kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

classe admin / fichiers section admin associés

This commit is contained in:
quenenni 2017-08-15 17:03:56 +02:00
parent 0d5caada2f
commit b16c3ac69a
39 changed files with 333 additions and 342 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bureau/admin/adm_add.php
View File

@ -28,7 +28,8 @@ require_once("../class/config.php");
include_once("head.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -45,14 +46,15 @@ $fields = array (
);
getFields($fields);
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['adm']['classcount'];
?>
<h3><?php __("New AlternC account"); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
?>
<form method="post" action="adm_doadd.php" id="main" name="main" autocomplete="off">
<?php csrf_get(); ?>
@ -63,7 +65,7 @@ if (isset($error) && $error) {
</td></tr>
<tr>
<th><label for="pass"><?php __("Initial password"); ?></label><span class="mandatory">*</span></th>
<td><input type="password" id="pass" name="pass" autocomplete="off" class="int" value="<?php ehe($pass); ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td>
<td><input type="password" id="pass" name="pass" autocomplete="off" class="int" value="<?php ehe($pass); ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td>
</tr>
<tr>
<th><label for="passconf"><?php __("Confirm password"); ?></label><span class="mandatory">*</span></th>

9
bureau/admin/adm_authip_whitelist.php
View File

@ -15,13 +15,13 @@ getFields($fields);
if (!empty($delete_id)) {
if (! $authip->ip_delete($delete_id)) {
$error="Error during deletion";
$msg->raise('Error', "admin", _("Error during deletion")); // à traduire
}
}
if (!empty($ipsub)) {
if (! $authip->ip_save_whitelist($id, $ipsub, $infos)) {
$error="Error during recording";
$msg->raise('Error', "admin", _("Error during recording"));
}
}
@ -32,9 +32,8 @@ $list_ip = $authip->list_ip_whitelist();
<hr id="topbar"/>
<br />
<?php if (isset($error) && $error) { ?>
<p class="alert alert-danger"><?php echo $error ?></p>
<?php } ?>
<?php echo $msg->msg_html_all(); ?>
<center>
<p class="alert alert-warning"><?php __("Warning"); echo "<br/>"; __("The IP and subnet you have here are allowed for ALL users and ALL usages"); ?></p>
</center>

3
bureau/admin/adm_db_servers.php
View File

@ -27,7 +27,8 @@ require_once("../class/config.php");
include("head.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}

21
bureau/admin/adm_deactivate.php
View File

@ -32,7 +32,8 @@ require_once("../class/config.php");
include_once("head.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit;
}
$fields = array (
@ -43,19 +44,22 @@ $fields = array (
getFields($fields);
if (!$uid) {
__("Account not found");
$msg->raise('Error', "admin", _("Account not found"));
echo $msg->msg_html_all();
include_once("foot.php");
exit();
}
if (!$admin->checkcreator($uid)) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
include_once("foot.php");
exit();
}
if (!$r=$admin->get($uid)) {
__("User does not exist");
$msg->raise('Error', "admin", _("User does not exist"));
echo $msg->msg_html_all();
include_once("foot.php");
exit();
}
@ -79,7 +83,8 @@ if (! ($confirmed ) ) {
print "<h3>" . _("Domains of user: ") . $r["login"] . "</h3>";
} else {
if (empty($redirect)) {
__("Missing redirect url.");
$msg->raise('Error', "admin", _("Missing redirect url."));
echo $msg->msg_html_all();
include_once("foot.php");
exit();
}
@ -105,9 +110,7 @@ reset($domains);
foreach ($domains as $key => $domain) {
if (!$confirmed) print '<h4>' . $domain . '</h4><ul>';
$dom->lock();
if (!$r=$dom->get_domain_all($domain)) {
$error=$err->errstr();
}
$r=$dom->get_domain_all($domain);
$dom->unlock();
# 2. for each subdomain
if (is_array($r['sub'])) {
@ -132,7 +135,7 @@ foreach ($domains as $key => $domain) {
# 2.2 change the subdomain to redirect to http://spam.koumbit.org/
$dom->lock();
if (!$dom->set_sub_domain($domain, $sub, $dom->type_url, "edit", $redirect)) {
print "-- error in $sub.$domain: " . $err->errstr() . "\n";
print "-- error in $sub.$domain: " . $msg->msg_str("Error", "") . "\n";
}
$dom->unlock();
}

7
bureau/admin/adm_defquotas.php
View File

@ -32,7 +32,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
$fields = array (
@ -54,9 +55,7 @@ if ($synchronise==true) {
$quota->create_missing_quota_profile();
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
?>
<form method="post" action="adm_dodefquotas.php">
<?php csrf_get(); ?>

8
bureau/admin/adm_dnsweberror.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -41,10 +42,7 @@ include_once("head.php");
<hr id="topbar" />
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
?>
<br/>
<h3><?php __("List of the websites having errors in the domain database."); ?></h3>

10
bureau/admin/adm_doadd.php
View File

@ -27,7 +27,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit;
}
$fields = array (
@ -54,19 +55,18 @@ if ($create_dom && !empty($create_dom_list) ) {
}
if ($pass != $passconf) {
$error = _("Passwords do not match");
$msg->raise("Error", "admin", _("Passwords do not match"));
include("adm_add.php");
exit();
}
// Attemp to create, exit if fail
if (!($u=$admin->add_mem($login, $pass, $nom, $prenom, $nmail, $canpass, $type, 0, $notes, 0, $dom_to_create, $db_server_id))) {
$error=$err->errstr();
include ("adm_add.php");
exit;
}
$error=_("The new member has been successfully created");
$msg->raise("Ok", "admin", _("The new member has been successfully created"));
include("adm_list.php");
exit;

15
bureau/admin/adm_dodefquotas.php
View File

@ -32,7 +32,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
$fields = array (
@ -45,18 +46,18 @@ getFields($fields);
if($action == "add") {
if($quota->addtype($type)) {
$error=_("Account type"). " \"".htmlentities($type)."\" "._("added");
$msg->raise('Ok', "admin", _("Account type"). " \"".htmlentities($type)."\" "._("added"));
} else {
$error=_("Account type"). " \"".htmlentities($type)."\" "._("could not be added");
$msg->raise('Error', "admin", _("Account type"). " \"".htmlentities($type)."\" "._("could not be added"));
}
include("adm_defquotas.php");
} else if($action == "delete") {
if($del_confirm == "y"){
if(!empty($type)) {
if($quota->deltype($type)) {
$error=_("Account type"). " \"".htmlentities($type)."\" "._("deleted");
$msg->raise('Ok', "admin", _("Account type"). " \"".htmlentities($type)."\" "._("deleted"));
} else {
$error=_("Account type"). " \"".htmlentities($type)."\" "._("could not be deleted");
$msg->raise('Error', "admin", _("Account type"). " \"".htmlentities($type)."\" "._("could not be deleted"));
}
}
include("adm_defquotas.php");
@ -92,9 +93,9 @@ if($action == "add") {
}
if($quota->setdefaults($c)) {
$error=_("Default quotas successfully changed");
$msg->raise('Ok', "admin", _("Default quotas successfully changed"));
} else {
$error=_("Default quotas could not be set.");
$msg->raise('Error', "admin", _("Default quotas could not be set."));
}
include("adm_panel.php");
}

13
bureau/admin/adm_dodel.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -41,23 +42,23 @@ $fields = array (
getFields($fields);
if($del_confirm == "y"){
$error = "";
foreach ($accountList as $key => $val) {
if (!$admin->checkcreator($val)) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
if (!($u=$admin->get($val)) || !$admin->del_mem($val)) {
$error .= sprintf(_("Member '%s' does not exist"),$val)."<br />";
$msg->raise("Error", "admin", _("Member '%s' does not exist"),$val);
} else {
$error .= sprintf(_("Member %s successfully deleted"),$u["login"])."<br />";
$msg->raise("Ok", "admin", _("Member %s successfully deleted"),$u["login"]);
}
}
include("adm_list.php");
exit();
} else {
if (!is_array($accountList) || count($accountList)==0) {
$error=_("Please check the accounts you want to delete");
$msg->raise("Error", "admin", _("Please check the accounts you want to delete"));
require("adm_list.php");
exit();
}

11
bureau/admin/adm_doedit.php
View File

@ -32,7 +32,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -56,12 +57,13 @@ getFields($fields);
if ($subadmin==0 && !$admin->checkcreator($uid)) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
if ($pass != $passconf) {
$error = _("Passwords do not match");
$msg->raise("Error", "admin", _("Passwords do not match"));
include("adm_edit.php");
exit();
}
@ -71,9 +73,8 @@ if ($uid==$mem->user["uid"]) {
}
if (!$admin->update_mem($uid, $nmail, $nom, $prenom, $pass, $enabled, $canpass, $type, $duration, $notes, $reset_quotas)){
$error=$err->errstr();
include("adm_edit.php");
} else {
$error=_("The member has been successfully edited");
$msg->raise("Ok", "admin", _("The member has been successfully edited"));
include("adm_list.php");
}

9
bureau/admin/adm_domlock.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -39,11 +40,9 @@ $fields = array (
);
getFields($fields);
if (!$admin->dom_lock($domain)) {
$error=$err->errstr();
}
$admin->dom_lock($domain);
include("adm_doms.php");
exit;
?>
?>

7
bureau/admin/adm_doms.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -39,9 +40,7 @@ include_once ("head.php");
?>
<h3><?php __("Manage installed domains"); ?></h3>
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
$fields = array (
"force" => array ("get", "integer", "0"),

13
bureau/admin/adm_doms_def_type.php
View File

@ -2,7 +2,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -22,11 +23,6 @@ include_once("head.php");
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
$fields = array(
"domup" => array("post", "array", ""),
);
@ -34,11 +30,12 @@ getFields($fields);
if (!empty($domup)) {
if (!$dom->update_default_subdomains($domup)) {
$error = _("There was an error during the record.");
$msg->raise('Error', "admin", _("There was an error during the record."));
} else {
$error = _("Save done.");
$msg->raise('Ok', "admin", _("Save done."));
}
}
echo $msg->msg_html_all();
$tab = $dom->lst_default_subdomains();
?>

8
bureau/admin/adm_domstype.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -43,10 +44,7 @@ include_once("head.php");
<br />
<?php
if (!empty($error)) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
?>
<p>
<?php __("Here is the list of domain types."); ?>

9
bureau/admin/adm_domstypedoedit.php
View File

@ -1,7 +1,8 @@
<?php
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -20,12 +21,12 @@ $fields = array (
);
getFields($fields);
if ( ! $dom->domains_type_update($name, $description, $target, $entry, $compatibility, $enable, $only_dns, $need_dns, $advanced,$create_tmpdir,$create_targetdir) ) {
die($err->errstr());
if (! $dom->domains_type_update($name, $description, $target, $entry, $compatibility, $enable, $only_dns, $need_dns, $advanced,$create_tmpdir,$create_targetdir) ) {
include("adm_domstypedoedit.php");
} else {
$msg->raise('Ok', "admin", _("Domain type is updated"));
include("adm_domstype.php");
}
?>

15
bureau/admin/adm_domstypeedit.php
View File

@ -29,7 +29,8 @@
*/
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -51,21 +52,17 @@ $fields = array (
getFields($fields);
if (! $d=$dom->domains_type_get($name)) {
$error=$err->errstr();
echo $error;
} else {
$d=$dom->domains_type_get($name);
?>
<h3><?php __("Edit a domain type"); ?> </h3>
<hr id="topbar"/>
<br />
<?php
if (isset($error_edit) && $error_edit) {
echo "<p class=\"alert alert-danger\">$error_edit</p>";
$error_edit="";
echo $msg->msg_html_all();
} ?>
if (! $msg->has_msgs("Error")) {
?>
<form action="adm_domstypedoedit.php" method="post" name="main" id="main">
<?php csrf_get(); ?>

13
bureau/admin/adm_domstyperegenerate.php
View File

@ -1,7 +1,8 @@
<?php
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -11,13 +12,9 @@ $fields = array (
getFields($fields);
if (empty($name) || (! $dom->domains_type_regenerate($name)) ) {
die($err->errstr());
} else {
$error="Regenerate pending";
include("adm_domstype.php");
if (! empty($name) || ($dom->domains_type_regenerate($name)) ) {
$msg->raise('Ok', "admin", _("Regenerate pending"));
}
include("adm_domstype.php");
?>

13
bureau/admin/adm_donosu.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -39,14 +40,12 @@ $fields = array (
);
getFields($fields);
if (!$admin->su2normal($uid)) {
$error=$err->errstr();
} else {
$error=_("This account is now a normal account");
}
if ($admin->su2normal($uid)) {
$msg->raise("Ok", "admin", _("This account is now a normal account"));
}
include("adm_edit.php");
exit();
?>
?>

