Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Tree: c39c19268d
Fetching contributors…

Cannot retrieve contributors at this time

491 lines (436 sloc) 18.58 kB
<?php
/**
* This file is part of the SysCP project.
* Copyright (c) 2003-2007 the SysCP Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.syscp.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org>
* @license GPLv2 http://files.syscp.org/misc/COPYING.txt
* @package Panel
* @version $Id$
*/
define('AREA', 'customer');
/**
* Include our init.php, which manages Sessions, Language etc.
*/
require ("./lib/init.php");
if(isset($_POST['id']))
{
$id = intval($_POST['id']);
}
elseif(isset($_GET['id']))
{
$id = intval($_GET['id']);
}
if($page == 'overview')
{
eval("echo \"" . getTemplate("domains/domains") . "\";");
}
elseif($page == 'domains')
{
if($action == '')
{
$fields = array(
'd.domain' => $lng['domains']['domainname'],
'd.documentroot' => $lng['panel']['path'],
'd.aliasdomain' => $lng['domains']['aliasdomain']
);
$paging = new paging($userinfo, $db, TABLE_PANEL_DOMAINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
$result = $db->query("SELECT `d`.`id`, " . " `d`.`customerid`, " . " `d`.`domain`, " . " `d`.`documentroot`, " . " `d`.`isemaildomain`, " . " `d`.`caneditdomain`, " . " `d`.`iswildcarddomain`, " . " `d`.`parentdomainid`, " . " `ad`.`id` AS `aliasdomainid`, " . " `ad`.`domain` AS `aliasdomain`, " . " `da`.`id` AS `domainaliasid`, " . " `da`.`domain` AS `domainalias` " . "FROM `" . TABLE_PANEL_DOMAINS . "` `d` " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id` " . "WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' " . " AND `d`.`id` <> " . (int)$userinfo['standardsubdomain'] . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
$paging->setEntries($db->num_rows($result));
$sortcode = $paging->getHtmlSortCode($lng);
$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
$searchcode = $paging->getHtmlSearchCode($lng);
$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
$domains = '';
$parentdomains_count = 0;
$domains_count = 0;
$domain_array = array();
while($row = $db->fetch_array($result))
{
$row['domain'] = $idna_convert->decode($row['domain']);
$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
$row['domainalias'] = $idna_convert->decode($row['domainalias']);
if($row['parentdomainid'] == '0'
&& $row['iswildcarddomain'] != '1'
&& $row['caneditdomain'] == '1')
{
$parentdomains_count++;
}
$domains_count++;
$domainparts = explode('.', $row['domain']);
$domainparts = array_reverse($domainparts);
$sortkey = '';
foreach($domainparts as $key => $part)
{
$sortkey.= $part . '.';
}
$domain_array[$sortkey] = $row;
}
ksort($domain_array);
$domain_id_array = array();
foreach($domain_array as $sortkey => $row)
{
$domain_id_array[$row['id']] = $sortkey;
}
$domain_sort_array = array();
foreach($domain_array as $sortkey => $row)
{
if($row['parentdomainid'] == 0)
{
$domain_sort_array[$sortkey][$sortkey] = $row;
}
else
{
$domain_sort_array[$domain_id_array[$row['parentdomainid']]][$sortkey] = $row;
}
}
$domain_array = array();
if($paging->sortfield == 'd.domain'
&& $paging->sortorder == 'asc')
{
ksort($domain_sort_array);
}
elseif($paging->sortfield == 'd.domain'
&& $paging->sortorder == 'desc')
{
krsort($domain_sort_array);
}
$i = 0;
foreach($domain_sort_array as $sortkey => $domain_array)
{
if($paging->checkDisplay($i))
{
$row = htmlentities_array($domain_array[$sortkey]);
eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");
if($paging->sortfield == 'd.domain'
&& $paging->sortorder == 'asc')
{
ksort($domain_array);
}
elseif($paging->sortfield == 'd.domain'
&& $paging->sortorder == 'desc')
{
krsort($domain_array);
}
foreach($domain_array as $row)
{
if(strpos($row['documentroot'], $userinfo['documentroot']) === 0)
{
$row['documentroot'] = substr($row['documentroot'], strlen($userinfo['documentroot']));
}
$row = htmlentities_array($row);
eval("\$domains.=\"" . getTemplate("domains/domains_domain") . "\";");
}
}
$i+= count($domain_array);
}
eval("echo \"" . getTemplate("domains/domainlist") . "\";");
}
elseif($action == 'delete'
&& $id != 0)
{
$result = $db->query_first("SELECT `id`, `customerid`, `domain`, `documentroot`, `isemaildomain`, `parentdomainid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
$alias_check = $db->query_first('SELECT COUNT(`id`) AS `count` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . (int)$id . '\'');
if(isset($result['parentdomainid'])
&& $result['parentdomainid'] != '0'
&& $alias_check['count'] == 0)
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
wasFormCompromised();
if($result['isemaildomain'] == '1')
{
$emails = $db->query_first('SELECT COUNT(`id`) AS `count` FROM `' . TABLE_MAIL_VIRTUAL . '` WHERE `customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `domainid`=\'' . (int)$id . '\'');
if($emails['count'] != '0')
{
standard_error('domains_cantdeletedomainwithemail');
}
}
$result = $db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`-1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
inserttask('1');
inserttask('4');
redirectTo($filename, Array(
'page' => $page,
's' => $s
));
}
else
{
ask_yesno('domains_reallydelete', $filename, array(
'id' => $id,
'page' => $page,
'action' => $action
), $idna_convert->decode($result['domain']));
}
}
else
{
standard_error('domains_cantdeletemaindomain');
}
}
elseif($action == 'add')
{
if($userinfo['subdomains_used'] < $userinfo['subdomains']
|| $userinfo['subdomains'] == '-1')
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
wasFormCompromised();
/* Rules for subdomains:
* - At least two characters
* - Valid characters: a-z, 0-9, ".", "-" and "_"
* - First character must be a-z or 0-9
* - Case-insensitiv
*/
$subdomain = $idna_convert->encode(preg_replace(Array(
'/\:(\d)+$/',
'/^https?\:\/\//'
), '', validate($_POST['subdomain'], 'subdomain', '/^[a-z0-9](?:[a-z0-9-_]+\.?)+$/i', 'subdomainiswrong')));
$domain = $idna_convert->encode($_POST['domain']);
$domain_check = $db->query_first("SELECT `id`, `customerid`, `domain`, `documentroot`, `ipandport`, `isemaildomain`, `subcanemaildomain`, `openbasedir`, `safemode`, `speciallogfile`, `specialsettings` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='$domain' AND `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `iswildcarddomain`='0' AND `caneditdomain`='1' ");
$completedomain = $subdomain . '.' . $domain;
$completedomain_check = $db->query_first("SELECT `id`, `customerid`, `domain`, `documentroot`, `isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($completedomain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "' AND `caneditdomain` = '1'");
$aliasdomain = intval($_POST['alias']);
$aliasdomain_check = array(
'id' => 0
);
if($aliasdomain != 0)
{
$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\'');
}
if(isset($_POST['url'])
&& $_POST['url'] != ''
&& validateUrl($idna_convert->encode($_POST['url'])))
{
$path = $_POST['url'];
}
else
{
$path = $_POST['path'];
}
if(!preg_match('/^https?\:\/\//', $path))
{
$path = makeCorrectDir($path);
$userpath = $path;
$path = $userinfo['documentroot'] . $path;
}
if(isset($_POST['openbasedir_path'])
&& $_POST['openbasedir_path'] == '1')
{
$openbasedir_path = '1';
}
else
{
$openbasedir_path = '0';
}
if($path == '')
{
standard_error('patherror');
}
elseif($subdomain == '')
{
standard_error(array(
'stringisempty',
'domainname'
));
}
elseif($subdomain == 'www')
{
standard_error('wwwnotallowed');
}
elseif($domain == '')
{
standard_error('domaincantbeempty');
}
elseif($completedomain_check['domain'] == $completedomain)
{
standard_error('domainexistalready', $completedomain);
}
elseif($domain_check['domain'] != $domain)
{
standard_error('maindomainnonexist', $domain);
}
elseif($aliasdomain_check['id'] != $aliasdomain)
{
standard_error('domainisaliasorothercustomer');
}
else
{
$result = $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`customerid`, `domain`, `documentroot`, `ipandport`, `aliasdomain`, `parentdomainid`, `isemaildomain`, `openbasedir`, `openbasedir_path`, `safemode`, `speciallogfile`, `specialsettings`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($completedomain) . "', '" . $db->escape($path) . "', '" . $db->escape($domain_check['ipandport']) . "', " . (($aliasdomain != 0) ? "'" . $db->escape($aliasdomain) . "'" : "NULL") . ", '" . (int)$domain_check['id'] . "', '" . ($domain_check['subcanemaildomain'] == '3' ? '1' : '0') . "', '" . $db->escape($domain_check['openbasedir']) . "', '" . $db->escape($openbasedir_path) . "', '" . $db->escape($domain_check['safemode']) . "', '" . $db->escape($domain_check['speciallogfile']) . "', '" . $db->escape($domain_check['specialsettings']) . "')");
$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`+1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
inserttask('1');
inserttask('4');
redirectTo($filename, Array(
'page' => $page,
's' => $s
));
}
}
else
{
$result = $db->query("SELECT `id`, `domain`, `documentroot`, `isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `iswildcarddomain`='0' AND `caneditdomain`='1' ORDER BY `domain` ASC");
$domains = '';
while($row = $db->fetch_array($result))
{
$domains.= makeoption($idna_convert->decode($row['domain']), $row['domain']);
}
$aliasdomains = makeoption($lng['domains']['noaliasdomain'], 0, NULL, true);
$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id` <> `c`.`standardsubdomain` AND `d`.`customerid`=`c`.`customerid` AND `d`.`customerid`=" . (int)$userinfo['customerid'] . " ORDER BY `d`.`domain` ASC");
while($row_domain = $db->fetch_array($result_domains))
{
$aliasdomains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id']);
}
$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
eval("echo \"" . getTemplate("domains/domains_add") . "\";");
}
}
}
elseif($action == 'edit'
&& $id != 0)
{
$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`aliasdomain`, `d`.`openbasedir_path` ,`pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
$alias_check = $db->query_first('SELECT COUNT(`id`) AS count FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . (int)$result['id'] . '\'');
$alias_check = $alias_check['count'];
if(isset($result['customerid'])
&& $result['customerid'] == $userinfo['customerid'])
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
wasFormCompromised();
if(isset($_POST['url'])
&& $_POST['url'] != ''
&& validateUrl($idna_convert->encode($_POST['url'])))
{
$path = $_POST['url'];
}
else
{
$path = validate($_POST['path'], 'path');
}
$aliasdomain = intval($_POST['alias']);
if(!preg_match('/^https?\:\/\//', $path))
{
$path = makeCorrectDir($path);
$userpath = $path;
$path = $userinfo['documentroot'] . $path;
}
if(isset($_POST['iswildcarddomain'])
&& $_POST['iswildcarddomain'] == '1'
&& $result['parentdomainid'] == '0'
&& $userinfo['subdomains'] != '0')
{
$wildcarddomaincheck = $db->query("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid` = '" . (int)$result['id'] . "'");
if($db->num_rows($wildcarddomaincheck) != '0')
{
standard_error('firstdeleteallsubdomains');
exit;
}
$iswildcarddomain = '1';
}
else
{
$iswildcarddomain = '0';
}
if($result['parentdomainid'] != '0'
&& ($result['subcanemaildomain'] == '1' || $result['subcanemaildomain'] == '2')
&& isset($_POST['isemaildomain']))
{
$isemaildomain = intval($_POST['isemaildomain']);
}
else
{
$isemaildomain = $result['isemaildomain'];
}
$aliasdomain_check = array(
'id' => 0
);
if($aliasdomain != 0)
{
$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\'');
}
if($aliasdomain_check['id'] != $aliasdomain)
{
standard_error('domainisaliasorothercustomer');
}
if(isset($_POST['openbasedir_path'])
&& $_POST['openbasedir_path'] == '1')
{
$openbasedir_path = '1';
}
else
{
$openbasedir_path = '0';
}
if($path == '')
{
standard_error('patherror');
}
else
{
if(($result['isemaildomain'] == '1')
&& ($isemaildomain == '0'))
{
$db->query("DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `domainid`='" . (int)$id . "'");
$db->query("DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `domainid`='" . (int)$id . "'");
}
if($path != $result['documentroot']
|| $isemaildomain != $result['isemaildomain']
|| $iswildcarddomain != $result['iswildcarddomain']
|| $aliasdomain != $result['aliasdomain']
|| $openbasedir_path != $result['openbasedir_path'])
{
inserttask('1');
inserttask('4');
$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `documentroot`='" . $db->escape($path) . "', `isemaildomain`='" . (int)$isemaildomain . "', `iswildcarddomain`='" . (int)$iswildcarddomain . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",`openbasedir_path`='" . $db->escape($openbasedir_path) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
}
redirectTo($filename, Array(
'page' => $page,
's' => $s
));
}
}
else
{
$result['domain'] = $idna_convert->decode($result['domain']);
$domains = makeoption($lng['domains']['noaliasdomain'], 0, $result['aliasdomain'], true);
$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `c`.`customerid`=`d`.`customerid` ORDER BY `d`.`domain` ASC");
while($row_domain = $db->fetch_array($result_domains))
{
$domains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']);
}
if(preg_match('/^https?\:\/\//', $result['documentroot'])
&& $settings['panel']['pathedit'] == 'Dropdown')
{
$urlvalue = $result['documentroot'];
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
}
else
{
$urlvalue = '';
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $result['documentroot']);
}
// $result['documentroot']=str_replace($userinfo['documentroot'],'',$result['documentroot']);
$iswildcarddomain = makeyesno('iswildcarddomain', '1', '0', $result['iswildcarddomain']);
$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
$openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true);
$result = htmlentities_array($result);
eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
}
}
else
{
standard_error('domains_canteditdomain');
}
}
}
?>
Jump to Line
Something went wrong with that request. Please try again.