diff --git a/install/tpl/config.inc.php.master b/install/tpl/config.inc.php.master index 4c8e03b423730f52d5bcb3d28cbe2fcc66b1685d..1bcdcad09bbd3b51f39e29cf60e133f945e06c26 100644 --- a/install/tpl/config.inc.php.master +++ b/install/tpl/config.inc.php.master @@ -117,6 +117,15 @@ $conf["server_id"] = "{server_id}"; //** Interface $conf['interface_modules_enabled'] = 'dashboard,mail,sites,dns,tools'; +//** Demo mode +/* The demo mode is an option to restrict certain actions in the interface like +* changing the password of users with sys_userid < 3 etc. to be +* able to run the ISPConfig interface as online demo. It does not +* affect the server part. The demo mode should be always set to false +* on every normal installation +*/ +$conf['demo_mode'] = false; + //** Logging $conf["log_file"] = $conf["logpath"].$conf["fs_div"]."ispconfig.log"; diff --git a/interface/lib/config.inc.php b/interface/lib/config.inc.php index 26cfd03c6ec8b0f22a5160381a3e073b684f7388..0cb07a49d8b065f09af5c895f1062cd474670f9c 100644 --- a/interface/lib/config.inc.php +++ b/interface/lib/config.inc.php @@ -103,6 +103,15 @@ $conf["server_id"] = "1"; //** Interface $conf['interface_modules_enabled'] = 'dashboard,mail,sites,dns,tools'; +//** Demo mode +/* The demo mode is an option to restrict certain actions in the interface like +* changing the password of users with sys_userid < 3 etc. to be +* able to run the ISPConfig interface as online demo. It does not +* affect the server part. The demo mode should be always set to false +* on every normal installation +*/ +$conf['demo_mode'] = false; + //** Logging $conf["log_file"] = '/var/log/ispconfig/ispconfig.log'; diff --git a/interface/web/admin/language_add.php b/interface/web/admin/language_add.php index f3fd93f3e47d42327a44eadd8e13c1e7d61cfda3..a2961715a821045e6b44df03e3fa8ff9b5e6e00a 100644 --- a/interface/web/admin/language_add.php +++ b/interface/web/admin/language_add.php @@ -35,6 +35,7 @@ $app->auth->check_module_permissions('admin'); //* This is only allowed for administrators if(!$app->auth->is_admin()) die('only allowed for administrators.'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses('tpl'); diff --git a/interface/web/admin/language_complete.php b/interface/web/admin/language_complete.php index 7ae926ff8c92abac90e431d10e5fe1846fd5896f..1ac69887dc34c3b117e17944465c9cc47d3e3e08 100644 --- a/interface/web/admin/language_complete.php +++ b/interface/web/admin/language_complete.php @@ -32,6 +32,7 @@ require_once('../../lib/app.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('admin'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); //* This is only allowed for administrators if(!$app->auth->is_admin()) die('only allowed for administrators.'); diff --git a/interface/web/admin/language_edit.php b/interface/web/admin/language_edit.php index e4a9dc3c4d053cb1b72c9b17e487e97dd7a60ce1..f16ea683cfa249553bf03e10d9a92cb622e3f655 100644 --- a/interface/web/admin/language_edit.php +++ b/interface/web/admin/language_edit.php @@ -35,6 +35,7 @@ $app->auth->check_module_permissions('admin'); //* This is only allowed for administrators if(!$app->auth->is_admin()) die('only allowed for administrators.'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses('tpl'); diff --git a/interface/web/admin/language_export.php b/interface/web/admin/language_export.php index d252073d399915e47d6ff3f94979c783344b65c8..5c192c3cf61bad84f1155d9012c226e6ee0540a1 100644 --- a/interface/web/admin/language_export.php +++ b/interface/web/admin/language_export.php @@ -35,6 +35,7 @@ $app->auth->check_module_permissions('admin'); //* This is only allowed for administrators if(!$app->auth->is_admin()) die('only allowed for administrators.'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses('tpl'); diff --git a/interface/web/admin/language_import.php b/interface/web/admin/language_import.php index 10c128ea868ff2c1c5f1b9644a8aab28e04b9a74..0ca11110cfece2afa63bf5784d53d10a3b0c7c5d 100644 --- a/interface/web/admin/language_import.php +++ b/interface/web/admin/language_import.php @@ -35,6 +35,7 @@ $app->auth->check_module_permissions('admin'); //* This is only allowed for administrators if(!$app->auth->is_admin()) die('only allowed for administrators.'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses('tpl'); diff --git a/interface/web/admin/remote_user_edit.php b/interface/web/admin/remote_user_edit.php index cadee47963b07f7ec7e21b16ceba3168abdc2a8c..a99e9837dc25cf14a3e2e29683009da84da43fbd 100644 --- a/interface/web/admin/remote_user_edit.php +++ b/interface/web/admin/remote_user_edit.php @@ -13,6 +13,9 @@ if(!stristr($_SESSION['s']['user']['modules'],'admin')) { die; } +// Disable this function in demo mode +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); + // Load the templating and form classes $app->uses('tpl,tform,tform_actions'); $app->load('tform_actions'); diff --git a/interface/web/admin/server_config_del.php b/interface/web/admin/server_config_del.php index 67c0096af788016df169be532ea5a9cf2053b2bb..7b30ea3e4d969e18fe964d1a9c9c7f34551c585f 100644 --- a/interface/web/admin/server_config_del.php +++ b/interface/web/admin/server_config_del.php @@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('admin'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses("tform_actions"); $app->tform_actions->onDelete(); diff --git a/interface/web/admin/server_config_edit.php b/interface/web/admin/server_config_edit.php index 1f71ef7c7df79fa9f015a14a6b8ee47dc90d6fde..c034da1550087edf21a9e4998705308451ac43d2 100644 --- a/interface/web/admin/server_config_edit.php +++ b/interface/web/admin/server_config_edit.php @@ -71,19 +71,21 @@ class page_action extends tform_actions { } function onUpdateSave($sql) { - global $app; + global $app,$conf; if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges'); $app->uses('ini_parser,getconf'); - $section = $app->tform->getCurrentTab(); - $server_id = $this->id; + if($conf['demo_mode'] != true) { + $section = $app->tform->getCurrentTab(); + $server_id = $this->id; - $server_config_array = $app->getconf->get_server_config($server_id); - $server_config_array[$section] = $app->tform->encode($this->dataRecord,$section); - $server_config_str = $app->ini_parser->get_ini_string($server_config_array); + $server_config_array = $app->getconf->get_server_config($server_id); + $server_config_array[$section] = $app->tform->encode($this->dataRecord,$section); + $server_config_str = $app->ini_parser->get_ini_string($server_config_array); - $app->db->datalogUpdate('server', "config = '".$app->db->quote($server_config_str)."'", 'server_id', $server_id); + $app->db->datalogUpdate('server', "config = '".$app->db->quote($server_config_str)."'", 'server_id', $server_id); + } } } diff --git a/interface/web/admin/server_del.php b/interface/web/admin/server_del.php index 78a0785702107b561d5bfee741bc21cf07e80eb2..d5b3b9639f1a5b2ce9e192d1f2b9741734cb61d5 100644 --- a/interface/web/admin/server_del.php +++ b/interface/web/admin/server_del.php @@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('admin'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses("tform_actions"); $app->tform_actions->onDelete(); diff --git a/interface/web/admin/software_repo_del.php b/interface/web/admin/software_repo_del.php index 8da40c9c87e28e1c413e39340c8eb892ca4438dc..a6522fa5bdb081bdedf013bbf5e4bc51d25ba8fd 100644 --- a/interface/web/admin/software_repo_del.php +++ b/interface/web/admin/software_repo_del.php @@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('admin'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses("tform_actions"); $app->tform_actions->onDelete(); diff --git a/interface/web/admin/software_repo_edit.php b/interface/web/admin/software_repo_edit.php index bd0c875f56b34cc7d7624a7c78df0cccaeb1d483..17902f152eb4030c54e40a3c5c6d75ffbb1c9e48 100644 --- a/interface/web/admin/software_repo_edit.php +++ b/interface/web/admin/software_repo_edit.php @@ -43,6 +43,7 @@ require_once('../../lib/app.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('admin'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); // Loading classes $app->uses('tpl,tform,tform_actions'); diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php index 70f26befb4aa485ac8501003f039367a1594b288..22702091da8c7230824a19fa0c09bc7def833062 100644 --- a/interface/web/admin/system_config_edit.php +++ b/interface/web/admin/system_config_edit.php @@ -78,7 +78,7 @@ class page_action extends tform_actions { } function onUpdateSave($sql) { - global $app; + global $app,$conf; if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges'); $app->uses('ini_parser,getconf'); @@ -90,7 +90,7 @@ class page_action extends tform_actions { $server_config_str = $app->ini_parser->get_ini_string($server_config_array); $sql = "UPDATE sys_ini SET config = '".$app->db->quote($server_config_str)."' WHERE sysini_id = 1"; - $app->db->query($sql); + if($conf['demo_mode'] != true) $app->db->query($sql); /* * If we should use the domain-module, we have to insert all existing domains into the table diff --git a/interface/web/admin/users_del.php b/interface/web/admin/users_del.php index b4f3e722397989b01b22d55e31f915bced4ea5ae..dfea889740a8d2b96380b386988cc53fb3c99c4e 100644 --- a/interface/web/admin/users_del.php +++ b/interface/web/admin/users_del.php @@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('admin'); +if($conf['demo_mode'] == true && $_REQUEST['id'] <= 3) $app->error('This function is disabled in demo mode.'); $app->uses("tform_actions"); $app->tform_actions->onDelete(); diff --git a/interface/web/admin/users_edit.php b/interface/web/admin/users_edit.php index 2bf4dcc6a59585a17bacb370691f82e0c2d03cb7..ae2298615c41005aa2d30f240efcd91adeac8492 100644 --- a/interface/web/admin/users_edit.php +++ b/interface/web/admin/users_edit.php @@ -61,6 +61,8 @@ class page_action extends tform_actions { function onBeforeUpdate() { global $app, $conf; + if($conf['demo_mode'] == true && $_REQUEST['id'] <= 3) $app->error('This function is disabled in demo mode.'); + if(@is_array($this->dataRecord['modules']) && !in_array($this->dataRecord['startmodule'],$this->dataRecord['modules'])) { $app->tform->errorMessage .= $app->tform->wordbook['startmodule_err']; } diff --git a/interface/web/client/client_del.php b/interface/web/client/client_del.php index 11cfdb7e5b1cc0aa1688f49b6cf64d51eb2cbc71..184b8f2488069a352067f1729dacbc8109c94ff9 100644 --- a/interface/web/client/client_del.php +++ b/interface/web/client/client_del.php @@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php'); //* Check permissions for module $app->auth->check_module_permissions('client'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses('tpl,tform'); $app->load('tform_actions'); diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php index 5714220234e5518d575615bdb5e6a4b2de3de214..5da71107e0b232e80d06bc59e8bb928bd5c0d044 100644 --- a/interface/web/client/client_edit.php +++ b/interface/web/client/client_edit.php @@ -178,7 +178,7 @@ class page_action extends tform_actions { global $app; // username changed - if(isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) { + if($conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) { $username = $app->db->quote($this->dataRecord["username"]); $client_id = $this->id; $sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id"; @@ -190,7 +190,7 @@ class page_action extends tform_actions { } // password changed - if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') { + if($conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') { $password = $app->db->quote($this->dataRecord["password"]); $client_id = $this->id; $sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id"; @@ -198,7 +198,7 @@ class page_action extends tform_actions { } // language changed - if(isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) { + if($conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) { $language = $app->db->quote($this->dataRecord["language"]); $client_id = $this->id; $sql = "UPDATE sys_user SET language = '$language' WHERE client_id = $client_id"; diff --git a/interface/web/client/reseller_del.php b/interface/web/client/reseller_del.php index f75eceab8f8e1837fea916733981ecbe3f1be22c..fefd3706065ee04dfe44711634403290024e755a 100644 --- a/interface/web/client/reseller_del.php +++ b/interface/web/client/reseller_del.php @@ -55,6 +55,8 @@ class page_action extends tform_actions { function onBeforeDelete() { global $app, $conf; + if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); + $client_id = intval($this->dataRecord['client_id']); $tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE parent_client_id = ".$client_id); diff --git a/interface/web/client/reseller_edit.php b/interface/web/client/reseller_edit.php index b58ba8f7c5cb69af2a70c64d1e9863f7e9d70bf7..44c65be45174430e77b5d858375dcf36982e2448 100644 --- a/interface/web/client/reseller_edit.php +++ b/interface/web/client/reseller_edit.php @@ -173,7 +173,7 @@ class page_action extends tform_actions { global $app, $conf; // username changed - if(isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) { + if($conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) { $username = $app->db->quote($this->dataRecord["username"]); $client_id = $this->id; $sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id"; @@ -185,7 +185,7 @@ class page_action extends tform_actions { } // password changed - if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') { + if($conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') { $password = $app->db->quote($this->dataRecord["password"]); $client_id = $this->id; $sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id"; @@ -193,7 +193,7 @@ class page_action extends tform_actions { } // language changed - if(isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) { + if($conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) { $language = $app->db->quote($this->dataRecord["language"]); $client_id = $this->id; $sql = "UPDATE sys_user SET language = '$language' WHERE client_id = $client_id"; diff --git a/interface/web/designer/form_edit.php b/interface/web/designer/form_edit.php index 4ea74c2e0cca4c5cc072704285104440f3d91186..90acd2e1b51c910a4c92db242a2ad7401e5d071f 100644 --- a/interface/web/designer/form_edit.php +++ b/interface/web/designer/form_edit.php @@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php'); require_once('../../lib/app.inc.php'); if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required."); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); //* Check permissions for module $app->auth->check_module_permissions('designer'); diff --git a/interface/web/designer/module_edit.php b/interface/web/designer/module_edit.php index 9a8df309e901efeb2da1092114d02a19cd27c122..26e229a7d8b90f6800b816f53a3f569d60f708e0 100644 --- a/interface/web/designer/module_edit.php +++ b/interface/web/designer/module_edit.php @@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php'); require_once('../../lib/app.inc.php'); if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required."); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); //* Check permissions for module $app->auth->check_module_permissions('designer'); diff --git a/interface/web/designer/module_nav_del.php b/interface/web/designer/module_nav_del.php index 18c5bf4d14c09f3968446e6c14d95a9cfd4d7e40..b0fd55a7be45f7a4044282a7cb0ddd30a46dc978 100644 --- a/interface/web/designer/module_nav_del.php +++ b/interface/web/designer/module_nav_del.php @@ -34,6 +34,7 @@ if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required."); //* Check permissions for module $app->auth->check_module_permissions('designer'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); // Lade Template $app->uses('tpl'); diff --git a/interface/web/designer/module_nav_edit.php b/interface/web/designer/module_nav_edit.php index 73c010e821457c4f4165811932dbe5fbf6fed61e..a7acf40c10e7a6a5b2c054a6cf77f43b3865f2b6 100644 --- a/interface/web/designer/module_nav_edit.php +++ b/interface/web/designer/module_nav_edit.php @@ -34,6 +34,7 @@ require_once('../../lib/app.inc.php'); if($_SESSION['s']['user']['typ'] != 'admin'){ die('Admin permissions required.'); } +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); //* Check permissions for module $app->auth->check_module_permissions('designer'); diff --git a/interface/web/designer/module_nav_flip.php b/interface/web/designer/module_nav_flip.php index f3fc164d94c0068f0ade0e18834ff779f8f6f7e8..6599a5ff6b19e7b8b7a9c8eafbb389665f1404e7 100644 --- a/interface/web/designer/module_nav_flip.php +++ b/interface/web/designer/module_nav_flip.php @@ -34,6 +34,7 @@ if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required."); //* Check permissions for module $app->auth->check_module_permissions('designer'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); // Lade Template $app->uses('tpl'); diff --git a/interface/web/designer/module_nav_item_del.php b/interface/web/designer/module_nav_item_del.php index cd458cd21e0d930628a6262778b6270dbb830c51..6360c46edb00e7012786d44015e7177b9a84949e 100644 --- a/interface/web/designer/module_nav_item_del.php +++ b/interface/web/designer/module_nav_item_del.php @@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php'); require_once('../../lib/app.inc.php'); if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required."); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); //* Check permissions for module $app->auth->check_module_permissions('designer'); diff --git a/interface/web/designer/module_nav_item_edit.php b/interface/web/designer/module_nav_item_edit.php index 5948aba5b87d6df4c172a09fbd6d44d463b07591..21e1e3594e885d4b5b4bc7ec2aa6c53e959ba848 100644 --- a/interface/web/designer/module_nav_item_edit.php +++ b/interface/web/designer/module_nav_item_edit.php @@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php'); require_once('../../lib/app.inc.php'); if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required."); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); //* Check permissions for module $app->auth->check_module_permissions('designer'); diff --git a/interface/web/designer/module_nav_item_flip.php b/interface/web/designer/module_nav_item_flip.php index 2ec0566af4db9ea6d51f2a06ac4befc93cdc978f..1aec179fff65b70c13bc02e9429c805f5248fac4 100644 --- a/interface/web/designer/module_nav_item_flip.php +++ b/interface/web/designer/module_nav_item_flip.php @@ -31,6 +31,7 @@ require_once('../../lib/config.inc.php'); require_once('../../lib/app.inc.php'); if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required."); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); //* Check permissions for module $app->auth->check_module_permissions('designer'); diff --git a/interface/web/remote/index.php b/interface/web/remote/index.php index 78e8d0134f775cf528f4f1fcdd433e4f2c664373..1fa5e607b9eeb52e9b5879efa6405e11499946b2 100644 --- a/interface/web/remote/index.php +++ b/interface/web/remote/index.php @@ -4,6 +4,8 @@ require_once('../../lib/config.inc.php'); $conf['start_session'] = false; require_once('../../lib/app.inc.php'); +if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); + $app->load('remoting'); $server = new SoapServer(null, array('uri' => $_SERVER['REQUEST_URI'])); diff --git a/interface/web/tools/user_settings.php b/interface/web/tools/user_settings.php index d6638141507327ac7112992a79a517eabcb0df8d..b67a1abb5c973a4e1721435d975d53d7a7a464a7 100644 --- a/interface/web/tools/user_settings.php +++ b/interface/web/tools/user_settings.php @@ -81,6 +81,8 @@ class page_action extends tform_actions { function onBeforeUpdate() { global $app, $conf; + if($conf['demo_mode'] == true && $this->id <= 3) $app->tform->errorMessage .= 'This function is disabled in demo mode.'; + if($_POST['passwort'] != $_POST['passwort2']) { $app->tform->errorMessage = $app->tform->lng('password_mismatch'); }