Commit eed36bdd authored by tbrehm's avatar tbrehm
Browse files

Added password protection of website statistics.

parent 0239acda
......@@ -982,6 +982,7 @@ CREATE TABLE `web_domain` (
`ssl_cert` mediumtext NULL,
`ssl_bundle` mediumtext NULL,
`ssl_action` varchar(16) NULL,
`stats_password` varchar(255) default NULL,
`apache_directives` text,
`active` enum('n','y') NOT NULL default 'y',
PRIMARY KEY (`domain_id`)
......
......@@ -322,6 +322,31 @@ $form["tabs"]['ssl'] = array (
)
);
//* Statistics
$form["tabs"]['stats'] = array (
'title' => "Stats",
'width' => 100,
'template' => "templates/web_domain_stats.htm",
'readonly' => false,
'fields' => array (
##################################
# Begin Datatable fields
##################################
'stats_password' => array (
'datatype' => 'VARCHAR',
'formtype' => 'PASSWORD',
'encryption' => 'CRYPT',
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
##################################
# ENDE Datatable fields
##################################
)
);
if($_SESSION["s"]["user"]["typ"] == 'admin') {
$form["tabs"]['advanced'] = array (
......
......@@ -2,7 +2,7 @@
$wb['Database'] = 'Database';
$wb['Options'] = 'Options';
$wb['Shell User'] = 'Shell User';
$wb['Domain'] = 'Domain';
$wb['Domain'] = 'Website';
$wb['Redirect'] = 'Redirect';
$wb['SSL'] = 'SSL';
$wb['Subdomain'] = 'Subdomain';
......@@ -13,4 +13,5 @@ $wb['FTP'] = 'FTP';
$wb['Shell-User'] = 'Shell-User';
$wb['Shell'] = 'Shell';
$wb['Websites'] = 'Websites';
$wb["Stats"] = 'Statistics';
?>
\ No newline at end of file
......@@ -45,4 +45,6 @@ $wb['error_ssl_organisation_empty'] = 'SSL Organisation is empty.';
$wb['error_ssl_organisation_unit_empty'] = 'SSL Organisation Unit is empty.';
$wb['error_ssl_country_empty'] = 'SSL Country is empty.';
$wb["client_group_id_txt"] = 'Client';
$wb["stats_password_txt"] = 'Webstatistics password';
?>
<h2><tmpl_var name="list_head_txt"></h2>
<p><tmpl_var name="list_desc_txt"></p>
<div class="panel panel_web_domain">
<div class="pnl_formsarea">
<fieldset class="inlineLabels">
<div class="ctrlHolder">
<label for="redirect_path">{tmpl_var name='stats_password_txt'}</label>
<input name="stats_password" id="stats_password" value="{tmpl_var name='stats_password'}" size="30" maxlength="255" type="text" class="textInput" />
</div>
</fieldset>
<input type="hidden" name="id" value="{tmpl_var name='id'}">
<div class="buttonHolder buttons">
<button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','sites/web_domain_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
<button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('sites/web_domain_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
</div>
</div>
</div>
......@@ -670,6 +670,25 @@ class apache2_plugin {
$app->log("Removing File $vhost_file",LOGLEVEL_DEBUG);
}
//* Create .htaccess and .htpasswd file for website statistics
if(!is_file($data["new"]["document_root"].'/web/stats/.htaccess') {
$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data["new"]["document_root"]."/.htpasswd_stats\n<limit GET PUT POST>\nrequire valid-user\n</limit>";
file_put_contents($data["new"]["document_root"].'/web/stats/.htaccess',$ht_file);
chmod($data["new"]["document_root"].'/web/stats/.htaccess',0664);
unset($ht_file);
}
if(!is_file($data["new"]["document_root"].'/.htpasswd_stats') || $data["new"]["stats_password"] != $data["old"]["stats_password"]) {
if(trim($data["new"]["stats_password"]) != '') {
$htp_file = 'admin:'.trim($data["new"]["stats_password"]);
file_put_contents($data["new"]["document_root"].'/.htpasswd_stats',$htp_file);
chmod($data["new"]["document_root"].'/.htpasswd_stats',0664);
unset($htp_file);
}
}
// request a httpd reload when all records have been processed
$app->services->restartServiceDelayed('httpd','reload');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment