Merged revisions 2812-2883 from staböe branch.

install/dist/lib/fedora.lib.php

@@ -718,6 +718,7 @@ class installer_dist extends installer_base {
 		$content = str_replace('{server_id}', $conf['server_id'], $content);
 		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		$content = str_replace('{language}', $conf['language'], $content);
+		$content = str_replace('{timezone}', $conf['timezone'], $content);
 		
 		wf("$install_dir/interface/lib/$configfile", $content);
 		
@@ -740,6 +741,7 @@ class installer_dist extends installer_base {
 		$content = str_replace('{server_id}', $conf['server_id'], $content);
 		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		$content = str_replace('{language}', $conf['language'], $content);
+		$content = str_replace('{timezone}', $conf['timezone'], $content);
 
 		wf("$install_dir/server/lib/$configfile", $content);
 		
@@ -1029,7 +1031,7 @@ class installer_dist extends installer_base {
 		// Edit the file Edit the file /etc/sudoers and comment out the requiregetty line, otherwise the backup function will fail
 		replaceLine('/etc/sudoers','Defaults    requiretty','#Defaults    requiretty',0,0);
 		
-		if(is_file($install_dir.'/interface/invoices')) {
+		if(is_dir($install_dir.'/interface/invoices')) {
 			chmod($install_dir.'/interface/invoices', 0770);
 			chown($install_dir.'/interface/invoices', 'ispconfig');
 			chgrp($install_dir.'/interface/invoices', 'ispconfig');

install/dist/lib/gentoo.lib.php

@@ -733,6 +733,7 @@ class installer extends installer_base
 		$content = str_replace('{server_id}', $conf['server_id'], $content);
 		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		$content = str_replace('{language}', $conf['language'], $content);
+		$content = str_replace('{timezone}', $conf['timezone'], $content);
 		
 		$this->write_config_file("$install_dir/interface/lib/$configfile", $content);
 		
@@ -866,7 +867,7 @@ class installer extends installer_base
 			chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
 		}
 		
-		if(is_file($install_dir.'/interface/invoices')) {
+		if(is_dir($install_dir.'/interface/invoices')) {
 			chmod($install_dir.'/interface/invoices', 0770);
 			chown($install_dir.'/interface/invoices', 'ispconfig');
 			chgrp($install_dir.'/interface/invoices', 'ispconfig');

install/dist/lib/opensuse.lib.php

@@ -756,6 +756,7 @@ class installer_dist extends installer_base {
 		$content = str_replace('{server_id}', $conf['server_id'], $content);
 		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		$content = str_replace('{language}', $conf['language'], $content);
+		$content = str_replace('{timezone}', $conf['timezone'], $content);
 		
 		wf("$install_dir/interface/lib/$configfile", $content);
 		
@@ -778,6 +779,7 @@ class installer_dist extends installer_base {
 		$content = str_replace('{server_id}', $conf['server_id'], $content);
 		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		$content = str_replace('{language}', $conf['language'], $content);
+		$content = str_replace('{timezone}', $conf['timezone'], $content);
 		
 		wf("$install_dir/server/lib/$configfile", $content);
 		
@@ -1060,7 +1062,7 @@ class installer_dist extends installer_base {
 			exec('chmod 744 /usr/local/bin/run-getmail.sh');
 		}
 		
-		if(is_file($install_dir.'/interface/invoices')) {
+		if(is_dir($install_dir.'/interface/invoices')) {
 			chmod($install_dir.'/interface/invoices', 0770);
 			chown($install_dir.'/interface/invoices', 'ispconfig');
 			chgrp($install_dir.'/interface/invoices', 'ispconfig');

install/install.php

@@ -102,8 +102,9 @@ if(is_dir('/usr/local/ispconfig')) {
 //** Detect the installed applications
 $inst->find_installed_apps();
 
-//** Select the language
+//** Select the language and set default timezone
 $conf['language'] = $inst->simple_query('Select language', array('en','de'), 'en');
+$conf['timezone'] = 'UTC';
 
 //** Select installation mode
 $install_mode = $inst->simple_query('Installation mode', array('standard','expert'), 'standard');
@@ -127,6 +128,12 @@ do {
 	$tmp_mysql_server_database = $inst->free_query('MySQL database to create', $conf['mysql']['database']);
 	$tmp_mysql_server_charset = $inst->free_query('MySQL charset', $conf['mysql']['charset']);
 	
+	if($install_mode == 'expert') {
+		swriteln("The next two questions are about the internal ISPConfig database user and password.\nIt is recommended to accept the defaults which are 'ispconfig' as username and a random password.\nIf you use a different password, use only numbers and chars for the password.\n");
+		$conf['mysql']['ispconfig_user'] = $inst->free_query('ISPConfig mysql database username', $conf['mysql']['ispconfig_user']);
+		$conf['mysql']['ispconfig_password'] = $inst->free_query('ISPConfig mysql database password', $conf['mysql']['ispconfig_password']);
+	}
+	
 	//* Initialize the MySQL server connection
 	if(@mysql_connect($tmp_mysql_server_host, $tmp_mysql_server_admin_user, $tmp_mysql_server_admin_password)) {
 		$conf['mysql']['host'] = $tmp_mysql_server_host;

install/lib/installer_base.lib.php

@@ -1608,6 +1608,7 @@ class installer_base {
 		$content = str_replace('{server_id}', $conf['server_id'], $content);
 		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		$content = str_replace('{language}', $conf['language'], $content);
+		$content = str_replace('{timezone}', $conf['timezone'], $content);
 
 		wf($install_dir.'/interface/lib/'.$configfile, $content);
 
@@ -1630,6 +1631,7 @@ class installer_base {
 		$content = str_replace('{server_id}', $conf['server_id'], $content);
 		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		$content = str_replace('{language}', $conf['language'], $content);
+		$content = str_replace('{timezone}', $conf['timezone'], $content);
 
 		wf($install_dir.'/server/lib/'.$configfile, $content);
 
@@ -1763,7 +1765,7 @@ class installer_base {
 			chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
 		}
 		
-		if(is_file($install_dir.'/interface/invoices')) {
+		if(is_dir($install_dir.'/interface/invoices')) {
 			chmod($install_dir.'/interface/invoices', 0770);
 			chown($install_dir.'/interface/invoices', 'ispconfig');
 			chgrp($install_dir.'/interface/invoices', 'ispconfig');

install/lib/update.lib.php

@@ -56,7 +56,11 @@ function prepareDBDump() {
 	//if(filesize('existing_db.sql') < 30000) die('Possible problem with dumping the database. We will stop here. Please check the file existing_db.sql');
 
 	// create a backup copy of the ispconfig database in the root folder
-	$backup_db_name = '/root/ispconfig_db_backup_'.@date('Y-m-d_h-i').'.sql';
+	if(isset($conf['backup_path'])) {
+		$backup_db_name = $conf['backup_path'].'/ispconfig_db_backup.sql';
+	} else {
+		$backup_db_name = '/root/ispconfig_db_backup_'.@date('Y-m-d_H-i').'.sql';
+	}
 	copy('existing_db.sql',$backup_db_name);
 	chmod($backup_db_name, 0700);
 	chown($backup_db_name, 'root');
@@ -164,6 +168,7 @@ function updateDbAndIni() {
 		
 		//* update the database version in server table
 		$inst->db->query("UPDATE ".$conf["mysql"]["database"].".server SET dbversion = '".$current_db_version."' WHERE server_id = ".$conf['server_id']);
+		if($inst->db->dbHost != $inst->dbmaster->dbHost) $inst->dbmaster->query("UPDATE ".$conf["mysql"]["master_database"].".server SET dbversion = '".$current_db_version."' WHERE server_id = ".$conf['server_id']);
 		
 	
 	//* If ISPConfig Version < 3.0.3, we will do a full db update
@@ -207,6 +212,7 @@ function updateDbAndIni() {
 		
 		//* update the database version in server table
 		$inst->db->query("UPDATE ".$conf["mysql"]["database"].".server SET dbversion = '".$current_db_version."' WHERE server_id = ".$conf['server_id']);
+		if($inst->db->dbHost != $inst->dbmaster->dbHost) $inst->dbmaster->query("UPDATE ".$conf["mysql"]["master_database"].".server SET dbversion = '".$current_db_version."' WHERE server_id = ".$conf['server_id']);
 
 		if ($conf['powerdns']['installed']) {
                                                  
@@ -276,7 +282,7 @@ function updateDbAndIni() {
 		$tpl_ini_array['global']['webserver'] = 'nginx';
 	}
 
-	// update the new template with the old values
+	//* update the new template with the old values
 	if(is_array($old_ini_array)) {
 		foreach($old_ini_array as $tmp_section_name => $tmp_section_content) {
 			foreach($tmp_section_content as $tmp_var_name => $tmp_var_content) {
@@ -288,6 +294,11 @@ function updateDbAndIni() {
 	$new_ini = array_to_ini($tpl_ini_array);
 	$sql = "UPDATE ".$conf["mysql"]["database"].".server SET config = '".mysql_real_escape_string($new_ini)."' WHERE server_id = ".$conf['server_id'];
 	$inst->db->query($sql);
+	
+	if($inst->db->dbHost != $inst->dbmaster->dbHost) {
+		$sql = "UPDATE ".$conf["mysql"]["master_database"].".server SET config = '".mysql_real_escape_string($new_ini)."' WHERE server_id = ".$conf['server_id'];
+		$inst->dbmaster->query($sql);
+	}
 	unset($old_ini_array);
 	unset($tpl_ini_array);
 	unset($new_ini);

install/sql/ispconfig3.sql

@@ -1919,6 +1919,6 @@ INSERT INTO `sys_user` (`userid`, `sys_userid`, `sys_groupid`, `sys_perm_user`,
 -- Dumping data for table `sys_config`
 --
 
-INSERT INTO sys_config VALUES ('1','db','db_version','3.0.4.1');
+INSERT INTO sys_config VALUES ('1','db','db_version','3.0.4.2');
 
 SET FOREIGN_KEY_CHECKS = 1;
\ No newline at end of file

install/tpl/bastille-firewall.cfg.master

@@ -75,7 +75,7 @@ DNS_SERVERS="{DNS_SERVERS}"
 # use the "\" continuation character (so Bastille can change the
 # values if it is run more than once)
 TRUSTED_IFACES="lo"                                        # MINIMAL/SAFEST
-PUBLIC_IFACES="eth+ ppp+ slip+ venet+"                        # SAFEST
+PUBLIC_IFACES="eth+ ppp+ slip+ venet+ bond+"                        # SAFEST
 INTERNAL_IFACES=""                                # SAFEST
 
 

install/tpl/config.inc.php.master

@@ -56,7 +56,7 @@ $revision = str_replace(array('Revision:','$',' '), '', $svn_revision);
 
 //** Application
 define('ISPC_APP_TITLE', 'ISPConfig');
-define('ISPC_APP_VERSION', '3.0.4.1');
+define('ISPC_APP_VERSION', '3.0.4.2');
 define('DEVSYSTEM', 0);
 
 
@@ -148,9 +148,10 @@ $conf['theme'] = 'default';
 $conf['html_content_encoding'] = 'utf-8'; // example: utf-8, iso-8859-1, ...
 $conf['logo'] = 'themes/default/images/ispc_logo.png';
 
-//** Default Language
+//** Default Language and Timezone
 $conf['language'] = '{language}';
 $conf['debug_language'] = false;
+$conf['timezone'] = '{timezone}';
 
 
 //** Misc.

install/tpl/debian6_dovecot.conf.master

@@ -12,6 +12,9 @@ log_timestamp = "%Y-%m-%d %H:%M:%S "
 # ssl_cert_file = /etc/ssl/_.my-domain.tld/_.my-domain.tld.crt
 # ssl_key_file = /etc/ssl/_.my-domain.tld/_.my-domain.tld.key
 
+ssl_cert_file = /etc/postfix/smtpd.cert
+ssl_key_file = /etc/postfix/smtpd.key
+
 mail_privileged_group = mail
 
 login_greeting = ISPConfig3 IMAP server ready...

install/tpl/debian_dovecot.conf.master

@@ -99,6 +99,9 @@ log_timestamp = "%Y-%m-%d %H:%M:%S "
 #ssl_cert_file = /etc/ssl/certs/dovecot.pem
 #ssl_key_file = /etc/ssl/private/dovecot.pem
 
+ssl_cert_file = /etc/postfix/smtpd.cert
+ssl_key_file = /etc/postfix/smtpd.key
+
 # If key file is password protected, give the password here. Alternatively
 # give it when starting dovecot with -p parameter.
 #ssl_key_password =

install/tpl/fedora_dovecot.conf.master

@@ -87,7 +87,7 @@ log_timestamp = "%Y-%m-%d %H:%M:%S "
 #ssl_listen =
 
 # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
-#ssl = yes
+ssl = yes
 
 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
 # dropping root privileges, so keep the key file unreadable by anyone but
@@ -96,6 +96,9 @@ log_timestamp = "%Y-%m-%d %H:%M:%S "
 #ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
 #ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
 
+ssl_cert_file = /etc/postfix/smtpd.cert
+ssl_key_file = /etc/postfix/smtpd.key
+
 # If key file is password protected, give the password here. Alternatively
 # give it when starting dovecot with -p parameter. Since this file is often
 # world-readable, you may want to place this setting instead to a different

install/tpl/mm_cfg.py.master

@@ -57,7 +57,7 @@ MAILMAN_SITE_LIST = 'mailman'
 #-------------------------------------------------------------
 # If you change these, you have to configure your http server
 # accordingly (Alias and ScriptAlias directives in most httpds)
-DEFAULT_URL_PATTERN = 'http://%s/cgi-bin/mailman/'
+DEFAULT_URL_PATTERN = 'https://%s/cgi-bin/mailman/'
 PRIVATE_ARCHIVE_URL = '/cgi-bin/mailman/private'
 IMAGE_LOGOS         = '/images/mailman/'
 

install/tpl/opensuse_dovecot.conf.master

@@ -103,6 +103,9 @@ ssl = no
 #ssl_cert_file = /etc/ssl/certs/dovecot.pem
 #ssl_key_file = /etc/ssl/private/dovecot.pem
 
+ssl_cert_file = /etc/postfix/smtpd.cert
+ssl_key_file = /etc/postfix/smtpd.key
+
 # If key file is password protected, give the password here. Alternatively
 # give it when starting dovecot with -p parameter. Since this file is often
 # world-readable, you may want to place this setting instead to a different

install/tpl/server.ini.master

@@ -45,7 +45,7 @@ vhost_conf_dir=/etc/apache2/sites-available
 vhost_conf_enabled_dir=/etc/apache2/sites-enabled
 nginx_vhost_conf_dir=/etc/nginx/sites-available
 nginx_vhost_conf_enabled_dir=/etc/nginx/sites-enabled
-security_level=10
+security_level=20
 user=www-data
 group=www-data
 nginx_user=www-data
@@ -69,6 +69,10 @@ php_fpm_ini_path=/etc/php5/fpm/php.ini
 php_fpm_pool_dir=/etc/php5/fpm/pool.d
 php_fpm_start_port=9010
 php_fpm_socket_dir=/var/lib/php5-fpm
+set_folder_permissions_on_update=y
+add_web_users_to_sshusers_group=y
+connect_userid_to_webid=n
+connect_userid_to_webid_start=10000
 
 [dns]
 bind_user=root

install/update.php

@@ -96,6 +96,8 @@ $conf["mysql"]["ispconfig_user"] = $conf_old["db_user"];
 $conf["mysql"]["ispconfig_password"] = $conf_old["db_password"];
 $conf['language'] = $conf_old['language'];
 if($conf['language'] == '{language}') $conf['language'] = 'en';
+$conf['timezone'] = $conf_old['timezone'];
+if($conf['timezone'] == '{timezone}' or trim($conf['timezone']) == '') $conf['timezone'] = 'UTC';
 
 if(isset($conf_old["dbmaster_host"])) $conf["mysql"]["master_host"] = $conf_old["dbmaster_host"];
 if(isset($conf_old["dbmaster_database"])) $conf["mysql"]["master_database"] = $conf_old["dbmaster_database"];
@@ -119,7 +121,32 @@ $inst->is_update = true;
 //** Detect the installed applications
 $inst->find_installed_apps();
 
-echo "This application will update ISPConfig 3 on your server.\n";
+echo "This application will update ISPConfig 3 on your server.\n\n";
+
+//* Make a backup before we start the update
+$do_backup = $inst->simple_query('Shall the script create a ISPConfig backup in /var/backup/ now?', array('yes','no'),'yes');
+if($do_backup == 'yes') {
+	
+	//* Create the backup directory
+	$backup_path = '/var/backup/ispconfig_'.date('Y-m-d_H-i');
+	$conf['backup_path'] = $backup_path;
+	exec("mkdir -p $backup_path");
+	exec("chown root:root $backup_path");
+	exec("chmod 700 $backup_path");
+	
+	//* Do the backup
+	swriteln('Creating backup of "/usr/local/ispconfig" directory...');
+	exec("tar pcfz $backup_path/ispconfig_software.tar.gz /usr/local/ispconfig 2> /dev/null",$out,$returnvar);
+	if($returnvar != 0) die("Backup failed. We stop here...\n");
+	
+	swriteln('Creating backup of "/etc" directory...');
+	exec("tar pcfz $backup_path/etc.tar.gz /etc 2> /dev/null",$out,$returnvar);
+	if($returnvar != 0) die("Backup failed. We stop here...\n");
+	
+	exec("chown root:root $backup_path/*.tar.gz");
+	exec("chmod 700 $backup_path/*.tar.gz");
+}
+
 
 //** Initialize the MySQL server connection
 include_once('lib/mysql.lib.php');

interface/lib/app.inc.php

@@ -28,12 +28,20 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
+//* Enable gzip compression for the interface
+ob_start('ob_gzhandler');
+
+//* Set timezone
+if(isset($conf['timezone']) && $conf['timezone'] != '') date_default_timezone_set($conf['timezone']);
+
+//* Set error reporting level when we are not on a developer system
+if(DEVSYSTEM == 0) {
+	@ini_set('error_reporting', E_ALL & ~E_NOTICE & ~E_DEPRECATED);
+}
+
 /*
     Application Class
 */
-
-ob_start('ob_gzhandler');
-
 class app {
 
 	private $_language_inc = 0;
@@ -233,6 +241,7 @@ class app {
 		/* Show username */
 		if(isset($_SESSION['s']['user'])) {
 			$this->tpl->setVar('cpuser', $_SESSION['s']['user']['username']);
+			$this->tpl->setVar('logout_txt', $this->lng('logout_txt'));
 		}
 	}
 

interface/lib/classes/plugin.inc.php

@@ -136,7 +136,7 @@ class plugin {
 	 	global $app;
 
 	 	//* execute the functions for the events
-		if(is_array($_SESSION['s']['plugin_cache'][$event_name])) {
+		if(@is_array($_SESSION['s']['plugin_cache'][$event_name])) {
 			foreach($_SESSION['s']['plugin_cache'][$event_name] as $rec) {
 				$plugin_name = $rec['plugin'];
 				$function_name = $rec['function'];

interface/lib/classes/remoting.inc.php

@@ -2158,6 +2158,11 @@ class remoting {
 		$sql = $app->remoting_lib->getSQL($params,'INSERT',0);
 		$app->db->query($sql);
 		
+		//* Check if no system user with that username exists
+		$username = $app->db->quote($params["username"]);
+		$tmp = $app->db->queryOneRecord("SELECT count(userid) as number FROm sys_user WHERE username = '$username'");
+		if($tmp['number'] > 0) $app->remoting_lib->errorMessage .= "Duplicate username<br />";
+		
 		if($app->remoting_lib->errorMessage != '') {
 			$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
 			return false;

interface/lib/classes/remoting_lib.inc.php

@@ -208,7 +208,13 @@ class remoting_lib {
                                 break;
 
                                 case 'INTEGER':
-                                        $new_record[$key] = intval($record[$key]);
+										//* We use + 0 to force the string to be a number as 
+										//* intval return value is too limited on 32bit systems
+                                        if(intval($record[$key]) == 2147483647) {
+											$new_record[$key] = $record[$key] + 0;
+										} else {
+											$new_record[$key] = intval($record[$key]);
+										}
                                 break;
 
                                 case 'DOUBLE':