Fixed: FS#776 - Client's limits do not apply for it's own client

tbrehm · tbrehm · commit 3cebc3a5fc5a · 2009-07-10T11:33:29.000Z
Improved client and reseller limit checks
diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php
@@ -186,7 +186,11 @@ public function load_language_file($filename) {
     public function tpl_defaults()
     {	
 		$this->tpl->setVar('app_title', $this->_conf['app_title']);
-		$this->tpl->setVar('app_version', $this->_conf['app_version']);
+		if(isset($_SESSION['s']['user'])) {
+			$this->tpl->setVar('app_version', $this->_conf['app_version']);
+		} else {
+			$this->tpl->setVar('app_version', '');
+		}
 		$this->tpl->setVar('app_link', $this->_conf['app_link']);
 		if(isset($this->_conf['app_logo']) && $this->_conf['app_logo'] != '' && @is_file($this->_conf['app_logo'])){
 			$this->tpl->setVar('app_logo', '<img src="'.$this->_conf['app_logo'].'">');
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
@@ -1148,6 +1148,63 @@ function lng($msg) {
 			}
 			
 		}
+		
+		function checkClientLimit($limit_name,$sql_where = '') {
+			global $app;
+			
+			$check_passed = true;
+			$limit_name = $app->db->quote($limit_name);
+			if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
+			
+			// Get the limits of the client that is currently logged in
+			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client = $app->db->queryOneRecord("SELECT $limit_name as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			
+			// Check if the user may add another item
+			if($client["number"] >= 0) {
+				$sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE ".$this->getAuthSQL('u');
+				if($sql_where != '') $sql .= ' and '.$sql_where;
+				$tmp = $app->db->queryOneRecord($sql);
+				if($tmp["number"] >= $client["number"]) $check_passed = false;
+			}
+			
+			return $check_passed;
+		}
+		
+		function checkResellerLimit($limit_name,$sql_where = '') {
+			global $app;
+			
+			$check_passed = true;
+			$limit_name = $app->db->quote($limit_name);
+			if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
+			
+			// Get the limits of the client that is currently logged in
+			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			
+			//* If the client belongs to a reseller, we will check against the reseller Limit too
+			if($client['parent_client_id'] != 0) {
+				
+				//* first we need to know the groups of this reseller
+				$tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
+				$reseller_groups = $tmp["groups"];
+				$reseller_userid = $tmp["userid"];
+				
+				// Get the limits of the reseller of the logged in client
+				$client_group_id = $_SESSION["s"]["user"]["default_group"];
+				$reseller = $app->db->queryOneRecord("SELECT $limit_name as number FROM client WHERE client_id = ".$client['parent_client_id']);
+			
+				// Check if the user may add another item
+				if($reseller["number"] >= 0) {
+					$sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE (sys_groupid IN (".$reseller_groups.") or sys_userid = ".$reseller_userid.")";
+					if($sql_where != '') $sql .= ' and '.$sql_where;
+					$tmp = $app->db->queryOneRecord($sql);
+					if($tmp["number"] >= $reseller["number"]) $check_passed = false;
+				}
+			}
+			
+			return $check_passed;
+		}
 
 }
 
diff --git a/interface/web/dns/dns_soa_edit.php b/interface/web/dns/dns_soa_edit.php
@@ -55,17 +55,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_dns_zone FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another maildomain.
-			if($client["limit_dns_zone"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_soa WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_dns_zone"]) {
-					$app->error($app->tform->wordbook["limit_dns_zone_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_dns_zone')) {
+				$app->error($app->tform->wordbook["limit_dns_zone_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_dns_zone')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_dns_zone_txt"]);
 			}
 		}
 		
diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
@@ -137,6 +137,13 @@
 	if(isset($_POST['ns2']) && $_POST['ns2'] == '') $error .= $app->lng('error_ns2_empty').'<br />';
 	if(isset($_POST['email']) && $_POST['email'] == '') $error .= $app->lng('error_email_empty').'<br />';
 	
+	if(!$app->tform->checkClientLimit('limit_dns_zone')) {
+		$error .= $app->tform->wordbook["limit_dns_zone_txt"];
+	}
+	if(!$app->tform->checkResellerLimit('limit_dns_zone')) {
+		$error .= $app->tform->wordbook["limit_dns_zone_txt"];
+	}
+	
 	
 	// replace template placeholders
 	$tpl_content = $template_record['template'];
diff --git a/interface/web/mail/mail_alias_edit.php b/interface/web/mail/mail_alias_edit.php
@@ -55,17 +55,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_mailalias FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_mailalias"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE sys_groupid = $client_group_id and type = 'alias'");
-				if($tmp["number"] >= $client["limit_mailalias"]) {
-					$app->error($app->tform->wordbook["limit_mailalias_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_mailalias',"type = 'alias'")) {
+				$app->error($app->tform->wordbook["limit_mailalias_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_mailalias',"type = 'alias'")) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_mailalias_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/mail_blacklist_edit.php b/interface/web/mail/mail_blacklist_edit.php
@@ -55,17 +55,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_mailfilter FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_mailfilter"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(access_id) as number FROM mail_access WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_mailfilter"]) {
-					$app->error($app->tform->wordbook["limit_mailfilter_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_mailfilter')) {
+				$app->error($app->tform->wordbook["limit_mailfilter_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_mailfilter')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_mailfilter_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/mail_domain_catchall_edit.php b/interface/web/mail/mail_domain_catchall_edit.php
@@ -55,17 +55,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_mailcatchall FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_mailcatchall"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE sys_groupid = $client_group_id and type = 'catchall'");
-				if($tmp["number"] >= $client["limit_mailcatchall"]) {
-					$app->error($app->tform->wordbook["limit_mailcatchall_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_mailcatchall',"type = 'catchall'")) {
+				$app->error($app->tform->wordbook["limit_mailcatchall_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_mailcatchall',"type = 'catchall'")) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_mailcatchall_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/mail_domain_edit.php b/interface/web/mail/mail_domain_edit.php
@@ -55,17 +55,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_maildomain FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another maildomain.
-			if($client["limit_maildomain"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM mail_domain WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_maildomain"]) {
-					$app->error($app->tform->wordbook["limit_maildomain_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_maildomain')) {
+				$app->error($app->tform->wordbook["limit_maildomain_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_maildomain')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_maildomain_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/mail_forward_edit.php b/interface/web/mail/mail_forward_edit.php
@@ -55,17 +55,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_mailforward FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_mailforward"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE sys_groupid = $client_group_id and type = 'forward'");
-				if($tmp["number"] >= $client["limit_mailforward"]) {
-					$app->error($app->tform->wordbook["limit_mailforward_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_mailforward',"type = 'forward'")) {
+				$app->error($app->tform->wordbook["limit_mailforward_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_mailforward',"type = 'forward'")) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_mailforward_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/mail_get_edit.php b/interface/web/mail/mail_get_edit.php
@@ -55,17 +55,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-		
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_fetchmail FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another transport.
-			if($client["limit_fetchmail"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(mailget_id) as number FROM mail_get WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_fetchmail"]) {
-					$app->error($app->tform->wordbook["limit_fetchmail_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_fetchmail')) {
+				$app->error($app->tform->wordbook["limit_fetchmail_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_fetchmail')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_fetchmail_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/mail_transport_edit.php b/interface/web/mail/mail_transport_edit.php
@@ -56,17 +56,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_mailrouting FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another transport.
-			if($client["limit_mailrouting"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(transport_id) as number FROM mail_transport WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_mailrouting"]) {
-					$app->error($app->tform->wordbook["limit_mailrouting_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_mailrouting')) {
+				$app->error($app->tform->wordbook["limit_mailrouting_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_mailrouting')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_mailrouting_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/mail_user_edit.php b/interface/web/mail/mail_user_edit.php
@@ -56,17 +56,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_mailbox FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_mailbox"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_mailbox"]) {
-					$app->error($app->tform->wordbook["limit_mailbox_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_mailbox')) {
+				$app->error($app->tform->wordbook["limit_mailbox_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_mailbox')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_mailbox_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/mail_whitelist_edit.php b/interface/web/mail/mail_whitelist_edit.php
@@ -55,17 +55,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_mailfilter FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_mailfilter"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(access_id) as number FROM mail_access WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_mailfilter"]) {
-					$app->error($app->tform->wordbook["limit_mailfilter_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_mailfilter')) {
+				$app->error($app->tform->wordbook["limit_mailfilter_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_mailfilter')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_mailfilter_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/spamfilter_blacklist_edit.php b/interface/web/mail/spamfilter_blacklist_edit.php
@@ -54,17 +54,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_spamfilter_wblist FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_spamfilter_wblist"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(wblist_id) as number FROM spamfilter_wblist WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_spamfilter_wblist"]) {
-					$app->error($app->tform->lng("limit_spamfilter_wblist_txt"));
-				}
+			if(!$app->tform->checkClientLimit('limit_spamfilter_wblist')) {
+				$app->error($app->tform->wordbook["limit_spamfilter_wblist_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_spamfilter_wblist')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_spamfilter_wblist_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/spamfilter_policy_edit.php b/interface/web/mail/spamfilter_policy_edit.php
@@ -54,17 +54,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_spamfilter_policy FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_limit_spamfilter_policy"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM spamfilter_policy WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_spamfilter_policy"]) {
-					$app->error($app->tform->wordbook["limit_spamfilter_policy_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_spamfilter_policy')) {
+				$app->error($app->tform->wordbook["limit_spamfilter_policy_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_spamfilter_policy')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_spamfilter_policy_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/spamfilter_users_edit.php b/interface/web/mail/spamfilter_users_edit.php
@@ -54,17 +54,11 @@ function onShowNew() {
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-			
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_spamfilter_user FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another mailbox.
-			if($client["limit_limit_spamfilter_user"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM spamfilter_users WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_spamfilter_user"]) {
-					$app->error($app->tform->wordbook["limit_spamfilter_user_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_spamfilter_user')) {
+				$app->error($app->tform->wordbook["limit_spamfilter_user_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_spamfilter_user')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_spamfilter_user_txt"]);
 			}
 		}
 		
diff --git a/interface/web/mail/spamfilter_whitelist_edit.php b/interface/web/mail/spamfilter_whitelist_edit.php
diff --git a/interface/web/sites/cron_edit.php b/interface/web/sites/cron_edit.php
diff --git a/interface/web/sites/database_edit.php b/interface/web/sites/database_edit.php
diff --git a/interface/web/sites/ftp_user_edit.php b/interface/web/sites/ftp_user_edit.php
diff --git a/interface/web/sites/shell_user_edit.php b/interface/web/sites/shell_user_edit.php
diff --git a/interface/web/sites/web_aliasdomain_edit.php b/interface/web/sites/web_aliasdomain_edit.php
diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php
diff --git a/interface/web/sites/web_subdomain_edit.php b/interface/web/sites/web_subdomain_edit.php
