Alternc  latest
Alternc logiel libre pour l'hébergement
 All Classes Namespaces Files Functions Variables Pages
m_admin Class Reference

Manage the AlternC's account administration (create/edit/delete) More...

Public Member Functions

 __construct ()
 Constructor. More...
 
 hook_menu ()
 Hook function called by the menu class to add menu to the left panel. More...
 
 alternc_password_policy ()
 Password kind used in this class (hook for admin class) More...
 
 stop_if_jobs_locked ()
 
 get_uid_by_login ($login)
 return the uid of an alternc account More...
 
 get_login_by_uid ($uid)
 return the name of an alternc account More...
 
 get ($uid, $recheck=false)
 Returns the known information about a hosted account. More...
 
 get_creator ($uid)
 Returns the known information about a specific hosted account. More...
 
 onesu ()
 
 get_list ($all=0, $creator=0, $pattern=FALSE, $pattern_type=FALSE)
 :EM: those request should have been escaped Returns the list of the hosted accounts More...
 
 mailallmembers ($subject, $message, $from)
 Send an email to all AlternC's accounts. More...
 
 get_creator_list ()
 Returns an array with the known information about resellers (uid, login, number of accounts) Does not include account 2000 in the list. More...
 
 checkcreator ($uid)
 Check if I am the creator of the member $uid. More...
 
 add_shared_domain ($u, $domain_name)
 When the admin want to delegate a subdomain to an account. More...
 
 add_mem ($login, $pass, $nom, $prenom, $mail, $canpass=1, $type= 'default', $duration=0, $notes="", $force=0, $create_dom= '', $db_server_id)
 Creates a new hosted account. More...
 
 hook_admin_add_member ()
 AlternC's standard function called when a user is created This sends an email if configured through the interface. More...
 
 update_mem ($uid, $mail, $nom, $prenom, $pass, $enabled, $canpass, $type= 'default', $duration=0, $notes="", $reset_quotas=false)
 Edit an account. More...
 
 lock_mem ($uid)
 Lock an account. More...
 
 unlock_mem ($uid)
 UnLock an account. More...
 
 del_mem ($uid)
 Deletes an account Deletes the specified account. More...
 
 renew_mem ($uid, $periods=1)
 Renew an account. More...
 
 renew_update ($uid, $duration)
 Update the duration information for an account. More...
 
 renew_get_expiry ($uid)
 Get the expiry date for an account. More...
 
 renew_get_status ($uid)
 Get the expiry status for an account. More...
 
 renew_get_expiring_accounts ()
 Get the expired/about to expire accounts. More...
 
 normal2su ($uid)
 Turns a common account into a super-admin account. More...
 
 su2normal ($uid)
 Turns a super-admin account into a common account. More...
 
 listtld ()
 List of the authorized TLDs Returns the list of the authorized TLDs and also the way they are authorized. More...
 
 dom_list ($alsocheck=false, $forcecheck=false)
 List the hosted domains on this server. More...
 
 checkalldom ()
 Check all the domains for their NS MX and IPs. More...
 
 dom_lock ($domain)
 Lock / Unlock a domain. More...
 
 gettld ($tld)
 Add a new TLD to the list of the authorized TLDs. More...
 
 selecttldmode ($current=false)
 Prints the list of the actually authorized TLDs. More...
 
 deltld ($tld)
 Deletes the specified tld in the list of the authorized TLDs Note : This function does not delete the domains depending on this TLD. More...
 
 addtld ($tld, $mode)
 Add a TLD to the list of the authorized TLDs during the installation. More...
 
 edittld ($tld, $mode)
 Modify a TLD of the list of the authorized TLDs. More...
 
 getadmin ()
 Get the login name of the main administrator account. More...
 
 listPasswordPolicies ()
 List the password policies currently installed in the policy table. More...
 
 editPolicy ($policy, $minsize, $maxsize, $classcount, $allowlogin)
 Change a password policy for one kind of password. More...
 
 checkPolicy ($policy, $login, $password, $canbeempty=false)
 

Public Attributes

 $enabled = 0
 $enabled tells if the logged user is super-admin or not More...
 
 $tldmode = array()
 List of the controls made for each TLD. More...
 
 $archive = ''
 

Detailed Description

Manage the AlternC's account administration (create/edit/delete)

Definition at line 26 of file m_admin.php.

Constructor & Destructor Documentation

m_admin::__construct ( )

Constructor.

Parameters
globaltype $db
globaltype $cuid

Definition at line 50 of file m_admin.php.

References $cuid, $db, enabled, and variable_get().

50  {
51  global $db, $cuid;
52  $db->query("SELECT su FROM membres WHERE uid=?;", array($cuid));
53  $db->next_record();
54  $this->enabled = $db->f("su");
55 
56  $this->tldmode = array(
57  0 => _("This TLD is forbidden"),
58  1 => _("primary DNS is checked in WHOIS db"),
59  2 => _("primary & secondary DNS are checked in WHOIS db"),
60  3 => _("Domain must exist, but don't do any DNS check"),
61  4 => _("Domain can be installed, no check at all"),
62  5 => _("Domain can be installed, force NO DNS hosting"),
63  );
64  $this->archive = variable_get('archive_del_data', '', 'If folder specified html folder of deleted user is archived, else it is deleted. ');
65  }
global $db
Definition: bootstrap.php:22
$cuid
Definition: bootstrap.php:43
variable_get($name, $default=null, $createit_comment=null)
Return a persistent variable.
Definition: variables.php:85
$admin enabled
Definition: newone.php:38

Member Function Documentation

m_admin::add_mem (   $login,
  $pass,
  $nom,
  $prenom,
  $mail,
  $canpass = 1,
  $type = 'default',
  $duration = 0,
  $notes = "",
  $force = 0,
  $create_dom = '',
  $db_server_id 
)

Creates a new hosted account.

Creates a new hosted account (in the tables membres and local). Prevents any manipulation of the account if the account $mid is not super-admin.

Parameters
globalm_messages $msg
globalm_quota $quota
globalarray $classes
globalint $cuid
globalm_mem $mem
globalstring $L_MYSQL_DATABASE
globalstring $L_MYSQL_LOGIN
globalm_hooks $hooks
globalm_action $action
string$loginLogin name like [a-z][a-z0-9]*
string$passPassword (max. 64 characters)
string$nomName of the account owner
string$prenomFirst name of the account owner
string$mailEmail address of the account owner, useful to get one's lost password
integer$canpass
string$typeAccount type for quotas
int$duration
string$notes
integer$force
string$create_dom
int$db_server_id
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 594 of file m_admin.php.

References $cuid, $db, $force, $hooks, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $login, $mem, $msg, $uid, _md5cr(), add_shared_domain(), checkmail(), enabled, getuserpath(), and renew_update().

594  {
595  global $msg, $cuid, $mem, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $hooks, $action;
596  $msg->log("admin", "add_mem", $login . "/" . $mail);
597  if (!$this->enabled) {
598  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
599  return false;
600  }
601  if (empty($db_server_id)) {
602  $msg->raise("ERROR", "admin", _("Missing db_server field"));
603  return false;
604  }
605  if (($login == "") || ($pass == "")) {
606  $msg->raise("ERROR", "admin", _("Please fill all mandatory fields"));
607  return false;
608  }
609  if (!$force) {
610  if ($mail == "") {
611  $msg->raise("ERROR", "admin", _("Please fill all mandatory fields"));
612  return false;
613  }
614  //@todo remove cf functions.php
615  if (checkmail($mail) != 0) {
616  $msg->raise("ERROR", "admin", _("Please enter a valid email address"));
617  return false;
618  }
619  }
620  $login = strtolower($login);
621  if (!preg_match("#^[a-z0-9]+$#", $login)) { //$
622  $msg->raise("ERROR", "admin", _("Login can only contains characters a-z and 0-9"));
623  return false;
624  }
625  if (strlen($login) > 14) {
626  // Not an arbitrary value : MySQL user names can be up to 16 characters long
627  // If we want to allow people to create a few mysql_user (and we want to!)
628  // we have to limit the login lenght
629  $msg->raise("ERROR", "admin", _("The login is too long (14 chars max)"));
630  return false;
631  }
632  // Some login are not allowed...
633  if ($login == $L_MYSQL_DATABASE || $login == $L_MYSQL_LOGIN || $login == "mysql" || $login == "root") {
634  $msg->raise("ERROR", "admin", _("Login can only contains characters a-z, 0-9 and -"));
635  return false;
636  }
637  $pass = _md5cr($pass);
638  $db = new DB_System();
639  // Already exist?
640  $db->query("SELECT count(*) AS cnt FROM membres WHERE login= ?;", array($login));
641  $db->next_record();
642  if (!$db->f("cnt")) {
643  $db->query("SELECT max(m.uid)+1 as nextid FROM membres m");
644  if (!$db->next_record()) {
645  $uid = 2000;
646  } else {
647  $uid = $db->Record["nextid"];
648  if ($uid <= 2000) {
649  $uid = 2000;
650  }
651  }
652  $db->query("INSERT INTO membres (uid,login,pass,mail,creator,canpass,type,created,notes,db_server_id) VALUES (?, ?, ?, ?, ?, ?, ?, NOW(), ?, ?);", array($uid, $login, $pass, $mail, $cuid, $canpass, $type, $notes, $db_server_id));
653  $db->query("INSERT INTO local(uid,nom,prenom) VALUES(?, ?, ?);", array($uid, $nom, $prenom));
654  $this->renew_update($uid, $duration);
655  $action->create_dir(getuserpath("$login"));
656  $action->fix_user($uid);
657 
658  // Triggering hooks
659  $mem->su($uid);
660 
661  $hooks->invoke("alternc_add_member");
662  // New hook way
663  $hooks->invoke("hook_admin_add_member", array(), array('quota')); // First !!! The quota !!! Eitherway, we can't be sure to be able to create all
664  $hooks->invoke("hook_admin_add_member");
665  $mem->unsu();
666 
667  if (!empty($create_dom)) {
668  $this->add_shared_domain($uid, $create_dom);
669  }
670 
671  return $uid;
672  } else {
673  $msg->raise("ERROR", "admin", _("This login already exists"));
674  return false;
675  }
676  }
$hooks
Definition: bootstrap.php:74
add_shared_domain($u, $domain_name)
When the admin want to delegate a subdomain to an account.
Definition: m_admin.php:532
$uid
$login
global $L_MYSQL_DATABASE
Definition: bootstrap.php:22
global $db
Definition: bootstrap.php:22
_md5cr($pass, $salt="")
Hashe a password using proper crypto function.
Definition: functions.php:533
global $L_MYSQL_LOGIN
Definition: bootstrap.php:22
getuserpath($user=null)
get the home of the user
Definition: functions.php:329
$msg
Definition: config.php:155
$cuid
Definition: bootstrap.php:43
renew_update($uid, $duration)
Update the duration information for an account.
Definition: m_admin.php:946
checkmail($mail)
Check an email address, use filter_var with emails, which works great ;)
Definition: functions.php:244
$admin enabled
Definition: newone.php:38
$mem
Definition: bootstrap.php:71
m_admin::add_shared_domain (   $u,
  $domain_name 
)

When the admin want to delegate a subdomain to an account.

Parameters
globalm_mysql $db
globalm_messages $msg
globalm_dom $dom
globalm_mem $mem
globalint $cuid
string$u
string$domain_name
Returns
boolean

Definition at line 532 of file m_admin.php.

References $dom, $mem, $msg, and variable_get().

Referenced by add_mem().

532  {
533  global $msg, $dom, $mem;
534  $msg->log("admin", "add_shared_domain", $u . "/" . $domain_name);
535 
536  if (!$mem->checkright()) {
537  $msg->raise("ERROR", "admin", _("-- Only administrators can do that! --"));
538  return false;
539  }
540 
541  // Check if this domain exist on this admin account
542  if ((!in_array($domain_name, $dom->enum_domains()))&&($domaine_name!=variable_get("hosting_tld"))) {
543  $msg->raise("ERROR", "admin", _("You don't seem to be allowed to delegate this domain"));
544  $msg->log("admin", "add_shared_domain", "domain not allowed");
545  return false;
546  }
547 
548  // Clean the domain_name
549  $domain_name = preg_replace("/^\.\.*/", "", $domain_name);
550 
551  $mem->su($u);
552  $dom->lock();
553  // option : 1=hébergement dns, 1=noerase, empeche de modifier, 1=force
554  // we do not allow DNS modification for hosting_tld
555  $dns=($domaine_name==variable_get("hosting_tld")) ? 0 : 1;
556  $dom->add_domain($mem->user['login'] . "." . $domain_name, $dns, 1, 1);
557  $dom->unlock();
558  $mem->unsu();
559  return true;
560  }
$msg
Definition: config.php:155
variable_get($name, $default=null, $createit_comment=null)
Return a persistent variable.
Definition: variables.php:85
$dom
Definition: whois_test.php:10
$mem
Definition: bootstrap.php:71
m_admin::addtld (   $tld,
  $mode 
)

Add a TLD to the list of the authorized TLDs during the installation.

Note: If you check in the whois, be sure that m_domains knows how to name the whois of the specified domain!

Parameters
globalm_mysql $db
globalm_messages $msg
string$tldstring TLD we want to authorize
boolean$modeControls to make on this TLD.
Returns
boolean TRUE if the TLD has been successfully added. FALSE if not.

Definition at line 1337 of file m_admin.php.

References $db, $mode, and $msg.

1337  {
1338  global $db, $msg;
1339  if (!$tld) {
1340  $msg->raise("ERROR", "admin", _("The TLD name is mandatory"));
1341  return false;
1342  }
1343  $tld = trim($tld);
1344 
1345  $db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
1346  if ($db->next_record()) {
1347  $msg->raise("ERROR", "admin", _("This TLD already exist"));
1348  return false;
1349  }
1350  if (substr($tld, 0, 1) == ".") {
1351  $tld = substr($tld, 1);
1352  }
1353  $mode = intval($mode);
1354  if ($mode == 0) {
1355  $mode = "0";
1356  }
1357  $db->query("INSERT INTO tld (tld,mode) VALUES (?,?);", array($tld, $mode));
1358  return true;
1359  }
$mode
Definition: adm_tldedit.php:40
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
m_admin::alternc_password_policy ( )

Password kind used in this class (hook for admin class)

Returns
array

Definition at line 145 of file m_admin.php.

145  {
146  return array("adm" => "Administration section");
147  }
m_admin::checkalldom ( )

Check all the domains for their NS MX and IPs.

Parameters
globalm_mysql $db
globalstring $L_NS1
globalstring $L_NS2
globalstring $L_MX
globalstring $L_PUBLIC_IP
Returns
int

Definition at line 1155 of file m_admin.php.

References $c, $d, $db, $dl, $errstr, $query, $t, and variable_get().

Referenced by dom_list().

1155  {
1156  global $db, $L_NS1, $L_NS2, $L_MX, $L_PUBLIC_IP;
1157  $checked = array();
1158 
1159  $query = "SELECT * FROM domaines ";
1160  $query_args = array();
1161  if($hosting_tld = variable_get("hosting_tld")){
1162  $query .= " WHERE domaine not like ?";
1163  array_push($query_args, "%.".$hosting_tld);
1164  }
1165  $query .= " ORDER BY domaine";
1166  $db->query($query, $query_args);
1167  $dl = array();
1168  while ($db->next_record()) {
1169  $dl[$db->Record["domaine"]] = $db->Record;
1170  }
1171 
1172  // won't search for MX and subdomains record if DNS is hosted here
1173  $lazycheck=1;
1174 
1175  sort($dl);
1176  foreach ($dl as $c) {
1177  // For each domain check its type:
1178  $errno = 0;
1179  $errstr = "";
1180  $dontexist = false;
1181  // Check the domain.
1182  if ($c["gesdns"] == 1) {
1183  // Check the NS pointing to us
1184  $out = array();
1185  exec("dig +short NS " . escapeshellarg($c["domaine"]), $out);
1186  if (count($out) == 0) {
1187  $dontexist = true;
1188  } else {
1189  if (!in_array($L_NS1 . ".", $out) || !in_array($L_NS2 . ".", $out)) {
1190  $errno = 1;
1191  $errstr.=sprintf(_("NS for this domain are not %s and %s BUT %s"),
1192  $L_NS1, $L_NS2, implode(",", $out)) . "\n";
1193  }
1194  }
1195  }
1196 
1197  if (!$dontexist&&(!$lazycheck||!$c["gesdns"])) {
1198  if ($c["gesmx"] == 1) {
1199  $out = array();
1200  exec("dig +short MX " . escapeshellarg($c["domaine"]), $out);
1201  $out2 = array();
1202  foreach ($out as $o) {
1203  list($t, $out2[]) = explode(" ", $o);
1204  }
1205  if (!in_array($L_MX . ".", $out2)) {
1206  $errno = 1;
1207  $errstr.=sprintf(_("MX is not %s BUT %s"), $L_MX, implode(",", $out2))."\n";
1208  }
1209  }
1210 
1211  // We list all subdomains and check they are pointing to us.
1212  $db->query("SELECT * FROM sub_domaines WHERE domaine=? ORDER BY sub;", array($c["domaine"]));
1213  while ($db->next_record()) {
1214  $d = $db->Record;
1215  if ($d["type"] == 'VHOST') {
1216  // Check the IP:
1217  $out = array();
1218  exec("dig +short A " . escapeshellarg($d["sub"] . (($d["sub"] != "") ? "." : "") . $c["domaine"]), $out);
1219  if (!is_array($out)) { // exec dig can fail
1220  $errno = 1;
1221  $errstr.=_("Fail to get the DNS information. Try again.")."\n";
1222  } else {
1223  if (!in_array($L_PUBLIC_IP, $out)) {
1224  $errstr.=sprintf(_("subdomain '%s' doesn't point to %s but to '%s'"), $d["sub"], $L_PUBLIC_IP, implode(",", $out))."\n" ;
1225  $errno = 1;
1226  }
1227  }
1228  }
1229  }
1230  }
1231  if ($dontexist) {
1232  $errno = 2;
1233  $errstr = _("Domain doesn't exist anymore !");
1234  }
1235  if ($errno == 0)
1236  $errstr = "OK";
1237  $checked[$c["domaine"]] = array("errno" => $errno, "errstr" => $errstr);
1238  }
1239  return $checked;
1240  }
global $db
Definition: bootstrap.php:22
$query
Definition: 3.0.0~3.php:37
foreach($domaines_user as $domaine) $t
$dl
Definition: dom_add.php:61
variable_get($name, $default=null, $createit_comment=null)
Return a persistent variable.
Definition: variables.php:85
$c
Definition: bootstrap.php:47
$errstr
Definition: change.php:62
$d
m_admin::checkcreator (   $uid)

Check if I am the creator of the member $uid.

Parameters
globaltype $msg
globaltype $mem
globaltype $db
globaltype $cuid
int$uida unique integer identifying the account
Returns
boolean TRUE if I am the creator of that account. FALSE else.

Definition at line 505 of file m_admin.php.

References $cuid, $db, $msg, and $uid.

505  {
506  global $msg, $db, $cuid;
507  if ($cuid == 2000) {
508  return true;
509  }
510  $db->query("SELECT creator FROM membres WHERE uid= ?;", array($uid));
511  $db->next_record();
512  if ($db->Record["creator"] != $cuid) {
513  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
514  return false;
515  }
516  return true;
517  }
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
$cuid
Definition: bootstrap.php:43
m_admin::checkPolicy (   $policy,
  $login,
  $password,
  $canbeempty = false 
)
Parameters
globalm_mysql $db
globalm_messages $msg
string$policyName of the policy to check for
string$loginThe login that will be set
string$passwordThe password we have to check
Returns
boolean TRUE if the password if OK for this login and this policy, FALSE if it is not.

Definition at line 1486 of file m_admin.php.

References $i, $login, $msg, $p, $password, elseif, and listPasswordPolicies().

1486  {
1487  global $msg;
1488 
1489  if (empty($login)) {
1490  $msg->raise("ALERT", "admin", _("Please enter a login"));
1491  return false;
1492  }
1493  if (empty($password) && !$canbeempty) {
1494  $msg->raise("ALERT", "admin", _("Please enter a password"));
1495  return false;
1496  }
1497 
1498  $pol = $this->listPasswordPolicies();
1499  if (!$pol[$policy]) {
1500  $msg->raise("ERROR", "admin", _("-- Program error -- The requested password policy does not exist!"));
1501  return false;
1502  }
1503  $pol = $pol[$policy];
1504  // Ok, now let's check it :
1505  $plen = strlen($password);
1506 
1507  if ($plen < $pol["minsize"] && !($canbeempty && empty($password))) {
1508  $msg->raise("ERROR", "admin", _("The password length is too short according to the password policy"));
1509  return false;
1510  }
1511 
1512  if ($plen > $pol["maxsize"] && !($canbeempty && empty($password))) {
1513  $msg->raise("ERROR", "admin", _("The password is too long according to the password policy"));
1514  return false;
1515  }
1516 
1517  if (!$pol["allowlogin"]) {
1518  // We do misc check on password versus login :
1519  $logins = preg_split("/[@_-]/", $login);
1520  $logins[] = $login;
1521  foreach ($logins as $l) {
1522  if (!$l) {
1523  continue;
1524  }
1525  if (strpos($password, $l) !== false || strpos($l, $password) !== false) {
1526  $msg->raise("ERROR", "admin", _("The password policy prevents you to use your login name inside your password or the other way around"));
1527  return false;
1528  }
1529  }
1530  }
1531 
1532  if ($pol["classcount"] > 0 && !($canbeempty && empty($password))) {
1533  $cls = array(0, 0, 0, 0, 0);
1534  for ($i = 0; $i < strlen($password); $i++) {
1535  $p = substr($password, $i, 1);
1536  if (strpos("abcdefghijklmnopqrstuvwxyz", $p) !== false) {
1537  $cls[0] = 1;
1538  } elseif (strpos("ABCDEFGHIJKLMNOPQRSTUVWXYZ", $p) !== false) {
1539  $cls[1] = 1;
1540  } elseif (strpos("0123456789", $p) !== false) {
1541  $cls[2] = 1;
1542  } elseif (strpos('!"#$%&\'()*+,-./:;<=>?@[\\]^_`', $p) !== false) {
1543  $cls[3] = 1;
1544  } else {
1545  $cls[4] = 1;
1546  }
1547  } // foreach
1548  $clc = array_sum($cls);
1549  if ($clc < $pol["classcount"]) {
1550  $msg->raise("ERROR", "admin", _("Your password contains not enough different classes of character, between low-case, up-case, figures and special characters."));
1551  return false;
1552  }
1553  }
1554  return true; // congratulations !
1555  }
$login
listPasswordPolicies()
List the password policies currently installed in the policy table.
Definition: m_admin.php:1411
$i
$msg
Definition: config.php:155
if(empty($site_name)) elseif($piwik->site_add($site_name, $site_urls))
$p
Definition: bro_editor.php:46
$password
Definition: bootstrap.php:85
m_admin::del_mem (   $uid)

Deletes an account Deletes the specified account.

Prevents any manipulation of the account if the account $mid is not super-admin.

Parameters
globalm_messages $msg
globalm_quota $quota
globalarray $classes
globalint $cuid
globalm_mem $mem
globalm_dom $dom
globalm_hooks $hooks
globalm_action $action
int$uidThe uid number of the account
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 872 of file m_admin.php.

References $db, $dom, $hooks, $mem, $msg, $uid, enabled, and getuserpath().

872  {
873  global $msg, $mem, $dom, $hooks, $action;
874  $msg->log("admin", "del_mem", $uid);
875 
876  if (!$this->enabled) {
877  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
878  return false;
879  }
880  $db = new DB_System();
881  $tt = $this->get($uid);
882 
883  $mem->su($uid);
884  // This script may take a long time on big accounts, let's give us some time ... Fixes 1132
885  @set_time_limit(0);
886  // WE MUST call m_dom before all others because of conflicts ...
887  $dom->admin_del_member();
888 
889  # New way of deleting or backup delted user html folders using action class
890  $path = getuserpath($tt['login']);
891  $action->archive($path);
892 
893  $hooks->invoke("alternc_del_member");
894  $hooks->invoke("hook_admin_del_member");
895 
896  if (($db->query("DELETE FROM membres WHERE uid= ?;", array($uid))) &&
897  ($db->query("DELETE FROM local WHERE uid= ?;", array($uid)))) {
898  $mem->unsu();
899  // If this user was (one day) an administrator one, he may have a list of his own accounts. Let's associate those accounts to nobody as a creator.
900  $db->query("UPDATE membres SET creator=2000 WHERE creator= ?;", array($uid));
901  return true;
902  } else {
903  $msg->raise("ERROR", "admin", _("Account not found"));
904  $mem->unsu();
905  return false;
906  }
907  }
$hooks
Definition: bootstrap.php:74
$uid
global $db
Definition: bootstrap.php:22
getuserpath($user=null)
get the home of the user
Definition: functions.php:329
$msg
Definition: config.php:155
$dom
Definition: whois_test.php:10
$admin enabled
Definition: newone.php:38
$mem
Definition: bootstrap.php:71
m_admin::deltld (   $tld)

Deletes the specified tld in the list of the authorized TLDs Note : This function does not delete the domains depending on this TLD.

Parameters
globalm_mysql $db
globalm_messages $msg
string$tldThe TLD you want to delete
Returns
boolean returns true if the TLD has been deleted, or false if an error occured.

Definition at line 1312 of file m_admin.php.

References $db, and $msg.

1312  {
1313  global $db, $msg;
1314  $db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
1315  if (!$db->next_record()) {
1316  $msg->raise("ERROR", "admin", _("This TLD does not exist"));
1317  return false;
1318  }
1319  $db->query("DELETE FROM tld WHERE tld= ?;", array($tld));
1320  return true;
1321  }
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
m_admin::dom_list (   $alsocheck = false,
  $forcecheck = false 
)

List the hosted domains on this server.

Return the list of hosted domains on this server, (an array of associative arrays)

Parameters
globalm_mysql $db
boolean$alsocheckReturns also errstr and errno telling the domains dig checks
boolean$forcecheckForce the check of dig domain even if a cache exists.
Returns
array $r[$i] / [domaine][member][noerase][gesdns][gesmx]

Definition at line 1110 of file m_admin.php.

References $c, $db, $forcecheck, $query, checkalldom(), and variable_get().

1110  {
1111  global $db;
1112  $cachefile = "/tmp/alternc_dig_check_cache";
1113  $cachetime = 3600; // The dns cache file can be up to 1H old
1114  if ($alsocheck) {
1115  if (!$forcecheck && file_exists($cachefile) && filemtime($cachefile) + $cachetime > time()) {
1116  $checked = unserialize(file_get_contents($cachefile));
1117  } else {
1118  // TODO : do the check here (cf checkdom.php) and store it in $checked
1119  $checked = $this->checkalldom();
1120  file_put_contents($cachefile, serialize($checked));
1121  }
1122  }
1123 
1124  $query = "SELECT m.uid,m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ";
1125  $query_args = array();
1126  if($hosting_tld = variable_get("hosting_tld")){
1127  $query .= " WHERE domaine not like ?";
1128  array_push($query_args, "%.".$hosting_tld);
1129  }
1130  $query .= " ORDER BY domaine;";
1131  $db->query($query, $query_args);
1132  $c = array();
1133  while ($db->next_record()) {
1134  $tmp = $db->Record;
1135  if ($alsocheck) {
1136  $tmp["errstr"] = $checked[$tmp["domaine"]]["errstr"];
1137  $tmp["errno"] = $checked[$tmp["domaine"]]["errno"];
1138  }
1139  $c[] = $tmp;
1140  }
1141  return $c;
1142  }
$forcecheck
Definition: adm_doms.php:49
global $db
Definition: bootstrap.php:22
$query
Definition: 3.0.0~3.php:37
variable_get($name, $default=null, $createit_comment=null)
Return a persistent variable.
Definition: variables.php:85
$c
Definition: bootstrap.php:47
checkalldom()
Check all the domains for their NS MX and IPs.
Definition: m_admin.php:1155
m_admin::dom_lock (   $domain)

Lock / Unlock a domain.

Lock (or unlock) a domain, so that the member will be (not be) able to delete it from its account

Parameters
globalm_mysql $db
globalm_messages $msg
string$domainDomain name to lock / unlock
Returns
boolean TRUE if the domain has been locked/unlocked or FALSE if it does not exist.

Definition at line 1254 of file m_admin.php.

References $db, $domain, and $msg.

1254  {
1255  global $db, $msg;
1256  $db->query("SELECT compte FROM domaines WHERE domaine= ?;", array($domain));
1257  if (!$db->next_record()) {
1258  $msg->raise("ERROR", "dom", _("Domain '%s' not found."), $domain);
1259  return false;
1260  }
1261  $db->query("UPDATE domaines SET noerase=1-noerase WHERE domaine= ?;", array($domain));
1262  return true;
1263  }
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
$domain
Definition: dom_import.php:36
m_admin::editPolicy (   $policy,
  $minsize,
  $maxsize,
  $classcount,
  $allowlogin 
)

Change a password policy for one kind of password.

Parameters
globalm_mysql $db
string$policyName of the policy to edit
int$minsizeMinimum Password size
int$maxsizeMaximum Password size
int$classcountHow many class of characters must this password have
boolean$allowloginDo we allow the password to be like the login ?
Returns
boolean if the policy has been edited, or FALSE if an error occured.

Definition at line 1457 of file m_admin.php.

References $db.

1457  {
1458  global $db;
1459  $minsize = intval($minsize);
1460  $maxsize = intval($maxsize);
1461  $classcount = intval($classcount);
1462  $allowlogin = intval($allowlogin);
1463 
1464  $db->query("SELECT * FROM policy WHERE name= ?;", array($policy));
1465  if (!$db->next_record()) {
1466  return false; // Policy not found
1467  }
1468  if ($minsize < 0 || $minsize > 64 || $maxsize < 0 || $maxsize > 64 || $maxsize < $minsize || $classcount < 0 || $classcount > 4) {
1469  return false; // Incorrect policy ...
1470  }
1471  $allowlogin = ($allowlogin) ? 1 : 0;
1472  $db->query("UPDATE policy SET minsize= ?, maxsize= ?, classcount= ?, allowlogin= ? WHERE name= ?;", array($minsize, $maxsize, $classcount, $allowlogin, $policy));
1473  return true;
1474  }
global $db
Definition: bootstrap.php:22
m_admin::edittld (   $tld,
  $mode 
)

Modify a TLD of the list of the authorized TLDs.

Parameters
globalm_mysql $db
globalm_messages $msg
string$tldTLD we want to modify
int$modeControls to make on this TLD.
Returns
boolean TRUE if the TLD has been successfully modified. FALSE if not.

Definition at line 1373 of file m_admin.php.

References $db, $mode, and $msg.

1373  {
1374  global $db, $msg;
1375  $db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
1376  if (!$db->next_record()) {
1377  $msg->raise("ERROR", "admin", _("This TLD does not exist"));
1378  return false;
1379  }
1380  $mode = intval($mode);
1381  if ($mode == 0) {
1382  $mode = "0";
1383  }
1384  $db->query("UPDATE tld SET mode= ? WHERE tld= ?;", array($mode, $tld));
1385  return true;
1386  }
$mode
Definition: adm_tldedit.php:40
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
m_admin::get (   $uid,
  $recheck = false 
)

Returns the known information about a hosted account.

Returns all what we know about an account (contents of the tables membres et local) Ckecks if the account is super-admin

Parameters
globaltype $msg
globaltype $db
globalstring $lst_users_properties
int$uida unique integer identifying the account
boolean$recheck
Returns
array|boolean an associative array containing all the fields of the table membres and local of the corresponding account. Returns FALSE if an error occurs.

Definition at line 213 of file m_admin.php.

213  {
214  global $msg, $db, $lst_users_properties;
215  // $msg->log("admin","get",$uid);
216  if (!$this->enabled) {
217  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
218  return false;
219  }
220 
221  if (!isset($lst_users_properties) || empty($lst_users_properties) || !is_array($lst_users_properties) || $recheck) {
222  $lst_users_properties = array();
223  $db->query("
224  SELECT
225  m.uid as muid,
226  l.*,
227  m.*,
228  parent.login as parentlogin,
229  dbs.name as db_server_name,
230  m.renewed + INTERVAL m.duration MONTH as expiry,
231  CASE
232  WHEN m.duration IS NULL THEN 0
233  WHEN m.renewed + INTERVAL m.duration MONTH <= NOW() THEN 3
234  WHEN m.renewed <= NOW() THEN 2
235  ELSE 1 END 'status'
236 
237  FROM membres as m
238  LEFT JOIN membres as parent ON (parent.uid = m.creator)
239  LEFT JOIN db_servers as dbs ON (m.db_server_id = dbs.id)
240  LEFT JOIN local as l ON (m.uid = l.uid) ;");
241  while ($db->next_record()) {
242  $lst_users_properties[$db->f('muid')] = $db->Record;
243  }
244  }
245 
246  if (!isset($lst_users_properties[$uid])) {
247  if (!$recheck) {
248  // don't exist, but is not a forced check. Do a forced check
249  return $this->get($uid, true);
250  }
251  $msg->raise("ERROR", "admin", _("Account not found"));
252  return false;
253  }
254 
255  return $lst_users_properties[$uid];
256  }
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
$admin enabled
Definition: newone.php:38
m_admin::get_creator (   $uid)

Returns the known information about a specific hosted account.

Similar to get_list() but for creators/resellers.

Parameters
globaltype $msg
globaltype $db
int$uid
Returns
boolean

Definition at line 269 of file m_admin.php.

References $c, $db, $key, $msg, $uid, $val, each(), and enabled.

Referenced by get_creator_list().

269  {
270  global $msg, $db;
271  // $msg->log("admin","get",$uid);
272  if (!$this->enabled) {
273  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
274  return false;
275  }
276 
277  $db->query("SELECT m.*, parent.login as parentlogin FROM membres as m LEFT JOIN membres as parent ON (parent.uid = m.creator) WHERE m.uid= ?;", array($uid));
278 
279  if ($db->num_rows()) {
280  $db->next_record();
281  $c = $db->Record;
282  } else {
283  $msg->raise("ERROR", "admin", _("Account not found"));
284  return false;
285  }
286 
287  $db->query("SELECT * FROM local WHERE uid= ?;", array($uid));
288  if ($db->num_rows()) {
289  $db->next_record();
290  reset($db->Record);
291  while (list($key, $val) = each($db->Record)) {
292  $c[$key] = $val;
293  }
294  }
295 
296  $db->query("SELECT count(*) as nbcreated FROM membres WHERE creator= ?;", array($uid));
297  if ($db->num_rows()) {
298  $db->next_record();
299  reset($db->Record);
300  while (list($key, $val) = each($db->Record)) {
301  $c[$key] = $val;
302  }
303  }
304 
305  return $c;
306  }
$val
Definition: tempovars.php:15
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
x each(["height","width"], function(e, n){x.cssHooks[n]={get:function(e, r, i){return r?0===e.offsetWidth &&Xt.test(x.css(e,"display"))?x.swap(e, Qt, function(){return sn(e, n, i)}):sn(e, n, i):t}, set:function(e, t, r){var i=r &&Rt(e);return on(e, t, r?an(e, n, r, x.support.boxSizing &&"border-box"===x.css(e,"boxSizing",!1, i), i):0)}}})
if(empty($_POST['key'])||empty($_POST['val'])) $key
Definition: tempovars.php:14
$c
Definition: bootstrap.php:47
$admin enabled
Definition: newone.php:38
m_admin::get_creator_list ( )

Returns an array with the known information about resellers (uid, login, number of accounts) Does not include account 2000 in the list.

May only be called by the admin account (2000) If there are no reseller accounts, returns an empty array.

Parameters
globaltype $msg
globaltype $mem
globaltype $cuid
Returns
boolean

Definition at line 469 of file m_admin.php.

References $cuid, $db, $msg, enabled, and get_creator().

469  {
470  global $msg, $cuid;
471 
472  $creators = array();
473 
474  $msg->log("admin", "get_reseller_list");
475  if (!$this->enabled) {
476  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
477  return false;
478  }
479 
480  $db = new DB_System();
481  $db->query("SELECT DISTINCT creator FROM membres WHERE creator <> 0 ORDER BY creator ASC;");
482  if ($db->num_rows()) {
483  while ($db->next_record()) {
484  $creators[] = $this->get_creator($db->f("creator"));
485  }
486  }
487  $creators2 = array();
488  foreach ($creators as $cc) {
489  $creators2[$cc['uid']] = $cc;
490  }
491  return $creators2;
492  }
get_creator($uid)
Returns the known information about a specific hosted account.
Definition: m_admin.php:269
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
$cuid
Definition: bootstrap.php:43
$admin enabled
Definition: newone.php:38
m_admin::get_list (   $all = 0,
  $creator = 0,
  $pattern = FALSE,
  $pattern_type = FALSE 
)

:EM: those request should have been escaped Returns the list of the hosted accounts

Returns all what we know about ALL the accounts (contents of the tables membres et local) Check for super-admin accounts

Parameters
return
globaltype $msg
globaltype $mem
globaltype $cuid
integer$all
integer$creator
string$pattern
string$pattern_type
Returns
boolean | array an associative array containing all the fields of the table membres and local of all the accounts. Returns FALSE if an error occurs.

Definition at line 344 of file m_admin.php.

References $c, $cuid, $db, $mem, $msg, elseif, and enabled.

344  {
345  global $msg, $mem, $cuid;
346  $msg->log("admin", "get_list");
347  if (!$this->enabled) {
348  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
349  return false;
350  }
351  $db = new DB_System();
352 
353 
354  if ($pattern) {
355 
356  if ($pattern_type === 'domaine') {
357 
358  $request = 'SELECT compte AS uid FROM domaines WHERE 1';
359 
360  if ($pattern && preg_match('/[.a-zA-Z0-9]+/', $pattern)) {
361  $request .= sprintf(' AND domaine LIKE "%%%s%%"', $pattern);
362  }
363  if ($creator) {
364  $request .= sprintf(' AND compte in (select uid from membres where creator = "%s" ) ', $creator);
365  }
366  if ($mem->user['uid'] != 2000 && !$all) {
367  $request .= sprintf(' AND compte in (select uid from membres where creator = "%s") ', $cuid);
368  }
369 
370  $request .= ' GROUP BY uid';
371  } elseif ($pattern_type === 'login') {
372 
373  $request = 'SELECT uid FROM membres WHERE 1';
374 
375  if ($pattern && preg_match('/[a-zA-Z0-9]+/', $pattern)) {
376  $request .= sprintf(' AND login LIKE "%%%s%%"', $pattern);
377  }
378  if ($creator) {
379  $request .= sprintf(' AND creator = "%s"', $creator);
380  }
381  if ($mem->user['uid'] != 2000 && !$all) {
382  $request .= sprintf(' AND creator = "%s"', $cuid);
383  }
384  $request .= ' ORDER BY login;';
385  } else {
386  $msg->raise("ERROR", "admin", _("Invalid pattern type provided. Are you even performing a legitimate action?"));
387  return FALSE;
388  }
389  } else {
390  if ($creator) {
391  // Limit listing to a specific reseller
392  $request = "SELECT uid FROM membres WHERE creator='" . $creator . "' ORDER BY login;";
393  } elseif ($mem->user['uid'] == 2000 || $all) {
394  $request = "SELECT uid FROM membres ORDER BY login;";
395  } else {
396  $request = "SELECT uid FROM membres WHERE creator='" . $cuid . "' ORDER BY login;";
397  }
398  }
399 
400  $db->query($request);
401 
402  if ($db->num_rows()) {
403  $c = array();
404  while ($db->next_record()) {
405  $c[$db->f("uid")] = $this->get($db->f("uid"));
406  }
407  return $c;
408  } else {
409  return false;
410  }
411  }
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
if(empty($site_name)) elseif($piwik->site_add($site_name, $site_urls))
$cuid
Definition: bootstrap.php:43
$c
Definition: bootstrap.php:47
$admin enabled
Definition: newone.php:38
$mem
Definition: bootstrap.php:71
m_admin::get_login_by_uid (   $uid)

return the name of an alternc account

Parameters
globaltype $db
type$uid
Returns
null if missing

Definition at line 187 of file m_admin.php.

187  {
188  global $db;
189  $db->query("SELECT login FROM membres WHERE uid= ?;", array($uid));
190  if (!$db->next_record()) {
191  return null;
192  }
193  return $db->f('login');
194  }
$uid
global $db
Definition: bootstrap.php:22
PR null
Definition: lang-css.js:1
m_admin::get_uid_by_login (   $login)

return the uid of an alternc account

Parameters
globaltype $db
type$login
Returns
null

Definition at line 170 of file m_admin.php.

170  {
171  global $db;
172  $db->query("SELECT uid FROM membres WHERE login= ?;", array($login));
173  if (!$db->next_record()) {
174  return null;
175  }
176  return $db->f('uid');
177  }
$login
global $db
Definition: bootstrap.php:22
PR null
Definition: lang-css.js:1
m_admin::getadmin ( )

Get the login name of the main administrator account.

Parameters
globalm_mysql $db
Returns
string the login name of admin, like 'root' for older alterncs

Definition at line 1395 of file m_admin.php.

References $db.

1395  {
1396  global $db;
1397  $db->query("SELECT login FROM membres WHERE uid=2000;");
1398  $db->next_record();
1399  return $db->f("login");
1400  }
global $db
Definition: bootstrap.php:22
m_admin::gettld (   $tld)

Add a new TLD to the list of the authorized TLDs.

Parameters
globalm_mysql $db
globalm_messages $msg
string$tldtop-level domain to add (org, com...)
Returns
boolean TRUE if the tld has been successfully added, FALSE if not.

Definition at line 1274 of file m_admin.php.

References $db, and $msg.

1274  {
1275  global $db, $msg;
1276  $db->query("SELECT mode FROM tld WHERE tld= ?;", array($tld));
1277  if (!$db->next_record()) {
1278  $msg->raise("ERROR", "admin", _("This TLD does not exist"));
1279  return false;
1280  }
1281  return $db->Record["mode"];
1282  }
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
m_admin::hook_admin_add_member ( )

AlternC's standard function called when a user is created This sends an email if configured through the interface.

Parameters
globalm_messages $msg
globalint $cuid
globalstring $L_FQDN
globalstring $L_HOSTING
Returns
boolean

Definition at line 689 of file m_admin.php.

References $cuid, $db, $msg, and variable_get().

689  {
690  global $msg, $cuid, $L_FQDN, $L_HOSTING;
691  $dest = variable_get('new_email', '0', 'An email will be sent to this address when new accounts are created if set.', array('desc' => 'Enabled', 'type' => 'boolean'));
692  if (!$dest) {
693  return false;
694  }
695  $db = new DB_System();
696  if (!$db->query("SELECT m.*, parent.login as parentlogin FROM membres m LEFT JOIN membres parent ON parent.uid=m.creator WHERE m.uid= ?", array($cuid))) {
697  $msg->raise("ERROR", "admin", sprintf(_("query failed: %s "), $db->Error));
698  return false;
699  }
700  if ($db->next_record()) {
701  // TODO: put that string into gettext !
702  $mail = '
703  A new AlternC account was created on %fqdn by %creator.
704 
705  Account details
706  ---------------
707 
708  login: %login (%uid)
709  email: %mail
710  createor: %creator (%cuid)
711  can change password: %canpass
712  type: %type
713  notes: %notes
714  ';
715  $mail = strtr($mail, array('%fqdn' => $L_FQDN,
716  '%creator' => $db->Record['parentlogin'],
717  '%uid' => $db->Record['uid'],
718  '%login' => $db->Record['login'],
719  '%mail' => $db->Record['mail'],
720  '%cuid' => $db->Record['creator'],
721  '%canpass' => $db->Record['canpass'],
722  '%type' => $db->Record['type'],
723  '%notes' => $db->Record['notes']));
724  $subject = sprintf(_("New account %s from %s on %s"), $db->Record['login'], $db->Record['parentlogin'], $L_HOSTING);
725  if (mail($dest, $subject, $mail, "From: postmaster@$L_FQDN")) {
726  //sprintf(_("Email successfully sent to %s"), $dest);
727  return true;
728  } else {
729  $msg->raise("ERROR", "admin", sprintf(_("Cannot send email to %s"), $dest));
730  return false;
731  }
732  } else {
733  $msg->raise("ERROR", "admin", sprintf(_("Query failed: %s"), $db->Error));
734  return false;
735  }
736  }
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
$cuid
Definition: bootstrap.php:43
variable_get($name, $default=null, $createit_comment=null)
Return a persistent variable.
Definition: variables.php:85
m_admin::hook_menu ( )

Hook function called by the menu class to add menu to the left panel.

Parameters
globaltype $mem
globaltype $cuid
globaltype $debug_alternc
globaltype $L_INOTIFY_UPDATE_DOMAIN
Returns
boolean|string

Definition at line 76 of file m_admin.php.

References $cuid, and $mem.

76  {
77  global $mem, $cuid, $debug_alternc, $L_INOTIFY_UPDATE_DOMAIN;
78  if (!$mem->checkRight()) {
79  return false;
80  }
81  $obj = array(
82  'title' => _("Administration"),
83  'ico' => 'images/admin.png',
84  'link' => 'toggle',
85  'class' => 'adminmenu',
86  'pos' => 10,
87  'links' =>
88  array(
89  array(
90  'txt' => _("Manage AlternC accounts"),
91  'url' => 'adm_list.php',
92  'class' => 'adminmenu'
93  ),
94  array(
95  'txt' => _("User Quotas"),
96  'url' => 'quotas_users.php?mode=4',
97  'class' => 'adminmenu'
98  ),
99  )
100  );
101 
102  if ($cuid == 2000) { // only ADMIN, not available to subadmins
103  $obj['links'][] = array(
104  'txt' => _("Admin Control Panel"),
105  'url' => 'adm_panel.php',
106  'class' => 'adminmenu'
107  );
108  $obj['links'][] = array(
109  'txt' => _("PhpMyAdmin"),
110  'url' => '/alternc-sql/',
111  'class' => 'adminmenu',
112  'target' => '_blank',
113  );
114  $obj['links'][] = array(
115  'txt' => ($debug_alternc->status) ? _("Switch debug Off") : _("Switch debug On"),
116  'url' => "alternc_debugme.php?enable=" . ($debug_alternc->status ? "0" : "1"),
117  'class' => 'adminmenu'
118  );
119  if (empty($L_INOTIFY_UPDATE_DOMAIN) || file_exists("$L_INOTIFY_UPDATE_DOMAIN")) {
120  $obj['links'][] = array(
121  'txt' => _("Applying..."),
122  'url' => 'javascript:alert(\'' . _("Domain changes are already applying") . '\');',
123  'class' => 'adminmenu',
124  );
125  } else {
126  $obj['links'][] = array(
127  'txt' => _("Apply changes"),
128  'url' => 'adm_update_domains.php',
129  'class' => 'adminmenu',
130  'onclick' => 'return confirm("' . addslashes(_("Server configuration changes are applied every 5 minutes. Do you want to do it right now?")) . '");',
131  );
132  } // L_INOTIFY_UPDATE_DOMAIN
133  } // cuid == 2000
134 
135 
136  return $obj;
137  }
$cuid
Definition: bootstrap.php:43
$mem
Definition: bootstrap.php:71
m_admin::listPasswordPolicies ( )

List the password policies currently installed in the policy table.

Parameters
globalm_mysql $db
globalarray $classes
globalm_hooks $hooks
Returns
array an indexed array of associative array from the MySQL "policy" table

Definition at line 1411 of file m_admin.php.

References $db, and $hooks.

Referenced by checkPolicy().

1411  {
1412  global $db, $hooks;
1413  $tmp1 = array();
1414  $tmp2 = array();
1415  $policies = array();
1416  $db->query("SELECT * FROM policy;");
1417  while ($db->next_record()) {
1418  $tmp1[$db->Record["name"]] = $db->Record;
1419  }
1420  $tmp3 = $hooks->invoke("alternc_password_policy");
1421  foreach ($tmp3 as $v) {
1422  foreach ($v as $l => $m) {
1423  $tmp2[$l] = $m;
1424  }
1425  }
1426  foreach ($tmp2 as $k => $v) {
1427  if (!isset($tmp1[$k])) {
1428  // Default policy :
1429  $db->query("INSERT INTO policy SET name= ?, minsize=0, maxsize=64, classcount=0, allowlogin=0;", array($k));
1430  $tmp1[$k] = array(
1431  "minsize" => 0, "maxsize" => 64, "classcount" => 0, "allowlogin" => 0
1432  );
1433  }
1434  $policies[$k] = $tmp1[$k];
1435  $policies[$k]["description"] = _($v);
1436  unset($tmp1[$k]);
1437  }
1438  foreach ($tmp1 as $k => $v) {
1439  // Delete disabled modules :
1440  $db->query("DELETE FROM policy WHERE name= ?;", array($k));
1441  }
1442  return $policies;
1443  }
$hooks
Definition: bootstrap.php:74
global $db
Definition: bootstrap.php:22
m_admin::listtld ( )

List of the authorized TLDs Returns the list of the authorized TLDs and also the way they are authorized.

A TLD is the last members (or the last two) of a domain. For example, "com", "org" etc... AlternC keeps a table containing the list of the TLDs authorized to be installed on the server with the instructions to validate the installation of a domain for each TLD (if necessary).

Parameters
globalm_mysql $db
Returns
array An associative array like $r["tld"], $r["mode"] where tld is the tld and mode is the authorized mode.

Definition at line 1089 of file m_admin.php.

References $c, and $db.

1089  {
1090  global $db;
1091  $db->query("SELECT tld,mode FROM tld ORDER BY tld;");
1092  $c = array();
1093  while ($db->next_record()) {
1094  $c[] = $db->Record;
1095  }
1096  return $c;
1097  }
global $db
Definition: bootstrap.php:22
$c
Definition: bootstrap.php:47
m_admin::lock_mem (   $uid)

Lock an account.

Lock an account and prevent the user to access its account.

Parameters
globalm_messages $msg
globalm_mysql $db
int$uidThe uid number of the account
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 812 of file m_admin.php.

References $db, $msg, $uid, and enabled.

812  {
813  global $msg, $db;
814  $msg->log("admin", "lock_mem", $uid);
815  if (!$this->enabled) {
816  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
817  return false;
818  }
819  $db = new DB_System();
820  if ($db->query("UPDATE membres SET enabled='0' WHERE uid= ?;", array($uid))) {
821  return true;
822  } else {
823  $msg->raise("ERROR", "admin", _("Account not found"));
824  return false;
825  }
826  }
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
$admin enabled
Definition: newone.php:38
m_admin::mailallmembers (   $subject,
  $message,
  $from 
)

Send an email to all AlternC's accounts.

Parameters
globaltype $msg
globaltype $mem
globaltype $cuid
globaltype $db
string$subjectSubject of the email to send
string$messageMessage to send
string$fromExpeditor of that email
Returns
boolean

Definition at line 426 of file m_admin.php.

References $db, $msg, checkmail(), enabled, and null.

426  {
427  global $msg, $db;
428  $msg->log("admin", "mailallmembers");
429  if (!$this->enabled) {
430  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
431  return false;
432  }
433  $subject = trim($subject);
434  $message = trim($message);
435  $from = trim($from);
436 
437  if (empty($subject) || empty($message) || empty($from)) {
438  $msg->raise("ERROR", "admin", _("Subject, message and sender are mandatory"));
439  return false;
440  }
441  //@todo remove cf functions.php
442  if (checkmail($from) != 0) {
443  $msg->raise("ERROR", "admin", _("Sender is syntaxically incorrect"));
444  return false;
445  }
446 
447  @set_time_limit(1200);
448  $db->query("SELECT DISTINCT mail FROM membres WHERE mail!='';");
449  while ($db->next_record()) {
450  // Can't do BCC due to postfix limitation
451  // FIXME: use phpmailer, far better for mass-mailing than sendmail (reply-to issue among others)
452  mail($db->f('mail'), $subject, $message, null, "-f$from");
453  }
454  return true;
455  }
global $db
Definition: bootstrap.php:22
PR null
Definition: lang-css.js:1
$msg
Definition: config.php:155
checkmail($mail)
Check an email address, use filter_var with emails, which works great ;)
Definition: functions.php:244
$admin enabled
Definition: newone.php:38
m_admin::normal2su (   $uid)

Turns a common account into a super-admin account.

Parameters
globalm_messages $msg
globalm_mysql $db
int$uidThe uid number of the account
Returns
boolean

Definition at line 1036 of file m_admin.php.

References $db, $msg, and $uid.

1036  {
1037  global $msg, $db;
1038  $db->query("SELECT su FROM membres WHERE uid= ?;", array($uid));
1039  if (!$db->next_record()) {
1040  $msg->raise("ERROR", "admin", _("Account not found"));
1041  return false;
1042  }
1043  if ($db->Record["su"] != 0) {
1044  $msg->raise("ERROR", "admin", _("This account is ALREADY an administrator account"));
1045  return false;
1046  }
1047  $db->query("UPDATE membres SET su=1 WHERE uid= ?;", array($uid));
1048  return true;
1049  }
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
m_admin::onesu ( )
Parameters
globaltype $db
Returns
boolean TRUE if there is only one admin account (allow the program to prevent the destruction of the last admin account)

Definition at line 315 of file m_admin.php.

References $db.

315  {
316  global $db;
317  $db->query("SELECT COUNT(*) AS cnt FROM membres WHERE su=1");
318  $db->next_record();
319  return ($db->f("cnt") == 1);
320  }
global $db
Definition: bootstrap.php:22
m_admin::renew_get_expiring_accounts ( )

Get the expired/about to expire accounts.

Parameters
globalm_mysql $db
Returns
array The recordset of the corresponding accounts

Definition at line 1007 of file m_admin.php.

References $db, and $res.

1007  {
1008  global $db;
1009 
1010  if (!$db->query("SELECT *, m.renewed + INTERVAL duration MONTH 'expiry'," .
1011  " CASE WHEN m.duration IS NULL THEN 0" .
1012  " WHEN m.renewed + INTERVAL m.duration MONTH <= NOW() THEN 3" .
1013  " WHEN m.renewed <= NOW() THEN 2" .
1014  " ELSE 1 END 'status' FROM membres m, local l" .
1015  " WHERE m.uid = l.uid" .
1016  " HAVING status=2 or status=3 ORDER BY status DESC, expiry;")) {
1017  return false;
1018  } else {
1019  $res = array();
1020  while ($db->next_record()) {
1021  $res[] = $db->Record;
1022  }
1023  return $res;
1024  }
1025  }
global $db
Definition: bootstrap.php:22
$res
Definition: index.php:125
m_admin::renew_get_expiry (   $uid)

Get the expiry date for an account.

Parameters
int$uidThe uid number of the account
Returns
string The expiry date, a string as printed by MySQL

Definition at line 971 of file m_admin.php.

References $uid.

971  {
972  $jj = $this->get($uid);
973  if (isset($jj) && isset($jj['expiry']) && !empty($jj['expiry'])) {
974  return $jj['expiry'];
975  }
976  return '';
977  }
$uid
m_admin::renew_get_status (   $uid)

Get the expiry status for an account.

Parameters
int$uidThe uid number of the account
Returns
integer The expiry status: 0: account does not expire 1: expires in more than duration, 2: expires within the duration 3: has expired past the duration

Definition at line 990 of file m_admin.php.

References $uid.

990  {
991  $jj = $this->get($uid);
992 
993  if (isset($jj) && isset($jj['status']) && !empty($jj['status'])) {
994  return $jj['status'];
995  }
996 
997  return 0;
998  }
$uid
m_admin::renew_mem (   $uid,
  $periods = 1 
)

Renew an account.

Renew an account for its duration

Parameters
globalm_messages $msg
globalm_mysql $db
int$uidThe uid number of the account
int$periodsThe new duration, in months, of the account
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 921 of file m_admin.php.

References $db, $msg, and $uid.

921  {
922  global $msg, $db;
923 
924  $periods = intval($periods);
925  if ($periods == 0) {
926  return false;
927  }
928  if ($db->query("UPDATE membres SET renewed = renewed + INTERVAL (duration * ?) MONTH WHERE uid= ?;", array($periods, $uid))) {
929  return true;
930  } else {
931  $msg->raise("ERROR", "admin", _("Account not found"));
932  return false;
933  }
934  }
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
m_admin::renew_update (   $uid,
  $duration 
)

Update the duration information for an account.

Parameters
globalm_messages $msg
globalm_mysql $db
int$uidThe uid number of the account
int$durationThe new duration, in months, of the account
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 946 of file m_admin.php.

References $db, $msg, and $uid.

Referenced by add_mem(), and update_mem().

946  {
947  global $msg, $db;
948 
949  if ($duration == 0) {
950  if ($db->query("UPDATE membres SET duration = NULL, renewed = NULL WHERE uid= ?;", array($uid))) {
951  return true;
952  }
953  } else {
954  if ($db->query("UPDATE membres SET duration = ? WHERE uid= ?", array($duration, $uid)) &&
955  $db->query("UPDATE membres SET renewed = NOW() WHERE uid= ? and renewed is null;", array($uid))) {
956  return true;
957  }
958  }
959 
960  $msg->raise("ERROR", "admin", _("Account not found"));
961  return false;
962  }
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
m_admin::selecttldmode (   $current = false)

Prints the list of the actually authorized TLDs.

Parameters
boolean$currentValue to select in the list

Definition at line 1290 of file m_admin.php.

References $i.

1290  {
1291  for ($i = 0; $i < count($this->tldmode); $i++) {
1292  echo "<option value=\"$i\"";
1293  if ($current == $i) {
1294  echo " selected=\"selected\"";
1295  }
1296  echo ">" . _($this->tldmode[$i]) . "</option>\n";
1297  }
1298  }
$i
m_admin::stop_if_jobs_locked ( )

Definition at line 153 of file m_admin.php.

153  {
154  if (file_exists(ALTERNC_LOCK_JOBS)) {
155  echo "There is a file " . ALTERNC_LOCK_JOBS . "\n";
156  echo "So no jobs are allowed\n";
157  echo "Did you launch alternc.install ?\n";
158  die();
159  }
160  }
const ALTERNC_LOCK_JOBS
Definition: bootstrap.php:16
m_admin::su2normal (   $uid)

Turns a super-admin account into a common account.

Parameters
globalm_messages $msg
globalm_mysql $db
int$uidThe uid number of the account
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 1060 of file m_admin.php.

References $db, $msg, and $uid.

1060  {
1061  global $msg, $db;
1062  $db->query("SELECT su FROM membres WHERE uid= ?;", array($uid));
1063  if (!$db->next_record()) {
1064  $msg->raise("ERROR", "admin", _("Account not found"));
1065  return false;
1066  }
1067  if ($db->Record["su"] != 1) {
1068  $msg->raise("ERROR", "admin", _("This account is NOT an administrator account!"));
1069  return false;
1070  }
1071  $db->query("UPDATE membres SET su=0 WHERE uid= ?;", array($uid));
1072  return true;
1073  }
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
m_admin::unlock_mem (   $uid)

UnLock an account.

UnLock an account and prevent the user to access its account.

Parameters
globalm_messages $msg
globalm_mysql $db
int$uidThe uid number of the account
Returns
boolean Returns FALSE if an error occurs, TRUE if not.

Definition at line 840 of file m_admin.php.

References $db, $msg, $uid, and enabled.

840  {
841  global $msg, $db;
842  $msg->log("admin", "unlock_mem", $uid);
843  if (!$this->enabled) {
844  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
845  return false;
846  }
847  $db = new DB_System();
848  if ($db->query("UPDATE membres SET enabled='1' WHERE uid= ?;", array($uid))) {
849  return true;
850  } else {
851  $msg->raise("ERROR", "admin", _("Account not found"));
852  return false;
853  }
854  }
$uid
global $db
Definition: bootstrap.php:22
$msg
Definition: config.php:155
$admin enabled
Definition: newone.php:38
m_admin::update_mem (   $uid,
  $mail,
  $nom,
  $prenom,
  $pass,
  $enabled,
  $canpass,
  $type = 'default',
  $duration = 0,
  $notes = "",
  $reset_quotas = false 
)

Edit an account.

Change an account (in the tables membres and local). Prevents any manipulation of the account if the account $mid is not super-admin.

Parameters
globalm_messages $msg
globalm_mysql $db
globalint $cuid
globalm_quota $quota
int$uidThe uid number of the account we want to modify
string$mailNew email address of the account owner
string$nomNew name of the account owner
string$prenomNew first name of the account owner
string$passNew password (max. 64 characters)
string$enabled(value: 0 or 1) activates or desactivates the
boolean$canpass
int$typeNew type of account
int$duration
string$notes
boolean$reset_quotas
Returns
boolean Returns FALSE if an error occurs, TRUE if not

Definition at line 763 of file m_admin.php.

References $db, $msg, $uid, _md5cr(), enabled, and renew_update().

763  {
764  global $msg, $db, $quota;
765 
766  $msg->log("admin", "update_mem", $uid);
767 
768  if (!$this->enabled) {
769  $msg->raise("ERROR", "admin", _("-- Only administrators can access this page! --"));
770  return false;
771  }
772  $db = new DB_System();
773 
774  if ($pass) {
775  $pass = _md5cr($pass);
776  $second_query = "UPDATE membres SET mail= ?, canpass= ?, enabled= ?, `type`= ?, notes= ? , pass = ? WHERE uid= ?;";
777  $second_query_args = array($mail, $canpass, $enabled, $type, $notes, $pass, $uid);
778  } else {
779  $second_query = "UPDATE membres SET mail= ?, canpass= ?, enabled= ?, `type`= ?, notes= ? WHERE uid= ?;";
780  $second_query_args = array($mail, $canpass, $enabled, $type, $notes, $uid);
781  }
782 
783  $old_mem = $this->get($uid);
784 
785  if(
786  ($db->query("UPDATE local SET nom= ?, prenom= ? WHERE uid=?;", array($nom, $prenom, $uid))) &&
787  ($db->query($second_query, $second_query_args))
788  ){
789  if ($reset_quotas == "on" || $type != $old_mem['type']) {
790  $quota->addquotas();
791  $quota->synchronise_user_profile();
792  }
793  $this->renew_update($uid, $duration);
794  return true;
795  } else {
796  $msg->raise("ERROR", "admin", _("Account not found"));
797  return false;
798  }
799  }
$uid
global $db
Definition: bootstrap.php:22
_md5cr($pass, $salt="")
Hashe a password using proper crypto function.
Definition: functions.php:533
$msg
Definition: config.php:155
renew_update($uid, $duration)
Update the duration information for an account.
Definition: m_admin.php:946
$admin enabled
Definition: newone.php:38
$enabled
$enabled tells if the logged user is super-admin or not
Definition: m_admin.php:32

Member Data Documentation

m_admin::$archive = ''

Definition at line 41 of file m_admin.php.

m_admin::$enabled = 0

$enabled tells if the logged user is super-admin or not

Definition at line 32 of file m_admin.php.

m_admin::$tldmode = array()

List of the controls made for each TLD.

$tldmode is used by the administration panel, while choosing the authorized TLDs. It's an array of strings explaining the current state of the TLD.

Definition at line 40 of file m_admin.php.


The documentation for this class was generated from the following file: