2006-04-26 12:28:53 +00:00
< ? php
/*
$Id : m_admin . php , v 1.16 2006 / 02 / 09 20 : 12 : 22 benjamin Exp $
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright ( C ) 2006 Le r<EFBFBD> seau Koumbit Inc .
http :// koumbit . org /
----------------------------------------------------------------------
LICENSE
This program is free software ; you can redistribute it and / or
modify it under the terms of the GNU General Public License ( GPL )
as published by the Free Software Foundation ; either version 2
of the License , or ( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
To read the license please visit http :// www . gnu . org / copyleft / gpl . html
----------------------------------------------------------------------
Original Author of file : Benjamin Sonntag
Purpose of file : Administrate members and rights .
----------------------------------------------------------------------
*/
/* ----------------------------------------------------------------- */
/**
* Classe de gestion de l ' administration du serveur par les super - admin .
*
* Cette classe permet de cr<EFBFBD> er / modifier / d<EFBFBD> truire les comptes , ainsi que de
* modifier les param<EFBFBD> tres du serveur .< br />
* Copyleft { @ link http :// alternc . net / AlternC Team }
*
*
*/
class m_admin {
/* ----------------------------------------------------------------- */
/**
* $enabled precises if the logged user is super - admin or not
*/
var $enabled = 0 ;
/* ----------------------------------------------------------------- */
/** List of the controls made for each TLD
*
* $tldmode is used by the administration panel , while choosing
* the authorized TLDs . It ' s an array of strings explaining the current state of the TLD .
*/
var $tldmode = array (
2006-06-28 22:38:28 +00:00
0 => " This TLD is forbidden " ,
1 => " primary DNS is checked in WHOIS db " ,
2 => " primary & secondary DNS are checked in WHOIS db " ,
3 => " Domain must exist, but don't do any DNS check " ,
4 => " Domain can be installed, no check at all " ,
5 => " Domain can be installed, force NO DNS hosting " ,
2006-04-26 12:28:53 +00:00
);
/* ----------------------------------------------------------------- */
/**
* Constructeur
*/
function m_admin () {
global $db , $cuid ;
$db -> query ( " SELECT su FROM membres WHERE uid=' $cuid '; " );
$db -> next_record ();
$this -> enabled = $db -> f ( " su " );
}
/* ----------------------------------------------------------------- */
/**
* Returns the known information about a hosted account
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* Returns all what we know about an account ( contents of the tables
* < code > membres </ code > et < code > local </ code > )
* Ckecks if the account is super - admin
* @ param integer $uid a unique integer identifying the account
* @ return an associative array containing all the fields of the
* table < code > membres </ code > and < code > local </ code > of the corresponding account .
* Returns FALSE if an error occurs .
*
2007-05-11 01:29:28 +00:00
* Retourne tout ce que l ' on sait sur un membre ( contenu des tables < code > membres et local </ code > )
2006-04-26 12:28:53 +00:00
* v<EFBFBD> rifie que le compte appelant est super - admin
* @ param integer $uid Num<EFBFBD> ro de l ' utilisateur dont on veut les informations .
* @ return array Retourne un tableau associatif contenant l 'ensemble des champs des tables ' membres '
* et 'local' pour le membre demand<EFBFBD> . Retourne FALSE si une erreur s ' est produite .
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
function get ( $uid ) {
global $err , $db ;
// $err->log("admin","get",$uid);
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
2009-01-28 19:17:56 +00:00
$db -> query ( " SELECT m.*, parent.login as parentlogin FROM membres as m LEFT JOIN membres as parent ON (parent.uid = m.creator) WHERE m.uid=' $uid '; " );
2006-04-26 12:28:53 +00:00
if ( $db -> num_rows ()) {
$db -> next_record ();
$c = $db -> Record ;
} else {
$err -> raise ( " admin " , 2 );
return false ;
}
$db -> query ( " SELECT * FROM local WHERE uid=' $uid '; " );
if ( $db -> num_rows ()) {
$db -> next_record ();
reset ( $db -> Record );
while ( list ( $key , $val ) = each ( $db -> Record )) {
$c [ $key ] = $val ;
}
}
return $c ;
}
2009-01-28 20:02:01 +00:00
/**
* Returns the known information about a specific hosted account
* Similar to get_list () but for creators / resellers .
*/
function get_creator ( $uid ) {
global $err , $db ;
// $err->log("admin","get",$uid);
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
$db -> query ( " SELECT m.*, parent.login as parentlogin FROM membres as m LEFT JOIN membres as parent ON (parent.uid = m.creator) WHERE m.uid=' $uid '; " );
if ( $db -> num_rows ()) {
$db -> next_record ();
$c = $db -> Record ;
} else {
$err -> raise ( " admin " , 2 );
return false ;
}
$db -> query ( " SELECT * FROM local WHERE uid=' $uid '; " );
if ( $db -> num_rows ()) {
$db -> next_record ();
reset ( $db -> Record );
while ( list ( $key , $val ) = each ( $db -> Record )) {
$c [ $key ] = $val ;
}
}
$db -> query ( " SELECT count(*) as nbcreated FROM membres WHERE creator=' $uid '; " );
if ( $db -> num_rows ()) {
$db -> next_record ();
reset ( $db -> Record );
while ( list ( $key , $val ) = each ( $db -> Record )) {
$c [ $key ] = $val ;
}
}
return $c ;
}
2006-04-26 12:28:53 +00:00
/* ----------------------------------------------------------------- */
2007-05-11 01:29:28 +00:00
/**
2006-04-26 12:28:53 +00:00
* @ return TRUE if there ' s only ONE admin account
* Retourne true s 'il n' existe qu ' un seul compte administrateur
*/
function onesu () {
global $db ;
$db -> query ( " SELECT COUNT(*) AS cnt FROM membres WHERE su=1 " );
$db -> next_record ();
return ( $db -> f ( " cnt " ) == 1 );
}
2007-09-09 21:55:18 +00:00
2006-04-26 12:28:53 +00:00
/* ----------------------------------------------------------------- */
/**
* Returns the list of the hosted accounts
* Retourne la liste des membres h<EFBFBD> berg<EFBFBD> s
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* Returns all what we know about ALL the accounts ( contents of the tables
* < code > membres </ code > et < code > local </ code > )
* Check for super - admin accounts
* @ param
* @ return an associative array containing all the fields of the
* table < code > membres </ code > and < code > local </ code > of all the accounts .
* Returns FALSE if an error occurs .
