From df8226840576f526b198ab029a97ea5b25c35608 Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 22 Jun 2012 15:12:59 +1000 Subject: [PATCH] Fix abstract passwords in host/domain manage planel logins --- .../classes/model/service/plugin/adsl.php | 10 +++++- .../domain/classes/model/domain/registrar.php | 4 +-- .../classes/model/service/plugin/domain.php | 16 ++++++++-- modules/domain/classes/service/domain.php | 2 +- modules/domain/classes/service/domain/tpp.php | 13 ++++---- modules/host/classes/model/host/server.php | 4 +-- .../classes/model/service/plugin/host.php | 27 +++++++--------- modules/host/classes/service/host.php | 4 ++- modules/host/classes/service/host/plesk.php | 13 ++++---- .../classes/controller/user/service.php | 5 +-- modules/service/classes/model/service.php | 6 ++-- .../service/classes/model/service/plugin.php | 31 +++++++++++++++++++ 12 files changed, 93 insertions(+), 42 deletions(-) diff --git a/modules/adsl/classes/model/service/plugin/adsl.php b/modules/adsl/classes/model/service/plugin/adsl.php index a892a26f..5a6f6881 100644 --- a/modules/adsl/classes/model/service/plugin/adsl.php +++ b/modules/adsl/classes/model/service/plugin/adsl.php @@ -52,6 +52,14 @@ class Model_Service_Plugin_ADSL extends Model_Service_Plugin { ->set('so',$this); } + public function username_value() { + return $this->service_username; + } + + public function password_value() { + return $this->service_password; + } + /** * Return the IP Address for the service */ @@ -307,7 +315,7 @@ class Model_Service_Plugin_ADSL extends Model_Service_Plugin { $traffic_type = $this->get_traffic_data_daily($period,TRUE); // @todo If no data comes in, then this can be stuck reporting traffic for an old date. $day = count($traffic_type) ? max(array_keys($traffic_type)) : 1; - $lastday = date('d',strtotime('last day of',$period)); + $lastday = date('d',strtotime('last day of',$period)); foreach ($traffic as $k => $v) { // If we are the last day of the period diff --git a/modules/domain/classes/model/domain/registrar.php b/modules/domain/classes/model/domain/registrar.php index 1e74acfb..942b3f59 100644 --- a/modules/domain/classes/model/domain/registrar.php +++ b/modules/domain/classes/model/domain/registrar.php @@ -14,14 +14,14 @@ class Model_Domain_Registrar extends ORMOSB { /** * The button that provides a login to the Registrar to manage the domain license */ - public function manage_button($u,$p,$d) { + public function manage_button(Model_Service_Plugin_Domain $spdo,$t) { $c = sprintf('Service_Domain_%s',$this->file); if (! class_exists($c)) return ''; $po = new $c($this->id); - return $po->manage_button($u,$p,$d); + return $po->manage_button($spdo,$t); } } ?> diff --git a/modules/domain/classes/model/service/plugin/domain.php b/modules/domain/classes/model/service/plugin/domain.php index 47865410..57d2a03e 100644 --- a/modules/domain/classes/model/service/plugin/domain.php +++ b/modules/domain/classes/model/service/plugin/domain.php @@ -57,16 +57,26 @@ class Model_Service_Plugin_Domain extends Model_Service_Plugin { ->set('so',$this); } + public function username_value() { + return $this->registrar_username; + } + + public function password_value() { + return $this->registrar_password; + } + /** * This provides us with a manage button to jump to the registrar * to manage the domain. */ - public function manage_button() { - return ($this->registrar_username AND $this->registrar_password) ? $this->domain_registrar->manage_button($this->registrar_username,$this->registrar_password,$this->name()) : _('Please contact us'); + public function manage_button($t='') { + parent::manage_button($t); + + return ($this->username_value() AND $this->password_value()) ? $this->domain_registrar->manage_button($this,$t) : _('Please contact us'); } public function manage_dns_button() { - return $this->service_plugin_host->manage_button(); + return $this->service_plugin_host->manage_button('service_plugin_host'); } } ?> diff --git a/modules/domain/classes/service/domain.php b/modules/domain/classes/service/domain.php index bfed5f86..e9248145 100644 --- a/modules/domain/classes/service/domain.php +++ b/modules/domain/classes/service/domain.php @@ -37,7 +37,7 @@ abstract class Service_Domain { /** * Our HTML button that will enable us to manage this domain. */ - abstract public function manage_button($u,$p,$d); + abstract public function manage_button(Model_Service_Plugin_Domain $spdo,$t); /** * Return an instance of this class diff --git a/modules/domain/classes/service/domain/tpp.php b/modules/domain/classes/service/domain/tpp.php index e264f757..96a723cb 100644 --- a/modules/domain/classes/service/domain/tpp.php +++ b/modules/domain/classes/service/domain/tpp.php @@ -16,17 +16,18 @@ class Service_Domain_TPP extends Service_Domain { private $login_pass_field = 'password'; // Our required abstract classes - public function manage_button($u,$p,$d) { + public function manage_button(Model_Service_Plugin_Domain $spdo,$t) { + $debug = FALSE; $output = ''; $output .= Form::open( - sprintf('%s/%s',$this->so->whitelabel_url,'execute/logon'), - array('target'=>'tpp','method'=>'post') + $debug ? 'debug/site' : sprintf('%s/%s',$this->so->whitelabel_url,'execute/logon'), + array('target'=>'tpp','method'=>'post','id'=>sprintf('id_%s_%s',$spdo->service_id,$t)) ); - $output .= Form::input($this->login_user_field,$u,array('type'=>'hidden')); - $output .= Form::input($this->login_pass_field,$p,array('type'=>'hidden')); - $output .= Form::button('submit',_('Manage'),array('class'=>'form_button')); + $output .= Form::input($this->login_user_field,$spdo->username_value(),array('type'=>'hidden','id'=>sprintf('u_%s_%s',$spdo->service_id,$t))); + $output .= Form::input($this->login_pass_field,substr(md5($spdo->password_value()),0,8),array('type'=>'hidden','id'=>sprintf('p_%s_%s',$spdo->service_id,$t))); $output .= Form::close(); + $output .= Form::button('submit',_('Manage'),array('class'=>'form_button','value'=>sprintf('%s:%s',$spdo->service_id,$t))); return $output; } diff --git a/modules/host/classes/model/host/server.php b/modules/host/classes/model/host/server.php index 146abe8c..45f6b753 100644 --- a/modules/host/classes/model/host/server.php +++ b/modules/host/classes/model/host/server.php @@ -14,14 +14,14 @@ class Model_Host_Server extends ORMOSB { // Host Server doesnt use the update column protected $_updated_column = FALSE; - public function manage_button($u,$p,$d) { + public function manage_button(Model_Service_Plugin_Host $spho,$t) { $c = sprintf('Service_Host_%s',$this->provision_plugin); if (! class_exists($c)) return ''; $po = new $c($this->id); - return $po->manage_button($u,$p,$d); + return $po->manage_button($spho,$t); } public function prov_plugin_data() { diff --git a/modules/host/classes/model/service/plugin/host.php b/modules/host/classes/model/service/plugin/host.php index ca3ca9e6..b1c0f3a0 100644 --- a/modules/host/classes/model/service/plugin/host.php +++ b/modules/host/classes/model/service/plugin/host.php @@ -58,31 +58,26 @@ class Model_Service_Plugin_Host extends Model_Service_Plugin { ->set('so',$this); } + public function username_value() { + return $this->host_username; + } + + public function password_value() { + return $this->host_password; + } + /** * This provides us with a manage button to jump to the hosting server * to manage the domain. */ - public function manage_button() { - $k = Random::char(); - Session::instance()->set('manage_button',$k); - - Script::add(array('type'=>'stdin','data'=>' - $(document).ready(function() { - var x=0; - $("button[name=submit]").click(function() { - if (x++) { alert("Please refresh the page"); return false; } - $.getJSON("'.URL::site('user/service/ajaxmanage/'.$this->service_id).'", { k: "'.$k.'" }, function(data) { - $.each(data, function(key, val) { $("#"+key).val(val); }); - }).error(function() { alert("There was a problem with the request"); return false; }).success(function() { $("#manage").submit(); }); - }); - });' - )); + public function manage_button($t='') { + parent::manage_button($t); // @todo Convert this to a Static_List display if ($this->service->queue == 'PROVISION') return _('To Be Provisioned'); - return ($this->host_username AND $this->host_password) ? $this->host_server->manage_button($this->host_username,substr(md5($this->host_password),0,8),$this->name()) : ''; + return ($this->username_value() AND $this->password_value()) ? $this->host_server->manage_button($this,$t) : _('Please contact us'); } } ?> diff --git a/modules/host/classes/service/host.php b/modules/host/classes/service/host.php index 435261f0..0de19f16 100644 --- a/modules/host/classes/service/host.php +++ b/modules/host/classes/service/host.php @@ -36,8 +36,10 @@ abstract class Service_Host { /** * Our HTML button that will enable us to manage this domain. + * + * @param so Our Service Object */ - abstract public function manage_button($u,$p,$d); + abstract public function manage_button(Model_Service_Plugin_Host $spho,$t); /** * Return an instance of this class diff --git a/modules/host/classes/service/host/plesk.php b/modules/host/classes/service/host/plesk.php index 21f4bb65..74fa5a36 100644 --- a/modules/host/classes/service/host/plesk.php +++ b/modules/host/classes/service/host/plesk.php @@ -16,17 +16,18 @@ class Service_Host_Plesk extends Service_Host { private $login_pass_field = 'passwd'; // Our required abstract classes - public function manage_button($u,$p,$d) { + public function manage_button(Model_Service_Plugin_Host $spho,$t) { + $debug = FALSE; $output = ''; $output .= Form::open( - sprintf('%s/%s',$this->so->manage_url,'login_up.php3'), - array('target'=>'w24','method'=>'post','id'=>'manage') + $debug ? 'debug/site' : sprintf('%s/%s',$this->so->manage_url,'login_up.php3'), + array('target'=>'w24','method'=>'post','id'=>sprintf('id_%s_%s',$spho->service_id,$t)) ); - $output .= Form::input($this->login_user_field,$u,array('type'=>'hidden','id'=>'u')); - $output .= Form::input($this->login_pass_field,$p,array('type'=>'hidden','id'=>'p')); + $output .= Form::input($this->login_user_field,$spho->username_value(),array('type'=>'hidden','id'=>sprintf('u_%s_%s',$spho->service_id,$t))); + $output .= Form::input($this->login_pass_field,substr(md5($spho->password_value()),0,8),array('type'=>'hidden','id'=>sprintf('p_%s_%s',$spho->service_id,$t))); $output .= Form::close(); - $output .= Form::button('submit',_('Manage'),array('class'=>'form_button')); + $output .= Form::button('submit',_('Manage'),array('class'=>'form_button','value'=>sprintf('%s:%s',$spho->service_id,$t))); return $output; } diff --git a/modules/service/classes/controller/user/service.php b/modules/service/classes/controller/user/service.php index cd129bc7..1d03184a 100644 --- a/modules/service/classes/controller/user/service.php +++ b/modules/service/classes/controller/user/service.php @@ -22,10 +22,11 @@ class Controller_User_Service extends Controller_TemplateDefault_User { $so = ORM::factory('service',$this->request->param('id')); $k = Session::instance()->get_once('manage_button'); + $amo = $so->plugin(isset($_REQUEST['t']) ? $_REQUEST['t'] : ''); $o = array( - 'u'=>$so->plugin()->host_username ? $so->plugin()->host_username : strtolower($so->plugin()->name()), - 'p'=>(! $k OR ! $this->request->is_ajax() OR ! $so->loaded() OR ! isset($_REQUEST['k']) OR $k != $_REQUEST['k']) ? Random::char() : $so->plugin()->host_password, + 'u'=>$amo->username_value() ? $amo->username_value() : strtolower($amo->name()), + 'p'=>(! $k OR ! $this->request->is_ajax() OR ! $so->loaded() OR ! isset($_REQUEST['k']) OR $k != $_REQUEST['k']) ? Random::char() : $amo->password_value(), ); $this->response->headers('Content-Type','application/json'); diff --git a/modules/service/classes/model/service.php b/modules/service/classes/model/service.php index b78ab4f3..40954828 100644 --- a/modules/service/classes/model/service.php +++ b/modules/service/classes/model/service.php @@ -49,14 +49,16 @@ class Model_Service extends ORMOSB { /** * Return the object of the product plugin */ - public function plugin() { + public function plugin($type='') { if (! $this->product->prod_plugin_file) return NULL; if (! is_numeric($this->product->prod_plugin_data)) throw new Kohana_Exception('Missing plugin_id for :product (:type)',array(':product'=>$this->product->id,':type'=>$this->product->prod_plugin_file)); - return ORM::factory(sprintf('service_plugin_%s',$this->product->prod_plugin_file),array('service_id'=>$this->id)); + $o = ORM::factory(sprintf('service_plugin_%s',$this->product->prod_plugin_file),array('service_id'=>$this->id)); + + return $type ? $o->$type : $o; } /** diff --git a/modules/service/classes/model/service/plugin.php b/modules/service/classes/model/service/plugin.php index b48c1bf5..000ab6f9 100644 --- a/modules/service/classes/model/service/plugin.php +++ b/modules/service/classes/model/service/plugin.php @@ -36,6 +36,37 @@ abstract class Model_Service_Plugin extends ORMOSB { */ abstract public function service_view(); + /** + * The table attributes that provide username/password values + */ + abstract public function username_value(); + abstract public function password_value(); + + public function manage_button() { + static $k = ''; + + // If $k is already set, we've rendered this JS + if ($k) + return; + + $k = Random::char(); + Session::instance()->set('manage_button',$k); + + Script::add(array('type'=>'stdin','data'=>' + $(document).ready(function() { + var x=0; + $("button[name=submit]").click(function() { + var t=$(this).val().split(":"); + if (x++) { alert("Please refresh the page"); return false; } + $.getJSON("'.URL::site('user/service/ajaxmanage/'.$this->service_id).'", { k: "'.$k.'",t: t[1] }, function(data) { + $.each(data, function(key, val) { $("#"+key+"_"+t[0]+"_"+t[1]).val(val); }); + }).error(function() { alert("There was a problem with the request"); return false; }).success( +function() { $("form[id=id_"+t[0]+"_"+t[1]+"]").submit(); }); + }); + });' + )); + } + /** * Get specific service details for use in other modules * For Example: Invoice