diff --git a/.gitignore b/.gitignore
index d42aee61f4caf9d716977a21353bf598c3092220..32f43c2430e66a26c0100ade3e1685f1836d458a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
.DS_Store
/nbproject/private/
.phplint-cache
+*.swp
diff --git a/install/dist/lib/fedora.lib.php b/install/dist/lib/fedora.lib.php
index 0cf2141f72ad6c4c478ab8c1fc4982386591ce75..c188ac93a5b32727d28b26e8709621e10193b77e 100644
--- a/install/dist/lib/fedora.lib.php
+++ b/install/dist/lib/fedora.lib.php
@@ -66,6 +66,9 @@ class installer_dist extends installer_base {
//* mysql-virtual_alias_domains.cf
$this->process_postfix_config('mysql-virtual_alias_domains.cf');
+ //* mysql-virtual_alias_maps.cf
+ $this->process_postfix_config('mysql-virtual_alias_maps.cf');
+
//* mysql-virtual_mailboxes.cf
$this->process_postfix_config('mysql-virtual_mailboxes.cf');
diff --git a/install/dist/lib/opensuse.lib.php b/install/dist/lib/opensuse.lib.php
index 1401614c3fd2b4c1dc3a8b6ddf687c50638fc342..da31ad6b571d204836e6b9c5ea878c70ab2ecbb5 100644
--- a/install/dist/lib/opensuse.lib.php
+++ b/install/dist/lib/opensuse.lib.php
@@ -66,6 +66,9 @@ class installer_dist extends installer_base {
//* mysql-virtual_alias_domains.cf
$this->process_postfix_config('mysql-virtual_alias_domains.cf');
+ //* mysql-virtual_alias_maps.cf
+ $this->process_postfix_config('mysql-virtual_alias_maps.cf');
+
//* mysql-virtual_mailboxes.cf
$this->process_postfix_config('mysql-virtual_mailboxes.cf');
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 10533dd66f9bed87df51632425cf988649aaa8d5..6a4d771e16b184ac23af5d3335d436c98176856a 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -976,6 +976,9 @@ class installer_base {
//* mysql-virtual_alias_domains.cf
$this->process_postfix_config('mysql-virtual_alias_domains.cf');
+ //* mysql-virtual_alias_maps.cf
+ $this->process_postfix_config('mysql-virtual_alias_maps.cf');
+
//* mysql-virtual_mailboxes.cf
$this->process_postfix_config('mysql-virtual_mailboxes.cf');
diff --git a/install/sql/incremental/upd_dev_collection.sql b/install/sql/incremental/upd_dev_collection.sql
index 1deb6050284d384ec4fdb69a6f65acee8fa4cdd8..b7db2767eda744d3f626494f52d4dd390243b33c 100644
--- a/install/sql/incremental/upd_dev_collection.sql
+++ b/install/sql/incremental/upd_dev_collection.sql
@@ -65,3 +65,8 @@ ALTER TABLE `client` CHANGE `id_rsa` `id_rsa` TEXT CHARACTER SET utf8 COLLATE ut
ALTER TABLE `directive_snippets` ADD `update_sites` ENUM('y','n') NOT NULL DEFAULT 'n' ;
+-- Add DNSSEC Algorithm setting
+ALTER TABLE `dns_soa` ADD `dnssec_algo` SET('NSEC3RSASHA1','ECDSAP256SHA256') NULL DEFAULT NULL AFTER `dnssec_wanted`;
+UPDATE `dns_soa` SET `dnssec_algo` = 'NSEC3RSASHA1' WHERE `dnssec_algo` IS NULL AND dnssec_initialized = 'Y';
+UPDATE `dns_soa` SET `dnssec_algo` = 'ECDSAP256SHA256' WHERE `dnssec_algo` IS NULL AND dnssec_initialized = 'N';
+ALTER TABLE `dns_soa` CHANGE `dnssec_algo` `dnssec_algo` SET('NSEC3RSASHA1','ECDSAP256SHA256') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'ECDSAP256SHA256';
diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql
index edd4dd50491cf6dfe21898e8d7c6027b04e86541..0d76fb8c084356d790a7506b5044c6b36265ccdf 100644
--- a/install/sql/ispconfig3.sql
+++ b/install/sql/ispconfig3.sql
@@ -626,6 +626,7 @@ CREATE TABLE `dns_soa` (
`update_acl` varchar(255) default NULL,
`dnssec_initialized` ENUM('Y','N') NOT NULL DEFAULT 'N',
`dnssec_wanted` ENUM('Y','N') NOT NULL DEFAULT 'N',
+ `dnssec_algo` SET('NSEC3RSASHA1','ECDSAP256SHA256') NOT NULL DEFAULT 'ECDSAP256SHA256',
`dnssec_last_signed` BIGINT NOT NULL DEFAULT '0',
`dnssec_info` TEXT NULL,
PRIMARY KEY (`id`),
@@ -2501,7 +2502,7 @@ INSERT INTO `country` (`iso`, `name`, `printable_name`, `iso3`, `numcode`, `eu`)
-- Dumping data for table `dns_template`
--
-INSERT INTO `dns_template` (`template_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `name`, `fields`, `template`, `visible`) VALUES (1, 1, 1, 'riud', 'riud', '', 'Default', 'DOMAIN,IP,NS1,NS2,EMAIL,DKIM,DNSSEC', '[ZONE]\norigin={DOMAIN}.\nns={NS1}.\nmbox={EMAIL}.\nrefresh=7200\nretry=540\nexpire=604800\nminimum=3600\nttl=3600\n\n[DNS_RECORDS]\nA|{DOMAIN}.|{IP}|0|3600\nA|www|{IP}|0|3600\nA|mail|{IP}|0|3600\nNS|{DOMAIN}.|{NS1}.|0|3600\nNS|{DOMAIN}.|{NS2}.|0|3600\nMX|{DOMAIN}.|mail.{DOMAIN}.|10|3600\nTXT|{DOMAIN}.|v=spf1 mx a ~all|0|3600', 'y');
+INSERT INTO `dns_template` (`template_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `name`, `fields`, `template`, `visible`) VALUES (1, 1, 1, 'riud', 'riud', '', 'Default', 'DOMAIN,IP,NS1,NS2,EMAIL,DKIM,DNSSEC', '[ZONE]\norigin={DOMAIN}.\nns={NS1}.\nmbox={EMAIL}.\nrefresh=7200\nretry=540\nexpire=604800\nminimum=3600\nttl=3600\ndnssec_algo=ECDSAP256SHA256\n\n[DNS_RECORDS]\nA|{DOMAIN}.|{IP}|0|3600\nA|www|{IP}|0|3600\nA|mail|{IP}|0|3600\nNS|{DOMAIN}.|{NS1}.|0|3600\nNS|{DOMAIN}.|{NS2}.|0|3600\nMX|{DOMAIN}.|mail.{DOMAIN}.|10|3600\nTXT|{DOMAIN}.|v=spf1 mx a ~all|0|3600', 'y');
-- --------------------------------------------------------
diff --git a/install/tpl/apache_ispconfig.vhost.master b/install/tpl/apache_ispconfig.vhost.master
index 61e9a588593756e8671c1062ae7dd89eb71ffb51..f90876170bbd6da883fb5fc9dee83a6ffb9b9096 100644
--- a/install/tpl/apache_ispconfig.vhost.master
+++ b/install/tpl/apache_ispconfig.vhost.master
@@ -70,7 +70,7 @@ NameVirtualHost *:<tmpl_var name="vhost_port">
# SSL Configuration
<tmpl_var name="ssl_comment">SSLEngine On
<tmpl_if name='apache_version' op='>=' value='2.3.16' format='version'>
- <tmpl_var name="ssl_comment">SSLProtocol All -SSLv3
+ <tmpl_var name="ssl_comment">SSLProtocol All -SSLv3 -TLSv1 -TLSv1.1
<tmpl_else>
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3
</tmpl_if>
@@ -78,7 +78,7 @@ NameVirtualHost *:<tmpl_var name="vhost_port">
<tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
<tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle
- <tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
+ <tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
<tmpl_var name="ssl_comment">SSLHonorCipherOrder On
<tmpl_if name='apache_version' op='>=' value='2.4.3' format='version'>
<tmpl_var name="ssl_comment">SSLCompression Off
diff --git a/install/tpl/debian6_dovecot2.conf.master b/install/tpl/debian6_dovecot2.conf.master
index 80709cfe36e4b0be34c68b658e396b5c563b4566..1080eeb5599706a7c1361def9500c621e6808480 100644
--- a/install/tpl/debian6_dovecot2.conf.master
+++ b/install/tpl/debian6_dovecot2.conf.master
@@ -7,8 +7,10 @@ mail_privileged_group = vmail
ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
ssl_dh = </etc/dovecot/dh.pem
-ssl_protocols = !SSLv2 !SSLv3
-ssl_min_protocol = TLSv1
+ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
+ssl_min_protocol = TLSv1.2
+ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+ssl_prefer_server_ciphers = no
auth_verbose = yes
mail_max_userip_connections = 100
mail_plugins = quota
diff --git a/install/tpl/debian_dovecot2.conf.master b/install/tpl/debian_dovecot2.conf.master
index a2925913727ddce3eb053ff045196824b824136b..60a1263e48e3d3e218c8ab9cf7f957a1ffca6fa7 100644
--- a/install/tpl/debian_dovecot2.conf.master
+++ b/install/tpl/debian_dovecot2.conf.master
@@ -7,7 +7,9 @@ mail_privileged_group = vmail
postmaster_address = postmaster@example.com
ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
-ssl_protocols = !SSLv2 !SSLv3
+ssl_min_protocol = TLSv1.2
+ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+ssl_prefer_server_ciphers = no
auth_verbose = yes
mail_max_userip_connections = 100
mail_plugins = $mail_plugins quota
diff --git a/install/tpl/debian_postfix.conf.master b/install/tpl/debian_postfix.conf.master
index 169826747d01281c3de5838cc869004fc32e68aa..8e3fa50f229239baff06e54f70a2bcedf4d8a9e0 100644
--- a/install/tpl/debian_postfix.conf.master
+++ b/install/tpl/debian_postfix.conf.master
@@ -1,7 +1,7 @@
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
virtual_alias_domains = proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf
-virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
+virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_maps.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
virtual_mailbox_base = {vmail_mailbox_base}
@@ -14,7 +14,7 @@ smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
-greylisting = check_policy_service inet:127.0.0.1:10023
+greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}, check_policy_service unix:private/quota-status
smtpd_use_tls = yes
smtpd_tls_security_level = may
@@ -39,10 +39,13 @@ nested_header_checks = regexp:{config_dir}/nested_header_checks
body_checks = regexp:{config_dir}/body_checks
owner_request_special = no
smtp_tls_security_level = may
-smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
-smtpd_tls_protocols = !SSLv2,!SSLv3
-smtp_tls_protocols = !SSLv2,!SSLv3
+smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
+smtpd_tls_protocols = !SSLv2,!SSLv3, !TLSv1, !TLSv1.1
+smtp_tls_protocols = !SSLv2,!SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
+smtpd_tls_mandatory_ciphers = medium
+tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+tls_preempt_cipherlist = no
# needed for postfix < 3.3 when using reject_unverified_recipient (lmtp):
enable_original_recipient = yes
diff --git a/install/tpl/fedora_dovecot2.conf.master b/install/tpl/fedora_dovecot2.conf.master
index 2acd757fbd36edbc3b9d377b0dfda9671c7fcfbc..4b9bb5c6a9cc1bc142bd45468af930758b598444 100644
--- a/install/tpl/fedora_dovecot2.conf.master
+++ b/install/tpl/fedora_dovecot2.conf.master
@@ -6,7 +6,9 @@ log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_privileged_group = vmail
ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
-ssl_protocols = !SSLv2 !SSLv3
+ssl_min_protocol = TLSv1.2
+ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+ssl_prefer_server_ciphers = no
auth_verbose = yes
mail_plugins = quota
passdb {
diff --git a/install/tpl/fedora_postfix.conf.master b/install/tpl/fedora_postfix.conf.master
index 1c78e858beb5475f21ee6b85c00785c423f878bb..ffe831286c689cf2779d13fec0b36070c19c5383 100644
--- a/install/tpl/fedora_postfix.conf.master
+++ b/install/tpl/fedora_postfix.conf.master
@@ -1,5 +1,5 @@
virtual_alias_domains = proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf
-virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
+virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_maps.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
virtual_mailbox_base = {vmail_mailbox_base}
@@ -35,10 +35,13 @@ nested_header_checks = regexp:{config_dir}/nested_header_checks
body_checks = regexp:{config_dir}/body_checks
inet_interfaces = all
smtp_tls_security_level = may
-smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
-smtpd_tls_protocols = !SSLv2,!SSLv3
-smtp_tls_protocols = !SSLv2,!SSLv3
+smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
+smtpd_tls_protocols = !SSLv2,!SSLv3, !TLSv1, !TLSv1.1
+smtp_tls_protocols = !SSLv2,!SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
+smtpd_tls_mandatory_ciphers = medium
+tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+tls_preempt_cipherlist = no
# needed for postfix < 3.3 when using reject_unverified_recipient (lmtp):
enable_original_recipient = yes
diff --git a/install/tpl/gentoo_postfix.conf.master b/install/tpl/gentoo_postfix.conf.master
index 84d404d15b0bc63e4b5edb469c04f478b3070018..52b48f92743317c652e22f2792c902a3f96eea5b 100644
--- a/install/tpl/gentoo_postfix.conf.master
+++ b/install/tpl/gentoo_postfix.conf.master
@@ -1,5 +1,5 @@
virtual_alias_domains = proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf
-virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
+virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_maps.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
virtual_mailbox_base = {vmail_mailbox_base}
@@ -34,10 +34,13 @@ nested_header_checks = regexp:{config_dir}/nested_header_checks
body_checks = regexp:{config_dir}/body_checks
inet_interfaces = all
smtp_tls_security_level = may
-smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
-smtpd_tls_protocols = !SSLv2,!SSLv3
-smtp_tls_protocols = !SSLv2,!SSLv3
+smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
+smtpd_tls_protocols = !SSLv2,!SSLv3, !TLSv1, !TLSv1.1
+smtp_tls_protocols = !SSLv2,!SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
+smtpd_tls_mandatory_ciphers = medium
+tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+tls_preempt_cipherlist = no
# needed for postfix < 3.3 when using reject_unverified_recipient (lmtp):
enable_original_recipient = yes
diff --git a/install/tpl/mysql-virtual_alias_domains.cf.master b/install/tpl/mysql-virtual_alias_domains.cf.master
index e55fd8ea8df088457ba43a01c8df62a33e888b6f..26b14ac00da538ba9253fe937cb6a4f79bec5942 100644
--- a/install/tpl/mysql-virtual_alias_domains.cf.master
+++ b/install/tpl/mysql-virtual_alias_domains.cf.master
@@ -2,5 +2,6 @@ user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
hosts = {mysql_server_ip}
-query = SELECT destination FROM mail_forwarding
- WHERE source = '@%d' AND type = 'aliasdomain' AND active = 'y' AND server_id = {server_id}
+query = SELECT SUBSTRING_INDEX(destination, '@', -1) FROM mail_forwarding
+ WHERE source = '@%s' AND type = 'aliasdomain' AND active = 'y' AND server_id = {server_id}
+
diff --git a/install/tpl/mysql-virtual_alias_maps.cf.master b/install/tpl/mysql-virtual_alias_maps.cf.master
new file mode 100644
index 0000000000000000000000000000000000000000..e55fd8ea8df088457ba43a01c8df62a33e888b6f
--- /dev/null
+++ b/install/tpl/mysql-virtual_alias_maps.cf.master
@@ -0,0 +1,6 @@
+user = {mysql_server_ispconfig_user}
+password = {mysql_server_ispconfig_password}
+dbname = {mysql_server_database}
+hosts = {mysql_server_ip}
+query = SELECT destination FROM mail_forwarding
+ WHERE source = '@%d' AND type = 'aliasdomain' AND active = 'y' AND server_id = {server_id}
diff --git a/install/tpl/named.conf.options.master b/install/tpl/named.conf.options.master
index f13976ffd6db31f72447c1d0d57be7d2935a556d..88c0e06493493f9493bfccb733e9bba74de22d25 100644
--- a/install/tpl/named.conf.options.master
+++ b/install/tpl/named.conf.options.master
@@ -5,9 +5,9 @@ options {
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
- // If your ISP provided one or more IP addresses for stable
- // nameservers, you probably want to use them as forwarders.
- // Uncomment the following block, and insert the addresses replacing
+ // If your ISP provided one or more IP addresses for stable
+ // nameservers, you probably want to use them as forwarders.
+ // Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
@@ -21,8 +21,9 @@ options {
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
+
+ allow-transfer {none;};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
-
diff --git a/install/tpl/nginx_apps.vhost.master b/install/tpl/nginx_apps.vhost.master
index a22b1aab46b71b28fca3668fdf696154f365ed3f..2680b209a2522b8ef4455ffb73f4f835c3e66477 100644
--- a/install/tpl/nginx_apps.vhost.master
+++ b/install/tpl/nginx_apps.vhost.master
@@ -2,7 +2,7 @@ server {
listen {apps_vhost_port} {ssl_on};
listen [::]:{apps_vhost_port} {ssl_on} ipv6only=on;
- {ssl_comment}ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ {ssl_comment}ssl_protocols TLSv1.2;
{ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
{ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key;
@@ -115,7 +115,7 @@ server {
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
-
+
location /squirrelmail {
root /usr/share/;
index index.php index.html index.htm;
diff --git a/install/tpl/nginx_ispconfig.vhost.master b/install/tpl/nginx_ispconfig.vhost.master
index aad670e97a8a74d022eb3c0c11927c559bd858d6..dbe44d7064861eae187731a39e5ced7d120affd3 100644
--- a/install/tpl/nginx_ispconfig.vhost.master
+++ b/install/tpl/nginx_ispconfig.vhost.master
@@ -1,13 +1,13 @@
server {
listen {vhost_port} {ssl_on};
listen [::]:{vhost_port} {ssl_on} ipv6only=on;
-
- {ssl_comment}ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+
+ {ssl_comment}ssl_protocols TLSv1.2;
{ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
{ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key;
{ssl_comment}ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
{ssl_comment}ssl_prefer_server_ciphers on;
-
+
# redirect to https if accessed with http
{ssl_comment}error_page 497 https://$host:{vhost_port}$request_uri;
@@ -44,7 +44,7 @@ server {
location ~ /\. {
deny all;
}
-
+
# location /phpmyadmin {
# root /usr/share/;
# index index.php index.html index.htm;
@@ -64,7 +64,7 @@ server {
# location /phpMyAdmin {
# rewrite ^/* /phpmyadmin last;
# }
-#
+#
# location /squirrelmail {
# root /usr/share/;
# index index.php index.html index.htm;
diff --git a/install/tpl/opensuse_dovecot2.conf.master b/install/tpl/opensuse_dovecot2.conf.master
index 62c9939819547aeffe28ebac3a6dfc2135187e9e..9624c05684e4564f49613cf101a5eef60e2fdc8e 100644
--- a/install/tpl/opensuse_dovecot2.conf.master
+++ b/install/tpl/opensuse_dovecot2.conf.master
@@ -6,7 +6,9 @@ log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_privileged_group = vmail
ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
-ssl_protocols = !SSLv2 !SSLv3
+ssl_min_protocol = TLSv1.2
+ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+ssl_prefer_server_ciphers = no
mail_plugins = quota
passdb {
args = /etc/dovecot/dovecot-sql.conf
@@ -79,7 +81,7 @@ mail_plugins = $mail_plugins quota
#2.3+ group = vmail
#2.3+ mode = 0660
#2.3+ }
-#2.3+
+#2.3+
#2.3+ unix_listener stats-writer {
#2.3+ user = vmail
#2.3+ group = vmail
@@ -122,4 +124,3 @@ namespace inbox {
special_use = \Trash
}
}
-
diff --git a/install/tpl/opensuse_postfix.conf.master b/install/tpl/opensuse_postfix.conf.master
index f2d2a4403b4cc89f79626789b779ae7c3e6d1ab9..545dcb10806b739dd99a394dc55cea986acf85f1 100644
--- a/install/tpl/opensuse_postfix.conf.master
+++ b/install/tpl/opensuse_postfix.conf.master
@@ -1,7 +1,7 @@
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
virtual_alias_domains = proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf
-virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
+virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_maps.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
virtual_mailbox_base = {vmail_mailbox_base}
@@ -37,10 +37,13 @@ nested_header_checks = regexp:{config_dir}/nested_header_checks
body_checks = regexp:{config_dir}/body_checks
inet_interfaces = all
smtp_tls_security_level = may
-smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
-smtpd_tls_protocols = !SSLv2,!SSLv3
-smtp_tls_protocols = !SSLv2,!SSLv3
+smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
+smtpd_tls_protocols = !SSLv2,!SSLv3, !TLSv1, !TLSv1.1
+smtp_tls_protocols = !SSLv2,!SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
+smtpd_tls_mandatory_ciphers = medium
+tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+tls_preempt_cipherlist = no
# needed for postfix < 3.3 when using reject_unverified_recipient (lmtp):
enable_original_recipient = yes
diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master
index d6dfa18f47f61ed5598c56edb8d6bc81f15732c0..ec6573d7b156a44a53e798310543adb86d1b8420 100644
--- a/install/tpl/system.ini.master
+++ b/install/tpl/system.ini.master
@@ -36,6 +36,7 @@ backups_include_into_web_quota=n
reseller_can_use_options=n
web_php_options=no,fast-cgi,mod,php-fpm
show_aps_menu=n
+client_protection=y
[tools]
diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php
index be6c15666c0d4facb9acbe2f2ebcfaab54f2ace9..631bd430dafb6cb4a67d2e10d11c383ee4208493 100755
--- a/interface/lib/app.inc.php
+++ b/interface/lib/app.inc.php
@@ -49,7 +49,7 @@ class app {
private $_loaded_classes = array();
private $_conf;
private $_security_config;
-
+
public $loaded_plugins = array();
public function __construct() {
@@ -58,7 +58,7 @@ class app {
if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($_REQUEST['s']) || isset($_REQUEST['s_old']) || isset($_REQUEST['conf'])) {
die('Internal Error: var override attempt detected');
}
-
+
$this->_conf = $conf;
if($this->_conf['start_db'] == true) {
$this->load('db_'.$this->_conf['db_type']);
@@ -70,21 +70,21 @@ class app {
}
$this->uses('functions'); // we need this before all others!
$this->uses('auth,plugin,ini_parser,getconf');
-
+
}
public function __get($prop) {
if(property_exists($this, $prop)) return $this->{$prop};
-
+
$this->uses($prop);
if(property_exists($this, $prop)) return $this->{$prop};
else trigger_error('Undefined property ' . $prop . ' of class app', E_USER_WARNING);
}
-
+
public function __destruct() {
session_write_close();
}
-
+
public function initialize_session() {
//* Start the session
if($this->_conf['start_session'] == true) {
@@ -118,7 +118,7 @@ class app {
} else {
session_set_cookie_params(0,'/',$cookie_domain,$cookie_secure,true); // until browser is closed
}
-
+
session_set_save_handler( array($this->session, 'open'),
array($this->session, 'close'),
array($this->session, 'read'),
@@ -127,7 +127,7 @@ class app {
array($this->session, 'gc'));
session_start();
-
+
//* Initialize session variables
if(!isset($_SESSION['s']['id']) ) $_SESSION['s']['id'] = session_id();
if(empty($_SESSION['s']['theme'])) $_SESSION['s']['theme'] = $conf['theme'];
@@ -135,7 +135,7 @@ class app {
}
}
-
+
public function uses($classes) {
$cl = explode(',', $classes);
if(is_array($cl)) {
@@ -160,7 +160,7 @@ class app {
}
}
}
-
+
public function conf($plugin, $key, $value = null) {
if(is_null($value)) {
$tmpconf = $this->db->queryOneRecord("SELECT `value` FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
@@ -284,6 +284,7 @@ class app {
$this->tpl->setVar('datalog_changes_end_txt', $this->lng('datalog_changes_end_txt'));
$this->tpl->setVar('datalog_changes_count', $datalog['count']);
$this->tpl->setLoop('datalog_changes', $datalog['entries']);
+ $this->tpl->setVar('datalog_changes_close_txt', $this->lng('datalog_changes_close_txt'));
} else {
$this->tpl->setVar('app_version', '');
}
@@ -349,7 +350,7 @@ class app {
return 'y' === $maintenance_mode && !in_array($_SERVER['REMOTE_ADDR'], $maintenance_mode_exclude_ips);
}
-
+
private function get_cookie_domain() {
$sec_config = $this->getconf->get_security_config('permissions');
$proxy_panel_allowed = $sec_config['reverse_proxy_panel_allowed'];
@@ -380,7 +381,7 @@ class app {
unset($forwarded_host);
}
}
-
+
return $cookie_domain;
}
@@ -389,7 +390,7 @@ class app {
//** Initialize application (app) object
//* possible future = new app($conf);
$app = new app();
-/*
+/*
split session creation out of constructor is IMHO better.
otherwise we have some circular references to global $app like in
getconfig property of App - RA
@@ -398,7 +399,7 @@ $app->initialize_session();
// load and enable PHP Intrusion Detection System (PHPIDS)
$ids_security_config = $app->getconf->get_security_config('ids');
-
+
if(is_dir(ISPC_CLASS_PATH.'/IDS') && !defined('REMOTE_API_CALL') && ($ids_security_config['ids_anon_enabled'] == 'yes' || $ids_security_config['ids_user_enabled'] == 'yes' || $ids_security_config['ids_admin_enabled'] == 'yes')) {
$app->uses('ids');
$app->ids->start();
diff --git a/interface/lib/lang/ar.lng b/interface/lib/lang/ar.lng
index f8fd2b5a500479b4dff5741a0ded9410f648db78..8987866af06b677d01ead04d166957cf083b0af4 100644
--- a/interface/lib/lang/ar.lng
+++ b/interface/lib/lang/ar.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Unlimited';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/bg.lng b/interface/lib/lang/bg.lng
index 049807e66da3712e215a7b6f62734ebaecdef900..1a288f3b957b3e1fbe3b9cbde8bd926092705227 100644
--- a/interface/lib/lang/bg.lng
+++ b/interface/lib/lang/bg.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Ðеограничен';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/br.lng b/interface/lib/lang/br.lng
index 3bab13ab3a40eb40f83e06798bf32d1332f9ffce..c11b825ae7bd8d5ac4a7c6b590abc2150c208dac 100644
--- a/interface/lib/lang/br.lng
+++ b/interface/lib/lang/br.lng
@@ -159,4 +159,6 @@ $wb['security_check2_txt'] = 'falhou.';
$wb['select_directive_snippet_txt'] = 'Diretiva de trechos de código';
$wb['select_master_directive_snippet_txt'] = 'Diretiva mestre de trechos de código';
$wb['unlimited_txt'] = 'Ilimitado';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/ca.lng b/interface/lib/lang/ca.lng
index 6d48482cfc5f5c97825505de23a7fb80abd07aea..c3a5b340f687528db33177e7943cb653449dc71c 100644
--- a/interface/lib/lang/ca.lng
+++ b/interface/lib/lang/ca.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Illimité';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/cz.lng b/interface/lib/lang/cz.lng
index 93eeb671e5ffc32a0f9e19d647f42cbfcf569ece..058475169b173671f5bbfad3bbd7742c626a7e98 100644
--- a/interface/lib/lang/cz.lng
+++ b/interface/lib/lang/cz.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Vytvořit XMPP uživatele';
$wb['datalog_status_u_xmpp_user'] = 'Aktualizovat XMPP uživatele';
$wb['datalog_status_d_xmpp_user'] = 'Smazat XMPP uživatele';
$wb['unlimited_txt'] = 'neomezeno';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/de.lng b/interface/lib/lang/de.lng
index 54091c14170786b83b4d68c79b801d3dff280c56..80704d3e5bf2114e833ef193d29f2bbac5dce296 100644
--- a/interface/lib/lang/de.lng
+++ b/interface/lib/lang/de.lng
@@ -159,4 +159,6 @@ $wb['security_check2_txt'] = 'fehlgeschlagen.';
$wb['select_directive_snippet_txt'] = 'Direktiven Schnipsel';
$wb['select_master_directive_snippet_txt'] = 'Master Direktiven Schnipsel';
$wb['unlimited_txt'] = 'unlimitiert';
-?>
+$wb['server_id_0_error_txt'] = 'Bitte Server auswählen. Server ID muss > als 0 sein.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/dk.lng b/interface/lib/lang/dk.lng
index cbb9fc5efdc46db92761845cca3164f8224c08c1..93c68617cf953dfacd075d6b0c2c29d527f840af 100644
--- a/interface/lib/lang/dk.lng
+++ b/interface/lib/lang/dk.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Ubegrænset';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/el.lng b/interface/lib/lang/el.lng
index 3e6c60c90f451a81acfed2b2e904c3df6074d422..3189500b01cf25696c68924defd105fe89f65d51 100644
--- a/interface/lib/lang/el.lng
+++ b/interface/lib/lang/el.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'ΑπεÏιόÏιστα';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/en.lng b/interface/lib/lang/en.lng
index b5b2ebcdae470767a4fe90494fca53fe974236e6..60c389481020fd2a72a0a73f16a124b01bff8716 100644
--- a/interface/lib/lang/en.lng
+++ b/interface/lib/lang/en.lng
@@ -160,4 +160,6 @@ $wb['security_check2_txt'] = 'failed.';
$wb['select_directive_snippet_txt'] = 'Directive Snippets';
$wb['select_master_directive_snippet_txt'] = 'Master Directive Snippets';
$wb['unlimited_txt'] = "Unlimited";
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/es.lng b/interface/lib/lang/es.lng
index b78499f80022dc44300273382d58c10dd86ae090..6d20c7b66522108874fc78fc7a3f067919f61b45 100644
--- a/interface/lib/lang/es.lng
+++ b/interface/lib/lang/es.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Ilimitado';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/fi.lng b/interface/lib/lang/fi.lng
index 27749510bb0096803b629935fec60b6e23afcd3c..8f3c6bd0a19f2ee670b98fee8a33a4fa11598258 100644
--- a/interface/lib/lang/fi.lng
+++ b/interface/lib/lang/fi.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Unlimited';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/fr.lng b/interface/lib/lang/fr.lng
index c302b32faa302e897af10b0aae59e993fbc0af48..728dea1eed74d603bf52ea961b09764b1d817760 100644
--- a/interface/lib/lang/fr.lng
+++ b/interface/lib/lang/fr.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Illimité';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/hr.lng b/interface/lib/lang/hr.lng
index 3be5dc7e16ea3dfbdc161ac8d1196ccb368f87c3..e40f0a4c19162a3396ed24b651260b8bb386b654 100644
--- a/interface/lib/lang/hr.lng
+++ b/interface/lib/lang/hr.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'neograniÄeno';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/hu.lng b/interface/lib/lang/hu.lng
index 3fc91bd60095011e8d867cc26b0a963c0e847ce4..d75563e3b9c517e2c1978e01ef5c2f246f3f9d98 100644
--- a/interface/lib/lang/hu.lng
+++ b/interface/lib/lang/hu.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Korlátlan';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/id.lng b/interface/lib/lang/id.lng
index 13fbff1a0800e7484f367858a26b809409f96916..09ed444103a2e5145c3be8d8f0f2dc81837df30a 100644
--- a/interface/lib/lang/id.lng
+++ b/interface/lib/lang/id.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Tak terbatas';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/it.lng b/interface/lib/lang/it.lng
index 4a85a58e09266d2db52c2aaeff90667b9db77ef3..eb53245c4d8995d87d0a9b4916c25bf4cd12bbf4 100644
--- a/interface/lib/lang/it.lng
+++ b/interface/lib/lang/it.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'illimitati';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/ja.lng b/interface/lib/lang/ja.lng
index bb1290173c6a83bbcbceba6c2ff00f23442b99b5..723bf2e87adc4737ffc3c4ececd764e89c267a78 100644
--- a/interface/lib/lang/ja.lng
+++ b/interface/lib/lang/ja.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Unlimited';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/nl.lng b/interface/lib/lang/nl.lng
index a733142d49100c3b025c69ce20b387f00c74ecb9..0b7e4a0bbe32c958c09ef738b3ca26c2e09018d6 100644
--- a/interface/lib/lang/nl.lng
+++ b/interface/lib/lang/nl.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Ongelimiteerd';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/pl.lng b/interface/lib/lang/pl.lng
index ffbac09ef4008cf2bbbd0a0456a99ff758d6a9c5..300c8c9d83a6f6138a9b2cb6f3ba7136d18f15e4 100644
--- a/interface/lib/lang/pl.lng
+++ b/interface/lib/lang/pl.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'nielimitowane';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/pt.lng b/interface/lib/lang/pt.lng
index 195da8e61926311839005a8b7bf6be3ad1bd319c..6ea67a9d7056b0683ff01e9a71724f25fd5bbaab 100644
--- a/interface/lib/lang/pt.lng
+++ b/interface/lib/lang/pt.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Unlimited';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/ro.lng b/interface/lib/lang/ro.lng
index 1365a54172f3098dc1e8d5eba983730a46bc8c02..d67e4c9a8075059012981202f358dd0d19f1ea1c 100644
--- a/interface/lib/lang/ro.lng
+++ b/interface/lib/lang/ro.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Unlimited';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/ru.lng b/interface/lib/lang/ru.lng
index 19cdcf8a047170d3f36b310801ae3a1ffcd40318..fe9fef36440b61599993b48ebe60ccaae1dfc235 100644
--- a/interface/lib/lang/ru.lng
+++ b/interface/lib/lang/ru.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Создать Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ XMP
$wb['datalog_status_u_xmpp_user'] = 'Обновить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ XMPP';
$wb['datalog_status_d_xmpp_user'] = 'Удалить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ XMPP';
$wb['unlimited_txt'] = 'Безлимитный';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/se.lng b/interface/lib/lang/se.lng
index 2d3146f03389ae3acae8fd72c36a1f5c1c89b386..f5ad7a4cb590f56087b61cca306e7002acbdbe1d 100644
--- a/interface/lib/lang/se.lng
+++ b/interface/lib/lang/se.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Obegränsat';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/sk.lng b/interface/lib/lang/sk.lng
index ece15b3a22865520884ac048cd12e0ba679504aa..3ca7f2a2da9ef9765f2a839f11e0dc53dee4b213 100644
--- a/interface/lib/lang/sk.lng
+++ b/interface/lib/lang/sk.lng
@@ -159,4 +159,6 @@ $wb['datalog_status_i_xmpp_user'] = 'Create XMPP user';
$wb['datalog_status_u_xmpp_user'] = 'Update XMPP user';
$wb['datalog_status_d_xmpp_user'] = 'Delete XMPP user';
$wb['unlimited_txt'] = 'Unlimited';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/lang/tr.lng b/interface/lib/lang/tr.lng
index 31e5f2fbef4e7c47d45321d8bcc3cd08c1701cee..7721a3c0cbb78e779eeb49d43fb4777ceced215a 100644
--- a/interface/lib/lang/tr.lng
+++ b/interface/lib/lang/tr.lng
@@ -160,4 +160,6 @@ $wb['security_check2_txt'] = 'başarısız.';
$wb['select_directive_snippet_txt'] = 'Yönerge Kod Parçaları';
$wb['select_master_directive_snippet_txt'] = 'Ana Komut Parçaları';
$wb['unlimited_txt'] = 'Sınırsız';
-?>
+$wb['server_id_0_error_txt'] = 'Please select a valid Server. Server ID must be > 0.';
+$wb['datalog_changes_close_txt'] = 'Close';
+?>
\ No newline at end of file
diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php
index 3f9b0db5b6b7ef92fcbaf112ca4ea092d22872fb..0099b2002b95fb1ca5bf8a33d653616656b5daf4 100644
--- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php
+++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php
@@ -46,12 +46,20 @@ class sites_web_vhost_domain_plugin {
$vhostdomain_type = 'domain';
if($page_form->dataRecord['type'] == 'vhostalias') $vhostdomain_type = 'aliasdomain';
elseif($page_form->dataRecord['type'] == 'vhostsubdomain') $vhostdomain_type = 'subdomain';
-
- // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
- // also make sure that the user can not delete domain created by a admin
+
+ // make sure that the record belongs to the client group and not the admin group when a admin inserts it
+ // also make sure that the user can not delete domain created by a admin if client protection is enabled
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $page_form->id);
+ $app->uses('getconf');
+ $global_config = $app->getconf->get_global_config('sites');
+ if($global_config['client_protection'] == 'y') {
+ $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
+ } else {
+ $sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id);
+ $sysuser_id = (is_array($sysuser) && isset($sysuser['userid']) && $sysuser['userid'] > 0)?$sysuser['userid']:1;
+ $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser_id, $client_group_id, $this->id);
+ }
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
@@ -62,7 +70,7 @@ class sites_web_vhost_domain_plugin {
$web_config = $app->getconf->get_server_config($app->functions->intval($page_form->dataRecord['server_id']), 'web');
if(isset($app->tform) && is_object($app->tform)) $web_rec = $app->tform->getDataRecord($page_form->id);
else $web_rec = $app->remoting_lib->getDataRecord($page_form->id);
-
+
if($vhostdomain_type == 'domain') {
$document_root = str_replace("[website_id]", $page_form->id, $web_config["website_path"]);
$document_root = str_replace("[website_idhash_1]", $this->id_hash($page_form->id, 1), $document_root);
@@ -97,7 +105,7 @@ class sites_web_vhost_domain_plugin {
$document_root = str_replace("[client_idhash_2]", $this->id_hash($client_id, 2), $document_root);
$document_root = str_replace("[client_idhash_3]", $this->id_hash($client_id, 3), $document_root);
$document_root = str_replace("[client_idhash_4]", $this->id_hash($client_id, 4), $document_root);
-
+
if($event_name == 'sites:web_vhost_domain:on_after_update') {
if(($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) && isset($page_form->dataRecord["client_group_id"]) && $page_form->dataRecord["client_group_id"] != $page_form->oldDataRecord["sys_groupid"]) {
@@ -280,7 +288,7 @@ class sites_web_vhost_domain_plugin {
$php_open_basedir = str_replace("[website_path]", $document_root, $web_config["php_open_basedir"]);
$php_open_basedir = str_replace("[website_domain]", $app->functions->idn_encode($page_form->dataRecord['domain']), $php_open_basedir);
$htaccess_allow_override = $web_config["htaccess_allow_override"];
-
+
$sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ? WHERE domain_id = ?";
$app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $page_form->id);
}
diff --git a/interface/web/admin/form/server_config.tform.php b/interface/web/admin/form/server_config.tform.php
index de2caf175023ca6718a1ae4c753a7f5980f6b998..680a52c57455e5e98d95512660752325b2add360 100644
--- a/interface/web/admin/form/server_config.tform.php
+++ b/interface/web/admin/form/server_config.tform.php
@@ -1814,6 +1814,18 @@ $form["tabs"]['jailkit'] = array(
'width' => '40',
'maxlength' => '1000'
),
+ 'jailkit_chroot_authorized_keys_template' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '',
+ 'validators' => array( 0 => array ( 'type' => 'REGEX',
+ 'regex' => '/^[a-zA-Z0-9\.\-\_\/\ ]*$/',
+ 'errmsg'=> 'jailkit_chroot_authorized_keys_template_error_regex'),
+ ),
+ 'value' => '',
+ 'width' => '40',
+ 'maxlength' => '1000'
+ ),
//#################################
// END Datatable fields
//#################################
diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php
index 4dd069b613a99aa7bc694ceba6d656a785172fcc..0e29902c33ed7a2886e70cb64a6f7551819e5958 100644
--- a/interface/web/admin/form/system_config.tform.php
+++ b/interface/web/admin/form/system_config.tform.php
@@ -148,6 +148,12 @@ $form["tabs"]['sites'] = array (
'width' => '30',
'maxlength' => '255'
),
+ 'client_protection' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'y',
+ 'value' => array(0 => 'n', 1 => 'y')
+ ),
'vhost_subdomains' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
@@ -795,4 +801,3 @@ $form['tabs']['dns_ca'] = array (
)
)
);
-
diff --git a/interface/web/admin/lib/lang/ar_server_config.lng b/interface/web/admin/lib/lang/ar_server_config.lng
index 4123c113d18a4a8d298321fc5610dc805425659b..2daeadecc8be7e8315e1ad298637ea1cc7714717 100644
--- a/interface/web/admin/lib/lang/ar_server_config.lng
+++ b/interface/web/admin/lib/lang/ar_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/ar_system_config.lng b/interface/web/admin/lib/lang/ar_system_config.lng
index b871fc930c23eb9327f607d14d2d44f702479975..495da61225f79edd9ee37810249121dba7e6d0a7 100644
--- a/interface/web/admin/lib/lang/ar_system_config.lng
+++ b/interface/web/admin/lib/lang/ar_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/bg_server_config.lng b/interface/web/admin/lib/lang/bg_server_config.lng
index 463d1c7b2a2e0c08b40bbe929412c8794c115869..7bf8b2c73c74dde9e64dc4215968321069fbb8e0 100644
--- a/interface/web/admin/lib/lang/bg_server_config.lng
+++ b/interface/web/admin/lib/lang/bg_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/bg_system_config.lng b/interface/web/admin/lib/lang/bg_system_config.lng
index cf8e8c8273fc278b01ec2ef873e60b2445d9b94b..25ad5d2cc5e1e504c65a3be5c355f7c564f61bb2 100644
--- a/interface/web/admin/lib/lang/bg_system_config.lng
+++ b/interface/web/admin/lib/lang/bg_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/br_server_config.lng b/interface/web/admin/lib/lang/br_server_config.lng
index 65a2dc4fd754a3086d8c386b57936931dd5e3d55..48ed0395b74e64331bd9110067bda10708d8dbbe 100644
--- a/interface/web/admin/lib/lang/br_server_config.lng
+++ b/interface/web/admin/lib/lang/br_server_config.lng
@@ -311,3 +311,5 @@ $wb['rspamd_password_txt'] = 'Senha do rspamd';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
diff --git a/interface/web/admin/lib/lang/br_system_config.lng b/interface/web/admin/lib/lang/br_system_config.lng
index eccac5d178b3e142e60226a0c12d1d580bb7d87e..a6802651161e74c1befae13e99540ef629561c87 100644
--- a/interface/web/admin/lib/lang/br_system_config.lng
+++ b/interface/web/admin/lib/lang/br_system_config.lng
@@ -94,4 +94,5 @@ $wb['active_txt'] = 'Ativo';
$wb['btn_save_txt'] = 'Salvar';
$wb['btn_cancel_txt'] = 'Cancelar';
$wb['web_php_options_txt'] = 'Manipulador do php (Somente apache)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/ca_server_config.lng b/interface/web/admin/lib/lang/ca_server_config.lng
index 496df78f77719a6b8f774d4f2ce9e52878ff9585..89c426fc52f46a94a82713aaced35d9185ff26f1 100644
--- a/interface/web/admin/lib/lang/ca_server_config.lng
+++ b/interface/web/admin/lib/lang/ca_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/ca_system_config.lng b/interface/web/admin/lib/lang/ca_system_config.lng
index 17e4fd3db8e2c04e465cfea0e620b03a9f6f2457..f40012120f60b186e9503f3680fa5a2102d6f424 100644
--- a/interface/web/admin/lib/lang/ca_system_config.lng
+++ b/interface/web/admin/lib/lang/ca_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/cz_server_config.lng b/interface/web/admin/lib/lang/cz_server_config.lng
index fbc1d777c38db51e08644ad60c7aaf92d94f800c..f52af24a87e818b5c211310c8fba46d059b262a7 100644
--- a/interface/web/admin/lib/lang/cz_server_config.lng
+++ b/interface/web/admin/lib/lang/cz_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/cz_system_config.lng b/interface/web/admin/lib/lang/cz_system_config.lng
index fb9f4cf843a9eb64ac62585d8c0de38103df30ac..b7a7515403ae91f3acd6d7ccccdc43dbba820ce4 100644
--- a/interface/web/admin/lib/lang/cz_system_config.lng
+++ b/interface/web/admin/lib/lang/cz_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'AktivnÃ';
$wb['btn_save_txt'] = 'Uložit';
$wb['btn_cancel_txt'] = 'Zrušit';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/de_server_config.lng b/interface/web/admin/lib/lang/de_server_config.lng
index 1646360a7ad59cca871ffb39a87105b7a81ac0c5..0746e6bfdf14d0d15a14f60cce61b382e8b89fa0 100644
--- a/interface/web/admin/lib/lang/de_server_config.lng
+++ b/interface/web/admin/lib/lang/de_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd-Passwort';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/de_system_config.lng b/interface/web/admin/lib/lang/de_system_config.lng
index 7e88eccd00ea2e777818a2355a6643bc52202958..58575617ad2a9eadb05eae0edf6c28a9841c2052 100644
--- a/interface/web/admin/lib/lang/de_system_config.lng
+++ b/interface/web/admin/lib/lang/de_system_config.lng
@@ -99,4 +99,5 @@ $wb['active_txt'] = 'Aktiv';
$wb['btn_save_txt'] = 'Speichern';
$wb['btn_cancel_txt'] = 'Abbrechen';
$wb['web_php_options_txt'] = 'PHP Handler (Nur Apache)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/dk_server_config.lng b/interface/web/admin/lib/lang/dk_server_config.lng
index 476e43216105bb5ed402fb7c81d0a689c952f33d..772d46080fc140c0be1ec6e4106bfb60dff4f39e 100644
--- a/interface/web/admin/lib/lang/dk_server_config.lng
+++ b/interface/web/admin/lib/lang/dk_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/dk_system_config.lng b/interface/web/admin/lib/lang/dk_system_config.lng
index 2be15ca1a087bd17476a9b4d93e11426aded1dad..6801b566c9aeea8cb574e8cca7d36596831db6f8 100644
--- a/interface/web/admin/lib/lang/dk_system_config.lng
+++ b/interface/web/admin/lib/lang/dk_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/el_server_config.lng b/interface/web/admin/lib/lang/el_server_config.lng
index cf215b939e148c2707c55f7b348bb2d0d1cfaba8..808cd63afefe3e1fc108c3e8ba8668b0872efa96 100644
--- a/interface/web/admin/lib/lang/el_server_config.lng
+++ b/interface/web/admin/lib/lang/el_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/el_system_config.lng b/interface/web/admin/lib/lang/el_system_config.lng
index 045e20d02105bbfbe3adbdec37b5d8d87e6c4280..f324e335b3c1af3e0eaab925683e7ebbdef0100b 100644
--- a/interface/web/admin/lib/lang/el_system_config.lng
+++ b/interface/web/admin/lib/lang/el_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/en_server_config.lng b/interface/web/admin/lib/lang/en_server_config.lng
index e12e1d40426ca203f7579865c791eb1b3235fa96..ff7e39c70578b2e14634a26d1dad3f6d0e7a1f03 100644
--- a/interface/web/admin/lib/lang/en_server_config.lng
+++ b/interface/web/admin/lib/lang/en_server_config.lng
@@ -14,6 +14,7 @@ $wb["jailkit_chroot_home_txt"] = 'Jailkit chroot home';
$wb["jailkit_chroot_app_sections_txt"] = 'Jailkit chroot app sections';
$wb["jailkit_chroot_app_programs_txt"] = 'Jailkit chrooted applications';
$wb["jailkit_chroot_cron_programs_txt"] = 'Jailkit cron chrooted applications';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
$wb["website_path_txt"] = 'Website path';
$wb["website_symlinks_txt"] = 'Website symlinks';
$wb['website_symlinks_rel_txt'] = 'Make relative symlinks';
@@ -269,6 +270,7 @@ $wb['jailkit_chroot_home_error_regex'] = 'Invalid jaikit chroot home.';
$wb['jailkit_chroot_app_sections_error_regex'] = 'Invalid jaikit chroot sections.';
$wb['jailkit_chroot_app_programs_error_regex'] = 'Invalid jaikit chroot app programs.';
$wb['jailkit_chroot_cron_programs_error_regex'] = 'Invalid jaikit chroot cron programs.';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
$wb['vlogger_config_dir_error_regex'] = 'Invalid vlogger config dir.';
$wb['cron_init_script_error_regex'] = 'Invalid cron init script.';
$wb['crontab_dir_error_regex'] = 'Invalid crontab directory.';
diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng
index 27a5e58f28ef69c819f72bb93aefac13b9e93011..882e6c21c3220012c626cc14027d9b27d096391f 100644
--- a/interface/web/admin/lib/lang/en_system_config.lng
+++ b/interface/web/admin/lib/lang/en_system_config.lng
@@ -102,4 +102,5 @@ $wb['active_txt'] = 'Active';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/es_server_config.lng b/interface/web/admin/lib/lang/es_server_config.lng
index f34393169587445521f160bd3420c5244532bf9f..9cf590a619b89edc59bcc59282facab049f02ec5 100644
--- a/interface/web/admin/lib/lang/es_server_config.lng
+++ b/interface/web/admin/lib/lang/es_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/es_system_config.lng b/interface/web/admin/lib/lang/es_system_config.lng
index 96e1e4487a549bcd3d14be03d2c07550998da066..4eeaa9abe994ca43dca157d771086938ab041280 100644
--- a/interface/web/admin/lib/lang/es_system_config.lng
+++ b/interface/web/admin/lib/lang/es_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/fi_server_config.lng b/interface/web/admin/lib/lang/fi_server_config.lng
index 6eefadb45f44fbf9d8c69851a1d4fbd0214842e9..654a63a501325f9cf5deb39e39121655bc7f7e07 100644
--- a/interface/web/admin/lib/lang/fi_server_config.lng
+++ b/interface/web/admin/lib/lang/fi_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/fi_system_config.lng b/interface/web/admin/lib/lang/fi_system_config.lng
index b6102f7f62e8e224d96c8a818d0f4abec2d32375..831eee9ff6d9837bf651037b583fdb6091f18b86 100644
--- a/interface/web/admin/lib/lang/fi_system_config.lng
+++ b/interface/web/admin/lib/lang/fi_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/fr_server_config.lng b/interface/web/admin/lib/lang/fr_server_config.lng
index 88717952099a752ca420245a0566b1cf3d508d47..8ba5123460f934bc3acf3ea1e1b09ab2422c2cec 100644
--- a/interface/web/admin/lib/lang/fr_server_config.lng
+++ b/interface/web/admin/lib/lang/fr_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/fr_system_config.lng b/interface/web/admin/lib/lang/fr_system_config.lng
index 38e2573044b93340c8cb496387d16f0d9f5e6086..a5270b879fa8d5284eb3f3a26db43f40d3f4957d 100644
--- a/interface/web/admin/lib/lang/fr_system_config.lng
+++ b/interface/web/admin/lib/lang/fr_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/hr_server_config.lng b/interface/web/admin/lib/lang/hr_server_config.lng
index b36fd1348643d5833a2891a007373581e98fb8ac..6dd61c1b9257163986af752b6c317f046b49c7f7 100644
--- a/interface/web/admin/lib/lang/hr_server_config.lng
+++ b/interface/web/admin/lib/lang/hr_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/hr_system_config.lng b/interface/web/admin/lib/lang/hr_system_config.lng
index ab8756e95621c3666a91d2c507700938e404f2fa..220ca7e90ca9482831ad458a7ab47deeaac8a712 100644
--- a/interface/web/admin/lib/lang/hr_system_config.lng
+++ b/interface/web/admin/lib/lang/hr_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/hu_server_config.lng b/interface/web/admin/lib/lang/hu_server_config.lng
index 789e86a64989643f0a039e5edc585bd869fd6b08..a62b7c3834ea84ef19677dbc292217f537373a52 100644
--- a/interface/web/admin/lib/lang/hu_server_config.lng
+++ b/interface/web/admin/lib/lang/hu_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/hu_system_config.lng b/interface/web/admin/lib/lang/hu_system_config.lng
index 4262b892099af4ec5e6d366ec53824b7c5ca7bad..0069f31c07448ed4fcf4e2fb1f277604be3ccff9 100644
--- a/interface/web/admin/lib/lang/hu_system_config.lng
+++ b/interface/web/admin/lib/lang/hu_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/id_server_config.lng b/interface/web/admin/lib/lang/id_server_config.lng
index ee197a4d0a9e9154c78b6c09363d8231c66f162e..7d1a85626fdf9ccf5b13e5432e2a3178358804da 100644
--- a/interface/web/admin/lib/lang/id_server_config.lng
+++ b/interface/web/admin/lib/lang/id_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/id_system_config.lng b/interface/web/admin/lib/lang/id_system_config.lng
index fe545e7476f06ecc07e8499434024ac4aa853e6d..539699da888897e43fee3bcce3425a3b5ed3a463 100644
--- a/interface/web/admin/lib/lang/id_system_config.lng
+++ b/interface/web/admin/lib/lang/id_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/it_server_config.lng b/interface/web/admin/lib/lang/it_server_config.lng
index cd71123720fffca2b2ed0f0d35ee11e55bcca809..9db4bb523a04e2a6bc348bd8433b3061b97f081e 100644
--- a/interface/web/admin/lib/lang/it_server_config.lng
+++ b/interface/web/admin/lib/lang/it_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/it_system_config.lng b/interface/web/admin/lib/lang/it_system_config.lng
index f261ba3e8127bcfe843a64c32c0d6a9a24bed76c..0c20959df29caa4f411234e58d0cc4b6e8fd6f0e 100644
--- a/interface/web/admin/lib/lang/it_system_config.lng
+++ b/interface/web/admin/lib/lang/it_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/ja_server_config.lng b/interface/web/admin/lib/lang/ja_server_config.lng
index 4ef8d13422baef55f4a63c3031bee07294a658a9..9956c4ea942313db2ad46759aa07e5f5646a5158 100644
--- a/interface/web/admin/lib/lang/ja_server_config.lng
+++ b/interface/web/admin/lib/lang/ja_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/ja_system_config.lng b/interface/web/admin/lib/lang/ja_system_config.lng
index 96ce2d2ad64d66ba0f3fbcb8b5014c382642397c..f6b5c9e1a519ec3ba3f642bb94d5c3e11792ede1 100644
--- a/interface/web/admin/lib/lang/ja_system_config.lng
+++ b/interface/web/admin/lib/lang/ja_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/nl_server_config.lng b/interface/web/admin/lib/lang/nl_server_config.lng
index 5b5fcf122bf4350700f11285a66eb928b832a16b..a904e4e3d6cd92b2167f357cd84e3de1058fa7f1 100644
--- a/interface/web/admin/lib/lang/nl_server_config.lng
+++ b/interface/web/admin/lib/lang/nl_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/nl_system_config.lng b/interface/web/admin/lib/lang/nl_system_config.lng
index f9f59896bfc226da7d2839d62e28ae6676b632f6..19eae464a354a780c17bdbd273c7241356292ca6 100644
--- a/interface/web/admin/lib/lang/nl_system_config.lng
+++ b/interface/web/admin/lib/lang/nl_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/pl_server_config.lng b/interface/web/admin/lib/lang/pl_server_config.lng
index 1d6caa8e5eff0879c14e9dac9e7c42d7e8a47441..d85c337d6470e61215723957045e38276fee98c8 100644
--- a/interface/web/admin/lib/lang/pl_server_config.lng
+++ b/interface/web/admin/lib/lang/pl_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/pl_system_config.lng b/interface/web/admin/lib/lang/pl_system_config.lng
index 5f49133f561589911d3e9095e7891ab98ca6e628..f44853ccb2b4ecb62bacdc99784592a4b5ff489e 100644
--- a/interface/web/admin/lib/lang/pl_system_config.lng
+++ b/interface/web/admin/lib/lang/pl_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/pt_server_config.lng b/interface/web/admin/lib/lang/pt_server_config.lng
index fcf7a23e88117d6f58b1cf75950fd5e4947f4944..e2051d0fffbbc52a9c36a1ccbdb5e4c1f8a0abeb 100644
--- a/interface/web/admin/lib/lang/pt_server_config.lng
+++ b/interface/web/admin/lib/lang/pt_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/pt_system_config.lng b/interface/web/admin/lib/lang/pt_system_config.lng
index 10b87a40ae223ca364da96b44c5fad4543913016..bbfedbf3a43f5b931b99ca8b6bea80a03a8afdb6 100644
--- a/interface/web/admin/lib/lang/pt_system_config.lng
+++ b/interface/web/admin/lib/lang/pt_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/ro_server_config.lng b/interface/web/admin/lib/lang/ro_server_config.lng
index 2c3b4fdce48d33abc402d4312ba7f338c68e4b1e..33b430de8363396706bb0ca4bfd939690842e360 100644
--- a/interface/web/admin/lib/lang/ro_server_config.lng
+++ b/interface/web/admin/lib/lang/ro_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/ro_system_config.lng b/interface/web/admin/lib/lang/ro_system_config.lng
index 56c7e40059a858ff89d41c80aed078db9b1a69e9..a7756c737d8361c0147b26179f8fde2a29a06f90 100644
--- a/interface/web/admin/lib/lang/ro_system_config.lng
+++ b/interface/web/admin/lib/lang/ro_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/ru_server_config.lng b/interface/web/admin/lib/lang/ru_server_config.lng
index f3f5a47c7d907006a4f4f4a80e62b163d4484c16..07aa94b967bcb621edf26a716c528fc47043ca14 100644
--- a/interface/web/admin/lib/lang/ru_server_config.lng
+++ b/interface/web/admin/lib/lang/ru_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/ru_system_config.lng b/interface/web/admin/lib/lang/ru_system_config.lng
index c0da3d894a8ebcfb8c6121a8011cfb79273dbc67..37d9c263abf8e2ce1ac5e152a73804d0eb05157a 100644
--- a/interface/web/admin/lib/lang/ru_system_config.lng
+++ b/interface/web/admin/lib/lang/ru_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/se_server_config.lng b/interface/web/admin/lib/lang/se_server_config.lng
index 634c3655a76d2c7a32dac14b8906275d940f4349..a8ece108ca2bd3acbad4b6488034b96a44aed05e 100644
--- a/interface/web/admin/lib/lang/se_server_config.lng
+++ b/interface/web/admin/lib/lang/se_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/se_system_config.lng b/interface/web/admin/lib/lang/se_system_config.lng
index bf24b9852b8b275da9a8d8f7b143271bf7d760c8..6768bc411887e561c57362e0eb73370bf7f0cd6a 100644
--- a/interface/web/admin/lib/lang/se_system_config.lng
+++ b/interface/web/admin/lib/lang/se_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/sk_server_config.lng b/interface/web/admin/lib/lang/sk_server_config.lng
index 50c8c0b4c9d0bac3c70cc96802c8d430ab0ab2e3..d8ca8233b3d2713d54c097d53d4c50b633789d5c 100644
--- a/interface/web/admin/lib/lang/sk_server_config.lng
+++ b/interface/web/admin/lib/lang/sk_server_config.lng
@@ -310,4 +310,6 @@ $wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/sk_system_config.lng b/interface/web/admin/lib/lang/sk_system_config.lng
index 2fdce03e691badf87b628a17e21c66ee2d50995d..85a96bf5bf1126e65cccd898d2a7bb2276197934 100644
--- a/interface/web/admin/lib/lang/sk_system_config.lng
+++ b/interface/web/admin/lib/lang/sk_system_config.lng
@@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/lib/lang/tr_server_config.lng b/interface/web/admin/lib/lang/tr_server_config.lng
index 09aa3adf2d9bd484cd242db73f572a3b23230872..497116a00de3fbb89a5f7a2033f9420d608d4343 100644
--- a/interface/web/admin/lib/lang/tr_server_config.lng
+++ b/interface/web/admin/lib/lang/tr_server_config.lng
@@ -304,4 +304,6 @@ $wb['php_default_name_error_empty'] = 'Varsayılan PHP sürümü açıklaması b
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
+$wb["jailkit_chroot_authorized_keys_template_txt"] = 'Jailkit authorized_keys template';
+$wb['jailkit_chroot_authorized_keys_template_error_regex'] = 'Invalid jaikit chroot authorized_keys template file.';
?>
diff --git a/interface/web/admin/lib/lang/tr_system_config.lng b/interface/web/admin/lib/lang/tr_system_config.lng
index afc8a9239f2df64b2b9ca3dabe6d10ca01ba44d7..b4cb7c8d11bc3db4633af003cc31f0ea0595de59 100644
--- a/interface/web/admin/lib/lang/tr_system_config.lng
+++ b/interface/web/admin/lib/lang/tr_system_config.lng
@@ -89,4 +89,5 @@ $wb['custom_login_link_txt'] = 'Oturum Açma Sayfası Bağlantısı';
$wb['login_link_error_regex'] = 'Oturum Açma Bağlantısı Geçersiz';
$wb["default_remote_dbserver_txt"] = "Default DB Remote servers";
$wb["disable_client_remote_dbserver_txt"] = "Disable DB Remote sections for Clients";
+$wb['client_protection_txt'] = 'Client protection';
?>
diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php
index 04db6717b0d3eb37aca9ae625d3d1a8154a0c982..9b3102e60e337c7a2dcef9a131cd444e3b5fa08e 100644
--- a/interface/web/admin/system_config_edit.php
+++ b/interface/web/admin/system_config_edit.php
@@ -96,7 +96,7 @@ class page_action extends tform_actions {
if($available_dashlets_txt == '') $available_dashlets_txt = '------';
$app->tpl->setVar("available_dashlets_txt", $available_dashlets_txt);
-
+
// Logo
$sys_ini = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = ?", $this->id);
if($sys_ini['custom_logo'] != ''){
@@ -156,6 +156,13 @@ class page_action extends tform_actions {
*/
$new_config = $app->tform->encode($this->dataRecord, $section);
+
+ if($section == 'sites' && $new_config['client_protection'] != 'y' && $server_config_array['sites']['client_protection'] == 'y') {
+ $app->db->query("UPDATE `web_domain` SET `sys_userid` = (select `userid` FROM `sys_user` WHERE `default_group` = `web_domain`.`sys_groupid`), `sys_perm_group` = 'riud' WHERE `added_by` = 'admin' and sys_groupid > 0");
+ } elseif($section == 'sites' && $new_config['client_protection'] != 'n' && $server_config_array['sites']['client_protection'] == 'n') {
+ $app->db->query("UPDATE `web_domain` SET `sys_userid` = 1, `sys_perm_group` = 'ru' WHERE `added_by` = 'admin'");
+ }
+
if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['sites']['vhost_subdomains'] == 'y') {
// check for existing vhost subdomains, if found the mode cannot be disabled
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_domain` WHERE `type` = 'vhostsubdomain'");
@@ -198,13 +205,13 @@ class page_action extends tform_actions {
"FROM dns_soa";
$app->db->query($sql);
}
-
+
//die(print_r($_FILES));
// Logo
/*
if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name'])){
//print_r($_FILES);
-
+
$path= $_FILES['file']['tmp_name'];
$type = pathinfo($path, PATHINFO_EXTENSION);
$data = file_get_contents($path);
diff --git a/interface/web/admin/templates/server_config_jailkit_edit.htm b/interface/web/admin/templates/server_config_jailkit_edit.htm
index b7a749147654c6fab6105400cafb7ec691d980c8..4b7028bd3b1449dd7eea31592af54b8234eac230 100644
--- a/interface/web/admin/templates/server_config_jailkit_edit.htm
+++ b/interface/web/admin/templates/server_config_jailkit_edit.htm
@@ -17,6 +17,9 @@
<div class="form-group">
<label for="jailkit_chroot_cron_programs" class="col-sm-3 control-label">{tmpl_var name='jailkit_chroot_cron_programs_txt'}</label>
<div class="col-sm-9"><input type="text" name="jailkit_chroot_cron_programs" id="jailkit_chroot_cron_programs" value="{tmpl_var name='jailkit_chroot_cron_programs'}" class="form-control" /></div></div>
+ <div class="form-group">
+ <label for="jailkit_chroot_authorized_keys_template" class="col-sm-3 control-label">{tmpl_var name='jailkit_chroot_authorized_keys_template_txt'}</label>
+ <div class="col-sm-9"><input type="text" name="jailkit_chroot_authorized_keys_template" id="jailkit_chroot_authorized_keys_template" value="{tmpl_var name='jailkit_chroot_authorized_keys_template'}" class="form-control" /></div></div>
<input type="hidden" name="id" value="{tmpl_var name='id'}">
diff --git a/interface/web/admin/templates/system_config_sites_edit.htm b/interface/web/admin/templates/system_config_sites_edit.htm
index 82576d5e53308b0e2bac0e7e89dc5b9c2a481efe..c84b50e6b81ecb3304a4ef68bf8154013545ae89 100644
--- a/interface/web/admin/templates/system_config_sites_edit.htm
+++ b/interface/web/admin/templates/system_config_sites_edit.htm
@@ -26,6 +26,12 @@
<div class="form-group">
<label for="webftp_url" class="col-sm-3 control-label">{tmpl_var name='webftp_url_txt'}</label>
<div class="col-sm-9"><input type="text" name="webftp_url" id="webftp_url" value="{tmpl_var name='webftp_url'}" class="form-control" /></div></div>
+ <div class="form-group">
+ <label class="col-sm-3 control-label">{tmpl_var name='client_protection_txt'}</label>
+ <div class="col-sm-9">
+ {tmpl_var name='client_protection'}
+ </div>
+ </div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='vhost_subdomains_txt'}</label>
<div class="col-sm-9">
@@ -84,10 +90,10 @@
<label for="default_remote_dbserver" class="col-sm-3 control-label">{tmpl_var name='default_remote_dbserver_txt'}</label>
<div class="col-sm-9"><input type="text" name="default_remote_dbserver" id="default_remote_dbserver" value="{tmpl_var name='default_remote_dbserver'}" class="form-control" /></div>
</div>
-
-
+
+
<input type="hidden" name="id" value="{tmpl_var name='id'}">
-
+
<div class="clear"><div class="right">
<button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="admin/system_config_edit.php">{tmpl_var name='btn_save_txt'}</button>
<button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="admin/users_list.php">{tmpl_var name='btn_cancel_txt'}</button>
diff --git a/interface/web/client/domain_edit.php b/interface/web/client/domain_edit.php
index 094e1899be3b8b7eb16f0c1b322d092884d5e851..af7b900b9109a475b20b238c4060f4d5135c635f 100644
--- a/interface/web/client/domain_edit.php
+++ b/interface/web/client/domain_edit.php
@@ -67,7 +67,7 @@ class page_action extends tform_actions {
function onShowEnd() {
global $app, $conf, $wb;
-
+
if($_SESSION["s"]["user"]["typ"] != 'admin' && $this->id == 0) {
if(!$app->tform->checkClientLimit('limit_domainmodule')) {
$app->uses('ini_parser,getconf');
@@ -100,7 +100,7 @@ class page_action extends tform_actions {
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
$client = $app->functions->htmlentities($client);
-
+
// Fill the client select field
$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
//die($sql);
diff --git a/interface/web/dns/dns_soa_edit.php b/interface/web/dns/dns_soa_edit.php
index ec5ba67c79de4e675647ab21ea1ba1b823118ce2..e17571e73612e8db511c303479aa3c87aed0ae8c 100644
--- a/interface/web/dns/dns_soa_edit.php
+++ b/interface/web/dns/dns_soa_edit.php
@@ -296,12 +296,17 @@ function onSubmit() {
$this->dataRecord["xfer"] = preg_replace('/\s+/', '', $this->dataRecord["xfer"]);
$this->dataRecord["also_notify"] = preg_replace('/\s+/', '', $this->dataRecord["also_notify"]);
+
+ if(isset($this->dataRecord['dnssec_wanted']) && $this->dataRecord['dnssec_wanted'] == 'Y' && $this->dataRecord['dnssec_algo'] == '') $this->dataRecord['dnssec_algo'] = 'ECDSAP256SHA256';
//* Check if a secondary zone with the same name already exists
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_slave WHERE origin = ? AND server_id = ?", $this->dataRecord["origin"], $this->dataRecord["server_id"]);
if($tmp["number"] > 0) {
$app->error($app->tform->wordbook["origin_error_unique"]);
}
+
+ //* server_id must be > 0
+ if(isset($this->dataRecord["server_id"]) && $this->dataRecord["server_id"] < 1) $app->tform->errorMessage .= $app->lng("server_id_0_error_txt");
}
parent::onSubmit();
}
diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
index 91b2307dc5126dc3650a1f3a38a754ea135151e9..b2320dc6bf98466d0cb6726870665ffb06a1e41d 100644
--- a/interface/web/dns/dns_wizard.php
+++ b/interface/web/dns/dns_wizard.php
@@ -339,6 +339,7 @@ if($_POST['create'] == 1) {
$section = '';
$vars = array();
$vars['xfer']='';
+ $vars['dnssec_algo']='ECDSAP256SHA256';
$dns_rr = array();
foreach($tpl_rows as $row) {
$row = trim($row);
@@ -398,6 +399,7 @@ if($_POST['create'] == 1) {
$xfer = $vars['xfer'];
$also_notify = $vars['also_notify'];
$update_acl = $vars['update_acl'];
+ $dnssec_algo = $vars['dnssec_algo'];
$serial = $app->validate_dns->increase_serial(0);
$insert_data = array(
@@ -420,7 +422,8 @@ if($_POST['create'] == 1) {
"xfer" => $xfer,
"also_notify" => $also_notify,
"update_acl" => $update_acl,
- "dnssec_wanted" => $enable_dnssec
+ "dnssec_wanted" => $enable_dnssec,
+ "dnssec_algo" => $dnssec_algo
);
$dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id');
if($dns_soa_id > 0) $app->plugin->raiseEvent('dns:wizard:on_after_insert', $dns_soa_id);
diff --git a/interface/web/dns/form/dns_soa.tform.php b/interface/web/dns/form/dns_soa.tform.php
index cf0d143916c5fe2679777d1756ec96089bac9105..81389c4553f540a2f1ae367fdf7bf5858011bd7f 100644
--- a/interface/web/dns/form/dns_soa.tform.php
+++ b/interface/web/dns/form/dns_soa.tform.php
@@ -276,6 +276,15 @@ $form["tabs"]['dns_soa'] = array (
'default' => 'Y',
'value' => array(0 => 'N', 1 => 'Y')
),
+ 'dnssec_algo' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOXARRAY',
+ 'separator' => ',',
+ 'default' => 'ECDSAP256SHA256',
+ 'value' => array('NSEC3RSASHA1' => '7 (NSEC3RSASHA1)','ECDSAP256SHA256' => '13 (ECDSAP256SHA256)'),
+ 'width' => '30',
+ 'maxlength' => '255'
+ ),
'dnssec_info' => array (
'datatype' => 'TEXT',
'formtype' => 'TEXTAREA',
diff --git a/interface/web/dns/lib/lang/ar_dns_soa.lng b/interface/web/dns/lib/lang/ar_dns_soa.lng
index c9721cebc0e2de6bb770816a544e0b3b8dd3863d..8c13c59e8e67b1fd37768608289f51f01610d997 100644
--- a/interface/web/dns/lib/lang/ar_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ar_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/bg_dns_soa.lng b/interface/web/dns/lib/lang/bg_dns_soa.lng
index 151e3ead11483260d8acabf8ac729d7b0a5324c4..9e9e8bf3f50ce64fb5c25ebf642efd6cea336c1f 100644
--- a/interface/web/dns/lib/lang/bg_dns_soa.lng
+++ b/interface/web/dns/lib/lang/bg_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/br_dns_soa.lng b/interface/web/dns/lib/lang/br_dns_soa.lng
index f5385c4706b98e51611e803341ac3ea1a4f35ac4..f1cb453e9959cf0b883cad31460a9982bd4d1ebe 100644
--- a/interface/web/dns/lib/lang/br_dns_soa.lng
+++ b/interface/web/dns/lib/lang/br_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['ttl_range_error'] = 'Intervalo mÃnimo do TTL são 60 segundos.';
$wb['error_not_allowed_server_id'] = 'O servidor selecionado não é permitido para esta conta.';
$wb['soa_cannot_be_changed_txt'] = 'A zona (SOA) não pode ser alterada. Por favor, contate o administrador se deseja alterar esta zona.';
$wb['configuration_error_txt'] = 'ERRO DE CONFIGURAÇÃO';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/ca_dns_soa.lng b/interface/web/dns/lib/lang/ca_dns_soa.lng
index 0b6759f07372f84c449c17942f8c4ca849225a53..ee2fdb07b64c3a188cca64d12fe20b6129c21f69 100644
--- a/interface/web/dns/lib/lang/ca_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ca_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/cz_dns_soa.lng b/interface/web/dns/lib/lang/cz_dns_soa.lng
index cb35f0ef3bbe946036dd51179d8f5c0ef92ce730..ba6b2d4b52b6ac8d3d0ffa770ee5f02b2f5133fd 100644
--- a/interface/web/dns/lib/lang/cz_dns_soa.lng
+++ b/interface/web/dns/lib/lang/cz_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'Když deaktivujete DNSSEC klÃÄe nebudou odstranÄ›
$wb['error_not_allowed_server_id'] = 'Vybraný server nenà pro tento úÄet povolen.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/de_dns_soa.lng b/interface/web/dns/lib/lang/de_dns_soa.lng
index 76d139391ddb580830e537c7050f09171d3bc943..14897b24e45fd86dbca1e4ddfc95d3317c6aae4b 100644
--- a/interface/web/dns/lib/lang/de_dns_soa.lng
+++ b/interface/web/dns/lib/lang/de_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['xfer_error_regex'] = 'Zonentransfer: Verwenden Sie eine oder mehrere durch
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithmus';
?>
diff --git a/interface/web/dns/lib/lang/dk_dns_soa.lng b/interface/web/dns/lib/lang/dk_dns_soa.lng
index 6a3d71d973588f748bbda7b7d566a23442ed8a8a..a4ff50f14fa3f705e59b6ba19472bf8bd5f7ad5d 100644
--- a/interface/web/dns/lib/lang/dk_dns_soa.lng
+++ b/interface/web/dns/lib/lang/dk_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'The Zone (SOA) can not be changed. Please contact your administrator to change the zone.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/el_dns_soa.lng b/interface/web/dns/lib/lang/el_dns_soa.lng
index 4d8c876d28aab75d4c6e893dcd1667363f9cf758..aae62bef7618261ef0cb8e116287d33db8a68931 100644
--- a/interface/web/dns/lib/lang/el_dns_soa.lng
+++ b/interface/web/dns/lib/lang/el_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/en_dns_soa.lng b/interface/web/dns/lib/lang/en_dns_soa.lng
index 1729a4d0cbe9b2e3a311462517c1dc811e11460c..7d130b34b03223a5ef82db646e913d652b39bd17 100644
--- a/interface/web/dns/lib/lang/en_dns_soa.lng
+++ b/interface/web/dns/lib/lang/en_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'The Zone (SOA) can not be changed. Please contact your administrator to change the zone.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/es_dns_soa.lng b/interface/web/dns/lib/lang/es_dns_soa.lng
index 23f4cc5ffcfb53f784333a43965cfdd740cbac0c..b1484e749a0258b43ed279ca159226a451badb81 100644
--- a/interface/web/dns/lib/lang/es_dns_soa.lng
+++ b/interface/web/dns/lib/lang/es_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['update_acl_txt'] = 'Actualizar ACL';
$wb['xfer_error_regex'] = 'Notificar también a: Por favor, usa una dirección IP.';
$wb['xfer_txt'] = 'Permitir transferencia de zonas a<br />estas IP (lista separada por comas)';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/fi_dns_soa.lng b/interface/web/dns/lib/lang/fi_dns_soa.lng
index 3e106259677bea687262bb3cc99098c89e901c9c..b34b2893fdf514db92a3da4c8f8692066aaca771 100644
--- a/interface/web/dns/lib/lang/fi_dns_soa.lng
+++ b/interface/web/dns/lib/lang/fi_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/fr_dns_soa.lng b/interface/web/dns/lib/lang/fr_dns_soa.lng
index da63faadbdea9adab67fa598a1331997d941d246..d2449c323e9a95cb966fd7f9497699a7044f51db 100644
--- a/interface/web/dns/lib/lang/fr_dns_soa.lng
+++ b/interface/web/dns/lib/lang/fr_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/hr_dns_soa.lng b/interface/web/dns/lib/lang/hr_dns_soa.lng
index b4a9f2f9b0ad77b8808ab250735d93de8486d451..d738ff1e184cb52628d8aa105c16cc92503a60bb 100644
--- a/interface/web/dns/lib/lang/hr_dns_soa.lng
+++ b/interface/web/dns/lib/lang/hr_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/hu_dns_soa.lng b/interface/web/dns/lib/lang/hu_dns_soa.lng
index 401961408864d7817ba7e8c5f4b4ecbc3b02d7c8..445de86d69c7c8d8f1d73a0fa49b5dcbe94e97c4 100644
--- a/interface/web/dns/lib/lang/hu_dns_soa.lng
+++ b/interface/web/dns/lib/lang/hu_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/id_dns_soa.lng b/interface/web/dns/lib/lang/id_dns_soa.lng
index c42890b71c1ae0cd010a138d54c21fd6e0016403..c9a43ad057a07bc4a12a16b6a90b737f9f58217b 100644
--- a/interface/web/dns/lib/lang/id_dns_soa.lng
+++ b/interface/web/dns/lib/lang/id_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/it_dns_soa.lng b/interface/web/dns/lib/lang/it_dns_soa.lng
index 7ca3cb1cb13f1f104d5aad6516d522735045182d..714c6c70566c3af03ee5395ccc5790a8b86273c9 100644
--- a/interface/web/dns/lib/lang/it_dns_soa.lng
+++ b/interface/web/dns/lib/lang/it_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/ja_dns_soa.lng b/interface/web/dns/lib/lang/ja_dns_soa.lng
index 3964f3fcdb73888f6c3208043b4cb7adf29e425e..7ab57997508202e5496ae098ccb59a2b0bf4c2b6 100644
--- a/interface/web/dns/lib/lang/ja_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ja_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/nl_dns_soa.lng b/interface/web/dns/lib/lang/nl_dns_soa.lng
index 121339c00ca296b5b108516fb406c98edd4e7f4c..1f875df3c9007659806b6e48a22fb3f1497ba89e 100644
--- a/interface/web/dns/lib/lang/nl_dns_soa.lng
+++ b/interface/web/dns/lib/lang/nl_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/pl_dns_soa.lng b/interface/web/dns/lib/lang/pl_dns_soa.lng
index 1724c4c141c77a15d08c93021ca7ee2d3f189fe0..7502a592372707764358fde63333b8ef0938ee9d 100644
--- a/interface/web/dns/lib/lang/pl_dns_soa.lng
+++ b/interface/web/dns/lib/lang/pl_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/pt_dns_soa.lng b/interface/web/dns/lib/lang/pt_dns_soa.lng
index bdcc1660ff0e7f4b9a348ce678520aea214d8ed9..7b6ac864a163decd043ef4d35429c532a3df92ee 100644
--- a/interface/web/dns/lib/lang/pt_dns_soa.lng
+++ b/interface/web/dns/lib/lang/pt_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/ro_dns_soa.lng b/interface/web/dns/lib/lang/ro_dns_soa.lng
index 40607318f713d7a08f4d87dd24425e1b0f60e44e..9ae957f2406129be0f0b27645946c2efe6ab713e 100644
--- a/interface/web/dns/lib/lang/ro_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ro_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/ru_dns_soa.lng b/interface/web/dns/lib/lang/ru_dns_soa.lng
index 7bd15cd63858f16b496326756fe8b652902e63b7..f6043010d4e021d4d677e6fca002456e924cb3f3 100644
--- a/interface/web/dns/lib/lang/ru_dns_soa.lng
+++ b/interface/web/dns/lib/lang/ru_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'При отключении DNSSEC ключи не
$wb['error_not_allowed_server_id'] = 'Выбранный Ñервер не доÑтупен Ð´Ð»Ñ Ñтой учетной запиÑи.';
$wb['soa_cannot_be_changed_txt'] = 'Зона (SOA) не может быть изменена. ПожалуйÑта, обратитеÑÑŒ к админиÑтратору, чтобы изменить зону.';
$wb['configuration_error_txt'] = 'ОШИБКРКОÐФИГУРÐЦИИ';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/se_dns_soa.lng b/interface/web/dns/lib/lang/se_dns_soa.lng
index cfeb2f9fde36215601657786424c558134aeb70b..8e380f85a3f79c217c0fc0fb59009e6e197bc64d 100644
--- a/interface/web/dns/lib/lang/se_dns_soa.lng
+++ b/interface/web/dns/lib/lang/se_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/sk_dns_soa.lng b/interface/web/dns/lib/lang/sk_dns_soa.lng
index 79d49eee92d6136f143f0d8a477f66c2b5b3a663..c96399cc4ec4b433264bfa75e111d3b66334d467 100644
--- a/interface/web/dns/lib/lang/sk_dns_soa.lng
+++ b/interface/web/dns/lib/lang/sk_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be dele
$wb['error_not_allowed_server_id'] = 'The selected server is not allowed for this account.';
$wb['soa_cannot_be_changed_txt'] = 'Die Zone (SOA) kann nicht verändert werden. Bitte kontaktieren Sie ihren Administrator, um die Zone zu ändern.';
$wb['configuration_error_txt'] = 'CONFIGURATION ERROR';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/lib/lang/tr_dns_soa.lng b/interface/web/dns/lib/lang/tr_dns_soa.lng
index fd39de04f5e9742c3717bb77a33e6d25908a1a16..e5d55678cbd42f76353d2923d1c5d252c9c6d81a 100644
--- a/interface/web/dns/lib/lang/tr_dns_soa.lng
+++ b/interface/web/dns/lib/lang/tr_dns_soa.lng
@@ -41,4 +41,5 @@ $wb['ttl_range_error'] = 'En düşük TTL süresi 60 saniyedir.';
$wb['error_not_allowed_server_id'] = 'Seçilmiş sunucuda bu hesap kullanılamaz.';
$wb['soa_cannot_be_changed_txt'] = 'Bölge (SOA) değiştirilemez. Lütfen bölgeyi değiştirmek için yöneticiniz ile görüşün.';
$wb['configuration_error_txt'] = 'YAPILANDIRMA SORUNU';
+$wb['dnssec_algo_txt'] = 'DNSSEC Algorithm';
?>
diff --git a/interface/web/dns/templates/dns_soa_edit.htm b/interface/web/dns/templates/dns_soa_edit.htm
index c34e8a341647dcb0972b7f784be7d3b26c8842a0..e16faac1aa5c4d9ea1641abb9f92ab70f631c5c4 100644
--- a/interface/web/dns/templates/dns_soa_edit.htm
+++ b/interface/web/dns/templates/dns_soa_edit.htm
@@ -136,6 +136,10 @@
<div class="col-sm-9">
{tmpl_var name='dnssec_wanted'}<br /><small>({tmpl_var name='dnssec_wanted_info'})</small>
</div>
+ </div>
+ <div class="form-group">
+ <label for="dnssec_algo" class="col-sm-3 control-label">{tmpl_var name='dnssec_algo_txt'}</label>
+ <div class="col-sm-9">{tmpl_var name='dnssec_algo'}</div>
</div>
<div class="form-group">
<label for="update_acl" class="col-sm-3 control-label">{tmpl_var name='dnssec_info_txt'}</label>
diff --git a/interface/web/login/lib/lang/ar_login_as.lng b/interface/web/login/lib/lang/ar_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/ar_login_as.lng
+++ b/interface/web/login/lib/lang/ar_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/bg_login_as.lng b/interface/web/login/lib/lang/bg_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/bg_login_as.lng
+++ b/interface/web/login/lib/lang/bg_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/br_login_as.lng b/interface/web/login/lib/lang/br_login_as.lng
index 72c2c97e408f995aedce3bff5c0b461d535f80e8..1dde30d907c295c97daa6fd55264833b9b8c896e 100644
--- a/interface/web/login/lib/lang/br_login_as.lng
+++ b/interface/web/login/lib/lang/br_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'Já existe uma regra de firewall idêntica para
$wb['tcp_ports_error_regex'] = 'Caractere não permitido para porta tcp. Caracteres permitidos são números, ":" e ",".';
$wb['udp_ports_error_regex'] = 'Caractere não permitido para porta udp. Caracteres permitidos são números, ":" e ",".';
$wb['login_as_or_logout_txt'] = 'Gostaria de realizar acesso novamente como {UTYPE} ou sair?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/ca_login_as.lng b/interface/web/login/lib/lang/ca_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/ca_login_as.lng
+++ b/interface/web/login/lib/lang/ca_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/cz_login_as.lng b/interface/web/login/lib/lang/cz_login_as.lng
index 53629ac2a5127b46fd872adcec215632b5479dc2..1d99176adb151901e2d9a1e485cd87c15e73034e 100644
--- a/interface/web/login/lib/lang/cz_login_as.lng
+++ b/interface/web/login/lib/lang/cz_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'Pro tento server již existuje záznam firewallu
$wb['tcp_ports_error_regex'] = 'Znak nenà povole v definici TCP portu. Povolené symboly jsou ÄÃsla, : a ,.';
$wb['udp_ports_error_regex'] = 'Znak nenà povole v definici UDP portu. Povolené symboly jsou ÄÃsla, : a ,.';
$wb['login_as_or_logout_txt'] = 'Chcete se znovu přihlásit jako uživatel {UTYPE} nebo se chcete odhlásit ?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/de_login_as.lng b/interface/web/login/lib/lang/de_login_as.lng
index 4baa195d3a71735586dba972a96b968d0cbf70da..11fd4101636972a6bb5ec5850e804c350fb9df55 100644
--- a/interface/web/login/lib/lang/de_login_as.lng
+++ b/interface/web/login/lib/lang/de_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'Es gibt bereits einen Firewalleintrag für diese
$wb['tcp_ports_error_regex'] = 'Es sind nur Zahlen in der TCP Port Definition erlaubt. ';
$wb['udp_ports_error_regex'] = 'Es sind nur Zahlen in der UDP Port Definition erlaubt., ';
$wb['login_as_or_logout_txt'] = 'Wollen Sie sich wieder als {UTYPE} anmelden oder sich abmelden?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/dk_login_as.lng b/interface/web/login/lib/lang/dk_login_as.lng
index bebcf165a7bf2a78b5ba13d7eb1d47d41c214e4c..b68874abbe4bec425b8577d862b9ce5a79b42950 100644
--- a/interface/web/login/lib/lang/dk_login_as.lng
+++ b/interface/web/login/lib/lang/dk_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'Der er allerede en firewall post for denne serve
$wb['tcp_ports_error_regex'] = 'Tegn ikke tilladt i TCP port definition. Tilladt tegn er tal, \\":\\" og \\",\\".';
$wb['udp_ports_error_regex'] = 'Tegn ikke tilladt i UDP port definition. Tilladt tegn er tal, \\":\\" og \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/el_login_as.lng b/interface/web/login/lib/lang/el_login_as.lng
index 435d3e9a69eeb7f79abbc9c30d98ecaf32913529..db16d0d6d31f10a2af1079e06ea637f7e8a61cfd 100644
--- a/interface/web/login/lib/lang/el_login_as.lng
+++ b/interface/web/login/lib/lang/el_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'ΥπάÏχει ήδη μια εγγÏαφή Fire
$wb['tcp_ports_error_regex'] = 'Μη ÎγκυÏος χαÏακτήÏας για τον οÏισμός θÏÏας tcp. ΕπιτÏεπόμενοι χαÏακτήÏες είναι οι αÏιθμοί, η \\":\\" και οι \\",\\".';
$wb['udp_ports_error_regex'] = 'Μη ÎγκυÏος χαÏακτήÏας για τον οÏισμός θÏÏας udp. ΕπιτÏεπόμενοι χαÏακτήÏες είναι οι αÏιθμοί, η \\":\\" και οι \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/en_login_as.lng b/interface/web/login/lib/lang/en_login_as.lng
index d1f98c8806204e162954107caf753aa174153295..c849db3d04b724f0ae8a65de2dff4b6ca43e38f3 100644
--- a/interface/web/login/lib/lang/en_login_as.lng
+++ b/interface/web/login/lib/lang/en_login_as.lng
@@ -10,4 +10,6 @@ $wb["active_txt"] = 'Active';
$wb["tcp_ports_error_regex"] = 'Character not allowed in tcp port definition. Allowed characters are numbers, ":" and ",".';
$wb["udp_ports_error_regex"] = 'Character not allowed in udp port definition. Allowed characters are numbers, ":" and ",".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
\ No newline at end of file
diff --git a/interface/web/login/lib/lang/es_login_as.lng b/interface/web/login/lib/lang/es_login_as.lng
index b7f3e21f987f2ca4016eeaf3834b4e5445983571..d0faac1b8029288c5c7b00659920175882b2a2c8 100644
--- a/interface/web/login/lib/lang/es_login_as.lng
+++ b/interface/web/login/lib/lang/es_login_as.lng
@@ -9,4 +9,6 @@ $wb['tcp_ports_error_regex'] = 'Caracteres no permitidos en la definición de pu
$wb['udp_port_help_txt'] = 'Separado por comas';
$wb['udp_ports_error_regex'] = 'Caracteres no permitidos en la definición de puertos udp. Los caracteres permitidos son: números, \\":\\" y \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/fi_login_as.lng b/interface/web/login/lib/lang/fi_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/fi_login_as.lng
+++ b/interface/web/login/lib/lang/fi_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/fr_login_as.lng b/interface/web/login/lib/lang/fr_login_as.lng
index 55c9f6df5b6a302d260b83c3e61b0f668d7f5154..0612b4a47f156332b447acea33fc082c3fc0679c 100644
--- a/interface/web/login/lib/lang/fr_login_as.lng
+++ b/interface/web/login/lib/lang/fr_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Caractère non autorisé dans la règle de port TCP. Les caractères autorisés sont : les chiffres, « : » et « , ».';
$wb['udp_ports_error_regex'] = 'Caractère non autorisé dans la règle de port UDP. Les caractères autorisés sont : les chiffres, « : » et « , ».';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/hr_login_as.lng b/interface/web/login/lib/lang/hr_login_as.lng
index bcd13040d38363cad1bddf8ed3953ad13edbbeb8..a5704bee2d74600a2e8a0b6f425f644b1be868df 100644
--- a/interface/web/login/lib/lang/hr_login_as.lng
+++ b/interface/web/login/lib/lang/hr_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/hu_login_as.lng b/interface/web/login/lib/lang/hu_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/hu_login_as.lng
+++ b/interface/web/login/lib/lang/hu_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/id_login_as.lng b/interface/web/login/lib/lang/id_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/id_login_as.lng
+++ b/interface/web/login/lib/lang/id_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/it_login_as.lng b/interface/web/login/lib/lang/it_login_as.lng
index 3fa23da2741f0911bc933af3a615b675507813b3..9675cd148878d3e60e5e4b5af679c09264a5fce2 100644
--- a/interface/web/login/lib/lang/it_login_as.lng
+++ b/interface/web/login/lib/lang/it_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'Esiste già un record firewall per questo server
$wb['tcp_ports_error_regex'] = 'Caratteri non autorizzati nella definizine di porta tcp. Sono consentiti caratteri numerici, \\":\\" e \\",\\".';
$wb['udp_ports_error_regex'] = 'Caratteri non autorizzati nella definizine di porta udp. ono consentiti caratteri numerici, \\":\\" e \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/ja_login_as.lng b/interface/web/login/lib/lang/ja_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/ja_login_as.lng
+++ b/interface/web/login/lib/lang/ja_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/nl_login_as.lng b/interface/web/login/lib/lang/nl_login_as.lng
index d4d2715e7a664a3aa0b7b0b2b89503dc3caf546c..1710f0e4f875b070b55e7eb2802087dddb68ad9c 100644
--- a/interface/web/login/lib/lang/nl_login_as.lng
+++ b/interface/web/login/lib/lang/nl_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/pl_login_as.lng b/interface/web/login/lib/lang/pl_login_as.lng
index fd673484d7bfbbc44175d3939d12fb48c5a20593..2f1d818660ed99b3d90ec8085093bf3a90a680c2 100644
--- a/interface/web/login/lib/lang/pl_login_as.lng
+++ b/interface/web/login/lib/lang/pl_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'Istnieje już wpis firewalla dla tego serwera.';
$wb['tcp_ports_error_regex'] = 'Niedozwolony znam w definicji portu TCP. Dozwolone sÄ… liczby, dwukropek i przecinek (: i ,)';
$wb['udp_ports_error_regex'] = 'Niedozwolony znam w definicji portu UDP. Dozwolone sÄ… liczby, dwukropek i przecinek (: i ,)';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/pt_login_as.lng b/interface/web/login/lib/lang/pt_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/pt_login_as.lng
+++ b/interface/web/login/lib/lang/pt_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/ro_login_as.lng b/interface/web/login/lib/lang/ro_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/ro_login_as.lng
+++ b/interface/web/login/lib/lang/ro_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/ru_login_as.lng b/interface/web/login/lib/lang/ru_login_as.lng
index 63031d4d09acfffe0ab3bc0f64997949a92294cd..b15812dce3ddc681914d0493720838d054743715 100644
--- a/interface/web/login/lib/lang/ru_login_as.lng
+++ b/interface/web/login/lib/lang/ru_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'Уже еÑÑ‚ÑŒ Ñ‚Ð°ÐºÐ°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ бред
$wb['tcp_ports_error_regex'] = 'ÐедопуÑтимый Ñимвол в указании tcp порта. Корректные Ñиволы - цифры, \\":\\" и \\",\\"';
$wb['udp_ports_error_regex'] = 'Ðекорректный Ñимвол в указании UDP порта. ДопуÑтимые Ñиволы - цифры, \\":\\" и \\",\\"';
$wb['login_as_or_logout_txt'] = 'Вы хотите заново войти как {UTYPE} или выйти?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/se_login_as.lng b/interface/web/login/lib/lang/se_login_as.lng
index 17a82080dc9defec177c24ad06092da45f1a7e07..34b02cb1e9a959bb86c1b2a5df5a32c3ed137dd1 100644
--- a/interface/web/login/lib/lang/se_login_as.lng
+++ b/interface/web/login/lib/lang/se_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/sk_login_as.lng b/interface/web/login/lib/lang/sk_login_as.lng
index cf75b54b47a852400eec51271488e41ea64e69c4..f5bff0745f5d278ab2e73c63efc3009f3947f0bb 100644
--- a/interface/web/login/lib/lang/sk_login_as.lng
+++ b/interface/web/login/lib/lang/sk_login_as.lng
@@ -9,4 +9,6 @@ $wb['firewall_error_unique'] = 'There is already a firewall record for this serv
$wb['tcp_ports_error_regex'] = 'Character not allowed in tcp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['udp_ports_error_regex'] = 'Character not allowed in udp port definition. Allowed characters are numbers, \\":\\" and \\",\\".';
$wb['login_as_or_logout_txt'] = 'Do you want to re-login as {UTYPE} or logout?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/lib/lang/tr_login_as.lng b/interface/web/login/lib/lang/tr_login_as.lng
index 8a54a8efd9889f48caeebf2555d79c9ea66782f6..d2a3a4bfb3939d4152dd785d4bc241faaa7211b1 100644
--- a/interface/web/login/lib/lang/tr_login_as.lng
+++ b/interface/web/login/lib/lang/tr_login_as.lng
@@ -10,4 +10,6 @@ $wb['active_txt'] = 'Etkin';
$wb['tcp_ports_error_regex'] = 'TCP kapı açıklamasında karakter kullanılamaz. Yalnız rakam, ":" ve "," karakterleri kullanılabilir.';
$wb['udp_ports_error_regex'] = 'UDP kapı açıklamasında karakter kullanılamaz. Yalnız rakam, ":" ve "," karakterleri kullanılabilir.';
$wb['login_as_or_logout_txt'] = '{UTYPE} olarak oturum açmak ya da oturumunuzu kapatmak ister misiniz?';
+$wb['btn_reloginas_txt'] = 'Yes, re-login as %s';
+$wb['btn_nologout_txt'] = 'No, logout';
?>
diff --git a/interface/web/login/logout.php b/interface/web/login/logout.php
index fa60fba63298f271f42036ce82ae34c8c4c6e9f8..cfe405498e495332ec88a92ddf9ff972ddb5b47c 100644
--- a/interface/web/login/logout.php
+++ b/interface/web/login/logout.php
@@ -54,9 +54,9 @@ if ((isset($_SESSION['s_old']) && ($_SESSION['s_old']['user']['typ'] == 'admin'
<input type="hidden" name="s_pg" value="index" />
<input type="hidden" name="login_as" value="1" />
<div class="wf_actions buttons">
- <button class="btn btn-default formbutton-success" type="button" value="Yes, re-login as ' . $utype . '" data-submit-form="pageForm" data-form-action="login/index.php"><span>Yes, re-login as ' . $utype . '</span></button>
- <button class="btn btn-default formbutton-default" type="button" value="No, logout" data-load-content="login/logout.php?l=1"><span>No, logout</span></button>
- </div>
+ <button class="btn btn-default formbutton-success" type="button" value="' . sprintf($wb['btn_reloginas_txt'], $utype) . '" data-submit-form="pageForm" data-form-action="/login/index.php"><span>' . sprintf($wb['btn_reloginas_txt'], $utype) . '</span></button>
+ <button class="btn btn-default formbutton-default" type="button" value="' . $wb['btn_nologout_txt'] . '" data-load-content="login/logout.php?l=1"><span>' . $wb['btn_nologout_txt'] . '</span></button>
+ </div>
';
exit;
}
diff --git a/interface/web/mail/lib/lang/de_backup_stats_list.lng b/interface/web/mail/lib/lang/de_backup_stats_list.lng
index 9e14533068b6ba433a9d368d78ceb00fcf7ceff0..9147d3cbd6e03abec15051bd166b7c10ed041c24 100644
--- a/interface/web/mail/lib/lang/de_backup_stats_list.lng
+++ b/interface/web/mail/lib/lang/de_backup_stats_list.lng
@@ -5,5 +5,5 @@ $wb['domain_txt'] = 'Email';
$wb['backup_count_txt'] = 'Anz. Backups';
$wb['backup_server_txt'] = 'Server';
$wb['backup_interval_txt'] = 'Intervall / Anz.';
-$wb['backup_size_txt'] = 'Backupgrösse';
+$wb['backup_size_txt'] = 'Backupgröße';
?>
diff --git a/interface/web/mail/lib/lang/de_mail_alias.lng b/interface/web/mail/lib/lang/de_mail_alias.lng
index 211f0065fa0e44d05f62798fd1f36a9afebba151..4cdcd03a6f9e607366f59e7b5d555c1d08cd9d34 100644
--- a/interface/web/mail/lib/lang/de_mail_alias.lng
+++ b/interface/web/mail/lib/lang/de_mail_alias.lng
@@ -12,6 +12,6 @@ $wb['domain_txt'] = 'Domain';
$wb['duplicate_email_alias_txt'] = 'Dieser E-Mail Alias existiert bereits.';
$wb['source_txt'] = 'Alias';
$wb['send_as_txt'] = 'Senden als';
-$wb['send_as_exp'] = 'Ziel erlauben, den alias als Absender zu benutzen';
+$wb['send_as_exp'] = 'Ziel erlauben, den Alias als Absender zu benutzen';
$wb['greylisting_txt'] = 'Aktiviere Greylisting';
?>
diff --git a/interface/web/mail/lib/lang/de_mail_backup_list.lng b/interface/web/mail/lib/lang/de_mail_backup_list.lng
index 73286a0737103be7877ad8d6c3f4aaa669042224..3c3ee4d315ac7dc1556949bb60bf2fc9b9028c7c 100644
--- a/interface/web/mail/lib/lang/de_mail_backup_list.lng
+++ b/interface/web/mail/lib/lang/de_mail_backup_list.lng
@@ -1,16 +1,16 @@
<?php
-$wb['list_head_txt'] = 'Existing backups';
-$wb['date_txt'] = 'Date';
-$wb['backup_type_txt'] = 'Type';
-$wb['filename_txt'] = 'Backup file';
-$wb['restore_backup_txt'] = 'Restore';
-$wb['restore_info_txt'] = 'Restore of the backup has been started. This action takes several minutes to be completed.';
-$wb['restore_confirm_txt'] = 'Restoring may overwrite existing files in your mailbox. Do you really want to restore this backup?';
-$wb['download_pending_txt'] = 'There is already a pending backup download job.';
-$wb['restore_pending_txt'] = 'There is already a pending backup restore job.';
-$wb['delete_backup_txt'] = 'Delete Backup';
-$wb['delete_info_txt'] = 'Delete of the backup has been started. This action takes several minutes to be completed.';
-$wb['delete_confirm_txt'] = 'Really delete this backup?';
-$wb['delete_pending_txt'] = 'There is already a pending backup delete job.';
-$wb['filesize_txt'] = 'Filesize';
+$wb['list_head_txt'] = 'Vorhandene Backups';
+$wb['date_txt'] = 'Datum';
+$wb['backup_type_txt'] = 'Art';
+$wb['filename_txt'] = 'Dateiname';
+$wb['restore_backup_txt'] = 'Wiederherstellen';
+$wb['restore_info_txt'] = 'Wiederherstellung begonnen. Dieser Vorgang kann einige Minuten dauern.';
+$wb['restore_confirm_txt'] = 'Die Wiederherstellung kann bestehende Dateien in Ihrem Postfach überschreiben. Möchten Sie das Backup wiederherstellen?';
+$wb['download_pending_txt'] = 'Es läuft bereits ein Backup-Download.';
+$wb['restore_pending_txt'] = 'Es steht bereits ein Backup zur Wiederherstellung an.';
+$wb['delete_backup_txt'] = 'Backup löschen';
+$wb['delete_info_txt'] = 'Das Backup wird gelöscht. Dieser Vorgang kann einige Minuten dauern.';
+$wb['delete_confirm_txt'] = 'Möchten Sie dieses Backup wirklich löschen?';
+$wb['delete_pending_txt'] = 'Es wird bereits ein Backup gelöscht.';
+$wb['filesize_txt'] = 'Dateigröße';
?>
diff --git a/interface/web/mail/lib/lang/de_mail_user.lng b/interface/web/mail/lib/lang/de_mail_user.lng
index a69d97e361a365cee8b6ef8eb0ad28171b8207dd..dbbf54d1501fb689b480843c1a05ceba6d0658f5 100644
--- a/interface/web/mail/lib/lang/de_mail_user.lng
+++ b/interface/web/mail/lib/lang/de_mail_user.lng
@@ -44,8 +44,8 @@ $wb["move_junk_n_txt"] = 'Do not move Spam Emails to Junk folder.';
$wb['name_txt'] = 'Name';
$wb['name_optional_txt'] = '(optional)';
$wb['autoresponder_active'] = 'Autoresponder aktivieren';
-$wb['cc_txt'] = 'Kopie senden an';
-$wb['cc_error_isemail'] = 'Das -Kopie senden an- Feld enthält keine gültige E-Mail Adresse';
+$wb['cc_txt'] = 'Eingehende Mails in Kopie senden an';
+$wb['cc_error_isemail'] = 'Das Feld "Kopie senden an" enthält keine gültige E-Mail Adresse';
$wb['login_error_unique'] = 'Benutzername wird bereits verwendet.';
$wb['login_error_regex'] = 'Zulässige Zeichen sind A-Z, a-z, 0-9, ., _ und -.';
$wb['login_txt'] = 'Anmelden';
@@ -57,17 +57,17 @@ $wb['repeat_password_txt'] = 'Passwort wiederholen';
$wb['password_mismatch_txt'] = 'Die Passwörter stimmen nicht überein.';
$wb['password_match_txt'] = 'Die Passwörter stimmen überein.';
$wb['email_error_isascii'] = 'Bitte verwenden Sie keine Umlaute im Passwort. Dies kann zu Problemen mit Ihrem E-Mail-Programm führen.';
-$wb['backup_interval_txt'] = 'Backup interval';
+$wb['backup_interval_txt'] = 'Backup-Interval';
$wb['backup_copies_txt'] = 'Anzahl der Backups';
$wb['no_backup_txt'] = 'inaktiv';
-$wb['daily_backup_txt'] = 'taeglich';
-$wb['weekly_backup_txt'] = 'woechentlich';
+$wb['daily_backup_txt'] = 'täglich';
+$wb['weekly_backup_txt'] = 'wöchentlich';
$wb['monthly_backup_txt'] = 'monatlich';
$wb['cc_note_txt'] = '(Mehrere E-Mail-Adressen mit Kommas trennen)';
$wb['sender_cc_txt'] = 'Kopie ausgehender Emails senden an (BCC)';
$wb['sender_cc_error_isemail'] = '-Kopie ausgehender Emails senden an- Feld enthält keine gültige Emailadresse';
-$wb['sender_cc_note_txt'] = '(One email address only)';
-$wb['password_click_to_set_txt'] = 'Click to set';
+$wb['sender_cc_note_txt'] = '(Mehrere E-Mail-Adressen mit Kommas trennen)';
+$wb['password_click_to_set_txt'] = 'Passwort erzeugen';
$wb['purge_trash_days_txt'] = 'Purge Trash automatically after X days';
$wb['tooltip_purge_trash_days_txt'] = '0 = disabled';
$wb['purge_junk_days_txt'] = 'Purge Junk automatically after X days';
diff --git a/interface/web/mail/lib/lang/de_mail_user_list.lng b/interface/web/mail/lib/lang/de_mail_user_list.lng
index 255b25612f0aaf77538cdd8c22eec31fc87fed95..b1ebb2fd1dd9afa307f1e4c5ba4a4689caf18098 100644
--- a/interface/web/mail/lib/lang/de_mail_user_list.lng
+++ b/interface/web/mail/lib/lang/de_mail_user_list.lng
@@ -3,10 +3,10 @@ $wb['list_head_txt'] = 'E-Mail Konto';
$wb['email_txt'] = 'E-Mail Adresse';
$wb['autoresponder_txt'] = 'Autoresponder';
$wb['add_new_record_txt'] = 'Neues E-Mail Konto hinzufügen';
-$wb['name_txt'] = 'Realname';
+$wb['name_txt'] = 'Name';
$wb['login_txt'] = 'Anmelden';
-$wb['postfix_txt'] = 'Receiving';
-$wb['disablesmtp_txt'] = 'SMTP (sending)';
+$wb['postfix_txt'] = 'Empfang';
+$wb['disablesmtp_txt'] = 'SMTP (Versand)';
$wb['disabledeliver_txt'] = 'INBOX';
$wb['disableimap_txt'] = 'IMAP';
$wb['disablepop3_txt'] = 'POP3';
diff --git a/interface/web/mail/mail_domain_edit.php b/interface/web/mail/mail_domain_edit.php
index 19aa4f91e61b5600904b40c88118dad8f5287f73..77e15b68fc59a0f76ea69afad73de830ff6543c0 100644
--- a/interface/web/mail/mail_domain_edit.php
+++ b/interface/web/mail/mail_domain_edit.php
@@ -283,7 +283,9 @@ class page_action extends tform_actions {
$this->dataRecord["domain"] = $app->functions->idn_encode($this->dataRecord["domain"]);
$this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
}
-
+
+ //* server_id must be > 0
+ if(isset($this->dataRecord["server_id"]) && $this->dataRecord["server_id"] < 1) $app->tform->errorMessage .= $app->lng("server_id_0_error_txt");
parent::onSubmit();
}
diff --git a/interface/web/sites/lib/lang/ar_web_vhost_domain.lng b/interface/web/sites/lib/lang/ar_web_vhost_domain.lng
index 3ce40d9b0ca2e3128e1cbd7ad6c0d92454629755..bd8a953007f1b57a9d812a00135455bd024c0ee2 100644
--- a/interface/web/sites/lib/lang/ar_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/ar_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/bg_web_vhost_domain.lng b/interface/web/sites/lib/lang/bg_web_vhost_domain.lng
index 828b79931f23f3322200928553f6ea36aa7e5c95..ee7df88617dd7c2a2463a7924cf9f58e67033d7e 100644
--- a/interface/web/sites/lib/lang/bg_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/bg_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/br_web_vhost_domain.lng b/interface/web/sites/lib/lang/br_web_vhost_domain.lng
index 706125676af0a28667a76783cd7cdc423b39a2d7..0b06d75f6339a67b92deed35d7db1db54b2b1f9b 100644
--- a/interface/web/sites/lib/lang/br_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/br_web_vhost_domain.lng
@@ -187,4 +187,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/ca_web_vhost_domain.lng b/interface/web/sites/lib/lang/ca_web_vhost_domain.lng
index 8d0e6604928f58179cc951d5a17408d388a12b7a..5db89cc4b087de3ec3cb9c8985089280426773cc 100644
--- a/interface/web/sites/lib/lang/ca_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/ca_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/cz_web_vhost_domain.lng b/interface/web/sites/lib/lang/cz_web_vhost_domain.lng
index cd7d06c8aa1675040102982570eac58c77200ee7..d633a7fe0c978ea4ad5fe24e2c8b08958b593437 100644
--- a/interface/web/sites/lib/lang/cz_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/cz_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/de.lng b/interface/web/sites/lib/lang/de.lng
index 48e0a9a9a77432462558a73e0e1b1f5cf5be2c09..f5cf2e2052f88c852180c9d4d9ddeb4987f0641f 100644
--- a/interface/web/sites/lib/lang/de.lng
+++ b/interface/web/sites/lib/lang/de.lng
@@ -14,7 +14,7 @@ $wb['Command Line'] = 'Kommandozeile';
$wb['Shell-User'] = 'Shell Benutzer';
$wb['Cron Jobs'] = 'Cronjobs';
$wb['Statistics'] = 'Statistik';
-$wb['Web traffic'] = 'Datentransfer';
+$wb['Web traffic'] = 'Web-Datentransfer';
$wb['Website quota (Harddisk)'] = 'Speicherplatzbeschränkung';
$wb['Cron'] = 'Cron';
$wb['Stats'] = 'Statistiken';
@@ -32,4 +32,7 @@ $wb['Installed packages'] = 'Installierte Pakete';
$wb['Update Packagelist'] = 'Paketliste aktualisieren';
$wb['error_proxy_requires_url'] = 'Weiterleitungstyp ';
$wb['Subdomain (Vhost)'] = 'Subdomain (vHost)';
+$wb['Database quota'] = 'Datenbank-Quota';
+$wb['FTP traffic'] = 'FTP-Datentransfer';
+$wb['Backup Stats'] = 'Backup-Statistiken';
?>
diff --git a/interface/web/sites/lib/lang/de_backup_stats_list.lng b/interface/web/sites/lib/lang/de_backup_stats_list.lng
index 01797ea9c42ee4109e753d0062643007264d9ba9..763e3db27524bf93021170db3094e1a6946457db 100644
--- a/interface/web/sites/lib/lang/de_backup_stats_list.lng
+++ b/interface/web/sites/lib/lang/de_backup_stats_list.lng
@@ -6,5 +6,5 @@ $wb['domain_txt'] = 'Domain';
$wb['backup_count_txt'] = 'Anz. Backups';
$wb['backup_server_txt'] = 'Server';
$wb['backup_interval_txt'] = 'Intervall / Anz.';
-$wb['backup_size_txt'] = 'Backupgrösse';
+$wb['backup_size_txt'] = 'Backupgröße';
?>
diff --git a/interface/web/sites/lib/lang/de_database_quota_stats_list.lng b/interface/web/sites/lib/lang/de_database_quota_stats_list.lng
index 3bc9874bf105333a5ae9d0a6517f909b075d4772..087756104a3cdcd706ae4de1805193a403083851 100644
--- a/interface/web/sites/lib/lang/de_database_quota_stats_list.lng
+++ b/interface/web/sites/lib/lang/de_database_quota_stats_list.lng
@@ -5,5 +5,5 @@ $wb['client_txt'] = 'Kunde';
$wb['used_txt'] = 'Verwendeter Speicherplatz';
$wb['quota_txt'] = 'Quota';
$wb['percentage_txt'] = 'Verbraucht in %';
-$wb['list_head_txt'] = 'Database Quota';
+$wb['list_head_txt'] = 'Datenbank-Quota';
?>
diff --git a/interface/web/sites/lib/lang/de_ftp_sites_stats_list.lng b/interface/web/sites/lib/lang/de_ftp_sites_stats_list.lng
index e44025a715dbf435bdca9faee0b109ba25bf611d..c2df2b397c58bdbde1366ee1bbd6135b6671b298 100644
--- a/interface/web/sites/lib/lang/de_ftp_sites_stats_list.lng
+++ b/interface/web/sites/lib/lang/de_ftp_sites_stats_list.lng
@@ -1,10 +1,10 @@
<?php
-$wb['list_head_txt'] = 'FTP traffic';
+$wb['list_head_txt'] = 'FTP-Transfer';
$wb['domain_txt'] = 'Domain';
-$wb['this_month_txt'] = 'This month';
-$wb['last_month_txt'] = 'Last month';
-$wb['this_year_txt'] = 'This year';
-$wb['last_year_txt'] = 'Last year';
-$wb['sum_txt'] = 'Sum (Download + Upload)';
+$wb['this_month_txt'] = 'Dieser Month';
+$wb['last_month_txt'] = 'Letzter Monat';
+$wb['this_year_txt'] = 'Dieses Jahr';
+$wb['last_year_txt'] = 'Letztes Jahr';
+$wb['sum_txt'] = 'Gesamt (Download + Upload)';
$wb['in_out_txt'] = 'DL/UL';
?>
diff --git a/interface/web/sites/lib/lang/de_shell_user.lng b/interface/web/sites/lib/lang/de_shell_user.lng
index 9130b456e345e32b661ff72b78b8d39d7a217a49..6b5dac53c3a5a1ed6558e733ed9572eb695154d4 100644
--- a/interface/web/sites/lib/lang/de_shell_user.lng
+++ b/interface/web/sites/lib/lang/de_shell_user.lng
@@ -28,9 +28,9 @@ $wb['password_mismatch_txt'] = 'Die Passwörter stimmen nicht überein.';
$wb['password_match_txt'] = 'Die Passwörter stimmen überein.';
$wb['username_must_not_exceed_32_chars_txt'] = 'Der Benutzername darf 32 Zeichen nicht überschreiten.';
$wb['username_not_allowed_txt'] = 'Dieser Benutzername ist nicht erlaubt.';
-$wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group';
-$wb['directory_error_regex'] = 'Invalid directory';
-$wb['shell_error_regex'] = 'Invalid shell';
-$wb['invalid_username_txt'] = 'Invalid Username';
-$wb['directory_error_notinweb'] = 'The directory has to be inside the web root.';
+$wb['invalid_system_user_or_group_txt'] = 'Ungültiger Web Benutzername oder Gruppe';
+$wb['directory_error_regex'] = 'Ungültiges Verzeichnis';
+$wb['shell_error_regex'] = 'Ungültige Shell';
+$wb['invalid_username_txt'] = 'Ungültiger Benutzername';
+$wb['directory_error_notinweb'] = 'Das Verzeichnis muss innerhalb des Web-Verzeichnisses liegen.';
?>
diff --git a/interface/web/sites/lib/lang/de_web_subdomain.lng b/interface/web/sites/lib/lang/de_web_subdomain.lng
index 586c90adc38f69190b75a1723f6641b92ed4558f..4f34874a11f1d7490f6c8536c502faabea09492a 100644
--- a/interface/web/sites/lib/lang/de_web_subdomain.lng
+++ b/interface/web/sites/lib/lang/de_web_subdomain.lng
@@ -45,6 +45,6 @@ $wb['available_proxy_directive_snippets_txt'] = 'Verfügbare Proxy Direktiven Sc
$wb['error_proxy_requires_url'] = 'Weiterleitungstyp \\"proxy\\" erfordert eine URL als Weiterleitungspfad.';
$wb['http_port_txt'] = 'HTTP Port';
$wb['https_port_txt'] = 'HTTPS Port';
-$wb['http_port_error_regex'] = 'HTTP Port invalid.';
-$wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['http_port_error_regex'] = 'HTTP Port ungültig.';
+$wb['https_port_error_regex'] = 'HTTPS Port ungültig.';
?>
diff --git a/interface/web/sites/lib/lang/de_web_vhost_domain.lng b/interface/web/sites/lib/lang/de_web_vhost_domain.lng
index 26070171394784b9a2471d90833659fbbf1da505..c70aa44d7b88a2489cdf09d680d3b45202fe3273 100644
--- a/interface/web/sites/lib/lang/de_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/de_web_vhost_domain.lng
@@ -99,7 +99,7 @@ $wb['pm_max_spare_servers_error_regex'] = 'PHP-FPM pm.max_spare_servers muß ein
$wb['hd_quota_error_regex'] = 'Speicherplatzbeschränkung ist ungültig.';
$wb['traffic_quota_error_regex'] = 'Transfervolumenbeschränkung ist ungültig.';
$wb['server_php_id_txt'] = 'PHP Version';
-$wb['server_php_id_invalid_txt'] = 'PHP Version is invalid.';
+$wb['server_php_id_invalid_txt'] = 'PHP Version is ungültig.';
$wb['server_php_id_default_hidden_warning_txt'] = 'PHP Version was set to "default" but that can no longer be selected. Choose your desired PHP Version and save your settings.';
$wb['pm_txt'] = 'PHP-FPM FastCGI Prozess Manager';
$wb['pm_process_idle_timeout_txt'] = 'PHP-FPM pm.process_idle_timeout';
@@ -141,15 +141,15 @@ $wb['btn_cancel_txt'] = 'Abbrechen';
$wb['load_client_data_txt'] = 'Kundendaten übernehmen';
$wb['load_my_data_txt'] = 'Meine Kontaktdaten laden';
$wb['reset_client_data_txt'] = 'Daten verwerfen';
-$wb['server_chosen_not_ok'] = 'The selected server is not allowed for this account.';
-$wb['subdomain_error_empty'] = 'The subdommain field is empty or contains invalid characters.';
-$wb['rewrite_to_https_txt'] = 'Rewrite HTTP to HTTPS';
-$wb['password_strength_txt'] = 'Password strength';
+$wb['server_chosen_not_ok'] = 'Der ausgewählte Server ist nicht zulässig für diesen Account.';
+$wb['subdomain_error_empty'] = 'Die Subdomain ist leer oder ungültig.';
+$wb['rewrite_to_https_txt'] = 'HTTP zu HTTPS weiterleiten';
+$wb['password_strength_txt'] = 'Passwortstärke';
$wb['directive_snippets_id_txt'] = 'Webserver-Konfiguration';
$wb['http_port_txt'] = 'HTTP Port';
$wb['https_port_txt'] = 'HTTPS Port';
-$wb['http_port_error_regex'] = 'HTTP Port invalid.';
-$wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['http_port_error_regex'] = 'HTTP Port ungültig.';
+$wb['https_port_error_regex'] = 'HTTPS Port ungültig.';
$wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Log-Dateien Aufbewahrungszeit';
$wb['log_retention_error_regex'] = 'Aufbewahrungszeit in Tagen (Erlaubte Werte: min. 0 - max. 9999)';
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/dk_web_vhost_domain.lng b/interface/web/sites/lib/lang/dk_web_vhost_domain.lng
index 8d0e6604928f58179cc951d5a17408d388a12b7a..5db89cc4b087de3ec3cb9c8985089280426773cc 100644
--- a/interface/web/sites/lib/lang/dk_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/dk_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/el_web_vhost_domain.lng b/interface/web/sites/lib/lang/el_web_vhost_domain.lng
index 47115c8098a9203d312615e4870b91d55f2582c5..b65ce8ae735176fbaaae79338c89ea9904bdde75 100644
--- a/interface/web/sites/lib/lang/el_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/el_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/en_web_vhost_domain.lng b/interface/web/sites/lib/lang/en_web_vhost_domain.lng
index 19b12ea2c4f413e86a1d8bfdc2cbcd8b8ed3bd7c..93a50ef4d08abca8cc8afbd5834359f1be679cec 100644
--- a/interface/web/sites/lib/lang/en_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/en_web_vhost_domain.lng
@@ -187,4 +187,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/es_web_vhost_domain.lng b/interface/web/sites/lib/lang/es_web_vhost_domain.lng
index c1960ae38b1a0fdd46fa52bcafc5bdeaf62711ab..3ee00027defe2ccc7471d5ed9b2e3df1f62f89cf 100644
--- a/interface/web/sites/lib/lang/es_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/es_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/fi_web_vhost_domain.lng b/interface/web/sites/lib/lang/fi_web_vhost_domain.lng
index 7ba9a95d354fe471d751c8ef2d604e7df753c504..d6ed01f49a148d8dadc5990ffca90559baeec36b 100644
--- a/interface/web/sites/lib/lang/fi_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/fi_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/fr_web_vhost_domain.lng b/interface/web/sites/lib/lang/fr_web_vhost_domain.lng
index b3f1602e638edb426f16e55481d2e03be6c3e08a..c276e054b9b4f7a87c3356e4b3c7e56ad1081cd3 100644
--- a/interface/web/sites/lib/lang/fr_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/fr_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/hr_web_vhost_domain.lng b/interface/web/sites/lib/lang/hr_web_vhost_domain.lng
index 14bb2c66878903256a9138779304d3e7cc6c4a17..95166e97de35b45abe960198263153fde78753e7 100644
--- a/interface/web/sites/lib/lang/hr_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/hr_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/hu_web_vhost_domain.lng b/interface/web/sites/lib/lang/hu_web_vhost_domain.lng
index 86e549240834e465bfae979533f67948449e3550..e11d420a2865e930aa435ea27909fd8abc7bee91 100644
--- a/interface/web/sites/lib/lang/hu_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/hu_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/id_web_vhost_domain.lng b/interface/web/sites/lib/lang/id_web_vhost_domain.lng
index 7de6c2c6faef90f2831b658ea95d055f948ab14c..f0938ebd03a2a573c3d005dcfdd016f17992d112 100644
--- a/interface/web/sites/lib/lang/id_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/id_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/it_web_vhost_domain.lng b/interface/web/sites/lib/lang/it_web_vhost_domain.lng
index 3951e5d19d90d284524b40fa214845259b727123..e0b9ae338fa06019af0c02d61d537a0bca010f3e 100644
--- a/interface/web/sites/lib/lang/it_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/it_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/ja_web_vhost_domain.lng b/interface/web/sites/lib/lang/ja_web_vhost_domain.lng
index a9d284b46c2ab067504a24f2f683e0d409db965d..8428717c27b6c50393fc0c125b688615891eb78e 100644
--- a/interface/web/sites/lib/lang/ja_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/ja_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/nl_web_vhost_domain.lng b/interface/web/sites/lib/lang/nl_web_vhost_domain.lng
index 50932cc9e1c8376fe19aea940b10b585941a7f27..29c9e99dd985e5608a9d63a7d563a23c550e0dbf 100644
--- a/interface/web/sites/lib/lang/nl_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/nl_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/pl_web_vhost_domain.lng b/interface/web/sites/lib/lang/pl_web_vhost_domain.lng
index 93752a063c77655b3f6b16f401ebe5951547c4c6..83098d3241db042d45d284f97f3857694671b08a 100644
--- a/interface/web/sites/lib/lang/pl_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/pl_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/pt_web_vhost_domain.lng b/interface/web/sites/lib/lang/pt_web_vhost_domain.lng
index 2b077955074d960fa29fbf64cb24a5b8cbc93543..313459a2f25ac2f9c7c10bf47c54d1f9dbe823c8 100644
--- a/interface/web/sites/lib/lang/pt_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/pt_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/ro_web_vhost_domain.lng b/interface/web/sites/lib/lang/ro_web_vhost_domain.lng
index e52310bf08096500ad18651c6a3bc18ce47fb555..ad276d5b396bd0acf3e1683f9a2f820f4d7684fe 100644
--- a/interface/web/sites/lib/lang/ro_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/ro_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/ru_web_vhost_domain.lng b/interface/web/sites/lib/lang/ru_web_vhost_domain.lng
index 07c345f0da8f52e85bdc6d0708cfc480fe486200..148f642fc113d36b23de5d654eee8ab1b2a13e23 100644
--- a/interface/web/sites/lib/lang/ru_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/ru_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/se_web_vhost_domain.lng b/interface/web/sites/lib/lang/se_web_vhost_domain.lng
index f398991442c5753477db6df4491541efd481132c..a53e6ccd7c511381ca814c5a272a53146a043999 100644
--- a/interface/web/sites/lib/lang/se_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/se_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/sk_web_vhost_domain.lng b/interface/web/sites/lib/lang/sk_web_vhost_domain.lng
index 3d4a76186f1c396a70c93d6119a96c90df2ef4cb..22f8814aff26603f8dfc4aba16ce502feff8493e 100644
--- a/interface/web/sites/lib/lang/sk_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/sk_web_vhost_domain.lng
@@ -182,4 +182,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/lib/lang/tr_web_vhost_domain.lng b/interface/web/sites/lib/lang/tr_web_vhost_domain.lng
index 8aa16844783d4607d6d564c302b28dc23c13cd51..f55182dffd0623b69bc256e794fae96391bec684 100644
--- a/interface/web/sites/lib/lang/tr_web_vhost_domain.lng
+++ b/interface/web/sites/lib/lang/tr_web_vhost_domain.lng
@@ -184,4 +184,8 @@ $wb["backup_format_tar_7z_lzma_txt"] = 'tar + 7z (LZMA)';
$wb["backup_format_tar_7z_lzma2_txt"] = 'tar + 7z (LZMA2)';
$wb["backup_format_tar_7z_ppmd_txt"] = 'tar + 7z (PPMd)';
$wb["backup_format_tar_7z_bzip2_txt"] = 'tar + 7z (BZip2)';
+$wb['error_ipv4_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv4 address.';
+$wb['error_ipv6_change_forbidden'] = 'The IP cannot be changed. Please contact your administrator if you want to change the IPv6 address.';
+$wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Please contact your administrator if you want to change the domain name.';
+$wb['error_server_change_not_possible'] = 'The server cannot be changed.';
?>
diff --git a/interface/web/sites/templates/web_vhost_domain_backup.htm b/interface/web/sites/templates/web_vhost_domain_backup.htm
index 0228ae76bbc4ce80830038c714807697910b1b8f..19e23931d588b6d97f5f1fc53abe1fbdff567592 100644
--- a/interface/web/sites/templates/web_vhost_domain_backup.htm
+++ b/interface/web/sites/templates/web_vhost_domain_backup.htm
@@ -1,81 +1,106 @@
<tmpl_if name="config_error_msg">
-<div style="background: #ffdfdf; border: 1px solid #df7d7d; border-width: 1px 0; margin: 1.5em 0 1.5em 0; padding: 7px;">
- <p style="font-face:bold">{tmpl_var name='configuration_error_txt'}</p>
- <div>
- <div style="float:left;width:150px;">{tmpl_var name='config_error_tstamp'} : </div><div style="padding-left:150px;">{tmpl_var name='config_error_msg'}</div>
- </div>
-</div>
+ <div style="background: #ffdfdf; border: 1px solid #df7d7d; border-width: 1px 0; margin: 1.5em 0 1.5em 0; padding: 7px;">
+ <p style="font-face:bold">{tmpl_var name='configuration_error_txt'}</p>
+ <div>
+ <div style="float:left;width:150px;">{tmpl_var name='config_error_tstamp'} : </div>
+ <div style="padding-left:150px;">{tmpl_var name='config_error_msg'}</div>
+ </div>
+ </div>
</tmpl_if>
- <div class="form-group">
- <label for="backup_interval" class="col-sm-3 control-label">{tmpl_var name='backup_interval_txt'}</label>
- <div class="col-sm-9"><select name="backup_interval" id="backup_interval" class="form-control">
- {tmpl_var name='backup_interval'}
- </select></div>
- </div>
- <div class="form-group">
- <label for="backup_copies" class="col-sm-3 control-label">{tmpl_var name='backup_copies_txt'}</label>
- <div class="col-sm-9"><select name="backup_copies" id="backup_copies" class="form-control">
- {tmpl_var name='backup_copies'}
- </select></div>
- </div>
- <div class="form-group">
- <label for="backup_excludes" class="col-sm-3 control-label">{tmpl_var name='backup_excludes_txt'}</label>
- <div class="col-sm-6"><input type="text" name="backup_excludes" id="backup_excludes" value="{tmpl_var name='backup_excludes'}" class="form-control" /></div><div class="col-sm-3 input-sm"> {tmpl_var name='backup_excludes_note_txt'}
- </div></div>
-
- <legend>{tmpl_var name='backup_compression_options_txt'}</legend>
- <div class="tab-content">
- {tmpl_var name='backup_format_web_note_txt'}
- </div>
- <tmpl_if name="missing_utils">
- <div class="tab-content bg-warning text-warning">
- {tmpl_var name='backup_missing_utils_txt'} {tmpl_var name='missing_utils'}
- </div>
- </tmpl_if>
- <div class="form-group">
- <label for="backup_format_web" class="col-sm-3 control-label">{tmpl_var name='backup_format_web_txt'}</label>
- <div class="col-sm-9">
- <select name="backup_format_web" id="backup_format_web" class="form-control">
- {tmpl_var name='backup_format_web'}
- </select>
- </div>
- </div>
- <div class="form-group">
- <label for="backup_format_db" class="col-sm-3 control-label">{tmpl_var name='backup_format_db_txt'}</label>
- <div class="col-sm-9">
- <select name="backup_format_db" id="backup_format_db" class="form-control">
- {tmpl_var name='backup_format_db'}
- </select>
- </div>
- </div>
-
- <legend>{tmpl_var name='backup_encryption_options_txt'}</legend>
- <div class="tab-content">
- {tmpl_var name='backup_encryption_note_txt'}
- </div>
- <div class="form-group">
- <label class="col-sm-3 control-label">
- {tmpl_var name='backup_enable_encryption_txt'}
- </label>
- <div class="col-sm-9">
- {tmpl_var name="backup_encrypt"}
- </div>
- </div>
- <div class="form-group">
- <label for="backup_password" class="col-sm-3 control-label">
- {tmpl_var name='backup_password_txt'}
- </label>
- <div class="col-sm-9">
- <input type="text" name="backup_password" id="backup_password" value="{tmpl_var name='backup_password'}" class="form-control" />
- </div>
- </div>
-
- {tmpl_var name='backup_records'}
-
- <input type="hidden" name="id" value="{tmpl_var name='id'}">
- <div class="clear"><div class="right">
- <button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="sites/web_vhost_domain_edit.php">{tmpl_var name='btn_save_txt'}</button>
- <button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="sites/web_vhost_domain_list.php">{tmpl_var name='btn_cancel_txt'}</button>
- </div></div>
+<div class="form-group">
+ <label for="backup_interval" class="col-sm-3 control-label">{tmpl_var name='backup_interval_txt'}</label>
+ <div class="col-sm-9"><select name="backup_interval" id="backup_interval" class="form-control">
+ {tmpl_var name='backup_interval'}
+ </select>
+ </div>
+</div>
+<div class="form-group">
+ <label for="backup_copies" class="col-sm-3 control-label">{tmpl_var name='backup_copies_txt'}</label>
+ <div class="col-sm-9"><select name="backup_copies" id="backup_copies" class="form-control">
+ {tmpl_var name='backup_copies'}
+ </select>
+ </div>
+</div>
+<div class="panel panel-default">
+ <div class="panel-heading" role="tab" id="headingCompression">
+ <h4 class="panel-title">
+ <a class="collapsed" role="button" data-toggle="collapse" data-parent="#accordion" href="#collapseCompression" aria-expanded="false" aria-controls="collapseCompression">
+ {tmpl_var name='backup_compression_options_txt'}
+ </a>
+ </h4>
+ </div>
+ <div id="collapseCompression" class="panel-collapse collapse" role="tabpanel" aria-labelledby="headingCompression">
+ <div class="panel-body">
+ <div class="form-group">
+ <label for="backup_excludes" class="col-sm-3 control-label">{tmpl_var name='backup_excludes_txt'}</label>
+ <div class="col-sm-6"><input type="text" name="backup_excludes" id="backup_excludes" value="{tmpl_var name='backup_excludes'}" class="form-control" /></div>
+ <div class="col-sm-3 input-sm"> {tmpl_var name='backup_excludes_note_txt'}
+ </div>
+ </div>
+ <div class="tab-content">
+ {tmpl_var name='backup_format_web_note_txt'}
+ </div>
+ <tmpl_if name="missing_utils">
+ <div class="tab-content bg-warning text-warning">
+ {tmpl_var name='backup_missing_utils_txt'} {tmpl_var name='missing_utils'}
+ </div>
+ </tmpl_if>
+ <div class="form-group">
+ <label for="backup_format_web" class="col-sm-3 control-label">{tmpl_var name='backup_format_web_txt'}</label>
+ <div class="col-sm-9">
+ <select name="backup_format_web" id="backup_format_web" class="form-control">
+ {tmpl_var name='backup_format_web'}
+ </select>
+ </div>
+ </div>
+ <div class="form-group">
+ <label for="backup_format_db" class="col-sm-3 control-label">{tmpl_var name='backup_format_db_txt'}</label>
+ <div class="col-sm-9">
+ <select name="backup_format_db" id="backup_format_db" class="form-control">
+ {tmpl_var name='backup_format_db'}
+ </select>
+ </div>
+ </div>
+ </div>
+ </div>
+ <div class="panel-heading" role="tab" id="headingEncryption">
+ <h4 class="panel-title">
+ <a class="collapsed" role="button" data-toggle="collapse" data-parent="#accordion" href="#collapseEncryption" aria-expanded="false" aria-controls="collapseEncryption">
+ {tmpl_var name='backup_encryption_options_txt'}
+ </a>
+ </h4>
+ </div>
+ <div id="collapseEncryption" class="panel-collapse collapse" role="tabpanel" aria-labelledby="headingEncryption">
+ <div class="panel-body">
+ <div class="tab-content">
+ {tmpl_var name='backup_encryption_note_txt'}
+ </div>
+ <div class="form-group">
+ <label class="col-sm-3 control-label">
+ {tmpl_var name='backup_enable_encryption_txt'}
+ </label>
+ <div class="col-sm-9">
+ {tmpl_var name="backup_encrypt"}
+ </div>
+ </div>
+ <div class="form-group">
+ <label for="backup_password" class="col-sm-3 control-label">
+ {tmpl_var name='backup_password_txt'}
+ </label>
+ <div class="col-sm-9">
+ <input type="text" name="backup_password" id="backup_password" value="{tmpl_var name='backup_password'}" class="form-control" />
+ </div>
+ </div>
+ </div>
+ </div>
+</div>
+{tmpl_var name='backup_records'}
+<input type="hidden" name="id" value="{tmpl_var name='id'}">
+<div class="clear">
+ <div class="right">
+ <button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="sites/web_vhost_domain_edit.php">{tmpl_var name='btn_save_txt'}</button>
+ <button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="sites/web_vhost_domain_list.php">{tmpl_var name='btn_cancel_txt'}</button>
+ </div>
+</div>
diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php
index cc476a2276f8c87206859aa9bdb4717e30be4df6..9f05b0337b4f10289d2fa5dcbcc0cb14faef273d 100644
--- a/interface/web/sites/web_vhost_domain_edit.php
+++ b/interface/web/sites/web_vhost_domain_edit.php
@@ -1189,6 +1189,9 @@ class page_action extends tform_actions {
//* make sure that the domain is lowercase
if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
+ //* server_id must be > 0
+ if(isset($this->dataRecord["server_id"]) && $this->dataRecord["server_id"] < 1) $app->tform->errorMessage .= $app->lng("server_id_0_error_txt");
+
//* get the server config for this server
$app->uses("getconf");
if($this->id > 0){
@@ -1376,11 +1379,19 @@ class page_action extends tform_actions {
function onAfterInsert() {
global $app, $conf;
- // make sure that the record belongs to the clinet group and not the admin group when admin inserts it
- // also make sure that the user can not delete domain created by a admin
+ // make sure that the record belongs to the client group and not the admin group when admin inserts it
+ // also make sure that the user can not delete domain created by a admin if client protection is enabled
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
- $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
+ $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
+ $app->uses('getconf');
+ $global_config = $app->getconf->get_global_config('sites');
+ if($global_config['client_protection'] == 'y') {
+ $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
+ } else {
+ $sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id);
+ $sysuser_id = (is_array($sysuser) && isset($sysuser['userid']) && $sysuser['userid'] > 0)?$sysuser['userid']:1;
+ $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser_id, $client_group_id, $this->id);
+ }
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
@@ -1479,7 +1490,7 @@ class page_action extends tform_actions {
$rec = $app->db->queryOneRecord("SELECT server_id from web_domain WHERE domain_id = ?", $this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
- $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $app->tform->errorMessage .= $app->lng('error_server_change_not_possible');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
@@ -1490,17 +1501,17 @@ class page_action extends tform_actions {
$rec = $app->db->queryOneRecord("SELECT sys_perm_group, domain, ip_address, ipv6_address from web_domain WHERE domain_id = ?", $this->id);
if(isset($this->dataRecord["domain"]) && $rec['domain'] != $this->dataRecord["domain"] && !$app->tform->checkPerm($this->id, 'u')) {
//* Add a error message and switch back to old server
- $app->tform->errorMessage .= $app->lng('The Domain can not be changed. Please ask your Administrator if you want to change the domain name.');
+ $app->tform->errorMessage .= $app->lng('error_domain_change_forbidden');
$this->dataRecord["domain"] = $rec['domain'];
}
if(isset($this->dataRecord["ip_address"]) && $rec['ip_address'] != $this->dataRecord["ip_address"] && $rec['sys_perm_group'] != 'riud') {
//* Add a error message and switch back to old server
- $app->tform->errorMessage .= $app->lng('The IP can not be changed. Please ask your Administrator if you want to change the IPv4-Address.');
+ $app->tform->errorMessage .= $app->lng('error_ipv4_change_forbidden');
$this->dataRecord["ip_address"] = $rec['ip_address'];
}
if(isset($this->dataRecord["ipv6_address"]) && $rec['ipv6_address'] != $this->dataRecord["ipv6_address"] && $rec['sys_perm_group'] != 'riud') {
//* Add a error message and switch back to old server
- $app->tform->errorMessage .= $app->lng('The IP can not be changed. Please ask your Administrator if you want to change the IPv6-Address.');
+ $app->tform->errorMessage .= $app->lng('error_ipv6_change_forbidden');
$this->dataRecord["ipv6_address"] = $rec['ipv6_address'];
}
unset($rec);
diff --git a/interface/web/themes/default/assets/javascripts/ispconfig.js b/interface/web/themes/default/assets/javascripts/ispconfig.js
index 70e3a903a65dbf44576868151101c19015858bfd..e3a2bee3688d9144d82421c1464529ec0a973211 100644
--- a/interface/web/themes/default/assets/javascripts/ispconfig.js
+++ b/interface/web/themes/default/assets/javascripts/ispconfig.js
@@ -9,30 +9,30 @@ var ISPConfig = {
registeredHooks: new Array(),
new_tpl_add_id: 0,
dataLogTimer: 0,
-
+
options: {
useLoadIndicator: false,
useComboBox: false
},
-
+
setOption: function(key, value) {
ISPConfig.options[key] = value;
},
-
+
setOptions: function(opts) {
$.extend(ISPConfig.options, opts);
},
-
+
reportError: function(request) {
-
+
},
-
+
registerHook: function(name, callback) {
if(!ISPConfig.registeredHooks[name]) ISPConfig.registeredHooks[name] = new Array();
var newindex = ISPConfig.registeredHooks[name].length;
ISPConfig.registeredHooks[name][newindex] = callback;
},
-
+
callHook: function(name, params) {
if(!ISPConfig.registeredHooks[name]) return;
for(var i = 0; i < ISPConfig.registeredHooks[name].length; i++) {
@@ -40,14 +40,14 @@ var ISPConfig = {
callback(name, params);
}
},
-
+
resetFormChanged: function() {
ISPConfig.pageFormChanged = false;
},
showLoadIndicator: function() {
document.body.style.cursor = 'wait';
-
+
if(ISPConfig.options.useLoadIndicator == true) {
ISPConfig.requestsRunning += 1;
@@ -96,7 +96,7 @@ var ISPConfig = {
onAfterContentLoad: function(url, data) {
if(!data) data = '';
else data = '&' + data;
-
+
if(ISPConfig.options.useComboBox == true) {
$('#pageContent').find("select:not(.chosen-select)").select2({
placeholder: '',
@@ -119,7 +119,7 @@ var ISPConfig = {
}
});
}
-
+
$('input[data-input-element="date"]').datetimepicker({
'language': 'en', // TODO
'todayHighlight': true,
@@ -144,18 +144,18 @@ var ISPConfig = {
$(this).prop('readonly', true)
.tooltip({title: "Click to set", placement: "left"});
});
- $('input[type="password"]').on('click focus', function() {
+ $('input[type="password"]').on('click focus', function() {
$(this).prop('readonly', false);
$(this).tooltip('destroy');
});
-
+
ISPConfig.callHook('onAfterContentLoad', {'url': url, 'data': data });
},
submitForm: function(formname, target, confirmation) {
var successMessage = arguments[3];
if(!confirmation) confirmation = false;
-
+
if(!confirmation || window.confirm(confirmation)) {
var submitFormObj = $.ajax({
type: "POST",
@@ -210,12 +210,12 @@ var ISPConfig = {
if(errormsg){
msg = msg+'<div id="errorMsg">'+errormsg+'</div>';
}
-
+
var csrf_key = $response.find('input[name="_csrf_key"]').val();
var csrf_id = $response.find('input[name="_csrf_id"]').val();
-
+
msg = msg + '<input type="hidden" name="_csrf_id" value="' + csrf_id + '" /><input type="hidden" name="_csrf_key" value="' + csrf_key + '" />';
-
+
return msg;
};
@@ -264,7 +264,7 @@ var ISPConfig = {
}
});
},
-
+
loadContent: function(pagename) {
var params = arguments[1];
var pageContentObject2 = $.ajax({
@@ -350,7 +350,7 @@ var ISPConfig = {
ISPConfig.reportError('Ajax Request was not successful. 114');
}
});
-
+
ISPConfig.loadMenus();
ISPConfig.keepalive();
ISPConfig.dataLogNotification();
@@ -358,11 +358,11 @@ var ISPConfig = {
try {
$('form#pageForm').find('input[name="username"]').focus();
} catch (e) {
-
+
}
}, 1000);
},
-
+
loadMenus: function() {
var sideNavObject = $.ajax({
type: "GET",
@@ -409,7 +409,7 @@ var ISPConfig = {
console.log('tab change interrupted, request still running.');
return false;
}
-
+
document.pageForm.next_tab.value = tab;
var idel = $('form#pageForm').find('[name="id"]');
@@ -487,7 +487,7 @@ var ISPConfig = {
}
});
},
-
+
keepalive: function() {
var pageContentObject3 = $.ajax({
type: "GET",
@@ -618,13 +618,13 @@ $(document).on('click', 'a[data-load-content],button[data-load-content]', functi
console.log('preventing click because there is still a request running.');
return;
}
-
+
$page.on('scroll mousedown wheel DOMMouseScroll mousewheel keyup touchmove', function() { $page.stop(); });
$page.animate({scrollTop: 0}, 1000, function() { $page.off('scroll mousedown wheel DOMMouseScroll mousewheel keyup touchmove', function() { $page.stop(); }); });
-
+
var content_to_load = $(this).attr('data-load-content');
if(!content_to_load) return this;
-
+
ISPConfig.loadContent(content_to_load);
});
@@ -634,13 +634,13 @@ $(document).on('click', 'a[data-capp],button[data-capp]', function(e) {
console.log('preventing click because there is still a request running.');
return;
}
-
+
$page.on('scroll mousedown wheel DOMMouseScroll mousewheel keyup touchmove', function() { $page.stop(); });
$page.animate({scrollTop: 0}, 1000, function() { $page.off('scroll mousedown wheel DOMMouseScroll mousewheel keyup touchmove', function() { $page.stop(); }); });
-
+
var content_to_load = $(this).attr('data-capp');
if(!content_to_load) return this;
-
+
ISPConfig.capp(content_to_load);
});
@@ -650,14 +650,14 @@ $(document).on('click', 'a[data-submit-form],button[data-submit-form]', function
console.log('preventing click because there is still a request running.');
return;
}
-
+
$page.on('scroll mousedown wheel DOMMouseScroll mousewheel keyup touchmove', function() { $page.stop(); });
$page.animate({scrollTop: 0}, 1000, function() { $page.off('scroll mousedown wheel DOMMouseScroll mousewheel keyup touchmove', function() { $page.stop(); }); });
-
+
var $el = $(this);
var act = $el.attr('data-form-action');
var form = $el.attr('data-submit-form');
-
+
if($el.attr('data-form-upload') == 'true') ISPConfig.submitUploadForm(form, act);
else ISPConfig.submitForm(form, act);
});
@@ -679,28 +679,28 @@ $(document).on('click', 'th[data-column]', function(e) {
var $self = $(this);
var column = $self.attr('data-column');
if(!column) return this;
-
+
if($("#pageForm .table #Filter").length > 0 && $self.attr('data-sortable') != 'false') {
var $el = $('#Filter');
var act = $el.attr('data-form-action');
var form = $el.attr('data-submit-form');
-
+
var dir = $self.attr('data-ordered');
-
+
var separator = '?';
if(act.indexOf("?") >= 0){
separator = '&';
}
act = act + separator + 'orderby=' + column;
ISPConfig.submitForm(form, act);
-
+
$(document).ajaxComplete(function() {
var $self = $('#pageForm .table th[data-column="' + column + '"]');
$self.parent().children('th[data-column]').removeAttr('data-ordered');
if(dir && dir == 'asc') $self.attr('data-ordered', 'desc');
else $self.attr('data-ordered', 'asc');
});
-
+
}
});
@@ -765,25 +765,23 @@ $(document).on('ready', function () {
})
}
});
-
+
// Animierter Ladefortschritt
$('.progress .progress-bar').css('width', function () {
return $(this).attr('aria-valuenow') + '%';
});
-
- ISPConfig.loadInitContent();
$('#searchform').submit(function(e) {
e.preventDefault();
});
-
+
$("#pageForm").submit(function(e){
//Prevent form submit: e.preventDefault() in lists
if ($("#pageForm .table #Filter").length > 0) {
e.preventDefault();
}
});
-
+
$.fn.setCursorPosition = function(pos) {
var self = $(this).get(0);
if(self.setSelectionRange) {
@@ -799,11 +797,11 @@ $(document).on('ready', function () {
range.select();
}
};
-
+
$.fn.getCursorPosition = function() {
var iCaretPos = 0;
var self = $(this).get(0);
-
+
if(typeof self.selectionStart === 'number') {
iCaretPos = self.selectionDirection == 'backward' ? self.selectionStart : self.selectionEnd;
} else if(document.selection) {
@@ -815,4 +813,3 @@ $(document).on('ready', function () {
return iCaretPos;
};
});
-
diff --git a/interface/web/themes/default/templates/main.tpl.htm b/interface/web/themes/default/templates/main.tpl.htm
index 4cc88760bb33f3f4db9de9a5daf6b7a43b3a0eb7..39622548aa70e6a33e9b40c6713e4e5393a9c213 100644
--- a/interface/web/themes/default/templates/main.tpl.htm
+++ b/interface/web/themes/default/templates/main.tpl.htm
@@ -58,9 +58,9 @@
<div>
<div>
<div class='input-group'>
- <input id='globalsearch' type='text' class='form-control' placeholder='Search' />
+ <input id='globalsearch' type='text' class='form-control' placeholder='{tmpl_var name="globalsearch_searchfield_watermark_txt"}' />
<span class='input-group-btn'>
- <button class='btn btn-default' title='Search…'>
+ <button class='btn btn-default' title='{tmpl_var name="globalsearch_searchfield_watermark_txt"}'>
<span class='icon icon-lens'></span>
</button>
</span>
@@ -90,7 +90,7 @@
</ul>
</div>
<div class="modal-footer">
- <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
+ <button type="button" class="btn btn-default" data-dismiss="modal">{tmpl_var name="datalog_changes_close_txt"}</button>
</div>
</div>
</div>
@@ -153,6 +153,8 @@
resultBoxPosition: ''
});
+ ISPConfig.loadInitContent();
+
});
//-->
</script>
diff --git a/remoting_client/API-docs/content.html b/remoting_client/API-docs/content.html
index c8eb8151641e2e921e813b5751516b7b77ff53f4..00590071d584d34c9c1205e276f6a44d9165579d 100644
--- a/remoting_client/API-docs/content.html
+++ b/remoting_client/API-docs/content.html
@@ -1,44 +1,159 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html><head>
- <title>ISPCOnfig 3 remote API documentation</title>
-
-
-
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-
-
- <style type="text/css">
-<!--
-.command {
- padding: 1em;
- border: 1px dashed #2f6fab;
- color: black;
- background-color: #f9f9f9;
- line-height: 1.1em;
- font-family: Courier New, Courier, mono;
- font-size: 12px;
- font-style: italic;
-}
-
-.system {
- color: black;
- font-family: Courier New, Courier, mono;
- font-size: 12px;
- font-style: italic;
-}
-
-.highlight {
- color: #FF0000;
- font-family: Georgia, "Times New Roman", Times, serif;
- font-size: 12px;
- text-decoration: underline;
-}
--->
- </style></head><body style="color: rgb(0, 0, 0); background-color:#FFFFFF;;" alink="#804080" link="#804080" vlink="#603060">
-<div style="padding:40px">
-<h2>Home</h2>
-<br>
-ISPConfig 3 remote API documentation.
-</div>
-
-</body></html>
+<html>
+
+<head>
+ <title>ISPCOnfig 3 remote API documentation</title>
+
+ <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+
+ <style type="text/css">
+ <!--
+ .command {
+ padding: 1em;
+ border: 1px dashed #2f6fab;
+ color: black;
+ background-color: #f9f9f9;
+ line-height: 1.1em;
+ font-family: Courier New, Courier, mono;
+ font-size: 12px;
+ font-style: italic;
+ }
+
+ .notes {
+ color: #17075c;
+ font-family: Georgia, "Times New Roman", Times, serif;
+ font-size: 14px;
+
+ }
+
+ .preface {
+ color: black;
+ font-family: Georgia, "Times New Roman", Times, serif;
+ font-size: 14px;
+ }
+
+ a:link,
+ a:visited {
+ text-decoration: none;
+ }
+
+
+ a:hover,
+ a:active {
+ text-decoration: underline;
+ }
+
+ .question {
+ font-size: 14px;
+ padding: 0em 0em 0em 1em;
+ }
+
+ .answer {
+ padding: 0em 0em 0em 2em;
+ }
+ -->
+ </style>
+</head>
+
+<body>
+ <div style="padding:40px">
+ <h2>ISPConfig 3 Remote API Documentation</h2>
+ <div class="notes">
+ <h3>Notes</h3>
+
+ <p class="preface">These notes are new for v3.2 and the content will change.<br />
+ This is currently in FAQ format, because the topics seem to be Frequently Asked Questions.<br />
+ Over time, notes will also be added to individual function pages.<br />
+ If you would like to help with this process, please visit the forum, and add your comments to <a
+ href="https://www.howtoforge.com/community/threads/api-doc-you-can-help.84944/">this thread</a>
+ which has been created for this purpose.<br />
+ Thank you for your patience and collaboration.
+ </p>
+
+ <h4 class="question">What do we do to get started with API calls?</h4>
+ <div class="answer">
+ <p>Create a "Remote" User in the ISPConfig UI. Check boxes there to assign permissions for
+ the kinds of queries that can be processed by that user.</p>
+ <p>Almost all API queries require a session_id. To get that, call the login function, sending the remote
+ username and password. The response will be a single value which will be used as your session ID for
+ a limited time period for all other requests.</p>
+ <p>Finishing with a logout request is recommended, but optional since the session IDs expire.</p>
+ </div>
+
+ <h4 class="question">How do I get all records with a _get request?</h4>
+ <div class="answer">Rather than using a single integer ID as a primary key selector (domain_id, group_id,
+ etc), use -1. Where the primary key for a _get request is a string, use an empty array ' [] '. Do not
+ use an empty string ' "" ', which is itself a valid string and will/should return an empty array result.
+ </div>
+
+ <h4 class="question">Are defaults used if we only send some of the defined parameters?</h4>
+ <div class="answer">No, there are no default values except where explicitly noted. For example, in the
+ system_config_get function, the key element is optional because it is documented as defaulting to an
+ empty string. For all requests, except where documented otherwise, send all documented parameters.</div>
+
+ <h4 class="question">Examples are provided for SOAP, why not for REST?</h4>
+ <div class="answer">The REST API supports all functions and can be exactly substituted for SOAP examples.
+ For all functions, the request and response parameters are the same for SOAP and REST.</div>
+
+ <h4 class="question">Are there examples for cURL? Python? C#? JavaScript? (anything else...)</h4>
+ <div class="answer">The documentation details request and response parameters which can be passed using any
+ language or toolchain. The URL always includes the function name. Queries are always sent via POST. The
+ result is always in the same JSON format. Use Postman or another tool to generate code in your preferred
+ languages.</div>
+
+ <h4 class="question">I created a new record (domain, mail user, etc). Why isn't it showing in the UI?</h4>
+ <div class="answer">If a parent ID is invalid, a transaction may be accepted, with a record created under a
+ different parent entity.
+ </div>
+
+ <h4 class="question">Why does a response show a successful result when there is no data?</h4>
+ <div class="answer">Carefully check the names and values being sent. Invalid name/value pairs are ignored. A
+ request that does not include a valid request paramenter is requesting nothing, so the return value is
+ nothing. The query was successful, and returned no data.</div>
+
+ <h4 class="question">Why are parameters $session_id and others being ignored?</h4>
+ <div class="answer">The documentation shows PHP function syntax. SOAP and REST parameters do not include the
+ leading $dollar-sign</div>
+
+ <h4 class="question">Key Concept:</h4>
+ <div class="answer">Based on the above you may be thinking there is very little error checking with this
+ API. That is correct. As noted by Jesse Norell: <blockquote>"The api is largely just an interface to the
+ database tables, and will usually accept what you send, whether that's consistent/correct or not. It
+ can be a feature, eg. you can create a mail alias first before creating the mailbox to which it
+ forwards, but it does mean you have a lot more testing to do on your side because you can't just
+ rely on an error to be thrown if you send inconsistent data."</blockquote>
+ </div>
+
+ <h4 class="question">What is sys_userid and sys_groupid?</h4>
+ <div class="answer">
+ <p>These fields are referenced often in the developer forum and in code, usually with some confusion.
+ These internal database fields are used in SQL queries to determine parent/child client
+ relationships. The fields are not passed to API calls, with the exception of one function,
+ client_get_id which is a convenience function to return the client_id for a sys_userid. In the past
+ other functions included these keys in the request. Now, when a function request includes a
+ client_id, at query time a lookup is done to get the internal sys_userid for that client.</p>
+ <p>The sys_userid can identify the creator of a record. This may be the ID of the local/UI user or the
+ remote/API user that is logging in to create records. If a client record is created without a
+ reseller, both the sys_userid and the sys_groupid are the same user ID.</p>
+ <p>If a client record is created with a reseller, the meaning of the fields is completely different. The
+ sys_userid is not a logged-in user ID. It is a new ID that represents the client under the reseller.
+ The sys_groupid for a client under a reseller is (a foreign-key to) the sys_userid of the client
+ record for the reseller. In this scenario, the sys_groupid establishes a child-to-parent
+ relationship.</p>
+ </div>
+
+ <h4 class="question">What domains are the 'domains_' functions operating on?</h4>
+ <div class="answer">The 'domains_' functions update the 'domains' table, which is used by the domain limit
+ module. Clients and resellers are restricted to the domains in this table. To activate domain limits, go
+ to System > Interface > Main Config, then to the Domains tab. Logout/in. Then go to Sites, Add or Edit a
+ site, the "Domain" dropdown list uses this table.</div>
+
+ <h4 class="question">What will be here next?</h4>
+ <div class="answer">Maybe something you write... </div>
+
+ </div>
+ </div>
+
+</body>
+
+</html>
\ No newline at end of file
diff --git a/remoting_client/examples/client_change_password.php b/remoting_client/examples/client_change_password.php
index 5e20b11bc49773daa09ea29d8a27197be0e1f414..9782cc95690cda5126847dce24d375b2bfbb0e93 100644
--- a/remoting_client/examples/client_change_password.php
+++ b/remoting_client/examples/client_change_password.php
@@ -15,11 +15,21 @@ try {
}
//* Set the function parameters.
- $domain = 'test.int';
- $record_record = $client->mail_domain_get_by_domain($session_id, $domain);
+ $client_id = 1;
+ $new_password = 'YourNewPassword';
+
+ $success = $client->client_change_password($session_id, $client_id, $new_password);
+
+ if ($success == 1)
+ {
+ echo "Password has been changed successfully";
+ }
+ else
+ {
+ echo "Error";
+ }
- print_r($record_record);
echo "<br>";
if($client->logout($session_id)) {
diff --git a/server/conf/sieve_filter.master b/server/conf/sieve_filter.master
index c5b33e4ba314f0c52af852273318096bf24fb1ff..b5dedebf293706ea67fd7a2aff107186663ccbb4 100644
--- a/server/conf/sieve_filter.master
+++ b/server/conf/sieve_filter.master
@@ -3,12 +3,12 @@
# You can create and activate a per-user sieve script (manually or via managesieve),
# which will execute after this.
-require ["fileinto", "regex", "date", "relational", "vacation", "imap4flags", "envelope", "subaddress", "copy", "reject"];
+require ["fileinto", "mailbox", "regex", "date", "relational", "vacation", "imap4flags", "envelope", "subaddress", "copy", "reject"];
<tmpl_if name="move_junk" op="==" value="y">
# Move spam to spam folder
if anyof (header :contains "X-Spam-Flag" "YES", header :contains "X-Spam" "Yes", header :contains "subject" "*** SPAM ***", header :contains "subject" "***SPAM***") {
- fileinto "Junk";
+ fileinto :create "Junk";
# Stop here so that we do not reply on spams
stop;
}
@@ -32,7 +32,7 @@ redirect "<tmpl_var name='address'>";
<tmpl_if name="move_junk" op="==" value="a">
# Move spam to spam folder
if anyof (header :contains "X-Spam-Flag" "YES", header :contains "X-Spam" "Yes", header :contains "subject" "*** SPAM ***", header :contains "subject" "***SPAM***") {
- fileinto "Junk";
+ fileinto :create "Junk";
# Stop here so that we do not reply on spams
stop;
}
diff --git a/server/lib/classes/backup.inc.php b/server/lib/classes/backup.inc.php
index ba28cd4c90559b0a2f323517eb929cfe4ea554c9..485bd996d3b2059401e61dc1a1360d71a69f0b81 100644
--- a/server/lib/classes/backup.inc.php
+++ b/server/lib/classes/backup.inc.php
@@ -1147,7 +1147,7 @@ class backup
$records = $app->db->queryAllRecords("SELECT * FROM web_database WHERE server_id = ? AND parent_domain_id = ?", $server_id, $domain_id);
if (empty($records)){
- $app->log('Skipping database backup for domain ' . $web_domain['domain_id'] . ', because no related databases found.', LOGLEVEL_ERROR);
+ $app->log('Skipping database backup for domain ' . $web_domain['domain_id'] . ', because no related databases found.', LOGLEVEL_DEBUG);
return true;
}
@@ -1450,4 +1450,3 @@ class backup
}
?>
-
diff --git a/server/lib/classes/cron.d/150-goaccess.inc.php b/server/lib/classes/cron.d/150-goaccess.inc.php
index 8c9d7644420490272e36578cc933f8f883073fa2..8f397c819a2bde230d49314a8e861fd385749165 100644
--- a/server/lib/classes/cron.d/150-goaccess.inc.php
+++ b/server/lib/classes/cron.d/150-goaccess.inc.php
@@ -61,183 +61,186 @@ class cronjob_goaccess extends cronjob {
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
- $goaccess_conf_locs = array('/etc/goaccess.conf', '/etc/goaccess/goaccess.conf');
- $count = 0;
-
- foreach($goaccess_conf_locs as $goa_loc) {
- if(is_file($goa_loc) && (filesize($goa_loc) > 0)) {
- $goaccess_conf_main = $goa_loc;
- break;
- } else {
- $count++;
- if($count == 2) {
- $app->log("No GoAccess base config found. Make sure that GoAccess is installed and that the goaccess.conf does exist in /etc or /etc/goaccess", LOGLEVEL_ERROR);
- }
- }
- }
-
-
- /* Check if goaccess binary is in path */
- system("type goaccess 2>&1>/dev/null", $retval);
- if ($retval === 0) {
-
- foreach($records as $rec) {
- $yesterday = date('Ymd', strtotime("-1 day", time()));
-
- $log_folder = 'log';
-
- if($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') {
- $tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = ?', $rec['parent_domain_id']);
- $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $rec['domain']);
- if($subdomain_host == '') $subdomain_host = 'web'.$rec['domain_id'];
- $log_folder .= '/' . $subdomain_host;
- unset($tmp);
- }
+ if(is_array($records) && !empty($records)) {
- $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log';
+ /* Check if goaccess binary is in path/installed */
+ if($app->system->is_installed('goaccess')) {
- if(!@is_file($logfile)) {
- $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz';
- if(!@is_file($logfile)) {
- continue;
+ $goaccess_conf_locs = array('/etc/goaccess.conf', '/etc/goaccess/goaccess.conf');
+ $count = 0;
+
+ foreach($goaccess_conf_locs as $goa_loc) {
+ if(is_file($goa_loc) && (filesize($goa_loc) > 0)) {
+ $goaccess_conf_main = $goa_loc;
+ break;
+ } else {
+ $count++;
+ if($count == 2) {
+ $app->log("No GoAccess base config found. Make sure that GoAccess is installed and that the goaccess.conf does exist in /etc or /etc/goaccess", LOGLEVEL_ERROR);
+ }
+ }
+ }
+
+
+ foreach($records as $rec) {
+ $yesterday = date('Ymd', strtotime("-1 day", time()));
+
+ $log_folder = 'log';
+
+ if($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') {
+ $tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = ?', $rec['parent_domain_id']);
+ $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $rec['domain']);
+ if($subdomain_host == '') $subdomain_host = 'web'.$rec['domain_id'];
+ $log_folder .= '/' . $subdomain_host;
+ unset($tmp);
}
- }
- $web_folder = (($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') ? $rec['web_folder'] : 'web');
- $domain = $rec['domain'];
- $statsdir = $rec['document_root'].'/'.$web_folder.'/stats';
- $goaccess_conf = $rec['document_root'].'/log/goaccess.conf';
+ $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log';
+
+ if(!@is_file($logfile)) {
+ $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz';
+ if(!@is_file($logfile)) {
+ continue;
+ }
+ }
- /*
- In case that you use a different log format, you should use a custom goaccess.conf which you'll have to put into /usr/local/ispconfig/server/conf-custom/.
- By default the originally, with GoAccess shipped goaccess.conf from /etc/ or /etc/goaccess will be used along with the log-format value COMBINED.
- */
+ $web_folder = (($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') ? $rec['web_folder'] : 'web');
+ $domain = $rec['domain'];
+ $statsdir = $rec['document_root'].'/'.$web_folder.'/stats';
+ $goaccess_conf = $rec['document_root'].'/log/goaccess.conf';
- if(file_exists("/usr/local/ispconfig/server/conf-custom/goaccess.conf.master") && (!file_exists($goaccess_conf))) {
- $app->system->copy("/usr/local/ispconfig/server/conf-custom/goaccess.conf.master", $goaccess_conf);
- } elseif(!file_exists($goaccess_conf)) {
/*
- By default the goaccess.conf should get copied by the webserver plugin but in case it wasn't, or it got deleted by accident we gonna copy it again to the destination dir.
- Also there was no /usr/local/ispconfig/server/conf-custom/goaccess.conf.master, so we gonna use /etc/goaccess.conf as the base conf.
+ In case that you use a different log format, you should use a custom goaccess.conf which you'll have to put into /usr/local/ispconfig/server/conf-custom/.
+ By default the originally, with GoAccess shipped goaccess.conf from /etc/ or /etc/goaccess will be used along with the log-format value COMBINED.
*/
- $app->system->copy($goaccess_conf_main, $goaccess_conf);
- $content = $app->system->file_get_contents($goaccess_conf, true);
- $content = preg_replace('/^(#)?log-format COMBINED/m', "log-format COMBINED", $content);
- $app->system->file_put_contents($goaccess_conf, $content, true);
- unset($content);
- }
-
- /* Update the primary domain name in the title, it could occasionally change */
- if(is_file($goaccess_conf) && (filesize($goaccess_conf) > 0)) {
- $content = $app->system->file_get_contents($goaccess_conf, true);
- $content = preg_replace('/^(#)?html-report-title(.*)/m', "html-report-title $domain", $content);
- $app->system->file_put_contents($goaccess_conf, $content, true);
- unset($content);
- }
-
- $username = $rec['system_user'];
- $groupname = $rec['system_group'];
- $docroot = $rec['document_root'];
+ if(file_exists("/usr/local/ispconfig/server/conf-custom/goaccess.conf.master") && (!file_exists($goaccess_conf))) {
+ $app->system->copy("/usr/local/ispconfig/server/conf-custom/goaccess.conf.master", $goaccess_conf);
+ } elseif(!file_exists($goaccess_conf)) {
- if(!@is_dir($statsdir)) $app->system->mkdirpath($statsdir, 0755, $username, $groupname);
+ /*
+ By default the goaccess.conf should get copied by the webserver plugin but in case it wasn't, or it got deleted by accident we gonna copy it again to the destination dir.
+ Also there was no /usr/local/ispconfig/server/conf-custom/goaccess.conf.master, so we gonna use /etc/goaccess.conf or /etc/goaccess/goaccess.conf as the base conf.
+ */
- $goa_db_dir = $docroot.'/'.$web_folder.'/stats/.db/';
- $output_html = $docroot.'/'.$web_folder.'/stats/goaindex.html';
- if(!@is_dir($goa_db_dir)) $app->system->mkdirpath($goa_db_dir);
-
- if(is_link('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log')) $app->system->unlink('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log');
- symlink($logfile, '/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log');
+ $app->system->copy($goaccess_conf_main, $goaccess_conf);
+ $content = $app->system->file_get_contents($goaccess_conf, true);
+ $content = preg_replace('/^(#)?log-format COMBINED/m', "log-format COMBINED", $content);
+ $app->system->file_put_contents($goaccess_conf, $content, true);
+ unset($content);
+ }
+ /* Update the primary domain name in the title, it could occasionally change */
+ if(is_file($goaccess_conf) && (filesize($goaccess_conf) > 0)) {
+ $content = $app->system->file_get_contents($goaccess_conf, true);
+ $content = preg_replace('/^(#)?html-report-title(.*)/m', "html-report-title $domain", $content);
+ $app->system->file_put_contents($goaccess_conf, $content, true);
+ unset($content);
+ }
- $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $statsdir);
+ $username = $rec['system_user'];
+ $groupname = $rec['system_group'];
+ $docroot = $rec['document_root'];
- $goamonth = date("n");
- $goayear = date("Y");
+ if(!@is_dir($statsdir)) $app->system->mkdirpath($statsdir, 0755, $username, $groupname);
- if (date("d") == 1) {
- $goamonth = date("m")-1;
- if (date("m") == 1) {
- $goayear = date("Y")-1;
- $goamonth = "12";
- }
- }
+ $goa_db_dir = $docroot.'/'.$web_folder.'/stats/.db/';
+ $output_html = $docroot.'/'.$web_folder.'/stats/goaindex.html';
+ if(!@is_dir($goa_db_dir)) $app->system->mkdirpath($goa_db_dir);
+
+ if(is_link('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log')) $app->system->unlink('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log');
- if (date("d") == 2) {
- $goamonth = date("m")-1;
- if (date("m") == 1) {
- $goayear = date("Y")-1;
- $goamonth = "12";
+ symlink($logfile, '/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log');
+ $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $statsdir);
+
+ $goamonth = date("n");
+ $goayear = date("Y");
+
+ if (date("d") == 1) {
+ $goamonth = date("m")-1;
+ if (date("m") == 1) {
+ $goayear = date("Y")-1;
+ $goamonth = "12";
+ }
}
- $statsdirold = $statsdir."/".$goayear."-".$goamonth."/";
+ if (date("d") == 2) {
+ $goamonth = date("m")-1;
+ if (date("m") == 1) {
+ $goayear = date("Y")-1;
+ $goamonth = "12";
+ }
+
+ $statsdirold = $statsdir."/".$goayear."-".$goamonth."/";
+
+ if(!is_dir($statsdirold)) {
+ $app->system->mkdirpath($statsdirold, 0755, $username, $groupname);
+ }
- if(!is_dir($statsdirold)) {
- $app->system->mkdirpath($statsdirold, 0755, $username, $groupname);
- }
+ // don't rotate db files per month
+ //rename($goa_db_dir, $statsdirold.'db');
+ //mkdir($goa_db_dir);
- // don't rotate db files per month
- //rename($goa_db_dir, $statsdirold.'db');
- //mkdir($goa_db_dir);
- $files = scandir($statsdir);
+ $files = scandir($statsdir);
- foreach ($files as $file) {
- if (substr($file, 0, 1) != "." && !is_dir("$statsdir"."/"."$file") && substr($file, 0, 1) != "w" && substr($file, 0, 1) != "i") $app->system->copy("$statsdir"."/"."$file", "$statsdirold"."$file");
+ foreach ($files as $file) {
+ if (substr($file, 0, 1) != "." && !is_dir("$statsdir"."/"."$file") && substr($file, 0, 1) != "w" && substr($file, 0, 1) != "i") $app->system->copy("$statsdir"."/"."$file", "$statsdirold"."$file");
+ }
}
- }
-
- // Get the GoAccess version
- $match = array();
- $goaccess_version = $app->system->system_safe('goaccess --version 2>&1');
+ // Get the GoAccess version
+ $match = array();
+
+ $goaccess_version = $app->system->system_safe('goaccess --version 2>&1');
- if(preg_match('/[0-9]\.[0-9]{1,2}/', $goaccess_version, $match)) {
- $goaccess_version = $match[0];
- }
+ if(preg_match('/[0-9]\.[0-9]{1,2}/', $goaccess_version, $match)) {
+ $goaccess_version = $match[0];
+ }
- /*
- * GoAccess removed with 1.4 btree support and supports from this version on only "In-Memory with On-Disk Persitance Storage".
- * For versions prior 1.4 you need GoAccess with btree support compiled!
- */
+ /*
+ * GoAccess removed with 1.4 btree support and supports from this version on only "In-Memory with On-Disk Persitance Storage".
+ * For versions prior 1.4 you need GoAccess with btree support compiled!
+ */
- $cust_lang = $conf['language']."_".strtoupper($conf['language']);
-
- if(version_compare($goaccess_version,1.4) >= 0) {
- $app->system->exec_safe("LANG=? goaccess -f ? --config-file ? --restore --persist --db-path=? --output=?", $cust_lang, $logfile, $goaccess_conf, $goa_db_dir, $output_html);
- } else {
- $output = $app->system->system_safe('goaccess --help 2>&1');
- preg_match('/keep-db-files/', $output, $match);
- if($match[0] == "keep-db-files") {
- $app->system->exec_safe("LANG=? goaccess -f ? --config-file ? --load-from-disk --keep-db-files --db-path=? --output=?", $cust_lang, $logfile, $goaccess_conf, $goa_db_dir, $output_html);
- } else {
- $app->log("Stats not generated. The GoAccess binary was not compiled with btree support. Please recompile/reinstall GoAccess with btree support, or install GoAccess version >= 1.4!", LOGLEVEL_ERROR);
- }
- unset($output);
- }
- unset($cust_lang);
+ $cust_lang = $conf['language']."_".strtoupper($conf['language']);
- if(!is_file($rec['document_root']."/".$web_folder."/stats/index.php")) {
- if(file_exists("/usr/local/ispconfig/server/conf-custom/goaccess_index.php.master")) {
- $app->system->copy("/usr/local/ispconfig/server/conf-custom/goaccess_index.php.master", $rec['document_root']."/".$web_folder."/stats/index.php");
+ if(version_compare($goaccess_version,1.4) >= 0) {
+ $app->system->exec_safe("LANG=? goaccess -f ? --config-file ? --restore --persist --db-path=? --output=?", $cust_lang, $logfile, $goaccess_conf, $goa_db_dir, $output_html);
} else {
- $app->system->copy("/usr/local/ispconfig/server/conf/goaccess_index.php.master", $rec['document_root']."/".$web_folder."/stats/index.php");
+ $output = $app->system->system_safe('goaccess --help 2>&1');
+ preg_match('/keep-db-files/', $output, $match);
+ if($match[0] == "keep-db-files") {
+ $app->system->exec_safe("LANG=? goaccess -f ? --config-file ? --load-from-disk --keep-db-files --db-path=? --output=?", $cust_lang, $logfile, $goaccess_conf, $goa_db_dir, $output_html);
+ } else {
+ $app->log("Stats not generated. The GoAccess binary was not compiled with btree support. Please recompile/reinstall GoAccess with btree support, or install GoAccess version >= 1.4!", LOGLEVEL_ERROR);
+ }
+ unset($output);
+ }
+ unset($cust_lang);
+
+ if(!is_file($rec['document_root']."/".$web_folder."/stats/index.php")) {
+ if(file_exists("/usr/local/ispconfig/server/conf-custom/goaccess_index.php.master")) {
+ $app->system->copy("/usr/local/ispconfig/server/conf-custom/goaccess_index.php.master", $rec['document_root']."/".$web_folder."/stats/index.php");
+ } else {
+ $app->system->copy("/usr/local/ispconfig/server/conf/goaccess_index.php.master", $rec['document_root']."/".$web_folder."/stats/index.php");
+ }
}
- }
- $app->log('Created GoAccess statistics for ' . $domain, LOGLEVEL_DEBUG);
- if(is_file($rec['document_root']."/".$web_folder."/stats/index.php")) {
- chown($rec['document_root']."/".$web_folder."/stats/index.php", $rec['system_user']);
- chgrp($rec['document_root']."/".$web_folder."/stats/index.php", $rec['system_group']);
- }
+ $app->log('Created GoAccess statistics for ' . $domain, LOGLEVEL_DEBUG);
+ if(is_file($rec['document_root']."/".$web_folder."/stats/index.php")) {
+ $app->system->chown($rec['document_root']."/".$web_folder."/stats/index.php", $rec['system_user']);
+ $app->system->chgrp($rec['document_root']."/".$web_folder."/stats/index.php", $rec['system_group']);
+ }
- $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $statsdir);
+ $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $statsdir);
+ }
+ } else {
+ $app->log("Stats not generated. The GoAccess binary couldn't be found. Make sure that GoAccess is installed and that it is in \$PATH", LOGLEVEL_ERROR);
}
- } else {
- $app->log("Stats not generated. The GoAccess binary couldn't be found. Make sure that GoAccess is installed and that it is in \$PATH", LOGLEVEL_ERROR);
- }
+ }
parent::onRunJob();
}
diff --git a/server/lib/classes/cron.d/200-logfiles.inc.php b/server/lib/classes/cron.d/200-logfiles.inc.php
index b0470b2ec76c539c89dc811716e2359a71145183..ef0bbb1201b0bf35a67d77e96fc6b3d4c1e1a408 100644
--- a/server/lib/classes/cron.d/200-logfiles.inc.php
+++ b/server/lib/classes/cron.d/200-logfiles.inc.php
@@ -124,7 +124,7 @@ class cronjob_logfiles extends cronjob {
$cron_logfiles = array('cron.log', 'cron_error.log', 'cron_wget.log');
foreach($cron_logfiles as $cron_logfile) {
- $cron_logfile = $rec['document_root'].'/' . $log_folder . '/' . $cron_logfile;
+ $cron_logfile = $rec['document_root'].'/private/' . $cron_logfile;
// rename older files (move up by one)
$num = $log_retention;
@@ -193,7 +193,7 @@ class cronjob_logfiles extends cronjob {
if(is_file($ispconfig_logfile . '.' . $num . '.gz')) rename($ispconfig_logfile . '.' . $num . '.gz', $ispconfig_logfile . '.' . ($num + 1) . '.gz');
$num--;
}
- // compress current logfile
+ //* compress current logfile
if(is_file($ispconfig_logfile)) {
$app->system->exec_safe("gzip -c ? > ?", $ispconfig_logfile, $ispconfig_logfile . '.1.gz');
$app->system->exec_safe("cat /dev/null > ?", $ispconfig_logfile);
diff --git a/server/lib/classes/letsencrypt.inc.php b/server/lib/classes/letsencrypt.inc.php
index 734663811921d799674fcc9e0cbe3b5e1b28bf60..3ce63b48b48d0a86f420c5b6a1fbc4415fa33644 100644
--- a/server/lib/classes/letsencrypt.inc.php
+++ b/server/lib/classes/letsencrypt.inc.php
@@ -30,7 +30,7 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
class letsencrypt {
- /**
+ /**
* Construct for this class
*
* @return system
@@ -74,7 +74,7 @@ class letsencrypt {
$cert_arg = '--fullchain-file ' . escapeshellarg($bundle_file) . ' --cert-file ' . escapeshellarg($cert_file);
}
- $cmd = 'R=0 ; C=0 ; ' . $letsencrypt . ' --issue ' . $cmd . ' -w /usr/local/ispconfig/interface/acme ; R=$? ; if [[ $R -eq 0 || $R -eq 2 ]] ; then ' . $letsencrypt . ' --install-cert ' . $cmd . ' --key-file ' . escapeshellarg($key_file) . ' ' . $cert_arg . ' --reloadcmd ' . escapeshellarg($this->get_reload_command()) . ' --log ' . escapeshellarg($conf['ispconfig_log_dir'].'/acme.log') . '; C=$? ; fi ; if [[ $C -eq 0 ]] ; then exit $R ; else exit $C ; fi';
+ $cmd = 'R=0 ; C=0 ; ' . $letsencrypt . ' --issue ' . $cmd . ' -w /usr/local/ispconfig/interface/acme --always-force-new-domain-key --keylength 4096; R=$? ; if [[ $R -eq 0 || $R -eq 2 ]] ; then ' . $letsencrypt . ' --install-cert ' . $cmd . ' --key-file ' . escapeshellarg($key_file) . ' ' . $cert_arg . ' --reloadcmd ' . escapeshellarg($this->get_reload_command()) . ' --log ' . escapeshellarg($conf['ispconfig_log_dir'].'/acme.log') . '; C=$? ; fi ; if [[ $C -eq 0 ]] ; then exit $R ; else exit $C ; fi';
return $cmd;
}
@@ -542,4 +542,4 @@ class letsencrypt {
return false;
}
}
-}
\ No newline at end of file
+}
diff --git a/server/mods-available/remoteaction_core_module.inc.php b/server/mods-available/remoteaction_core_module.inc.php
index 3b6bb9fb497366c4e2d05d2324777a6eb0273620..a32f99f87f007b0926b5c21df54e0558fb9015a8 100644
--- a/server/mods-available/remoteaction_core_module.inc.php
+++ b/server/mods-available/remoteaction_core_module.inc.php
@@ -172,16 +172,17 @@ class remoteaction_core_module {
/*
* Do the update
*/
- exec("aptitude update");
- exec("aptitude safe-upgrade -y");
+ //Guess this is not wanted here?
+ //exec("aptitude update");
+ //exec("aptitude safe-upgrade -y");
//TODO : change this when distribution information has been integrated into server record
if(file_exists('/etc/gentoo-release')) {
exec("glsa-check -f --nocolor affected");
}
else {
- exec("aptitude update");
- exec("aptitude safe-upgrade -y");
+ exec("apt-get update");
+ exec("apt-get -y upgrade");
}
/*
@@ -192,7 +193,7 @@ class remoteaction_core_module {
private function _doIspCUpdate($action) {
global $app;
-
+
// Ensure that this code is not executed twice as this would cause a loop in case of a failure
$this->_actionDone($action['action_id'], 'ok');
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 82340587140d9b8c8cc550c9157677adf1cd4889..ca14b737be66bc7b7e77adc5078c713119873de7 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -613,7 +613,7 @@ class apache2_plugin {
unset($tmp);
if($app->system->is_blacklisted_web_path($web_folder)) {
- $app->log('Vhost is using a blacklisted web folder: ' . $web_folder, LOGLEVEL_ERROR);
+ $app->log('Vhost ' . $subdomain_host . ' is using a blacklisted web folder: ' . $web_folder, LOGLEVEL_ERROR);
return 0;
}
diff --git a/server/plugins-available/bind_plugin.inc.php b/server/plugins-available/bind_plugin.inc.php
index d4b4a7c01c0516e582c1128c6180a6d3e6320aa1..b152a8758db795ad17b708ffe80ed27b1a8928d8 100644
--- a/server/plugins-available/bind_plugin.inc.php
+++ b/server/plugins-available/bind_plugin.inc.php
@@ -85,75 +85,114 @@ class bind_plugin {
//* load the server configuration options
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
-
+
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$this->zone_file_prefix().$domain)) return false;
-
+
//* Check Entropy
if (file_get_contents('/proc/sys/kernel/random/entropy_avail') < 400) {
$app->log('DNSSEC ERROR: We are low on entropy. Not generating new Keys for '.$domain.'. Please consider installing package haveged.', LOGLEVEL_WARN);
echo "DNSSEC ERROR: We are low on entropy. Not generating new Keys for $domain. Please consider installing package haveged.\n";
return false;
}
-
+
//* Verify that we do not already have keys (overwriting-protection)
- if (file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) {
- return $this->soa_dnssec_update($data);
- } else if ($data['new']['dnssec_initialized'] == 'Y') { //In case that we generated keys but the dsset-file was not generated
- $keycount=0;
- foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
- $keycount++;
- }
- if ($keycount > 0) {
- $this->soa_dnssec_sign($data);
- return true;
+ if($data['old']['dnssec_algo'] == $data['new']['dnssec_algo']) {
+ if (file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) {
+ return $this->soa_dnssec_update($data);
+ } else if ($data['new']['dnssec_initialized'] == 'Y') { //In case that we generated keys but the dsset-file was not generated
+ $keycount=0;
+ foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
+ $keycount++;
+ }
+ if ($keycount > 0) {
+ $this->soa_dnssec_sign($data);
+ return true;
+ }
}
}
-
- //Do some magic...
- $app->system->exec_safe('cd ?; dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE ?; dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE ?', $dns_config['bind_zonefiles_dir'], $domain, $domain);
+
+ // Get DNSSEC Algorithms
+ $dnssec_algo = explode(',',$data['new']['dnssec_algo']);
+
+ //* Create the Zone Signing and Key Signing Keys
+ if(in_array('ECDSAP256SHA256',$dnssec_algo) && count(glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+013*.key')) == 0) {
+ $app->system->exec_safe('cd ?; dnssec-keygen -3 -a ECDSAP256SHA256 -n ZONE ?; dnssec-keygen -f KSK -3 -a ECDSAP256SHA256 -n ZONE ?', $dns_config['bind_zonefiles_dir'], $domain, $domain);
+ }
+ if(in_array('NSEC3RSASHA1',$dnssec_algo) && count(glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+007*.key')) == 0) {
+ $app->system->exec_safe('cd ?; dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE ?; dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE ?', $dns_config['bind_zonefiles_dir'], $domain, $domain);
+ }
$this->soa_dnssec_sign($data); //Now sign the zone for the first time
$data['new']['dnssec_initialized']='Y';
}
-
+
function soa_dnssec_sign(&$data) {
global $app, $conf;
-
+
//* Load libraries
$app->uses("getconf,tpl");
//* load the server configuration options
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
-
+
$filespre = $this->zone_file_prefix();
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain)) return false;
-
+
+ //* Get DNSSEC Algorithms
+ $dnssec_algo = explode(',',$data['new']['dnssec_algo']);
+
+ //* Get Zone file content
$zonefile = file_get_contents($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain);
$keycount=0;
- foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
- $includeline = '$INCLUDE '.basename($keyfile);
- if (!preg_match('@'.preg_quote($includeline).'@', $zonefile)) $zonefile .= "\n".$includeline."\n";
- $keycount++;
+
+ //* Include ECDSAP256SHA256 keys in zone
+ if(in_array('ECDSAP256SHA256',$dnssec_algo)) {
+ foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+013*.key') as $keyfile) {
+ $includeline = '$INCLUDE '.basename($keyfile);
+ if (!preg_match('@'.preg_quote($includeline).'@', $zonefile)) $zonefile .= "\n".$includeline."\n";
+ $keycount++;
+ }
}
- if ($keycount != 2) $app->log('DNSSEC Warning: There are more or less than 2 keyfiles for zone '.$domain, LOGLEVEL_WARN);
+
+ //* Include NSEC3RSASHA1 keys in zone
+ if(in_array('NSEC3RSASHA1',$dnssec_algo)) {
+ foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+007*.key') as $keyfile) {
+ $includeline = '$INCLUDE '.basename($keyfile);
+ if (!preg_match('@'.preg_quote($includeline).'@', $zonefile)) $zonefile .= "\n".$includeline."\n";
+ $keycount++;
+ }
+ }
+
+ $keycount_wanted = count(explode(',',$data['new']['dnssec_algo']))*2;
+
+ if ($keycount != $keycount_wanted) $app->log('DNSSEC Warning: There are more or less than 2 keyfiles for each algorithm for zone '.$domain.'. Found: '.$keycount. ' Expected: '.$keycount_wanted, LOGLEVEL_WARN);
file_put_contents($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain, $zonefile);
-
- //Sign the zone and set it valid for max. 16 days
+
+ //* Sign the zone and set it valid for max. 16 days
$app->system->exec_safe('cd ?; dnssec-signzone -A -e +1382400 -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o ? -t ?', $dns_config['bind_zonefiles_dir'], $domain, $filespre.$domain);
-
- //Write Data back ino DB
+
+ //* Write Data back ino DB
$dnssecdata = "DS-Records:\n".file_get_contents($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.');
$dnssecdata .= "\n------------------------------------\n\nDNSKEY-Records:\n";
- foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'*.key') as $keyfile) {
- $dnssecdata .= file_get_contents($keyfile)."\n\n";
+
+ if(in_array('ECDSAP256SHA256',$dnssec_algo)) {
+ foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+013*.key') as $keyfile) {
+ $dnssecdata .= file_get_contents($keyfile)."\n\n";
+ }
}
-
+
+ if(in_array('NSEC3RSASHA1',$dnssec_algo)) {
+ foreach (glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+007*.key') as $keyfile) {
+ $dnssecdata .= file_get_contents($keyfile)."\n\n";
+ }
+ }
+
if ($app->dbmaster !== $app->db) $app->dbmaster->query('UPDATE dns_soa SET dnssec_info=?, dnssec_initialized=\'Y\', dnssec_last_signed=? WHERE id=?', $dnssecdata, intval(time()), intval($data['new']['id']));
$app->db->query('UPDATE dns_soa SET dnssec_info=?, dnssec_initialized=\'Y\', dnssec_last_signed=? WHERE id=?', $dnssecdata, intval(time()), intval($data['new']['id']));
}
-
+
function soa_dnssec_update(&$data, $new=false) {
global $app, $conf;
@@ -162,20 +201,20 @@ class bind_plugin {
//* load the server configuration options
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
-
+
$filespre = $this->zone_file_prefix();
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
if (!file_exists($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain)) return false;
-
+
//* Check for available entropy
if (file_get_contents('/proc/sys/kernel/random/entropy_avail') < 200) {
$app->log('DNSSEC ERROR: We are low on entropy. This could cause server script to fail. Please consider installing package haveged.', LOGLEVEL_ERR);
echo "DNSSEC ERROR: We are low on entropy. This could cause server script to fail. Please consider installing package haveged.\n";
return false;
}
-
+
if (!$new && !file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) $this->soa_dnssec_create($data);
-
+
$dbdata = $app->db->queryOneRecord('SELECT id,serial FROM dns_soa WHERE id=?', intval($data['new']['id']));
$app->system->exec_safe('cd ?; named-checkzone ? ? | egrep -ho \'[0-9]{10}\'', $dns_config['bind_zonefiles_dir'], $domain, $dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain);
$retState = $app->system->last_exec_retcode();
@@ -183,10 +222,10 @@ class bind_plugin {
$app->log('DNSSEC Error: Error in Zonefile for '.$domain, LOGLEVEL_ERR);
return false;
}
-
+
$this->soa_dnssec_sign($data);
}
-
+
function soa_dnssec_delete(&$data) {
global $app, $conf;
@@ -195,13 +234,16 @@ class bind_plugin {
//* load the server configuration options
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
-
+
$domain = substr($data['new']['origin'], 0, strlen($data['new']['origin'])-1);
-
- unlink($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+*');
+
+ $key_files = glob($dns_config['bind_zonefiles_dir'].'/K'.$domain.'.+*');
+ foreach($key_files as $file) {
+ unlink($file);
+ }
unlink($dns_config['bind_zonefiles_dir'].'/'.$this->zone_file_prefix().$domain.'.signed');
unlink($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.');
-
+
if ($app->dbmaster !== $app->db) $app->dbmaster->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
$app->db->query('UPDATE dns_soa SET dnssec_info=\'\', dnssec_initialized=\'N\' WHERE id=?', intval($data['new']['id']));
}
@@ -303,19 +345,24 @@ class bind_plugin {
unset($records_out);
unset($zone);
}
-
+
//* DNSSEC-Implementation
- if($data['old']['origin'] != $data['new']['origin']) {
+ if($data['old']['origin'] != $data['new']['origin']) {
if (@$data['old']['dnssec_initialized'] == 'Y' && strlen(@$data['old']['origin']) > 3) $this->soa_dnssec_delete($data); //delete old keys
if ($data['new']['dnssec_wanted'] == 'Y') $this->soa_dnssec_create($data);
- }
- else if ($data['new']['dnssec_wanted'] == 'Y' && $data['old']['dnssec_initialized'] == 'N') $this->soa_dnssec_create($data);
- else if ($data['new']['dnssec_wanted'] == 'N' && $data['old']['dnssec_initialized'] == 'Y') { //delete old signed file if dnssec is no longer wanted
+ } elseif($data['old']['dnssec_algo'] != $data['new']['dnssec_algo']) {
+ $app->log("DNSSEC Algorithm has changed: ".$data['new']['dnssec_algo'], LOGLEVEL_DEBUG);
+ if ($data['new']['dnssec_wanted'] == 'Y') $this->soa_dnssec_create($data);
+ } elseif ($data['new']['dnssec_wanted'] == 'Y' && $data['old']['dnssec_initialized'] == 'N') {
+ $this->soa_dnssec_create($data);
+ } elseif ($data['new']['dnssec_wanted'] == 'N' && $data['old']['dnssec_initialized'] == 'Y') { //delete old signed file if dnssec is no longer wanted
$filename = $dns_config['bind_zonefiles_dir'].'/' . $this->zone_file_prefix() . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
if(is_file($filename.'.signed')) unlink($filename.'.signed');
- } else if ($data['new']['dnssec_wanted'] == 'Y') $this->soa_dnssec_update($data);
+ } elseif ($data['new']['dnssec_wanted'] == 'Y') {
+ $this->soa_dnssec_update($data);
+ }
// END DNSSEC
-
+
//* rebuild the named.conf file if the origin has changed or when the origin is inserted.
//if($this->action == 'insert' || $data['old']['origin'] != $data['new']['origin']) {
$this->write_named_conf($data, $dns_config);
@@ -329,7 +376,7 @@ class bind_plugin {
if(is_file($filename.'.err')) unlink($filename.'.err');
if(is_file($filename.'.signed')) unlink($filename.'.signed');
}
-
+
//* Restart bind nameserver if update_acl is not empty, otherwise reload it
if($data['new']['update_acl'] != '') {
$app->services->restartServiceDelayed('bind', 'restart');
@@ -360,7 +407,7 @@ class bind_plugin {
//delete keys
$app->system->exec_safe('/usr/local/ispconfig/server/scripts/dnssec-delete.sh ?', $data['old']['origin']);
}
-
+
//* Reload bind nameserver
$app->services->restartServiceDelayed('bind', 'reload');
@@ -485,8 +532,6 @@ class bind_plugin {
$options = '';
if(trim($tmp['xfer']) != '') {
$options .= " allow-transfer {".str_replace(',', ';', $tmp['xfer']).";};\n";
- } else {
- $options .= " allow-transfer {none;};\n";
}
if(trim($tmp['also_notify']) != '') $options .= ' also-notify {'.str_replace(',', ';', $tmp['also_notify']).";};\n";
if(trim($tmp['update_acl']) != '') $options .= " allow-update {".str_replace(',', ';', $tmp['update_acl']).";};\n";
@@ -510,7 +555,7 @@ class bind_plugin {
foreach($tmps_sec as $tmp) {
// When you have more than one master, the serial number is used to determine which Master has the most current version of the zone by the
- // slaves. The slaves actually ask for the SOA record from each Master when refreshing.
+ // slaves. The slaves actually ask for the SOA record from each Master when refreshing.
$options = " masters {".str_replace(',', ';', $tmp['ns']).";};\n";
if(trim($tmp['xfer']) != '') {
$options .= " allow-transfer {".str_replace(',', ';', $tmp['xfer']).";};\n";
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 6483df4eb99555599963ae66254c8b946fa500ea..e4d59a02bbec26a0fcc9fcd25704121584e80f31 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -455,7 +455,7 @@ class nginx_plugin {
unset($tmp);
if($app->system->is_blacklisted_web_path($web_folder)) {
- $app->log('Vhost is using a blacklisted web folder: ' . $web_folder, LOGLEVEL_ERROR);
+ $app->log('Vhost ' . $subdomain_host . ' is using a blacklisted web folder: ' . $web_folder, LOGLEVEL_ERROR);
return 0;
}