Skip to content
GitLab
Commit ecb6b3a8 authored by mcramer's avatar mcramer
Browse files

- Added database, database_user and vhost subdomain functions to the remoting 

- Added interface plugins for db and db users
- changed remoting (splitted up insert, update and deletequery)
parent cb1aa5f1
Hide whitespace changes
Inline Side-by-side
interface/lib/classes/remoting.inc.php
View file @ ecb6b3a8
......@@ -1113,7 +1113,7 @@ class remoting {
$client_id = intval($client_id);
$client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
$tables_array = explode(',',$tables);
$client_group_id = intval($client_group['groupid']);
......@@ -1143,7 +1143,7 @@ class remoting {
$app->db->query("DELETE FROM sys_user WHERE client_id = $client_id");
// Delete all records (sub-clients, mail, web, etc....) of this client.
$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
$tables_array = explode(',',$tables);
$client_group_id = intval($client_group['groupid']);
if($client_group_id > 1) {
......@@ -1257,7 +1257,19 @@ class remoting {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
return $this->insertQuery('../sites/form/database.tform.php',$client_id,$params);
$sql = $this->insertQueryPrepare('../sites/form/database.tform.php', $client_id, $params);
if($sql !== false) {
$app->uses('sites_database_plugin');
$this->id = 0;
$this->dataRecord = $params;
$app->sites_database_plugin->processDatabaseInsert($this);
return $this->insertQueryExecute($sql, $params);
}
return false;
}
//* Update a record
......@@ -1267,8 +1279,18 @@ class remoting {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->updateQuery('../sites/form/database.tform.php',$client_id,$primary_id,$params);
return $affected_rows;
$sql = $this->updateQueryPrepare('../sites/form/database.tform.php', $client_id, $primary_id, $params);
if($sql !== false) {
$app->uses('sites_database_plugin');
$this->id = $primary_id;
$this->dataRecord = $params;
$app->sites_database_plugin->processDatabaseUpdate($this);
return $this->updateQueryExecute($sql, $primary_id, $params);
}
return false;
}
//* Delete a record
......@@ -1278,12 +1300,66 @@ class remoting {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$app->uses('sites_database_plugin');
$app->sites_database_plugin->processDatabaseDelete($primary_id);
$affected_rows = $this->deleteQuery('../sites/form/database.tform.php',$primary_id);
return $affected_rows;
}
// ----------------------------------------------------------------------------------------------------------
//* Get record details
public function sites_database_user_get($session_id, $primary_id)
{
global $app;
if(!$this->checkPerm($session_id, 'sites_database_user_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$app->uses('remoting_lib');
$app->remoting_lib->loadFormDef('../sites/form/database_user.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
//* Add a record
public function sites_database_user_add($session_id, $client_id, $params)
{
if(!$this->checkPerm($session_id, 'sites_database_user_add')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
return $this->insertQuery('../sites/form/database_user.tform.php', $client_id, $params);
}
//* Update a record
public function sites_database_user_update($session_id, $client_id, $primary_id, $params)
{
if(!$this->checkPerm($session_id, 'sites_database_user_update')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
return $this->updateQuery('../sites/form/database_user.tform.php', $client_id, $primary_id, $params);
}
//* Delete a record
public function sites_database_user_delete($session_id, $primary_id)
{
if(!$this->checkPerm($session_id, 'sites_database_user_delete')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../sites/form/database_user.tform.php',$primary_id);
return $affected_rows;
}
// ----------------------------------------------------------------------------------------------------------
//* Get record details
public function sites_ftp_user_get($session_id, $primary_id)
{
......@@ -2527,7 +2603,7 @@ class remoting {
protected function klientadd($formdef_file, $reseller_id, $params)
{
global $app, $tform, $remoting_lib;
global $app;
$app->uses('remoting_lib');
//* Load the form definition
......@@ -2599,9 +2675,16 @@ class remoting {
return $insert_id;
}
protected function insertQuery($formdef_file, $client_id, $params,$event_identifier = '')
protected function insertQuery($formdef_file, $client_id, $params,$event_identifier = '')
{
global $app, $tform, $remoting_lib;
$sql = $this->insertQueryPrepare($formdef_file, $client_id, $params);
if($sql !== false) return $this->insertQueryExecute($sql, $params,$event_identifier = '');
else return false;
}
protected function insertQueryPrepare($formdef_file, $client_id, $params)
{
global $app;
$app->uses('remoting_lib');
......@@ -2618,6 +2701,15 @@ class remoting {
return false;
}
return $sql;
}
protected function insertQueryExecute($sql, $params,$event_identifier = '')
{
global $app;
$app->uses('remoting_lib');
$app->db->query($sql);
if($app->db->errorMessage != '') {
......@@ -2641,12 +2733,20 @@ class remoting {
}
return $insert_id;
}
protected function updateQuery($formdef_file, $client_id, $primary_id, $params, $event_identifier = '')
