You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
249 lines
6.4 KiB
249 lines
6.4 KiB
<?php
|
|
use function Hestiacp\quoteshellarg\quoteshellarg;
|
|
|
|
ob_start();
|
|
$TAB = "DB";
|
|
|
|
// Main include
|
|
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
|
|
|
|
// Check POST request
|
|
if (!empty($_POST["ok"])) {
|
|
// Check token
|
|
verify_csrf($_POST);
|
|
|
|
// Check empty fields
|
|
if (empty($_POST["v_database"])) {
|
|
$errors[] = _("Database");
|
|
}
|
|
if (empty($_POST["v_dbuser"])) {
|
|
$errors[] = _("Username");
|
|
}
|
|
if (empty($_POST["v_password"])) {
|
|
$errors[] = _("Password");
|
|
}
|
|
if (empty($_POST["v_type"])) {
|
|
$errors[] = _("Type");
|
|
}
|
|
if (empty($_POST["v_host"])) {
|
|
$errors[] = _("Host");
|
|
}
|
|
if (empty($_POST["v_charset"])) {
|
|
$errors[] = _("Charset");
|
|
}
|
|
if (!empty($errors[0])) {
|
|
foreach ($errors as $i => $error) {
|
|
if ($i == 0) {
|
|
$error_msg = $error;
|
|
} else {
|
|
$error_msg = $error_msg . ", " . $error;
|
|
}
|
|
}
|
|
$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
|
|
}
|
|
|
|
// Validate email
|
|
if (!empty($_POST["v_db_email"]) && empty($_SESSION["error_msg"])) {
|
|
if (!filter_var($_POST["v_db_email"], FILTER_VALIDATE_EMAIL)) {
|
|
$_SESSION["error_msg"] = _("Please enter a valid email address.");
|
|
}
|
|
}
|
|
|
|
// Check password length
|
|
if (empty($_SESSION["error_msg"])) {
|
|
if (!validate_password($_POST["v_password"])) {
|
|
$_SESSION["error_msg"] = _("Password does not match the minimum requirements.");
|
|
}
|
|
}
|
|
|
|
// Protect input
|
|
$v_database = quoteshellarg($_POST["v_database"]);
|
|
$v_dbuser = quoteshellarg($_POST["v_dbuser"]);
|
|
$v_type = $_POST["v_type"];
|
|
$v_charset = $_POST["v_charset"];
|
|
$v_host = $_POST["v_host"];
|
|
$v_db_email = $_POST["v_db_email"];
|
|
|
|
// Add database
|
|
if (empty($_SESSION["error_msg"])) {
|
|
$v_type = quoteshellarg($_POST["v_type"]);
|
|
$v_charset = quoteshellarg($_POST["v_charset"]);
|
|
$v_host = quoteshellarg($_POST["v_host"]);
|
|
$v_password = tempnam("/tmp", "vst");
|
|
$fp = fopen($v_password, "w");
|
|
fwrite($fp, $_POST["v_password"] . "\n");
|
|
fclose($fp);
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-database " .
|
|
$user .
|
|
" " .
|
|
$v_database .
|
|
" " .
|
|
$v_dbuser .
|
|
" " .
|
|
$v_password .
|
|
" " .
|
|
$v_type .
|
|
" " .
|
|
$v_host .
|
|
" " .
|
|
$v_charset,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
unlink($v_password);
|
|
$v_password = quoteshellarg($_POST["v_password"]);
|
|
$v_type = $_POST["v_type"];
|
|
$v_host = $_POST["v_host"];
|
|
$v_charset = $_POST["v_charset"];
|
|
}
|
|
|
|
// Get database manager url
|
|
if (empty($_SESSION["error_msg"])) {
|
|
[$http_host, $port] = explode(":", $_SERVER["HTTP_HOST"] . ":");
|
|
if ($_POST["v_host"] != "localhost") {
|
|
$http_host = $_POST["v_host"];
|
|
}
|
|
if ($_POST["v_type"] == "mysql") {
|
|
$db_admin = "phpMyAdmin";
|
|
}
|
|
if ($_POST["v_type"] == "mysql") {
|
|
$db_admin_link = "https://" . $http_host . "/phpmyadmin/";
|
|
}
|
|
if ($_POST["v_type"] == "mysql" && !empty($_SESSION["DB_PMA_ALIAS"])) {
|
|
$db_admin_link = "https://" . $http_host . "/" . $_SESSION["DB_PMA_ALIAS"];
|
|
}
|
|
if ($_POST["v_type"] == "pgsql") {
|
|
$db_admin = "phpPgAdmin";
|
|
}
|
|
if ($_POST["v_type"] == "pgsql") {
|
|
$db_admin_link = "https://" . $http_host . "/phppgadmin/";
|
|
}
|
|
if ($_POST["v_type"] == "pgsql" && !empty($_SESSION["DB_PGA_ALIAS"])) {
|
|
$db_admin_link = "https://" . $http_host . "/" . $_SESSION["DB_PGA_ALIAS"];
|
|
}
|
|
}
|
|
|
|
// Email login credentials
|
|
if (!empty($v_db_email) && empty($_SESSION["error_msg"])) {
|
|
$to = $v_db_email;
|
|
$template = get_email_template("database_credentials", $_SESSION["language"]);
|
|
if (!empty($template)) {
|
|
preg_match("/<subject>(.*?)<\/subject>/si", $template, $matches);
|
|
$subject = $matches[1];
|
|
$subject = str_replace(
|
|
["{{hostname}}", "{{appname}}", "{{dabase}}", "{{dbuser}}"],
|
|
[
|
|
get_hostname(),
|
|
$_SESSION["APP_NAME"],
|
|
$user_plain . "_" . $_POST["v_database"],
|
|
$user_plain . "_" . $_POST["v_dbuser"],
|
|
],
|
|
$subject,
|
|
);
|
|
$template = str_replace($matches[0], "", $template);
|
|
} else {
|
|
$template = _(
|
|
"Database has been created.\n" .
|
|
"\n" .
|
|
"Database: {{database}}\n" .
|
|
"Username: {{username}}\n" .
|
|
"Password: {{password}}\n" .
|
|
"SQL Manager: {{dbadmin}}\n" .
|
|
"\n" .
|
|
"Best regards,\n" .
|
|
"\n" .
|
|
"--\n" .
|
|
"{{appname}}",
|
|
);
|
|
}
|
|
if (empty($subject)) {
|
|
$subject = str_replace(
|
|
["{{subject}}", "{{hostname}}", "{{appname}}"],
|
|
[
|
|
sprintf(
|
|
_("Database Credentials: %s"),
|
|
$user_plain . "_" . $_POST["v_database"],
|
|
),
|
|
get_hostname(),
|
|
$_SESSION["APP_NAME"],
|
|
],
|
|
$_SESSION["SUBJECT_EMAIL"],
|
|
);
|
|
}
|
|
|
|
$hostname = get_hostname();
|
|
$from = !empty($_SESSION["FROM_EMAIL"]) ? $_SESSION["FROM_EMAIL"] : "noreply@" . $hostname;
|
|
$from_name = !empty($_SESSION["FROM_NAME"])
|
|
? $_SESSION["FROM_NAME"]
|
|
: $_SESSION["APP_NAME"];
|
|
|
|
$mailtext = translate_email($template, [
|
|
"database" => htmlentities($user_plain . "_" . $_POST["v_database"]),
|
|
"username" => htmlentities($user_plain . "_" . $_POST["v_dbuser"]),
|
|
"password" => htmlentities($_POST["v_password"]),
|
|
"dbadmin" => $db_admin_link,
|
|
"appname" => $_SESSION["APP_NAME"],
|
|
]);
|
|
|
|
send_email($to, $subject, $mailtext, $from, $from_name);
|
|
}
|
|
|
|
// Flush field values on success
|
|
if (empty($_SESSION["error_msg"])) {
|
|
$_SESSION["ok_msg"] = htmlify_trans(
|
|
sprintf(
|
|
_("Database {%s} has been created successfully. / {Open %s}"),
|
|
htmlentities($user_plain) . "_" . htmlentities($_POST["v_database"]),
|
|
htmlentities($user_plain) . "_" . htmlentities($_POST["v_database"]),
|
|
),
|
|
"</a>",
|
|
'<a href="/edit/db/?database=' .
|
|
htmlentities($user_plain) .
|
|
"_" .
|
|
htmlentities($_POST["v_database"]) .
|
|
'">',
|
|
'<a href="' . $db_admin_link . '" target="_blank">',
|
|
);
|
|
unset($v_database);
|
|
unset($v_dbuser);
|
|
unset($v_password);
|
|
unset($v_type);
|
|
unset($v_charset);
|
|
}
|
|
}
|
|
|
|
// Get user email
|
|
$v_db_email = "";
|
|
if (empty($v_database)) {
|
|
$v_database = "";
|
|
}
|
|
if (empty($v_dbuser)) {
|
|
$v_dbuser = "";
|
|
}
|
|
|
|
// List avaiable database types
|
|
$db_types = explode(",", $_SESSION["DB_SYSTEM"]);
|
|
|
|
// List available database servers
|
|
exec(HESTIA_CMD . "v-list-database-hosts json", $output, $return_var);
|
|
$db_hosts_tmp1 = json_decode(implode("", $output), true);
|
|
$db_hosts_tmp2 = array_map(function ($host) {
|
|
return $host["HOST"];
|
|
}, $db_hosts_tmp1);
|
|
$db_hosts = array_values(array_unique($db_hosts_tmp2));
|
|
unset($output);
|
|
unset($db_hosts_tmp1);
|
|
unset($db_hosts_tmp2);
|
|
|
|
$accept = $_GET["accept"] ?? "";
|
|
|
|
render_page($user, $TAB, "add_db");
|
|
|
|
// Flush session messages
|
|
unset($_SESSION["error_msg"]);
|
|
unset($_SESSION["ok_msg"]);
|