Newer
Older
$app->uses('remoting_lib');
//* load the user profile of the client
$app->remoting_lib->loadUserProfile($client_id);
tbrehm
committed
//* Load the form definition
$app->remoting_lib->loadFormDef($formdef_file);
//* Get the SQL query
$sql = $app->remoting_lib->getSQL($params,'UPDATE',$primary_id);
if($app->remoting_lib->errorMessage != '') {
$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
return false;
}
$old_rec = $app->remoting_lib->getDataRecord($primary_id);
// set a few values for compatibility with tform actions, mostly used by plugins
$this->oldDataRecord = $old_rec;
$this->id = $primary_id;
$this->dataRecord = $params;
$app->db->query($sql);
if($app->db->errorMessage != '') {
$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
return false;
}
$affected_rows = $app->db->affectedRows();
if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
//* Save changes to Datalog
if($app->remoting_lib->formDef["db_history"] == 'yes') {
$new_rec = $app->remoting_lib->getDataRecord($primary_id);
$app->remoting_lib->datalogSave('UPDATE',$primary_id,$old_rec,$new_rec);
}
return $affected_rows;
}
private function deleteQuery($formdef_file, $primary_id)
{
global $app;
$app->uses('remoting_lib');
tbrehm
committed
//* load the user profile of the client
$app->remoting_lib->loadUserProfile(0);
tbrehm
committed
//* Load the form definition
$app->remoting_lib->loadFormDef($formdef_file);
$old_rec = $app->remoting_lib->getDataRecord($primary_id);
// set a few values for compatibility with tform actions, mostly used by plugins
$this->oldDataRecord = $old_rec;
$this->id = $primary_id;
$this->dataRecord = $params;
//* Get the SQL query
$sql = $app->remoting_lib->getDeleteSQL($primary_id);
$app->db->query($sql);
if($app->db->errorMessage != '') {
$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
return false;
}
$affected_rows = $app->db->affectedRows();
//* Save changes to Datalog
if($app->remoting_lib->formDef["db_history"] == 'yes') {
$app->remoting_lib->datalogSave('DELETE',$primary_id,$old_rec,array());
}
return $affected_rows;
}
private function checkPerm($session_id, $function_name)
{
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
$session = $this->getSession($session_id);
if(!$session){
return false;
}
$dobre= str_replace(';',',',$session['remote_functions']);
return in_array($function_name, explode(',', $dobre) );
}
private function getSession($session_id)
{
global $app;
if(empty($session_id)) {
$this->server->fault('session_id_empty','The SessionID is empty.');
return false;
}
$session_id = $app->db->quote($session_id);
$now = time();
$sql = "SELECT * FROM remote_session WHERE remote_session = '$session_id' AND tstamp >= $now";
$session = $app->db->queryOneRecord($sql);
if($session['remote_userid'] > 0) {
return $session;
} else {
$this->server->fault('session_does_not_exist','The Session is expired or does not exist.');
return false;
}
}
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
//---
/**
* Gets sites by $sys_userid & $sys_groupid
* @param int session id
* @param int user id
* @param array list of groups
* @return mixed array with sites by user
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function client_get_sites_by_user($session_id, $sys_userid, $sys_groupid) {
global $app;
if(!$this->checkPerm($session_id, 'client_get_sites_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$sys_userid = intval($sys_userid);
$sys_groupid = explode(',', $sys_groupid);
$new_group = array();
foreach($sys_groupid as $group_id) {
$new_group[] = intval( $group_id);
}
$group_list = implode(',', $new_group);
$sql ="SELECT domain, domain_id, document_root FROM web_domain WHERE ( (sys_userid = $sys_userid AND sys_perm_user LIKE '%r%') OR (sys_groupid IN ($group_list) AND sys_perm_group LIKE '%r%') OR sys_perm_other LIKE '%r%') AND type = 'vhost'";
$result = $app->db->queryAllRecords($sql);
if(isset($result)) {
return $result;
} else {
$this->server->fault('no_client_found', 'There is no site for this user');
return false;
}
}
/**
* Change domains status
* @param int session id
* @param int site id
* @param string active or inactive string
* @return mixed false if error
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function sites_web_domain_set_status($session_id, $primary_id, $status) {
global $app;
if(!$this->checkPerm($session_id, 'sites_web_domain_set_status')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if(in_array($status, array('active', 'inactive'))) {
if ($status == 'active') {
$status = 'y';
} else {
$status = 'n';
}
$sql = "UPDATE web_domain SET active = '$status' WHERE domain_id = ".intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
} else {
$this->server->fault('status_undefined', 'The status is not available');
return false;
}
}
/**
* Get sys_user information by username
* @param int session id
* @param string user's name
* @return mixed false if error
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function client_get_by_username($session_id, $username) {
global $app;
if(!$this->checkPerm($session_id, 'client_get_by_username')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$username = $app->db->quote($username);
$rec = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE username = '".$username."'");
if (isset($rec)) {
return $rec;
} else {
$this->server->fault('no_client_found', 'There is no user account for this user name.');
return false;
}
}
/**
* Changes client password
*
* @param int session id
* @param int client id
* @param string new password
* @return bool true if success
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*
*/
public function client_change_password($session_id, $client_id, $new_password) {
global $app;
if(!$this->checkPerm($session_id, 'client_change_password')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$client_id = intval($client_id);
$client = $app->db->queryOneRecord("SELECT client_id FROM client WHERE client_id = ".$client_id);
if($client['client_id'] > 0) {
$new_password = $app->db->quote($new_password);
$sql = "UPDATE client SET password = md5('".($new_password)."') WHERE client_id = ".$client_id;
$app->db->query($sql);
$sql = "UPDATE sys_user SET passwort = md5('".($new_password)."') WHERE client_id = ".$client_id;
$app->db->query($sql);
return true;
} else {
$this->server->fault('no_client_found', 'There is no user account for this client_id');
return false;
}
}
/**
* Get a list of functions
* @param int session id
* @return mixed array of the available functions
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function get_function_list($session_id)
{
if(!$this->checkPerm($session_id, 'get_function_list')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
return get_class_methods($this);
}
/**
* Get all databases by user
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function sites_database_get_all_by_user($session_id, $client_id)
{
global $app;
if(!$this->checkPerm($session_id, 'sites_database_get_all_by_user')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$client_id = intval($client_id);
$sql = "SELECT database_id, database_name, database_user, database_password FROM web_database WHERE sys_userid = $client_id ";
$all = $app->db->queryAllRecords($sql);
return $all;
}
/**
* Get all client templates
* @param int session id
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function client_templates_get_all($session_id) {
global $app;
if(!$this->checkPerm($session_id, 'client_templates_get_all')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$sql = "SELECT * FROM client_template";
$result = $app->db->queryAllRecords($sql);
return $result;
}
/**
* Get all DNS zone by user
*@author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
/*
I will update this function
public function dns_zone_get_by_user($session_id, $client_id, $server_id) {
global $app;
if(!$this->checkPerm($session_id, 'dns_zone_get')) {
//$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
//return false;
}
if (!empty($client_id) && !empty($server_id)) {
$server_id = intval($server_id);
$client_id = intval($client_id);
$sql = "SELECT id, origin FROM dns_soa d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = '$client_id' AND server_id = $server_id";
$result = $app->db->queryAllRecords($sql);
return $result;
}
return false;
}
*/
/**
* Changes DNS zone status
* @param int session id
* @param int dns soa id
* @param string status active or inactive string
* @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
*/
public function dns_zone_set_status($session_id, $primary_id, $status) {
global $app;
if(!$this->checkPerm($session_id, 'dns_zone_set_status')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
if(in_array($status, array('active', 'inactive'))) {
if ($status == 'active') {
$status = 'y';
} else {
$status = 'n';
}
$sql = "UPDATE dns_soa SET active = '$status' WHERE id = ".intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
} else {
$this->server->fault('status_undefined', 'The status is not available');
return false;
}
}