Added a blacklist for not allowed shell user names.

Author: tbrehm

interface/lib/shelluser_blacklist

@@ -0,0 +1,34 @@
+root
+daemon
+bin
+sys
+sync
+games
+man
+lp
+mail
+news
+uucp
+proxy
+www-data
+wwwrun
+apache
+backup
+list
+irc
+gnats
+nobody
+Debian-exim
+statd
+identd
+sshd
+mysql
+postgres
+postfix
+clamav
+amavis
+vmail
+getmail
+ispconfig
+courier
+dovecot

interface/web/sites/shell_user_edit.php

@@ -72,6 +72,17 @@ function onShowNew() {
 		parent::onShowNew();
 	}
 
+	function onBeforeInsert() {
+		global $app, $conf;
+		
+		// check if the username is not blacklisted
+		$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
+		foreach($blacklist as $line) {
+			if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
+		}
+		unset($blacklist);
+	}
+	
 	function onAfterInsert() {
 		global $app, $conf;
 
@@ -86,6 +97,17 @@ function onAfterInsert() {
 
 	}
 
+	function onBeforeUpdate() {
+		global $app, $conf;
+		
+		// check if the username is not blacklisted
+		$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
+		foreach($blacklist as $line) {
+			if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
+		}
+		unset($blacklist);
+	}
+	
 	function onAfterUpdate() {
 		global $app, $conf;