Alternc  3.2
Alternc logiel libre pour l'hébergement
 All Data Structures Namespaces Files Functions Variables Pages
Public Member Functions | Data Fields
m_admin Class Reference

Manage the AlternC's account administration (create/edit/delete) More...

Public Member Functions

 m_admin ()
 Constructor.
 hook_menu ()
 stop_if_jobs_locked ()
 get_uid_by_login ($login)
 get ($uid, $recheck=false)
 Returns the known information about a hosted account.
 get_creator ($uid)
 Returns the known information about a specific hosted account Similar to get_list() but for creators/resellers.
 onesu ()
 get_list ($all=0, $creator=0, $pattern=FALSE, $pattern_type=FALSE)
 Returns the list of the hosted accounts.
 mailallmembers ($subject, $message, $from)
 Send an email to all AlternC's accounts.
 get_creator_list ()
 Returns an array with the known information about resellers (uid, login, number of accounts) Does not include account 2000 in the list.
 checkcreator ($uid)
 Check if I am the creator of the member $uid.
 add_shared_domain ($u, $domain_name)
 add_mem ($login, $pass, $nom, $prenom, $mail, $canpass=1, $type='default', $duration=0, $notes="", $force=0, $create_dom=false, $db_server_id)
 Creates a new hosted account.
 hook_admin_add_member ()
 AlternC's standard function called when a user is created This sends an email if configured through the interface.
 update_mem ($uid, $mail, $nom, $prenom, $pass, $enabled, $canpass, $type='default', $duration=0, $notes="", $reset_quotas=false)
 Edit an account.
 lock_mem ($uid)
 Lock an account Lock an account and prevent the user to access its account.
 unlock_mem ($uid)
 UnLock an account UnLock an account and prevent the user to access its account.
 del_mem ($uid)
 Deletes an account Deletes the specified account.
 renew_mem ($uid, $periods=1)
 Renew an account Renew an account for its duration.
 renew_update ($uid, $duration)
 Update the duration information for an account.
 renew_get_expiry ($uid)
 Get the expiry date for an account.
 renew_get_status ($uid)
 Get the expiry status for an account.
 renew_get_expiring_accounts ()
 Get the expired/about to expire accounts.
 normal2su ($uid)
 Turns a common account into a super-admin account.
 su2normal ($uid)
 Turns a super-admin account into a common account.
 listtld ()
 List of the authorized TLDs Returns the list of the authorized TLDs and also the way they are authorized.
 dom_list ($alsocheck=false, $forcecheck=false)
 List the hosted domains on this server Return the list of hosted domains on this server, (an array of associative arrays)
 checkalldom ()
 Check all the domains for their NS MX and IPs.
 dom_lock ($domain)
 Lock / Unlock a domain Lock (or unlock) a domain, so that the member will be (not be) able to delete it from its account.
 gettld ($tld)
 Add a new TLD to the list of the authorized TLDs.
 selecttldmode ($current=false)
 Prints the list of the actually authorized TLDs.
 deltld ($tld)
 Deletes the specified tld in the list of the authorized TLDs Note : This function does not delete the domains depending on this TLD.
 addtld ($tld, $mode)
 Add a TLD to the list of the authorized TLDs during the installation.
 edittld ($tld, $mode)
 Modify a TLD of the list of the authorized TLDs.
 getadmin ()
 Get the login name of the main administrator account.
 listPasswordPolicies ()
 List the password policies currently installed in the policy table.
 editPolicy ($policy, $minsize, $maxsize, $classcount, $allowlogin)
 Change a password policy for one kind of password.
 checkPolicy ($policy, $login, $password)
 Check a password and a login for a specific policy.
 hook_upnp_list ()
 hook function called by AlternC-upnp to know which open tcp or udp ports this class requires or suggests

Data Fields

 $enabled = 0
 $enabled tells if the logged user is super-admin or not
 $tldmode = array()
 List of the controls made for each TLD.
 $archive = ''

Detailed Description

Manage the AlternC's account administration (create/edit/delete)

Definition at line 31 of file m_admin.php.

Member Function Documentation

add_mem (   $login,
  $pass,
  $nom,
  $prenom,
  $mail,
  $canpass = 1,
  $type = 'default',
  $duration = 0,
  $notes = "",
  $force = 0,
  $create_dom = false,
  $db_server_id 
)

Creates a new hosted account.

Creates a new hosted account (in the tables membres and local). Prevents any manipulation of the account if the account $mid is not super-admin.

Parameters
$loginstring Login name like [a-z][a-z0-9]*
$passstring Password (max. 64 characters)
$nomstring Name of the account owner
$prenomstring First name of the account owner
$mailstring Email address of the account owner, useful to get one's lost password $type string Account type for quotas
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 494 of file m_admin.php.

References $classes, $cuid, $db, $err, $force, $hooks, $mem, $uid, _md5cr(), add_shared_domain(), checkmail(), enabled, getuserpath(), and renew_update().

{
global $err,$quota,$classes,$cuid,$mem,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$hooks,$action;
$err->log("admin","add_mem",$login."/".$mail);
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
if (empty($db_server_id)) {
$err->raise("admin",_("Missing db_server field"));
return false;
}
if (($login=="")||($pass=="")) {
$err->raise("admin",_("All fields are mandatory"));
return false;
}
if (!$force) {
if ($mail=="") {
$err->raise("admin",_("All fields are mandatory"));
return false;
}
if (checkmail($mail)!=0){
$err->raise("admin",_("Please enter a valid email address"));
return false;
}
}
$login=strtolower($login);
if (!preg_match("#^[a-z0-9]+$#",$login)) { //$
$err->raise("admin", _("Login can only contains characters a-z and 0-9"));
return false;
}
if (strlen($login) > 14) {
// Not an arbitrary value : MySQL user names can be up to 16 characters long
// If we want to allow people to create a few mysql_user (and we want to!)
// we have to limit the login lenght
$err->raise("admin",_("The login is too long (14 chars max)"));
return false;
}
// Some login are not allowed...
if ($login==$L_MYSQL_DATABASE || $login==$L_MYSQL_LOGIN || $login=="mysql" || $login=="root") {
$err->raise("admin",_("Login can only contains characters a-z, 0-9 and -"));
return false;
}
$pass=_md5cr($pass);
$db=new DB_System();
$notes = mysql_real_escape_string($notes);
// Already exist?
$db->query("SELECT count(*) AS cnt FROM membres WHERE login='$login';");
$db->next_record();
if (!$db->f("cnt")) {
$db->query("SELECT max(m.uid)+1 as nextid FROM membres m");
if (!$db->next_record()) {
$uid=2000;
} else {
$uid=$db->Record["nextid"];
if ($uid<=2000) $uid=2000;
}
$db->query("INSERT INTO membres (uid,login,pass,mail,creator,canpass,type,created,notes,db_server_id) VALUES ('$uid','$login','$pass','$mail','$cuid','$canpass', '$type', NOW(), '$notes', '$db_server_id');");
$db->query("INSERT INTO local(uid,nom,prenom) VALUES('$uid','$nom','$prenom');");
$this->renew_update($uid, $duration);
#exec("sudo /usr/lib/alternc/mem_add ".$login." ".$uid);
$action->create_dir(getuserpath("$login"));
$action->fix_user($uid);
// Triggering hooks
$mem->su($uid);
// TODO: old hook method FIXME: when unused remove this
/*
foreach($classes as $c) {
if (method_exists($GLOBALS[$c],"alternc_add_member")) {
$GLOBALS[$c]->alternc_add_member();
}
}
*/
$hooks->invoke("alternc_add_member");
// New hook way
$hooks->invoke("hook_admin_add_member", array(), array('quota')); // First !!! The quota !!! Etherway, we can't be sure to be able to create all
$hooks->invoke("hook_admin_add_member");
$mem->unsu();
if (!empty($create_dom)) {
$this->add_shared_domain($uid, $create_dom);
}
return $uid;
} else {
$err->raise("admin",_("This login already exists"));
return false;
}
}
add_shared_domain (   $u,
  $domain_name 
)

Definition at line 450 of file m_admin.php.

References $cuid, $db, $dom, $err, and $mem.

Referenced by add_mem().

{
global $db,$err,$dom,$mem,$cuid;
$err->log("admin","add_shared_domain",$u."/".$domain_name);
if (! $mem->checkright() ) {
$err->raise("admin",_("-- Only administrators can do that! --"));
return false;
}
// Check if this domain exist on this admin account
if (! in_array($domain_name, $dom->enum_domains())) {
$err->raise("admin",_("You don't seem to be allowed to delegate this domain"));
$err->log("admin","add_shared_domain","domain not allowed");
return false;
}
// Clean the domain_name
$domain_name=preg_replace("/^\.\.*/", "", $domain_name);
$mem->su($u);
$dom->lock();
// option : 1=hébergement dns, 1=noerase, empeche de modifier, 1=force
$dom->add_domain($mem->user['login'].".".$domain_name,1,1,1);
$dom->unlock();
$mem->unsu();
return true;
}
addtld (   $tld,
  $mode 
)

Add a TLD to the list of the authorized TLDs during the installation.

Parameters
$tldstring TLD we want to authorize
$modeinteger Controls to make on this TLD. Note: If you check in the whois, be sure that m_domains knows how to name the whois of the specified domain !
Returns
boolean TRUE if the TLD has been successfully added. FALSE if not.

Definition at line 1137 of file m_admin.php.

References $db, $err, and $mode.

{
global $db,$err;
if (!$tld) {
$err->raise("admin",_("The TLD name is mandatory"));
return false;
}
$tld=trim($tld);
$db->query("SELECT tld FROM tld WHERE tld='$tld';");
if ($db->next_record()) {
$err->raise("admin",_("This TLD already exist"));
return false;
}
if (substr($tld,0,1)==".") $tld=substr($tld,1);
$mode=intval($mode);
if ($mode==0) $mode="0";
$db->query("INSERT INTO tld (tld,mode) VALUES ('$tld','$mode');");
return true;
}
checkalldom ( )

Check all the domains for their NS MX and IPs.

Definition at line 992 of file m_admin.php.

References $c, $d, $db, $r, and $t.

Referenced by dom_list().

{
global $db,$L_NS1,$L_NS2,$L_MX,$L_PUBLIC_IP;
$checked=array();
$r=$db->query("SELECT * FROM domaines ORDER BY domaine;");
$dl=array();
while ($db->next_record()) {
$dl[$db->Record["domaine"]]=$db->Record;
}
sort($dl);
foreach($dl as $c) {
// For each domain check its type:
$errno=0;
$errstr="";
$dontexist=false;
// Check the domain.
if ($c["gesdns"]==1) {
// Check the NS pointing to us
$out=array();
exec("dig +short NS ".escapeshellarg($c["domaine"]),$out);
if (count($out)==0) {
$dontexist=true;
} else {
if (!in_array($L_NS1.".",$out) || !in_array($L_NS2.".",$out)) {
$errno=1; $errstr.="NS for this domain are not $L_NS1 and $L_NS2 BUT ".implode(",",$out)."\n";
}
}
}
if ($c["gesmx"]==1 && !$dontexist) {
$out=array();
exec("dig +short MX ".escapeshellarg($c["domaine"]),$out);
$out2=array();
foreach($out as $o) {
list($t,$out2[])=explode(" ",$o);
}
if (!in_array($L_MX.".",$out2)) {
$errno=1; $errstr.="MX is not $L_MX BUT ".implode(",",$out2)."\n";
}
}
if (!$dontexist) {
// We list all subdomains and check they are pointing to us.
$db->query("SELECT * FROM sub_domaines WHERE domaine='".addslashes($c["domaine"])."' ORDER BY sub;");
while ($db->next_record()) {
$d=$db->Record;
if ($d["type"]==0) {
// Check the IP:
$out=array();
exec("dig +short A ".escapeshellarg($d["sub"].(($d["sub"]!="")?".":"").$c["domaine"]),$out);
if (!in_array($L_PUBLIC_IP,$out)) {
$errstr.="subdomain '".$d["sub"]."' don't point to $L_PUBLIC_IP but to ".implode(",",$out)."\n";
$errno=1;
}
}
}
}
if ($dontexist) {
$errno=2;
$errstr="Domain don't exist anymore !";
}
if ($errno==0) $errstr="OK";
$checked[$c["domaine"]]=array("errno"=>$errno, "errstr"=>$errstr);
}
return $checked;
}
checkcreator (   $uid)

Check if I am the creator of the member $uid.

Parameters
integer$uida unique integer identifying the account
Returns
boolean TRUE if I am the creator of that account. FALSE else.

Definition at line 435 of file m_admin.php.

References $cuid, $db, $err, and $mem.

{
global $err,$mem,$db,$cuid;
if ($cuid==2000) {
return true;
}
$db->query("SELECT creator FROM membres WHERE uid='$uid';");
$db->next_record();
if ($db->Record["creator"]!=$cuid) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
return true;
}
checkPolicy (   $policy,
  $login,
  $password 
)

Check a password and a login for a specific policy.

Parameters
$policystring Name of the policy to check for
$loginThe login that will be set
$passwordThe password we have to check
Returns
boolean TRUE if the password if OK for this login and this policy, FALSE if it is not.

Definition at line 1278 of file m_admin.php.

References $db, $err, $i, $p, $password, and listPasswordPolicies().

{
global $db,$err;
if (empty($login)) {
$err->raise("admin",_("Please enter a login"));
return false;
}
if (empty($password)) {
$err->raise("admin",_("Please enter a password"));
return false;
}
$pol=$this->listPasswordPolicies();
if (!$pol[$policy]) {
$err->raise("admin",_("-- Program error -- The requested password policy does not exist!"));
return false;
}
$pol=$pol[$policy];
// Ok, now let's check it :
$plen=strlen($password);
if ($plen<$pol["minsize"]) {
$err->raise("admin",_("The password length is too short according to the password policy"));
return false;
}
if ($plen>$pol["maxsize"]) {
$err->raise("admin",_("The password is too long according to the password policy"));
return false;
}
if (!$pol["allowlogin"]) {
// We do misc check on password versus login :
$logins=explode("@",$login);
$logins[]=$login;
foreach($logins as $l) {
if (strpos($password,$l)!==false) {
$err->raise("admin",_("The password policy prevents you to use your login name inside your password"));
return false;
}
}
}
if ($pol["classcount"]>0) {
$cls=array(0,0,0,0,0);
for($i=0;$i<strlen($password);$i++) {
$p=substr($password,$i,1);
if (strpos("abcdefghijklmnopqrstuvwxyz",$p)!==false) {
$cls[0]=1;
} elseif (strpos("ABCDEFGHIJKLMNOPQRSTUVWXYZ",$p)!==false) {
$cls[1]=1;
} elseif (strpos("0123456789",$p)!==false) {
$cls[2]=1;
} elseif (strpos('!"#$%&\'()*+,-./:;<=>?@[\\]^_`',$p)!==false) {
$cls[3]=1;
} else {
$cls[4]=1;
}
} // foreach
$clc=array_sum($cls);
if ($clc<$pol["classcount"]) {
$err->raise("admin",_("Your password contains not enough different classes of character, between low-case, up-case, figures and special characters."));
return false;
}
}
return true; // congratulations !
}
del_mem (   $uid)

Deletes an account Deletes the specified account.

Prevents any manipulation of the account if the account $mid is not super-admin.

Parameters
$uidinteger the uid number of the account we want to delete
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 748 of file m_admin.php.

References $classes, $cuid, $db, $dom, $err, $hooks, $mem, $uid, enabled, and getuserpath().

{
global $err,$quota,$classes,$cuid,$mem,$dom,$hooks,$action;
$err->log("admin","del_mem",$uid);
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
$db=new DB_System();
$tt=$this->get($uid);
$mem->su($uid);
// This script may take a long time on big accounts, let's give us some time ... Fixes 1132
@set_time_limit(0);
// WE MUST call m_dom before all others because of conflicts ...
$dom->hook_admin_del_member();
# New way of deleting or backup delted user html folders using action class
$path=getuserpath($tt['login']);
$action->archive($path);
$hooks->invoke("alternc_del_member");
$hooks->invoke("hook_admin_del_member");
if (($db->query("DELETE FROM membres WHERE uid='$uid';")) &&
($db->query("DELETE FROM local WHERE uid='$uid';"))) {
$mem->unsu();
// If this user was (one day) an administrator one, he may have a list of his own accounts. Let's associate those accounts to nobody as a creator.
$db->query("UPDATE membres SET creator=2000 WHERE creator='$uid';");
return true;
} else {
$err->raise("admin",_("Account not found"));
$mem->unsu();
return false;
}
}
deltld (   $tld)

Deletes the specified tld in the list of the authorized TLDs Note : This function does not delete the domains depending on this TLD.

Parameters
$tldstring The TLD you want to delete
Returns
boolean returns true if the TLD has been deleted, or false if an error occured.

Definition at line 1115 of file m_admin.php.

References $db, and $err.

{
global $db,$err;
$db->query("SELECT tld FROM tld WHERE tld='$tld';");
if (!$db->next_record()) {
$err->raise("admin",_("This TLD does not exist"));
return false;
}
$db->query("DELETE FROM tld WHERE tld='$tld';");
return true;
}
dom_list (   $alsocheck = false,
  $forcecheck = false 
)

List the hosted domains on this server Return the list of hosted domains on this server, (an array of associative arrays)

Parameters
boolean$alsocheckReturns also errstr and errno telling the domains dig checks
boolean$forcecheckForce the check of dig domain even if a cache exists.
Returns
array $r[$i] / [domaine][member][noerase][gesdns][gesmx]

Definition at line 963 of file m_admin.php.

References $c, $db, $forcecheck, and checkalldom().

{
global $db;
$cachefile="/tmp/alternc_dig_check_cache";
$cachetime=3600; // The dns cache file can be up to 1H old
if ($alsocheck) {
if (!$forcecheck && file_exists($cachefile) && filemtime($cachefile)+$cachetime>time()) {
$checked=unserialize(file_get_contents($cachefile));
} else {
// TODO : do the check here (cf checkdom.php) and store it in $checked
$checked=$this->checkalldom();
file_put_contents($cachefile,serialize($checked));
}
}
$db->query("SELECT m.uid,m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ORDER BY domaine;");
while ($db->next_record()) {
$tmp=$db->Record;
if ($alsocheck) {
$tmp["errstr"]=$checked[$tmp["domaine"]]["errstr"];
$tmp["errno"]=$checked[$tmp["domaine"]]["errno"];
}
$c[]=$tmp;
}
return $c;
}
dom_lock (   $domain)

Lock / Unlock a domain Lock (or unlock) a domain, so that the member will be (not be) able to delete it from its account.

Parameters
$domstring Domain name to lock / unlock
Returns
boolean TRUE if the domain has been locked/unlocked or FALSE if it does not exist.

Definition at line 1064 of file m_admin.php.

References $db, $domain, and $err.

{
global $db,$err;
$db->query("SELECT compte FROM domaines WHERE domaine='$domain';");
if (!$db->next_record()) {
$err->raise("dom",_("Domain '%s' not found."),$domain);
return false;
}
$db->query("UPDATE domaines SET noerase=1-noerase WHERE domaine='$domain';");
return true;
}
editPolicy (   $policy,
  $minsize,
  $maxsize,
  $classcount,
  $allowlogin 
)

Change a password policy for one kind of password.

Parameters
$policystring Name of the policy to edit
$minsizeinteger Minimum Password size
$maxsizeinteger Maximum Password size
$classcountinteger How many class of characters must this password have
$allowloginboolean Do we allow the password to be like the login ?
Returns
boolean TRUE if the policy has been edited, or FALSE if an error occured.

Definition at line 1251 of file m_admin.php.

References $db.

{
global $db;
$minsize=intval($minsize);
$maxsize=intval($maxsize);
$classcount=intval($classcount);
$allowlogin=intval($allowlogin);
$db->query("SELECT * FROM policy WHERE name='".addslashes($policy)."';");
if (!$db->next_record()) {
return false; // Policy not found
}
if ($minsize<0 || $minsize>64 || $maxsize<0 || $maxsize>64 || $maxsize<$minsize || $classcount<0 || $classcount>4) {
return false; // Incorrect policy ...
}
$allowlogin=($allowlogin)?1:0;
$db->query("UPDATE policy SET minsize=$minsize, maxsize=$maxsize, classcount=$classcount, allowlogin=$allowlogin WHERE name='".addslashes($policy)."';");
return true;
}
edittld (   $tld,
  $mode 
)

Modify a TLD of the list of the authorized TLDs.

Parameters
$tldstring TLD we want to modify
$modeinteger Controls to make on this TLD.
Returns
boolean TRUE if the TLD has been successfully modified. FALSE if not.

Definition at line 1165 of file m_admin.php.

References $db, $err, and $mode.

{
global $db,$err;
$db->query("SELECT tld FROM tld WHERE tld='$tld';");
if (!$db->next_record()) {
$err->raise("admin",_("This TLD does not exist"));
return false;
}
$mode=intval($mode);
if ($mode==0) $mode="0";
$db->query("UPDATE tld SET mode='$mode' WHERE tld='$tld';");
return true;
}
get (   $uid,
  $recheck = false 
)

Returns the known information about a hosted account.

Returns all what we know about an account (contents of the tables membres et local) Ckecks if the account is super-admin

Parameters
integer$uida unique integer identifying the account
Returns
an associative array containing all the fields of the table membres and local of the corresponding account. Returns FALSE if an error occurs.

Definition at line 170 of file m_admin.php.

{
global $err,$db,$lst_users_properties;
// $err->log("admin","get",$uid);
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
if (!isset($lst_users_properties) || empty($lst_users_properties) || !is_array($lst_users_properties) || $recheck ) {
$lst_users_properties=array();
$db->query("
SELECT
m.uid as muid,
l.*,
m.*,
parent.login as parentlogin,
dbs.name as db_server_name,
m.renewed + INTERVAL m.duration MONTH as expiry,
CASE
WHEN m.duration IS NULL THEN 0
WHEN m.renewed + INTERVAL m.duration MONTH <= NOW() THEN 3
WHEN m.renewed <= NOW() THEN 2
ELSE 1 END 'status'
FROM membres as m
LEFT JOIN membres as parent ON (parent.uid = m.creator)
LEFT JOIN db_servers as dbs ON (m.db_server_id = dbs.id)
LEFT JOIN local as l ON (m.uid = l.uid) ;");
while ($db->next_record()) {
$lst_users_properties[$db->f('muid')]=$db->Record;
}
}
if ( !isset($lst_users_properties[$uid]) ) {
if ( !$recheck ) {
// don't exist, but is not a forced check. Do a forced check
return $this->get($uid, true);
}
$err->raise("admin",_("Account not found"));
return false;
}
return $lst_users_properties[$uid];
}
get_creator (   $uid)

Returns the known information about a specific hosted account Similar to get_list() but for creators/resellers.

Definition at line 220 of file m_admin.php.

References $c, $db, $err, $key, $val, and enabled.

Referenced by get_creator_list().

{
global $err,$db;
// $err->log("admin","get",$uid);
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
$db->query("SELECT m.*, parent.login as parentlogin FROM membres as m LEFT JOIN membres as parent ON (parent.uid = m.creator) WHERE m.uid='$uid';");
if ($db->num_rows()) {
$db->next_record();
$c=$db->Record;
} else {
$err->raise("admin",_("Account not found"));
return false;
}
$db->query("SELECT * FROM local WHERE uid='$uid';");
if ($db->num_rows()) {
$db->next_record();
reset($db->Record);
while (list($key,$val)=each($db->Record)) {
$c[$key]=$val;
}
}
$db->query("SELECT count(*) as nbcreated FROM membres WHERE creator='$uid';");
if ($db->num_rows()) {
$db->next_record();
reset($db->Record);
while (list($key,$val)=each($db->Record)) {
$c[$key]=$val;
}
}
return $c;
}
get_creator_list ( )

Returns an array with the known information about resellers (uid, login, number of accounts) Does not include account 2000 in the list.

May only be called by the admin account (2000) If there are no reseller accounts, returns an empty array.

Definition at line 405 of file m_admin.php.

References $cuid, $db, $err, $mem, enabled, and get_creator().

{
global $err,$mem,$cuid;
$creators = array();
$err->log("admin","get_reseller_list");
if (!$this->enabled || $cuid!=2000) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
$db=new DB_System();
$db->query("SELECT DISTINCT creator FROM membres WHERE creator <> 0 ORDER BY creator ASC;");
if ($db->num_rows()) {
while ($db->next_record()) {
$creators[] = $this->get_creator($db->f("creator"));
}
}
$creators2 = array();
foreach ($creators as $cc ) {
$creators2[$cc['uid']] = $cc;
}
return $creators2;
}
get_list (   $all = 0,
  $creator = 0,
  $pattern = FALSE,
  $pattern_type = FALSE 
)

Returns the list of the hosted accounts.

Returns all what we know about ALL the accounts (contents of the tables membres et local) Check for super-admin accounts

Parameters
@returnan associative array containing all the fields of the table membres and local of all the accounts. Returns FALSE if an error occurs.

Definition at line 284 of file m_admin.php.

References $c, $creator, $cuid, $db, $err, $mem, and enabled.

{
global $err,$mem,$cuid;
$err->log("admin","get_list");
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
$db=new DB_System();
if ($pattern) {
if ($pattern_type === 'domaine') {
$request = 'SELECT compte AS uid FROM domaines WHERE 1';
if ($pattern && preg_match('/[.a-zA-Z0-9]+/', $pattern))
$request .= sprintf(' AND domaine LIKE "%%%s%%"', $pattern);
if ($creator)
$request .= sprintf(' AND compte in (select uid from membres where creator = "%s" ) ', $creator);
if ($mem->user['uid']!=2000 && !$all)
$request .= sprintf(' AND compte in (select uid from membres where creator = "%s") ', $cuid);
$request .= ' GROUP BY uid';
} elseif ($pattern_type === 'login') {
$request = 'SELECT uid FROM membres WHERE 1';
if ($pattern && preg_match('/[a-zA-Z0-9]+/', $pattern))
$request .= sprintf(' AND login LIKE "%%%s%%"', $pattern);
if ($creator)
$request .= sprintf(' AND creator = "%s"', $creator);
if ($mem->user['uid']!=2000 && !$all)
$request .= sprintf(' AND creator = "%s"', $cuid);
$request .= ' ORDER BY login;';
} else {
$err->raise("admin", _("Invalid pattern type provided. Are you even performing a legitimate action?"));
return FALSE;
}
} else {
if ($creator)
{
// Limit listing to a specific reseller
$request = "SELECT uid FROM membres WHERE creator='".$creator."' ORDER BY login;";
} elseif ($mem->user['uid']==2000 || $all) {
$request = "SELECT uid FROM membres ORDER BY login;";
} else {
$request = "SELECT uid FROM membres WHERE creator='".$cuid."' ORDER BY login;";
}
}
$db->query($request);
if ($db->num_rows()) {
while ($db->next_record()) {
$c[$db->f("uid")]=$this->get($db->f("uid"));
}
return $c;
} else {
return false;
}
}
get_uid_by_login (   $login)

Definition at line 149 of file m_admin.php.

{
global $db;
$db->query("SELECT uid FROM membres WHERE login='$login';");
if (! $db->next_record()) {
return null;
}
return $db->f('uid');
}
getadmin ( )

Get the login name of the main administrator account.

Returns
string the login name of admin, like 'root' for older alterncs

Definition at line 1183 of file m_admin.php.

References $db.

{
global $db;
$db->query("SELECT login FROM membres WHERE uid = '2000';");
$db->next_record();
return $db->f("login");
}
gettld (   $tld)

Add a new TLD to the list of the authorized TLDs.

Parameters
$tldstring top-level domain to add (org, com...)
$modeinteger number of the authorized mode (0 to 5)
Returns
boolean TRUE if the tld has been successfully added, FALSE if not.

Definition at line 1083 of file m_admin.php.

References $db, and $err.

{
global $db,$err;
$db->query("SELECT mode FROM tld WHERE tld='$tld';");
if (!$db->next_record()) {
$err->raise("admin",_("This TLD does not exist"));
return false;
}
return $db->Record["mode"];
}
hook_admin_add_member ( )

AlternC's standard function called when a user is created This sends an email if configured through the interface.

Definition at line 588 of file m_admin.php.

References $cuid, $db, $err, and variable_get().

{
global $err, $cuid, $L_FQDN, $L_HOSTING;
$dest = variable_get('new_email', '0', 'An email will be sent to this address when new accounts are created if set.', array(array('desc'=>'Enabled','type'=>'boolean')));
if (!$dest) {
return false;
}
$db=new DB_System();
if (!$db->query("SELECT m.*, parent.login as parentlogin FROM membres m LEFT JOIN membres parent ON parent.uid=m.creator WHERE m.uid='$cuid'")) {
$err->raise("admin",sprintf(_("query failed: %s "), $db->Error));
return false;
}
if ($db->next_record()) {
// TODO: put that string into gettext !
$mail = <<<EOF
A new AlternC account was created on %fqdn by %creator.
Account details
---------------
login: %login (%uid)
email: %mail
createor: %creator (%cuid)
can change password: %canpass
type: %type
notes: %notes
EOF;
$mail = strtr($mail, array('%fqdn' => $L_FQDN,
'%creator' => $db->Record['parentlogin'],
'%uid' => $db->Record['uid'],
'%login' => $db->Record['login'],
'%mail' => $db->Record['mail'],
'%cuid' => $db->Record['creator'],
'%canpass' => $db->Record['canpass'],
'%type' => $db->Record['type'],
'%notes' => $db->Record['notes']));
$subject=sprintf(_("New account %s from %s on %s"), $db->Record['login'], $db->Record['parentlogin'], $L_HOSTING);
if (mail($dest,$subject,$mail,"From: postmaster@$L_FQDN")) {
//sprintf(_("Email successfully sent to %s"), $dest);
return true;
} else {
$err->raise("admin",sprintf(_("Cannot send email to %s"), $dest));
return false;
}
} else {
$err->raise("admin",sprintf(_("Query failed: %s"), $db->Error));
return false;
}
}
hook_menu ( )

Definition at line 70 of file m_admin.php.

References $cuid, and $mem.

{
global $mem, $cuid, $debug_alternc, $L_INOTIFY_UPDATE_DOMAIN;
if (!$mem->checkRight()) return false;
$obj = array(
'title' => _("Administration"),
'ico' => 'images/admin.png',
'link' => 'toggle',
'class' => 'adminmenu',
'pos' => 10,
'links' =>
array(
array(
'txt' => _("Manage AlternC accounts"),
'url' => 'adm_list.php',
'class' => 'adminmenu'
),
array(
'txt' => _("User Quotas"),
'url' => 'quotas_users.php?mode=4',
'class' => 'adminmenu'
),
)
) ;
if ($cuid == 2000) {
$obj['links'][] =
array(
'txt' => _("Admin Control Panel"),
'url' => 'adm_panel.php',
'class' => 'adminmenu'
);
$obj['links'][] =
array(
'txt' => _("PhpMyAdmin"),
'url' => '/alternc-sql/',
'class' => 'adminmenu',
'target' => '_blank',
);
$obj['links'][] =
array(
'txt' => ($debug_alternc->status)?_("Switch debug Off"):_("Switch debug On"),
'url' => "alternc_debugme.php?enable=".($debug_alternc->status?"0":"1"),
'class' => 'adminmenu'
);
if (empty($L_INOTIFY_UPDATE_DOMAIN) || file_exists("$L_INOTIFY_UPDATE_DOMAIN") ) {
$obj['links'][] =
array(
'txt' => _("Applying..."),
'url' => 'javascript:alert(\''._("Domain changes are already applying").'\');',
'class' => 'adminmenu',
);
} else {
$obj['links'][] =
array(
'txt' => _("Apply changes"),
'url' => 'adm_update_domains.php',
'class' => 'adminmenu',
'onclick' => 'return confirm("'.addslashes(_("Server configuration changes are applied every 5 minutes. Do you want to do it right now?")).'");',
);
} // L_INOTIFY_UPDATE_DOMAIN
} // cuid == 2000
return $obj;
}
hook_upnp_list ( )

hook function called by AlternC-upnp to know which open tcp or udp ports this class requires or suggests

Returns
array a key => value list of port protocol name mandatory values private

Definition at line 1353 of file m_admin.php.

{
return array(
"http" => array("port" => 80, "protocol" => "tcp", "mandatory" => 1),
"https" => array("port" => 443, "protocol" => "tcp", "mandatory" => 0),
"ssh" => array("port" => 22, "protocol" => "tcp", "mandatory" => 0),
);
}
listPasswordPolicies ( )

List the password policies currently installed in the policy table.

Returns
array an indexed array of associative array from the MySQL "policy" table

Definition at line 1195 of file m_admin.php.

References $classes, $db, $hooks, and isset.

Referenced by checkPolicy().

{
global $db,$classes,$hooks;
$tmp1=array();
$tmp2=array();
$tmp3=array();
$policies=array();
$db->query("SELECT * FROM policy;");
while ($db->next_record()) {
$tmp1[$db->Record["name"]]=$db->Record;
}
/* * /
foreach($classes as $c) {
if (method_exists($GLOBALS[$c],"alternc_password_policy")) {
$res=$GLOBALS[$c]->alternc_password_policy(); // returns an array
foreach($res as $k=>$v) {
$tmp2[$k]=$v;
}
}
}
/* */
$tmp3=$hooks->invoke("alternc_password_policy");
foreach ($tmp3 as $v) {
foreach ($v as $l=>$m) {
$tmp2[$l]=$m;
}
}
foreach($tmp2 as $k=>$v) {
if (!isset($tmp1[$k])) {
// Default policy :
$db->query("INSERT INTO policy SET name='".addslashes($k)."', minsize=0, maxsize=64, classcount=0, allowlogin=0;");
$tmp1[$k]=array(
"minsize"=>0, "maxsize"=>64, "classcount"=>0, "allowlogin"=>0
);
}
$policies[$k]=$tmp1[$k];
$policies[$k]["description"]=_($v);
unset($tmp1[$k]);
}
foreach ($tmp1 as $k=>$v) {
// Delete disabled modules :
$db->query("DELETE FROM policy WHERE name='".addslashes($k)."';");
}
return $policies;
}
listtld ( )

List of the authorized TLDs Returns the list of the authorized TLDs and also the way they are authorized.

A TLD is the last members (or the last two) of a domain. For example, "com", "org" etc... AlternC keeps a table containing the list of the TLDs authorized to be installed on the server with the instructions to validate the installation of a domain for each TLD (if necessary).

Returns
array An associative array like $r["tld"], $r["mode"] where tld is the tld and mode is the authorized mode.

Definition at line 946 of file m_admin.php.

References $c, and $db.

{
global $db;
$db->query("SELECT tld,mode FROM tld ORDER BY tld;");
while ($db->next_record()) {
$c[]=$db->Record;
}
return $c;
}
lock_mem (   $uid)

Lock an account Lock an account and prevent the user to access its account.

Parameters
$uidinteger the uid number of the account we want to lock
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 699 of file m_admin.php.

References $db, $err, $uid, and enabled.

{
global $err,$db;
$err->log("admin","lock_mem",$uid);
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
$db=new DB_System();
if ($db->query("UPDATE membres SET enabled='0' WHERE uid='$uid';")) {
return true;
}
else {
$err->raise("admin",_("Account not found"));
return false;
}
}
m_admin ( )

Constructor.

Definition at line 53 of file m_admin.php.

References $cuid, $db, enabled, and variable_get().

{
global $db,$cuid;
$db->query("SELECT su FROM membres WHERE uid='$cuid';");
$db->next_record();
$this->enabled=$db->f("su");
$this->tldmode=array(
0 => _("This TLD is forbidden"),
1 => _("primary DNS is checked in WHOIS db"),
2 => _("primary & secondary DNS are checked in WHOIS db"),
3 => _("Domain must exist, but don't do any DNS check"),
4 => _("Domain can be installed, no check at all"),
5 => _("Domain can be installed, force NO DNS hosting"),
);
$this->archive=variable_get('archive_del_data','','If folder specified html folder of deleted user is archived, else it is deleted. ');
}
mailallmembers (   $subject,
  $message,
  $from 
)

Send an email to all AlternC's accounts.

Parameters
$subjectstring Subject of the email to send
$messagestring Message to send
$fromstring expeditor of that email.
Returns
true if the mail has been successfully sent.

Definition at line 367 of file m_admin.php.

References $cuid, $db, $err, $mem, checkmail(), and enabled.

{
global $err,$mem,$cuid,$db;
$err->log("admin","mailallmembers");
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
$subject=trim($subject);
$message=trim($message);
$from=trim($from);
if (empty($subject) || empty($message) || empty($from) ){
$err->raise("admin",_("Subject, message and sender are mandatory"));
return false;
}
if (checkmail($from) != 0) {
$err->raise("admin",_("Sender is syntaxically incorrect"));
return false;
}
@set_time_limit(1200);
$db->query("SELECT DISTINCT mail FROM membres WHERE mail!='';");
while ($db->next_record()) {
// Can't do BCC due to postfix limitation
// FIXME: use phpmailer, far better for mass-mailing than sendmail (reply-to issue among others)
mail($db->f('mail'), $subject, $message, null, "-f$from");
}
return true;
}
normal2su (   $uid)

Turns a common account into a super-admin account.

Parameters
$uidinteger the uid number of the common account we want to turn into a super-admin account.
Returns
Returns FALSE if an error occurs, TRUE if not.

Definition at line 897 of file m_admin.php.

References $db, and $err.

{
global $err,$db;
$db->query("SELECT su FROM membres WHERE uid='$uid';");
if (!$db->next_record()) {
$err->raise("admin",_("Account not found"));
return false;
}
if ($db->Record["su"]!=0) {
$err->raise("admin",_("This account is ALREADY an administrator account"));
return false;
}
$db->query("UPDATE membres SET su=1 WHERE uid='$uid';");
return true;
}
onesu ( )
Returns
TRUE if there's only ONE admin account
boolean TRUE if there is only one admin account (allow the program to prevent the destruction of the last admin account)

Definition at line 265 of file m_admin.php.

References $db.

{
global $db;
$db->query("SELECT COUNT(*) AS cnt FROM membres WHERE su=1");
$db->next_record();
return ($db->f("cnt")==1);
}
renew_get_expiring_accounts ( )

Get the expired/about to expire accounts.

Returns
resource The recordset of the corresponding accounts

Definition at line 871 of file m_admin.php.

References $db, and $res.

{
global $db;
if(!$db->query("SELECT *, m.renewed + INTERVAL duration MONTH 'expiry'," .
" CASE WHEN m.duration IS NULL THEN 0" .
" WHEN m.renewed + INTERVAL m.duration MONTH <= NOW() THEN 3" .
" WHEN m.renewed <= NOW() THEN 2" .
" ELSE 1 END 'status' FROM membres m, local l" .
" WHERE m.uid = l.uid" .
" HAVING status=2 or status=3 ORDER BY status DESC, expiry;"))
return false;
else {
$res=array();
while($db->next_record())
$res[] = $db->Record;
return $res;
}
}
renew_get_expiry (   $uid)

Get the expiry date for an account.

Parameters
$uidinteger The uid number of the account
Returns
string The expiry date, a string as printed by MySQL

Definition at line 838 of file m_admin.php.

References $uid, and isset.

{
$jj=$this->get($uid);
if ( isset($jj) && isset($jj['expiry']) && ! empty($jj['expiry']) ) {
return $jj['expiry'];
}
return '';
}
renew_get_status (   $uid)

Get the expiry status for an account.

Parameters
$uidinteger The uid number of the account
Returns
integer The expiry status: 0: account does not expire 1: expires in more than duration, 2: expires within the duration 3: has expired past the duration

Definition at line 856 of file m_admin.php.

References $uid, and isset.

{
$jj=$this->get($uid);
if ( isset($jj) && isset($jj['status']) && ! empty($jj['status']) ) {
return $jj['status'];
}
return 0;
}
renew_mem (   $uid,
  $periods = 1 
)

Renew an account Renew an account for its duration.

Parameters
$uidinteger the uid number of the account we want to renew
$periodsinteger the number of periods we renew for
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 793 of file m_admin.php.

References $db, $err, and $query.

{
global $err,$db;
$periods = intval($periods);
if($periods == 0)
return false;
$query = "UPDATE membres SET renewed = renewed + INTERVAL (duration * $periods) MONTH WHERE uid=${uid};";
if ($db->query($query)) {
return true;
} else {
$err->raise("admin",_("Account not found"));
return false;
}
}
renew_update (   $uid,
  $duration 
)

Update the duration information for an account.

Parameters
$uidinteger the uid number of the account we want to update
$durationinteger the new duration, in months, of the account
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 816 of file m_admin.php.

References $db, and $err.

Referenced by add_mem(), and update_mem().

{
global $err,$db;
if($duration == 0) {
if($db->query("UPDATE membres SET duration = NULL, renewed = NULL WHERE uid=$uid;"))
return true;
} else {
if($db->query("UPDATE membres SET duration = $duration WHERE uid=$uid") &&
$db->query("UPDATE membres SET renewed = NOW() WHERE uid=$uid and renewed is null;"))
return true;
}
$err->raise("admin",_("Account not found"));
return false;
}
selecttldmode (   $current = false)

Prints the list of the actually authorized TLDs.

Parameters
$currentinteger Value to select in the list

Definition at line 1098 of file m_admin.php.

References $i.

{
for($i=0;$i<count($this->tldmode);$i++) {
echo "<option value=\"$i\"";
if ($current==$i) echo " selected=\"selected\"";
echo ">"._($this->tldmode[$i])."</option>\n";
}
}
stop_if_jobs_locked ( )

Definition at line 139 of file m_admin.php.

{
if ( file_exists(ALTERNC_LOCK_JOBS)) {
echo "There is a file ".ALTERNC_LOCK_JOBS."\n";
echo "So no jobs are allowed\n";
echo "Did you launch alternc.install ?\n";
die();
}
}
su2normal (   $uid)

Turns a super-admin account into a common account.

Parameters
$uidinteger the uid number of the super-admin account we want to turn into a common account.
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 919 of file m_admin.php.

References $db, and $err.

{
global $err,$db;
$db->query("SELECT su FROM membres WHERE uid='$uid';");
if (!$db->next_record()) {
$err->raise("admin",_("Account not found"));
return false;
}
if ($db->Record["su"]!=1) {
$err->raise("admin",_("This account is NOT an administrator account!"));
return false;
}
$db->query("UPDATE membres SET su=0 WHERE uid='$uid';");
return true;
}
unlock_mem (   $uid)

UnLock an account UnLock an account and prevent the user to access its account.

Parameters
$uidinteger the uid number of the account we want to unlock
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 723 of file m_admin.php.

References $db, $err, $uid, and enabled.

{
global $err,$db;
$err->log("admin","unlock_mem",$uid);
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
$db=new DB_System();
if ($db->query("UPDATE membres SET enabled='1' WHERE uid='$uid';")) {
return true;
}
else {
$err->raise("admin",_("Account not found"));
return false;
}
}
update_mem (   $uid,
  $mail,
  $nom,
  $prenom,
  $pass,
  $enabled,
  $canpass,
  $type = 'default',
  $duration = 0,
  $notes = "",
  $reset_quotas = false 
)

Edit an account.

Change an account (in the tables membres and local). Prevents any manipulation of the account if the account $mid is not super-admin.

Parameters
$uidinteger the uid number of the account we want to modify
loginstring new login name like [a-z][a-z0-9]*
$passstring new password (max. 64 characters)
$nomstring new name of the account owner
$prenomstring new first name of the account owner
$mailstring new email address of the account owner
$enabledinteger (value: 0 or 1) activates or desactivates the
$typestring new type of account access to the virtual desktop of this account.
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 656 of file m_admin.php.

References $cuid, $db, $err, $uid, _md5cr(), enabled, and renew_update().

{
global $err,$db;
global $cuid, $quota;
$notes=addslashes($notes);
$err->log("admin","update_mem",$uid);
if (!$this->enabled) {
$err->raise("admin",_("-- Only administrators can access this page! --"));
return false;
}
$db=new DB_System();
if ($pass) {
$pass=_md5cr($pass);
$ssq=" ,pass='$pass' ";
} else {
$ssq="";
}
$old_mem = $this->get($uid);
if (($db->query("UPDATE local SET nom='$nom', prenom='$prenom' WHERE uid='$uid';"))
&&($db->query("UPDATE membres SET mail='$mail', canpass='$canpass', enabled='$enabled', `type`='$type', notes='$notes' $ssq WHERE uid='$uid';"))){
if($reset_quotas == "on" || $type != $old_mem['type'] ) {
$quota->addquotas();
$quota->synchronise_user_profile();
}
$this->renew_update($uid, $duration);
return true;
}
else {
$err->raise("admin",_("Account not found"));
return false;
}
}

Field Documentation

$archive = ''

Definition at line 47 of file m_admin.php.

$enabled = 0

$enabled tells if the logged user is super-admin or not

Definition at line 37 of file m_admin.php.

$tldmode = array()

List of the controls made for each TLD.

$tldmode is used by the administration panel, while choosing the authorized TLDs. It's an array of strings explaining the current state of the TLD.

Definition at line 45 of file m_admin.php.

The documentation for this class was generated from the following file: