diff --git a/install/dist/conf/ubuntu1804.conf.php b/install/dist/conf/ubuntu1804.conf.php
new file mode 100644
index 0000000000000000000000000000000000000000..15cdb1c5ebbb74c45ab1f1df2f1c5caf8a008464
--- /dev/null
+++ b/install/dist/conf/ubuntu1804.conf.php
@@ -0,0 +1,230 @@
+
\ No newline at end of file
diff --git a/interface/lib/classes/custom_datasource.inc.php b/interface/lib/classes/custom_datasource.inc.php
index 9a0934f6904085de2635726f928475f552e582a4..cb4426a2e183a0ff2963e4b074b45028347641f3 100644
--- a/interface/lib/classes/custom_datasource.inc.php
+++ b/interface/lib/classes/custom_datasource.inc.php
@@ -47,6 +47,7 @@ class custom_datasource {
if($_SESSION["s"]["user"]["typ"] == 'user') {
// Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+
$client = $app->db->queryOneRecord("SELECT default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
$sql = "SELECT server_id,server_name FROM server WHERE server_id = ?";
} else {
@@ -167,9 +168,10 @@ class custom_datasource {
$sql = "SELECT $server_type as server_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?";
$client = $app->db->queryOneRecord($sql, $client_group_id);
if($client['server_id'] > 0) {
- //* Select the default server for the client
- $sql = "SELECT server_id,server_name FROM server WHERE server_id = ?";
- $records = $app->db->queryAllRecords($sql, $client['server_id']);
+ //* Select the available servers for the client
+ $clientservers = $client['server_id'];
+ $sql = "SELECT server_id,server_name FROM server WHERE server_id IN ($clientservers) ORDER BY server_name";
+ $records = $app->db->queryAllRecords($sql);
} else {
//* Not able to find the clients defaults, use this as fallback and add a warning message to the log
$app->log('Unable to find default server for client in custom_datasource.inc.php', 1);
@@ -182,7 +184,7 @@ class custom_datasource {
$records = $app->db->queryAllRecords($sql, $field);
}
-
+
$records_new = array();
if(is_array($records)) {
foreach($records as $rec) {
@@ -197,4 +199,4 @@ class custom_datasource {
}
-?>
+?>
\ No newline at end of file
diff --git a/interface/lib/classes/remote.d/dns.inc.php b/interface/lib/classes/remote.d/dns.inc.php
index a4e9fca013315294ad2275fea3b5bb853ce70498..88175a2c76fe658820a4d5ef9eb8f40aaec08b09 100644
--- a/interface/lib/classes/remote.d/dns.inc.php
+++ b/interface/lib/classes/remote.d/dns.inc.php
@@ -240,7 +240,7 @@ class remoting_dns extends remoting {
return false;
}
- if(!preg_match('/^[a-z0-9][a-z0-9\-]+[a-z0-9](\.[a-z]{2,4})+$/i', $origin)){
+ if(!preg_match('/^([a-z0-9][a-z0-9\-]+[a-z0-9]|[a-z0-9]{2})(\.[a-z]{2,63})+$/i', $origin)){
throw new SoapFault('no_domain_found', 'Invalid domain name.');
return false;
}
diff --git a/interface/web/dns/lib/lang/ar_dns_soa.lng b/interface/web/dns/lib/lang/ar_dns_soa.lng
index 98b79d5861391fcb6f9776ee82feb70af06d5c4e..257275eb9ec7d2162336b246b752466f012e0305 100644
--- a/interface/web/dns/lib/lang/ar_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ar_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/bg_dns_soa.lng b/interface/web/dns/lib/lang/bg_dns_soa.lng
index fa085211962d31977d08e3037d651a89b28423e7..703ba16adcc764421d7cc88cbdfd3cf2d4314c15 100644
--- a/interface/web/dns/lib/lang/bg_dns_soa.lng
+++ b/interface/web/dns/lib/lang/bg_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/ca_dns_soa.lng b/interface/web/dns/lib/lang/ca_dns_soa.lng
index 6ecc2762a33bb66f93d8bf26e4dd1319034c1ac4..14621059e27f476f7416d31491a25df602a2d8ea 100644
--- a/interface/web/dns/lib/lang/ca_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ca_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'La TTL minimum est 60 secondes.';
$wb['xfer_error_regex'] = 'A noter également : Veuillez utiliser une adresse IP.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/dk_dns_soa.lng b/interface/web/dns/lib/lang/dk_dns_soa.lng
index 193dc9f4a254c3842752de2a87fea5b4228a2b8d..f1fb211b88ac3a2769d6c53911d201f591900f3f 100644
--- a/interface/web/dns/lib/lang/dk_dns_soa.lng
+++ b/interface/web/dns/lib/lang/dk_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['minimum_range_error'] = 'Min. Minimum tid er 60 sekunder.';
$wb['ttl_range_error'] = 'Min. TTL tid er 60 sekunder.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'The Zone (SOA) can not be changed. Please contact your administrator to change the zone.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/el_dns_soa.lng b/interface/web/dns/lib/lang/el_dns_soa.lng
index 773d25ab669c44c8df2d700f35bf6ad54eb083b9..2b1aa9c46a700d0a78be6810c31e345e48b68653 100644
--- a/interface/web/dns/lib/lang/el_dns_soa.lng
+++ b/interface/web/dns/lib/lang/el_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/en_dns_soa.lng b/interface/web/dns/lib/lang/en_dns_soa.lng
index af1f3db565e6ea6473e0ccd2224b7591c58d1015..82d6589c7cce8ea80d113fae2fe2334bc502b258 100644
--- a/interface/web/dns/lib/lang/en_dns_soa.lng
+++ b/interface/web/dns/lib/lang/en_dns_soa.lng
@@ -13,7 +13,7 @@ $wb["xfer_txt"] = 'Allow zone transfers to
these IPs (comma separated list
$wb["active_txt"] = 'Active';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb["limit_dns_zone_txt"] = 'The max. number of DNS zones for your account is reached.';
$wb["client_txt"] = 'Client';
$wb["no_zone_perm"] = 'You do not have the permission to add a record to this DNS zone.';
diff --git a/interface/web/dns/lib/lang/fi_dns_soa.lng b/interface/web/dns/lib/lang/fi_dns_soa.lng
index a33b593e916d3c3d4ef4cc89f25e4ca6c34e69d2..6f6427333556c627071a951d5e87570dee761d3a 100755
--- a/interface/web/dns/lib/lang/fi_dns_soa.lng
+++ b/interface/web/dns/lib/lang/fi_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/fr_dns_soa.lng b/interface/web/dns/lib/lang/fr_dns_soa.lng
index c20afd3731ddb68cbe32c6b849d59bd99a63e319..3c6f4b4b1dd3ba3b53c0ebd79fdeef4e9a31eb07 100644
--- a/interface/web/dns/lib/lang/fr_dns_soa.lng
+++ b/interface/web/dns/lib/lang/fr_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'La TTL minimum est 60 secondes.';
$wb['xfer_error_regex'] = 'A noter également : Veuillez utiliser une adresse IP.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/hr_dns_soa.lng b/interface/web/dns/lib/lang/hr_dns_soa.lng
index 5789ace310e24ece23fb75a7e69f410e8bf58d81..3c74f760ce3f61b5c2f2273b730058cfd0ac0185 100644
--- a/interface/web/dns/lib/lang/hr_dns_soa.lng
+++ b/interface/web/dns/lib/lang/hr_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Minimalno TTL vrijeme je 60 sekundi.';
$wb['xfer_error_regex'] = 'Također obavijesti: Koristite IP adresu.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/hu_dns_soa.lng b/interface/web/dns/lib/lang/hu_dns_soa.lng
index 8de33c83a4d94ec1766e9b29ce4125eb6f8c1f8d..8a527d00cb9dfbfcb4742330bae88f21468b5f3c 100644
--- a/interface/web/dns/lib/lang/hu_dns_soa.lng
+++ b/interface/web/dns/lib/lang/hu_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/id_dns_soa.lng b/interface/web/dns/lib/lang/id_dns_soa.lng
index d1eee1c5f83d51961b75fc1d6a4ec540c5820180..37fc44128c6770ffe9390238abd031027ca5f87a 100644
--- a/interface/web/dns/lib/lang/id_dns_soa.lng
+++ b/interface/web/dns/lib/lang/id_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/it_dns_soa.lng b/interface/web/dns/lib/lang/it_dns_soa.lng
index 9fd7a5aa012bd51d4608ea19572730fbac8c1708..f0218ec0a79ad985ccabbec24cdda0d7828224be 100644
--- a/interface/web/dns/lib/lang/it_dns_soa.lng
+++ b/interface/web/dns/lib/lang/it_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time di 60 secondi.';
$wb['xfer_error_regex'] = 'Also notify: Per cortesia utilizzare un indirizzo IP.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/ja_dns_soa.lng b/interface/web/dns/lib/lang/ja_dns_soa.lng
index f03be582f60c0058bea619821d540cde33f2f0e4..e5cdc867363fa5365d14e5b8ac0ed1bdde25ed4d 100644
--- a/interface/web/dns/lib/lang/ja_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ja_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/nl_dns_soa.lng b/interface/web/dns/lib/lang/nl_dns_soa.lng
index 1acf7bd456bf981b8825eb6d37636837d4a1478d..9ea961d84fbee11c0130a6bbe647c59a827deed1 100644
--- a/interface/web/dns/lib/lang/nl_dns_soa.lng
+++ b/interface/web/dns/lib/lang/nl_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/pl_dns_soa.lng b/interface/web/dns/lib/lang/pl_dns_soa.lng
index dc2780f61832f9fc234775188124dd5c0ba1d1f9..622a80cad42803af37173d6efcfd83e785fd49dd 100644
--- a/interface/web/dns/lib/lang/pl_dns_soa.lng
+++ b/interface/web/dns/lib/lang/pl_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['minimum_range_error'] = 'Min. czas minimalny wynosi 60 sekund';
$wb['ttl_range_error'] = 'Min. czas TTL wynosi 60 sekund';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/pt_dns_soa.lng b/interface/web/dns/lib/lang/pt_dns_soa.lng
index dd443444de6be970a600b7a9cd5e7814c934a791..58efd15c68382df15d06e1af50c9d23bd793e9de 100644
--- a/interface/web/dns/lib/lang/pt_dns_soa.lng
+++ b/interface/web/dns/lib/lang/pt_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/ro_dns_soa.lng b/interface/web/dns/lib/lang/ro_dns_soa.lng
index 625281f2682a4eecd15b8b1a8a990974aaf80d40..e88e14fda662658137c206472e72ddbf37ca86a9 100644
--- a/interface/web/dns/lib/lang/ro_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ro_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/se_dns_soa.lng b/interface/web/dns/lib/lang/se_dns_soa.lng
index 944c9c38f38eef45b62cd5a234009d83dbb25f96..0cf511d7e756fb866ce17849dcc25d26ca0080e4 100644
--- a/interface/web/dns/lib/lang/se_dns_soa.lng
+++ b/interface/web/dns/lib/lang/se_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/sk_dns_soa.lng b/interface/web/dns/lib/lang/sk_dns_soa.lng
index 176f001395333dd34342a4cd2316e7e6b16a2e28..143e62750987af5cf5f32fea249e3f942c17532d 100644
--- a/interface/web/dns/lib/lang/sk_dns_soa.lng
+++ b/interface/web/dns/lib/lang/sk_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/lib/lang/tr_dns_soa.lng b/interface/web/dns/lib/lang/tr_dns_soa.lng
index b406e274c53d56227424b7554f2ce8289708ea26..ed3b7b2f5a930a7e09c1812811cabd8834ef4b9b 100644
--- a/interface/web/dns/lib/lang/tr_dns_soa.lng
+++ b/interface/web/dns/lib/lang/tr_dns_soa.lng
@@ -37,7 +37,7 @@ $wb['minimum_range_error'] = 'En kısa en kısa süre 60 saniyedir.';
$wb['ttl_range_error'] = 'En düşük TTL süresi 60 saniyedir.';
$wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry';
$wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)';
-$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delievered in signed format afterwards.';
+$wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'The Zone (SOA) can not be changed. Please contact your administrator to change the zone.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
diff --git a/interface/web/dns/templates/dns_dmarc_edit.htm b/interface/web/dns/templates/dns_dmarc_edit.htm
index 88ec0dcb64d71f64f164c68b51a14351b25514ef..e7b113d11e5f361c67a0559adcbd6b93ac40c294 100644
--- a/interface/web/dns/templates/dns_dmarc_edit.htm
+++ b/interface/web/dns/templates/dns_dmarc_edit.htm
@@ -147,7 +147,7 @@
diff --git a/interface/web/themes/default/assets/stylesheets/ispconfig.css b/interface/web/themes/default/assets/stylesheets/ispconfig.css
index 9e93bf2308f16e6d7481e872d690691cea6c7d2f..23366e919d4644833b876825657cfca076b259ac 100644
--- a/interface/web/themes/default/assets/stylesheets/ispconfig.css
+++ b/interface/web/themes/default/assets/stylesheets/ispconfig.css
@@ -165,6 +165,10 @@ body {
#sidebar header a {
padding: 0; }
+#select_server a {
+ padding:0 10px; }
+
+
.page-header {
margin: 20px 0;
padding: 0; }
diff --git a/remoting_client/cli/README.md b/remoting_client/cli/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..461a0fdbcd97e96ae178b50ffb841b3c63676723
--- /dev/null
+++ b/remoting_client/cli/README.md
@@ -0,0 +1,48 @@
+# ISPConfig CLI
+Command line for ISPConfig remote user REST API using either smart functions or raw methods.
+
+## Getting Started
+This tool can be used and packaged stand alone, without requiring ISPConfig to be installed locally. It is designed to have as few dependencies as possible.
+
+The script has two main modes: smart functions and raw methods.
+
+Raw methods simply wrap your JSON and use the arbitrary method name you've given when calling the API. As such, it works with any method, and makes properly formatted requests with curl. It is a handy tool for custom requests, testing, advanced scripting and integration work. The actual data is provided through a file, stdin or as an argument.
+
+Functions, on the other hand, are combinations of methods and checks that act more like an intelligent tool and does not require the user to understand JSON. The functions are designed based on their method equivalent, but requiring only a single command and automating the rest (login, get ID's, check existing records etc.). This is handy for manual interaction or for scripting. Unlike methods, functions are limited to those methods implemented in the script itself. Functions are named as their method counterparts. The exception are ```login``` and ```logout``` in order to avoid collisions with system commands. They are called log_in and log_out, respectively.
+
+Functions can also be processed as a batch from file or stdin, optimizing performance by using a single session and single bash instance.
+
+> **Note:**
+Consider using ```-q``` for scripting, this will suppress everything but results and errors on the output.
+
+### Example smart function usage:
+ ispconfig-cli -f "dns_a_add example.com. www 192.168.0.2"
+ DNS zone example.com. has id 1.
+ DNS A www exists with id 228, updating...
+ Updated records: 1
+
+### Example raw method usage:
+ ispconfig-cli -m login -j credentials.json
+ {"code":"ok","message":"","response":"dc39619b0ac9694cb85e93d8b3ac8258"}
+
+> **Note:**
+The whole function has to be quoted as one due to how bash manages the command line arguments.
+
+### Config file
+The script uses an optional config file, allowing commands as short as in the examples above.
+
+## Dependencies
+- ```jq``` for working with JSON
+- ```curl``` for talking to the endpoint
+
+On debian-based distributions such as ubuntu, you can ensure these are installed by running
+
+ sudo apt install jq curl
+
+## Installing
+1. Place this script in your path. For example, placing it in your ```~/bin``` folder (and logging out and back in if you just created the folder) works on many distributions.
+2. Make it executable by running ```chmod 755 ispconfig-cli```.
+3. Optionally create a config file in ```/etc/ispconfig-cli.conf``` or ```~/.ispconfig-cli```.
+
+## Details on usage
+Run the script without arguments or with ```-h``` for the full list of functionality and config file creation instructions.
diff --git a/remoting_client/cli/ispconfig-cli b/remoting_client/cli/ispconfig-cli
new file mode 100755
index 0000000000000000000000000000000000000000..e03aa29f3c02e6cde771f7a28c446135e2410041
--- /dev/null
+++ b/remoting_client/cli/ispconfig-cli
@@ -0,0 +1,495 @@
+#!/bin/bash
+
+# Command line for ISPConfig remote user REST API using either smart functions or raw methods.
+# Author: Johan Ehnberg, johan@molnix.com
+
+set -e
+
+### Variables
+
+VERSION=2018-04-24
+PROGNAME=$(basename $0)
+DATESTAMP=`date +%s`
+
+### Common commands
+
+# usage
+usage() {
+ echo "Command line for ISPConfig remote user REST API using either smart functions or raw methods."
+ echo
+ echo "Usage: $PROGNAME -h/-f /-m [options] ..."
+ echo
+ echo "Common options:"
+ echo
+ echo " -a "
+ echo " Config file. Options are read in the following order: system configuration, user configuration, the file specified in this option, other command line options. The last occurrence overrides previous ones."
+ echo
+ echo " -e "
+ echo " API endpoint url such as https://myserver.example.com:8080/remote/json.php ."
+ echo
+ echo " -h"
+ echo " Show this help text."
+ echo
+ echo " -i "
+ echo " Server id (defaults to 1)."
+ echo
+ echo " -k"
+ echo " Do not validate server certificate (for self-signed certificates)."
+ echo
+ echo " -q"
+ echo " Quiet, only outputs results."
+ echo
+ echo " -v"
+ echo " Verbose, outputs all info where available."
+ echo
+ echo "Functions combine several methods to carry out common tasks. Function options:"
+ echo
+ echo " -b "
+ echo " Batch file for processing of functions, one per row. Cannot be used with -m, -f or -t."
+ echo
+ echo " -c "
+ echo " Username of the client whose records are to be accessed, see Client->Clients and Client->Resellers."
+ echo
+ echo " -f \"\""
+ echo " Function to perform. Note the qoutes around the full function command. Cannot be used with -m, -b or -t."
+ echo
+ echo " -p "
+ echo " Password of the remote user as specified in System->Remote Users."
+ echo
+ echo " -t"
+ echo " Read batch for processing of functions from stdin, one per row. Cannot be used with -m, -b or -f."
+ echo
+ echo " -u "
+ echo " Username of the remote user as specified in System->Remote Users."
+ echo
+ echo " Available functions:"
+ echo
+ echo " clients List all clients"
+ echo " dns_as List all A records for a zone"
+ echo " dns_a_add Add or update a DNS A record"
+ echo " dns_a_delete Delete a DNS A record"
+ echo " dns_cnames List all CNAME records for a zone"
+ echo " dns_rr List all records for a zone"
+ echo " dns_zones List all zones"
+ echo " methods List available methods"
+ echo " log_in Create a session (not needed by default)"
+ echo " log_out Log out a session (not needed by default)"
+ echo " servers List all servers"
+ echo
+ echo "Using a method wraps the JSON data to the API call and returns a JSON response. Method options:"
+ echo
+ echo " -d "
+ echo " Read JSON data from command line. Use escapes and quotes! Cannot be used with -j or -s."
+ echo
+ echo " -j "
+ echo " Read JSON data from file. Cannot be used with -d or -s."
+ echo
+ echo " -m "
+ echo " Raw method to use such as dns_a_add. Cannot be used with -f. Requires one of -d, -j or -s."
+ echo
+ echo " -s"
+ echo " Read JSON data from stdin. Cannot be used with -d or -j."
+ echo
+ echo "For details on methods, see:"
+ echo "https://git.ispconfig.org/ispconfig/ispconfig3/tree/master/remoting_client/API-docs"
+ echo
+ echo "Config files are bash files that can contain the following variables:"
+ echo
+ echo "remote_user=myuser # see -u"
+ echo "remote_password=mypassword # see -p"
+ echo "remote_url=https://myserver.example.com:8080/remote/json.php # see -e"
+ echo "client_user=myclient # see -c"
+ echo "server_id=1 # see -i"
+ echo "ssl_validate=off # see -k"
+ echo
+ echo "Example uses:"
+ echo " 1. Log in using the method and escaped JSON on the command line, without config file"
+ echo ' ispconfig-cli -m login -d "{\"username\": \"myuser\",\"password\": \"mypassword\"}" -e https://myserver.example.com:8080/remote/json.php'
+ echo
+ echo " 2. Log in using the function, without config file"
+ echo " ispconfig-cli -f \"log_in\" -u myuser -p mypassword -e https://myserver.example.com:8080/remote/json.php -c myclient"
+ echo
+ echo " 3. Update a DNS A record or update if it already exists, with complete config file"
+ echo " ispconfig-cli -f \"dns_a_add example.com. johnscomputer 192.168.0.99\""
+ echo
+}
+
+# message verbosity message
+message() {
+ if [ $1 -le $VERBOSITY ]; then
+ MESSAGE="${MESSAGE}${2}"
+ fi
+}
+
+# restCall method data
+restCall() {
+ curl $CURLK -sS -X POST -H "Content-Type: application/json" -H "Cache-Control: no-cache" -d "${2}" "${remote_url}?${1}"
+}
+
+# method method
+method() {
+ restCall $1 "$JSONDATA"
+}
+
+### Smart functions
+
+# List all clients
+# clients
+clients() {
+ clientsGet | jq .response
+}
+
+# List all A records for a zone
+# dns_as zone
+dns_as() {
+ dns_rr $1 | jq -r ".[] | select(.type == \"A\") | .name"
+}
+
+# Add or update an A record
+# dns_a_add zone name ip
+dns_a_add() {
+ dns_zone_id $1
+ dns_a_id $1 $2
+ if [[ $dns_a_id =~ ^-?[0-9]+$ ]]; then
+ message 2 "DNS A $2 exists with id $dns_a_id, updating rows: "
+ message 1 "`dnsUpdateAByIdAndIp $dns_a_id $3 | jq -r .response`\n"
+ elif [[ $dns_a_id == "" ]]; then
+ message 2 "DNS A $2 does not exist, created ID: "
+ message 1 "`dnsAddAByZoneAndNameAndIp $dns_zone_id $2 $3 | jq -r .response`\n"
+ fi
+}
+
+# Delete an A record if it exists
+# dns_a_delete zone name
+dns_a_delete() {
+ dns_zone_id $1
+ dns_a_id $1 $2
+ if [[ $dns_a_id =~ ^-?[0-9]+$ ]]; then
+ message 2 "DNS A $2 has id $dns_a_id, deleted rows: "
+ message 1 "`dnsDeleteAById $dns_a_id | jq -r .response`\n"
+ else
+ message 2 "DNS A $2 does not exist, skipping.\n"
+ fi
+}
+
+# List all CNAME records for a zone
+# dns_cnames zone
+dns_cnames() {
+ dns_rr $1 | jq -r ".[] | select(.type == \"CNAME\") | .name"
+}
+
+# List all records for a zone
+# dns_rr zone
+dns_rr() {
+ dns_zone_id $1
+ dnsGetRrByZone $dns_zone_id | jq .response
+}
+
+# List all zones
+# dns_zones
+dns_zones() {
+ dnsGetZones | jq .response
+}
+
+# List all available methods
+# methods
+methods() {
+ methods=`functionsGet | jq .response`
+ if [[ $methods == "false" ]]; then
+ message 1 "Getting methods (Server functions) failed, check permissions?\n"
+ else
+ echo $methods | jq
+ fi
+}
+
+# List all servers
+# server
+servers() {
+ serversGet | jq .response
+}
+
+# Log in
+# log_in remote_user remote_password
+log_in() {
+ log_in=`logInByUserAndPassword $1 $2 | jq -r '.response'`
+ if [[ $log_in == "false" ]]; then
+ message 1 "Login failed!\n"
+ else
+ message 3 "Logged in session_id $log_in as $1.\n"
+ echo "$log_in"
+ fi
+}
+
+# Log out
+# log_out session
+log_out() {
+ if [[ `logOutBySession $1 | jq -r .response` == "true" ]]; then
+ message 3 "Logged out session $1 successfully.\n"
+ else
+ message 1 "Logging out failed!\n"
+ fi
+}
+
+### ID helpers
+# Due to bash limitations, id's should only be set in _id functions below.
+# This is due to nested subshells losing the variables.
+# As such, some helpers may be called several times redundantly when both
+# a child and parent function are also to be available on the CLI.
+
+# Get client id
+# client_id client_user
+client_id() {
+ client_id=`clients | jq -r ".[] | select(.username == \"${1}\") | .client_id"`
+ message 3 "Client $1 has id $client_id.\n"
+}
+
+# Get dns A id
+# dns_a_id zone name
+dns_a_id() {
+ dns_a_id=`dns_rr $1 | jq -r ".[] | select(.name == \"${2}\") | .id"`
+ message 3 "DNS A $2 has id $dns_a_id.\n"
+}
+
+# Get zone id
+# dns_zone_id zone
+dns_zone_id() {
+ dns_zone_id=`dns_zones | jq -r ".[] | select(.origin == \"${1}\") | .id"`
+ message 3 "DNS zone $1 has id $dns_zone_id.\n"
+}
+
+### Methods
+# Get clients
+clientsGet() {
+ restCall client_get "{\"session_id\": \"${session_id}\",\"client_id\":{}}"
+}
+
+# Add A by zone and name and IP
+dnsAddAByZoneAndNameAndIp() {
+ restCall dns_a_add "{\"session_id\": \"${session_id}\",\"client_id\": \"${client_id}\",\"params\": {\"server_id\": ${SERVER},\"zone\": \"${1}\",\"name\": \"${2}\",\"type\": \"a\",\"data\": \"${3}\",\"aux\": \"0\", \"ttl\": \"3600\", \"active\": \"y\", \"stamp\": \"${datestamp}\", \"serial\": \"1\"}}"
+}
+
+# Delete A by id
+dnsDeleteAById() {
+ restCall dns_a_delete "{\"session_id\": \"${session_id}\",\"primary_id\": \"${1}\"}"
+}
+
+# Get RR by id
+dnsGetRrByZone() {
+ restCall dns_rr_get_all_by_zone "{\"session_id\": \"${session_id}\",\"zone_id\": \"${1}\"}"
+}
+
+# Get zones
+dnsGetZones() {
+ restCall dns_zone_get_by_user "{\"session_id\": \"${session_id}\",\"client_id\": \"${client_id}\",\"server_id\": ${SERVER}}"
+}
+
+# Update A by id and IP
+dnsUpdateAByIdAndIp() {
+ restCall dns_a_update "{\"session_id\": \"${session_id}\",\"client_id\": \"${client_id}\",\"primary_id\": \"${1}\",\"params\": {\"data\": \"${2}\", \"stamp\": \"${datestamp}\"}}"
+}
+
+# Get functions
+functionsGet() {
+ restCall get_function_list "{\"session_id\": \"${session_id}\"}"
+}
+
+# Log in by user and password
+logInByUserAndPassword() {
+ restCall login "{\"username\": \"${1}\",\"password\": \"${2}\"}"
+}
+
+# Log out by session
+logOutBySession() {
+ restCall logout "{\"session_id\": \"${1}\"}"
+}
+
+# Get servers info
+serversGet() {
+ restCall server_get "{\"session_id\": \"${session_id}\",\"server_id\":{}}"
+}
+
+### Run
+
+# Check dependencies
+if ! [ -x "$(command -v curl)" ]; then
+ echo 'Error: curl is not installed.' >&2
+ exit 1
+fi
+if ! [ -x "$(command -v jq)" ]; then
+ echo 'Error: jq is not installed.' >&2
+ exit 1
+fi
+
+# Check config files
+if [ -r /etc/ispconfig-cli.conf ]; then
+ . /etc/ispconfig-cli.conf
+fi
+if [ -r ~/.ispconfig-cli ]; then
+ . ~/.ispconfig-cli
+fi
+
+# Check command line
+if [[ $1 == "" ]]; then
+ usage
+ exit 1
+fi
+SERVER=1
+VERBOSITY=2
+while getopts :a:e:hi:kqvb:c:f:p:tu:d:j:m:s opt; do
+ case $opt in
+ a)
+ if [[ -e $OPTARG ]]; then
+ source $OPTARG
+ else
+ echo "Config file $OPTARG not found!"
+ exit 1
+ fi
+ ;;
+ e)
+ remote_url=$OPTARG
+ ;;
+ h)
+ usage
+ exit 1
+ ;;
+ i)
+ SERVER=$OPTARG
+ ;;
+ k)
+ $ssl_validate=off
+ ;;
+ q)
+ if [[ $VERBOSITY == "2" ]]; then
+ VERBOSITY=1
+ else
+ echo "-q and -v cannot be specified at the same time!"
+ exit 1
+ fi
+ ;;
+ v)
+ if [[ $VERBOSITY == "2" ]]; then
+ VERBOSITY=3
+ else
+ echo "-q and -v cannot be specified at the same time!"
+ exit 1
+ fi
+ ;;
+ b)
+ if [[ $METHOD == "" ]]; then
+ if [[ $FUNCTION == "" ]]; then
+ FUNCTION=`cat $OPTARG`
+ else
+ echo "You can only use one function source!"
+ exit 1
+ fi
+ else
+ echo "Function and method cannot be specified at the same time!"
+ exit 1
+ fi
+ ;;
+ c)
+ client_user=$OPTARG
+ ;;
+ f)
+ if [[ $METHOD == "" ]]; then
+ if [[ $FUNCTION == "" ]]; then
+ FUNCTION=$OPTARG
+ else
+ echo "You can only use one function source!"
+ exit 1
+ fi
+ else
+ echo "Function and method cannot be specified at the same time!"
+ exit 1
+ fi
+ ;;
+ p)
+ remote_password=$OPTARG
+ ;;
+ t)
+ if [[ $METHOD == "" ]]; then
+ if [[ $FUNCTION == "" ]]; then
+ FUNCTION=`cat`
+ else
+ echo "You can only use one function source!"
+ exit 1
+ fi
+ else
+ echo "Function and method cannot be specified at the same time!"
+ exit 1
+ fi
+ ;;
+ u)
+ remote_user=$OPTARG
+ ;;
+ d)
+ if [[ $JSONMODE == "" ]]; then
+ JSONMODE=cli
+ JSONDATA=$OPTARG
+ else
+ echo "You can only use one JSON data source!"
+ exit 1
+ fi
+ ;;
+ j)
+ if [[ $JSONMODE == "" ]]; then
+ JSONMODE=fil
+ JSONDATA=`cat $OPTARG`
+ else
+ echo "You can only use one JSON data source!"
+ exit 1
+ fi
+ ;;
+ m)
+ if [[ $FUNCTION == "" ]]; then
+ METHOD=$OPTARG
+ else
+ echo "Function and method cannot be specified at the same time!"
+ exit 1
+ fi
+ ;;
+ s)
+ if [[ $JSONMODE == "" ]]; then
+ JSONMODE=std
+ JSONDATA=`cat`
+ else
+ echo "You can only use one JSON data source!"
+ exit 1
+ fi
+ ;;
+ \?)
+ echo "Invalid option: -$OPTARG" >&2
+ exit 1
+ ;;
+ :)
+ echo "Option -$OPTARG requires an argument." >&2
+ exit 1
+ ;;
+ esac
+done
+if [[ $remote_url == "" ]]; then
+ echo "No url provided!"
+ exit 1
+fi
+if [[ $ssl_validate == "off" ]]; then
+ CURLK="-k"
+fi
+if [[ $METHOD != "" ]]; then
+ method $METHOD
+elif [[ $FUNCTION != "" ]]; then
+ session_id="`log_in $remote_user $remote_password`" # This is the only ID that has to be set outside ID helpers
+ message 3 "Using session_id $session_id as $remote_user for CLI operations.\n"
+ client_id $client_user
+ #echo $FUNCTION|while read i; do message 1 `$i`; done # Does not work here due to creating subshells
+ IFS=$'\n'
+ for i in $FUNCTION; do eval $i; done
+ unset IFS
+ log_out $session_id
+else
+ echo "Neither method nor function specified!"
+ exit 1
+fi
+
+echo -e $MESSAGE
+
+exit 0
diff --git a/remoting_client/cli/ispconfig-cli.conf.example b/remoting_client/cli/ispconfig-cli.conf.example
new file mode 100644
index 0000000000000000000000000000000000000000..70908274f74e9d9b8cb2f001441b513091b28460
--- /dev/null
+++ b/remoting_client/cli/ispconfig-cli.conf.example
@@ -0,0 +1,6 @@
+remote_user=myuser
+remote_password=mypassword
+remote_url=https://myserver.example.com:8080/remote/json.php
+client_user=myclient
+server_id=1
+ssl_validate=off
diff --git a/remoting_client/examples/rest_example.php b/remoting_client/examples/rest_example.php
index 24a009c14b326357571f79ee7a2280361562ff29..c1a3a5d2ce3b714040e8c7447aa6dbabeb4a62f7 100644
--- a/remoting_client/examples/rest_example.php
+++ b/remoting_client/examples/rest_example.php
@@ -50,6 +50,8 @@ if($result) {
$result = restCall('client_get', array('session_id' => $session_id, 'client_id' => array()));
if($result) var_dump(json_decode($result, true));
else print "Could not get client_get result\n";
+
+ // please refer to API-Docs for expected input variables and parameters names
$result = restCall('logout', array('session_id' => $session_id));
if($result) var_dump(json_decode($result, true));
diff --git a/remoting_client/examples/rest_example.sh b/remoting_client/examples/rest_example.sh
new file mode 100644
index 0000000000000000000000000000000000000000..5173f0fa3715ee32ac0f6702f9d4b34c65344894
--- /dev/null
+++ b/remoting_client/examples/rest_example.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+set -e
+
+remote_user=test
+remote_password=apipassword
+remote_url='https://yourserver.com:8080/remote/json.php'
+
+# restCall method data
+restCall() {
+ curl -sS -X POST -H "Content-Type: application/json" -H "Cache-Control: no-cache" -d "${2}" "${remote_url}?${1}"
+}
+
+# Log in
+session_id=`restCall login "{\"username\": \"${remote_user}\",\"password\": \"${remote_password}\"}" | jq -r '.response'`
+if [[ $isession == "false" ]]; then
+ echo "Login failed!"
+ exit 1
+#else
+ #echo "Logged in. Session is: $session_id"
+fi
+
+restCall client_get "{\"session_id\": \"$session_id\",\"client_id\":{\"username\": \"abcde\"}}"
+
+# or by id
+restCall client_get "{\"session_id\": \"$session_id\",\"client_id\": \"2\"}"
+
+# or all
+restCall client_get "{\"session_id\": \"$session_id\",\"client_id\":{}}"
+
+# Log out
+if [[ `restCall logout "{\"session_id\": \"$session_id\"}" |jq -r .response` == "true" ]]; then
+ #echo "Logout successful."
+ exit 0
+else
+ echo "Logout failed!"
+ exit 1
+fi
diff --git a/security/ids.whitelist b/security/ids.whitelist
index 58a96e6ac111d3da02ff6a15ec3d892747070ed3..42c0559ecbd118bb94d5ae41de65b73a627789e2 100644
--- a/security/ids.whitelist
+++ b/security/ids.whitelist
@@ -42,4 +42,15 @@ admin:/sites/web_vhost_subdomain_edit.php:POST.php_open_basedir
admin:/sites/web_domain_edit.php:POST.php_open_basedir
admin:/sites/web_domain_edit.php:POST.apache_directives
user:/sites/shell_user_edit.php:POST.ssh_rsa
-user:/sites/cron_edit.php:POST.command
\ No newline at end of file
+user:/sites/cron_edit.php:POST.command
+admin:/admin/server_config_edit.php:POST.jailkit_chroot_app_programs
+admin:/login/index.php:POST.password
+admin:/sites/web_vhost_domain_edit.php:POST.apache_directives
+admin:/sites/web_vhost_domain_edit.php:POST.custom_php_ini
+admin:/sites/web_vhost_domain_edit.php:POST.php_open_basedir
+any:/login/index.php:POST.password
+user:/login/index.php:POST.password
+user:/mail/mail_domain_edit.php:POST.dkim_private
+user:/mail/mail_domain_edit.php:POST.dkim_public
+user:/mail/mail_domain_edit.php:POST.dns_record
+user:/sites/web_vhost_domain_edit.php:POST.fastcgi_php_version
\ No newline at end of file
diff --git a/server/conf/nginx_vhost.conf.master b/server/conf/nginx_vhost.conf.master
index d80fff3e01298e0979b0bee04dce0f789a9ae90b..683b1c2a0a194649e1a7c5a5856feb53b1957c83 100644
--- a/server/conf/nginx_vhost.conf.master
+++ b/server/conf/nginx_vhost.conf.master
@@ -189,6 +189,9 @@ server {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param PATH_INFO $fastcgi_script_name;
+
+ fastcgi_param SERVER_NAME ;
+
fastcgi_intercept_errors on;
}
@@ -200,6 +203,9 @@ server {
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param PATH_INFO $fastcgi_script_name;
+
+ fastcgi_param SERVER_NAME ;
+
fastcgi_intercept_errors on;
error_page 500 501 502 503 = @phpfallback;
}
@@ -216,6 +222,9 @@ server {
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param PATH_INFO $fastcgi_script_name;
+
+ fastcgi_param SERVER_NAME ;
+
fastcgi_intercept_errors on;
}
diff --git a/server/lib/classes/cron.d/100-monitor_raid.inc.php b/server/lib/classes/cron.d/100-monitor_raid.inc.php
index d1a9a53455c6a70e2efab0a561c1d7e21b1e6404..e6b1bace17d788fb6e77f88018e829813e316147 100644
--- a/server/lib/classes/cron.d/100-monitor_raid.inc.php
+++ b/server/lib/classes/cron.d/100-monitor_raid.inc.php
@@ -275,6 +275,52 @@ class cronjob_monitor_raid extends cronjob {
}
}
+ /*
+ * HP Proliant new HPE Command Line Smart Storage Administration Utility
+ */
+ system('which ssacli', $retval);
+ if($retval === 0) {
+ $state = 'ok';
+ $data['output'] = shell_exec('/usr/sbin/ssacli ctrl all show config');
+ $tmp = explode("\n", $data['output']);
+ if(is_array($tmp)) {
+ foreach ($tmp as $item) {
+ if (strpos($item, 'logicaldrive') !== false) {
+ if (strpos($item, 'OK') !== false) {
+ $this->_tools->_setState($state = 'ok');
+ } elseif (strpos($item, 'Recovery Mode') !== false) {
+ $this->_tools->_setState($state = 'critical');
+ break;
+ } elseif (strpos($item, 'Failed') !== false) {
+ $this->_tools->_setState($state = 'error');
+ break;
+ } elseif (strpos($item, 'Recovering') !== false) {
+ $this->_tools->_setState($state = 'info');
+ break;
+ } else {
+ $this->_tools->_setState($state = 'critical');
+ }
+ }
+ if (strpos($item, 'physicaldrive') !== false) {
+ if (strpos($item, 'physicaldrive') !== false) {
+ if (strpos($item, 'OK') !== false) {
+ $this->_tools->_setState($state = 'ok');
+ } elseif (strpos($item, 'Failed') !== false) {
+ $this->_tools->_setState($state = 'critical');
+ break;
+ } elseif (strpos($item, 'Rebuilding') !== false) {
+ $this->_tools->_setState($state = 'info');
+ break;
+ } else {
+ $this->_tools->_setState($state = 'critical');
+ break;
+ }
+ }
+ }
+ }
+ }
+ }
+
/*
* LSI MegaRaid
*/
@@ -315,6 +361,29 @@ class cronjob_monitor_raid extends cronjob {
}
}
+ /*
+ * SAS2IRCU
+ */
+ system('which sas2ircu', $retval);
+ if($retval === 0) {
+ $state = 'ok';
+ $data['output'] = shell_exec('sas2ircu 0 DISPLAY');
+ if(is_array($data['output'])) {
+ foreach ($data['output'] as $item) {
+ if (strpos($item, 'Optimal (OPT)') !== false) {
+ $this->_tools->_setState($state, 'ok');
+ } else {
+ $this->_tools->_setState($state, 'critical');
+ }
+ if (strpos($item, 'Okay (OKY)') !== false) {
+ $this->_tools->_setState($state, 'ok');
+ } else {
+ $this->_tools->_setState($state, 'critical');
+ }
+ }
+ }
+ }
+
$res = array();
$res['server_id'] = $server_id;
$res['type'] = $type;
diff --git a/server/lib/classes/letsencrypt.inc.php b/server/lib/classes/letsencrypt.inc.php
index 12e43a9d5bd3581d05ffbd5699dbb1add26c6567..c3285a1c2eb6b3dded0e7f58498e2c082eb2f60f 100644
--- a/server/lib/classes/letsencrypt.inc.php
+++ b/server/lib/classes/letsencrypt.inc.php
@@ -275,7 +275,16 @@ class letsencrypt {
$letsencrypt = explode("\n", shell_exec('which letsencrypt certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot'));
$letsencrypt = reset($letsencrypt);
if(is_executable($letsencrypt)) {
- $letsencrypt_cmd = $letsencrypt . " certonly -n --text --agree-tos --expand --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain $cli_domain_arg --webroot-path /usr/local/ispconfig/interface/acme";
+ $letsencrypt_version = exec($letsencrypt . ' --version 2>&1', $ret, $val);
+ if(preg_match('/^(\S+|\w+)\s+(\d+(\.\d+)+)$/', $letsencrypt_version, $matches)) {
+ $letsencrypt_version = $matches[2];
+ }
+ if ($letsencrypt_version >=0.22) {
+ $acme_version = 'https://acme-v02.api.letsencrypt.org/directory';
+ } else {
+ $acme_version = 'https://acme-v01.api.letsencrypt.org/directory';
+ }
+ $letsencrypt_cmd = $letsencrypt . " certonly -n --text --agree-tos --expand --authenticator webroot --server $acme_version --rsa-key-size 4096 --email postmaster@$domain $cli_domain_arg --webroot-path /usr/local/ispconfig/interface/acme";
$success = $app->system->_exec($letsencrypt_cmd);
}
} else {