Überarbeitetes Systemuser-Modul, mit dem man Quotas, Realname und Shell selbst setzen kann. (92f133e)

Überarbeitetes Systemuser-Modul, mit dem man Quotas, Realname und Shell selbst setzen kann.

bernd commited on 2010-04-12 15:46:40
Zeige 8 geänderte Dateien mit 178 Einfügungen und 43 Löschungen.

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1718 87cf0b9e-d624-0410-a070-f6ee81989793

images/user_delete.png 0000000..acbb563
images/user_edit.png 0000000..c1974cd
inc/icons.php 75f6c60..0b692fe
modules/systemuser/accounts.php e4101e4..1a7d227
modules/systemuser/edit.php 4ec26b1..c907f02
modules/systemuser/include/useraccounts.php ab198a8..ee4848d
modules/systemuser/pwchange.php 0000000..efe1ae9
modules/systemuser/save.php 7f79492..a1a6693

images/user_delete.png

Zeige Datei @ 92f133e

images/user_edit.png

Zeige Datei @ 92f133e

inc/icons.php

Zeige Datei @ 92f133e

@@ -45,6 +45,12 @@ function icon_error($title = '')
   return "<img src=\"{$prefix}images/error.png\" style=\"height: 16px; width: 16px;\" alt=\"{$title}\" title=\"{$title}\" />";
 }
 
+function icon_edit($title = '')
+{
+  global $prefix;
+  return "<img src=\"{$prefix}images/edit.png\" style=\"height: 16px; width: 16px;\" alt=\"{$title}\" title=\"{$title}\" />";
+}
+
 function icon_pwchange($title = '')
 {
   global $prefix;

modules/systemuser/accounts.php

Zeige Datei @ 92f133e

@@ -1,6 +1,6 @@
 <?php
-
-require_once('session/start.php');
+require_once('inc/base.php');
+require_once('inc/icons.php');
 
 require_once('useraccounts.php');
 
@@ -18,19 +18,37 @@ if (! customer_may_have_useraccounts())
 else
 {
   $accounts = list_useraccounts();
+  $shells = available_shells();
   output("<p>Folgende Benutzeraccounts haben Sie bisher:</p>");
-  output("<table><tr><th>Benutzername</th><th>Name</th><th>Erstellt am</th><th>Speicherplatz</th></tr>");
+  output("<table><tr><th>Benutzeraccount</th><th>Speicherplatz<sup>*</sup></th><th>Aktionen</th></tr>");
   foreach ($accounts as $acc)
   {
+    $shell = $shells[$acc['shell']];
+    $usedquota = get_used_quota($acc['uid']);
+    $quota = array();
+    foreach ($usedquota as $q)
+    {
+      $percent = round(( $q["used"] / $q["quota"] ) * 100 );
+      $color = ( $percent > 99 ? 'red' : ($percent > 80 ? "yellow" : "green" ));
+      $width = 2 * min($percent, 100);
+      $quota[] = "<p>Server <strong>{$q['server']}</strong><br />{$percent}%: {$q['used']} MB von {$q['quota']} MB belegt.</p> 
+        <div style=\"margin: 0; padding: 0; width: 200px; border: 1px solid black;\"><div style=\"font-size: 1px; background-color: {$color}; height: 10px; width: {$width}px; margin: 0; padding: 0;\">&#160;</div></div>";
 
-    output("<tr><td>");
-    if (customer_useraccount($acc->uid))
-      output($acc->username);
-    else
-      output(internal_link('edit', $acc->username, "uid={$acc->uid}"));
-    output("</td><td>{$acc->name}</td><td>{$acc->erstellungsdatum}</td><td>{$acc->quota} MB</td></tr>");
     }
-  output("</table><br />");
+    $realname = $acc['name'] ? $acc['name'] : $_SESSION['customerinfo']['name'];
+    $quotastring = implode('', $quota);
+    output("<tr><td><p><strong>{$acc['username']}</strong> - {$realname}</p><p style=\"color: #555;\">Existiert seit {$acc['erstellungsdatum']}<br />Verwendete Shell: {$shell}</p></td>");
+    output("<td>{$quotastring}</td>");
+    output("<td>".internal_link('edit', other_icon('user_edit.png', 'Bearbeiten'), "uid={$acc['uid']}"));
+    
+    if (! customer_useraccount($acc['uid']))
+    {
+      output(" &#160; ".internal_link('pwchange', icon_pwchange('Passwort neu setzen'), "uid={$acc['uid']}"));
+      #output(" &#160; ".internal_link('deluser', other_icon('user_delete.png', 'Benutzer löschen'), "uid={$acc['uid']}"));
+    }
+    output("</td></tr>\n");
+  }
+  output("</table><p><sup>*</sup>) Die Werte für den verbrauchten Speicherplatz werden periodisch eingelesen und hier erst verspätet angezeigt!</p>");
 }
 
