Add password reset via one-time login link

Closes #102

.gitattributes

@@ -1,5 +1,6 @@
 * text=auto !eol
 /.svnignore -text
+/.travis.yml -text
 .tx/config -text
 /CODING_CONVENTION.php -text
 /COPYING -text
@@ -84,6 +85,7 @@ bureau/admin/adm_tlddoadd.php -text
 bureau/admin/adm_tlddoedit.php -text
 bureau/admin/adm_tldedit.php -text
 bureau/admin/adm_update_domains.php -text
+bureau/admin/adm_var_edit.php -text
 bureau/admin/adm_variables.php -text
 bureau/admin/aide/help.php -text
 bureau/admin/aide/help.png -text
@@ -94,7 +96,6 @@ bureau/admin/bro_main.php -text
 bureau/admin/bro_pref.php -text
 bureau/admin/bro_tgzdown.php -text
 bureau/admin/bro_view.php -text
-bureau/admin/browseforfolder.php -text
 bureau/admin/browseforfolder2.php -text
 bureau/admin/cron.php -text
 bureau/admin/dom_add.php -text
@@ -177,6 +178,7 @@ bureau/admin/icon/winresize.gif -text
 bureau/admin/icon/xls.png -text
 bureau/admin/icon/zip.png -text
 bureau/admin/images/admin.png -text
+bureau/admin/images/asc.gif -text
 bureau/admin/images/bgborder.gif -text
 bureau/admin/images/blank.gif -text
 bureau/admin/images/check_no.png -text
@@ -186,6 +188,7 @@ bureau/admin/images/config.png -text
 bureau/admin/images/copyrights.txt -text
 bureau/admin/images/danger.png -text
 bureau/admin/images/delete.png -text
+bureau/admin/images/desc.gif -text
 bureau/admin/images/dom.png -text
 bureau/admin/images/edit.png -text
 bureau/admin/images/exit.png -text
@@ -252,6 +255,7 @@ bureau/admin/index.php -text
 bureau/admin/ip_main.php -text
 bureau/admin/js/alternc.js -text
 bureau/admin/js/jquery.min_embedded.js -text
+bureau/admin/js/jquery.tablesorter.min.js -text
 bureau/admin/js/jquery_ui/css/redmond/images/animated-overlay.gif -text
 bureau/admin/js/jquery_ui/css/redmond/images/ui-bg_flat_0_aaaaaa_40x100.png -text
 bureau/admin/js/jquery_ui/css/redmond/images/ui-bg_flat_55_fbec88_40x100.png -text
@@ -327,6 +331,37 @@ bureau/admin/piwik_user_dodel.php -text
 bureau/admin/piwik_useradmin.php -text
 bureau/admin/piwik_userlist.php -text
 bureau/admin/piwik_utils.php -text
+bureau/admin/prettify/lang-apollo.js -text
+bureau/admin/prettify/lang-basic.js -text
+bureau/admin/prettify/lang-clj.js -text
+bureau/admin/prettify/lang-css.js -text
+bureau/admin/prettify/lang-dart.js -text
+bureau/admin/prettify/lang-erlang.js -text
+bureau/admin/prettify/lang-go.js -text
+bureau/admin/prettify/lang-hs.js -text
+bureau/admin/prettify/lang-lisp.js -text
+bureau/admin/prettify/lang-llvm.js -text
+bureau/admin/prettify/lang-lua.js -text
+bureau/admin/prettify/lang-matlab.js -text
+bureau/admin/prettify/lang-ml.js -text
+bureau/admin/prettify/lang-mumps.js -text
+bureau/admin/prettify/lang-n.js -text
+bureau/admin/prettify/lang-pascal.js -text
+bureau/admin/prettify/lang-proto.js -text
+bureau/admin/prettify/lang-r.js -text
+bureau/admin/prettify/lang-rd.js -text
+bureau/admin/prettify/lang-scala.js -text
+bureau/admin/prettify/lang-sql.js -text
+bureau/admin/prettify/lang-tcl.js -text
+bureau/admin/prettify/lang-tex.js -text
+bureau/admin/prettify/lang-vb.js -text
+bureau/admin/prettify/lang-vhdl.js -text
+bureau/admin/prettify/lang-wiki.js -text
+bureau/admin/prettify/lang-xq.js -text
+bureau/admin/prettify/lang-yaml.js -text
+bureau/admin/prettify/prettify.css -text
+bureau/admin/prettify/prettify.js -text
+bureau/admin/prettify/run_prettify.js -text
 bureau/admin/quota_show.php -text
 bureau/admin/quotas_oneuser.php -text
 bureau/admin/quotas_users.php -text
@@ -355,6 +390,9 @@ bureau/admin/styles/style.css -text
 bureau/admin/tempovars.php -text
 bureau/admin/vm.php -text
 bureau/admin/webmail-redirect.php -text
+bureau/admin/xhprof_footer.php -text
+bureau/admin/xhprof_header.php -text
+bureau/class/class_system_bind.php -text
 bureau/class/config.php -text
 bureau/class/config_nochk.php -text
 bureau/class/db_mysql.php -text
@@ -382,9 +420,9 @@ bureau/class/m_menu.php -text
 bureau/class/m_mysql.php -text
 bureau/class/m_piwik.php -text
 bureau/class/m_quota.php -text
+bureau/class/m_variables.php -text
 bureau/class/mime.php -text
 bureau/class/reset_stats_conf.php -text
-bureau/class/variables.php -text
 bureau/class/vm.class.php -text
 bureau/index.php -text
 bureau/locales/Makefile -text
@@ -496,6 +534,7 @@ etc/alternc/templates/postfix/master.cf -text
 etc/alternc/templates/postfix/myalias.cf -text
 etc/alternc/templates/postfix/mydomain.cf -text
 etc/alternc/templates/postfix/mygid.cf -text
+etc/alternc/templates/postfix/mymail2mail.cf -text
 etc/alternc/templates/postfix/myquota.cf -text
 etc/alternc/templates/postfix/myrelay-domain.cf -text
 etc/alternc/templates/postfix/myrelay.cf -text
@@ -542,6 +581,9 @@ install/upgrades/3.0.3~a.sql -text
 install/upgrades/3.0.3~b.sh -text
 install/upgrades/3.1.0~a.sql -text
 install/upgrades/3.1.0~b.php -text
+install/upgrades/3.1.0~c.sh -text
+install/upgrades/3.2.1~a.sql -text
+install/upgrades/3.3.0~a.sql -text
 install/upgrades/README -text
 lang/.svnignore -text
 lang/README -text
@@ -564,6 +606,7 @@ nightlybuild/READMEFIRST -text
 nightlybuild/build.sh -text
 nightlybuild/mchroot.sh -text
 nightlybuild/nightly.key -text
+phpunit/tests/_datasets/domaines.yml -text
 po/alternc-admintools.pot -text
 po/fr/LC_MESSAGES/.svnignore -text
 po/fr/LC_MESSAGES/alternc-admintools.po -text
@@ -573,7 +616,6 @@ roundcube/class/m_roundcube.php -text
 roundcube/roundcube-install -text
 roundcube/roundcube_alternc_logo.png -text
 roundcube/templates/apache2/roundcube.conf -text
-roundcube/templates/logrotate.d/roundcube-core -text
 roundcube/templates/roundcube/main.inc.php -text
 roundcube/templates/roundcube/plugins/managesieve/config.inc.php -text
 roundcube/templates/roundcube/plugins/password/config.inc.php -text
@@ -603,13 +645,16 @@ src/delete_logs.sh -text
 src/do_actions.php -text
 src/du.pl -text
 src/export_account.php -text
+src/fix_dovecot_quota.php -text
 src/fixperms.sh -text
 src/functions.sh -text
 src/functions_dns.sh -text
 src/functions_hosting.sh -text
+src/generate_apache_conf.php -text
+src/generate_bind_conf.php -text
 src/inotify_do_actions.sh -text
 src/inotify_update_domains.sh -text
-src/lxc_stopexpired.php -text
+src/mail_add.php -text
 src/mail_dodelete.php -text
 src/mem_add -text
 src/mem_del -text
@@ -619,6 +664,7 @@ src/quota-warning.sh -text
 src/quota_delete -text
 src/quota_edit -text
 src/quota_get -text
+src/quota_get_all -text
 src/quota_init -text
 src/rebuild_all_webconf.sh -text
 src/sendmail -text

.gitignore

@@ -5,31 +5,44 @@ bureau/locales/es_ES/LC_MESSAGES/alternc.mo
 bureau/locales/fr_FR/LC_MESSAGES/alternc.mo
 bureau/locales/nl_NL/LC_MESSAGES/alternc.mo
 bureau/locales/pt_BR/LC_MESSAGES/alternc.mo
+debian/alternc*.debhelper.log
+debian/alternc*.postrm.debhelper
+debian/alternc*.substvars
+debian/alternc*.postrm.debhelper
 debian/alternc
+debian/alternc-api
+debian/alternc-ssl
 debian/alternc-awstats
-debian/alternc-awstats.debhelper.log
-debian/alternc-awstats.postrm.debhelper
-debian/alternc-awstats.substvars
 debian/alternc-roundcube
-debian/alternc-roundcube.debhelper.log
-debian/alternc-roundcube.substvars
 debian/alternc-slave
-debian/alternc-slave.debhelper.log
-debian/alternc-slave.postrm.debhelper
-debian/alternc-slave.substvars
 debian/alternc-squirrelmail
-debian/alternc-squirrelmail.debhelper.log
-debian/alternc-squirrelmail.substvars
 debian/alternc-upnp
-debian/alternc-upnp.debhelper.log
-debian/alternc-upnp.substvars
-debian/alternc.debhelper.log
-debian/alternc.postrm.debhelper
-debian/alternc.substvars
 debian/files
+debian/.debhelper
+debian/debhelper-build-stamp
 lang/de_DE.po
 lang/es_ES.po
 lang/fr_FR.po
 lang/it_IT.po
 lang/pt_BR.po
 po/fr/LC_MESSAGES/alternc-admintools.mo
+nbproject
+awstats/bureau/locales/de_DE/LC_MESSAGES/aws.po~
+awstats/bureau/locales/en_US/LC_MESSAGES/aws.po~
+awstats/bureau/locales/es_ES/LC_MESSAGES/aws.po~
+awstats/bureau/locales/fr_FR/LC_MESSAGES/aws.po~
+awstats/bureau/locales/it_IT/LC_MESSAGES/aws.po~
+awstats/bureau/locales/nl_NL/LC_MESSAGES/aws.po~
+awstats/bureau/locales/pt_BR/LC_MESSAGES/aws.po~
+bureau/locales/de_DE/LC_MESSAGES/messages.po~
+bureau/locales/en_US/LC_MESSAGES/messages.po~
+bureau/locales/es_ES/LC_MESSAGES/messages.po~
+bureau/locales/fr_FR/LC_MESSAGES/messages.po~
+bureau/locales/it_IT/LC_MESSAGES/messages.po~
+bureau/locales/nl_NL/LC_MESSAGES/messages.po~
+bureau/locales/pt_BR/LC_MESSAGES/messages.po~
+.tx/alternc.alternc
+# Added for running tests; currently not used otherwise
+composer.lock
+composer.json
+vendor/

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "phpunit/lib/PHPUnit"]
+	path = phpunit/lib/PHPUnit
+	url = https://github.com/sebastianbergmann/phpunit.git

.scrutinizer.yml

@@ -0,0 +1,62 @@
+filter:
+    excluded_paths:
+        - 'vendor/*'
+        - 'tests/*'
+        - 'app/*'
+        - 'bin/*'
+        - 'library/*'
+    paths: {  }
+tools:
+    external_code_coverage: true
+    php_analyzer:
+        enabled: true
+        extensions:
+            - php
+        filter:
+            excluded_paths:
+                - 'vendor/*'
+                - 'tests/*'
+                - 'app/*'
+                - 'bin/*'
+                - 'library/*'
+            paths: {  }
+        path_configs: {  }
+    php_cpd:
+        enabled: true
+        excluded_dirs: {  }
+        names:
+            - '*.php'
+        min_lines: 5
+        min_tokens: 70
+        filter:
+            excluded_paths:
+                - 'vendor/*'
+                - 'tests/*'
+                - 'app/*'
+                - 'bin/*'
+                - 'library/*'
+            paths: {  }
+    php_pdepend:
+        enabled: true
+        configuration_file: null
+        suffixes:
+            - php
+        excluded_dirs: {  }
+        filter:
+            excluded_paths:
+                - 'vendor/*'
+                - 'tests/*'
+                - 'app/*'
+                - 'bin/*'
+                - 'library/*'
+            paths: {  }
+changetracking:
+    bug_patterns:
+        - '\bfix(?:es|ed)?\b'
+    feature_patterns:
+        - '\badd(?:s|ed)?\b'
+        - '\bimplement(?:s|ed)?\b'
+before_commands: {  }
+after_commands: {  }
+artifacts: {  }
+build_failure_conditions: {  }

.travis.yml

@@ -0,0 +1,19 @@
+language: php
+services:
+  - mysql
+php:
+  - 7.1
+  - 7.0
+  - 5.6
+  - 5.5
+script:
+  - grep --exclude-dir=../.git/ --exclude-dir=../vendor/ -l -r -e '#!/bin/[bash|sh]' ../ | uniq | xargs shellcheck
+  - ../vendor/bin/phpcs --ignore=../vendor/ ../
+  - ../vendor/bin/phpunit --coverage-clover=coverage.clover
+before_script:
+  - composer require 'phpunit/dbunit=<3.0.2' squizlabs/php_codesniffer
+  - mysql -e 'create database alternc_test DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;'
+  - cd phpunit
+after_script:
+  - wget https://scrutinizer-ci.com/ocular.phar
+  - php ocular.phar code-coverage:upload --format=php-clover coverage.clover

CODING_CONVENTION.php

@@ -60,8 +60,8 @@ class m_mailman {
 ## when raising an error, use the following syntax ##
     $err->raise("classname",_("text in english"));
   }
-
-## at the end of a php-only file, we don't put a ?> ##
+}
+/* at the end of a php-only file, we don't put a ?> */
 
 ?>
 

DEBIAN_COMPLIANCE

@@ -1,6 +1,7 @@
 
 ********************************************************************************************
 * 2013: We are trying to make AlternC enter Debian repositories and follow Debian rules :) *
+* 2018: Still trying :) *
 ********************************************************************************************
 
 The main issues we know as of today are:  
@@ -14,40 +15,7 @@ Questions:
 
 - some binaries / scripts don't have a man page
 
-- we are packaging some JS library ourself : 
-  W: alternc: embedded-javascript-library var/alternc/bureau/admin/js/prototype.js
-  W: alternc: embedded-javascript-library var/alternc/bureau/admin/js/jquery.min.js
 
-- W: alternc: virtual-package-depends-without-real-package-depends depends: mailx
-
-- We should NOT ask for "do you REALLY want to install AlternC blabla" since we don't launch alternc.install at postinst anymore.
-  This question MAY be asked to the user when launching alternc installer manually (on an interactive shell)
-
-
-Easy to fix NOW :  
-E: alternc: dir-or-file-in-var-run var/run/alternc/
-W: alternc: binary-without-manpage usr/bin/alternc_get_path
-W: alternc: binary-without-manpage usr/bin/alternc_reload
-W: alternc: maintainer-script-ignores-errors prerm
-E: alternc-upnp: php-script-but-no-phpX-cli-dep usr/lib/alternc/update_upnp.sh
-W: alternc-upnp: executable-not-elf-or-script usr/lib/alternc/install.d/upnp-install
-W: alternc-awstats: possible-debconf-note-abuse preinst:13 alternc-awstats/errorinstall
-
-E: alternc: duplicate-conffile etc/cron.d/alternc
-E: alternc: duplicate-conffile etc/logrotate.d/alternc
-W: alternc: malformed-prompt-in-templates alternc/slaves
-
-********************************************************************************
-Should be fixed, need more test:
-- the control panel is located in /var/alternc/bureau => move it to /usr/share/alternc/panel
-- the html data are in /var/alternc/html/[a-z0-9] => move them to /var/www/alternc/[a-z0-9]
-- the mail data are in /var/alternc/mail/[a-z0-9] => move them to /var/mail/alternc/[a-z0-9]
-- the bind zones, apache vhosts and other dynamic data are in /var/alternc/(bind|apache-vhost)/ => move them to /var/lib/alternc/(samename)
-- /var/alternc/db => not used anymore, drop
-- /var/alternc/mla => not used anymore, drop
-- there is /var/alternc/cgi-bin/ is forgotten and now we use the standard /usr/lib/cgi-bin/ 
-- /var/alternc/exec.usr/ => usr/lib/alternc/safe_mode_exec_dir
-- /var/alternc/sessions/ disapear for the standard PHP sessions dir.
 
 ********************************************************************************
 FIXED:
@@ -67,7 +35,6 @@ W: alternc: script-not-executable usr/lib/alternc/functions_dns.sh
 W: alternc: script-not-executable usr/lib/alternc/functions_hosting.sh
 W: alternc: script-not-executable var/alternc/bureau/class/export_account.php
 
-W: alternc source: debhelper-but-no-misc-depends alternc-upnp
 W: alternc source: debhelper-but-no-misc-depends alternc-slave
 W: alternc source: debhelper-but-no-misc-depends alternc-roundcube
 W: alternc source: debhelper-but-no-misc-depends alternc-squirrelmail
@@ -92,3 +59,33 @@ W: alternc: malformed-question-in-templates alternc/use_private_ip
 
 W: alternc: command-with-path-in-maintainer-script config:205 /usr/bin/awk
 
+- we are packaging some JS library ourself : 
+  W: alternc: embedded-javascript-library var/alternc/bureau/admin/js/prototype.js
+  W: alternc: embedded-javascript-library var/alternc/bureau/admin/js/jquery.min.js
+
+- W: alternc: virtual-package-depends-without-real-package-depends depends: mailx
+
+- We should NOT ask for "do you REALLY want to install AlternC blabla" since we don't launch alternc.install at postinst anymore.
+  This question MAY be asked to the user when launching alternc installer manually (on an interactive shell)
+
+
+Easy to fix NOW :  
+E: alternc: dir-or-file-in-var-run var/run/alternc/
+W: alternc: binary-without-manpage usr/bin/alternc_get_path
+W: alternc: binary-without-manpage usr/bin/alternc_reload
+W: alternc: maintainer-script-ignores-errors prerm
+W: alternc-awstats: possible-debconf-note-abuse preinst:13 alternc-awstats/errorinstall
+
+E: alternc: duplicate-conffile etc/cron.d/alternc
+E: alternc: duplicate-conffile etc/logrotate.d/alternc
+W: alternc: malformed-prompt-in-templates alternc/slaves
+
+- the control panel is located in /var/alternc/bureau => move it to /usr/share/alternc/panel
+- the html data are in /var/alternc/html/[a-z0-9] => move them to /var/www/alternc/[a-z0-9]
+- the mail data are in /var/alternc/mail/[a-z0-9] => move them to /var/mail/alternc/[a-z0-9]
+- the bind zones, apache vhosts and other dynamic data are in /var/alternc/(bind|apache-vhost)/ => move them to /var/lib/alternc/(samename)
+- /var/alternc/db => not used anymore, drop
+- /var/alternc/mla => not used anymore, drop
+- there is /var/alternc/cgi-bin/ is forgotten and now we use the standard /usr/lib/cgi-bin/ 
+- /var/alternc/exec.usr/ => usr/lib/alternc/safe_mode_exec_dir
+- /var/alternc/sessions/ disapear for the standard PHP sessions dir.

Makefile

@@ -21,22 +21,20 @@
 # Purpose of file: Global Makefile 
 # ----------------------------------------------------------------------
 MAJOR=$(shell sed -ne 's/^[^(]*(\([^)]*\)).*/\1/;1p' debian/changelog)
-REV=$(shell env LANG=C svn info --non-interactive | awk '/^Revision:/ { print $$2 }')
-VERSION="${MAJOR}~svn${REV}"
+VERSION=$(MAJOR)
 export VERSION
 
 build:
 # gettext are built at runtime, to be able to MERGE them from CORE + MODULES before msgfmt
-	pod2man --center "" --date "" --release "AlternC" --section=8 man/alternc.install.pod >man/alternc.install.8
 
 install: 
-#install-alternc install-squirrelmail install-roundcube install-upnp install-awstats
+#install-alternc install-squirrelmail install-roundcube install-awstats
 
 # install AlternC files common between ALTERNC and ALTERNC-SLAVE
 install-common:
 # Shell Scripts
 	test -d $(DESTDIR)/usr/lib/alternc || mkdir -p $(DESTDIR)/usr/lib/alternc
-	cp src/* $(DESTDIR)/usr/lib/alternc/
+	cp -r src/* $(DESTDIR)/usr/lib/alternc/
 	chown root:root $(DESTDIR)/usr/lib/alternc/*
 	chmod 755 $(DESTDIR)/usr/lib/alternc/*
 
@@ -44,14 +42,13 @@ install-common:
 	test -d $(DESTDIR)/etc || mkdir -p $(DESTDIR)/etc
 	cp -r etc/alternc $(DESTDIR)/etc
 	cp -r etc/incron.d $(DESTDIR)/etc
-	find $(DESTDIR)/etc/ -depth -type d -name ".svn" -exec rm {} -rf \;
+	install -o root -g root -m 440 etc/sudoers.d/alternc $(DESTDIR)/etc/sudoers.d
 	chmod 755 $(DESTDIR)/etc/alternc etc/incron.d
 
 # Installer and upgrade scripts 
 	test -d $(DESTDIR)/usr/share/alternc/install || mkdir -p $(DESTDIR)/usr/share/alternc/install
 	cp -r install/* $(DESTDIR)/usr/share/alternc/install
-	find $(DESTDIR)/usr/share/alternc/install -depth -type d -name ".svn" -exec rm {} -rf \;
-	chmod a+x $(DESTDIR)/usr/share/alternc/install/alternc.install $(DESTDIR)/usr/share/alternc/install/dopo.sh $(DESTDIR)/usr/share/alternc/install/mysql.sh $(DESTDIR)/usr/share/alternc/install/newone.php $(DESTDIR)/usr/share/alternc/install/reset_root.php $(DESTDIR)/usr/share/alternc/install/upgrade_check.sh $(DESTDIR)/usr/share/alternc/install/upgrades/*.php $(DESTDIR)/usr/share/alternc/install/upgrades/*.sh
+	chmod a+x $(DESTDIR)/usr/share/alternc/install/alternc.install $(DESTDIR)/usr/share/alternc/install/dopo.sh $(DESTDIR)/usr/share/alternc/install/mysql.sh $(DESTDIR)/usr/share/alternc/install/newone.php $(DESTDIR)/usr/share/alternc/install/reset_root.php $(DESTDIR)/usr/share/alternc/install/upgrade_check.sh $(DESTDIR)/usr/share/alternc/install/upgrades/*.php $(DESTDIR)/usr/share/alternc/install/upgrades/*.sh $(DESTDIR)/usr/share/alternc/install/variables.php
 
 
 # install AlternC itself: 
@@ -59,9 +56,8 @@ install-alternc: install-common
 # Web Panel
 	test -d $(DESTDIR)/usr/share/alternc/panel || mkdir $(DESTDIR)/usr/share/alternc/panel
 	cp -r bureau/* $(DESTDIR)/usr/share/alternc/panel
-	find $(DESTDIR)/usr/share/alternc/panel -depth -type d -name ".svn" -exec rm {} -rf \;
-	sed -i -e "s/@@REPLACED_DURING_BUILD@@/${MAJOR}/" $(DESTDIR)/usr/share/alternc/panel/class/local.php
-	echo ${VERSION} > $(DESTDIR)/usr/share/alternc/panel/class/.svn-infos
+	sed -i -e "s/@@REPLACED_DURING_BUILD@@/${MAJOR}/" $(DESTDIR)/usr/share/alternc/panel/class/local.php $(DESTDIR)/usr/share/alternc/install/alternc.install
+	help2man -n "Hosting control panel software" --no-discard-stderr --section 8 $(DESTDIR)/usr/share/alternc/install/alternc.install -o $(DESTDIR)/usr/share/man/man8/alternc.install.8
 	chown -R root:root $(DESTDIR)/usr/share/alternc/panel
 	chmod -R 644 $(DESTDIR)/usr/share/alternc/panel
 	chmod -R a+X $(DESTDIR)/usr/share/alternc/panel
@@ -74,9 +70,18 @@ install-alternc: install-common
 # Man pages
 	install -o root -g root -m 644 man/*.8 $(DESTDIR)/usr/share/man/man8/
 
+#SSL functions
+	ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_panel-ssl.sh
+	ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_vhost-mixssl.sh
+	ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_roundcube-ssl.sh
+	ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_squirrelmail-ssl.sh
+	ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_php52-ssl.sh
+	ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_php52-mixssl.sh
+	ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_url-ssl.sh
+
 install-slave: install-common
 # Man pages
-	install -o root -g root -m 644 man/alternc.install.8 $(DESTDIR)/usr/share/man/man8/
+	pod2man --center "" --date "" --release "AlternC" --section=8 man/alternc.install.pod >$(DESTDIR)/usr/share/man/man8/alternc.install.8
 
 
 # Then its modules : 
@@ -89,6 +94,6 @@ install-roundcube:
 install-squirrelmail:
 	make -C squirrelmail install DESTDIR=$(DESTDIR) 
 
-install-upnp:
-	make -C upnp install DESTDIR=$(DESTDIR) 
+install-api:
+	make -C api install DESTDIR=$(DESTDIR) 
 

README

@@ -1,55 +0,0 @@
-AlternC: Hosting software suite 
-=================================================
-
-Introduction
-------------
-
-AlternC is a software suite helping system administrators in handling
-Web Services management. It should be easy to install, based only on 
-OpenSource softwares. AlternC is GPL licensed.
-
-This software consist of an automatic install and configuration system,
-a web control panel to manage hosted users and their web services such
-as domains, email accounts, ftp accounts, web statistics ...
-
-Technically, AlternC is based on Debian GNU/Linux distribution, 'Squeeze'
-version, and it depends on other softwares such as Apache, Postfix, 
-Mailman ... It also contains an API documentation so that users can
-easily customize their web desktop.
-
-This project native tongue is French. However, the packages are 
-available at least in French and English. They may also be available in
-other languages (Some Spanish or German translation is in the pipe...)
-depending on YOUR help on this part of the project.
-Some part of the documentation are only available in french for now, but
-will certainly be translated in a near future.
-
-AlternC was initially developped by system administrators at Lautre.Net,
-then other guys came and helped us, such as Globenet, Netaktiv, 
-Neuronnexion or Koumbit.
-
-Install
-------------
-
-For now, AlternC can be installed as a Debian package. This package 
-depends on other softs used by AlternC. Just add those lines to your
-/etc/apt/sources.list file : 
-
- deb http://debian.alternc.org/ stable main
-
-then apt-get install mysql-server alternc
-
-You may download and install additionnal plugins after installing AlternC.
-Let's go to the developper page for more information.
-
-	https://alternc.org/
-
-License
-------------
-
-AlternC is distributed under the GPL v2 or later license. See COPYING.
-
-AlternC's translations (po files) are distributed under the Creative Commons
-CC0 license. Don't participate to the translation if you don't agree to publish
-your translation using that license.
-

README.md

@@ -0,0 +1,54 @@
+![](https://alternc.com/logo.png)
+
+## AlternC: Web and Email Hosting Software Suite 
+
+AlternC is a software helping system administrators to handle Web and Email services management. It should be easy to install, based only on free software. 
+
+This software consist of an automatic install and configuration system, a web control panel to manage hosted users and their web services such as domains, email accounts, ftp accounts, web statistics...
+
+Technically, AlternC is based on Debian GNU/Linux distribution and it depends on other software such as Apache, Postfix, Dovecot, Mailman (...). It also contains an API documentation so that users can easily customize their web desktop.
+
+This project native language is French, and the code is commented in English. The packages are available at least in French and English, German and Spanish interfaces are usually available too.
+
+
+## Installation
+
+[To install AlternC, please follow our install documentation](https://alternc.com/Install-en)
+
+[Pour installer AlternC, merci de suivre la documentation d'installation](https://alternc.com/Install-fr)
+
+## Developper information
+
+* This software is built around a Debian package for Stretch whose packaging instructions are located in [debian/](debian/) folder (this package can be installed on Jessie safely too)
+* To **build the packages**, clone this repository in a Debian machine and use `debuild` or `dpkg-buildpackage` from source code root.
+
+* The web control panel pages written in PHP are located in [bureau/admin](bureau/admin) and the associated PHP classes doing the stuff are in [bureau/class](bureau/class).
+
+## Nightly build
+
+We have 1 nightly build repositories:
+* stretch - [stable 3.5](http://stable-3-5.nightly.alternc.org/)
+
+and 3 nightly from former Debian releases (now unmaintained) 
+* jessie - [stable 3.3](http://stable-3-3.nightly.alternc.org/)
+* wheezy - [stable 3.2](http://stable-3-2.nightly.alternc.org/)
+* squeeze - [stable 3.1](http://stable-3-1.nightly.alternc.org/)
+
+To use one of them, create a file named `/etc/apt/sources.list.d/alternc-nightly-stable-3.5.list` (for debian Jessie or Stretch) as follow :
+
+```
+ deb http://stable-3-5.nightly.alternc.org/ latest/
+```
+
+The repository and the packages are signed by the pgp key of AlternC nightly build user :
+
+```
+wget http://stable-3-5.nightly.alternc.org/nightly.key -O - | apt-key add - 
+```
+
+## License
+
+AlternC is distributed under the GPL v2 or later license. See `COPYING`.
+
+AlternC's translations (po files) are distributed under the [Creative Commons CC0 license](https://creativecommons.org/publicdomain/zero/1.0/). Don't participate to the translation if you don't agree to publish your translations under that license.
+

api/Makefile

@@ -0,0 +1,26 @@
+# ----------------------------------------------------------------------
+# LICENSE
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License (GPL)
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# To read the license please visit http://www.gnu.org/copyleft/gpl.html
+# ----------------------------------------------------------------------
+# Purpose of file: Install the files of alternc-api package
+# ----------------------------------------------------------------------
+
+install:
+	install -m 0644 -g root -o root api.conf $(DESTDIR)/etc/alternc/apache-panel.d
+	install -m 0644 api.sql $(DESTDIR)/usr/share/alternc/
+	install -m 0644 -g 1999 -o root panel/* $(DESTDIR)/usr/share/alternc/panel/admin/api/
+	install -m 0644 ../lib/Alternc/Api/*.php $(DESTDIR)/usr/share/php/Alternc/Api/
+	install -m 0644 ../lib/Alternc/Api/Auth/*.php $(DESTDIR)/usr/share/php/Alternc/Api/Auth/
+	install -m 0644 ../lib/Alternc/Api/Object/*.php $(DESTDIR)/usr/share/php/Alternc/Api/Object/
+

api/api.conf

@@ -0,0 +1,9 @@
+
+# apache configuration to add the API at /api/ in any panel
+# put this into /etc/alternc/apache-panel.d
+
+RewriteEngine On
+
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule /api/(.*) /api/index.php [L]
+

api/api.sql

@@ -0,0 +1,23 @@
+
+
+-- used by Alternc_Api_Auth_Sharedsecret
+
+CREATE TABLE IF NOT EXISTS `sharedsecret` (
+  `uid` int(10) unsigned NOT NULL,
+  `secret` varchar(32) NOT NULL,
+  `application` varchar(255) NOT NULL,
+  PRIMARY KEY (`uid`,`secret`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Shared secrets used by Alternc_Api_Auth_Sharedsecret';
+
+
+-- used by Alternc_Api_Token
+
+CREATE TABLE IF NOT EXISTS `token` (
+  `token` varchar(32) NOT NULL,
+  `expire` datetime NOT NULL,
+  `data` text NOT NULL,
+  PRIMARY KEY (`token`),
+  KEY `expire` (`expire`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Tokens used by API callers';
+
+

api/panel/bootstrap.php

@@ -0,0 +1,83 @@
+<?php
+
+
+/* Global variables (AlternC configuration) */
+require_once("/usr/share/alternc/panel/class/local.php");
+
+// Define constants from vars of /etc/alternc/local.sh
+// The you can't choose where is the AlternC Panel 
+define('ALTERNC_MAIL',     "$L_ALTERNC_MAIL");
+define('ALTERNC_HTML',     "$L_ALTERNC_HTML");
+if(isset($L_ALTERNC_LOGS_ARCHIVE))
+  define('ALTERNC_LOGS_ARCHIVE',  "$L_ALTERNC_LOGS_ARCHIVE");
+define('ALTERNC_LOGS',     "$L_ALTERNC_LOGS");
+define('ALTERNC_PANEL',    "/usr/share/alternc/panel");
+define('ALTERNC_LOCALES',  ALTERNC_PANEL."/locales");
+define('ALTERNC_LOCK_JOBS', '/run/alternc/jobs-lock');
+define('ALTERNC_LOCK_PANEL', '/var/lib/alternc/panel/nologin.lock');
+
+/* PHPLIB inclusions : */
+$root=ALTERNC_PANEL."/";
+
+require_once($root."class/db_mysql.php");
+require_once($root."class/functions.php");
+
+
+global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD,$db,$dbh;
+
+class DB_system extends DB_Sql { 
+  function __construct() { 
+      global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD; 
+      parent::__construct($L_MYSQL_DATABASE, $L_MYSQL_HOST, $L_MYSQL_LOGIN, $L_MYSQL_PWD);
+   } 
+} 
+
+// we do both: 
+$db= new DB_system();
+$dbh = new PDO("mysql:host=".$L_MYSQL_HOST.";dbname=".$L_MYSQL_DATABASE, $L_MYSQL_LOGIN,$L_MYSQL_PWD,
+	       array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES UTF8;")
+	       );
+
+
+// Current User ID = the user whose commands are made on behalf of.
+$cuid=0;
+
+$classes=array();
+/* CLASSES PHP : automatic include : */
+$c=opendir($root."class/");
+while ($di=readdir($c)) {
+  if (preg_match("#^m_(.*)\\.php$#",$di,$match)) { // $
+    $name1="m_".$match[1];
+    $name2=$match[1];
+    $classes[]=$name2;
+    require_once($root."class/".$name1.".php");
+  }
+}
+closedir($c);
+/* THE DEFAULT CLASSES ARE :
+   dom, ftp, mail, quota, bro, admin, mem, mysql, err
+*/
+
+
+/* Language */
+//include_once("../../class/lang_env.php");
+
+// Adaptation to BOTH version of the variables managed by AlternC 1/3/4                                                                    
+if (is_file($root."/class/variables.php")) {
+  require_once($root."/class/variables.php");
+} else {
+  $variables=new m_variables();
+}
+$mem=new m_mem();
+$err=new m_err();
+$authip=new m_authip();
+$hooks=new m_hooks();
+
+
+for($i=0;$i<count($classes);$i++) {
+  $name2=$classes[$i];
+  if (isset($$name2)) continue; // for already instancied class like mem, err or authip
+  $name1="m_".$name2;
+  $$name2= new $name1();
+}
+

api/panel/index.php

@@ -0,0 +1,196 @@
+<?php
+
+/**
+ * multiple call-mode API for Alternc
+ * you can call this HTTP(s) API as follow: 
+ * from the base url https://panel.example.fr/api/
+ * 1. /api/post use GETted data (?token=xx&object=xx&action=yy&option1=value1&option2=value2
+ * 2. /api/post use POSTED json data using the same keys 
+ * 3. use a sub-url (rest-style) of the form /api/rest/object/action?token=xx&option1=value1&option2=value2
+ * 4. the same (REST) but options and value are POSTED
+ * 
+ * the json-object contains:
+ *  ->object = the Alternc_Api_Object_<classname> to call
+ *  ->action = the method to call in this class
+ *  ->options = an object passed as it is while calling the method.
+ *
+ * Authentication is done by asking for /api/auth/<method>?option1=value1&option2=value2
+ * or POSTED data
+ * a token is returned for this session
+ * Use /api/auth to know which method you can use and what parameter they expect
+ * @todo add HTML pages that will self-document this API
+ */
+// bootstrap AlternC
+require_once("bootstrap.php");
+
+/**
+ * Attempts to load a class in multiple path, the PSR-0 or old style way
+ * 
+ * @staticvar array $srcPathList
+ * @staticvar boolean $init
+ * @param string $class_name
+ * @return boolean
+ */
+function __autoload($class_name) {
+    // Contains (Namespace) => directory
+    static $srcPathList = array();
+    static $init = null;
+
+    // Attempts to set include path and directories once
+    if (is_null($init)) {
+
+        // Sets init flag
+        $init = true;
+
+        // Sets a contextual directory
+        $srcPathList["standard"] = "/usr/share/php";
+
+        // Updates include_path according to this list
+        $includePathList = explode(PATH_SEPARATOR, get_include_path());
+
+        foreach ($srcPathList as $path) {
+            if (!in_array($path, $includePathList)) {
+                $includePathList[] = $path;
+            }
+        }
+        // Reverses the path for search efficiency
+        $finalIncludePathList = array_reverse($includePathList);
+
+        // Sets the updated include_path
+        set_include_path(implode(PATH_SEPARATOR, $finalIncludePathList));
+    }
+
+    // Accepts old Foo_Bar namespacing
+    if (preg_match("/_/", $class_name)) {
+        $file_name = str_replace('_', DIRECTORY_SEPARATOR, $class_name) . '.php';
+
+        // Accepts 5.3 Foo\Bar PSR-0 namespacing 
+    } else if (preg_match("/\\/", $class_name)) {
+        $file_name = str_replace('\\', DIRECTORY_SEPARATOR, ltrim($class_name, '\\')) . '.php';
+
+        // Accepts non namespaced classes
+    } else {
+        $file_name = $class_name . '.php';
+    }
+
+    // Attempts to find file in namespace
+    foreach ($srcPathList as $namespace => $path) {
+        $file_path = $path . DIRECTORY_SEPARATOR . $file_name;
+        if (is_file($file_path) && is_readable($file_path)) {
+            require $file_path;
+            return true;
+        }
+    }
+
+    // Failed to find file
+    return false;
+}
+
+function apicall($data, $token) {
+    global $dbh;
+    $options["databaseAdapter"] = $dbh;
+    $options["loginAdapterList"] = array("sharedsecret", "login");
+    // TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
+    try {
+        $data["token_hash"] = $token;
+        $service = new Alternc_Api_Service($options);
+
+        $response = $service->call(
+                new Alternc_Api_Request($data)
+        );
+
+        header("Content-Type: application/json");
+        echo $response->toJson();
+        exit();
+    } catch (Exception $e) {
+        // something went wrong, we spit out the exception as an Api_Response
+        // TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
+        header("Content-Type: application/json");
+        $response = new Alternc_Api_Response(array("code" => $e->getCode(), "message" => $e->getMessage()));
+        echo $response->toJson();
+        exit();
+    }
+}
+
+function apiauth($data) {
+    global $dbh;
+    $options["databaseAdapter"] = $dbh;
+    // TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
+    try {
+        $service = new Alternc_Api_Service($options);
+        $response = $service->auth($data);
+        header("Content-Type: application/json");
+        echo $response->toJson();
+        exit();
+    } catch (Exception $e) {
+        // something went wrong, we spit out the exception as an Api_Response
+        // TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
+        header("Content-Type: application/json");
+        $response = new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message));
+        echo $response->toJson();
+        exit();
+    }
+}
+
+/**
+ * Main code: either we are authenticating
+ * or calling one of the APIs 
+ * or asking for some documentation
+ */
+// Authentication 
+if (preg_match("#^/api/auth/([^/\?]*)[/\?]?#", $_SERVER["REQUEST_URI"], $mat)) {
+    if ($_SERVER["REQUEST_METHOD"] == "POST") {
+        $data = array("options" => $_POST,
+            "method" => $mat[1]);
+        apiauth($data);
+        exit();
+    } else {
+        $data = array("options" => $_GET,
+            "method" => $mat[1]);
+        apiauth($data);
+        exit();
+    }
+}
+
+// We support 4 api calls methods:
+if ($_SERVER["REQUEST_URI"] == "/api/post") {
+    // simple ?q or POST of json data
+    if ($_SERVER["REQUEST_METHOD"] == "POST") {
+        $data = array("options" => $_POST,
+            "object" => $_POST["object"],
+            "action" => $_POST["action"],
+        );
+        $token = $_POST["token"];
+        apicall($data, $token);
+        exit();
+    } else {
+        $data = array("options" => $_GET,
+            "object" => $_GET["object"],
+            "action" => $_GET["action"],
+        );
+        $token = $_GET["token"];
+        apicall($data, $token);
+        exit();
+    }
+}
+if (preg_match("#^/api/rest/([^/]*)/([^/\?]*)[/\?]?#", $_SERVER["REQUEST_URI"], $mat)) {
+    if ($_SERVER["REQUEST_METHOD"] == "POST") {
+        $data = array("options" => $_POST,
+            "object" => $mat[1],
+            "action" => $mat[2]
+        );
+        $token = $_POST["token"];
+        apicall($data, $token);
+        exit();
+    } else {
+        $data = array("options" => $_GET,
+            "object" => $mat[1],
+            "action" => $mat[2]
+        );
+        $token = $_GET["token"];
+        apicall($data, $token);
+        exit();
+    }
+}
+
+echo "I did nothing. Did you call the api properly?";

awstats/Makefile

@@ -28,5 +28,6 @@ install:
 	install -m 0644 -g 1999 -o root awstats.alternc.generic.conf $(DESTDIR)/etc/alternc/
 	install -m 0644 -g 1999 -o root bureau/class/m_aws.php $(DESTDIR)/usr/share/alternc/panel/class/
 	install -m 0644 -g 1999 -o root bureau/admin/* $(DESTDIR)/usr/share/alternc/panel/admin/
+	install -m 750 awstats-install $(DESTDIR)/usr/lib/alternc/install.d/
 
 	#install -m 0444 lintian-override $(DESTDIR)/usr/share/lintian/overrides/alternc-awstats

awstats/alternc-awstats

@@ -1,11 +1,12 @@
 #!/bin/bash
 
-# Appelé seul, lance les stats AWStats du jour.
-# Appelé avec "all" lance les stats avec tous les fichiers .gz situés dans /var/log/apache
-# Appelé avec un nom de domaine en paramètre, rescanne tous les fichiers .gz pour ce domaine uniquement.
+# Called with no parameters, launch the daily awstats stats
+# called with "all", launch all stats with all apache log files from /var/log/alternc/sites/
+# called with a domain name, launch the stats for this domain from all apache log files 
 
-# Include some usefull functions
-. /usr/lib/alternc/functions.sh
+cd /usr/lib/alternc 
+# AlternC system functions
+. ./functions.sh
 
 # Regenerate the awstat etc cache files :
 if [ -x ./awstats.cache.php ]

awstats/awstats-install

@@ -1,3 +1,5 @@
+#!/bin/bash
+
 # ----------------------------------------------------------------------
 # AlternC - Web Hosting System
 # Copyright (C) 2000-2012 by the AlternC Development Team.
@@ -17,16 +19,17 @@
 #
 # To read the license please visit http://www.gnu.org/copyleft/gpl.html
 # ----------------------------------------------------------------------
-# Purpose of file: Install the files of alternc-upnp packages
+# Purpose of file: Install awstat conf files.
 # ----------------------------------------------------------------------
 
-install:
-# Desktop files
-	install -m 644 m_upnp.php $(DESTDIR)/usr/share/alternc/panel/class/
-	install -m 644 upnp_list.php upnp_change.php $(DESTDIR)/usr/share/alternc/panel/admin/
-	install -m 644 adminmenu_upnp.php $(DESTDIR)/usr/share/alternc/panel/admin/
-# Cron
-	install -m 755 update_upnp.sh $(DESTDIR)/usr/lib/alternc/
-# Install script
-	install -m 644 upnp.sql $(DESTDIR)/usr/share/alternc/install/
-	install -m 755 upnp-install $(DESTDIR)/usr/lib/alternc/install.d
+if [ "$1" = "before-reload" ]
+then
+    if [ -f /usr/lib/alternc/awstats.cache.php ]
+        then
+        /usr/lib/alternc/awstats.cache.php
+    fi
+    # we disable the package-installed awstats cron to prevent bothering us with error emails
+    echo "Removing awstats packge-installed crontab, in favor of AlternC's one"
+    rm -f /etc/cron.d/awstats
+fi
+

awstats/awstats.alternc.generic.conf

@@ -178,7 +178,7 @@ LogSeparator=" "
 # 2 - DNS Lookup is made only from static DNS cache file (if it exists)
 # Default: 2
 #
-DNSLookup=1
+DNSLookup=0
 
 
 # When AWStats updates its statistics, it stores results of its analysis in

awstats/awstats.cache.php

@@ -4,6 +4,7 @@
 include("/usr/share/alternc/panel/class/config_nochk.php");
 
 $db->query("SELECT id,hostname FROM aws;");
+$d=array();
 while ($db->next_record()) {
  $d[]=$db->Record;
 }

awstats/awstats.sql

@@ -1,13 +1,15 @@
-# --------------------------------------------------------
+
 CREATE TABLE IF NOT EXISTS `aws` (
   `id` int(10) unsigned NOT NULL auto_increment,
   `uid` int(10) unsigned NOT NULL default '0',
   `hostname` varchar(255) NOT NULL default '',
+  `public` INT(1) unsigned NOT NULL DEFAULT '1',
+  `hostaliases` TEXT,
   PRIMARY KEY  (`id`)
-) TYPE=MyISAM COMMENT='Statistiques web par Awstats';
+) Engine=MyISAM COMMENT='Statistiques web par Awstats';
+
 
 
-# --------------------------------------------------------
 CREATE TABLE IF NOT EXISTS `aws_users` (
   `uid` int(10) unsigned NOT NULL,
   `login` varchar(128) NOT NULL,
@@ -16,7 +18,7 @@ CREATE TABLE IF NOT EXISTS `aws_users` (
   INDEX (`uid`)
 ) COMMENT = 'Comptes pouvant accéder aux stats awstats.';
 
-# --------------------------------------------------------
+
 CREATE TABLE IF NOT EXISTS `aws_access` (
 `id` int(10) unsigned NOT NULL,
 `uid` int(10) unsigned NOT NULL,
@@ -24,5 +26,3 @@ CREATE TABLE IF NOT EXISTS `aws_access` (
 INDEX (`id`)
 ) COMMENT = 'Qui peut accéder aux stats awstats ';
 
- ALTER TABLE `aws` ADD `public` INT(1) unsigned NOT NULL DEFAULT '1';
- ALTER TABLE `aws` ADD `hostaliases` TEXT ;

awstats/awstats.template.conf

@@ -1,6 +1,7 @@
 Include "/etc/alternc/awstats.alternc.generic.conf"
 Include "/etc/awstats/awstats.conf.local"
 Include "/etc/alternc/awstats.log.alternc.conf"
+LogFile="%%ALTERNC_LOGS%%/%%UID%%-%%USER%%/access.log"
 SiteDomain="%%HOSTNAME%%"
 HostAliases="%%HOSTALIASES%%"
 DirData="/var/cache/awstats/%%HOSTNAME%%"

awstats/bureau/admin/aws_add.php

@@ -30,7 +30,7 @@ $fields = array (
 getFields($fields);
 
 if (!$id && !$quota->cancreate("aws")) {
-	$error=_("You cannot add any new statistics, your quota is over.");
+	$msg->raise('Alert', "aws", _("You cannot add any new statistics, your quota is over."));
 }
 
 include_once("head.php");
@@ -42,11 +42,10 @@ include_once("head.php");
 <br/>
 <br/>
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"error\">$error</p></body></html>";
-	}
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="<?php if (!$id) echo "aws_doadd.php"; else echo "aws_doedit.php"; ?>" id="main" name="main">
+<?php csrf_get(); ?>
 <table class="tedit">
 <tr><th><input type="hidden" name="id" value="<?php echo $id ?>" />
         <label for="hostname"><?php __("Domain name"); ?></label></th><td>

awstats/bureau/admin/aws_del.php

@@ -24,7 +24,6 @@
 */
 require_once("../class/config.php");
 
-$error="";
 // On parcours les POST_VARS et on repere les del_.
 reset($_POST);
 $found=false;
@@ -33,16 +32,14 @@ while (list($key,$val)=each($_POST)) {
     // Effacement du jeu de stats $val
     $r=$aws->delete_stats($val);
     $found=true;
-    if (!$r) {
-      $error.=$err->errstr()."<br />";
-    } else {
-      $error.=sprintf(_("The statistics %s has been successfully deleted"),$r)."<br />";
+    if ($r) {
+      $msg->raise('INFO', "aws", _("The statistics %s has been successfully deleted"),$r);
     }
   }
 }
 
 if (!$found) {
-  $error.=_("Please check the statistics set you want to delete");
+  $msg->raise('INFO', "aws", _("Please check the statistics set you want to delete"));
  }
 
 include("aws_list.php");

awstats/bureau/admin/aws_doadd.php

@@ -34,17 +34,15 @@ getFields($fields);
 if ($aws->check_host_available($hostname)) {
     $r=$aws->add_stats($hostname,$awsusers,$hostaliases,1);
     if (!$r) {
-        $error=$err->errstr();
         include("aws_add.php");
         exit();
     } else {
-        $error=_("The statistics has been successfully created");
+        $msg->raise('Ok', "aws", _("The statistics has been successfully created"));
 	    include("aws_list.php");
 	    exit();
     }
 }
 else {
-    $error=$err->errstr();
     include("aws_add.php");
     exit();
 }

awstats/bureau/admin/aws_doedit.php

@@ -33,7 +33,7 @@ $fields = array (
 getFields($fields);
 
 if (!$id) {
-	$error=_("No Statistics selected!");
+	$msg->raise('Error', "aws", _("No Statistics selected!"));
 } else {
   $ha ="";
   foreach($hostaliases as $ho) 
@@ -41,11 +41,10 @@ if (!$id) {
   
   $r=$aws->put_stats_details($id,$awsusers,$ha,$public);
 	if (!$r) {
-		$error=$err->errstr();
 		include("aws_edit.php");
 		exit();
 	} else {
-		$error=_("The Statistics has been successfully changed");
+		$msg->raise('Ok', "aws", _("The Statistics has been successfully changed"));
 		include("aws_list.php");
 		exit();
 	}

awstats/bureau/admin/aws_edit.php

@@ -1,49 +1,47 @@
 <?php
 /*
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2000-2012 by the AlternC Development Team. 
- https://alternc.org/ 
- ----------------------------------------------------------------------
- LICENSE
+   ----------------------------------------------------------------------
+   AlternC - Web Hosting System
+   Copyright (C) 2000-2012 by the AlternC Development Team. 
+   https://alternc.org/ 
+   ----------------------------------------------------------------------
+   LICENSE
 
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License (GPL)
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
+   This program is free software; you can redistribute it and/or
+   modify it under the terms of the GNU General Public License (GPL)
+   as published by the Free Software Foundation; either version 2
+   of the License, or (at your option) any later version.
 
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- GNU General Public License for more details.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
 
- To read the license please visit http://www.gnu.org/copyleft/gpl.html
- ----------------------------------------------------------------------
- Purpose of file: Edit a statistic set
- ----------------------------------------------------------------------
-*/
+   To read the license please visit http://www.gnu.org/copyleft/gpl.html
+   ----------------------------------------------------------------------
+   Purpose of file: Edit a statistic set
+   ----------------------------------------------------------------------
+ */
 require_once("../class/config.php");
 
 $fields = array (
-	"id" => array ("request", "integer", 0),
-);
+		"id" => array ("request", "integer", 0),
+		);
 getFields($fields);
 
 if (!$id) {
-	$error=_("No Statistics selected!");
+	$msg->raise('Error', "aws", _("No Statistics selected!"));
 } else {
 	$r=$aws->get_stats_details($id);
-	if (!$r) {
-		$error=$err->errstr();
+	if ($r) {
+		$id=$r["id"];
+		$hostname=$r["hostname"];
+		$awsusers=$r["users"];
+		$hostaliases=$r["hostaliases"];
+		$public=$r["public"];
 	}
 }
 
-$id=$r["id"];
-$hostname=$r["hostname"];
-$awsusers=$r["users"];
-$hostaliases=$r["hostaliases"];
-$public=$r["public"];
-
 include("aws_add.php");
 exit();
 

awstats/bureau/admin/aws_list.php

@@ -24,28 +24,35 @@
 */
 require_once("../class/config.php");
 include_once("head.php");
+
+$nosta=false;
+if (!$r=$aws->get_list()) {
+	$msg->raise('Info', "aws", _("No statistics currently defined"));
+	$nosta=true;
+}
+
+$create=true;
+if (!$quota->cancreate("aws")) {
+	$msg->raise('Info', "aws", _("Your stat quota is over..."));
+	$create=false;
+}
 ?>
 
 <h3><?php __("Statistics List"); ?></h3>
 <hr id="topbar"/>
 <br />
-<?php if (!empty($error)) { echo "<p class=\"error\">$error</p>"; $error=''; } ?>
+<?php
+echo $msg->msg_html_all("<li>", true, true);
+?>
 <p>
 <?php
-
-$nosta=false;
-if (!$r=$aws->get_list()) {
-	$error=$err->errstr();
-	$nosta=true;
-}
-
-if (!empty($error)) { echo "<p class=\"error\">$error</p>"; $error=''; } 
+//echo "<pre>";print_r($mem);echo "</pre>";
 ?>
 
 <span class="ina"><a href="aws_users.php"><?php __("Manage allowed users' accounts"); ?></a></span><br /><br />
 
 <?php
-if ($quota->cancreate("aws")) { ?>
+if ($create) { ?>
   <span class="ina"><a href="aws_add.php"><?php __("Create new Statistics"); ?></a></span><br />
 <?php } // cancreate ?>
 </p>
@@ -53,6 +60,7 @@ if ($quota->cancreate("aws")) { ?>
 <?php if (!$nosta) { ?>
 
 <form method="post" action="aws_del.php">
+<?php csrf_get(); ?>
 <table cellspacing="0" cellpadding="4">
     <tr><th colspan="2"><?php __("Action"); ?></th><th><?php __("Domain name"); ?></th><th><?php __("Allowed Users"); ?></th><th><?php __("View the statistics"); ?></th></tr>
 <?php

awstats/bureau/admin/aws_pass.php

@@ -26,28 +26,26 @@ require_once("../class/config.php");
 
 $fields = array (
 	"login" => array ("request", "string", ""),
-	"pass"  => array ("request", "string", ""),
-	"passconf"  => array ("request", "string", ""),
+	"pass"  => array ("post", "string", ""),
+	"passconf"  => array ("post", "string", ""),
+	"confirm"  => array ("post", "string", ""),
 );
 
 getFields($fields);
 
 if (!$aws->login_exists($login)) {
-	$error=$err->errstr();
 	include("aws_users.php");
 	exit();
 }
 
-if ($pass) {
-    if ($pass != $passconf) {
-	$error = _("Passwords do not match");
-	include("aws_users.php");
-        exit();
-    }else{
-	if (!$aws->change_pass($login,$pass)) {
-		$error=$err->errstr();
-	} else {
-		$error = _("Password successfuly updated");
+if ($confirm == 1) {
+    if (empty($pass) || is_null($pass)) {
+	$msg->raise('Error', "aws", _("Please enter a password"));
+    } else if ($pass != $passconf) {
+	$msg->raise('Error', "aws", _("Passwords do not match"));
+    } else {
+	if ($aws->change_pass($login,$pass)) {
+		$msg->raise('INFO', "aws", _("Password successfuly updated"));
 		include("aws_users.php");
 		exit();
 	}
@@ -56,21 +54,24 @@ if ($pass) {
 
 include_once("head.php");
 
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['aws']['classcount'];
+
 ?>
 <h3><?php __("Change a user's password"); ?></h3>
 <?php
-if (isset($error) && $error) {
+echo $msg->msg_html_all();
 ?>
-<p class="error"><?php echo $error ; $error=''; ?></p>
-<?php } ?>
 
 <form method="post" action="aws_pass.php" name="main" id="main">
+<?php csrf_get(); ?>
+<input type="hidden" name="confirm" value="1" />
 <table class="tedit">
 <tr><th>
 <?php __("Username"); ?></th><td>
 	<code><?php echo $login; ?></code> <input type="hidden" name="login" value="<?php echo $login; ?>" />
 </td></tr>
-<tr><th><label for="pass"><?php __("New Password"); ?></label></th><td><input type="password" class="int" name="pass" id="pass" value="<?php echo $pass; ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td></tr>
+<tr><th><label for="pass"><?php __("New Password"); ?></label></th><td><input type="password" class="int" name="pass" id="pass" value="<?php echo $pass; ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td></tr>
 <tr><th><label for="passconf"><?php __("Confirm password"); ?></label></th><td><input type="password" class="int" name="passconf" id="passconf" value="" size="20" maxlength="64" /></td></tr>
 <tr class="trbtn"><td colspan="2">
   <input type="submit" class="inb" name="submit" value="<?php __("Change this user's password"); ?>" />

awstats/bureau/admin/aws_useradd.php

@@ -33,14 +33,12 @@ $fields = array (
 getFields($fields);
 
 if ($pass != $passconf) {
-        $error = _("Passwords do not match");
+        $msg->raise('Error', "aws", _("Passwords do not match"));
 }else{
 	$r=$aws->add_login($prefixe.(($login)?"_":"").$login,$pass);
 
-	if (!$r) {
-		$error=$err->errstr();
-	} else {
-		$error=_("The Awstat account has been successfully created");
+	if ($r) {
+		$msg->raise('INFO', "aws", _("The Awstat account has been successfully created"));
 	}
 }
 

awstats/bureau/admin/aws_userdel.php

@@ -24,17 +24,14 @@
 */
 require_once("../class/config.php");
 
-$error="";
 // On parcours les POST_VARS et on repere les del_.
 reset($_POST);
 while (list($key,$val)=each($_POST)) {
 	if (substr($key,0,4)=="del_") {
 		// Effacement du compte ftp $val
 		$r=$aws->del_login($val);
-		if (!$r) {
-			$error.=$err->errstr()."<br />";
-		} else {
-			$error.=sprintf(_("The awstat account %s has been successfully deleted"),$val)."<br />";
+		if ($r) {
+			$msg->raise('INFO', "aws", _("The awstat account %s has been successfully deleted"),$val);
 		}
 	}
 }

awstats/bureau/admin/aws_users.php

@@ -30,28 +30,28 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-
-if (isset($error) && $error) { ?>
-<p class="error"><?php echo $error; $error=''; ?></p>
-<?php }
-
 $nologin=false;
 if (!$r=$aws->list_login()) {
 	$nologin=true;
-	$error=$err->errstr();
 }
 
+echo $msg->msg_html_all();
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['aws']['classcount'];
+
 	if ($quota->cancreate("aws")) { ?>
 <p><span class="ina"><a href="aws_add.php"><?php __("Create new Statistics"); ?></a></span></p>
 <?php  	} ?>
 
 <form method="post" action="aws_useradd.php" name="main">
+<?php csrf_get(); ?>
 <table class="tedit">
 <tr><th>
 <label for="login"><?php __("Username"); ?></label></th><td>
 	<select class="inl" name="prefixe"><?php $aws->select_prefix_list($prefixe); ?></select>&nbsp;<b>_</b>&nbsp;<input type="text" class="int" name="login" id="login" value="" size="20" maxlength="64" />
 </td></tr>
-<tr><th><label for="pass"><?php __("Password"); ?></label></th><td><input type="password" class="int" name="pass" id="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td></tr>
+<tr><th><label for="pass"><?php __("Password"); ?></label></th><td><input type="password" class="int" name="pass" id="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td></tr>
 <tr><th><label for="passconf"><?php __("Confirm password"); ?></label></th><td><input type="password" class="int" name="passconf" id="passconf" value="" size="20" maxlength="64" /></td></tr>
 <tr class="trbtn"><td colspan="2">
   <input type="submit" class="inb" name="submit" value="<?php __("Create this new Awstats user"); ?>" />
@@ -61,19 +61,14 @@ if (!$r=$aws->list_login()) {
 </table>
 </form>
 <br />
+
 <?php
-
-
-if (isset($error) && $error) {
-?>
-<p class="error"><?php echo $error ?></p>
-<?php }
-
 if (!$nologin) {
 ?>
 
 
 <form method="post" action="aws_userdel.php" name="main2" id="main2">
+<?php csrf_get(); ?>
 <table class="tlist">
     <tr><th colspan="2"><?php __("Action"); ?></th><th><?php __("Username"); ?></th></tr>
 <?php

awstats/bureau/class/m_aws.php

@@ -94,8 +94,8 @@ class m_aws {
    *  $r[0-n]["users"]= list of allowed users separated with ' '
    */
   function get_list() {
-    global $db,$err,$cuid;
-    $err->log("aws","get_list");
+    global $db,$msg,$cuid;
+    $msg->log("aws","get_list");
     $r=array();
     $db->query("SELECT id, hostname FROM aws WHERE uid='$cuid' ORDER BY hostname;");
     if ($db->num_rows()) {
@@ -120,7 +120,6 @@ class m_aws {
       }
       return $t;
     } else {
-      $err->raise("aws",_("No statistics currently defined"));
       return false;
     }
   }
@@ -137,9 +136,8 @@ class m_aws {
    *  $r["users"] = List of allowed users, separated by ' '
    */
   function get_stats_details($id) {
-    global $db,$err,$cuid;
-    $err->log("aws","get_stats_details",$id);
-    $r=array();
+    global $db,$msg,$cuid;
+    $msg->log("aws","get_stats_details",$id);
     $db->query("SELECT id, hostname, hostaliases, public FROM aws WHERE uid='$cuid' AND id='$id';");
     if ($db->num_rows()) {
       $db->next_record();
@@ -160,7 +158,7 @@ class m_aws {
                 "public"=>$public
 		   );
     } else {
-      $err->raise("aws",_("This statistic does not exist"));
+      $msg->raise('Error', "aws",_("This statistic does not exist"));
       return false;
     }
   }
@@ -172,7 +170,7 @@ class m_aws {
    * @return array an array of allowed domains / subdomains.
    */
   function host_list() {
-    global $db,$err,$cuid;
+    global $db,$msg,$cuid;
     $r=array();
     $db->query("SELECT sd.domaine, sd.sub, dt.name, dt.description FROM sub_domaines sd, domaines_type dt WHERE compte='$cuid' AND lower(sd.type) = lower(dt.name) AND dt.only_dns = false ORDER BY domaine,sub;");
     while ($db->next_record()) {
@@ -253,14 +251,14 @@ class m_aws {
    * of available for this member.
    */
   function check_host_available($current) {
-    global $err;
-    $err->log("aws","check_host_available",$current);
+    global $msg;
+    $msg->log("aws","check_host_available",$current);
     $r=$this->get_list();
     if(is_array($r)){
         reset($r);
         while (list($key,$val)=each($r)) {
           if ($current==$val["hostname"]) {
-              $err->raise("aws",_("Host already managed by awstats!"));
+              $msg->raise('Alert', "aws",_("Host already managed by awstats!"));
               return false;
           }
         }
@@ -274,7 +272,7 @@ class m_aws {
    * Return the hostaliases list with an id.
    */
   function get_hostaliases($id) {
-    global $db,$err,$cuid;
+    global $db,$msg,$cuid;
     $r=array();
     if ($id == NULL)  
       return $r; 
@@ -294,8 +292,8 @@ class m_aws {
    * @param array $users the list of allowed users
    */
   function put_stats_details($id,$users,$hostaliases,$public) {
-    global $err,$db,$cuid;
-    if ($c=$this->get_stats_details($id)) {
+    global $msg,$db,$cuid;
+    if ($this->get_stats_details($id)) {
       $this->delete_allowed_login($id, 1);
       if (is_array($users)) {
         foreach($users as $v) {
@@ -306,7 +304,9 @@ class m_aws {
       $this->_createconf($id);
       $this->_createhtpasswd();
       return true;
-    } else return false;
+    } else {
+      return false;
+    }
   }
 
 
@@ -317,11 +317,11 @@ class m_aws {
    * @return string the domain name of the deleted statistic set, or FALSE if an error occurred
    */
   function delete_stats($id) {
-    global $db,$err,$cuid;
-    $err->log("aws","delete_stats",$id);
+    global $db,$msg,$cuid,$action;
+    $msg->log("aws","delete_stats",$id);
     $db->query("SELECT hostname FROM aws WHERE id='$id' and uid='$cuid';");
     if (!$db->num_rows()) {
-      $err->raise("aws",_("This statistic does not exist"));
+      $msg->raise('Error', "aws",_("This statistic does not exist"));
       return false;
     }
     $db->next_record();
@@ -329,7 +329,7 @@ class m_aws {
     $this->delete_allowed_login($id,1);
     $this->_delconf($hostname);
     $db->query("DELETE FROM aws WHERE id='$id'");
-    system("rm ".$this->CACHEDIR."/$hostname/ -rf");
+    $action->del($this->CACHEDIR. DIRECTORY_SEPARATOR . $hostname . DIRECTORY_SEPARATOR);
     return $hostname;
 
   }
@@ -345,8 +345,8 @@ class m_aws {
    * @return boolean TRUE if the set has been created
    */
   function add_stats($hostname,$users="", $hostaliases,$public) {
-    global $db,$err,$quota,$mem,$cuid;
-    $err->log("aws","add_stats",$hostname);
+    global $db,$msg,$quota,$mem,$cuid;
+    $msg->log("aws","add_stats",$hostname);
     $ha="";
     $r=$this->host_list();
     $hosts=array();
@@ -355,7 +355,7 @@ class m_aws {
     }
     reset($hosts);
     if (!in_array($hostname,$hosts) || $hostname=="") {
-      $err->raise("aws",_("This hostname does not exist (Domain name)"));
+      $msg->raise('Error', "aws",_("This hostname does not exist (Domain name)"));
       return false;
     }
 
@@ -363,7 +363,7 @@ class m_aws {
 	if (is_array($hostaliases)) {
 		foreach($hostaliases as $ho) {
 			if (!in_array($ho,$hosts) || $hostname=="") {
-				$err->raise("aws",_("This hostname does not exist (Hostaliases)"));
+				$msg->raise('Error', "aws",_("This hostname does not exist (Hostaliases)"));
 				return false;
 			}
 			$ha .= "$ho ";
@@ -383,7 +383,7 @@ class m_aws {
       mkdir($this->CACHEDIR."/".$hostname,0777);
       return true;
     } else {
-      $err->raise("aws",_("Your stat quota is over..."));
+      $msg->raise('Alert', "aws",_("Your stat quota is over..."));
       return false;
     }
   }
@@ -391,12 +391,12 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function list_login() {
-    global $db,$err,$cuid;
-    $err->log("aws","list_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","list_login");
     $db->query("SELECT login FROM aws_users WHERE uid='$cuid';");
     $res=array();
     if (!$db->next_record()) {
-	$err->raise("aws",_("No user currently defined"));
+	$msg->raise('Info', "aws",_("No user currently defined"));
       return false;
     }
     do { 
@@ -408,8 +408,8 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function list_allowed_login($id) {
-    global $db,$err,$cuid;
-    $err->log("aws","list_allowed_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","list_allowed_login");
     $db->query("SELECT u.login,a.id FROM aws_users u LEFT JOIN aws_access a ON a.id='$id' AND a.login=u.login WHERE u.uid='$cuid';");
     $res=array();
     if (!$db->next_record()) {
@@ -423,7 +423,7 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function get_view_public($id) {
-    global $db,$err,$cuid;
+    global $db,$msg,$cuid;
     $db->query("SELECT public FROM aws WHERE id='$id' and uid='$cuid';");
     if ($db->num_rows()) {
       $db->next_record();
@@ -438,8 +438,8 @@ class m_aws {
   /* ----------------------------------------------------------------- */
   /* Check that a login exists ($exists=1) or doesn't exist ($exists=0) */
   function login_exists($login,$exists=1) {
-    global $db,$err,$cuid;
-    $err->log("aws","list_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","list_login");
     $db->query("SELECT login FROM aws_users WHERE uid='$cuid' AND login='$login';");
     if (!$db->next_record()) {
       return ($exists==0);
@@ -451,10 +451,10 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function del_login($login) {
-    global $db,$err,$cuid;
-    $err->log("aws","del_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","del_login");
     if (!$this->login_exists($login,1)) {
-      $err->raise("aws",_("Login does not exist")); 
+      $msg->raise('Error', "aws",_("Login does not exist")); 
       return false;
     }
     $db->query("DELETE FROM aws_users WHERE uid='$cuid' AND login='$login';");
@@ -466,18 +466,23 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function add_login($login,$pass) {
-    global $db,$err,$cuid;
-    $err->log("aws","add_login");
+    global $db,$msg,$cuid,$admin;
+    $msg->log("aws","add_login");
 
     if (!($login=$this->_check($login))) {
-      $err->raise("aws",_("Login incorrect")); 
       return false;
     }
     if ($this->login_exists($login,1)) {
-      $err->raise("aws",_("Login already exist")); 
+      $msg->raise('Error', "aws",_("Login already exist")); 
       return false;
     }
-    $pass=crypt($pass);
+    // Check this password against the password policy using common API :
+    if (is_callable(array($admin, "checkPolicy"))) {
+      if (!$admin->checkPolicy("aws", $login, $pass)) {
+	return false; // The error has been raised by checkPolicy()
+      }
+    }
+    $pass=$this->crypt_apr1_md5($pass);
     // FIXME retourner une erreur l'insert se passe pas bien
     $db->query("INSERT INTO aws_users (uid,login,pass) VALUES ('$cuid','$login','$pass');");
     return $this->_createhtpasswd();
@@ -486,18 +491,24 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function change_pass($login,$pass) {
-    global $db,$err,$cuid;
-    $err->log("aws","change_pass");
+    global $db,$msg,$cuid,$admin;
+    $msg->log("aws","change_pass");
 
     if (!($login=$this->_check($login))) {
-      $err->raise("aws",_("Login incorrect")); // Login incorrect 
+      $msg->raise('Error', "aws",_("Login incorrect")); // Login incorrect 
       return false;
     }
     if (!($this->login_exists($login))) {
-      $err->raise("aws",_("Login does not exists")); // Login does not exists
+      $msg->raise('Error', "aws",_("Login does not exists")); // Login does not exists
       return false;
     }
-    $pass=crypt($pass);
+    // Check this password against the password policy using common API :
+    if (is_callable(array($admin, "checkPolicy"))) {
+      if (!$admin->checkPolicy("aws", $login, $pass)) {
+        return false; // The error has been raised by checkPolicy()
+      }
+    }
+    $pass=$this->crypt_apr1_md5($pass);
     $db->query("UPDATE aws_users SET pass='$pass' WHERE login='$login';");
     return $this->_createhtpasswd();
   }
@@ -505,25 +516,25 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function allow_login($login,$id,$noconf=0) { // allow user $login to access stats $id.
-    global $db,$err,$cuid;
-    $err->log("aws","allow_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","allow_login");
 
     if (!($login=$this->_check($login))) {
-      $err->raise("aws",_("Login incorrect"));
+      $msg->raise('Error', "aws",_("Login incorrect"));
       return false;      
     }
     if (!$this->login_exists($login)) {
-      $err->raise("aws",_("Login does not exist"));
+      $msg->raise('Error', "aws",_("Login does not exist"));
       return false;
     }
     $db->query("SELECT id FROM aws WHERE id='$id' AND uid='$cuid'");
     if (!$db->next_record()) {
-      $err->raise("aws",_("The requested statistic does not exist.")); 
+      $msg->raise('Error', "aws",_("The requested statistic does not exist.")); 
       return false;
     }
     $db->query("SELECT login FROM aws_access WHERE id='$id' AND login='$login'");
     if ($db->next_record()) {
-      $err->raise("aws",_("This login is already allowed for this statistics."));
+      $msg->raise('Error', "aws",_("This login is already allowed for this statistics."));
       return false;
     }
     $db->query("INSERT INTO aws_access (uid,id,login) VALUES ('$cuid','$id','$login');");
@@ -536,13 +547,17 @@ class m_aws {
 
 
   /* ----------------------------------------------------------------- */
+
+  /**
+   * @param integer $id
+   */
   function delete_allowed_login($id,$noconf=0) {
-    global $db,$err,$cuid;
-    $err->log("aws","delete_allowed_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","delete_allowed_login");
 
     $db->query("SELECT id FROM aws WHERE id='$id' AND uid='$cuid'");
     if (!$db->next_record()) {
-      $err->raise("aws",_("The requested statistic does not exist.")); 
+      $msg->raise('Error', "aws",_("The requested statistic does not exist.")); 
       return false;
     }
     $db->query("DELETE FROM aws_access WHERE id='$id';");
@@ -556,25 +571,25 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function deny_login($login,$id,$noconf=0) { // deny user $login to access stats $id.
-    global $db,$err,$cuid;
-    $err->log("aws","deny_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","deny_login");
 
     if (!($login=$this->_check($login))) {
-      $err->raise("aws",_("Login incorrect")); // Login incorrect 
+      $msg->raise('Error', "aws",_("Login incorrect")); // Login incorrect 
       return false;
     }
     if (!$this->login_exists($login,0)) {
-      $err->raise("aws",_("Login does not exists")); // Login does not exists
+      $msg->raise('Error', "aws",_("Login does not exists")); // Login does not exists
       return false;
     }
     $db->query("SELECT id FROM aws WHERE id='$id' AND uid='$cuid'");
     if (!$db->next_record()) {
-      $err->raise("aws",_("The requested statistic does not exist."));
+      $msg->raise('Error', "aws",_("The requested statistic does not exist."));
       return false;
     }
     $db->query("SELECT login FROM aws_access WHERE id='$id' AND login='$login'");
     if (!$db->next_record()) {
-      $err->raise("aws",_("This login is already denied for this statistics."));
+      $msg->raise('Error', "aws",_("This login is already denied for this statistics."));
       return false;
     }
     $db->query("DELETE FROM aws_access WHERE id='$id' AND login='$login';");
@@ -588,8 +603,8 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function alternc_del_member() {
-    global $db,$err,$cuid;
-    $err->log("aws","del_member");
+    global $db,$msg,$cuid;
+    $msg->log("aws","del_member");
     $db->query("SELECT * FROM aws WHERE uid='$cuid';");
     $t=array();
     while ($db->next_record()) {
@@ -611,8 +626,8 @@ class m_aws {
    * @param string $dom the domain to uninstall
    */
   function alternc_del_domain($dom) {
-    global $db,$err,$cuid;
-    $err->log("aws","alternc_del_domain",$dom);
+    global $msg,$cuid;
+    $msg->log("aws","alternc_del_domain",$dom);
     $db=new DB_System();
     $db->query("SELECT id,hostname FROM aws WHERE uid='$cuid' AND (hostname='$dom' OR hostname like '%.$dom')");
     $t=array();
@@ -632,11 +647,10 @@ class m_aws {
   /** 
    * This function is called when we are asked to compute the used quota
    * for a service
-   * @param integer $id The userid whose quota should be computed.
    */
   function hook_quota_get() {
-    global $db,$err,$cuid;
-    $err->log("aws","get_quota");
+    global $db,$msg,$cuid;
+    $msg->log("aws","get_quota");
     $db->query("SELECT COUNT(*) AS cnt FROM aws WHERE uid='$cuid'");
     $q=Array("name"=>"aws", "description"=>_("Awstats"), "used"=>0);
     if ($db->next_record()) {
@@ -648,7 +662,7 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function _check($login) {
-    global $err,$mem;
+    global $msg,$mem;
     $login=trim($login); 
     $login=strtolower($login); 
     if ($c=strpos($login,"_")) {
@@ -660,11 +674,11 @@ class m_aws {
     }
     $r=$this->prefix_list();
     if (!in_array($prefix,$r)) { 
-      $err->raise("aws",_("prefix not allowed.")); // prefix not allowed. 
+      $msg->raise('Error', "aws",_("prefix not allowed.")); // prefix not allowed. 
       return false;
     } 
    if (!preg_match('/^[0-9a-z_-]*$/', $postfix)){
-      $err->raise("aws",_("Forbidden caracters in the postfix.")); 
+      $msg->raise('Error', "aws", _("There are forbidden characters in the login (only A-Z 0-9 _ and - are allowed)"));
       return false;
     }
     return $login;
@@ -676,12 +690,12 @@ class m_aws {
    * @access private
    */
   function _delconf($hostname) {
-    global $err;
+    global $msg,$action;
     if (!preg_match('/^[._a-z0-9-]*$/', $hostname)){
-      $err->raise("aws",_("Hostname is incorrect")); 
+      $msg->raise('Error', "aws",_("Hostname is incorrect")); 
       return false;
     }
-    @unlink($this->CONFDIR."/awstats.".$hostname.".conf");
+    $action->del($this->CONFDIR. DIRECTORY_SEPARATOR . "awstats.".$hostname.".conf");
   }
 
 
@@ -691,10 +705,10 @@ class m_aws {
    * @access private
    */
   function _createconf($id,$nochk=0) {
-    global $db,$err,$cuid;
+    global $db,$msg,$cuid,$L_ALTERNC_LOGS;
     $s=@implode("",file($this->TEMPLATEFILE));
     if (!$s) {
-      $err->raise("aws",_("Problem to create the configuration"));
+      $msg->raise('Error', "aws",_("Problem to create the configuration"));
       return false;
     }
     if ($nochk) {
@@ -703,33 +717,47 @@ class m_aws {
         $db->query("SELECT * FROM aws WHERE id='$id' AND uid='$cuid';");
     }
     if (!$db->num_rows()) {
-      $err->raise("aws",_("This statistic does not exist")); 
+      $msg->raise('Error', "aws",_("This statistic does not exist")); 
       return false;
     }
     $db->next_record();
+    $uid = $db->f('uid');
     $hostname=$db->f("hostname");
     $hostaliases=$db->f("hostaliases");
     $public=$db->f("public");
+    $db->query("SELECT login FROM membres WHERE uid = '$uid'");
+    $db->next_record();
+    $username = $db->f('login');
     $db->query("SELECT login FROM aws_access WHERE id='$id';");
     $users="";
     while ($db->next_record()) {
         $users.=$db->f("login")." ";
     }
-    $s=str_replace("%%HOSTNAME%%",$hostname,$s);
-    $s=str_replace("%%PUBLIC%%",$public,$s);
-    $s=str_replace("%%HOSTALIASES%%",$hostaliases,$s);
-    $s=str_replace("%%USERS%%",$users,$s);
+
+    $replace_vars = array(
+        '%%UID%%' => $uid,
+        '%%USER%%' => $username,
+        '%%ALTERNC_LOGS%%' => $L_ALTERNC_LOGS,
+        '%%PUBLIC%%' => $public,
+        '%%HOSTNAME%%' => $hostname,
+        '%%HOSTALIASES%%' => $hostaliases,
+        '%%USERS%%' => $users,
+    );
+    foreach ($replace_vars as $k=>$v){
+        $s=str_replace($k,$v,$s);
+    }
+
     $f=fopen($this->CONFDIR."/awstats.".$hostname.".conf","wb");
     fputs($f,$s,strlen($s));
     fclose($f);
 
-	return true;
+    return true;
   }
 
 
   /* ----------------------------------------------------------------- */
   function _createhtpasswd() {
-    global $db, $err;
+    global $db, $msg;
     $f=@fopen($this->HTAFILE,"wb");
     if ($f) {
       $db->query("SELECT login,pass FROM aws_users;");
@@ -739,7 +767,7 @@ class m_aws {
       fclose($f);
       return true;
     } else {
-      $err->raise("aws",sprintf(_("Problem to edit file %s"), $this->HTAFILE));
+      $msg->raise('Error', "aws", _("Problem to edit file %s"), $this->HTAFILE);
       return false;
     }
   }
@@ -752,8 +780,8 @@ class m_aws {
    * EXPERIMENTAL 'sid' function ;) 
    */
   function alternc_export() {
-    global $db,$err,$cuid;
-    $err->log("aws","export");
+    global $db,$msg,$cuid;
+    $msg->log("aws","export");
     $str="<aws>\n";
     $db->query("SELECT login,pass FROM aws_users WHERE uid='$cuid';");
     while ($db->next_record()) {
@@ -776,6 +804,42 @@ class m_aws {
     return $str;
   }
 
+
+  /* ----------------------------------------------------------------- */
+  /**
+   * from http://php.net/crypt#73619 
+   */
+  function crypt_apr1_md5($plainpasswd) {
+    $salt = substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"), 0, 8);
+    $len = strlen($plainpasswd);
+    $text = $plainpasswd.'$apr1$'.$salt;
+    $bin = pack("H32", md5($plainpasswd.$salt.$plainpasswd));
+    for($i = $len; $i > 0; $i -= 16) { $text .= substr($bin, 0, min(16, $i)); }
+    for($i = $len; $i > 0; $i >>= 1) { $text .= ($i & 1) ? chr(0) : $plainpasswd{0}; }
+    $bin = pack("H32", md5($text));
+    for($i = 0; $i < 1000; $i++) {
+      $new = ($i & 1) ? $plainpasswd : $bin;
+      if ($i % 3) $new .= $salt;
+      if ($i % 7) $new .= $plainpasswd;
+      $new .= ($i & 1) ? $bin : $plainpasswd;
+      $bin = pack("H32", md5($new));
+    }
+    for ($i = 0; $i < 5; $i++) {
+      $k = $i + 6;
+      $j = $i + 12;
+      if ($j == 16) $j = 5;
+      $tmp = $bin[$i].$bin[$k].$bin[$j].$tmp;
+    }
+    $tmp = chr(0).chr(0).$bin[11].$tmp;
+    $tmp = strtr(strrev(substr(base64_encode($tmp), 2)),
+		 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
+		 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
+    return "$"."apr1"."$".$salt."$".$tmp;
+  }
+
+
+
+
 } /* CLASSE m_aws */
 
 ?>

awstats/bureau/locales/aws.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: AlternC 2.0\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2013-10-17 18:55+0200\n"
+"POT-Creation-Date: 2017-10-06 23:53+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -35,46 +35,46 @@ msgid ""
 "creation)."
 msgstr ""
 
-#: ../admin/aws_add.php:52 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:51 ../admin/aws_list.php:65
 msgid "Domain name"
 msgstr ""
 
-#: ../admin/aws_add.php:59
+#: ../admin/aws_add.php:58
 msgid "Hostaliases"
 msgstr ""
 
-#: ../admin/aws_add.php:73 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:72 ../admin/aws_list.php:65
 msgid "Allowed Users"
 msgstr ""
 
-#: ../admin/aws_add.php:89
+#: ../admin/aws_add.php:88
 msgid ""
 "No users currently defined, you must create login with the 'Manage allowed "
 "users' accounts' menu."
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Create those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Edit those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:95 ../admin/aws_pass.php:77 ../admin/aws_users.php:58
+#: ../admin/aws_add.php:94 ../admin/aws_pass.php:78 ../admin/aws_users.php:58
 msgid "Cancel"
 msgstr ""
 
-#: ../admin/aws_del.php:39
+#: ../admin/aws_del.php:36
 #, php-format
 msgid "The statistics %s has been successfully deleted"
 msgstr ""
 
-#: ../admin/aws_del.php:45
+#: ../admin/aws_del.php:42
 msgid "Please check the statistics set you want to delete"
 msgstr ""
 
-#: ../admin/aws_doadd.php:41
+#: ../admin/aws_doadd.php:40
 msgid "The statistics has been successfully created"
 msgstr ""
 
@@ -82,76 +82,88 @@ msgstr ""
 msgid "No Statistics selected!"
 msgstr ""
 
-#: ../admin/aws_doedit.php:48
+#: ../admin/aws_doedit.php:47
 msgid "The Statistics has been successfully changed"
 msgstr ""
 
-#: ../admin/aws_list.php:29
+#: ../admin/aws_list.php:30
+msgid "No statistics currently defined"
+msgstr ""
+
+#: ../admin/aws_list.php:36 ../class/m_aws.php:386
+msgid "Your stat quota is over..."
+msgstr ""
+
+#: ../admin/aws_list.php:41
 msgid "Statistics List"
 msgstr ""
 
-#: ../admin/aws_list.php:45
+#: ../admin/aws_list.php:52
 msgid "Manage allowed users' accounts"
 msgstr ""
 
-#: ../admin/aws_list.php:49 ../admin/aws_users.php:45
+#: ../admin/aws_list.php:56 ../admin/aws_users.php:44
 msgid "Create new Statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_users.php:78
+#: ../admin/aws_list.php:65 ../admin/aws_users.php:73
 msgid "Action"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_list.php:69
+#: ../admin/aws_list.php:65 ../admin/aws_list.php:77
 msgid "View the statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:66
+#: ../admin/aws_list.php:74
 msgid "Edit"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Are you sure you want to delete the selected statistics?"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Delete the checked Statistics"
 msgstr ""
 
-#: ../admin/aws_pass.php:43 ../admin/aws_useradd.php:36
+#: ../admin/aws_pass.php:43
+msgid "Please enter a password"
+msgstr ""
+
+#: ../admin/aws_pass.php:45 ../admin/aws_useradd.php:36
 msgid "Passwords do not match"
 msgstr ""
 
-#: ../admin/aws_pass.php:50
+#: ../admin/aws_pass.php:48
 msgid "Password successfuly updated"
 msgstr ""
 
-#: ../admin/aws_pass.php:60
+#: ../admin/aws_pass.php:61
 msgid "Change a user's password"
 msgstr ""
 
-#: ../admin/aws_pass.php:70 ../admin/aws_users.php:51
-#: ../admin/aws_users.php:78
+#: ../admin/aws_pass.php:71 ../admin/aws_users.php:51
+#: ../admin/aws_users.php:73
 msgid "Username"
 msgstr ""
 
-#: ../admin/aws_pass.php:73
+#: ../admin/aws_pass.php:74
 msgid "New Password"
 msgstr ""
 
-#: ../admin/aws_pass.php:74 ../admin/aws_users.php:55
+#: ../admin/aws_pass.php:75 ../admin/aws_users.php:55
 msgid "Confirm password"
 msgstr ""
 
-#: ../admin/aws_pass.php:76
+#: ../admin/aws_pass.php:77
 msgid "Change this user's password"
 msgstr ""
 
-#: ../admin/aws_useradd.php:43
+#: ../admin/aws_useradd.php:41
 msgid "The Awstat account has been successfully created"
 msgstr ""
 
-#: ../admin/aws_userdel.php:37
+#: ../admin/aws_userdel.php:34
 #, php-format
 msgid "The awstat account %s has been successfully deleted"
 msgstr ""
@@ -168,15 +180,15 @@ msgstr ""
 msgid "Create this new Awstats user"
 msgstr ""
 
-#: ../admin/aws_users.php:86
+#: ../admin/aws_users.php:81
 msgid "Change password"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Are you sure you want to delete the selected accounts?"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Delete checked accounts"
 msgstr ""
 
@@ -192,15 +204,11 @@ msgid ""
 "then protected by a login and a password."
 msgstr ""
 
-#: ../class/m_aws.php:123
-msgid "No statistics currently defined"
-msgstr ""
-
-#: ../class/m_aws.php:163 ../class/m_aws.php:324 ../class/m_aws.php:706
+#: ../class/m_aws.php:161 ../class/m_aws.php:324 ../class/m_aws.php:720
 msgid "This statistic does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:263
+#: ../class/m_aws.php:261
 msgid "Host already managed by awstats!"
 msgstr ""
 
@@ -212,64 +220,61 @@ msgstr ""
 msgid "This hostname does not exist (Hostaliases)"
 msgstr ""
 
-#: ../class/m_aws.php:386
-msgid "Your stat quota is over..."
-msgstr ""
-
 #: ../class/m_aws.php:399
 msgid "No user currently defined"
 msgstr ""
 
-#: ../class/m_aws.php:457 ../class/m_aws.php:516
+#: ../class/m_aws.php:457 ../class/m_aws.php:527
 msgid "Login does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:473 ../class/m_aws.php:493 ../class/m_aws.php:512
-#: ../class/m_aws.php:563
-msgid "Login incorrect"
-msgstr ""
-
-#: ../class/m_aws.php:477
+#: ../class/m_aws.php:476
 msgid "Login already exist"
 msgstr ""
 
-#: ../class/m_aws.php:497 ../class/m_aws.php:567
+#: ../class/m_aws.php:498 ../class/m_aws.php:523 ../class/m_aws.php:578
+msgid "Login incorrect"
+msgstr ""
+
+#: ../class/m_aws.php:502 ../class/m_aws.php:582
 msgid "Login does not exists"
 msgstr ""
 
-#: ../class/m_aws.php:521 ../class/m_aws.php:545 ../class/m_aws.php:572
+#: ../class/m_aws.php:532 ../class/m_aws.php:560 ../class/m_aws.php:587
 msgid "The requested statistic does not exist."
 msgstr ""
 
-#: ../class/m_aws.php:526
+#: ../class/m_aws.php:537
 msgid "This login is already allowed for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:577
+#: ../class/m_aws.php:592
 msgid "This login is already denied for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:641
+#: ../class/m_aws.php:655
 msgid "Awstats"
 msgstr ""
 
-#: ../class/m_aws.php:663
+#: ../class/m_aws.php:677
 msgid "prefix not allowed."
 msgstr ""
 
-#: ../class/m_aws.php:667
-msgid "Forbidden caracters in the postfix."
+#: ../class/m_aws.php:681
+msgid ""
+"There are forbidden characters in the login (only A-Z 0-9 _ and - are "
+"allowed)"
 msgstr ""
 
-#: ../class/m_aws.php:681
+#: ../class/m_aws.php:695
 msgid "Hostname is incorrect"
 msgstr ""
 
-#: ../class/m_aws.php:697
+#: ../class/m_aws.php:711
 msgid "Problem to create the configuration"
 msgstr ""
 
-#: ../class/m_aws.php:742
+#: ../class/m_aws.php:770
 #, php-format
 msgid "Problem to edit file %s"
 msgstr ""

awstats/bureau/locales/de_DE/LC_MESSAGES/aws.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: AlternC 2.0\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2013-07-22 17:35+0200\n"
+"POT-Creation-Date: 2017-10-06 23:53+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -34,46 +34,46 @@ msgid ""
 "creation)."
 msgstr ""
 
-#: ../admin/aws_add.php:52 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:51 ../admin/aws_list.php:65
 msgid "Domain name"
 msgstr ""
 
-#: ../admin/aws_add.php:59
+#: ../admin/aws_add.php:58
 msgid "Hostaliases"
 msgstr ""
 
-#: ../admin/aws_add.php:73 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:72 ../admin/aws_list.php:65
 msgid "Allowed Users"
 msgstr ""
 
-#: ../admin/aws_add.php:89
+#: ../admin/aws_add.php:88
 msgid ""
 "No users currently defined, you must create login with the 'Manage allowed "
 "users' accounts' menu."
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Create those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Edit those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:95 ../admin/aws_pass.php:77 ../admin/aws_users.php:58
+#: ../admin/aws_add.php:94 ../admin/aws_pass.php:78 ../admin/aws_users.php:58
 msgid "Cancel"
 msgstr ""
 
-#: ../admin/aws_del.php:39
+#: ../admin/aws_del.php:36
 #, php-format
 msgid "The statistics %s has been successfully deleted"
 msgstr ""
 
-#: ../admin/aws_del.php:45
+#: ../admin/aws_del.php:42
 msgid "Please check the statistics set you want to delete"
 msgstr ""
 
-#: ../admin/aws_doadd.php:41
+#: ../admin/aws_doadd.php:40
 msgid "The statistics has been successfully created"
 msgstr ""
 
@@ -81,76 +81,88 @@ msgstr ""
 msgid "No Statistics selected!"
 msgstr ""
 
-#: ../admin/aws_doedit.php:48
+#: ../admin/aws_doedit.php:47
 msgid "The Statistics has been successfully changed"
 msgstr ""
 
-#: ../admin/aws_list.php:29
+#: ../admin/aws_list.php:30
+msgid "No statistics currently defined"
+msgstr ""
+
+#: ../admin/aws_list.php:36 ../class/m_aws.php:386
+msgid "Your stat quota is over..."
+msgstr ""
+
+#: ../admin/aws_list.php:41
 msgid "Statistics List"
 msgstr ""
 
-#: ../admin/aws_list.php:45
+#: ../admin/aws_list.php:52
 msgid "Manage allowed users' accounts"
 msgstr ""
 
-#: ../admin/aws_list.php:49 ../admin/aws_users.php:45
+#: ../admin/aws_list.php:56 ../admin/aws_users.php:44
 msgid "Create new Statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_users.php:78
+#: ../admin/aws_list.php:65 ../admin/aws_users.php:73
 msgid "Action"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_list.php:69
+#: ../admin/aws_list.php:65 ../admin/aws_list.php:77
 msgid "View the statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:66
+#: ../admin/aws_list.php:74
 msgid "Edit"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Are you sure you want to delete the selected statistics?"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Delete the checked Statistics"
 msgstr ""
 
-#: ../admin/aws_pass.php:43 ../admin/aws_useradd.php:36
+#: ../admin/aws_pass.php:43
+msgid "Please enter a password"
+msgstr ""
+
+#: ../admin/aws_pass.php:45 ../admin/aws_useradd.php:36
 msgid "Passwords do not match"
 msgstr ""
 
-#: ../admin/aws_pass.php:50
+#: ../admin/aws_pass.php:48
 msgid "Password successfuly updated"
 msgstr ""
 
-#: ../admin/aws_pass.php:60
+#: ../admin/aws_pass.php:61
 msgid "Change a user's password"
 msgstr ""
 
-#: ../admin/aws_pass.php:70 ../admin/aws_users.php:51
-#: ../admin/aws_users.php:78
+#: ../admin/aws_pass.php:71 ../admin/aws_users.php:51
+#: ../admin/aws_users.php:73
 msgid "Username"
 msgstr ""
 
-#: ../admin/aws_pass.php:73
+#: ../admin/aws_pass.php:74
 msgid "New Password"
 msgstr ""
 
-#: ../admin/aws_pass.php:74 ../admin/aws_users.php:55
+#: ../admin/aws_pass.php:75 ../admin/aws_users.php:55
 msgid "Confirm password"
 msgstr ""
 
-#: ../admin/aws_pass.php:76
+#: ../admin/aws_pass.php:77
 msgid "Change this user's password"
 msgstr ""
 
-#: ../admin/aws_useradd.php:43
+#: ../admin/aws_useradd.php:41
 msgid "The Awstat account has been successfully created"
 msgstr ""
 
-#: ../admin/aws_userdel.php:37
+#: ../admin/aws_userdel.php:34
 #, php-format
 msgid "The awstat account %s has been successfully deleted"
 msgstr ""
@@ -167,15 +179,15 @@ msgstr ""
 msgid "Create this new Awstats user"
 msgstr ""
 
-#: ../admin/aws_users.php:86
+#: ../admin/aws_users.php:81
 msgid "Change password"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Are you sure you want to delete the selected accounts?"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Delete checked accounts"
 msgstr ""
 
@@ -191,15 +203,11 @@ msgid ""
 "then protected by a login and a password."
 msgstr ""
 
-#: ../class/m_aws.php:123
-msgid "No statistics currently defined"
-msgstr ""
-
-#: ../class/m_aws.php:163 ../class/m_aws.php:324 ../class/m_aws.php:706
+#: ../class/m_aws.php:161 ../class/m_aws.php:324 ../class/m_aws.php:720
 msgid "This statistic does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:263
+#: ../class/m_aws.php:261
 msgid "Host already managed by awstats!"
 msgstr ""
 
@@ -211,64 +219,61 @@ msgstr ""
 msgid "This hostname does not exist (Hostaliases)"
 msgstr ""
 
-#: ../class/m_aws.php:386
-msgid "Your stat quota is over..."
-msgstr ""
-
 #: ../class/m_aws.php:399
 msgid "No user currently defined"
 msgstr ""
 
-#: ../class/m_aws.php:457 ../class/m_aws.php:516
+#: ../class/m_aws.php:457 ../class/m_aws.php:527
 msgid "Login does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:473 ../class/m_aws.php:493 ../class/m_aws.php:512
-#: ../class/m_aws.php:563
-msgid "Login incorrect"
-msgstr ""
-
-#: ../class/m_aws.php:477
+#: ../class/m_aws.php:476
 msgid "Login already exist"
 msgstr ""
 
-#: ../class/m_aws.php:497 ../class/m_aws.php:567
+#: ../class/m_aws.php:498 ../class/m_aws.php:523 ../class/m_aws.php:578
+msgid "Login incorrect"
+msgstr ""
+
+#: ../class/m_aws.php:502 ../class/m_aws.php:582
 msgid "Login does not exists"
 msgstr ""
 
-#: ../class/m_aws.php:521 ../class/m_aws.php:545 ../class/m_aws.php:572
+#: ../class/m_aws.php:532 ../class/m_aws.php:560 ../class/m_aws.php:587
 msgid "The requested statistic does not exist."
 msgstr ""
 
-#: ../class/m_aws.php:526
+#: ../class/m_aws.php:537
 msgid "This login is already allowed for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:577
+#: ../class/m_aws.php:592
 msgid "This login is already denied for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:641
+#: ../class/m_aws.php:655
 msgid "Awstats"
 msgstr ""
 
-#: ../class/m_aws.php:663
+#: ../class/m_aws.php:677
 msgid "prefix not allowed."
 msgstr ""
 
-#: ../class/m_aws.php:667
-msgid "Forbidden caracters in the postfix."
+#: ../class/m_aws.php:681
+msgid ""
+"There are forbidden characters in the login (only A-Z 0-9 _ and - are "
+"allowed)"
 msgstr ""
 
-#: ../class/m_aws.php:681
+#: ../class/m_aws.php:695
 msgid "Hostname is incorrect"
 msgstr ""
 
-#: ../class/m_aws.php:697
+#: ../class/m_aws.php:711
 msgid "Problem to create the configuration"
 msgstr ""
 
-#: ../class/m_aws.php:742
+#: ../class/m_aws.php:770
 #, php-format
 msgid "Problem to edit file %s"
 msgstr ""

awstats/bureau/locales/en_US/LC_MESSAGES/aws.po

@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: $Id: aws.po 3237 2012-08-21 14:59:46Z benjamin $\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2013-07-22 17:35+0200\n"
+"POT-Creation-Date: 2017-10-06 23:53+0200\n"
 "PO-Revision-Date: 2002-06-16 13:50CEST\n"
 "Last-Translator: Benjamin Sonntag <benjamin@alternc.org>\n"
 "Language-Team: English <i18n@alternc.org>\n"
@@ -34,46 +34,46 @@ msgid ""
 "creation)."
 msgstr ""
 
-#: ../admin/aws_add.php:52 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:51 ../admin/aws_list.php:65
 msgid "Domain name"
 msgstr ""
 
-#: ../admin/aws_add.php:59
+#: ../admin/aws_add.php:58
 msgid "Hostaliases"
 msgstr ""
 
-#: ../admin/aws_add.php:73 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:72 ../admin/aws_list.php:65
 msgid "Allowed Users"
 msgstr ""
 
-#: ../admin/aws_add.php:89
+#: ../admin/aws_add.php:88
 msgid ""
 "No users currently defined, you must create login with the 'Manage allowed "
 "users' accounts' menu."
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Create those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Edit those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:95 ../admin/aws_pass.php:77 ../admin/aws_users.php:58
+#: ../admin/aws_add.php:94 ../admin/aws_pass.php:78 ../admin/aws_users.php:58
 msgid "Cancel"
 msgstr ""
 
-#: ../admin/aws_del.php:39
+#: ../admin/aws_del.php:36
 #, php-format
 msgid "The statistics %s has been successfully deleted"
 msgstr ""
 
-#: ../admin/aws_del.php:45
+#: ../admin/aws_del.php:42
 msgid "Please check the statistics set you want to delete"
 msgstr ""
 
-#: ../admin/aws_doadd.php:41
+#: ../admin/aws_doadd.php:40
 msgid "The statistics has been successfully created"
 msgstr ""
 
@@ -81,76 +81,88 @@ msgstr ""
 msgid "No Statistics selected!"
 msgstr ""
 
-#: ../admin/aws_doedit.php:48
+#: ../admin/aws_doedit.php:47
 msgid "The Statistics has been successfully changed"
 msgstr ""
 
-#: ../admin/aws_list.php:29
+#: ../admin/aws_list.php:30
+msgid "No statistics currently defined"
+msgstr ""
+
+#: ../admin/aws_list.php:36 ../class/m_aws.php:386
+msgid "Your stat quota is over..."
+msgstr ""
+
+#: ../admin/aws_list.php:41
 msgid "Statistics List"
 msgstr ""
 
-#: ../admin/aws_list.php:45
+#: ../admin/aws_list.php:52
 msgid "Manage allowed users' accounts"
 msgstr ""
 
-#: ../admin/aws_list.php:49 ../admin/aws_users.php:45
+#: ../admin/aws_list.php:56 ../admin/aws_users.php:44
 msgid "Create new Statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_users.php:78
+#: ../admin/aws_list.php:65 ../admin/aws_users.php:73
 msgid "Action"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_list.php:69
+#: ../admin/aws_list.php:65 ../admin/aws_list.php:77
 msgid "View the statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:66
+#: ../admin/aws_list.php:74
 msgid "Edit"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Are you sure you want to delete the selected statistics?"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Delete the checked Statistics"
 msgstr ""
 
-#: ../admin/aws_pass.php:43 ../admin/aws_useradd.php:36
+#: ../admin/aws_pass.php:43
+msgid "Please enter a password"
+msgstr ""
+
+#: ../admin/aws_pass.php:45 ../admin/aws_useradd.php:36
 msgid "Passwords do not match"
 msgstr ""
 
-#: ../admin/aws_pass.php:50
+#: ../admin/aws_pass.php:48
 msgid "Password successfuly updated"
 msgstr ""
 
-#: ../admin/aws_pass.php:60
+#: ../admin/aws_pass.php:61
 msgid "Change a user's password"
 msgstr ""
 
-#: ../admin/aws_pass.php:70 ../admin/aws_users.php:51
-#: ../admin/aws_users.php:78
+#: ../admin/aws_pass.php:71 ../admin/aws_users.php:51
+#: ../admin/aws_users.php:73
 msgid "Username"
 msgstr ""
 
-#: ../admin/aws_pass.php:73
+#: ../admin/aws_pass.php:74
 msgid "New Password"
 msgstr ""
 
-#: ../admin/aws_pass.php:74 ../admin/aws_users.php:55
+#: ../admin/aws_pass.php:75 ../admin/aws_users.php:55
 msgid "Confirm password"
 msgstr ""
 
-#: ../admin/aws_pass.php:76
+#: ../admin/aws_pass.php:77
 msgid "Change this user's password"
 msgstr ""
 
-#: ../admin/aws_useradd.php:43
+#: ../admin/aws_useradd.php:41
 msgid "The Awstat account has been successfully created"
 msgstr ""
 
-#: ../admin/aws_userdel.php:37
+#: ../admin/aws_userdel.php:34
 #, php-format
 msgid "The awstat account %s has been successfully deleted"
 msgstr ""
@@ -167,15 +179,15 @@ msgstr ""
 msgid "Create this new Awstats user"
 msgstr ""
 
-#: ../admin/aws_users.php:86
+#: ../admin/aws_users.php:81
 msgid "Change password"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Are you sure you want to delete the selected accounts?"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Delete checked accounts"
 msgstr ""
 
@@ -191,15 +203,11 @@ msgid ""
 "then protected by a login and a password."
 msgstr ""
 
-#: ../class/m_aws.php:123
-msgid "No statistics currently defined"
-msgstr ""
-
-#: ../class/m_aws.php:163 ../class/m_aws.php:324 ../class/m_aws.php:706
+#: ../class/m_aws.php:161 ../class/m_aws.php:324 ../class/m_aws.php:720
 msgid "This statistic does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:263
+#: ../class/m_aws.php:261
 msgid "Host already managed by awstats!"
 msgstr ""
 
@@ -211,64 +219,61 @@ msgstr ""
 msgid "This hostname does not exist (Hostaliases)"
 msgstr ""
 
-#: ../class/m_aws.php:386
-msgid "Your stat quota is over..."
-msgstr ""
-
 #: ../class/m_aws.php:399
 msgid "No user currently defined"
 msgstr ""
 
-#: ../class/m_aws.php:457 ../class/m_aws.php:516
+#: ../class/m_aws.php:457 ../class/m_aws.php:527
 msgid "Login does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:473 ../class/m_aws.php:493 ../class/m_aws.php:512
-#: ../class/m_aws.php:563
-msgid "Login incorrect"
-msgstr ""
-
-#: ../class/m_aws.php:477
+#: ../class/m_aws.php:476
 msgid "Login already exist"
 msgstr ""
 
-#: ../class/m_aws.php:497 ../class/m_aws.php:567
+#: ../class/m_aws.php:498 ../class/m_aws.php:523 ../class/m_aws.php:578
+msgid "Login incorrect"
+msgstr ""
+
+#: ../class/m_aws.php:502 ../class/m_aws.php:582
 msgid "Login does not exists"
 msgstr ""
 
-#: ../class/m_aws.php:521 ../class/m_aws.php:545 ../class/m_aws.php:572
+#: ../class/m_aws.php:532 ../class/m_aws.php:560 ../class/m_aws.php:587
 msgid "The requested statistic does not exist."
 msgstr ""
 
-#: ../class/m_aws.php:526
+#: ../class/m_aws.php:537
 msgid "This login is already allowed for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:577
+#: ../class/m_aws.php:592
 msgid "This login is already denied for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:641
+#: ../class/m_aws.php:655
 msgid "Awstats"
 msgstr ""
 
-#: ../class/m_aws.php:663
+#: ../class/m_aws.php:677
 msgid "prefix not allowed."
 msgstr ""
 
-#: ../class/m_aws.php:667
-msgid "Forbidden caracters in the postfix."
+#: ../class/m_aws.php:681
+msgid ""
+"There are forbidden characters in the login (only A-Z 0-9 _ and - are "
+"allowed)"
 msgstr ""
 
-#: ../class/m_aws.php:681
+#: ../class/m_aws.php:695
 msgid "Hostname is incorrect"
 msgstr ""
 
-#: ../class/m_aws.php:697
+#: ../class/m_aws.php:711
 msgid "Problem to create the configuration"
 msgstr ""
 
-#: ../class/m_aws.php:742
+#: ../class/m_aws.php:770
 #, php-format
 msgid "Problem to edit file %s"
 msgstr ""

awstats/bureau/locales/es_ES/LC_MESSAGES/aws.po

@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: $Id: aws.po 3237 2012-08-21 14:59:46Z benjamin $\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2013-07-22 17:35+0200\n"
+"POT-Creation-Date: 2017-10-06 23:53+0200\n"
 "PO-Revision-Date: 2002-06-16 13:50CEST\n"
 "Last-Translator: Bruno <bruno@alternc.org>\n"
 "Language-Team: Espanol <i18n@alternc.org>\n"
@@ -35,47 +35,47 @@ msgid ""
 "creation)."
 msgstr ""
 
-#: ../admin/aws_add.php:52 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:51 ../admin/aws_list.php:65
 msgid "Domain name"
 msgstr ""
 
-#: ../admin/aws_add.php:59
+#: ../admin/aws_add.php:58
 msgid "Hostaliases"
 msgstr ""
 
-#: ../admin/aws_add.php:73 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:72 ../admin/aws_list.php:65
 msgid "Allowed Users"
 msgstr ""
 
-#: ../admin/aws_add.php:89
+#: ../admin/aws_add.php:88
 msgid ""
 "No users currently defined, you must create login with the 'Manage allowed "
 "users' accounts' menu."
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Create those statistics"
 msgstr "Crear estas estadísticas"
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 #, fuzzy
 msgid "Edit those statistics"
 msgstr "Crear estas estadísticas"
 
-#: ../admin/aws_add.php:95 ../admin/aws_pass.php:77 ../admin/aws_users.php:58
+#: ../admin/aws_add.php:94 ../admin/aws_pass.php:78 ../admin/aws_users.php:58
 msgid "Cancel"
 msgstr ""
 
-#: ../admin/aws_del.php:39
+#: ../admin/aws_del.php:36
 #, fuzzy, php-format
 msgid "The statistics %s has been successfully deleted"
 msgstr "El juego de estadísticas ha sido creado"
 
-#: ../admin/aws_del.php:45
+#: ../admin/aws_del.php:42
 msgid "Please check the statistics set you want to delete"
 msgstr ""
 
-#: ../admin/aws_doadd.php:41
+#: ../admin/aws_doadd.php:40
 msgid "The statistics has been successfully created"
 msgstr "El juego de estadísticas ha sido creado"
 
@@ -83,78 +83,91 @@ msgstr "El juego de estadísticas ha sido creado"
 msgid "No Statistics selected!"
 msgstr "¡Ningún juego seleccionado!"
 
-#: ../admin/aws_doedit.php:48
+#: ../admin/aws_doedit.php:47
 msgid "The Statistics has been successfully changed"
 msgstr "El juego de estadísticas ha sido modificado"
 
-#: ../admin/aws_list.php:29
+#: ../admin/aws_list.php:30
+#, fuzzy
+msgid "No statistics currently defined"
+msgstr "¡Ningún juego seleccionado!"
+
+#: ../admin/aws_list.php:36 ../class/m_aws.php:386
+msgid "Your stat quota is over..."
+msgstr ""
+
+#: ../admin/aws_list.php:41
 msgid "Statistics List"
 msgstr "Lista de juegos de estadísticas"
 
-#: ../admin/aws_list.php:45
+#: ../admin/aws_list.php:52
 msgid "Manage allowed users' accounts"
 msgstr ""
 
-#: ../admin/aws_list.php:49 ../admin/aws_users.php:45
+#: ../admin/aws_list.php:56 ../admin/aws_users.php:44
 msgid "Create new Statistics"
 msgstr "Crear un nuevo juego de estadísticas"
 
-#: ../admin/aws_list.php:57 ../admin/aws_users.php:78
+#: ../admin/aws_list.php:65 ../admin/aws_users.php:73
 msgid "Action"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_list.php:69
+#: ../admin/aws_list.php:65 ../admin/aws_list.php:77
 #, fuzzy
 msgid "View the statistics"
 msgstr "Crear estas estadísticas"
 
-#: ../admin/aws_list.php:66
+#: ../admin/aws_list.php:74
 msgid "Edit"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Are you sure you want to delete the selected statistics?"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Delete the checked Statistics"
 msgstr "Suprimir los juegos marcados"
 
-#: ../admin/aws_pass.php:43 ../admin/aws_useradd.php:36
+#: ../admin/aws_pass.php:43
+msgid "Please enter a password"
+msgstr ""
+
+#: ../admin/aws_pass.php:45 ../admin/aws_useradd.php:36
 msgid "Passwords do not match"
 msgstr ""
 
-#: ../admin/aws_pass.php:50
+#: ../admin/aws_pass.php:48
 msgid "Password successfuly updated"
 msgstr ""
 
-#: ../admin/aws_pass.php:60
+#: ../admin/aws_pass.php:61
 msgid "Change a user's password"
 msgstr ""
 
-#: ../admin/aws_pass.php:70 ../admin/aws_users.php:51
-#: ../admin/aws_users.php:78
+#: ../admin/aws_pass.php:71 ../admin/aws_users.php:51
+#: ../admin/aws_users.php:73
 msgid "Username"
 msgstr ""
 
-#: ../admin/aws_pass.php:73
+#: ../admin/aws_pass.php:74
 msgid "New Password"
 msgstr ""
 
-#: ../admin/aws_pass.php:74 ../admin/aws_users.php:55
+#: ../admin/aws_pass.php:75 ../admin/aws_users.php:55
 msgid "Confirm password"
 msgstr ""
 
-#: ../admin/aws_pass.php:76
+#: ../admin/aws_pass.php:77
 msgid "Change this user's password"
 msgstr ""
 
-#: ../admin/aws_useradd.php:43
+#: ../admin/aws_useradd.php:41
 #, fuzzy
 msgid "The Awstat account has been successfully created"
 msgstr "El juego de estadísticas ha sido creado"
 
-#: ../admin/aws_userdel.php:37
+#: ../admin/aws_userdel.php:34
 #, fuzzy, php-format
 msgid "The awstat account %s has been successfully deleted"
 msgstr "El juego de estadísticas ha sido creado"
@@ -172,15 +185,15 @@ msgstr ""
 msgid "Create this new Awstats user"
 msgstr "Crear estas estadísticas"
 
-#: ../admin/aws_users.php:86
+#: ../admin/aws_users.php:81
 msgid "Change password"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Are you sure you want to delete the selected accounts?"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 #, fuzzy
 msgid "Delete checked accounts"
 msgstr "Suprimir los juegos marcados"
@@ -197,16 +210,11 @@ msgid ""
 "then protected by a login and a password."
 msgstr ""
 
-#: ../class/m_aws.php:123
-#, fuzzy
-msgid "No statistics currently defined"
-msgstr "¡Ningún juego seleccionado!"
-
-#: ../class/m_aws.php:163 ../class/m_aws.php:324 ../class/m_aws.php:706
+#: ../class/m_aws.php:161 ../class/m_aws.php:324 ../class/m_aws.php:720
 msgid "This statistic does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:263
+#: ../class/m_aws.php:261
 msgid "Host already managed by awstats!"
 msgstr ""
 
@@ -218,64 +226,61 @@ msgstr ""
 msgid "This hostname does not exist (Hostaliases)"
 msgstr ""
 
-#: ../class/m_aws.php:386
-msgid "Your stat quota is over..."
-msgstr ""
-
 #: ../class/m_aws.php:399
 msgid "No user currently defined"
 msgstr ""
 
-#: ../class/m_aws.php:457 ../class/m_aws.php:516
+#: ../class/m_aws.php:457 ../class/m_aws.php:527
 msgid "Login does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:473 ../class/m_aws.php:493 ../class/m_aws.php:512
-#: ../class/m_aws.php:563
-msgid "Login incorrect"
-msgstr ""
-
-#: ../class/m_aws.php:477
+#: ../class/m_aws.php:476
 msgid "Login already exist"
 msgstr ""
 
-#: ../class/m_aws.php:497 ../class/m_aws.php:567
+#: ../class/m_aws.php:498 ../class/m_aws.php:523 ../class/m_aws.php:578
+msgid "Login incorrect"
+msgstr ""
+
+#: ../class/m_aws.php:502 ../class/m_aws.php:582
 msgid "Login does not exists"
 msgstr ""
 
-#: ../class/m_aws.php:521 ../class/m_aws.php:545 ../class/m_aws.php:572
+#: ../class/m_aws.php:532 ../class/m_aws.php:560 ../class/m_aws.php:587
 msgid "The requested statistic does not exist."
 msgstr ""
 
-#: ../class/m_aws.php:526
+#: ../class/m_aws.php:537
 msgid "This login is already allowed for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:577
+#: ../class/m_aws.php:592
 msgid "This login is already denied for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:641
+#: ../class/m_aws.php:655
 msgid "Awstats"
 msgstr ""
 
-#: ../class/m_aws.php:663
+#: ../class/m_aws.php:677
 msgid "prefix not allowed."
 msgstr ""
 
-#: ../class/m_aws.php:667
-msgid "Forbidden caracters in the postfix."
+#: ../class/m_aws.php:681
+msgid ""
+"There are forbidden characters in the login (only A-Z 0-9 _ and - are "
+"allowed)"
 msgstr ""
 
-#: ../class/m_aws.php:681
+#: ../class/m_aws.php:695
 msgid "Hostname is incorrect"
 msgstr ""
 
-#: ../class/m_aws.php:697
+#: ../class/m_aws.php:711
 msgid "Problem to create the configuration"
 msgstr ""
 
-#: ../class/m_aws.php:742
+#: ../class/m_aws.php:770
 #, php-format
 msgid "Problem to edit file %s"
 msgstr ""

awstats/bureau/locales/fr_FR/LC_MESSAGES/aws.po

@@ -7,7 +7,7 @@ msgstr ""
 "Project-Id-Version: $Id: stats.po,v 1.1.1.1 2004/09/01 16:52:49 anonymous "
 "Exp $\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2013-07-22 17:35+0200\n"
+"POT-Creation-Date: 2017-10-06 23:53+0200\n"
 "PO-Revision-Date: 2009-05-24 13:50CEST\n"
 "Last-Translator: Benjamin Sonntag <benjamin@alternc.org>\n"
 "Language-Team: French <i18n@alternc.org>\n"
@@ -35,19 +35,19 @@ msgid ""
 "creation)."
 msgstr ""
 
-#: ../admin/aws_add.php:52 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:51 ../admin/aws_list.php:65
 msgid "Domain name"
 msgstr "Nom de domaine"
 
-#: ../admin/aws_add.php:59
+#: ../admin/aws_add.php:58
 msgid "Hostaliases"
 msgstr "Autres noms de domaine à associer aux stats"
 
-#: ../admin/aws_add.php:73 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:72 ../admin/aws_list.php:65
 msgid "Allowed Users"
 msgstr "Utilisateurs autorisés"
 
-#: ../admin/aws_add.php:89
+#: ../admin/aws_add.php:88
 msgid ""
 "No users currently defined, you must create login with the 'Manage allowed "
 "users' accounts' menu."
@@ -55,28 +55,28 @@ msgstr ""
 "Aucun utilisateur n'est défini pour l'instant. Vous devez créer des "
 "utilisateurs avec le menu 'Gérer les utilisateurs autorisés'."
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Create those statistics"
 msgstr "Créer ce jeu de statistiques"
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Edit those statistics"
 msgstr "Modifier ce jeu de statistiques"
 
-#: ../admin/aws_add.php:95 ../admin/aws_pass.php:77 ../admin/aws_users.php:58
+#: ../admin/aws_add.php:94 ../admin/aws_pass.php:78 ../admin/aws_users.php:58
 msgid "Cancel"
 msgstr ""
 
-#: ../admin/aws_del.php:39
+#: ../admin/aws_del.php:36
 #, php-format
 msgid "The statistics %s has been successfully deleted"
 msgstr "Le jeu de statistiques %s a été effacé avec succès"
 
-#: ../admin/aws_del.php:45
+#: ../admin/aws_del.php:42
 msgid "Please check the statistics set you want to delete"
 msgstr "Vous devez cocher les statistiques que vous souhaitez effacer"
 
-#: ../admin/aws_doadd.php:41
+#: ../admin/aws_doadd.php:40
 msgid "The statistics has been successfully created"
 msgstr "Le jeu de statistiques a été créé avec succès"
 
@@ -84,77 +84,91 @@ msgstr "Le jeu de statistiques a été créé avec succès"
 msgid "No Statistics selected!"
 msgstr "Aucun jeu de sélectionné !"
 
-#: ../admin/aws_doedit.php:48
+#: ../admin/aws_doedit.php:47
 msgid "The Statistics has been successfully changed"
 msgstr "Le jeu de statistiques a été modifié avec succès"
 
-#: ../admin/aws_list.php:29
+#: ../admin/aws_list.php:30
+#, fuzzy
+msgid "No statistics currently defined"
+msgstr "Aucun jeu de sélectionné !"
+
+#: ../admin/aws_list.php:36 ../class/m_aws.php:386
+msgid "Your stat quota is over..."
+msgstr ""
+
+#: ../admin/aws_list.php:41
 msgid "Statistics List"
 msgstr "Liste des jeux de statistiques"
 
-#: ../admin/aws_list.php:45
+#: ../admin/aws_list.php:52
 msgid "Manage allowed users' accounts"
 msgstr "Gérer les utilisateurs autorisés"
 
-#: ../admin/aws_list.php:49 ../admin/aws_users.php:45
+#: ../admin/aws_list.php:56 ../admin/aws_users.php:44
 msgid "Create new Statistics"
 msgstr "Créer un jeu de statistiques"
 
-#: ../admin/aws_list.php:57 ../admin/aws_users.php:78
+#: ../admin/aws_list.php:65 ../admin/aws_users.php:73
 msgid "Action"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_list.php:69
+#: ../admin/aws_list.php:65 ../admin/aws_list.php:77
 msgid "View the statistics"
 msgstr "Voir les statistiques"
 
-#: ../admin/aws_list.php:66
+#: ../admin/aws_list.php:74
 msgid "Edit"
 msgstr "Modifier"
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Are you sure you want to delete the selected statistics?"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Delete the checked Statistics"
 msgstr "Effacer les statistiques cochées"
 
-#: ../admin/aws_pass.php:43 ../admin/aws_useradd.php:36
+#: ../admin/aws_pass.php:43
+#, fuzzy
+msgid "Please enter a password"
+msgstr "Changer le mot de passe"
+
+#: ../admin/aws_pass.php:45 ../admin/aws_useradd.php:36
 msgid "Passwords do not match"
 msgstr ""
 
-#: ../admin/aws_pass.php:50
+#: ../admin/aws_pass.php:48
 msgid "Password successfuly updated"
 msgstr ""
 
-#: ../admin/aws_pass.php:60
+#: ../admin/aws_pass.php:61
 msgid "Change a user's password"
 msgstr "Changer le mot de passe d'un utilisateur"
 
-#: ../admin/aws_pass.php:70 ../admin/aws_users.php:51
-#: ../admin/aws_users.php:78
+#: ../admin/aws_pass.php:71 ../admin/aws_users.php:51
+#: ../admin/aws_users.php:73
 msgid "Username"
 msgstr "Nom d'utilisateur"
 
-#: ../admin/aws_pass.php:73
+#: ../admin/aws_pass.php:74
 msgid "New Password"
 msgstr "Nouveau mot de passe"
 
-#: ../admin/aws_pass.php:74 ../admin/aws_users.php:55
+#: ../admin/aws_pass.php:75 ../admin/aws_users.php:55
 #, fuzzy
 msgid "Confirm password"
 msgstr "Changer le mot de passe"
 
-#: ../admin/aws_pass.php:76
+#: ../admin/aws_pass.php:77
 msgid "Change this user's password"
 msgstr "Changer le mot de passe de cet utilisateur"
 
-#: ../admin/aws_useradd.php:43
+#: ../admin/aws_useradd.php:41
 msgid "The Awstat account has been successfully created"
 msgstr "Le compte utilisateur a été créé avec succès"
 
-#: ../admin/aws_userdel.php:37
+#: ../admin/aws_userdel.php:34
 #, php-format
 msgid "The awstat account %s has been successfully deleted"
 msgstr "Le compte utilisateur %s a été effacé avec succès"
@@ -172,15 +186,15 @@ msgstr "Mot de passe"
 msgid "Create this new Awstats user"
 msgstr "Créer cet utilisateur"
 
-#: ../admin/aws_users.php:86
+#: ../admin/aws_users.php:81
 msgid "Change password"
 msgstr "Changer le mot de passe"
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Are you sure you want to delete the selected accounts?"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Delete checked accounts"
 msgstr "Effacer les utilisateurs sélectionnés"
 
@@ -201,16 +215,11 @@ msgstr ""
 "utilisé pour cela est Awstats. Les statistiques peuvent être lues dans de "
 "nombreuses langues."
 
-#: ../class/m_aws.php:123
-#, fuzzy
-msgid "No statistics currently defined"
-msgstr "Aucun jeu de sélectionné !"
-
-#: ../class/m_aws.php:163 ../class/m_aws.php:324 ../class/m_aws.php:706
+#: ../class/m_aws.php:161 ../class/m_aws.php:324 ../class/m_aws.php:720
 msgid "This statistic does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:263
+#: ../class/m_aws.php:261
 msgid "Host already managed by awstats!"
 msgstr ""
 
@@ -222,64 +231,61 @@ msgstr ""
 msgid "This hostname does not exist (Hostaliases)"
 msgstr ""
 
-#: ../class/m_aws.php:386
-msgid "Your stat quota is over..."
-msgstr ""
-
 #: ../class/m_aws.php:399
 msgid "No user currently defined"
 msgstr ""
 
-#: ../class/m_aws.php:457 ../class/m_aws.php:516
+#: ../class/m_aws.php:457 ../class/m_aws.php:527
 msgid "Login does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:473 ../class/m_aws.php:493 ../class/m_aws.php:512
-#: ../class/m_aws.php:563
-msgid "Login incorrect"
-msgstr ""
-
-#: ../class/m_aws.php:477
+#: ../class/m_aws.php:476
 msgid "Login already exist"
 msgstr ""
 
-#: ../class/m_aws.php:497 ../class/m_aws.php:567
+#: ../class/m_aws.php:498 ../class/m_aws.php:523 ../class/m_aws.php:578
+msgid "Login incorrect"
+msgstr ""
+
+#: ../class/m_aws.php:502 ../class/m_aws.php:582
 msgid "Login does not exists"
 msgstr ""
 
-#: ../class/m_aws.php:521 ../class/m_aws.php:545 ../class/m_aws.php:572
+#: ../class/m_aws.php:532 ../class/m_aws.php:560 ../class/m_aws.php:587
 msgid "The requested statistic does not exist."
 msgstr ""
 
-#: ../class/m_aws.php:526
+#: ../class/m_aws.php:537
 msgid "This login is already allowed for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:577
+#: ../class/m_aws.php:592
 msgid "This login is already denied for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:641
+#: ../class/m_aws.php:655
 msgid "Awstats"
 msgstr ""
 
-#: ../class/m_aws.php:663
+#: ../class/m_aws.php:677
 msgid "prefix not allowed."
 msgstr ""
 
-#: ../class/m_aws.php:667
-msgid "Forbidden caracters in the postfix."
+#: ../class/m_aws.php:681
+msgid ""
+"There are forbidden characters in the login (only A-Z 0-9 _ and - are "
+"allowed)"
 msgstr ""
 
-#: ../class/m_aws.php:681
+#: ../class/m_aws.php:695
 msgid "Hostname is incorrect"
 msgstr ""
 
-#: ../class/m_aws.php:697
+#: ../class/m_aws.php:711
 msgid "Problem to create the configuration"
 msgstr ""
 
-#: ../class/m_aws.php:742
+#: ../class/m_aws.php:770
 #, php-format
 msgid "Problem to edit file %s"
 msgstr ""

awstats/bureau/locales/it_IT/LC_MESSAGES/aws.po

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: AlternC 2.0\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2013-07-22 17:35+0200\n"
+"POT-Creation-Date: 2017-10-06 23:53+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -35,46 +35,46 @@ msgid ""
 "creation)."
 msgstr ""
 
-#: ../admin/aws_add.php:52 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:51 ../admin/aws_list.php:65
 msgid "Domain name"
 msgstr ""
 
-#: ../admin/aws_add.php:59
+#: ../admin/aws_add.php:58
 msgid "Hostaliases"
 msgstr ""
 
-#: ../admin/aws_add.php:73 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:72 ../admin/aws_list.php:65
 msgid "Allowed Users"
 msgstr ""
 
-#: ../admin/aws_add.php:89
+#: ../admin/aws_add.php:88
 msgid ""
 "No users currently defined, you must create login with the 'Manage allowed "
 "users' accounts' menu."
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Create those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Edit those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:95 ../admin/aws_pass.php:77 ../admin/aws_users.php:58
+#: ../admin/aws_add.php:94 ../admin/aws_pass.php:78 ../admin/aws_users.php:58
 msgid "Cancel"
 msgstr ""
 
-#: ../admin/aws_del.php:39
+#: ../admin/aws_del.php:36
 #, php-format
 msgid "The statistics %s has been successfully deleted"
 msgstr ""
 
-#: ../admin/aws_del.php:45
+#: ../admin/aws_del.php:42
 msgid "Please check the statistics set you want to delete"
 msgstr ""
 
-#: ../admin/aws_doadd.php:41
+#: ../admin/aws_doadd.php:40
 msgid "The statistics has been successfully created"
 msgstr ""
 
@@ -82,76 +82,88 @@ msgstr ""
 msgid "No Statistics selected!"
 msgstr ""
 
-#: ../admin/aws_doedit.php:48
+#: ../admin/aws_doedit.php:47
 msgid "The Statistics has been successfully changed"
 msgstr ""
 
-#: ../admin/aws_list.php:29
+#: ../admin/aws_list.php:30
+msgid "No statistics currently defined"
+msgstr ""
+
+#: ../admin/aws_list.php:36 ../class/m_aws.php:386
+msgid "Your stat quota is over..."
+msgstr ""
+
+#: ../admin/aws_list.php:41
 msgid "Statistics List"
 msgstr ""
 
-#: ../admin/aws_list.php:45
+#: ../admin/aws_list.php:52
 msgid "Manage allowed users' accounts"
 msgstr ""
 
-#: ../admin/aws_list.php:49 ../admin/aws_users.php:45
+#: ../admin/aws_list.php:56 ../admin/aws_users.php:44
 msgid "Create new Statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_users.php:78
+#: ../admin/aws_list.php:65 ../admin/aws_users.php:73
 msgid "Action"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_list.php:69
+#: ../admin/aws_list.php:65 ../admin/aws_list.php:77
 msgid "View the statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:66
+#: ../admin/aws_list.php:74
 msgid "Edit"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Are you sure you want to delete the selected statistics?"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Delete the checked Statistics"
 msgstr ""
 
-#: ../admin/aws_pass.php:43 ../admin/aws_useradd.php:36
+#: ../admin/aws_pass.php:43
+msgid "Please enter a password"
+msgstr ""
+
+#: ../admin/aws_pass.php:45 ../admin/aws_useradd.php:36
 msgid "Passwords do not match"
 msgstr ""
 
-#: ../admin/aws_pass.php:50
+#: ../admin/aws_pass.php:48
 msgid "Password successfuly updated"
 msgstr ""
 
-#: ../admin/aws_pass.php:60
+#: ../admin/aws_pass.php:61
 msgid "Change a user's password"
 msgstr ""
 
-#: ../admin/aws_pass.php:70 ../admin/aws_users.php:51
-#: ../admin/aws_users.php:78
+#: ../admin/aws_pass.php:71 ../admin/aws_users.php:51
+#: ../admin/aws_users.php:73
 msgid "Username"
 msgstr ""
 
-#: ../admin/aws_pass.php:73
+#: ../admin/aws_pass.php:74
 msgid "New Password"
 msgstr ""
 
-#: ../admin/aws_pass.php:74 ../admin/aws_users.php:55
+#: ../admin/aws_pass.php:75 ../admin/aws_users.php:55
 msgid "Confirm password"
 msgstr ""
 
-#: ../admin/aws_pass.php:76
+#: ../admin/aws_pass.php:77
 msgid "Change this user's password"
 msgstr ""
 
-#: ../admin/aws_useradd.php:43
+#: ../admin/aws_useradd.php:41
 msgid "The Awstat account has been successfully created"
 msgstr ""
 
-#: ../admin/aws_userdel.php:37
+#: ../admin/aws_userdel.php:34
 #, php-format
 msgid "The awstat account %s has been successfully deleted"
 msgstr ""
@@ -168,15 +180,15 @@ msgstr ""
 msgid "Create this new Awstats user"
 msgstr ""
 
-#: ../admin/aws_users.php:86
+#: ../admin/aws_users.php:81
 msgid "Change password"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Are you sure you want to delete the selected accounts?"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Delete checked accounts"
 msgstr ""
 
@@ -192,15 +204,11 @@ msgid ""
 "then protected by a login and a password."
 msgstr ""
 
-#: ../class/m_aws.php:123
-msgid "No statistics currently defined"
-msgstr ""
-
-#: ../class/m_aws.php:163 ../class/m_aws.php:324 ../class/m_aws.php:706
+#: ../class/m_aws.php:161 ../class/m_aws.php:324 ../class/m_aws.php:720
 msgid "This statistic does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:263
+#: ../class/m_aws.php:261
 msgid "Host already managed by awstats!"
 msgstr ""
 
@@ -212,64 +220,61 @@ msgstr ""
 msgid "This hostname does not exist (Hostaliases)"
 msgstr ""
 
-#: ../class/m_aws.php:386
-msgid "Your stat quota is over..."
-msgstr ""
-
 #: ../class/m_aws.php:399
 msgid "No user currently defined"
 msgstr ""
 
-#: ../class/m_aws.php:457 ../class/m_aws.php:516
+#: ../class/m_aws.php:457 ../class/m_aws.php:527
 msgid "Login does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:473 ../class/m_aws.php:493 ../class/m_aws.php:512
-#: ../class/m_aws.php:563
-msgid "Login incorrect"
-msgstr ""
-
-#: ../class/m_aws.php:477
+#: ../class/m_aws.php:476
 msgid "Login already exist"
 msgstr ""
 
-#: ../class/m_aws.php:497 ../class/m_aws.php:567
+#: ../class/m_aws.php:498 ../class/m_aws.php:523 ../class/m_aws.php:578
+msgid "Login incorrect"
+msgstr ""
+
+#: ../class/m_aws.php:502 ../class/m_aws.php:582
 msgid "Login does not exists"
 msgstr ""
 
-#: ../class/m_aws.php:521 ../class/m_aws.php:545 ../class/m_aws.php:572
+#: ../class/m_aws.php:532 ../class/m_aws.php:560 ../class/m_aws.php:587
 msgid "The requested statistic does not exist."
 msgstr ""
 
-#: ../class/m_aws.php:526
+#: ../class/m_aws.php:537
 msgid "This login is already allowed for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:577
+#: ../class/m_aws.php:592
 msgid "This login is already denied for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:641
+#: ../class/m_aws.php:655
 msgid "Awstats"
 msgstr ""
 
-#: ../class/m_aws.php:663
+#: ../class/m_aws.php:677
 msgid "prefix not allowed."
 msgstr ""
 
-#: ../class/m_aws.php:667
-msgid "Forbidden caracters in the postfix."
+#: ../class/m_aws.php:681
+msgid ""
+"There are forbidden characters in the login (only A-Z 0-9 _ and - are "
+"allowed)"
 msgstr ""
 
-#: ../class/m_aws.php:681
+#: ../class/m_aws.php:695
 msgid "Hostname is incorrect"
 msgstr ""
 
-#: ../class/m_aws.php:697
+#: ../class/m_aws.php:711
 msgid "Problem to create the configuration"
 msgstr ""
 
-#: ../class/m_aws.php:742
+#: ../class/m_aws.php:770
 #, php-format
 msgid "Problem to edit file %s"
 msgstr ""

awstats/bureau/locales/nl_NL/LC_MESSAGES/aws.po

@@ -7,7 +7,7 @@ msgstr ""
 "Project-Id-Version: $Id: stats.po,v 1.1.1.1 2004/09/01 16:52:49 anonymous "
 "Exp $\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2013-07-22 17:35+0200\n"
+"POT-Creation-Date: 2017-10-06 23:53+0200\n"
 "PO-Revision-Date: 2009-05-24 13:50CEST\n"
 "Last-Translator: Benjamin Sonntag <benjamin@alternc.org>\n"
 "Language-Team: Dutch <i18n@alternc.org>\n"
@@ -35,46 +35,46 @@ msgid ""
 "creation)."
 msgstr ""
 
-#: ../admin/aws_add.php:52 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:51 ../admin/aws_list.php:65
 msgid "Domain name"
 msgstr ""
 
-#: ../admin/aws_add.php:59
+#: ../admin/aws_add.php:58
 msgid "Hostaliases"
 msgstr ""
 
-#: ../admin/aws_add.php:73 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:72 ../admin/aws_list.php:65
 msgid "Allowed Users"
 msgstr ""
 
-#: ../admin/aws_add.php:89
+#: ../admin/aws_add.php:88
 msgid ""
 "No users currently defined, you must create login with the 'Manage allowed "
 "users' accounts' menu."
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Create those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Edit those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:95 ../admin/aws_pass.php:77 ../admin/aws_users.php:58
+#: ../admin/aws_add.php:94 ../admin/aws_pass.php:78 ../admin/aws_users.php:58
 msgid "Cancel"
 msgstr ""
 
-#: ../admin/aws_del.php:39
+#: ../admin/aws_del.php:36
 #, php-format
 msgid "The statistics %s has been successfully deleted"
 msgstr ""
 
-#: ../admin/aws_del.php:45
+#: ../admin/aws_del.php:42
 msgid "Please check the statistics set you want to delete"
 msgstr ""
 
-#: ../admin/aws_doadd.php:41
+#: ../admin/aws_doadd.php:40
 msgid "The statistics has been successfully created"
 msgstr ""
 
@@ -82,76 +82,88 @@ msgstr ""
 msgid "No Statistics selected!"
 msgstr ""
 
-#: ../admin/aws_doedit.php:48
+#: ../admin/aws_doedit.php:47
 msgid "The Statistics has been successfully changed"
 msgstr ""
 
-#: ../admin/aws_list.php:29
+#: ../admin/aws_list.php:30
+msgid "No statistics currently defined"
+msgstr ""
+
+#: ../admin/aws_list.php:36 ../class/m_aws.php:386
+msgid "Your stat quota is over..."
+msgstr ""
+
+#: ../admin/aws_list.php:41
 msgid "Statistics List"
 msgstr ""
 
-#: ../admin/aws_list.php:45
+#: ../admin/aws_list.php:52
 msgid "Manage allowed users' accounts"
 msgstr ""
 
-#: ../admin/aws_list.php:49 ../admin/aws_users.php:45
+#: ../admin/aws_list.php:56 ../admin/aws_users.php:44
 msgid "Create new Statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_users.php:78
+#: ../admin/aws_list.php:65 ../admin/aws_users.php:73
 msgid "Action"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_list.php:69
+#: ../admin/aws_list.php:65 ../admin/aws_list.php:77
 msgid "View the statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:66
+#: ../admin/aws_list.php:74
 msgid "Edit"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Are you sure you want to delete the selected statistics?"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Delete the checked Statistics"
 msgstr ""
 
-#: ../admin/aws_pass.php:43 ../admin/aws_useradd.php:36
+#: ../admin/aws_pass.php:43
+msgid "Please enter a password"
+msgstr ""
+
+#: ../admin/aws_pass.php:45 ../admin/aws_useradd.php:36
 msgid "Passwords do not match"
 msgstr ""
 
-#: ../admin/aws_pass.php:50
+#: ../admin/aws_pass.php:48
 msgid "Password successfuly updated"
 msgstr ""
 
-#: ../admin/aws_pass.php:60
+#: ../admin/aws_pass.php:61
 msgid "Change a user's password"
 msgstr ""
 
-#: ../admin/aws_pass.php:70 ../admin/aws_users.php:51
-#: ../admin/aws_users.php:78
+#: ../admin/aws_pass.php:71 ../admin/aws_users.php:51
+#: ../admin/aws_users.php:73
 msgid "Username"
 msgstr ""
 
-#: ../admin/aws_pass.php:73
+#: ../admin/aws_pass.php:74
 msgid "New Password"
 msgstr ""
 
-#: ../admin/aws_pass.php:74 ../admin/aws_users.php:55
+#: ../admin/aws_pass.php:75 ../admin/aws_users.php:55
 msgid "Confirm password"
 msgstr ""
 
-#: ../admin/aws_pass.php:76
+#: ../admin/aws_pass.php:77
 msgid "Change this user's password"
 msgstr ""
 
-#: ../admin/aws_useradd.php:43
+#: ../admin/aws_useradd.php:41
 msgid "The Awstat account has been successfully created"
 msgstr ""
 
-#: ../admin/aws_userdel.php:37
+#: ../admin/aws_userdel.php:34
 #, php-format
 msgid "The awstat account %s has been successfully deleted"
 msgstr ""
@@ -168,15 +180,15 @@ msgstr ""
 msgid "Create this new Awstats user"
 msgstr ""
 
-#: ../admin/aws_users.php:86
+#: ../admin/aws_users.php:81
 msgid "Change password"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Are you sure you want to delete the selected accounts?"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Delete checked accounts"
 msgstr ""
 
@@ -192,15 +204,11 @@ msgid ""
 "then protected by a login and a password."
 msgstr ""
 
-#: ../class/m_aws.php:123
-msgid "No statistics currently defined"
-msgstr ""
-
-#: ../class/m_aws.php:163 ../class/m_aws.php:324 ../class/m_aws.php:706
+#: ../class/m_aws.php:161 ../class/m_aws.php:324 ../class/m_aws.php:720
 msgid "This statistic does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:263
+#: ../class/m_aws.php:261
 msgid "Host already managed by awstats!"
 msgstr ""
 
@@ -212,64 +220,61 @@ msgstr ""
 msgid "This hostname does not exist (Hostaliases)"
 msgstr ""
 
-#: ../class/m_aws.php:386
-msgid "Your stat quota is over..."
-msgstr ""
-
 #: ../class/m_aws.php:399
 msgid "No user currently defined"
 msgstr ""
 
-#: ../class/m_aws.php:457 ../class/m_aws.php:516
+#: ../class/m_aws.php:457 ../class/m_aws.php:527
 msgid "Login does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:473 ../class/m_aws.php:493 ../class/m_aws.php:512
-#: ../class/m_aws.php:563
-msgid "Login incorrect"
-msgstr ""
-
-#: ../class/m_aws.php:477
+#: ../class/m_aws.php:476
 msgid "Login already exist"
 msgstr ""
 
-#: ../class/m_aws.php:497 ../class/m_aws.php:567
+#: ../class/m_aws.php:498 ../class/m_aws.php:523 ../class/m_aws.php:578
+msgid "Login incorrect"
+msgstr ""
+
+#: ../class/m_aws.php:502 ../class/m_aws.php:582
 msgid "Login does not exists"
 msgstr ""
 
-#: ../class/m_aws.php:521 ../class/m_aws.php:545 ../class/m_aws.php:572
+#: ../class/m_aws.php:532 ../class/m_aws.php:560 ../class/m_aws.php:587
 msgid "The requested statistic does not exist."
 msgstr ""
 
-#: ../class/m_aws.php:526
+#: ../class/m_aws.php:537
 msgid "This login is already allowed for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:577
+#: ../class/m_aws.php:592
 msgid "This login is already denied for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:641
+#: ../class/m_aws.php:655
 msgid "Awstats"
 msgstr ""
 
-#: ../class/m_aws.php:663
+#: ../class/m_aws.php:677
 msgid "prefix not allowed."
 msgstr ""
 
-#: ../class/m_aws.php:667
-msgid "Forbidden caracters in the postfix."
+#: ../class/m_aws.php:681
+msgid ""
+"There are forbidden characters in the login (only A-Z 0-9 _ and - are "
+"allowed)"
 msgstr ""
 
-#: ../class/m_aws.php:681
+#: ../class/m_aws.php:695
 msgid "Hostname is incorrect"
 msgstr ""
 
-#: ../class/m_aws.php:697
+#: ../class/m_aws.php:711
 msgid "Problem to create the configuration"
 msgstr ""
 
-#: ../class/m_aws.php:742
+#: ../class/m_aws.php:770
 #, php-format
 msgid "Problem to edit file %s"
 msgstr ""

awstats/bureau/locales/pt_BR/LC_MESSAGES/aws.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: AlternC 2.0\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2013-07-22 17:35+0200\n"
+"POT-Creation-Date: 2017-10-06 23:53+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -34,46 +34,46 @@ msgid ""
 "creation)."
 msgstr ""
 
-#: ../admin/aws_add.php:52 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:51 ../admin/aws_list.php:65
 msgid "Domain name"
 msgstr ""
 
-#: ../admin/aws_add.php:59
+#: ../admin/aws_add.php:58
 msgid "Hostaliases"
 msgstr ""
 
-#: ../admin/aws_add.php:73 ../admin/aws_list.php:57
+#: ../admin/aws_add.php:72 ../admin/aws_list.php:65
 msgid "Allowed Users"
 msgstr ""
 
-#: ../admin/aws_add.php:89
+#: ../admin/aws_add.php:88
 msgid ""
 "No users currently defined, you must create login with the 'Manage allowed "
 "users' accounts' menu."
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Create those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:94
+#: ../admin/aws_add.php:93
 msgid "Edit those statistics"
 msgstr ""
 
-#: ../admin/aws_add.php:95 ../admin/aws_pass.php:77 ../admin/aws_users.php:58
+#: ../admin/aws_add.php:94 ../admin/aws_pass.php:78 ../admin/aws_users.php:58
 msgid "Cancel"
 msgstr ""
 
-#: ../admin/aws_del.php:39
+#: ../admin/aws_del.php:36
 #, php-format
 msgid "The statistics %s has been successfully deleted"
 msgstr ""
 
-#: ../admin/aws_del.php:45
+#: ../admin/aws_del.php:42
 msgid "Please check the statistics set you want to delete"
 msgstr ""
 
-#: ../admin/aws_doadd.php:41
+#: ../admin/aws_doadd.php:40
 msgid "The statistics has been successfully created"
 msgstr ""
 
@@ -81,76 +81,88 @@ msgstr ""
 msgid "No Statistics selected!"
 msgstr ""
 
-#: ../admin/aws_doedit.php:48
+#: ../admin/aws_doedit.php:47
 msgid "The Statistics has been successfully changed"
 msgstr ""
 
-#: ../admin/aws_list.php:29
+#: ../admin/aws_list.php:30
+msgid "No statistics currently defined"
+msgstr ""
+
+#: ../admin/aws_list.php:36 ../class/m_aws.php:386
+msgid "Your stat quota is over..."
+msgstr ""
+
+#: ../admin/aws_list.php:41
 msgid "Statistics List"
 msgstr ""
 
-#: ../admin/aws_list.php:45
+#: ../admin/aws_list.php:52
 msgid "Manage allowed users' accounts"
 msgstr ""
 
-#: ../admin/aws_list.php:49 ../admin/aws_users.php:45
+#: ../admin/aws_list.php:56 ../admin/aws_users.php:44
 msgid "Create new Statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_users.php:78
+#: ../admin/aws_list.php:65 ../admin/aws_users.php:73
 msgid "Action"
 msgstr ""
 
-#: ../admin/aws_list.php:57 ../admin/aws_list.php:69
+#: ../admin/aws_list.php:65 ../admin/aws_list.php:77
 msgid "View the statistics"
 msgstr ""
 
-#: ../admin/aws_list.php:66
+#: ../admin/aws_list.php:74
 msgid "Edit"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Are you sure you want to delete the selected statistics?"
 msgstr ""
 
-#: ../admin/aws_list.php:73
+#: ../admin/aws_list.php:81
 msgid "Delete the checked Statistics"
 msgstr ""
 
-#: ../admin/aws_pass.php:43 ../admin/aws_useradd.php:36
+#: ../admin/aws_pass.php:43
+msgid "Please enter a password"
+msgstr ""
+
+#: ../admin/aws_pass.php:45 ../admin/aws_useradd.php:36
 msgid "Passwords do not match"
 msgstr ""
 
-#: ../admin/aws_pass.php:50
+#: ../admin/aws_pass.php:48
 msgid "Password successfuly updated"
 msgstr ""
 
-#: ../admin/aws_pass.php:60
+#: ../admin/aws_pass.php:61
 msgid "Change a user's password"
 msgstr ""
 
-#: ../admin/aws_pass.php:70 ../admin/aws_users.php:51
-#: ../admin/aws_users.php:78
+#: ../admin/aws_pass.php:71 ../admin/aws_users.php:51
+#: ../admin/aws_users.php:73
 msgid "Username"
 msgstr ""
 
-#: ../admin/aws_pass.php:73
+#: ../admin/aws_pass.php:74
 msgid "New Password"
 msgstr ""
 
-#: ../admin/aws_pass.php:74 ../admin/aws_users.php:55
+#: ../admin/aws_pass.php:75 ../admin/aws_users.php:55
 msgid "Confirm password"
 msgstr ""
 
-#: ../admin/aws_pass.php:76
+#: ../admin/aws_pass.php:77
 msgid "Change this user's password"
 msgstr ""
 
-#: ../admin/aws_useradd.php:43
+#: ../admin/aws_useradd.php:41
 msgid "The Awstat account has been successfully created"
 msgstr ""
 
-#: ../admin/aws_userdel.php:37
+#: ../admin/aws_userdel.php:34
 #, php-format
 msgid "The awstat account %s has been successfully deleted"
 msgstr ""
@@ -167,15 +179,15 @@ msgstr ""
 msgid "Create this new Awstats user"
 msgstr ""
 
-#: ../admin/aws_users.php:86
+#: ../admin/aws_users.php:81
 msgid "Change password"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Are you sure you want to delete the selected accounts?"
 msgstr ""
 
-#: ../admin/aws_users.php:92
+#: ../admin/aws_users.php:87
 msgid "Delete checked accounts"
 msgstr ""
 
@@ -191,15 +203,11 @@ msgid ""
 "then protected by a login and a password."
 msgstr ""
 
-#: ../class/m_aws.php:123
-msgid "No statistics currently defined"
-msgstr ""
-
-#: ../class/m_aws.php:163 ../class/m_aws.php:324 ../class/m_aws.php:706
+#: ../class/m_aws.php:161 ../class/m_aws.php:324 ../class/m_aws.php:720
 msgid "This statistic does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:263
+#: ../class/m_aws.php:261
 msgid "Host already managed by awstats!"
 msgstr ""
 
@@ -211,64 +219,61 @@ msgstr ""
 msgid "This hostname does not exist (Hostaliases)"
 msgstr ""
 
-#: ../class/m_aws.php:386
-msgid "Your stat quota is over..."
-msgstr ""
-
 #: ../class/m_aws.php:399
 msgid "No user currently defined"
 msgstr ""
 
-#: ../class/m_aws.php:457 ../class/m_aws.php:516
+#: ../class/m_aws.php:457 ../class/m_aws.php:527
 msgid "Login does not exist"
 msgstr ""
 
-#: ../class/m_aws.php:473 ../class/m_aws.php:493 ../class/m_aws.php:512
-#: ../class/m_aws.php:563
-msgid "Login incorrect"
-msgstr ""
-
-#: ../class/m_aws.php:477
+#: ../class/m_aws.php:476
 msgid "Login already exist"
 msgstr ""
 
-#: ../class/m_aws.php:497 ../class/m_aws.php:567
+#: ../class/m_aws.php:498 ../class/m_aws.php:523 ../class/m_aws.php:578
+msgid "Login incorrect"
+msgstr ""
+
+#: ../class/m_aws.php:502 ../class/m_aws.php:582
 msgid "Login does not exists"
 msgstr ""
 
-#: ../class/m_aws.php:521 ../class/m_aws.php:545 ../class/m_aws.php:572
+#: ../class/m_aws.php:532 ../class/m_aws.php:560 ../class/m_aws.php:587
 msgid "The requested statistic does not exist."
 msgstr ""
 
-#: ../class/m_aws.php:526
+#: ../class/m_aws.php:537
 msgid "This login is already allowed for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:577
+#: ../class/m_aws.php:592
 msgid "This login is already denied for this statistics."
 msgstr ""
 
-#: ../class/m_aws.php:641
+#: ../class/m_aws.php:655
 msgid "Awstats"
 msgstr ""
 
-#: ../class/m_aws.php:663
+#: ../class/m_aws.php:677
 msgid "prefix not allowed."
 msgstr ""
 
-#: ../class/m_aws.php:667
-msgid "Forbidden caracters in the postfix."
+#: ../class/m_aws.php:681
+msgid ""
+"There are forbidden characters in the login (only A-Z 0-9 _ and - are "
+"allowed)"
 msgstr ""
 
-#: ../class/m_aws.php:681
+#: ../class/m_aws.php:695
 msgid "Hostname is incorrect"
 msgstr ""
 
-#: ../class/m_aws.php:697
+#: ../class/m_aws.php:711
 msgid "Problem to create the configuration"
 msgstr ""
 
-#: ../class/m_aws.php:742
+#: ../class/m_aws.php:770
 #, php-format
 msgid "Problem to edit file %s"
 msgstr ""

bureau/admin/about.php

@@ -1,13 +1,5 @@
 <?php
 /*
-$Id: adm_email.php,v 1.1 2005/09/05 10:55:48 arnodu59 Exp $
-----------------------------------------------------------------------
-AlternC - Web Hosting System
-Copyright (C) 2005 by the AlternC Development Team.
-http://alternc.org/
-----------------------------------------------------------------------
-Based on:
-Valentin Lacambre's web hosting softwares: http://altern.org/
 ----------------------------------------------------------------------
 LICENSE
 
@@ -23,11 +15,15 @@ GNU General Public License for more details.
 
 To read the license please visit http://www.gnu.org/copyleft/gpl.html
 ----------------------------------------------------------------------
-Original Author of file: Benjamin Sonntag
-Purpose of file: Show a form to edit a member
-----------------------------------------------------------------------
 */
-require_once("../class/config.php");
+
+/**
+ * About page
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/
+ */
+
+ require_once("../class/config.php");
 
 include("head.php");
 
@@ -44,14 +40,14 @@ __("AlternC is an automatic hosting software suite. It features a PHP-based admi
 
 <p>
   <ul>
-    <li><?php __("Official website: ");?> <a target=_blank href="http://alternc.com">http://alternc.com</a></li>
-    <li><?php __("Developer website: ");?> <a target=_blank href="https://alternc.org">https://alternc.org</a></li>
-    <li><?php __("Help: ");?> <a target=_blank href="http://aide-alternc.org">http://aide-alternc.org</a></li>
+    <li><?php __("Official website: ");?> <a target="_blank" href="https://alternc.com">http://alternc.com</a></li>
+    <li><?php __("Developer website: ");?> <a target="_blank" href="https://github.com/AlternC">https://github.com/AlternC</a></li>
+    <li><?php __("Help: ");?> <a target="_blank" href="https://aide-alternc.org">https://aide-alternc.org</a></li>
   </ul>
 </li>
 
 <hr/>
-<p class="center"><a href="http://www.alternc.com" target="_blank"><img src="images/logo2.png" border="0" alt="AlternC" /></a>
+<p class="center"><a href="https://www.alternc.com" target="_blank"><img src="images/logo2.png" border="0" alt="AlternC" /></a>
 <br />
 <?php 
 __("You are currently using AlternC ");

bureau/admin/adm_add.php

@@ -1,15 +1,5 @@
 <?php
 /*
- $Id: adm_add.php,v 1.9 2006/01/24 05:03:30 joe Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2006 Le r<EFBFBD>seau Koumbit Inc.
- http://koumbit.org/
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -25,52 +15,60 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Member managment
- ----------------------------------------------------------------------
 */
+
+/**
+ * Form to add a new account to AlternC
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
 $fields = array (
-	"canpass"    => array ("request", "integer", 1),
-	"login"      => array ("request", "string", null),
-	"pass"       => array ("request", "string", null),
-	"passconf"   => array ("request", "string", null),
-	"notes"      => array ("request", "string", null),
-	"nom"        => array ("request", "string", null),
-	"prenom"     => array ("request", "string", null),
-	"nmail"      => array ("request", "string", null),
-	"create_dom" => array ("request", "integer", 0),
+	"canpass"    => array ("post", "integer", 1),
+	"login"      => array ("post", "string", null),
+	"pass"       => array ("post", "string", null),
+	"passconf"   => array ("post", "string", null),
+	"notes"      => array ("post", "string", null),
+	"nom"        => array ("post", "string", null),
+	"prenom"     => array ("post", "string", null),
+	"nmail"      => array ("post", "string", null),
+	"create_dom" => array ("post", "integer", 0),
 );
 getFields($fields);
 
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['adm']['classcount'];
+
 ?>
 <h3><?php __("New AlternC account"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error) && $error) {
-	echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
 ?>
-<form method="post" action="adm_doadd.php" id="main" name="main">
+<form method="post" action="adm_doadd.php" id="main" name="main" autocomplete="off">
+  <?php csrf_get(); ?>
+
 <table class="tedit">
-<tr><th><label for="login"><?php __("Username"); ?></label></th><td>
-	<input type="text" class="int" name="login" id="login" value="<?php ehe($login); ?>" size="20" maxlength="16" />
+<tr><th><label for="login"><?php __("Username"); ?></label><span class="mandatory">*</span></th><td>
+	<input type="text" class="int" name="login" id="login" autocomplete="off" value="<?php ehe($login); ?>" size="20" maxlength="16" />
 </td></tr>
 <tr>
-	<th><label for="pass"><?php __("Initial password"); ?></label></th>
-	<td><input type="password" id="pass" name="pass" class="int" value="<?php ehe($pass); ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td>
+	<th><label for="pass"><?php __("Initial password"); ?></label><span class="mandatory">*</span></th>
+	<td><input type="password" id="pass" name="pass" autocomplete="off" class="int" value="<?php ehe($pass); ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td>
 </tr>
 <tr>
-	<th><label for="passconf"><?php __("Confirm password"); ?></label></th>
-	<td><input type="password" id="passconf" name="passconf" class="int" value="<?php ehe($passconf); ?>" size="20" maxlength="64" /></td>
+	<th><label for="passconf"><?php __("Confirm password"); ?></label><span class="mandatory">*</span></th>
+	<td><input type="password" id="passconf" name="passconf" autocomplete="off" class="int" value="<?php ehe($passconf); ?>" size="20" maxlength="64" /></td>
 </tr>
 <tr>
 	<th><label><?php __("Can he change its password"); ?></label></th>
@@ -88,7 +86,7 @@ if (isset($error) && $error) {
 	<td><input class="int" type="text" id="nom" name="nom" value="<?php ehe($nom); ?>" size="16" maxlength="128" />&nbsp;/&nbsp;<input type="text" name="prenom" id="prenom" value="<?php ehe($prenom); ?>" class="int" size="16" maxlength="128" /></td>
 </tr>
 <tr>
-	<th><label for="nmail"><?php __("Email address"); ?></label></th>
+	<th><label for="nmail"><?php __("Email address"); ?></label><span class="mandatory">*</span></th>
 	<td><input type="text" name="nmail" id="nmail" class="int" value="<?php ehe($nmail); ?>" size="30" maxlength="128" /></td>
 </tr>
 <tr>
@@ -102,7 +100,7 @@ if (isset($error) && $error) {
 <tr>
     <th>
         <?php 
-          __("Wich database server for this user ?");
+          __("Associate this new user to this database server:");
           echo "<br/>";
           echo "<i>"._("Warning: you can't change it after the creation of the user.")."</i>";
         ?>
@@ -144,7 +142,6 @@ if (isset($error) && $error) {
 </form>
 <script type="text/javascript">
  document.forms['main'].login.focus();
- document.forms['main'].setAttribute('autocomplete', 'off');
 </script>
 
 <?php include_once("foot.php"); ?>

bureau/admin/adm_authip_whitelist.php

@@ -1,4 +1,28 @@
 <?php 
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * Manages Whitelists in IP auth module 
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
@@ -15,13 +39,13 @@ getFields($fields);
 
 if (!empty($delete_id)) {
   if (! $authip->ip_delete($delete_id)) {
-    $error="Error during deletion";
+    $msg->raise("ERROR", "admin", _("Error during deletion"));
   }
 }
 
 if (!empty($ipsub)) {
   if (! $authip->ip_save_whitelist($id, $ipsub, $infos)) {
-    $error="Error during recording";
+    $msg->raise("ERROR", "admin", _("Error during recording"));
   }
 }
 
@@ -32,9 +56,8 @@ $list_ip = $authip->list_ip_whitelist();
 <hr id="topbar"/>
 <br />
 
-<?php if (isset($error) && $error) { ?>
-  <p class="alert alert-danger"><?php echo $error ?></p>
-<?php } ?>
+<?php echo $msg->msg_html_all(); ?>
+
 <center>
   <p class="alert alert-warning"><?php __("Warning"); echo "<br/>"; __("The IP and subnet you have here are allowed for ALL users and ALL usages"); ?></p>
 </center>
@@ -44,15 +67,16 @@ $list_ip = $authip->list_ip_whitelist();
         <legend><?php __("Add an IP");?> - <a href="javascript:edit_ip('','<?php echo htmlentities(get_remote_ip())."','Home IP'";?>);" ><?php echo __("Add my current IP"); ?></a></legend>
         <span id="form_add_ip">
         <form method="post" action="adm_authip_whitelist.php" name="main" id="main">
+   <?php csrf_get(); ?>
           <p id="reset_edit_ip" style="display:none;"><a href="javascript:reset_edit_ip();"><?php __("Cancel edit")?></a></p>
           <input type="hidden" name="id" value="" id="edit_id" />
           <p>
             <?php __("Enter here the IP address you want. <br/> <i>IPv4, IPv6 and subnet allowed</i>"); ?> <br/>
-            <input type="text" size='20' maxlength='39' name="ipsub" id="edit_ip" />
+            <input type="text" size="20" maxlength="39" name="ipsub" id="edit_ip" />
           </p>
           <p>
             <?php __("Add a comment");?><br/>
-            <input type="text" size='25' maxlength='200' name="infos" id="edit_infos" />
+            <input type="text" size="25" maxlength="200" name="infos" id="edit_infos" />
           </p>
           <input type="submit" class="inb" value="<?php __("Save")?>" />
         </form>
@@ -60,8 +84,8 @@ $list_ip = $authip->list_ip_whitelist();
       </fieldset>
  
 <br/>
-      <table class='tlist'>
-      <tr><th><?php __("Type"); ?></th><th><?php __("IP"); ?></th><th><?php __("Informations"); ?></th><th colspan='2' /></tr>
+      <table class="tlist">
+      <tr><th><?php __("Type"); ?></th><th><?php __("IP"); ?></th><th><?php __("Informations"); ?></th><th colspan="2" /></tr>
       <?php 
       foreach($list_ip as $i) {
         if (checkip($i['ip'])) {
@@ -76,11 +100,13 @@ $list_ip = $authip->list_ip_whitelist();
           } else {
             $txt="Subnet IPv6";
           }
-        } 
-        echo "<tr class='lst'><td>$txt</td><td>{$i['ip_human']}</td><td>{$i['infos']}</td>";
+        } else {
+          $txt = "Unknow IP";
+        }
+        echo "<tr class=\"lst\"><td>$txt</td><td>{$i['ip_human']}</td><td>{$i['infos']}</td>";
         ?>
-        <td><div class="ina edit"><a href="javascript:edit_ip(<?php echo "'".htmlentities($i['id'])."','".htmlentities($i['ip_human'])."','".htmlentities($i['infos'])."'"; ?>);"><?php __("Edit"); ?></a></div></td>
-        <td><div class="ina delete"><a href="adm_authip_whitelist.php?delete_id=<?php echo urlencode($i["id"]) ?>"><?php __("Delete"); ?></a></div></td>
+        <td><div class="ina edit"><a href="javascript:edit_ip(<?php echo "'".urlencode($i['id'])."','".urlencode($i['ip_human'])."','".urlencode($i['infos'])."'"; ?>);"><?php __("Edit"); ?></a></div></td>
+        <td><div class="ina delete"><a href="adm_authip_whitelist.php?delete_id=<?php eue($i["id"]); ?>"><?php __("Delete"); ?></a></div></td>
         </tr>
 
       <?php } ?>

bureau/admin/adm_cancel.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_login.php,v 1.4 2005/04/01 17:13:10 benjamin Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,10 +15,15 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Connect a super-user to another account
- ----------------------------------------------------------------------
 */
+
+/**
+ * Page used by Administrator to forbid an impersonate session
+ * to go back to Admin rights.
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/
+ */
+
 require_once("../class/config.php");
 
 setcookie('oldid','',0,'/');

bureau/admin/adm_db_servers.php

@@ -1,10 +1,6 @@
 <?php
 /*
 ----------------------------------------------------------------------
-AlternC - Web Hosting System
-Copyright (C) 2000-2012 by the AlternC Development Team.
-https://alternc.org/
-----------------------------------------------------------------------
 LICENSE
 
 This program is free software; you can redistribute it and/or
@@ -19,15 +15,21 @@ GNU General Public License for more details.
 
 To read the license please visit http://www.gnu.org/copyleft/gpl.html
 ----------------------------------------------------------------------
-Purpose of file: Show a form to edit a member
-----------------------------------------------------------------------
 */
+
+/**
+ * Show the list of MySQL db servers that this AlternC instance can use
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/
+ */
+
 require_once("../class/config.php");
 
 include("head.php");
 
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 

bureau/admin/adm_deactivate.php

@@ -1,13 +1,5 @@
 <?php 
 /*
- $Id: adm_tld.php,v 1.4 2004/11/29 17:27:04 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,16 +15,22 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/**
+ * Page used by administrators to deactivate an account
+ * and redirect its domains
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/
+ */
+
 require_once("../class/config.php");
 
 include_once("head.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit;
 }
 $fields = array (
@@ -43,19 +41,22 @@ $fields = array (
 getFields($fields);
 
 if (!$uid) {
-	__("Account not found");
+	$msg->raise("ERROR", "admin", _("Account not found"));
+	echo $msg->msg_html_all();
 	include_once("foot.php");
 	exit();
 }
 
 if (!$admin->checkcreator($uid)) {
-        __("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	include_once("foot.php");
 	exit();
 }
 
 if (!$r=$admin->get($uid)) {
-	__("User does not exist");
+	$msg->raise("ERROR", "admin", _("User does not exist"));
+	echo $msg->msg_html_all();
 	include_once("foot.php");
 	exit();
 }
@@ -69,7 +70,8 @@ if (! ($confirmed ) ) {
 
   ?>
   <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="POST">
-  <input type="hidden" name="uid" value="<?php echo $uid?>" />
+     <?php csrf_get(); ?>
+  <input type="hidden" name="uid" value="<?php ehe($uid); ?>" />
   <?php __("Redirection URL:") ?> <input type="text" name="redirect" class="int" value="http://example.com/" />
   <input type="submit" name="submit" class="inb" value="<?php __("Confirm")?>" />
   <input type="button" class="inb" name="cancel" value="<?php __("Cancel"); ?>" onclick="document.location='adm_list.php'"/>
@@ -78,13 +80,14 @@ if (! ($confirmed ) ) {
   print "<h3>" . _("Domains of user: ") . $r["login"] . "</h3>";
 } else {
   if (empty($redirect)) {
-    __("Missing redirect url.");
+    $msg->raise("ERROR", "admin", _("Missing redirect url."));
+    echo $msg->msg_html_all();
     include_once("foot.php");
     exit();
   } 
 }
 
-# this string will contain an SQL request that will be printed at the end of the process and that can be used to reload the old domain configuration
+// this string will contain an SQL request that will be printed at the end of the process and that can be used to reload the old domain configuration
 $backup = "";
 
 # 1. list the domains of the user
@@ -104,9 +107,7 @@ reset($domains);
 foreach ($domains as $key => $domain) {
   if (!$confirmed) print '<h4>' . $domain . '</h4><ul>';
   $dom->lock();
-  if (!$r=$dom->get_domain_all($domain)) {
-          $error=$err->errstr();
-  }
+  $r=$dom->get_domain_all($domain);
   $dom->unlock();
   # 2. for each subdomain
   if (is_array($r['sub'])) {
@@ -131,7 +132,8 @@ foreach ($domains as $key => $domain) {
 # 2.2 change the subdomain to redirect to http://spam.koumbit.org/
 	  $dom->lock();
 	  if (!$dom->set_sub_domain($domain, $sub, $dom->type_url, "edit", $redirect)) {
-	    print "-- error in $sub.$domain: " . $err->errstr() . "\n";
+          print "-- error in $sub.$domain: ";
+          echo $msg->msg_html("ERROR");
 	  }
 	  $dom->unlock();
 	}

bureau/admin/adm_defquotas.php

@@ -1,15 +1,5 @@
 <?php
 /*
- $Id: adm_defquotas.php,v 1.4 2006/01/24 05:03:30 joe Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2006 Le r<EFBFBD>seau Koumbit Inc.
- http://koumbit.org/
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -25,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage the default quotas
- ----------------------------------------------------------------------
 */
+
+/**
+ * Administrator page to manage default quotas for users
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 $fields = array (
@@ -54,11 +49,10 @@ if ($synchronise==true) {
 
 $quota->create_missing_quota_profile();
 
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="adm_dodefquotas.php">
+  <?php csrf_get(); ?>
 <p>
 <input type="hidden" name="action" value="add" />
 <input type="text" name="type" class="int" />
@@ -69,6 +63,7 @@ if (isset($error) && $error) {
 <?php
 ?>
 <form method="post" action="adm_dodefquotas.php">
+  <?php csrf_get(); ?>
 <table border="0" cellpadding="4" cellspacing="0">
 <tr class="lst">
 <td>
@@ -90,6 +85,7 @@ foreach($quota->listtype() as $type) {
 <span class="inb"><a href="adm_defquotas.php?synchronise=1"><?php __("Synchronise user's quota (only to upper value)"); ?></a></span>  
 
 <form method="post" action="adm_dodefquotas.php">
+  <?php csrf_get(); ?>
 <div>
 <input type="hidden" name="action" value="modify" />
 <?php
@@ -98,8 +94,9 @@ $qlist=$quota->getdefaults();
 reset($qlist);
 foreach($qlist as $type => $q) {
 ?>
-<div>
-<h4><?php echo _("Accounts of type"). " \"$type\"" ?></h4>
+<div class="info-toggle">
+<h4 class="toggle-next"><?php echo _("Accounts of type"). " \"$type\"" ?>▼</h4>
+<div class="info-hide" id="div-quot-<?php echo md5($type);?>">
 <table border="0" cellpadding="4" cellspacing="0" class='tlist'>
 <tr><th><?php __("Quotas") ?></th><th><?php __("Default Value"); ?></th></tr>
 <?php
@@ -110,12 +107,17 @@ foreach($q as $name => $value) {
 
 <tr class="lst">
 <td><label for="<?php echo $key; ?>"><?php echo $qarray[$name] ; ?></label></td>
-<td><input type="text" class="int" size="16" maxlength="16" name="<?php echo $key; ?>" id="<?php echo $key;?>" value="<?php ehe($value); ?>" /></td></tr>
+<td><input type="text" class="int" size="16" maxlength="16" name="<?php ehe($key); ?>" id="<?php ehe($key); ?>" value="<?php ehe($value); ?>" /></td></tr>
 
 <?php
-  }
+  } //foreach 
 ?>
 </table>
+<br/>
+</div>
+<script type="text/javascript">
+  $("#div-quot-<?php echo md5($type);?>").toggle();
+</script>
 </div>
 <?php
 }
@@ -124,4 +126,12 @@ foreach($q as $name => $value) {
 <input type="submit" class="inb ok" value="<?php __("Edit the default quotas"); ?>" />
 </div>
 </form>
+<script type="text/javascript">
+$(function(){
+  $(".toggle-next").on("click",function(){
+    var next = $(this).next();
+    next.toggle();
+  })
+}); 
+</script>
 <?php include_once("foot.php"); ?>

bureau/admin/adm_del.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_del.php,v 1.1.1.1 2003/03/26 17:41:29 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,8 +15,6 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file:
- Purpose of file:
- ----------------------------------------------------------------------
 */
+
 ?>

bureau/admin/adm_dnsweberror.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_dnsweberror.php,v 1.4 2004/11/29 17:27:04 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Alan Garcia
- Purpose of file: Report domains and websites having error in the DB
- ----------------------------------------------------------------------
 */
+
+/**
+ * Report DNS and WEBSITES being in error mode in the DB
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -41,10 +38,7 @@ include_once("head.php");
 <hr id="topbar" />
  <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-
+echo $msg->msg_html_all();
 ?>
 <br/>
 <h3><?php __("List of the websites having errors in the domain database."); ?></h3>
@@ -61,7 +55,7 @@ include_once("head.php");
 
 <?php 
 $pair=0;
-$db->query("select sd.compte, m.login, sd.domaine, if(length(sub)>0,concat_ws('.',sd.sub,sd.domaine),sd.domaine) as fqdn, sd.valeur, dt.description, sd.web_result from sub_domaines sd,membres m, domaines_type dt where sd.web_action='OK' and length(sd.web_result)<>0 and upper(dt.name)=upper(sd.type) order by sd.domaine, sd.sub, sd.valeur;");
+$db->query("select sd.compte, m.login, sd.domaine, if(length(sub)>0,concat_ws('.',sd.sub,sd.domaine),sd.domaine) as fqdn, sd.valeur, dt.description, sd.web_result from sub_domaines sd,membres m, domaines_type dt where sd.web_action='OK' and length(sd.web_result)<>0 and upper(dt.name)=upper(sd.type) and sd.compte=m.uid order by sd.domaine, sd.sub, sd.valeur;");
 
 while($db->next_record()) {  ?>
 <tr class="lst">

bureau/admin/adm_doadd.php

@@ -1,9 +1,5 @@
 <?php
 /*
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2000-2012 by the AlternC Development Team.
- https://alternc.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -20,10 +16,18 @@
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
 */
+
+/**
+ * Validate and create a new account
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit;
 }
 $fields = array (
@@ -50,19 +54,18 @@ if ($create_dom && !empty($create_dom_list) ) {
 }
 
 if ($pass != $passconf) {
-	$error = _("Passwords do not match");
+	$msg->raise("ERROR", "admin", _("Passwords do not match"));
 	include("adm_add.php");
 	exit();
 }
 
 // Attemp to create, exit if fail
 if (!($u=$admin->add_mem($login, $pass, $nom, $prenom, $nmail, $canpass, $type, 0, $notes, 0, $dom_to_create, $db_server_id))) {
-	$error=$err->errstr();
 	include ("adm_add.php");
 	exit;
 }
- 
-$error=_("The new member has been successfully created");
+
+$msg->raise("INFO", "admin", _("The new member has been successfully created"));
 
 include("adm_list.php");
 exit;

bureau/admin/adm_dodefquotas.php

@@ -1,15 +1,5 @@
 <?php
 /*
- $Id: adm_dodefquotas.php,v 1.3 2006/01/24 05:03:30 joe Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2006 Le réseau Koumbit Inc.
- http://koumbit.org/
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -25,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage the default quotas
- ----------------------------------------------------------------------
 */
+
+/**
+ * Change the default quotas
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 $fields = array (
@@ -45,18 +40,18 @@ getFields($fields);
 if($action == "add") {
 
   if($quota->addtype($type)) {
-    $error=_("Account type"). " \"".htmlentities($type)."\" "._("added");
+    $msg->raise("INFO", "admin", _("Account type"). " \"".htmlentities($type)."\" "._("added"));
   } else {
-    $error=_("Account type"). " \"".htmlentities($type)."\" "._("could not be added");
+    $msg->raise("ERROR", "admin", _("Account type"). " \"".htmlentities($type)."\" "._("could not be added"));
   }
   include("adm_defquotas.php");
 } else if($action == "delete") {
   if($del_confirm == "y"){
     if(!empty($type)) {
       if($quota->deltype($type)) {
-        $error=_("Account type"). " \"".htmlentities($type)."\" "._("deleted");
+        $msg->raise("INFO", "admin", _("Account type"). " \"".htmlentities($type)."\" "._("deleted"));
       } else {
-        $error=_("Account type"). " \"".htmlentities($type)."\" "._("could not be deleted");
+        $msg->raise("ERROR", "admin", _("Account type"). " \"".htmlentities($type)."\" "._("could not be deleted"));
       }
     }
     include("adm_defquotas.php");
@@ -66,6 +61,7 @@ if($action == "add") {
     <h3><?php printf(_("Deleting quota %s"),$type); ?> : </h3>
 
     <form action="adm_dodefquotas.php" method="post">
+ <?php csrf_get(); ?>
       <input type="hidden" name="action" value="delete" />
       <input type="hidden" name="type" value="<?php echo $type ?>" />
       <input type="hidden" name="del_confirm" value="y" />
@@ -91,9 +87,9 @@ if($action == "add") {
   }
 
   if($quota->setdefaults($c)) {
-    $error=_("Default quotas successfully changed");
+    $msg->raise("INFO", "admin", _("Default quotas successfully changed"));
   } else {
-    $error=_("Default quotas could not be set.");
+    $msg->raise("ERROR", "admin", _("Default quotas could not be set."));
   }
   include("adm_panel.php");
 }

bureau/admin/adm_dodel.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_dodel.php,v 1.2 2004/05/19 14:23:06 benjamin Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,46 +15,47 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Delete a member
- ----------------------------------------------------------------------
 */
+
+/**
+ * Delete one or more AlternC's accounts
+ * of course, confirm the deletion
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 $fields = array (
-		 "d" => array ("request", "array", array()),
-		 "del_confirm" => array("request", "string", ""),
+		 "accountList" => array ("post", "array", array()),
+		 "del_confirm" => array("post", "string", ""),
 );
 getFields($fields);
 
-
 if($del_confirm == "y"){
-  if (!is_array($d)) {
-    $d[]=$d;
-  }
-
-  reset($d);
-  while (list($key,$val)=each($d)) {
+  foreach ($accountList as $key => $val) {
     if (!$admin->checkcreator($val)) {
-      __("This page is restricted to authorized staff");
+      $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+      echo $msg->msg_html_all();
       exit();
     }
     if (!($u=$admin->get($val)) || !$admin->del_mem($val)) {
-      $error=sprintf(_("Member '%s' does not exist"),$val)."<br />";
+      $msg->raise("ERROR", "admin", _("Member '%s' does not exist"),$val);
     } else {
-      $error=sprintf(_("Member %s successfully deleted"),$u["login"])."<br />";
+      $msg->raise("INFO", "admin", _("Member %s successfully deleted"),$u["login"]);
     }
   }
   include("adm_list.php");
   exit();
 } else {
-  if (!is_array($d) || count($d)==0) {
-    $error=_("Please check the accounts you want to delete");
+  if (!is_array($accountList) || count($accountList)==0) {
+    $msg->raise("ERROR", "admin", _("Please check the accounts you want to delete"));
     require("adm_list.php");
     exit();
   } 
@@ -72,16 +65,19 @@ if($del_confirm == "y"){
     <body>
     <h3><?php printf(_("Deleting users")); ?> : </h3>
     <form action="adm_dodel.php" method="post">
+ <?php csrf_get(); ?>
       <input type="hidden" name="action" value="delete" />
       <input type="hidden" name="del_confirm" value="y" />
       <p class="alert alert-warning"><?php __("WARNING : Confirm the deletion of the users"); ?></p>
       <p>
-      <?php
-        foreach($d as $userid){
-          $membre=$admin->get($userid);
-          echo "<input type=\"hidden\" name=\"d[]\" value=\"$userid\" />".$membre['login']."<br/>";
-        }
-      ?>
+		  <ul>
+			  <?php
+				foreach($accountList as $userid){
+				  $membre   = $admin->get($userid);
+				  echo "<li><input type=\"hidden\" name=\"accountList[]\" value=\"$userid\" />".$membre['login']."</li>";
+				}
+			  ?>
+		  </ul>
       </p>
       <blockquote>
 	  <input type="submit" class="inb ok" name="confirm" value="<?php __("Yes, delete those accounts"); ?>" />&nbsp;&nbsp;

bureau/admin/adm_doedit.php

@@ -1,15 +1,5 @@
 <?php
 /*
- $Id: adm_doedit.php,v 1.6 2006/01/24 05:03:30 joe Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2006 Le réseau Koumbit Inc.
- http://koumbit.org/
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -25,56 +15,60 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Edit a member's parameters
- ----------------------------------------------------------------------
 */
+
+/**
+ * Edit an account settings (name, password, etc.)
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 $subadmin=variable_get("subadmin_restriction");
 
 $fields = array (
-	"uid" => array ("request", "integer", 0),
-	"enabled" => array ("request", "boolean", true),
-	"pass" => array ("request", "string", ""),
-	"passconf" => array ("request", "string", ""),
-	"canpass" => array ("request", "boolean", true),
-	"notes" => array ("request", "string", ""),
-	"nom" => array ("request", "string", ""),
-	"prenom" => array ("request", "string", ""),
-	"nmail" => array ("request", "string", ""),
-	"type" => array ("request", "string", ""),
-	"duration" => array ("request", "integer", 0),
-	"reset_quotas" => array ("request", "string", false),
+	"uid" => array ("post", "integer", 0),
+	"enabled" => array ("post", "boolean", true),
+	"pass" => array ("post", "string", ""),
+	"passconf" => array ("post", "string", ""),
+	"canpass" => array ("post", "boolean", true),
+	"notes" => array ("post", "string", ""),
+	"nom" => array ("post", "string", ""),
+	"prenom" => array ("post", "string", ""),
+	"nmail" => array ("post", "string", ""),
+	"type" => array ("post", "string", ""),
+	"duration" => array ("post", "integer", 0),
+	"reset_quotas" => array ("post", "string", false),
 );
 getFields($fields);
 
 
 if ($subadmin==0 && !$admin->checkcreator($uid)) {
-  __("This page is restricted to authorized staff");
+  $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 if ($pass != $passconf) {
-  $error = _("Passwords do not match");
+  $msg->raise("ERROR", "admin", _("Passwords do not match"));
   include("adm_edit.php");
   exit();
 }
 // When changing its own account, enabled forced to 1.
 if ($uid==$mem->user["uid"]) {
   $enabled=1;
- }
+}
 
 if (!$admin->update_mem($uid, $nmail, $nom, $prenom, $pass, $enabled, $canpass, $type, $duration, $notes, $reset_quotas)){
-  $error=$err->errstr();
   include("adm_edit.php");
 } else {
-  $error=_("The member has been successfully edited");
+  $msg->raise("INFO", "admin", _("The member has been successfully edited"));
   include("adm_list.php");
 }
-?>

bureau/admin/adm_domlock.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_domlock.php,v 1.1 2003/09/20 19:41:06 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,20 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/**
+ * Lock a domain on an account, forbid any dangerous / low-level change on it
+ * including removing the domain from the user account
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -39,11 +37,9 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$admin->dom_lock($domain)) {
-  $error=$err->errstr();
-}
+$admin->dom_lock($domain);
 
 include("adm_doms.php");
 exit;
 
-?>
+?>

bureau/admin/adm_doms.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_doms.php,v 1.1 2003/09/20 19:41:06 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/**
+ * List domains on the server and their DNS / Vhost compatibility
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -39,9 +36,7 @@ include_once ("head.php");
 ?>
 <h3><?php __("Manage installed domains"); ?></h3>
 <?php
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
 
 $fields = array (
 	"force"    		=> array ("get", "integer", "0"),
@@ -65,8 +60,12 @@ $c=$admin->dom_list(true,$forcecheck);
 <?php __("If you want to force the check of NS, MX, IP on domains, click the link"); ?> <a href="adm_doms.php?force=1"><?php __("Show domain list with refreshed checked NS, MX, IP information"); ?></a>
 </p>
 <form method="post" action="adm_dodom.php" name="main" id="main">
-<table class="tlist">
+  <?php csrf_get(); ?>
+<table class="tlist" id="dom_list_table">
+<thead>
     <tr><th></th><th><?php __("Action"); ?></th><th><?php __("Domain"); ?></th><th><?php __("Creator"); ?></th><th><?php __("Connect as"); ?></th><th><?php __("OK?"); ?></th><th><?php __("Status"); ?></th></tr>
+</thead>
+<tbody>
 <?php
 for($i=0;$i<count($c);$i++) {
 ?>
@@ -75,9 +74,9 @@ for($i=0;$i<count($c);$i++) {
 				    <td><?php if ($c[$i]["noerase"]) {
 			echo "<img src=\"icon/encrypted.png\" width=\"16\" height=\"16\" alt=\""._("Locked Domain")."\" />";
 				    } ?></td>
-<td><div class="ina"><a href="adm_domlock.php?domain=<?php echo urlencode($c[$i][domaine]); ?>"><?php
+<td><div class="ina"><a href="adm_domlock.php?domain=<?php echo urlencode($c[$i]["domaine"]); ?>"><?php
    if ($c[$i]["noerase"]) __("Unlock"); else __("Lock");  ?></a></div></td>
-<td><a href="http://<?php echo $c[$i][domaine]; ?>" target="_blank"><?php echo $c[$i]["domaine"]; ?></a></td>
+<td><a href="http://<?php echo $c[$i]["domaine"]; ?>" target="_blank"><?php echo $c[$i]["domaine"]; ?></a></td>
 <td><?php echo $c[$i]["login"]; ?></td>
 <td>
 <?php		  if($admin->checkcreator($c[$i]['uid'])) {
@@ -98,6 +97,15 @@ for($i=0;$i<count($c);$i++) {
 <?php
 }
 ?>
+</tbody>
 </table>
 </form>
+<script type="text/javascript">
+
+$(document).ready(function()
+    {
+        $("#dom_list_table").tablesorter();
+    }
+);
+</script>
 <?php include_once("foot.php"); ?>

bureau/admin/adm_doms_def_type.php

@@ -1,93 +1,115 @@
 <?php
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * Manages default domain types, 
+ * they are the subdomains automatically installed on a domain when you host it.
+ * AlternC's modules such as squirrelmail or roundcube may create new ones, you'll see them here
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
-    }
+}
 
-    include_once("head.php");
+include_once("head.php");
+?>
+<h3><?php __("Manage defaults domains type"); ?></h3>
+<hr id="topbar" />
+<p><?php __("If you don't know what this page is about, don't touch anything, and read AlternC documentation about domain types"); ?></p>
+<p><?php __("The Type column contains a type of available VirtualHost config on The server."); ?></p>
+<p><?php __("The Setting column contains the variables to be expanded in the defaults configuration. Available values are:  "); ?></p>
+<ul>
+    <li><?php __("%%DOMAIN%% : the Domain name"); ?></li>
+    <li><?php __("%%TARGETDOM%%: The destination domain"); ?></li>
+    <li><?php __("%%SUB%% : The subdomain name"); ?></li>
+    <li><?php __("%%DOMAINDIR%%: the domain directory on the file system"); ?></li>
+</ul>
 
-    ?>
-    <h3><?php __("Manage defaults domains type"); ?></h3>
-    <hr id="topbar" />
-      <p><?php __("If you don't know what this page is about, don't touch anything, and read AlternC documentation about domain types"); ?></p>
-      <p><?php __("The Type column contains a type of available VirtualHost config on The server."); ?></p>
-      <p><?php __("The Setting column contains the variables to be expanded in the defaults configuration. Available values are:  "); ?></p>
-      <ul>
-        <li><?php __("%%DOMAIN%% : the Domain name"); ?></li>
-        <li><?php __("%%TARGETDOM%%: The destination domain"); ?></li>
-        <li><?php __("%%SUB%% : The subdomain name"); ?></li>
-        <li><?php __("%%DOMAINDIR%%: the domain directory on the file system"); ?></li>
-      </ul>
-
-      <br />
-      <?php
-      if (isset($error) && $error) {
-        echo "<p class=\"alert alert-danger\">$error</p>";
-        }
-
-
-$fields = array (
-        "domup"                => array ("post", "array", ""),
+<br />
+<?php
+$fields = array(
+    "domup" => array("post", "array", ""),
 );
 getFields($fields);
 
 if (!empty($domup)) {
-  if (!$dom->update_default_subdomains($domup) ) {
-    $error=_("There was an error during the record.");
-  } else {
-    $error=_("Save done.");
-  }
+    if (!$dom->update_default_subdomains($domup)) {
+        $msg->raise("ERROR", "admin", _("There was an error during the record."));
+    } else {
+        $msg->raise("INFO", "admin", _("Save done."));
+    }
 }
+echo $msg->msg_html_all();
 
-$tab=$dom->lst_default_subdomains();
+$tab = $dom->lst_default_subdomains();
 ?>
 <form method="post" action="adm_doms_def_type.php" name="main" id="main">
-<table class="tlist">
-   <tr><th>&nbsp;</th><th><?php __("Sub"); ?></th><th><?php __("Type"); ?></th><th><?php __("settings"); ?></th><th><?php __("Concerned"); ?></th><th><?php __("Activation"); ?></th></tr>
-<?php
-for($i=0;$i<count($tab)+1;$i++) {?>
-	<tr  class="lst">
-  <td>
+  <?php csrf_get(); ?>
+    <table class="tlist">
+        <tr><th>&nbsp;</th><th><?php __("Sub"); ?></th><th><?php __("Type"); ?></th><th><?php __("settings"); ?></th><th><?php __("Concerned"); ?></th><th><?php __("Activation"); ?></th></tr>
+        <?php for ($i = 0; $i < count($tab) + 1; $i++) { ?>
+            <tr  class="lst">
+                <td>
+                    <?php
+                    @$val = $tab[$i];
+                    if (isset($tab[$i])) {
+                        echo "<input type='hidden' name='domup[$i][id]' value='" . $val['id'] . "' />";
+                    }
+                    ?>
+                    <div class="ina delete"><a href="dom_defdel.php?id=<?php echo $val['id']; ?>"><?php __("Delete"); ?></a></div>
+                </td>
 
-<?php
-  @$val=$tab[$i];
-    if (isset($tab[$i])){ 
-    echo "<input type='hidden' name='domup[$i][id]' value='".$val['id']."' />";  
-    }
-?>
-  <div class="ina delete"><a href='dom_defdel.php?id=<?php echo $val['id']; ?>' type=''><?php __("Delete"); ?></a></div>
-  </td>
-
-  <td><input type='text' size="16" name='domup[<?php echo $i; ?>][sub]' value="<?php echo $val['sub']; ?>"/></td>
-  <?php $type=array("VHOST","URL","WEBMAIL","");
-  if(in_array($val['domain_type'],$type)){?> 
-  <td><select name='domup[<?php echo $i; ?>][domain_type]'>
-        <option value='VHOST' <?php if($val['domain_type']=='VHOST') echo "selected=\"selected\""; ?> >VHOST</option>
-        <option value='URL' <?php if($val['domain_type']=='URL') echo "selected=\"selected\""; ?> >URL</option>
-        <option value='WEBMAIL' <?php if($val['domain_type']=='WEBMAIL') echo "selected=\"selected\""; ?> >WEBMAIL</option>
-      </select>
-  <?php }else{?>
-    <td><input type ='text'  width="100px" style="width:100px" name='domup[<?php echo $i; ?>][domain_type]' value='<?php echo $val['domain_type']?>' ></td>
- <? }?>
-  </td>
-  <td><input type ='text' name='domup[<?php echo $i; ?>][domain_type_parameter]' value='<?php echo $val['domain_type_parameter']?>' /></td>
-  <td><select name='domup[<?php echo $i; ?>][concerned]'>
-        <option value='MAIN' <?php if($val['concerned']=='MAIN') echo "selected=\"selected\""; ?> >MAIN</option>
-        <option value='SLAVE' <?php if($val['concerned']=='SLAVE') echo "selected=\"selected\""; ?> >SLAVE</option>
-        <option value='BOTH' <?php if($val['concerned']=='BOTH') echo "selected=\"selected\""; ?> >BOTH</option>
-      </select>
-  </td>
-  <td><input type="checkbox" name="domup[<?php echo $i; ?>][enabled]" value="1" <?php if ($val['enabled']==1) echo "checked=\"checked\""; ?> /></td>
-  </tr>
-<?php
-}
-?>
-  <tr>
-  <td colspan='6'><p><input type="submit" class="inb" name="submit" value="<?php __("Save"); ?>" /></p></td>
-  </tr>
-</table>
+                <td><input type='text' size="16" name='domup[<?php echo $i; ?>][sub]' value="<?php echo $val['sub']; ?>"/></td>
+                <?php
+                $type = array("VHOST", "URL", "WEBMAIL", "");
+                if (in_array($val['domain_type'], $type)) {
+                    ?> 
+                    <td><select name='domup[<?php echo $i; ?>][domain_type]'>
+                            <option value='VHOST' <?php if ($val['domain_type'] == 'VHOST') echo "selected=\"selected\""; ?> >VHOST</option>
+                            <option value='URL' <?php if ($val['domain_type'] == 'URL') echo "selected=\"selected\""; ?> >URL</option>
+                            <option value='WEBMAIL' <?php if ($val['domain_type'] == 'WEBMAIL') echo "selected=\"selected\""; ?> >WEBMAIL</option>
+                        </select>
+                    <?php } else { ?>
+                    <td><input type="text" style="width:100px" name="domup[<?php echo $i; ?>][domain_type]" value="<?php echo $val['domain_type'] ?>" ></td>
+                <?php } ?>
+                <td><input type ='text' name='domup[<?php echo $i; ?>][domain_type_parameter]' value='<?php echo $val['domain_type_parameter'] ?>' /></td>
+                <td><select name='domup[<?php echo $i; ?>][concerned]'>
+                        <option value='MAIN' <?php if ($val['concerned'] == 'MAIN') echo "selected=\"selected\""; ?> >MAIN</option>
+                        <option value='SLAVE' <?php if ($val['concerned'] == 'SLAVE') echo "selected=\"selected\""; ?> >SLAVE</option>
+                        <option value='BOTH' <?php if ($val['concerned'] == 'BOTH') echo "selected=\"selected\""; ?> >BOTH</option>
+                    </select>
+                </td>
+                <td><input type="checkbox" name="domup[<?php echo $i; ?>][enabled]" value="1" <?php if ($val['enabled'] == 1) echo "checked=\"checked\""; ?> /></td>
+            </tr>
+            <?php
+        }
+        ?>
+        <tr>
+            <td colspan='6'><p><input type="submit" class="inb" name="submit" value="<?php __("Save"); ?>" /></p></td>
+        </tr>
+    </table>
 </form>
-<?php
- include_once("foot.php"); ?>
+<?php include_once("foot.php"); 
+

bureau/admin/adm_domstype.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_tld.php,v 1.4 2004/11/29 17:27:04 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Alan Garcia
- Purpose of file: Manage domain types on the server 
- ----------------------------------------------------------------------
 */
+
+/**
+ * Manages domain types on the server
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -43,16 +40,14 @@ include_once("head.php");
 
 <br />
 <?php
-if (!empty($error)) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
-
+echo $msg->msg_html_all();
 ?>
 <p>
 <?php __("Here is the list of domain types."); ?>
 </p>
 <p><span class="ina"><a href="#" OnClick="alert('Todo. But if you want to play with that, you are advanced enough to do an insert in MySQL');" ><?php __("Create a domain type"); ?></a></span></p>
-<table class="tlist ombrage">
+<table class="tlist ombrage" id="table_domtype">
+<thead>
 <tr class='petit'>
     <th colspan="2"> </th>
     <th><?php __("Name");?></th>
@@ -67,6 +62,7 @@ if (!empty($error)) {
     <th><?php __("Create tmp directory ?");?></th>
     <th><?php __("create www directory ?");?></th>
 </tr>
+</thead>
 <?php 
 foreach($dom->domains_type_lst() as $d) { 
 ?>
@@ -89,4 +85,13 @@ foreach($dom->domains_type_lst() as $d) {
 ?>
 </table>
 
+<script type="text/javascript">
+
+$(document).ready(function() 
+    { 
+        $("#table_domtype").tablesorter(); 
+    } 
+); 
+</script>
+
 <?php include_once("foot.php"); ?>

bureau/admin/adm_domstypedoedit.php

@@ -1,7 +1,32 @@
 <?php
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * Change a domain type on the server
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -20,12 +45,12 @@ $fields = array (
 );
 getFields($fields);
 
-if ( ! $dom->domains_type_update($name, $description, $target, $entry, $compatibility, $enable, $only_dns, $need_dns, $advanced,$create_tmpdir,$create_targetdir) ) {
-    die($err->errstr());
+if (! $dom->domains_type_update($name, $description, $target, $entry, $compatibility, $enable, $only_dns, $need_dns, $advanced,$create_tmpdir,$create_targetdir) ) {
+    include("adm_domstypedoedit.php");
 } else {
+    $msg->raise("INFO", "admin", _("Domain type is updated"));
     include("adm_domstype.php");
 }
-
 ?>
 
 

bureau/admin/adm_domstypeedit.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_domstypeedit.php,v 1.6 2006/01/12 01:10:48 anarcat Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,13 +15,18 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Alan Garcia
- Purpose of file: Edit the domain types
- ----------------------------------------------------------------------
 */
+
+/**
+ * Form to update a domain type on the server
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -37,38 +34,35 @@ include_once("head.php");
 
 $fields = array (
     "name"          => array ("request", "string", ""),
-    "description"   => array ("request", "string", ""),
-    "target"        => array ("request", "string", ""),
-    "entry"         => array ("request", "string", ""),
-    "compatibility" => array ("request", "string", ""),
-    "enable"        => array ("request", "string", ""),
-    "only_dns"      => array ("request", "boolean", ""),
-    "need_dns"      => array ("request", "boolean", ""),
-    "advanced"      => array ("request", "boolean", ""),
-    "create_tmpdir"      => array ("request", "boolean", ""),
-    "create_targetdir"      => array ("request", "boolean", ""),
+    "description"   => array ("post", "string", ""),
+    "target"        => array ("post", "string", ""),
+    "entry"         => array ("post", "string", ""),
+    "compatibility" => array ("post", "string", ""),
+    "enable"        => array ("post", "string", ""),
+    "only_dns"      => array ("post", "boolean", ""),
+    "need_dns"      => array ("post", "boolean", ""),
+    "advanced"      => array ("post", "boolean", ""),
+    "create_tmpdir"      => array ("post", "boolean", ""),
+    "create_targetdir"      => array ("post", "boolean", ""),
 );
 getFields($fields);
 
 
-if (! $d=$dom->domains_type_get($name)) {
-	$error=$err->errstr();
-	echo $error;
-} else {
+$d=$dom->domains_type_get($name);
 ?>
 
 <h3><?php __("Edit a domain type"); ?> </h3>
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error_edit) && $error_edit) {
-	echo "<p class=\"alert alert-danger\">$error_edit</p>";
-	$error_edit="";
+echo $msg->msg_html_all();
 
-} ?>
+if (! $msg->has_msgs("ERROR")) {
+?>
 
 <form action="adm_domstypedoedit.php" method="post" name="main" id="main">
-    <input type="hidden" name="name" value="<?php echo $d['name']; ?>" />
+   <?php csrf_get(); ?>
+    <input type="hidden" name="name" value="<?php ehe($d['name']); ?>" />
     <table class="tedit">
       <tr>
             <th><?php __("Name");?></th>
@@ -76,7 +70,7 @@ if (isset($error_edit) && $error_edit) {
       </tr>
       <tr>
             <th><?php __("Description");?></th>
-            <td><input name="description" type="text" size="30" value="<?php echo $d['description']; ?>" /></td>
+            <td><input name="description" type="text" size="30" value="<?php ehe($d['description']); ?>" /></td>
       </tr>
 	    <tr>
             <th><?php __("Target type");?></th>
@@ -90,11 +84,11 @@ if (isset($error_edit) && $error_edit) {
       </tr>
 	    <tr>
             <th><?php __("Entry");?></th>
-            <td><input name="entry" type="text" size="30" value="<?php echo $d['entry']; ?>" /></td>
+            <td><input name="entry" type="text" size="30" value="<?php ehe($d['entry']); ?>" /></td>
       </tr>
 	    <tr>
           	<th><?php __("Compatibility");?><br /><small><?php __("Enter comma-separated name of other types"); ?></small></th>
-            <td><input name="compatibility" type="text" size="15" value="<?php echo $d['compatibility']; ?>" /></td>
+            <td><input name="compatibility" type="text" size="15" value="<?php ehe($d['compatibility']); ?>" /></td>
       </tr>
 	    <tr>
             <th><?php __("Enabled");?></th>

bureau/admin/adm_domstyperegenerate.php

@@ -1,7 +1,32 @@
 <?php
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * Regenerate all subdomains DNS and VHOST informations of a specific domain type
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -11,13 +36,9 @@ $fields = array (
 getFields($fields);
 
 
-if (empty($name) || (! $dom->domains_type_regenerate($name)) ) {
-  die($err->errstr());
-} else {
-  $error="Regenerate pending"; 
-  include("adm_domstype.php");
+if (! empty($name) || ($dom->domains_type_regenerate($name)) ) {
+  $msg->raise("INFO", "admin", _("Regenerate pending"));
 }
 
+include("adm_domstype.php");
 ?>
-
-

bureau/admin/adm_donosu.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_donosu.php,v 1.1.1.1 2003/03/26 17:41:29 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Transform an account from Normal to Administrator
- ----------------------------------------------------------------------
 */
+
+/**
+ * Transform an administrator account to become a normal one
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -39,14 +36,12 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$admin->su2normal($uid)) {
-	$error=$err->errstr();
- } else {
-  $error=_("This account is now a normal account");
- }
+if ($admin->su2normal($uid)) {
+  $msg->raise("INFO", "admin", _("This account is now a normal account"));
+}
 
 include("adm_edit.php");
 
 exit();
 
-?>
+?>

bureau/admin/adm_dorenew.php

@@ -1,15 +1,5 @@
 <?php
 /*
- $Id: adm_dorenew.php,v 1.6 2006/01/24 05:03:30 joe Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2006 Le réseau Koumbit Inc.
- http://koumbit.org/
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -25,13 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Purpose of file: Renew an account for the specified period
- ----------------------------------------------------------------------
 */
+
+/**
+ * Renew an account's access for a specific period
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
@@ -42,15 +38,15 @@ $fields = array (
 getFields($fields);
 
 if (!$admin->checkcreator($uid)) {
-  __("This page is restricted to authorized staff");
+  $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 if (!$admin->renew_mem($uid, $periods)){
-  $error=$err->errstr();
   include("adm_edit.php");
 } else {
-  $error=_("The member has been successfully renewed");
+  $msg->raise("INFO", "admin", _("The member has been successfully renewed"));
   include("adm_list.php");
 }
 ?>

bureau/admin/adm_dosu.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_dosu.php,v 1.1.1.1 2003/03/26 17:41:29 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Transform an account from Normal to Administrator
- ----------------------------------------------------------------------
 */
+
+/**
+ * Change an account to make it an administrator account
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -39,14 +36,12 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$admin->normal2su($uid)) {
-	$error=$err->errstr();
- } else {
-  $error=_("This account is now an administrator account");
+if ($admin->normal2su($uid)) {
+  $msg->raise("INFO", "admin", _("This account is now an administrator account"));
  }
 
 include("adm_edit.php");
 
 exit();
 
-?>
+?>

bureau/admin/adm_edit.php

@@ -1,15 +1,5 @@
 <?php
 /*
- $Id: adm_edit.php,v 1.13 2006/01/24 05:03:30 joe Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2006 Le r<EFBFBD>seau Koumbit Inc.
- http://koumbit.org/
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -25,15 +15,20 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Show a form to edit a member
- ----------------------------------------------------------------------
 */
+
+/**
+ * Show a form to edit an account
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -45,24 +40,26 @@ getFields($fields);
 $subadmin=variable_get("subadmin_restriction");
 
 if ($subadmin==0 && !$admin->checkcreator($uid)) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
-if (!$r=$admin->get($uid)) {
-	$error=$err->errstr();
-}
+$r=$admin->get($uid);
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['adm']['classcount'];
 
 ?>
 <h3><?php __("Member Edition"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-  if (isset($error) && $error) {
-    echo "<p class=\"alert alert-danger\">$error</p>";
-  }
+echo $msg->msg_html_all();
 ?>
-<form method="post" action="adm_doedit.php" name="main" id="main">
+<form method="post" action="adm_doedit.php" name="main" id="main" autocomplete="off">
+  <?php csrf_get(); ?>
+
 <table class="tedit">
 <tr>
 	<th><input type="hidden" name="uid" value="<?php echo $uid ?>" />
@@ -83,11 +80,11 @@ if (!$r=$admin->get($uid)) {
 
 <tr>
 	<th><label for="pass"><?php __("Password"); ?></label></th>
-	<td><input type="password" class="int" id="pass" name="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td>
+	<td><input type="password" class="int" id="pass" autocomplete="off" name="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td>
 </tr>
 <tr>
 	<th><label for="passconf"><?php __("Confirm password"); ?></label></th>
-	<td><input type="password" class="int" id="passconf" name="passconf" value="" size="20" maxlength="64" /></td>
+	<td><input type="password" class="int" id="passconf" autocomplete="off" name="passconf" value="" size="20" maxlength="64" /></td>
 </tr>
 <tr>
 	<th><label><?php __("Password change allowed?"); ?></label></th>
@@ -131,6 +128,7 @@ if (!$r=$admin->get($uid)) {
 
 <?php if($r['duration']) { ?>
 <form method="post" action="adm_dorenew.php">
+   <?php csrf_get(); ?>
 <input type="hidden" name="uid" value="<?php echo $uid ?>" />
 <table border="1" cellspacing="0" cellpadding="4" class="tedit">
 <tr>
@@ -143,7 +141,7 @@ if (!$r=$admin->get($uid)) {
 </tr>
 </table>
 </form>
-<?php } /* Renouvellement */ ?>
+<?php } /* Renewal */ ?>
 
 <p>
 <?php
@@ -173,6 +171,5 @@ if ($c=$admin->get($r["creator"])) {
 </p>
 <script type="text/javascript">
  document.forms['main'].pass.focus();
- document.forms['main'].setAttribute('autocomplete', 'off');
 </script>
 <?php include_once("foot.php"); ?>

bureau/admin/adm_email.php

@@ -1,10 +1,6 @@
 <?php
 /*
 ----------------------------------------------------------------------
-AlternC - Web Hosting System
-Copyright (C) 2000-2012 by the AlternC Development Team.
-https://alternc.org/
-----------------------------------------------------------------------
 LICENSE
 
 This program is free software; you can redistribute it and/or
@@ -19,15 +15,21 @@ GNU General Public License for more details.
 
 To read the license please visit http://www.gnu.org/copyleft/gpl.html
 ----------------------------------------------------------------------
-Purpose of file: Show a form to edit a member
-----------------------------------------------------------------------
 */
+
+/**
+ * Show a form to send a mail to another account's owner
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 include("head.php");
 
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -44,20 +46,17 @@ getFields($fields);
 <?php
 
 if ( !empty($submit) ) {
-  if ($admin->mail_all_members($subject,$message,$from)) {
-    $error=_("The email was successfully sent");
+  if ($admin->mailallmembers($subject,$message,$from)) {
+    $msg->raise("INFO", "admin", _("The email was successfully sent"));
   } else {
-    $error=_("There was an error");
+    $msg->raise("INFO", "admin", _("There was an error"));
   }
 }
 
-if (isset($error) && $error) {
-        echo "<p class=\"alert alert-danger\">$error</p>";
-}
-
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="adm_email.php">
-
+  <?php csrf_get(); ?>
 <table cellspacing="1" cellpadding="4" border="0" align="center" class='tedit'>
 	<tr>
 	  <th align="right"><b><?php __("From");?></b></th>

bureau/admin/adm_list.php

@@ -1,11 +1,5 @@
 <?php
 /*
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2006 Le réseau Koumbit Inc.
- http://koumbit.org/
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -21,49 +15,59 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Show the member list
- ----------------------------------------------------------------------
-*/
+ */
+
+/**
+ * Show the list of all accounts on AlternC, or those created by a subadmin
+ * allow to impersonate, edit the account, change the quotas
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
-  include_once('foot.php');
-  exit();
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
+    include_once('foot.php');
+    exit();
 }
 
-$fields = array (
-	"show"    => array ("request", "string", ""),
-	"creator" => array("request", "integer", 0),
-	"short"   => array("request", "integer", -1),
-	"pattern" => array("post", "string", "*"),
-        "pattern_type" => array("post", "string", "login"),
+$fields = array(
+    "show" => array("request", "string", ""),
+    "creator" => array("request", "integer", 0),
+    "short" => array("request", "integer", -1),
+    "pattern" => array("request", "string", "*"),
+    "pattern_type" => array("request", "string", "login"),
 );
 getFields($fields);
 
-if (empty($pattern)) $pattern="*";
+if (empty($pattern))
+    $pattern = "*";
 
-if ($short!=-1) {
-  $mem->adminpref($short);
-  $mem->user["admlist"]=$short;
+if ($short != -1) {
+    $mem->adminpref($short);
+    $mem->user["admlist"] = $short;
 }
 
-$subadmin=variable_get("subadmin_restriction", 0);
-
+$subadmin = variable_get("subadmin_restriction", 0);
 // If we ask for all account but we aren't "admin" and
 // subadmin var is not 1
-if ($show=="all" && !$subadmin==1 && $cuid != 2000) {
-  __("This page is restricted to authorized staff");
-  include('foot.php');
-  exit();
+if ($show == "all" && !$subadmin == 1 && $cuid != 2000) {
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
+    include('foot.php');
+    exit();
 }
 
+// show all accounts by default for admin-like accounts
+if (($show=="")&&($subadmin == 1 || $cuid == 2000)) $show="all";
+
 if ($pattern && $pattern_type) {
-  $r=$admin->get_list($show == 'all' ? 1 : 0, $creator, $pattern, $pattern_type);
+    $accountList = $admin->get_list($show == 'all' ? 1 : 0, $creator, $pattern, $pattern_type);
 } else {
-  $r = FALSE;
+    $accountList = FALSE;
 }
 ?>
 
@@ -72,198 +76,216 @@ if ($pattern && $pattern_type) {
 
 <?php
 // Depending on the admin's choice, let's show a short list or a long list.
-if ($mem->user["admlist"]==0) { // Normal (large) mode
-?>
-  <p><span class="ina" style="float: right;"><a href="adm_list.php?short=1"><?php __("Minimal view"); ?></a></span></p>
-<?php
+if ($mem->user["admlist"] == 0) { // Normal (large) mode
+    ?>
+    <p><span class="ina" style="float: right;"><a href="adm_list.php?short=1"><?php __("Minimal view"); ?></a></span></p>
+    <?php
 } else {
-?>
-  <p><span class="ina" style="float:right;"><a href="adm_list.php?short=0"><?php __("Complete view"); ?></a></span></p>
-<?php
+    ?>
+    <p><span class="ina" style="float:right;"><a href="adm_list.php?short=0"><?php __("Complete view"); ?></a></span></p>
+    <?php
 }
 ?>
 
 <fieldset style="clear:both;">
-  <legend><?php __("Filters"); ?></legend>
-  <form method="post" action="adm_list.php" >
-  <p>
-    <label for="pattern_type_login"><?php __("Search for a Login"); ?></label><input type="radio" name="pattern_type" value="login" id="pattern_type_login" <?php if (!$pattern_type || $pattern_type === 'login') echo ' checked="checked" '; ?>/>&nbsp;
-    <label for="pattern_type_domain"><?php __("Search for a Domain"); ?></label><input type="radio" name="pattern_type" value="domaine" id="pattern_type_domain" <?php if ($pattern_type === 'domaine') echo ' checked="checked" '; ?>/>
-    <input type="text" id="pattern" name="pattern" value="<?php echo $pattern ?>"/> <input type="submit" class="inb filter" value="<?php __("submit"); ?>" />
-  </p>
-  </form>
-  <?php
-  $list_creators = $admin->get_creator_list();
+    <legend><?php __("Filters"); ?></legend>
+    <form method="post" action="adm_list.php">
+  <?php csrf_get(); ?>
+        <p>
+            <label>
+		<input type="radio" name="pattern_type" value="login" id="pattern_type_login" <?php if (!$pattern_type || $pattern_type === 'login') echo ' checked="checked" '; ?>/>
+		<?php __("Search for a Login"); ?>
+            </label>
+            <label>
+                <input type="radio" name="pattern_type" value="domaine" id="pattern_type_domain" <?php if ($pattern_type === 'domaine') echo ' checked="checked" '; ?>/>
+                <?php __("Search for a Domain"); ?>
+            </label>
+            <input type="text" id="pattern" name="pattern" value="<?php ehe($pattern); ?>"/>
+            <input type="submit" class="inb filter" value="<?php __("submit"); ?>" />
+            <input type="hidden" name="show" value="<?php ehe($show); ?>" />
 
-  if ($subadmin==1 || $cuid==2000) {
-    if($show != 'all') {
-      echo '<p><span class="inb filter"><a href="adm_list.php?show=all">' . _('List all AlternC accounts') . '</a></span>';
-      
-      if ($subadmin==1 || $cuid==2000) {
-        $infos_creators = array();
+        </p>
+    </form>
+    <?php
+    $list_creators = $admin->get_creator_list();
 
-        foreach ($list_creators as $key => $val) {
-          $infos_creators[] = '<a href="adm_list.php?creator=' . $val['uid'] . '">' . $val['login'] . '</a>';
+    if ($subadmin == 1 || $cuid == 2000) {
+        $class=($show=="all") ? "inb" : "ina";
+        echo '<p><span class="'.$class.' filter"><a href="adm_list.php?show=all">' . _('List all AlternC accounts') . '</a></span>';
+
+        $class=($show!="all") ? "inb" : "ina";
+        echo ' <span class="'.$class.' filter"><a href="adm_list.php?show=me">' . _('List only my accounts') . '</a></span></p>';
+
+        if ($show != 'all') {
+           $infos_creators = array();
+
+           foreach ($list_creators as $key => $val) {
+              $infos_creators[] = '<a href="adm_list.php?creator=' . $val['uid'] . '">' . $val['login'] . '</a>';
+           }
+
+           if (count($infos_creators)) {
+              echo ' (' . _("Or only the accounts of:") . " " . implode(', ', $infos_creators) . ')';
+           }
         }
-
-        if (count($infos_creators)) {
-          echo ' ('._("Or only the accounts of:")." ". implode(', ', $infos_creators) . ')';
-        }
-      }
-      echo "</p>";
-    } else { // if show != all
-      echo '<p><span class="ina filter"><a href="adm_list.php">' . _('List only my accounts') . '</a></span></p>';
-    } 
-  }// END ($subadmin==1 || $cuid==2000)
-  ?>
+    }// END ($subadmin==1 || $cuid==2000)
+    ?>
 </fieldset>
-  
-<?php
-if ( !empty($error) ) {
-  echo '<p class="alert alert-danger">' , $error, '</p>';
-}
 
+<?php
+echo $msg->msg_html_all();
 ?>
 
 <p>
-<?php __("Here is the list of hosted AlternC accounts"); ?> (<?php printf(_("%s accounts"),count($r)); ?>)
+    <?php __("Here is the list of hosted AlternC accounts"); ?> (<?php printf(_("%s accounts"), $accountList? count($accountList) : 0); ?>)
 </p>
 
 <p><span class="ina add"><a href="adm_add.php"><?php __("Create a new AlternC account"); ?></a></span></p>
 
 <?php
-if (!is_array($r) || empty($r) ) {
-  echo '<p class="alert alert-danger">'._("No account defined for now").'</p>';
-  include('foot.php');
-} 
+if (!is_array($accountList) || empty($accountList)) {
+    $msg->raise("ERROR", "admin", _("No account defined for now"));
+    echo $msg->msg_html_all();
+    include('foot.php');
+}
 ?>
 
 <form method="post" action="adm_dodel.php">
-<?php
+      <?php csrf_get(); ?>
+    <?php
 // Depending on the admin's choice, let's show a short list or a long list.
 
-if ($mem->user["admlist"]==0) { // Normal (large) mode
-?>
-<p>
-<?php  if (count($r)>5) { ?>
-<input type="submit" class="inb delete" name="submit" value="<?php __("Delete checked accounts"); ?>" />
-<?php } ?>
-</p>
-<table class="tlist" style="clear:both;">
-<tr>
-<th></th>
-<th><?php __("Account"); ?></th>
-<th><?php __("Manager"); ?></th>
-<th><?php __("Created by") ?></th>
-<th><?php __("Created on") ?></th>
-<th><?php __("Quotas") ?></th>
-<th><?php __("Last login"); ?></th>
-<th><?php __("Last ip"); ?></th>
-<th><?php __("Fails"); ?></th>
-<th><?php __('Expiry') ?></th>
-</tr>
-<?php
-reset($r);
+    if ($mem->user["admlist"] == 0) { // Normal (large) mode
+        ?>
+        <p>
+            <?php if (count($accountList) > 5) { ?>
+                <input type="submit" class="inb delete" name="submit" value="<?php __("Delete checked accounts"); ?>" />
+            <?php } ?>
+        </p>
+        <table class="tlist" style="clear:both;">
+            <tr>
+                <th></th>
+                <th><?php __("Account"); ?></th>
+                <th><?php __("Manager"); ?></th>
+                <th><?php __("Created by") ?></th>
+                <th><?php __("Created on") ?></th>
+                <th><?php __("Quotas") ?></th>
+                <th><?php __("Last login"); ?></th>
+                <th><?php __("Last ip"); ?></th>
+                <th><?php __("Fails"); ?></th>
+                <th><?php __('Expiry') ?></th>
+            </tr>
+            <?php
+            reset($accountList);
 
-$col=1;
-while (list($key,$val)=each($r)) {
-	$col=3-$col;
-?>
-	<tr class="lst<?php echo $col; ?>">
+            $col = 1;
+            while (list($key, $val) = each($accountList)) {
+                $col = 3 - $col;
+                ?>
+                <tr class="lst">
 
-<?php
- if ($val["su"]) { ?>
-   <td id="user_<?php echo $val["uid"]; ?>">&nbsp;</td>
-<?php } else { ?>
-   <td><input type="checkbox" class="inc" name="d[]" id="user_<?php echo $val["uid"]; ?>" value="<?php echo $val["uid"]; ?>" /></td>
-<?php } // val['su'] ?>
-    <td <?php if ($val["su"]) echo 'style="color: red"'; ?>><label for="user_<?php echo $val["uid"]; ?>"><b><?php echo $val["login"] ?></b></label></td>
-    <td><a title="<?php __("Send an email");?>" href="mailto:<?php echo $val["mail"]; ?>"><?php echo $val["nom"]." ".$val["prenom"] ?></a>&nbsp;</td>
-    <td><?php echo $val["parentlogin"] ?></td>
-    <td><?php echo format_date(_('%3$d-%2$d-%1$d'),$val["created"]); ?></td>
-    <td><?php echo $val["type"] ?></td>
-    <td><?php echo $val["lastlogin"] ?></td>
-    <td><?php echo $val["lastip"] ?></td>
-    <td><?php echo $val["lastfail"] ?></td>
-    <td><div class="<?php echo 'exp' . $admin->renew_get_status($val['uid']) ?>"><?php echo $admin->renew_get_expiry($val['uid']) ?></div></td>
-  </tr>
-
-<tr class="lst<?php echo $col; ?>" >
-<td/><td ><i><?php echo _("DB:").' '.$val['db_server_name']?></i></td>
-<td colspan="8" >
-<div id="admlistbtn">
-<span class="ina<?php if ($col==2) echo "v"; ?>">
-  <a href="adm_login.php?id=<?php echo $val["uid"];?>"><?php __("Connect as"); ?></a>
-</span>&nbsp;
-	&nbsp;
-<span class="ina<?php if ($col==2) echo "v"; ?>" >
-  <a href="adm_edit.php?uid=<?php echo $val["uid"] ?>"><?php __("Edit"); ?></a>
-</span>&nbsp;
-<span class="ina<?php if ($col==2) echo "v"; ?>" >
-  <a href="adm_quotaedit.php?uid=<?php echo $val["uid"] ?>"><?php __("Quotas"); ?></a>
-</span>&nbsp;
-	<?php if (!$val["su"]) { ?>
-<span class="ina<?php if ($col==2) echo "v"; ?>" >
-  <a href="adm_deactivate.php?uid=<?php echo $val["uid"] ?>"><?php __("Disable"); ?></a>
-</span>&nbsp;
-	  <?php } ?>
-</div>
-</td>
-</tr>
-<?php
-} // while (list($key,$val)=each($r)) {      
-echo '</table></form><br/>';
+                    <?php if ($val["su"]) { ?>
+                        <td id="user_<?php echo $val["uid"]; ?>">&nbsp;</td>
+                    <?php } else { ?>
+                        <td><input type="checkbox" class="inc" name="accountList[]" id="user_<?php ehe($val["uid"]); ?>" value="<?php ehe($val["uid"]); ?>" /></td>
+                    <?php } // val['su']  ?>
+                <td <?php if ($val["su"]) echo 'style="color: red"'; ?>><label for="user_<?php ehe($val["uid"]); ?>"><b><?php ehe($val["login"]); ?></b></label></td>
+                <td><a title="<?php __("Send an email"); ?>" href="mailto:<?php eue($val["mail"]); ?>"><?php ehe($val["nom"] . " " . $val["prenom"]); ?></a>&nbsp;</td>
+                    <td><?php ehe($val["parentlogin"]); ?></td>
+                <td><?php ehe(format_date(_('%3$d-%2$d-%1$d'), $val["created"])); ?></td>
+                    <td><?php ehe($val["type"]); ?></td>
+                    <td><?php ehe($val["lastlogin"]); ?></td>
+                    <td><?php ehe($val["lastip"]); ?></td>
+                    <td><?php ehe($val["lastfail"]); ?></td>
+                <td><div class="<?php echo 'exp' . $admin->renew_get_status($val['uid']) ?>"><?php ehe($admin->renew_get_expiry($val['uid'])); ?></div></td>
+                </tr>
 
+                <tr class="lst" >
+                    <td/><td ><i><?php echo _("DB:") . ' ' . $val['db_server_name'] ?></i></td>
+                    <td colspan="8" >
+                        <div id="admlistbtn">
+                            <span class="ina<?php if ($col == 2) echo "v"; ?>">
+                                <a href="adm_login.php?id=<?php echo $val["uid"]; ?>"><?php __("Connect as"); ?></a>
+                            </span>&nbsp;
+                            &nbsp;
+                            <span class="ina<?php if ($col == 2) echo "v"; ?>" >
+                                <a href="adm_edit.php?uid=<?php echo $val["uid"] ?>"><?php __("Edit"); ?></a>
+                            </span>&nbsp;
+                            <span class="ina<?php if ($col == 2) echo "v"; ?>" >
+                                <a href="adm_quotaedit.php?uid=<?php echo $val["uid"] ?>"><?php __("Quotas"); ?></a>
+                            </span>&nbsp;
+                            <?php if (!$val["su"]) { ?>
+                                <span class="ina<?php if ($col == 2) echo "v"; ?>" >
+                                    <a href="adm_deactivate.php?uid=<?php echo $val["uid"] ?>"><?php __("Disable"); ?></a>
+                                </span>&nbsp;
+                            <?php } ?>
+                        </div>
+                    </td>
+                </tr>
+                <?php
+            } // while (list($key,$val)=each($accountList)) {  
+            ?>
+        </table>
+        <br/>
+        <p>
+            <input type="submit" class="inb" name="submit" value="<?php __("Delete checked accounts"); ?>" /></p>
+    </form>
+    <?php
 } // NORMAL MODE
-if ($mem->user["admlist"]==1) { // SHORT MODE
-?>
+if ($mem->user["admlist"] == 1) { // SHORT MODE
+    ?>
 
-  [&nbsp;<?php __("C"); ?>&nbsp;] <?php __("Connect as"); ?> &nbsp; &nbsp; 
-  [&nbsp;<?php __("E"); ?>&nbsp;] <?php __("Edit"); ?> &nbsp; &nbsp; 
-  [&nbsp;<?php __("Q"); ?>&nbsp;] <?php __("Quotas"); ?> &nbsp; &nbsp; 
+    [&nbsp;<?php __("C"); ?>&nbsp;] <?php __("Connect as"); ?> &nbsp; &nbsp; 
+    [&nbsp;<?php __("E"); ?>&nbsp;] <?php __("Edit"); ?> &nbsp; &nbsp; 
+    [&nbsp;<?php __("Q"); ?>&nbsp;] <?php __("Quotas"); ?> &nbsp; &nbsp; 
 
-<p>
-<?php  if (count($r)>50) { ?>
-  <input type="submit" class="inb" name="submit" value="<?php __("Delete checked accounts"); ?>" />
-<?php } // finc count > 50 ?>
-</p>
+    <p>
+        <?php if (count($accountList) > 50) { ?>
+            <input type="submit" class="inb" name="submit" value="<?php __("Delete checked accounts"); ?>" />
+        <?php } // finc count > 50 ?>
+    </p>
 
-<table class="tlist" style="clear:both;">
-<tr>
-   <th colspan="2"> </th><th><?php __("Account"); ?></th>
-   <th colspan="2"> </th><th><?php __("Account"); ?></th>
-   <th colspan="2"> </th><th><?php __("Account"); ?></th>
-</tr>
-<?php
-reset($r);
+    <table class="tlist" style="clear:both;">
+        <tr>
+            <th colspan="2"> </th><th><?php __("Account"); ?></th>
+            <th colspan="2"> </th><th><?php __("Account"); ?></th>
+            <th colspan="2"> </th><th><?php __("Account"); ?></th>
+        </tr>
+        <?php
+        reset($accountList);
 
-$count_r = 0;
-foreach ($r as $val) { 
-  if ( ($count_r % 3) == 0 ) { echo '<tr class="lst">'; } 
+        $count_r = 0;
+        foreach ($accountList as $val) {
+            if (($count_r % 3) == 0) {
+                echo '<tr class="lst">';
+            }
 
-  if ($val["su"]) { 
-    echo '<td>&nbsp;</td>'; 
-  } else { 
-    echo '<td align="center"><input type="checkbox" class="inc" name="d[]" value="'.$val["uid"].'" id="id_c_'.$val["uid"].'" /></td>';
-  } // if $val["su"] ?>
-  <td align="center">
-    <a href="adm_login.php?id=<?php echo $val["uid"];?>" title="<?php __("Connect as"); ?>">[&nbsp;<?php __("C"); ?>&nbsp;]</a>
-    <a href="adm_edit.php?uid=<?php echo $val["uid"] ?>" title="<?php __("Edit"); ?>">[&nbsp;<?php __("E"); ?>&nbsp;]</a>
-    <?php if($admin->checkcreator($val['uid'])) { ?>
-      <a href="adm_quotaedit.php?uid=<?php echo $val["uid"] ?>" title="<?php __("Quotas"); ?>">[&nbsp;<?php __("Q"); ?>&nbsp;]</a><?php 
-    } // $admin->checkcreator
-    $creator_name = ( ($val['creator'] == '0')?_("himself"):$list_creators[$val['creator']]['login']) ?>
-  </td>
-  <td style="padding-right: 2px; border-right: 1px solid black; <?php if ($val["su"]) echo "color: red"; ?>"><b><label title="<?php printf(_("Creator: %s"), $creator_name);?>" for="id_c_<?php echo $val["uid"]; ?>"><?php echo $val["login"] ?></label></b></td>
-  <?php 
-  if ( ($count_r % 3) == 2 ) { echo '</tr>'; }
-  ++$count_r;
-} // foreach $r 
-?>
-</table>
-<p><input type="submit" class="inb" name="submit" value="<?php __("Delete checked accounts"); ?>" /></p>
-</form>
-<?php
+            if ($val["su"]) {
+                echo '<td>&nbsp;</td>';
+            } else {
+                echo '<td align="center"><input type="checkbox" class="inc" name="accountList[]" value="' . $val["uid"] . '" id="id_c_' . $val["uid"] . '" /></td>';
+            } // if $val["su"] 
+            ?>
+            <td align="center">
+                <a href="adm_login.php?id=<?php echo $val["uid"]; ?>" title="<?php __("Connect as"); ?>">[&nbsp;<?php __("C"); ?>&nbsp;]</a>
+                <a href="adm_edit.php?uid=<?php echo $val["uid"] ?>" title="<?php __("Edit"); ?>">[&nbsp;<?php __("E"); ?>&nbsp;]</a>
+                <?php if ($admin->checkcreator($val['uid'])||($show=="all")) { ?>
+                    <a href="adm_quotaedit.php?uid=<?php echo $val["uid"] ?>" title="<?php __("Quotas"); ?>">[&nbsp;<?php __("Q"); ?>&nbsp;]</a><?php
+                } // $admin->checkcreator
+                $creator_name = ( ($val['creator'] == '0') ? _("himself") : $list_creators[$val['creator']]['login'])
+                ?>
+            </td>
+            <td style="padding-right: 2px; border-right: 1px solid black; <?php if ($val["su"]) echo "color: red"; ?>"><b><label title="<?php printf(_("Creator: %s"), $creator_name); ?>" for="id_c_<?php echo $val["uid"]; ?>"><?php echo $val["login"] ?></label></b></td>
+            <?php
+            if (($count_r % 3) == 2) {
+                echo '</tr>';
+            }
+            ++$count_r;
+        } // foreach $accountList 
+        ?>
+    </table>
+    <p><input type="submit" class="inb" name="submit" value="<?php __("Delete checked accounts"); ?>" /></p>
+    </form>
+    <?php
 } // SHORT MODE
-include_once("foot.php"); 
+include_once("foot.php");
 ?>

bureau/admin/adm_lockpanel.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_tld.php,v 1.4 2004/11/29 17:27:04 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,19 +15,24 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Alan Garcia
- Purpose of file: Manage domain types on the server 
- ----------------------------------------------------------------------
 */
+
+/**
+ * Lock the panel, allowing no access to it, except by admins
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled || $cuid!=2000) {
-    __("This page is restricted to authorized staff");
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     die();
 }
 
 $fields = array (
-		 "action" =>array ("get","string",""),
+     "action" =>array ("get","string",""),
 );
 
 getFields($fields);

bureau/admin/adm_login.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_login.php,v 1.4 2005/04/01 17:13:10 benjamin Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,10 +15,14 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Connect a super-user to another account
- ----------------------------------------------------------------------
 */
+
+/**
+ * Any ADMIN account can impersonate to any other account by using this page.
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 /*
@@ -36,7 +32,7 @@ require_once("../class/config.php");
  */
 
 $fields = array (
-        "id"                => array ("request", "integer", ""),
+        "id"                => array ("get", "integer", ""),
 );
 getFields($fields);
 
@@ -46,32 +42,24 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
   list($newuid,$passcheck)=explode("/",$_COOKIE["oldid"]);
   $newuid=intval($newuid); 
   if (!$newuid) {
-    $error=_("Your authentication information are incorrect");
+    $msg->raise("ERROR", "admin", _("Your authentication information are incorrect"));
     include("index.php");
     exit();
   }
   $admin->enabled=true;
   $r=$admin->get($newuid);
   if ($passcheck!=md5($r["pass"])) {
-    $error=_("Your authentication information are incorrect");
+    $msg->raise("INFO", "admin", _("Your authentication information are incorrect"));
     include("index.php");
     exit();
   }
 
-  if ($r['lastip'] != get_remote_ip() ) {
-    $error=_("Your IP is incorrect.");
-    include("index.php");
-    exit();
-  }
-  // FIXME we should add a peremption date on the cookie
-
   // Ok, so we remove the cookie : 
   setcookie('oldid','',0,'/');
   unset($_COOKIE['oldid']);
 
   // And we go back to the former administrator account : 
   if (!$mem->setid($newuid)) {
-    $error=$err->errstr();
     include("index.php");
     exit();
   }
@@ -83,26 +71,25 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
 
 //  * with a user id to go to (we check the current account is admin and is allowed to connect to this account) 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 // Depending on subadmin_restriction, a subadmin can (or cannot) connect to account he didn't create
 $subadmin=variable_get("subadmin_restriction");
 if ($subadmin==0 && !$admin->checkcreator($id)) {
-  __("This page is restricted to authorized staff");
+  $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
-if (!$r=$admin->get($id)) {
-  $error=$err->errstr();
-} else {
+if ($r=$admin->get($id)) {
   $oldid=$cuid."/".md5($mem->user["pass"]);
   setcookie('oldid',$oldid,0,'/');
   $_COOKIE['oldid']=$oldid;
 
   if (!$mem->setid($id)) {
-    $error=$err->errstr();
     include("index.php");
     exit();
   }
@@ -117,9 +104,7 @@ include_once("head.php");
 ?>
 <h3><?php __("Member login"); ?></h3>
 <?php
+echo $msg->msg_html_all();
 
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
 include_once("foot.php"); 
 ?>

bureau/admin/adm_mxaccount.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_mxacount.php,v 1.2 2006/02/17 18:57:02 olivier Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,50 +15,59 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage list of allowed accounts for secondary mx
- ----------------------------------------------------------------------
 */
+
+/**
+ * Manage the list of allowed accounts to operate as secondary MX
+ * those account are allowed to list the hosted domains
+ * to configure their postfix as a secondary MX
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
 $fields = array (
 	"delaccount"   => array ("request", "string", ""),
-	"newlogin"   => array ("request", "string", ""),
-	"newpass"    => array ("request", "string", ""),
+	"newlogin"   => array ("post", "string", ""),
+	"newpass"    => array ("post", "string", ""),
 );
 getFields($fields);
 
 if ($delaccount) {
 	// Delete an account
 	if ($mail->del_slave_account($delaccount)) {
-		$error=_("The requested account has been deleted. It is now denied.");
+		$msg->raise("INFO", "admin", _("The requested account has been deleted. It is now denied."));
 	}
 }
 if ($newlogin) {
 	// Add an account
 	if ($mail->add_slave_account($newlogin,$newpass)) { 
-		$error=_("The requested account address has been created. It is now allowed.");
-		$newlogin=false;$newpass=false;
+		$msg->raise("INFO", "admin", _("The requested account address has been created. It is now allowed."));
+		$newlogin='';$newpass='';
 	}
 }
 
 include_once("head.php");
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['adm']['classcount'];
+
 ?>
 <h3><?php __("Manage allowed accounts for secondary mx"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-
 $c=$mail->enum_slave_account();
 
+echo $msg->msg_html_all();
+
 if (is_array($c)) {
 
 ?>
@@ -90,12 +91,17 @@ for($i=0;$i<count($c);$i++) { ?>
 </table>
     <?php } ?>
 <p><?php __("If you want to allow a new server to access your mx-hosted domain list, give him an account."); ?></p>
-<form method="post" action="adm_mxaccount.php" name="main" id="main">
+<form method="post" action="adm_mxaccount.php" name="main" id="main" autocomplete="off">
+  <?php csrf_get(); ?>
+<!-- honeypot fields -->
+<input type="text" style="display: none" id="fakeUsername" name="fakeUsername" value="" />
+<input type="password" style="display: none" id="fakePassword" name="fakePassword" value="" />
+
 <table class="tedit">
 <tr><th><label for="newlogin"><?php __("Login"); ?></label></th><th><label for="newpass"><?php __("Password"); ?></label></th></tr>
 <tr>
 	<td><input type="text" class="int" value="<?php ehe($newlogin); ?>" id="newlogin" name="newlogin" maxlength="64" size="32" /><br/><br/></td>
-	<td><input type="password" class="int" value="<?php ehe($newpass); ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass"); ?></td>
+	<td><input type="password" class="int" autocomplete="off" value="<?php ehe($newpass); ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","",$passwd_classcount); ?></td>
 </tr>
 <tr class="trbtn"><td colspan="2">
 	<input type="submit" value="<?php __("Add this account to the allowed list"); ?>" class="inb" />
@@ -106,6 +112,5 @@ for($i=0;$i<count($c);$i++) { ?>
 
 <script type="text/javascript">
 document.forms['main'].newlogin.focus();
-document.forms['main'].setAttribute('autocomplete', 'off');
 </script>
 <?php include_once("foot.php"); ?>

bureau/admin/adm_panel.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_panel.php,v 1.9 2005/08/01 18:25:52 anarcat Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Panneau de control de l'administrateur
- ----------------------------------------------------------------------
 */
+
+/**
+ * Administrator misc. settings
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -41,11 +38,7 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error) && $error) {
-	echo "<p class=\"alert alert-danger\">$error</p>";
-	include_once("foot.php");
-	exit;
-}
+echo $msg->msg_html_all();
 ?>
 <ul id="adm_panel">
  <li class="lst"><a href="adm_tld.php"><?php __("Manage allowed domains (TLD)"); ?></a></li>

bureau/admin/adm_passpolicy.php

@@ -1,10 +1,5 @@
 <?php
 /*
- adm_passpolicy.php
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002-2010 by the AlternC Development Team.
- http://alternc.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -20,24 +15,29 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage the password policy for AlternC
- ----------------------------------------------------------------------
 */
+
+/**
+ * Manages password policy for misc. services on AlternC (ftp, mail etc.)
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
 $fields = array (
 	"edit"   => array ("request", "string", ""),
-	"doedit"   => array ("request", "string", ""),
-	"minsize"    => array ("request", "integer", "0"),
-	"maxsize" => array ("request", "integer", "64"),
-	"classcount" => array ("request", "integer", "0"),
-	"allowlogin" => array ("request", "integer", "0"),
+	"doedit"   => array ("post", "string", ""),
+	"minsize"    => array ("post", "integer", "0"),
+	"maxsize" => array ("post", "integer", "64"),
+	"classcount" => array ("post", "integer", "0"),
+	"allowlogin" => array ("post", "integer", "0"),
 );
 
 getFields($fields);
@@ -50,41 +50,38 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-
-
 $c=$admin->listPasswordPolicies();
-//echo "<pre>"; print_r($c); echo "</pre>";
 
 if (isset($doedit) && $doedit) {
   if (!$c[$doedit]) {
-    echo "<p class=\"alert alert-danger\">"._("Policy not found")."</p>";
+    $msg->raise("ERROR", "admin", _("Policy not found"));
   } else {
     // Change it ;) 
     if ($admin->editPolicy($doedit,$minsize,$maxsize,$classcount,$allowlogin)) {
-      echo "<p class=\"info\">"._("Policy changed")."</p>";
+      $msg->raise("INFO", "admin", _("Policy changed"));
       unset($edit);
       $c=$admin->listPasswordPolicies();
     } else {
-      echo "<p class=\"alert alert-danger\">"._("Cannot edit the policy, an error occurred")."</p>";
+      $msg->raise("ERROR", "admin", _("Cannot edit the policy, an error occurred"));
     }
   }
 }
+echo $msg->msg_html_all(true, true);
 
 if (!empty($edit)) {
   if (!$c[$edit]) {
-    echo "<p class=\"alert alert-danger\">"._("Policy not found")."</p>";
+    $msg->raise("ERROR", "admin", _("Policy not found"));
+    echo $msg->msg_html_all();
   } else {
 ?>
 
- <p><?php __("Please choose which policy you want to apply to this password kind:"); ?></p>
+<p><?php __("Please choose which policy you want to apply to this password kind:"); ?></p>
 
-																	     <p><b><?php echo $c[$edit]["description"]; ?></b></p>
+<p><b><?php echo $c[$edit]["description"]; ?></b></p>
 
 <form method="post" action="adm_passpolicy.php">
-<input type="hidden" name="doedit" value="<?php echo $edit; ?>"/> 
+ <?php csrf_get(); ?>
+<input type="hidden" name="doedit" value="<?php ehe($edit); ?>"/> 
 <table class="tlist">
 <tr>
   <th><?php __("Minimum Password Size:"); ?></th>

bureau/admin/adm_quotadoedit.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_quotadoedit.php,v 1.3 2004/10/24 20:09:21 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
-----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
 ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
 ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Edit a member's quotas
- ----------------------------------------------------------------------
 */
+
+/**
+ * Edit an account's quotas
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 $fields = array (
@@ -49,7 +46,10 @@ while (list($key,$val)=each($qlist)) {
   $quota->setquota($key,$_REQUEST[$var]);
 }
 $mem->unsu();
-$error=_("The quotas has been successfully edited");
+
+if (!$msg->has_msgs("ERROR"))
+    $msg->raise("INFO", "admin", _("The quotas has been successfully edited"));
+
 include("adm_list.php");
 exit;
 

bureau/admin/adm_quotaedit.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_quotaedit.php,v 1.4 2004/10/24 20:09:21 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,15 +15,20 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Show the form to edit the user's quota
- ----------------------------------------------------------------------
 */
+
+/** 
+ * Show the form used to update users' quotas
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	include_once("foot.php");
 	exit();
 }
@@ -41,14 +38,10 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$us=$admin->get($uid)) {
-	$error=$err->errstr();
-}
+$us=$admin->get($uid);
 
 $mem->su($uid);
-if (!$r=$quota->getquota()) {
-	$error=$err->errstr();
-}
+$r=$quota->getquota();
 $mem->unsu();
 
 ?>
@@ -56,16 +49,13 @@ $mem->unsu();
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	  include_once("foot.php");
-	  exit();
-	}
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="adm_quotadoedit.php">
+  <?php csrf_get(); ?>
 <table class="tedit">
-<tr><th><input type="hidden" name="uid" value="<?php echo $uid ?>" />
-<?php __("Username"); ?></th><td colspan="3"><code><big><?php echo $us["login"]; ?></big></code>&nbsp;</td></tr>
+<tr><th><input type="hidden" name="uid" value="<?php ehe($uid); ?>" />
+<?php __("Username"); ?></th><td colspan="3"><code><big><?php ehe($us["login"]); ?></big></code>&nbsp;</td></tr>
 <tr><th><?php __("Quota"); ?></th><th style="text-align: right"><?php __("Total"); ?></th><th><?php __("Used"); ?></th></tr>
 <?php
 $ql=$quota->qlist();

bureau/admin/adm_slavedns.php

@@ -1,13 +1,5 @@
 <?php
 /*
-   $Id: adm_slaveip.php,v 1.2 2004/06/02 13:03:13 anonymous Exp $
-   ----------------------------------------------------------------------
-   AlternC - Web Hosting System
-   Copyright (C) 2002 by the AlternC Development Team.
-   http://alternc.org/
-   ----------------------------------------------------------------------
-   Based on:
-   Valentin Lacambre's web hosting softwares: http://altern.org/
    ----------------------------------------------------------------------
    LICENSE
 
@@ -23,38 +15,44 @@
 
    To read the license please visit http://www.gnu.org/copyleft/gpl.html
    ----------------------------------------------------------------------
-   Original Author of file: Benjamin Sonntag
-   Purpose of file: Manage list of allowed ip for zone transfers
-   ----------------------------------------------------------------------
  */
+
+/**
+ * Manage the list of SLAVE DNS machines account and IPs
+ * used for the transfer of zones in Bind and the list of domains in domlist.php
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 $fields = array (
     "delaccount"   => array ("request", "string", ""),
-    "newlogin"   => array ("request", "string", ""),
-    "newpass"    => array ("request", "string", ""),
+    "newlogin"   => array ("post", "string", ""),
+    "newpass"    => array ("post", "string", ""),
 
     "delip"   => array ("request", "string", ""),
-    "newip"    => array ("request", "string", ""),
-    "newclass" => array ("request", "string", "32"),
+    "newip"    => array ("post", "string", ""),
+    "newclass" => array ("post", "string", "32"),
     );
 getFields($fields);
 
 if ($delaccount) {
   // Delete an account
   if ($dom->del_slave_account($delaccount)) {
-    $error=_("The requested account has been deleted. It is now denied.");
+    $msg->raise("INFO", "admin", _("The requested account has been deleted. It is now denied."));
   }
 }
 if ($newlogin) {
   // Add an account
   if ($dom->add_slave_account($newlogin,$newpass)) {
-    $error=_("The requested account address has been created. It is now allowed.");
+    $msg->raise("INFO", "admin", _("The requested account address has been created. It is now allowed."));
     unset($newlogin); unset($newpass);
   }
 }
@@ -62,22 +60,21 @@ if ($newlogin) {
 if ($delip) {
   // Delete an ip address/class
   if ($dom->del_slave_ip($delip)) {
-    $error=_("The requested ip address has been deleted. It will be denied in one hour.");
+    $msg->raise("INFO", "admin", _("The requested ip address has been deleted. It will be denied in one hour."));
   }
 }
 if ($newip) {
   // Add an ip address/class
   if ($dom->add_slave_ip($newip,$newclass)) {
-    $error=_("The requested ip address has been added to the list. It will be allowed in one hour.");
+    $msg->raise("INFO", "admin", _("The requested ip address has been added to the list. It will be allowed in one hour."));
     unset($newip); unset($newclass);
   }
 }
 
 include_once("head.php");
 
-if (!empty($error)) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['adm']['classcount'];
 
 ?>
 <h3><?php __("Manage allowed ip for slave zone transfers"); ?></h3>
@@ -86,6 +83,8 @@ if (!empty($error)) {
 
 $c=$dom->enum_slave_ip();
 
+echo $msg->msg_html_all();
+
 if (is_array($c)) { ?>
   <p>
   <?php __("Here is the list of the allowed ip or ip class for slave dns zone transfer requests (AXFR). You must add the ip address of all the slave DNS you have so that those slaves will be allowed to transfer the zone files. There is also some defaults ip from DNS checks made by some third-party technical offices such as afnic (for .fr domains)"); ?>
@@ -110,6 +109,7 @@ if (is_array($c)) { ?>
 <p><?php __("If you want to allow an ip address or class to connect to your dns server, enter it here. Choose 32 as a prefix for single ip address."); ?></p>
 
 <form method="post" action="adm_slavedns.php" name="main" id="main">
+  <?php csrf_get(); ?>
   <table class="tedit">
     <tr><th><label for="newip"><?php __("IP Address"); ?></label></th><th><label for="newclass"><?php __("Prefix"); ?></label></th></tr>
     <tr>
@@ -153,19 +153,23 @@ if (is_array($c)) { ?>
 
 <p><?php __("If you want to allow a new server to access your domain list, give him an account."); ?></p>
 
-<form method="post" action="adm_slavedns.php" name="main" id="main">
+<form method="post" action="adm_slavedns.php" name="main" id="main" autocomplete="off">
+  <?php csrf_get(); ?>
+<!-- honeypot fields -->
+<input type="text" style="display: none" id="fakeUsername" name="fakeUsername" value="" />
+<input type="password" style="display: none" id="fakePassword" name="fakePassword" value="" />
+
   <table class="tedit">
     <tr><th><label for="newlogin"><?php __("Login"); ?></label></th><th><label for="newpass"><?php __("Password"); ?></label></th></tr>
     <tr>
       <td><input type="text" class="int" value="<?php ehe(  isset($newlogin)?$newlogin:'') ; ?>" id="newlogin" name="newlogin" maxlength="64" size="32" /><br/><br/></td>
-      <td><input type="password" class="int" value="<?php ehe( (isset($newpass)?$newpass:'') ) ; ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass"); ?></td>
+      <td><input type="password" class="int" autocomplete="off" value="<?php ehe( (isset($newpass)?$newpass:'') ) ; ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","",$passwd_classcount); ?></td>
     </tr>
     <tr class="trbtn"><td colspan="2"><input type="submit" value="<?php __("Add this account to the allowed list"); ?>" class="inb" /></td></tr>
   </table>
 </form>
 
 <script type="text/javascript">
-  document.forms['main'].setAttribute('autocomplete', 'off');
   document.forms['main'].newip.focus();
 $(function(){
 	$(".toggle-next").on("click",function(){
@@ -191,16 +195,16 @@ display:none;
 }
 </style>
 <div class="info">
-<h4 class="toggle toggle-next"><a href="javascript:void(0)" class="btn"> <?= _("Need open DNS Slave servers?")?> &#9660;</a></h4>
+<h4 class="toggle toggle-next"><a href="javascript:void(0)" class="btn"> <?php __("Need open DNS Slave servers?"); ?> &#9660;</a></h4>
 <div class="info-hide">
-<p><?= _("We offer free of charge DNS servers for alternc users."); ?></p>
-<h2><?= _("How does it work?") ?> </h2>
+<p><?php __("We offer free of charge DNS servers for alternc users."); ?></p>
+<h2><?php __("How does it work?"); ?> </h2>
 <ol>
-	<li><?= sprintf(_("<strong>Give access to the alternc.net servers.</strong> Follow the instructions on <a href='%s' target='blank'>this page</a>. They will help you to configure this page and configure your alternc.net account."),"http://aide-alternc.org/go.php?hid=400") ?></li>
-	<li><?= sprintf(_("<strong>Subscribe to alternc.net.</strong> Go to <a href='%s' target='_blank' class='btn btn-inline btn-link'>the alternc.net site</a> to use the DNS servers provided for free by the AlternC association and enter the required informations for each server you want to connect to the service."),"http://alternc.net/")?> </li>
+	<li><?php printf(_("<strong>Give access to the alternc.net servers.</strong> Follow the instructions on <a href='%s' target='blank'>this page</a>. They will help you to configure this page and configure your alternc.net account."),"http://aide-alternc.org/go.php?hid=400"); ?></li>
+	<li><?php printf(_("<strong>Subscribe to alternc.net.</strong> Go to <a href='%s' target='_blank' class='btn btn-inline btn-link'>the alternc.net site</a> to use the DNS servers provided for free by the AlternC association and enter the required informations for each server you want to connect to the service."),"http://alternc.net/"); ?> </li>
 </ol>
 <br />
-<p><?= _("The alternc.net servers will take care of transfering and distributing to the world your domains zones.") ?> </p>
+<p><?php __("The alternc.net servers will take care of transfering and distributing to the world your domains zones."); ?> </p>
 </div><!-- info-hide -->
 </div><!-- info  -->
 <?php include_once("foot.php"); ?>

bureau/admin/adm_tld.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_tld.php,v 1.4 2004/11/29 17:27:04 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,20 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/**
+ * Manages Allowed TLD's to be installed as domain names on the server
+ * soon deprecated due to all those new TLDs 
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -41,13 +39,13 @@ getFields($fields);
 
 
 if (is_array($sel)) {
-	$error="";
 	for($i=0;$i<count($sel);$i++) {
 		if (!$admin->deltld($sel[$i])) {
-			$error.=_("Some TLD cannot be deleted...")." : ".$sel[$i]."<br />";
+			$msg->raise("ERROR", "admin", _("Some TLD cannot be deleted...")." : ".$sel[$i]);
 		}
 	}
-	if (!$error) $error=_("The requested TLD has been deleted");
+	if (!$msg->has_msgs("ERROR"))
+		$msg->raise("INFO", "admin", _("The requested TLD has been deleted"));
 }
 
 include_once("head.php");
@@ -57,9 +55,7 @@ include_once("head.php");
 <hr id="topbar" />
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
+echo $msg->msg_html_all();
 
 $c=$admin->listtld();
 
@@ -69,6 +65,7 @@ $c=$admin->listtld();
 </p>
 <p><span class="ina"><a href="adm_tldadd.php"><?php __("Add a new TLD"); ?></a></span></p>
 <form method="post" action="adm_tld.php" name="main" id="main">
+  <?php csrf_get(); ?>
 <table class="tlist">
 <tr><th colspan="2"> </th><th><?php __("TLD"); ?></th><th><?php __("Allowed Mode"); ?></th></tr>
 <?php
@@ -76,9 +73,9 @@ for($i=0;$i<count($c);$i++) {
 ?>
 
 <tr class="lst">
-<td><input id="sel<?php echo $i; ?>" type="checkbox" name="sel[]" class="inc" value="<?php echo $c[$i]["tld"]; ?>" /></td>
-   <td><div class="ina edit"><a href="adm_tldedit.php?tld=<?php echo urlencode($c[$i]["tld"]); ?>"><?php __("Edit"); ?></a></div></td>
-<td><label for="sel<?php echo $i; ?>"><?php echo $c[$i]["tld"]; ?></label></td>
+<td><input id="sel<?php echo $i; ?>" type="checkbox" name="sel[]" class="inc" value="<?php ehe($c[$i]["tld"]); ?>" /></td>
+   <td><div class="ina edit"><a href="adm_tldedit.php?tld=<?php eue($c[$i]["tld"]); ?>"><?php __("Edit"); ?></a></div></td>
+    <td><label for="sel<?php echo $i; ?>"><?php ehe($c[$i]["tld"]); ?></label></td>
 <td><?php __($admin->tldmode[$c[$i]["mode"]]); ?></td></tr>
 
 <?php

bureau/admin/adm_tldadd.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_tldadd.php,v 1.3 2003/06/10 12:14:09 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,20 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/**
+ * Manage allowed TLDs on the server
+ * soon deprecated
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 $fields = array (
@@ -47,11 +45,7 @@ include_once ("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-
-
+echo $msg->msg_html_all();
 ?>
 <h3><?php __("Add a new TLD"); ?></h3>
 <p>
@@ -60,7 +54,7 @@ include_once ("head.php");
 </p>
 
 <form method="post" action="adm_tlddoadd.php" name="main" id="main">
-
+  <?php csrf_get(); ?>
 <table class="tedit">
 <tr><th><label for="tld"><?php __("TLD"); ?></label></th><td><input type="text" id="tld" name="tld" class="int" value="<?php ehe( (isset($tld)?$tld:'') ); ?>" size="20" maxlength="64" /></td></tr>
 <tr><th><label for="mode"><?php __("Allowed Mode"); ?></label></th><td><select name="mode" id="mode" class="inl">

bureau/admin/adm_tlddoadd.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_tlddoadd.php,v 1.1.1.1 2003/03/26 17:41:29 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,30 +15,35 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/**
+ * Manages allowed TLDs on the server
+ * soon deprecated
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
 $fields = array (
-        "tld"    => array ("request", "string", ""),
-        "mode"   => array ("request", "integer", ""),
+        "tld"    => array ("post", "string", ""),
+        "mode"   => array ("post", "integer", ""),
 );
 getFields($fields);
 
 
 if (!$admin->addtld($tld,$mode)) {
-	$error=$err->errstr();
 	include("adm_tldadd.php");
 	exit();
 } else {
-	$error=_("The TLD has been successfully added");
+	$msg->raise("INFO", "admin", _("The TLD has been successfully added"));
 	include("adm_tld.php");
 	exit();
 }

bureau/admin/adm_tlddoedit.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_tlddoedit.php,v 1.1.1.1 2003/03/26 17:41:29 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,10 +15,14 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/** 
+ * Manage allowed TLDs to be installed as domain on the server
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
+
 require_once("../class/config.php");
 $fields = array (
         "tld"                 => array ("post", "string", ""),
@@ -36,16 +32,16 @@ getFields($fields);
 
 
 if (!$admin->enabled) {
-        __("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
         exit();
 }
 
 if (!$admin->edittld($tld,$mode)) {
-        $error=$err->errstr();
         include("adm_tldedit.php");
         exit();
 } else {
-        $error=_("The TLD has been successfully edited");
+        $msg->raise("INFO", "admin", _("The TLD has been successfully edited"));
         include("adm_tld.php");
         exit();
 }

bureau/admin/adm_tldedit.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_tldedit.php,v 1.2 2003/06/10 12:14:09 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,20 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/**
+ * Manage allow TLDs domains to be installed here
+ * soon deprecated
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-        __("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
         exit();
 }
 
@@ -41,7 +39,6 @@ getFields($fields);
 
 $mode=$admin->gettld($tld);
 if ($mode===false) {
-	$error=$err->errstr();
 	include("adm_tld.php");
 	exit();
 }
@@ -53,15 +50,14 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-        if (isset($error) && $error) {
-                echo "<p class=\"alert alert-danger\">$error</p>";
-        }
+echo $msg->msg_html_all();
 ?>
 <h3><?php __("Edit a TLD"); ?></h3>
 
 <form method="post" action="adm_tlddoedit.php">
+  <?php csrf_get(); ?>
 <table id="main" class="tedit">
-<tr><th><label for="tld"><?php __("TLD"); ?></label></th><td><code><?php echo $tld; ?></code><input type="hidden" name="tld" id="tld" value="<?php echo $tld; ?>" /></td></tr>
+<tr><th><label for="tld"><?php __("TLD"); ?></label></th><td><code><?php echo $tld; ?></code><input type="hidden" name="tld" id="tld" value="<?php ehe($tld); ?>" /></td></tr>
 <tr><th><label for="mode"><?php __("Allowed Mode"); ?></label></th><td><select name="mode" class="inl" id="mode">
         <?php $admin->selecttldmode($mode); ?>
 </select></td></tr>

bureau/admin/adm_update_domains.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_tld.php,v 1.4 2004/11/29 17:27:04 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,21 +15,27 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Alan Garcia
- Purpose of file: Manage domain types on the server 
- ----------------------------------------------------------------------
 */
+
+/**
+ * Launch update-domaines.sh crontab through admin account and inotify
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
   if ( ! ( $isinvited && isset($oldid) && !empty($oldid) && $oldid==2000) ) { // Allow sub admins
-    __("This page is restricted to authorized staff");
+    $msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
   }
 }
 
 if (! isset($L_INOTIFY_UPDATE_DOMAIN)) {
-  __("Missing INOTIFY_UPDATE_DOMAIN var in /etc/alternc/local.sh . Fix it!");
+  $msg->raise("ERROR", "admin", _("Missing INOTIFY_UPDATE_DOMAIN var in /etc/alternc/local.sh . Fix it!"));
+  echo $msg->msg_html_all();
   die();
 }
 

bureau/admin/adm_variables.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: adm_variables.php,v 1.1 2005/01/19 06:09:36 anarcat Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,14 +15,19 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Manage allowed TLD on the server
- ----------------------------------------------------------------------
 */
+
+/**
+ * Manages global variables of AlternC
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
+
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -47,12 +44,13 @@ include_once ("head.php");
 <h3><?php __("Configure AlternC variables"); ?></h3>
 <hr id="topbar"/>
 <br />
-
+<?php echo $msg->msg_html_all(); ?>
 <p>
 <?php __("Here are the internal AlternC variables that are currently being used."); ?>
 </p>
 
 <form method="post" action="adm_variables.php">
+  <?php csrf_get(); ?>
 <table border="0" cellpadding="4" cellspacing="0" class='tlist'>
 <tr><th><?php __("Names"); ?></th><th><?php __("Value"); ?></th><th><?php __("Comment"); ?></th></tr>
 <?php
@@ -60,9 +58,9 @@ include_once ("head.php");
 foreach( variables_list() as $vars) {  ?>
 
  <tr class="lst">
- <td><?php echo $vars['name']; ?></td>
- <td><input type="text" name="<?php ehe($vars['name']); ?>" value="<?php ehe($vars['value']); ?>" /></td>
- <td><?php echo $vars['comment']; ?></td>
+    <td><?php ehe($vars['name']); ?></td>
+ <td><input type="text" class="int" name="<?php ehe($vars['name']); ?>" value="<?php ehe($vars['value']); ?>" style="width: 200px"/></td>
+    <td><?php ehe($vars['comment']); ?></td>
  </tr>
 <?php } ?>
 </table>

bureau/admin/alternc_debugme.php

@@ -1,9 +1,32 @@
 <?php
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * Manage debug mode that admins can enable
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
 
 require_once("../class/config.php");
 
 $fields = array (
-  "enable" => array("request","string","0")
+  "enable" => array("post","string","0")
 );
 
 getFields($fields);

bureau/admin/bro_downloadfile.php

@@ -1,9 +1,5 @@
 <?php
 /*
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2000-2012 by the AlternC Development Team.
- https://alternc.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -20,6 +16,13 @@
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
 */
+
+/**
+ * File downloader of AlternC file browser.
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
+
 require_once("../class/config.php");
 
 $fields = array (

bureau/admin/bro_editor.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: bro_editor.php,v 1.5 2005/05/03 14:49:06 anarcat Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,11 +15,18 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Editor of the browser
- ----------------------------------------------------------------------
 */
-require_once("../class/config.php");
+
+/**
+ * File editor part of AlternC file manager / browser.
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
+
+ require_once("../class/config.php");
+
+// We check it ourself : not fatal
+define("NOCSRF",true);
 
 $fields = array (
 	"editfile"    		=> array ("request", "string", ""),
@@ -39,6 +38,7 @@ $fields = array (
 );
 getFields($fields);
 
+$editing=false;
 $editfile=ssla($editfile);
 $texte=ssla($texte);
 
@@ -49,46 +49,99 @@ if (isset($cancel) && $cancel) {
 	include("bro_main.php");
 	exit();
 }
+
 if (isset($saveret) && $saveret) {
-  if ($bro->Save($editfile,$R,$texte)) {
-    $error=sprintf(_("Your file %s has been saved"),$editfile)." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")";
-  } else {
-    $error=$err->errstr();
-  }
-  include("bro_main.php");
-  exit();
+    $editing=true;
+
+    // Thanks to this, we bring you back to the EDIT form if the CSRF is invalid.
+    // Allows you to re-submit
+    // FIXME - doesn't work
+/*    $csrf_check=false;
+    if (count($_POST) && !defined("NOCSRF")) {
+        if (csrf_check()<=0) {
+            $csrf_check = true;
+        }
+    }*/
+    
+    if ($bro->save($editfile,$R,$texte)) {
+        $msg->raise("INFO", "bro", _("Your file %s has been saved")." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")", $editfile);
+        include("bro_main.php");
+        exit();
+    }
 }
 if (isset($save) && $save) {
-  if ($bro->Save($editfile,$R,$texte)) {
-    $error=sprintf(_("Your file %s has been saved"),$editfile)." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")";
-  } else {
-    $error=$err->errstr();
+  if ($bro->save($editfile,$R,$texte)) {
+    $msg->raise("INFO", "bro", _("Your file %s has been saved")." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")", $editfile);
   }
 }
 
+$addhead['css'][]='<link rel="stylesheet" href="/javascript/prettify/prettify.css" type="text/css" />';
+$addhead['js'][]='<script src="/javascript/prettify/prettify.js" type="text/javascript"></script>';
 include_once("head.php");
 
 ?>
 <p>
-<?php if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>"; ?>
-<h3><?php echo _("File editing")." <code>$R/<b>$editfile</b></code><br />"; ?></h3>
+<?php
+echo $msg->msg_html_all();
+?>
+<h3><?php echo _("File editing")." <code>".ehe($R,false)."/<b>".ehe($editfile,false)."</b></code><br />"; ?></h3>
 </p>
+
+<?php
+$content=$bro->content($R,$editfile);
+?>
+
 <form action="bro_editor.php" method="post"><br />
-<textarea class="int" style="font-family: <?php echo $p["editor_font"]; ?>; font-size: <?php echo $p["editor_size"]; ?>; width: 90%; height: 400px;" name="texte"><?php
-  $content=$bro->content($R,$editfile);
+  <?php csrf_get(); ?>
+<div id="tabsfile">
+  <ul>
+    <li class="view"><a href="#tabsfile-view"><?php __("View"); ?></a></li>
+    <li class="edit"><a href="#tabsfile-edit"><?php __("Edit"); ?></a></li>
+  </ul>
+
+<div id="tabsfile-view">
+<?php
+echo "<pre class='prettyprint' id='file_content_view' >$content</pre>";
+?>
+</div>
+
+<div id="tabsfile-edit">
+<textarea id='file_content_editor' class="int" style="font-family: <?php echo $p["editor_font"]; ?>; font-size: <?php echo $p["editor_size"]; ?>; width: 90%; height: 400px;" name="texte"><?php
   if (empty($content)) { 
     $error=_("This file is empty");
   } else {
     echo $content;  
   }
 ?></textarea>
+</div>
+</div><!-- tabsfile -->
+<br/>
 <?php if (!empty($error)) echo "<p class=\"alert alert-danger\">".$error."</p>"; ?>
-	<input type="hidden" name="editfile" value="<?php echo str_replace("\"","&quot;",$editfile); ?>" />
-	<input type="hidden" name="R" value="<?php echo str_replace("\"","&quot;",$R); ?>" />
+	<input type="hidden" name="editfile" value="<?php ehe($editfile); ?>" />
+	<input type="hidden" name="R" value="<?php ehe($R); ?>" />
 
 	<input type="submit" class="inb" value="<?php __("Save"); ?>" name="save" />
 	<input type="submit" class="inb" value="<?php __("Save &amp; Quit"); ?>" name="saveret" />
 	<input type="submit" class="inb" value="<?php __("Quit"); ?>" name="cancel" />
 <br />
 </form>
+
+<script type="text/javascript">
+$(function() {
+    prettyPrint();
+    $( "#tabsfile" ).tabs();
+<?php if ($editing) { ?>
+    $( "#tabsfile-edit" ).tabs( "option", "active", 1 );
+<?php } ?>
+});
+
+$('#tabsfile').on('tabsbeforeactivate', function(event, ui){
+    var b = $('#file_content_editor').val();
+    $('#file_content_view').text( b );
+    $('#file_content_view').removeClass('prettyprinted');
+    PR.prettyPrint();
+});
+</script>
+
+
 <?php include_once("foot.php"); ?>

bureau/admin/bro_main.php

@@ -1,13 +1,5 @@
 <?php
 /*
-   $Id: bro_main.php,v 1.11 2004/09/06 18:14:36 anonymous Exp $
-   ----------------------------------------------------------------------
-   AlternC - Web Hosting System
-   Copyright (C) 2002 by the AlternC Development Team.
-   http://alternc.org/
-   ----------------------------------------------------------------------
-   Based on:
-   Valentin Lacambre's web hosting softwares: http://altern.org/
    ----------------------------------------------------------------------
    LICENSE
 
@@ -23,34 +15,47 @@
 
    To read the license please visit http://www.gnu.org/copyleft/gpl.html
    ----------------------------------------------------------------------
-   Original Author of file: Benjamin Sonntag, Remi
-   Purpose of file: Online file Browser of AlternC
-   TODO : Voir ??? + D<EFBFBD>placer / Copier 
-   ----------------------------------------------------------------------
  */
-require_once("../class/config.php");
+
+/**
+ * A file browser / manager for AlternC
+ * Warning: complex spaghetti-style code below.
+ * allow an account user to browse files, move, copy, upload, rename,
+ * and set permissions
+ * also, uncompress tarballs and zips, and import SQL files
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/  
+ */
+
+ require_once("../class/config.php");
 include_once ("head.php");
 
 $fields = array (
     "R"           => array ("request", "string", ""),
-    "o"           => array ("request", "array", ""),
-    "d"           => array ("request", "array", ""),
+    "o"           => array ("request", "array", array()),
+    "d"           => array ("request", "array", array()),
     "perm"        => array ("post",    "array", array()),
-    "formu"       => array ("request", "integer", ""),
+    "formu"       => array ("post", "integer", ""),
     "actextract"  => array ("request", "string", ""),
     "fileextract" => array ("request", "string", ""),
-    "actperms"    => array ("request", "string", ""),
-    "actdel"      => array ("request", "string", ""),
-    "actcopy"     => array ("request", "string", ""),
-    "actrename"   => array ("request", "string", ""),
-    "actmove"     => array ("request", "string", ""),
-    "actmoveto"   => array ("request", "string", ""),
-    "nomfich"     => array ("request", "string", ""),
+    "actperms"    => array ("post", "string", ""),
+    "actdel"      => array ("post", "string", ""),
+    "actcopy"     => array ("post", "string", ""),
+    "actrename"   => array ("post", "string", ""),
+    "actmove"     => array ("post", "string", ""),
+    "actmoveto"   => array ("post", "string", ""),
+    "nomfich"     => array ("post", "string", ""),
     "del_confirm" => array ("request", "string", ""),
     "cancel"      => array ("request", "string", ""),
     "showdirsize" => array ("request", "integer", "0"),
-    "nomfich"     => array ("request", "string", ""),
+    "nomfich"     => array ("post", "string", ""),
     );
+
+## does not intend to edit oversize files.
+$memory_limit=ini_get("memory_limit");
+if (preg_match("#([mk])#i", $memory_limit, $out))
+	$memory_limit=$memory_limit*1024*($out[1]=="M"?1024:1);
+
 getFields($fields);
 
 $p=$bro->GetPrefs();
@@ -61,16 +66,17 @@ if (!$R && $p["golastdir"]) {
 $R=$bro->convertabsolute($R,1);
 // on fait ?
 if (!empty($formu) && $formu) {
+  $absolute = $bro->convertabsolute($R, false);
   switch ($formu) {
-    case 1:  // Cr<EFBFBD>er le r<>pertoire $R.$nomfich
-      if (!$bro->CreateDir($R,$nomfich)) {
-        $error = $err->errstr();
+    case 1:  // Create the folder $R.$nomfich
+      if ($bro->CreateDir($R,$nomfich)) {
+        $msg->raise("INFO", "bro", _("The folder '%s' was successfully created"), $nomfich);
       }
       $p=$bro->GetPrefs();
       break;
-    case 6: // Cr<EFBFBD>er le fichier $R.$nomfich
-      if (!$bro->CreateFile($R,$nomfich)) {
-        $error = $err->errstr();
+    case 6: // Create the file $R.$nomfich
+      if ($bro->CreateFile($R,$nomfich)) {
+        $msg->raise("INFO", "bro", _("The file '%s' was successfully created"), $nomfich);
       }
       $p=$bro->GetPrefs();
       if ($p["createfile"]==1) {
@@ -82,28 +88,34 @@ if (!empty($formu) && $formu) {
     case 2:  // act vaut Supprimer Copier ou Renommer.
       if ($actdel) {
         if (!empty($del_confirm) ) { 
-          if (!$bro->DeleteFile($d,$R)) {
-            $error = $err->errstr();
+          if ($bro->DeleteFile($d,$R)) {
+	    foreach ($d as $v) {
+	      if (is_dir($absolute . "/" . $v))
+                $msg->raise("INFO", "bro", _("The folder '%s' was successfully deleted"), $v);
+	      else
+                $msg->raise("INFO", "bro", _("The file '%s' was successfully deleted"), $v);
+	    }
           }
-        } elseif (empty($cancel) && is_array($d)) {
+        } elseif (empty($cancel) && count($d)) {
           include_once("head.php");
           ?>
             <h3><?php printf(_("Deleting files and/or directories")); ?> : </h3>
             <form action="bro_main.php" method="post" name="main" id="main">  
+ <?php csrf_get(); ?>
             <input type="hidden" name="formu" value="2" />
             <input type="hidden" name="actdel" value="1" />
-            <input type="hidden" name="R" value="<?php echo ehe($R)?>" />
+            <input type="hidden" name="R" value="<?php ehe($R)?>" />
             <p class="alert alert-warning"><?php __("WARNING: Confirm the deletion of this files"); ?></p>
             <h2><?php echo $mem->user["login"].$R."/"; ?></h2>
             <ul>
             <?php foreach($d as $editfile){ ?>
-              <li> <?php echo stripslashes($editfile); ?></li>
-              <input type="hidden" name="d[]" value="<?php echo htmlentities(stripslashes($editfile)); ?>" />
+          <li><b> <?php ehe($editfile); ?></b></li>
+              <input type="hidden" name="d[]" value="<?php ehe($editfile); ?>" />
             <?php } ?>
             </ul>
                 <blockquote>
                 <input type="submit" class="inb ok" name="del_confirm" value="<?php __("Yes, delete those files/folders"); ?>" />&nbsp;&nbsp;
-          <input type="submit" class="inb cancel" name="cancel" value="<?php __("No, don't delete those files/folders"); ?>" />
+          <input type="submit" class="inb cancel" name="cancel" value="<?php __("No, don't delete those files/folders");  ?>" />
             </blockquote>
             </form>
             <?php
@@ -111,44 +123,56 @@ if (!empty($formu) && $formu) {
           exit();
         }
       }
-      if ($actcopy) {
-        if (!$bro->CopyFile($d,$R,$actmoveto)) {
-          $error = $err->errstr();
+      if ($actcopy && count($d)) {
+        if ($bro->CopyFile($d,$R,$actmoveto)) {
+	  if (count($d) == 1) {
+	    if (is_dir($absolute . "/" . $d[0]))
+	      $msg->raise("INFO", "bro", _("The folder '%s' was successfully copied to '%s'"), array($d[0], $actmoveto));
+	    else
+	      $msg->raise("INFO", "bro", _("The file '%s' was successfully copied to '%s'"), array($d[0], $actmoveto));
+	  } else
+            $msg->raise("INFO", "bro", _("The files / folders were successfully copied"));
         }
       }
-      if ($actmove) {
-        if (!$bro->MoveFile($d,$R,$actmoveto)) {
-          $error = $err->errstr();
+      if ($actmove && count($d)) {
+        if ($bro->MoveFile($d,$R,$actmoveto)) {
+	  if (count($d) == 1) {
+	    if (is_dir($absolute . "/" . $d[0]))
+	      $msg->raise("INFO", "bro", _("The folder '%s' was successfully moved to '%s'"), array($d[0], $actmoveto));
+	    else
+	      $msg->raise("INFO", "bro", _("The file '%s' was successfully moved to '%s'"), array($d[0], $actmoveto));
+	  } else
+            $msg->raise("INFO", "bro", _("The files / folders were successfully moved"));
         }
       }
       break;
     case 4:  // Renommage Effectif...
-      if (!$bro->RenameFile($R,$o,$d)) { // Rename $R (directory) $o (old) $d (new) names
-        $error = $err->errstr();
+      if ($bro->RenameFile($R,$o,$d)) { // Rename $R (directory) $o (old) $d (new) names
+	if (count($d) == 1) {
+	  if (is_dir($absolute . "/" . $d[0]))
+	    $msg->raise("INFO", "bro", _("The folder '%s' was successfully renamed to '%s'"), array($o[0], $d[0]));
+	  else
+	    $msg->raise("INFO", "bro", _("The file '%s' was successfully renamed to '%s'"), array($o[0], $d[0]));
+	} else
+          $msg->raise("INFO", "bro", _("The files / folders were successfully renamed"));
       } 
       break;
     case 3:  // Upload de fichier...
-      if (!$bro->UploadFile($R)) {
-        $error = $err->errstr();
+      if ($bro->UploadFile($R)) {
+        $msg->raise("INFO", "bro", _("The file '%s' was successfully uploaded"), $_FILES['userfile']['name']);
       }
       break;
     case 7:  // Changement de permissions [ML]
-      if (!@$bro->ChangePermissions($R, $d, $perm)) {
-        $error = $err->errstr();
+      if ($bro->ChangePermissions($R, $d, $perm)) {
+	$msg->raise("INFO", "bro", _("The permissions were successfully set"));
       }
       break;
   }
 }
 
 if (isset($actextract) && $actextract) {
-  print _("extracting...")."<br />\n"; flush();
   if ($bro->ExtractFile($R. '/' . $fileextract, $R)) {
-    echo "<p class=\"alert alert-danger\">";
-    print $err->errstr();
-    print _("failed")."<br />\n";
-    echo "</p>";
-  } else {
-    print _("done")."<br />\n";
+    $msg->raise("INFO", "bro", _("The extraction of the file '%s' succeeded"), $fileextract);
   }
 }
 
@@ -167,28 +191,28 @@ if (isset($actextract) && $actextract) {
 /* Creation de la liste des fichiers courants */
 $c=$bro->filelist($R, $showdirsize );
 if ($c===false) {
-  echo "<p class=\"alert alert-danger\">".$err->errstr()."</p>";
+  echo $msg->msg_html_all();
   require_once('foot.php');
   exit;
 }
 
-if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>"; 
+echo $msg->msg_html_all();
 ?>
 
 <table><tr>
 <td class="formcell">
 
 <form action="bro_main.php" enctype="multipart/form-data" method="post">
-<input type="hidden" name="R" value="<?php echo $R; ?>" />
+   <?php csrf_get(); ?>
+<input type="hidden" name="R" value="<?php ehe($R); ?>" />
 <input type="hidden" name="formu" value="3" />
 
 <?php __("Send one file:"); ?><br />
 <input class="int" name="userfile" type="file" />
-<input type="hidden" name="MAX_FILE_SIZE" value="10000000" /><?php ### WTF ???? ?>
 <br />
 <input type="submit" id="sendthisfile" class="ina" value="<?php __("Send this file"); ?>" />
-<?php echo sprintf(_("Warning: max size: %s"),ini_get('upload_max_filesize')); ?>
-</form>
+<?php echo sprintf(_("Warning: max size: %s"),$bro->getMaxAllowedUploadSize() ); ?>
+<?php __("(If you upload a compressed file, <br />you will be able to uncompress it after.)"); ?></form>
 
 </td>
 <td style="width: 20px">&nbsp;</td>
@@ -196,7 +220,8 @@ if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>";
 
 <?php __("New file or folder:"); ?><br />
 <form action="bro_main.php" method="post" name="nn" id="nn">
-<input type="hidden" name="R" value="<?php echo $R; ?>" />
+   <?php csrf_get(); ?>
+<input type="hidden" name="R" value="<?php ehe($R); ?>" />
 <table><tr>
 <td><input type="text" class="int" name="nomfich" id="nomfich" size="22" maxlength="255" /></td>
 <td><input type="submit" class="ina" value="<?php __("Create"); ?>" /></td>
@@ -213,17 +238,19 @@ if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>";
 <tr><td valign="top">
 
 <?php
-/* Renommer / Copier / D<>placer les fichiers : */
+/* ' */
+/* Rename / Copy / Move files: */
 if (isset($formu) && $formu==2 && isset($actrename) && $actrename && count($d)) {
   echo "<table cellpadding=\"6\">\n";
   echo "<form action=\"bro_main.php\" method=\"post\">\n";
-  echo "<input type=\"hidden\" name=\"R\" value=\"$R\" />\n";
+  csrf_get(); 
+  echo "<input type=\"hidden\" name=\"R\" value=\"".ehe($R,false)."\" />\n";
   echo "<input type=\"hidden\" name=\"formu\" value=\"4\" />\n";
   echo "<tr><th colspan=\"2\">"._("Rename")."</th></tr>";
   for ($i=0;$i<count($d);$i++) {
     $d[$i]=ssla($d[$i]);
-    echo "<tr><td><input type=\"hidden\" name=\"o[$i]\" value=\"".$d[$i]."\" />".$d[$i]."</td>";
-    echo "<td><input type=\"text\" class=\"int\" name=\"d[$i]\" value=\"".$d[$i]."\" /></td></tr>";
+    echo "<tr><td><input type=\"hidden\" name=\"o[$i]\" value=\"".ehe($d[$i],false)."\" />".ehe($d[$i],false)."</td>";
+    echo "<td><input type=\"text\" class=\"int\" name=\"d[$i]\" value=\"".ehe($d[$i],false)."\" /></td></tr>";
   }
   echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" class=\"inb\" name=\"submit\" value=\""._("Rename")."\" /></td></tr>";
   echo "</table></form>\n";
@@ -233,7 +260,8 @@ if (isset($formu) && $formu==2 && isset($actrename) && $actrename && count($d))
 /* [ML] Changer les permissions : */
 if ($formu==2 && ! (empty($actperms)) && count($d)) {
   echo "<form action=\"bro_main.php\" method=\"post\">\n";
-  echo "<input type=\"hidden\" name=\"R\" value=\"$R\" />\n";
+  csrf_get();
+  echo "<input type=\"hidden\" name=\"R\" value=\"".ehe($R,false)."\" />\n";
   echo "<input type=\"hidden\" name=\"formu\" value=\"7\" />\n";
   echo "<p>"._("Permissions")."</p>";
 
@@ -250,11 +278,11 @@ if ($formu==2 && ! (empty($actperms)) && count($d)) {
     $modes = $stats[2];
 
     echo "<tr>";
-    echo "<td>".$d[$i]."</td>";
+    echo "<td>".ehe($d[$i],false)."</td>";
 
     // Owner
     echo "<td>";
-    echo "<input type=\"hidden\" name=\"d[$i]\" value=\"".$d[$i]."\" />";
+    echo "<input type=\"hidden\" name=\"d[$i]\" value=\"".ehe($d[$i],false)."\" />";
     echo "<label for=\"permw$i\">"._("write")."</label> <input type=\"checkbox\" id=\"permw$i\" name=\"perm[$i][w]\" value=\"1\" ". (($modes & 0000200) ? 'checked="checked"' : '') ." />";
     echo "</td>";
 
@@ -273,7 +301,8 @@ if (count($c)) {
 
   ?>
     <form action="bro_main.php" method="post" name="main" id="main">
-    <input type="hidden" name="R" value="<?php echo $R; ?>" />
+   <?php csrf_get(); ?>
+    <input type="hidden" name="R" value="<?php ehe($R); ?>" />
     <input type="hidden" name="formu" value="2" />
 
     <br />
@@ -289,8 +318,8 @@ if (count($c)) {
   <input type="submit" class="ina" name="actcopy" value="<?php __("Copy"); ?>" onClick=" return actmoveto_not_empty();"/>
     <input type="submit" class="ina" name="actmove" value="<?php __("Move"); ?>" onClick=" return actmoveto_not_empty();"/>
     <?php __("To"); ?> 
-    <input type="text" class="int" id='actmoveto' name="actmoveto" value="" />
-    <?php display_browser( "" , "main.actmoveto" ); ?>
+    <input type="text" class="int" id="actmoveto" name="actmoveto" value="" />
+    <?php display_browser( "" , "actmoveto" ); ?>
 
     </td></tr>
 
@@ -313,7 +342,7 @@ function actmoveto_not_empty() {
       case 0:
         /* AFFICHE 1 COLONNE DETAILLEE */
         reset($c);
-        echo "<table width=\"100%\" class=\"tlist\" style=\"border: 0px\" cellpadding=\"2\" cellspacing=\"0\">";
+        echo "<table width=\"100%\" id='tab_files_w_details' class=\"tlist\" style=\"border: 0px\" cellpadding=\"2\" cellspacing=\"0\"><thead>";
         ?>
           <tr><th>
           <script type="text/javascript">
@@ -332,27 +361,31 @@ function actmoveto_not_empty() {
                 <th><?php __("File Type"); ?></th>
                   <?php } ?>
                   <th></th>
-                  </tr>
-                  <?php
+                  </tr></thead><tbody>
+<?php
 
         for($i=0;$i<count($c);$i++) {
           echo "<tr class=\"lst\">\n";
           if ($c[$i]["type"]) {
-            echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".htmlentities($c[$i]["name"])."\" /></td>";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\" /></td>";
             if ($p["showicons"]) {
               echo "<td style='text-align: center;' width=\"28\"><img src=\"icon/".$bro->icon($c[$i]["name"])."\" width=\"16\" height=\"16\" alt=\"\" /></td>";
             }
             echo "<td><a href=\"";
             $canedit = $bro->can_edit($R,$c[$i]["name"]);
-            if ($canedit) {
+            if ($canedit&&($c[$i]["size"]<$memory_limit)) {
               echo "bro_editor.php?editfile=".urlencode($c[$i]["name"])."&amp;R=".urlencode($R);
             } else {
               echo "bro_downloadfile.php?dir=".urlencode($R)."&amp;file=".urlencode($c[$i]["name"]);
             }
             echo "\">"; ehe($c[$i]["name"]); 
-            echo"</a></td>\n";
-            echo "  <td>".format_size($c[$i]["size"])."</td>";
-            echo "<td>".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s",$c[$i]["date"]))."<br /></td>";
+            echo"</a>";
+            if (!($c[$i]["permissions"] & 0000200)) {
+                echo " (<a href=\"bro_main.php?actperms=Permissions&R=".urlencode($R)."&amp;formu=2&amp;d[]=".urlencode($c[$i]["name"])."\">"._("protected")."</a>)";
+            }
+            echo "</td>\n";
+            echo "  <td data-sort-value=\"".$c[$i]["size"]."\">".format_size($c[$i]["size"])."</td>";
+            echo "<td data-sort-value=\"".$c[$i]["date"]."\">".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s",$c[$i]["date"]))."<br /></td>";
             if ($p["showtype"]) {
               echo "<td>"._($bro->mime($c[$i]["name"]))."</td>";
             }
@@ -362,37 +395,37 @@ function actmoveto_not_empty() {
             } else {
               echo "<td>&nbsp;";
             }
-            $e = $bro->is_extractable($R,$c[$i]["name"]);
+            $e = $bro->is_extractable($c[$i]["name"]);
             if ($e) {
               echo " <a href=\"bro_main.php?actextract=1&amp;fileextract=".urlencode($c[$i]["name"])."&amp;R=".urlencode($R)."\">";
               echo _("Extract");
               echo "</a>";
             }
-            $ez = $bro->is_sqlfile($R,$c[$i]["name"]);
+            $ez = $bro->is_sqlfile($c[$i]["name"]);
             if ($ez) {
               echo " <a href=\"javascript:;\" onClick=\"$('#rest_db_$i').toggle();\">";
               echo _("Restore SQL");
               echo "</a>";
               echo "<div id='rest_db_$i' style='display:none;'><fieldset><legend>"._("Restore SQL")."</legend>"._("In which database to you want to restore this dump?");
               echo "<br/>";
-              echo "<input type='hidden' name ='filename' value='".htmlentities($R."/".$c[$i]["name"])."' />";
+              echo "<input type='hidden' name ='filename' value='".ehe($R."/".$c[$i]["name"],false)."' />";
               $dbl=array(); foreach ($mysql->get_dblist() as $v) { $dbl[]=$v['db'];}
               echo "<select id='db_name_$i'>"; eoption($dbl,'',true); echo "</select>" ;
-              echo "<a href='javascript:;' onClick='window.location=\"sql_restore.php?filename=".urlencode($R."/".$c[$i]["name"])."&amp;id=\"+encodeURIComponent($(\"#db_name_$i\").val()) ;'>"._("Restore it")."</a>";
+              echo "<a href='javascript:;' onClick='window.location=\"sql_restore.php?filename=".eue($R."/".$c[$i]["name"],false)."&amp;id=\"+encodeURIComponent($(\"#db_name_$i\").val()) ;'>"._("Restore it")."</a>";
               echo "</fieldset></div>";
             }
 
             echo "</td>\n";
           } else {           // DOSSIER :
-            echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".htmlentities($c[$i]["name"])."\" /></td>";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\" /></td>";
             if ($p["showicons"]) {
               echo "<td width=\"28\" style='text-align: center;'><img src=\"icon/folder.png\" width=\"16\" height=\"16\" alt=\"\" /></td>";
             }
             echo "<td><b><a href=\"";
-            echo "bro_main.php?R=".urlencode($R."/".$c[$i]["name"]);
+            echo "bro_main.php?R=".eue($R."/".$c[$i]["name"],false);
             echo "\">"; ehe($c[$i]["name"]); echo "/</a></b></td>\n";
-            echo "  <td>".format_size($c[$i]["size"])."</td>";
-            echo "<td>".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d h:i:s",$c[$i]["date"]))."<br /></td>";
+            echo "  <td data-sort-value=\"".$c[$i]["size"]."\">".format_size($c[$i]["size"])."</td>";
+            echo "<td data-sort-value=\"".$c[$i]["date"]."\">".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d h:i:s",$c[$i]["date"]))."<br /></td>";
             if ($p["showtype"]) {
               echo "<td>"._("Folder")."</td>";
             }
@@ -402,7 +435,7 @@ function actmoveto_not_empty() {
 
           echo "</tr>\n";
         }
-        echo "</table>";
+        echo "</tbody></table>";
         break;
       case 1:
         /* AFFICHE 2 COLONNES COURTES */
@@ -413,9 +446,16 @@ function actmoveto_not_empty() {
         for($i=0;$i<round(count($c)/2);$i++) {
           echo "<tr class=\"lst\">\n";
           if ($c[$i]["type"]) {
-            echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\" /></td><td><a href=\"";
-            echo "bro_editor.php?editfile=".urlencode($c[$i]["name"])."&amp;R=".urlencode($R);
-            echo "\">".htmlentities($c[$i]["name"])."</a></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\" /></td>";
+            echo "<td><a href=\"";
+            $canedit = $bro->can_edit($R,$c[$i]["name"]);
+            if ($canedit && ($c[$i]["size"]<$memory_limit)) {
+                echo "bro_editor.php?editfile=".eue($c[$i]["name"],false)."&amp;R=".eue($R,false);
+            } else {
+                echo "bro_downloadfile.php?dir=".eue($R,false)."&amp;file=".eue($c[$i]["name"],false);
+            }
+            echo "\">"; ehe($c[$i]["name"]); 
+            echo "</a></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             $vu=$bro->viewurl($R,$c[$i]["name"]);
             if ($vu) {
@@ -425,9 +465,9 @@ function actmoveto_not_empty() {
             }
             echo "</td>\n";
           } else {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><b><a href=\"";
-            echo "bro_main.php?R=".urlencode($R."/".$c[$i]["name"]);
-            echo "\">".htmlentities($c[$i]["name"])."/</a></b></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><b><a href=\"";
+              echo "bro_main.php?R=".eue($R."/".$c[$i]["name"],false);
+              echo "\">".ehe($c[$i]["name"],false)."/</a></b></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             echo "&nbsp;";
             echo "</td>\n";
@@ -441,9 +481,15 @@ function actmoveto_not_empty() {
         for($i=round(count($c)/2);$i<count($c);$i++) {
           echo "<tr class=\"lst\">\n";
           if ($c[$i]["type"]) {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><a href=\"";
-            echo "bro_editor.php?editfile=".urlencode($c[$i]["name"])."&amp;R=".urlencode($R);
-            echo "\">".htmlentities($c[$i]["name"])."</a></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><a href=\"";
+            $canedit = $bro->can_edit($R,$c[$i]["name"]);
+            if ($canedit && ($c[$i]["size"]<$memory_limit)) {
+              echo "bro_editor.php?editfile=".urlencode($c[$i]["name"])."&amp;R=".urlencode($R);
+            } else {
+              echo "bro_downloadfile.php?dir=".urlencode($R)."&amp;file=".urlencode($c[$i]["name"]);
+            }
+            echo "\">"; ehe($c[$i]["name"]); 
+            echo "</a></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             $vu=$bro->viewurl($R,$c[$i]["name"]);
             if ($vu) {
@@ -453,9 +499,9 @@ function actmoveto_not_empty() {
             }
             echo "</td>\n";
           } else {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><b><a href=\"";
-            echo "bro_main.php?R=".urlencode($R."/".$c[$i]["name"]);
-            echo "\">".htmlentities($c[$i]["name"])."/</a></b></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><b><a href=\"";
+              echo "bro_main.php?R=".eue($R."/".$c[$i]["name"],false);
+            echo "\">".ehe($c[$i]["name"],false)."/</a></b></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             echo "&nbsp;";
             echo "</td>\n";
@@ -476,9 +522,15 @@ function actmoveto_not_empty() {
         for($i=0;$i<round(count($c)/3);$i++) {
           echo "<tr class=\"lst\">\n";
           if ($c[$i]["type"]) {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><a href=\"";
-            echo "bro_editor.php?editfile=".urlencode($c[$i]["name"])."&amp;R=".urlencode($R);
-            echo "\">".htmlentities($c[$i]["name"])."</a></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><a href=\"";
+            $canedit = $bro->can_edit($R,$c[$i]["name"]);
+            if ($canedit&&($c[$i]["size"]<$memory_limit)) {
+              echo "bro_editor.php?editfile=".eue($c[$i]["name"],false)."&amp;R=".eue($R,false);
+            } else {
+              echo "bro_downloadfile.php?dir=".eue($R,false)."&amp;file=".eue($c[$i]["name"],false);
+            }
+            echo "\">"; ehe($c[$i]["name"],false); 
+            echo "</a></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             $vu=$bro->viewurl($R,$c[$i]["name"]);
             if ($vu) {
@@ -488,9 +540,9 @@ function actmoveto_not_empty() {
             }
             echo "</td>\n";
           } else {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><b><a href=\"";
-            echo "bro_main.php?R=".urlencode($R."/".$c[$i]["name"]);
-            echo "\">".htmlentities($c[$i]["name"])."/</a></b></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><b><a href=\"";
+            echo "bro_main.php?R=".eue($R."/".$c[$i]["name"],false);
+            echo "\">".ehe($c[$i]["name"],false)."/</a></b></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             echo "&nbsp;";
             echo "</td>\n";
@@ -504,9 +556,15 @@ function actmoveto_not_empty() {
         for($i=round(count($c)/3);$i<round(2*count($c)/3);$i++) {
           echo "<tr class=\"lst\">\n";
           if ($c[$i]["type"]) {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><a href=\"";
-            echo "bro_editor.php?editfile=".urlencode($c[$i]["name"])."&amp;R=".urlencode($R);
-            echo "\">".htmlentities($c[$i]["name"])."</a></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><a href=\"";
+            $canedit = $bro->can_edit($R,$c[$i]["name"]);
+            if ($canedit&&($c[$i]["size"]<$memory_limit)) {
+              echo "bro_editor.php?editfile=".eue($c[$i]["name"],false)."&amp;R=".eue($R,false);
+            } else {
+              echo "bro_downloadfile.php?dir=".eue($R,false)."&amp;file=".eue($c[$i]["name"],false);
+            }
+            echo "\">"; ehe($c[$i]["name"],false); 
+            echo "</a></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             $vu=$bro->viewurl($R,$c[$i]["name"]);
             if ($vu) {
@@ -517,9 +575,9 @@ function actmoveto_not_empty() {
 
             echo "</td>\n";
           } else {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><b><a href=\"";
-            echo "bro_main.php?R=".urlencode($R."/".$c[$i]["name"]);
-            echo "\">".htmlentities($c[$i]["name"])."/</a></b></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><b><a href=\"";
+            echo "bro_main.php?R=".eue($R."/".$c[$i]["name"],false);
+            echo "\">".ehe($c[$i]["name"],false)."/</a></b></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             echo "&nbsp;";
             echo "</td>\n";
@@ -533,9 +591,15 @@ function actmoveto_not_empty() {
         for($i=round(2*count($c)/3);$i<count($c);$i++) {
           echo "<tr class=\"lst\">\n";
           if ($c[$i]["type"]) {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\" name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><a href=\"";
-            echo "bro_editor.php?editfile=".urlencode($c[$i]["name"])."&amp;R=".urlencode($R);
-            echo "\">".htmlentities($c[$i]["name"])."</a></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\" name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><a href=\"";
+            $canedit = $bro->can_edit($R,$c[$i]["name"]);
+            if ($canedit && ($c[$i]["size"]<$memory_limit)) {
+              echo "bro_editor.php?editfile=".eue($c[$i]["name"],false)."&amp;R=".eue($R,false);
+            } else {
+              echo "bro_downloadfile.php?dir=".eue($R)."&amp;file=".eue($c[$i]["name"]);
+            }
+            echo "\">"; ehe($c[$i]["name"],false); 
+            echo "</a></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             $vu=$bro->viewurl($R,$c[$i]["name"]);
             if ($vu) {
@@ -545,9 +609,9 @@ function actmoveto_not_empty() {
             }
             echo "</td>\n";
           } else {
-            echo "  <td width=\"28\"><input TYPE=checkbox class=\"inc\"  name=\"d[]\" value=\"".$c[$i]["name"]."\"></td><td><b><a href=\"";
-            echo "bro_main.php?R=".urlencode($R."/".$c[$i]["name"]);
-            echo "\">".htmlentities($c[$i]["name"])."/</a></b></td>\n";
+              echo "  <td width=\"28\"><input type=\"checkbox\" class=\"inc\"  name=\"d[]\" value=\"".ehe($c[$i]["name"],false)."\"></td><td><b><a href=\"";
+            echo "bro_main.php?R=".eue($R."/".$c[$i]["name"],false);
+            echo "\">".ehe($c[$i]["name"],false)."/</a></b></td>\n";
             echo "  <td>".format_size($c[$i]["size"])."</td><td>";
             echo "&nbsp;";
             echo "</td>\n";
@@ -574,20 +638,20 @@ else {
 
 <br/>
 
-<p>
-<span class="ina"><a href="bro_main.php?R=<?php echo (($R)?$R:"/"); ?>&amp;showdirsize=1"><?php __("Show size of directories"); ?></a></span> <?php __("(slow)"); ?>
-</p><p>&nbsp;</p><p>
+<div class="showdirsize_button">
+<span class="ina"><a href="bro_main.php?R=<?php eue(($R)?$R:"/",false); ?>&amp;showdirsize=1"><?php __("Show size of directories"); ?></a></span> <?php __("(slow)"); ?><br />&nbsp;<br />
+</div>
 <span class="ina"><?php
 if ($hta->is_protected($R)) {
-  echo "<a href=\"hta_edit.php?dir=".(($R)?$R:"/")."\">"._("Edit this folder's protection")."</a>";
+    echo "<a href=\"hta_edit.php?dir=".eue(($R)?$R:"/",false)."\">"._("Edit this folder's protection")."</a>";
 }
 else {
-  echo "<a href=\"hta_add.php?dir=".(($R)?$R:"/")."\">"._("Protect this folder")."</a>";
+    echo "<a href=\"hta_add.php?dir=".eue(($R)?$R:"/",false)."\">"._("Protect this folder")."</a>";
 }
 ?></span> <?php __("with a login and a password"); ?>
 </p><p>
 <span class="ina">
-<a href="bro_tgzdown.php?dir=<?php echo (($R)?$R:"/") ?>"><?php __("Download this folder"); ?></a>
+<a href="bro_tgzdown.php?dir=<?php eue(($R)?$R:"/"); ?>"><?php __("Download this folder"); ?></a>
 </span> &nbsp; 
 <?php printf(_("as a %s file"),$bro->l_tgz[$p["downfmt"]]); ?>
 </p>  
@@ -616,4 +680,19 @@ else {
 </span> 
 </p>
 </td></tr></table>
+
+<script type="text/javascript">
+$(document).ready(function() {
+  $("#tab_files_w_details").tablesorter({
+    textExtraction: function(node) {
+        var attr = $(node).attr('data-sort-value');
+        if (typeof attr !== 'undefined' && attr !== false) {
+            return attr;
+        }
+        return $(node).text(); 
+    } 
+   });
+}); 
+</script>
+
 <?php include_once("foot.php"); ?>

bureau/admin/bro_pref.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: bro_pref.php,v 1.2 2003/06/10 06:45:16 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,10 +15,14 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Configuration of the file browser
- ----------------------------------------------------------------------
 */
+
+/**
+ * Form to set the preferences of the file browser of AlternC
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/
+ */
+
 require_once("../class/config.php");
 
 $fields = array (
@@ -46,7 +42,7 @@ getFields($fields);
 
 if (!empty($submit)) {
 	$bro->SetPrefs($editsizex, $editsizey, $listmode, $showicons, $downfmt, $createfile, $showtype, $editor_font, $editor_size, $golastdir);
-	$error=_("Your preferences have been updated.");
+	$msg->raise("INFO", "bro", _("Your preferences have been updated."));
 	include("bro_main.php");
 	exit;
 }
@@ -60,7 +56,7 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <form action="bro_pref.php" method="post">
-
+  <?php csrf_get(); ?>
 
 <table cellpadding="6" border="1" cellspacing="0" class='tedit'>
 <tr><th><?php __("Horizontal window size"); ?></th><td><select class="inl" name="editsizex">

bureau/admin/bro_tgzdown.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: bro_tgzdown.php,v 1.2 2004/09/06 18:14:36 anonymous Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,10 +15,15 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Sonntag Benjamin
- Purpose of file: Return the current folder in a compressed file
- ----------------------------------------------------------------------
 */
+
+/**
+ * Returns the current folder's in compressed format,
+ * used from the File Browser
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 $fields = array (
@@ -36,9 +33,7 @@ getFields($fields);
 
 
 $p=$bro->GetPrefs();
-// need to release the giant lock, otherwise those downloads will hang
-// AlternC for all users!
-alternc_shutdown();
+
 switch ($p["downfmt"]) {
 	case 0:
 		$bro->DownloadTGZ($dir);

bureau/admin/bro_view.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: bro_view.php,v 1.1.1.1 2003/03/26 17:41:29 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,10 +15,14 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Show a file passed in the URL Name...
- ----------------------------------------------------------------------
 */
+
+/**
+ * Send the content of a file to a user, used by the File Browser
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 $bro->content_send(dirname($PATH_INFO),basename($PATH_INFO));

bureau/admin/browseforfolder.php

@@ -1,178 +0,0 @@
-<?php
-/*
-	Navigateur de dossiers en php. (BrowseForFolder in win32 api :)
-        Version 1.0
-        Notes :
-            Benjamin Sonntag 23/12/2001 Version initiale: n'utilise qu'un seul uid : 1...
-        Fichier :
-            browseforfolder.php3 : Dialogue de navigation BrowseForFolder
-$caller = composant form appelant (de la forme forms['main'].component )
-
-function browseforfolder(caller) {
-    eval("file=document."+caller+".value");
-    w=window.open("browseforfolder.php?caller="+caller+"&file="+file,"browseforfolder","width=300,height=400,scrollbars,left=100,top=100");
-}
-
-requires : ife($test,$iftrue,$iffalse) function : 
-
-function ife($test,$true,$false="") {
-	if ($test)
-		return $true;
-	else
-		return $false;
-}
-
-    BrowseForFolder($curdir); Retourne le tableau avec la liste des dossiers à afficher dans
-        la fonction browseforfolder sachant que le dossier actuel et curdir
-        retourne un tableau de tableau de la forme :
-                dir => "directory"      Nom du dossier
-                level => 0-n            Niveau du dossier (0=racine 1,2 ...)
-                put => "/sub/sub/directory" Contenu de la variable post à ajouter pour la balise A si ="" c'est le dossier courant.
-        Si probleme, positionne $errbrowsefold
-        Sinon, retourne le tableau et $maxlevel contient le nombre maximum de sous-dossiers.
-*/
-include("../class/config.php");
-
-// FIXME Refaire ce truc hein...
-$fields = array (
-        "caller"               => array ("request", "string", ""),
-        "select"               => array ("request", "string", ""),
-        "curdir"               => array ("request", "string", ""),
-        "lastcurdir"           => array ("request", "string", ""),
-        "file"                 => array ("request", "string", ""),
-);
-getFields($fields);
-
-function _subbrowse($curdir,$pos,$level) {
-	global $maxlevel,$root,$brlist;
-	if ($level>$maxlevel)
-	$maxlevel=$level;
-	$rot=substr($curdir,0,$pos);
-	$next=@strpos($curdir,"/",$pos+1);
-	$nextstr=substr($curdir,$pos+1,$next-$pos-1);
-	$c=opendir($root.$rot);
-	$i=0; $tmp = array();
-	while ($r=readdir($c)) { 
-		if (is_dir($root.$rot."/".$r) && $r!="." && $r!="..") { $tmp[$i++]=$r; }
-	}
- 	sort($tmp);	
-	foreach ($tmp as $r) {
-			/* Ajout */
-			$brlist[]=array("dir"=>$r,"level"=>$level,"put"=> ife($curdir==$rot."/".$r."/","",$rot."/".$r));
-			if ($r==$nextstr) {
-				_subbrowse($curdir,$next,$level+1);
-			}
-	}
-}
-
-function browseforfolder($curdir) {
-	global $maxlevel,$root,$brlist;
-        $maxlevel=0;
-        $pat=explode("/",$curdir);
-        $brlist=array(array("dir"=>"/","level"=>0,"put"=> ife($curdir=="/","","/") ));
-        _subbrowse($curdir,0,1);
-        return $brlist;
-}
-
-$root=getuserpath();
-// pour utiliser 'la ou est browseforfolder', mettre dirname($HTTP_SERVER_VARS["PATH_TRANSLATED"]);
-
-if (substr($file,0,1)!="/") $file="/".$file;
-if (substr($file,-1)!="/") $file.="/";
-if (!$file) $file="/";
-
-$errbrowsefold=0;    /* Erreur lors de la création d'un dossier */
-$brlist=array();    /* Liste des dossiers ... */
-$maxlevel=0;
-
-
-if (isset($select) && $select) {
-        /* Go ahead, let's send the javascript ...*/
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr">
-<head>
-<title>Browser for folder</title>
-<link rel="stylesheet" href="styles/style.css" type="text/css" />
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-
-<?php
-        echo "<head><script type=\"text/javascript\">\n";
-        echo "window.opener.document.".$caller.".value='".addslashes($file)."';\n";
-        echo "window.opener.window.focus();\n";
-        echo "window.close();\n";
-        echo "</script>\n";
-	echo "</head><body></body></html>";
-        exit();
-}
-
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr">
-<head>
-<title>Recherche d'un dossier</title>
-<link rel="stylesheet" href="styles/style.css" type="text/css" />
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-<script type="text/javascript">
-/* Fonction appellée lors du lancement d'un popup Fichier : */
-function popupfile() {
-        window.focus();
-        if (document.forms["main"].file)
-                document.forms["main"].file.focus();
-}
-</script>
-</head>
-<body onload="popupfile();">
-<h3><?php __("Searching for a folder"); ?></h3>
-<?php
-
-$ar=browseforfolder($file);
-if ($errbrowsefold) {
-        /* Si le dossier spécifié n'existe pas ou est un fichier : */
-        echo _("Error, cannot find this folder")."<br />";
-        /* Retour : */
-        echo "<a href=\"browseforfolder.php?caller=".urlencode($caller)."&amp;curdir=".$root."\">"._("Back to the root folder")."</a><br />";
-} else {
-        /* Sinon, tout va bien, on affiche le tableau */
-        reset($ar);
-?>
-<form method="post" id="main" name="main" action="browseforfolder.php">
-<p>
-<input type="hidden" name="caller" value="<?php echo $caller; ?>" />
-<input type="hidden" name="lastcurdir" value="<?php echo $curdir; ?>" />
-
-<input type="text" class="int" name="file" size="20" value="<?php ehe($file); ?>" /><br />
-
-<input type="submit" name="select" value="<?php __("Select"); ?>" class="inb" />&nbsp;
-<input type="button" name="cancel" value="<?php __("Cancel"); ?>" class="inb" onclick="window.close();" />&nbsp;
-</p>
-</form>
-
-<table style="border: 0" cellspacing="2" cellpadding="0">
-
-<?php
-        while (list($key,$val)=each($ar)) {
-                echo "<tr>\n";
-                for ($i=0;$i<$val["level"];$i++)
-                        echo "<td width=\"16\"></td>";
-                if ($val["put"]!="") {
-			?>
-                        <td width="16"><img src="icon/folder.png" width="16" height="16" alt="" /></td>
-			<?php
-                } else {
-				?>
-                        <td width="16"><img src="icon/openfold.png" width="16" height="16" alt="" /></td>
-			<?php
-                }
-                echo "<td colspan=\"".($maxlevel-$val["level"]+1)."\">";
-                if ($val["put"]!="") {
-                        echo "<a href=\"browseforfolder.php?caller=".urlencode($caller)."&amp;file=".urlencode($val["put"])."\">".$val["dir"]."</a>";
-                } else {
-                        echo "<b>".$val["dir"]."</b>";
-                }
-                echo "</td>\n</tr>\n";
-        }
-} // OK ?
-?>
-</table>
-</body>
-</html>

bureau/admin/browseforfolder2.php

@@ -1,39 +1,31 @@
 <?php
 /*
-   Navigateur de dossiers en php. (BrowseForFolder in win32 api :)
-   Version 1.0
-   Notes :
-   Benjamin Sonntag 23/12/2001 Version initiale: n'utilise qu'un seul uid : 1...
-   Fichier :
-   browseforfolder.php3 : Dialogue de navigation BrowseForFolder
-   $caller = composant form appelant (de la forme forms['main'].component )
+ ----------------------------------------------------------------------
+ LICENSE
 
-   function browseforfolder(caller) {
-   eval("file=document."+caller+".value");
-   w=window.open("browseforfolder.php?caller="+caller+"&file="+file,"browseforfolder","width=300,height=400,scrollbars,left=100,top=100");
-   }
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
 
-   requires : ife($test,$iftrue,$iffalse) function : 
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
 
-   function ife($test,$true,$false="") {
-   if ($test)
-   return $true;
-   else
-   return $false;
-   }
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
 
-   BrowseForFolder($curdir); Retourne le tableau avec la liste des dossiers à afficher dans
-   la fonction browseforfolder sachant que le dossier actuel et curdir
-   retourne un tableau de tableau de la forme :
-   dir => "directory"      Nom du dossier
-   level => 0-n            Niveau du dossier (0=racine 1,2 ...)
-   put => "/sub/sub/directory" Contenu de la variable post à ajouter pour la balise A si ="" c'est le dossier courant.
-   Si probleme, positionne $errbrowsefold
-   Sinon, retourne le tableau et $maxlevel contient le nombre maximum de sous-dossiers.
+/**
+ * An HTML page to browse for a folder on a remote server and choose it using 
+ * Javascript. Chroot the user to its root, 
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
  */
+
 include("../class/config.php");
 
-// FIXME Refaire ce truc hein...
 $fields = array (
     "caller"               => array ("request", "string", ""),
     "select"               => array ("request", "string", ""),
@@ -44,6 +36,11 @@ $fields = array (
     );
 getFields($fields);
 
+/**
+ * @param integer $pos
+ * @param integer $level
+ * @param string $curdir
+ */
 function _subbrowse($curdir,$pos,$level) {
   global $maxlevel,$root,$brlist;
   if ($level>$maxlevel)
@@ -66,10 +63,12 @@ function _subbrowse($curdir,$pos,$level) {
   }
 }
 
+/**
+ * @param string $curdir
+ */
 function browseforfolder($curdir) {
   global $maxlevel,$root,$brlist;
   $maxlevel=0;
-  $pat=explode("/",$curdir);
   $brlist=array(array("dir"=>"/","level"=>0,"put"=> ife($curdir=="/","","/") ));
   _subbrowse($curdir,0,1);
   return $brlist;
@@ -92,7 +91,7 @@ $maxlevel=0;
 <title>Recherche d'un dossier</title>
 <link rel="stylesheet" href="styles/style.css" type="text/css" />
 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-<script src="js/jquery.min_embedded.js" type="text/javascript"></script>
+<script src="/javascript/jquery/jquery.min.js" type="text/javascript"></script>
 <script type="text/javascript">
 /* Fonction appellée lors du lancement d'un popup Fichier : */
 function popupfile() {
@@ -110,10 +109,11 @@ function addslashes(ch) {
 
 /* Fontion de retour de la valeur selectionnee */
 function retour() {
-  window.parent.document.<?php echo $caller; ?>.value = addslashes( $("#file").val() );
+  window.parent.jQuery('#<?php echo $caller; ?>').val( $("#file").val() );
   window.parent.jQuery('#<?php echo $bid; ?>').dialog('close');
   return false;
 }
+
 </script>
 </head>
 <body class="light" onload="popupfile();">
@@ -131,15 +131,16 @@ if ($errbrowsefold) {
   reset($ar);
   ?>
     <form method="post" id="main" name="main" action="browseforfolder2.php">
+       <?php csrf_get(); ?>
     <p>
-    <input type="hidden" name="caller" value="<?php echo $caller; ?>" />
-    <input type="hidden" name="lastcurdir" value="<?php echo $curdir; ?>" />
-    <input type="hidden" name="bid" value="<?php echo $bid; ?>" />
+    <input type="hidden" name="caller" value="<?php ehe($caller); ?>" />
+    <input type="hidden" name="lastcurdir" value="<?php ehe($curdir); ?>" />
+    <input type="hidden" name="bid" value="<?php ehe($bid); ?>" />
 
     <input type="text" class="int" id="file" name="file" size="20" value="<?php ehe($file); ?>" /><br />
 
     <input type="button" name="select" value="<?php __("Select"); ?>" class="inb" onclick="retour();" />&nbsp;
-  <input type="button" name="cancel" value="<?php __("Cancel"); ?>" class="inb" onclick="window.parent.jQuery('#<?php echo $bid; ?>').dialog('close');" />&nbsp;
+  <input type="button" name="cancel" value="<?php __("Cancel"); ?>" class="inb" onclick="window.parent.jQuery('#<?php ehe($bid); ?>').dialog('close');" />&nbsp;
   </p>
     </form>
 
@@ -161,9 +162,9 @@ if ($errbrowsefold) {
       }
       echo "<td colspan=\"".($maxlevel-$val["level"]+1)."\">";
       if ($val["put"]!="") {
-        echo "<a href=\"browseforfolder2.php?caller=".urlencode($caller)."&amp;bid=".$bid."&amp;file=".urlencode($val["put"])."\">".$val["dir"]."</a>";
+          echo "<a href=\"browseforfolder2.php?caller=".eue($caller,false)."&amp;bid=".eue($bid,false)."&amp;file=".eue($val["put"],false)."\">".ehe($val["dir"],false)."</a>";
       } else {
-        echo "<b>".$val["dir"]."</b>";
+          echo "<b>".ehe($val["dir"],false)."</b>";
       }
       echo "</td>\n</tr>\n";
     }

bureau/admin/cron.php

@@ -1,4 +1,28 @@
 <?php 
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * Launch the AlternC's panel crontab for users. 
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
@@ -8,10 +32,8 @@ $fields = array (
 getFields($fields);
 
 if (!empty($cronupdate)) {
-  if (! $cron->update($cronupdate)) {
-    $error=$err->errstr();
-  } else {
-    $error=_("Save done.");
+  if ($cron->update($cronupdate)) {
+    $msg->raise("INFO", "mysql", _("Save done."));
   }
 }
 
@@ -22,12 +44,12 @@ $lst_cron = $cron->lst_cron();
 <hr id="topbar"/>
 <br />
 
-<?php if (isset($error) && $error) { ?>
-  <p class="alert alert-danger"><?php echo $error ?></p>
-<?php } ?>
+<?php
+echo $msg->msg_html_all()
+?>
 
 <form method="post" action="cron.php" id="main" name="cron" >
-
+  <?php csrf_get(); ?>
 
 <table class="tlist">
 <!--
@@ -54,7 +76,7 @@ for ($i=0; $i < $max_cron ; $i++) {
       <a href="javascript:cleancron('<?php echo $i ?>');"><img src="images/delete.png" alt="<?php __("Delete");?>" title="<?php __("Delete");?>"/></a>
     </td>
     <td colspan='2'>
-      <label for="crup_url_<?php echo $i?>"><?php __("Called URL"); ?> :</label><br/><input type="text" id="crup_url_<?php echo $i?>" name="<?php echo "cronupdate[$i][url]";?>" size="40" maxlength="255" value="<?php if (isset($lst_cron[$i]['url'])) { echo htmlentities($lst_cron[$i]['url']);} ?>"/>
+      <label for="crup_url_<?php echo $i?>"><?php __("Called URL"); ?> :</label><br/><input type="text" id="crup_url_<?php echo $i; ?>" name="<?php echo "cronupdate[$i][url]";?>" size="40" maxlength="255" value="<?php if (isset($lst_cron[$i]['url'])) { ehe($lst_cron[$i]['url']); } ?>"/>
     </td>
     <td>
       <?php __("Period:");?> <select name='cronupdate[<?php echo $i; ?>][schedule]'>
@@ -72,9 +94,9 @@ foreach ($cron->schedule() as $cs) {
       <br/><?php if (isset($lst_cron[$i])) {__("Next execution: "); echo $lst_cron[$i]['next_execution'];}?>
     </td>
   </tr><tr class="<?php echo ($i%2)?"lst1":"lst2"; ?>">
-    <td><label for="crup_user_<?php echo $i?>"><?php __("HTTP user (optional)"); ?> :</label><br/><input type="text" id="crup_user_<?php echo $i?>" name="<?php echo "cronupdate[$i][user]";?>" size="20" maxlength="64" value="<?php if (isset($lst_cron[$i]['user'])) { echo htmlentities($lst_cron[$i]['user']);} ?>"/></td>
-    <td><label for="crup_pass_<?php echo $i?>"><?php __("HTTP password (optional)"); ?> :</label><br/><input type="text" id="crup_pass_<?php echo $i?>" name="<?php echo "cronupdate[$i][password]";?>" size="20" maxlength="64" value="<?php if (isset($lst_cron[$i]['password'])) { echo htmlentities($lst_cron[$i]['password']);} ?>"/></td>
-    <td><label for="crup_mail_<?php echo $i?>"><?php __("Mail address (optional)"); ?> :</label><br/><input type="text" id="crup_mail_<?php echo $i?>" name="<?php echo "cronupdate[$i][email]";?>" size="25" maxlength="64" value="<?php if (isset($lst_cron[$i]['email'])) { echo htmlentities($lst_cron[$i]['email']);} ?>"/></td>
+    <td><label for="crup_user_<?php echo $i?>"><?php __("HTTP user (optional)"); ?> :</label><br/><input type="text" id="crup_user_<?php echo $i?>" name="<?php echo "cronupdate[$i][user]";?>" size="20" maxlength="64" value="<?php if (isset($lst_cron[$i]['user'])) { ehe($lst_cron[$i]['user']);} ?>"/></td>
+    <td><label for="crup_pass_<?php echo $i?>"><?php __("HTTP password (optional)"); ?> :</label><br/><input type="text" id="crup_pass_<?php echo $i?>" name="<?php echo "cronupdate[$i][password]";?>" size="20" maxlength="64" value="<?php if (isset($lst_cron[$i]['password'])) { ehe($lst_cron[$i]['password']);} ?>"/></td>
+    <td><label for="crup_mail_<?php echo $i?>"><?php __("Mail address (optional)"); ?> :</label><br/><input type="text" id="crup_mail_<?php echo $i?>" name="<?php echo "cronupdate[$i][email]";?>" size="25" maxlength="64" value="<?php if (isset($lst_cron[$i]['email'])) { ehe($lst_cron[$i]['email']);} ?>"/></td>
   </tr>
 <?php } //foreach ?>
 </table>

bureau/admin/dom_add.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: dom_add.php,v 1.5 2003/06/10 13:16:11 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,19 +15,23 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Add a new domain
- ----------------------------------------------------------------------
 */
+
+/**
+ * Form to add a new domain to an AlternC's account
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 include_once("head.php");
 
 $fields = array (
-	"newdomain"   => array ("request", "string", ""),
-	"yndns"   => array ("request", "integer", 0),
-	"newisslave"   => array ("request", "integer", 0),
-	"slavedom"   => array ("request", "string", ""),
+	"newdomain"   => array ("post", "string", ""),
+	"yndns"   => array ("post", "integer", 0),
+	"newisslave"   => array ("post", "integer", 0),
+	"slavedom"   => array ("post", "string", ""),
 );
 getFields($fields);
 
@@ -45,23 +41,25 @@ if (!isset($dns)) $dns="1";
 <h3><?php __("Domain hosting"); ?></h3>
 <hr />
 <?php
-if (!$quota->cancreate("dom")) { ?>
-<p class="alert alert-danger"><?php echo _("You cannot add any new domain, your quota is over.")." "._("Contact your administrator for more information."); ?></p>
-<?php
-exit();
+if (!$quota->cancreate("dom")) {
+  $msg->raise("ALERT", "dom", _("You cannot add any new domain, your quota is over.")." "._("Contact your administrator for more information."));
+  echo $msg->msg_html_all();
+  exit();
 }
-if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>";
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="dom_doadd.php" id="main">
+  <?php csrf_get(); ?>
 <p>
-<label for="newdomain"><b><?php __("Domain name"); ?> :</b></label> <span class="int" id="newdomwww">www.</span><input type="text" class="int" id="newdomain" name="newdomain" value="<?php ehe($newdomain); ?>" size="32" maxlength="255" /> <a class="inb configure" href="dom_import.php"><?php __("Advanced import"); ?></a>
+<label for="newdomain"><b><?php __("Domain name"); ?> :</b></label> <span class="int" id="newdomwww">www.</span><input type="text" class="int" id="newdomain" name="newdomain" value="<?php ehe($newdomain); ?>" size="32" maxlength="255" /> <a class="inb settings" href="dom_import.php"><?php __("Advanced import"); ?></a>
 </p>
 <p>
   <input type="checkbox" name="dns" class="inc" value="1" id="yndns"<?php cbox($dns=="1"); ?>/>&nbsp;<label for="yndns"><?php __("host my dns here"); ?></label>
 </p>
 <?php
   $q = $quota->getquota("dom");
-if ($q["u"]>0) {
+$dl=$dom->get_domain_list($cuid);
+if ($q["u"]>0 && count($dl)) {
 ?> 
 <fieldset>
 	<legend>
@@ -71,9 +69,7 @@ if ($q["u"]>0) {
    <input type="radio" id="newisslave0" name="newisslave" value="0"<?php cbox($newisslave==0); ?>/><label for="newisslave0"><?php __("No: This domain will have its own folder."); ?></label>
 <br />
    <input type="radio" id="newisslave1" name="newisslave" value="1"<?php cbox($newisslave==1); ?>/><label for="newisslave1"><?php __("Yes, redirect this new domain to this one:"); ?> </label> <select name="slavedom" id="slavedom" class="inl">
- <option value=""><?php __("-- Choose a domain --"); ?></option>
 <?php
-$dl=$dom->get_domain_list($cuid);
   $ddl=array();
   foreach($dl as $d) {
     $ddl[$d]=$d;

bureau/admin/dom_defdel.php

@@ -1,13 +1,42 @@
 <?php 
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * Del a default domain types for all future installed domains
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
 $fields = array (
-        "id"     => array ("request", "integer", ""),
+        "id"     => array ("post", "integer", ""),
         );
 getFields($fields);
 
-//checker admin rights
+
+if (!$admin->enabled) {
+	$msg->raise("ERROR", "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
+	exit();
+}
 
 $dom->del_default_type($id);
 include_once("adm_doms_def_type.php");

bureau/admin/dom_dnsdump.php

@@ -1,4 +1,28 @@
 <?php
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * DUMP AXFR information of a zone to the user
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 
 $fields = array (

bureau/admin/dom_doadd.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: dom_doadd.php,v 1.3 2003/06/10 11:18:27 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,10 +15,14 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Add a new domain to a member's account
- ----------------------------------------------------------------------
 */
+
+/**
+ * Add a new domain name to an AlternC's account
+ *
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
@@ -41,17 +37,19 @@ getFields($fields);
 $dom->lock();
 
 if (!$dom->add_domain($newdomain,$dns,0,0,$newisslave,$slavedom)) {
-	$error=$err->errstr();
 	include("dom_add.php");
 	exit();
-}
+} else
+	$msg->raise("INFO", "dom", _("Your new domain %s has been successfully installed"),$newdomain);
 
 $dom->unlock();
 
 ?>
 <h3><?php __("Add a domain"); ?></h3>
 <p>
-<?php printf(_("Your new domain %s has been successfully installed"),$newdomain); ?><br /><br />
+<?php
+echo $msg->msg_html_all();
+?>
 <span class="inb"><a href="dom_edit.php?domain=<?php echo urlencode($newdomain);?>" ><?php __("Click here to continue"); ?></a></span><br />
 <?php $mem->show_help("add_domain"); ?>
 <br />

bureau/admin/dom_dodel.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: dom_dodel.php,v 1.3 2003/06/10 11:18:27 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,35 +15,40 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Delete a domain, confirm the deletion
- ----------------------------------------------------------------------
 */
+
+/** 
+ * Delete a domain, confirm the deletion
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
 $fields = array (
 	"domain"      => array ("request", "string", ""),
 	"del_confirm" => array ("post",    "string", ""),
-	"del_cancel"  => array ("request", "string", ""),
+	"del_cancel"  => array ("post", "string", ""),
 );
 getFields($fields);
 
-$dom->lock();
-if ($del_confirm=="y")
+if ($del_confirm=="y") {
 	if (!$dom->del_domain($domain)) {
-		$error=$err->errstr();
 		include("dom_edit.php");
-		$dom->unlock();
 		exit();
 	}
-
-$dom->unlock();
+}
 
 if (! empty($del_cancel)) {
+  $dom->lock();
   $dom->del_domain_cancel($domain);
+  $dom->unlock();
+
   // The link to this function is disable : the del_domain_cancel function need some modification
-  __("Deletion have been successfully cancelled");?><br/>
+  $msg->raise("INFO", "dom", _("Deletion have been successfully cancelled"));
+  echo $msg->msg_html_all();
+?>
   <p>
   <span class="ina"><a href="main.php" target="_parent"><?php __("Click here to continue"); ?></a></span>
   </p>
@@ -68,21 +65,25 @@ if ($del_confirm!="y") {
 
 <?php __("This will delete the related sub-domains too."); ?></p>
 <form method="post" action="dom_dodel.php" id="main">
+ <?php csrf_get(); ?>
 <p>
 <input type="hidden" name="del_confirm" value="y" />
-<input type="hidden" name="domain" value="<?php echo $domain ?>" />
+<input type="hidden" name="domain" value="<?php ehe($domain); ?>" />
  <input type="submit" class="inb ok" name="submit" value="<?php __("Yes, delete this domain name"); ?>" />
  <input type="button" class="inb cancel" name="non" value="<?php __("No, don't delete this domain name"); ?>" onclick="history.back()" />
 </form>
 <?php include_once("foot.php");
 	exit();
-	}
+}
 ?>
 <h3><?php printf(_("Domain %s deleted"),$domain); ?></h3>
 <hr id="topbar"/>
 <br />
-<p>
-<?php printf(_("The domain %s has been successfully deleted."),$domain); ?><br /><br />
+<?php 
+$msg->raise("INFO", "dom", _("The domain %s has been successfully deleted."),$domain);
+echo $msg->msg_html_all();
+?>
+</p>
 <span class="ina"><a href="main.php" target="_parent"><?php __("Click here to continue"); ?></a></span>
 <?php $mem->show_help("del_domain"); ?>
 </p>

bureau/admin/dom_edit.inc.php

@@ -1,23 +1,42 @@
 <?php
+/*
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+*/
+
+/**
+ * Form to edit / add subdomains, 
+ * using domaine_type table to show a synamic form.
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
-# Function to create/edit subdomain
-# Take the values of the subdomain in arguments
-
 function sub_domains_edit($domain, $sub_domain_id=false) {
-  global $admin, $err, $oldid, $isedit;
+  global $admin, $msg, $oldid, $isedit;
 
 $dom=new m_dom();
 $dom->lock();
-if (!$r=$dom->get_domain_all($domain)) {
-  $error=$err->errstr();
-}
+
+$r=$dom->get_domain_all($domain);
 /*
 if (! empty($sub)) {
-   if (!$sd=$dom->get_sub_domain_all($domain,$sub,$type,$value)) {
-     $error=$err->errstr();
-   }
+   $sd=$dom->get_sub_domain_all($domain,$sub,$type,$value);
 }
 */
 $sd=$dom->get_sub_domain_all($sub_domain_id);
@@ -26,15 +45,17 @@ $type=$sd['type'];
 $sub=$sd['name'];
 
 $dom->unlock();
+
 ?>
 
 <form action="dom_subdoedit.php" method="post" name="main" id="main">
-	<table border="0">
-		<tr>
-			<td>
-			<input type="hidden" name="domain" value="<?php ehe($domain) ?>" />
-			<input type="hidden" name="sub_domain_id" value="<?php echo $sub_domain_id ?>" />
-			<input type="hidden" name="action" value="add" />
+   <?php csrf_get(); ?>
+    <table class="dom-edit-table">
+        <tr>
+            <td>
+            <input type="hidden" name="domain" value="<?php ehe($domain) ?>" />
+            <input type="hidden" name="sub_domain_id" value="<?php echo intval($sub_domain_id); ?>" />
+            <input type="hidden" name="action" value="add" />
   <?php
    if ($isedit) {
      __("Edit a subdomain:"); 
@@ -42,10 +63,12 @@ $dom->unlock();
      __("Create a subdomain:"); 
    }
 ?></td><td>
-<input type="text" class="int" name="sub" style="text-align:right" value="<?php ehe($sub); ?>" size="22" id="sub" /><span class="int" id="newsubname">.<?php echo $domain; ?></span></td>
-		</tr>
+   <input type="text" class="int" name="sub" style="text-align:right" value="<?php ehe($sub); ?>" size="22" id="sub" /><span class="int" id="newsubname">.<?php ehe($domain); ?></span></td>
+   <td></td>
+        </tr>
     <?php 
       $first_advanced=true;
+      $lst_advanced=array();
       foreach($dom->domains_type_lst() as $dt) { 
         // If this type is disabled AND it's not the type in use here, continue
         if ( $dt['enable'] == 'NONE' && strtoupper($type)!=strtoupper($dt['name'])) continue ;
@@ -59,65 +82,76 @@ $dom->unlock();
           $lst_advanced[]=$dt['name'];
           if ($first_advanced) {
             $first_advanced=false;
-	    echo "<tr><td colspan=\"2\" class=\"advdom\"></td></tr>";
             echo "<tr id='domtype_show' onClick=\"domtype_advanced_show();\"><td colspan='2'><a href=\"javascript:domtype_advanced_show();\"><b>+ "; __("Show advanced options"); echo "</b></a></td></tr>";
             echo "<tr id='domtype_hide' onClick=\"domtype_advanced_hide();\" style='display:none'><td colspan='2'><a href=\"javascript:domtype_advanced_hide();\"><b>- "; __("Hide advanced options"); echo "</b></a></td></tr>";
-	    echo "<tr><td colspan=\"2\" class=\"advdom\"></td></tr>";
           }
         }
     ?>
     <tr id="tr_<?php echo $dt['name']; ?>">
       <td>
-        <input type="radio" id="r_<?php echo $dt['name']?>" class="inc" name="type" value="<?php echo $dt['name']; ?>" <?php cbox(strtoupper($type)==strtoupper($dt['name'])); ?> OnClick="getElementById('t_<?php echo $dt['name']?>').focus();"/>
-        <label for="r_<?php echo $dt['name']?>"><?php __($dt['description']); ?></label>
+        <input type="radio" id="r_<?php ehe($dt['name']); ?>" class="inc" name="type" value="<?php ehe($dt['name']); ?>" <?php cbox(strtoupper($type)==strtoupper($dt['name'])); ?> OnClick="getElementById('t_<?php ehe($dt['name']); ?>').focus();"/>
+        <label for="r_<?php ehe($dt['name']); ?>"><?php __($dt['description']); ?></label>
       </td>
       <td>
         <?php 
 
         switch ($dt['target']) {
-          case "NONE":
-          default:
-            break;
           case "DIRECTORY": ?>
-            <input type="text" class="int" name="t_<?php echo $dt['name']?>" id="t_<?php echo $dt['name']?>" value="<?php ehe($targval); ?>" size="28" onKeyPress="getElementById('r_<?php echo $dt['name']?>').checked=true;" />
-						<?php display_browser( $targval , "main.t_".$dt['name'] ); ?>
-						<?php
+            <input type="text" class="int" name="t_<?php ehe($dt['name']); ?>" id="t_<?php ehe($dt['name']); ?>" value="<?php ehe($targval); ?>" size="28" onKeyPress="getElementById('r_<?php ehe($dt['name']); ?>').checked=true;" />
+            <?php display_browser( $targval , "t_".$dt['name'] ); 
             break;
           case "URL": ?>
-			        <input type="text" class="int" name="t_<?php echo $dt['name']?>" id="t_<?php echo $dt['name']?>" value="<?php ehe( (empty($targval)?'http://':$targval) ); ?>" size="50" onKeyPress="getElementById('r_<?php echo $dt['name']?>').checked=true;" />
+              <input type="text" class="int" name="t_<?php ehe($dt['name']); ?>" id="t_<?php ehe($dt['name']); ?>" value="<?php ehe( (empty($targval)?'http://':$targval) ); ?>" size="50" onKeyPress="getElementById('r_<?php ehe($dt['name']); ?>').checked=true;" />
               <small><?php __("(enter an URL here)"); ?></small><?php
               break;;
           case 'IP':?>
-		        <input type="text" class="int" name="t_<?php echo $dt['name']?>" id="t_<?php echo $dt['name']?>"  value="<?php ehe($targval); ?>" size="16" onKeyPress="getElementById('r_<?php echo $dt['name']?>').checked=true;" />
+              <input type="text" class="int" name="t_<?php ehe($dt['name']); ?>" id="t_<?php ehe($dt['name']); ?>"  value="<?php ehe($targval); ?>" size="16" onKeyPress="getElementById('r_<?php ehe($dt['name']); ?>').checked=true;" />
             <small><?php __("(enter an IPv4 address, for example 192.168.1.2)"); ?></small><?php
               break;
           case 'IPV6':?>
-            <input type="text" class="int" name="t_<?php echo $dt['name']?>" id="t_<?php echo $dt['name']?>" value="<?php ehe($targval); ?>" size="32" onKeyPress="getElementById('r_<?php echo $dt['name']?>').checked=true;" /> 
+            <input type="text" class="int" name="t_<?php ehe($dt['name']); ?>" id="t_<?php ehe($dt['name']); ?>" value="<?php ehe($targval); ?>" size="32" onKeyPress="getElementById('r_<?php ehe($dt['name']); ?>').checked=true;" /> 
             <small><?php __("(enter an IPv6 address, for example 2001:0910::0)"); ?></small><?php
               break;
           case 'TXT':?>
-		        <input type="text" class="int" name="t_<?php echo $dt['name']?>" id="t_<?php echo $dt['name']?>" value="<?php ehe($targval);?>" size="32" onKeyPress="getElementById('r_<?php echo $dt['name']?>').checked=true;" />
+              <input type="text" class="int" name="t_<?php ehe($dt['name']); ?>" id="t_<?php ehe($dt['name']); ?>" value="<?php ehe($targval);?>" size="32" onKeyPress="getElementById('r_<?php ehe($dt['name']); ?>').checked=true;" />
             <small><?php __("(enter a TXT content for this domain)"); ?></small><?php
               break;
           case 'DOMAIN':?>
-		        <input type="text" class="int" name="t_<?php echo $dt['name']?>" id="t_<?php echo $dt['name']?>" value="<?php ehe($targval);?>" size="32" onKeyPress="getElementById('r_<?php echo $dt['name']?>').checked=true;" /> 
+              <input type="text" class="int" name="t_<?php ehe($dt['name']); ?>" id="t_<?php ehe($dt['name']); ?>" value="<?php ehe($targval);?>" size="32" onKeyPress="getElementById('r_<?php ehe($dt['name']); ?>').checked=true;" /> 
             <small><?php __("(enter a domain name or subdomain)"); ?></small><?php
               break;
+          case "NONE":
+          default:
+            break;
         } // switch ?>
       </td>
+        <td>
+<?php if ($dt['has_https_option']) { ?>
+
+     <select class="inl" name="https_<?php ehe($dt['name']); ?>" id="https_<?php ehe($dt['name']); ?>">
+            <option value="http"<?php selected((strtoupper($type)==strtoupper($dt['name']) && $sd["https"]=="http") || false); ?>><?php __("HTTP Only (redirect HTTPS to HTTP)"); ?></option>
+            <option value="https"<?php selected((strtoupper($type)==strtoupper($dt['name']) && $sd["https"]=="https") || true); ?>><?php __("HTTPS Only (redirect HTTP to HTTPS)"); ?></option>
+            <option value="both"<?php selected((strtoupper($type)==strtoupper($dt['name']) && $sd["https"]=="both") || false); ?>><?php __("Both HTTP and HTTPS hosted at the same place"); ?></option>
+            </select>
+<?php  } ?>
+        </td>
     </tr>
     <?php } // foreach ?>
 
-		<tr class="trbtn">
-			<td colspan="2"><input type="submit" class="inb ok" name="add" onclick='return check_type_selected();' value="<?php
+        <tr class="trbtn">
+            <td colspan="2"><button type="submit" class="inb ok" name="add" onclick='return check_type_selected();'><?php
    if ($isedit) {
  __("Edit this subdomain");
 } else {
  __("Add this subdomain");
 } 
-?>" /></td>
-		</tr>
-	</table>
+?></button>
+<?php if ($isedit) { ?>
+              <button class="inb cancel" type="button" name="cancel" onclick="document.location = 'dom_edit.php?domain=<?php echo $domain; ?>'"><?php __("Cancel"); ?></button>
+<?php } ?>
+</td>
+        </tr>
+    </table>
 </form>
 
 <script type="text/javascript">

bureau/admin/dom_edit.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: dom_edit.php,v 1.8 2006/02/17 18:20:08 olivier Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,10 +15,14 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Edit a domain parameters
- ----------------------------------------------------------------------
 */
+
+/**
+ * Change a DOMAIN settings
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
@@ -38,21 +34,25 @@ getFields($fields);
 
 $dom->lock();
 if (!$r=$dom->get_domain_all($domain)) {
-	$error=$err->errstr();
-	echo "<p class=\"alert alert-danger\">$error</p>";
+	$dom->unlock();
+	echo $msg->msg_html_all();
 	include('foot.php');
 	die();
 }
-if (isset($error) && $error ) {
-	echo "<p class=\"alert alert-danger\">$error</p>";
-}
 $dom->unlock();
 
+if (isset($_GET["msg"])) {
+    $msg->raise("INFO","dom",$_GET["msg"]);
+}
+?>
+<h3><i class="fas fa-globe-africa"></i> <?php printf(_("Manage %s"),$domain); ?></h3>
+<?php
+echo $msg->msg_html_all();
 ?>
 <script type="text/javascript">
 function dnson() {
   alert('This function seems unused. If you see this message, please let us know.');
-	// Active les composants DNS :
+	// enable / disable html components:
 	if (document.forms["fdns"].mx.disabled!=null)
 		document.forms["fdns"].mx.disabled=false;
 	if (document.forms["fdns"].emailon.disabled!=null)
@@ -62,7 +62,7 @@ function dnson() {
 }
 function dnsoff() {
   alert('This function seems unused. If you see this message, please let us know.');
-	// Active les composants DNS :
+	// enable / disable html components:
 	if (document.forms["fdns"].mx.disabled!=null)
 		document.forms["fdns"].mx.disabled=true;
 	if (document.forms["fdns"].emailon.disabled!=null)
@@ -72,7 +72,7 @@ function dnsoff() {
 }
 
 function destruction_alert() {
-  // On ne se pose pas de question si le DNS est deja sur NON
+  // We don't ask question if DNS is already NO
   if (<?php echo (int)$r["dns"]; ?>!=1) {
     return true;
   }
@@ -88,8 +88,6 @@ function destruction_alert() {
 }
 </script>
 
-<h3><img src="images/dom.png" alt="" />&nbsp;<?php printf(_("Manage %s"),$domain); ?></h3>
-
 <?php
 
 if ($r['dns_action']=='UPDATE') {?>
@@ -108,6 +106,11 @@ if ($r['dns_action']=='UPDATE') {?>
   die();
 }
 
+if (! empty($r['dns_result']) && $r['dns_result'] != '0') {
+  if ($r['dns_result'] == 1) $r['dns_result'] =_("DNS zone is locked, changes will be ignored");
+  echo '<p class="alert alert-warning">'; __($r['dns_result']); echo '</p>';
+}
+
 ?>
 
 
@@ -125,20 +128,52 @@ if ($r['dns_action']=='UPDATE') {?>
 
 
 <div id="tabsdom-editsub">
-<h3><?php printf(_("Editing subdomains of %s"),$domain); ?></h3>
-<table class="tlist">
-<tr><th colspan="2"> </th><th><?php __("Subdomain"); ?></th><th><?php __("Type");?></th><th><?php __("Status")?></th><th></th></tr>
+<h3><?php __("Main subdomains"); ?></h3>
 <?php
 $dt=$dom->domains_type_lst();
-for($i=0;$i<$r["nsub"];$i++) {
+
+$problems = $dom->get_problems($domain);
+if ( ! empty($problems) ) {
+  echo '<p class="alert alert-danger">';
+  foreach ($problems as $p) echo $p."</br>";
+  echo "</p>";
+}
 
 ?>
-	<tr class="lst">
+<table class="tlist" id="dom_edit_table">
+<thead>
+    <tr><th colspan="2"> </th><th><?php __("Subdomain"); ?></th><th><?php __("HTTPS"); ?></th><th><?php __("Type");?></th><th><?php __("Status")?></th><th></th></tr>
+</thead>
+<?php
+$hasadvanced=false;
+// this loop expect the table to be sorted with advanced entries AFTER normal ones :
+for($i=0;$i<$r["nsub"];$i++) {
+if ($r["sub"][$i]["advanced"] && !$hasadvanced) {
+ $hasadvanced=true;
+?>
+</table>
+<h3 style="padding: 40px 0 0 0"><?php __("Advanced subdomains"); ?></h3>
+<p class="alert alert-warning"><?php __("The following entries are advanced ones, edit them at your own risks."); ?></p>
+<table class="tlist" id="dom_edit_table">
+<thead>
+ <tr><th colspan="2"> </th><th><?php __("Subdomain"); ?></th><th><?php __("HTTPS"); ?></th><th><?php __("Type");?></th><th><?php __("Status")?></th><th></th></tr>
+</thead>
+<?php
+
+}
+
+$disabled_class=in_array(strtoupper($r['sub'][$i]['enable']),array('DISABLED','DISABLE') )?'sub-disabled':'';
+?>
+	<tr class="lst" data-fqdn="<?php echo $r["sub"][$i]["fqdn"]; ?>">
     <?php if ( $r['sub'][$i]['web_action'] =='DELETE') { echo "<td colspan='2' />"; } else { ?>
 		<td class="center">
     <?php  if (!(!$isinvited && $dt[strtolower($r["sub"][$i]["type"])]["enable"] != "ALL" )) { ?>
-			<div class="ina edit"><a href="dom_subedit.php?sub_domain_id=<?php echo urlencode($r["sub"][$i]["id"]) ?>"><?php __("Edit"); ?></a></div>
-  <?php } ?>
+      <?php if ( isset($problems[$r["sub"][$i]["fqdn"]])) {  // if this subdomain have problem, can't modify it, only delete it
+              __("Forbidden");
+            } else { ?>
+			<div class="ina edit"><a href="dom_subedit.php?sub_domain_id=<?php echo urlencode($r["sub"][$i]["id"]) ?>"><?php __("Edit"); ?></a></div><?php
+            } // isset problems
+        } ?>
 
 
 			</td><td class="center">
@@ -147,10 +182,27 @@ for($i=0;$i<$r["nsub"];$i++) {
 <?php } ?>
 		</td>
     <?php } // end IF ==DELETE ?>
-		<td><div class="retour-auto"><a href="http://<?php ecif($r["sub"][$i]["name"],$r["sub"][$i]["name"]."."); echo $r["name"] ?>" target="_blank"><?php 
-				echo ecif($r["sub"][$i]["name"] , $r["sub"][$i]["name"]."." , "" , 0) . $r["name"];
-			?></a></div></td>
-  <td><div class="retour-auto"><?php if ($r['sub'][$i]['type_desc']) { __($r['sub'][$i]['type_desc']); } else { echo __("ERROR, please check your server setup"); } ?>
+		<td><div class="retour-auto <?php echo $disabled_class; ?>"><a href="http://<?php echo $r["sub"][$i]["fqdn"] ?>" target="_blank"><?php echo $r["sub"][$i]["fqdn"]; ?></a></div></td>
+<td>
+<?php
+if (!$r["sub"][$i]["only_dns"]) {
+    switch ($r["sub"][$i]["https"]) {
+    case "http":
+        __("HTTP only");
+        break;
+    case "https":
+        __("HTTPS only");
+        break;
+    case "both":
+        __("HTTP and HTTPS");
+        break;
+    default:
+        break;
+    }
+}
+?>
+</td>
+<td><div class="retour-auto <?php echo $disabled_class; ?>"><?php if ($r['sub'][$i]['type_desc']) { __($r['sub'][$i]['type_desc']); } else { echo __("ERROR, please check your server setup"); } ?>
  <?php 
  //if ($r["sub"][$i]['type'] === 'VHOST') {
  if ( @$dt[$r["sub"][$i]['type']]['target'] === 'DIRECTORY') {
@@ -199,11 +251,25 @@ for($i=0;$i<$r["nsub"];$i++) {
 	</tr>
 <?php } ?>
 </table>
-</div>
+<?php
+// Add a class on the sub_domains who have a problem
+foreach ($problems as $pr => $lm) { // $problems can be empty but can't be null/false
+  echo "<script type='text/javascript'>$(\"tr[data-fqdn='".$pr."']\").addClass('alert-danger-tr');</script>\n";
+}
+?>
+
+<p>&nbsp;</p>
+<hr />
+<p>
+   <a class="inb ssl" href="dom_sslpref.php?domain=<?php ehe($domain); ?>"><?php __("HTTPS Preferences for this domain");?></a>
+</p>
+
+
+</div> <!-- tabsdom-editsub -->
 
 
 <div id="tabsdom-addsub">
-<h3><?php printf(_("Add a subdomains to %s"),$domain); ?></h3>
+<h3><?php printf(_("Add a subdomain to %s"),$domain); ?></h3>
 <?php
 $isedit=false;
 require_once('dom_edit.inc.php');
@@ -211,18 +277,17 @@ sub_domains_edit($domain);
 ?>
 <br />
 <?php $mem->show_help("edit_domain"); ?>
-<!-- *****************************************
-		 modification des parametres dns
- -->
-<?php
+<!-- DNS SETTINGS  -->
+
+</div>
+    <?php
 if (!$r['noerase']) {
 ?>
 
-</div>
 <div id="tabsdom-params">
 <h3><?php __("DNS &amp; Email parameters"); ?></h3>
 <form action="dom_editdns.php?domain=<?php echo urlencode($r["name"]) ?>" method="post" id="fdns" name="fdns" onSubmit="return destruction_alert();">
-
+ <?php csrf_get(); ?>
 <table class="tlist2">
 <tr>
   <td><?php __("Manage the DNS on the server ?"); ?></td>
@@ -238,7 +303,7 @@ if (!$r['noerase']) {
 <tr>
   <td><?php __("Define TTL for the zone records"); ?>&nbsp;: </td>
   <td> 
-     <input type="text" id="ttldns" class="inc" name="ttl" size="6" value="<?php echo ($r["zonettl"]); ?>" /> <?php __("seconds"); ?> <small><i><?php __("Warning: a low TTL can be problematic. It is recommended not to use a lower TTL than 3600 seconds."); ?></i></small>
+     <input type="text" id="ttldns" class="inc" name="ttl" size="6" value="<?php ehe($r["zonettl"]); ?>" /> <?php __("seconds"); ?> <small><i><?php __("Warning: a low TTL can be problematic. It is recommended not to use a lower TTL than 3600 seconds."); ?></i></small>
   </td>
 </tr>
 </table>
@@ -260,6 +325,11 @@ if (!$r['noerase']) {
 	</form>
 
 </div>
+																					<?php } else { ?>
+<div id="tabsdom-params">  
+   <p class="alert alert-info"><?php __("This domain is locked, only a server administrator can unlock it."); ?></p>
+</div>
+ <?php } ?>
 
 <?php if ( $r["dns"] ) { ?>
 <div id="tabsdom-view">
@@ -267,27 +337,47 @@ if (!$r['noerase']) {
 <?php __("Here is the actual DNS zone running on the AlternC server. If you just made some changes, you have to wait for it."); ?>
 </p>
 
+<div>
 <pre><span class="petit" id="divdumpdns">
 <a target="_blank" href="dom_dnsdump.php?domain=<?php echo urlencode($domain) ?>"><?php __("Click here to view the dump");?></a>
 </span>
 </pre>
+</div>
+
+<p>&nbsp;</p>
+<p><a class="inb" href="javascript:force_update_dns_content();"><?php __("Refresh");?></a></p>
 
 </div>
 <?php } // if dns ?>
+    <?php
+if (!$r['noerase']) {
+?>
 
 <div id="tabsdom-delete">
   <h3><?php __("Domain removal"); ?></h3>
   <?php printf(_("If you want to destroy the domain %s, click on the button below. Warning: this also deletes all FTP accounts, email, mailing lists associated with the domain and subdomains."),$domain); ?><br />
   <form action="dom_dodel.php?domain=<?php echo urlencode($domain) ?>" method="post">
+ <?php csrf_get(); ?>
     <p>
       <input type="submit" class="inb delete" name="detruire" value="<?php printf(_("Delete %s from this server"),$domain); ?>" />
     </p>
   </form>
 </div> <!-- tabsdom-delete -->
+<?php } else { // noerase 
+  ?>
+<div id="tabsdom-delete">  
+   <p class="alert alert-info"><?php __("This domain is locked, only a server administrator can unlock it."); ?></p>
+</div>
+    <?php
+} ?>
+
+<div id="tabsdom-ssl">  
+<div id="sslpref">
+     </div>
+</div> <!-- tabsdom-ssl -->
+
 </div> <!-- tabsdom -->
-<?php } // noerase ?>
 <script type="text/javascript">
-document.forms['main'].sub.focus();
 
 $(function() {
   $("#tabsdom").tabs();
@@ -306,6 +396,25 @@ function update_dns_content(){
   }
 }
 
+function update_ssl_content(){
+    $.ajax({
+      url: "dom_ssl.inc.php?domain=<?php echo urlencode($domain)?>",
+      }).done(function( html ) {
+      $("#sslpref").html(html);
+    });
+}
+
+function force_update_dns_content(){
+  get_dns_content = 1;
+  $("#divdumpdns").html('In progress...');
+  update_dns_content();
+}
+
+$(document).ready(function() 
+    { 
+        $("#dom_edit_table").tablesorter(); 
+    } 
+); 
 
 </script>
 <?php include_once("foot.php"); ?>

bureau/admin/dom_editdns.php

@@ -1,13 +1,5 @@
 <?php
 /*
- $Id: dom_editdns.php,v 1.3 2003/06/10 11:18:27 root Exp $
- ----------------------------------------------------------------------
- AlternC - Web Hosting System
- Copyright (C) 2002 by the AlternC Development Team.
- http://alternc.org/
- ----------------------------------------------------------------------
- Based on:
- Valentin Lacambre's web hosting softwares: http://altern.org/
  ----------------------------------------------------------------------
  LICENSE
 
@@ -23,42 +15,38 @@
 
  To read the license please visit http://www.gnu.org/copyleft/gpl.html
  ----------------------------------------------------------------------
- Original Author of file: Benjamin Sonntag
- Purpose of file: Edit the dns parameters of a domain
- ----------------------------------------------------------------------
 */
+
+/**
+ * Edit the DNS parameters of a domain
+ * 
+ * @copyright AlternC-Team 2000-2017 https://alternc.com/ 
+ */
+
 require_once("../class/config.php");
 include_once("head.php");
 
 $fields = array (
 	"domain"    => array ("request", "string", ""),
-	"dns"       => array ("request", "integer", 1),
-	"email"     => array ("request", "integer", 1),
-	"ttl"       => array ("request", "integer", 86400),
+	"dns"       => array ("post", "integer", 1),
+	"email"     => array ("post", "integer", 1),
+	"ttl"       => array ("post", "integer", 86400),
 );
 getFields($fields);
 
 $dom->lock();
 
-if (!$dom->edit_domain($domain,$dns,$email,0,$ttl)) {
-  $error=$err->errstr();
-  include("dom_edit.php");
-  $dom->unlock();
-  exit();
- }
+$r = $dom->get_domain_all($domain);
+if ($r["dns"] == $dns && $r["mail"] == $email && $r["zonettl"] == $ttl) {
+  $msg->raise("INFO", "dom", _("No change has been requested..."));
+} else if ($dom->edit_domain($domain,$dns,$email,0,$ttl)) {
+  $msg->raise("INFO", "dom", _("The domain %s has been changed."),$domain);
+  $t = time();
+// TODO: we assume the cron job is at every 5 minutes
+  $msg->raise("INFO", "dom", _("The modifications will take effect at %s.  Server time is %s."), array(date('H:i:s', ($t-($t%300)+300)), date('H:i:s', $t)));
+}
 $dom->unlock();
 
+include("dom_edit.php");
+exit();
 ?>
-<h3><?php printf(_("Editing domain %s"),$domain); ?></h3>
-<hr id="topbar"/>
-<br />
-<p>
-<?php
-  printf(_("The domain %s has been changed."),$domain);
-  $t = time();
-// XXX: we assume the cron job is at every 5 minutes
-  print strtr(_("The modifications will take effect at %time.  Server time is %now."), array('%now' => date('H:i:s', $t), '%time' => date('H:i:s', ($t-($t%300)+300)))); 
-?><br /><br />
-<span class="ina"><a href="dom_edit.php?domain=<?php echo urlencode($domain) ?>" ><?php __("Click here to continue"); ?></a></span>
-</p>
-<?php include_once("foot.php"); ?>