From c4ff8259c95c34b9b501ba9d19d3380e9ee9edde Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Fri, 1 Aug 2008 20:59:08 +0000
Subject: [PATCH] Fixed: when creating a cp user with modules "mail,dns,sites"
 and start module "monitor" he gets "LOGIN_REDIRECT:/index.php" after login
 in. Added: Better username regular expression check.

---
 interface/web/admin/form/users.tform.php      | 12 ++++++++++--
 interface/web/admin/lib/lang/en_users.lng     |  5 ++++-
 .../web/admin/templates/users_user_edit.htm   |  6 +++---
 interface/web/admin/users_edit.php            | 19 ++++++++++++++++---
 interface/web/client/form/client.tform.php    |  3 +++
 interface/web/client/lib/lang/en_client.lng   |  1 +
 .../client/templates/client_edit_address.htm  |  6 +++---
 7 files changed, 40 insertions(+), 12 deletions(-)

diff --git a/interface/web/admin/form/users.tform.php b/interface/web/admin/form/users.tform.php
index 244892ae0c..06be9dbc44 100644
--- a/interface/web/admin/form/users.tform.php
+++ b/interface/web/admin/form/users.tform.php
@@ -137,8 +137,16 @@ $form['tabs']['users'] = array (
 		'username' => array (
 			'datatype'	=> 'VARCHAR',
 			'formtype'	=> 'TEXT',
-			'regex'		=> '/^.{1,30}$/',
-			'errmsg'	=> 'username_err',
+			'validators'	=> array ( 	0 => array (	'type'	=> 'NOTEMPTY',
+														'errmsg'=> 'username_empty'),
+										1 => array (	'type'	=> 'UNIQUE',
+														'errmsg'=> 'username_unique'),
+										2 => array (	'type'	=> 'REGEX',
+														'regex' => '/^[\w\.\-\_]{0,50}$/',
+														'errmsg'=> 'username_err'),
+									),
+			'regex'		=> '',
+			'errmsg'	=> '',
 			'default'	=> '',
 			'value'		=> '',
 			'separator'	=> '',
diff --git a/interface/web/admin/lib/lang/en_users.lng b/interface/web/admin/lib/lang/en_users.lng
index 73ddaad437..5a7b639358 100644
--- a/interface/web/admin/lib/lang/en_users.lng
+++ b/interface/web/admin/lib/lang/en_users.lng
@@ -1,6 +1,8 @@
 <?php
 $wb["username_txt"] = 'Username';
-$wb["username_err"] = 'username_err';
+$wb["username_err"] = 'The username is too long or contains invalid characters.';
+$wb["username_empty"] = 'The username is empty.';
+$wb["username_unique"] = 'There is already a user with this username.';
 $wb["passwort_txt"] = 'Password';
 $wb["modules_txt"] = 'Module';
 $wb["startmodule_txt"] = 'Startmodule';
@@ -24,4 +26,5 @@ $wb["default_group_txt"] = 'Default Group';
 $wb["active_txt"] = 'Active';
 $wb["btn_save_txt"] = 'Save';
 $wb["btn_cancel_txt"] = 'Cancel';
+$wb["startmodule_err"] = 'Start module is not within modules.';
 ?>
\ No newline at end of file
diff --git a/interface/web/admin/templates/users_user_edit.htm b/interface/web/admin/templates/users_user_edit.htm
index c8c01d3865..6b5ab4dea3 100644
--- a/interface/web/admin/templates/users_user_edit.htm
+++ b/interface/web/admin/templates/users_user_edit.htm
@@ -1,7 +1,7 @@
 <table width="500" border="0" cellspacing="0" cellpadding="2">
   <tr>
     <td class="frmText11">{tmpl_var name='username_txt'}:</td>
-    <td class="frmText11"><input name="username" type="text" class="text" value="{tmpl_var name='username'}" size="15" maxlength="30"></td>
+    <td class="frmText11"><input name="username" type="text" class="text" value="{tmpl_var name='username'}" size="15" maxlength="50"></td>
   </tr>
   <tr>
     <td class="frmText11">{tmpl_var name='passwort_txt'}:</td>
@@ -47,6 +47,6 @@
     <td><input name="btn_save" type="button" class="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','admin/users_edit.php');"><div class="buttonEnding"></div>&nbsp;
       <input name="btn_cancel" type="button" class="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('admin/users_list.php');"><div class="buttonEnding"></div>
     </td>
-  </tr>
-</table>
+  </tr>
+</table>
 <input type="hidden" name="id" value="{tmpl_var name='id'}">
\ No newline at end of file
diff --git a/interface/web/admin/users_edit.php b/interface/web/admin/users_edit.php
index 16e6f0a07a..b8ccbf2d90 100644
--- a/interface/web/admin/users_edit.php
+++ b/interface/web/admin/users_edit.php
@@ -1,6 +1,6 @@
 <?php
 /*
-Copyright (c) 2007, Till Brehm, projektfarm Gmbh
+Copyright (c) 2008, Till Brehm, projektfarm Gmbh
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -46,8 +46,21 @@ $app->auth->check_module_permissions('admin');
 