*
* Retourne tout ce que l ' on sait sur LES membres ( contenu de membres et local )
* v<EFBFBD> rifie que le compte appelant est super - admin
2007-05-11 01:29:28 +00:00
* @ return array Retourne un tableau index<EFBFBD> de tableaux associatifs contenant l ' ensemble des
* champs des tables 'membres' et 'local' pour les membre . Retourne FALSE si une erreur s ' est
2006-04-26 12:28:53 +00:00
* produite .
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
2009-01-28 20:02:01 +00:00
function get_list ( $all = 0 , $creator = 0 ) {
2006-04-26 12:28:53 +00:00
global $err , $mem , $cuid ;
$err -> log ( " admin " , " get_list " );
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
$db = new DB_System ();
2010-04-11 13:39:24 +00:00
if ( $creator ) {
2009-01-28 20:02:01 +00:00
// Limit listing to a specific reseller
$db -> query ( " SELECT uid FROM membres WHERE creator=' " . $creator . " ' ORDER BY login; " );
} elseif ( $mem -> user [ 'uid' ] == 2000 || $all ) {
2007-09-09 21:55:18 +00:00
$db -> query ( " SELECT uid FROM membres ORDER BY login; " );
2006-04-26 12:28:53 +00:00
} else {
2007-09-09 21:55:18 +00:00
$db -> query ( " SELECT uid FROM membres WHERE creator=' " . $cuid . " ' ORDER BY login; " );
2006-04-26 12:28:53 +00:00
}
if ( $db -> num_rows ()) {
while ( $db -> next_record ()) {
$c [] = $this -> get ( $db -> f ( " uid " ));
}
return $c ;
} else {
return false ;
}
}
2010-04-11 13:39:24 +00:00
2009-01-28 20:02:01 +00:00
/**
2009-02-03 21:00:00 +00:00
* Returns an array with the known information about resellers ( uid , login , number of accounts )
* Does not include account 2000 in the list .
2009-01-28 20:02:01 +00:00
* May only be called by the admin account ( 2000 )
2009-02-03 21:00:00 +00:00
* If there are no reseller accounts , returns an empty array .
2009-01-28 20:02:01 +00:00
*/
function get_creator_list () {
global $err , $mem , $cuid ;
2009-02-03 20:58:04 +00:00
$creators = array ();
2009-01-28 20:02:01 +00:00
$err -> log ( " admin " , " get_reseller_list " );
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
if ( $cuid != 2000 ) {
$err -> raise ( " admin " , 1 );
2009-02-03 20:58:04 +00:00
return $creators ;
2009-01-28 20:02:01 +00:00
}
$db = new DB_System ();
$db -> query ( " SELECT distinct creator FROM membres WHERE creator <> 0 ORDER BY creator asc; " );
if ( $db -> num_rows ()) {
while ( $db -> next_record ()) {
2009-02-03 20:58:04 +00:00
$creators [] = $this -> get_creator ( $db -> f ( " creator " ));
2009-01-28 20:02:01 +00:00
}
}
2009-02-03 20:58:04 +00:00
return $creators ;
2009-01-28 20:02:01 +00:00
}
2006-04-26 12:28:53 +00:00
/* ----------------------------------------------------------------- */
/**
* Check if I am the creator of the member $uid
*
* @ param integer $uid a unique integer identifying the account
*/
function checkcreator ( $uid ) {
global $err , $mem , $db , $cuid ;
2009-11-30 05:02:53 +00:00
// Check that the current user is editing one of it's own account !
2006-04-26 12:28:53 +00:00
// but ADMIN (always uid 2000) is almighty
if ( $cuid == 2000 ) {
return true ;
}
$db -> query ( " SELECT creator FROM membres WHERE uid=' $uid '; " );
$db -> next_record ();
2009-09-08 05:29:38 +00:00
if ( $db -> Record [ " creator " ] != $cuid ) {
2006-04-26 12:28:53 +00:00
$err -> raise ( " admin " , 1 );
return false ;
}
return true ;
}
/* ----------------------------------------------------------------- */
/**
* Creates a new hosted account
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* Creates a new hosted account ( in the tables < code > membres </ code >
* and < code > local </ code > ) . Prevents any manipulation of the account if
* the account $mid is not super - admin .
*
* @ param $login string Login name like [ a - z ][ a - z0 - 9 ] *
* @ param $pass string Password ( max . 64 characters )
* @ param $nom string Name of the account owner
* @ param $prenom string First name of the account owner
* @ param $mail string Email address of the account owner , useful to get
* one ' s lost password
* @ pararm $type string Account type for quotas
* @ return boolean Returns FALSE if an error occurs , TRUE if not .
*
*
* Cr<EFBFBD> e un nouveau membre h<EFBFBD> berg<EFBFBD>
2007-05-11 01:29:28 +00:00
* Cr<EFBFBD> ation d 'un nouveau membre (dans membres et local) Refuse l' utilisation de l ' objet
2006-04-26 12:28:53 +00:00
* si le compte $mid n ' est pas super - admin
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* @ param $login Nom d ' utilisateur , de la forme [ a - z ][ a - z0 - 9 ] *
* @ param $pass Mot de passe , maxi 64 caract<EFBFBD> res
* @ param $nom Nom de la personne ou structure
* @ param $prenom Pr<EFBFBD> nom de la personne ou structure
* @ param $mail Adresse email du propri<EFBFBD> taire du compte , permet de r<EFBFBD> cup<EFBFBD> rer son mot de passe
* @ param $type Type de compte pour les quotas
* @ param $duration integer Dur<EFBFBD> e du compte en mois
* @ return boolean Retourne FALSE si une erreur s ' est produite , TRUE sinon .
*
*/
2010-06-24 00:23:08 +00:00
function add_mem ( $login , $pass , $nom , $prenom , $mail , $canpass = 1 , $type = 'default' , $duration = 0 , $notes = " " , $force = 0 ) {
2006-04-26 12:28:53 +00:00
global $err , $quota , $classes , $cuid , $mem , $L_MYSQL_DATABASE , $L_MYSQL_LOGIN ;
$err -> log ( " admin " , " add_mem " , $login . " / " . $mail );
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
2010-06-24 00:23:08 +00:00
if (( $login == " " ) || ( $pass == " " )) {
2006-04-26 12:28:53 +00:00
$err -> raise ( " admin " , 6 );
return false ;
}
2010-06-24 00:23:08 +00:00
if ( ! $force ) {
if ( $mail == " " ) {
$err -> raise ( " admin " , 6 );
return false ;
}
if ( checkmail ( $mail ) != 0 ){
$err -> raise ( " admin " , 5 );
return false ;
}
2006-04-26 12:28:53 +00:00
}
// V<> rification de la conformit<69> du login
$login = strtolower ( $login );
2008-07-10 20:51:05 +00:00
if ( ! ereg ( " ^[a-z0-9]* $ " , $login )) { //$
$err -> raise ( " admin " , " Login can only contains characters a-z and 0-9 " );
2006-04-26 12:28:53 +00:00
return false ;
}
if ( strlen ( $login ) > 16 ) {
$err -> raise ( " admin " , 13 );
return false ;
}
2007-05-11 01:29:28 +00:00
// Il ne peut pas <20> tre <20> gal au login ou au nom de base systeme !
2006-04-26 22:07:01 +00:00
if ( $login == $L_MYSQL_DATABASE || $login == $L_MYSQL_LOGIN || $login == " mysql " || $login == " root " ) {
2006-04-26 12:28:53 +00:00
$err -> raise ( " admin " , 10 );
return false ;
}
2006-04-26 16:12:08 +00:00
//$pass=stripslashes($pass);
2006-04-26 12:28:53 +00:00
$pass = _md5cr ( $pass );
$db = new DB_System ();
// v<> rification de l'inexistence du membre dans system.membres
$db -> query ( " SELECT count(*) AS cnt FROM membres WHERE login=' $login '; " );
$db -> next_record ();
if ( ! $db -> f ( " cnt " )) {
2010-01-15 01:40:24 +00:00
$db -> query ( " SELECT max(m.uid)+1 as nextid FROM membres m " );
2006-04-26 12:28:53 +00:00
if ( ! $db -> next_record ()) {
$uid = 2000 ;
} else {
$uid = $db -> Record [ " nextid " ];
if ( $uid <= 2000 ) $uid = 2000 ;
}
// on le cr<63> <72> ensuite dans system.membres et system.local
2009-01-29 00:40:49 +00:00
$db -> query ( " INSERT INTO membres (uid,login,pass,mail,creator,canpass,type,created, notes) VALUES (' $uid ',' $login ',' $pass ',' $mail ',' $cuid ',' $canpass ', ' $type ', NOW(), ' $notes '); " );
2006-04-26 12:28:53 +00:00
$db -> query ( " INSERT INTO local(uid,nom,prenom) VALUES(' $uid ',' $nom ',' $prenom '); " );
$this -> renew_update ( $uid , $duration );
exec ( " /usr/lib/alternc/mem_add " . $login . " " . $uid );
// Declenchons les autres classes.
$mem -> su ( $uid );
foreach ( $classes as $c ) {
if ( method_exists ( $GLOBALS [ $c ], " alternc_add_member " )) {
$GLOBALS [ $c ] -> alternc_add_member ();
}
}
$mem -> unsu ();
return $uid ;
} else {
$err -> raise ( " admin " , 3 );
return false ;
}
}
2009-01-29 00:54:52 +00:00
/**
* AlternC ' s standard function called when a user is created
*
* This sends an email if configured through the interface .
*/
function alternc_add_member () {
global $cuid , $L_FQDN , $L_HOSTING ;
$dest = variable_get ( 'new_email' );
if ( ! $dest ) {
return false ;
}
$db = new DB_System ();
if ( ! $db -> query ( " SELECT m.*, parent.login as parentlogin FROM membres m LEFT JOIN membres parent ON parent.uid=m.creator WHERE m.uid=' $cuid ' " )) {
echo " query failed: " . $db -> Error ;
return false ;
}
if ( $db -> next_record ()) {
$mail = <<< EOF
A new AlternC account was created on % fqdn by % creator .
Account details
---------------
login : % login ( % uid )
email : % mail
createor : % creator ( % cuid )
can change password : % canpass
type : % type
notes : % notes
EOF ;
$mail = strtr ( $mail , array ( '%fqdn' => $L_FQDN ,
'%creator' => $db -> Record [ 'parentlogin' ],
'%uid' => $db -> Record [ 'uid' ],
'%login' => $db -> Record [ 'login' ],
'%mail' => $db -> Record [ 'mail' ],
'%cuid' => $db -> Record [ 'creator' ],
'%canpass' => $db -> Record [ 'canpass' ],
'%type' => $db -> Record [ 'type' ],
'%notes' => $db -> Record [ 'notes' ]));
2009-02-17 21:27:09 +00:00
if ( mail ( $dest , " New account ( " . $db -> Record [ 'login' ] . " from " . $db -> Record [ 'parentlogin' ] . " ) on $L_HOSTING " , $mail , " From: postmaster@ $L_FQDN " )) {
2009-01-29 00:54:52 +00:00
echo " Successfully sent email to $dest " ;
} else {
echo " Cannot send email to $dest " ;
}
} else {
echo " query failed: " . $db -> Error ;
}
}
2006-04-26 12:28:53 +00:00
/* ----------------------------------------------------------------- */
/**
* Modifies an account
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* Modifies an account ( in the tables < code > membres </ code >
* and < code > local </ code > ) . Prevents any manipulation of the account if
* the account $mid is not super - admin .
*
* @ param $uid integer the uid number of the account we want to modify
* @ param login string new login name like [ a - z ][ a - z0 - 9 ] *
* @ param $pass string new password ( max . 64 characters )
* @ param $nom string new name of the account owner
* @ param $prenom string new first name of the account owner
* @ param $mail string new email address of the account owner
* @ param $enabled integer ( value : 0 or 1 ) activates or desactivates the
* @ param $type string new type of account
* access to the virtual desktop of this account .
* @ return boolean Returns FALSE if an error occurs , TRUE if not .
*
* Modifie un membre h<EFBFBD> berg<EFBFBD>
*
* modifie les donn<EFBFBD> es d 'un membre. Refuse l' utilisation de l ' objet
* si le compte $mid n ' est pas super - admin
*
* @ param $uid integer Num<EFBFBD> ro uid de l 'utilisateur que l' on souhaite modifier .
* @ param $mail string Nouvelle adresse email
* @ param $nom $prenom string Nouveaux nom et pr<EFBFBD> nom de l ' utilisateur
* @ param $pass string Nouveau mot de passe .
* @ param $enabled integer vaut 0 ou 1 , active ou d<EFBFBD> sactive l ' acc<EFBFBD> s au bureau virtuel de ce compte .
* @ param $type string Nouveau type de compte
* @ param $duration integer Dur<EFBFBD> e du compte en mois
* @ return boolean Retourne FALSE si une erreur s ' est produite , TRUE sinon .
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
2009-01-29 00:40:49 +00:00
function update_mem ( $uid , $mail , $nom , $prenom , $pass , $enabled , $canpass , $type = 'default' , $duration = 0 , $notes = " " ) {
2006-04-26 12:28:53 +00:00
global $err , $db ;
global $cuid , $quota ;
$err -> log ( " admin " , " update_mem " , $uid );
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
$db = new DB_System ();
if ( $pass ) {
2007-05-11 01:29:28 +00:00
// on modifie aussi le password :
2006-04-26 12:28:53 +00:00
$pass = _md5cr ( $pass );
$ssq = " ,pass=' $pass ' " ;
} else {
$ssq = " " ;
}
2009-09-08 05:29:38 +00:00
2006-04-26 12:28:53 +00:00
if (( $db -> query ( " UPDATE local SET nom=' $nom ', prenom=' $prenom ' WHERE uid=' $uid '; " ))
2009-09-08 05:29:38 +00:00
&& ( $db -> query ( " UPDATE membres SET mail=' $mail ', canpass=' $canpass ', enabled=' $enabled ', `type`=' $type ', notes=' $notes ' $ssq WHERE uid=' $uid '; " ))){
2006-04-26 12:28:53 +00:00
if ( $_POST [ 'reset_quotas' ] == " on " )
$quota -> addquotas ();
$this -> renew_update ( $uid , $duration );
return true ;
}
else {
$err -> raise ( " admin " , 2 );
return false ;
}
}
/* ----------------------------------------------------------------- */
/**
* Lock an account
*
* Lock an account and prevent the user to access its account .
*
* @ param $uid integer the uid number of the account we want to lock
* @ return boolean Returns FALSE if an error occurs , TRUE if not .
*/
function lock_mem ( $uid ) {
global $err , $db ;
$err -> log ( " admin " , " lock_mem " , $uid );
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
$db = new DB_System ();
if ( $db -> query ( " UPDATE membres SET enabled='0' WHERE uid=' $uid '; " )) {
return true ;
}
else {
$err -> raise ( " admin " , 2 );
return false ;
}
}
/* ----------------------------------------------------------------- */
/**
* UnLock an account
*
* UnLock an account and prevent the user to access its account .
*
* @ param $uid integer the uid number of the account we want to unlock
* @ return boolean Returns FALSE if an error occurs , TRUE if not .
*/
function unlock_mem ( $uid ) {
global $err , $db ;
$err -> log ( " admin " , " unlock_mem " , $uid );
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
$db = new DB_System ();
if ( $db -> query ( " UPDATE membres SET enabled='1' WHERE uid=' $uid '; " )) {
return true ;
}
else {
$err -> raise ( " admin " , 2 );
return false ;
}
}
/* ----------------------------------------------------------------- */
/**
* Deletes an account
*
* Deletes the specified account . Prevents any manipulation of the account if
* the account $mid is not super - admin .
*
* @ param $uid integer the uid number of the account we want to delete
* @ return boolean Returns FALSE if an error occurs , TRUE if not .
*
*
* Efface un membre h<EFBFBD> berg<EFBFBD>
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* Supprime le membre sp<EFBFBD> cifi<EFBFBD> . Refuse l 'utilisation de l' objet si le compte $mid n ' est pas super - admin
* @ param $uid Num<EFBFBD> ro du membre <EFBFBD> supprimer .
* @ return Retourne FALSE si une erreur s ' est produite , TRUE sinon .
*
*/
function del_mem ( $uid ) {
global $err , $quota , $classes , $cuid , $mem , $dom ;
$err -> log ( " admin " , " del_mem " , $uid );
if ( ! $this -> enabled ) {
$err -> raise ( " admin " , 1 );
return false ;
}
$db = new DB_System ();
$tt = $this -> get ( $uid );
2007-05-11 01:29:28 +00:00
// On devient l'utilisateur :
2006-04-26 12:28:53 +00:00
$mem -> su ( $uid );
2010-06-23 23:29:42 +00:00
// This script may take a long time on big accounts, let's give us some time ... Fixes 1132
@ set_time_limit ( 0 );
2006-04-26 12:28:53 +00:00
// WE MUST call m_dom before all others because of conflicts ...
$dom -> alternc_del_member ();
2007-05-11 01:29:28 +00:00
// Send the event to the other classes :
2006-04-26 12:28:53 +00:00
foreach ( $classes as $c ) {
if ( method_exists ( $GLOBALS [ $c ], " alternc_del_member " )) {
$GLOBALS [ $c ] -> alternc_del_member ();
}
}
if (( $db -> query ( " DELETE FROM membres WHERE uid=' $uid '; " )) &&
( $db -> query ( " DELETE FROM local WHERE uid=' $uid '; " ))) {
exec ( " /usr/lib/alternc/mem_del " . $tt [ " login " ]);
$mem -> unsu ();
2010-06-23 23:33:58 +00:00
// If this user was (one day) an administrator one, he may have a list of his own accounts. Let's associate those accounts to nobody as a creator.
$db -> query ( " UPDATE membres SET creator=2000 WHERE creator=' $uid '; " );
2006-04-26 12:28:53 +00:00
return true ;
} else {
$err -> raise ( " admin " , 2 );
$mem -> unsu ();
return false ;
}
}
/* ----------------------------------------------------------------- */
/**
* Renew an account
*
* Renew an account for its duration
*
* @ param $uid integer the uid number of the account we want to renew
* @ param $periods integer the number of periods we renew for
* @ return boolean Returns FALSE if an error occurs , TRUE if not .
*/
function renew_mem ( $uid , $periods = 1 ) {
global $err , $db ;
$periods = intval ( $periods );
if ( $periods == 0 )
return false ;
$query =
" UPDATE membres SET renewed = renewed + INTERVAL (duration * $periods ) MONTH WHERE uid= ${ uid } ; " ;
if ( $db -> query ( $query )) {
return true ;
} else {
$err -> raise ( " admin " , 2 );
return false ;
}
}
/* ----------------------------------------------------------------- */
/**
* Update the duration information for an account
*
* @ param $uid integer the uid number of the account we want to update
* @ param $duration integer the new duration , in months , of the account
* @ return boolean Returns FALSE if an error occurs , TRUE if not .
*/
function renew_update ( $uid , $duration ) {
global $err , $db ;
if ( $duration == 0 ) {
if ( $db -> query ( " UPDATE membres SET duration = NULL, renewed = NULL WHERE uid= $uid ; " ))
return true ;
} else {
if ( $db -> query ( " UPDATE membres SET duration = $duration WHERE uid= $uid " ) &&
$db -> query ( " UPDATE membres SET renewed = NOW() WHERE uid= $uid and renewed is null; " ))
return true ;
}
$err -> raise ( " admin " , 2 );
return false ;
}
/* ----------------------------------------------------------------- */
/**
*
* Get the expiry date for an account
*
* @ param $uid integer The uid number of the account
* @ return string The expiry date , a string as printed by MySQL
*/
function renew_get_expiry ( $uid ) {
global $db ;
$db -> query ( " SELECT renewed + INTERVAL duration MONTH 'expiry' FROM membres WHERE uid=' $uid ' ; " );
if ( $db -> num_rows ()) {
$db -> next_record ();
return $db -> Record [ 'expiry' ];
}
return '' ;
}
/* ----------------------------------------------------------------- */
/**
*
* Get the expiry status for an account
*
* @ param $uid integer The uid number of the account
* @ return integer The expiry status :
* 0 : account does not expire
* 1 : expires in more than duration ,
* 2 : expires within the duration
* 3 : has expired past the duration
*/
function renew_get_status ( $uid ) {
global $db ;
$db -> query (
" SELECT CASE " .
" WHEN duration IS NULL THEN 0 " .
" WHEN renewed + INTERVAL duration MONTH <= NOW() THEN 3 " .
" WHEN renewed <= NOW() THEN 2 " .
" ELSE 1 END 'status' FROM membres where uid= $uid ; " );
if ( $db -> num_rows ()) {
$db -> next_record ();
return $db -> Record [ 'status' ];
}
return 0 ;
}
/* ----------------------------------------------------------------- */
/**
*
* Get the expired / about to expire accounts .
*
* @ return resource The recordset of the corresponding accounts
*/
function renew_get_expiring_accounts () {
global $db ;
if ( ! $db -> query ( " SELECT *, m.renewed + INTERVAL duration MONTH 'expiry', " .
" CASE WHEN m.duration IS NULL THEN 0 " .
" WHEN m.renewed + INTERVAL m.duration MONTH <= NOW() THEN 3 " .
" WHEN m.renewed <= NOW() THEN 2 " .
" ELSE 1 END 'status' FROM membres m, local l " .
" WHERE m.uid = l.uid " .
" HAVING status=2 or status=3 ORDER BY status DESC, expiry; " ))
return false ;
else {
while ( $db -> next_record ())
$res [] = $db -> Record ;
return $res ;
}
}
2007-05-11 01:29:28 +00:00
2006-04-26 12:28:53 +00:00
/* ----------------------------------------------------------------- */
/**
* Turns a common account into a super - admin account
*
* @ param $uid integer the uid number of the common account we want to turn into a
* super - admin account .
* @ return Returns FALSE if an error occurs , TRUE if not .
*
*
* Transforme un membre Normal en membre Administrateur
*
* @ param $uid Num<EFBFBD> ro du compte <EFBFBD> transformer
* @ return Retourne FALSE si une erreur s ' est produite .
*
*/
function normal2su ( $uid ) {
global $err , $db ;
$db -> query ( " SELECT su FROM membres WHERE uid=' $uid '; " );
if ( ! $db -> next_record ()) {
$err -> raise ( " admin " , 2 );
return false ;
2007-05-11 01:29:28 +00:00
}
2006-04-26 12:28:53 +00:00
if ( $db -> Record [ " su " ] != 0 ) {
$err -> raise ( " admin " , 8 );
return false ;
}
$db -> query ( " UPDATE membres SET su=1 WHERE uid=' $uid '; " );
return true ;
}
/* ----------------------------------------------------------------- */
/**
* Turns a super - admin account into a common account
*
* @ param $uid integer the uid number of the super - admin account we want to turn into a
* common account .
* @ return boolean Returns FALSE if an error occurs , TRUE if not .
*
*
* Transforme un membre Administrateur en membre Normal
* @ param integer $uid Num<EFBFBD> ro du compte <EFBFBD> transformer
* @ return boolean Retourne FALSE si une erreur s ' est produite .
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
function su2normal ( $uid ) {
global $err , $db ;
$db -> query ( " SELECT su FROM membres WHERE uid=' $uid '; " );
if ( ! $db -> next_record ()) {
$err -> raise ( " admin " , 2 );
return false ;
}
if ( $db -> Record [ " su " ] != 1 ) {
$err -> raise ( " admin " , 9 );
return false ;
}
$db -> query ( " UPDATE membres SET su=0 WHERE uid=' $uid '; " );
return true ;
}
/* ----------------------------------------------------------------- */
/**
* List of the authorized TLDs
*
* Returns the list of the authorized TLDs and also the way they are
* authorized . A TLD is the last members ( or the last two ) of a
* domain . For example , " com " , " org " etc ... AlternC keeps a table
* containing the list of the TLDs authorized to be installed on the
* server with the instructions to validate the installation of a
* domain for each TLD ( if necessary ) .
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* @ return array An associative array like $r [ " tld " ], $r [ " mode " ] where tld
* is the tld and mode is the authorized mode .
2007-05-11 01:29:28 +00:00
*
*
* Liste des TLD autoris<EFBFBD> s
*
* Retourne la liste des tld autoris<EFBFBD> s , ainsi que la fa<EFBFBD> on dont ils sont autoris<EFBFBD> s .
* Les tld sont le dernier membre ( ou parfois les 2 derniers membres ) d ' un domaine .
* Par exemple " org " " com " etc . AlternC conserve une table " tld " qui contient la liste
* des TLD autoris<EFBFBD> s <EFBFBD> <EFBFBD> tre install<EFBFBD> sur le serveur , accompagn<EFBFBD> des v<EFBFBD> rifications <EFBFBD> effectuer
* pour chaque TLD . Par exemple , on peux v<EFBFBD> rifier que les DNS du domaine pointent bien vers
2006-04-26 12:28:53 +00:00
* notre serveur , ou juste que le domaine existe etc .
* < p >< b > Note </ b > : Il faudrait pouvoir effectuer une requete DNS , et pouvoir juste v<EFBFBD> rifier les DNS
* via DIG et pas seulement via Whois </ p >
2007-05-11 01:29:28 +00:00
*
* @ return array Retourne un tableau de tableau associatif du type $r [ " tld " ], $r [ " mode " ] .
2006-04-26 12:28:53 +00:00
* TLD est le tld et MODE est le mode autoris<EFBFBD>
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
function listtld () {
global $db ;
$db -> query ( " SELECT tld,mode FROM tld ORDER BY tld; " );
while ( $db -> next_record ()) {
$c [] = $db -> Record ;
}
return $c ;
}
/* ----------------------------------------------------------------- */
/**
* List the hosted domains on this server
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* Return the list of hosted domains on this server , ( an array of associative arrays )
2010-04-02 16:40:37 +00:00
* @ param boolean $alsocheck Returns also errstr and errno telling the domains dig checks
* @ param boolean $forcecheck Force the check of dig domain even if a cache exists .
2006-04-26 12:28:53 +00:00
* @ return array $r [ $i ] / [ domaine ][ member ][ noerase ][ gesdns ][ gesmx ]
*/
2010-04-02 16:40:37 +00:00
function dom_list ( $alsocheck = false , $forcecheck = false ) {
2006-04-26 12:28:53 +00:00
global $db ;
2010-04-02 16:40:37 +00:00
$cachefile = " /tmp/alternc_dig_check_cache " ;
$cachetime = 3600 ; // The dns cache file can be up to 1H old
if ( $alsocheck ) {
if ( ! $forcecheck && file_exists ( $cachefile ) && filemtime ( $cachefile ) + $cachetime > time ()) {
$checked = unserialize ( file_get_contents ( $cachefile ));
} else {
// TODO : do the check here (cf checkdom.php) and store it in $checked
$checked = $this -> checkalldom ();
file_put_contents ( $cachefile , serialize ( $checked ));
}
}
2010-02-01 22:13:31 +00:00
$db -> query ( " SELECT m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ORDER BY domaine; " );
2006-04-26 12:28:53 +00:00
while ( $db -> next_record ()) {
2010-04-02 16:40:37 +00:00
$tmp = $db -> Record ;
if ( $alsocheck ) {
$tmp [ " errstr " ] = $checked [ $tmp [ " domaine " ]][ " errstr " ];
$tmp [ " errno " ] = $checked [ $tmp [ " domaine " ]][ " errno " ];
}
$c [] = $tmp ;
2006-04-26 12:28:53 +00:00
}
return $c ;
}
2010-04-02 16:40:37 +00:00
/** Check all the domains for their NS MX and IPs
*/
function checkalldom () {
2010-04-11 08:41:08 +00:00
global $db , $L_NS1 , $L_NS2 , $L_MX , $L_PUBLIC_IP ;
2010-04-02 16:40:37 +00:00
$checked = array ();
$r = $db -> query ( " SELECT * FROM domaines ORDER BY domaine; " );
$dl = array ();
while ( $db -> next_record ()) {
$dl [ $db -> Record [ " domaine " ]] = $db -> Record ;
}
sort ( $dl );
foreach ( $dl as $c ) {
// Pour chaque domaine on verifie son etat :
$errno = 0 ;
$errstr = " " ;
$dontexist = false ;
// Check du domaine
if ( $c [ " gesdns " ] == 1 ) {
// Check du NS qui pointe chez nous
$out = array ();
exec ( " dig +short NS " . escapeshellarg ( $c [ " domaine " ]), $out );
if ( count ( $out ) == 0 ) {
$dontexist = true ;
} else {
2010-04-11 08:41:08 +00:00
if ( ! in_array ( $L_NS1 . " . " , $out ) || ! in_array ( $L_NS2 . " . " , $out )) {
2010-04-02 16:40:37 +00:00
$errno = 1 ; $errstr .= " NS for this domain are not $L_NS1 and $L_NS2 BUT " . implode ( " , " , $out ) . " \n " ;
}
}
}
if ( $c [ " gesmx " ] == 1 && ! $dontexist ) {
$out = array ();
exec ( " dig +short MX " . escapeshellarg ( $c [ " domaine " ]), $out );
$out2 = array ();
foreach ( $out as $o ) {
list ( $t , $out2 []) = explode ( " " , $o );
}
2010-04-11 08:41:08 +00:00
if ( ! in_array ( $L_MX . " . " , $out2 )) {
2010-04-02 16:40:37 +00:00
$errno = 1 ; $errstr .= " MX is not $L_MX BUT " . implode ( " , " , $out2 ) . " \n " ;
}
}
if ( ! $dontexist ) {
// On liste les sous-domaine et on verifie qu'ils pointent bien chez nous...
$db -> query ( " SELECT * FROM sub_domaines WHERE domaine=' " . addslashes ( $c [ " domaine " ]) . " ' ORDER BY sub; " );
while ( $db -> next_record ()) {
$d = $db -> Record ;
if ( $d [ " type " ] == 0 ) {
// Check l'IP :
$out = array ();
exec ( " dig +short A " . escapeshellarg ( $d [ " sub " ] . (( $d [ " sub " ] != " " ) ? " . " : " " ) . $c [ " domaine " ]), $out );
if ( ! in_array ( $L_PUBLIC_IP , $out )) {
$errstr .= " subdomain ' " . $d [ " sub " ] . " ' don't point to $L_PUBLIC_IP but to " . implode ( " , " , $out ) . " \n " ;
$errno = 1 ;
}
}
}
}
if ( $dontexist ) {
$errno = 2 ;
$errstr = " Domain don't exist anymore ! " ;
}
if ( $errno == 0 ) $errstr = " OK " ;
$checked [ $c [ " domaine " ]] = array ( " errno " => $errno , " errstr " => $errstr );
}
return $checked ;
}
2006-04-26 12:28:53 +00:00
/* ----------------------------------------------------------------- */
/**
2007-05-11 01:29:28 +00:00
* Lock / Unlock a domain
2006-04-26 12:28:53 +00:00
*
* Lock ( or unlock ) a domain , so that the member will be ( not be ) able to delete it
* from its account
* @ param $dom string Domain name to lock / unlock
* @ return boolean TRUE if the domain has been locked / unlocked or FALSE if it does not exist .
*/
function dom_lock ( $domain ) {
global $db , $err ;
$db -> query ( " SELECT compte FROM domaines WHERE domaine=' $domain '; " );
if ( ! $db -> next_record ()) {
$err -> raise ( " dom " , 1 );
return false ;
}
$db -> query ( " UPDATE domaines SET noerase=1-noerase WHERE domaine=' $domain '; " );
return true ;
}
/* ----------------------------------------------------------------- */
/**
2007-05-11 01:29:28 +00:00
* Add a new TLD to the list of the authorized TLDs
2006-04-26 12:28:53 +00:00
*
* @ param $tld string top - level domain to add ( org , com ... )
* @ param $mode integer number of the authorized mode ( 0 to 5 )
* @ return boolean TRUE if the tld has been successfully added , FALSE if not .
*
*
* Ajoute un nouveau TLD autoris<EFBFBD> <EFBFBD> la liste des tld autoris<EFBFBD> s .
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* @ param $tld Top - Level Domain <EFBFBD> ajouter ( org , com ... )
* @ param $mode Num<EFBFBD> ro du mode autoris<EFBFBD> ( 0 -> 5 )
* @ return boolean True si le tld a bien <EFBFBD> t<EFBFBD> ajout<EFBFBD> , False sinon .
2007-05-11 01:29:28 +00:00
*
*/
2006-04-26 12:28:53 +00:00
function gettld ( $tld ) {
global $db , $err ;
$db -> query ( " SELECT mode FROM tld WHERE tld=' $tld '; " );
if ( ! $db -> next_record ()) {
$err -> raise ( " admin " , 11 );
return false ;
}
return $db -> Record [ " mode " ];
}
/* ----------------------------------------------------------------- */
/**
* Prints the list of the actually authorized TLDs
*
* @ param $current integer Value to select in the list
2007-05-11 01:29:28 +00:00
*
* Affiche ( echo ) la liste d<EFBFBD> roulante des TLD actuellement autoris<EFBFBD> s .
*
2006-04-26 12:28:53 +00:00
* @ param $current Valeur par d<EFBFBD> faut <EFBFBD> s<EFBFBD> lectionner dans la liste
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
function selecttldmode ( $current = false ) {
for ( $i = 0 ; $i < count ( $this -> tldmode ); $i ++ ) {
echo " <option value= \" $i\ " " ;
if ( $current == $i ) echo " selected= \" selected \" " ;
2007-05-11 07:21:23 +00:00
echo " > " . _ ( $this -> tldmode [ $i ]) . " </option> \n " ;
2006-04-26 12:28:53 +00:00
}
}
/* ----------------------------------------------------------------- */
/**
* Deletes the specified tld in the list of the authorized TLDs
* < b > Note </ b > : This function does not delete the domains depending
* on this TLD
*
* @ param $tld string The TLD you want to delete
* @ return boolean returns true if the TLD has been deleted , or
* false if an error occured .
*
*
* Supprime le tld indiqu<EFBFBD> de la liste des TLD autoris<EFBFBD> s <EFBFBD> l ' installation
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* < b > Note </ b > : Cela ne supprime pas les domaines utilisant ce TLD !
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* @ param $tld TLD que l ' on souhaite d<EFBFBD> truire
* @ return boolean retourne true si le TLD a bien <EFBFBD> t<EFBFBD> effac<EFBFBD> , false sinon
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
function deltld ( $tld ) {
global $db , $err ;
$db -> query ( " SELECT tld FROM tld WHERE tld=' $tld '; " );
if ( ! $db -> next_record ()) {
$err -> raise ( " admin " , 11 );
return false ;
}
$db -> query ( " DELETE FROM tld WHERE tld=' $tld '; " );
return true ;
}
/* ----------------------------------------------------------------- */
/**
* Add a TLD to the list of the authorized TLDs during the
* installation
*
* @ param $tld string TLD we want to authorize
* @ param $mode integer Controls to make on this TLD .
* < b > Note : </ b > If you check in the whois , be sure that
* < code > m_domains </ code > knows how to name the whois of the specified
* domain !
* @ return boolean TRUE if the TLD has been successfully
* added . FALSE if not .
*
*
*
* Ajoute un TLD <EFBFBD> la liste des TLD autoris<EFBFBD> s <EFBFBD> l ' installation
2007-05-11 01:29:28 +00:00
*
* @ param $tld TLD que l ' on souhaite autoriser .
* @ param $mode Contr<EFBFBD> les <EFBFBD> effectuer sur ce TLD . < b > Note : </ b >
2006-04-26 12:28:53 +00:00
* Si vous demandez le controle dans le Whois , assurez - vous que m_domains
* connaisse bien comment appeler le whois du domaine correspondant !
* @ return boolean retourne true si le TLD a bien <EFBFBD> t<EFBFBD> ajout<EFBFBD> , false sinon
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
function addtld ( $tld , $mode ) {
global $db , $err ;
if ( ! $tld ) {
$err -> raise ( " admin " , 12 );
return false ;
}
$db -> query ( " SELECT tld FROM tld WHERE tld=' $tld '; " );
if ( $db -> next_record ()) {
$err -> raise ( " admin " , 12 );
return false ;
}
if ( substr ( $tld , 0 , 1 ) == " . " ) $tld = substr ( $tld , 1 );
$mode = intval ( $mode );
if ( $mode == 0 ) $mode = " 0 " ;
$db -> query ( " INSERT INTO tld (tld,mode) VALUES (' $tld ',' $mode '); " );
return true ;
}
/* ----------------------------------------------------------------- */
/**
2007-05-11 01:29:28 +00:00
* Modify a TLD of the list of the authorized TLDs
2006-04-26 12:28:53 +00:00
*
* @ param $tld string TLD we want to modify
* @ param $mode integer Controls to make on this TLD .
* @ return boolean TRUE if the TLD has been successfully
* modified . FALSE if not .
*
*
* Modifie un TLD autoris<EFBFBD> de la liste des tld autoris<EFBFBD> s .
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
* @ param $tld Top - Level Domain <EFBFBD> modifier ( org , com ... )
* @ param $mode Num<EFBFBD> ro du mode autoris<EFBFBD> ( 0 -> 5 )
* @ return boolean True si le tld a bien <EFBFBD> t<EFBFBD> modifi<EFBFBD> , False sinon .
