Commit 5190fe61 authored by vogelor's avatar vogelor

The names of the database, the database-user, the shell-user and the ftp-user can now be restricted

parent e265dcb4
......@@ -150,10 +150,14 @@ class page_action extends tform_actions {
}
/*
* If the names are restricted -> remove the client, so that the
* If the names are restricted -> remove the restriction, so that the
* data can be edited
*/
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_dbname'])) $restriction = $interfaceConf['restrict_dbname'];
$tmpRestriction = $restriction;
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
......@@ -168,18 +172,19 @@ class page_action extends tform_actions {
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
if ($this->dataRecord['database_name'] != ""){
/* REMOVE the restriction */
$app->tpl->setVar("database_name", str_replace($clientName . '_' , '', $this->dataRecord['database_name']));
$app->tpl->setVar("database_user", str_replace($clientName . '_' , '', $this->dataRecord['database_user']));
$app->tpl->setVar("database_name", str_replace($restriction , '', $this->dataRecord['database_name']));
$app->tpl->setVar("database_user", str_replace($restriction , '', $this->dataRecord['database_user']));
}
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$app->tpl->setVar("database_name_prefix", '{client}_');
$app->tpl->setVar("database_user_prefix", '{client}_');
$app->tpl->setVar("database_name_prefix", $tmpRestriction);
$app->tpl->setVar("database_user_prefix", $tmpRestriction);
}
else {
$app->tpl->setVar("database_name_prefix", $clientName . '_');
$app->tpl->setVar("database_user_prefix", $clientName . '_');
$app->tpl->setVar("database_name_prefix", $restriction);
$app->tpl->setVar("database_user_prefix", $restriction);
}
}
......@@ -231,6 +236,10 @@ class page_action extends tform_actions {
* If the names should be restricted -> do it!
*/
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_dbname'])) $restriction = $interfaceConf['restrict_dbname'];
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
......@@ -245,17 +254,17 @@ class page_action extends tform_actions {
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$nameSuffix = $clientName . '_';
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
}
else {
$nameSuffix = '';
$restriction = '';
}
$error = false;
//* Prevent that the database name and charset is changed
$old_record = $app->tform->getDataRecord($this->id);
if($old_record["database_name"] != $nameSuffix . $this->dataRecord["database_name"]) {
if($old_record["database_name"] != $restriction . $this->dataRecord["database_name"]) {
$app->tform->errorMessage .= $app->tform->wordbook["database_name_change_txt"].'<br />';
$error = true;
}
......@@ -278,8 +287,8 @@ class page_action extends tform_actions {
if ($error == false){
/* restrict the names if there is no error */
$this->dataRecord['database_name'] = $nameSuffix . $this->dataRecord['database_name'];
$this->dataRecord['database_user'] = $nameSuffix . $this->dataRecord['database_user'];
$this->dataRecord['database_name'] = $restriction . $this->dataRecord['database_name'];
$this->dataRecord['database_user'] = $restriction . $this->dataRecord['database_user'];
}
parent::onBeforeUpdate();
......@@ -287,12 +296,15 @@ class page_action extends tform_actions {
function onBeforeInsert() {
global $app, $conf, $interfaceConf;
global $interfaceConf;
/*
* If the names should be restricted -> do it!
*/
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_dbname'])) $restriction = $interfaceConf['restrict_dbname'];
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
......@@ -307,9 +319,11 @@ class page_action extends tform_actions {
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
/* restrict the names */
$this->dataRecord['database_name'] = $clientName . '_' . $this->dataRecord['database_name'];
$this->dataRecord['database_user'] = $clientName . '_' . $this->dataRecord['database_user'];
$this->dataRecord['database_name'] = $restriction . $this->dataRecord['database_name'];
$this->dataRecord['database_user'] = $restriction . $this->dataRecord['database_user'];
}
parent::onBeforeInsert();
}
......
......@@ -40,6 +40,7 @@ $tform_def_file = "form/ftp_user.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
require_once('tools.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('sites');
......@@ -71,6 +72,49 @@ class page_action extends tform_actions {
parent::onShowNew();
}
function onShowEnd() {
global $app, $conf, $interfaceConf;
/*
* If the names are restricted -> remove the restriction, so that the
* data can be edited
*/
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_ftpuser'])) $restriction = $interfaceConf['restrict_ftpuser'];
$tmplRestriction = $restriction;
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
$client_group_id = $_SESSION["s"]["user"]["default_group"];
}
else {
// Get the group-id from the data itself
$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
$client_group_id = $web['sys_groupid'];
}
/* get the name of the client */
$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
if ($this->dataRecord['username'] != ""){
/* REMOVE the restriction */
$app->tpl->setVar("username", str_replace($restriction , '', $this->dataRecord['username']));
$app->tpl->setVar("username", str_replace($restriction , '', $this->dataRecord['username']));
}
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$app->tpl->setVar("username_prefix", $tmplRestriction);
}
else {
$app->tpl->setVar("username_prefix", $restriction);
}
}
parent::onShowEnd();
}
function onSubmit() {
global $app, $conf;
......@@ -84,7 +128,45 @@ class page_action extends tform_actions {
parent::onSubmit();
}
function onAfterInsert() {
function onBeforeInsert() {
global $app, $conf, $interfaceConf;
$error = false;
/*
* If the names should be restricted -> do it!