{
global $app;
$sql = $this->updateQueryPrepare($formdef_file, $client_id, $primary_id, $params);
if($sql !== false) return $this->updateQueryExecute($sql, $primary_id, $params,$event_identifier = '');
else return false;
}
protected function updateQueryPrepare($formdef_file, $client_id, $primary_id, $params)
{
global $app;
$app->uses('remoting_lib');
//* load the user profile of the client
......@@ -2663,6 +2763,15 @@ class remoting {
return false;
}
return $sql;
}
protected function updateQueryExecute($sql, $primary_id, $params, $event_identifier = '')
{
global $app;
$app->uses('remoting_lib');
$old_rec = $app->remoting_lib->getDataRecord($primary_id);
// set a few values for compatibility with tform actions, mostly used by plugins
......@@ -2689,7 +2798,7 @@ class remoting {
return $affected_rows;
}
protected function deleteQuery($formdef_file, $primary_id, $event_identifier = '')
{
global $app;
......@@ -2964,7 +3073,7 @@ class remoting {
return false;
}
$client_id = intval($client_id);
$sql = "SELECT d.database_id, d.database_name, d.database_user, d.database_password FROM web_database d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
$sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
$all = $app->db->queryAllRecords($sql);
return $all;
}
......
interface/lib/classes/sites_database_plugin.inc.php 0 → 100644
View file @ ecb6b3a8
<?php
/*
Copyright (c) 2012, Marius Cramer, pixcept KG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
class sites_database_plugin {
public function processDatabaseInsert($form_page) {
global $app;
if($form_page->dataRecord["parent_domain_id"] > 0) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($form_page->dataRecord["parent_domain_id"]));
//* The Database user shall be owned by the same group then the website
$sys_groupid = $web['sys_groupid'];
} else {
$sys_groupid = $form_page->dataRecord['sys_groupid'];
}
if($form_page->dataRecord['database_user_id']) {
// check if there has already been a database on this server with that user
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($check && $check['cnt'] < 1) {
// we need to make a datalog insert for the database users that are connected to this database
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $form_page->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
}
}
}
if($form_page->dataRecord['database_ro_user_id']) {
// check if there has already been a database on this server with that user
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($check && $check['cnt'] < 1) {
// we need to make a datalog insert for the database users that are connected to this database
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $form_page->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
}
}
}
}
public function processDatabaseUpdate($form_page) {
global $app;
$old_record = $app->tform->getDataRecord($form_page->id);
if($form_page->dataRecord["parent_domain_id"] > 0) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($form_page->dataRecord["parent_domain_id"]));
//* The Database user shall be owned by the same group then the website
$sys_groupid = $web['sys_groupid'];
} else {
$sys_groupid = $form_page->dataRecord['sys_groupid'];
}
// check if database user has changed
if($old_record['database_user_id'] && $old_record['database_user_id'] != $form_page->dataRecord['database_user_id'] && $old_record['database_user_id'] != $form_page->dataRecord['database_ro_user_id']) {
// check if any database on the server still uses this one
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "' AND `database_id` != '" . intval($form_page->id) . "'");
if($check['cnt'] < 1) {
// send a datalog delete
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $form_page->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
}
// check if readonly database user has changed
if($old_record['database_ro_user_id'] && $old_record['database_ro_user_id'] != $form_page->dataRecord['database_ro_user_id'] && $old_record['database_ro_user_id'] != $form_page->dataRecord['database_user_id']) {
// check if any database on the server still uses this one
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "' AND `database_id` != '" . intval($form_page->id) . "'");
if($check['cnt'] < 1) {
// send a datalog delete
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $form_page->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
}
if($form_page->dataRecord['database_user_id']) {
// check if there has already been a database on this server with that user
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($check && $check['cnt'] < 1) {
// we need to make a datalog insert for the database users that are connected to this database
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($form_page->dataRecord['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $form_page->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
}
}
}
if($form_page->dataRecord['database_ro_user_id']) {
// check if there has already been a database on this server with that user
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($check && $check['cnt'] < 1) {
// we need to make a datalog insert for the database users that are connected to this database
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($form_page->dataRecord['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $form_page->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
}
}
}
}
public function processDatabaseDelete($primary_id) {
global $app;
$old_record = $app->tform->getDataRecord($primary_id);
if($old_record['database_user_id']) {
// check if any database on the server still uses this one
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($old_record['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_user_id']) . "') AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "' AND `database_id` != '" . intval($primary_id) . "'");
if($check['cnt'] < 1) {
// send a datalog delete
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_user_id']) . "' AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "'");
if($db_user) {
$db_user['server_id'] = $old_record['server_id'];
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
}
if($old_record['database_ro_user_id']) {
// check if any database on the server still uses this one
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($old_record['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "' AND `database_id` != '" . intval($primary_id) . "'");
if($check['cnt'] < 1) {
// send a datalog delete
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "'");
if($db_user) {
$db_user['server_id'] = $old_record['server_id'];
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
}
}
}
?>
interface/lib/classes/tform_actions.inc.php
View file @ ecb6b3a8
......@@ -107,7 +107,8 @@ class tform_actions {
// Save record in database
$this->onUpdateSave($sql);
$app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_update_save',array('page_form'=>$this, 'sql'=>$sql));
// loading plugins
$next_tab = $app->tform->getCurrentTab();
$this->loadPlugins($next_tab);
......@@ -185,7 +186,8 @@ class tform_actions {
if($app->tform->errorMessage == '') {
$this->id = $this->onInsertSave($sql);
$app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_insert_save',array('page_form'=>$this, 'sql'=>$sql));
// loading plugins
$next_tab = $app->tform->getCurrentTab();
$this->loadPlugins($next_tab);
......
interface/lib/plugins/sites_web_database_user_plugin.inc.php 0 → 100644
View file @ ecb6b3a8
<?php
/**
* sites_web_database_user_plugin plugin
*
* @author Marius Cramer <m.cramer@pixcept.de> pixcept KG 2012
*/
class sites_web_database_user_plugin {
var $plugin_name = 'sites_web_database_user_plugin';
var $class_name = 'sites_web_database_user_plugin';
/*
This function is called when the plugin is loaded
*/
function onLoad() {
global $app;
//Register for the events
$app->plugin->registerEvent('sites:web_database_user:on_after_update','sites_web_database_user_plugin','sites_web_database_user_edit');
$app->plugin->registerEvent('sites:web_database_user:on_after_insert','sites_web_database_user_plugin','sites_web_database_user_edit');
}
/*
Function to create the sites_web_database_user rule and insert it into the custom rules
*/
function sites_web_database_user_edit($event_name, $page_form) {
global $app, $conf;
// make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
// also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = intval($page_form->dataRecord["client_group_id"]);
$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$page_form->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = intval($page_form->dataRecord["client_group_id"]);
$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE domain_id = ".$page_form->id);
}
}
}
\ No newline at end of file
interface/web/sites/database_del.php
View file @ ecb6b3a8
......@@ -51,32 +51,8 @@ class page_action extends tform_actions {
global $app; $conf;
if($app->tform->checkPerm($this->id,'d') == false) $app->error($app->lng('error_no_delete_permission'));
$old_record = $app->tform->getDataRecord($this->id);
if($old_record['database_user_id']) {
// check if any database on the server still uses this one
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($old_record['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_user_id']) . "') AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "' AND `database_id` != '" . intval($this->id) . "'");
if($check['cnt'] < 1) {
// send a datalog delete
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_user_id']) . "' AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "'");
if($db_user) {
$db_user['server_id'] = $old_record['server_id'];
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
}
if($old_record['database_ro_user_id']) {
// check if any database on the server still uses this one
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($old_record['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "' AND `database_id` != '" . intval($this->id) . "'");
if($check['cnt'] < 1) {
// send a datalog delete
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($old_record['sys_groupid']) . "'");
if($db_user) {
$db_user['server_id'] = $old_record['server_id'];
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
}
$app->uses('sites_database_plugin');
$app->sites_database_plugin->processDatabaseDelete($this->id);
}
}
......
interface/web/sites/database_edit.php
View file @ ecb6b3a8
......@@ -294,44 +294,10 @@ class page_action extends tform_actions {
function onInsertSave($sql) {
global $app, $conf;
if($this->dataRecord["parent_domain_id"] > 0) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
//* The Database user shall be owned by the same group then the website
$sys_groupid = $web['sys_groupid'];
} else {
$sys_groupid = $this->dataRecord['sys_groupid'];
}
if($this->dataRecord['database_user_id']) {
// check if there has already been a database on this server with that user
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($this->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($this->dataRecord['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($check && $check['cnt'] < 1) {
// we need to make a datalog insert for the database users that are connected to this database
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($this->dataRecord['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $this->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
}
}
}
if($this->dataRecord['database_ro_user_id']) {
// check if there has already been a database on this server with that user
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "' OR `database_ro_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($check && $check['cnt'] < 1) {
// we need to make a datalog insert for the database users that are connected to this database
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($this->dataRecord['database_ro_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $this->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
}
}
}
$app->uses('sites_database_plugin');
$app->sites_database_plugin->processDatabaseInsert($this);
$app->db->query($sql);
if($app->db->errorMessage != '') die($app->db->errorMessage);
......@@ -343,71 +309,8 @@ class page_action extends tform_actions {
function onUpdateSave($sql) {
global $app;
if(!empty($sql) && !$app->tform->isReadonlyTab($app->tform->getCurrentTab(),$this->id)) {
$old_record = $app->tform->getDataRecord($this->id);
if($this->dataRecord["parent_domain_id"] > 0) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
//* The Database user shall be owned by the same group then the website
$sys_groupid = $web['sys_groupid'];
} else {
$sys_groupid = $this->dataRecord['sys_groupid'];
}
// check if database user has changed
if($old_record['database_user_id'] && $old_record['database_user_id'] != $this->dataRecord['database_user_id'] && $old_record['database_user_id'] != $this->dataRecord['database_ro_user_id']) {
// check if any database on the server still uses this one
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . intval($this->dataRecord['server_id']) . "' AND (`database_user_id` = '" . intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . intval($old_record['database_user_id']) . "') AND `sys_groupid` = '" . intval($sys_groupid) . "' AND `database_id` != '" . intval($this->id) . "'");
if($check['cnt'] < 1) {
// send a datalog delete
$db_user = $app->db->queryOneRecord("SELECT * FROM `web_database_user` WHERE `database_user_id` = '" . intval($old_record['database_user_id']) . "' AND `sys_groupid` = '" . intval($sys_groupid) . "'");
if($db_user) {
$db_user['server_id'] = $this->dataRecord['server_id'];
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
}
// check if readonly database user has changed
if($old_record['database_ro_user_id'] && $old_record['database_ro_user_id'] != $this->dataRecord['database_ro_user_id'] && $old_record['database_ro_user_id'] != $this->dataRecord['database_user_id']) {
// check if any database on the server still uses this one