2007-05-11 01:29:28 +00:00
*
2006-04-26 12:28:53 +00:00
*/
function edittld ( $tld , $mode ) {
global $db , $err ;
$db -> query ( " SELECT tld FROM tld WHERE tld=' $tld '; " );
if ( ! $db -> next_record ()) {
$err -> raise ( " admin " , 11 );
return false ;
}
$mode = intval ( $mode );
if ( $mode == 0 ) $mode = " 0 " ;
$db -> query ( " UPDATE tld SET mode=' $mode ' WHERE tld=' $tld '; " );
return true ;
}
/* ----------------------------------------------------------------- */
/**
* Donne le login du compte administrateur principal d ' AlternC
*
* @ return string Retourne le login du compte admin ou root .
*
*/
function getadmin () {
global $db ;
$db -> query ( " SELECT login FROM membres WHERE uid = '2000'; " );
$db -> next_record ();
return $db -> f ( " login " );
}
2009-11-30 05:02:53 +00:00
/* ----------------------------------------------------------------- */
/**
* List the password policies currently installed in the policy table
*
* @ return array an indexed array of associative array from the MySQL " policy " table
*
*/
function listPasswordPolicies () {
global $db , $classes ;
$tmp1 = array ();
$tmp2 = array ();
$policies = array ();
$db -> query ( " SELECT * FROM policy; " );
while ( $db -> next_record ()) {
$tmp1 [ $db -> Record [ " name " ]] = $db -> Record ;
}
foreach ( $classes as $c ) {
if ( method_exists ( $GLOBALS [ $c ], " alternc_password_policy " )) {
$res = $GLOBALS [ $c ] -> alternc_password_policy (); // returns an array
foreach ( $res as $k => $v ) {
$tmp2 [ $k ] = $v ;
}
}
}
foreach ( $tmp2 as $k => $v ) {
if ( ! isset ( $tmp1 [ $k ])) {
// Default policy :
$db -> query ( " INSERT INTO policy SET name=' " . addslashes ( $k ) . " ', minsize=0, maxsize=64, classcount=0, allowlogin=0; " );
$tmp1 [ $k ] = array (
" minsize " => 0 , " maxsize " => 64 , " classcount " => 0 , " allowlogin " => 0
);
}
$policies [ $k ] = $tmp1 [ $k ];
$policies [ $k ][ " description " ] = _ ( $v );
unset ( $tmp1 [ $k ]);
}
foreach ( $tmp1 as $k => $v ) {
// Delete disabled modules :
$db -> query ( " DELETE FROM policy WHERE name=' " . addslashes ( $k ) . " '; " );
}
return $policies ;
}
/* ----------------------------------------------------------------- */
/**
* Change a password policy for one kind of password
*
* @ param $policy string Name of the policy to edit
* @ param $minsize integer Minimum Password size
* @ param $maxsize integer Maximum Password size
* @ param $classcount integer How many class of characters must this password have
* @ param $allowlogin boolean Do we allow the password to be like the login ?
* @ return boolean TRUE if the policy has been edited , or FALSE if an error occured .
*
*/
function editPolicy ( $policy , $minsize , $maxsize , $classcount , $allowlogin ) {
global $db ;
$minsize = intval ( $minsize );
$maxsize = intval ( $maxsize );
$classcount = intval ( $classcount );
$allowlogin = intval ( $allowlogin );
$db -> query ( " SELECT * FROM policy WHERE name=' " . addslashes ( $policy ) . " '; " );
if ( ! $db -> next_record ()) {
return false ; // Policy not found
}
if ( $minsize < 0 || $minsize > 64 || $maxsize < 0 || $maxsize > 64 || $maxsize < $minsize || $classcount < 0 || $classcount > 4 ) {
return false ; // Incorrect policy ...
}
$allowlogin = ( $allowlogin ) ? 1 : 0 ;
$db -> query ( " UPDATE policy SET minsize= $minsize , maxsize= $maxsize , classcount= $classcount , allowlogin= $allowlogin WHERE name=' " . addslashes ( $policy ) . " '; " );
return true ;
}
/* ----------------------------------------------------------------- */
/**
* Check a password and a login for a specific policy
*
* @ param $policy string Name of the policy to check for
* @ param $login The login that will be set
* @ param $password The password we have to check
* @ return boolean TRUE if the password if OK for this login and this policy , FALSE if it is not .
*
*/
function checkPolicy ( $policy , $login , $password ) {
2009-11-30 06:01:34 +00:00
global $db , $err ;
$pol = $this -> listPasswordPolicies ();
if ( ! $pol [ $policy ]) {
$err -> raise ( " admin " , 14 );
return false ;
}
$pol = $pol [ $policy ];
// Ok, now let's check it :
$plen = strlen ( $password );
if ( $plen < $pol [ " minsize " ]) {
$err -> raise ( " admin " , 15 );
return false ;
}
if ( $plen > $pol [ " maxsize " ]) {
$err -> raise ( " admin " , 16 );
return false ;
}
if ( ! $pol [ " allowlogin " ]) {
// We do misc check on password versus login :
$l2 = str_replace ( " _ " , " @ " , $l2 );
$l2 = str_replace ( " . " , " @ " , $l2 );
$logins = explode ( " @ " , $login );
$logins [] = $login ;
foreach ( $logins as $l ) {
2010-02-01 22:13:31 +00:00
if ( strpos ( $password , $l ) !== false ) {
2009-11-30 06:01:34 +00:00
$err -> raise ( " admin " , 17 );
return false ;
}
}
}
if ( $pol [ " classcount " ] > 0 ) {
$cls = array ( 0 , 0 , 0 , 0 , 0 );
for ( $i = 0 ; $i < strlen ( $password ); $i ++ ) {
$p = substr ( $password , $i , 1 );
if ( strpos ( " abcdefghijklmnopqrstuvwxyz " , $p ) !== false ) {
$cls [ 0 ] = 1 ;
} elseif ( strpos ( " ABCDEFGHIJKLMNOPQRSTUVWXYZ " , $p ) !== false ) {
$cls [ 1 ] = 1 ;
} elseif ( strpos ( " 0123456789 " , $p ) !== false ) {
$cls [ 2 ] = 1 ;
} elseif ( strpos ( '!"#$%&\'()*+,-./:;<=>?@[\\]^_`' , $p ) !== false ) {
$cls [ 3 ] = 1 ;
} else {
$cls [ 4 ] = 1 ;
}
} // foreach
$clc = array_sum ( $cls );
if ( $clc < $pol [ " classcount " ]) {
$err -> raise ( " admin " , 18 , $pol [ " classcount " ], $clc );
return false ;
}
}
return true ; // congratulations !
2009-11-30 05:02:53 +00:00
}
2006-04-26 12:28:53 +00:00
} /* Classe ADMIN */
?>