Newer
Older
$if_level -= 1;
continue;
}
$rewrites_are_valid = false;
break;
}
}
if(!$rewrites_are_valid || $if_level != 0){
$app->tform->errorMessage .= $app->tform->lng("invalid_rewrite_rules_txt").'<br>';
}
}
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
// check custom php.ini settings
if(isset($this->dataRecord['custom_php_ini']) && trim($this->dataRecord['custom_php_ini']) != '') {
$custom_php_ini_settings = trim($this->dataRecord['custom_php_ini']);
$custom_php_ini_settings_are_valid = true;
// Make sure we only have Unix linebreaks
$custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
$custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
$custom_php_ini_settings_lines = explode("\n", $custom_php_ini_settings);
if(is_array($custom_php_ini_settings_lines) && !empty($custom_php_ini_settings_lines)){
foreach($custom_php_ini_settings_lines as $custom_php_ini_settings_line){
if(trim($custom_php_ini_settings_line) == '') continue;
if(substr(trim($custom_php_ini_settings_line),0,1) == ';') continue;
// empty value
if(preg_match('@^\s*;*\s*[a-zA-Z0-9._]*\s*=\s*;*\s*$@', $custom_php_ini_settings_line)) continue;
// value inside ""
if(preg_match('@^\s*;*\s*[a-zA-Z0-9._]*\s*=\s*".*"\s*;*\s*$@', $custom_php_ini_settings_line)) continue;
// value inside ''
if(preg_match('@^\s*;*\s*[a-zA-Z0-9._]*\s*=\s*\'.*\'\s*;*\s*$@', $custom_php_ini_settings_line)) continue;
// everything else
if(preg_match('@^\s*;*\s*[a-zA-Z0-9._]*\s*=\s*[-a-zA-Z0-9~&=_\@/,.#\s]*\s*;*\s*$@', $custom_php_ini_settings_line)) continue;
$custom_php_ini_settings_are_valid = false;
break;
}
}
if(!$custom_php_ini_settings_are_valid){
$app->tform->errorMessage .= $app->tform->lng("invalid_custom_php_ini_settings_txt").'<br>';
}
}
parent::onSubmit();
}
function onAfterInsert() {
global $app, $conf;
// make sure that the record belongs to the clinet group and not the admin group when admin inserts it
// also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE web_domain SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$this->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE web_domain SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE domain_id = ".$this->id);
}
// Get configuration for the web system
$app->uses("getconf");
$web_rec = $app->tform->getDataRecord($this->id);
$web_config = $app->getconf->get_server_config($app->functions->intval($web_rec["server_id"]), 'web');
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
if($this->_vhostdomain_type == 'domain') {
$document_root = str_replace("[website_id]", $this->id, $web_config["website_path"]);
$document_root = str_replace("[website_idhash_1]", $this->id_hash($page_form->id, 1), $document_root);
$document_root = str_replace("[website_idhash_2]", $this->id_hash($page_form->id, 1), $document_root);
$document_root = str_replace("[website_idhash_3]", $this->id_hash($page_form->id, 1), $document_root);
$document_root = str_replace("[website_idhash_4]", $this->id_hash($page_form->id, 1), $document_root);
// get the ID of the client
if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = $client_group_id");
$client_id = $app->functions->intval($client["client_id"]);
} else {
//$client_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".$app->functions->intval($this->dataRecord["client_group_id"]));
$client_id = $app->functions->intval($client["client_id"]);
}
// Set the values for document_root, system_user and system_group
$system_user = $app->db->quote('web'.$this->id);
$system_group = $app->db->quote('client'.$client_id);
$document_root = str_replace("[client_id]", $client_id, $document_root);
$document_root = str_replace("[client_idhash_1]", $this->id_hash($client_id, 1), $document_root);
$document_root = str_replace("[client_idhash_2]", $this->id_hash($client_id, 2), $document_root);
$document_root = str_replace("[client_idhash_3]", $this->id_hash($client_id, 3), $document_root);
$document_root = str_replace("[client_idhash_4]", $this->id_hash($client_id, 4), $document_root);
$document_root = $app->db->quote($document_root);
$php_open_basedir = str_replace("[website_path]", $document_root, $web_config["php_open_basedir"]);
$php_open_basedir = $app->db->quote(str_replace("[website_domain]", $web_rec['domain'], $php_open_basedir));
$htaccess_allow_override = $app->db->quote($web_config["htaccess_allow_override"]);
$added_date = date($app->lng('conf_format_dateshort'));
$added_by = $app->db->quote($_SESSION['s']['user']['username']);
$sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group', document_root = '$document_root', allow_override = '$htaccess_allow_override', php_open_basedir = '$php_open_basedir', added_date = '$added_date', added_by = '$added_by' WHERE domain_id = ".$this->id;
} else {
// Set the values for document_root, system_user and system_group
$system_user = $app->db->quote($this->parent_domain_record['system_user']);
$system_group = $app->db->quote($this->parent_domain_record['system_group']);
$document_root = $app->db->quote($this->parent_domain_record['document_root']);
$php_open_basedir = str_replace("[website_path]/web", $document_root.'/'.$web_rec['web_folder'], $web_config["php_open_basedir"]);
$php_open_basedir = str_replace("[website_domain]/web", $web_rec['domain'].'/'.$web_rec['web_folder'], $php_open_basedir);
$php_open_basedir = str_replace("[website_path]", $document_root, $php_open_basedir);
$php_open_basedir = $app->db->quote(str_replace("[website_domain]", $web_rec['domain'], $php_open_basedir));
$htaccess_allow_override = $app->db->quote($this->parent_domain_record['allow_override']);
$added_date = date($app->lng('conf_format_dateshort'));
$added_by = $app->db->quote($_SESSION['s']['user']['username']);
$sql = "UPDATE web_domain SET sys_groupid = ".$app->functions->intval($this->parent_domain_record['sys_groupid']).",system_user = '$system_user', system_group = '$system_group', document_root = '$document_root', allow_override = '$htaccess_allow_override', php_open_basedir = '$php_open_basedir', added_date = '$added_date', added_by = '$added_by' WHERE domain_id = ".$this->id;
}
$app->db->query($sql);
}
function onBeforeUpdate () {
global $app, $conf;
if($this->_vhostdomain_type == 'domain') {
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
if (isset($this->dataRecord["server_id"])) {
$rec = $app->db->queryOneRecord("SELECT server_id from web_domain WHERE domain_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
//* If the user is neither admin nor reseller
} else {
//* We do not allow users to change a domain which has been created by the admin
$rec = $app->db->queryOneRecord("SELECT sys_perm_group, domain, ip_address, ipv6_address from web_domain WHERE domain_id = ".$this->id);
if(isset($this->dataRecord["domain"]) && $rec['domain'] != $this->dataRecord["domain"] && $app->tform->checkPerm($this->id, 'u')) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Domain can not be changed. Please ask your Administrator if you want to change the domain name.');
$this->dataRecord["domain"] = $rec['domain'];
}
if(isset($this->dataRecord["ip_address"]) && $rec['ip_address'] != $this->dataRecord["ip_address"] && $rec['sys_perm_group'] != 'riud') {
$this->dataRecord["ip_address"] = $rec['ip_address'];
}
if(isset($this->dataRecord["ipv6_address"]) && $rec['ipv6_address'] != $this->dataRecord["ipv6_address"] && $rec['sys_perm_group'] != 'riud') {
$this->dataRecord["ipv6_address"] = $rec['ipv6_address'];
}
unset($rec);
}
}
//* Check that all fields for the SSL cert creation are filled
if(isset($this->dataRecord['ssl_action']) && $this->dataRecord['ssl_action'] == 'create') {
if($this->dataRecord['ssl_state'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_state_empty').'<br />';
if($this->dataRecord['ssl_locality'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_locality_empty').'<br />';
if($this->dataRecord['ssl_organisation'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_organisation_empty').'<br />';
if($this->dataRecord['ssl_organisation_unit'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_organisation_unit_empty').'<br />';
if($this->dataRecord['ssl_country'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_country_empty').'<br />';
}
if(isset($this->dataRecord['ssl_action']) && $this->dataRecord['ssl_action'] == 'save') {
if(trim($this->dataRecord['ssl_cert']) == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_cert_empty').'<br />';
}
}
}
$page = new page_action;
$page->onLoad();