Commit 7ae982fd authored by Marius Burkard's avatar Marius Burkard
Browse files

- invalid function calls in API

parent 263c1d9e
......@@ -52,7 +52,7 @@ class remoting_admin extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'admin_record_permissions')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -62,7 +62,7 @@ class remoting_admin extends remoting {
// check if userid is valid
$check = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE userid = ?', $app->functions->intval($value));
if(!$check || !$check['userid']) {
$this->server->fault('invalid parameters', $value . ' is no valid sys_userid.');
throw new SoapFault('invalid parameters', $value . ' is no valid sys_userid.');
return false;
}
$permissions[$key] = $app->functions->intval($value);
......@@ -71,7 +71,7 @@ class remoting_admin extends remoting {
// check if groupid is valid
$check = $app->db->queryOneRecord('SELECT groupid FROM sys_group WHERE groupid = ?', $app->functions->intval($value));
if(!$check || !$check['groupid']) {
$this->server->fault('invalid parameters', $value . ' is no valid sys_groupid.');
throw new SoapFault('invalid parameters', $value . ' is no valid sys_groupid.');
return false;
}
$permissions[$key] = $app->functions->intval($value);
......@@ -81,7 +81,7 @@ class remoting_admin extends remoting {
// check if permissions are valid
$value = strtolower($value);
if(!preg_match('/^[riud]+$/', $value)) {
$this->server->fault('invalid parameters', $value . ' is no valid permission string.');
throw new SoapFault('invalid parameters', $value . ' is no valid permission string.');
return false;
}
......@@ -95,7 +95,7 @@ class remoting_admin extends remoting {
break;
default:
$this->server->fault('invalid parameters', 'Only sys_userid, sys_groupid, sys_perm_user and sys_perm_group parameters can be changed with this function.');
throw new SoapFault('invalid parameters', 'Only sys_userid, sys_groupid, sys_perm_user and sys_perm_group parameters can be changed with this function.');
break;
}
}
......
......@@ -40,7 +40,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_update_package_list')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -60,7 +60,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_available_packages_list')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -82,7 +82,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_get_package_details')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -98,14 +98,14 @@ class remoting_aps extends remoting {
// Make sure an integer ID is given
if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
$this->server->fault('package_error', 'The given Package ID is not valid.');
throw new SoapFault('package_error', 'The given Package ID is not valid.');
return false;
}
// Get package details
$details = $gui->getPackageDetails($primary_id);
if (isset($details['error'])) {
$this->server->fault('package_error', $details['error']);
throw new SoapFault('package_error', $details['error']);
return false;
}
......@@ -121,7 +121,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_get_package_file')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -137,14 +137,14 @@ class remoting_aps extends remoting {
// Make sure an integer ID is given
if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
$this->server->fault('package_error', 'The given Package ID is not valid.');
throw new SoapFault('package_error', 'The given Package ID is not valid.');
return false;
}
// Get package details
$details = $gui->getPackageDetails($primary_id);
if (isset($details['error'])) {
$this->server->fault('package_error', $details['error']);
throw new SoapFault('package_error', $details['error']);
return false;
}
......@@ -155,7 +155,7 @@ class remoting_aps extends remoting {
foreach ($details['Screenshots'] as $screen) { if (basename($screen['ScreenPath']) == $filename) { $found = true; break; } }
if (!$found) {
$this->server->fault('package_error', 'File not found in package.');
throw new SoapFault('package_error', 'File not found in package.');
return false;
}
......@@ -167,7 +167,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_get_package_details')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -183,14 +183,14 @@ class remoting_aps extends remoting {
// Make sure an integer ID is given
if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
$this->server->fault('package_error', 'The given Package ID is not valid.');
throw new SoapFault('package_error', 'The given Package ID is not valid.');
return false;
}
// Get package settings
$settings = $gui->getPackageSettings($primary_id);
if (isset($settings['error'])) {
$this->server->fault('package_error', $settings['error']);
throw new SoapFault('package_error', $settings['error']);
return false;
}
......@@ -205,7 +205,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_change_package_status')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -215,12 +215,12 @@ class remoting_aps extends remoting {
// Make sure an integer ID is given
if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
$this->server->fault('package_error', 'The given Package ID is not valid.');
throw new SoapFault('package_error', 'The given Package ID is not valid.');
return false;
}
if(!isset($params['package_status']) || (($params['package_status'] != PACKAGE_ENABLED) && ($params['package_status'] != PACKAGE_LOCKED))) {
$this->server->fault('package_error', 'Wrong new status: '.$params['package_status']);
throw new SoapFault('package_error', 'Wrong new status: '.$params['package_status']);
return false;
}
......@@ -235,7 +235,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_install_package')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -251,25 +251,25 @@ class remoting_aps extends remoting {
// Make sure an integer ID is given
if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
$this->server->fault('package_error', 'The given Package ID is not valid.');
throw new SoapFault('package_error', 'The given Package ID is not valid.');
return false;
}
// Get package details
$details = $gui->getPackageDetails($primary_id);
if (isset($details['error'])) {
$this->server->fault('package_error', $details['error']);
throw new SoapFault('package_error', $details['error']);
return false;
}
$settings = $gui->getPackageSettings($primary_id);
if (isset($settings['error'])) {
$this->server->fault('package_error', $settings['error']);
throw new SoapFault('package_error', $settings['error']);
return false;
}
// Check given Site/VHostDomain
if (!isset($params['main_domain'])) {
$this->server->fault('invalid parameters', 'No valid domain given.');
throw new SoapFault('invalid parameters', 'No valid domain given.');
return false;
}
......@@ -284,7 +284,7 @@ class remoting_aps extends remoting {
}
if (!$domain) {
$this->server->fault('invalid parameters', 'No valid domain given.');
throw new SoapFault('invalid parameters', 'No valid domain given.');
return false;
}
......@@ -295,7 +295,7 @@ class remoting_aps extends remoting {
return $gui->createPackageInstance($result['input'], $primary_id);
}
$this->server->fault('invalid parameters', implode('<br />', $result['error']));
throw new SoapFault('invalid parameters', implode('<br />', $result['error']));
return false;
}
......@@ -304,7 +304,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_instance_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -318,7 +318,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_instance_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -332,7 +332,7 @@ class remoting_aps extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_aps_instance_delete')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -344,7 +344,7 @@ class remoting_aps extends remoting {
$result = $app->db->queryOneRecord($sql, $primary_id);
if (!$result) {
$this->server->fault('instance_error', 'No valid instance id given.');
throw new SoapFault('instance_error', 'No valid instance id given.');
return false;
}
......
......@@ -171,12 +171,12 @@ class remoting_client extends remoting {
// check if this one is reseller
$check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ?', intval($params['parent_client_id']));
if($check['limit_client'] == 0) {
$this->server->fault('Invalid reseller', 'Selected client is not a reseller.');
throw new SoapFault('Invalid reseller', 'Selected client is not a reseller.');
return false;
}
if(isset($params['limit_client']) && $params['limit_client'] != 0) {
$this->server->fault('Invalid reseller', 'Reseller cannot be client of another reseller.');
throw new SoapFault('Invalid reseller', 'Reseller cannot be client of another reseller.');
return false;
}
}
......@@ -210,12 +210,12 @@ class remoting_client extends remoting {
// check if this one is reseller
$check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ?', intval($params['parent_client_id']));
if($check['limit_client'] == 0) {
$this->server->fault('Invalid reseller', 'Selected client is not a reseller.');
throw new SoapFault('Invalid reseller', 'Selected client is not a reseller.');
return false;
}
if(isset($params['limit_client']) && $params['limit_client'] != 0) {
$this->server->fault('Invalid reseller', 'Reseller cannot be client of another reseller.');
throw new SoapFault('Invalid reseller', 'Reseller cannot be client of another reseller.');
return false;
}
}
......@@ -253,7 +253,7 @@ class remoting_client extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'client_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -261,7 +261,7 @@ class remoting_client extends remoting {
$sql = "SELECT * FROM `client_template_assigned` WHERE `client_id` = ?";
return $app->db->queryOneRecord($sql, $client_id);
} else {
$this->server->fault('The ID must be an integer.');
throw new SoapFault('The ID must be an integer.');
return array();
}
}
......@@ -291,7 +291,7 @@ class remoting_client extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'client_update')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -299,13 +299,13 @@ class remoting_client extends remoting {
// check if client exists
$check = $app->db->queryOneRecord('SELECT `client_id` FROM `client` WHERE `client_id` = ?', $client_id);
if(!$check) {
$this->server->fault('Invalid client');
throw new SoapFault('Invalid client');
return false;
}
// check if template exists
$check = $app->db->queryOneRecord('SELECT `template_id` FROM `client_template` WHERE `template_id` = ?', $template_id);
if(!$check) {
$this->server->fault('Invalid template');
throw new SoapFault('Invalid template');
return false;
}
......@@ -320,7 +320,7 @@ class remoting_client extends remoting {
return $insert_id;
} else {
$this->server->fault('The IDs must be of type integer.');
throw new SoapFault('The IDs must be of type integer.');
return false;
}
}
......@@ -329,7 +329,7 @@ class remoting_client extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'client_update')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -337,13 +337,13 @@ class remoting_client extends remoting {
// check if client exists
$check = $app->db->queryOneRecord('SELECT `client_id` FROM `client` WHERE `client_id` = ?', $client_id);
if(!$check) {
$this->server->fault('Invalid client');
throw new SoapFault('Invalid client');
return false;
}
// check if template exists
$check = $app->db->queryOneRecord('SELECT `assigned_template_id` FROM `client_template_assigned` WHERE `assigned_template_id` = ?', $assigned_template_id);
if(!$check) {
$this->server->fault('Invalid template');
throw new SoapFault('Invalid template');
return false;
}
......@@ -358,7 +358,7 @@ class remoting_client extends remoting {
return $affected_rows;
} else {
$this->server->fault('The IDs must be of type integer.');
throw new SoapFault('The IDs must be of type integer.');
return false;
}
}
......
......@@ -316,7 +316,7 @@ class remoting_mail extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'mail_user_backup')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -339,7 +339,7 @@ class remoting_mail extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'mail_user_backup')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -353,19 +353,19 @@ class remoting_mail extends remoting {
//* Basic validation of variables
if ($server_id <= 0) {
$this->server->fault('invalid_backup_id', "Invalid or non existant backup_id $primary_id");
throw new SoapFault('invalid_backup_id', "Invalid or non existant backup_id $primary_id");
return false;
}
if (/*$action_type != 'backup_download_mail' and*/ $action_type != 'backup_restore_mail' and $action_type != 'backup_delete_mail') {
$this->server->fault('invalid_action', "Invalid action_type $action_type");
throw new SoapFault('invalid_action', "Invalid action_type $action_type");
return false;
}
//* Validate instance
$instance_record = $app->db->queryOneRecord("SELECT * FROM `sys_remoteaction` WHERE `action_param`=? and `action_type`=? and `action_state`='pending'", $primary_id, $action_type);
if ($instance_record['action_id'] >= 1) {
$this->server->fault('duplicate_action', "There is already a pending $action_type action");
throw new SoapFault('duplicate_action', "There is already a pending $action_type action");
return false;
}
......@@ -600,7 +600,7 @@ class remoting_mail extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'mail_relay_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$app->uses('remoting_lib');
......@@ -614,7 +614,7 @@ class remoting_mail extends remoting {
{
if (!$this->checkPerm($session_id, 'mail_relay_add'))
{
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
throw new SoapFault('permission_denied','You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->insertQuery('../mail/form/mail_relay_recipient.tform.php', $client_id, $params);
......@@ -626,7 +626,7 @@ class remoting_mail extends remoting {
{
if (!$this->checkPerm($session_id, 'mail_relay_update'))
{
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
throw new SoapFault('permission_denied','You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->updateQuery('../mail/form/mail_relay_recipient.tform.php', $client_id, $primary_id, $params);
......@@ -638,7 +638,7 @@ class remoting_mail extends remoting {
{
if (!$this->checkPerm($session_id, 'mail_relay_delete'))
{
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
throw new SoapFault('permission_denied','You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../mail/form/mail_relay_recipient.tform.php', $primary_id);
......@@ -1097,7 +1097,7 @@ class remoting_mail extends remoting {
$app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'mailquota_get_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......
......@@ -66,7 +66,7 @@ class remoting_server extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'server_ip_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$app->uses('remoting_lib');
......@@ -118,7 +118,7 @@ class remoting_server extends remoting {
public function server_get($session_id, $server_id = null, $section ='') {
global $app;
if(!$this->checkPerm($session_id, 'server_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if (!empty($session_id)) {
......@@ -152,7 +152,7 @@ class remoting_server extends remoting {
{
global $app;
if(!$this->checkPerm($session_id, 'server_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if (!empty($session_id)) {
......@@ -174,7 +174,7 @@ class remoting_server extends remoting {
{
global $app;
if(!$this->checkPerm($session_id, 'server_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if (!empty($session_id) && !empty($server_name)) {
......@@ -196,7 +196,7 @@ class remoting_server extends remoting {
{
global $app;
if(!$this->checkPerm($session_id, 'server_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if (!empty($session_id) && !empty($server_id)) {
......@@ -212,7 +212,7 @@ class remoting_server extends remoting {
{
global $app;
if(!$this->checkPerm($session_id, 'server_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if (!empty($session_id)) {
......
......@@ -899,7 +899,7 @@ class remoting_sites extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_web_domain_backup')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -913,7 +913,7 @@ class remoting_sites extends remoting {
global $app;
if(!$this->checkPerm($session_id, 'sites_web_domain_backup')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -927,19 +927,19 @@ class remoting_sites extends remoting {
//* Basic validation of variables
if ($server_id <= 0) {
$this->server->fault('invalid_backup_id', "Invalid or non existant backup_id $primary_id");
throw new SoapFault('invalid_backup_id', "Invalid or non existant backup_id $primary_id");
return false;
}
if ($action_type != 'backup_download' and $action_type != 'backup_restore' and $action_type != 'backup_delete') {
$this->server->fault('invalid_action', "Invalid action_type $action_type");
throw new SoapFault('invalid_action', "Invalid action_type $action_type");
return false;
}
//* Validate instance
$instance_record = $app->db->queryOneRecord("SELECT * FROM `sys_remoteaction` WHERE `action_param`= ? and `action_type`= ? and `action_state`= ?", $primary_id, $action_type, 'pending');
if ($instance_record['action_id'] >= 1) {
$this->server->fault('duplicate_action', "There is already a pending $action_type action");
throw new SoapFault('duplicate_action', "There is already a pending $action_type action");
return false;
}
......@@ -958,7 +958,7 @@ class remoting_sites extends remoting {
$app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'quota_get_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......@@ -971,7 +971,7 @@ class remoting_sites extends remoting {
$app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'trafficquota_get_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if ($client_id != null)
......@@ -986,7 +986,7 @@ class remoting_sites extends remoting {
$app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'trafficquota_get_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if ($client_id != null)
......@@ -1001,7 +1001,7 @@ class remoting_sites extends remoting {
$app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'databasequota_get_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment