Merged revisions 2886-2909 from stable branch.

Author: tbrehm

install/update.php

@@ -96,7 +96,7 @@
 $conf["mysql"]["ispconfig_password"] = $conf_old["db_password"];
 $conf['language'] = $conf_old['language'];
 if($conf['language'] == '{language}') $conf['language'] = 'en';
-$conf['timezone'] = $conf_old['timezone'];
+$conf['timezone'] = (isset($conf_old['timezone']))?$conf_old['timezone']:'UTC';
 if($conf['timezone'] == '{timezone}' or trim($conf['timezone']) == '') $conf['timezone'] = 'UTC';
 
 if(isset($conf_old["dbmaster_host"])) $conf["mysql"]["master_host"] = $conf_old["dbmaster_host"];

interface/lib/classes/functions.inc.php

@@ -45,6 +45,7 @@ public function mail($to, $subject, $text, $from, $filepath = '', $filetype = 'a
 			$content = file_get_contents($filepath);
 			$content = chunk_split(base64_encode($content));
 			$uid = strtoupper(md5(uniqid(time())));
+			$subject      = "=?utf-8?B?".base64_encode($subject)."?=";
 
 			if($filename == '') {
 				$path_parts = pathinfo($filepath);
@@ -75,6 +76,7 @@ public function mail($to, $subject, $text, $from, $filepath = '', $filetype = 'a
 			$header = "From: $from\nReply-To: $from\n";
 			$header .= "Content-Type: text/plain;\n\tcharset=\"UTF-8\"\n";
 			$header .= "Content-Transfer-Encoding: 8bit\n\n";
+			$subject      = "=?utf-8?B?".base64_encode($subject)."?=";
 			mail($to, $subject, $text, $header);
 		}
 

interface/lib/classes/remoting.inc.php

@@ -348,8 +348,8 @@ public function mail_user_filter_delete($session_id, $primary_id)
 			$this->server->fault('permission_denied','You do not have the permissions to access this function.');
 			return false;
 		}
-		$affected_rows = $this->deleteQuery('../mail/form/mail_user_filter.tform.php', $primary_id);
-		$app->plugin->raiseEvent('mail:mail_user_filter:on_after_delete',$this);
+		$affected_rows = $this->deleteQuery('../mail/form/mail_user_filter.tform.php', $primary_id,'mail:mail_user_filter:on_after_delete');
+		// $app->plugin->raiseEvent('mail:mail_user_filter:on_after_delete',$this);
 		return $affected_rows;
 	}
 
@@ -2180,20 +2180,29 @@ protected function klientadd($formdef_file, $reseller_id, $params)
 
 		//* Get the SQL query
 		$sql = $app->remoting_lib->getSQL($params,'INSERT',0);
-		$app->db->query($sql);
 
 		//* Check if no system user with that username exists
 		$username = $app->db->quote($params["username"]);
-		$tmp = $app->db->queryOneRecord("SELECT count(userid) as number FROm sys_user WHERE username = '$username'");
+		$tmp = $app->db->queryOneRecord("SELECT count(userid) as number FROM sys_user WHERE username = '$username'");
 		if($tmp['number'] > 0) $app->remoting_lib->errorMessage .= "Duplicate username<br />";
 
+		//* Stop on error while preparing the sql query
 		if($app->remoting_lib->errorMessage != '') {
 			$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
 			return false;
 		}
 
+		//* Execute the SQL query
+		$app->db->query($sql);
 		$insert_id = $app->db->insertID();
 
+		
+		//* Stop on error while executing the sql query
+		if($app->remoting_lib->errorMessage != '') {
+			$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
+			return false;
+		}
+		
 		$this->id = $insert_id;
 		$this->dataRecord = $params;
 
@@ -2332,22 +2341,23 @@ protected function deleteQuery($formdef_file, $primary_id, $event_identifier = '
 		// set a few values for compatibility with tform actions, mostly used by plugins
 		$this->oldDataRecord = $old_rec;
 		$this->id = $primary_id;
-		$this->dataRecord = $params;
+		$this->dataRecord = $old_rec;
+		//$this->dataRecord = $params;
 
 		//* Get the SQL query
 		$sql = $app->remoting_lib->getDeleteSQL($primary_id);
-		
+		$app->db->errorMessage = '';
 		$app->db->query($sql);
+		$affected_rows = $app->db->affectedRows();
 
 		if($app->db->errorMessage != '') {
-			
-			if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
-			
 			$this->server->fault('database_error', $app->db->errorMessage . ' '.$sql);
 			return false;
 		}
 
-		$affected_rows = $app->db->affectedRows();
+		if($event_identifier != '') {
+			$app->plugin->raiseEvent($event_identifier,$this);
+		}
 
 		//* Save changes to Datalog
 		if($app->remoting_lib->formDef["db_history"] == 'yes') {

interface/lib/classes/remoting_lib.inc.php

@@ -536,11 +536,16 @@ function getSQL($record, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '
                                                 if($field['formtype'] == 'PASSWORD') {
                                                         $sql_insert_key .= "`$key`, ";
                                                         if($field['encryption'] == 'CRYPT') {
-                                                                $record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
+																$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
+																$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
+														} elseif ($field['encryption'] == 'MYSQL') {
+																$sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), ";
+														} elseif ($field['encryption'] == 'CLEARTEXT') {
+																$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
                                                         } else {
-                                                                $record[$key] = md5($record[$key]);
+                                                                $record[$key] = md5(stripslashes($record[$key]));
+																$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
                                                         }
-														$sql_insert_val .= "'".$record[$key]."', ";
                                                 } elseif ($field['formtype'] == 'CHECKBOX') {
                                                         $sql_insert_key .= "`$key`, ";
 														if($record[$key] == '') {
@@ -645,7 +650,11 @@ function getDataRecord($primary_id) {
 				foreach($primary_id as $key => $val) {
 					$key = $app->db->quote($key);
 					$val = $app->db->quote($val);
-					$sql_where .= "$key = '$val' AND ";
+					if(stristr($val,'%')) {
+						$sql_where .= "$key like '$val' AND ";
+					} else {
+						$sql_where .= "$key = '$val' AND ";
+					}
 				}
 				$sql_where = substr($sql_where,0,-5);
 				$sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$sql_where;

interface/web/admin/software_update_list.php

@@ -161,7 +161,7 @@
 	foreach($installed_packages as $ip) {
 
 		// Get version number of the latest installed version
-		$sql = "SELECT v1, v2, v3, v4 FROM software_update, software_update_inst WHERE software_update.software_update_id = software_update_inst.software_update_id AND server_id = 1 ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC LIMIT 0,1";
+		$sql = "SELECT v1, v2, v3, v4 FROM software_update, software_update_inst WHERE software_update.software_update_id = software_update_inst.software_update_id AND server_id = ".$server_id." ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC LIMIT 0,1";
 		$lu = $app->db->queryOneRecord($sql);
 
 		// Get all installable updates

interface/web/dns/dns_slave_edit.php

@@ -106,6 +106,14 @@ function onShowEnd() {
 
 		}
 
+		if($this->id > 0) {
+			//* we are editing a existing record
+			$app->tpl->setVar("edit_disabled", 1);
+			$app->tpl->setVar("server_id_value", $this->dataRecord["server_id"]);
+		} else {
+			$app->tpl->setVar("edit_disabled", 0);
+		}
+		
 		parent::onShowEnd();
 	}
 

interface/web/dns/dns_soa_edit.php

@@ -116,6 +116,14 @@ function onShowEnd() {
 
 		}
 
+		if($this->id > 0) {
+			//* we are editing a existing record
+			$app->tpl->setVar("edit_disabled", 1);
+			$app->tpl->setVar("server_id_value", $this->dataRecord["server_id"]);
+		} else {
+			$app->tpl->setVar("edit_disabled", 0);
+		}
+		
 		parent::onShowEnd();
 	}
 
@@ -180,19 +188,36 @@ function onAfterInsert() {
 		// make sure that the record belongs to the client group and not the admin group when a dmin inserts it
 		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id WHERE id = ".$this->id);
+			$app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE id = ".$this->id);
 			// And we want to update all rr records too, that belong to this record
 			$app->db->query("UPDATE dns_rr SET sys_groupid = $client_group_id WHERE zone = ".$this->id);
 		}
 		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id WHERE id = ".$this->id);
+			$app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE id = ".$this->id);
 			// And we want to update all rr records too, that belong to this record
 			$app->db->query("UPDATE dns_rr SET sys_groupid = $client_group_id WHERE zone = ".$this->id);
 		}
 
 	}
 
+	function onBeforeUpdate () {
+		global $app, $conf;
+
+		//* Check if the server has been changed
+		// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+		if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+			//* We do not allow users to change a domain which has been created by the admin
+			$rec = $app->db->queryOneRecord("SELECT origin from dns_soa WHERE id = ".$this->id);
+			if(isset($this->dataRecord["origin"]) && $rec['origin'] != $this->dataRecord["origin"] && $app->tform->checkPerm($this->id,'u')) {
+				//* Add a error message and switch back to old server
+				$app->tform->errorMessage .= $app->lng('The Zone (soa) can not be changed. Please ask your Administrator if you want to change the Zone name.');
+				$this->dataRecord["origin"] = $rec['origin'];
+			}
+			unset($rec);
+		}
+	}
+	
 	function onAfterUpdate() {
 		global $app, $conf;
 
@@ -206,13 +231,13 @@ function onAfterUpdate() {
 		// make sure that the record belongs to the client group and not the admin group when a dmin inserts it
 		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id WHERE id = ".$this->id);
+			$app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE id = ".$this->id);
 			// And we want to update all rr records too, that belong to this record
 			$app->db->query("UPDATE dns_rr SET sys_groupid = $client_group_id WHERE zone = ".$this->id);
 		}
 		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id WHERE id = ".$this->id);
+			$app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE id = ".$this->id);
 			// And we want to update all rr records too, that belong to this record
 			$app->db->query("UPDATE dns_rr SET sys_groupid = $client_group_id WHERE zone = ".$this->id);
 		}

interface/web/dns/form/dns_alias.tform.php

@@ -80,7 +80,7 @@
 			'validators'	=> array ( 	0 => array (	'type'	=> 'NOTEMPTY',
 														'errmsg'=> 'name_error_empty'),
 										1 => array (	'type'	=> 'REGEX',
-														'regex' => '/^[\w\.\-]{1,64}$/',
+														'regex' => '/^[\w\.\-]{1,255}$/',
 														'errmsg'=> 'name_error_regex'),
 									),
 			'default'	=> '',

interface/web/dns/form/dns_cname.tform.php

@@ -78,7 +78,7 @@
 			'datatype'	=> 'VARCHAR',
 			'formtype'	=> 'TEXT',
 			'validators'	=> array ( 	0 => array (	'type'	=> 'REGEX',
-														'regex' => '/^[\w\.\-\*]{0,64}$/',
+														'regex' => '/^[\w\.\-\*]{0,255}$/',
 														'errmsg'=> 'name_error_regex'),
 									),
 			'default'	=> '',

interface/web/dns/form/dns_ns.tform.php

@@ -78,7 +78,7 @@
 			'datatype'	=> 'VARCHAR',
 			'formtype'	=> 'TEXT',
 			'validators'	=> array ( 	0 => array (	'type'	=> 'REGEX',
-														'regex' => '/^[\w\.\-]{0,64}$/',
+														'regex' => '/^[\w\.\-]{0,255}$/',
 														'errmsg'=> 'name_error_regex'),
 									),
 			'default'	=> '',