Cosmetic: Code format.

mladenb · mladenb · commit 2d273538c11c · 2021-12-07T01:34:30.000+01:00
diff --git a/interface/web/capp.php b/interface/web/capp.php
@@ -37,39 +37,39 @@
 $redirect = (isset($_REQUEST["redirect"]) ? $_REQUEST["redirect"] : '');
 
 //* Check if user is logged in
-if($_SESSION["s"]["user"]['active'] != 1) {
+if ($_SESSION["s"]["user"]['active'] != 1) {
 	die("URL_REDIRECT: /index.php");
 	//die();
 }
 
-if(!preg_match("/^[a-z]{2,20}$/i", $mod)) die('module name contains unallowed chars.');
-if($redirect != '' && !preg_match("/^[a-z0-9]+\/[a-z0-9_\.\-]+\?id=[0-9]{1,9}(\&type=[a-z0-9_\.\-]+)?$/i", $redirect)) die('redirect contains unallowed chars.');
+if (!preg_match("/^[a-z]{2,20}$/i", $mod)) die('module name contains unallowed chars.');
+if ($redirect != '' && !preg_match("/^[a-z0-9]+\/[a-z0-9_\.\-]+\?id=[0-9]{1,9}(\&type=[a-z0-9_\.\-]+)?$/i", $redirect)) die('redirect contains unallowed chars.');
 
 //* Check if user may use the module.
 $user_modules = explode(",", $_SESSION["s"]["user"]["modules"]);
 
-if(!in_array($mod, $user_modules)) $app->error($app->lng(301));
+if (!in_array($mod, $user_modules)) $app->error($app->lng(301));
 
 //* Load module configuration into the session.
-if(is_file($mod."/lib/module.conf.php")) {
+if (is_file($mod."/lib/module.conf.php")) {
 	include_once $mod."/lib/module.conf.php";
 
-	$menu_dir = ISPC_WEB_PATH.'/' . $mod . '/lib/menu.d';
+	$menu_dir = ISPC_WEB_PATH.'/'.$mod.'/lib/menu.d';
 
 	if (is_dir($menu_dir)) {
 		if ($dh = opendir($menu_dir)) {
 			//** Go through all files in the menu dir
 			while (($file = readdir($dh)) !== false) {
 				if ($file != '.' && $file != '..' && substr($file, -9, 9) == '.menu.php' && $file != 'dns_resync.menu.php') {
-					include_once $menu_dir . '/' . $file;
+					include_once $menu_dir.'/'.$file;
 				}
 			}
 		}
 	}
 
 	$_SESSION["s"]["module"] = $module;
 	session_write_close();
-	if($redirect == ''){
+	if ($redirect == '') {
 		echo "HEADER_REDIRECT:".$_SESSION["s"]["module"]["startpage"];
 	} else {
 		//* If we click on a search result, load that one instead of the module's start page
diff --git a/interface/web/login/index.php b/interface/web/login/index.php
@@ -32,7 +32,7 @@
 require_once '../../lib/app.inc.php';
 
 // Check if we have an active users session and no login_as.
-if($_SESSION['s']['user']['active'] == 1 && @$_POST['login_as'] != 1) {
+if ($_SESSION['s']['user']['active'] == 1 && @$_POST['login_as'] != 1) {
 	header('Location: /index.php');
 	die();
 }
@@ -49,30 +49,30 @@
 $maintenance_mode = false;
 $maintenance_mode_error = '';
 $server_config_array = $app->getconf->get_global_config('misc');
-if($app->is_under_maintenance()) {
+if ($app->is_under_maintenance()) {
 	$maintenance_mode = true;
 	$maintenance_mode_error = $app->lng('error_maintenance_mode');
 }
 
 //* Login Form was sent
-if(count($_POST) > 0) {
+if (count($_POST) > 0) {
 
 	//** Check variables
-	if(!preg_match("/^[\w\.\-\_\@]{1,128}$/", $app->functions->idn_encode($_POST['username']))) $error = $app->lng('user_regex_error');
-	if(!preg_match("/^.{1,256}$/i", $_POST['password'])) $error = $app->lng('pw_error_length');
+	if (!preg_match("/^[\w\.\-\_\@]{1,128}$/", $app->functions->idn_encode($_POST['username']))) $error = $app->lng('user_regex_error');
+	if (!preg_match("/^.{1,256}$/i", $_POST['password'])) $error = $app->lng('pw_error_length');
 
 	//** importing variables
 	$ip = md5($_SERVER['REMOTE_ADDR']);
 	$username = $_POST['username'];
 	$password = $_POST['password'];
-	$loginAs  = false;
+	$loginAs = false;
 	$time = time();
 
-	if($username != '' && $password != '' && $error == '') {
+	if ($username != '' && $password != '' && $error == '') {
 		/*
 		 *  Check, if there is a "login as" instead of a "normal" login
 		 */
-		if (isset($_SESSION['s']['user']) && $_SESSION['s']['user']['active'] == 1){
+		if (isset($_SESSION['s']['user']) && $_SESSION['s']['user']['active'] == 1) {
 			/*
 			 * only the admin or reseller can "login as" so if the user is NOT an admin or reseller, we
 			 * open the startpage (after killing the old session), so the user
@@ -84,11 +84,11 @@
 				 * has logged in as "normal" user before...
 				 */
 
-				if (isset($_SESSION['s_old'])&& ($_SESSION['s_old']['user']['typ'] == 'admin' || $app->auth->has_clients($_SESSION['s_old']['user']['userid']))){
+				if (isset($_SESSION['s_old']) && ($_SESSION['s_old']['user']['typ'] == 'admin' || $app->auth->has_clients($_SESSION['s_old']['user']['userid']))) {
 					/* The "old" user is admin or reseller, so everything is ok
 					 * if he is reseller, we need to check if he logs in to one of his clients
 					 */
-					if($_SESSION['s_old']['user']['typ'] != 'admin') {
+					if ($_SESSION['s_old']['user']['typ'] != 'admin') {
 
 						/* this is the one currently logged in (normal user) */
 						$old_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
@@ -100,18 +100,17 @@
 						$client_group_id = $app->functions->intval($tmp['default_group']);
 						$tmp_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
 
-						if(!$tmp_client || $old_client["parent_client_id"] != $tmp_client["client_id"] || $tmp["default_group"] != $_SESSION["s_old"]["user"]["default_group"] ) {
+						if (!$tmp_client || $old_client["parent_client_id"] != $tmp_client["client_id"] || $tmp["default_group"] != $_SESSION["s_old"]["user"]["default_group"]) {
 							die("You don't have the right to 'login as' this user!");
 						}
 						unset($old_client);
 						unset($tmp_client);
 						unset($tmp);
 					}
-				}
-				else {
+				} else {
 					die("You don't have the right to 'login as'!");
 				}
-			} elseif($_SESSION['s']['user']['typ'] != 'admin' && (!isset($_SESSION['s_old']['user']) || $_SESSION['s_old']['user']['typ'] != 'admin')) {
+			} elseif ($_SESSION['s']['user']['typ'] != 'admin' && (!isset($_SESSION['s_old']['user']) || $_SESSION['s_old']['user']['typ'] != 'admin')) {
 				/* a reseller wants to 'login as', we need to check if he is allowed to */
 				$res_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 				$res_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $res_client_group_id);
@@ -121,7 +120,7 @@
 				$tmp = $app->db->queryOneRecord($sql, (string)$username, (string)$password);
 				$tmp_client = $app->db->queryOneRecord("SELECT client.client_id, client.parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $tmp["default_group"]);
 
-				if(!$tmp || $tmp_client["parent_client_id"] != $res_client["client_id"]) {
+				if (!$tmp || $tmp_client["parent_client_id"] != $res_client["client_id"]) {
 					die("You don't have the right to login as this user!");
 				}
 				unset($res_client);
@@ -140,26 +139,26 @@
 		$alreadyfailed = $app->db->queryOneRecord($sql, $ip);
 
 		//* too many failed logins
-		if($alreadyfailed['times'] > 5) {
+		if ($alreadyfailed['times'] > 5) {
 			$error = $app->lng('error_user_too_many_logins');
 		} else {
 
-			if ($loginAs){
+			if ($loginAs) {
 				$sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?";
 				$user = $app->db->queryOneRecord($sql, (string)$username, (string)$password);
 			} else {
 
-				if(stristr($username, '@')) {
+				if (stristr($username, '@')) {
 					//* mailuser login
 					$sql = "SELECT * FROM mail_user WHERE login = ? or email = ?";
 					$mailuser = $app->db->queryOneRecord($sql, (string)$username, $app->functions->idn_encode($username));
 					$user = false;
-					if($mailuser) {
+					if ($mailuser) {
 						$saved_password = stripslashes($mailuser['password']);
 						//* Check if mailuser password is correct
-						if(crypt(stripslashes($password), $saved_password) == $saved_password) {
+						if (crypt(stripslashes($password), $saved_password) == $saved_password) {
 							//* Get the sys_user language of the client of the mailuser
-							$sys_user_lang = $app->db->queryOneRecord("SELECT language FROM sys_user WHERE default_group = ?", $mailuser['sys_groupid'] );
+							$sys_user_lang = $app->db->queryOneRecord("SELECT language FROM sys_user WHERE default_group = ?", $mailuser['sys_groupid']);
 
 							//* we build a fake user here which has access to the mailuser module only and userid 0
 							$user = array();
@@ -170,7 +169,7 @@
 							$user['typ'] = 'user';
 							$user['email'] = $mailuser['email'];
 							$user['username'] = $username;
-							if(is_array($sys_user_lang) && $sys_user_lang['language'] != '') {
+							if (is_array($sys_user_lang) && $sys_user_lang['language'] != '') {
 								$user['language'] = $sys_user_lang['language'];
 							} else {
 								$user['language'] = $conf['language'];
@@ -185,16 +184,16 @@
 					//* normal cp user login
 					$sql = "SELECT * FROM sys_user WHERE USERNAME = ?";
 					$user = $app->db->queryOneRecord($sql, (string)$username);
-					if($user) {
+					if ($user) {
 						$saved_password = stripslashes($user['passwort']);
-						if(substr($saved_password, 0, 1) == '$') {
+						if (substr($saved_password, 0, 1) == '$') {
 							//* The password is encrypted with crypt
-							if(crypt(stripslashes($password), $saved_password) != $saved_password) {
+							if (crypt(stripslashes($password), $saved_password) != $saved_password) {
 								$user = false;
 							}
 						} else {
 							//* The password is md5 encrypted
-							if(md5($password) != $saved_password) {
+							if (md5($password) != $saved_password) {
 								$user = false;
 							} else {
 								// update password with secure algo
@@ -208,10 +207,10 @@
 				}
 			}
 
-			if($user) {
-				if($user['active'] == 1) {
+			if ($user) {
+				if ($user['active'] == 1) {
 					// Maintenance mode - allow logins only when maintenance mode is off or if the user is admin
-					if(!$app->is_under_maintenance() || $user['typ'] == 'admin'){
+					if (!$app->is_under_maintenance() || $user['typ'] == 'admin') {
 
 						// User login right, so attempts can be deleted
 						$sql = "DELETE FROM `attempts_login` WHERE `ip`=?";
@@ -225,7 +224,7 @@
 						// this problem.
 						$app->uses('getconf');
 						$security_config = $app->getconf->get_security_config('permissions');
-						if(isset($security_config['session_regenerate_id']) && $security_config['session_regenerate_id'] == 'yes') {
+						if (isset($security_config['session_regenerate_id']) && $security_config['session_regenerate_id'] == 'yes') {
 							if (!$loginAs) session_regenerate_id(true);
 						}
 						$_SESSION = array();
@@ -236,25 +235,25 @@
 						$_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
 						if ($loginAs) $_SESSION['s']['plugin_cache'] = $_SESSION['s_old']['plugin_cache'];
 
-						if(is_file(ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
-							include_once $app->functions->check_include_path(ISPC_WEB_PATH . '/' . $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php');
-							$menu_dir = ISPC_WEB_PATH.'/' . $_SESSION['s']['user']['startmodule'] . '/lib/menu.d';
-								if (is_dir($menu_dir)) {
+						if (is_file(ISPC_WEB_PATH.'/'.$_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
+							include_once $app->functions->check_include_path(ISPC_WEB_PATH.'/'.$_SESSION['s']['user']['startmodule'].'/lib/module.conf.php');
+							$menu_dir = ISPC_WEB_PATH.'/'.$_SESSION['s']['user']['startmodule'].'/lib/menu.d';
+							if (is_dir($menu_dir)) {
 								if ($dh = opendir($menu_dir)) {
 									//** Go through all files in the menu dir
 									while (($file = readdir($dh)) !== false) {
 										if ($file != '.' && $file != '..' && substr($file, -9, 9) == '.menu.php' && $file != 'dns_resync.menu.php') {
-											include_once $menu_dir . '/' . $file;
+											include_once $menu_dir.'/'.$file;
 										}
 									}
 								}
 							}
 							$_SESSION['s']['module'] = $module;
 						}
-							// check if the user theme is valid
-						if($_SESSION['s']['user']['theme'] != 'default') {
+						// check if the user theme is valid
+						if ($_SESSION['s']['user']['theme'] != 'default') {
 							$tmp_path = ISPC_THEMES_PATH."/".$_SESSION['s']['user']['theme'];
-							if(!@is_dir($tmp_path) || !@file_exists($tmp_path."/ispconfig_version") || trim(file_get_contents($tmp_path."/ispconfig_version")) != ISPC_APP_VERSION) {
+							if (!@is_dir($tmp_path) || !@file_exists($tmp_path."/ispconfig_version") || trim(file_get_contents($tmp_path."/ispconfig_version")) != ISPC_APP_VERSION) {
 								// fall back to default theme if this one is not compatible with current ispc version
 								$_SESSION['s']['user']['theme'] = 'default';
 								$_SESSION['s']['theme'] = 'default';
@@ -265,17 +264,17 @@
 						$app->plugin->raiseEvent('login', $username);
 
 						//* Save successful login message to var
-						$authlog = 'Successful login for user \''. $username .'\' from '. $_SERVER['REMOTE_ADDR'] .' at '. date('Y-m-d H:i:s') . ' with session ID ' .session_id();
+						$authlog = 'Successful login for user \''.$username.'\' from '.$_SERVER['REMOTE_ADDR'].' at '.date('Y-m-d H:i:s').' with session ID '.session_id();
 						$authlog_handle = fopen($conf['ispconfig_log_dir'].'/auth.log', 'a');
-						fwrite($authlog_handle, $authlog ."\n");
+						fwrite($authlog_handle, $authlog."\n");
 						fclose($authlog_handle);
 
 						/*
 						* We need LOGIN_REDIRECT instead of HEADER_REDIRECT to load the
 						* new theme, if the logged-in user has another
 						*/
 
-						if ($loginAs){
+						if ($loginAs) {
 							echo 'LOGIN_REDIRECT:'.$_SESSION['s']['module']['startpage'];
 							exit;
 						} else {
@@ -287,46 +286,45 @@
 					$error = $app->lng('error_user_blocked');
 				}
 			} else {
-				if(!$alreadyfailed['times'] )
-				{
+				if (!$alreadyfailed['times']) {
 					//* user login the first time wrong
 					$sql = "INSERT INTO `attempts_login` (`ip`, `times`, `login_time`) VALUES (?, 1, NOW())";
 					$app->db->query($sql, $ip);
-				} elseif($alreadyfailed['times'] >= 1) {
+				} elseif ($alreadyfailed['times'] >= 1) {
 					//* update times wrong
 					$sql = "UPDATE `attempts_login` SET `times`=`times`+1, `login_time`=NOW() WHERE `ip` = ? AND `login_time` < NOW() ORDER BY `login_time` DESC LIMIT 1";
 					$app->db->query($sql, $ip);
 				}
 				//* Incorrect login - Username and password incorrect
 				$error = $app->lng('error_user_password_incorrect');
-				if($app->db->errorMessage != '') $error .= '<br />'.$app->db->errorMessage != '';
+				if ($app->db->errorMessage != '') $error .= '<br />'.$app->db->errorMessage != '';
 
 				$app->plugin->raiseEvent('login_failed', $username);
 				//* Save failed login message to var
-				$authlog = 'Failed login for user \''. $username .'\' from '. $_SERVER['REMOTE_ADDR'] .' at '. date('Y-m-d H:i:s');
+				$authlog = 'Failed login for user \''.$username.'\' from '.$_SERVER['REMOTE_ADDR'].' at '.date('Y-m-d H:i:s');
 				$authlog_handle = fopen($conf['ispconfig_log_dir'].'/auth.log', 'a');
-				fwrite($authlog_handle, $authlog ."\n");
+				fwrite($authlog_handle, $authlog."\n");
 				fclose($authlog_handle);
 			}
 		}
-		} else {
+	} else {
 		//* Username or password empty
-		if($error == '') $error = $app->lng('error_user_password_empty');
-			$app->plugin->raiseEvent('login_empty', $username);
+		if ($error == '') $error = $app->lng('error_user_password_empty');
+		$app->plugin->raiseEvent('login_empty', $username);
 	}
 }
 
 // Maintenance mode - show message when people try to log in and also when people are forcibly logged off
-if($maintenance_mode_error != '') $error = '<strong>'.$maintenance_mode_error.'</strong><br><br>'.$error;
-if($error != ''){
+if ($maintenance_mode_error != '') $error = '<strong>'.$maintenance_mode_error.'</strong><br><br>'.$error;
+if ($error != '') {
 	$error = '<div class="box box_error">'.$error.'</div>';
 }
 
 $app->load('getconf');
 $sys_config = $app->getconf->get_global_config('misc');
 
 $security_config = $app->getconf->get_security_config('permissions');
-if($security_config['password_reset_allowed'] == 'yes') {
+if ($security_config['password_reset_allowed'] == 'yes') {
 	$app->tpl->setVar('pw_lost_show', 1);
 } else {
 	$app->tpl->setVar('pw_lost_show', 0);
@@ -348,7 +346,7 @@
 
 // Logo
 $logo = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = 1");
-if($logo['custom_logo'] != ''){
+if ($logo['custom_logo'] != '') {
 	$base64_logo_txt = $logo['custom_logo'];
 } else {
 	$base64_logo_txt = $logo['default_logo'];
@@ -361,12 +359,12 @@
 
 // Title
 if (!empty($sys_config['company_name'])) {
-	$app->tpl->setVar('company_name', $sys_config['company_name']. ' :: ');
+	$app->tpl->setVar('company_name', $sys_config['company_name'].' :: ');
 }
 
 // Custom Login
 if ($sys_config['custom_login_text'] != '') {
-	 $custom_login = @($sys_config['custom_login_link'] != '')?'<a href="'.$sys_config['custom_login_link'].'" target="_blank">'.$sys_config['custom_login_text'].'</a>':$sys_config['custom_login_text'];
+	$custom_login = @($sys_config['custom_login_link'] != '') ? '<a href="'.$sys_config['custom_login_link'].'" target="_blank">'.$sys_config['custom_login_text'].'</a>' : $sys_config['custom_login_text'];
 }
 $app->tpl->setVar('custom_login', $custom_login);
 
