| Current File : //etc/zpanel/panel/modules/ftp_management/code/controller.ext.php |
<?php
/**
* @copyright 2014-2015 Sentora Project (http://www.sentora.org/)
* Sentora is a GPL fork of the ZPanel Project whose original header follows:
*
* ZPanel - A Cross-Platform Open-Source Web Hosting Control panel.
*
* @package ZPanel
* @version $Id$
* @author Bobby Allen - ballen@bobbyallen.me
* @copyright (c) 2008-2014 ZPanel Group - http://www.zpanelcp.com/
* @license http://opensource.org/licenses/gpl-3.0.html GNU Public License v3
*
* This program (ZPanel) is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
class module_controller extends ctrl_module
{
static $error;
static $alreadyexists;
static $blank;
static $badname;
static $invalidPath;
static $ok;
static $delete;
static $reset;
static $create;
static $badpassword;
/**
* The 'worker' methods.
*/
static function get_client_ip() {
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP'))
$ipaddress = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipaddress = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipaddress = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipaddress = getenv('REMOTE_ADDR');
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}
static function ListClients($uid)
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail($uid);
$username = $currentuser['username'];
$sql = "SELECT * FROM x_ftpaccounts WHERE ft_acc_fk=:userid AND ft_deleted_ts IS NULL AND ft_user_vc not like'".$username."'";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $uid);
$numrows->execute();
if ($numrows->fetchColumn() <> 0) {
$sql = $zdbh->prepare($sql);
$res = array();
$sql->bindParam(':userid', $uid);
$sql->execute();
while ($rowclients = $sql->fetch()) {
$res[] = array('id' => $rowclients['ft_id_pk'],
'directory' => runtime_xss::xssClean($rowclients['ft_directory_vc']),
'access' => runtime_xss::xssClean($rowclients['ft_access_vc']),
'password' => runtime_xss::xssClean($rowclients['ft_password_vc']),
'username' => runtime_xss::xssClean($rowclients['ft_user_vc']));
}
return $res;
} else {
return false;
}
}
static function ListSpecialFtpAccount($uid) {
global $controller;
$currentuser = ctrl_users::GetUserDetail($uid);
$username = $currentuser['username'];
return $username;
}
static function gethelpicon()
{
global $zdbh;
global $controller;
$temp=$controller->GetControllerRequest('URL','module') ;
$val = '/assets/one.txt';
$val1 = '/modules/';
$name=file_get_contents("modules/$temp/assets/helpicon.txt");
return $name;
}
static function ListCurrentClient($uid)
{
global $zdbh;
$sql = "SELECT * FROM x_ftpaccounts WHERE ft_id_pk=:userid AND ft_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $uid);
$numrows->execute();
if ($numrows->fetchColumn() <> 0) {
$sql = $zdbh->prepare($sql);
$sql->bindParam(':userid', $uid);
$res = array();
$sql->execute();
while ($rowclients = $sql->fetch()) {
$res[] = array('id' => $rowclients['ft_id_pk'],
'directory' => runtime_xss::xssClean($rowclients['ft_directory_vc']),
'access' => runtime_xss::xssClean($rowclients['ft_access_vc']),
'password' => runtime_xss::xssClean($rowclients['ft_password_vc']),
'username' => runtime_xss::xssClean($rowclients['ft_user_vc']));
}
return $res;
} else {
return false;
}
}
static function getMasterDir($uid)
{
$currentuser = ctrl_users::GetUserDetail($uid);
$res = array();
$handle = @opendir(ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . "");
$chkdir = ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . "/";
array('masterdir' => ui_language::translate($chkdir));
}
static function ListMasterDirs($uid)
{
$currentuser = ctrl_users::GetUserDetail($uid);
$res = array();
$handle = @opendir(ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . "");
$chkdir = ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . "/";
if (!$handle) {
// Log an error as the folder cannot be opened...
} else {
while ($file = @readdir($handle)) {
if ($file != '.' && $file != '..' && $file != '_errorpages') {
if (is_dir($chkdir . $file)) {
$res[] = array('domains' => runtime_xss::xssClean($file));
}
}
}
closedir($handle);
}
return $res;
}
static function ListDomainDirs($uid)
{
$currentuser = ctrl_users::GetUserDetail($uid);
$res = array();
$handle = @opendir(ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . "/public_html");
$chkdir = ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . "/public_html/";
if (!$handle) {
// Log an error as the folder cannot be opened...
} else {
while ($file = @readdir($handle)) {
if ($file != "." && $file != ".." && $file != "_errorpages") {
if (is_dir($chkdir . $file)) {
$res[] = array('domains' => runtime_xss::xssClean($file));
}
}
}
closedir($handle);
}
return $res;
}
static function getUserName($uid)
{
$currentuser = ctrl_users::GetUserDetail($uid);
return $currentuser['username'];
}
static function ListDomains($uid)
{
global $zdbh;
$currentuser = ctrl_users::GetUserDetail($uid);
$sql = "SELECT * FROM x_vhosts WHERE vh_acc_fk=:userid AND vh_enabled_in=1 AND vh_deleted_ts IS NULL ORDER BY vh_name_vc ASC";
//$numrows = $zdbh->query($sql);
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $currentuser['userid']);
$numrows->execute();
if ($numrows->fetchColumn() <> 0) {
$sql = $zdbh->prepare($sql);
$sql->bindParam(':userid', $currentuser['userid']);
$res = array();
$sql->execute();
while ($rowdomains = $sql->fetch()) {
$res[] = array('domain' => ui_language::translate($rowdomains['vh_name_vc']), 'domaindir'=>ui_language::translate($rowdomains['vh_directory_vc']));
}
return $res;
} else {
return false;
}
}
static function ExecuteResetPassword($ft_id_pk, $password)
{
global $zdbh;
global $controller;
// Verify if Current user can Edit FTP Account.
$currentuser = ctrl_users::GetUserDetail($uid);
$sql = "SELECT * FROM x_ftpaccounts WHERE ft_acc_fk=:userid AND ft_id_pk=:editedUsrID AND ft_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $currentuser['userid']);
$numrows->bindParam(':editedUsrID', $ft_id_pk);
$numrows->execute();
if( $numrows->rowCount() == 0 ) {
return;
}
$userId = $currentuser['userid'];
$query = "SELECT * from x_password_strength WHERE ps_user_vc='$userId'";
$res = $zdbh->prepare($query);
$res->execute();
$results = $res->rowCount();
if($results == 0)
{
if(!preg_match_all('$\S*(?=\S{9,})(?=\S*[a-z])(?=\S*[A-Z])(?=\S*[\d])(?=\S*[\W])\S*$', $password))
{
self::$badpassword = true;
return false;
}
// Change User Password
runtime_hook::Execute('OnBeforeResetFTPPassword');
$rowftpsql = "SELECT * FROM x_ftpaccounts WHERE ft_id_pk=:ftIdPk";
$rowftpfind = $zdbh->prepare($rowftpsql);
$rowftpfind->bindParam(':ftIdPk', $ft_id_pk);
$rowftpfind->execute();
$rowftp = $rowftpfind->fetch();
$sql = $zdbh->prepare("UPDATE x_ftpaccounts SET ft_password_vc=:password WHERE ft_id_pk=:ftpid");
$sql->bindParam(':password', $password);
$sql->bindParam(':ftpid', $ft_id_pk);
$sql->execute();
self::$reset = true;
// Include FTP server specific file here.
$FtpModuleFile = 'modules/' . $controller->GetControllerRequest('URL', 'module') . '/code/' . ctrl_options::GetSystemOption('ftp_php');
if (file_exists($FtpModuleFile)) {
include($FtpModuleFile);
}
$retval = TRUE;
runtime_hook::Execute('OnAfterResetFTPPassword');
return $retval;
}
while($rows=$res->fetch())
{
$values= ($rows['ps_faenabled_in'] == 0 ) ? "0" : "1";
if($values == 0)
{
if ((!preg_match_all('$\S*(?=\S{9,})(?=\S*[a-z])(?=\S*[A-Z])(?=\S*[\d])(?=\S*[\W])\S*$', $password)))
{
self::$badpassword = true;
return false;
}
// Change User Password
runtime_hook::Execute('OnBeforeResetFTPPassword');
$rowftpsql = "SELECT * FROM x_ftpaccounts WHERE ft_id_pk=:ftIdPk";
$rowftpfind = $zdbh->prepare($rowftpsql);
$rowftpfind->bindParam(':ftIdPk', $ft_id_pk);
$rowftpfind->execute();
$rowftp = $rowftpfind->fetch();
$sql = $zdbh->prepare("UPDATE x_ftpaccounts SET ft_password_vc=:password WHERE ft_id_pk=:ftpid");
$sql->bindParam(':password', $password);
$sql->bindParam(':ftpid', $ft_id_pk);
$sql->execute();
self::$reset = true;
// Include FTP server specific file here.
$FtpModuleFile = 'modules/' . $controller->GetControllerRequest('URL', 'module') . '/code/' . ctrl_options::GetSystemOption('ftp_php');
if (file_exists($FtpModuleFile)) {
include($FtpModuleFile);
}
$retval = TRUE;
runtime_hook::Execute('OnAfterResetFTPPassword');
return $retval;
}
else if($values == 1)
{
// Change User Password
runtime_hook::Execute('OnBeforeResetFTPPassword');
$rowftpsql = "SELECT * FROM x_ftpaccounts WHERE ft_id_pk=:ftIdPk";
$rowftpfind = $zdbh->prepare($rowftpsql);
$rowftpfind->bindParam(':ftIdPk', $ft_id_pk);
$rowftpfind->execute();
$rowftp = $rowftpfind->fetch();
$sql = $zdbh->prepare("UPDATE x_ftpaccounts SET ft_password_vc=:password WHERE ft_id_pk=:ftpid");
$sql->bindParam(':password', $password);
$sql->bindParam(':ftpid', $ft_id_pk);
$sql->execute();
self::$reset = true;
// Include FTP server specific file here.
$FtpModuleFile = 'modules/' . $controller->GetControllerRequest('URL', 'module') . '/code/' . ctrl_options::GetSystemOption('ftp_php');
if (file_exists($FtpModuleFile)) {
include($FtpModuleFile);
}
$retval = TRUE;
runtime_hook::Execute('OnAfterResetFTPPassword');
return $retval;
}
}
}
static function ExecuteCreateFTP($uid, $username, $password, $destination, $domainDestination, $access_type, $home, $manual_dir_path)
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail($uid);
$username = $currentuser['username'] . '_' . $username;
runtime_hook::Execute('OnBeforeCreateFTPAccount');
if (fs_director::CheckForEmptyValue(self::CheckForErrors($username, $password))) {
// Check to see if its a new home directory or use a current one...
if ($home == 1) {
$homedirectory_to_use = '/' . str_replace('.', '_', $username);
$full_path = ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . $homedirectory_to_use . '/';
// Create the new home directory... (If it doesnt already exist.)
if (!file_exists($full_path)) {
@mkdir($full_path, 777);
@chmod($full_path, 0777);
}
} else if ($home == 3) {
$homedirectory_to_use = '/' . $domainDestination;
} else if ($home == 4){
$homedirectory_to_use = '/public_html' . $manual_dir_path;
}else {
$homedirectory_to_use = '/' . $destination;
}
// Check if Path is inside user home directory.
if($home == 4) {
$full_homeDir = ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . $homedirectory_to_use . '/';
if (!file_exists($full_homeDir)) {
@mkdir($full_homeDir, 777);
@chmod($full_homeDir, 0777);
}
} else {
$full_homeDir = ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . $homedirectory_to_use . '/';
}
$baseDir = ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'];
$realPath = realpath($full_homeDir);
if( 0 !== strpos($realPath, $baseDir))
{
self::$invalidPath = true;
return false;
}
$userId = $currentuser['userid'];
$query = "SELECT * from x_password_strength WHERE ps_user_vc='$userId'";
$res = $zdbh->prepare($query);
$res->execute();
$results = $res->rowCount();
if($results == 0)
{
if(!preg_match_all('$\S*(?=\S{9,})(?=\S*[a-z])(?=\S*[A-Z])(?=\S*[\d])(?=\S*[\W])\S*$', $password))
{
self::$badpassword = true;
return false;
}
$sql = $zdbh->prepare("INSERT INTO x_ftpaccounts (ft_acc_fk, ft_user_vc, ft_directory_vc, ft_access_vc, ft_password_vc, ft_created_ts) VALUES (:userid, :username, :homedir, :accesstype, :password, :time)");
$sql->bindParam(':userid', $currentuser['userid']);
$sql->bindParam(':username', $username);
$sql->bindParam(':homedir', $homedirectory_to_use);
$sql->bindParam(':accesstype', $access_type);
$sql->bindParam(':password', $password);
$sql->bindParam(':time', time());
$sql->execute();
self::$create = true;
// Include FTP server specific file here.
$FtpModuleFile = 'modules/' . $controller->GetControllerRequest('URL', 'module') . '/code/' . ctrl_options::GetSystemOption('ftp_php');
if (file_exists($FtpModuleFile)) {
include($FtpModuleFile);
}
runtime_hook::Execute('OnAfterCreateFTPAccount');
return true;
}
while($rows=$res->fetch())
{
$values= ($rows['ps_faenabled_in'] == 0 ) ? "0" : "1";
if($values == 0)
{
if ((!preg_match_all('$\S*(?=\S{9,})(?=\S*[a-z])(?=\S*[A-Z])(?=\S*[\d])(?=\S*[\W])\S*$', $password)))
{
self::$badpassword = true;
return false;
}
$sql = $zdbh->prepare("INSERT INTO x_ftpaccounts (ft_acc_fk, ft_user_vc, ft_directory_vc, ft_access_vc, ft_password_vc, ft_created_ts) VALUES (:userid, :username, :homedir, :accesstype, :password, :time)");
$sql->bindParam(':userid', $currentuser['userid']);
$sql->bindParam(':username', $username);
$sql->bindParam(':homedir', $homedirectory_to_use);
$sql->bindParam(':accesstype', $access_type);
$sql->bindParam(':password', $password);
$sql->bindParam(':time', time());
$sql->execute();
self::$create = true;
// Include FTP server specific file here.
$FtpModuleFile = 'modules/' . $controller->GetControllerRequest('URL', 'module') . '/code/' . ctrl_options::GetSystemOption('ftp_php');
if (file_exists($FtpModuleFile)) {
include($FtpModuleFile);
}
runtime_hook::Execute('OnAfterCreateFTPAccount');
return true;
}
else if($values == 1)
{
$sql = $zdbh->prepare("INSERT INTO x_ftpaccounts (ft_acc_fk, ft_user_vc, ft_directory_vc, ft_access_vc, ft_password_vc, ft_created_ts) VALUES (:userid, :username, :homedir, :accesstype, :password, :time)");
$sql->bindParam(':userid', $currentuser['userid']);
$sql->bindParam(':username', $username);
$sql->bindParam(':homedir', $homedirectory_to_use);
$sql->bindParam(':accesstype', $access_type);
$sql->bindParam(':password', $password);
$sql->bindParam(':time', time());
$sql->execute();
self::$create = true;
// Include FTP server specific file here.
$FtpModuleFile = 'modules/' . $controller->GetControllerRequest('URL', 'module') . '/code/' . ctrl_options::GetSystemOption('ftp_php');
if (file_exists($FtpModuleFile)) {
include($FtpModuleFile);
}
runtime_hook::Execute('OnAfterCreateFTPAccount');
return true;
}
}
return false;
}
}
static function CheckForErrors($username, $password)
{
global $zdbh;
$retval = FALSE;
// Check to make sure the username and password is not blank before we go any further...
if ($username == '' || $password == '') {
self::$blank = TRUE;
$retval = TRUE;
}
// Check for invalid username
if (!self::IsValidUserName($username)) {
self::$badname = true;
$retval = TRUE;
}
// Check to make sure the cron is not a duplicate...
$sql = "SELECT COUNT(*) FROM x_ftpaccounts WHERE ft_user_vc=:userid AND ft_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $username);
if ($numrows->execute()) {
if ($numrows->fetchColumn() <> 0) {
self::$alreadyexists = TRUE;
$retval = TRUE;
}
}
return $retval;
}
static function IsValidUserName($username)
{
return preg_match('/^[a-z\d_][a-z\d_-]{0,62}$/i', $username) || preg_match('/-$/', $username) == 1;
}
static function ExecuteDeleteFTP($ft_id_pk, $uid)
{
global $zdbh;
global $controller;
// Verify if Current user can Edit FTP Account.
$currentuser = ctrl_users::GetUserDetail($uid);
$sql = "SELECT * FROM x_ftpaccounts WHERE ft_acc_fk=:userid AND ft_id_pk=:editedUsrID AND ft_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $currentuser['userid']);
$numrows->bindParam(':editedUsrID', $ft_id_pk);
$numrows->execute();
if( $numrows->rowCount() == 0 ) {
return;
}
// Delete User
runtime_hook::Execute('OnBeforeDeleteFTPAccount');
$rowftpsql = "SELECT * FROM x_ftpaccounts WHERE ft_id_pk=:ftIdPk";
$rowftpfind = $zdbh->prepare($rowftpsql);
$rowftpfind->bindParam(':ftIdPk', $ft_id_pk);
$rowftpfind->execute();
$rowftp = $rowftpfind->fetch();
$sql = $zdbh->prepare("UPDATE x_ftpaccounts SET ip_deleted=:ip_deleted,ft_deleted_ts=:time WHERE ft_id_pk=:ftpid");
$ip_deleted =self::get_client_ip();
$sql->bindParam(':ip_deleted', $ip_deleted);
$sql->bindParam(':ftpid', $ft_id_pk);
$sql->bindParam(':time', $ft_id_pk);
$sql->execute();
self::$delete = true;
// Include FTP server specific file here.
$FtpModuleFile = 'modules/' . $controller->GetControllerRequest('URL', 'module') . '/code/' . ctrl_options::GetSystemOption('ftp_php');
if (file_exists($FtpModuleFile)) {
include($FtpModuleFile);
}
$retval = TRUE;
runtime_hook::Execute('OnAfterDeleteFTPAccount');
return $retval;
}
/**
* End 'worker' methods.
*/
/**
* Webinterface sudo methods.
*/
static function doCreateFTP()
{
global $controller;
runtime_csfr::Protect();
$currentuser = ctrl_users::GetUserDetail();
$formvars = $controller->GetAllControllerRequests('FORM');
$manual_dir = $formvars['inDir'];
//$manual_dir = $formvars['default_path'].$formvars['inDir'];
if (self::ExecuteCreateFTP($currentuser['userid'], $formvars['inFTPUsername'], $formvars['inPassword'], $formvars['inDestination'], $formvars['inDomainDestination'], $formvars['inAccess'], $formvars['inAutoHome'], $manual_dir)) {
self::$ok = true;
return true;
} else {
return false;
}
}
static function doDeleteFTP()
{
global $controller;
runtime_csfr::Protect();
$formvars = $controller->GetAllControllerRequests('FORM');
if (self::ExecuteDeleteFTP($formvars['inDelete']))
self::$ok = true;
return true;
}
static function doResetPassword()
{
global $controller;
runtime_csfr::Protect();
$formvars = $controller->GetAllControllerRequests('FORM');
if (self::ExecuteResetPassword($formvars['inReset'], $formvars['inPassword']))
self::$ok = true;
return true;
}
static function getClientList()
{
$currentuser = ctrl_users::GetUserDetail();
$clientlist = self::ListClients($currentuser['userid']);
return (!fs_director::CheckForEmptyValue($clientlist)) ? $clientlist : false;
}
static function getSpecialFtpAccount()
{
$currentuser = ctrl_users::GetUserDetail();
$specialftp = self::ListSpecialFtpAccount($currentuser['userid']);
return (!fs_director::CheckForEmptyValue($specialftp)) ? $specialftp : false;
}
static function getDomainDirsList()
{
$currentuser = ctrl_users::GetUserDetail();
$domaindirectories = self::ListDomainDirs($currentuser['userid']);
return (!fs_director::CheckForEmptyValue($domaindirectories)) ? $domaindirectories : false;
}
static function getDomainList()
{
$currentuser = ctrl_users::GetUserDetail();
return self::ListDomains($currentuser['userid']);
}
static function getMasterDirsList()
{
$currentuser = ctrl_users::GetUserDetail();
$domaindirectories = self::ListMasterDirs($currentuser['userid']);
return (!fs_director::CheckForEmptyValue($domaindirectories)) ? $domaindirectories : false;
}
static function doEditFTP()
{
global $controller;
runtime_csfr::Protect();
$currentuser = ctrl_users::GetUserDetail();
$formvars = $controller->GetAllControllerRequests('FORM');
foreach (self::ListClients($currentuser['userid']) as $row) {
if (isset($formvars['inDelete_' . $row['id'] . ''])) {
header("location: ./?module=" . $controller->GetCurrentModule() . "&show=Delete&other=" . $row['id']);
exit;
}
if (isset($formvars['inReset_' . $row['id'] . ''])) {
header("location: ./?module=" . $controller->GetCurrentModule() . "&show=Edit&other=" . $row['id']);
exit;
}
}
return;
}
static function getisCreateFTP()
{
global $controller;
$urlvars = $controller->GetAllControllerRequests('URL');
return !isset($urlvars['show']);
}
static function getisDeleteFTP($uid)
{
global $controller;
global $zdbh;
$urlvars = $controller->GetAllControllerRequests('URL');
// Verify if Current user can Edit FTP Account.
// This shall avoid exposing ftp username based on ID lookups.
$currentuser = ctrl_users::GetUserDetail($uid);
$sql = " SELECT * FROM x_ftpaccounts WHERE ft_acc_fk=:userid AND ft_id_pk=:editedUsrID AND ft_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $currentuser['userid']);
$numrows->bindParam(':editedUsrID', $urlvars['other']);
$numrows->execute();
if( $numrows->rowCount() == 0 ) {
return;
}
// Show User Info
return (isset($urlvars['show'])) && ($urlvars['show'] == "Delete");
}
static function getisEditFTP($uid)
{
global $controller;
global $zdbh;
$urlvars = $controller->GetAllControllerRequests('URL');
// Verify if Current user can Edit FTP Account.
// This shall avoid exposing ftp username based on ID lookups.
$currentuser = ctrl_users::GetUserDetail($uid);
$sql = " SELECT * FROM x_ftpaccounts WHERE ft_acc_fk=:userid AND ft_id_pk=:editedUsrID AND ft_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $currentuser['userid']);
$numrows->bindParam(':editedUsrID', $urlvars['other']);
$numrows->execute();
if( $numrows->rowCount() == 0 ) {
return;
}
// Show User Info
return (isset($urlvars['show'])) && ($urlvars['show'] == "Edit");
}
static function getEditCurrentName()
{
global $controller;
if ($controller->GetControllerRequest('URL', 'other')) {
$current = self::ListCurrentClient($controller->GetControllerRequest('URL', 'other'));
return $current[0]['username'];
} else {
return "";
}
}
static function getEditCurrentID()
{
global $controller;
if ($controller->GetControllerRequest('URL', 'other')) {
$current = self::ListCurrentClient($controller->GetControllerRequest('URL', 'other'));
return $current[0]['id'];
} else {
return "";
}
}
static function getQuotaLimit()
{
$currentuser = ctrl_users::GetUserDetail();
return ($currentuser['ftpaccountsquota'] < 0 ) or //-1 = unlimited
($currentuser['ftpaccountsquota'] > ctrl_users::GetQuotaUsages('ftpaccounts', $currentuser['userid']));
}
static function getFTPUsagepChart()
{
global $controller;
$currentuser = ctrl_users::GetUserDetail();
$maximum = $currentuser['ftpaccountsquota'];
if ($maximum < 0) { //-1 = unlimited
if (file_exists(ui_tpl_assetfolderpath::Template() . 'img/misc/unlimited.png')) {
return '<img src="' . ui_tpl_assetfolderpath::Template() . 'img/misc/unlimited.png" alt="' . ui_language::translate('Unlimited') . '"/>';
} else {
return '<img src="modules/' . $controller->GetControllerRequest('URL', 'module') . '/assets/unlimited.png" alt="' . ui_language::translate('Unlimited') . '"/>';
}
} else {
$used = ctrl_users::GetQuotaUsages('ftpaccounts', $currentuser['userid']);
$free = max($maximum - $used, 0);
return '<img src="etc/lib/pChart2/sentora/z3DPie.php?score=' . $free . '::' . $used
. '&labels=Free: ' . $free . '::Used: ' . $used
. '&legendfont=verdana&legendfontsize=8&imagesize=240::190&chartsize=120::90&radius=100&legendsize=150::160"'
. ' alt="' . ui_language::translate('Pie chart') . '"/>';
}
}
static function getGeneratePass()
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail();
$uid = $currentuser['userid'];
$query = "SELECT * from x_password_strength WHERE ps_user_vc='$uid'";
$res = $zdbh->prepare($query);
$res->execute();
$results = $res->rowCount();
$val = "";
if($results == 0)
{
return "Generate Password";
}
else
if($results > 0)
{
while($rows=$res->fetch())
{
if($rows['ps_faenabled_in'] == 0)
{
return "Generate Password";
}
else if($rows['ps_faenabled_in'] == 1)
{
return $val;
}
}
}
}
static function getcurrentnote()
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail();
$uid = $currentuser['userid'];
$query = "SELECT * from x_password_strength WHERE ps_user_vc='$uid'";
$res = $zdbh->prepare($query);
$res->execute();
$results = $res->rowCount();
$val = "";
if($results == 0)
{
return true;
}
else
if($results > 0)
{
while($rows=$res->fetch())
{
if($rows['ps_faenabled_in'] == 0)
{
return true;
}
else if($rows['ps_faenabled_in'] == 1)
{
return false;
}
}
}
}
static function getResult()
{
if (!fs_director::CheckForEmptyValue(self::$blank)) {
return ui_sysmessage::shout(ui_language::translate("You must enter a valid username and password to create your FTP account."), "zannounceerror");
}
if (!fs_director::CheckForEmptyValue(self::$alreadyexists)) {
return ui_sysmessage::shout(ui_language::translate("An FTP account with that name already exists."), "zannounceerror");
}
if (!fs_director::CheckForEmptyValue(self::$error)) {
return ui_sysmessage::shout(ui_language::translate("There was an error updating your FTP accounts."), "zannounceerror");
}
if (!fs_director::CheckForEmptyValue(self::$badname)) {
return ui_sysmessage::shout(ui_language::translate("Your ftp account name is not valid. Please enter a valid ftp account name."), "zannounceerror");
}
if (!fs_director::CheckForEmptyValue(self::$invalidPath)) {
return ui_sysmessage::shout(ui_language::translate("Invalid Folder."), "zannounceok");
}
if (!fs_director::CheckForEmptyValue(self::$ok)) {
return ui_sysmessage::shout(ui_language::translate("FTP accounts updated successfully."), "zannounceok");
}
if (!fs_director::CheckForEmptyValue(self::$badpassword)) {
return ui_sysmessage::shout(ui_language::translate("Your password did not meet the minimun length requirements.Characters needed for password length : 9 with atleast 1 uppercase,
lowercase,special character,number"), "Error");
}
return;
}
/**
* Webinterface sudo methods.
*/
}