 // Loading classes
 $app->uses('tpl,tform,tform_actions');
+$app->load('tform_actions');
 
-// let tform_actions handle the page
-$app->tform_actions->onLoad();
+class page_action extends tform_actions {
+	
+	function onBeforeInsert() {
+		global $app, $conf;
+		
+		if(!in_array($this->dataRecord['startmodule'],$this->dataRecord['modules'])) {
+			$app->tform->errorMessage .= $app->tform->wordbook['startmodule_err'];
+		}
+	}
+
+}
+
+$page = new page_action;
+$page->onLoad();
 
 ?>
\ No newline at end of file
diff --git a/interface/web/client/form/client.tform.php b/interface/web/client/form/client.tform.php
index 11def8efe9..c7696c3111 100644
--- a/interface/web/client/form/client.tform.php
+++ b/interface/web/client/form/client.tform.php
@@ -92,6 +92,9 @@ $form["tabs"]['address'] = array (
 														'class' => 'validate_client',
 														'function' => 'username_unique',
 														'errmsg'=> 'username_error_unique'),
+										2 => array (	'type'	=> 'REGEX',
+														'regex' => '/^[\w\.\-\_]{0,50}$/',
+														'errmsg'=> 'username_error_regex'),
 										),
 			'default'	=> '',
 			'value'		=> '',
diff --git a/interface/web/client/lib/lang/en_client.lng b/interface/web/client/lib/lang/en_client.lng
index 1eb70e57da..5e8134a751 100644
--- a/interface/web/client/lib/lang/en_client.lng
+++ b/interface/web/client/lib/lang/en_client.lng
@@ -80,4 +80,5 @@ $wb["limit_client_error_notint"] = 'The sub client limit must be a number.';
 $wb["default_dbserver_txt"] = 'Default Database Server';
 $wb["limit_database_txt"] = 'Max. number of Databases';
 $wb["limit_database_error_notint"] = 'The database limit must be a number.';
+$wb["username_error_regex"] = 'The Username contains invalid chracaters.';
 ?>
\ No newline at end of file
diff --git a/interface/web/client/templates/client_edit_address.htm b/interface/web/client/templates/client_edit_address.htm
index 499e230b99..0df4029e1b 100644
--- a/interface/web/client/templates/client_edit_address.htm
+++ b/interface/web/client/templates/client_edit_address.htm
@@ -9,7 +9,7 @@
   </tr>
   <tr>
     <td class="frmText11">{tmpl_var name='username_txt'}:</td>
-    <td class="frmText11"><input name="username" type="text" class="text" value="{tmpl_var name='username'}" size="30" maxlength="255"></td>
+    <td class="frmText11"><input name="username" type="text" class="text" value="{tmpl_var name='username'}" size="30" maxlength="50"></td>
   </tr>
   <tr>
     <td class="frmText11">{tmpl_var name='password_txt'}:</td>
@@ -87,6 +87,6 @@
     <td><input name="btn_save" type="button" class="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','client/client_edit.php');"><div class="buttonEnding"></div>&nbsp;
       <input name="btn_cancel" type="button" class="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('client/client_list.php');"><div class="buttonEnding"></div>
     </td>
-  </tr>
-</table>
+  </tr>
+</table>
 <input type="hidden" name="id" value="{tmpl_var name='id'}">
\ No newline at end of file
-- 
GitLab