Skip to content
Expand all Hide whitespace changes
Inline Side-by-side
install/uninstall.php
View file @ 3e0cb809
...@@ -70,23 +70,23 @@ if($do_uninstall == 'yes') { ...@@ -70,23 +70,23 @@ if($do_uninstall == 'yes') {
if (!$result) echo "Unable to remove the ispconfig-database-user ".$conf['db_user']." ".mysqli_error($link)."\n"; if (!$result) echo "Unable to remove the ispconfig-database-user ".$conf['db_user']." ".mysqli_error($link)."\n";
} }
mysqli_close($link); mysqli_close($link);
// Deleting the symlink in /var/www // Deleting the symlink in /var/www
// Apache // Apache
@unlink("/etc/apache2/sites-enabled/000-ispconfig.vhost"); @unlink("/etc/apache2/sites-enabled/000-ispconfig.vhost");
@unlink("/etc/apache2/sites-available/ispconfig.vhost"); @unlink("/etc/apache2/sites-available/ispconfig.vhost");
@unlink("/etc/apache2/sites-enabled/000-apps.vhost"); @unlink("/etc/apache2/sites-enabled/000-apps.vhost");
@unlink("/etc/apache2/sites-available/apps.vhost"); @unlink("/etc/apache2/sites-available/apps.vhost");
// nginx // nginx
@unlink("/etc/nginx/sites-enabled/000-ispconfig.vhost"); @unlink("/etc/nginx/sites-enabled/000-ispconfig.vhost");
@unlink("/etc/nginx/sites-available/ispconfig.vhost"); @unlink("/etc/nginx/sites-available/ispconfig.vhost");
@unlink("/etc/nginx/sites-enabled/000-apps.vhost"); @unlink("/etc/nginx/sites-enabled/000-apps.vhost");
@unlink("/etc/nginx/sites-available/apps.vhost"); @unlink("/etc/nginx/sites-available/apps.vhost");
// Delete the ispconfig files // Delete the ispconfig files
exec('rm -rf /usr/local/ispconfig'); exec('rm -rf /usr/local/ispconfig');
// Delete various other files // Delete various other files
@unlink("/usr/local/bin/letsencrypt_post_hook.sh"); @unlink("/usr/local/bin/letsencrypt_post_hook.sh");
@unlink("/usr/local/bin/letsencrypt_pre_hook.sh"); @unlink("/usr/local/bin/letsencrypt_pre_hook.sh");
...@@ -95,9 +95,10 @@ if($do_uninstall == 'yes') { ...@@ -95,9 +95,10 @@ if($do_uninstall == 'yes') {
@unlink("/usr/local/bin/ispconfig_update_from_svn.sh"); @unlink("/usr/local/bin/ispconfig_update_from_svn.sh");
@unlink("/var/spool/mail/ispconfig"); @unlink("/var/spool/mail/ispconfig");
@unlink("/var/www/ispconfig"); @unlink("/var/www/ispconfig");
@unlink("/var/www/php-fcgi-scripts/ispconfig"); @exec('chattr -i /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
@unlink("/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter"); @unlink("/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter");
@unlink("/var/www/php-fcgi-scripts/ispconfig");
echo "Backups in /var/backup/ and log files in /var/log/ispconfig are not deleted."; echo "Backups in /var/backup/ and log files in /var/log/ispconfig are not deleted.";
echo "Finished uninstalling.\n"; echo "Finished uninstalling.\n";
......
interface/lib/app.inc.php
View file @ 3e0cb809
...@@ -49,7 +49,7 @@ class app { ...@@ -49,7 +49,7 @@ class app {
private $_loaded_classes = array(); private $_loaded_classes = array();
private $_conf; private $_conf;
private $_security_config; private $_security_config;
public $loaded_plugins = array(); public $loaded_plugins = array();
public function __construct() { public function __construct() {
...@@ -58,7 +58,7 @@ class app { ...@@ -58,7 +58,7 @@ class app {
if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($_REQUEST['s']) || isset($_REQUEST['s_old']) || isset($_REQUEST['conf'])) { if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($_REQUEST['s']) || isset($_REQUEST['s_old']) || isset($_REQUEST['conf'])) {
die('Internal Error: var override attempt detected'); die('Internal Error: var override attempt detected');
} }
$this->_conf = $conf; $this->_conf = $conf;
if($this->_conf['start_db'] == true) { if($this->_conf['start_db'] == true) {
$this->load('db_'.$this->_conf['db_type']); $this->load('db_'.$this->_conf['db_type']);
...@@ -70,21 +70,21 @@ class app { ...@@ -70,21 +70,21 @@ class app {
} }
$this->uses('functions'); // we need this before all others! $this->uses('functions'); // we need this before all others!
$this->uses('auth,plugin,ini_parser,getconf'); $this->uses('auth,plugin,ini_parser,getconf');
} }
public function __get($prop) { public function __get($prop) {
if(property_exists($this, $prop)) return $this->{$prop}; if(property_exists($this, $prop)) return $this->{$prop};
$this->uses($prop); $this->uses($prop);
if(property_exists($this, $prop)) return $this->{$prop}; if(property_exists($this, $prop)) return $this->{$prop};
else trigger_error('Undefined property ' . $prop . ' of class app', E_USER_WARNING); else trigger_error('Undefined property ' . $prop . ' of class app', E_USER_WARNING);
} }
public function __destruct() { public function __destruct() {
session_write_close(); session_write_close();
} }
public function initialize_session() { public function initialize_session() {
//* Start the session //* Start the session
if($this->_conf['start_session'] == true) { if($this->_conf['start_session'] == true) {
...@@ -118,7 +118,7 @@ class app { ...@@ -118,7 +118,7 @@ class app {
} else { } else {
session_set_cookie_params(0,'/',$cookie_domain,$cookie_secure,true); // until browser is closed session_set_cookie_params(0,'/',$cookie_domain,$cookie_secure,true); // until browser is closed
} }
session_set_save_handler( array($this->session, 'open'), session_set_save_handler( array($this->session, 'open'),
array($this->session, 'close'), array($this->session, 'close'),
array($this->session, 'read'), array($this->session, 'read'),
...@@ -127,7 +127,7 @@ class app { ...@@ -127,7 +127,7 @@ class app {
array($this->session, 'gc')); array($this->session, 'gc'));
session_start(); session_start();
//* Initialize session variables //* Initialize session variables
if(!isset($_SESSION['s']['id']) ) $_SESSION['s']['id'] = session_id(); if(!isset($_SESSION['s']['id']) ) $_SESSION['s']['id'] = session_id();
if(empty($_SESSION['s']['theme'])) $_SESSION['s']['theme'] = $conf['theme']; if(empty($_SESSION['s']['theme'])) $_SESSION['s']['theme'] = $conf['theme'];
...@@ -135,7 +135,7 @@ class app { ...@@ -135,7 +135,7 @@ class app {
} }
} }
public function uses($classes) { public function uses($classes) {
$cl = explode(',', $classes); $cl = explode(',', $classes);
if(is_array($cl)) { if(is_array($cl)) {
...@@ -160,7 +160,7 @@ class app { ...@@ -160,7 +160,7 @@ class app {
} }
} }
} }
public function conf($plugin, $key, $value = null) { public function conf($plugin, $key, $value = null) {
if(is_null($value)) { if(is_null($value)) {
$tmpconf = $this->db->queryOneRecord("SELECT `value` FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key); $tmpconf = $this->db->queryOneRecord("SELECT `value` FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
...@@ -284,6 +284,7 @@ class app { ...@@ -284,6 +284,7 @@ class app {
$this->tpl->setVar('datalog_changes_end_txt', $this->lng('datalog_changes_end_txt')); $this->tpl->setVar('datalog_changes_end_txt', $this->lng('datalog_changes_end_txt'));
$this->tpl->setVar('datalog_changes_count', $datalog['count']); $this->tpl->setVar('datalog_changes_count', $datalog['count']);
$this->tpl->setLoop('datalog_changes', $datalog['entries']); $this->tpl->setLoop('datalog_changes', $datalog['entries']);
$this->tpl->setVar('datalog_changes_close_txt', $this->lng('datalog_changes_close_txt'));
} else { } else {
$this->tpl->setVar('app_version', ''); $this->tpl->setVar('app_version', '');
} }
...@@ -349,7 +350,7 @@ class app { ...@@ -349,7 +350,7 @@ class app {
return 'y' === $maintenance_mode && !in_array($_SERVER['REMOTE_ADDR'], $maintenance_mode_exclude_ips); return 'y' === $maintenance_mode && !in_array($_SERVER['REMOTE_ADDR'], $maintenance_mode_exclude_ips);
} }
private function get_cookie_domain() { private function get_cookie_domain() {
$sec_config = $this->getconf->get_security_config('permissions'); $sec_config = $this->getconf->get_security_config('permissions');
$proxy_panel_allowed = $sec_config['reverse_proxy_panel_allowed']; $proxy_panel_allowed = $sec_config['reverse_proxy_panel_allowed'];
...@@ -380,7 +381,7 @@ class app { ...@@ -380,7 +381,7 @@ class app {
unset($forwarded_host); unset($forwarded_host);
} }
} }
return $cookie_domain; return $cookie_domain;
} }
...@@ -389,7 +390,7 @@ class app { ...@@ -389,7 +390,7 @@ class app {
//** Initialize application (app) object //** Initialize application (app) object
//* possible future = new app($conf); //* possible future = new app($conf);
$app = new app(); $app = new app();
/* /*
split session creation out of constructor is IMHO better. split session creation out of constructor is IMHO better.
otherwise we have some circular references to global $app like in otherwise we have some circular references to global $app like in
getconfig property of App - RA getconfig property of App - RA
...@@ -398,7 +399,7 @@ $app->initialize_session(); ...@@ -398,7 +399,7 @@ $app->initialize_session();
// load and enable PHP Intrusion Detection System (PHPIDS) // load and enable PHP Intrusion Detection System (PHPIDS)
$ids_security_config = $app->getconf->get_security_config('ids'); $ids_security_config = $app->getconf->get_security_config('ids');
if(is_dir(ISPC_CLASS_PATH.'/IDS') && !defined('REMOTE_API_CALL') && ($ids_security_config['ids_anon_enabled'] == 'yes' || $ids_security_config['ids_user_enabled'] == 'yes' || $ids_security_config['ids_admin_enabled'] == 'yes')) { if(is_dir(ISPC_CLASS_PATH.'/IDS') && !defined('REMOTE_API_CALL') && ($ids_security_config['ids_anon_enabled'] == 'yes' || $ids_security_config['ids_user_enabled'] == 'yes' || $ids_security_config['ids_admin_enabled'] == 'yes')) {
$app->uses('ids'); $app->uses('ids');
$app->ids->start(); $app->ids->start();
......
interface/lib/classes/db_mysql.inc.php
View file @ 3e0cb809
...@@ -258,6 +258,8 @@ class db ...@@ -258,6 +258,8 @@ class db
private function _query($sQuery = '') { private function _query($sQuery = '') {
global $app; global $app;
$aArgs = func_get_args();
if ($sQuery == '') { if ($sQuery == '') {
$this->_sqlerror('Keine Anfrage angegeben / No query given'); $this->_sqlerror('Keine Anfrage angegeben / No query given');
...@@ -297,7 +299,6 @@ class db ...@@ -297,7 +299,6 @@ class db
} }
} while($ok == false); } while($ok == false);
$aArgs = func_get_args();
$sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs); $sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs);
$this->securityScan($sQuery); $this->securityScan($sQuery);
$this->_iQueryId = mysqli_query($this->_iConnId, $sQuery); $this->_iQueryId = mysqli_query($this->_iConnId, $sQuery);
...@@ -353,10 +354,17 @@ class db ...@@ -353,10 +354,17 @@ class db
* @return array result row or NULL if none found * @return array result row or NULL if none found
*/ */
public function queryOneRecord($sQuery = '') { public function queryOneRecord($sQuery = '') {
if(!preg_match('/limit \d+\s*(,\s*\d+)?$/i', $sQuery)) $sQuery .= ' LIMIT 0,1';
$aArgs = func_get_args(); $aArgs = func_get_args();
$oResult = call_user_func_array(array(&$this, 'query'), $aArgs); if(!empty($aArgs)) {
$sQuery = array_shift($aArgs);
if($sQuery && !preg_match('/limit \d+(\s*,\s*\d+)?$/i', $sQuery)) {
$sQuery .= ' LIMIT 0,1';
}
array_unshift($aArgs, $sQuery);
}
$oResult = call_user_func_array([&$this, 'query'], $aArgs);
if(!$oResult) return null; if(!$oResult) return null;
$aReturn = $oResult->get(); $aReturn = $oResult->get();
...@@ -1300,7 +1308,7 @@ class fakedb_result { ...@@ -1300,7 +1308,7 @@ class fakedb_result {
if(!is_array($this->aLimitedData)) return $aItem; if(!is_array($this->aLimitedData)) return $aItem;
if(list($vKey, $aItem) = each($this->aLimitedData)) { foreach($this->aLimitedData as $vKey => $aItem) {
if(!$aItem) $aItem = null; if(!$aItem) $aItem = null;
} }
return $aItem; return $aItem;
......
interface/lib/classes/getconf.inc.php
View file @ 3e0cb809
...@@ -65,7 +65,7 @@ class getconf { ...@@ -65,7 +65,7 @@ class getconf {
} else { } else {
$app->uses('ini_parser'); $app->uses('ini_parser');
$security_config_path = '/usr/local/ispconfig/security/security_settings.ini'; $security_config_path = '/usr/local/ispconfig/security/security_settings.ini';
if(!is_file($security_config_path)) $security_config_path = realpath(ISPC_ROOT_PATH.'/../security/security_settings.ini'); if(!is_readable($security_config_path)) $security_config_path = realpath(ISPC_ROOT_PATH.'/../security/security_settings.ini');
$this->security_config = $app->ini_parser->parse_ini_string(file_get_contents($security_config_path)); $this->security_config = $app->ini_parser->parse_ini_string(file_get_contents($security_config_path));
return ($section == '') ? $this->security_config : $this->security_config[$section]; return ($section == '') ? $this->security_config : $this->security_config[$section];
......
interface/lib/classes/ids.inc.php
View file @ 3e0cb809
...@@ -68,7 +68,7 @@ class ids { ...@@ -68,7 +68,7 @@ class ids {
// Get whitelist // Get whitelist
$whitelist_path = '/usr/local/ispconfig/security/ids.whitelist'; $whitelist_path = '/usr/local/ispconfig/security/ids.whitelist';
if(is_file('/usr/local/ispconfig/security/ids.whitelist.custom')) $whitelist_path = '/usr/local/ispconfig/security/ids.whitelist.custom'; if(is_readable('/usr/local/ispconfig/security/ids.whitelist.custom')) $whitelist_path = '/usr/local/ispconfig/security/ids.whitelist.custom';
if(!is_file($whitelist_path)) $whitelist_path = realpath(ISPC_ROOT_PATH.'/../security/ids.whitelist'); if(!is_file($whitelist_path)) $whitelist_path = realpath(ISPC_ROOT_PATH.'/../security/ids.whitelist');
$whitelist_lines = file($whitelist_path); $whitelist_lines = file($whitelist_path);
...@@ -91,7 +91,7 @@ class ids { ...@@ -91,7 +91,7 @@ class ids {
// Get HTML fields // Get HTML fields
$htmlfield_path = '/usr/local/ispconfig/security/ids.htmlfield'; $htmlfield_path = '/usr/local/ispconfig/security/ids.htmlfield';
if(is_file('/usr/local/ispconfig/security/ids.htmlfield.custom')) $htmlfield_path = '/usr/local/ispconfig/security/ids.htmlfield.custom'; if(is_readable('/usr/local/ispconfig/security/ids.htmlfield.custom')) $htmlfield_path = '/usr/local/ispconfig/security/ids.htmlfield.custom';
if(!is_file($htmlfield_path)) $htmlfield_path = realpath(ISPC_ROOT_PATH.'/../security/ids.htmlfield'); if(!is_file($htmlfield_path)) $htmlfield_path = realpath(ISPC_ROOT_PATH.'/../security/ids.htmlfield');
$htmlfield_lines = file($htmlfield_path); $htmlfield_lines = file($htmlfield_path);
......
interface/lib/classes/remote.d/client.inc.php
View file @ 3e0cb809
...@@ -108,7 +108,7 @@ class remoting_client extends remoting { ...@@ -108,7 +108,7 @@ class remoting_client extends remoting {
if(isset($rec['client_id'])) { if(isset($rec['client_id'])) {
return $app->functions->intval($rec['client_id']); return $app->functions->intval($rec['client_id']);
} else { } else {
throw new SoapFault('no_client_found', 'There is no sysuser account for this client ID.'); throw new SoapFault('no_client_found', 'There is no sys_user account with this userid.');
return false; return false;
} }
......
interface/lib/classes/remote.d/dns.inc.php
View file @ 3e0cb809
...@@ -57,7 +57,7 @@ class remoting_dns extends remoting { ...@@ -57,7 +57,7 @@ class remoting_dns extends remoting {
$app->uses('tform'); $app->uses('tform');
$app->tform->loadFormDef($tform_def_file); $app->tform->loadFormDef($tform_def_file);
$app->uses('tpl,validate_dns,remoting_lib'); $app->uses('tpl,validate_dns,remoting_lib');
$app->remoting_lib->loadUserProfile($client_id); $app->remoting_lib->loadUserProfile($client_id);
//* replace template placeholders //* replace template placeholders
...@@ -197,7 +197,7 @@ class remoting_dns extends remoting { ...@@ -197,7 +197,7 @@ class remoting_dns extends remoting {
$app->remoting_lib->loadFormDef('../dns/form/dns_soa.tform.php'); $app->remoting_lib->loadFormDef('../dns/form/dns_soa.tform.php');
return $app->remoting_lib->getDataRecord($primary_id); return $app->remoting_lib->getDataRecord($primary_id);
} }
//* Get slave zone details //* Get slave zone details
public function dns_slave_get($session_id, $primary_id) { public function dns_slave_get($session_id, $primary_id) {
global $app; global $app;
...@@ -211,7 +211,7 @@ class remoting_dns extends remoting { ...@@ -211,7 +211,7 @@ class remoting_dns extends remoting {
return $app->remoting_lib->getDataRecord($primary_id); return $app->remoting_lib->getDataRecord($primary_id);
} }
//* Add a slave zone //* Add a slave zone
public function dns_slave_add($session_id, $client_id, $params) { public function dns_slave_add($session_id, $client_id, $params) {
if(!$this->checkPerm($session_id, 'dns_zone_add')) { if(!$this->checkPerm($session_id, 'dns_zone_add')) {
...@@ -220,7 +220,7 @@ class remoting_dns extends remoting { ...@@ -220,7 +220,7 @@ class remoting_dns extends remoting {
} }
return $this->insertQuery('../dns/form/dns_slave.tform.php', $client_id, $params); return $this->insertQuery('../dns/form/dns_slave.tform.php', $client_id, $params);
} }
//* Update a slave zone //* Update a slave zone
public function dns_slave_update($session_id, $client_id, $primary_id, $params) { public function dns_slave_update($session_id, $client_id, $primary_id, $params) {
if(!$this->checkPerm($session_id, 'dns_zone_update')) { if(!$this->checkPerm($session_id, 'dns_zone_update')) {
...@@ -296,12 +296,12 @@ class remoting_dns extends remoting { ...@@ -296,12 +296,12 @@ class remoting_dns extends remoting {
private function dns_rr_get($session_id, $primary_id, $rr_type = 'A') { private function dns_rr_get($session_id, $primary_id, $rr_type = 'A') {
global $app; global $app;
$rr_type = strtolower($rr_type); $rr_type = strtolower($rr_type);
if(!preg_match('/^[a-z]+$/', $rr_type)) { if(!preg_match('/^[a-z]+$/', $rr_type)) {
throw new SoapFault('permission denied', 'Invalid rr type'); throw new SoapFault('permission denied', 'Invalid rr type');
} }
if(!$this->checkPerm($session_id, 'dns_' . $rr_type . '_get')) { if(!$this->checkPerm($session_id, 'dns_' . $rr_type . '_get')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
} }
...@@ -309,14 +309,14 @@ class remoting_dns extends remoting { ...@@ -309,14 +309,14 @@ class remoting_dns extends remoting {
$app->remoting_lib->loadFormDef('../dns/form/dns_' . $rr_type . '.tform.php'); $app->remoting_lib->loadFormDef('../dns/form/dns_' . $rr_type . '.tform.php');
return $app->remoting_lib->getDataRecord($primary_id); return $app->remoting_lib->getDataRecord($primary_id);
} }
//* Add a record //* Add a record
private function dns_rr_add($session_id, $client_id, $params, $update_serial=false, $rr_type = 'A') { private function dns_rr_add($session_id, $client_id, $params, $update_serial=false, $rr_type = 'A') {
$rr_type = strtolower($rr_type); $rr_type = strtolower($rr_type);
if(!preg_match('/^[a-z]+$/', $rr_type)) { if(!preg_match('/^[a-z]+$/', $rr_type)) {
throw new SoapFault('permission denied', 'Invalid rr type'); throw new SoapFault('permission denied', 'Invalid rr type');
} }
if(!$this->checkPerm($session_id, 'dns_' . $rr_type . '_add')) { if(!$this->checkPerm($session_id, 'dns_' . $rr_type . '_add')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
} }
...@@ -332,7 +332,7 @@ class remoting_dns extends remoting { ...@@ -332,7 +332,7 @@ class remoting_dns extends remoting {
if(!preg_match('/^[a-z]+$/', $rr_type)) { if(!preg_match('/^[a-z]+$/', $rr_type)) {
throw new SoapFault('permission denied', 'Invalid rr type'); throw new SoapFault('permission denied', 'Invalid rr type');
} }
if(!$this->checkPerm($session_id, 'dns_' . $rr_type . '_update')) { if(!$this->checkPerm($session_id, 'dns_' . $rr_type . '_update')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
...@@ -343,7 +343,7 @@ class remoting_dns extends remoting { ...@@ -343,7 +343,7 @@ class remoting_dns extends remoting {
} }
return $affected_rows; return $affected_rows;
} }
//* Delete a record //* Delete a record
private function dns_rr_delete($session_id, $primary_id, $update_serial=false, $rr_type = 'A') { private function dns_rr_delete($session_id, $primary_id, $update_serial=false, $rr_type = 'A') {
$rr_type = strtolower($rr_type); $rr_type = strtolower($rr_type);
...@@ -359,9 +359,9 @@ class remoting_dns extends remoting { ...@@ -359,9 +359,9 @@ class remoting_dns extends remoting {
$affected_rows = $this->deleteQuery('../dns/form/dns_' . $rr_type . '.tform.php', $primary_id); $affected_rows = $this->deleteQuery('../dns/form/dns_' . $rr_type . '.tform.php', $primary_id);
return $affected_rows; return $affected_rows;
} }
// ---------------------------------------------------------------------------------------------------------------- // ----------------------------------------------------------------------------------------------------------------
//* Get record details //* Get record details
public function dns_aaaa_get($session_id, $primary_id) { public function dns_aaaa_get($session_id, $primary_id) {
return $this->dns_rr_get($session_id, $primary_id, 'AAAA'); return $this->dns_rr_get($session_id, $primary_id, 'AAAA');
...@@ -472,6 +472,28 @@ class remoting_dns extends remoting { ...@@ -472,6 +472,28 @@ class remoting_dns extends remoting {
// ---------------------------------------------------------------------------------------------------------------- // ----------------------------------------------------------------------------------------------------------------
//* Get record details
public function dns_dname_get($session_id, $primary_id) {
return $this->dns_rr_get($session_id, $primary_id, 'DNAME');
}
//* Add a record
public function dns_dname_add($session_id, $client_id, $params, $update_serial=false) {
return $this->dns_rr_add($session_id, $client_id, $params, $update_serial, 'DNAME');
}
//* Update a record
public function dns_dname_update($session_id, $client_id, $primary_id, $params, $update_serial=false) {
return $this->dns_rr_update($session_id, $client_id, $primary_id, $params, $update_serial, 'DNAME');
}
//* Delete a record
public function dns_dname_delete($session_id, $primary_id, $update_serial=false) {
return $this->dns_rr_delete($session_id, $primary_id, $update_serial, 'DNAME');
}
// ----------------------------------------------------------------------------------------------------------------
//* Get record details //* Get record details
public function dns_hinfo_get($session_id, $primary_id) { public function dns_hinfo_get($session_id, $primary_id) {
return $this->dns_rr_get($session_id, $primary_id, 'HINFO'); return $this->dns_rr_get($session_id, $primary_id, 'HINFO');
...@@ -626,6 +648,28 @@ class remoting_dns extends remoting { ...@@ -626,6 +648,28 @@ class remoting_dns extends remoting {
// ---------------------------------------------------------------------------------------------------------------- // ----------------------------------------------------------------------------------------------------------------
//* Get record details
public function dns_sshfp_get($session_id, $primary_id) {
return $this->dns_rr_get($session_id, $primary_id, 'SSHFP');
}
//* Add a record
public function dns_sshfp_add($session_id, $client_id, $params, $update_serial=false) {
return $this->dns_rr_add($session_id, $client_id, $params, $update_serial, 'SSHFP');
}
//* Update a record
public function dns_sshfp_update($session_id, $client_id, $primary_id, $params, $update_serial=false) {
return $this->dns_rr_update($session_id, $client_id, $primary_id, $params, $update_serial, 'SSHFP');
}
//* Delete a record
public function dns_sshfp_delete($session_id, $primary_id, $update_serial=false) {
return $this->dns_rr_delete($session_id, $primary_id, $update_serial, 'SSHFP');
}
// ----------------------------------------------------------------------------------------------------------------
//* Get record details //* Get record details
public function dns_tlsa_get($session_id, $primary_id) { public function dns_tlsa_get($session_id, $primary_id) {
return $this->dns_rr_get($session_id, $primary_id, 'TLSA'); return $this->dns_rr_get($session_id, $primary_id, 'TLSA');
...@@ -692,6 +736,24 @@ class remoting_dns extends remoting { ...@@ -692,6 +736,24 @@ class remoting_dns extends remoting {
//* Get All DNS Zones Templates by etruel and thom
public function dns_templatezone_get_all($session_id) {
global $app, $conf;
if(!$this->checkPerm($session_id, 'dns_templatezone_add')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$sql ="SELECT * FROM dns_template";
$result = $app->db->queryAllRecords($sql);
if(isset($result)) {
return $result;
}
else {
throw new SoapFault('template_id_error', 'There is no DNS templates.');
return false;
}
}
/** /**
* Get all dns records for a zone * Get all dns records for a zone
* @param int session id * @param int session id
......
interface/lib/classes/remote.d/mail.inc.php
View file @ 3e0cb809
...@@ -205,6 +205,9 @@ class remoting_mail extends remoting { ...@@ -205,6 +205,9 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
// Email addresses must always be lower case
$params['email'] = strtolower($params['email']);
//* Check if mail domain exists //* Check if mail domain exists
$email_parts = explode('@', $params['email']); $email_parts = explode('@', $params['email']);
......
interface/lib/classes/remote.d/sites.inc.php
View file @ 3e0cb809
...@@ -102,7 +102,7 @@ class remoting_sites extends remoting { ...@@ -102,7 +102,7 @@ class remoting_sites extends remoting {
$app->remoting_lib->loadFormDef('../sites/form/database.tform.php'); $app->remoting_lib->loadFormDef('../sites/form/database.tform.php');
return $app->remoting_lib->getDataRecord($primary_id); return $app->remoting_lib->getDataRecord($primary_id);
} }
/* TODO: secure queries! */ /* TODO: secure queries! */
//* Add a record //* Add a record
public function sites_database_add($session_id, $client_id, $params) public function sites_database_add($session_id, $client_id, $params)
...@@ -130,7 +130,7 @@ class remoting_sites extends remoting { ...@@ -130,7 +130,7 @@ class remoting_sites extends remoting {
$retval = $this->insertQueryExecute($sql, $params); $retval = $this->insertQueryExecute($sql, $params);
$app->sites_database_plugin->processDatabaseInsert($this); $app->sites_database_plugin->processDatabaseInsert($this);
// set correct values for backup_interval and backup_copies // set correct values for backup_interval and backup_copies
if(isset($params['backup_interval']) || isset($params['backup_copies']) || isset($params['backup_format_web']) || isset($params['backup_format_db'])){ if(isset($params['backup_interval']) || isset($params['backup_copies']) || isset($params['backup_format_web']) || isset($params['backup_format_db'])){
$sql_set = array(); $sql_set = array();
...@@ -140,7 +140,7 @@ class remoting_sites extends remoting { ...@@ -140,7 +140,7 @@ class remoting_sites extends remoting {
if(isset($params['backup_format_db'])) $sql_set[] = "backup_format_db = ".$app->functions->intval($params['backup_format_db']); if(isset($params['backup_format_db'])) $sql_set[] = "backup_format_db = ".$app->functions->intval($params['backup_format_db']);
$this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval, $retval, $params); $this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval, $retval, $params);
} }
return $retval; return $retval;
} }
...@@ -165,7 +165,7 @@ class remoting_sites extends remoting { ...@@ -165,7 +165,7 @@ class remoting_sites extends remoting {
$this->dataRecord = $params; $this->dataRecord = $params;
$app->sites_database_plugin->processDatabaseUpdate($this); $app->sites_database_plugin->processDatabaseUpdate($this);
$retval = $this->updateQueryExecute($sql, $primary_id, $params); $retval = $this->updateQueryExecute($sql, $primary_id, $params);
// set correct values for backup_interval and backup_copies // set correct values for backup_interval and backup_copies
if(isset($params['backup_interval']) || isset($params['backup_copies']) || isset($params['backup_format_web']) || isset($params['backup_format_db'])){ if(isset($params['backup_interval']) || isset($params['backup_copies']) || isset($params['backup_format_web']) || isset($params['backup_format_db'])){
$sql_set = array(); $sql_set = array();
...@@ -175,7 +175,7 @@ class remoting_sites extends remoting { ...@@ -175,7 +175,7 @@ class remoting_sites extends remoting {
if(isset($params['backup_format_db'])) $sql_set[] = "backup_format_db = ".$app->functions->intval($params['backup_format_db']); if(isset($params['backup_format_db'])) $sql_set[] = "backup_format_db = ".$app->functions->intval($params['backup_format_db']);
$this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id, $primary_id, $params); $this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id, $primary_id, $params);
} }
return $retval; return $retval;
} }
...@@ -452,7 +452,7 @@ class remoting_sites extends remoting { ...@@ -452,7 +452,7 @@ class remoting_sites extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
if($params['log_retention'] == '') $params['log_retention'] = 30; if($params['log_retention'] == '') $params['log_retention'] = 30;
//* Set a few defaults for nginx servers //* Set a few defaults for nginx servers
...@@ -524,7 +524,7 @@ class remoting_sites extends remoting { ...@@ -524,7 +524,7 @@ class remoting_sites extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
if($params['log_retention'] == '') $params['log_retention'] = 30; if($params['log_retention'] == '') $params['log_retention'] = 30;
//* Set a few defaults for nginx servers //* Set a few defaults for nginx servers
...@@ -596,7 +596,7 @@ class remoting_sites extends remoting { ...@@ -596,7 +596,7 @@ class remoting_sites extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
if($params['log_retention'] == '') $params['log_retention'] = 30; if($params['log_retention'] == '') $params['log_retention'] = 30;
//* Set a few defaults for nginx servers //* Set a few defaults for nginx servers
...@@ -880,7 +880,7 @@ class remoting_sites extends remoting { ...@@ -880,7 +880,7 @@ class remoting_sites extends remoting {
$app->remoting_lib->loadFormDef('../sites/form/web_vhost_domain.tform.php'); $app->remoting_lib->loadFormDef('../sites/form/web_vhost_domain.tform.php');
$params = $app->remoting_lib->getDataRecord($primary_id); $params = $app->remoting_lib->getDataRecord($primary_id);
$params['active'] = $status; $params['active'] = $status;
$affected_rows = $this->updateQuery('../sites/form/web_vhost_domain.tform.php', 0, $primary_id, $params); $affected_rows = $this->updateQuery('../sites/form/web_vhost_domain.tform.php', 0, $primary_id, $params);
return $affected_rows; return $affected_rows;
} else { } else {
...@@ -905,57 +905,57 @@ class remoting_sites extends remoting { ...@@ -905,57 +905,57 @@ class remoting_sites extends remoting {
$all = $app->db->queryAllRecords($sql, $client_id); $all = $app->db->queryAllRecords($sql, $client_id);
return $all; return $all;
} }
//** backup functions ----------------------------------------------------------------------------------- //** backup functions -----------------------------------------------------------------------------------
public function sites_web_domain_backup_list($session_id, $site_id = null) public function sites_web_domain_backup_list($session_id, $site_id = null)
{ {
global $app; global $app;
if(!$this->checkPerm($session_id, 'sites_web_domain_backup')) { if(!$this->checkPerm($session_id, 'sites_web_domain_backup')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
$result = $app->db->queryAllRecords("SELECT * FROM web_backup".(($site_id != null)?' WHERE parent_domain_id = ?':''), $site_id); $result = $app->db->queryAllRecords("SELECT * FROM web_backup".(($site_id != null)?' WHERE parent_domain_id = ?':''), $site_id);
return $result; return $result;
} }
//* Backup download and restoration by Abdi Joseph //* Backup download and restoration by Abdi Joseph
public function sites_web_domain_backup($session_id, $primary_id, $action_type) public function sites_web_domain_backup($session_id, $primary_id, $action_type)
{ {
global $app; global $app;
if(!$this->checkPerm($session_id, 'sites_web_domain_backup')) { if(!$this->checkPerm($session_id, 'sites_web_domain_backup')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
//*Set variables //*Set variables
$backup_record = $app->db->queryOneRecord("SELECT * FROM `web_backup` WHERE `backup_id`= ?", $primary_id); $backup_record = $app->db->queryOneRecord("SELECT * FROM `web_backup` WHERE `backup_id`= ?", $primary_id);
$server_id = $backup_record['server_id']; $server_id = $backup_record['server_id'];
//*Set default action state //*Set default action state
$action_state = "pending"; $action_state = "pending";
$tstamp = time(); $tstamp = time();
//* Basic validation of variables //* Basic validation of variables
if ($server_id <= 0) { if ($server_id <= 0) {
throw new SoapFault('invalid_backup_id', "Invalid or non existant backup_id $primary_id"); throw new SoapFault('invalid_backup_id', "Invalid or non existant backup_id $primary_id");
return false; return false;
} }
if ($action_type != 'backup_download' and $action_type != 'backup_restore' and $action_type != 'backup_delete') { if ($action_type != 'backup_download' and $action_type != 'backup_restore' and $action_type != 'backup_delete') {
throw new SoapFault('invalid_action', "Invalid action_type $action_type"); throw new SoapFault('invalid_action', "Invalid action_type $action_type");
return false; return false;
} }
//* Validate instance //* Validate instance
$instance_record = $app->db->queryOneRecord("SELECT * FROM `sys_remoteaction` WHERE `action_param`= ? and `action_type`= ? and `action_state`= ?", $primary_id, $action_type, 'pending'); $instance_record = $app->db->queryOneRecord("SELECT * FROM `sys_remoteaction` WHERE `action_param`= ? and `action_type`= ? and `action_state`= ?", $primary_id, $action_type, 'pending');
if ($instance_record['action_id'] >= 1) { if ($instance_record['action_id'] >= 1) {
throw new SoapFault('duplicate_action', "There is already a pending $action_type action"); throw new SoapFault('duplicate_action', "There is already a pending $action_type action");
return false; return false;
} }
//* Save the record //* Save the record
if ($app->db->query("INSERT INTO `sys_remoteaction` SET `server_id` = ?, `tstamp` = ?, `action_type` = ?, `action_param` = ?, `action_state` = ?", $server_id, $tstamp, $action_type, $primary_id, $action_state)) { if ($app->db->query("INSERT INTO `sys_remoteaction` SET `server_id` = ?, `tstamp` = ?, `action_type` = ?, `action_param` = ?, `action_state` = ?", $server_id, $tstamp, $action_type, $primary_id, $action_state)) {
return true; return true;
...@@ -963,64 +963,64 @@ class remoting_sites extends remoting { ...@@ -963,64 +963,64 @@ class remoting_sites extends remoting {
return false; return false;
} }
} }
//** quota functions ----------------------------------------------------------------------------------- //** quota functions -----------------------------------------------------------------------------------
public function quota_get_by_user($session_id, $client_id) public function quota_get_by_user($session_id, $client_id)
{ {
global $app; global $app;
$app->uses('quota_lib'); $app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'quota_get_by_user')) { if(!$this->checkPerm($session_id, 'quota_get_by_user')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
return $app->quota_lib->get_quota_data($client_id, false); return $app->quota_lib->get_quota_data($client_id, false);
} }
public function trafficquota_get_by_user($session_id, $client_id, $lastdays = 0) public function trafficquota_get_by_user($session_id, $client_id, $lastdays = 0)
{ {
global $app; global $app;
$app->uses('quota_lib'); $app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'trafficquota_get_by_user')) { if(!$this->checkPerm($session_id, 'trafficquota_get_by_user')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
if ($client_id != null) if ($client_id != null)
$client_id = $app->functions->intval($client_id); $client_id = $app->functions->intval($client_id);
return $app->quota_lib->get_trafficquota_data($client_id, $lastdays); return $app->quota_lib->get_trafficquota_data($client_id, $lastdays);
} }
public function ftptrafficquota_data($session_id, $client_id, $lastdays = 0) public function ftptrafficquota_data($session_id, $client_id, $lastdays = 0)
{ {
global $app; global $app;
$app->uses('quota_lib'); $app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'trafficquota_get_by_user')) { if(!$this->checkPerm($session_id, 'trafficquota_get_by_user')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
if ($client_id != null) if ($client_id != null)
$client_id = $app->functions->intval($client_id); $client_id = $app->functions->intval($client_id);
return $app->quota_lib->get_ftptrafficquota_data($client_id, $lastdays); return $app->quota_lib->get_ftptrafficquota_data($client_id, $lastdays);
} }
public function databasequota_get_by_user($session_id, $client_id) public function databasequota_get_by_user($session_id, $client_id)
{ {
global $app; global $app;
$app->uses('quota_lib'); $app->uses('quota_lib');
if(!$this->checkPerm($session_id, 'databasequota_get_by_user')) { if(!$this->checkPerm($session_id, 'databasequota_get_by_user')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false; return false;
} }
return $app->quota_lib->get_databasequota_data($client_id, false); return $app->quota_lib->get_databasequota_data($client_id, false);
} }
// ---------------------------------------------------------------------------------------------------------- // ----------------------------------------------------------------------------------------------------------
//* Get record details //* Get record details
...@@ -1070,8 +1070,8 @@ class remoting_sites extends remoting { ...@@ -1070,8 +1070,8 @@ class remoting_sites extends remoting {
$affected_rows = $this->deleteQuery('../sites/form/webdav_user.tform.php', $primary_id); $affected_rows = $this->deleteQuery('../sites/form/webdav_user.tform.php', $primary_id);
return $affected_rows; return $affected_rows;
} }
} }
?> ?>
interface/lib/classes/simplepie.inc.php
View file @ 3e0cb809
This diff is collapsed.
interface/lib/classes/system.inc.php
View file @ 3e0cb809
This diff is collapsed.
interface/lib/classes/tform_base.inc.php
View file @ 3e0cb809
This diff is collapsed.
interface/lib/lang/ar.lng
View file @ 3e0cb809
This diff is collapsed.
interface/lib/lang/bg.lng
View file @ 3e0cb809
This diff is collapsed.