2010-01-27 08:54:31 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* This file is part of the Froxlor project.
|
|
|
|
|
* Copyright (c) 2010 the Froxlor Team (see authors).
|
|
|
|
|
*
|
2022-04-28 18:48:00 +00:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
2010-01-27 08:54:31 +00:00
|
|
|
*
|
2022-04-28 18:48:00 +00:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
2011-05-04 09:59:20 +00:00
|
|
|
*
|
2022-04-28 18:48:00 +00:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, you can also view it online at
|
|
|
|
|
* https://files.froxlor.org/misc/COPYING.txt
|
|
|
|
|
*
|
|
|
|
|
* @copyright the authors
|
|
|
|
|
* @author Froxlor team <team@froxlor.org>
|
|
|
|
|
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
|
2010-01-27 08:54:31 +00:00
|
|
|
*/
|
2022-04-28 18:48:00 +00:00
|
|
|
|
2022-02-20 17:00:44 +00:00
|
|
|
const AREA = 'customer';
|
|
|
|
|
require __DIR__ . '/lib/init.php';
|
2010-01-27 08:54:31 +00:00
|
|
|
|
2022-04-28 18:48:00 +00:00
|
|
|
use Froxlor\Api\Commands\Customers as Customers;
|
2023-06-07 14:18:05 +00:00
|
|
|
use Froxlor\Cron\TaskId;
|
2022-04-28 18:48:00 +00:00
|
|
|
use Froxlor\CurrentUser;
|
2018-12-19 15:57:03 +00:00
|
|
|
use Froxlor\Database\Database;
|
2024-02-11 09:26:22 +00:00
|
|
|
use Froxlor\Database\DbManager;
|
2022-04-28 18:48:00 +00:00
|
|
|
use Froxlor\Froxlor;
|
|
|
|
|
use Froxlor\FroxlorLogger;
|
2023-06-07 14:18:05 +00:00
|
|
|
use Froxlor\Language;
|
2018-12-19 15:57:03 +00:00
|
|
|
use Froxlor\Settings;
|
2023-06-07 14:18:05 +00:00
|
|
|
use Froxlor\System\Cronjob;
|
2022-04-28 18:48:00 +00:00
|
|
|
use Froxlor\System\Crypt;
|
2022-02-17 11:01:54 +00:00
|
|
|
use Froxlor\UI\Panel\UI;
|
2024-05-09 13:48:23 +00:00
|
|
|
use Froxlor\UI\Request;
|
2022-04-28 18:48:00 +00:00
|
|
|
use Froxlor\UI\Response;
|
|
|
|
|
use Froxlor\Validate\Validate;
|
2018-12-18 12:45:05 +00:00
|
|
|
|
2013-04-27 07:26:48 +00:00
|
|
|
if ($action == 'logout') {
|
2023-06-07 09:49:57 +00:00
|
|
|
$log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, 'logged out');
|
2010-01-27 08:54:31 +00:00
|
|
|
|
2022-03-14 21:51:59 +00:00
|
|
|
unset($_SESSION['userinfo']);
|
2022-04-28 18:48:00 +00:00
|
|
|
CurrentUser::setData();
|
2022-03-14 21:51:59 +00:00
|
|
|
session_destroy();
|
2013-12-04 17:32:46 +00:00
|
|
|
|
2022-04-28 18:48:00 +00:00
|
|
|
Response::redirectTo('index.php');
|
2022-03-14 21:51:59 +00:00
|
|
|
} elseif ($action == 'suback') {
|
2022-04-28 18:48:00 +00:00
|
|
|
if (is_array(CurrentUser::getField('switched_user'))) {
|
|
|
|
|
$result = CurrentUser::getData();
|
2022-03-14 21:51:59 +00:00
|
|
|
$result = $result['switched_user'];
|
2023-08-11 10:13:33 +00:00
|
|
|
session_regenerate_id(true);
|
2022-04-28 18:48:00 +00:00
|
|
|
CurrentUser::setData($result);
|
2024-05-09 14:03:46 +00:00
|
|
|
$target = Request::get('target', 'index');
|
2022-03-14 21:51:59 +00:00
|
|
|
$redirect = "admin_" . $target . ".php";
|
2022-04-28 18:48:00 +00:00
|
|
|
if (!file_exists(Froxlor::getInstallDir() . "/" . $redirect)) {
|
2022-03-14 21:51:59 +00:00
|
|
|
$redirect = "admin_index.php";
|
|
|
|
|
}
|
2022-04-28 18:48:00 +00:00
|
|
|
Response::redirectTo($redirect, null, true);
|
2022-03-14 21:51:59 +00:00
|
|
|
} else {
|
2022-04-28 18:48:00 +00:00
|
|
|
Response::dynamicError("Cannot change back - You've never switched to another user :-)");
|
2022-03-14 21:51:59 +00:00
|
|
|
}
|
2010-01-27 08:54:31 +00:00
|
|
|
}
|
|
|
|
|
|
2013-04-27 07:26:48 +00:00
|
|
|
if ($page == 'overview') {
|
2023-06-07 09:49:57 +00:00
|
|
|
$log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_index");
|
2013-12-04 17:32:46 +00:00
|
|
|
|
2013-10-31 10:51:01 +00:00
|
|
|
$domain_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
|
|
|
|
|
WHERE `customerid` = :customerid
|
|
|
|
|
AND `parentdomainid` = '0'
|
2013-11-28 12:07:53 +00:00
|
|
|
AND `id` <> :standardsubdomain
|
|
|
|
|
");
|
2022-04-28 18:48:00 +00:00
|
|
|
Database::pexecute($domain_stmt, [
|
2018-12-22 07:15:31 +00:00
|
|
|
"customerid" => $userinfo['customerid'],
|
|
|
|
|
"standardsubdomain" => $userinfo['standardsubdomain']
|
2022-04-28 18:48:00 +00:00
|
|
|
]);
|
2013-12-04 17:32:46 +00:00
|
|
|
|
2022-04-28 18:48:00 +00:00
|
|
|
$domainArray = [];
|
2013-10-31 10:51:01 +00:00
|
|
|
while ($row = $domain_stmt->fetch(PDO::FETCH_ASSOC)) {
|
2010-01-27 08:54:31 +00:00
|
|
|
$domainArray[] = $idna_convert->decode($row['domain']);
|
|
|
|
|
}
|
|
|
|
|
natsort($domainArray);
|
2013-11-28 12:07:53 +00:00
|
|
|
|
|
|
|
|
// standard-subdomain
|
|
|
|
|
$stdsubdomain = '';
|
2018-12-22 07:15:31 +00:00
|
|
|
if ($userinfo['standardsubdomain'] != '0') {
|
2013-11-28 12:07:53 +00:00
|
|
|
$std_domain_stmt = Database::prepare("
|
|
|
|
|
SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
|
|
|
|
|
WHERE `customerid` = :customerid
|
|
|
|
|
AND `id` = :standardsubdomain
|
|
|
|
|
");
|
2022-04-28 18:48:00 +00:00
|
|
|
$std_domain = Database::pexecute_first($std_domain_stmt, [
|
2018-12-22 07:15:31 +00:00
|
|
|
"customerid" => $userinfo['customerid'],
|
|
|
|
|
"standardsubdomain" => $userinfo['standardsubdomain']
|
2022-04-28 18:48:00 +00:00
|
|
|
]);
|
2013-11-28 12:07:53 +00:00
|
|
|
$stdsubdomain = $std_domain['domain'];
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-22 07:15:31 +00:00
|
|
|
$userinfo['email'] = $idna_convert->decode($userinfo['email']);
|
2010-01-27 08:54:31 +00:00
|
|
|
$yesterday = time() - (60 * 60 * 24);
|
|
|
|
|
$month = date('M Y', $yesterday);
|
|
|
|
|
|
2016-09-19 09:42:08 +00:00
|
|
|
// get disk-space usages for web, mysql and mail
|
2018-12-21 11:24:07 +00:00
|
|
|
$usages_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DISKSPACE . "` WHERE `customerid` = :cid ORDER BY `stamp` DESC LIMIT 1");
|
2022-04-28 18:48:00 +00:00
|
|
|
$usages = Database::pexecute_first($usages_stmt, [
|
2018-12-22 07:15:31 +00:00
|
|
|
'cid' => $userinfo['customerid']
|
2022-04-28 18:48:00 +00:00
|
|
|
]);
|
2016-09-19 09:42:08 +00:00
|
|
|
|
2021-01-18 20:22:29 +00:00
|
|
|
// get everything in bytes for the percentage calculation on the dashboard
|
|
|
|
|
$userinfo['diskspace_bytes'] = ($userinfo['diskspace'] > -1) ? $userinfo['diskspace'] * 1024 : -1;
|
2022-03-14 21:51:59 +00:00
|
|
|
$userinfo['traffic_bytes'] = ($userinfo['traffic'] > -1) ? $userinfo['traffic'] * 1024 : -1;
|
2022-11-04 11:49:26 +00:00
|
|
|
$userinfo['traffic_bytes_used'] = $userinfo['traffic_used'] * 1024;
|
2021-01-18 20:22:29 +00:00
|
|
|
|
2023-07-24 12:59:05 +00:00
|
|
|
if (Settings::Get('system.mail_quota_enabled')) {
|
2023-12-15 08:32:02 +00:00
|
|
|
$userinfo['email_quota_bytes'] = ($userinfo['email_quota'] > -1) ? $userinfo['email_quota'] * 1024 * 1024 : -1;
|
|
|
|
|
$userinfo['email_quota_bytes_used'] = $userinfo['email_quota_used'] * 1024 * 1024;
|
2023-07-24 12:59:05 +00:00
|
|
|
}
|
|
|
|
|
|
2021-01-18 19:49:55 +00:00
|
|
|
if ($usages) {
|
2021-01-18 20:22:29 +00:00
|
|
|
$userinfo['diskspace_bytes_used'] = $usages['webspace'] * 1024;
|
2023-06-07 14:18:05 +00:00
|
|
|
$userinfo['mailspace_used'] = $usages['mail'] * 1024;
|
2023-01-12 15:52:14 +00:00
|
|
|
$userinfo['dbspace_used'] = $usages['mysql'] * 1024;
|
2021-01-18 20:22:29 +00:00
|
|
|
$userinfo['total_bytes_used'] = ($usages['webspace'] + $usages['mail'] + $usages['mysql']) * 1024;
|
2019-10-08 10:38:22 +00:00
|
|
|
} else {
|
2021-01-18 20:22:29 +00:00
|
|
|
$userinfo['diskspace_bytes_used'] = 0;
|
|
|
|
|
$userinfo['total_bytes_used'] = 0;
|
2023-06-07 14:18:05 +00:00
|
|
|
$userinfo['mailspace_used'] = 0;
|
2023-01-12 15:52:14 +00:00
|
|
|
$userinfo['dbspace_used'] = 0;
|
2019-10-08 10:38:22 +00:00
|
|
|
}
|
2010-01-27 08:54:31 +00:00
|
|
|
|
2022-02-20 10:38:08 +00:00
|
|
|
UI::twig()->addGlobal('userinfo', $userinfo);
|
2022-03-18 11:53:34 +00:00
|
|
|
UI::view('user/index.html.twig', [
|
2022-02-17 11:01:54 +00:00
|
|
|
'domains' => $domainArray,
|
|
|
|
|
'stdsubdomain' => $stdsubdomain
|
|
|
|
|
]);
|
2023-06-07 14:18:05 +00:00
|
|
|
} elseif ($page == 'profile') {
|
|
|
|
|
$languages = Language::getLanguages();
|
2021-04-14 06:59:44 +00:00
|
|
|
|
2023-06-07 14:18:05 +00:00
|
|
|
if (!empty($_POST)) {
|
2024-05-09 13:48:23 +00:00
|
|
|
if (Request::post('send') == 'changepassword') {
|
|
|
|
|
$old_password = Validate::validate(Request::post('old_password'), 'old password');
|
2010-01-27 08:54:31 +00:00
|
|
|
|
2023-06-07 14:18:05 +00:00
|
|
|
if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_CUSTOMERS, 'customerid')) {
|
|
|
|
|
Response::standardError('oldpasswordnotcorrect');
|
|
|
|
|
}
|
2010-01-27 08:54:31 +00:00
|
|
|
|
2018-02-23 11:48:17 +00:00
|
|
|
try {
|
2024-05-09 13:48:23 +00:00
|
|
|
$new_password = Crypt::validatePassword(Request::post('new_password'), 'new password');
|
|
|
|
|
$new_password_confirm = Crypt::validatePassword(Request::post('new_password_confirm'), 'new password confirm');
|
2018-02-23 11:48:17 +00:00
|
|
|
} catch (Exception $e) {
|
2022-04-28 18:48:00 +00:00
|
|
|
Response::dynamicError($e->getMessage());
|
2018-02-23 11:48:17 +00:00
|
|
|
}
|
2010-01-27 08:54:31 +00:00
|
|
|
|
2023-06-07 14:18:05 +00:00
|
|
|
if ($old_password == '') {
|
|
|
|
|
Response::standardError([
|
|
|
|
|
'stringisempty',
|
|
|
|
|
'changepassword.old_password'
|
|
|
|
|
]);
|
|
|
|
|
} elseif ($new_password == '') {
|
|
|
|
|
Response::standardError([
|
|
|
|
|
'stringisempty',
|
|
|
|
|
'changepassword.new_password'
|
|
|
|
|
]);
|
|
|
|
|
} elseif ($new_password_confirm == '') {
|
|
|
|
|
Response::standardError([
|
|
|
|
|
'stringisempty',
|
|
|
|
|
'changepassword.new_password_confirm'
|
|
|
|
|
]);
|
|
|
|
|
} elseif ($new_password != $new_password_confirm) {
|
|
|
|
|
Response::standardError('newpasswordconfirmerror');
|
|
|
|
|
} else {
|
|
|
|
|
// Update user password
|
|
|
|
|
try {
|
|
|
|
|
Customers::getLocal($userinfo, [
|
|
|
|
|
'id' => $userinfo['customerid'],
|
|
|
|
|
'new_customer_password' => $new_password
|
|
|
|
|
])->update();
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
Response::dynamicError($e->getMessage());
|
|
|
|
|
}
|
|
|
|
|
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed password');
|
|
|
|
|
|
|
|
|
|
// Update ftp password
|
2024-05-09 13:48:23 +00:00
|
|
|
if (Request::post('change_main_ftp') == 'true') {
|
2023-06-07 14:18:05 +00:00
|
|
|
$cryptPassword = Crypt::makeCryptPassword($new_password);
|
|
|
|
|
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
|
2013-10-31 10:51:01 +00:00
|
|
|
SET `password` = :password
|
|
|
|
|
WHERE `customerid` = :customerid
|
2018-12-21 11:24:07 +00:00
|
|
|
AND `username` = :username");
|
2023-06-07 14:18:05 +00:00
|
|
|
$params = [
|
|
|
|
|
"password" => $cryptPassword,
|
|
|
|
|
"customerid" => $userinfo['customerid'],
|
|
|
|
|
"username" => $userinfo['loginname']
|
|
|
|
|
];
|
|
|
|
|
Database::pexecute($stmt, $params);
|
|
|
|
|
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed main ftp password');
|
|
|
|
|
}
|
2010-01-27 08:54:31 +00:00
|
|
|
|
2023-06-07 14:18:05 +00:00
|
|
|
// Update statistics password
|
2024-05-09 13:48:23 +00:00
|
|
|
if (Request::post('change_stats') == 'true') {
|
2023-06-07 14:18:05 +00:00
|
|
|
$new_stats_password = Crypt::makeCryptPassword($new_password, true);
|
2013-12-04 17:32:46 +00:00
|
|
|
|
2023-06-07 14:18:05 +00:00
|
|
|
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "`
|
2013-10-31 10:51:01 +00:00
|
|
|
SET `password` = :password
|
|
|
|
|
WHERE `customerid` = :customerid
|
2018-12-21 11:24:07 +00:00
|
|
|
AND `username` = :username");
|
2023-06-07 14:18:05 +00:00
|
|
|
$params = [
|
|
|
|
|
"password" => $new_stats_password,
|
|
|
|
|
"customerid" => $userinfo['customerid'],
|
|
|
|
|
"username" => $userinfo['loginname']
|
|
|
|
|
];
|
|
|
|
|
Database::pexecute($stmt, $params);
|
|
|
|
|
Cronjob::inserttask(TaskId::REBUILD_VHOST);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-11 09:26:22 +00:00
|
|
|
// Update global myqsl user password
|
2024-05-09 13:48:23 +00:00
|
|
|
if ($userinfo['mysqls'] != 0 && Request::post('change_global_mysql') == 'true') {
|
2024-02-11 09:26:22 +00:00
|
|
|
$allowed_mysqlservers = json_decode($userinfo['allowed_mysqlserver'] ?? '[]', true);
|
|
|
|
|
foreach ($allowed_mysqlservers as $dbserver) {
|
|
|
|
|
// require privileged access for target db-server
|
|
|
|
|
Database::needRoot(true, $dbserver, false);
|
|
|
|
|
// get DbManager
|
|
|
|
|
$dbm = new DbManager($log);
|
|
|
|
|
// give permission to the user on every access-host we have
|
|
|
|
|
foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
|
2024-05-10 10:37:38 +00:00
|
|
|
if ($dbm->getManager()->userExistsOnHost($userinfo['loginname'], $mysql_access_host)) {
|
|
|
|
|
$dbm->getManager()->grantPrivilegesTo($userinfo['loginname'], $new_password, $mysql_access_host, false, true);
|
|
|
|
|
} else {
|
|
|
|
|
// create global mysql user if not exists
|
|
|
|
|
$dbm->getManager()->grantPrivilegesTo($userinfo['loginname'], $new_password, $mysql_access_host, false, false, true);
|
|
|
|
|
}
|
2024-02-11 09:26:22 +00:00
|
|
|
}
|
|
|
|
|
$dbm->getManager()->flushPrivileges();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-07 14:18:05 +00:00
|
|
|
Response::redirectTo($filename);
|
2010-01-27 08:54:31 +00:00
|
|
|
}
|
2024-05-09 13:48:23 +00:00
|
|
|
} elseif (Request::post('send') == 'changetheme') {
|
2023-06-07 14:18:05 +00:00
|
|
|
if (Settings::Get('panel.allow_theme_change_customer') == 1) {
|
2024-05-09 13:48:23 +00:00
|
|
|
$theme = Validate::validate(Request::post('theme'), 'theme');
|
2023-06-07 14:18:05 +00:00
|
|
|
try {
|
|
|
|
|
Customers::getLocal($userinfo, [
|
|
|
|
|
'id' => $userinfo['customerid'],
|
|
|
|
|
'theme' => $theme
|
|
|
|
|
])->update();
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
Response::dynamicError($e->getMessage());
|
|
|
|
|
}
|
2010-01-27 08:54:31 +00:00
|
|
|
|
2023-06-07 14:18:05 +00:00
|
|
|
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
|
|
|
|
|
}
|
2022-04-28 18:48:00 +00:00
|
|
|
Response::redirectTo($filename);
|
2024-05-09 13:48:23 +00:00
|
|
|
} elseif (Request::post('send') == 'changelanguage') {
|
|
|
|
|
$def_language = Validate::validate(Request::post('def_language'), 'default language');
|
2023-06-07 14:18:05 +00:00
|
|
|
if (isset($languages[$def_language])) {
|
|
|
|
|
try {
|
|
|
|
|
Customers::getLocal($userinfo, [
|
|
|
|
|
'id' => $userinfo['customerid'],
|
|
|
|
|
'def_language' => $def_language
|
|
|
|
|
])->update();
|
|
|
|
|
CurrentUser::setField('language', $def_language);
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
Response::dynamicError($e->getMessage());
|
|
|
|
|
}
|
2018-02-23 11:48:17 +00:00
|
|
|
}
|
2023-06-07 14:18:05 +00:00
|
|
|
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
|
|
|
|
|
Response::redirectTo($filename);
|
2010-01-27 08:54:31 +00:00
|
|
|
}
|
2013-04-27 07:26:48 +00:00
|
|
|
} else {
|
2023-06-07 14:18:05 +00:00
|
|
|
// change theme
|
2013-12-15 11:24:32 +00:00
|
|
|
$default_theme = Settings::Get('panel.default_theme');
|
2018-12-22 07:15:31 +00:00
|
|
|
if ($userinfo['theme'] != '') {
|
|
|
|
|
$default_theme = $userinfo['theme'];
|
2011-02-08 11:53:24 +00:00
|
|
|
}
|
2022-03-27 10:44:44 +00:00
|
|
|
$themes_avail = UI::getThemes();
|
2011-02-08 11:53:24 +00:00
|
|
|
|
2023-06-07 14:18:05 +00:00
|
|
|
// change language
|
|
|
|
|
$default_lang = Settings::Get('panel.standardlanguage');
|
|
|
|
|
if ($userinfo['def_language'] != '') {
|
|
|
|
|
$default_lang = $userinfo['def_language'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
UI::view('user/profile.html.twig', [
|
2022-03-18 10:41:07 +00:00
|
|
|
'themes' => $themes_avail,
|
2023-06-07 14:18:05 +00:00
|
|
|
'default_theme' => $default_theme,
|
|
|
|
|
'languages' => $languages,
|
|
|
|
|
'default_lang' => $default_lang,
|
2022-03-18 10:41:07 +00:00
|
|
|
]);
|
2011-02-08 11:53:24 +00:00
|
|
|
}
|
2013-12-15 11:24:32 +00:00
|
|
|
} elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_customer') == '1') {
|
2022-03-27 10:44:44 +00:00
|
|
|
require_once __DIR__ . '/error_report.php';
|
2018-12-21 11:24:07 +00:00
|
|
|
} elseif ($page == 'apikeys' && Settings::Get('api.enabled') == 1) {
|
2018-03-04 11:40:47 +00:00
|
|
|
require_once __DIR__ . '/api_keys.php';
|
2018-12-21 18:25:06 +00:00
|
|
|
} elseif ($page == '2fa' && Settings::Get('2fa.enabled') == 1) {
|
|
|
|
|
require_once __DIR__ . '/2fa.php';
|
2018-02-22 12:41:28 +00:00
|
|
|
}
|
