486 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			PHP
		
	
	
	
			
		
		
	
	
			486 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			PHP
		
	
	
	
| <?php
 | |
| /*
 | |
|   ----------------------------------------------------------------------
 | |
|   AlternC - Web Hosting System
 | |
|   Copyright (C) 2000-2012 by the AlternC Development Team.
 | |
|   https://alternc.org/
 | |
|   ----------------------------------------------------------------------
 | |
|   LICENSE
 | |
|   
 | |
|   This program is free software; you can redistribute it and/or
 | |
|   modify it under the terms of the GNU General Public License (GPL)
 | |
|   as published by the Free Software Foundation; either version 2
 | |
|   of the License, or (at your option) any later version.
 | |
|   
 | |
|   This program is distributed in the hope that it will be useful,
 | |
|   but WITHOUT ANY WARRANTY; without even the implied warranty of
 | |
|   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 | |
|   GNU General Public License for more details.
 | |
|   
 | |
|   To read the license please visit http://www.gnu.org/copyleft/gpl.html
 | |
|   ----------------------------------------------------------------------
 | |
|   Purpose of file: Manage FTP accounts
 | |
|   ----------------------------------------------------------------------
 | |
| */
 | |
| 
 | |
| /**
 | |
| * Classe de gestion des comptes FTP de l'hébergé.
 | |
| */
 | |
| class m_ftp {
 | |
| 
 | |
| 
 | |
|   var $srv_name;
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /**
 | |
|    * Constructeur
 | |
|    */
 | |
|   function m_ftp() {
 | |
|     global $L_FQDN;
 | |
|     $this->srv_name = variable_get('ftp_human_name', '%%FQDN%%','Human name for FTP server', array('desc'=>'Name','type'=>'string'));
 | |
|   }
 | |
| 
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /**
 | |
|    * Password kind used in this class (hook for admin class)
 | |
|    */
 | |
|   function alternc_password_policy() {
 | |
|     return array("ftp"=>"FTP accounts");
 | |
|   }
 | |
| 
 | |
|   function hook_menu() {
 | |
|     global $quota;
 | |
|     $q = $quota->getquota("ftp");
 | |
| 
 | |
|     $obj = array( 
 | |
|       'title'       => _("FTP accounts"),
 | |
|       'ico'         => 'images/ftp.png',
 | |
|       'link'        => 'toggle',
 | |
|       'pos'         => 60,
 | |
|       'links'       => array(),
 | |
|      ) ;
 | |
| 
 | |
|      if ( $quota->cancreate("ftp") ) {
 | |
|        $obj['links'][] =
 | |
|          array (
 | |
|            'ico' => 'images/new.png',
 | |
|            'txt' => _("Create a new ftp account"),
 | |
|            'url' => "ftp_edit.php?create=1",
 | |
|            'class' => '',
 | |
|          );
 | |
|      }
 | |
| 
 | |
|      if ( $q['u'] > 0 ) { // if there are some FTP accounts
 | |
|        $obj['links'][] =
 | |
|          array (
 | |
|            'txt' => _("FTP accounts list"),
 | |
|            'url' => "ftp_list.php"
 | |
|          );
 | |
|      }
 | |
| 
 | |
|      return $obj;
 | |
|   }
 | |
| 
 | |
|   // Return the values needed to activate security access. See get_auth_class()
 | |
|   // in authip for more informations
 | |
|   function authip_class() {
 | |
|     $c = Array();
 | |
|     $c['name']="FTP";
 | |
|     $c['protocol']="ftp";
 | |
|     $c['values']=Array();
 | |
| 
 | |
|     $tt = $this->get_list();
 | |
|     if (empty($tt) || !is_array($tt)) return $c;
 | |
|     foreach ($this->get_list() as $v ) {
 | |
|       $c['values'][$v['id']]=$v['login'];
 | |
|     }
 | |
| 
 | |
|     return $c;
 | |
|   }
 | |
| 
 | |
|   // Switch enabled status of an account
 | |
|   function switch_enabled($id,$status=null) {
 | |
|     global $cuid, $db, $err;
 | |
|     if (! $jj = $this->get_ftp_details($id)) {
 | |
|       $err->raise('ftp', _("This account do not exist or is not of this account"));
 | |
|       return false;
 | |
|     } 
 | |
|     if ( $status == null ){
 | |
|       if ($jj[0]['enabled'] == true ) { $status=0;}
 | |
|       else { $status=1; }
 | |
|     } 
 | |
| 
 | |
|     // Be sure what is in $status, in case of it was a parameter
 | |
|     $status = ($status?'true':'false');
 | |
| 
 | |
|     if ( ! $db->query("UPDATE ftpusers SET enabled = $status WHERE uid = '$cuid' AND id = '$id' ;") ) {
 | |
|       $err->raise('ftp', _("Error during update"));
 | |
|       return false;
 | |
|     } else {
 | |
|       return true ;
 | |
|     }
 | |
|   }
 | |
| 
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Retourne la liste des comptes FTP du compte hébergé
 | |
|    * Retourne la liste des comptes FTP sous forme de tableau indexé de
 | |
|    * tableaus associatifs comme suit :
 | |
|    * $a["id"]= ID du compte ftp
 | |
|    * $a["login"]= Nom de login du compte
 | |
|    * $a["dir"]= Dossier relatif à la racine du compte de l'utilisateur
 | |
|    * @return array Retourne le tableau des comptes 
 | |
|    */
 | |
|   function get_list() {
 | |
|     global $db,$err,$cuid, $bro;
 | |
|     $err->log("ftp","get_list");
 | |
|     $r=array();
 | |
|     $db->query("SELECT id, name, homedir, enabled FROM ftpusers WHERE uid='$cuid' ORDER BY name;");
 | |
|     if ($db->num_rows()) {
 | |
|       while ($db->next_record()) {
 | |
| 	      $r[]=array(
 | |
| 		        "id"=>$db->f("id"),
 | |
| 		        "login"=>$db->f("name"),
 | |
| 		        "enabled"=>$db->f("enabled"),
 | |
| 		        //"dir"=>$match[1]
 | |
| 		        "dir"=>$db->f("homedir")
 | |
| 		   );
 | |
|       }
 | |
|       return $r;
 | |
|     } else {
 | |
|       $err->raise("ftp",_("No FTP account found"));
 | |
|       return array();
 | |
|     }
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Retourne les détails d'un compte FTP (voir get_list)
 | |
|    * Le tableau est celui du compte d'id spécifié
 | |
|    * @param integer $id Numéro du compte dont on souhaite obtenir les détails
 | |
|    * @return array Tableau associatif contenant les infos du comptes ftp
 | |
|    */
 | |
|   function get_ftp_details($id) {
 | |
|     global $db,$err,$cuid;
 | |
|     $err->log("ftp","get_ftp_details",$id);
 | |
|     $r=array();
 | |
|     $db->query("SELECT id, name, homedir, enabled FROM ftpusers WHERE uid='$cuid' AND id='$id';");
 | |
|     if ($db->num_rows()) {
 | |
|       $db->next_record();
 | |
| 
 | |
|       $regexp="/^".preg_quote(getuserpath(),"/")."\/(.*)$/";
 | |
|       preg_match($regexp, $db->f("homedir"),$match);
 | |
| 
 | |
|       $lg=explode("_",$db->f("name"));
 | |
|       if ((!is_array($lg)) || (count($lg)!=2)) {
 | |
| 	      $lg[0]=$db->f("name");
 | |
| 	      $lg[1]="";
 | |
|       }
 | |
|       $r[]=array(
 | |
| 		   "id"=>$db->f("id"),
 | |
| 		   "prefixe"=> $lg[0],
 | |
| 		   "login"=>$lg[1],
 | |
| 		   "dir"=>$match[1],
 | |
| 		   "enabled"=>$db->f("enabled")
 | |
| 		   );
 | |
| 	return $r;
 | |
|     } else {
 | |
|       $err->raise("ftp",_("This FTP account does not exist"));
 | |
|       return false;
 | |
|     }
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Retourne la liste des prefixes utilisables par le compte courant
 | |
|    * @return array tableau contenant la liste des prefixes (domaines + login)
 | |
|    *  du compte actuel.
 | |
|    */
 | |
|   function prefix_list() {
 | |
|     global $db,$mem,$cuid;
 | |
|     $r=array();
 | |
|     $r[]=$mem->user["login"];
 | |
|     $db->query("SELECT domaine FROM domaines WHERE compte='$cuid' ORDER BY domaine;");
 | |
|     while ($db->next_record()) {
 | |
|       $r[]=$db->f("domaine");
 | |
|     }
 | |
|     return $r;
 | |
|   }
 | |
| 
 | |
|   // Check if the login is fine (syntax)
 | |
|   function check_login($l) {
 | |
|     global $err;
 | |
| 
 | |
|     // special chars and the max numbers of them allowed
 | |
|     // to be able to give a specific error
 | |
|     $vv = array('_'=>'1', ' '=>0);
 | |
|     foreach ($vv as $k=>$n) {
 | |
|       if (substr_count($l, $k) > $n ) { // if there is more than $n $k
 | |
|         $err->raise('ftp', sprintf(_("FTP login is incorrect: too many '%s'"), $k));
 | |
|         return false;
 | |
|      }
 | |
|     }
 | |
| 
 | |
|     // Explicitly look for only allowed chars
 | |
|     if ( ! preg_match("/^[A-Za-z0-9_\.\-]+$/", $l) ) { 
 | |
|       $err->raise('ftp', _("FTP login is incorrect"));
 | |
|       return false;
 | |
|     }
 | |
|     return true;
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Affiche (ECHO) la liste des prefixes disponibles sous forme de champs d'option
 | |
|    * Les champs sont affichés sous la forme <option>prefixe</option>...
 | |
|    * La valeur $current se voit affublée de la balise SELECTED.
 | |
|    * @param string $current Prefixe sélectionné par défaut
 | |
|    * @return boolean TRUE.
 | |
|    */
 | |
|   function select_prefix_list($current) {
 | |
|     $r=$this->prefix_list();
 | |
|     reset($r);
 | |
|     while (list($key,$val)=each($r)) {
 | |
|       if ($current==$val) $c=" selected=\"selected\""; else $c="";
 | |
|       echo "<option$c>$val</option>";
 | |
|     }
 | |
|     return true;
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Modifie les paramètres du comptes FTP $id.
 | |
|    * @param integer $id Numéro du compte dont on veut modifier les paramètres
 | |
|    * @param string $prefixe Prefixe du compte FTP
 | |
|    * @param string $login login ajouté au préfixe ($prefixe_$login)
 | |
|    * @param string $pass mot de passe
 | |
|    * @param string $dir Répertoire racine du compte
 | |
|    * @return boolean TRUE si le compte a été modifié, FALSE si une erreur est survenue.
 | |
|    */
 | |
|   function put_ftp_details($id,$prefixe,$login,$pass,$dir) {
 | |
|     global $mem,$db,$err,$bro,$cuid,$admin;
 | |
|     $err->log("ftp","put_ftp_details",$id);
 | |
|     $db->query("SELECT count(*) AS cnt FROM ftpusers WHERE id='$id' and uid='$cuid';");
 | |
|     $db->next_record();
 | |
|     if (!$db->f("cnt")) {
 | |
|       $err->raise("ftp",_("This FTP account does not exist"));
 | |
|       return false;
 | |
|     }
 | |
|     $dir=$bro->convertabsolute($dir);
 | |
|     if (substr($dir,0,1)=="/") {
 | |
|       $dir=substr($dir,1);
 | |
|     }
 | |
|     $r=$this->prefix_list();
 | |
|     if (!in_array($prefixe,$r)) {
 | |
|       $err->raise("ftp",_("The chosen prefix is not allowed"));
 | |
|       return false;
 | |
|     }
 | |
| 
 | |
|     $full_login=$prefixe;
 | |
|     if ($login) $full_login.="_".$login;
 | |
|     if (! $this->check_login($full_login) ) return false;
 | |
|     $db->query("SELECT COUNT(*) AS cnt FROM ftpusers WHERE id!='$id' AND name='$full_login';");
 | |
|     $db->next_record();
 | |
|     if ($db->f("cnt")) {
 | |
|       $err->raise("ftp",_("This FTP account already exists"));
 | |
|       return false;
 | |
|     }
 | |
|     $absolute=getuserpath()."/$dir";
 | |
|     if (!file_exists($absolute)) {
 | |
|       system("/bin/mkdir -p $absolute");
 | |
|     }
 | |
|     if (!is_dir($absolute)) {
 | |
|       $err->raise("ftp",_("The directory cannot be created"));
 | |
|       return false;
 | |
|     }
 | |
|     if (trim($pass)) {
 | |
| 
 | |
|       // Check this password against the password policy using common API : 
 | |
|       if (is_callable(array($admin,"checkPolicy"))) {
 | |
|         if (!$admin->checkPolicy("ftp",$prefixe.$login,$pass)) {
 | |
|           return false; // The error has been raised by checkPolicy()
 | |
|         }
 | |
|       }
 | |
|       $encrypted_password = _md5cr($pass,strrev(microtime(true)));
 | |
|       $db->query("UPDATE ftpusers SET name='".$full_login."', password='', encrypted_password='$encrypted_password', homedir='$absolute', uid='$cuid' WHERE id='$id';");
 | |
|     } else {
 | |
|       $db->query("UPDATE ftpusers SET name='".$full_login."', homedir='$absolute', uid='$cuid' WHERE id='$id';");
 | |
|     }
 | |
|     return true;
 | |
|   }
 | |
| 
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Efface le compte ftp spécifié.
 | |
|    * @param integer $id Numéro du compte FTP à supprimer.
 | |
|    * @return boolean TRUE si le compte a été effacé, FALSE sinon.
 | |
|    */
 | |
|   function delete_ftp($id) {
 | |
|     global $db,$err,$cuid;
 | |
|     $err->log("ftp","delete_ftp",$id);
 | |
|     $db->query("SELECT name FROM ftpusers WHERE id='$id' and uid='$cuid';");
 | |
|     $db->next_record();
 | |
|     $name=$db->f("name");
 | |
|     if (!$name) {
 | |
|       $err->raise("ftp",_("This FTP account does not exist"));
 | |
|       return false;
 | |
|     }
 | |
|     $db->query("DELETE FROM ftpusers WHERE id='$id'");
 | |
|     return $name;
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Crée un nouveau compte FTP.
 | |
|    * @param string $prefixe Prefixe au login
 | |
|    * @param string $login Login ftp (login=prefixe_login)
 | |
|    * @param string $pass Mot de passe FTP
 | |
|    * @param string $dir Répertoire racine du compte relatif à la racine du membre
 | |
|    * @return boolean TRUE si le compte a été créé, FALSE sinon.
 | |
|    *
 | |
|    */
 | |
|   function add_ftp($prefixe,$login,$pass,$dir) {
 | |
|     global $mem,$db,$err,$quota,$bro,$cuid,$admin;
 | |
|     $err->log("ftp","add_ftp",$prefixe."_".$login);
 | |
|     $dir=$bro->convertabsolute($dir);
 | |
|     if (substr($dir,0,1)=="/") {
 | |
|       $dir=substr($dir,1);
 | |
|     }
 | |
|     $r=$this->prefix_list();
 | |
|     if (empty($pass)) {
 | |
|       $err->raise("ftp",_("Password can't be empty"));
 | |
|       return false;
 | |
|     }
 | |
|     if (!in_array($prefixe,$r) || $prefixe=="") {
 | |
|       $err->raise("ftp",_("The chosen prefix is not allowed"));
 | |
|       return false;
 | |
|     }
 | |
|     $full_login=$prefixe;
 | |
|     if ($login) $full_login.="_".$login;
 | |
|     if ( !$this->check_login($full_login) ) return false;
 | |
|     $db->query("SELECT count(*) AS cnt FROM ftpusers WHERE name='".$full_login."'");
 | |
|     $db->next_record();
 | |
|     if ($db->f("cnt")) {
 | |
|       $err->raise("ftp",_("This FTP account already exists"));
 | |
|       return false;
 | |
|     }
 | |
|     $db->query("SELECT login FROM membres WHERE uid='$cuid';");
 | |
|     $db->next_record();
 | |
|     $absolute=getuserpath()."/$dir";
 | |
|     if (!file_exists($absolute)) {
 | |
|       system("/bin/mkdir -p $absolute"); // FIXME replace with action
 | |
|     }
 | |
|     if (!is_dir($absolute)) {
 | |
|       $err->raise("ftp",_("The directory cannot be created"));
 | |
|       return false;
 | |
|     }
 | |
| 
 | |
|     // Check this password against the password policy using common API : 
 | |
|     if (is_callable(array($admin,"checkPolicy"))) {
 | |
|       if (!$admin->checkPolicy("ftp",$full_login,$pass)) {
 | |
| 	      return false; // The error has been raised by checkPolicy()
 | |
|       }
 | |
|     }
 | |
| 
 | |
|     if ($quota->cancreate("ftp")) {
 | |
|       $encrypted_password = _md5cr($pass,strrev(microtime(true)));
 | |
|       $db->query("INSERT INTO ftpusers (name,password, encrypted_password,homedir,uid) VALUES ('".$full_login."', '', '$encrypted_password', '$absolute', '$cuid')");
 | |
|       return true;
 | |
|     } else {
 | |
|       $err->raise("ftp",_("Your FTP account quota is over. You cannot create more ftp accounts"));
 | |
|       return false;
 | |
|     }
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Retourne TRUE si $dir possède un compte FTP
 | |
|    * @param string $dir Dossier à tester, relatif à la racine du compte courant
 | |
|    * @return boolean retourne TRUE si $dir à un compte FTP, FALSE sinon.
 | |
|    */
 | |
|   function is_ftp($dir) {
 | |
|     global $mem,$db,$err;
 | |
|     $err->log("ftp","is_ftp",$dir);
 | |
|     if (substr($dir,0,1)=="/") $dir=substr($dir,1);
 | |
|     $db->query("SELECT id FROM ftpusers WHERE homedir='".getuserpath()."/$dir';");
 | |
|     if ($db->num_rows()) {
 | |
|       $db->next_record();
 | |
|       return $db->f("id");
 | |
|     } else {
 | |
|       return false;
 | |
|     }
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Fonction appellée par domains quand un domaine est supprimé pour le membre
 | |
|    * @param string $dom Domaine à détruire.
 | |
|    * @access private
 | |
|    */
 | |
|   function alternc_del_domain($dom) {
 | |
|     global $db,$err,$cuid;
 | |
|     $err->log("ftp","alternc_del_domain",$dom);
 | |
|     $db->query("DELETE FROM ftpusers WHERE uid='$cuid' AND ( name LIKE '$dom\_%' OR name LIKE '$dom') ");
 | |
|     return true;
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** Fonction appellée par membres quand un membre est effacé.
 | |
|    * @param integer $uid Numéro de membre effacé.
 | |
|    * @access private
 | |
|    */
 | |
|   function alternc_del_member() {
 | |
|     global $db,$err,$cuid;
 | |
|     $err->log("ftp","alternc_del_member");
 | |
|     $db->query("DELETE FROM ftpusers WHERE uid='$cuid'");
 | |
|     return true;
 | |
|   }
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** 
 | |
|    * Returns the used quota for the $name service for the current user.
 | |
|    * @param $name string name of the quota 
 | |
|    * @return integer the number of service used or false if an error occured
 | |
|    * @access private
 | |
|    */
 | |
|   function hook_quota_get() {
 | |
|     global $db,$err,$cuid;
 | |
|     $err->log("ftp","getquota");
 | |
|     $q=Array("name"=>"ftp", "description"=>_("FTP accounts"), "used"=>0);
 | |
|     $db->query("SELECT COUNT(*) AS cnt FROM ftpusers WHERE uid='$cuid'");
 | |
|     if ($db->next_record()) {
 | |
|       $q['used']=$db->f("cnt");
 | |
|     }
 | |
|     return $q;
 | |
|   }
 | |
| 
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /**
 | |
|    * Exporte toutes les informations ftp du compte AlternC
 | |
|    * @access private
 | |
|    * EXPERIMENTAL 'sid' function ;) 
 | |
|    */
 | |
|   function alternc_export_conf() {
 | |
|     global $db,$err;
 | |
|     $err->log("ftp","export");
 | |
|     $f=$this->get_list();
 | |
|     $str="  <ftp>";
 | |
|     foreach ($f as $d=>$v) {
 | |
|       $str.="   <login>".($v["login"])."</login>\n";
 | |
|       $str.="   <password>".($v["encrypted_password"])."</password>\n";
 | |
|       $str.="   <directory>".($v["dir"])."<directory>\n";
 | |
|     }
 | |
|     $str.=" </ftp>\n";
 | |
|     return $str;
 | |
|   }
 | |
| 
 | |
| 
 | |
|   /* ----------------------------------------------------------------- */
 | |
|   /** hook function called by AlternC-upnp to know which open 
 | |
|    * tcp or udp ports this class requires or suggests
 | |
|    * @return array a key => value list of port protocol name mandatory values
 | |
|    * @access private
 | |
|    */
 | |
|   function hook_upnp_list() {
 | |
|     return array(
 | |
| 		 "ftp" => array("port" => 21, "protocol" => "tcp", "mandatory" => 1),
 | |
| 		 );
 | |
|   }  
 | |
|   
 | |
| } /* Class m_ftp */
 | |
| 
 |