*/
if ($error == false){
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_ftpuser'])) $restriction = $interfaceConf['restrict_ftpuser'];
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
$client_group_id = $_SESSION["s"]["user"]["default_group"];
}
else {
// Get the group-id from the data itself
$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
$client_group_id = $web['sys_groupid'];
}
/* get the name of the client */
$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
/* restrict the names */
$this->dataRecord['username'] = $restriction . $this->dataRecord['username'];
}
}
parent::onBeforeInsert();
}
function onAfterInsert() {
global $app, $conf;
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
......@@ -101,6 +183,45 @@ class page_action extends tform_actions {
}
function onBeforeUpdate() {
global $app, $conf, $interfaceConf;
$error = false;
/*
* If the names should be restricted -> do it!
*/
if ($error == false){
/*
* If the names should be restricted -> do it!
*/
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_dbname'])) $restriction = $interfaceConf['restrict_dbname'];
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
$client_group_id = $_SESSION["s"]["user"]["default_group"];
}
else {
// Get the group-id from the data itself
$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
$client_group_id = $web['sys_groupid'];
}
/* get the name of the client */
$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
/* restrict the names */
$this->dataRecord['username'] = $restriction . $this->dataRecord['username'];
}
}
}
function onAfterUpdate() {
global $app, $conf;
......
......@@ -40,6 +40,7 @@ $tform_def_file = "form/shell_user.tform.php";
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
require_once('tools.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('sites');
......@@ -71,6 +72,49 @@ class page_action extends tform_actions {
parent::onShowNew();
}
function onShowEnd() {
global $app, $conf, $interfaceConf;
/*
* If the names are restricted -> remove the restriction, so that the
* data can be edited
*/
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_shelluser'])) $restriction = $interfaceConf['restrict_shelluser'];
$tmplRestriction = $restriction;
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
$client_group_id = $_SESSION["s"]["user"]["default_group"];
}
else {
// Get the group-id from the data itself
$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
$client_group_id = $web['sys_groupid'];
}
/* get the name of the client */
$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
if ($this->dataRecord['username'] != ""){
/* REMOVE the restriction */
$app->tpl->setVar("username", str_replace($restriction , '', $this->dataRecord['username']));
$app->tpl->setVar("username", str_replace($restriction , '', $this->dataRecord['username']));
}
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$app->tpl->setVar("username_prefix", $tmplRestriction);
}
else {
$app->tpl->setVar("username_prefix", $restriction);
}
}
parent::onShowEnd();
}
function onSubmit() {
global $app, $conf;
......@@ -85,14 +129,50 @@ class page_action extends tform_actions {
}
function onBeforeInsert() {
global $app, $conf;
global $app, $conf, $interfaceConf;
$error = false;
// check if the username is not blacklisted
$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
foreach($blacklist as $line) {
if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){
$app->tform->errorMessage .= 'The username is not allowed.';
$error = true;
}
}
unset($blacklist);
/*
* If the names should be restricted -> do it!
*/
if ($error == false){
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_shelluser'])) $restriction = $interfaceConf['restrict_shelluser'];
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
$client_group_id = $_SESSION["s"]["user"]["default_group"];
}
else {
// Get the group-id from the data itself
$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
$client_group_id = $web['sys_groupid'];
}
/* get the name of the client */
$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
/* restrict the names */
$this->dataRecord['username'] = $restriction . $this->dataRecord['username'];
}
}
parent::onBeforeInsert();
}
function onAfterInsert() {
......@@ -113,14 +193,51 @@ class page_action extends tform_actions {
}
function onBeforeUpdate() {
global $app, $conf;
global $app, $conf, $interfaceConf;
$error = false;
// check if the username is not blacklisted
$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
foreach($blacklist as $line) {
if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){
$app->tform->errorMessage .= 'The username is not allowed.';
$error = true;
}
}
unset($blacklist);
/*
* If the names should be restricted -> do it!
*/
if ($error == false){
/*
* If the names should be restricted -> do it!
*/
if ($interfaceConf['restrict_names'] == true){
/* get the restriction */
$restriction = '[CLIENTNAME]_';
if (isset($interfaceConf['restrict_dbname'])) $restriction = $interfaceConf['restrict_dbname'];
/* Get the group-id */
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the group-id of the user
$client_group_id = $_SESSION["s"]["user"]["default_group"];
}
else {
// Get the group-id from the data itself
$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
$client_group_id = $web['sys_groupid'];
}
/* get the name of the client */
$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = convertClientName($clientName);
$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
/* restrict the names */
$this->dataRecord['username'] = $restriction . $this->dataRecord['username'];
}
}
}
function onAfterUpdate() {
......
......@@ -10,6 +10,7 @@
</span>
<span class="wf_oneField">
<label for="username" class="wf_preField">{tmpl_var name='username_txt'}</label>
{tmpl_var name='username_prefix'}
<input type="text" id="username" name="username" value="{tmpl_var name='username'}" size="30" maxlength="255">
</span>
<span class="wf_oneField">
......
......@@ -10,6 +10,7 @@
</span>
<span class="wf_oneField">
<label for="username" class="wf_preField">{tmpl_var name='username_txt'}</label>
{tmpl_var name='username_prefix'}
<input type="text" id="username" name="username" value="{tmpl_var name='username'}" size="30" maxlength="255">
</span>
<span class="wf_oneField">
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment