From 2ed4cbad219d2933f6bcb35a32dc90c881d6b3f7 Mon Sep 17 00:00:00 2001 From: Benjamin Sonntag Date: Sat, 23 Jun 2018 10:35:08 +0200 Subject: [PATCH] [enh] finishing the HTTPS preference code --- bureau/admin/dom_edit.php | 11 ++- .../{dom_ssl.inc.php => dom_sslpref.php} | 72 +++++++++++++++---- bureau/class/functions.php | 27 +++---- bureau/class/m_dom.php | 39 ++++++++++ 4 files changed, 121 insertions(+), 28 deletions(-) rename bureau/admin/{dom_ssl.inc.php => dom_sslpref.php} (65%) diff --git a/bureau/admin/dom_edit.php b/bureau/admin/dom_edit.php index d559294b..cec2077c 100755 --- a/bureau/admin/dom_edit.php +++ b/bureau/admin/dom_edit.php @@ -120,7 +120,6 @@ if (! empty($r['dns_result']) && $r['dns_result'] != '0') {
    • -
    • @@ -256,7 +255,15 @@ foreach ($problems as $pr => $lm) { // $problems can be empty but can't be null/ echo "\n"; } ?> - + +

     

    +
    +

    + +

    + + +
    diff --git a/bureau/admin/dom_ssl.inc.php b/bureau/admin/dom_sslpref.php similarity index 65% rename from bureau/admin/dom_ssl.inc.php rename to bureau/admin/dom_sslpref.php index 6b3b2049..1f8871ba 100644 --- a/bureau/admin/dom_ssl.inc.php +++ b/bureau/admin/dom_sslpref.php @@ -24,25 +24,13 @@ */ require_once("../class/config.php"); +require_once("head.php"); $fields = array ( "domain" => array ("request", "string", (empty($domain)?"":$domain) ), ); getFields($fields); -?> -

    Usually you'd want to click 'edit' in front of a subdomain to choose between HTTP and HTTPS by default."); ?>

    -

    - -
    - -

    - - - - - -lock(); if (!$r=$dom->get_domain_all($domain)) { $dom->unlock(); @@ -52,6 +40,47 @@ if (!$r=$dom->get_domain_all($domain)) { } $dom->unlock(); +$haserror=false; +if (count($_POST)) { + $dom->lock(); + // get fields from the posted form: + foreach($r["sub"] as $subdomain) { + if (isset($_POST["ssl_".$subdomain["id"]])) { + if (!$dom->set_subdomain_ssl_provider($subdomain["id"],$_POST["ssl_".$subdomain["id"]])) { + $haserror=true; + } + // errors will be shown below + } + } + $dom->unlock(); + if ($haserror) { + echo $msg->msg_html_all(); + } else { + header("Location: dom_edit.php?domain=".eue($domain,false)); + } +} // post ? + + + +?> +

    + +

    Usually you'd want to click 'edit' in front of a subdomain to choose between HTTP and HTTPS by default."); ?>

    +

    + +
    + +

    + + + + +
    + + + +"; echo ""; - echo " + +
    ".$fqdn."
    +

    + + +

    +
    + + + + \ No newline at end of file diff --git a/bureau/class/functions.php b/bureau/class/functions.php index 0fe4f259..fe873c13 100755 --- a/bureau/class/functions.php +++ b/bureau/class/functions.php @@ -634,43 +634,46 @@ function eoption($values, $cur, $onedim = false) { /** * Echo the HTMLSpecialChars version of a value. + * (or return it if display=false * Must be called when pre-filling fields values in forms such as : * * Use the charset of the current language for transcription * * @global string $charset * @param string $str - * @param boolean $affiche + * @param boolean $display * @return string */ -function ehe($str, $affiche = TRUE) { +function ehe($str, $display = TRUE) { global $charset; - $retour = htmlspecialchars($str, ENT_QUOTES|ENT_SUBSTITUTE, $charset); - if ($affiche) { - echo $retour; + $quoted = htmlspecialchars($str, ENT_QUOTES|ENT_SUBSTITUTE, $charset); + if ($display) { + echo $quoted; } - return $retour; + return $quoted; } + /** * Echo the URLENCODED version of a value. + * (or return it if display=false) * Must be called when pre-filling fields values in URLS such as : * document.location='logs_tail.php?file= * Use the charset of the current language for transcription * * @global string $charset * @param string $str - * @param boolean $affiche + * @param boolean $display * @return string */ -function eue($str, $affiche = TRUE) { +function eue($str, $display = TRUE) { global $charset; - $retour = urlencode($str); - if ($affiche) { - echo $retour; + $quoted = urlencode($str); + if ($display) { + echo $quoted; } - return $retour; + return $quoted; } diff --git a/bureau/class/m_dom.php b/bureau/class/m_dom.php index 75820760..e7901e3c 100644 --- a/bureau/class/m_dom.php +++ b/bureau/class/m_dom.php @@ -1389,6 +1389,45 @@ class m_dom { } + /** + * set the HTTPS preference for a subdomain. + * @param integer the sub_domain_id (will be checked against the user ID identity) + * @param string the provider (if not empty, will be checked against an existing certificate for this subdomain) + * @return boolean true if the preference has been set + */ + function set_sub_domain_ssl_provider($sub_domain_id,$provider) { + global $db, $msg, $cuid, $ssl; + $msg->log("dom", "set_sub_domain_ssl_provider", $sub_domain_id." / ".$provider) + // Locked ? + if (!$this->islocked) { + $msg->raise("ERROR", "dom", _("--- Program error --- No lock on the domains!")); + return false; + } + $db->query("SELECT * FROM sub_domaines WHERE id=?",array($sub_domain_id)); + if (!$db->next_record() || $db->Record["compte"]!=$cuid) { + $msg->raise("ERROR", "dom", _("Subdomain not found")); + return false; + } + $fqdn=$db->Record["sub"].(($db->Record["sub"])?".":"").$db->Record["domaine"]; + $certs = $ssl->get_valid_certs($fqdn); + $provider=strtolower(trim($provider)); + if ($provider) { + $found=false; + foreach($certs as $cert) { + if ($cert["provider"]==$provider) { + $found=true; + } + } + if (!$found) { + $msg->raise("ERROR", "dom", _("No certificate found for this provider and this subdomain")); + return false; + } + } + $db->query("UPDATE sub_domaines SET provider=? WHERE id=?",array($provider,$sub_domain_id)); + return true; + } + + /** * Modifier les information du sous-domaine demandé. *