New Control Panel with ISPConfig as Backend

Discussion in 'Developers' Forum' started by abdi, Oct 12, 2012.

  1. abdi

    abdi New Member

    Hello Forgers,
    Esp: Till

    I am developing a whole new interface that is seemingly integrated with my billing system but using the ISPConfig 3's Remote API as processor of almost every task and sometimes querying the database it self directly where need be.

    In the process of developing this control panel, I have come across a few things I would like to share and help also make clear to me ..I will list almost all of them on this thread with all possible recommendations and bugs if expected ..
  2. abdi

    abdi New Member

    The first of them is:

    I noticed when logged in as an admin, and you try to create an email address for a domain that belongs to a client, in the table: mail_user, the sys_userid assigned to that email address is 1 (which is the admin's). I thought this ID should be for the client him self who anyways owns the email domain.

    However if the client him self creates the email address, then the sys_userid assigned is that of the client him self ..

    I hit this snag when I tried to query for ALL email addresses that belong to a client (identified by sys_userid) and noticed some emails were then left out.

    Till, is that how it's operating or its a bug?

  3. till

    till Super Moderator Staff Member ISPConfig Developer

    The id has to be 1 and not the id of the client. So ispconfig is correct here.

    Thats correct as well. The sys_userid identifies the creator of a record and not the owner permissions. The permissions are hendled trough the groups.
  4. abdi

    abdi New Member

    Thanks Till for that information, its very helpful.

    Again I hit another snag, when I realized that NOT all variables are updated when running:

    mail_user_update() command through API. Below is what I pass to it:

    $params['access'] = 'n';
    $params['disableimap'] = 'y';
    $params['disablepop3'] = 'y';
    $params['disabledeliver'] = 'y';
    $params['disablesmtp'] = 'z';
    $params['disablesieve'] = 'y';
    $params['disablelda'] = 'y';
    $params['disabledoveadm'] = 'y';

    However ONLY the below are updated, the rest stay intact and un-updated:

    $params['access'] = 'n';
    $params['disableimap'] = 'y';
    $params['disablepop3'] = 'y';

    Any ideas what am doing wrong or leaving out? or its like that ...

    BTW: Accordingly to the API manual, its supposed to return the number of affected rows, however it does not ..even though I use the default API example file ..

    Thanks, Joseph
    Last edited: Oct 12, 2012
  5. abdi

    abdi New Member

    Till I noticed a variable $params['postfix']. If its set to "n" (ie mail receiving is disabled) then does it really matter what is set for disablesmtp and disabledeliver ?

    Am thinking as long as postfix is set to "n" then a user wouldnt still be able to send mail through SMTP regardless of the flag set for disablesmtp ..Right?

    My problem is, I want if I disable postfix for that user then he shouldnt be able to send mail also through SMTP ..

    Advice ..Joseph
  6. abdi

    abdi New Member

    Till, when creating a mailbox with the command mail_user_add am expected to provide maildir and homedir. Is there anywhere in the DB where these variables are defined or I have to build them my self before sending them?
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Thus depends on your installation, e.g. If you use courier or dovecot. Take a look at the postfix and dovecot and courier config files if you want to know what sll internal flags are used for.
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    The pats are stored in the ini style server config which can be retrieved with the api as well.
  9. abdi

    abdi New Member

    Which command should I use for that?
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    $client->server_get($session_id, $server_id, $section ='')
  11. abdi

    abdi New Member

    Thanks alot Till.
    Now, I have realized some inconsistencies with database creation (sites_database_add). My understanding is that you can NOT have the same database name on the same server.

    However, the API allows me to create same DB name on the same server_id several times without it complaining. It actually creates it in the database though on the real server it does not ...(I think you need this check in API)
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    Please add this as bugreport to the bugtracker. the database creation api is changed in 3.0.5 anyway as database users and databases are separated in this release to allow one user to access multiple databases.
  13. abdi

    abdi New Member

    Till, more challenges:
    Much as I pass all these variables as seen below:

    $params = array(
    'server_id' => $_SESSION['db_server_id'],
    'type' => "$type",
    'database_name' => "$newdb_name",
    'database_user' => "$newdb_user",
    'database_password' => "$database_password",
    'database_charset' => "$database_charset",
    'remote_access' => "$remote_access",
    'remote_ips' => "$remote_ips",
    'active' => "$active");

    ONLY the database is created, but not the database user. I don't see any commands for creating database users, I just thought they would be created in the above but aint working ...Please advice what am doing wrong or what I missed out.

    Thanks, Joseph
  14. till

    till Super Moderator Staff Member ISPConfig Developer

    The functions are not implemented yet as its a alpha version, they get implemented for the 3.0.5 final. The current api functions for the database creation are for
  15. abdi

    abdi New Member

    Alright, so with the current set-up is there away I can create db users without necessary using the admin interface ...?

    If the above is not possible, do you mind pointing me to the API database creation file I see if I can add to it that feature or function.. as I wait for 3.0.5
  16. till

    till Super Moderator Staff Member ISPConfig Developer


    All remote api functions are in the same file. The file is /usr/local/ispconfig/interface/lib/classes/
  17. abdi

    abdi New Member

    Thanks Till for your help and advice. do much appreciate it. I have looked at /usr/local/ispconfig/interface/lib/classes/ and boy its too complicated, I cant understand anything :)

    I will just wait for 3.0.5 (any hopes when it will be out?)
  18. abdi

    abdi New Member

    MySQL Users with API

    I have managed to work around that mysql user problem ...How?

    I first created the user on the database server with mysql_query("GRANT ALL ON ".$newdb_name.".* to ".$newdb_user." identified by '".$database_password."'"

    Then secondly, I saved the record above in `web_database_user` (for `sys_perm_user` and `sys_perm_group` am using riud though I dont know what it means..)

    Then thirdly I use the API to create the database and then using the return ID from API I use it to update the database table with database_user_id from 2 above.

    ALL is fine and working perfectly...HOWEVER

    1. Your database_password ( in web_database_user) is encrypted and is the mysql password. I want users to be able to AUTO login to there database just like plesk by clicking the DB Icon (ofcourse I just have to pass to phpmyadmin username, password and the host) but passing an encrypted password does not work ..I need the row password ..

    Did you have plans in future for auto-login? What is the approach you plan to use given you are storing encrypted password?
  19. till

    till Super Moderator Staff Member ISPConfig Developer

    This will not work for a multiserver system as your changes are no valid configuration transaction.

    Passwords are always stored encrypted, storing them in plaintext would be a big security risk as users tend to use the same password for many things.

Share This Page