@@ -73,22 +144,17 @@ if (!empty($is_subnet) && !empty($ip)) {
diff --git a/bureau/class/m_admin.php b/bureau/class/m_admin.php
index 4b1370b3..78f2fa4f 100644
--- a/bureau/class/m_admin.php
+++ b/bureau/class/m_admin.php
@@ -845,19 +845,19 @@ EOF;
$cachetime=3600; // The dns cache file can be up to 1H old
if ($alsocheck) {
if (!$forcecheck && file_exists($cachefile) && filemtime($cachefile)+$cachetime>time()) {
- $checked=unserialize(file_get_contents($cachefile));
+ $checked=unserialize(file_get_contents($cachefile));
} else {
- // TODO : do the check here (cf checkdom.php) and store it in $checked
- $checked=$this->checkalldom();
- file_put_contents($cachefile,serialize($checked));
+ // TODO : do the check here (cf checkdom.php) and store it in $checked
+ $checked=$this->checkalldom();
+ file_put_contents($cachefile,serialize($checked));
}
}
$db->query("SELECT m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ORDER BY domaine;");
while ($db->next_record()) {
$tmp=$db->Record;
if ($alsocheck) {
- $tmp["errstr"]=$checked[$tmp["domaine"]]["errstr"];
- $tmp["errno"]=$checked[$tmp["domaine"]]["errno"];
+ $tmp["errstr"]=$checked[$tmp["domaine"]]["errstr"];
+ $tmp["errno"]=$checked[$tmp["domaine"]]["errno"];
}
$c[]=$tmp;
}
diff --git a/bureau/class/m_authip.php b/bureau/class/m_authip.php
new file mode 100644
index 00000000..4765580a
--- /dev/null
+++ b/bureau/class/m_authip.php
@@ -0,0 +1,189 @@
+query("SELECT * FROM authorised_ip WHERE uid='$cuid';");
+ while ($db->next_record()) {
+ $r[$db->f('id')]=$db->Record;
+ if ( (checkip($db->f('ip')) && $db->f('subnet') == 32) ||
+ (checkipv6($db->f('ip')) && $db->f('subnet') == 128) ) {
+ $r[$db->f('id')]['ip_human']=$db->f('ip');
+ } else {
+ $r[$db->f('id')]['ip_human']=$db->f('ip')."/".$db->f('subnet');
+ }
+
+ }
+ return $r;
+ }
+
+ // Delete an IP in authorised_ip
+ function ip_delete($id) {
+ global $db, $cuid;
+ $id=intval($id);
+
+ $db->query("SELECT id FROM authorised_ip_affected where authorised_ip_id ='$id';");
+ while ($db->next_record()) {
+ $this->ip_affected_delete($db->f('id'));
+ }
+ if (! $db->query("delete from authorised_ip where id='$id' and uid='$cuid' limit 1;") ) {
+ echo "query failed: ".$db->Error;
+ return false;
+ }
+ return true;
+ }
+
+ // Insert or update in authorised_ip
+ function ip_save($id, $ipsub, $infos, $uid=null) {
+ global $db, $mem;
+
+ // If we ask for uid=0, we have to check to be super-user
+ // else, juste use global cuid;
+ if ($uid === 0 && $mem->checkRight() ) {
+ $cuid=0;
+ } else {
+ global $cuid;
+ }
+
+ $id=intval($id);
+ $infos=mysql_real_escape_string($infos);
+
+ // Extract subnet from ipsub
+ $tmp=explode('/',$ipsub);
+ $ip=$tmp[0];
+ $subnet=intval($tmp[1]);
+
+ // Error if $ip not an IP
+ if ( ! checkip($ip) && ! checkipv6($ip) ) {
+ echo "Failed : not an IP address";
+ return false;
+ }
+
+ // Check the subnet, if not defined, give a /32 or a /128
+ if ( ! $subnet ) {
+ if ( checkip($ip) ) $subnet=32;
+ else $subnet=128;
+ }
+
+ // An IPv4 can't have subnet > 32
+ if (checkip($ip) && $subnet > 32 ) $subnet=32;
+
+ if ($id) { // Update
+ if (! $db->query("update authorised_ip set ip='$ip', subnet='$subnet', infos='$infos' where id='$id' and uid='$cuid' ;") ) {
+ echo "query failed: ".$db->Error;
+ return false;
+ }
+ // TODO hooks update
+ } else { // Insert
+ if (! $db->query("insert into authorised_ip (uid, ip, subnet, infos) values ('$cuid', '$ip', '$subnet', '$infos' );") ) {
+ echo "query failed: ".$db->Error;
+ return false;
+ }
+ }
+ return true;
+ }
+
+ // Function called by alternc when you delete a member
+ function alternc_del_member($l_uid) {
+ $db->query("SELECT id FROM authorised_ip WHERE uid ='$l_uid';");
+ while ($db->next_record()) {
+ $this->ip_delete($db->f('id'));
+ }
+ return true;
+ }
+
+
+ function get_auth_class() {
+ global $classes;
+ $authclass=array();
+
+ foreach ($classes as $c) {
+ global $$c;
+ if ( method_exists($$c, "authip_class") ) {
+ $a=$$c->authip_class();
+ $a['class']=$c;
+ $authclass[$a['protocol']]=$a;
+ }
+ }
+ return $authclass;
+ }
+
+ // Save in ip_affected_save
+ function ip_affected_save($authorised_ip_id, $protocol, $parameters, $id=null) {
+ global $db;
+ $authorised_ip_id=intval($authorised_ip_id);
+ $protocol=mysql_real_escape_string($protocol);
+ $parameters=mysql_real_escape_string($parameters);
+
+ if ($id) {
+ $id=intval($id);
+ if (! $db->query("update authorised_ip_affected set authorised_ip_id='$authorised_ip_id', protocol='$protocol', parameters='$parameters' where id ='$id' limit 1;") ) {
+ echo "query failed: ".$db->Error;
+ return false;
+ }
+ // TODO hooks update
+ } else {
+ if (! $db->query("insert into authorised_ip_affected (authorised_ip_id, protocol, parameters) values ('$authorised_ip_id', '$protocol', '$parameters');") ) {
+ echo "query failed: ".$db->Error;
+ return false;
+ }
+ // TODO hooks insert
+ }
+ return true;
+ }
+
+ // Delete an IP in authorised_ip_affected
+ function ip_affected_delete($id) {
+ global $db;
+ $id=intval($id);
+ if (! $db->query("delete from authorised_ip_affected where id='$id' limit 1;") ) {
+ echo "query failed: ".$db->Error;
+ return false;
+ }
+ // TODO hooks delete
+ return true;
+ }
+
+
+ function list_affected() {
+ global $db, $cuid;
+
+ $r = array();
+ $db->query("SELECT * FROM authorised_ip_affected WHERE authorised_ip_id in (select id from authorised_ip where uid = '$cuid');");
+ while ($db->next_record()) {
+ $r[]=$db->Record;
+ }
+ return $r;
+ }
+// TODO :
+// hooks on créations/update/delete
+
+
+
+}; /* Classe m_authip */
diff --git a/bureau/class/m_ftp.php b/bureau/class/m_ftp.php
index 31b4bcb3..984d2bec 100644
--- a/bureau/class/m_ftp.php
+++ b/bureau/class/m_ftp.php
@@ -56,6 +56,21 @@ class m_ftp {
}
+ // Return the values needed to activate security access. See get_auth_class()
+ // in authip for more informations
+ function authip_class() {
+ $c = Array();
+ $c['name']="FTP";
+ $c['protocol']="ftp";
+ $c['values']=Array();
+
+ foreach ($this->get_list() as $v ) {
+ $c['values'][$v['id']]=$v['login'];
+ }
+
+ return $c;
+ }
+
/* ----------------------------------------------------------------- */
/** Retourne la liste des comptes FTP du compte hébergé
* Retourne la liste des comptes FTP sous forme de tableau indexé de
@@ -73,12 +88,12 @@ class m_ftp {
$db->query("SELECT id, name, homedir FROM ftpusers WHERE uid='$cuid' ORDER BY homedir;");
if ($db->num_rows()) {
while ($db->next_record()) {
- // On passe /var/alternc/html/u/user
- $tr=preg_match("/^\/var\/alternc\/html\/.\/[^\/]*\/(.*)$/", $db->f("homedir"),$match); /* " */
- $r[]=array(
- "id"=>$db->f("id"),
- "login"=>$db->f("name"),
- "dir"=>$match[1]
+ // On passe /var/alternc/html/u/user
+ $tr=preg_match("/^\/var\/alternc\/html\/.\/[^\/]*\/(.*)$/", $db->f("homedir"),$match); /* " */
+ $r[]=array(
+ "id"=>$db->f("id"),
+ "login"=>$db->f("name"),
+ "dir"=>$match[1]
);
}
return $r;
@@ -104,8 +119,8 @@ class m_ftp {
$tr=preg_match("/^\/var\/alternc\/html\/.\/[^\/]*\/(.*)$/", $db->f("homedir"),$match); /*"*/
$lg=explode("_",$db->f("name"));
if (!is_array($lg)) {
- $lg[0]=$db->f("name");
- $lg[1]="";
+ $lg[0]=$db->f("name");
+ $lg[1]="";
}
return array(
"id"=>$db->f("id"),
@@ -200,9 +215,9 @@ class m_ftp {
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
- if (!$admin->checkPolicy("ftp",$prefixe.$login,$pass)) {
- return false; // The error has been raised by checkPolicy()
- }
+ if (!$admin->checkPolicy("ftp",$prefixe.$login,$pass)) {
+ return false; // The error has been raised by checkPolicy()
+ }
}
$db->query("UPDATE ftpusers SET name='".$prefixe.$login."', password='', encrypted_password=ENCRYPT('$pass'), homedir='/var/alternc/html/$l/$lo/$dir', uid='$cuid' WHERE id='$id';");
@@ -276,7 +291,7 @@ class m_ftp {
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
if (!$admin->checkPolicy("ftp",$prefixe.$login,$pass)) {
- return false; // The error has been raised by checkPolicy()
+ return false; // The error has been raised by checkPolicy()
}
}
" />
" />