 

modules/systemuser/edit.php

Zeige Datei @ 92f133e

@@ -1,6 +1,6 @@
 <?php
 
-require_once('session/start.php');
+require_once('inc/base.php');
 
 require_once('useraccounts.php');
 
@@ -12,21 +12,42 @@ $section = "systemuser_accounts";
 
 $account = get_account_details($_GET['uid']);
 
+
 output("<h3>Bearbeiten von Benutzer »{$account['username']}«</h3>");
 
-if (customer_useraccount($account['uid']))
-  system_failure('Aus Sicherheitsgründen können Sie diesen Account nicht ändern!');
+#if (customer_useraccount($account['uid']))
+#  system_failure('Aus Sicherheitsgründen können Sie diesen Account nicht ändern!');
+
+$shells = available_shells();
+$defaultname = ($account['name'] ? '' : 'checked="checked" ');
+$nondefaultname = ($account['name'] ? 'checked="checked" ' : '');
+
+$customerquota = get_customer_quota();
+
+$maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
+
+
+output(html_form('systemuser_edit', 'save', 'action=edit&uid='.$account['uid'], '
+
+<h5>Name (E-Mail-Absender, ...)</h5>
+<div style="margin-left: 2em;"> 
+  <p><input type="radio" name="defaultname" id="defaultname" value="1" '.$defaultname.'/> <label for="defaultname">Kundenname: <strong>'.$_SESSION['customerinfo']['name'].'</strong></label></p>
+  <p><input type="radio" name="defaultname" id="nondefaultname" value="0" '.$nondefaultname.'/> <label for="nondefaultname">Abweichend:</label> <input type="text" name="fullname" id="fullname" value="'.$account['name'].'" /></p>
+</div>
+
+<h5>Speicherplatz</h5>
+<div style="margin-left: 2em;">
+  <p>Wenn Sie mehrere Benutzeraccounts haben, können Sie den verfügbaren Speicherplatz selbst auf diese Accounts verteilen, bis diese zusammen das Limit erreichen, das für Ihr Kundenkonto vereinbart wurde (aktuell insgesamt '.$customerquota['max'].' MB).</p>
+  <p><label for="quota">Speicherplatz für »<strong>'.$account['username'].'</strong>«:</label> <input style="text-align: right; width: 5em;" type="text" name="quota" id="quota" value="'.$account['quota'].'" /> MB (Maximal '.$maxquota.' MB möglich.)</p>
+</div>
 
+<h5>Shell</h5>
+<div style="margin-left: 2em;">
+  <p>Hier können Sie eine andere Kommandozeile einstellen. Tun Sie das bitte nur, wenn Sie wissen was Sie tun. Möchten Sie gerne eine Shell benutzen, die hier nicht aufgeführt ist, wenden Sie sich bitte an den Support.</p>
+  <p>'.html_select('shell', $shells, $account['shell']).'</p>
+</div>
 
-output(html_form('systemuser_edit', 'save', 'action=edit', '
-<table>
-<tr><td>Benutzername:</td><td><strong>'.$account['username'].'</strong></td></tr>
-<tr><td>richtiger Name:<br /><span style="font-size:85%;">(wenn nicht »'.$_SESSION['customerinfo']['name'].'«)</span></td><td><input type="text" name="fullname" value="'.$account['name'].'" /></td></tr>
-<tr><td>Passwort:</td><td><input type="password" name="newpass" value="" /><br /><span style="font-size:85%;">(Bitte leer lassen um das Passwort nicht zu ändern!)</span></td></tr>
-<tr><td>Wiederholung:</td><td><input type="password" name="newpass2" value="" /></td></tr>
-</table>
 <p>
-<input type="hidden" name="uid" value="'.$account['uid'].'" />
 <input type="submit" name="submit" value="Speichern" />
 </p>
 '));

modules/systemuser/include/useraccounts.php

Zeige Datei @ 92f133e

@@ -32,17 +32,29 @@ function primary_useraccount()
 }
 
 
+function available_shells()
+{
+  $result = db_query("SELECT path, name FROM system.shells WHERE usable=1");
+  $ret = array();
+  while ($s = mysql_fetch_assoc($result))
+  {
+    $ret[$s['path']] = $s['name'];
+  }
+  DEBUG($ret);
+  return $ret;
+}
+
 
 function list_useraccounts()
 {
   $customerno = (int) $_SESSION['customerinfo']['customerno'];
-  $result = db_query("SELECT uid,username,name,erstellungsdatum,quota FROM system.useraccounts WHERE kunde={$customerno}");
+  $result = db_query("SELECT uid,username,name,erstellungsdatum,quota,shell FROM system.useraccounts WHERE kunde={$customerno}");
   $ret = array();
-  while ($item = mysql_fetch_object($result))
+  while ($item = mysql_fetch_assoc($result))
   {
-    DEBUG('Useraccount: '.print_r($item, true));
     array_push($ret, $item);
   }
+  DEBUG($ret);
   return $ret;
 }
 
@@ -51,25 +63,45 @@ function get_account_details($uid)
 {
   $uid = (int) $uid;
   $customerno = (int) $_SESSION['customerinfo']['customerno'];
-  $result = db_query("SELECT uid,username,name FROM system.useraccounts WHERE kunde={$customerno} AND uid={$uid}");
+  $result = db_query("SELECT uid,username,name,shell,quota FROM system.useraccounts WHERE kunde={$customerno} AND uid={$uid}");
   if (mysql_num_rows($result) == 0)
     system_failure("Cannot find the requestes useraccount (for this customer).");
-  return mysql_fetch_array($result);
+  return mysql_fetch_assoc($result);
 }
 
+function get_used_quota($uid)
+{
+  $uid = (int) $uid;
+  $result = db_query("SELECT s.hostname AS server, used, COALESCE(us.quota, u.quota) AS quota FROM system.usedquota AS uq LEFT JOIN system.useraccounts AS u USING (uid) LEFT JOIN system.servers AS s ON (s.id=uq.server) LEFT JOIN system.user_server AS us ON (us.uid=uq.uid AND us.server=uq.server) WHERE uq.uid='{$uid}'");
+  $ret = array();
+  while ($line = mysql_fetch_assoc($result))
+    $ret[] = $line;
+  DEBUG($ret);
+  return $ret;
+}
 
 
-function set_systemuser_details($uid, $fullname, $quota)
+function set_account_details($account)
 {
-  $uid = (int) $uid;
+  $uid = (int) $account['uid'];
   $customerno = (int) $_SESSION['customerinfo']['customerno'];
-  $fullname = maybe_null(mysql_real_escape_string(filter_input_general($fullname)));
-  $quota = (int) $quota;
+  $fullname = maybe_null(mysql_real_escape_string(filter_input_general($account['name'])));
+  $shell = mysql_real_escape_string(filter_input_general($account['shell']));
+  $quota = (int) $account['quota'];
 
-  db_query("UPDATE system.useraccounts SET name={$fullname} WHERE kunde={$customerno} AND uid={$uid} LIMIT 1");
-  logger(LOG_INFO, "modules/systemuser/include/useraccounts", "systemuser", "updated real name for uid {$uid}");
+  db_query("UPDATE system.useraccounts SET name={$fullname}, quota={$quota}, shell='{$shell}' WHERE kunde={$customerno} AND uid={$uid}");
+  logger(LOG_INFO, "modules/systemuser/include/useraccounts", "systemuser", "updated details for uid {$uid}");
 
 }
 
+function get_customer_quota()
+{
+  $cid = (int) $_SESSION['customerinfo']['customerno'];
+  $result = db_query("SELECT SUM(u.quota) AS assigned, cq.quota AS max FROM system.customerquota AS cq INNER JOIN system.useraccounts AS u ON (u.kunde=cq.cid) WHERE cq.cid={$cid}");
+  $ret = mysql_fetch_assoc($result);
+  DEBUG($ret);
+  return $ret;
+}
+
 
 ?>

modules/systemuser/pwchange.php

Zeige Datei @ 92f133e

...	...	@@ -0,0 +1,37 @@
	1	+<?php
	2	+
	3	+require_once('inc/base.php');
	4	+
	5	+require_once('useraccounts.php');
	6	+
	7	+require_role(ROLE_CUSTOMER);
	8	+
	9	+
	10	+$title = "Passwort neu setzen";
	11	+$section = "systemuser_accounts";
	12	+
	13	+$account = get_account_details($_GET['uid']);
	14	+
	15	+
	16	+output("<h3>Rücksetzen des Passworts für Benutzer »{$account['username']}«</h3>");
	17	+
	18	+if (customer_useraccount($account['uid']))
	19	+ system_failure('Zum Ändern des Passwortes für den Hauptbenutzer verwenden Sie bitte die entsprechende Funktion im Hauptmenü!');
	20	+
	21	+output(html_form('systemuser_pwchange', 'save', 'action=pwchange&uid='.$account['uid'], '
	22	+
	23	+<h5>Neues Passwort</h5>
	24	+<div style="margin-left: 2em;">
	25	+ <p>Geben Sie bitte Ihr neues Passwort zweimal ein. Bitte verzichten Sie auf Anführungszeichen!</p>
	26	+ <p><label for="newpass1">Neues Passwort für »<strong>'.$account['username'].'</strong>«:</label> <input type="password" name="newpass1" id="newpass1" /></p>
	27	+ <p><label for="newpass2">Wiederholung des Passworts:</label> <input type="password" name="newpass2" id="newpass2" /></p>
	28	+</div>
	29	+
	30	+<p>
	31	+<input type="submit" name="submit" value="Speichern" />
	32	+</p>
	33	+'));
	34	+
	35	+
	36	+
	37	+?>

modules/systemuser/save.php

Zeige Datei @ 92f133e

@@ -30,33 +30,54 @@ if ($_GET['action'] == 'new')
   }
   */
 }
-elseif ($_GET['action'] == 'edit')
+elseif ($_GET['action'] == 'pwchange')
 {
   $error = false;
-  check_form_token('systemuser_edit');
-  if (customer_useraccount($_POST['uid']))
-    system_failure('Aus Sicherheitsgründen können Sie diesen Account nicht ändern!');
+  check_form_token('systemuser_pwchange');
+  if (customer_useraccount($_REQUEST['uid']))
+    system_failure('Zum Ändern dieses Passworts verwenden Sie bitte die Funktion im Hauptmenü!');
 
-  if ($_POST['newpass'] != '')
-  {
   //if (! strong_password($_POST['newpass']))
   //  input_error('Das Passwort ist zu einfach');
   //else
-    if ($_POST['newpass2'] == '' ||
-        $_POST['newpass'] != $_POST['newpass2'])
+  if ($_POST['newpass1'] == '' ||
+      $_POST['newpass1'] != $_POST['newpass2'])
   {
     input_error('Bitte zweimal ein neues Passwort eingeben!');
     $error = true;
   }
   else
   {
-      $user = get_account_details($_POST['uid']);
+    $user = get_account_details($_REQUEST['uid']);
     # set_systemuser_password kommt aus den Session-Funktionen!
-      set_systemuser_password($user['uid'], $_POST['newpass']);
+    set_systemuser_password($user['uid'], $_POST['newpass1']);
   }
+  if (! ($debugmode || $error))
+    header('Location: accounts');
 }
+elseif ($_GET['action'] == 'edit')
+{
+  check_form_token('systemuser_edit');
+  $account = get_account_details($_REQUEST['uid']);
+
+  $customerquota = get_customer_quota();
+  $maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
+ 
+  $quota = (int) $_POST['quota'];
+  if ($quota > $maxquota) 
+    system_failure("Sie können diesem Account maximal {$maxquota} MB Speicherplatz zuweisen.");
+  $account['quota'] = $quota;
+
+  if ($_POST['defaultname'] == 1)
+    $account['name'] = NULL;
+  else
+    $account['name'] = filter_input_general($_POST['fullname']);
+  
+  $shells = available_shells();
+  if (isset($shells[$_POST['shell']]))
+    $account['shell'] = $_POST['shell'];
 
-  set_systemuser_details($_POST['uid'], $_POST['fullname'], $_POST['quota']);
+  set_account_details($account);
   if (! ($debugmode || $error))
     header('Location: accounts');
   


...	...	@@ -45,6 +45,12 @@ function icon_error($title = '')
45	45	return "<img src=\"{$prefix}images/error.png\" style=\"height: 16px; width: 16px;\" alt=\"{$title}\" title=\"{$title}\" />";
46	46	}
47	47
	48	+function icon_edit($title = '')
	49	+{
	50	+ global $prefix;
	51	+ return "<img src=\"{$prefix}images/edit.png\" style=\"height: 16px; width: 16px;\" alt=\"{$title}\" title=\"{$title}\" />";
	52	+}
	53	+
48	54	function icon_pwchange($title = '')
49	55	{
50	56	global $prefix;

...	...	@@ -1,6 +1,6 @@
1	1	<?php
2		-
3		-require_once('session/start.php');
	2	+require_once('inc/base.php');
	3	+require_once('inc/icons.php');
4	4
5	5	require_once('useraccounts.php');
6	6
...	...	@@ -18,19 +18,37 @@ if (! customer_may_have_useraccounts())
18	18	else
19	19	{
20	20	$accounts = list_useraccounts();
	21	+ $shells = available_shells();
21	22	output("<p>Folgende Benutzeraccounts haben Sie bisher:</p>");
22		- output("<table><tr><th>Benutzername</th><th>Name</th><th>Erstellt am</th><th>Speicherplatz</th></tr>");
	23	+ output("<table><tr><th>Benutzeraccount</th><th>Speicherplatz<sup>*</sup></th><th>Aktionen</th></tr>");
23	24	foreach ($accounts as $acc)
24	25	{
	26	+ $shell = $shells[$acc['shell']];
	27	+ $usedquota = get_used_quota($acc['uid']);
	28	+ $quota = array();
	29	+ foreach ($usedquota as $q)
	30	+ {
	31	+ $percent = round(( $q["used"] / $q["quota"] ) * 100 );
	32	+ $color = ( $percent > 99 ? 'red' : ($percent > 80 ? "yellow" : "green" ));
	33	+ $width = 2 * min($percent, 100);
	34	+ $quota[] = "<p>Server <strong>{$q['server']}</strong><br />{$percent}%: {$q['used']} MB von {$q['quota']} MB belegt.</p>
	35	+ <div style=\"margin: 0; padding: 0; width: 200px; border: 1px solid black;\"><div style=\"font-size: 1px; background-color: {$color}; height: 10px; width: {$width}px; margin: 0; padding: 0;\"> </div></div>";
25	36
26		- output("<tr><td>");
27		- if (customer_useraccount($acc->uid))
28		- output($acc->username);
29		- else
30		- output(internal_link('edit', $acc->username, "uid={$acc->uid}"));
31		- output("</td><td>{$acc->name}</td><td>{$acc->erstellungsdatum}</td><td>{$acc->quota} MB</td></tr>");
32	37	}
33		- output("</table><br />");
	38	+ $realname = $acc['name'] ? $acc['name'] : $_SESSION['customerinfo']['name'];
	39	+ $quotastring = implode('', $quota);
	40	+ output("<tr><td><p><strong>{$acc['username']}</strong> - {$realname}</p><p style=\"color: #555;\">Existiert seit {$acc['erstellungsdatum']}<br />Verwendete Shell: {$shell}</p></td>");
	41	+ output("<td>{$quotastring}</td>");
	42	+ output("<td>".internal_link('edit', other_icon('user_edit.png', 'Bearbeiten'), "uid={$acc['uid']}"));
	43	+
	44	+ if (! customer_useraccount($acc['uid']))
	45	+ {
	46	+ output("   ".internal_link('pwchange', icon_pwchange('Passwort neu setzen'), "uid={$acc['uid']}"));
	47	+ #output("   ".internal_link('deluser', other_icon('user_delete.png', 'Benutzer löschen'), "uid={$acc['uid']}"));
	48	+ }
	49	+ output("</td></tr>\n");
	50	+ }
	51	+ output("</table><p><sup>*</sup>) Die Werte für den verbrauchten Speicherplatz werden periodisch eingelesen und hier erst verspätet angezeigt!</p>");
34	52	}
35	53
36	54

...	...	@@ -32,17 +32,29 @@ function primary_useraccount()
32	32	}
33	33
34	34
	35	+function available_shells()
	36	+{
	37	+ $result = db_query("SELECT path, name FROM system.shells WHERE usable=1");
	38	+ $ret = array();
	39	+ while ($s = mysql_fetch_assoc($result))
	40	+ {
	41	+ $ret[$s['path']] = $s['name'];
	42	+ }
	43	+ DEBUG($ret);
	44	+ return $ret;
	45	+}
	46	+
35	47
36	48	function list_useraccounts()
37	49	{
38	50	$customerno = (int) $_SESSION['customerinfo']['customerno'];
39		- $result = db_query("SELECT uid,username,name,erstellungsdatum,quota FROM system.useraccounts WHERE kunde={$customerno}");
	51	+ $result = db_query("SELECT uid,username,name,erstellungsdatum,quota,shell FROM system.useraccounts WHERE kunde={$customerno}");
40	52	$ret = array();
41		- while ($item = mysql_fetch_object($result))
	53	+ while ($item = mysql_fetch_assoc($result))
42	54	{
43		- DEBUG('Useraccount: '.print_r($item, true));
44	55	array_push($ret, $item);
45	56	}
	57	+ DEBUG($ret);
46	58	return $ret;
47	59	}
48	60
...	...	@@ -51,25 +63,45 @@ function get_account_details($uid)
51	63	{
52	64	$uid = (int) $uid;
53	65	$customerno = (int) $_SESSION['customerinfo']['customerno'];
54		- $result = db_query("SELECT uid,username,name FROM system.useraccounts WHERE kunde={$customerno} AND uid={$uid}");
	66	+ $result = db_query("SELECT uid,username,name,shell,quota FROM system.useraccounts WHERE kunde={$customerno} AND uid={$uid}");
55	67	if (mysql_num_rows($result) == 0)
56	68	system_failure("Cannot find the requestes useraccount (for this customer).");
57		- return mysql_fetch_array($result);
	69	+ return mysql_fetch_assoc($result);
58	70	}
59	71
	72	+function get_used_quota($uid)
	73	+{
	74	+ $uid = (int) $uid;
	75	+ $result = db_query("SELECT s.hostname AS server, used, COALESCE(us.quota, u.quota) AS quota FROM system.usedquota AS uq LEFT JOIN system.useraccounts AS u USING (uid) LEFT JOIN system.servers AS s ON (s.id=uq.server) LEFT JOIN system.user_server AS us ON (us.uid=uq.uid AND us.server=uq.server) WHERE uq.uid='{$uid}'");
	76	+ $ret = array();
	77	+ while ($line = mysql_fetch_assoc($result))
	78	+ $ret[] = $line;
	79	+ DEBUG($ret);
	80	+ return $ret;
	81	+}
60	82
61	83
62		-function set_systemuser_details($uid, $fullname, $quota)
	84	+function set_account_details($account)
63	85	{
64		- $uid = (int) $uid;
	86	+ $uid = (int) $account['uid'];
65	87	$customerno = (int) $_SESSION['customerinfo']['customerno'];
66		- $fullname = maybe_null(mysql_real_escape_string(filter_input_general($fullname)));
67		- $quota = (int) $quota;
	88	+ $fullname = maybe_null(mysql_real_escape_string(filter_input_general($account['name'])));
	89	+ $shell = mysql_real_escape_string(filter_input_general($account['shell']));
	90	+ $quota = (int) $account['quota'];
68	91
69		- db_query("UPDATE system.useraccounts SET name={$fullname} WHERE kunde={$customerno} AND uid={$uid} LIMIT 1");
70		- logger(LOG_INFO, "modules/systemuser/include/useraccounts", "systemuser", "updated real name for uid {$uid}");
	92	+ db_query("UPDATE system.useraccounts SET name={$fullname}, quota={$quota}, shell='{$shell}' WHERE kunde={$customerno} AND uid={$uid}");
	93	+ logger(LOG_INFO, "modules/systemuser/include/useraccounts", "systemuser", "updated details for uid {$uid}");
71	94
72	95	}
73	96
	97	+function get_customer_quota()
	98	+{
	99	+ $cid = (int) $_SESSION['customerinfo']['customerno'];
	100	+ $result = db_query("SELECT SUM(u.quota) AS assigned, cq.quota AS max FROM system.customerquota AS cq INNER JOIN system.useraccounts AS u ON (u.kunde=cq.cid) WHERE cq.cid={$cid}");
	101	+ $ret = mysql_fetch_assoc($result);
	102	+ DEBUG($ret);
	103	+ return $ret;
	104	+}
	105	+
74	106
75	107	?>

...	...	@@ -30,33 +30,54 @@ if ($_GET['action'] == 'new')
30	30	}
31	31	*/
32	32	}
33		-elseif ($_GET['action'] == 'edit')
	33	+elseif ($_GET['action'] == 'pwchange')
34	34	{
35	35	$error = false;
36		- check_form_token('systemuser_edit');
37		- if (customer_useraccount($_POST['uid']))
38		- system_failure('Aus Sicherheitsgründen können Sie diesen Account nicht ändern!');
	36	+ check_form_token('systemuser_pwchange');
	37	+ if (customer_useraccount($_REQUEST['uid']))
	38	+ system_failure('Zum Ändern dieses Passworts verwenden Sie bitte die Funktion im Hauptmenü!');
39	39
40		- if ($_POST['newpass'] != '')
41		- {
42	40	//if (! strong_password($_POST['newpass']))
43	41	// input_error('Das Passwort ist zu einfach');
44	42	//else
45		- if ($_POST['newpass2'] == '' \|\|
46		- $_POST['newpass'] != $_POST['newpass2'])
	43	+ if ($_POST['newpass1'] == '' \|\|
	44	+ $_POST['newpass1'] != $_POST['newpass2'])
47	45	{
48	46	input_error('Bitte zweimal ein neues Passwort eingeben!');
49	47	$error = true;
50	48	}
51	49	else
52	50	{
53		- $user = get_account_details($_POST['uid']);
	51	+ $user = get_account_details($_REQUEST['uid']);
54	52	# set_systemuser_password kommt aus den Session-Funktionen!
55		- set_systemuser_password($user['uid'], $_POST['newpass']);
	53	+ set_systemuser_password($user['uid'], $_POST['newpass1']);
56	54	}
	55	+ if (! ($debugmode \|\| $error))
	56	+ header('Location: accounts');
57	57	}
	58	+elseif ($_GET['action'] == 'edit')
	59	+{
	60	+ check_form_token('systemuser_edit');
	61	+ $account = get_account_details($_REQUEST['uid']);
	62	+
	63	+ $customerquota = get_customer_quota();
	64	+ $maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
	65	+
	66	+ $quota = (int) $_POST['quota'];
	67	+ if ($quota > $maxquota)
	68	+ system_failure("Sie können diesem Account maximal {$maxquota} MB Speicherplatz zuweisen.");
	69	+ $account['quota'] = $quota;
	70	+
	71	+ if ($_POST['defaultname'] == 1)
	72	+ $account['name'] = NULL;
	73	+ else
	74	+ $account['name'] = filter_input_general($_POST['fullname']);
	75	+
	76	+ $shells = available_shells();
	77	+ if (isset($shells[$_POST['shell']]))
	78	+ $account['shell'] = $_POST['shell'];
58	79
59		- set_systemuser_details($_POST['uid'], $_POST['fullname'], $_POST['quota']);
	80	+ set_account_details($account);
60	81	if (! ($debugmode \|\| $error))
61	82	header('Location: accounts');
62	83
63	84

webinterface.git