-down-list */
foreach( $domains as $domain) {
$domain_select .= "<option value=" . $domain['domain'] ;
$domain_select .= "<option value=" . $domain['domain_id'] ;
if ($domain['domain'] == $this->dataRecord["domain"]) {
$domain_select .= " selected";
}
......@@ -184,7 +184,27 @@ class page_action extends tform_actions {
function onSubmit() {
global $app, $conf;
if($_SESSION["s"]["user"]["typ"] != 'admin') {
/* check if the domain module is used - and check if the selected domain can be used! */
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
$sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "AND sys_groupid =" . $client_group_id;
}
$domain_check = $app->db->queryOneRecord($sql);
if(!$domain_check) {
// invalid domain selected
$app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
} else {
$this->dataRecord['domain'] = $domain_check['domain'];
}
}
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
......
......@@ -5,14 +5,29 @@
<div class="pnl_formsarea">
<fieldset class="inlineLabels">
<tmpl_if name="domain_option">
<div class="ctrlHolder">
<label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
<select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
</div>
</tmpl_if>
<div class="ctrlHolder">
<label for="domain">{tmpl_var name='host_txt'}</label>
<input name="domain" id="domain" value="{tmpl_var name='domain'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
</div>
<tmpl_if name="domain_option">
<div class="ctrlHolder">
<label for="sel_domain">{tmpl_var name='domain_txt'}</label>
<select name="sel_domain" id="sel_domain" class="selectInput">
{tmpl_var name='domain_option'}
</select>
</div>
<tmpl_else>
<div class="ctrlHolder">
<label for="parent_domain_id">{tmpl_var name='domain_txt'}</label>
<select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
</div>
</tmpl_if>
<div class="ctrlHolder">
<label for="redirect_type">{tmpl_var name='redirect_type_txt'}</label>
<select name="redirect_type" id="redirect_type" class="selectInput formLengthHalf">
......
......@@ -6,14 +6,29 @@
<div class="pnl_formsarea">
<fieldset class="inlineLabels">
<input type="hidden" name="server_id" id="server_id" value="{tmpl_var name='server_id_value'}" />
<tmpl_if name="domain_option">
<div class="ctrlHolder">
<label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
<select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
</div>
</tmpl_if>
<div class="ctrlHolder">
<label for="domain">{tmpl_var name='host_txt'}</label>
<input name="domain" id="domain" value="{tmpl_var name='domain'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
</div>
<tmpl_if name="domain_option">
<div class="ctrlHolder">
<label for="sel_domain">{tmpl_var name='domain_txt'}</label>
<select name="sel_domain" id="sel_domain" class="selectInput">
{tmpl_var name='domain_option'}
</select>
</div>
<tmpl_else>
<div class="ctrlHolder">
<label for="parent_domain_id">{tmpl_var name='domain_txt'}</label>
<select id="parent_domain_id" name="parent_domain_id" class="selectInput formLengthHalf">{tmpl_var name='parent_domain_id'}</select>
</div>
</tmpl_if>
<div class="ctrlHolder">
<label for="web_folder">{tmpl_var name='web_folder_txt'}</label>
<input name="web_folder" id="web_folder" value="{tmpl_var name='web_folder'}" size="30" maxlength="100" type="text" class="textInput formLengthHalf"<tmpl_if name='fixed_folder' op='==' value='y'> readonly="readonly"</tmpl_if> />
......
......@@ -85,7 +85,7 @@ class page_action extends tform_actions {
/*
* The admin can select ALL domains, the user only the domains assigned to him
*/
$sql = "SELECT domain FROM domain ";
$sql = "SELECT domain_id, domain FROM domain ";
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "WHERE sys_groupid =" . $client_group_id;
}
......@@ -95,7 +95,7 @@ class page_action extends tform_actions {
if(is_array($domains) && sizeof($domains) > 0) {
/* We have domains in the list, so create the drop-down-list */
foreach( $domains as $domain) {
$domain_select .= "<option value=" . $domain['domain'] ;
$domain_select .= "<option value=" . $domain['domain_id'] ;
if ($domain['domain'] == $this->dataRecord["domain"]) {
$domain_select .= " selected";
}
......@@ -120,6 +120,25 @@ class page_action extends tform_actions {
function onSubmit() {
global $app, $conf;
/* check if the domain module is used - and check if the selected domain can be used! */
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
$sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "AND sys_groupid =" . $client_group_id;
}
$domain_check = $app->db->queryOneRecord($sql);
if(!$domain_check) {
// invalid domain selected
$app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
} else {
$this->dataRecord['domain'] = $domain_check['domain'];
}
}
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
......@@ -155,15 +174,7 @@ class page_action extends tform_actions {
//* Update the old website, so that the vhost alias gets removed
//* We force the update by inserting a transaction record without changes manually.
$old_website = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$this->oldDataRecord['domain_id']);
$diffrec_full = array();
$diffrec_full['old'] = $old_website;
$diffrec_full['new'] = $old_website;
$diffstr = $app->db->quote(serialize($diffrec_full));
$username = $app->db->quote($_SESSION['s']['user']['username']);
$dbidx = 'domsin_id:'.$this->id;
$server_id = $this->oldDataRecord['server_id'];
$sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('web_domain','$dbidx','$server_id','u','".time()."','$username','$diffstr')";
$app->db->query($sql);
$app->db->datalogSave('web_domain', 'UPDATE', 'domain_id', $this->oldDataRecord['parent_domain_id'], $old_website, $old_website, true);
}
}
......
......@@ -418,7 +418,7 @@ class page_action extends tform_actions {
/*
* The admin can select ALL domains, the user only the domains assigned to him
*/
$sql = "SELECT domain FROM domain ";
$sql = "SELECT domain_id, domain FROM domain ";
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "WHERE sys_groupid =" . $client_group_id;
}
......@@ -428,7 +428,7 @@ class page_action extends tform_actions {
if(is_array($domains) && sizeof($domains) > 0) {
/* We have domains in the list, so create the drop-down-list */
foreach( $domains as $domain) {
$domain_select .= "<option value=" . $domain['domain'] ;
$domain_select .= "<option value=" . $domain['domain_id'] ;
if ($domain['domain'] == $this->dataRecord["domain"]) {
$domain_select .= " selected";
}
......@@ -458,6 +458,25 @@ class page_action extends tform_actions {
function onSubmit() {
global $app, $conf;
/* check if the domain module is used - and check if the selected domain can be used! */
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
$sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['domain']);
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "AND sys_groupid =" . $client_group_id;
}
$domain_check = $app->db->queryOneRecord($sql);
if(!$domain_check) {
// invalid domain selected
$app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
} else {
$this->dataRecord['domain'] = $domain_check['domain'];
}
}
// Set a few fixed values
$this->dataRecord["parent_domain_id"] = 0;
$this->dataRecord["type"] = 'vhost';
......
......@@ -71,12 +71,54 @@ class page_action extends tform_actions {
function onShowEnd() {
global $app, $conf;
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
// remove the parent domain part of the domain name before we show it in the text field.
$this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
$app->tpl->setVar("domain",$this->dataRecord["domain"]);
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
/*
* The domain-module is in use.
*/
$client_group_id = $_SESSION["s"]["user"]["default_group"];
/*
* The admin can select ALL domains, the user only the domains assigned to him
*/
$sql = "SELECT domain_id, domain FROM domain ";
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "WHERE sys_groupid =" . $client_group_id;
}
$sql .= " ORDER BY domain";
$domains = $app->db->queryAllRecords($sql);
$domain_select = '';
$selected_domain = '';
if(is_array($domains) && sizeof($domains) > 0) {
/* We have domains in the list, so create the drop-down-list */
foreach( $domains as $domain) {
$domain_select .= "<option value=" . $domain['domain_id'] ;
if ('.' . $domain['domain'] == substr($this->dataRecord["domain"], -strlen($domain['domain']) - 1)) {
$domain_select .= " selected";
$selected_domain = $domain['domain'];
}
$domain_select .= ">" . $domain['domain'] . "</option>\r\n";
}
}
else {
/*
* We have no domains in the domain-list. This means, we can not add ANY new domain.
* To avoid, that the variable "domain_option" is empty and so the user can
* free enter a domain, we have to create a empty option!
*/
$domain_select .= "<option value=''></option>\r\n";
}
$app->tpl->setVar("domain_option",$domain_select);
$this->dataRecord['domain'] = substr($this->dataRecord["domain"], 0, strlen($this->dataRecord['domain']) - strlen($selected_domain) - 1);
} else {
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
// remove the parent domain part of the domain name before we show it in the text field.
$this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
}
$app->tpl->setVar("domain",$this->dataRecord["domain"]);
parent::onShowEnd();
......@@ -85,17 +127,30 @@ class page_action extends tform_actions {
function onSubmit() {
global $app, $conf;
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
// Get the record of the parent domain
$parent_domain = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
// get the record of the domain module domain
$domain = $app->db->queryOneRecord("SELECT * FROM domain WHERE domain_id = ".intval($this->dataRecord["sel_domain"]));
if(!$domain) {
$app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
} else {
$this->dataRecord['domain'] = $this->dataRecord['domain'] . '.' . $domain['domain'];
}
} else {
$this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
}
// Set a few fixed values
$this->dataRecord["type"] = 'subdomain';
$this->dataRecord["server_id"] = $parent_domain["server_id"];
$this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
$this->parent_domain_record = $parent_domain;
//* make sure that the email domain is lowercase
//* make sure that the domain is lowercase
if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
parent::onSubmit();
......@@ -108,6 +163,22 @@ class page_action extends tform_actions {
}
function onAfterUpdate() {
global $app, $conf;
//* Check if parent domain has been changed
if($this->dataRecord['parent_domain_id'] != $this->oldDataRecord['parent_domain_id']) {
//* Update the domain owner
$app->db->query('UPDATE web_domain SET sys_groupid = '.intval($this->parent_domain_record['sys_groupid']).' WHERE domain_id = '.$this->id);
//* Update the old website, so that the vhost alias gets removed
//* We force the update by inserting a transaction record without changes manually.
$old_website = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$this->oldDataRecord['domain_id']);
$app->db->datalogSave('web_domain', 'UPDATE', 'domain_id', $this->oldDataRecord['parent_domain_id'], $old_website, $old_website, true);
}
}
}
......
......@@ -225,9 +225,52 @@ class page_action extends tform_actions {
$tmp_txt = ($this->dataRecord['traffic_quota_lock'] == 'y')?'<b>('.$app->tform->lng('traffic_quota_exceeded_txt').')</b>':'';
$app->tpl->setVar("traffic_quota_exceeded_txt", $tmp_txt);
// remove the parent domain part of the domain name before we show it in the text field.
$this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
$app->tpl->setVar("domain",$this->dataRecord["domain"]);
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
/*
* The domain-module is in use.
*/
$client_group_id = $_SESSION["s"]["user"]["default_group"];
/*
* The admin can select ALL domains, the user only the domains assigned to him
*/
$sql = "SELECT domain_id, domain FROM domain ";
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "WHERE sys_groupid =" . $client_group_id;
}
$sql .= " ORDER BY domain";
$domains = $app->db->queryAllRecords($sql);
$domain_select = '';
$selected_domain = '';
if(is_array($domains) && sizeof($domains) > 0) {
/* We have domains in the list, so create the drop-down-list */
foreach( $domains as $domain) {
$domain_select .= "<option value=" . $domain['domain_id'] ;
if ('.' . $domain['domain'] == substr($this->dataRecord["domain"], -strlen($domain['domain']) - 1)) {
$domain_select .= " selected";
$selected_domain = $domain['domain'];
}
$domain_select .= ">" . $domain['domain'] . "</option>\r\n";
}
}
else {
/*
* We have no domains in the domain-list. This means, we can not add ANY new domain.
* To avoid, that the variable "domain_option" is empty and so the user can
* free enter a domain, we have to create a empty option!
*/
$domain_select .= "<option value=''></option>\r\n";
}
$app->tpl->setVar("domain_option",$domain_select);
$this->dataRecord['domain'] = substr($this->dataRecord["domain"], 0, strlen($this->dataRecord['domain']) - strlen($selected_domain) - 1);
} else {
// remove the parent domain part of the domain name before we show it in the text field.
$this->dataRecord["domain"] = str_replace('.'.$parent_domain["domain"],'',$this->dataRecord["domain"]);
}
$app->tpl->setVar("domain",$this->dataRecord["domain"]);
parent::onShowEnd();
}
......@@ -252,6 +295,29 @@ class page_action extends tform_actions {
$read_limits = array('limit_cgi', 'limit_ssi', 'limit_perl', 'limit_ruby', 'limit_python', 'force_suexec', 'limit_hterror', 'limit_wildcard', 'limit_ssl');
if($app->tform->getCurrentTab() == 'domain') {
/* check if the domain module is used - and check if the selected domain can be used! */
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
$sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . intval($this->dataRecord['sel_domain']);
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql .= "AND sys_groupid =" . $client_group_id;
}
$domain_check = $app->db->queryOneRecord($sql);
if(!$domain_check) {
// invalid domain selected
$app->tform->errorMessage .= $app->tform->lng("domain_error_empty")."<br />";
} else {
$this->dataRecord['domain'] = $this->dataRecord['domain'] . '.' . $domain_check['domain'];
}
} else {
$this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
}
$this->dataRecord['web_folder'] = strtolower($this->dataRecord['web_folder']);
$forbidden_folders = array('', 'cgi-bin', 'web', 'log', 'private', 'ssl', 'tmp', 'webdav');
if(in_array($this->dataRecord['web_folder'], $forbidden_folders)) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment