modules/systemuser/save.php
2903b74d
 <?php
 
 require_once('session/start.php');
 
 require_once('useraccounts.php');
 
 require_once('inc/security.php');
 
 
09edb607
 require_role(array(ROLE_CUSTOMER, ROLE_SYSTEMUSER));
 
 $role = $_SESSION['role'];
2903b74d
 
 require_once("inc/debug.php");
 global $debugmode;
 
 if ($_GET['action'] == 'new')
 {
   system_failure('not implemented');
   /*
8c86a8ce
   check_form_token('systemuser_new');
   if (filter_input_username($_POST['username']) == '' ||
2903b74d
       filter_shell($_POST['password']) == '')
   {
     input_error('Sie müssen alle Felder ausfüllen!');
   }
   else
   {
     create_jabber_account($_POST['local'], $_POST['domain'], $_POST['password']);
     if (! $debugmode)
63a0529b
       header('Location: accounts');
2903b74d
   }
   */
 }
92f133ee
 elseif ($_GET['action'] == 'pwchange')
2903b74d
 {
09edb607
   if (! $role & ROLE_CUSTOMER)
     system_failure("Zum Ändern Ihres Passworts verwenden Sie bitte die Funktion im Hauptmenü!");
2903b74d
   $error = false;
92f133ee
   check_form_token('systemuser_pwchange');
   if (customer_useraccount($_REQUEST['uid']))
     system_failure('Zum Ändern dieses Passworts verwenden Sie bitte die Funktion im Hauptmenü!');
8c86a8ce
 
92f133ee
   //if (! strong_password($_POST['newpass']))
   //  input_error('Das Passwort ist zu einfach');
   //else
   if ($_POST['newpass1'] == '' ||
       $_POST['newpass1'] != $_POST['newpass2'])
   {
     input_error('Bitte zweimal ein neues Passwort eingeben!');
     $error = true;
   }
   else
2903b74d
   {
92f133ee
     $user = get_account_details($_REQUEST['uid']);
     # set_systemuser_password kommt aus den Session-Funktionen!
     set_systemuser_password($user['uid'], $_POST['newpass1']);
2903b74d
   }
92f133ee
   if (! ($debugmode || $error))
     header('Location: accounts');
 }
 elseif ($_GET['action'] == 'edit')
 {
   check_form_token('systemuser_edit');
09edb607
   $account = NULL;
   if ($role & ROLE_CUSTOMER)
     $account = get_account_details($_REQUEST['uid']);
   else
     $account = get_account_details($_SESSION['userinfo']['uid'], $_SESSION['userinfo']['customerno']);
92f133ee
 
09edb607
   if ($role & ROLE_CUSTOMER)
   {
     $customerquota = get_customer_quota();
     $maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
    
     $quota = (int) $_POST['quota'];
     if ($quota > $maxquota) 
       system_failure("Sie können diesem Account maximal {$maxquota} MB Speicherplatz zuweisen.");
     $account['quota'] = $quota;
   }
92f133ee
 
   if ($_POST['defaultname'] == 1)
     $account['name'] = NULL;
   else
     $account['name'] = filter_input_general($_POST['fullname']);
   
   $shells = available_shells();
   if (isset($shells[$_POST['shell']]))
     $account['shell'] = $_POST['shell'];
bf1049d9
   else
     if (isset($_POST['shell']) && $_POST['shell'] != '')
       system_failure('Ungültige Shell');
2903b74d
 
92f133ee
   set_account_details($account);
09edb607
   $target = 'accounts';
   if (! ($role & ROLE_CUSTOMER))
     $target = 'myaccount';
2903b74d
   if (! ($debugmode || $error))
09edb607
     header('Location: '.$target);
2903b74d
   
 }
 elseif ($_GET['action'] == 'delete')
 {
   system_failure("Benutzeraccounts zu löschen ist momentan nicht über diese Oberfläche möglich. Bitte wenden Sie sich an einen Administrator.");
   /*
   $account_string = filter_input_general( $account['local'].'@'.$account['domain'] );
   $sure = user_is_sure();
   if ($sure === NULL)
   {
d5f2f3f4
     are_you_sure("action=delete&account={$_GET['account']}", "Möchten Sie den Account »{$account_string}« wirklich löschen?");
2903b74d
   }
   elseif ($sure === true)
   {
     delete_jabber_account($account['id']);
     if (! $debugmode)
63a0529b
       header("Location: accounts");
2903b74d
   }
   elseif ($sure === false)
   {
     if (! $debugmode)
63a0529b
       header("Location: accounts");
2903b74d
   }
   */
 }
 else
   system_failure("Unimplemented action");
 
 output('');
 
 
 ?>