- FS#1824: Implemented maintenance mode.

Author: falkotimme

install/tpl/system.ini.master

@@ -34,3 +34,4 @@ dashboard_atom_url_admin=http://www.ispconfig.org/atom
 dashboard_atom_url_reseller=http://www.ispconfig.org/atom
 dashboard_atom_url_client=http://www.ispconfig.org/atom
 monitor_key=
+maintenance_mode=n

interface/lib/classes/remoting.inc.php

@@ -67,13 +67,21 @@ public function login($username, $password)
     {
 		global $app, $conf, $server;
 
+		// Maintenance mode
+		$app->uses('ini_parser,getconf');
+		$server_config_array = $app->getconf->get_global_config('misc');
+		if($server_config_array['maintenance_mode'] == 'y'){
+			$this->server->fault('maintenance_mode', 'This ISPConfig installation is currently under maintenance. We should be back shortly. Thank you for your patience.');
+			return false;
+		}
+		
 		if(empty($username)) {
-			$this->server->fault('login_username_empty', 'The login username is empty');
+			$this->server->fault('login_username_empty', 'The login username is empty.');
 			return false;
 		}
 
 		if(empty($password)) {
-			$this->server->fault('login_password_empty', 'The login password is empty');
+			$this->server->fault('login_password_empty', 'The login password is empty.');
 			return false;
 		}
 

interface/web/admin/form/system_config.tform.php

@@ -284,6 +284,12 @@
 			'default'	=> '',
 			'value'		=> ''
 		),
+		'maintenance_mode' => array (
+			'datatype'	=> 'VARCHAR',
+			'formtype'	=> 'CHECKBOX',
+			'default'	=> 'n',
+			'value'		=> array(0 => 'n',1 => 'y')
+		),
 	##################################
 	# ENDE Datatable fields
 	##################################

interface/web/admin/lib/lang/de_system_config.lng

@@ -15,16 +15,17 @@ $wb['phpmyadmin_url_txt'] = 'PHPMyAdmin URL';
 $wb['dashboard_atom_url_admin_txt'] = 'Dashboard atom feed URL (admin)';
 $wb['dashboard_atom_url_reseller_txt'] = 'Dashboard atom feed URL (reseller)';
 $wb['dashboard_atom_url_client_txt'] = 'Dashboard atom feed URL (client)';
-$wb['webdavuser_prefix_txt'] = 'Webdav user prefix';
-$wb['webdavuser_prefix_error_regex'] = 'Char not allowed in webdav user prefix.';
-$wb['use_domain_module_txt'] = 'Use the domain-module to add new domains';
-$wb['use_domain_module_hint'] = 'If you use this module, your customers can only select one of the domains the admin creates for them. They cannot free edit the domain-field.You have to re-login after changing this value, to make the changes visible.';
-$wb['new_domain_txt'] = 'HTML to create a new domain';
+$wb['webdavuser_prefix_txt'] = 'Webdav-User-Präfix';
+$wb['webdavuser_prefix_error_regex'] = 'Zeichen nicht zulässig im WebDAV-User-Präfix.';
+$wb['use_domain_module_txt'] = 'Das Domain-Modul benutzen, um neue Domains hinzuzufügen';
+$wb['use_domain_module_hint'] = 'Falls Sie dieses Modul benutzen, können Ihre Kunden nur eine der Domains auswählen, die der Admin für sie angelegt hat. Die Kunden können das Domain-Feld nicht frei editieren. Sie müssen sich neu einloggen, wenn Sie diesen Wert ändern.';
+$wb['new_domain_txt'] = 'HTML zum Anlegen einer neuen Domain';
 $wb['webftp_url_txt'] = 'WebFTP URL';
 $wb['enable_custom_login_txt'] = 'Abweichenden Login-Namen erlauben';
-$wb['mailmailinglist_link_txt'] = 'Link to mailing list in Mailing list list';
-$wb['mailmailinglist_url_txt'] = 'Mailing list URL';
-$wb['admin_mail_txt'] = 'Administrators e-mail';
-$wb['monitor_key_txt'] = 'Monitor keyword';
-$wb['admin_name_txt'] = 'Administrators name';
+$wb['mailmailinglist_link_txt'] = 'Link zur Mailingliste in der Mailinglisten-Übersicht';
+$wb['mailmailinglist_url_txt'] = 'Mailinglisten-URL';
+$wb['admin_mail_txt'] = 'Administrator Email';
+$wb['monitor_key_txt'] = 'Monitor-Passwort';
+$wb['admin_name_txt'] = 'Name des Administrators';
+$wb['maintenance_mode_txt'] = 'Wartungsmodus';
 ?>

interface/web/admin/lib/lang/en_system_config.lng

@@ -21,10 +21,11 @@ $wb["mailmailinglist_link_txt"] = 'Link to mailing list in Mailing list list';
 $wb["mailmailinglist_url_txt"] = 'Mailing list URL';
 $wb["phpmyadmin_url_txt"] = 'PHPMyAdmin URL';
 $wb["use_domain_module_txt"] = 'Use the domain-module to add new domains';
-$wb["use_domain_module_hint"] = 'If you use this module, your customers can only select one of the domains the admin creates for them. They cannot free edit the domain-field.You have to re-login after changing this value, to make the changes visible.';
+$wb["use_domain_module_hint"] = 'If you use this module, your customers can only select one of the domains the admin creates for them. They cannot freely edit the domain-field. You have to re-login after changing this value, to make the changes visible.';
 $wb["new_domain_txt"] = 'HTML to create a new domain';
 $wb["webftp_url_txt"] = 'WebFTP URL';
 $wb['admin_mail_txt'] = 'Administrator\'s e-mail';
 $wb["monitor_key_txt"] = 'Monitor keyword';
 $wb['admin_name_txt'] = 'Administrator\'s name';
+$wb['maintenance_mode_txt'] = 'Maintenance Mode';
 ?>

interface/web/admin/system_config_edit.php

@@ -108,6 +108,13 @@ function onUpdateSave($sql) {
 				"FROM web_domain";
 			$app->db->query($sql);
 		}
+		
+		// Maintenance mode
+		if($server_config_array['misc']['maintenance_mode'] == 'y'){
+			//print_r($_SESSION);
+			//echo $_SESSION['s']['id'];
+			$app->db->query("DELETE FROM sys_session WHERE session_id != '".$_SESSION['s']['id']."'");
+		}
 	}
 
 }

interface/web/admin/templates/system_config_misc_edit.htm

@@ -20,6 +20,12 @@ <h2><tmpl_var name="list_head_txt"></h2>
 				<label for="monitor_key">{tmpl_var name='monitor_key_txt'}</label>
 				<input name="monitor_key" id="monitor_key" value="{tmpl_var name='monitor_key'}" size="" maxlength="" type="text" class="textInput" />
 			</div>
+			<div class="ctrlHolder">
+			<p class="label">{tmpl_var name='maintenance_mode_txt'}</p>
+			<div class="multiField">
+				{tmpl_var name='maintenance_mode'}
+			</div>
+		</div>
 		</fieldset>
 		<input type="hidden" name="id" value="{tmpl_var name='id'}">
 		<div class="buttonHolder buttons">

interface/web/capp.php

@@ -36,8 +36,8 @@
 
 //* Check if user is logged in
 if($_SESSION["s"]["user"]['active'] != 1) {
-	header("Location: index.php?phpsessid=".$_SESSION["s"]["id"]);
-	die();
+	die("URL_REDIRECT: /index.php");
+	//die();
 }
 
 //* Check if user may use the module.

interface/web/js/scrigo.js.php

@@ -43,8 +43,11 @@ function capp(module) {
 													if(jqXHR.responseText.indexOf('HEADER_REDIRECT:') > -1) {
 														var parts = jqXHR.responseText.split(':');
 														loadContent(parts[1]);
+													} else if (jqXHR.responseText.indexOf('URL_REDIRECT:') > -1) {
+														var newUrl= jqXHR.responseText.substr(jqXHR.responseText.indexOf('URL_REDIRECT:') + "URL_REDIRECT:".length);
+														document.location.href = newUrl;
 													} else {
-														alert(jqXHR.responseText);
+														//alert(jqXHR.responseText);
 													}
 												}
 												loadMenus();

interface/web/login/index.php

@@ -54,7 +54,15 @@ public function render() {
 	    $error = '';
 
 		$app->load_language_file('web/login/lib/lang/'.$conf["language"].'.lng');
-	
+		
+		// Maintenance mode
+		$maintenance_mode = false;
+		$app->uses('ini_parser,getconf');
+		$server_config_array = $app->getconf->get_global_config('misc');
+		if($server_config_array['maintenance_mode'] == 'y'){
+			$maintenance_mode = true;
+			$maintenance_mode_error = $app->lng('error_maintenance_mode');
+		}
 
 		//* Login Form was send
 		if(count($_POST) > 0) {
@@ -167,33 +175,36 @@ public function render() {
 
 		            if($user) {
 		                if($user['active'] == 1) {
-		                	// User login right, so attempts can be deleted
-		                	$sql = "DELETE FROM `attempts_login` WHERE `ip`='{$ip}'";
-		                	$app->db->query($sql);
-		                	$user = $app->db->toLower($user);
+							// Maintenance mode - allow logins only when maintenance mode is off or if the user is admin
+							if(!$maintenance_mode || $user['typ'] == 'admin'){
+								// User login right, so attempts can be deleted
+								$sql = "DELETE FROM `attempts_login` WHERE `ip`='{$ip}'";
+								$app->db->query($sql);
+								$user = $app->db->toLower($user);
 
-							if ($loginAs) $oldSession = $_SESSION['s'];
-							$_SESSION = array();
-							if ($loginAs) $_SESSION['s_old'] = $oldSession; // keep the way back!
-							$_SESSION['s']['user'] = $user;
-							$_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default';
-							$_SESSION['s']['language'] = $user['language'];
-							$_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
+								if ($loginAs) $oldSession = $_SESSION['s'];
+								$_SESSION = array();
+								if ($loginAs) $_SESSION['s_old'] = $oldSession; // keep the way back!
+								$_SESSION['s']['user'] = $user;
+								$_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default';
+								$_SESSION['s']['language'] = $user['language'];
+								$_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
 
-							if(is_file($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
-								include_once($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php');
-								$_SESSION['s']['module'] = $module;
-							}
+								if(is_file($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
+									include_once($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php');
+									$_SESSION['s']['module'] = $module;
+								}
 
-							$app->plugin->raiseEvent('login',$this);
+								$app->plugin->raiseEvent('login',$this);
 
-							/*
-							 * We need LOGIN_REDIRECT instead of HEADER_REDIRECT to load the
-							 * new theme, if the logged-in user has another
-							 */
-							echo 'LOGIN_REDIRECT:'.$_SESSION['s']['module']['startpage'];
+								/*
+								* We need LOGIN_REDIRECT instead of HEADER_REDIRECT to load the
+								* new theme, if the logged-in user has another
+								*/
+								echo 'LOGIN_REDIRECT:'.$_SESSION['s']['module']['startpage'];
 
-		                   	exit;
+								exit;
+							}
 		             	} else {
 		                	$error = $app->lng('error_user_blocked');
 		                }
@@ -222,12 +233,13 @@ public function render() {
 				$app->plugin->raiseEvent('login_empty',$this);
 	        }
 		}
+		
+		// Maintenance mode - show message when people try to log in and also when people are forcedly logged off
+		if($maintenance_mode_error != '') $error = '<strong>'.$maintenance_mode_error.'</strong><br><br>'.$error;
 		if($error != ''){
 	  		$error = '<div class="box box_error"><h1>Error</h1>'.$error.'</div>';
 		}
 
-	
-	
 		$app->tpl->setVar('error', $error);
 		$app->tpl->setVar('username_txt', $app->lng('username_txt'));
 		$app->tpl->setVar('password_txt', $app->lng('password_txt'));