From ecb6b3a8035679f652ed0d80ca624d8a0c6c57f1 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Wed, 22 Aug 2012 18:13:12 +0000
Subject: [PATCH] - Added database, database_user and vhost subdomain functions
 to the remoting - Added interface plugins for db and db users - changed
 remoting (splitted up insert, update and deletequery)

---
 interface/lib/classes/remoting.inc.php        | 133 +++++++++++--
 .../lib/classes/sites_database_plugin.inc.php | 178 ++++++++++++++++++
 interface/lib/classes/tform_actions.inc.php   |   6 +-
 .../sites_web_database_user_plugin.inc.php    |  40 ++++
 interface/web/sites/database_del.php          |  28 +--
 interface/web/sites/database_edit.php         | 105 +----------
 6 files changed, 349 insertions(+), 141 deletions(-)
 create mode 100644 interface/lib/classes/sites_database_plugin.inc.php
 create mode 100644 interface/lib/plugins/sites_web_database_user_plugin.inc.php

diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php
index 2eff84983b..8efecc8181 100644
--- a/interface/lib/classes/remoting.inc.php
+++ b/interface/lib/classes/remoting.inc.php
@@ -1113,7 +1113,7 @@ class remoting {
         $client_id = intval($client_id);
 	$client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
 
-	$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
+	$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
 		$tables_array = explode(',',$tables);
 		$client_group_id = intval($client_group['groupid']);
 		
@@ -1143,7 +1143,7 @@ class remoting {
 			$app->db->query("DELETE FROM sys_user WHERE client_id = $client_id");
 			
 			// Delete all records (sub-clients, mail, web, etc....)  of this client.
-			$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
+			$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
 			$tables_array = explode(',',$tables);
 			$client_group_id = intval($client_group['groupid']);
 			if($client_group_id > 1) {
@@ -1257,7 +1257,19 @@ class remoting {
 			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
 			return false;
 		}
-		return $this->insertQuery('../sites/form/database.tform.php',$client_id,$params);
+
+        $sql = $this->insertQueryPrepare('../sites/form/database.tform.php', $client_id, $params);
+        if($sql !== false) {
+            $app->uses('sites_database_plugin');
+            
+            $this->id = 0;
+            $this->dataRecord = $params;
+            $app->sites_database_plugin->processDatabaseInsert($this);
+
+            return $this->insertQueryExecute($sql, $params);
+        }
+        
+        return false;
 	}
 	
 	//* Update a record
@@ -1267,8 +1279,18 @@ class remoting {
 			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
 			return false;
 		}
-		$affected_rows = $this->updateQuery('../sites/form/database.tform.php',$client_id,$primary_id,$params);
-		return $affected_rows;
+        
+		$sql = $this->updateQueryPrepare('../sites/form/database.tform.php', $client_id, $primary_id, $params);
+        if($sql !== false) {
+            $app->uses('sites_database_plugin');
+            
+            $this->id = $primary_id;
+            $this->dataRecord = $params;
+            $app->sites_database_plugin->processDatabaseUpdate($this);
+            return $this->updateQueryExecute($sql, $primary_id, $params);
+        }
+        
+        return false;
 	}
 	
 	//* Delete a record
@@ -1278,12 +1300,66 @@ class remoting {
 			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
 			return false;
 		}
+        
+        $app->uses('sites_database_plugin');
+        $app->sites_database_plugin->processDatabaseDelete($primary_id);
+        
 		$affected_rows = $this->deleteQuery('../sites/form/database.tform.php',$primary_id);
 		return $affected_rows;
 	}
 	
 	// ----------------------------------------------------------------------------------------------------------
 	
+	//* Get record details
+	public function sites_database_user_get($session_id, $primary_id)
+    {
+		global $app;
+		
+		if(!$this->checkPerm($session_id, 'sites_database_user_get')) {
+			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+			return false;
+		}
+		$app->uses('remoting_lib');
+		$app->remoting_lib->loadFormDef('../sites/form/database_user.tform.php');
+		return $app->remoting_lib->getDataRecord($primary_id);
+	}
+	
+	//* Add a record
+	public function sites_database_user_add($session_id, $client_id, $params)
+    {
+		if(!$this->checkPerm($session_id, 'sites_database_user_add')) {
+			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+			return false;
+		}
+
+        return $this->insertQuery('../sites/form/database_user.tform.php', $client_id, $params);
+	}
+	
+	//* Update a record
+	public function sites_database_user_update($session_id, $client_id, $primary_id, $params)
+    {
+		if(!$this->checkPerm($session_id, 'sites_database_user_update')) {
+			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+			return false;
+		}
+        
+		return $this->updateQuery('../sites/form/database_user.tform.php', $client_id, $primary_id, $params);
+ 	}
+	
+	//* Delete a record
+	public function sites_database_user_delete($session_id, $primary_id)
+    {
+		if(!$this->checkPerm($session_id, 'sites_database_user_delete')) {
+			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+			return false;
+		}
+        
+		$affected_rows = $this->deleteQuery('../sites/form/database_user.tform.php',$primary_id);
+		return $affected_rows;
+	}
+	
+	// ----------------------------------------------------------------------------------------------------------
+	
 	//* Get record details
 	public function sites_ftp_user_get($session_id, $primary_id)
     {
@@ -2527,7 +2603,7 @@ class remoting {
 
 	protected function klientadd($formdef_file, $reseller_id, $params)
     {
-		global $app, $tform, $remoting_lib;
+		global $app;
 		$app->uses('remoting_lib');
 			
 		//* Load the form definition
@@ -2599,9 +2675,16 @@ class remoting {
 		return $insert_id;
 	}
 
-	protected function insertQuery($formdef_file, $client_id, $params,$event_identifier = '')
+    protected function insertQuery($formdef_file, $client_id, $params,$event_identifier = '')
     {
-		global $app, $tform, $remoting_lib;
+        $sql = $this->insertQueryPrepare($formdef_file, $client_id, $params);
+        if($sql !== false) return $this->insertQueryExecute($sql, $params,$event_identifier = '');
+        else return false;
+    }
+
+	protected function insertQueryPrepare($formdef_file, $client_id, $params)
+    {
+		global $app;
 		
 		$app->uses('remoting_lib');
 		
@@ -2618,6 +2701,15 @@ class remoting {
 			return false;
 		}
 		
+        return $sql;
+	}
+	
+	protected function insertQueryExecute($sql, $params,$event_identifier = '')
+    {
+		global $app;
+		
+		$app->uses('remoting_lib');
+        
 		$app->db->query($sql);
 		
 		if($app->db->errorMessage != '') {
@@ -2641,12 +2733,20 @@ class remoting {
 		}		
 		return $insert_id;
 	}
-	
-	
+    
 	protected function updateQuery($formdef_file, $client_id, $primary_id, $params, $event_identifier = '')
     {
 		global $app;
 		
+		$sql = $this->updateQueryPrepare($formdef_file, $client_id, $primary_id, $params);
+        if($sql !== false) return $this->updateQueryExecute($sql, $primary_id, $params,$event_identifier = '');
+        else return false;
+	}
+	
+	protected function updateQueryPrepare($formdef_file, $client_id, $primary_id, $params)
+    {
+		global $app;
+		
 		$app->uses('remoting_lib');
 		
 		//* load the user profile of the client
@@ -2663,6 +2763,15 @@ class remoting {
 			return false;
 		}
 		
+        return $sql;
+	}
+
+	protected function updateQueryExecute($sql, $primary_id, $params, $event_identifier = '')
+    {
+		global $app;
+		
+		$app->uses('remoting_lib');
+		
 		$old_rec = $app->remoting_lib->getDataRecord($primary_id);
 		
 		// set a few values for compatibility with tform actions, mostly used by plugins
@@ -2689,7 +2798,7 @@ class remoting {
 		
 		return $affected_rows;
 	}
-	
+
 	protected function deleteQuery($formdef_file, $primary_id, $event_identifier = '')
     {
 		global $app;
@@ -2964,7 +3073,7 @@ class remoting {
             return false;
 		}
         $client_id = intval($client_id);
-        $sql = "SELECT d.database_id, d.database_name, d.database_user, d.database_password FROM web_database d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
+        $sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
 		$all = $app->db->queryAllRecords($sql);
         return $all;
 	}
diff --git a/interface/lib/classes/sites_database_plugin.inc.php b/interface/lib/classes/sites_database_plugin.inc.php
new file mode 100644
index 0000000000..6729fd0a17
--- /dev/null
+++ b/interface/lib/classes/sites_database_plugin.inc.php
@@ -0,0 +1,178 @@
+<?php
+
+/*
+Copyright (c) 2012, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+class sites_database_plugin {
+
+	public function processDatabaseInsert($form_page) {
+        global $app;
+        
+		if($form_page->dataRecord["parent_domain_id"] > 0) {
+			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($form_page->dataRecord["parent_domain_id"]));
+		
+			//* The Database user shall be owned by the same group then the website
+			$sys_groupid = $web['sys_groupid'];
+        } else {
+            $sys_groupid = $form_page->dataRecord['sys_groupid'];
+        }
+        
+
+        if($form_page->dataRecord['database_user_id']) {
+            // check if there has already been a database on this server with that user
+            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+            
+            if($check && $check['cnt'] < 1) {
+                // we need to make a datalog insert for the database users that are connected to this database
+                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+                if($db_user) {
+                    $db_user['server_id'] = $form_page->dataRecord['server_id'];
+                    $app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
+                }
+            }
+        }
+
+        if($form_page->dataRecord['database_ro_user_id']) {
+            // check if there has already been a database on this server with that user
+            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+            
+            if($check && $check['cnt'] < 1) {
+                // we need to make a datalog insert for the database users that are connected to this database
+                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+                if($db_user) {
+                    $db_user['server_id'] = $form_page->dataRecord['server_id'];
+                    $app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
+                }
+            }
+        }
+    }
+    
+    public function processDatabaseUpdate($form_page) {
+        global $app;
+        
+        $old_record = $app->tform->getDataRecord($form_page->id);
+        
+        if($form_page->dataRecord["parent_domain_id"] > 0) {
+            $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($form_page->dataRecord["parent_domain_id"]));
+        
+            //* The Database user shall be owned by the same group then the website
+            $sys_groupid = $web['sys_groupid'];
+        } else {
+            $sys_groupid = $form_page->dataRecord['sys_groupid'];
+        }
+        
+        // check if database user has changed
+        if($old_record['database_user_id'] && $old_record['database_user_id'] != $form_page->dataRecord['database_user_id'] && $old_record['database_user_id'] != $form_page->dataRecord['database_ro_user_id']) {
+            // check if any database on the server still uses this one
+            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "' AND `database_id` != '" . intval($form_page->id) . "'");
+            if($check['cnt'] < 1) {
+                // send a datalog delete
+                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+                if($db_user) {
+                    $db_user['server_id'] = $form_page->dataRecord['server_id'];
+                    $app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
+                }
+            }
+        }
+        // check if readonly database user has changed
+        if($old_record['database_ro_user_id'] && $old_record['database_ro_user_id'] != $form_page->dataRecord['database_ro_user_id'] && $old_record['database_ro_user_id'] != $form_page->dataRecord['database_user_id']) {
+            // check if any database on the server still uses this one
+            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "' AND `database_id` != '" . intval($form_page->id) . "'");
+            if($check['cnt'] < 1) {
+                // send a datalog delete
+                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+                if($db_user) {
+                    $db_user['server_id'] = $form_page->dataRecord['server_id'];
+                    $app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
+                }
+            }
+        }
+        
+        if($form_page->dataRecord['database_user_id']) {
+            // check if there has already been a database on this server with that user
+            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+            
+            if($check && $check['cnt'] < 1) {
+                // we need to make a datalog insert for the database users that are connected to this database
+                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+                if($db_user) {
+                    $db_user['server_id'] = $form_page->dataRecord['server_id'];
+                    $app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
+                }
+            }
+        }
+
+        if($form_page->dataRecord['database_ro_user_id']) {
+            // check if there has already been a database on this server with that user
+            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+            
+            if($check && $check['cnt'] < 1) {
+                // we need to make a datalog insert for the database users that are connected to this database
+                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
+                if($db_user) {
+                    $db_user['server_id'] = $form_page->dataRecord['server_id'];
+                    $app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
+                }
+            }
+        }
+        
+    }
+    
+    public function processDatabaseDelete($primary_id) {
+        global $app;
+        
+        $old_record = $app->tform->getDataRecord($primary_id);
+        if($old_record['database_user_id']) {
+            // check if any database on the server still uses this one
+            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($old_record['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_user_id']) . "') AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "' AND `database_id` != '" . intval($primary_id) . "'");
+            if($check['cnt'] < 1) {
+                // send a datalog delete
+                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_user_id']) . "' AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "'");
+                if($db_user) {
+                    $db_user['server_id'] = $old_record['server_id'];
+                    $app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
+                }
+            }
+        }
+        if($old_record['database_ro_user_id']) {
+            // check if any database on the server still uses this one
+            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($old_record['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "' AND `database_id` != '" . intval($primary_id) . "'");
+            if($check['cnt'] < 1) {
+                // send a datalog delete
+                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "'");
+                if($db_user) {
+                    $db_user['server_id'] = $old_record['server_id'];
+                    $app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
+                }
+            }
+        }
+        
+    }
+}
+
+?>
diff --git a/interface/lib/classes/tform_actions.inc.php b/interface/lib/classes/tform_actions.inc.php
index 39cdb49d4f..5235da7c0b 100644
--- a/interface/lib/classes/tform_actions.inc.php
+++ b/interface/lib/classes/tform_actions.inc.php
@@ -107,7 +107,8 @@ class tform_actions {
 						
 						// Save record in database
 						$this->onUpdateSave($sql);
-						
+						$app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_update_save',array('page_form'=>$this, 'sql'=>$sql));
+                        
 						// loading plugins
 						$next_tab = $app->tform->getCurrentTab();
                 		$this->loadPlugins($next_tab);
@@ -185,7 +186,8 @@ class tform_actions {
                 if($app->tform->errorMessage == '') {
 						
 						$this->id = $this->onInsertSave($sql);
-						
+						$app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_insert_save',array('page_form'=>$this, 'sql'=>$sql));
+                        
 						// loading plugins
 						$next_tab = $app->tform->getCurrentTab();
                 		$this->loadPlugins($next_tab);
diff --git a/interface/lib/plugins/sites_web_database_user_plugin.inc.php b/interface/lib/plugins/sites_web_database_user_plugin.inc.php
new file mode 100644
index 0000000000..4b6af430d3
--- /dev/null
+++ b/interface/lib/plugins/sites_web_database_user_plugin.inc.php
@@ -0,0 +1,40 @@
+<?php
+/**
+ * sites_web_database_user_plugin plugin
+ * 
+ * @author Marius Cramer <m.cramer@pixcept.de> pixcept KG 2012
+ */
+ 
+class sites_web_database_user_plugin {
+
+	var $plugin_name        = 'sites_web_database_user_plugin';
+	var $class_name         = 'sites_web_database_user_plugin';
+	
+    /*
+            This function is called when the plugin is loaded
+    */
+    function onLoad() {
+        global $app;
+        //Register for the events        
+        $app->plugin->registerEvent('sites:web_database_user:on_after_update','sites_web_database_user_plugin','sites_web_database_user_edit');
+        $app->plugin->registerEvent('sites:web_database_user:on_after_insert','sites_web_database_user_plugin','sites_web_database_user_edit');
+    }
+
+    /*
+		Function to create the sites_web_database_user rule and insert it into the custom rules           
+    */
+    function sites_web_database_user_edit($event_name, $page_form) {
+        global $app, $conf;   
+        
+        // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
+        // also make sure that the user can not delete domain created by a admin
+        if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
+            $client_group_id = intval($page_form->dataRecord["client_group_id"]);
+            $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$page_form->id);
+        }
+        if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
+            $client_group_id = intval($page_form->dataRecord["client_group_id"]);
+            $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE domain_id = ".$page_form->id);
+        }
+	}
+}              	
\ No newline at end of file
diff --git a/interface/web/sites/database_del.php b/interface/web/sites/database_del.php
index b1263b3073..2dc90fd4df 100644
--- a/interface/web/sites/database_del.php
+++ b/interface/web/sites/database_del.php
@@ -51,32 +51,8 @@ class page_action extends tform_actions {
 		global $app; $conf;
 		if($app->tform->checkPerm($this->id,'d') == false) $app->error($app->lng('error_no_delete_permission'));
         
-        $old_record = $app->tform->getDataRecord($this->id);
-        if($old_record['database_user_id']) {
-            // check if any database on the server still uses this one
-            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($old_record['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_user_id']) . "') AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "' AND `database_id` != '" . intval($this->id) . "'");
-            if($check['cnt'] < 1) {
-                // send a datalog delete
-                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_user_id']) . "' AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "'");
-                if($db_user) {
-                    $db_user['server_id'] = $old_record['server_id'];
-                    $app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
-                }
-            }
-        }
-        if($old_record['database_ro_user_id']) {
-            // check if any database on the server still uses this one
-            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($old_record['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "' AND `database_id` != '" . intval($this->id) . "'");
-            if($check['cnt'] < 1) {
-                // send a datalog delete
-                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "'");
-                if($db_user) {
-                    $db_user['server_id'] = $old_record['server_id'];
-                    $app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
-                }
-            }
-        }
-        
+        $app->uses('sites_database_plugin');
+        $app->sites_database_plugin->processDatabaseDelete($this->id);
 	}
 }
 
diff --git a/interface/web/sites/database_edit.php b/interface/web/sites/database_edit.php
index d098625e7d..08afd85e8f 100644
--- a/interface/web/sites/database_edit.php
+++ b/interface/web/sites/database_edit.php
@@ -294,44 +294,10 @@ class page_action extends tform_actions {
 
     function onInsertSave($sql) {
         global $app, $conf;
-
-		if($this->dataRecord["parent_domain_id"] > 0) {
-			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
-		
-			//* The Database user shall be owned by the same group then the website
-			$sys_groupid = $web['sys_groupid'];
-        } else {
-            $sys_groupid = $this->dataRecord['sys_groupid'];
-        }
         
-
-        if($this->dataRecord['database_user_id']) {
-            // check if there has already been a database on this server with that user
-            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($this->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($this->dataRecord['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-            
-            if($check && $check['cnt'] < 1) {
-                // we need to make a datalog insert for the database users that are connected to this database
-                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($this->dataRecord['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-                if($db_user) {
-                    $db_user['server_id'] = $this->dataRecord['server_id'];
-                    $app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
-                }
-            }
-        }
-
-        if($this->dataRecord['database_ro_user_id']) {
-            // check if there has already been a database on this server with that user
-            $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-            
-            if($check && $check['cnt'] < 1) {
-                // we need to make a datalog insert for the database users that are connected to this database
-                $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-                if($db_user) {
-                    $db_user['server_id'] = $this->dataRecord['server_id'];
-                    $app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
-                }
-            }
-        }
+        $app->uses('sites_database_plugin');
+        
+        $app->sites_database_plugin->processDatabaseInsert($this);
         
         $app->db->query($sql);
         if($app->db->errorMessage != '') die($app->db->errorMessage);
@@ -343,71 +309,8 @@ class page_action extends tform_actions {
     function onUpdateSave($sql) {
         global $app;
         if(!empty($sql) && !$app->tform->isReadonlyTab($app->tform->getCurrentTab(),$this->id)) {
-            $old_record = $app->tform->getDataRecord($this->id);
-            
-            if($this->dataRecord["parent_domain_id"] > 0) {
-                $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
-            
-                //* The Database user shall be owned by the same group then the website
-                $sys_groupid = $web['sys_groupid'];
-            } else {
-                $sys_groupid = $this->dataRecord['sys_groupid'];
-            }
             
-            // check if database user has changed
-            if($old_record['database_user_id'] && $old_record['database_user_id'] != $this->dataRecord['database_user_id'] && $old_record['database_user_id'] != $this->dataRecord['database_ro_user_id']) {
-                // check if any database on the server still uses this one
-                $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "' AND `database_id` != '" . intval($this->id) . "'");
-                if($check['cnt'] < 1) {
-                    // send a datalog delete
-                    $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-                    if($db_user) {
-                        $db_user['server_id'] = $this->dataRecord['server_id'];
-                        $app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
-                    }
-                }
-            }
-            // check if readonly database user has changed
-            if($old_record['database_ro_user_id'] && $old_record['database_ro_user_id'] != $this->dataRecord['database_ro_user_id'] && $old_record['database_ro_user_id'] != $this->dataRecord['database_user_id']) {
-                // check if any database on the server still uses this one
-                $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "' AND `database_id` != '" . intval($this->id) . "'");
-                if($check['cnt'] < 1) {
-                    // send a datalog delete
-                    $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-                    if($db_user) {
-                        $db_user['server_id'] = $this->dataRecord['server_id'];
-                        $app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
-                    }
-                }
-            }
-            
-            if($this->dataRecord['database_user_id']) {
-                // check if there has already been a database on this server with that user
-                $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($this->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($this->dataRecord['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-                
-                if($check && $check['cnt'] < 1) {
-                    // we need to make a datalog insert for the database users that are connected to this database
-                    $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($this->dataRecord['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-                    if($db_user) {
-                        $db_user['server_id'] = $this->dataRecord['server_id'];
-                        $app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
-                    }
-                }
-            }
-
-            if($this->dataRecord['database_ro_user_id']) {
-                // check if there has already been a database on this server with that user
-                $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-                
-                if($check && $check['cnt'] < 1) {
-                    // we need to make a datalog insert for the database users that are connected to this database
-                    $db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
-                    if($db_user) {
-                        $db_user['server_id'] = $this->dataRecord['server_id'];
-                        $app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
-                    }
-                }
-            }
+            $app->sites_database_plugin->processDatabaseUpdate($this);
 
             $app->db->query($sql);
             if($app->db->errorMessage != '') die($app->db->errorMessage);
-- 
GitLab