9
bureau/admin/adm_dorenew.php
View File

@ -31,7 +31,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -42,15 +43,15 @@ $fields = array (
getFields($fields);
if (!$admin->checkcreator($uid)) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
if (!$admin->renew_mem($uid, $periods)){
$error=$err->errstr();
include("adm_edit.php");
} else {
$error=_("The member has been successfully renewed");
$msg->raise("Ok", "admin", _("The member has been successfully renewed"));
include("adm_list.php");
}
?>

11
bureau/admin/adm_dosu.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -39,14 +40,12 @@ $fields = array (
);
getFields($fields);
if (!$admin->normal2su($uid)) {
$error=$err->errstr();
} else {
$error=_("This account is now an administrator account");
if ($admin->normal2su($uid)) {
$msg->raise("Ok", "admin", _("This account is now an administrator account"));
}
include("adm_edit.php");
exit();
?>
?>

19
bureau/admin/adm_edit.php
View File

@ -33,7 +33,8 @@ require_once("../class/config.php");
include_once("head.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -45,22 +46,22 @@ getFields($fields);
$subadmin=variable_get("subadmin_restriction");
if ($subadmin==0 && !$admin->checkcreator($uid)) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
if (!$r=$admin->get($uid)) {
$error=$err->errstr();
}
$r=$admin->get($uid);
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['adm']['classcount'];
?>
<h3><?php __("Member Edition"); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
?>
<form method="post" action="adm_doedit.php" name="main" id="main" autocomplete="off">
<?php csrf_get(); ?>
@ -88,7 +89,7 @@ if (!$r=$admin->get($uid)) {
<tr>
<th><label for="pass"><?php __("Password"); ?></label></th>
<td><input type="password" class="int" id="pass" autocomplete="off" name="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td>
<td><input type="password" class="int" id="pass" autocomplete="off" name="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td>
</tr>
<tr>
<th><label for="passconf"><?php __("Confirm password"); ?></label></th>

12
bureau/admin/adm_email.php
View File

@ -27,7 +27,8 @@ require_once("../class/config.php");
include("head.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -45,16 +46,13 @@ getFields($fields);
if ( !empty($submit) ) {
if ($admin->mailallmembers($subject,$message,$from)) {
$error=_("The email was successfully sent");
$msg->raise("Ok", "admin", _("The email was successfully sent"));
} else {
$error=_("There was an error");
$msg->raise("Ok", "admin", _("There was an error"));
}
}
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
?>
<form method="post" action="adm_email.php">
<?php csrf_get(); ?>

13
bureau/admin/adm_list.php
View File

@ -28,7 +28,8 @@ require_once("../class/config.php");
include_once("head.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
include_once('foot.php');
exit();
}
@ -54,7 +55,8 @@ $subadmin = variable_get("subadmin_restriction", 0);
// If we ask for all account but we aren't "admin" and
// subadmin var is not 1
if ($show == "all" && !$subadmin == 1 && $cuid != 2000) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
include('foot.php');
exit();
}
@ -130,9 +132,7 @@ if ($mem->user["admlist"] == 0) { // Normal (large) mode
</fieldset>
<?php
if (!empty($error)) {
echo '<p class="alert alert-danger">', $error, '</p>';
}
echo $msg->msg_html_all();
?>
<p>
@ -143,7 +143,8 @@ if (!empty($error)) {
<?php
if (!is_array($accountList) || empty($accountList)) {
echo '<p class="alert alert-danger">' . _("No account defined for now") . '</p>';
$msg->raise('Error', "admin", _("No account defined for now"));
echo $msg->msg_html_all();
include('foot.php');
}
?>

5
bureau/admin/adm_lockpanel.php
View File

@ -30,12 +30,13 @@
require_once("../class/config.php");
if (!$admin->enabled || $cuid!=2000) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
die();
}
$fields = array (
"action" =>array ("get","string",""),
"action" =>array ("get","string",""),
);
getFields($fields);

20
bureau/admin/adm_login.php
View File

@ -46,14 +46,14 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
list($newuid,$passcheck)=explode("/",$_COOKIE["oldid"]);
$newuid=intval($newuid);
if (!$newuid) {
$error=_("Your authentication information are incorrect");
$msg->raise("Error", "admin", _("Your authentication information are incorrect"));
include("index.php");
exit();
}
$admin->enabled=true;
$r=$admin->get($newuid);
if ($passcheck!=md5($r["pass"])) {
$error=_("Your authentication information are incorrect");
$msg->raise("Ok", "admin", _("Your authentication information are incorrect"));
include("index.php");
exit();
}
@ -64,7 +64,6 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
// And we go back to the former administrator account :
if (!$mem->setid($newuid)) {
$error=$err->errstr();
include("index.php");
exit();
}
@ -76,26 +75,25 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
// * with a user id to go to (we check the current account is admin and is allowed to connect to this account)
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
// Depending on subadmin_restriction, a subadmin can (or cannot) connect to account he didn't create
$subadmin=variable_get("subadmin_restriction");
if ($subadmin==0 && !$admin->checkcreator($id)) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
if (!$r=$admin->get($id)) {
$error=$err->errstr();
} else {
if ($r=$admin->get($id)) {
$oldid=$cuid."/".md5($mem->user["pass"]);
setcookie('oldid',$oldid,0,'/');
$_COOKIE['oldid']=$oldid;
if (!$mem->setid($id)) {
$error=$err->errstr();
include("index.php");
exit();
}
@ -110,9 +108,7 @@ include_once("head.php");
?>
<h3><?php __("Member login"); ?></h3>
<?php
echo $msg->msg_html_all();
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
include_once("foot.php");
?>

19
bureau/admin/adm_mxaccount.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -44,29 +45,31 @@ getFields($fields);
if ($delaccount) {
// Delete an account
if ($mail->del_slave_account($delaccount)) {
$error=_("The requested account has been deleted. It is now denied.");
$msg->raise('Ok', "admin", _("The requested account has been deleted. It is now denied."));
}
}
if ($newlogin) {
// Add an account
if ($mail->add_slave_account($newlogin,$newpass)) {
$error=_("The requested account address has been created. It is now allowed.");
$msg->raise('Ok', "admin", _("The requested account address has been created. It is now allowed."));
$newlogin='';$newpass='';
}
}
include_once("head.php");
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['adm']['classcount'];
?>
<h3><?php __("Manage allowed accounts for secondary mx"); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
$c=$mail->enum_slave_account();
echo $msg->msg_html_all();
if (is_array($c)) {
?>
@ -100,7 +103,7 @@ for($i=0;$i<count($c);$i++) { ?>
<tr><th><label for="newlogin"><?php __("Login"); ?></label></th><th><label for="newpass"><?php __("Password"); ?></label></th></tr>
<tr>
<td><input type="text" class="int" value="<?php ehe($newlogin); ?>" id="newlogin" name="newlogin" maxlength="64" size="32" /><br/><br/></td>
<td><input type="password" class="int" autocomplete="off" value="<?php ehe($newpass); ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass"); ?></td>
<td><input type="password" class="int" autocomplete="off" value="<?php ehe($newpass); ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","",$passwd_classcount); ?></td>
</tr>
<tr class="trbtn"><td colspan="2">
<input type="submit" value="<?php __("Add this account to the allowed list"); ?>" class="inb" />

9
bureau/admin/adm_panel.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -41,11 +42,7 @@ include_once("head.php");
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
include_once("foot.php");
exit;
}
echo $msg->msg_html_all();
?>
<ul id="adm_panel">
<li class="lst"><a href="adm_tld.php"><?php __("Manage allowed domains (TLD)"); ?></a></li>

23
bureau/admin/adm_passpolicy.php
View File

@ -27,7 +27,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -50,38 +51,34 @@ include_once("head.php");
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
$c=$admin->listPasswordPolicies();
//echo "<pre>"; print_r($c); echo "</pre>";
if (isset($doedit) && $doedit) {
if (!$c[$doedit]) {
echo "<p class=\"alert alert-danger\">"._("Policy not found")."</p>";
$msg->raise('Error', "admin", _("Policy not found"));
} else {
// Change it ;)
if ($admin->editPolicy($doedit,$minsize,$maxsize,$classcount,$allowlogin)) {
echo "<p class=\"info\">"._("Policy changed")."</p>";
$msg->raise('Ok', "admin", _("Policy changed"));
unset($edit);
$c=$admin->listPasswordPolicies();
} else {
echo "<p class=\"alert alert-danger\">"._("Cannot edit the policy, an error occurred")."</p>";
$msg->raise('Error', "admin", _("Cannot edit the policy, an error occurred"));
}
}
}
echo $msg->msg_html_all("<li>", true, true);
if (!empty($edit)) {
if (!$c[$edit]) {
echo "<p class=\"alert alert-danger\">"._("Policy not found")."</p>";
$msg->raise('Error', "admin", _("Policy not found"));
echo $msg->msg_html_all();
} else {
?>
<p><?php __("Please choose which policy you want to apply to this password kind:"); ?></p>
<p><?php __("Please choose which policy you want to apply to this password kind:"); ?></p>
<p><b><?php echo $c[$edit]["description"]; ?></b></p>
<p><b><?php echo $c[$edit]["description"]; ?></b></p>
<form method="post" action="adm_passpolicy.php">
<?php csrf_get(); ?>

8
bureau/admin/adm_quotadoedit.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
$fields = array (
@ -49,7 +50,10 @@ while (list($key,$val)=each($qlist)) {
$quota->setquota($key,$_REQUEST[$var]);
}
$mem->unsu();
$error=_("The quotas has been successfully edited");
if (!$msg->has_msgs("Error"))
$msg->raise("Ok", "admin", _("The quotas has been successfully edited"));
include("adm_list.php");
exit;

17
bureau/admin/adm_quotaedit.php
View File

@ -31,7 +31,8 @@ require_once("../class/config.php");
include_once("head.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
include_once("foot.php");
exit();
}
@ -41,14 +42,10 @@ $fields = array (
);
getFields($fields);
if (!$us=$admin->get($uid)) {
$error=$err->errstr();
}
$us=$admin->get($uid);
$mem->su($uid);
if (!$r=$quota->getquota()) {
$error=$err->errstr();
}
$r=$quota->getquota();
$mem->unsu();
?>
@ -56,11 +53,7 @@ $mem->unsu();
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
include_once("foot.php");
exit();
}
echo $msg->msg_html_all();
?>
<form method="post" action="adm_quotadoedit.php">
<?php csrf_get(); ?>

20
bureau/admin/adm_slavedns.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -48,13 +49,13 @@ getFields($fields);
if ($delaccount) {
// Delete an account
if ($dom->del_slave_account($delaccount)) {
$error=_("The requested account has been deleted. It is now denied.");
$msg->raise('Ok', "admin", _("The requested account has been deleted. It is now denied."));
}
}
if ($newlogin) {
// Add an account
if ($dom->add_slave_account($newlogin,$newpass)) {
$error=_("The requested account address has been created. It is now allowed.");
$msg->raise('Ok', "admin", _("The requested account address has been created. It is now allowed."));
unset($newlogin); unset($newpass);
}
}
@ -62,22 +63,21 @@ if ($newlogin) {
if ($delip) {
// Delete an ip address/class
if ($dom->del_slave_ip($delip)) {
$error=_("The requested ip address has been deleted. It will be denied in one hour.");
$msg->raise('Ok', "admin", _("The requested ip address has been deleted. It will be denied in one hour."));
}
}
if ($newip) {
// Add an ip address/class
if ($dom->add_slave_ip($newip,$newclass)) {
$error=_("The requested ip address has been added to the list. It will be allowed in one hour.");
$msg->raise('Ok', "admin", _("The requested ip address has been added to the list. It will be allowed in one hour."));
unset($newip); unset($newclass);
}
}
include_once("head.php");
if (!empty($error)) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['adm']['classcount'];
?>
<h3><?php __("Manage allowed ip for slave zone transfers"); ?></h3>
@ -86,6 +86,8 @@ if (!empty($error)) {
$c=$dom->enum_slave_ip();
echo $msg->msg_html_all();
if (is_array($c)) { ?>
<p>
<?php __("Here is the list of the allowed ip or ip class for slave dns zone transfer requests (AXFR). You must add the ip address of all the slave DNS you have so that those slaves will be allowed to transfer the zone files. There is also some defaults ip from DNS checks made by some third-party technical offices such as afnic (for .fr domains)"); ?>
@ -164,7 +166,7 @@ if (is_array($c)) { ?>
<tr><th><label for="newlogin"><?php __("Login"); ?></label></th><th><label for="newpass"><?php __("Password"); ?></label></th></tr>
<tr>
<td><input type="text" class="int" value="<?php ehe( isset($newlogin)?$newlogin:'') ; ?>" id="newlogin" name="newlogin" maxlength="64" size="32" /><br/><br/></td>
<td><input type="password" class="int" autocomplete="off" value="<?php ehe( (isset($newpass)?$newpass:'') ) ; ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass"); ?></td>
<td><input type="password" class="int" autocomplete="off" value="<?php ehe( (isset($newpass)?$newpass:'') ) ; ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","",$passwd_classcount); ?></td>
</tr>
<tr class="trbtn"><td colspan="2"><input type="submit" value="<?php __("Add this account to the allowed list"); ?>" class="inb" /></td></tr>
</table>

13
bureau/admin/adm_tld.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -41,13 +42,13 @@ getFields($fields);
if (is_array($sel)) {
$error="";
for($i=0;$i<count($sel);$i++) {
if (!$admin->deltld($sel[$i])) {
$error.=_("Some TLD cannot be deleted...")." : ".$sel[$i]."<br />";
$msg->raise("Error", "admin", _("Some TLD cannot be deleted...")." : ".$sel[$i]);
}
}
if (!$error) $error=_("The requested TLD has been deleted");
if (!$msg->has_msgs("Error"))
$msg->raise("Ok", "admin", _("The requested TLD has been deleted"));
}
include_once("head.php");
@ -57,9 +58,7 @@ include_once("head.php");
<hr id="topbar" />
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
$c=$admin->listtld();

9
bureau/admin/adm_tldadd.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
$fields = array (
@ -47,11 +48,7 @@ include_once ("head.php");
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
?>
<h3><?php __("Add a new TLD"); ?></h3>
<p>

6
bureau/admin/adm_tlddoadd.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -42,11 +43,10 @@ getFields($fields);
if (!$admin->addtld($tld,$mode)) {
$error=$err->errstr();
include("adm_tldadd.php");
exit();
} else {
$error=_("The TLD has been successfully added");
$msg->raise("Ok", "admin", _("The TLD has been successfully added"));
include("adm_tld.php");
exit();
}

6
bureau/admin/adm_tlddoedit.php
View File

@ -36,16 +36,16 @@ getFields($fields);
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
if (!$admin->edittld($tld,$mode)) {
$error=$err->errstr();
include("adm_tldedit.php");
exit();
} else {
$error=_("The TLD has been successfully edited");
$msg->raise("Ok", "admin", _("The TLD has been successfully edited"));
include("adm_tld.php");
exit();
}

8
bureau/admin/adm_tldedit.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -41,7 +42,6 @@ getFields($fields);
$mode=$admin->gettld($tld);
if ($mode===false) {
$error=$err->errstr();
include("adm_tld.php");
exit();
}
@ -53,9 +53,7 @@ include_once("head.php");
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
?>
<h3><?php __("Edit a TLD"); ?></h3>

6
bureau/admin/adm_update_domains.php
View File

@ -31,13 +31,15 @@ require_once("../class/config.php");
if (!$admin->enabled) {
if ( ! ( $isinvited && isset($oldid) && !empty($oldid) && $oldid==2000) ) { // Allow sub admins
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
}
if (! isset($L_INOTIFY_UPDATE_DOMAIN)) {
__("Missing INOTIFY_UPDATE_DOMAIN var in /etc/alternc/local.sh . Fix it!");
$msg->raise('Error', "admin", _("Missing INOTIFY_UPDATE_DOMAIN var in /etc/alternc/local.sh . Fix it!"));
echo $msg->msg_html_all();
die();
}

5
bureau/admin/adm_variables.php
View File

@ -30,7 +30,8 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
echo $msg->msg_html_all();
exit();
}
@ -47,7 +48,7 @@ include_once ("head.php");
<h3><?php __("Configure AlternC variables"); ?></h3>
<hr id="topbar"/>
<br />
<?php echo $msg->msg_html_all(); ?>
<p>
<?php __("Here are the internal AlternC variables that are currently being used."); ?>
</p>

241
bureau/class/m_admin.php
View File

@ -140,6 +140,15 @@ class m_admin {
return $obj;
}
/**
* Password kind used in this class (hook for admin class)
*
* @return array
*/
function alternc_password_policy() {
return array("adm" => "Administration section");
}
/**
*
*/
@ -191,7 +200,7 @@ class m_admin {
* <code>membres</code> et <code>local</code>)
* Ckecks if the account is super-admin
*
* @global type $err
* @global type $msg
* @global type $db
* @global string $lst_users_properties
* @param int $uid a unique integer identifying the account
@ -201,10 +210,10 @@ class m_admin {
* Returns FALSE if an error occurs.
*/
function get($uid, $recheck = false) {
global $err, $db, $lst_users_properties;
// $err->log("admin","get",$uid);
global $msg, $db, $lst_users_properties;
// $msg->log("admin","get",$uid);
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
@ -238,7 +247,7 @@ class m_admin {
// don't exist, but is not a forced check. Do a forced check
return $this->get($uid, true);
}
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
@ -250,16 +259,16 @@ class m_admin {
*
* Similar to get_list() but for creators/resellers.
*
* @global type $err
* @global type $msg
* @global type $db
* @param int $uid
* @return boolean
*/
function get_creator($uid) {
global $err, $db;
// $err->log("admin","get",$uid);
global $msg, $db;
// $msg->log("admin","get",$uid);
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
@ -269,7 +278,7 @@ class m_admin {
$db->next_record();
$c = $db->Record;
} else {
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
@ -317,7 +326,7 @@ class m_admin {
* @param
* @return
*
* @global type $err
* @global type $msg
* @global type $mem
* @global type $cuid
* @param integer $all
@ -329,10 +338,10 @@ class m_admin {
* Returns FALSE if an error occurs.
*/
function get_list($all = 0, $creator = 0, $pattern = FALSE, $pattern_type = FALSE) {
global $err, $mem, $cuid;
$err->log("admin", "get_list");
global $msg, $mem, $cuid;
$msg->log("admin", "get_list");
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
$db = new DB_System();
@ -370,7 +379,7 @@ class m_admin {
}
$request .= ' ORDER BY login;';
} else {
$err->raise("admin", _("Invalid pattern type provided. Are you even performing a legitimate action?"));
$msg->raise('Error', "admin", _("Invalid pattern type provided. Are you even performing a legitimate action?"));
return FALSE;
}
} else {
@ -400,7 +409,7 @@ class m_admin {
/**
* Send an email to all AlternC's accounts
*
* @global type $err
* @global type $msg
* @global type $mem
* @global type $cuid
* @global type $db
@ -410,10 +419,10 @@ class m_admin {
* @return boolean
*/
function mailallmembers($subject, $message, $from) {
global $err, $db;
$err->log("admin", "mailallmembers");
global $msg, $db;
$msg->log("admin", "mailallmembers");
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
$subject = trim($subject);
@ -421,12 +430,12 @@ class m_admin {
$from = trim($from);
if (empty($subject) || empty($message) || empty($from)) {
$err->raise("admin", _("Subject, message and sender are mandatory"));
$msg->raise('Error', "admin", _("Subject, message and sender are mandatory"));
return false;
}
//@todo remove cf functions.php
if (checkmail($from) != 0) {
$err->raise("admin", _("Sender is syntaxically incorrect"));
$msg->raise('Error', "admin", _("Sender is syntaxically incorrect"));
return false;
}
@ -446,19 +455,19 @@ class m_admin {
* May only be called by the admin account (2000)
* If there are no reseller accounts, returns an empty array.
*
* @global type $err
* @global type $msg
* @global type $mem
* @global type $cuid
* @return boolean
*/
function get_creator_list() {
global $err, $cuid;
global $msg, $cuid;
$creators = array();
$err->log("admin", "get_reseller_list");
$msg->log("admin", "get_reseller_list");
if (!$this->enabled || $cuid != 2000) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
@ -479,7 +488,7 @@ class m_admin {
/**
* Check if I am the creator of the member $uid
*
* @global type $err
* @global type $msg
* @global type $mem
* @global type $db
* @global type $cuid
@ -487,14 +496,14 @@ class m_admin {
* @return boolean TRUE if I am the creator of that account. FALSE else.
*/
function checkcreator($uid) {
global $err, $db, $cuid;
global $msg, $db, $cuid;
if ($cuid == 2000) {
return true;
}
$db->query("SELECT creator FROM membres WHERE uid= ?;", array($uid));
$db->next_record();
if ($db->Record["creator"] != $cuid) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
return true;
@ -504,7 +513,7 @@ class m_admin {
* When the admin want to delegate a subdomain to an account
*
* @global m_mysql $db
* @global m_err $err
* @global m_messages $msg
* @global m_dom $dom
* @global m_mem $mem
* @global int $cuid
@ -513,18 +522,18 @@ class m_admin {
* @return boolean
*/
function add_shared_domain($u, $domain_name) {
global $err, $dom, $mem;
$err->log("admin", "add_shared_domain", $u . "/" . $domain_name);
global $msg, $dom, $mem;
$msg->log("admin", "add_shared_domain", $u . "/" . $domain_name);
if (!$mem->checkright()) {
$err->raise("admin", _("-- Only administrators can do that! --"));
$msg->raise('Error', "admin", _("-- Only administrators can do that! --"));
return false;
}
// Check if this domain exist on this admin account
if ((!in_array($domain_name, $dom->enum_domains()))&&($domaine_name!=variable_get("hosting_tld"))) {
$err->raise("admin", _("You don't seem to be allowed to delegate this domain"));
$err->log("admin", "add_shared_domain", "domain not allowed");
$msg->raise('Error', "admin", _("You don't seem to be allowed to delegate this domain"));
$msg->log("admin", "add_shared_domain", "domain not allowed");
return false;
}
@ -551,7 +560,7 @@ class m_admin {
* the account $mid is not super-admin.
*
*
* @global m_err $err
* @global m_messages $msg
* @global m_quota $quota
* @global array $classes
* @global int $cuid
@ -576,46 +585,46 @@ class m_admin {
* @return boolean Returns FALSE if an error occurs, TRUE if not.
*/
function add_mem($login, $pass, $nom, $prenom, $mail, $canpass = 1, $type = 'default', $duration = 0, $notes = "", $force = 0, $create_dom = '', $db_server_id) {
global $err, $cuid, $mem, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $hooks, $action;
$err->log("admin", "add_mem", $login . "/" . $mail);
global $msg, $cuid, $mem, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $hooks, $action;
$msg->log("admin", "add_mem", $login . "/" . $mail);
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
if (empty($db_server_id)) {
$err->raise("admin", _("Missing db_server field"));
$msg->raise('Error', "admin", _("Missing db_server field"));
return false;
}
if (($login == "") || ($pass == "")) {
$err->raise("admin", _("Please fill all mandatory fields"));
$msg->raise('Error', "admin", _("Please fill all mandatory fields"));
return false;
}
if (!$force) {
if ($mail == "") {
$err->raise("admin", _("Please fill all mandatory fields"));
$msg->raise('Error', "admin", _("Please fill all mandatory fields"));
return false;
}
//@todo remove cf functions.php
if (checkmail($mail) != 0) {
$err->raise("admin", _("Please enter a valid email address"));
$msg->raise('Error', "admin", _("Please enter a valid email address"));
return false;
}
}
$login = strtolower($login);
if (!preg_match("#^[a-z0-9]+$#", $login)) { //$
$err->raise("admin", _("Login can only contains characters a-z and 0-9"));
$msg->raise('Error', "admin", _("Login can only contains characters a-z and 0-9"));
return false;
}
if (strlen($login) > 14) {
// Not an arbitrary value : MySQL user names can be up to 16 characters long
// If we want to allow people to create a few mysql_user (and we want to!)
// we have to limit the login lenght
$err->raise("admin", _("The login is too long (14 chars max)"));
$msg->raise('Error', "admin", _("The login is too long (14 chars max)"));
return false;
}
// Some login are not allowed...
if ($login == $L_MYSQL_DATABASE || $login == $L_MYSQL_LOGIN || $login == "mysql" || $login == "root") {
$err->raise("admin", _("Login can only contains characters a-z, 0-9 and -"));
$msg->raise('Error', "admin", _("Login can only contains characters a-z, 0-9 and -"));
return false;
}
$pass = _md5cr($pass);
@ -654,7 +663,7 @@ class m_admin {
return $uid;
} else {
$err->raise("admin", _("This login already exists"));
$msg->raise('Error', "admin", _("This login already exists"));
return false;
}
}
@ -663,21 +672,21 @@ class m_admin {
* AlternC's standard function called when a user is created
* This sends an email if configured through the interface.
*
* @global m_err $err
* @global m_messages $msg
* @global int $cuid
* @global string $L_FQDN
* @global string $L_HOSTING
* @return boolean
*/
function hook_admin_add_member() {
global $err, $cuid, $L_FQDN, $L_HOSTING;
global $msg, $cuid, $L_FQDN, $L_HOSTING;
$dest = variable_get('new_email', '0', 'An email will be sent to this address when new accounts are created if set.', array('desc' => 'Enabled', 'type' => 'boolean'));
if (!$dest) {
return false;
}
$db = new DB_System();
if (!$db->query("SELECT m.*, parent.login as parentlogin FROM membres m LEFT JOIN membres parent ON parent.uid=m.creator WHERE m.uid= ?", array($cuid))) {
$err->raise("admin", sprintf(_("query failed: %s "), $db->Error));
$msg->raise('Error', "admin", sprintf(_("query failed: %s "), $db->Error));
return false;
}
if ($db->next_record()) {
@ -709,11 +718,11 @@ EOF;
//sprintf(_("Email successfully sent to %s"), $dest);
return true;
} else {
$err->raise("admin", sprintf(_("Cannot send email to %s"), $dest));
$msg->raise('Error', "admin", sprintf(_("Cannot send email to %s"), $dest));
return false;
}
} else {
$err->raise("admin", sprintf(_("Query failed: %s"), $db->Error));
$msg->raise('Error', "admin", sprintf(_("Query failed: %s"), $db->Error));
return false;
}
}
@ -725,7 +734,7 @@ EOF;
* and <code>local</code>). Prevents any manipulation of the account if
* the account $mid is not super-admin.
*
* @global m_err $err
* @global m_messages $msg
* @global m_mysql $db
* @global int $cuid
* @global m_quota $quota
@ -743,12 +752,12 @@ EOF;
* @return boolean Returns FALSE if an error occurs, TRUE if not
*/
function update_mem($uid, $mail, $nom, $prenom, $pass, $enabled, $canpass, $type = 'default', $duration = 0, $notes = "", $reset_quotas = false) {
global $err, $db, $quota;
global $msg, $db, $quota;
$err->log("admin", "update_mem", $uid);
$msg->log("admin", "update_mem", $uid);
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
$db = new DB_System();
@ -775,7 +784,7 @@ EOF;
$this->renew_update($uid, $duration);
return true;
} else {
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
}
@ -785,23 +794,23 @@ EOF;
*
* Lock an account and prevent the user to access its account.
*
* @global m_err $err
* @global m_messages $msg
* @global m_mysql $db
* @param int $uid The uid number of the account
* @return boolean Returns FALSE if an error occurs, TRUE if not.
*/
function lock_mem($uid) {
global $err, $db;
$err->log("admin", "lock_mem", $uid);
global $msg, $db;
$msg->log("admin", "lock_mem", $uid);
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
$db = new DB_System();
if ($db->query("UPDATE membres SET enabled='0' WHERE uid= ?;", array($uid))) {
return true;
} else {
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
}
@ -812,23 +821,23 @@ EOF;
* UnLock an account and prevent the user to access its account.
*
*
* @global m_err $err
* @global m_messages $msg
* @global m_mysql $db
* @param int $uid The uid number of the account
* @return boolean Returns FALSE if an error occurs, TRUE if not.
*/
function unlock_mem($uid) {
global $err, $db;
$err->log("admin", "unlock_mem", $uid);
global $msg, $db;
$msg->log("admin", "unlock_mem", $uid);
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
$db = new DB_System();
if ($db->query("UPDATE membres SET enabled='1' WHERE uid= ?;", array($uid))) {
return true;
} else {
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
}
@ -839,7 +848,7 @@ EOF;
* Deletes the specified account. Prevents any manipulation of the account if
* the account $mid is not super-admin.
*
* @global m_err $err
* @global m_messages $msg
* @global m_quota $quota
* @global array $classes
* @global int $cuid
@ -851,11 +860,11 @@ EOF;
* @return boolean Returns FALSE if an error occurs, TRUE if not.
*/
function del_mem($uid) {
global $err, $mem, $dom, $hooks, $action;
$err->log("admin", "del_mem", $uid);
global $msg, $mem, $dom, $hooks, $action;
$msg->log("admin", "del_mem", $uid);
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
$msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
return false;
}
$db = new DB_System();
@ -865,7 +874,7 @@ EOF;
// This script may take a long time on big accounts, let's give us some time ... Fixes 1132
@set_time_limit(0);
// WE MUST call m_dom before all others because of conflicts ...
$dom->hook_admin_del_member();
$dom->admin_del_member();
# New way of deleting or backup delted user html folders using action class
$path = getuserpath($tt['login']);
@ -881,7 +890,7 @@ EOF;
$db->query("UPDATE membres SET creator=2000 WHERE creator= ?;", array($uid));
return true;
} else {
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
$mem->unsu();
return false;
}
@ -892,14 +901,14 @@ EOF;
*
* Renew an account for its duration
*
* @global m_err $err
* @global m_messages $msg
* @global m_mysql $db
* @param int $uid The uid number of the account
* @param int $periods The new duration, in months, of the account
* @return boolean Returns FALSE if an error occurs, TRUE if not.
*/
function renew_mem($uid, $periods = 1) {
global $err, $db;
global $msg, $db;
$periods = intval($periods);
if ($periods == 0) {
@ -908,7 +917,7 @@ EOF;
if ($db->query("UPDATE membres SET renewed = renewed + INTERVAL (duration * ?) MONTH WHERE uid= ?;", array($periods, $uid))) {
return true;
} else {
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
}
@ -916,14 +925,14 @@ EOF;
/**
* Update the duration information for an account
*
* @global m_err $err
* @global m_messages $msg
* @global m_mysql $db
* @param int $uid The uid number of the account
* @param int $duration The new duration, in months, of the account
* @return boolean Returns FALSE if an error occurs, TRUE if not.
*/
function renew_update($uid, $duration) {
global $err, $db;
global $msg, $db;
if ($duration == 0) {
if ($db->query("UPDATE membres SET duration = NULL, renewed = NULL WHERE uid= ?;", array($uid))) {
@ -936,7 +945,7 @@ EOF;
}
}
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
@ -1005,20 +1014,20 @@ EOF;
/**
* Turns a common account into a super-admin account
*
* @global m_err $err
* @global m_messages $msg
* @global m_mysql $db
* @param int $uid The uid number of the account
* @return boolean
*/
function normal2su($uid) {
global $err, $db;
global $msg, $db;
$db->query("SELECT su FROM membres WHERE uid= ?;", array($uid));
if (!$db->next_record()) {
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
if ($db->Record["su"] != 0) {
$err->raise("admin", _("This account is ALREADY an administrator account"));
$msg->raise('Error', "admin", _("This account is ALREADY an administrator account"));
return false;
}
$db->query("UPDATE membres SET su=1 WHERE uid= ?;", array($uid));
@ -1028,20 +1037,20 @@ EOF;
/**
* Turns a super-admin account into a common account
*
* @global m_err $err
* @global m_messages $msg
* @global m_mysql $db
* @param int $uid The uid number of the account
* @return boolean Returns FALSE if an error occurs, TRUE if not.
*/
function su2normal($uid) {
global $err, $db;
global $msg, $db;
$db->query("SELECT su FROM membres WHERE uid= ?;", array($uid));
if (!$db->next_record()) {
$err->raise("admin", _("Account not found"));
$msg->raise('Error', "admin", _("Account not found"));
return false;
}
if ($db->Record["su"] != 1) {
$err->raise("admin", _("This account is NOT an administrator account!"));
$msg->raise('Error', "admin", _("This account is NOT an administrator account!"));
return false;
}
$db->query("UPDATE membres SET su=0 WHERE uid= ?;", array($uid));
@ -1219,15 +1228,15 @@ EOF;
* from its account
*
* @global m_mysql $db
* @global m_err $err
* @global m_messages $msg
* @param string $domain Domain name to lock / unlock
* @return boolean TRUE if the domain has been locked/unlocked or FALSE if it does not exist.
*/
function dom_lock($domain) {
global $db, $err;
global $db, $msg;
$db->query("SELECT compte FROM domaines WHERE domaine= ?;", array($domain));
if (!$db->next_record()) {
$err->raise("dom", _("Domain '%s' not found."), $domain);
$msg->raise('Error', "dom", _("Domain '%s' not found."), $domain);
return false;
}
$db->query("UPDATE domaines SET noerase=1-noerase WHERE domaine= ?;", array($domain));
@ -1238,15 +1247,15 @@ EOF;
* Add a new TLD to the list of the authorized TLDs
*
* @global m_mysql $db
* @global m_err $err
* @global m_messages $msg
* @param string $tld top-level domain to add (org, com...)
* @return boolean TRUE if the tld has been successfully added, FALSE if not.
*/
function gettld($tld) {
global $db, $err;
global $db, $msg;
$db->query("SELECT mode FROM tld WHERE tld= ?;", array($tld));
if (!$db->next_record()) {
$err->raise("admin", _("This TLD does not exist"));
$msg->raise('Error', "admin", _("This TLD does not exist"));
return false;
}
return $db->Record["mode"];
@ -1273,16 +1282,16 @@ EOF;
* on this TLD
*
* @global m_mysql $db
* @global m_err $err
* @global m_messages $msg
* @param string $tld The TLD you want to delete
* @return boolean returns true if the TLD has been deleted, or
* false if an error occured.
*/
function deltld($tld) {
global $db, $err;
global $db, $msg;
$db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
if (!$db->next_record()) {
$err->raise("admin", _("This TLD does not exist"));
$msg->raise('Error', "admin", _("This TLD does not exist"));
return false;
}
$db->query("DELETE FROM tld WHERE tld= ?;", array($tld));
@ -1298,23 +1307,23 @@ EOF;
* domain!
*
* @global m_mysql $db
* @global m_err $err
* @global m_messages $msg
* @param string $tld string TLD we want to authorize
* @param boolean $mode Controls to make on this TLD.
* @return boolean TRUE if the TLD has been successfully
* added. FALSE if not.
*/
function addtld($tld, $mode) {
global $db, $err;
global $db, $msg;
if (!$tld) {
$err->raise("admin", _("The TLD name is mandatory"));
$msg->raise('Error', "admin", _("The TLD name is mandatory"));
return false;
}
$tld = trim($tld);
$db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
if ($db->next_record()) {
$err->raise("admin", _("This TLD already exist"));
$msg->raise('Error', "admin", _("This TLD already exist"));
return false;
}
if (substr($tld, 0, 1) == ".") {
@ -1332,7 +1341,7 @@ EOF;
* Modify a TLD of the list of the authorized TLDs
*
* @global m_mysql $db
* @global m_err $err
* @global m_messages $msg
* @param string $tld TLD we want to modify
* @param int $mode Controls to make on this TLD.
* @return boolean TRUE if the TLD has been successfully
@ -1340,10 +1349,10 @@ EOF;
*/
function edittld($tld, $mode) {
global $db, $err;
global $db, $msg;
$db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
if (!$db->next_record()) {
$err->raise("admin", _("This TLD does not exist"));
$msg->raise('Error', "admin", _("This TLD does not exist"));
return false;
}
$mode = intval($mode);
@ -1442,40 +1451,40 @@ EOF;
/**
*
* @global m_mysql $db
* @global m_err $err
* @global m_messages $msg
* @param string $policy Name of the policy to check for
* @param string $login The login that will be set
* @param string $password The password we have to check
* @return boolean TRUE if the password if OK for this login and this policy, FALSE if it is not.
*/
function checkPolicy($policy, $login, $password) {
global $err;
function checkPolicy($policy, $login, $password, $canbeempty = false) {
global $msg;
if (empty($login)) {
$err->raise("admin", _("Please enter a login"));
$msg->raise('alert', "admin", _("Please enter a login"));
return false;
}
if (empty($password)) {
$err->raise("admin", _("Please enter a password"));
if (empty($password) && !$canbeempty) {
$msg->raise('alert', "admin", _("Please enter a password"));
return false;
}
$pol = $this->listPasswordPolicies();
if (!$pol[$policy]) {
$err->raise("admin", _("-- Program error -- The requested password policy does not exist!"));
$msg->raise('Error', "admin", _("-- Program error -- The requested password policy does not exist!"));
return false;
}
$pol = $pol[$policy];
// Ok, now let's check it :
$plen = strlen($password);
if ($plen < $pol["minsize"]) {
$err->raise("admin", _("The password length is too short according to the password policy"));
if ($plen < $pol["minsize"] && !($canbeempty && empty($password))) {
$msg->raise('Error', "admin", _("The password length is too short according to the password policy"));
return false;
}
if ($plen > $pol["maxsize"]) {
$err->raise("admin", _("The password is too long according to the password policy"));
if ($plen > $pol["maxsize"] && !($canbeempty && empty($password))) {
$msg->raise('Error', "admin", _("The password is too long according to the password policy"));
return false;
}
@ -1488,13 +1497,13 @@ EOF;
continue;
}
if (strpos($password, $l) !== false || strpos($l, $password) !== false) {
$err->raise("admin", _("The password policy prevents you to use your login name inside your password or the other way around"));
$msg->raise('Error', "admin", _("The password policy prevents you to use your login name inside your password or the other way around"));
return false;
}
}
}
if ($pol["classcount"] > 0) {
if ($pol["classcount"] > 0 && !($canbeempty && empty($password))) {
$cls = array(0, 0, 0, 0, 0);
for ($i = 0; $i < strlen($password); $i++) {
$p = substr($password, $i, 1);
@ -1512,7 +1521,7 @@ EOF;
} // foreach
$clc = array_sum($cls);
if ($clc < $pol["classcount"]) {
$err->raise("admin", _("Your password contains not enough different classes of character, between low-case, up-case, figures and special characters."));
$msg->raise('Error', "admin", _("Your password contains not enough different classes of character, between low-case, up-case, figures and special characters."));
return false;
}
}