git.schokokeks.org
Repositories
Help
Report an Issue
webinterface.git
Code
Commits
Branches
Tags
Suche
Strukturansicht:
dcc202f
Branches
Tags
master
ticket
webinterface.git
modules
jabber
include
jabberaccounts.php
Change license from CC0 to 0BSD, all contributors agreed
Hanno Böck
commited
dcc202f
at 2022-08-20 09:22:23
jabberaccounts.php
Blame
History
Raw
<?php /* This file belongs to the Webinterface of schokokeks.org Hosting Written by schokokeks.org Hosting, namely Bernd Wurst <bernd@schokokeks.org> Hanno Böck <hanno@schokokeks.org> This code is published under a 0BSD license. Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code. */ require_once("inc/debug.php"); require_once("inc/security.php"); require_once('class/domain.php'); function get_jabber_accounts() { require_role(ROLE_CUSTOMER); $customerno = (int) $_SESSION['customerinfo']['customerno']; $result = db_query("SELECT id, `create`, created, lastactivity, local, domain FROM jabber.accounts WHERE customerno=? AND `delete`=0", [$customerno]); $accounts = []; if (@$result->rowCount() > 0) { while ($acc = @$result->fetch()) { array_push($accounts, $acc); } } return $accounts; } function get_jabberaccount_details($id) { require_role(ROLE_CUSTOMER); $args = [":customerno" => $_SESSION['customerinfo']['customerno'], ":id" => $id, ]; $result = db_query("SELECT id, local, domain FROM jabber.accounts WHERE customerno=:customerno AND id=:id", $args); if ($result->rowCount() != 1) { system_failure("Invalid account"); } $data = $result->fetch(); if ($data['domain'] == null) { $data['domain'] = config('masterdomain'); } else { $dom = new Domain((int) $data['domain']); $dom->ensure_customerdomain(); $data['domain'] = $dom->fqdn; } return $data; } function valid_jabber_password($pass) { // Hier könnten erweiterte Checks stehen wenn nötig. /*$foo = ereg_replace('["\']', '', $pass); DEBUG("\$foo = {$foo} / \$pass = {$pass}"); return ($foo == $pass); */ return true; } function create_jabber_account($local, $domain, $password) { require_role(ROLE_CUSTOMER); $data = [":customerno" => $_SESSION['customerinfo']['customerno'], ":local" => filter_input_username(strtolower($local)), ":domain" => $domain, ]; if (!valid_jabber_password($password)) { system_failure('Das Passwort enthält Zeichen, die aufgrund technischer Beschränkungen momentan nicht benutzt werden können.'); } $check = strong_password($password); if ($check !== true) { system_failure('Das Passwort ist nicht sicher genug.'); } $data[':password'] = $password; if ($domain > 0) { $args = [":domain" => $data[":domain"], ":customerno" => $data[":customerno"]]; $result = db_query("SELECT id FROM kundendaten.domains WHERE kunde=:customerno AND jabber=1 AND id=:domain", $args); if ($result->rowCount() == 0) { logger(LOG_WARNING, "modules/jabber/include/jabberaccounts", "jabber", "attempt to create account for invalid domain »{$domain}«"); system_failure("Invalid domain!"); } } $args = [":domain" => $data[":domain"], ":local" => $data[":local"]]; $domainquery = "domain=:domain"; if ($domain == 0) { unset($args[":domain"]); $data[":domain"] = null; $domainquery = 'domain IS NULL'; } $result = db_query("SELECT id FROM jabber.accounts WHERE local=:local AND {$domainquery}", $args); if ($result->rowCount() > 0) { logger(LOG_WARNING, "modules/jabber/include/jabberaccounts", "jabber", "attempt to create already existing account »{$local}@{$domain}«"); system_failure("Diesen Account gibt es bereits!"); } db_query("INSERT INTO jabber.accounts (customerno,local,domain,password) VALUES (:customerno, :local, :domain, :password);", $data); logger(LOG_INFO, "modules/jabber/include/jabberaccounts", "jabber", "created account »{$local}@{$domain}«"); } function change_jabber_password($id, $password) { require_role(ROLE_CUSTOMER); if (!valid_jabber_password($password)) { system_failure('Das Passwort enthält Zeichen, die aufgrund technischer Beschränkungen momentan nicht benutzt werden können.'); } $check = strong_password($password); if ($check !== true) { system_failure('Das Passwort ist nicht sicher genug.'); } $args = [":customerno" => $_SESSION['customerinfo']['customerno'], ":id" => $id, ":password" => $password, ]; db_query("UPDATE jabber.accounts SET password=:password WHERE customerno=:customerno AND id=:id", $args); logger(LOG_INFO, "modules/jabber/include/jabberaccounts", "jabber", "changed password for account »{$id}«"); } function delete_jabber_account($id) { require_role(ROLE_CUSTOMER); $args = [":customerno" => $_SESSION['customerinfo']['customerno'], ":id" => $id, ]; db_query("UPDATE jabber.accounts SET `delete`=1 WHERE customerno=:customerno AND id=:id", $args); logger(LOG_INFO, "modules/jabber/include/jabberaccounts", "jabber", "deleted account »{$id}«"); } function domains_without_accounts() { $domains = get_domain_list((int) $_SESSION['customerinfo']['customerno']); $accounts = get_jabber_accounts(); $obsolete_domains = []; foreach ($domains as $d) { if ($d->jabber != 1) { continue; } $found = false; foreach ($accounts as $a) { if ($a['domain'] == $d->id) { $found = true; } } if (! $found) { $obsolete_domains[] = $d; } } return $obsolete_domains; } function delete_jabber_domain($id) { $d = new Domain((int) $id); $d->ensure_customerdomain(); $obsolete_domains = domains_without_accounts(); $found = false; foreach ($obsolete_domains as $od) { if ($od->id == $d->id) { $found = true; } } if (! $found) { system_failure('Diese Domain ist nicht unbenutzt.'); } db_query("UPDATE kundendaten.domains SET jabber=0 WHERE jabber=1 AND id=?", [$d->id]); } function new_jabber_domain($id) { $d = new Domain((int) $id); $d->ensure_customerdomain(); db_query("UPDATE kundendaten.domains SET jabber=2 WHERE jabber=0 AND id=?", [$d->id]); }