kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

REFACTORING: code formatting of the panel + braces on if/while/for + fixe some missing or too many Globals in functions

This commit is contained in:
Benjamin Sonntag 2015-09-25 17:42:00 +02:00
parent 3e42567048
commit d3ab589e56
19 changed files with 6838 additions and 6706 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

146
bureau/admin/adm_doms_def_type.php
View File

@ -2,92 +2,90 @@
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
__("This page is restricted to authorized staff");
exit();
}
}
include_once("head.php");
include_once("head.php");
?>
<h3><?php __("Manage defaults domains type"); ?></h3>
<hr id="topbar" />
<p><?php __("If you don't know what this page is about, don't touch anything, and read AlternC documentation about domain types"); ?></p>
<p><?php __("The Type column contains a type of available VirtualHost config on The server."); ?></p>
<p><?php __("The Setting column contains the variables to be expanded in the defaults configuration. Available values are: "); ?></p>
<ul>
<li><?php __("%%DOMAIN%% : the Domain name"); ?></li>
<li><?php __("%%TARGETDOM%%: The destination domain"); ?></li>
<li><?php __("%%SUB%% : The subdomain name"); ?></li>
<li><?php __("%%DOMAINDIR%%: the domain directory on the file system"); ?></li>
</ul>
?>
<h3><?php __("Manage defaults domains type"); ?></h3>
<hr id="topbar" />
<p><?php __("If you don't know what this page is about, don't touch anything, and read AlternC documentation about domain types"); ?></p>
<p><?php __("The Type column contains a type of available VirtualHost config on The server."); ?></p>
<p><?php __("The Setting column contains the variables to be expanded in the defaults configuration. Available values are: "); ?></p>
<ul>
<li><?php __("%%DOMAIN%% : the Domain name"); ?></li>
<li><?php __("%%TARGETDOM%%: The destination domain"); ?></li>
<li><?php __("%%SUB%% : The subdomain name"); ?></li>
<li><?php __("%%DOMAINDIR%%: the domain directory on the file system"); ?></li>
</ul>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
$fields = array (
"domup" => array ("post", "array", ""),
$fields = array(
"domup" => array("post", "array", ""),
);
getFields($fields);
if (!empty($domup)) {
if (!$dom->update_default_subdomains($domup) ) {
$error=_("There was an error during the record.");
} else {
$error=_("Save done.");
}
if (!$dom->update_default_subdomains($domup)) {
$error = _("There was an error during the record.");
} else {
$error = _("Save done.");
}
}
$tab=$dom->lst_default_subdomains();
$tab = $dom->lst_default_subdomains();
?>
<form method="post" action="adm_doms_def_type.php" name="main" id="main">
<table class="tlist">
<tr><th>&nbsp;</th><th><?php __("Sub"); ?></th><th><?php __("Type"); ?></th><th><?php __("settings"); ?></th><th><?php __("Concerned"); ?></th><th><?php __("Activation"); ?></th></tr>
<?php
for($i=0;$i<count($tab)+1;$i++) {?>
<tr class="lst">
<td>
<table class="tlist">
<tr><th>&nbsp;</th><th><?php __("Sub"); ?></th><th><?php __("Type"); ?></th><th><?php __("settings"); ?></th><th><?php __("Concerned"); ?></th><th><?php __("Activation"); ?></th></tr>
<?php for ($i = 0; $i < count($tab) + 1; $i++) { ?>
<tr class="lst">
<td>
<?php
@$val = $tab[$i];
if (isset($tab[$i])) {
echo "<input type='hidden' name='domup[$i][id]' value='" . $val['id'] . "' />";
}
?>
<div class="ina delete"><a href="dom_defdel.php?id=<?php echo $val['id']; ?>"><?php __("Delete"); ?></a></div>
</td>
<?php
@$val=$tab[$i];
if (isset($tab[$i])){
echo "<input type='hidden' name='domup[$i][id]' value='".$val['id']."' />";
}
?>
<div class="ina delete"><a href='dom_defdel.php?id=<?php echo $val['id']; ?>' type=''><?php __("Delete"); ?></a></div>
</td>
<td><input type='text' size="16" name='domup[<?php echo $i; ?>][sub]' value="<?php echo $val['sub']; ?>"/></td>
<?php $type=array("VHOST","URL","WEBMAIL","");
if(in_array($val['domain_type'],$type)){?>
<td><select name='domup[<?php echo $i; ?>][domain_type]'>
<option value='VHOST' <?php if($val['domain_type']=='VHOST') echo "selected=\"selected\""; ?> >VHOST</option>
<option value='URL' <?php if($val['domain_type']=='URL') echo "selected=\"selected\""; ?> >URL</option>
<option value='WEBMAIL' <?php if($val['domain_type']=='WEBMAIL') echo "selected=\"selected\""; ?> >WEBMAIL</option>
</select>
<?php }else{?>
<td><input type ='text' width="100px" style="width:100px" name='domup[<?php echo $i; ?>][domain_type]' value='<?php echo $val['domain_type']?>' ></td>
<? }?>
</td>
<td><input type ='text' name='domup[<?php echo $i; ?>][domain_type_parameter]' value='<?php echo $val['domain_type_parameter']?>' /></td>
<td><select name='domup[<?php echo $i; ?>][concerned]'>
<option value='MAIN' <?php if($val['concerned']=='MAIN') echo "selected=\"selected\""; ?> >MAIN</option>
<option value='SLAVE' <?php if($val['concerned']=='SLAVE') echo "selected=\"selected\""; ?> >SLAVE</option>
<option value='BOTH' <?php if($val['concerned']=='BOTH') echo "selected=\"selected\""; ?> >BOTH</option>
</select>
</td>
<td><input type="checkbox" name="domup[<?php echo $i; ?>][enabled]" value="1" <?php if ($val['enabled']==1) echo "checked=\"checked\""; ?> /></td>
</tr>
<?php
}
?>
<tr>
<td colspan='6'><p><input type="submit" class="inb" name="submit" value="<?php __("Save"); ?>" /></p></td>
</tr>
</table>
<td><input type='text' size="16" name='domup[<?php echo $i; ?>][sub]' value="<?php echo $val['sub']; ?>"/></td>
<?php
$type = array("VHOST", "URL", "WEBMAIL", "");
if (in_array($val['domain_type'], $type)) {
?>
<td><select name='domup[<?php echo $i; ?>][domain_type]'>
<option value='VHOST' <?php if ($val['domain_type'] == 'VHOST') echo "selected=\"selected\""; ?> >VHOST</option>
<option value='URL' <?php if ($val['domain_type'] == 'URL') echo "selected=\"selected\""; ?> >URL</option>
<option value='WEBMAIL' <?php if ($val['domain_type'] == 'WEBMAIL') echo "selected=\"selected\""; ?> >WEBMAIL</option>
</select>
<?php } else { ?>
<td><input type="text" style="width:100px" name="domup[<?php echo $i; ?>][domain_type]" value="<?php echo $val['domain_type'] ?>" ></td>
<?php } ?>
<td><input type ='text' name='domup[<?php echo $i; ?>][domain_type_parameter]' value='<?php echo $val['domain_type_parameter'] ?>' /></td>
<td><select name='domup[<?php echo $i; ?>][concerned]'>
<option value='MAIN' <?php if ($val['concerned'] == 'MAIN') echo "selected=\"selected\""; ?> >MAIN</option>
<option value='SLAVE' <?php if ($val['concerned'] == 'SLAVE') echo "selected=\"selected\""; ?> >SLAVE</option>
<option value='BOTH' <?php if ($val['concerned'] == 'BOTH') echo "selected=\"selected\""; ?> >BOTH</option>
</select>
</td>
<td><input type="checkbox" name="domup[<?php echo $i; ?>][enabled]" value="1" <?php if ($val['enabled'] == 1) echo "checked=\"checked\""; ?> /></td>
</tr>
<?php
}
?>
<tr>
<td colspan='6'><p><input type="submit" class="inb" name="submit" value="<?php __("Save"); ?>" /></p></td>
</tr>
</table>
</form>
<?php
include_once("foot.php"); ?>
<?php include_once("foot.php");

763
bureau/class/m_authip.php
View File

@ -1,414 +1,423 @@
<?php
/**
$Id: m_authip.php
----------------------------------------------------------------------
LICENSE
$Id: m_authip.php
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Fufroma
----------------------------------------------------------------------
*/
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Fufroma
----------------------------------------------------------------------
*/
/**
* Classe de gestion des IP authorisée
* Classe de gestion des IP authorisée
* @group alternc
**/
* */
class m_authip {
/**
* Retourne la liste des ip whitelist
*
* @global m_mem $mem
* @return array retourne un tableau indexé des ip de l'utilisateur
*/
function list_ip_whitelist() {
global $mem;
if (!$mem->checkRight()) return false;
return $this->list_ip(true);
}
/**
*
* @return array
*/
function hook_menu() {
$obj = array(
'title' => _("FTP Access Security"),
'ico' => 'images/ip.png',
'link' => 'ip_main.php',
'pos' => 120,
) ;
return $obj;
}
/**
* Retourne la liste des ip spécifiées par cet utilisateur
*
*
* @global m_mysql $db
* @global m_mem $mem
* @global int $cuid
* @param boolean $whitelist
* @return array Retourne un tableau indexé des ip de l'utilisateur
*/
function list_ip($whitelist=false) {
global $db, $mem;
if ($whitelist && $mem->checkRight() ) {
$cuid=0;
} else {
global $cuid;
/**
* Retourne la liste des ip whitelist
*
* @global m_mem $mem
* @return array retourne un tableau indexé des ip de l'utilisateur
*/
function list_ip_whitelist() {
global $mem;
if (!$mem->checkRight()) {
return false;
}
return $this->list_ip(true);
}
$r = array();
$db->query("SELECT * FROM authorised_ip WHERE uid='$cuid' order by ip,subnet;");
while ($db->next_record()) {
$r[$db->f('id')]=$db->Record;
if ( (checkip($db->f('ip')) && $db->f('subnet') == 32) ||
(checkipv6($db->f('ip')) && $db->f('subnet') == 128) ) {
$r[$db->f('id')]['ip_human']=$db->f('ip');
} else {
$r[$db->f('id')]['ip_human']=$db->f('ip')."/".$db->f('subnet');
}
/**
*
* @return array
*/
function hook_menu() {
$obj = array(
'title' => _("FTP Access Security"),
'ico' => 'images/ip.png',
'link' => 'ip_main.php',
'pos' => 120,
);
return $obj;
}
return $r;
}
/**
* Retourne la liste des ip spécifiées par cet utilisateur
*
*
* @global m_mysql $db
* @global m_mem $mem
* @global int $cuid
* @param boolean $whitelist
* @return array Retourne un tableau indexé des ip de l'utilisateur
*/
function list_ip($whitelist = false) {
global $db, $mem;
if ($whitelist && $mem->checkRight()) {
$cuid = 0;
} else {
global $cuid;
}
/**
* Supprime une IP des IP de l'utilisateur
* et supprime les droits attaché en cascade
*
* @param integer $id
* @return boolean
*
* @global m_mysql $db
* @global int $cuid
* @param int $id id de la ligne à supprimer
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_delete($id) {
global $db, $cuid;
$id=intval($id);
$db->query("SELECT id FROM authorised_ip_affected where authorised_ip_id ='$id';");
while ($db->next_record()) {
$this->ip_affected_delete($db->f('id'));
$r = array();
$db->query("SELECT * FROM authorised_ip WHERE uid='$cuid' order by ip,subnet;");
while ($db->next_record()) {
$r[$db->f('id')] = $db->Record;
if ((checkip($db->f('ip')) && $db->f('subnet') == 32) ||
(checkipv6($db->f('ip')) && $db->f('subnet') == 128)) {
$r[$db->f('id')]['ip_human'] = $db->f('ip');
} else {
$r[$db->f('id')]['ip_human'] = $db->f('ip') . "/" . $db->f('subnet');
}
}
return $r;
}
if (! $db->query("delete from authorised_ip where id='$id' and ( uid='$cuid' or uid=0) limit 1;") ) {
echo "query failed: ".$db->Error;
return false;
/**
* Supprime une IP des IP de l'utilisateur
* et supprime les droits attaché en cascade
*
* @param integer $id
* @return boolean
*
* @global m_mysql $db
* @global int $cuid
* @param int $id id de la ligne à supprimer
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_delete($id) {
global $db, $cuid;
$id = intval($id);
$db->query("SELECT id FROM authorised_ip_affected where authorised_ip_id ='$id';");
while ($db->next_record()) {
$this->ip_affected_delete($db->f('id'));
}
if (!$db->query("delete from authorised_ip where id='$id' and ( uid='$cuid' or uid=0) limit 1;")) {
echo "query failed: " . $db->Error;
return false;
}
return true;
}
return true;
}
/**
* Liste les IP et subnet authorisés
* pour une classe donnée
*
* @global m_mysql $db
* @global int $cuid
* @param string $s Classe concernée
* @return array
*/
function get_allowed($s) {
global $db, $cuid;
if (! $db->query("select ai.ip, ai.subnet, ai.infos, aia.parameters from authorised_ip ai, authorised_ip_affected aia where aia.protocol='$s' and aia.authorised_ip_id = ai.id and ai.uid='$cuid';") ) {
echo "query failed: ".$db->Error;
return false;
/**
* Liste les IP et subnet authorisés
* pour une classe donnée
*
* @global m_mysql $db
* @global int $cuid
* @param string $s Classe concernée
* @return array
*/
function get_allowed($s) {
global $db, $cuid;
if (!$db->query("select ai.ip, ai.subnet, ai.infos, aia.parameters from authorised_ip ai, authorised_ip_affected aia where aia.protocol='$s' and aia.authorised_ip_id = ai.id and ai.uid='$cuid';")) {
echo "query failed: " . $db->Error;
return false;
}
$r = Array();
while ($db->next_record()) {
$r[] = Array("ip" => $db->f("ip"), "subnet" => $db->f("subnet"), "infos" => $db->f("infos"), "parameters" => $db->f("parameters"));
}
return $r;
}
$r=Array();
while ($db->next_record()) {
$r[]=Array("ip"=>$db->f("ip"), "subnet"=>$db->f("subnet"), "infos"=>$db->f("infos"), "parameters"=>$db->f("parameters"));
}
return $r;
}
/**
*
* @global m_mysql $db
* @param string $ip
* @return boolean
*/
function is_wl($ip) {
global $db;
if (! $db->query("select ai.ip, ai.subnet from authorised_ip ai where ai.uid='0';") ) {
echo "query failed: ".$db->Error;
return false;
}
while ($db->next_record()) {
if ( $this->is_in_subnet($ip, $db->f('ip'), $db->f('subnet') ) ) return true;
}
return false;
}
/**
* Retourne si l'ip appartient au subnet.
*
* @param string $o
* @param string $ip
* @param string $sub
* @return boolean
*/
function is_in_subnet($o, $ip, $sub) {
$o = inet_pton($o);
$ip = inet_pton($ip);
$sub = pow(2, $sub);
if ( $o >= $ip && $o <= ($ip+$sub) ) return true;
return false;
}
/**
* Sauvegarde une IP dans les IP TOUJOURS authorisée
*
* @global m_mem $mem
*/
function ip_save_whitelist($id, $ipsub, $infos) {
global $mem;
if (!$mem->checkRight()) return false;
return $this->ip_save($id, $ipsub, $infos, 0);
}
/**
* Sauvegarde une IP dans les IP authorisée
*
* @global m_mysql $db
* @global m_mem $mem
* @global int $cuid
* @param int $id id de la ligne à modifier. Si vide ou
* égal à 0, alors c'est une insertion
* @param string $ipsub IP (v4 ou v6), potentiellement avec un subnet ( /24)
* @param string $infos Commentaire pour l'utilisateur
* @param int $uid Si $uid=0 et qu'on est super-admin, insertion avec uid=0
* ce qui correspond a une ip toujours authorisée
* @return boolean Retourne FALSE si erreur, sinon TRUE
*
*/
function ip_save($id, $ipsub, $infos, $uid=null) {
global $db, $mem;
// If we ask for uid=0, we have to check to be super-user
// else, juste use global cuid;
if ($uid === 0 && $mem->checkRight() ) {
$cuid=0;
} else {
global $cuid;
}
$id=intval($id);
$infos=mysql_real_escape_string($infos);
// Extract subnet from ipsub
$tmp=explode('/',$ipsub);
$ip=$tmp[0];
// Error if $ip not an IP
if ( ! checkip($ip) && ! checkipv6($ip) ) {
echo "Failed : not an IP address";
/**
*
* @global m_mysql $db
* @param string $ip
* @return boolean
*/
function is_wl($ip) {
global $db;
if (!$db->query("select ai.ip, ai.subnet from authorised_ip ai where ai.uid='0';")) {
echo "query failed: " . $db->Error;
return false;
}
while ($db->next_record()) {
if ($this->is_in_subnet($ip, $db->f('ip'), $db->f('subnet')))
return true;
}
return false;
}
// Check the subnet, if not defined, give a /32 or a /128
if (isset($tmp[1])) {
$subnet=intval($tmp[1]);
} else {
if ( checkip($ip) ) $subnet=32;
else $subnet=128;
}
/**
* Retourne si l'ip appartient au subnet.
*
* @param string $o
* @param string $ip
* @param string $sub
* @return boolean
*/
function is_in_subnet($o, $ip, $sub) {
$o = inet_pton($o);
$ip = inet_pton($ip);
$sub = pow(2, $sub);
// An IPv4 can't have subnet > 32
if (checkip($ip) && $subnet > 32 ) $subnet=32;
if ($id) { // Update
$list_affected = $this->list_affected($id);
foreach($list_affected as $k => $v) {
$this->call_hooks("authip_on_delete", $k );
}
if (! $db->query("update authorised_ip set ip='$ip', subnet='$subnet', infos='$infos' where id='$id' and uid='$cuid' ;") ) {
echo "query failed: ".$db->Error;
if ($o >= $ip && $o <= ($ip + $sub)) {
return true;
}
return false;
}
foreach($list_affected as $k => $v) {
$this->call_hooks("authip_on_create", $k );
}
} else { // Insert
if (! $db->query("insert into authorised_ip (uid, ip, subnet, infos) values ('$cuid', '$ip', '$subnet', '$infos' );") ) {
echo "query failed: ".$db->Error;
return false;
}
}
return true;
}
/**
* Fonction appelée par Alternc lors de la suppression d'un utilisateur
*
* @global int $cuid
* @global m_mysql $db
* @return boolean Retourne TRUE
*/
function alternc_del_member() {
global $cuid,$db;
$db->query("SELECT id FROM authorised_ip WHERE uid ='$cuid';");
while ($db->next_record()) {
$this->ip_delete($db->f('id'));
}
return true;
}
/**
* Analyse les classes et récupéres les informations
* des classes voulant de la restriction IP
*
* @return array Retourne un tableau compliqué
*/
function get_auth_class() {
global $hooks;
$authclass = $hooks->invoke('authip_class');
// Je rajoute la class DANS l'objet parce que
// ca m'interesse
foreach ($authclass as $k => $v) {
$authclass[$k]['class']=$k;
}
return $authclass;
}
/**
* Enregistre ou modifie une affectation ip<=>ressource
* Nota : lance des hooks sur la classe correspondante pour
* informer de l'édition/création
*
* @global m_mysql $db
* @param int $authorised_ip_id id de l'ip affecté
* @param string $protocol nom du protocole (définie dans la classe correspondante)
* @param string $parameters information propre au protocole
* @param int $id $id présent si c'est une édition
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_affected_save($authorised_ip_id, $protocol, $parameters, $id=null) {
global $db;
$authorised_ip_id=intval($authorised_ip_id);
$protocol=mysql_real_escape_string($protocol);
$parameters=mysql_real_escape_string($parameters);
if ($id) {
$id=intval($id);
$this->call_hooks("authip_on_delete", $id );
if (! $db->query("update authorised_ip_affected set authorised_ip_id='$authorised_ip_id', protocol='$protocol', parameters='$parameters' where id ='$id' limit 1;") ) {
echo "query failed: ".$db->Error;
return false;
}
$this->call_hooks("authip_on_create", $id );
} else {
if (! $db->query("insert into authorised_ip_affected (authorised_ip_id, protocol, parameters) values ('$authorised_ip_id', '$protocol', '$parameters');") ) {
echo "query failed: ".$db->Error;
return false;
}
$this->call_hooks("authip_on_create", mysql_insert_id() );
}
return true;
}
/**
* Supprime une affectation ip<=>ressource
* Nota : lance des hooks dans la classe correspondante
* pour informer de la suppression
*
* @global m_mysql $db
* @param int $id id de la ligne à supprimer
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_affected_delete($id) {
global $db;
$id=intval($id);
// Call hooks
$this->call_hooks("authip_on_delete", $id );
if (! $db->query("delete from authorised_ip_affected where id='$id' limit 1;") ) {
echo "query failed: ".$db->Error;
return false;
}
return true;
}
/**
* Appel les hooks demandé avec en parametres les
* affectationt ip<=>ressource dont l'id est en parametre
*
* @global m_hooks $hooks
* @global m_err $err
* @param string $function Nom de la fonction a rechercher et appeller dans les classes
* @param integer $affectation_id Id de l'affectation correspondante
* @return boolean Retourne TRUE
*/
function call_hooks($function, $affectation_id) {
global $hooks,$err;
// On récure l'objet dont on parle
$d = $this->list_affected();
if (! isset($d[$affectation_id] )) {
$err->raise('authip', _("Object not available"));
return false;
/**
* Sauvegarde une IP dans les IP TOUJOURS authorisée
*
* @global m_mem $mem
*/
function ip_save_whitelist($id, $ipsub, $infos) {
global $mem;
if (!$mem->checkRight()) {
return false;
}
return $this->ip_save($id, $ipsub, $infos, 0);
}
$affectation = $d[$affectation_id];
/**
* Sauvegarde une IP dans les IP authorisée
*
* @global m_mysql $db
* @global m_mem $mem
* @global int $cuid
* @param int $id id de la ligne à modifier. Si vide ou
* égal à 0, alors c'est une insertion
* @param string $ipsub IP (v4 ou v6), potentiellement avec un subnet ( /24)
* @param string $infos Commentaire pour l'utilisateur
* @param int $uid Si $uid=0 et qu'on est super-admin, insertion avec uid=0
* ce qui correspond a une ip toujours authorisée
* @return boolean Retourne FALSE si erreur, sinon TRUE
*
*/
function ip_save($id, $ipsub, $infos, $uid = null) {
global $db, $mem;
// On en déduis la classe qui le concerne
$e = $this->get_auth_class();
if (! isset($e[$affectation['protocol']])) {
$err->raise('authip', sprintf(_("Can't identified class for the protocole %s"), $affectation['protocol']));
return false;
// If we ask for uid=0, we have to check to be super-user
// else, juste use global cuid;
if ($uid === 0 && $mem->checkRight()) {
$cuid = 0;
} else {
global $cuid;
}
$id = intval($id);
$infos = mysql_real_escape_string($infos);
// Extract subnet from ipsub
$tmp = explode('/', $ipsub);
$ip = $tmp[0];
// Error if $ip not an IP
if (!checkip($ip) && !checkipv6($ip)) {
echo "Failed : not an IP address";
return false;
}
// Check the subnet, if not defined, give a /32 or a /128
if (isset($tmp[1])) {
$subnet = intval($tmp[1]);
} else {
if (checkip($ip)) {
$subnet = 32;
} else {
$subnet = 128;
}
}
// An IPv4 can't have subnet > 32
if (checkip($ip) && $subnet > 32) {
$subnet = 32;
}
if ($id) { // Update
$list_affected = $this->list_affected($id);
foreach ($list_affected as $k => $v) {
$this->call_hooks("authip_on_delete", $k);
}
if (!$db->query("update authorised_ip set ip='$ip', subnet='$subnet', infos='$infos' where id='$id' and uid='$cuid' ;")) {
echo "query failed: " . $db->Error;
return false;
}
foreach ($list_affected as $k => $v) {
$this->call_hooks("authip_on_create", $k);
}
} else { // Insert
if (!$db->query("insert into authorised_ip (uid, ip, subnet, infos) values ('$cuid', '$ip', '$subnet', '$infos' );")) {
echo "query failed: " . $db->Error;
return false;
}
}
return true;
}
$c = $e[$affectation['protocol']]['class'];
// On appelle le hooks de cette classe
$hooks->invoke($function, Array($affectation), Array($c) );
return true;
}
/**
* Liste les affectation ip<=>ressource d'un utilisateur
*
* @global m_mysql $db
* @global int $cuid
* @param int $ip_id
* @return array Retourne un tableau de valeurs
*/
function list_affected($ip_id=null) {
global $db, $cuid;
$r = array();
if ( is_null($ip_id) ) {
$db->query("select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid='$cuid' and aia.authorised_ip_id = ai.id order by protocol, parameters;");
} else {
$db->query("select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid='$cuid' and aia.authorised_ip_id = '".intval($ip_id)."' order by protocol, parameters;");
/**
* Fonction appelée par Alternc lors de la suppression d'un utilisateur
*
* @global int $cuid
* @global m_mysql $db
* @return boolean Retourne TRUE
*/
function alternc_del_member() {
global $cuid, $db;
$db->query("SELECT id FROM authorised_ip WHERE uid ='$cuid';");
while ($db->next_record()) {
$this->ip_delete($db->f('id'));
}
return true;
}
while ($db->next_record()) {
$r[$db->f('id')]=$db->Record;
/**
* Analyse les classes et récupéres les informations
* des classes voulant de la restriction IP
*
* @return array Retourne un tableau compliqué
*/
function get_auth_class() {
global $hooks;
$authclass = $hooks->invoke('authip_class');
// Je rajoute la class DANS l'objet parce que
// ca m'interesse
foreach ($authclass as $k => $v) {
$authclass[$k]['class'] = $k;
}
return $authclass;
}
return $r;
}
}; /* Classe m_authip */
/**
* Enregistre ou modifie une affectation ip<=>ressource
* Nota : lance des hooks sur la classe correspondante pour
* informer de l'édition/création
*
* @global m_mysql $db
* @param int $authorised_ip_id id de l'ip affecté
* @param string $protocol nom du protocole (définie dans la classe correspondante)
* @param string $parameters information propre au protocole
* @param int $id $id présent si c'est une édition
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_affected_save($authorised_ip_id, $protocol, $parameters, $id = null) {
global $db;
$authorised_ip_id = intval($authorised_ip_id);
$protocol = mysql_real_escape_string($protocol);
$parameters = mysql_real_escape_string($parameters);
?>
if ($id) {
$id = intval($id);
$this->call_hooks("authip_on_delete", $id);
if (!$db->query("update authorised_ip_affected set authorised_ip_id='$authorised_ip_id', protocol='$protocol', parameters='$parameters' where id ='$id' limit 1;")) {
echo "query failed: " . $db->Error;
return false;
}
$this->call_hooks("authip_on_create", $id);
} else {
if (!$db->query("insert into authorised_ip_affected (authorised_ip_id, protocol, parameters) values ('$authorised_ip_id', '$protocol', '$parameters');")) {
echo "query failed: " . $db->Error;
return false;
}
$this->call_hooks("authip_on_create", mysql_insert_id());
}
return true;
}
/**
* Supprime une affectation ip<=>ressource
* Nota : lance des hooks dans la classe correspondante
* pour informer de la suppression
*
* @global m_mysql $db
* @param int $id id de la ligne à supprimer
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_affected_delete($id) {
global $db;
$id = intval($id);
// Call hooks
$this->call_hooks("authip_on_delete", $id);
if (!$db->query("delete from authorised_ip_affected where id='$id' limit 1;")) {
echo "query failed: " . $db->Error;
return false;
}
return true;
}
/**
* Appel les hooks demandé avec en parametres les
* affectationt ip<=>ressource dont l'id est en parametre
*
* @global m_hooks $hooks
* @global m_err $err
* @param string $function Nom de la fonction a rechercher et appeller dans les classes
* @param integer $affectation_id Id de l'affectation correspondante
* @return boolean Retourne TRUE
*/
function call_hooks($function, $affectation_id) {
global $hooks, $err;
// On récure l'objet dont on parle
$d = $this->list_affected();
if (!isset($d[$affectation_id])) {
$err->raise('authip', _("Object not available"));
return false;
}
$affectation = $d[$affectation_id];
// On en déduis la classe qui le concerne
$e = $this->get_auth_class();
if (!isset($e[$affectation['protocol']])) {
$err->raise('authip', sprintf(_("Can't identified class for the protocole %s"), $affectation['protocol']));
return false;
}
$c = $e[$affectation['protocol']]['class'];
// On appelle le hooks de cette classe
$hooks->invoke($function, Array($affectation), Array($c));
return true;
}
/**
* Liste les affectation ip<=>ressource d'un utilisateur
*
* @global m_mysql $db
* @global int $cuid
* @param int $ip_id
* @return array Retourne un tableau de valeurs
*/
function list_affected($ip_id = null) {
global $db, $cuid;
$r = array();
if (is_null($ip_id)) {
$db->query("select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid='$cuid' and aia.authorised_ip_id = ai.id order by protocol, parameters;");
} else {
$db->query("select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid='$cuid' and aia.authorised_ip_id = '" . intval($ip_id) . "' order by protocol, parameters;");
}
while ($db->next_record()) {
$r[$db->f('id')] = $db->Record;
}
return $r;
}
}
/* Classe m_authip */

2141
bureau/class/m_bro.php
View File

File diff suppressed because it is too large Load Diff

692
bureau/class/m_cron.php
View File

@ -1,364 +1,404 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2000-2012 by the AlternC Development Team.
https://alternc.org/
----------------------------------------------------------------------
LICENSE
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2000-2012 by the AlternC Development Team.
https://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Purpose of file: Manage hook system.
----------------------------------------------------------------------
*/
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Purpose of file: Manage hook system.
----------------------------------------------------------------------
*/
/**
* This class manage web-cron tasks
*/
class m_cron {
const MAX_SOCKETS=8;
const DEFAULT_CAFILE="/etc/ssl/certs/ca-certificates.crt";
const MAX_SOCKETS = 8;
const DEFAULT_CAFILE = "/etc/ssl/certs/ca-certificates.crt";
/*---------------------------------------------------------------------------*/
/** Constructor
*/
function m_cron() {
}
/* --------------------------------------------------------------------------- */
function schedule() {
return Array(
Array('unit'=>1440, 'name'=>_("Daily")),
Array('unit'=>60, 'name'=>_("Hour")),
Array('unit'=>30, 'name'=>_("Half Hour")),
);
}
/*---------------------------------------------------------------------------*/
/** List the crontab for the current user.
* @return array an hash for each crontab.
*/
function lst_cron() {
global $cuid,$db,$err;
$err->log("cron","lst_cron");
$db->query("SELECT * FROM cron WHERE uid = $cuid ORDER BY url;");
$r=Array();
while ($db->next_record()) {
$tmp=Array();
$tmp['id']=$db->f('id');
$tmp['url']=urldecode($db->f('url'));
$tmp['user']=urldecode($db->f('user'));
$tmp['password']=urldecode($db->f('password'));
$tmp['schedule']=$db->f('schedule');
$tmp['email']=urldecode($db->f('email'));
$tmp['next_execution']=$db->f('next_execution');
$r[]=$tmp;
}
return $r;
}
function hook_menu() {
$obj = array(
'title' => _("Scheduled tasks"),
'ico' => 'images/schedule.png',
'link' => 'cron.php',
'pos' => 90,
) ;
return $obj;
}
/*---------------------------------------------------------------------------*/
/** update the crontab
* @param $arr array the crontab information, including its ID
* @return boolean TRUE if the crontab has been edited
*/
function update($arr) {
$ok=true;
foreach ($arr as $a) {
if (! isset($a['id'])) $a['id']=null;
if (empty($a['url']) && is_null($a['id'])) continue;
if (! $this->_update_one($a['url'], $a['user'], $a['password'], $a['email'], $a['schedule'], $a['id']) ) {
$ok=false;
}
}
return $ok;
}
/*---------------------------------------------------------------------------*/
/** delete a crontab
* @param $id the id of the crontab to delete
* @return boolean TRUE if the crontab has been deleted
*/
function delete_one($id) {
global $db,$err,$cuid;
$err->log("cron","delete_one");
return $db->query("DELETE FROM cron WHERE id=".intval($id)." AND uid=$cuid LIMIT 1;");
}
/*---------------------------------------------------------------------------*/
/** update a crontab,
* @return boolean TRUE if the crontab has been edited
*/
private function _update_one($url, $user, $password, $email, $schedule, $id=null) {
global $db,$err,$quota,$cuid;
$err->log("cron","update_one");
if (empty($url) && !is_null($id)) {
return $this->delete_one($id);
/** Constructor
*/
function m_cron() {
}
if(filter_var($url,FILTER_VALIDATE_URL)===false){
$err->raise("cron",_("URL not valid"));
return false;
function schedule() {
return Array(
Array('unit' => 1440, 'name' => _("Daily")),
Array('unit' => 60, 'name' => _("Hour")),
Array('unit' => 30, 'name' => _("Half Hour")),
);
}
$url=urlencode($url);
$user=urlencode($user);
if (empty($user)) $password='';
$password=urlencode($password);
//@todo remove checkmail cf functions.php
if (!empty($email) && ! checkmail($email) == 0 ){
$err->raise("cron",_("Email address is not valid"));
return false;
/* --------------------------------------------------------------------------- */
/** List the crontab for the current user.
* @return array an hash for each crontab.
*/
function lst_cron() {
global $cuid, $db, $err;
$err->log("cron", "lst_cron");
$db->query("SELECT * FROM cron WHERE uid = $cuid ORDER BY url;");
$r = Array();
while ($db->next_record()) {
$tmp = Array();
$tmp['id'] = $db->f('id');
$tmp['url'] = urldecode($db->f('url'));
$tmp['user'] = urldecode($db->f('user'));
$tmp['password'] = urldecode($db->f('password'));
$tmp['schedule'] = $db->f('schedule');
$tmp['email'] = urldecode($db->f('email'));
$tmp['next_execution'] = $db->f('next_execution');
$r[] = $tmp;
}
return $r;
}
$email=urlencode($email);
if (! $this->valid_schedule($schedule)) return false;
if (is_null($id)) { // if a new insert, quotacheck
$q = $quota->getquota("cron");
if ( $q["u"] >= $q["t"] ) {
$err->raise("cron",_("You quota of cron entries is over. You cannot create more cron entries"));
return false;
}
} else { // if not a new insert, check the $cuid
$db->query("SELECT uid FROM cron WHERE id = $id;");
if (! $db->next_record()) {
return "false";
} // return false if pb
if ( $db->f('uid') != $cuid ) {
$err->raise("cron",_("Identity problem"));
return false;
}
function hook_menu() {
$obj = array(
'title' => _("Scheduled tasks"),
'ico' => 'images/schedule.png',
'link' => 'cron.php',
'pos' => 90,
);
return $obj;
}
$query = "REPLACE INTO cron (id, uid, url, user, password, schedule, email) VALUES ('$id', '$cuid', '$url', '$user', '$password', '$schedule', '$email') ;";
return $db->query("$query");
}
/* --------------------------------------------------------------------------- */
/*---------------------------------------------------------------------------*/
/** validate a crontab schedule
* @param $s array schedule paramters
* @return boolean TRUE if the schedule is valid
*/
function valid_schedule($s) {
$s2 = intval($s);
if ($s2 != $s) return false;
$r=false;
foreach ($this->schedule() as $cs ) {
if ($cs['unit'] == $s) return true;
/** update the crontab
* @param $arr array the crontab information, including its ID
* @return boolean TRUE if the crontab has been edited
*/
function update($arr) {
$ok = true;
foreach ($arr as $a) {
if (!isset($a['id'])) {
$a['id'] = null;
}
if (empty($a['url']) && is_null($a['id'])) {
continue;
}
if (!$this->_update_one($a['url'], $a['user'], $a['password'], $a['email'], $a['schedule'], $a['id'])) {
$ok = false;
}
}
return $ok;
}
return $r;
}
/*---------------------------------------------------------------------------*/
/** hook for quota computation
*/
function hook_quota_get() {
global $cuid,$db,$err;
$err->log("cron","alternc_get_quota");
$q=Array("name"=>"cron", "description"=>_("Scheduled tasks"), "used"=>0);
$db->query("select count(*) as cnt from cron where uid = $cuid;");
if ($db->next_record()) {
$q['used']=$db->f('cnt');
/* --------------------------------------------------------------------------- */
/** delete a crontab
* @param $id the id of the crontab to delete
* @return boolean TRUE if the crontab has been deleted
*/
function delete_one($id) {
global $db, $err, $cuid;
$err->log("cron", "delete_one");
return $db->query("DELETE FROM cron WHERE id=" . intval($id) . " AND uid=$cuid LIMIT 1;");
}
return $q;
}
/*---------------------------------------------------------------------------*/
/**
* Execute the required crontab of AlternC users
* this function EXIT at the end.
*/
function execute_cron() {
global $db;
/* --------------------------------------------------------------------------- */
if (!isset($GLOBALS["DEBUG"])) $GLOBALS["DEBUG"]=false;
$db->query("SELECT id, url, email, schedule, user, password FROM cron WHERE next_execution <= NOW();");
$urllist=array();
while ($db->next_record()) {
$db->Record["url"]=urldecode($db->Record["url"]); $db->Record["user"]=urldecode($db->Record["user"]);
$db->Record["email"]=urldecode($db->Record["email"]); $db->Record["password"]=urldecode($db->Record["password"]);
/** update a crontab,
* @return boolean TRUE if the crontab has been edited
*/
private function _update_one($url, $user, $password, $email, $schedule, $id = null) {
global $db, $err, $quota, $cuid;
$err->log("cron", "update_one");
// we support only http or https schemes:
if (substr($db->Record["url"],0,7)=="http://" || substr($db->Record["url"],0,8)=="https://") {
$u=array(
"url" => $db->Record["url"],
"id" => $db->Record["id"], "email" =>$db->Record["email"],
);
if ($db->Record["user"] && $db->Record["password"]) {
$u["login"]=$db->Record["user"];
$u["password"]=$db->Record["password"];
}
if ($GLOBALS["DEBUG"]) echo "Will run cron :\n".print_r($u,true)."\n";
$urllist[]=$u;
}
if (empty($urllist)) { // nothing to do :
exit(0);
}
// cron_callback($url, $content, $curlobj) will be called at the end of each http call.
$this->rolling_curl($urllist, array("m_cron","cron_callback"));
if (empty($url) && !is_null($id)) {
return $this->delete_one($id);
}
if (filter_var($url, FILTER_VALIDATE_URL) === false) {
$err->raise("cron", _("URL not valid"));
return false;
}
$url = urlencode($url);
$user = urlencode($user);
if (empty($user)) {
$password = '';
}
$password = urlencode($password);
//@todo remove checkmail cf functions.php
if (!empty($email) && !checkmail($email) == 0) {
$err->raise("cron", _("Email address is not valid"));
return false;
}
$email = urlencode($email);
if (!$this->valid_schedule($schedule)) {
return false;
}
if (is_null($id)) { // if a new insert, quotacheck
$q = $quota->getquota("cron");
if ($q["u"] >= $q["t"]) {
$err->raise("cron", _("You quota of cron entries is over. You cannot create more cron entries"));
return false;
}
} else { // if not a new insert, check the $cuid
$db->query("SELECT uid FROM cron WHERE id = $id;");
if (!$db->next_record()) {
return "false";
} // return false if pb
if ($db->f('uid') != $cuid) {
$err->raise("cron", _("Identity problem"));
return false;
}
}
$query = "REPLACE INTO cron (id, uid, url, user, password, schedule, email) VALUES ('$id', '$cuid', '$url', '$user', '$password', '$schedule', '$email') ;";
return $db->query("$query");
}
}
/*---------------------------------------------------------------------------*/
/**
* Callback function called by rolling_curl when a cron resulr has been received
* schedule it for next run and send the mail if needed
*/
function cron_callback($url,$content,$curl) {
global $db,$L_FQDN;
if (empty($url["id"])) return; // not normal...
$id=intval($url["id"]);
/* --------------------------------------------------------------------------- */
if ($curl["http_code"]==200) {
$ok=true;
} else {
$ok=false;
/** validate a crontab schedule
* @param $s array schedule paramters
* @return boolean TRUE if the schedule is valid
*/
function valid_schedule($s) {
$s2 = intval($s);
if ($s2 != $s) {
return false;
}
$r = false;
foreach ($this->schedule() as $cs) {
if ($cs['unit'] == $s) {
return true;
}
}
return $r;
}
if (isset($url["email"]) && $url["email"] && $content) {
if (!mail($url["email"],"AlternC Cron #$id - Report ".date("r"),"Please find below the stdout content produced by your cron task.\n------------------------------------------------------------\n\n".$content,"From: postmaster@$L_FQDN")) {
echo "Error sending mail for cron #$id to address '".$url["email"]."'\n";
}
/* --------------------------------------------------------------------------- */
/** hook for quota computation
*/
function hook_quota_get() {
global $cuid, $db, $err;
$err->log("cron", "alternc_get_quota");
$q = Array("name" => "cron", "description" => _("Scheduled tasks"), "used" => 0);
$db->query("select count(*) as cnt from cron where uid = $cuid;");
if ($db->next_record()) {
$q['used'] = $db->f('cnt');
}
return $q;
}
// now schedule it for next run:
$db->query("UPDATE cron SET next_execution=FROM_UNIXTIME( UNIX_TIMESTAMP(NOW()) + schedule * 60) WHERE id=$id");
}
/* --------------------------------------------------------------------------- */
/*---------------------------------------------------------------------------*/
/**
* Launch parallel (using MAX_SOCKETS sockets maximum) retrieval
* of URL using CURL
* @param $urls array of associative array, each having the following keys :
* url = url to get (of the form http[s]://login:password@host/path/file?querystring )
* login & password = if set, tell the login and password to use as simple HTTP AUTH.
* - any other key will be sent as it is to the callback function
* @param $callback function called for each request when completing. First argument is the $url object, second is the content (output)
* third is the info structure from curl for the returned page. 200 for OK, 403 for AUTH FAILED, 0 for timeout, dump it to know it ;)
* this function should return as soon as possible to allow other curl calls to complete properly.
* @param $cursom_options array of custom CURL options for all transfers
*/
function rolling_curl($urls, $callback, $custom_options = null) {
// make sure the rolling window isn't greater than the # of urls
if (!isset($GLOBALS["DEBUG"])) $GLOBALS["DEBUG"]=false;
$rolling_window = m_cron::MAX_SOCKETS;
$rolling_window = (count($urls) < $rolling_window) ? count($urls) : $rolling_window;
$master = curl_multi_init();
$curl_arr = array();
// add additional curl options here
$std_options = array(CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => false,
CURLOPT_CONNECTTIMEOUT => 5,
CURLOPT_TIMEOUT => 240, // 4 minutes timeout for a page
CURLOPT_USERAGENT => "AlternC (Cron Daemon)",
CURLOPT_MAXREDIRS => 0);
/**
* Execute the required crontab of AlternC users
* this function EXIT at the end.
*/
function execute_cron() {
global $db;
if ($GLOBALS["DEBUG"]) $std_options[CURLOPT_VERBOSE]=true;
$options = ($custom_options) ? ($std_options + $custom_options) : $std_options;
// start the first batch of requests
for ($i = 0; $i < $rolling_window; $i++) {
$ch = curl_init();
$options[CURLOPT_URL] = $urls[$i]["url"];
if ($GLOBALS["DEBUG"]) echo "URL: ".$urls[$i]["url"]."\n";
curl_setopt_array($ch,$options);
// Handle custom cafile for some https url
if (strtolower(substr($options[CURLOPT_URL],0,5))=="https") {
curl_setopt($ch,CURLOPT_CAINFO,m_cron::DEFAULT_CAFILE);
if ($GLOBALS["DEBUG"]) echo "cainfo set to DEFAULT\n";
}
if (isset($urls[$i]["login"]) && isset($urls[$i]["password"])) { // set basic http authentication
curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);
curl_setopt($ch,CURLOPT_USERPWD,$urls[$i]["login"].":".$urls[$i]["password"]);
if ($GLOBALS["DEBUG"]) echo "set basic auth\n";
}
curl_multi_add_handle($master, $ch);
if (!isset($GLOBALS["DEBUG"])) {
$GLOBALS["DEBUG"] = false;
}
$db->query("SELECT id, url, email, schedule, user, password FROM cron WHERE next_execution <= NOW();");
$urllist = array();
while ($db->next_record()) {
$db->Record["url"] = urldecode($db->Record["url"]);
$db->Record["user"] = urldecode($db->Record["user"]);
$db->Record["email"] = urldecode($db->Record["email"]);
$db->Record["password"] = urldecode($db->Record["password"]);
// we support only http or https schemes:
if (substr($db->Record["url"], 0, 7) == "http://" || substr($db->Record["url"], 0, 8) == "https://") {
$u = array(
"url" => $db->Record["url"],
"id" => $db->Record["id"], "email" => $db->Record["email"],
);
if ($db->Record["user"] && $db->Record["password"]) {
$u["login"] = $db->Record["user"];
$u["password"] = $db->Record["password"];
}
if ($GLOBALS["DEBUG"])
echo "Will run cron :\n" . print_r($u, true) . "\n";
$urllist[] = $u;
}
if (empty($urllist)) { // nothing to do :
exit(0);
}
// cron_callback($url, $content, $curlobj) will be called at the end of each http call.
$this->rolling_curl($urllist, array("m_cron", "cron_callback"));
}
}
do {
while(($execrun = curl_multi_exec($master, $running)) == CURLM_CALL_MULTI_PERFORM);
if($execrun != CURLM_OK)
break;
// a request was just completed -- find out which one
while($done = curl_multi_info_read($master)) {
$info = curl_getinfo($done['handle']);
// TODO : since ssl_verify_result is buggy, if we have [header_size] => 0 && [request_size] => 0 && [http_code] => 0, AND https, we can pretend the SSL certificate is buggy.
if ($GLOBALS["DEBUG"]) { echo "Info for ".$done['handle']." \n"; print_r($info); }
if ($info['http_code'] == 200) {
$output = curl_multi_getcontent($done['handle']);
} else {
// request failed. add error handling.
$output="";
}
// request terminated. process output using the callback function.
// Pass the url array to the callback, so we need to search it
foreach($urls as $url) {
if ($url["url"]==$info["url"]) {
call_user_func($callback,$url,$output,$info);
break;
}
}
// If there is more: start a new request
// (it's important to do this before removing the old one)
if ($i<count($urls)) {
$ch = curl_init();
$options[CURLOPT_URL] = $urls[$i++]; // increment i
curl_setopt_array($ch,$options);
if (strtolower(substr($options[CURLOPT_URL],0,5))=="https") {
curl_setopt($ch,CURLOPT_CAINFO,m_cron::DEFAULT_CAFILE);
if ($GLOBALS["DEBUG"]) echo "cainfo set to DEFAULT\n";
}
if (isset($urls[$i]["login"]) && isset($urls[$i]["password"])) { // set basic http authentication
curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);
curl_setopt($ch,CURLOPT_USERPWD,urlencode($urls[$i]["login"]).":".urlencode($urls[$i]["password"]));
if ($GLOBALS["DEBUG"]) echo "set basic auth\n";
}
curl_multi_add_handle($master, $ch);
}
// remove the curl handle that just completed
curl_multi_remove_handle($master, $done['handle']);
}
} while ($running);
curl_multi_close($master);
return true;
}
/* --------------------------------------------------------------------------- */
} /* Class cron */
/**
* Callback function called by rolling_curl when a cron resulr has been received
* schedule it for next run and send the mail if needed
*/
function cron_callback($url, $content, $curl) {
global $db, $L_FQDN;
if (empty($url["id"])) {
return; // not normal...
}
$id = intval($url["id"]);
if ($curl["http_code"] == 200) {
$ok = true;
} else {
$ok = false;
}
if (isset($url["email"]) && $url["email"] && $content) {
if (!mail($url["email"], "AlternC Cron #$id - Report " . date("r"), "Please find below the stdout content produced by your cron task.\n------------------------------------------------------------\n\n" . $content, "From: postmaster@$L_FQDN")) {
echo "Error sending mail for cron #$id to address '" . $url["email"] . "'\n";
}
}
// now schedule it for next run:
$db->query("UPDATE cron SET next_execution=FROM_UNIXTIME( UNIX_TIMESTAMP(NOW()) + schedule * 60) WHERE id=$id");
}
/* --------------------------------------------------------------------------- */
/**
* Launch parallel (using MAX_SOCKETS sockets maximum) retrieval
* of URL using CURL
* @param $urls array of associative array, each having the following keys :
* url = url to get (of the form http[s]://login:password@host/path/file?querystring )
* login & password = if set, tell the login and password to use as simple HTTP AUTH.
* - any other key will be sent as it is to the callback function
* @param $callback function called for each request when completing. First argument is the $url object, second is the content (output)
* third is the info structure from curl for the returned page. 200 for OK, 403 for AUTH FAILED, 0 for timeout, dump it to know it ;)
* this function should return as soon as possible to allow other curl calls to complete properly.
* @param $cursom_options array of custom CURL options for all transfers
*/
function rolling_curl($urls, $callback, $custom_options = null) {
// make sure the rolling window isn't greater than the # of urls
if (!isset($GLOBALS["DEBUG"]))
$GLOBALS["DEBUG"] = false;
$rolling_window = m_cron::MAX_SOCKETS;
$rolling_window = (count($urls) < $rolling_window) ? count($urls) : $rolling_window;
$master = curl_multi_init();
// add additional curl options here
$std_options = array(CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => false,
CURLOPT_CONNECTTIMEOUT => 5,
CURLOPT_TIMEOUT => 240, // 4 minutes timeout for a page
CURLOPT_USERAGENT => "AlternC (Cron Daemon)",
CURLOPT_MAXREDIRS => 0);
if ($GLOBALS["DEBUG"]) {
$std_options[CURLOPT_VERBOSE] = true;
}
$options = ($custom_options) ? ($std_options + $custom_options) : $std_options;
// start the first batch of requests
for ($i = 0; $i < $rolling_window; $i++) {
$ch = curl_init();
$options[CURLOPT_URL] = $urls[$i]["url"];
if ($GLOBALS["DEBUG"]) {
echo "URL: " . $urls[$i]["url"] . "\n";
}
curl_setopt_array($ch, $options);
// Handle custom cafile for some https url
if (strtolower(substr($options[CURLOPT_URL], 0, 5)) == "https") {
curl_setopt($ch, CURLOPT_CAINFO, m_cron::DEFAULT_CAFILE);
if ($GLOBALS["DEBUG"]) {
echo "cainfo set to DEFAULT\n";
}
}
if (isset($urls[$i]["login"]) && isset($urls[$i]["password"])) { // set basic http authentication
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, $urls[$i]["login"] . ":" . $urls[$i]["password"]);
if ($GLOBALS["DEBUG"]) {
echo "set basic auth\n";
}
}
curl_multi_add_handle($master, $ch);
}
do {
while (($execrun = curl_multi_exec($master, $running)) == CURLM_CALL_MULTI_PERFORM);
if ($execrun != CURLM_OK) {
break;
}
// a request was just completed -- find out which one
while ($done = curl_multi_info_read($master)) {
$info = curl_getinfo($done['handle']);
// TODO : since ssl_verify_result is buggy, if we have [header_size] => 0 && [request_size] => 0 && [http_code] => 0, AND https, we can pretend the SSL certificate is buggy.
if ($GLOBALS["DEBUG"]) {
echo "Info for " . $done['handle'] . " \n";
print_r($info);
}
if ($info['http_code'] == 200) {
$output = curl_multi_getcontent($done['handle']);
} else {
// request failed. add error handling.
$output = "";
}
// request terminated. process output using the callback function.
// Pass the url array to the callback, so we need to search it
foreach ($urls as $url) {
if ($url["url"] == $info["url"]) {
call_user_func($callback, $url, $output, $info);
break;
}
}
// If there is more: start a new request
// (it's important to do this before removing the old one)
if ($i < count($urls)) {
$ch = curl_init();
$options[CURLOPT_URL] = $urls[$i++]; // increment i
curl_setopt_array($ch, $options);
if (strtolower(substr($options[CURLOPT_URL], 0, 5)) == "https") {
curl_setopt($ch, CURLOPT_CAINFO, m_cron::DEFAULT_CAFILE);
if ($GLOBALS["DEBUG"]) {
echo "cainfo set to DEFAULT\n";
}
}
if (isset($urls[$i]["login"]) && isset($urls[$i]["password"])) { // set basic http authentication
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, urlencode($urls[$i]["login"]) . ":" . urlencode($urls[$i]["password"]));
if ($GLOBALS["DEBUG"]) {
echo "set basic auth\n";
}
}
curl_multi_add_handle($master, $ch);
}
// remove the curl handle that just completed
curl_multi_remove_handle($master, $done['handle']);
}
} while ($running);
curl_multi_close($master);
return true;
}
}
/* Class cron */

65
bureau/class/m_crypto.php
View File

@ -1,44 +1,31 @@
<?php
class m_crypto
{
function encrypt($sValue, $sSecretKey)
{
return rtrim(
base64_encode(
mcrypt_encrypt(
MCRYPT_RIJNDAEL_256,
$sSecretKey, $sValue,
MCRYPT_MODE_ECB,
mcrypt_create_iv(
mcrypt_get_iv_size(
MCRYPT_RIJNDAEL_256,
MCRYPT_MODE_ECB
),
MCRYPT_RAND
)
)
), "\0"
);
}
class m_crypto {
function decrypt($sValue, $sSecretKey)
{
return rtrim(
mcrypt_decrypt(
MCRYPT_RIJNDAEL_256,
$sSecretKey,
base64_decode($sValue),
MCRYPT_MODE_ECB,
mcrypt_create_iv(
mcrypt_get_iv_size(
MCRYPT_RIJNDAEL_256,
MCRYPT_MODE_ECB
),
MCRYPT_RAND
)
), "\0"
);
}
function encrypt($sValue, $sSecretKey) {
return rtrim(
base64_encode(
mcrypt_encrypt(
MCRYPT_RIJNDAEL_256, $sSecretKey, $sValue, MCRYPT_MODE_ECB, mcrypt_create_iv(
mcrypt_get_iv_size(
MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB
), MCRYPT_RAND
)
)
), "\0"
);
}
function decrypt($sValue, $sSecretKey) {
return rtrim(
mcrypt_decrypt(
MCRYPT_RIJNDAEL_256, $sSecretKey, base64_decode($sValue), MCRYPT_MODE_ECB, mcrypt_create_iv(
mcrypt_get_iv_size(
MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB
), MCRYPT_RAND
)
), "\0"
);
}
}

154
bureau/class/m_debug_alternc.php
View File

@ -1,94 +1,102 @@
<?php
/*
LICENSE
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Camille Lafitte
Purpose of file: Manage hook system.
----------------------------------------------------------------------
*/
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Camille Lafitte
Purpose of file: Manage hook system.
----------------------------------------------------------------------
*/
/**
* This class manage debug.
*
* @copyright AlternC-Team 2002-2005 http://alternc.org/
*/
class m_debug_alternc {
var $infos="";
var $status=false;
var $nb_sql_query=0;
var $tps_sql_query=0;
var $generation_started=null;
/*---------------------------------------------------------------------------*/
/** Constructor
*/
function m_debug_alternc() {
if ( isset($_COOKIE['alternc_debugme']) && $_COOKIE['alternc_debugme'] ) {
$this->status=true;
ini_set('display_errors', '1');
var $infos = "";
var $status = false;
var $nb_sql_query = 0;
var $tps_sql_query = 0;
var $generation_started = null;
/* --------------------------------------------------------------------------- */
/** Constructor
*/
function m_debug_alternc() {
if (isset($_COOKIE['alternc_debugme']) && $_COOKIE['alternc_debugme']) {
$this->status = true;
ini_set('display_errors', '1');
}
$this->nb_sql_query = 0;
$this->tps_sql_query = 0;
$this->generation_started = microtime(true);
}
$this->nb_sql_query=0;
$this->tps_sql_query=0;
$this->generation_started=microtime(true);
}
function activate() {
setcookie('alternc_debugme','1', time()+3600); // expire in 1 hour
$this->status="";
return true;
}
function activate() {
setcookie('alternc_debugme', '1', time() + 3600); // expire in 1 hour
$this->status = "";
return true;
}
function desactivate() {
setcookie('alternc_debugme','0');
$this->status=false;
return true;
}
function desactivate() {
setcookie('alternc_debugme', '0');
$this->status = false;
return true;
}
function add($txt) {
$this->infos .= "\n$txt";
return true;
}
function add($txt) {
$this->infos .= "\n$txt";
return true;
}
function dump() {
global $cuid;
if ( $cuid!=2000 ) return false;
if ( ! $this->status ) return false;
function dump() {
global $cuid;
if ($cuid != 2000) {
return false;
}
if (!$this->status) {
return false;
}
$generation_time = (microtime(true) - $this->generation_started) * 1000;
$generation_time = (microtime(true) - $this->generation_started) * 1000;
echo "<fieldset style='background-color: silver;'>";
echo "<pre>";
echo "+++ BEGIN Debug Mode+++\n";
echo "Total generation time : $generation_time ms\n";
print_r("\n--- Total SQL Query : ".$this->nb_sql_query." req / ".$this->tps_sql_query." ms ---\n");
print_r($this->infos);
echo "\n\n--- GET ---\n";
print_r($_GET);
echo "\n\n--- POST ---\n";
print_r($_POST);
echo "\n\n--- SESSION ---\n";
@print_r($_SESSION);
echo "\n\n--- COOKIE ---\n";
print_r($_COOKIE);
echo "\n\n--- SERVER ---\n";
print_r($_SERVER);
echo "\n\n+++ END Debug Mode+++";
echo "</pre>";
echo "</fieldset>";
return true;
}
echo "<fieldset style='background-color: silver;'>";
echo "<pre>";
echo "+++ BEGIN Debug Mode+++\n";
echo "Total generation time : $generation_time ms\n";
print_r("\n--- Total SQL Query : " . $this->nb_sql_query . " req / " . $this->tps_sql_query . " ms ---\n");
print_r($this->infos);
echo "\n\n--- GET ---\n";
print_r($_GET);
echo "\n\n--- POST ---\n";
print_r($_POST);
echo "\n\n--- SESSION ---\n";
@print_r($_SESSION);
echo "\n\n--- COOKIE ---\n";
print_r($_COOKIE);
echo "\n\n--- SERVER ---\n";
print_r($_SERVER);
echo "\n\n+++ END Debug Mode+++";
echo "</pre>";
echo "</fieldset>";
return true;
}
} /* Class debug_alternc */
}
?>
/* Class debug_alternc */

210
bureau/class/m_dom.php
View File

@ -85,7 +85,7 @@ class m_dom {
* Constructeur
*/
function m_dom() {
global $L_FQDN;
global $L_FQDN;
$this->tld_no_check_at_all = variable_get('tld_no_check_at_all', 0, 'Disable ALL check on the TLD (users will be able to add any domain)', array('desc' => 'Disabled', 'type' => 'boolean'));
variable_get('mailname_bounce', $L_FQDN, 'FQDN of the mail server, used to create vhost virtual mail_adress.', array('desc' => 'FQDN', 'type' => 'string'));
}
@ -105,16 +105,16 @@ class m_dom {
* @param string $fqdn
*/
public static function get_sub_domain_id_and_member_by_name($fqdn) {
global $db, $err, $cuid;
global $db, $err;
$err->log("dom", "get_sub_domain_by_name");
$fqdn = mysql_real_escape_string($fqdn);
$db->query("select sd.* from sub_domaines sd where if(length(sd.sub)>0,concat_ws('.',sd.sub,sd.domaine),sd.domaine) = '$fqdn';");
if (!$db->next_record())
if (!$db->next_record()) {
return false;
}
return array('sub_id' => intval($db->f('id')), 'member_id' => intval($db->f('compte')));
}
function hook_menu() {
global $quota;
$obj = array(
@ -123,22 +123,20 @@ class m_dom {
'link' => 'toggle',
'pos' => 20,
'links' => array(),
);
);
if ($quota->cancreate("dom")) {
$obj['links'][] =
array(
'ico' => 'images/new.png',
'txt' => _("Add a domain"),
'url' => "dom_add.php",
$obj['links'][] = array(
'ico' => 'images/new.png',
'txt' => _("Add a domain"),
'url' => "dom_add.php",
);
}
foreach ($this->enum_domains() as $d) {
$obj['links'][] =
array(
'txt' => htmlentities($d),
'url' => "dom_edit.php?domain=" . urlencode($d),
$obj['links'][] = array(
'txt' => htmlentities($d),
'url' => "dom_edit.php?domain=" . urlencode($d),
);
}
@ -186,7 +184,7 @@ class m_dom {
* @param integer $type
*/
function domains_type_target_values($type = null) {
global $db, $err, $cuid;
global $db, $err;
$err->log("dom", "domains_type_target_values");
if (is_null($type)) {
$db->query("desc domaines_type;");
@ -202,8 +200,9 @@ class m_dom {
return $r;
} else {
$db->query("select target from domaines_type where name='$type';");
if (!$db->next_record())
if (!$db->next_record()) {
return false;
}
return $db->f('target');
}
}
@ -220,8 +219,9 @@ class m_dom {
$val = array();
foreach (explode("\n", $zone) as $z) {
$z = trim($z);
if (empty($z))
if (empty($z)) {
continue;
}
$val[] = $this->import_manual_dns_entry($z, $domain, $detect_redirect, $save);
}
return $val;
@ -231,11 +231,12 @@ class m_dom {
* @param string $zone
*/
function import_manual_dns_entry($zone, $domain, $detect_redirect = true, $save = false) {
global $cuid, $err;
global $err;
$err->log("dom", "import_manual_dns_entry");
$zone = trim($zone);
if (empty($zone))
if (empty($zone)) {
return false;
}
$domain = trim($domain);
if (empty($domain)) {
@ -409,7 +410,6 @@ class m_dom {
}
private function import_manual_dns_entry_doit($entry) {
global $err;
$entry['did_it'] = 0;
if ($entry['status'] == 'err') {
return $entry;
@ -417,14 +417,14 @@ class m_dom {
$val = $entry['entry_new'];
if (empty($val['type']))
if (empty($val['type'])) {
return false;
}
switch ($val['type']) {
case "set_ttl":
$entry['did_it'] = $this->set_ttl($this->get_domain_byname($val['domain']), $val['value']);
return $entry;
break;
}
// If it is an unknown domains type
@ -435,8 +435,9 @@ class m_dom {
}
// If the subdomain is @, we want an empty subdomain
if ($val['sub'] == '@')
if ($val['sub'] == '@') {
$val['sub'] = '';
}
$this->lock();
$entry['did_it'] = $this->set_sub_domain($val['domain'], $val['sub'], $val['type'], $val['value']);
@ -492,7 +493,6 @@ class m_dom {
if ($result === false) {
throw new Exception("Could not read data from {$url}");
return false;
}
if (strstr($http_response_header[0], '301') || strstr($http_response_header[0], '302')) {
// This is a redirection
@ -528,7 +528,7 @@ class m_dom {
}
function domains_type_get($name) {
global $db, $err, $cuid;
global $db;
$name = mysql_real_escape_string($name);
$db->query("select * from domaines_type where name='$name' ;");
$db->next_record();
@ -536,14 +536,14 @@ class m_dom {
}
function domains_type_del($name) {
global $db, $err, $cuid;
global $db;
$name = mysql_real_escape_string($name);
$db->query("delete domaines_type where name='$name';");
return true;
}
function domains_type_update($name, $description, $target, $entry, $compatibility, $enable, $only_dns, $need_dns, $advanced, $create_tmpdir, $create_targetdir) {
global $err, $cuid, $db;
global $err, $db;
// The name MUST contain only letter and digits, it's an identifier after all ...
if (!preg_match("#^[a-z0-9]+$#", $name)) {
$err->raise("dom", _("The name MUST contain only letter and digits"));
@ -565,12 +565,13 @@ class m_dom {
}
function sub_domain_change_status($sub_id, $status) {
global $db, $err, $cuid;
global $db, $err;
$err->log("dom", "sub_domain_change_status");
$sub_id = intval($sub_id);
$status = strtoupper($status);
if (!in_array($status, array('ENABLE', 'DISABLE')))
if (!in_array($status, array('ENABLE', 'DISABLE'))) {
return false;
}
$jh = $this->get_sub_domain_all($sub_id);
if ($status == 'ENABLE') { // check compatibility with existing sub_domains
@ -618,9 +619,7 @@ class m_dom {
$dom = strtolower($dom);
$db->query("UPDATE sub_domaines SET web_action='UPDATE' WHERE domaine='$dom';");
$this->set_dns_action($dom, 'UPDATE');
# TODO : some work with domain sensitive classes
return true;
}
@ -638,7 +637,7 @@ class m_dom {
* @return boolean Retourne FALSE si une erreur s'est produite, TRUE sinon.
*/
function del_domain($dom) {
global $db, $err, $classes, $cuid, $hooks;
global $db, $err, $hooks;
$err->log("dom", "del_domain", $dom);
$dom = strtolower($dom);
@ -689,7 +688,7 @@ class m_dom {
$ @return boolean Retourne FALSE si une erreur s'est produite, TRUE sinon.
*/
function add_domain($domain, $dns, $noerase = false, $force = false, $isslave = false, $slavedom = "") {
global $db, $err, $quota, $classes, $L_MX, $L_FQDN, $tld, $cuid, $bro, $hooks;
global $db, $err, $quota, $L_FQDN, $tld, $cuid, $hooks;
$err->log("dom", "add_domain", $domain);
// Locked ?
@ -740,14 +739,15 @@ class m_dom {
return false;
}
if ($dns)
if ($dns) {
$dns = "1";
else
} else {
$dns = "0";
}
// mode 5 : force DNS to NO.
if ($tld[$v] == 5)
if ($tld[$v] == 5) {
$dns = 0;
}
// It must be a real domain (no subdomain)
if (!$dns) {
$v = checkhostallow_nodns($domain);
@ -762,14 +762,16 @@ class m_dom {
$err->raise("dom", _("Your domain quota is over, you cannot create more domain names"));
return false;
}
if ($noerase)
if ($noerase) {
$noerase = "1";
else
} else {
$noerase = "0";
if ($dns)
}
if ($dns) {
$gesmx = "1";
else
} else {
$gesmx = "0"; // do not host mx by default if not hosting the DNS
}
$db->query("INSERT INTO domaines (compte,domaine,gesdns,gesmx,noerase,dns_action) VALUES ('$cuid','$domain','$dns','$gesmx','$noerase','UPDATE');");
if (!($id = $db->lastid())) {
$err->raise("dom", _("An unexpected error occured when creating the domain"));
@ -798,8 +800,9 @@ class m_dom {
}
// New Hooks:
$hooks->invoke("hook_dom_add_domain", array($id));
if ($gesmx)
if ($gesmx) {
$hooks->invoke("hook_dom_add_mx_domain", array($id));
}
if ($isslave) {
$hooks->invoke("hook_dom_add_slave_domain", array($id, $slavedom));
}
@ -834,13 +837,11 @@ class m_dom {
* @param string $domain
*/
function domdefaultdir($domain) {
global $bro, $cuid;
$dest_root = $bro->get_userid_root($cuid);
# return $dest_root."/www/".$this->domshort($domain);
return "/www/" . $this->domshort($domain);
}
function dump_axfr($domain, $ns = 'localhost') {
$axfr = array();
exec('/usr/bin/dig AXFR "' . escapeshellcmd($domain) . '" @"' . escapeshellcmd($ns) . '"', $axfr);
return $axfr;
}
@ -858,7 +859,7 @@ class m_dom {
'domain_type_parameter' => $db->f('domain_type_parameter'),
'concerned' => $db->f('concerned'),
'enabled' => $db->f('enabled')
);
);
}
return $c;
@ -869,12 +870,14 @@ class m_dom {
$err->log("dom", "update_default_subdomains");
$ok = true;
foreach ($arr as $a) {
if (!isset($a['id']))
if (!isset($a['id'])) {
$a['id'] = null;
}
if (!empty($a['sub']) || !empty($a['domain_type_parameter'])) {
if (!isset($a['enabled']))
if (!isset($a['enabled'])) {
$a['enabled'] = 0;
}
if (!$this->update_one_default($a['domain_type'], $a['sub'], $a['domain_type_parameter'], $a['concerned'], $a['enabled'], $a['id'])) {
$ok = false;
}
@ -887,10 +890,11 @@ class m_dom {
global $db, $err;
$err->log("dom", "update_one_default");
if ($id == null)
if ($id == null) {
$db->query("INSERT INTO default_subdomains values ('','" . addslashes($sub) . "','" . addslashes($domain_type) . "','" . addslashes($domain_type_parameter) . "','" . addslashes($concerned) . "','" . addslashes($enabled) . "');");
else
} else {
$db->query("UPDATE default_subdomains set sub='" . addslashes($sub) . "', domain_type='" . addslashes($domain_type) . "',domain_type_parameter='" . addslashes($domain_type_parameter) . "',concerned='" . addslashes($concerned) . "',enabled='" . addslashes($enabled) . "' where id=" . addslashes($id) . ";");
}
return true;
//update
}
@ -924,7 +928,7 @@ class m_dom {
*
*/
function whois($domain) {
global $db, $err;
global $err;
$err->log("dom", "whois", $domain);
// pour ajouter un nouveau TLD, utiliser le code ci-dessous.
// echo "whois : $domain<br />";
@ -978,16 +982,19 @@ class m_dom {
if (preg_match("#Name Server:#", $ligne)) {
$found = true;
$tmp = strtolower(str_replace(chr(10), "", str_replace(chr(13), "", str_replace(" ", "", str_replace("Name Server:", "", $ligne)))));
if ($tmp)
if ($tmp) {
$serveurList[] = $tmp;
}
}
break;
case "cx":
$ligne = str_replace(chr(10), "", str_replace(chr(13), "", str_replace(" ", "", $ligne)));
if ($ligne == "" && $state == 1)
if ($ligne == "" && $state == 1) {
$state = 2;
if ($state == 1)
}
if ($state == 1) {
$serveurList[] = strtolower($ligne);
}
if ($ligne == "Nameservers:" && $state == 0) {
$state = 1;
$found = true;
@ -996,10 +1003,12 @@ class m_dom {
case "eu":
case "be":
$ligne = preg_replace("/^ *([^ ]*) \(.*\)$/", "\\1", trim($ligne));
if ($found)
if ($found) {
$tmp = trim($ligne);
if ($tmp)
}
if ($tmp) {
$serveurList[] = $tmp;
}
if ($ligne == "Nameservers:") {
$state = 1;
$found = true;
@ -1011,16 +1020,18 @@ class m_dom {
// weird regexp (trailing garbage after name server), but I could not make it work otherwise
$tmp = strtolower(preg_replace('/Name Server: ([^ ]+)\..$/', "\\1", $ligne));
$tmp = preg_replace('/[^-_a-z0-9\.]/', '', $tmp);
if ($tmp)
if ($tmp) {
$serveurList[] = $tmp;
}
}
break;
case "it":
if (preg_match("#nserver:#", $ligne)) {
$found = true;
$tmp = strtolower(preg_replace("/nserver:\s*[^ ]*\s*([^\s]*)$/", "\\1", $ligne));
if ($tmp)
if ($tmp) {
$serveurList[] = $tmp;
}
}
break;
case "fr":
@ -1028,8 +1039,9 @@ class m_dom {
if (preg_match("#nserver:#", $ligne)) {
$found = true;
$tmp = strtolower(preg_replace("#nserver:\s*([^\s]*)\s*.*$#", "\\1", $ligne));
if ($tmp)
if ($tmp) {
$serveurList[] = $tmp;
}
}
break;
case "ca":
@ -1082,6 +1094,8 @@ class m_dom {
function checkmx($domaine, $ref_domain = '') {
global $L_DEFAULT_MX, $L_DEFAULT_SECONDARY_MX;
$ref_mx = array();
$mxhosts = array();
if (!empty($ref_domain)) {
getmxrr($ref_domain, $ref_mx);
} else {
@ -1114,9 +1128,6 @@ class m_dom {
return 0;
}
//checkmx
/* ----------------------------------------------------------------- */
/**
@ -1245,7 +1256,7 @@ class m_dom {
* @param string $value
*/
function check_type_value($type, $value) {
global $db, $err, $cuid;
global $err;
// check the type we can have in domaines_type.target
switch ($this->domains_type_target_values($type)) {
@ -1273,7 +1284,6 @@ class m_dom {
return false;
}
return true;
break;
case 'IP':
if (checkip($value)) {
return true;
@ -1309,14 +1319,10 @@ class m_dom {
default:
$err->raise("dom", _("Invalid domain type selected, please check"));
return false;
break;
}
return false;
}
//check_type_value
/* ----------------------------------------------------------------- */
/**
@ -1328,13 +1334,14 @@ class m_dom {
* @return boolean tell you if the subdomain can be installed there
*/
function can_create_subdomain($dom, $sub, $type, $sub_domain_id = 'null') {
global $db, $err, $cuid;
global $db, $err;
$err->log("dom", "can_create_subdomain", $dom . "/" . $sub);
// Get the compatibility list for this domain type
$db->query("select upper(compatibility) as compatibility from domaines_type where upper(name)=upper('$type');");
if (!$db->next_record())
if (!$db->next_record()) {
return false;
}
$compatibility_lst = explode(",", $db->f('compatibility'));
// Get the list of type of subdomains already here who have the same name
@ -1342,8 +1349,9 @@ class m_dom {
#$db->query("select * from sub_domaines where sub='$sub' and domaine='$dom';");
while ($db->next_record()) {
// And if there is a domain with a incompatible type, return false
if (!in_array(strtoupper($db->f('type')), $compatibility_lst))
if (!in_array(strtoupper($db->f('type')), $compatibility_lst)) {
return false;
}
}
// All is right, go ! Create ur domain !
@ -1393,7 +1401,7 @@ class m_dom {
}
// On a épuré $dir des problémes eventuels ... On est en DESSOUS du dossier de l'utilisateur.
if ($t = checkfqdn($dom)) {
if (($t = checkfqdn($dom))) {
$err->raise("dom", _("The domain name is syntaxically incorrect"));
return false;
}
@ -1415,7 +1423,7 @@ class m_dom {
// Create TMP dir and TARGET dir if needed by the domains_type
$dest_root = $bro->get_userid_root($cuid);
$domshort = $this->domshort($dom, $sub);
//$domshort = $this->domshort($dom, $sub);
$db->query("select create_tmpdir, create_targetdir from domaines_type where name = '$type';");
$db->next_record();
if ($db->f('create_tmpdir')) {
@ -1444,9 +1452,6 @@ class m_dom {
return true;
}
// set_sub_domain
/* ----------------------------------------------------------------- */
/**
@ -1456,7 +1461,7 @@ class m_dom {
*
*/
function del_sub_domain($sub_domain_id) {
global $db, $err, $cuid;
global $db, $err;
$err->log("dom", "del_sub_domain", $sub_domain_id);
// Locked ?
if (!$this->islocked) {
@ -1473,8 +1478,6 @@ class m_dom {
return true;
}
// del_sub_domain
/**
* @param integer $dom_id
*/
@ -1505,7 +1508,7 @@ class m_dom {
*
*/
function edit_domain($dom, $dns, $gesmx, $force = false, $ttl = 86400) {
global $db, $err, $L_MX, $classes, $cuid, $hooks;
global $db, $err, $hooks;
$err->log("dom", "edit_domain", $dom . "/" . $dns . "/" . $gesmx);
// Locked ?
if (!$this->islocked && !$force) {
@ -1544,8 +1547,9 @@ class m_dom {
$err->raise("dom", _("The domain name %s does not exist"), $dom);
return false;
}
if ($dns != "1")
if ($dns != "1") {
$dns = "0";
}
// On vérifie que des modifications ont bien eu lieu :)
if ($r["dns"] == $dns && $r["mail"] == $gesmx && $r["zonettl"] == $ttl) {
$err->raise("dom", _("No change has been requested..."));
@ -1579,14 +1583,10 @@ class m_dom {
return true;
}
// edit_domain
/* * ************************* */
/* Slave dns ip managment */
/* * ************************* */
/* ----------------------------------------------------------------- */
/** Return the list of ip addresses and classes that are allowed access to domain list
@ -1616,8 +1616,9 @@ class m_dom {
return false;
}
$class = intval($class);
if ($class < 8 || $class > 32)
if ($class < 8 || $class > 32) {
$class = 32;
}
$db->query("SELECT * FROM slaveip WHERE ip='$ip' AND class='$class';");
if ($db->next_record()) {
$err->raise("err", _("The requested domain is forbidden in this server, please contact the administrator"));
@ -1652,7 +1653,7 @@ class m_dom {
/** Check for a slave account
*/
function check_slave_account($login, $pass) {
global $db, $err;
global $db;
$db->query("SELECT * FROM slaveaccount WHERE login='$login' AND pass='$pass';");
if ($db->next_record()) {
return true;
@ -1665,7 +1666,7 @@ class m_dom {
/** Out (echo) the complete hosted domain list :
*/
function echo_domain_list($integrity = false) {
global $db, $err;
global $db;
$db->query("SELECT domaine FROM domaines WHERE gesdns=1 ORDER BY domaine");
$tt = "";
while ($db->next_record()) {
@ -1684,7 +1685,7 @@ class m_dom {
/** Returns the complete hosted domain list :
*/
function get_domain_list($uid = -1) {
global $db, $err;
global $db;
$uid = intval($uid);
$res = array();
$sql = "";
@ -1703,7 +1704,7 @@ class m_dom {
* @return array
*/
function get_domain_all_summary() {
global $db, $err;
global $db;
$res = array();
$db->query("SELECT domaine, gesdns, gesmx, dns_action, zonettl FROM domaines ORDER BY domaine");
while ($db->next_record()) {
@ -1770,7 +1771,7 @@ class m_dom {
/** Count all domains, for all users
*/
function count_domains_all() {
global $db, $err, $cuid;
global $db;
$db->query("SELECT COUNT(*) AS count FROM domaines;");
if ($db->next_record()) {
return $db->f('count');
@ -1784,14 +1785,15 @@ class m_dom {
/** Return the list of allowed slave accounts
*/
function enum_slave_account() {
global $db, $err;
global $db;
$db->query("SELECT * FROM slaveaccount;");
$res = array();
while ($db->next_record()) {
$res[] = $db->Record;
}
if (!count($res))
if (!count($res)) {
return false;
}
return $res;
}
@ -1831,7 +1833,7 @@ class m_dom {
* @access private
*/
function lock() {
global $db, $err;
global $err;
$err->log("dom", "lock");
if ($this->islocked) {
$err->raise("dom", _("--- Program error --- Lock already obtained!"));
@ -1850,7 +1852,7 @@ class m_dom {
* @access private
*/
function unlock() {
global $db, $err;
global $err;
$err->log("dom", "unlock");
if (!$this->islocked) {
$err->raise("dom", _("--- Program error --- No lock on the domains!"));
@ -1914,10 +1916,10 @@ class m_dom {
* No parameters needed
* */
function alternc_export_conf() {
global $db, $err;
global $err;
$err->log("dom", "export");
$this->enum_domains();
$str="";
$str = "";
foreach ($this->domains as $d) {
$str.= " <domaines>\n";
$str.=" <nom>" . $d . "</nom>\n";
@ -1975,6 +1977,7 @@ class m_dom {
if ($only_apache) {
$params.=" and dt.only_dns is false ";
}
// BUG BUG BUG FIXME
// Suppression de comptes -> membres existe pas -> domaines a supprimer ne sont pas lister
$db->query("
@ -2017,8 +2020,9 @@ order by
global $dom;
$d = array();
foreach ($dom->domains_type_lst() as $k => $v) {
if ($v['only_dns'] == true)
if ($v['only_dns'] == true) {
continue;
}
if (!$j = file_get_contents(ALTERNC_APACHE2_GEN_TMPL_DIR . '/' . strtolower($k) . '.conf')) {
die("Error: missing file for $k");
}
@ -2030,9 +2034,9 @@ order by
// Launch old fashionned hooks as there was in AlternC 1.0
function generate_conf_oldhook($action, $lst_sub, $sub_obj = null) {
if (is_null($sub_obj))
if (is_null($sub_obj)) {
$sub_obj = $this->generation_parameters(null, false);
}
if (!isset($lst_sub[strtoupper($action)]) || empty($lst_sub[strtoupper($action)])) {
return false;
}
@ -2173,12 +2177,14 @@ order by
// by subdomain
$tmp = array();
foreach ($da['sub'] as $sub) {
if ($sub['web_action']!='OK') continue;
if ($sub['web_action'] != 'OK') {
continue;
}
if (!$sub['only_dns']) {
if (!isset($tmp[$sub['fqdn']])) {
$tmp[$sub['fqdn']] = 0;
}
$tmp[$sub['fqdn']]++;
$tmp[$sub['fqdn']] ++;
if ($tmp[$sub['fqdn']] >= 2) {
$errors[$sub['fqdn']] = sprintf(_("Problem on %s: there is more than 1 web configuration going to be generated for this sub-domain."), $sub['fqdn']);
}

248
bureau/class/m_err.php
View File

@ -1,142 +1,144 @@
<?php
/*
$Id: m_err.php,v 1.4 2004/05/19 14:23:06 benjamin Exp $
----------------------------------------------------------------------
LICENSE
$Id: m_err.php,v 1.4 2004/05/19 14:23:06 benjamin Exp $
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag, Franck Missoum
----------------------------------------------------------------------
*/
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag, Franck Missoum
----------------------------------------------------------------------
*/
/**
* Classe de gestion des erreurs apparaissant lors d'appels API.
*
* <p>Cette classe gère les erreurs qui peuvent apparaitre lors d'appels
* à l'API d'AlternC. Ces erreurs sont stockées sous la forme de 2 nombres
* (Classe ID et Numéro d'erreur) ainsi qu'un texte facultatif associé.
* Des textes d'erreurs localisés sont aussi disponibles.</p>
* <p>Cette classe se charge aussi d'insérer les appels à l'API d'AlternC
* dans les logs du système dans /var/log/alternc/bureau.log
* </p>
* Copyleft {@link http://alternc.net/ AlternC Team}
*
* @copyright AlternC-Team 2002-11-01 http://alternc.net/
*/
* Classe de gestion des erreurs apparaissant lors d'appels API.
*
* <p>Cette classe gère les erreurs qui peuvent apparaitre lors d'appels
* à l'API d'AlternC. Ces erreurs sont stockées sous la forme de 2 nombres
* (Classe ID et Numéro d'erreur) ainsi qu'un texte facultatif associé.
* Des textes d'erreurs localisés sont aussi disponibles.</p>
* <p>Cette classe se charge aussi d'insérer les appels à l'API d'AlternC
* dans les logs du système dans /var/log/alternc/bureau.log
* </p>
* Copyleft {@link http://alternc.net/ AlternC Team}
*
* @copyright AlternC-Team 2002-11-01 http://alternc.net/
*/
class m_err {
/** Numero de classe d'erreur actuelle */
var $clsid=0;
/** Numero de classe d'erreur actuelle */
var $clsid = 0;
/** Dernière erreur enregistrée par la classe */
var $error=0;
/** Dernière erreur enregistrée par la classe */
var $error = 0;
/** Paramètre chaine eventuellement associé à la dernière erreur */
var $param="";
/** Paramètre chaine eventuellement associé à la dernière erreur */
var $param = "";
/** Emplacement du fichier de logs d'AlternC */
var $logfile="/var/log/alternc/bureau.log";
/** Emplacement du fichier de logs d'AlternC */
var $logfile = "/var/log/alternc/bureau.log";
/**
* Leve une erreur, signale celle-ci dans les logs et stocke le code erreur
*
* Cette fonction lance une erreur, l'ajoute dans les logs d'AlternC,
* et la met à disposition pour le bureau virtuel pour affichage ultérieur.
*
* @todo ne plus utiliser $error de façon numérique, nulle part
*
* @param integer $clsid Classe qui lève l'erreur
* @param mixed $error Numéro de l'erreur ou chaîne décrivant l'erreur
* @param string $param Paramètre chaine associé à l'erreur (facultatif)
* @return boolean TRUE si l'erreur est connue, FALSE sinon.
*
*/
function raise($clsid,$error,$param="") {
/* Leve une exception. Si elle existe, sinon, stocke un message d'erreur sur erreur ...*/
if (_("err_".$clsid."_".$error)!="err_".$clsid."_".$error || is_string($error)) {
$this->clsid=$clsid;
$this->error=$error;
$args = func_get_args();
$this->param=array_slice($args, 2);
$this->logerr();
return true;
} else {
$this->clsid="err";
$this->error=1;
$this->param="Error # $error in Class $clsid, Value is $param. (sorry, no text for this error in your language at the moment)";
$this->logerr();
return false;
/**
* Leve une erreur, signale celle-ci dans les logs et stocke le code erreur
*
* Cette fonction lance une erreur, l'ajoute dans les logs d'AlternC,
* et la met à disposition pour le bureau virtuel pour affichage ultérieur.
*
* @todo ne plus utiliser $error de façon numérique, nulle part
*
* @param integer $clsid Classe qui lève l'erreur
* @param mixed $error Numéro de l'erreur ou chaîne décrivant l'erreur
* @param string $param Paramètre chaine associé à l'erreur (facultatif)
* @return boolean TRUE si l'erreur est connue, FALSE sinon.
*
*/
function raise($clsid, $error, $param = "") {
/* Leve une exception. Si elle existe, sinon, stocke un message d'erreur sur erreur ... */
if (_("err_" . $clsid . "_" . $error) != "err_" . $clsid . "_" . $error || is_string($error)) {
$this->clsid = $clsid;
$this->error = $error;
$args = func_get_args();
$this->param = array_slice($args, 2);
$this->logerr();
return true;
} else {
$this->clsid = "err";
$this->error = 1;
$this->param = "Error # $error in Class $clsid, Value is $param. (sorry, no text for this error in your language at the moment)";
$this->logerr();
return false;
}
}
}
/**
* Retourne la chaine d'erreur correspondant à la dernière erreur rencontrée
*
* Si la dernière erreur rencontrée est connue, retourne l'erreur en toute lettre
* dans la langue actuellement sélectionnée, ou en anglais par défaut.
* Si l'erreur n'est pas connue, retourne son numéro de classe et d'ereur.
*
* @return string Chaine d'erreur.
*
*/
function errstr() {
if (is_string($this->error)) {
// new way of handling errors: message directly in the class
$str = $this->error."\n";
} else {
// old way: message in the locales files (ugly)
$str = _("err_".$this->clsid."_".$this->error)."\n";
/**
* Retourne la chaine d'erreur correspondant à la dernière erreur rencontrée
*
* Si la dernière erreur rencontrée est connue, retourne l'erreur en toute lettre
* dans la langue actuellement sélectionnée, ou en anglais par défaut.
* Si l'erreur n'est pas connue, retourne son numéro de classe et d'ereur.
*
* @return string Chaine d'erreur.
*
*/
function errstr() {
if (is_string($this->error)) {
// new way of handling errors: message directly in the class
$str = $this->error . "\n";
} else {
// old way: message in the locales files (ugly)
$str = _("err_" . $this->clsid . "_" . $this->error) . "\n";
}
$args = $this->param;
if (is_array($args)) {
array_unshift($args, $str);
$msg = call_user_func_array("sprintf", $args);
return $msg;
} else {
return $args;
}
}
$args = $this->param;
if (is_array($args)) {
array_unshift($args, $str);
$msg = call_user_func_array("sprintf", $args);
return $msg;
} else {
return $args;
/**
* Envoi un log d'erreur dans /var/log/alternc/bureau.log
*
* Cette fonction Loggue la dernière erreur dans /var/log sur la machine,
* permettant ainsi aux admins de savoir ce qu'il se passe...
* Elle est appelée automatiquement par error
* @access private
*/
function logerr() {
global $mem;
@file_put_contents($this->logfile, date("d/m/Y H:i:s") . " - ERROR - " . $mem->user["login"] . " - " . $this->errstr(), FILE_APPEND);
}
}
/**
* Envoi un log d'erreur dans /var/log/alternc/bureau.log
*
* Cette fonction Loggue la dernière erreur dans /var/log sur la machine,
* permettant ainsi aux admins de savoir ce qu'il se passe...
* Elle est appelée automatiquement par error
* @access private
*/
function logerr() {
global $mem;
@file_put_contents($this->logfile, date("d/m/Y H:i:s")." - ERROR - ".$mem->user["login"]." - ".$this->errstr(), FILE_APPEND );
}
/**
* Envoi un log d'appel d'API dans /var/log/alternc/bureau.log
*
* Cette fonction loggue dans /var/log l'appel à la fonction de l'API
* d'AlternC.
*
* @param integer $clsid Numéro de la classe dont on a appelé une fonction
* @param string $function Nom de la fonction appelée
* @param string $param Paramètre (facultatif) passés à la fonction de l'API.
* @return boolean TRUE si le log a été ajouté, FALSE sinon
*
*/
function log($clsid, $function, $param = "") {
global $mem;
return @file_put_contents($this->logfile, date("d/m/Y H:i:s") . " - " . get_remote_ip() . " - CALL - " . $mem->user["login"] . " - $clsid - $function - $param\n", FILE_APPEND);
}
/**
* Envoi un log d'appel d'API dans /var/log/alternc/bureau.log
*
* Cette fonction loggue dans /var/log l'appel à la fonction de l'API
* d'AlternC.
*
* @param integer $clsid Numéro de la classe dont on a appelé une fonction
* @param string $function Nom de la fonction appelée
* @param string $param Paramètre (facultatif) passés à la fonction de l'API.
* @return boolean TRUE si le log a été ajouté, FALSE sinon
*
*/
function log($clsid,$function,$param="") {
global $mem,$cuid;
return @file_put_contents($this->logfile,date("d/m/Y H:i:s")." - " .get_remote_ip(). " - CALL - ".$mem->user["login"]." - $clsid - $function - $param\n", FILE_APPEND );
}
}
}; /* Classe m_err */
?>
/* Classe m_err */

32
bureau/class/m_export.php
View File

@ -1,29 +1,35 @@
<?php
/*---------------------------------------------------------------------------*/
/** Constructor
Classe d'export de compte Alternc.
Cette classe ce contente d'invoquer les fonctions d'exportation de configuration et de données d'un compte,
presentes dans les classes concernées.
*/
/* --------------------------------------------------------------------------- */
/** Constructor
Classe d'export de compte Alternc.
Cette classe ce contente d'invoquer les fonctions d'exportation de configuration et de données d'un compte,
presentes dans les classes concernées.
*/
Class m_export {
function m_export() {
}
function export_conf(){
function export_conf() {
global $hooks;
$config=$hooks->invoke('alternc_export_conf');
$config = $hooks->invoke('alternc_export_conf');
return $config;
}
/** le repertoire de base est passé en paramettre puis en construit une arborescence de la forme
<dir>/<user>/<timestamp/ qui contiendra les dossier de dump html et sql
*/
function export_data($dir){
/** le repertoire de base est passé en paramettre puis en construit une arborescence de la forme
<dir>/<user>/<timestamp/ qui contiendra les dossier de dump html et sql
*/
function export_data($dir) {
global $hooks, $mem;
$hooks->invoke('alternc_export_data', Array($dir));
}
}// export Class end
}
// export Class end

900
bureau/class/m_ftp.php
View File

@ -1,4 +1,5 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
@ -6,483 +7,512 @@
https://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Purpose of file: Manage FTP accounts
----------------------------------------------------------------------
*/
*/
/**
* Classe de gestion des comptes FTP de l'hébergé.
*/
* FTP account management class
*/
class m_ftp {
var $srv_name;
var $srv_name;
/* ----------------------------------------------------------------- */
/**
* Constructeur
*/
function m_ftp() {
global $L_FQDN;
$this->srv_name = variable_get('ftp_human_name', $L_FQDN,'Human name for FTP server', array('desc'=>'Name','type'=>'string'));
}
/* ----------------------------------------------------------------- */
/* ----------------------------------------------------------------- */
/**
* Password kind used in this class (hook for admin class)
*/
function alternc_password_policy() {
return array("ftp"=>"FTP accounts");
}
function hook_menu() {
global $quota;
$q = $quota->getquota("ftp");
$obj = array(
'title' => _("FTP accounts"),
'ico' => 'images/ftp.png',
'link' => 'toggle',
'pos' => 60,
'links' => array(),
) ;
if ( $quota->cancreate("ftp") ) {
$obj['links'][] =
array (
'ico' => 'images/new.png',
'txt' => _("Create a new ftp account"),
'url' => "ftp_edit.php?create=1",
'class' => '',
);
}
if ( $q['u'] > 0 ) { // if there are some FTP accounts
$obj['links'][] =
array (
'txt' => _("FTP accounts list"),
'url' => "ftp_list.php"
);
}
return $obj;
}
// Return the values needed to activate security access. See get_auth_class()
// in authip for more informations
function authip_class() {
$c = Array();
$c['name']="FTP";
$c['protocol']="ftp";
$c['values']=Array();
$tt = $this->get_list();
if (empty($tt) || !is_array($tt)) return $c;
foreach ($this->get_list() as $v ) {
$c['values'][$v['id']]=$v['login'];
/**
* Constructeur
*/
function m_ftp() {
global $L_FQDN;
$this->srv_name = variable_get('ftp_human_name', $L_FQDN, 'Human name for FTP server', array('desc' => 'Name', 'type' => 'string'));
}
return $c;
}
/* ----------------------------------------------------------------- */
// Switch enabled status of an account
function switch_enabled($id,$status=null) {
global $cuid, $db, $err;
if (! $jj = $this->get_ftp_details($id)) {
$err->raise('ftp', _("This account do not exist or is not of this account"));
return false;
}
if ( $status == null ){
if ($jj[0]['enabled'] == true ) { $status=0;}
else { $status=1; }
}
// Be sure what is in $status, in case of it was a parameter
$status = ($status?'true':'false');
if ( ! $db->query("UPDATE ftpusers SET enabled = $status WHERE uid = '$cuid' AND id = '$id' ;") ) {
$err->raise('ftp', _("Error during update"));
return false;
} else {
return true ;
}
}
/* ----------------------------------------------------------------- */
/** Retourne la liste des comptes FTP du compte hébergé
* Retourne la liste des comptes FTP sous forme de tableau indexé de
* tableaus associatifs comme suit :
* $a["id"]= ID du compte ftp
* $a["login"]= Nom de login du compte
* $a["dir"]= Dossier relatif à la racine du compte de l'utilisateur
* @return array Retourne le tableau des comptes
*/
function get_list() {
global $db,$err,$cuid, $bro;
$err->log("ftp","get_list");
$r=array();
$db->query("SELECT id, name, homedir, enabled FROM ftpusers WHERE uid='$cuid' ORDER BY name;");
if ($db->num_rows()) {
while ($db->next_record()) {
$r[]=array(
"id"=>$db->f("id"),
"login"=>$db->f("name"),
"enabled"=>$db->f("enabled"),
//"dir"=>$match[1]
"dir"=>$db->f("homedir")
);
}
return $r;
} else {
$err->raise("ftp",_("No FTP account found"));
return array();
}
}
/* ----------------------------------------------------------------- */
/** Retourne les détails d'un compte FTP (voir get_list)
* Le tableau est celui du compte d'id spécifié
* @param integer $id Numéro du compte dont on souhaite obtenir les détails
* @return array Tableau associatif contenant les infos du comptes ftp
*/
function get_ftp_details($id) {
global $db,$err,$cuid;
$err->log("ftp","get_ftp_details",$id);
$r=array();
$db->query("SELECT id, name, homedir, enabled FROM ftpusers WHERE uid='$cuid' AND id='$id';");
if ($db->num_rows()) {
$db->next_record();
$regexp="/^".preg_quote(getuserpath(),"/")."\/(.*)$/";
preg_match($regexp, $db->f("homedir"),$match);
$lg=explode("_",$db->f("name"));
if ((!is_array($lg)) || (count($lg)!=2)) {
$lg[0]=$db->f("name");
$lg[1]="";
}
$r[]=array(
"id"=>$db->f("id"),
"prefixe"=> $lg[0],
"login"=>$lg[1],
"dir"=>$match[1],
"enabled"=>$db->f("enabled")
);
return $r;
} else {
$err->raise("ftp",_("This FTP account does not exist"));
return false;
}
}
/* ----------------------------------------------------------------- */
/** Retourne la liste des prefixes utilisables par le compte courant
* @return array tableau contenant la liste des prefixes (domaines + login)
* du compte actuel.
*/
function prefix_list() {
global $db,$mem,$cuid;
$r=array();
$r[]=$mem->user["login"];
$db->query("SELECT domaine FROM domaines WHERE compte='$cuid' ORDER BY domaine;");
while ($db->next_record()) {
$r[]=$db->f("domaine");
}
return $r;
}
/**
* Check if the login is fine (syntax)
*
* @param string $l
*/
function check_login($l) {
global $err;
// special chars and the max numbers of them allowed
// to be able to give a specific error
$vv = array('_'=>'1', ' '=>0);
foreach ($vv as $k=>$n) {
if (substr_count($l, $k) > $n ) { // if there is more than $n $k
$err->raise('ftp', sprintf(_("FTP login is incorrect: too many '%s'"), $k));
return false;
}
/**
* Password kind used in this class (hook for admin class)
*/
function alternc_password_policy() {
return array("ftp" => "FTP accounts");
}
// Explicitly look for only allowed chars
if ( ! preg_match("/^[A-Za-z0-9]+[A-Za-z0-9_\.\-]*$/", $l) ) {
$err->raise('ftp', _("FTP login is incorrect"));
return false;
}
return true;
}
function hook_menu() {
global $quota;
$q = $quota->getquota("ftp");
/* ----------------------------------------------------------------- */
/** Affiche (ECHO) la liste des prefixes disponibles sous forme de champs d'option
* Les champs sont affichés sous la forme <option>prefixe</option>...
* La valeur $current se voit affublée de la balise SELECTED.
* @param string $current Prefixe sélectionné par défaut
* @return boolean TRUE.
*/
function select_prefix_list($current) {
$r=$this->prefix_list();
reset($r);
while (list($key,$val)=each($r)) {
if ($current==$val) $c=" selected=\"selected\""; else $c="";
echo "<option$c>$val</option>";
}
return true;
}
$obj = array(
'title' => _("FTP accounts"),
'ico' => 'images/ftp.png',
'link' => 'toggle',
'pos' => 60,
'links' => array(),
);
/* ----------------------------------------------------------------- */
/** Modifie les paramètres du comptes FTP $id.
* @param integer $id Numéro du compte dont on veut modifier les paramètres
* @param string $prefixe Prefixe du compte FTP
* @param string $login login ajouté au préfixe ($prefixe_$login)
* @param string $pass mot de passe
* @param string $dir Répertoire racine du compte
* @return boolean TRUE si le compte a été modifié, FALSE si une erreur est survenue.
*/
function put_ftp_details($id,$prefixe,$login,$pass,$dir) {
global $mem,$db,$err,$bro,$cuid,$admin;
$err->log("ftp","put_ftp_details",$id);
$db->query("SELECT count(*) AS cnt FROM ftpusers WHERE id='$id' and uid='$cuid';");
$db->next_record();
if (!$db->f("cnt")) {
$err->raise("ftp",_("This FTP account does not exist"));
return false;
}
$dir=$bro->convertabsolute($dir);
if (substr($dir,0,1)=="/") {
$dir=substr($dir,1);
}
$r=$this->prefix_list();
if (!in_array($prefixe,$r)) {
$err->raise("ftp",_("The chosen prefix is not allowed"));
return false;
}
$full_login=$prefixe;
if ($login) $full_login.="_".$login;
if (! $this->check_login($full_login) ) return false;
$db->query("SELECT COUNT(*) AS cnt FROM ftpusers WHERE id!='$id' AND name='$full_login';");
$db->next_record();
if ($db->f("cnt")) {
$err->raise("ftp",_("This FTP account already exists"));
return false;
}
$absolute=getuserpath()."/$dir";
if (!file_exists($absolute)) {
system("/bin/mkdir -p $absolute");
}
if (!is_dir($absolute)) {
$err->raise("ftp",_("The directory cannot be created"));
return false;
}
if (trim($pass)) {
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
if (!$admin->checkPolicy("ftp",$full_login,$pass)) {
return false; // The error has been raised by checkPolicy()
if ($quota->cancreate("ftp")) {
$obj['links'][] = array(
'ico' => 'images/new.png',
'txt' => _("Create a new ftp account"),
'url' => "ftp_edit.php?create=1",
'class' => '',
);
}
}
$encrypted_password = _md5cr($pass,strrev(microtime(true)));
$db->query("UPDATE ftpusers SET name='".$full_login."', password='', encrypted_password='$encrypted_password', homedir='$absolute', uid='$cuid' WHERE id='$id';");
} else {
$db->query("UPDATE ftpusers SET name='".$full_login."', homedir='$absolute', uid='$cuid' WHERE id='$id';");
}
return true;
}
if ($q['u'] > 0) { // if there are some FTP accounts
$obj['links'][] = array(
'txt' => _("FTP accounts list"),
'url' => "ftp_list.php"
);
}
/* ----------------------------------------------------------------- */
/** Efface le compte ftp spécifié.
* @param integer $id Numéro du compte FTP à supprimer.
* @return boolean TRUE si le compte a été effacé, FALSE sinon.
*/
function delete_ftp($id) {
global $db,$err,$cuid;
$err->log("ftp","delete_ftp",$id);
$db->query("SELECT name FROM ftpusers WHERE id='$id' and uid='$cuid';");
$db->next_record();
$name=$db->f("name");
if (!$name) {
$err->raise("ftp",_("This FTP account does not exist"));
return false;
}
$db->query("DELETE FROM ftpusers WHERE id='$id'");
return $name;
}
/* ----------------------------------------------------------------- */
/** Crée un nouveau compte FTP.
* @param string $prefixe Prefixe au login
* @param string $login Login ftp (login=prefixe_login)
* @param string $pass Mot de passe FTP
* @param string $dir Répertoire racine du compte relatif à la racine du membre
* @return boolean TRUE si le compte a été créé, FALSE sinon.
*
*/
function add_ftp($prefixe,$login,$pass,$dir) {
global $mem,$db,$err,$quota,$bro,$cuid,$admin;
$err->log("ftp","add_ftp",$prefixe."_".$login);
$dir=$bro->convertabsolute($dir);
if (substr($dir,0,1)=="/") {
$dir=substr($dir,1);
}
$r=$this->prefix_list();
if (empty($pass)) {
$err->raise("ftp",_("Password can't be empty"));
return false;
}
if (!in_array($prefixe,$r) || $prefixe=="") {
$err->raise("ftp",_("The chosen prefix is not allowed"));
return false;
}
$full_login=$prefixe;
if ($login) $full_login.="_".$login;
if ( !$this->check_login($full_login) ) return false;
$db->query("SELECT count(*) AS cnt FROM ftpusers WHERE name='".$full_login."'");
$db->next_record();
if ($db->f("cnt")) {
$err->raise("ftp",_("This FTP account already exists"));
return false;
}
$db->query("SELECT login FROM membres WHERE uid='$cuid';");
$db->next_record();
$absolute=getuserpath()."/$dir";
if (!file_exists($absolute)) {
system("/bin/mkdir -p $absolute"); // FIXME replace with action
}
if (!is_dir($absolute)) {
$err->raise("ftp",_("The directory cannot be created"));
return false;
return $obj;
}
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
if (!$admin->checkPolicy("ftp",$full_login,$pass)) {
return false; // The error has been raised by checkPolicy()
}
// Return the values needed to activate security access. See get_auth_class()
// in authip for more informations
function authip_class() {
$c = Array();
$c['name'] = "FTP";
$c['protocol'] = "ftp";
$c['values'] = Array();
$tt = $this->get_list();
if (empty($tt) || !is_array($tt)) {
return $c;
}
foreach ($this->get_list() as $v) {
$c['values'][$v['id']] = $v['login'];
}
return $c;
}
if ($quota->cancreate("ftp")) {
$encrypted_password = _md5cr($pass,strrev(microtime(true)));
$db->query("INSERT INTO ftpusers (name,password, encrypted_password,homedir,uid) VALUES ('".$full_login."', '', '$encrypted_password', '$absolute', '$cuid')");
return true;
} else {
$err->raise("ftp",_("Your FTP account quota is over. You cannot create more ftp accounts"));
return false;
// Switch enabled status of an account
function switch_enabled($id, $status = null) {
global $cuid, $db, $err;
if (!$jj = $this->get_ftp_details($id)) {
$err->raise('ftp', _("This account do not exist or is not of this account"));
return false;
}
if ($status == null) {
if ($jj[0]['enabled'] == true) {
$status = 0;
} else {
$status = 1;
}
}
// Be sure what is in $status, in case of it was a parameter
$status = ($status ? 'true' : 'false');
if (!$db->query("UPDATE ftpusers SET enabled = $status WHERE uid = '$cuid' AND id = '$id' ;")) {
$err->raise('ftp', _("Error during update"));
return false;
} else {
return true;
}
}
}
/* ----------------------------------------------------------------- */
/** Retourne TRUE si $dir possède un compte FTP
* @param string $dir Dossier à tester, relatif à la racine du compte courant
* @return boolean retourne TRUE si $dir à un compte FTP, FALSE sinon.
*/
function is_ftp($dir) {
global $mem,$db,$err;
$err->log("ftp","is_ftp",$dir);
if (substr($dir,0,1)=="/") $dir=substr($dir,1);
$db->query("SELECT id FROM ftpusers WHERE homedir='".getuserpath()."/$dir';");
if ($db->num_rows()) {
$db->next_record();
return $db->f("id");
} else {
return false;
/* ----------------------------------------------------------------- */
/** Retourne la liste des comptes FTP du compte h<EFBFBD>berg<EFBFBD>
* Retourne la liste des comptes FTP sous forme de tableau index<EFBFBD> de
* tableaus associatifs comme suit :
* $a["id"]= ID du compte ftp
* $a["login"]= Nom de login du compte
* $a["dir"]= Dossier relatif <EFBFBD> la racine du compte de l'utilisateur
* @return array Retourne le tableau des comptes
*/
function get_list() {
global $db, $err, $cuid;
$err->log("ftp", "get_list");
$r = array();
$db->query("SELECT id, name, homedir, enabled FROM ftpusers WHERE uid='$cuid' ORDER BY name;");
if ($db->num_rows()) {
while ($db->next_record()) {
$r[] = array(
"id" => $db->f("id"),
"login" => $db->f("name"),
"enabled" => $db->f("enabled"),
//"dir"=>$match[1]
"dir" => $db->f("homedir")
);
}
return $r;
} else {
$err->raise("ftp", _("No FTP account found"));
return array();
}
}
}
/* ----------------------------------------------------------------- */
/** Fonction appellée par domains quand un domaine est supprimé pour le membre
* @param string $dom Domaine à détruire.
* @access private
*/
function alternc_del_domain($dom) {
global $db,$err,$cuid;
$err->log("ftp","alternc_del_domain",$dom);
$db->query("DELETE FROM ftpusers WHERE uid='$cuid' AND ( name LIKE '$dom\_%' OR name LIKE '$dom') ");
return true;
}
/* ----------------------------------------------------------------- */
/* ----------------------------------------------------------------- */
/** Fonction appellée par membres quand un membre est effacé.
* @access private
*/
function alternc_del_member() {
global $db,$err,$cuid;
$err->log("ftp","alternc_del_member");
$db->query("DELETE FROM ftpusers WHERE uid='$cuid'");
return true;
}
/** Retourne les details d'un compte FTP (voir get_list)
* Le tableau est celui du compte d'id specifie
* @param integer $id Numero du compte dont on souhaite obtenir les d<EFBFBD>tails
* @return array Tableau associatif contenant les infos du comptes ftp
*/
function get_ftp_details($id) {
global $db, $err, $cuid;
$err->log("ftp", "get_ftp_details", $id);
$r = array();
$db->query("SELECT id, name, homedir, enabled FROM ftpusers WHERE uid='$cuid' AND id='$id';");
if ($db->num_rows()) {
$db->next_record();
/* ----------------------------------------------------------------- */
/**
* Returns the used quota for the $name service for the current user.
* @param $name string name of the quota
* @return integer the number of service used or false if an error occured
* @access private
*/
function hook_quota_get() {
global $db,$err,$cuid;
$err->log("ftp","getquota");
$q=Array("name"=>"ftp", "description"=>_("FTP accounts"), "used"=>0);
$db->query("SELECT COUNT(*) AS cnt FROM ftpusers WHERE uid='$cuid'");
if ($db->next_record()) {
$q['used']=$db->f("cnt");
$regexp = "/^" . preg_quote(getuserpath(), "/") . "\/(.*)$/";
$match = array();
preg_match($regexp, $db->f("homedir"), $match);
$lg = explode("_", $db->f("name"));
if ((!is_array($lg)) || (count($lg) != 2)) {
$lg[0] = $db->f("name");
$lg[1] = "";
}
$r[] = array(
"id" => $db->f("id"),
"prefixe" => $lg[0],
"login" => $lg[1],
"dir" => $match[1],
"enabled" => $db->f("enabled")
);
return $r;
} else {
$err->raise("ftp", _("This FTP account does not exist"));
return false;
}
}
return $q;
}
/* ----------------------------------------------------------------- */
/* ----------------------------------------------------------------- */
/**
* Exporte toutes les informations ftp du compte AlternC
* @access private
* EXPERIMENTAL 'sid' function ;)
*/
function alternc_export_conf() {
global $db,$err;
$err->log("ftp","export");
$f=$this->get_list();
$str=" <ftp>";
foreach ($f as $d=>$v) {
$str.=" <login>".($v["login"])."</login>\n";
$str.=" <password>".($v["encrypted_password"])."</password>\n";
$str.=" <directory>".($v["dir"])."<directory>\n";
/** Retourne la liste des prefixes utilisables par le compte courant
* @return array tableau contenant la liste des prefixes (domaines + login)
* du compte actuel.
*/
function prefix_list() {
global $db, $mem, $cuid;
$r = array();
$r[] = $mem->user["login"];
$db->query("SELECT domaine FROM domaines WHERE compte='$cuid' ORDER BY domaine;");
while ($db->next_record()) {
$r[] = $db->f("domaine");
}
return $r;
}
$str.=" </ftp>\n";
return $str;
}
/**
* Check if the login is fine (syntax)
*
* @param string $l
*/
function check_login($l) {
global $err;
/* ----------------------------------------------------------------- */
/** hook function called by AlternC-upnp to know which open
* tcp or udp ports this class requires or suggests
* @return array a key => value list of port protocol name mandatory values
* @access private
*/
function hook_upnp_list() {
return array(
"ftp" => array("port" => 21, "protocol" => "tcp", "mandatory" => 1),
);
}
} /* Class m_ftp */
// special chars and the max numbers of them allowed
// to be able to give a specific error
$vv = array('_' => '1', ' ' => 0);
foreach ($vv as $k => $n) {
if (substr_count($l, $k) > $n) { // if there is more than $n $k
$err->raise('ftp', sprintf(_("FTP login is incorrect: too many '%s'"), $k));
return false;
}
}
// Explicitly look for only allowed chars
if (!preg_match("/^[A-Za-z0-9]+[A-Za-z0-9_\.\-]*$/", $l)) {
$err->raise('ftp', _("FTP login is incorrect"));
return false;
}
return true;
}
/* ----------------------------------------------------------------- */
/** Affiche (ECHO) la liste des prefixes disponibles sous forme de champs d'option
* Les champs sont affich<EFBFBD>s sous la forme <option>prefixe</option>...
* La valeur $current se voit affubl<EFBFBD>e de la balise SELECTED.
* @param string $current Prefixe s<EFBFBD>lectionn<EFBFBD> par d<EFBFBD>faut
* @return boolean TRUE.
*/
function select_prefix_list($current) {
$r = $this->prefix_list();
reset($r);
while (list($key, $val) = each($r)) {
if ($current == $val) {
$c = " selected=\"selected\"";
} else {
$c = "";
}
echo "<option$c>$val</option>";
}
return true;
}
/* ----------------------------------------------------------------- */
/** Modifie les param<EFBFBD>tres du comptes FTP $id.
* @param integer $id Num<EFBFBD>ro du compte dont on veut modifier les param<EFBFBD>tres
* @param string $prefixe Prefixe du compte FTP
* @param string $login login ajout<EFBFBD> au pr<EFBFBD>fixe ($prefixe_$login)
* @param string $pass mot de passe
* @param string $dir R<EFBFBD>pertoire racine du compte
* @return boolean TRUE si le compte a <EFBFBD>t<EFBFBD> modifi<EFBFBD>, FALSE si une erreur est survenue.
*/
function put_ftp_details($id, $prefixe, $login, $pass, $dir) {
global $db, $err, $bro, $cuid, $admin;
$err->log("ftp", "put_ftp_details", $id);
$db->query("SELECT count(*) AS cnt FROM ftpusers WHERE id='$id' and uid='$cuid';");
$db->next_record();
if (!$db->f("cnt")) {
$err->raise("ftp", _("This FTP account does not exist"));
return false;
}
$dir = $bro->convertabsolute($dir);
if (substr($dir, 0, 1) == "/") {
$dir = substr($dir, 1);
}
$r = $this->prefix_list();
if (!in_array($prefixe, $r)) {
$err->raise("ftp", _("The chosen prefix is not allowed"));
return false;
}
$full_login = $prefixe;
if ($login) {
$full_login.="_" . $login;
}
if (!$this->check_login($full_login)) {
return false;
}
$db->query("SELECT COUNT(*) AS cnt FROM ftpusers WHERE id!='$id' AND name='$full_login';");
$db->next_record();
if ($db->f("cnt")) {
$err->raise("ftp", _("This FTP account already exists"));
return false;
}
$absolute = getuserpath() . "/$dir";
if (!file_exists($absolute)) {
system("/bin/mkdir -p $absolute");
}
if (!is_dir($absolute)) {
$err->raise("ftp", _("The directory cannot be created"));
return false;
}
if (trim($pass)) {
// Check this password against the password policy using common API :
if (is_callable(array($admin, "checkPolicy"))) {
if (!$admin->checkPolicy("ftp", $full_login, $pass)) {
return false; // The error has been raised by checkPolicy()
}
}
$encrypted_password = _md5cr($pass, strrev(microtime(true)));
$db->query("UPDATE ftpusers SET name='" . $full_login . "', password='', encrypted_password='$encrypted_password', homedir='$absolute', uid='$cuid' WHERE id='$id';");
} else {
$db->query("UPDATE ftpusers SET name='" . $full_login . "', homedir='$absolute', uid='$cuid' WHERE id='$id';");
}
return true;
}
/* ----------------------------------------------------------------- */
/** Efface le compte ftp specifie
* @param integer $id Numero du compte FTP a supprimer.
* @return boolean TRUE si le compte a ete efface, FALSE sinon.
*/
function delete_ftp($id) {
global $db, $err, $cuid;
$err->log("ftp", "delete_ftp", $id);
$db->query("SELECT name FROM ftpusers WHERE id='$id' and uid='$cuid';");
$db->next_record();
$name = $db->f("name");
if (!$name) {
$err->raise("ftp", _("This FTP account does not exist"));
return false;
}
$db->query("DELETE FROM ftpusers WHERE id='$id'");
return $name;
}
/* ----------------------------------------------------------------- */
/** Cree un nouveau compte FTP.
* @param string $prefixe Prefixe au login
* @param string $login Login ftp (login=prefixe_login)
* @param string $pass Mot de passe FTP
* @param string $dir Repertoire racine du compte relatif à la racine du membre
* @return boolean TRUE si le compte a ete cree, FALSE sinon.
*
*/
function add_ftp($prefixe, $login, $pass, $dir) {
global $db, $err, $quota, $bro, $cuid, $admin;
$err->log("ftp", "add_ftp", $prefixe . "_" . $login);
$dir = $bro->convertabsolute($dir);
if (substr($dir, 0, 1) == "/") {
$dir = substr($dir, 1);
}
$r = $this->prefix_list();
if (empty($pass)) {
$err->raise("ftp", _("Password can't be empty"));
return false;
}
if (!in_array($prefixe, $r) || $prefixe == "") {
$err->raise("ftp", _("The chosen prefix is not allowed"));
return false;
}
$full_login = $prefixe;
if ($login) {
$full_login.="_" . $login;
}
if (!$this->check_login($full_login)) {
return false;
}
$db->query("SELECT count(*) AS cnt FROM ftpusers WHERE name='" . $full_login . "'");
$db->next_record();
if ($db->f("cnt")) {
$err->raise("ftp", _("This FTP account already exists"));
return false;
}
$db->query("SELECT login FROM membres WHERE uid='$cuid';");
$db->next_record();
$absolute = getuserpath() . "/$dir";
if (!file_exists($absolute)) {
system("/bin/mkdir -p $absolute"); // FIXME replace with action
}
if (!is_dir($absolute)) {
$err->raise("ftp", _("The directory cannot be created"));
return false;
}
// Check this password against the password policy using common API :
if (is_callable(array($admin, "checkPolicy"))) {
if (!$admin->checkPolicy("ftp", $full_login, $pass)) {
return false; // The error has been raised by checkPolicy()
}
}
if ($quota->cancreate("ftp")) {
$encrypted_password = _md5cr($pass, strrev(microtime(true)));
$db->query("INSERT INTO ftpusers (name,password, encrypted_password,homedir,uid) VALUES ('" . $full_login . "', '', '$encrypted_password', '$absolute', '$cuid')");
return true;
} else {
$err->raise("ftp", _("Your FTP account quota is over. You cannot create more ftp accounts"));
return false;
}
}
/* ----------------------------------------------------------------- */
/** Retourne TRUE si $dir possee un compte FTP
* @param string $dir Dossier a tester, relatif a la racine du compte courant
* @return boolean retourne TRUE si $dir a un compte FTP, FALSE sinon.
*/
function is_ftp($dir) {
global $db, $err;
$err->log("ftp", "is_ftp", $dir);
if (substr($dir, 0, 1) == "/") {
$dir = substr($dir, 1);
}
$db->query("SELECT id FROM ftpusers WHERE homedir='" . getuserpath() . "/$dir';");
if ($db->num_rows()) {
$db->next_record();
return $db->f("id");
} else {
return false;
}
}
/* ----------------------------------------------------------------- */
/** Fonction appellee par domains quand un domaine est supprime pour le membre
* @param string $dom Domaine à detruire.
* @access private
*/
function alternc_del_domain($dom) {
global $db, $err, $cuid;
$err->log("ftp", "alternc_del_domain", $dom);
$db->query("DELETE FROM ftpusers WHERE uid='$cuid' AND ( name LIKE '$dom\_%' OR name LIKE '$dom') ");
return true;
}
/* ----------------------------------------------------------------- */
/** Fonction appellee par membres quand un membre est efface
* @access private
*/
function alternc_del_member() {
global $db, $err, $cuid;
$err->log("ftp", "alternc_del_member");
$db->query("DELETE FROM ftpusers WHERE uid='$cuid'");
return true;
}
/* ----------------------------------------------------------------- */
/**
* Returns the used quota for the $name service for the current user.
* @param $name string name of the quota
* @return integer the number of service used or false if an error occured
* @access private
*/
function hook_quota_get() {
global $db, $err, $cuid;
$err->log("ftp", "getquota");
$q = Array("name" => "ftp", "description" => _("FTP accounts"), "used" => 0);
$db->query("SELECT COUNT(*) AS cnt FROM ftpusers WHERE uid='$cuid'");
if ($db->next_record()) {
$q['used'] = $db->f("cnt");
}
return $q;
}
/* ----------------------------------------------------------------- */
/**
* Exporte toutes les informations ftp du compte AlternC
* @access private
* EXPERIMENTAL 'sid' function ;)
*/
function alternc_export_conf() {
global $db, $err;
$err->log("ftp", "export");
$f = $this->get_list();
$str = " <ftp>";
foreach ($f as $d => $v) {
$str.=" <login>" . ($v["login"]) . "</login>\n";
$str.=" <password>" . ($v["encrypted_password"]) . "</password>\n";
$str.=" <directory>" . ($v["dir"]) . "<directory>\n";
}
$str.=" </ftp>\n";
return $str;
}
/* ----------------------------------------------------------------- */
/** hook function called by AlternC-upnp to know which open
* tcp or udp ports this class requires or suggests
* @return array a key => value list of port protocol name mandatory values
* @access private
*/
function hook_upnp_list() {
return array(
"ftp" => array("port" => 21, "protocol" => "tcp", "mandatory" => 1),
);
}
}
/* Class m_ftp */

162
bureau/class/m_hooks.php
View File

@ -1,4 +1,5 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
@ -21,7 +22,7 @@
----------------------------------------------------------------------
Purpose of file: Manage hook system.
----------------------------------------------------------------------
*/
*/
/**
* This class manage hooks.
@ -29,91 +30,96 @@
* @copyright AlternC-Team 2002-2005 http://alternc.org/
*/
class m_hooks {
/* --------------------------------------------------------------------------- */
/*---------------------------------------------------------------------------*/
/** Constructor
* hooks([$mid]) Constructeur de la classe hooks, ne fait rien pour le moment
*/
function m_hooks() {
}
/*---------------------------------------------------------------------------*/
/**
* invoke() permet de lancer une fonction donné en parametre dans toute les classes
* connues de alternc, avec les parametres donnés.
* @param string $hname nom de la fonction "hooks" que l'on cherche dans les classes
* @param array $hparam tableau contenant les parametres
* @param array|string $hclass tableau contenant les classes spécifique qu'on veux appeler (si on veux pas TOUTE les appeler)
* @return array with the return of each classes
*/
function invoke($hname, $hparam = array(), $hclass = null) {
// Si $hclass est defini, on veut appeler le hooks QUE pour UNE
// classe et pas pour toute.
if (is_null($hclass)) {
global $classes;
} else {
if (is_array($hclass)) {
$classes = $hclass;
} else {
$classes = array($hclass);
}
/** Constructor
* hooks([$mid]) Constructeur de la classe hooks, ne fait rien pour le moment
*/
function m_hooks() {
}
// On parcourt les classes, si la fonction qu'on cherche
// existe on l'execute et on rajoute ce qu'elle a retourné dans
// un tableau
$val = array();
foreach ($classes as $c) {
global $$c;
if ( method_exists($$c, $hname) ) {
//$val[$$c]=call_user_func_array(array($$c,$hname), $hparam);
$val[$c]=call_user_func_array(array($$c,$hname), $hparam);
}
}
/* --------------------------------------------------------------------------- */
// On retourne le tout
return $val;
}
/**
* invoke() permet de lancer une fonction donné en parametre dans toute les classes
* connues de alternc, avec les parametres donnés.
* @param string $hname nom de la fonction "hooks" que l'on cherche dans les classes
* @param array $hparam tableau contenant les parametres
* @param array|string $hclass tableau contenant les classes spécifique qu'on veux appeler (si on veux pas TOUTE les appeler)
* @return array with the return of each classes
*/
function invoke($hname, $hparam = array(), $hclass = null) {
/*---------------------------------------------------------------------------*/
/**
* invoke each executable script of the directory (or the specified script)
* @param string $scripts a script or a directory
* @param array $parameters parameters for the scripts
* @return boolean TRUE
*/
function invoke_scripts($scripts, $parameters=array()) {
// First, build the list of script we want to launch
$to_launch=array();
if (is_file($scripts)) {
if (is_executable($scripts)) {
$to_launch[]=$scripts;
}
} else if (is_dir($scripts)) {
foreach ( scandir($scripts) as $ccc ) {
if (is_file($ccc) && is_executable($ccc)) {
$to_launch[]=$ccc;
// Si $hclass est defini, on veut appeler le hooks QUE pour UNE
// classe et pas pour toute.
if (is_null($hclass)) {
global $classes;
} else {
if (is_array($hclass)) {
$classes = $hclass;
} else {
$classes = array($hclass);
}
}
}
} else {
// not a file nor a directory
return false;
}
// Protect each parameters
$parameters = array_map('escapeshellarg', $parameters);
$params = implode(" ", $parameters);
// Launch !
foreach($to_launch as $fi) {
system($fi." ".$params);
// On parcourt les classes, si la fonction qu'on cherche
// existe on l'execute et on rajoute ce qu'elle a retourné dans
// un tableau
$val = array();
foreach ($classes as $c) {
global $$c;
if (method_exists($$c, $hname)) {
//$val[$$c]=call_user_func_array(array($$c,$hname), $hparam);
$val[$c] = call_user_func_array(array($$c, $hname), $hparam);
}
}
// On retourne le tout
return $val;
}
// TODO: return something more interesting than true
return true;
}
/* --------------------------------------------------------------------------- */
} /* Class hooks */
/**
* invoke each executable script of the directory (or the specified script)
* @param string $scripts a script or a directory
* @param array $parameters parameters for the scripts
* @return boolean TRUE
*/
function invoke_scripts($scripts, $parameters = array()) {
// First, build the list of script we want to launch
$to_launch = array();
if (is_file($scripts)) {
if (is_executable($scripts)) {
$to_launch[] = $scripts;
}
} else if (is_dir($scripts)) {
foreach (scandir($scripts) as $ccc) {
if (is_file($ccc) && is_executable($ccc)) {
$to_launch[] = $ccc;
}
}
} else {
// not a file nor a directory
return false;
}
// Protect each parameters
$parameters = array_map('escapeshellarg', $parameters);
$params = implode(" ", $parameters);
// Launch !
foreach ($to_launch as $fi) {
system($fi . " " . $params);
}
// TODO: return something more interesting than true
return true;
}
}
/* Class hooks */

853
bureau/class/m_hta.php
View File

@ -1,482 +1,463 @@
<?php
/*
$Id: m_hta.php,v 1.5 2004/11/29 17:15:37 anonymous Exp $
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
Based on:
Valentin Lacambre's web hosting softwares: http://altern.org/
----------------------------------------------------------------------
LICENSE
$Id: m_hta.php,v 1.5 2004/11/29 17:15:37 anonymous Exp $
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
Based on:
Valentin Lacambre's web hosting softwares: http://altern.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file:
Purpose of file:
----------------------------------------------------------------------
*/
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file:
Purpose of file:
----------------------------------------------------------------------
*/
/**
* This class handle folder web restricted access through .htaccess/.htpassword
* files.
*
* Copyleft {@link http://alternc.net/ AlternC Team}
*
* @copyright AlternC-Team 2002-11-01 http://alternc.org/
*
*/
* This class handle folder web restricted access through .htaccess/.htpassword
* files.
*
* Copyleft {@link http://alternc.net/ AlternC Team}
*
* @copyright AlternC-Team 2002-11-01 http://alternc.org/
*
*/
class m_hta {
/**
* Constructor
*/
function m_webaccess() {
}
/**
* Password kind used in this class (hook for admin class)
*
* @return array
*/
function alternc_password_policy() {
return array("hta"=>"Protected folders passwords");
}
/**
*
* @return array
*/
function hook_menu() {
$obj = array(
'title' => _("Protected folders"),
'ico' => 'images/password.png',
'link' => 'hta_list.php',
'pos' => 50,
) ;
return $obj;
}
/**
* Constructor
*/
function m_webaccess() {
}
/**
* Create a protected folder (.htaccess et .htpasswd)
* @param string $dir Folder to protect (relative to user root)
* @return boolean TRUE if the folder has been protected, or FALSE if an error occurred
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir
* @return boolean
*/
function CreateDir($dir) {
global $mem,$bro,$err;
$err->log("hta","createdir",$dir);
$absolute = $bro->convertabsolute($dir,0);
if (!$absolute) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
* Password kind used in this class (hook for admin class)
*
* @return array
*/
function alternc_password_policy() {
return array("hta" => "Protected folders passwords");
}
if (!file_exists($absolute)) {
@mkdir($absolute,00777);
}
if (!file_exists("$absolute/.htaccess")) {
if (!@touch("$absolute/.htaccess")) {
$err->raise("hta",_("File already exist"));
return false;
}
$file = @fopen("$absolute/.htaccess","r+");
if (!$file) {
$err->raise("hta",_("File already exist"));
return false;
}
fseek($file,0);
$param = "AuthUserFile \"$absolute/.htpasswd\"\nAuthName \""._("Restricted area")."\"\nAuthType Basic\nrequire valid-user\n";
fwrite($file, $param);
fclose($file);
}
if (!file_exists("$absolute/.htpasswd")) {
if (!touch("$absolute/.htpasswd")) {
$err->raise("hta",_("File already exist"));
return false;
}
return true;
}
return true;
}
/**
* Returns the list of all user folder currently protected by a .htpasswd file
*
* @global m_err $err
* @global m_mem $mem
* @return array Array containing user folder list
*/
function ListDir(){
global$err,$mem;
$err->log("hta","listdir");
$sortie = array();
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
exec("find ".escapeshellarg($absolute)." -name .htpasswd|sort",$sortie);
if(!count($sortie)){
$err->raise("hta",_("No protected folder"));
return false;
*
* @return array
*/
function hook_menu() {
$obj = array(
'title' => _("Protected folders"),
'ico' => 'images/password.png',
'link' => 'hta_list.php',
'pos' => 50,
);
return $obj;
}
$pattern = "/^".preg_quote(ALTERNC_HTML,"/")."\/.\/[^\/]*\/(.*)\/\.htpasswd/";
$r = array();
for($i = 0;$i<count($sortie);$i++){
preg_match($pattern,$sortie[$i],$matches);
$tmpm = isset($matches[1])?'/'.$matches[1]:'';
$r[$i] = $tmpm."/";
}
return $r;
}
/**
* Tells if a folder is protected.
*
* @global m_mem $mem
* @global m_err $err
* @param string $dir Folder to check
* @return boolean If the folder is protected, or FALSE if it is not
*/
function is_protected($dir){
global $mem,$err;
$err->log("hta","is_protected",$dir);
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
if (file_exists("$absolute/.htpasswd")){
return true;
} else {
return false;
* Create a protected folder (.htaccess et .htpasswd)
* @param string $dir Folder to protect (relative to user root)
* @return boolean TRUE if the folder has been protected, or FALSE if an error occurred
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir
* @return boolean
*/
function CreateDir($dir) {
global $bro, $err;
$err->log("hta", "createdir", $dir);
$absolute = $bro->convertabsolute($dir, 0);
if (!$absolute) {
$err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
return false;
}
if (!file_exists($absolute)) {
@mkdir($absolute, 00777);
}
if (!file_exists("$absolute/.htaccess")) {
if (!@touch("$absolute/.htaccess")) {
$err->raise("hta", _("File already exist"));
return false;
}
$file = @fopen("$absolute/.htaccess", "r+");
if (!$file) {
$err->raise("hta", _("File already exist"));
return false;
}
fseek($file, 0);
$param = "AuthUserFile \"$absolute/.htpasswd\"\nAuthName \"" . _("Restricted area") . "\"\nAuthType Basic\nrequire valid-user\n";
fwrite($file, $param);
fclose($file);
}
if (!file_exists("$absolute/.htpasswd")) {
if (!touch("$absolute/.htpasswd")) {
$err->raise("hta", _("File already exist"));
return false;
}
return true;
}
return true;
}
}
/**
* Returns the list of login for a protected folder.
*
* @global m_mem $mem
* @global m_err $err
* @param string $dir The folder to lookup (relative to user root)
* @return array An array containing the list of logins from the .htpasswd file, or FALSE
*/
function get_hta_detail($dir) {
global $mem,$err;
$err->log("hta","get_hta_detail");
$absolute = ALTERNC_HTML."/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
if (file_exists("$absolute/.htaccess")) {
/* if (!_reading_htaccess($absolute)) {
return false;
}
*/ }
$file = @fopen("$absolute/.htpasswd","r");
$i = 0;
$res = array();
if (!$file) {
return false;
}
// TODO: Tester la validité du .htpasswd
while (!feof($file)) {
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]!=$s) {
$res[$i] = $t[0];
$i = $i+1;
}
}
fclose($file);
return $res;
}
* Returns the list of all user folder currently protected by a .htpasswd file
*
* @global m_err $err
* @global m_mem $mem
* @return array Array containing user folder list
*/
function ListDir() {
global$err, $mem;
$err->log("hta", "listdir");
$sortie = array();
$absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"];
exec("find " . escapeshellarg($absolute) . " -name .htpasswd|sort", $sortie);
if (!count($sortie)) {
$err->raise("hta", _("No protected folder"));
return false;
}
$pattern = "/^" . preg_quote(ALTERNC_HTML, "/") . "\/.\/[^\/]*\/(.*)\/\.htpasswd/";
$r = array();
for ($i = 0; $i < count($sortie); $i++) {
$matches = array();
preg_match($pattern, $sortie[$i], $matches);
$tmpm = isset($matches[1]) ? '/' . $matches[1] : '';
$r[$i] = $tmpm . "/";
}
return $r;
}
/**
* Unprotect a folder
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir Folder to unprotect, relative to user root
* @param boolean $skip For testing purpose mainly, skips the full user path search
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
*/
function DelDir($dir,$skip = false) {
global $mem,$bro,$err;
$err->log("hta","deldir",$dir);
$dir = $bro->convertabsolute($dir,$skip);
if (!$dir) {
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
return false;
* Tells if a folder is protected.
*
* @global m_mem $mem
* @global m_err $err
* @param string $dir Folder to check
* @return boolean If the folder is protected, or FALSE if it is not
*/
function is_protected($dir) {
global $mem, $err;
$err->log("hta", "is_protected", $dir);
$absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
if (file_exists("$absolute/.htpasswd")) {
return true;
} else {
return false;
}
}
$htaccess_file = "$dir/.htaccess";
if( !is_readable($htaccess_file)){
$err->raise("hta",printf(_("I cannot read the file '%s'"),$htaccess_file));
}
$fileLines = file($htaccess_file);
$patternList = array(
"AuthUserFile.*$",
"AuthName.*$",
"AuthType Basic.*$",
"require valid-user.*$"
);
$count_lines = 0;
foreach($fileLines as $key => $line){
foreach ($patternList as $pattern) {
if(preg_match("/".$pattern."/", $line)){
$count_lines++;
unset($fileLines[$key]);
/**
* Returns the list of login for a protected folder.
*
* @global m_mem $mem
* @global m_err $err
* @param string $dir The folder to lookup (relative to user root)
* @return array An array containing the list of logins from the .htpasswd file, or FALSE
*/
function get_hta_detail($dir) {
global $mem, $err;
$err->log("hta", "get_hta_detail");
$absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
if (file_exists("$absolute/.htaccess")) {
/* if (!_reading_htaccess($absolute)) {
return false;
}
*/
}
$file = @fopen("$absolute/.htpasswd", "r");
$i = 0;
$res = array();
if (!$file) {
return false;
}
// TODO: Tester la validité du .htpasswd
while (!feof($file)) {
$s = fgets($file, 1024);
$t = explode(":", $s);
if ($t[0] != $s) {
$res[$i] = $t[0];
$i = $i + 1;
}
}
fclose($file);
return $res;
}
// If no changes
if( ! $count_lines ){
$err->raise("hta",printf(_("Unexpected: No changes made to '%s'"),$htaccess_file));
}
// If file is empty, remove it
if( !count($fileLines)){
if( ! unlink( $htaccess_file)){
$err->raise("hta",printf(_("I could not delete the file '%s'"),$htaccess_file));
/**
* Unprotect a folder
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @param string $dir Folder to unprotect, relative to user root
* @param boolean $skip For testing purpose mainly, skips the full user path search
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
*/
function DelDir($dir, $skip = false) {
global $bro, $err;
$err->log("hta", "deldir", $dir);
$dir = $bro->convertabsolute($dir, $skip);
if (!$dir) {
$err->raise("hta", printf(("The folder '%s' does not exist"), $dir));
return false;
}
$htaccess_file = "$dir/.htaccess";
if (!is_readable($htaccess_file)) {
$err->raise("hta", printf(_("I cannot read the file '%s'"), $htaccess_file));
}
$fileLines = file($htaccess_file);
$patternList = array(
"AuthUserFile.*$",
"AuthName.*$",
"AuthType Basic.*$",
"require valid-user.*$"
);
$count_lines = 0;
foreach ($fileLines as $key => $line) {
foreach ($patternList as $pattern) {
if (preg_match("/" . $pattern . "/", $line)) {
$count_lines++;
unset($fileLines[$key]);
}
}
}
// If no changes
if (!$count_lines) {
$err->raise("hta", printf(_("Unexpected: No changes made to '%s'"), $htaccess_file));
}
// If file is empty, remove it
if (!count($fileLines)) {
if (!unlink($htaccess_file)) {
$err->raise("hta", printf(_("I could not delete the file '%s'"), $htaccess_file));
}
} else {
file_put_contents($htaccess_file, implode("\n", $fileLines));
}
$htpasswd_file = "$dir/.htpasswd";
if (!is_writable($htpasswd_file)) {
$err->raise("hta", printf(_("I cannot read the file '%s'"), $htpasswd_file));
} else if (!unlink($htpasswd_file)) {
$err->raise("hta", printf(_("I cannot delete the file '%s/.htpasswd'"), $dir));
return false;
}
}else{
file_put_contents($htaccess_file, implode("\n",$fileLines));
}
$htpasswd_file = "$dir/.htpasswd";
if( ! is_writable($htpasswd_file)){
$err->raise("hta",printf(_("I cannot read the file '%s'"),$htpasswd_file));
}
else if ( ! unlink($htpasswd_file)) {
$err->raise("hta",printf(_("I cannot delete the file '%s/.htpasswd'"),$dir));
return false;
}
return true;
}
return true;
}
/**
* Add a user to a protected folder
*
* @global m_err $err
* @global m_bro $bro
* @global m_admin $admin
* @param string $user
* @param string $password
* @param string $dir
* @param string $password The password to add (cleartext)
* @param string $dir The folder we add it to (relative to user root).
* @return boolean TRUE if the user has been added, or FALSE if an error occurred
*/
function add_user($user,$password,$dir) {
global $err, $bro, $admin;
$err->log("hta","add_user",$user."/".$dir);
if (empty($user)) {
$err->raise('hta',_("Please enter a user"));
return false;
}
if (empty($password)) {
$err->raise('hta',_("Please enter a password"));
return false;
}
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
return false;
}
// @todo delete cf!. functions.php checkloginemail definition
if (checkloginmail($user)){
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
if (!$admin->checkPolicy("hta",$user,$password)) {
return false; // The error has been raised by checkPolicy()
}
}
* Add a user to a protected folder
*
* @global m_err $err
* @global m_bro $bro
* @global m_admin $admin
* @param string $user
* @param string $password
* @param string $dir
* @param string $password The password to add (cleartext)
* @param string $dir The folder we add it to (relative to user root).
* @return boolean TRUE if the user has been added, or FALSE if an error occurred
*/
function add_user($user, $password, $dir) {
global $err, $bro, $admin;
$err->log("hta", "add_user", $user . "/" . $dir);
if (empty($user)) {
$err->raise('hta', _("Please enter a user"));
return false;
}
if (empty($password)) {
$err->raise('hta', _("Please enter a password"));
return false;
}
$absolute = $bro->convertabsolute($dir, 0);
if (!file_exists($absolute)) {
$err->raise("hta", printf(("The folder '%s' does not exist"), $dir));
return false;
}
// @todo delete cf!. functions.php checkloginemail definition
if (checkloginmail($user)) {
// Check this password against the password policy using common API :
if (is_callable(array($admin, "checkPolicy"))) {
if (!$admin->checkPolicy("hta", $user, $password)) {
return false; // The error has been raised by checkPolicy()
}
}
$file = @fopen("$absolute/.htpasswd","a+");
if (!$file) {
$err->raise("hta",_("File already exist"));
return false;
}
fseek($file,0);
while (!feof($file)) {
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]==$user) {
$err->raise("hta",_("The user '%s' already exist for this folder"),$user);
return false;
}
}
fseek($file,SEEK_END);
if ( empty($t[1]) || substr($t[1],-1)!="\n") {
fwrite($file,"\n");
}
fwrite($file, "$user:"._md5cr($password)."\n");
fclose($file);
return true;
} else {
$err->raise("hta",_("Please enter a valid username"));
return false;
$file = @fopen("$absolute/.htpasswd", "a+");
if (!$file) {
$err->raise("hta", _("File already exist"));
return false;
}
fseek($file, 0);
while (!feof($file)) {
$s = fgets($file, 1024);
$t = explode(":", $s);
if ($t[0] == $user) {
$err->raise("hta", _("The user '%s' already exist for this folder"), $user);
return false;
}
}
fseek($file, SEEK_END);
if (empty($t[1]) || substr($t[1], -1) != "\n") {
fwrite($file, "\n");
}
fwrite($file, "$user:" . _md5cr($password) . "\n");
fclose($file);
return true;
} else {
$err->raise("hta", _("Please enter a valid username"));
return false;
}
}
}
/**
*/
/**
* Delete a user from a protected folder.
*
* @global m_bro $bro
* @global m_err $err
* @param array $lst An array with login to delete.
* @param string $dir The folder, relative to user root, where we want to delete users.
* @return boolean TRUE if users has been deleted, or FALSE if an error occurred.
*/
function del_user($lst,$dir) {
global $bro,$err;
$err->log("hta","del_user",$lst."/".$dir);
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
* Delete a user from a protected folder.
*
* @global m_bro $bro
* @global m_err $err
* @param array $lst An array with login to delete.
* @param string $dir The folder, relative to user root, where we want to delete users.
* @return boolean TRUE if users has been deleted, or FALSE if an error occurred.
*/
function del_user($lst, $dir) {
global $bro, $err;
$err->log("hta", "del_user", $lst . "/" . $dir);
$absolute = $bro->convertabsolute($dir, 0);
if (!file_exists($absolute)) {
$err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
return false;
}
touch("$absolute/.htpasswd.new");
$file = fopen("$absolute/.htpasswd", "r");
$newf = fopen("$absolute/.htpasswd.new", "a");
if (!$file || !$newf) {
$err->raise("hta", _("File already exist"));
return false;
}
reset($lst);
fseek($file, 0);
while (!feof($file)) {
$s = fgets($file, 1024);
$t = explode(":", $s);
if (!in_array($t[0], $lst) && ($t[0] != "\n")) {
fseek($newf, 0);
fwrite($newf, "$s");
}
}
fclose($file);
fclose($newf);
unlink("$absolute/.htpasswd");
rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
return true;
}
touch("$absolute/.htpasswd.new");
$file = fopen("$absolute/.htpasswd","r");
$newf = fopen("$absolute/.htpasswd.new","a");
if (!$file || !$newf) {
$err->raise("hta",_("File already exist"));
return false;
}
reset($lst);
fseek($file,0);
while (!feof($file)) {
$s = fgets($file,1024);
$t = explode(":",$s);
if (!in_array($t[0],$lst) && ($t[0]!="\n")) {
fseek($newf,0);
fwrite($newf, "$s");
}
}
fclose($file);
fclose($newf);
unlink("$absolute/.htpasswd");
rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
return true;
}
/**
* @param string $user The users whose password should be changed
* @param string $newpass The new password of this user
* @param string $dir The folder, relative to user root, in which we will change a password
* @return boolean TRUE if the password has been changed, or FALSE if an error occurred
*/
/**
* Change the password of a user in a protected folder
*
* @global m_bro $bro
* @global m_err $err
* @global m_admin $admin
* @param string $user
* @param string $newpass
* @param string $dir
* @return boolean
*/
function change_pass($user,$newpass,$dir) {
global $bro,$err,$admin;
$err->log("hta","change_pass",$user."/".$dir);
$absolute = $bro->convertabsolute($dir,0);
if (!file_exists($absolute)) {
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
return false;
}
* Change the password of a user in a protected folder
* @param string $user The users whose password should be changed
* @param string $newpass The new password of this user
* @param string $dir The folder, relative to user root, in which we will change a password
* @return boolean TRUE if the password has been changed, or FALSE if an error occurred
*/
function change_pass($user, $newpass, $dir) {
global $bro, $err, $admin;
$err->log("hta", "change_pass", $user . "/" . $dir);
$absolute = $bro->convertabsolute($dir, 0);
if (!file_exists($absolute)) {
$err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
return false;
}
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
if (!$admin->checkPolicy("hta",$user,$newpass)) {
return false; // The error has been raised by checkPolicy()
}
}
// Check this password against the password policy using common API :
if (is_callable(array($admin, "checkPolicy"))) {
if (!$admin->checkPolicy("hta", $user, $newpass)) {
return false; // The error has been raised by checkPolicy()
}
}
touch("$absolute/.htpasswd.new");
$file = fopen("$absolute/.htpasswd","r");
$newf = fopen("$absolute/.htpasswd.new","a");
if (!$file || !$newf) {
$err->raise("hta",_("File already exist"));
return false;
touch("$absolute/.htpasswd.new");
$file = fopen("$absolute/.htpasswd", "r");
$newf = fopen("$absolute/.htpasswd.new", "a");
if (!$file || !$newf) {
$err->raise("hta", _("File already exist"));
return false;
}
while (!feof($file)) {
$s = fgets($file, 1024);
$t = explode(":", $s);
if ($t[0] != $user) {
fwrite($newf, "$s");
}
}
fwrite($newf, "$user:" . _md5cr($newpass) . "\n");
fclose($file);
fclose($newf);
unlink("$absolute/.htpasswd");
rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
return true;
}
while (!feof($file)) {
$s = fgets($file,1024);
$t = explode(":",$s);
if ($t[0]!=$user) {
fwrite($newf, "$s");
}
}
fwrite($newf, "$user:"._md5cr($newpass)."\n");
fclose($file);
fclose($newf);
unlink("$absolute/.htpasswd");
rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
return true;
}
/**
* Check that a .htaccess file is valid (for authentication)
*
* @global m_err $err
* @param type $absolute
* @param string $absolute Folder we want to check (relative to user root)
* @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else
*/
private function _reading_htaccess($absolute) {
global $err;
$err->log("hta","_reading_htaccess",$absolute);
$file = fopen("$absolute/.htaccess","r+");
$lignes = array(1,1,1);
$errr = 0;
if (!$file) {
return false;
* Check that a .htaccess file is valid (for authentication)
*
* @global m_err $err
* @param type $absolute
* @param string $absolute Folder we want to check (relative to user root)
* @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else
*/
private function _reading_htaccess($absolute) {
global $err;
$err->log("hta", "_reading_htaccess", $absolute);
$file = fopen("$absolute/.htaccess", "r+");
$lignes = array(1, 1, 1);
$errr = 0;
if (!$file) {
return false;
}
while (!feof($file) && !$errr) {
$s = fgets($file, 1024);
if (substr($s, 0, 12) != "RewriteCond " && substr($s, 0, 14) != "ErrorDocument " && substr($s, 0, 12) != "RewriteRule " && substr($s, 0, 14) != "RewriteEngine " && trim($s) != "") {
$errr = 1;
}
if (strtolower(trim($s)) == strtolower("authuserfile $absolute/.htpasswd")) {
$lignes[0] = 0;
$errr = 0;
} // authuserfile
if (strtolower(trim($s)) == "require valid-user") {
$lignes[1] = 0;
$errr = 0;
} //require
if (strtolower(trim($s)) == "authtype basic") {
$lignes[2] = 0;
$errr = 0;
} //authtype
} // Reading config file
fclose($file);
if ($errr || in_array(0, $lignes)) {
$err->raise("hta", _("An incompatible .htaccess file exists in this folder"));
return false;
}
return true;
}
while (!feof($file) && !$errr) {
$s = fgets($file,1024);
if (substr($s,0,12)!="RewriteCond " && substr($s,0,14)!="ErrorDocument " && substr($s,0,12)!="RewriteRule " && substr($s,0,14)!="RewriteEngine " && trim($s)!="") {
$errr = 1;
}
if (strtolower(trim($s))==strtolower("authuserfile $absolute/.htpasswd")) {
$lignes[0] = 0;
$errr = 0;
} // authuserfile
if (strtolower(trim($s))=="require valid-user") {
$lignes[1] = 0;
$errr = 0;
} //require
if (strtolower(trim($s))=="authtype basic") {
$lignes[2] = 0;
$errr = 0;
} //authtype
} // Reading config file
fclose($file);
if ($errr || in_array(0,$lignes)) {
$err->raise("hta",_("An incompatible .htaccess file exists in this folder"));
return false;
}
return true;
}
} /* CLASS m_hta */
}
/* CLASS m_hta */

180
bureau/class/m_log.php
View File

@ -1,4 +1,5 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
@ -6,117 +7,118 @@
https://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Purpose of file: Manage Log files for users
Purpose of file: Manage Log files for users
----------------------------------------------------------------------
*/
*/
/**
* Classe de gestion des erreurs apparaissant lors d'appels API.
*/
* Classe de gestion des erreurs apparaissant lors d'appels API.
*/
class m_log {
function m_log(){
}
function list_logs_directory($dir){
global $cuid,$err;
$err->log("log","list_logs_directory");
$c=array();
foreach( glob("${dir}/*log*") as $absfile) {
$c[]=array("name"=>basename($absfile),
"creation_date"=>date("F d Y H:i:s", filectime($absfile)),
"mtime" => filemtime($absfile),
"filesize"=>filesize($absfile),
"downlink"=>urlencode(basename($absfile)),
);
function m_log() {
}
usort($c,"m_log::compare_logtime");
return $c;
}//list_logs
function list_logs_directory($dir) {
global $cuid, $err;
$err->log("log", "list_logs_directory");
// Used by list_logs_directory to sort
private function compare_logname($a, $b) {
return strcmp($a['name'],$b['name']);
}
// Used by list_logs_directory to sort
private function compare_logtime($a, $b) {
return $b['mtime']-$a['mtime'];
}
function hook_menu() {
$obj = array(
'title' => _("Logs"),
'ico' => 'images/logs.png',
'link' => 'logs_list.php',
'pos' => 130,
) ;
return $obj;
}
function list_logs_directory_all($dirs){
global $err;
$err->log("log","get_logs_directory_all");
$c=array();
foreach($dirs as $dir=>$val){
$c[$dir]=$this->list_logs_directory($val);
$c = array();
foreach (glob("${dir}/*log*") as $absfile) {
$c[] = array("name" => basename($absfile),
"creation_date" => date("F d Y H:i:s", filectime($absfile)),
"mtime" => filemtime($absfile),
"filesize" => filesize($absfile),
"downlink" => urlencode(basename($absfile)),
);
}
usort($c, "m_log::compare_logtime");
return $c;
}
return $c;
}
function get_logs_directory(){
global $cuid,$mem,$err;
$err->log("log","get_logs_directory");
// Return an array to allow multiple directory in the future
if(defined('ALTERNC_LOGS_ARCHIVE')){
$c=array("dir"=>ALTERNC_LOGS_ARCHIVE."/".$cuid."-".$mem->user["login"]);
}else{
$c=array("dir"=>ALTERNC_LOGS."/".$cuid."-".$mem->user["login"]);
// Used by list_logs_directory to sort
private function compare_logname($a, $b) {
return strcmp($a['name'], $b['name']);
}
return $c;
}
function download_link($file){
global $err,$mem;
$err->log("log","download_link");
header("Content-Disposition: attachment; filename=".$file."");
header("Content-Type: application/force-download");
header("Content-Transfer-Encoding: binary");
$f=$this->get_logs_directory();
$ff=$f['dir']."/".basename($file);
set_time_limit(0);
readfile($ff);
}
function tail($file,$lines=20) {
global $err,$mem;
$err->log("log","tail");
$lines=intval($lines); if ($lines<=0) $lines=20;
$f=$this->get_logs_directory();
$ff=$f['dir']."/".basename($file);
unset($out);
exec("tail -".$lines." ".escapeshellarg($ff),$out);
return implode("\n",$out);
}
// Used by list_logs_directory to sort
private function compare_logtime($a, $b) {
return $b['mtime'] - $a['mtime'];
}
function hook_menu() {
$obj = array(
'title' => _("Logs"),
'ico' => 'images/logs.png',
'link' => 'logs_list.php',
'pos' => 130,
);
} // end class
return $obj;
}
function list_logs_directory_all($dirs) {
global $err;
$err->log("log", "get_logs_directory_all");
$c = array();
foreach ($dirs as $dir => $val) {
$c[$dir] = $this->list_logs_directory($val);
}
return $c;
}
function get_logs_directory() {
global $cuid, $mem, $err;
$err->log("log", "get_logs_directory");
// Return an array to allow multiple directory in the future
if (defined('ALTERNC_LOGS_ARCHIVE')) {
$c = array("dir" => ALTERNC_LOGS_ARCHIVE . "/" . $cuid . "-" . $mem->user["login"]);
} else {
$c = array("dir" => ALTERNC_LOGS . "/" . $cuid . "-" . $mem->user["login"]);
}
return $c;
}
function download_link($file) {
global $err;
$err->log("log", "download_link");
header("Content-Disposition: attachment; filename=" . $file . "");
header("Content-Type: application/force-download");
header("Content-Transfer-Encoding: binary");
$f = $this->get_logs_directory();
$ff = $f['dir'] . "/" . basename($file);
set_time_limit(0);
readfile($ff);
}
function tail($file, $lines = 20) {
global $err;
$err->log("log", "tail");
$lines = intval($lines);
if ($lines <= 0) {
$lines = 20;
}
$f = $this->get_logs_directory();
$ff = $f['dir'] . "/" . basename($file);
$out=array();
exec("tail -" . $lines . " " . escapeshellarg($ff), $out);
return implode("\n", $out);
}
}
// end class

323
bureau/class/m_lxc.php
View File

@ -1,197 +1,192 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2000-2013 by the AlternC Development Team.
https://alternc.org/
----------------------------------------------------------------------
LICENSE
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2000-2013 by the AlternC Development Team.
https://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Purpose of file: Manage LXC-based virtual machine through an inetd-based protocol
----------------------------------------------------------------------
*/
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Purpose of file: Manage LXC-based virtual machine through an inetd-based protocol
----------------------------------------------------------------------
*/
include_once(dirname(__FILE__) . '/vm.class.php');
/**
* Manage AlternC's virtual machine start/stop using our own inetd-based protocol.
*/
class m_lxc implements vm {
public $IP;
public $KEY;
public $PORT;
public $maxtime;
public $TIMEOUT = 5;
public $error = array();
public $IP;
public $KEY;
public $PORT;
public $maxtime;
public $TIMEOUT = 5;
public $error = array();
/**
* Constructor, initialize the class informations from AlternC's variables
*/
function m_lxc() {
$this->IP = variable_get('lxc_ip', '', "IP address of the Alternc's LXC server. If empty, no LXC server.", array('desc'=>'IP address','type'=>'ip'));
$this->PORT = variable_get('lxc_port', '6504', "Port of the Alternc's LXC server", array('desc'=>'Port','type'=>'integer'));
$this->KEY = variable_get('lxc_key', '', "Shared key with the Alternc's LXC server", array('desc'=>'Shared key','type'=>'string'));
$this->maxtime = variable_get('lxc_maxtime', '4', "How many hours do we allow to have a server before shutting it down", array('desc'=>'Max time','type'=>'integer'));
}
/**
* HOOK: add the "Console Access" to AlternC's main menu
*/
function hook_menu() {
if ( empty($this->IP)) return ; // No menu if no server
$obj = array(
'title' => _("Console access"),
'ico' => 'images/ssh.png',
'link' => 'vm.php',
'pos' => 95,
) ;
return $obj;
}
/**
* HOOK: remove VM history for AlternC account
*/
function hook_admin_del_member() {
global $db,$err,$cuid;
$err->log("lxc","alternc_del_member");
$db->query("DELETE FROM vm_history WHERE uid='$cuid'");
return true;
}
/**
* Send a message to a remote VM manager instance
* $params are the parameters to send as serialized data
* to the listening server.
* Return the unserialized response data, if the message has been sent successfully
* or FALSE if an error occurred. In that case $error[] is set.
*/
private function sendMessage($params) {
global $L_FQDN,$hooks;
$fp = @fsockopen($this->IP, $this->PORT, $errno, $errstr, $this->TIMEOUT);
if (!$fp) {
$this->error[] = 'Unable to connect';
return FALSE;
}
// Authenticate:
$params['server']=$L_FQDN;
$params['key']=$this->KEY;
// MySQL Host for this user ?
$moreparams=$hooks->invoke("lxc_params",array($params));
foreach($moreparams as $p) {
foreach($p as $k=>$v)
$params[$k]=$v;
/**
* Constructor, initialize the class informations from AlternC's variables
*/
function m_lxc() {
$this->IP = variable_get('lxc_ip', '', "IP address of the Alternc's LXC server. If empty, no LXC server.", array('desc' => 'IP address', 'type' => 'ip'));
$this->PORT = variable_get('lxc_port', '6504', "Port of the Alternc's LXC server", array('desc' => 'Port', 'type' => 'integer'));
$this->KEY = variable_get('lxc_key', '', "Shared key with the Alternc's LXC server", array('desc' => 'Shared key', 'type' => 'string'));
$this->maxtime = variable_get('lxc_maxtime', '4', "How many hours do we allow to have a server before shutting it down", array('desc' => 'Max time', 'type' => 'integer'));
}
$msg = serialize($params);
if (fwrite ($fp, $msg."\n") < 0) {
$this->error[] = 'Unable to send data';
return FALSE;
/**
* HOOK: add the "Console Access" to AlternC's main menu
*/
function hook_menu() {
if (empty($this->IP))
return; // No menu if no server
$obj = array(
'title' => _("Console access"),
'ico' => 'images/ssh.png',
'link' => 'vm.php',
'pos' => 95,
);
return $obj;
}
$resp = fgets($fp, 8192);
fclose ($fp);
$data = @unserialize($resp);
if (isset($data['error']) && $data['error']>0) {
$this->error[] = $data['msg'];
return FALSE;
} else {
return $resp;
/**
* HOOK: remove VM history for AlternC account
*/
function hook_admin_del_member() {
global $db, $err, $cuid;
$err->log("lxc", "alternc_del_member");
$db->query("DELETE FROM vm_history WHERE uid='$cuid'");
return true;
}
}
/**
* Send a message to a remote VM manager instance
* $params are the parameters to send as serialized data
* to the listening server.
* Return the unserialized response data, if the message has been sent successfully
* or FALSE if an error occurred. In that case $error[] is set.
*/
private function sendMessage($params) {
global $L_FQDN, $hooks;
$fp = @fsockopen($this->IP, $this->PORT, $errno, $errstr, $this->TIMEOUT);
if (!$fp) {
$this->error[] = 'Unable to connect';
return FALSE;
}
// Authenticate:
$params['server'] = $L_FQDN;
$params['key'] = $this->KEY;
// MySQL Host for this user ?
$moreparams = $hooks->invoke("lxc_params", array($params));
foreach ($moreparams as $p) {
foreach ($p as $k => $v) {
$params[$k] = $v;
}
}
/**
* START a Virtual Machine on the remote VM manager
* for user $login having hashed password $pass and uid $uid
*/
public function start($login = FALSE, $pass = FALSE, $uid = FALSE) {
global $mem, $db, $err, $mysql;
$msg = serialize($params);
if (fwrite($fp, $msg . "\n") < 0) {
$this->error[] = 'Unable to send data';
return FALSE;
}
$resp = fgets($fp, 8192);
fclose($fp);
if ($this->getvm() !== FALSE) {
$err->raise('lxc', _('VM already started'));
return FALSE;
$data = @unserialize($resp);
if (isset($data['error']) && $data['error'] > 0) {
$this->error[] = $data['msg'];
return FALSE;
} else {
return $resp;
}
}
unset($this->error);
$login = $login ? $login : $mem->user['login'];
$pass = $pass ? $pass : $mem->user['pass'];
$uid = $uid ? $uid : $mem->user['uid'];
/**
* START a Virtual Machine on the remote VM manager
* for user $login having hashed password $pass and uid $uid
*/
public function start($login = FALSE, $pass = FALSE, $uid = FALSE) {
global $mem, $db, $err, $mysql;
$msgg = array('action'=>'start', 'login'=>$login, 'pass' => $pass, 'uid'=> $uid);
$msgg['mysql_host'] = $mysql->dbus->Host;
if ($this->getvm() !== FALSE) {
$err->raise('lxc', _('VM already started'));
return FALSE;
}
unset($this->error);
$res = $this->sendMessage($msgg);
if ($res === FALSE) {
return $this->error;
} else {
$data = unserialize($res);
$error = (int)$data['error'];
$hostname = $data['hostname'];
$msg = $data['msg'];
$date_start = 'NOW()';
$uid = $mem->user['uid'];
$login = $login ? $login : $mem->user['login'];
$pass = $pass ? $pass : $mem->user['pass'];
$uid = $uid ? $uid : $mem->user['uid'];
if ($error != 0) {
$err->raise('lxc', _($msg));
return FALSE;
}
$db->query("INSERT INTO vm_history (ip,date_start,uid,serialized_object) VALUES ('$hostname', $date_start, '$uid', '$res')");
return $res;
$msgg = array('action' => 'start', 'login' => $login, 'pass' => $pass, 'uid' => $uid);
$msgg['mysql_host'] = $mysql->dbus->Host;
$res = $this->sendMessage($msgg);
if ($res === FALSE) {
return $this->error;
} else {
$data = unserialize($res);
$error = (int) $data['error'];
$hostname = $data['hostname'];
$msg = $data['msg'];
$date_start = 'NOW()';
$uid = $mem->user['uid'];
if ($error != 0) {
$err->raise('lxc', _($msg));
return FALSE;
}
$db->query("INSERT INTO vm_history (ip,date_start,uid,serialized_object) VALUES ('$hostname', $date_start, '$uid', '$res')");
return $res;
}
}
}
/**
*
*/
public function getvm($login = FALSE) {
global $mem;
/**
*
*/
public function getvm($login = FALSE) {
global $db, $mem, $cuid;
$login = $login ? $login : $mem->user['login'];
$msgg = array('action' => 'get', 'login' => $login);
$res = $this->sendMessage($msgg);
if (!$res) {
return FALSE;
}
return unserialize($res);
}
$login = $login ? $login : $mem->user['login'];
$msgg = array('action'=>'get', 'login'=>$login);
$res = $this->sendMessage($msgg);
if (!$res) return FALSE;
return unserialize($res);
}
/**
* Stop the currently running VM
*/
public function stop() {
$vm = $this->getvm();
if ($vm === FALSE) {
return FALSE;
}
if ($this->sendMessage(array('action' => 'stop', 'vm' => $vm['vm'])) === FALSE) {
return FALSE;
}
return TRUE;
}
}
/**
* Stop the currently running VM
*/
public function stop() {
global $db, $mem;
$vm = $this->getvm();
if ($vm === FALSE)
return FALSE;
if ($this->sendMessage(array('action' => 'stop', 'vm' => $vm['vm'])) === FALSE)
return FALSE;
return TRUE;
}
} // class m_lxc
// class m_lxc

1890
bureau/class/m_mail.php
View File

File diff suppressed because it is too large Load Diff

1160
bureau/class/m_mem.php
View File

File diff suppressed because it is too large Load Diff

238
bureau/class/m_menu.php
View File

@ -1,4 +1,5 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
@ -21,7 +22,7 @@
----------------------------------------------------------------------
Purpose of file: Manage hook system.
----------------------------------------------------------------------
*/
*/
/**
* This class manage menu.
@ -29,147 +30,126 @@
* @copyright AlternC-Team 2002-2005 http://alternc.org/
*/
class m_menu {
/* --------------------------------------------------------------------------- */
/*---------------------------------------------------------------------------*/
/** Constructor
* menu([$mid]) Constructeur de la classe menu, ne fait rien pour le moment
*/
function m_menu() {
}
function getmenu() {
global $hooks, $quota, $mem;
// Force rebuilding quota, in case of add or edit of the quota and cache not up-to-date
$mesq = $quota->getquota("",true); // rebuild quota
// Get menu objects
$lsto = $hooks->invoke('hook_menu');
// Get system menu
$sm = $this->system_menu();
// Merge it !
$lst = array_merge($sm,$lsto);
// Sort it
uasort($lst, 'm_menu::order_menu');
// Get user specific menu visibility options
$mop = $mem->session_tempo_params_get('menu_toggle') ;
foreach( $lst as $k => $v ) {
if (empty($v)) {
unset($lst[$k]);
continue;
}
// Set the javascript toggle link for menu asking for it
if ($v['link'] == 'toggle') {
$lst[$k]['link'] = 'javascript:menu_toggle(\'menu-'.$k.'\');';
}
// Be sure that the default visibility is true
if (! isset($lst[$k]['visibility'])) $lst[$k]['visibility'] = true;
// Set the user's specific visibility option
if (isset($mop["menu-$k"])) {
if ($mop["menu-$k"] == "hidden") $lst[$k]['visibility'] = false;
if ($mop["menu-$k"] == "visible") $lst[$k]['visibility'] = true;
}
if ( isset($mesq[$k])) { // if there are some quota for this class
// Hide the menu if there are none and not allowed to create
if ( $mesq[$k]['t'] < 1 && $mesq[$k]['u'] < 1 ) {
unset($lst[$k]);
continue;
}
// Set the quota in the menu object
$lst[$k]['quota_used'] = $mesq[$k]['u'] ;
$lst[$k]['quota_total'] = $mesq[$k]['t'] ;
} // end if there are some quota for this class
/** Constructor
* menu([$mid]) Constructeur de la classe menu, ne fait rien pour le moment
*/
function m_menu() {
}
return $lst;
} //getmenu
function getmenu() {
global $hooks, $quota, $mem;
function order_menu($a, $b) {
// Use to order the menu with a usort
return $a['pos'] > $b['pos'];
}
// Force rebuilding quota, in case of add or edit of the quota and cache not up-to-date
$mesq = $quota->getquota("", true); // rebuild quota
// Get menu objects
$lsto = $hooks->invoke('hook_menu');
function system_menu() {
// Here some needed menu who don't have a class
global $help_baseurl, $lang_translation, $locales;
// Get system menu
$sm = $this->system_menu();
$m =
array(
'home' =>
array(
'title' => _("Home / Information"),
'ico' => 'images/home.png',
'link' => 'main.php',
'pos' => 0,
),
'logout' =>
array(
'title' => _("Logout"),
'ico' => 'images/exit.png',
'link' => 'mem_logout.php',
'pos' => 170,
),
'help' =>
array(
'title' => _("Online help"),
'ico' => 'images/help.png',
'target' => 'help',
'link' => $help_baseurl,
'pos' => 140,
),
'lang' =>
array(
'title' => _("Languages"),
'ico' => '/images/lang.png',
'visibility' => false,
'link' => 'toggle',
'links' => array(),
'pos' => 150,
)
) ;
foreach($locales as $l) {
$m['lang']['links'][] = array ( 'txt' => (isset($lang_translation[$l]))?$lang_translation[$l]:$l, 'url' => "/login.php?setlang=$l");
}
return $m;
// Merge it !
$lst = array_merge($sm, $lsto);
// Sort it
uasort($lst, 'm_menu::order_menu');
/*
// Get user specific menu visibility options
$mop = $mem->session_tempo_params_get('menu_toggle');
<div class="menu-box">
<a href="javascript:menu_toggle('menu-lang');">
<div class="menu-title">
<img src="/images/lang.png" alt="<?php __("Languages"); ?>" />&nbsp;<?php __("Languages"); ?>
<img src="/images/menu_moins.png" alt="" style="float:right;" id="menu-lang-img"/>
</div>
</a>
<div class="menu-content" id="menu-lang">
<ul>
<?php foreach($locales as $l) { ?>
<li><a href="/login.php?setlang=<?php echo $l; ?>" target="_top"><?php if (isset($lang_translation[$l])) echo $lang_translation[$l]; else echo $l; ?></a></li>
<?php } ?>
</ul>
</div>
</div>
foreach ($lst as $k => $v) {
if (empty($v)) {
unset($lst[$k]);
continue;
}
// Set the javascript toggle link for menu asking for it
if ($v['link'] == 'toggle') {
$lst[$k]['link'] = 'javascript:menu_toggle(\'menu-' . $k . '\');';
}
// Be sure that the default visibility is true
if (!isset($lst[$k]['visibility'])) {
$lst[$k]['visibility'] = true;
}
// Set the user's specific visibility option
if (isset($mop["menu-$k"])) {
if ($mop["menu-$k"] == "hidden") {
$lst[$k]['visibility'] = false;
}
if ($mop["menu-$k"] == "visible") {
$lst[$k]['visibility'] = true;
}
}
*/
} //system_menu
if (isset($mesq[$k])) { // if there are some quota for this class
// Hide the menu if there are none and not allowed to create
if ($mesq[$k]['t'] < 1 && $mesq[$k]['u'] < 1) {
unset($lst[$k]);
continue;
}
} /* Class menu */
// Set the quota in the menu object
$lst[$k]['quota_used'] = $mesq[$k]['u'];
$lst[$k]['quota_total'] = $mesq[$k]['t'];
} // end if there are some quota for this class
}
return $lst;
}
function order_menu($a, $b) {
// Use to order the menu with a usort
return $a['pos'] > $b['pos'];
}
function system_menu() {
// Here some needed menu who don't have a class
global $help_baseurl, $lang_translation, $locales;
$m = array(
'home' =>
array(
'title' => _("Home / Information"),
'ico' => 'images/home.png',
'link' => 'main.php',
'pos' => 0,
),
'logout' =>
array(
'title' => _("Logout"),
'ico' => 'images/exit.png',
'link' => 'mem_logout.php',
'pos' => 170,
),
'help' =>
array(
'title' => _("Online help"),
'ico' => 'images/help.png',
'target' => 'help',
'link' => $help_baseurl,
'pos' => 140,
),
'lang' =>
array(
'title' => _("Languages"),
'ico' => '/images/lang.png',
'visibility' => false,
'link' => 'toggle',
'links' => array(),
'pos' => 150,
)
);
foreach ($locales as $l) {
$m['lang']['links'][] = array('txt' => (isset($lang_translation[$l])) ? $lang_translation[$l] : $l, 'url' => "/login.php?setlang=$l");
}
return $m;
}
}
/* Class menu */

2240
bureau/class/m_mysql.php
View File

File diff suppressed because it is too large Load Diff

1147
bureau/class/m_quota.php
View File

File diff suppressed because it is too large Load Diff