diff --git a/install/dist/lib/opensuse.lib.php b/install/dist/lib/opensuse.lib.php index 2dfcd70a97e865473f2c77860c1bbd3fa723e522..248cf61fa10f59f31125e511c66fd4da46cd1f0e 100644 --- a/install/dist/lib/opensuse.lib.php +++ b/install/dist/lib/opensuse.lib.php @@ -542,6 +542,10 @@ class installer_dist extends installer_base { replaceLine('/etc/suphp.conf','umask=0077','umask=0022',0); //} + if(!file_exists('/srv/www/cgi-bin/php5') && file_exists('/srv/www/cgi-bin/php')) { + symlink('/srv/www/cgi-bin/php','/srv/www/cgi-bin/php5'); + } + // Sites enabled and available dirs exec('mkdir -p '.$conf['apache']['vhost_conf_enabled_dir']); exec('mkdir -p '.$conf['apache']['vhost_conf_dir']); diff --git a/install/install.php b/install/install.php index 3f86370370236c5df3afbc3d1b4e45bb47b1084a..c9f37944f67cdb3c8007a6ea10a60686d932e954 100644 --- a/install/install.php +++ b/install/install.php @@ -315,7 +315,7 @@ if($install_mode == 'standard') { if($conf['courier']['courier-pop'] != '' && is_executable($conf['init_scripts'].'/'.$conf['courier']['courier-pop'])) system($conf['init_scripts'].'/'.$conf['courier']['courier-pop'].' restart'); if($conf['courier']['courier-pop-ssl'] != '' && is_executable($conf['init_scripts'].'/'.$conf['courier']['courier-pop-ssl'])) system($conf['init_scripts'].'/'.$conf['courier']['courier-pop-ssl'].' restart'); if($conf['dovecot']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['dovecot']['init_script'])) system($conf['init_scripts'].'/'.$conf['dovecot']['init_script'].' restart'); - if($conf['mailman']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['mailman']['init_script'])) system($conf['init_scripts'].'/'.$conf['mailman']['init_script'].' restart'); + if($conf['mailman']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['mailman']['init_script'])) system('nohup '.$conf['init_scripts'].'/'.$conf['mailman']['init_script'].' restart >/dev/null 2>&1 &'); if($conf['apache']['installed'] == true && $conf['apache']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['apache']['init_script'])) system($conf['init_scripts'].'/'.$conf['apache']['init_script'].' restart'); //* Reload is enough for nginx if($conf['nginx']['installed'] == true){ @@ -453,7 +453,7 @@ if($install_mode == 'standard') { if($conf['courier']['courier-pop'] != '' && is_executable($conf['init_scripts'].'/'.$conf['courier']['courier-pop'])) system($conf['init_scripts'].'/'.$conf['courier']['courier-pop'].' restart'); if($conf['courier']['courier-pop-ssl'] != '' && is_executable($conf['init_scripts'].'/'.$conf['courier']['courier-pop-ssl'])) system($conf['init_scripts'].'/'.$conf['courier']['courier-pop-ssl'].' restart'); if($conf['dovecot']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['dovecot']['init_script'])) system($conf['init_scripts'].'/'.$conf['dovecot']['init_script'].' restart'); - if($conf['mailman']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['mailman']['init_script'])) system($conf['init_scripts'].'/'.$conf['mailman']['init_script'].' restart'); + if($conf['mailman']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['mailman']['init_script'])) system('nohup '.$conf['init_scripts'].'/'.$conf['mailman']['init_script'].' restart >/dev/null 2>&1 &'); } //** Configure Jailkit diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php index e105def17b2c3abf73af3261d340ff2c9aa46a57..16b64c3482b55ade82c58a1f1e0ed08a997323ec 100644 --- a/install/lib/installer_base.lib.php +++ b/install/lib/installer_base.lib.php @@ -775,9 +775,22 @@ class installer_base { public function configure_saslauthd() { global $conf; + + //* Get saslsauthd version + exec('saslauthd -v 2>&1',$out); + $parts = explode(' ',$out[0]); + $saslversion = $parts[1]; + unset($parts); + unset($out); - - $configfile = 'sasl_smtpd.conf'; + if(version_compare($saslversion , '2.1.23') > 0) { + //* Configfile for saslauthd versions 2.1.24 and newer + $configfile = 'sasl_smtpd2.conf'; + } else { + //* Configfile for saslauthd versions up to 2.1.23 + $configfile = 'sasl_smtpd.conf'; + } + if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf')) copy($conf['postfix']['config_dir'].'/sasl/smtpd.conf',$conf['postfix']['config_dir'].'/sasl/smtpd.conf~'); if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf~')) chmod($conf['postfix']['config_dir'].'/sasl/smtpd.conf~', 0400); $content = rf('tpl/'.$configfile.'.master'); @@ -1417,7 +1430,7 @@ class installer_base { $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); - $content = str_replace('{mysql_server_ip}',$conf['mysql']['host'],$content); + $content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content); } wf($conf['vlogger']['config_dir'].'/'.$configfile,$content); chmod($conf['vlogger']['config_dir'].'/'.$configfile, 0600); diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql index 91a52125264bc63bf7a725565ba829d0b78e619e..f4e3f28deecb265d18eefa9f5df5e9af041d25bc 100644 --- a/install/sql/ispconfig3.sql +++ b/install/sql/ispconfig3.sql @@ -2065,6 +2065,6 @@ INSERT INTO `sys_user` (`userid`, `sys_userid`, `sys_groupid`, `sys_perm_user`, -- Dumping data for table `sys_config` -- -INSERT INTO sys_config VALUES ('1','db','db_version','3.0.4.4'); +INSERT INTO sys_config VALUES ('1','db','db_version','3.0.4.5'); SET FOREIGN_KEY_CHECKS = 1; \ No newline at end of file diff --git a/install/tpl/apache_ispconfig.conf.master b/install/tpl/apache_ispconfig.conf.master index fe9e54a0c5ff36bc5340d437beb5b55acfcd571e..aaa9e0dd94d372821345b0d88467900eb2710449 100644 --- a/install/tpl/apache_ispconfig.conf.master +++ b/install/tpl/apache_ispconfig.conf.master @@ -5,7 +5,7 @@ ################################################ LogFormat "%v %h %l %u %t \"%r\" %>s %B \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig -CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" -d \"/etc/vlogger-dbi.conf\" /var/log/ispconfig/httpd" combined_ispconfig +CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig AllowOverride None diff --git a/install/tpl/config.inc.php.master b/install/tpl/config.inc.php.master index 7fa30bfe6107519203853a49429aca570d932d8f..cc6933f7705086915146de0460b46adb91338593 100644 --- a/install/tpl/config.inc.php.master +++ b/install/tpl/config.inc.php.master @@ -56,7 +56,7 @@ $revision = str_replace(array('Revision:','$',' '), '', $svn_revision); //** Application define('ISPC_APP_TITLE', 'ISPConfig'); -define('ISPC_APP_VERSION', '3.0.4.4'); +define('ISPC_APP_VERSION', '3.0.4.5'); define('DEVSYSTEM', 0); diff --git a/install/tpl/sasl_smtpd2.conf.master b/install/tpl/sasl_smtpd2.conf.master new file mode 100644 index 0000000000000000000000000000000000000000..f24b998d883dbe4054336e0c1cd4bdceef354efc --- /dev/null +++ b/install/tpl/sasl_smtpd2.conf.master @@ -0,0 +1,10 @@ +pwcheck_method: saslauthd +mech_list: plain login +allow_plaintext: true +auxprop_plugin: sql +sql_engine: mysql +sql_hostnames: {mysql_server_ip} +sql_user: {mysql_server_ispconfig_user} +sql_passwd: {mysql_server_ispconfig_password} +sql_database: {mysql_server_database} +sql_select: select password from mail_user where login = '%u@%r' and postfix = 'y' diff --git a/install/tpl/server.ini.master b/install/tpl/server.ini.master index ac4d1a069653ee032fc5b75375ab08195c7d44f0..008cfc9f50fb8bf4592db709fb087ef378070022 100644 --- a/install/tpl/server.ini.master +++ b/install/tpl/server.ini.master @@ -54,7 +54,7 @@ nginx_group=www-data apps_vhost_port=8081 apps_vhost_ip=_default_ apps_vhost_servername= -php_open_basedir=[website_path]/web:[website_path]/tmp:/var/www/[website_domain]/web:/srv/www/[website_domain]/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin +php_open_basedir=[website_path]/web:[website_path]/tmp:/var/www/[website_domain]/web:/srv/www/[website_domain]/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/usr/share/php htaccess_allow_override=All awstats_conf_dir=/etc/awstats awstats_data_dir=/var/lib/awstats diff --git a/install/update.php b/install/update.php index 32b1ae5e3d9fdc55837ea7fa1170430ef7784633..aa750adf5d3e0e8ffe59c7da085ba9fc85f515c3 100644 --- a/install/update.php +++ b/install/update.php @@ -402,7 +402,7 @@ if($reconfigure_services_answer == 'yes') { if($conf['courier']['courier-pop'] != '' && is_executable($conf['init_scripts'].'/'.$conf['courier']['courier-pop'])) system($conf['init_scripts'].'/'.$conf['courier']['courier-pop'].' restart'); if($conf['courier']['courier-pop-ssl'] != '' && is_executable($conf['init_scripts'].'/'.$conf['courier']['courier-pop-ssl'])) system($conf['init_scripts'].'/'.$conf['courier']['courier-pop-ssl'].' restart'); if($conf['dovecot']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['dovecot']['init_script'])) system($conf['init_scripts'].'/'.$conf['dovecot']['init_script'].' restart'); - if($conf['mailman']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['mailman']['init_script'])) system($conf['init_scripts'].'/'.$conf['mailman']['init_script'].' restart'); + if($conf['mailman']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['mailman']['init_script'])) system('nohup '.$conf['init_scripts'].'/'.$conf['mailman']['init_script'].' restart >/dev/null 2>&1 &'); } if($conf['services']['web']) { if($conf['webserver']['server_type'] == 'apache' && $conf['apache']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['apache']['init_script'])) system($conf['init_scripts'].'/'.$conf['apache']['init_script'].' restart'); diff --git a/interface/lib/classes/functions.inc.php b/interface/lib/classes/functions.inc.php index dc216081698e5ec23f47eeb62400b0b143721220..0f29003cf8e43c19ab07de5dbed63fa915fb10cf 100644 --- a/interface/lib/classes/functions.inc.php +++ b/interface/lib/classes/functions.inc.php @@ -101,7 +101,7 @@ class functions { } public function get_ispconfig_url() { - $url = (stristr($_SERVER['SERVER_PROTOCOL'],'HTTPS'))?'https':'http'; + $url = (stristr($_SERVER['SERVER_PROTOCOL'],'HTTPS') || stristr($_SERVER['HTTPS'],'on'))?'https':'http'; $url .= '://'.$_SERVER['SERVER_NAME']; if($_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443) { $url .= ':'.$_SERVER['SERVER_PORT']; diff --git a/interface/lib/classes/listform.inc.php b/interface/lib/classes/listform.inc.php index 4d836f35ca157e07ab4fccd39e193efb34bf06a5..96c39f11d8c93965ef15521e3e439131ff78c825 100644 --- a/interface/lib/classes/listform.inc.php +++ b/interface/lib/classes/listform.inc.php @@ -195,13 +195,13 @@ class listform { //* Add Global Limit from selectbox if(!empty($_POST['search_limit']) AND intval($_POST['search_limit'])){ - $_SESSION['search']['limit'] = $_POST['search_limit']; - } + $_SESSION['search']['limit'] = intval($_POST['search_limit']); + } //* Get Config variables $list_name = $this->listDef['name']; $search_prefix = $this->listDef['search_prefix']; - $records_per_page = (empty($_SESSION['search']['limit']) ? $this->listDef['records_per_page'] : $_SESSION['search']['limit']) ; + $records_per_page = (empty($_SESSION['search']['limit']) ? intval($this->listDef['records_per_page']) : intval($_SESSION['search']['limit'])) ; $table = $this->listDef['table']; //* set PAGE to zero, if in session not set diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php index ca1e001344518429421b0170604fe5c7d3ed5329..743b763ab5520f0f3ca9db92b201bd6fbd6aa693 100644 --- a/interface/lib/classes/remoting.inc.php +++ b/interface/lib/classes/remoting.inc.php @@ -2462,6 +2462,7 @@ class remoting { //* Get the SQL query $sql = $app->remoting_lib->getSQL($params,'UPDATE',$primary_id); + // $this->server->fault('debug', $sql); if($app->remoting_lib->errorMessage != '') { $this->server->fault('data_processing_error', $app->remoting_lib->errorMessage); return false; diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php index 9e195486ea5c408a48b23d533e1871aa6b954c44..7a706321eac445a94d609cdde5a8f5d467d6073a 100644 --- a/interface/lib/classes/remoting_lib.inc.php +++ b/interface/lib/classes/remoting_lib.inc.php @@ -630,17 +630,19 @@ class remoting_lib { $sql_insert_val .= "'".$record[$key]."', "; } } else { + if($field['formtype'] == 'PASSWORD') { - if($field['encryption'] == 'CRYPT') { + if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') { $record[$key] = $app->auth->crypt_password(stripslashes($record[$key])); - } elseif ($field['encryption'] == 'MYSQL') { - $sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), "; - } elseif ($field['encryption'] == 'CLEARTEXT') { - $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; + $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; + } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') { + $sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), "; + } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') { + $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } else { - $record[$key] = md5($record[$key]); + $record[$key] = md5(stripslashes($record[$key])); + $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } - $sql_update .= "`$key` = '".$record[$key]."', "; } elseif ($field['formtype'] == 'CHECKBOX') { if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php index b469e2e0276c7c3f214061a7dd2236d48e747642..dde9052a9eb5fa67cfece488d22580844c0ad352 100644 --- a/interface/lib/classes/tform.inc.php +++ b/interface/lib/classes/tform.inc.php @@ -918,7 +918,7 @@ class tform { $this->action = $action; $this->primary_id = $primary_id; - $record = $this->encode($record,$tab); + $record = $this->encode($record,$tab,true); $sql_insert_key = ''; $sql_insert_val = ''; $sql_update = ''; @@ -1041,7 +1041,7 @@ class tform { //* return a empty string if there is nothing to update if(trim($sql_update) == '') $sql = ''; } - + return $sql; } diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php index 121bca60102178714f09df50ea242ea867a3e19e..ef9603b5ff081bb5a903d6af28ff39c1c44b66e3 100644 --- a/interface/web/admin/form/system_config.tform.php +++ b/interface/web/admin/form/system_config.tform.php @@ -128,7 +128,7 @@ $form["tabs"]['sites'] = array ( 'datatype' => 'VARCHAR', 'formtype' => 'TEXT', 'validators' => array ( 0 => array ( 'type' => 'REGEX', - 'regex' => '/^[0-9a-zA-Z\:\/\-\.]{0,255}$/', + 'regex' => '/^[0-9a-zA-Z\:\/\-\.\[\]]{0,255}$/', 'errmsg'=> 'phpmyadmin_url_error_regex'), ), 'default' => '', diff --git a/interface/web/sites/lib/lang/ar_ftp_user.lng b/interface/web/sites/lib/lang/ar_ftp_user.lng index f0f2a6e64729ac0562e555486ce57bdd9de25b42..08a751919035b119a267e951a2c94f4a585716cf 100644 --- a/interface/web/sites/lib/lang/ar_ftp_user.lng +++ b/interface/web/sites/lib/lang/ar_ftp_user.lng @@ -1,30 +1,30 @@ 0'; -$wb['dir_dot_error'] = 'No .. in path allowed.'; -$wb['dir_slashdot_error'] = 'No ./ in path allowed.'; +$wb['uid_txt'] = "UID"; +$wb['gid_txt'] = "GID"; +$wb['dir_txt'] = "Directory"; +$wb['quota_files_txt'] = "Filequota"; +$wb['quota_files_unity_txt'] = "Files"; +$wb['ul_ratio_txt'] = "Uploadratio"; +$wb['dl_ratio_txt'] = "Downloadratio"; +$wb['ul_bandwidth_txt'] = "Uploadbandwidth"; +$wb['dl_bandwidth_txt'] = "Downloadbandwidth"; +$wb['server_id_txt'] = "Server"; +$wb['parent_domain_id_txt'] = "Website"; +$wb['username_txt'] = "Username"; +$wb['password_txt'] = "Password"; +$wb['password_strength_txt'] = "Password strength"; +$wb['quota_size_txt'] = "Harddisk-Quota"; +$wb['active_txt'] = "Active"; +$wb['limit_ftp_user_txt'] = "The max. number of FTP users for your account is reached."; +$wb['username_error_empty'] = "Username is empty."; +$wb['username_error_unique'] = "The username must be unique."; +$wb['username_error_regex'] = "The username contains characters that are not allowed."; +$wb['quota_size_error_empty'] = "Quota is empty."; +$wb['uid_error_empty'] = "GID empty."; +$wb['directory_error_empty'] = "Directory empty."; +$wb['directory_error_notinweb'] = "Directory not inside of web root directory."; +$wb['parent_domain_id_error_empty'] = "No website selected."; +$wb['quota_size_error_regex'] = "Quota: enter a -1 for unlimited or a number > 0"; +$wb['dir_dot_error'] = "No .. in path allowed."; +$wb['dir_slashdot_error'] = "No ./ in path allowed."; ?> diff --git a/interface/web/sites/lib/lang/ar_shell_user.lng b/interface/web/sites/lib/lang/ar_shell_user.lng index 825de799b245379e43a1b83476dddbce48b92826..0546262167ff3a86cbccb031791a7b010fb6c733 100644 --- a/interface/web/sites/lib/lang/ar_shell_user.lng +++ b/interface/web/sites/lib/lang/ar_shell_user.lng @@ -1,25 +1,25 @@ diff --git a/interface/web/sites/lib/lang/ar_webdav_user.lng b/interface/web/sites/lib/lang/ar_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/ar_webdav_user.lng +++ b/interface/web/sites/lib/lang/ar_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/bg_webdav_user.lng b/interface/web/sites/lib/lang/bg_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/bg_webdav_user.lng +++ b/interface/web/sites/lib/lang/bg_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/br_webdav_user.lng b/interface/web/sites/lib/lang/br_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/br_webdav_user.lng +++ b/interface/web/sites/lib/lang/br_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/cz_webdav_user.lng b/interface/web/sites/lib/lang/cz_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/cz_webdav_user.lng +++ b/interface/web/sites/lib/lang/cz_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/en_shell_user.lng b/interface/web/sites/lib/lang/en_shell_user.lng index 296019a7da7eca56d151de19afe249af04daa791..ef0aba0afb42b88bc92e8834848853adf97a9131 100644 --- a/interface/web/sites/lib/lang/en_shell_user.lng +++ b/interface/web/sites/lib/lang/en_shell_user.lng @@ -1,28 +1,27 @@ diff --git a/interface/web/sites/lib/lang/fi_webdav_user.lng b/interface/web/sites/lib/lang/fi_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/fi_webdav_user.lng +++ b/interface/web/sites/lib/lang/fi_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/hu_webdav_user.lng b/interface/web/sites/lib/lang/hu_webdav_user.lng index f1538a1f7a13353af7ef0c7f68f47f62f4ea737a..218f9c7e6aee18356269fda71c51e1c850f40806 100644 --- a/interface/web/sites/lib/lang/hu_webdav_user.lng +++ b/interface/web/sites/lib/lang/hu_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/it_ftp_user.lng b/interface/web/sites/lib/lang/it_ftp_user.lng index 9ef19c7176ef696f58f43dac829fa101c4efb231..97036eafe8d5f546325ca881bd4be4f67f127084 100644 --- a/interface/web/sites/lib/lang/it_ftp_user.lng +++ b/interface/web/sites/lib/lang/it_ftp_user.lng @@ -1,30 +1,30 @@ 0'; -$wb['dir_dot_error'] = 'No .. in path allowed.'; -$wb['dir_slashdot_error'] = 'No ./ in path allowed.'; +$wb['uid_txt'] = "UID"; +$wb['gid_txt'] = "GID"; +$wb['dir_txt'] = "Cartella"; +$wb['quota_files_txt'] = "Filequota"; +$wb['ul_ratio_txt'] = "Uploadratio"; +$wb['dl_ratio_txt'] = "Downloadratio"; +$wb['ul_bandwidth_txt'] = "Banda Upload"; +$wb['dl_bandwidth_txt'] = "Banda Download"; +$wb['server_id_txt'] = "Server"; +$wb['parent_domain_id_txt'] = "Sito"; +$wb['username_txt'] = "Username"; +$wb['password_txt'] = "Password"; +$wb['password_strength_txt'] = "Password strength"; +$wb['quota_size_txt'] = "Harddisk-Quota"; +$wb['active_txt'] = "Attivo"; +$wb['limit_ftp_user_txt'] = "The max. number of FTP users for your account is reached."; +$wb['username_error_empty'] = "Username is empty."; +$wb['username_error_unique'] = "The username must be unique."; +$wb['username_error_regex'] = "The username contains characters that are not allowed."; +$wb['quota_size_error_empty'] = "Quota is empty."; +$wb['uid_error_empty'] = "GID empty."; +$wb['directory_error_empty'] = "Directory empty."; +$wb['quota_files_unity_txt'] = "Files"; +$wb['directory_error_notinweb'] = "Directory not inside of web root directory."; +$wb['parent_domain_id_error_empty'] = "No website selected."; +$wb['quota_size_error_regex'] = "Quota: enter a -1 for unlimited or a number > 0"; +$wb['dir_dot_error'] = "No .. in path allowed."; +$wb['dir_slashdot_error'] = "No ./ in path allowed."; ?> diff --git a/interface/web/sites/lib/lang/it_shell_user.lng b/interface/web/sites/lib/lang/it_shell_user.lng index 825de799b245379e43a1b83476dddbce48b92826..0546262167ff3a86cbccb031791a7b010fb6c733 100644 --- a/interface/web/sites/lib/lang/it_shell_user.lng +++ b/interface/web/sites/lib/lang/it_shell_user.lng @@ -1,25 +1,25 @@ diff --git a/interface/web/sites/lib/lang/it_webdav_user.lng b/interface/web/sites/lib/lang/it_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/it_webdav_user.lng +++ b/interface/web/sites/lib/lang/it_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/ja_webdav_user.lng b/interface/web/sites/lib/lang/ja_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/ja_webdav_user.lng +++ b/interface/web/sites/lib/lang/ja_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/pt_webdav_user.lng b/interface/web/sites/lib/lang/pt_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/pt_webdav_user.lng +++ b/interface/web/sites/lib/lang/pt_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/ro_webdav_user.lng b/interface/web/sites/lib/lang/ro_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/ro_webdav_user.lng +++ b/interface/web/sites/lib/lang/ro_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/ru_webdav_user.lng b/interface/web/sites/lib/lang/ru_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/ru_webdav_user.lng +++ b/interface/web/sites/lib/lang/ru_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/se_ftp_user.lng b/interface/web/sites/lib/lang/se_ftp_user.lng index 2d5639851601709256fa70ccd800dfddd5019b69..fb183e8df4e227c33970846c7ae2c83342fa2498 100644 --- a/interface/web/sites/lib/lang/se_ftp_user.lng +++ b/interface/web/sites/lib/lang/se_ftp_user.lng @@ -1,30 +1,30 @@ 0'; -$wb['dir_dot_error'] = 'No .. in path allowed.'; -$wb['dir_slashdot_error'] = 'No ./ in path allowed.'; +$wb['uid_txt'] = "UID"; +$wb['gid_txt'] = "GID"; +$wb['dir_txt'] = "Directory"; +$wb['quota_files_txt'] = "Filequota"; +$wb['ul_ratio_txt'] = "Uploadratio"; +$wb['dl_ratio_txt'] = "Downloadratio"; +$wb['ul_bandwidth_txt'] = "Uploadbandwidth"; +$wb['dl_bandwidth_txt'] = "Downloadbandwidth"; +$wb['server_id_txt'] = "Server"; +$wb['parent_domain_id_txt'] = "Website"; +$wb['username_txt'] = "Username"; +$wb['password_txt'] = "Password"; +$wb['password_strength_txt'] = "Password strength"; +$wb['quota_size_txt'] = "Harddisk-Quota"; +$wb['active_txt'] = "Active"; +$wb['limit_ftp_user_txt'] = "The max. number of FTP users for your account is reached."; +$wb['username_error_empty'] = "Username is empty."; +$wb['username_error_unique'] = "The username must be unique."; +$wb['username_error_regex'] = "The username contains characters that are not allowed."; +$wb['quota_size_error_empty'] = "Quota is empty."; +$wb['uid_error_empty'] = "GID empty."; +$wb['directory_error_empty'] = "Directory empty."; +$wb['quota_files_unity_txt'] = "Files"; +$wb['directory_error_notinweb'] = "Directory not inside of web root directory."; +$wb['parent_domain_id_error_empty'] = "No website selected."; +$wb['quota_size_error_regex'] = "Quota: enter a -1 for unlimited or a number > 0"; +$wb['dir_dot_error'] = "No .. in path allowed."; +$wb['dir_slashdot_error'] = "No ./ in path allowed."; ?> diff --git a/interface/web/sites/lib/lang/se_shell_user.lng b/interface/web/sites/lib/lang/se_shell_user.lng index 825de799b245379e43a1b83476dddbce48b92826..0546262167ff3a86cbccb031791a7b010fb6c733 100644 --- a/interface/web/sites/lib/lang/se_shell_user.lng +++ b/interface/web/sites/lib/lang/se_shell_user.lng @@ -1,25 +1,25 @@ diff --git a/interface/web/sites/lib/lang/se_webdav_user.lng b/interface/web/sites/lib/lang/se_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/se_webdav_user.lng +++ b/interface/web/sites/lib/lang/se_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/sk_webdav_user.lng b/interface/web/sites/lib/lang/sk_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/sk_webdav_user.lng +++ b/interface/web/sites/lib/lang/sk_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/lib/lang/tr_webdav_user.lng b/interface/web/sites/lib/lang/tr_webdav_user.lng index 137c388b1dafd72d9b025ab8dcf448d524c1b47f..fab407a7550acbfe8361af94be92dedfc55d09b1 100644 --- a/interface/web/sites/lib/lang/tr_webdav_user.lng +++ b/interface/web/sites/lib/lang/tr_webdav_user.lng @@ -1,17 +1,17 @@ diff --git a/interface/web/sites/tools.inc.php b/interface/web/sites/tools.inc.php index a4314f0b7d34ce9e40584962bbf1024c83e1e816..262e2789737eaaf9958b0f400404932c334b29b8 100644 --- a/interface/web/sites/tools.inc.php +++ b/interface/web/sites/tools.inc.php @@ -55,8 +55,8 @@ function replacePrefix($name, $dataRecord) { function getClientName($dataRecord) { global $app, $conf; - if($_SESSION["s"]["user"]["typ"] != 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { - // Get the group-id of the user + if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) { + // Get the group-id of the user if the logged in user is neither admin nor reseller $client_group_id = $_SESSION["s"]["user"]["default_group"]; } else { // Get the group-id from the data itself @@ -83,7 +83,7 @@ function getClientName($dataRecord) { function getClientID($dataRecord) { global $app, $conf; - if($_SESSION["s"]["user"]["typ"] != 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { + if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) { // Get the group-id of the user $client_group_id = $_SESSION["s"]["user"]["default_group"]; } else { diff --git a/interface/web/tools/resync.php b/interface/web/tools/resync.php index 86ba27dfa98eb1ddc28d3d426ebfd83a983e0f78..5f6bd885aa96afd14c8d75187af2e659f482f2cb 100644 --- a/interface/web/tools/resync.php +++ b/interface/web/tools/resync.php @@ -118,11 +118,25 @@ if(isset($_POST['resync_db']) && $_POST['resync_db'] == 1) { } } +//* Resyncing Mailbox Domains +if(isset($_POST['resync_mailbox']) && $_POST['resync_mailbox'] == 1) { + $db_table = 'mail_domain'; + $index_field = 'domain_id'; + $sql = "SELECT * FROM ".$db_table." WHERE active = 'y'"; + $records = $app->db->queryAllRecords($sql); + if(is_array($records)) { + foreach($records as $rec) { + $app->db->datalogUpdate($db_table, $rec, $index_field, $rec[$index_field], true); + $msg .= "Resynced Mail Domain: ".$rec['domain'].'
'; + } + } +} + //* Resyncing Mailboxes if(isset($_POST['resync_mailbox']) && $_POST['resync_mailbox'] == 1) { $db_table = 'mail_user'; $index_field = 'mailuser_id'; - $sql = "SELECT * FROM ".$db_table." WHERE active = 'y'"; + $sql = "SELECT * FROM ".$db_table; $records = $app->db->queryAllRecords($sql); if(is_array($records)) { foreach($records as $rec) { @@ -132,7 +146,6 @@ if(isset($_POST['resync_mailbox']) && $_POST['resync_mailbox'] == 1) { } } - //* Resyncing dns zones if(isset($_POST['resync_dns']) && $_POST['resync_dns'] == 1) { $zones = $app->db->queryAllRecords("SELECT id,origin,serial FROM dns_soa WHERE active = 'Y'"); diff --git a/interface/web/vm/ajax_get_ip.php b/interface/web/vm/ajax_get_ip.php new file mode 100644 index 0000000000000000000000000000000000000000..b6963ade9be5f36fefc0ab02b863dffb5b58dc89 --- /dev/null +++ b/interface/web/vm/ajax_get_ip.php @@ -0,0 +1,55 @@ +auth->check_module_permissions('vm'); + +$server_id = intval($_GET["server_id"]); + +if($_SESSION["s"]["user"]["typ"] == 'admin' or $app->auth->has_clients($_SESSION['s']['user']['userid'])) { + + $sql = "SELECT ip_address FROM openvz_ip WHERE reserved = 'n' AND server_id = $server_id"; + $ips = $app->db->queryAllRecords($sql); + $ip_select = ""; + if(is_array($ips)) { + foreach( $ips as $ip) { + //$selected = ($ip["ip_address"] == $this->dataRecord["ip_address"])?'SELECTED':''; + $ip_select .= "$ip[ip_address]#"; + } + } + unset($tmp); + unset($ips); +} +$ip_select = substr($ip_select,0,-1); +echo $ip_select; +?> \ No newline at end of file diff --git a/interface/web/vm/form/openvz_vm.tform.php b/interface/web/vm/form/openvz_vm.tform.php index ac7e8ef06887362914132a944682c78fe2aea079..229d9df63d098564adc3ef7489e5e280404e8b81 100644 --- a/interface/web/vm/form/openvz_vm.tform.php +++ b/interface/web/vm/form/openvz_vm.tform.php @@ -105,13 +105,14 @@ $form["tabs"]['main'] = array ( 'errmsg'=> 'ip_address_error_empty'), ), 'default' => '', + /* 'datasource' => array ( 'type' => 'SQL', 'querystring' => "SELECT ip_address FROM openvz_ip WHERE reserved = 'n' AND (vm_id = 0 or vm_id = '{RECORDID}') ORDER BY ip_address", 'keyfield'=> 'ip_address', 'valuefield'=> 'ip_address' ), - 'value' => '', - 'searchable' => 2 + */ + 'value' => '' ), 'hostname' => array ( 'datatype' => 'VARCHAR', diff --git a/interface/web/vm/openvz_vm_edit.php b/interface/web/vm/openvz_vm_edit.php index 118d5d4a00ed5761a9668f2754eaee775c1bf27f..de2f51f521f4208930e0159054f1f2ce436a14a9 100644 --- a/interface/web/vm/openvz_vm_edit.php +++ b/interface/web/vm/openvz_vm_edit.php @@ -158,6 +158,27 @@ class page_action extends tform_actions { } + //* Fill the IPv4 select field with the IP addresses that are allowed for this client + //$sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$client['default_webserver']." AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")"; + if(isset($this->dataRecord["server_id"])) { + $vm_server_id = intval($this->dataRecord["server_id"]); + } else { + $tmp = $app->db->queryOneRecord('SELECT server_id FROM server WHERE vserver_server = 1 AND mirror_server_id = 0 ORDER BY server_name LIMIT 0,1'); + $vm_server_id = $tmp['server_id']; + } + $sql = "SELECT ip_address FROM openvz_ip WHERE reserved = 'n' AND (vm_id = 0 or vm_id = '".$this->id."') AND server_id = ".$vm_server_id." ORDER BY ip_address"; + $ips = $app->db->queryAllRecords($sql); + $ip_select = ""; + if(is_array($ips)) { + foreach( $ips as $ip) { + $selected = ($ip["ip_address"] == $this->dataRecord["ip_address"])?'SELECTED':''; + $ip_select .= "\r\n"; + } + } + $app->tpl->setVar("ip_address",$ip_select); + unset($tmp); + unset($ips); + if($this->id > 0) { //* we are editing a existing record $app->tpl->setVar("edit_disabled", 1); diff --git a/interface/web/vm/templates/openvz_vm_edit.htm b/interface/web/vm/templates/openvz_vm_edit.htm index c6615709c5bd1714786a74ea218f7b4afbb2217d..9ffea3e9adf5001ed51eb2431bc9a0d0abc8ef18 100644 --- a/interface/web/vm/templates/openvz_vm_edit.htm +++ b/interface/web/vm/templates/openvz_vm_edit.htm @@ -15,7 +15,7 @@ - {tmpl_var name='server_id'} diff --git a/server/conf/apache_ispconfig.conf.master b/server/conf/apache_ispconfig.conf.master index 1c0d367ce43e3e6700428ec772e0a29786415137..b6ac8c3c28e4c8ce2027ee1275a4b90a6c9ce1b1 100644 --- a/server/conf/apache_ispconfig.conf.master +++ b/server/conf/apache_ispconfig.conf.master @@ -4,7 +4,7 @@ ################################################ LogFormat "%v %h %l %u %t \"%r\" %>s %B \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig -CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" -d \"/etc/vlogger-dbi.conf\" /var/log/ispconfig/httpd" combined_ispconfig +CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig AllowOverride None diff --git a/server/conf/sieve_filter.master b/server/conf/sieve_filter.master index 33ddc37c40eb24d8c1ac91974c0112ba70a4e77f..09d7fa943109725d4cb42b80a09ba206c6321f50 100644 --- a/server/conf/sieve_filter.master +++ b/server/conf/sieve_filter.master @@ -32,5 +32,6 @@ if header :contains "X-Spam-Flag" "YES" { vacation :days 1 :subject "Out of office reply" # :addresses ["test@test.int", "till@test.int"] + ""; \ No newline at end of file diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master index d65ea852143bb43a78841debcbe9d2649e8ffef8..4300660693c480c2bff112d661e179fddfcab225 100644 --- a/server/conf/vhost.conf.master +++ b/server/conf/vhost.conf.master @@ -240,6 +240,7 @@ RewriteCond %{HTTP_HOST} $ [NC] + RewriteCond %{REQUEST_URI} !^/webdav/ RewriteRule ^/(.*)$ $1 diff --git a/server/cron_daily.php b/server/cron_daily.php index c6a9e00b05916d1c613bba52da866724e3bf19f5..d02daf8b682144c0bbbbcaa5bfe5d8a7ef331412 100644 --- a/server/cron_daily.php +++ b/server/cron_daily.php @@ -260,14 +260,46 @@ HostAliases="www.'.$domain.' localhost 127.0.0.1'.$aliasdomain.'"'; exec('chmod +r /var/log/ispconfig/httpd/*'); ####################################################################################################### -// Manage and compress web logfiles +// Manage and compress web logfiles and create traffic statistics ####################################################################################################### $sql = "SELECT domain_id, domain, document_root FROM web_domain WHERE server_id = ".$conf['server_id']; $records = $app->db->queryAllRecords($sql); foreach($records as $rec) { - $yesterday = date('Ymd',time() - 86400*2); - $logfile = escapeshellcmd($rec['document_root'].'/log/'.$yesterday.'-access.log'); + + //* create traffic statistics based on yesterdays access log file + $yesterday = date('Ymd',time() - 86400); + $logfile = $rec['document_root'].'/log/'.$yesterday.'-access.log'; + $total_bytes = 0; + + $handle = @fopen($logfile, "r"); + if ($handle) { + while (($line = fgets($handle, 4096)) !== false) { + if (preg_match('/^\S+ \S+ \S+ \[.*?\] "\S+.*?" \d+ (\d+) ".*?" ".*?"/', $line, $m)) { + $total_bytes += intval($m[1]); + } + } + + //* Insert / update traffic in master database + $traffic_date = date('Y-m-d',time() - 86400); + $tmp = $app->dbmaster->queryOneRecord("select hostname from web_traffic where hostname='".$rec['domain']."' and traffic_date='".$traffic_date."'"); + if(is_array($tmp) && count($tmp) > 0) { + $sql = "update web_traffic set traffic_bytes=traffic_bytes+" + . $total_bytes + . " where hostname='" . $rec['domain'] + . "' and traffic_date='" . $traffic_date . "'"; + } else { + $sql = "insert into web_traffic (hostname, traffic_date, traffic_bytes) values ('".$rec['domain']."', '".$traffic_date."', '".$total_bytes."')"; + } + $app->dbmaster->query($sql); + + fclose($handle); + } + + $yesterday2 = date('Ymd',time() - 86400*2); + $logfile = escapeshellcmd($rec['document_root'].'/log/'.$yesterday2.'-access.log'); + + //* Compress logfile if(@is_file($logfile)) { // Compress yesterdays logfile exec("gzip -c $logfile > $logfile.gz"); diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php index bb9e245f7f4eab06b5b1ce2b43b9b06206aa2bac..a6157ada8e9e094d79c4da50cb1bc03f1ee844eb 100644 --- a/server/plugins-available/apache2_plugin.inc.php +++ b/server/plugins-available/apache2_plugin.inc.php @@ -85,6 +85,8 @@ class apache2_plugin { $app->plugins->registerEvent('web_folder_update',$this->plugin_name,'web_folder_update'); $app->plugins->registerEvent('web_folder_delete',$this->plugin_name,'web_folder_delete'); + $app->plugins->registerEvent('ftp_user_delete',$this->plugin_name,'ftp_user_delete'); + } // Handle the creation of SSL certificates @@ -642,9 +644,10 @@ class apache2_plugin { * website root has to be owned by the root user and we have to chmod it to 755 then */ - //* Check if there is a jailkit user for this site + //* Check if there is a jailkit user or cronjob for this site $tmp = $app->db->queryOneRecord('SELECT count(shell_user_id) as number FROM shell_user WHERE parent_domain_id = '.$data['new']['domain_id']." AND chroot = 'jailkit'"); - if($tmp['number'] > 0) { + $tmp2 = $app->db->queryOneRecord('SELECT count(id) as number FROM cron WHERE parent_domain_id = '.$data['new']['domain_id']." AND `type` = 'chrooted'"); + if($tmp['number'] > 0 || $tmp2['number'] > 0) { $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'])); $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root'])); } @@ -676,9 +679,15 @@ class apache2_plugin { $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/log/error.log'); - //* Write the custom php.ini file, if custom_php_ini filed is not empty + //* Write the custom php.ini file, if custom_php_ini fieled is not empty $custom_php_ini_dir = $web_config['website_basedir'].'/conf/'.$data['new']['system_user']; if(!is_dir($web_config['website_basedir'].'/conf')) mkdir($web_config['website_basedir'].'/conf'); + + //* add open_basedir restriction to custom php.ini content, required for suphp only + if(!stristr($data['new']['custom_php_ini'],'open_basedir') && $data['new']['php'] == 'suphp') { + $data['new']['custom_php_ini'] .= "\nopen_basedir = '".$data['new']['php_open_basedir']."'\n"; + } + //* Create custom php.ini if(trim($data['new']['custom_php_ini']) != '') { $has_custom_php_ini = true; if(!is_dir($custom_php_ini_dir)) mkdir($custom_php_ini_dir); @@ -1644,6 +1653,16 @@ class apache2_plugin { } + + public function ftp_user_delete($event_name,$data) { + global $app, $conf; + + $ftpquota_file = $data['old']['dir'].'/.ftpquota'; + if(file_exists($ftpquota_file)) unlink($ftpquota_file); + + } + + /** * This function is called when a Webdav-User is inserted, updated or deleted. diff --git a/server/plugins-available/mail_plugin.inc.php b/server/plugins-available/mail_plugin.inc.php index 4c6912f3fd9fcb37de87714c747b6567149ebd09..0437d6aa39249c15c1369bf6a465b8df65bc1fd4 100644 --- a/server/plugins-available/mail_plugin.inc.php +++ b/server/plugins-available/mail_plugin.inc.php @@ -312,8 +312,12 @@ class mail_plugin { function user_delete($event_name,$data) { global $app, $conf; + // get the config + $app->uses("getconf"); + $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail'); + $old_maildir_path = escapeshellcmd($data['old']['maildir']); - if(!stristr($old_maildir_path,'..') && !stristr($old_maildir_path,'*') && strlen($old_maildir_path) >= 10) { + if($old_maildir_path != $mail_config['homedir_path'] && strlen($old_maildir_path) > strlen($mail_config['homedir_path']) && !stristr($old_maildir_path,'..') && !stristr($old_maildir_path,'*') && strlen($old_maildir_path) >= 10) { exec('rm -rf '.escapeshellcmd($old_maildir_path)); $app->log('Deleted the Maildir: '.$data['old']['maildir'],LOGLEVEL_DEBUG); } else { @@ -330,7 +334,7 @@ class mail_plugin { //* Delete maildomain path $old_maildomain_path = escapeshellcmd($mail_config['homedir_path'].'/'.$data['old']['domain']); - if(!stristr($old_maildomain_path,'//') && !stristr($old_maildomain_path,'..') && !stristr($old_maildomain_path,'*') && !stristr($old_maildomain_path,'&') && strlen($old_maildomain_path) >= 10) { + if($old_maildomain_path != $mail_config['homedir_path'] && !stristr($old_maildomain_path,'//') && !stristr($old_maildomain_path,'..') && !stristr($old_maildomain_path,'*') && !stristr($old_maildomain_path,'&') && strlen($old_maildomain_path) >= 10) { exec('rm -rf '.escapeshellcmd($old_maildomain_path)); $app->log('Deleted the mail domain directory: '.$old_maildomain_path,LOGLEVEL_DEBUG); } else { @@ -339,7 +343,7 @@ class mail_plugin { //* Delete mailfilter path $old_maildomain_path = escapeshellcmd($mail_config['homedir_path'].'/mailfilters/'.$data['old']['domain']); - if(!stristr($old_maildomain_path,'//') && !stristr($old_maildomain_path,'..') && !stristr($old_maildomain_path,'*') && !stristr($old_maildomain_path,'&') && strlen($old_maildomain_path) >= 10) { + if($old_maildomain_path != $mail_config['homedir_path'].'/mailfilters/' && !stristr($old_maildomain_path,'//') && !stristr($old_maildomain_path,'..') && !stristr($old_maildomain_path,'*') && !stristr($old_maildomain_path,'&') && strlen($old_maildomain_path) >= 10) { exec('rm -rf '.escapeshellcmd($old_maildomain_path)); $app->log('Deleted the mail domain mailfilter directory: '.$old_maildomain_path,LOGLEVEL_DEBUG); } else { diff --git a/server/plugins-available/mailman_plugin.inc.php b/server/plugins-available/mailman_plugin.inc.php index 5a4593a135f73898c29b7f19b935c691b71e166b..7e6eaf258973a1621b64fe2bccdc5bee6ad2bca8 100644 --- a/server/plugins-available/mailman_plugin.inc.php +++ b/server/plugins-available/mailman_plugin.inc.php @@ -73,9 +73,9 @@ class mailman_plugin { $this->update_config(); - exec("/usr/lib/mailman/bin/newlist -u ".escapeshellcmd($data["new"]["domain"])." -e ".escapeshellcmd($data["new"]["domain"])." ".escapeshellcmd($data["new"]["listname"])." ".escapeshellcmd($data["new"]["email"])." ".escapeshellcmd($data["new"]["password"]).""); + exec("nohup /usr/lib/mailman/bin/newlist -u ".escapeshellcmd($data["new"]["domain"])." -e ".escapeshellcmd($data["new"]["domain"])." ".escapeshellcmd($data["new"]["listname"])." ".escapeshellcmd($data["new"]["email"])." ".escapeshellcmd($data["new"]["password"])." >/dev/null 2>&1 &"); - exec($conf['init_scripts'] . '/' . 'mailman reload &> /dev/null'); + exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); $app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ".$app->db->quote($data["new"]['mailinglist_id'])); @@ -86,8 +86,8 @@ class mailman_plugin { global $app, $conf; if($data["new"]["password"] != $data["old"]["password"] && $data["new"]["password"] != '') { - exec("/usr/lib/mailman/bin/change_pw -l ".escapeshellcmd($data["new"]["listname"])." -p ".escapeshellcmd($data["new"]["password"]).""); - exec($conf['init_scripts'] . '/' . 'mailman reload &> /dev/null'); + exec("nohup /usr/lib/mailman/bin/change_pw -l ".escapeshellcmd($data["new"]["listname"])." -p ".escapeshellcmd($data["new"]["password"])." >/dev/null 2>&1 &"); + exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); $app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ".$app->db->quote($data["new"]['mailinglist_id'])); } } @@ -97,9 +97,9 @@ class mailman_plugin { $this->update_config(); - exec("/usr/lib/mailman/bin/rmlist -a ".escapeshellcmd($data["old"]["listname"])); + exec("nohup /usr/lib/mailman/bin/rmlist -a ".escapeshellcmd($data["old"]["listname"])." >/dev/null 2>&1 &"); - exec($conf['init_scripts'] . '/' . 'mailman reload &> /dev/null'); + exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); } diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php index 86e92f613d19f02f6720d2928b802925f56cb6bb..671ae62c16df0cb9e165a47744d89d63ae9fcae8 100755 --- a/server/plugins-available/shelluser_jailkit_plugin.inc.php +++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php @@ -376,9 +376,9 @@ class shelluser_jailkit_plugin { if(is_file('/root/.ssh/authorized_keys')) file_put_contents($sshkeys, file_get_contents('/root/.ssh/authorized_keys')); // Remove duplicate keys - $existing_keys = file($sshkeys); + $existing_keys = @file($sshkeys); $new_keys = explode("\n", $userkey); - $final_keys_arr = array_merge($existing_keys, $new_keys); + $final_keys_arr = @array_merge($existing_keys, $new_keys); $new_final_keys_arr = array(); if(is_array($final_keys_arr) && !empty($final_keys_arr)){ foreach($final_keys_arr as $key => $val){