.editorconfig

+; top-most EditorConfig file
+root = true
+
+; Unix-style newlines
+[*]
+charset = utf-8
+end_of_line = LF
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = tab
+
+[*.{htm,html}]
+indent_style = space
+indent_size = 4

.git-scripts/syntax.sh

+#!/bin/bash
+
+IFS=$'\n'
+EX=0
+ERRS="" ;
+WARNS="" ;
+ERRCNT=0 ;
+WARNCNT=0 ;
+
+OUTCNT=0 ;
+FILECNT=0 ;
+DONECNT=0 ;
+
+CMD="find . -type f \( -name \"*.php\" -o -name \"*.lng\" \) -print" ;
+
+if [[ "$1" == "commit" ]] ; then
+	CMD="git diff-tree --no-commit-id --name-only -r ${CI_COMMIT_SHA} | grep -E '\.(php|lng)$'" ;
+fi
+
+FILECNT=$(eval "${CMD} | wc -l") ;
+
+for F in $(eval "$CMD") ; do
+	if [[ ! -e "${F}" || ! -f "${F}" ]] ; then
+		continue ;
+	fi
+	R=$(php -d error_reporting=E_ALL -d display_errors=On -l "$F" 2>/dev/null) ;
+	RET=$? ;
+	R=$(echo "${R}" | sed "/^$/d")
+	if [ $RET -gt 0 ] ; then
+		EX=1 ;
+		echo -n "E" ;
+		ERRS="${ERRS}${F}:"$'\n'"${R}"$'\n\n' ;
+		ERRCNT=$((ERRCNT + 1)) ;
+	else
+		if [[ "$R" == "Deprecated: "* ]] ; then
+			echo -n "W" ;
+			WARNS="${WARNS}${F}:"$'\n'"${R}"$'\n\n' ;
+			WARNCNT=$((WARNCNT + 1)) ;
+		else 
+			echo -n "." ;
+		fi
+	fi
+	OUTCNT=$((OUTCNT + 1)) ;
+	DONECNT=$((DONECNT + 1)) ;
+	if [ $OUTCNT -ge 40 ] ; then
+		OUTCNT=0 ;
+		echo "[${DONECNT}/${FILECNT}]" ;
+	fi
+done
+
+echo ""
+echo "--------------------------";
+echo "${DONECNT} Files done"
+echo "${ERRCNT} Errors"
+if [ $ERRCNT -gt 0 ] ; then
+	echo "${ERRS}"
+	echo ""
+fi
+
+echo "${WARNCNT} Warnings"
+if [ $WARNCNT -gt 0 ] ; then
+	echo ""
+	echo "${WARNS}"
+	echo ""
+fi
+
+exit $EX

.gitattributes

+* text=auto
+*.php text eol=lf
\ No newline at end of file

.gitignore

+.idea
+/nbproject/private/
+.phplint-cache
+
+# Vim and patch specific excludes
+*.swp
+*.orig
+*.rej
+
+# macOS-specific things to exclude
+
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+Icon?
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+# Configuration for the Nova editor
+.nova
+
+# VS Code files for those working on multiple tools
+.vscode/*
+*.code-workspace
+
+# Local History for Visual Studio Code
+.history/
+
+# Built Visual Studio Code Extensions
+*.vsix
+
+# Visual Studio code coverage results
+*.coverage
+*.coveragexml
+
+# Visual Studio IDE cache/options directory
+.vs/
+
+# do not version control generated config files
+/server/lib/mysql_clientdb.conf
+/server/lib/config.inc.php
+/server/lib/config.inc.local.php
+/interface/lib/config.inc.local.php
+/install/existing_db.sql

.gitlab-ci.yml

+# Defines stages which are to be executed
+stages:
+  - syntax
+  - syntax_diff
+  - test
+  - build
+
+#
+### Stage syntax
+#
+
+syntax:lint:
+  stage: syntax
+  image: edbizarro/gitlab-ci-pipeline-php:7.2
+  allow_failure: false
+  only:
+    - schedules
+    - web
+    - merge_requests
+    - /^\d+\.\d+\.\d+([p|b]\d+)?$/
+
+  script:
+    - echo "Syntax checking PHP files"
+    - bash ./.git-scripts/syntax.sh
+
+
+syntax_diff:lint:
+  stage: syntax
+  image: edbizarro/gitlab-ci-pipeline-php:7.2
+  allow_failure: false
+  only:
+    - web
+    - pushes
+    - branches
+
+  except:
+    - schedules
+    - web
+    - merge_requests
+    - /^\d+\.\d+\.\d+([p|b]\d+)?$/
+
+  script:
+    - echo "Syntax checking PHP files"
+    - bash ./.git-scripts/syntax.sh commit
+
+#syntax:lint:
+#  stage: syntax
+#  image: edbizarro/gitlab-ci-pipeline-php:7.2
+#  allow_failure: false
+#  only:
+#    - schedules
+#    - web
+#    - merge_requests
+#
+#  script:
+#    - composer require overtrue/phplint
+#    - echo "Syntax checking PHP files"
+#    - echo "For more information http://www.icosaedro.it/phplint/"
+#    - vendor/bin/phplint
+
+
+#test:install:
+#  stage: test
+#  image: jerob/docker-ispconfig
+#  only:
+#    - schedules
+#    - web
+#    - /^\d+\.\d+\.\d+$/
+#  
+#  script:
+#    - $CI_PROJECT_DIR/helper_scripts/test_install_docker.sh
+#    - apt-get update
+#    - apt-get --yes install curl
+#    - curl --insecure https://127.0.0.1:8080/login/
+#    - ps xaf
+#    
+#  needs: ["syntax:lint"]
+
+build:package:
+    stage: build
+    image: edbizarro/gitlab-ci-pipeline-php:7.2
+    only:
+        refs:
+            - /^\d+\.\d+\.\d+([p|b]\d+)?$/
+            - web
+
+    script:
+        - echo "Building release."
+        - if [[ "$VER" == "" ]] ; then VER="$CI_COMMIT_TAG" ; fi
+        - if [[ "$VER" == "" ]] ; then VER="3.2dev"$(date +%s) ; fi
+        - if [[ "$VER" != "" ]] ; then echo "Replacing 3.2dev by $VER" ; sed -i -r 's/3\.2dev/'${VER}'/g' install/tpl/config.inc.php.master install/sql/ispconfig3.sql ; fi
+        - RET=0
+        - tar -cpzf ISPConfig-${VER}.tar.gz --exclude "ISPConfig-${VER}.tar.gz" --exclude ".git*" --exclude ".phplint.yml" --transform 's,^\./,ispconfig3_install/,' --mode='0775' ./* || RET=$?
+        - if [[ $RET > 1 ]] ; then exit $RET ; fi
+        - echo "Listing tar contents for verification"
+        - tar -tvf ISPConfig-${VER}.tar.gz
+        - echo "Uploading file to download server"
+        - curl -u "${DEPLOY_FTP_USER}:${DEPLOY_FTP_PASSWORD}" -T ISPConfig-${VER}.tar.gz ftp://${DEPLOY_FTP_SERVER}/web/
+        - if [[ "$VER" =~ ^[0-9]+\.[0-9]+\.[0-9]+(p[0-9]+)?$ ]] ; then echo "Stable release ${VER}" ; curl -u "${DEPLOY_FTP_USER}:${DEPLOY_FTP_PASSWORD}" -T ISPConfig-${VER}.tar.gz ftp://${DEPLOY_FTP_SERVER}/web/ISPConfig-3-stable.tar.gz ; echo -n "${VER}" > ispconfig3_version.txt ; curl -u "${DEPLOY_FTP_USER}:${DEPLOY_FTP_PASSWORD}" -T ispconfig3_version.txt ftp://${DEPLOY_FTP_SERVER}/web/ ; else echo "Dev release ${VER}" ; fi
+        - rm ISPConfig-${VER}.tar.gz
+        - echo "Download url is https://download.ispconfig.org/ISPConfig-${VER}.tar.gz"
+        
+    needs: ["syntax:lint"]
+    allow_failure: false

.gitlab/issue_templates/Bug.md

+<!-- Before creating a bug report, please:
+- Read the contribution guidelines: https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop/CONTRIBUTING.md
+- Do not ask support questions here. If you are unsure if your problem is a bug, post a thread on the forum: https://www.howtoforge.com/community/#ispconfig-3.23
+- Make sure to remove any content from the description that you did not add. For example, if there are no related log entries, remove the whole "Related log entries" part.
+-->
+
+## Summary
+<!-- What is happening and what is wrong with that? -->
+
+## Steps to reproduce
+1. [First step]
+2. [Second step]
+3. [and so on...]
+
+## Correct behaviour
+<!-- What should happen instead? -->
+
+## Environment
+Server OS + version: (Debian 10/Ubuntu 20.04/CentOS 8/...) \
+ISPConfig version: (3.1.15p3/3.2.3/3.2dev/...)
+<!-- _you can use `grep 'ISPC_APP_VERSION' /usr/local/ispconfig/server/lib/config.inc.php` to get it from the command line_ -->
+Software version of the related software:
+<!-- You can use 'nginx -v' or 'apachectl -v' to find the webserver version. Use 'php -v' to find the PHP version.> Put this in code blocks, like so: -->
+```
+Output of the command
+```
+
+## Proposed fix
+optional, of course.  
+if you want to post code snippets, please use
+```  
+your code  
+```
+or attach a code file. Best is to create a merge request of course.
+
+## References
+if you know of related bugs or feature requests, please reference them by using `#<issuenumber>`, e. g. #6105
+if you have done a merge request already, please reference it by using `!<mergenumber>`, e. g. !1444 
+if you know of a forum post on howtoforge.com that deals with this topic, just add the link to the forum topic here
+
+## Screenshots
+optional, of course.  
+Add screenshots of the problem by clicking "Attach a file" on the bottom right.
+
+## Related log entries

.phplint.yml

+path: ./
+jobs: 5
+cache: .phplint-cache
+extensions:
+  - php
+  - lng
+exclude:
+  - vendor
+

CODING_NOTES.php.txt

-Some guidelines for web development with php.
------------------------------------------------------
-* Unix Line Breaks Only, NO windows breaks please.
-* Tabs set at 4 spaces either as tabs or spaces.
-* no accidental _<?php space before, within or after a file
-* every php file starts and end with <?php ?> no spaces before or after
-* error_reporting(E_ALL|E_STRICT) , yep php5
-* Magic quotes is gone in php6, get used to it now. config = magic_quotes_gpc() Everything must be quoted
-* Don't use ereg,split and other old function -> gone in php 5.4 or 6 (different information on php.net) http://www.php.net/manual/en/migration53.deprecated.php
-* Don't use shorttags. A Shorttag is <? and that is confusing with <?xml -> always <?php
-* Column names in database tables and database table names are in lowercase
-* Classes for the interface are located in interface/lib/classes/ and loaded with $app->uses() or $app->load() functions.
-* Classes for the server are located in server/lib/classes/ and loaded with $app->uses() or $app->load() functions.
-
-please mark any section that need review or work on with
-// TODO 
-* Add documentation about access levels (public, private, protected).
-* Make function / var names on the following way, first word lower, next word(s) first letter upper like. getFirstResult();
-
-Pear coding guidelines
-
-//*****************************************************************************
-// Commenting style
-//*****************************************************************************
-phpdoc is used for creating and autogenerating the documentation, this means that
-some of the comments can be formatted to be included in documentation.
-ie the source files are scanned then processed and html docs are created. 
-
-The comments break down into the following types
-// is uses for removing lines and debug dev etc
-//** and //* are used as "sub comments"
-/* 
-    is used to comment out blocks
-*/
-/** is used to create documentaion
-* thats over 
-* lines
-*/
-
-If you need to block out a section then use
-/*
-function redundant_code(){
-    something here
-}
-*/
-
-To block out single lines use // and all // are assumed to be redundant test code and NOT comments
-
-// print_r($foo);
-
-For inline comment use //** and //* eg
-
-//** Decide what do do
-switch($decide){
-    //* blow it up
-    case 'baloon':
-        $foo->gas(+1);
-        // test_pressure(); << inline comment
-        break;
-
-    //* Do default action
-    default:
-        do_land();
-        get_gps();
-        //* following grant greaceful exit
-        //basket_exit_crash();
-        basket_exit();
-
-}
-
-Do not use the phpdoc on every function, eg 
-
-/**
-* Login a user
-* @param string user  username
-* @param string password of user
-*/
->>
-function login($user, $pass){
-.......
-}
-<<
-as this function explains its self, the following clean code will suffice
->>
-function login($user, $pass){
-.......
-}
-
-If you do need to explain a function then put un the summary syntax eg
-
-/** Pass an array of values where third param is bar
-* $foo['bar'] = 1; // allow a user
-* $foo['bar'] = 2; // destroy user
-* $foo['bar'] = -1; // recreate
-*/
-public function do_something($x, $y, $foo){
-... do something interesting    
-}
-
-//*****************************************************************************
-// Where to store custom settings
-//*****************************************************************************
-
--- Interface settings
-
-The recommended place to store global interface settings is the ini style global config system 
-(see system.ini.master file in install/tpl/ to set defaults). The settings file 
-gets stored inside the ispconfig database. Settings can be accessed with the function:
-
-$app->uses('ini_parser,getconf');
-$interface_settings = $app->getconf->get_global_config('modulename');
-
-where modulename corresponds to the config section in the system.ini.master file.
-To make the settings editable under System > interface config, add the new configuration
-fields to the file interface/web/admin/form/system_config.tform.php and the corresponding
-tempalte file in the templates subfolder of the admin module.
-
--- Server settings
-
-Server settings are stored in the ini style server config system (see server.ini.master template file)
-The settings file gets stored inside the ispconfig database in the server table. Settings can be 
-accessed with the function $app->getconf->get_server_config(....)
-
-Example to access the web configuration:
-
-$app->uses('ini_parser,getconf');
-$web_config = $app->getconf->get_server_config($server_id,'web');
-
-
-//*****************************************************************************
-// Learn about the form validators
-//*****************************************************************************
-There are form validators in interface/lib/classes/tform.inc.php to make validating forms easier.
-Read about: REGEX,UNIQUE,NOTEMPTY,ISEMAIL,ISINT,ISPOSITIVE,ISIPV4,CUSTOM
-

CONTRIBUTING.md

+# Contributing to ISPConfig
+ISPConfig is a open source project and community contributions are very welcome. To contribute, please stick to the guidelines.
+
+This document is under development and will be continuously improved.
+
+Please do not refactor existing code and do not change the signature or the behaviour of central functions or libraries. Such changes may only be made by the core development team. We have had many bad experiences with such changes affecting the stability of ISPConfig, so we no longer accept submissions containing such changes. Merge requests containing such changes will be closed and not merged.
+
+# Issues
+* Before opening a new issue, use the search function to check if there isn't a bug report / feature request already.
+* If you are reporting a bug, please share your OS and PHP (CLI) version.
+* If you want to report several bugs or request several features, open a separate issue for each one of them.
+* Do note re-open issues that were closed by the core dev team unless something new and important that is not mentioned in the original issue needs to be added. Permanently re-opening issues that we commented on and closed will get your account banned. You may add comments to issues without re-opening them though.
+
+# Branches
+* If you are a new user, please send an email to: dev [at] ispconfig [dot] org to receive rights to fork the project.
+* Please create an issue for each contribution you want to make.
+* Do not put multiple contributions into a single branch and merge request. Each contribution should have it's own branch.
+* Do not use the develop branch in your forked project for your contribution. Create a separate branch for each issue.
+* Give your branch a name, e. g. `6049-update-the-contributing-doc ` where 6049 is the issue number.
+
+# Merge requests
+Please give your merge request a description that shortly states what it is about. Merge requests without a good title or with missing description will get delayed because it is more effort for us to check the meaning of the changes made.
+Once again: Do not put multiple things into a single merge request. If you for example fix two issues where one affects apache and one mail users, use separate issues and separate merge requests.
+You can group multiple issues in a single merge request if they have the same specific topic, e. g. if you have one issue stating that a language entry in mail users is missing and a second issue that a language entry for server config is missing, you can put both issues into a single branch and merge request. Be sure to include all issue ids (if multiple) into the merge request's description in this case.
+* Open a issue for the bug you want to fix / the feature you want to implement
+* After opening the issue, commit your changes to your branch
+* Note the issue # in every commit
+* Update the documentation (New devs will not have access to this. Please send a email to docs@ispconfig.org)
+* Add translations for every language
+* Use a short title
+* Write a clear description - for example, when updating the contributing guidelines with issue #6049: \
+"Update of our contributing guidelines \
+Closes #6049"
+* Please be aware that we are not able to accept merge request that do not stick to the coding guidelines. We need to insist on that to keep the code clean and maintainable.
+
+# Some guidelines for web development with php.
+-----------------------------------------------------
+* Don't use features that are not supported in PHP 5.4, for compatibility with LTS OS releases, ISPConfig must support PHP 5.4+
+* Don't use shorttags. A Shorttag is `<?` and that is confusing with `<?xml` -> always use `<?php`
+* Don't use namespaces
+* Column names in database tables and database table names are in lowercase
+* Classes for the interface are located in interface/lib/classes/ and loaded with $app->uses() or $app->load() functions.
+* Classes for the server are located in server/lib/classes/ and loaded with $app->uses() or $app->load() functions.
+
+### Indentations
+
+Indentations are always done with tabs. Do **not** use spaces.
+It is recommended to set your IDE to display tabs with a width of 4 spaces.
+
+### Variable and method / function names
+
+Methods and functions should always be written in camel-case. Variables and properties should always be lowercase instead.
+
+**Correct:**
+```php
+class MyClass {
+    private $issue_list = [];
+
+    private function getMyValue() {
+
+    }
+}
+```
+
+**Wrong:**
+```php
+class my_class {
+    private $IssueList = [];
+
+    private function get_my_value() {
+
+    }
+}
+```
+
+### Blocks
+
+#### Curly braces
+
+Opening curly braces always have to be in the same line as the preceding condition. They are separated by a single space from the closing paranthesis.
+Closing curly braces are always on a separate line after the last statement in the block. The only exception is a do-while block where the logic is inverted.
+
+Curly braces are **always** to be used. Do not leave them out, even if there is only a single statement in the corresponding block.
+
+**Correct:**
+```php
+if($variable === true) {
+
+}
+
+while($condition) {
+
+}
+
+do {
+
+} while($condition);
+```
+
+**Wrong:**
+```php
+if($variable === true){
+
+}
+
+if($variable === true)
+{
+
+}
+
+if($variable === true)
+   $x = 'no braces';
+
+while($condition) { }
+```
+
+#### Short style
+
+The short style of conditional assignments is allowed to be used, but it must not affect readability, e. g. they shall not be nested.
+
+**Allowed:**
+```php
+$a = 0;
+if($condition === true) {
+    $a = 1;
+}
+
+$a = ($condition === true ? 1 : 0);
+```
+
+**Disallowed:**
+```php
+$x = ($condition === true ? ($further == 'foo' ? true : false) : true);
+```
+
+
+#### Spaces and paranthesis
+
+The rules for using spaces are:
+- no space after `if`/`while` etc. and the following opening paranthesis
+- single space after closing paranthesis and before opening curly brace
+- no spaces at the end of a line
+- no spaces after opening paranthesis and before closing paranthesis
+- single space before and after comparators
+
+**Correct:**
+```php
+if($variable === $condition) {
+
+}
+
+while(($condition !== false || $condition2 === true) && $n <= 15) {
+    $n++;
+}
+```
+
+**Wrong:**
+```php
+if ($variable===$condition) {
+
+}
+
+while(($condition!==false||$condition2===true))&&$n<=15){
+
+}
+```
+
+#### Newlines inside of conditions
+
+Breaking up conditions into separate lines can be done if it positively affects readability.
+
+```php
+if($condition === true && ($state === 'completed' || $state === 'pending') && ($processed_by !== null || $process_time < time())) {
+
+}
+```
+can also be written as
+```php
+if($condition === true
+    && ($state === 'completed' || $state === 'pending')
+    && ($processed_by !== null || $process_time < time())
+    ) {
+
+}
+```
+This must not be abused, e. g. the following is not allowed:
+
+```php
+if($a == 1
+    || $b == 2) {
+
+    }
+```
+
+### Arrays
+
+#### Short syntax
+
+Please **do** use short array syntax. We have deprecated the old-style array syntax.
+
+**Correct**:
+```php
+$var = [];
+
+$var2 = [
+    'conf' => [
+        'setting1' => 'value1'
+    ]
+];
+```
+
+**Wrong:**
+```php
+$var = array();
+
+$var2 = array(
+    'conf' => array(
+        'setting1' => 'value1'
+    )
+);
+```
+
+#### Spaces and newlines
+
+When defining an empty array, both brackets shall be on the same line. When defining an array with values, the style depends on the values you are going to assign.
+
+##### List of values
+
+When defining an array with a list of values, e. g. numbers or names, they should be on the same line as the brackets without using new lines, as long as the line does not exceed a total number of characters of about 90. After each comma there has to be a single space.
+
+##### Nested array
+
+When defining a nested array onle the opening bracket is to be on the same line. The closing bracket has to be on a separate line indented by `tabs * level of array`.
+
+##### Examples
+
+```php
+// empty array
+$a = [];
+
+// array with list of values
+$array = [4, 3, 76, 12];
+
+// array with long list of values
+$array = [
+    'This is one entry', 'This is a second one', 'Another one', 'Further entries', 'foo', 'bar', 34, 42, $variable, // newline here for better readability
+    'Next entry', 'the last entry'
+];
+
+// nested array
+$array = [
+    'conf' => [
+        'level' => 1,
+        'settings' => [
+            'window' => 'open',
+            'door' => 'closed
+        ]
+    ]
+];
+```
+
+**Not-to-dos:**
+```php
+$array=[
+];
+
+$array = [
+    1,
+    4,
+    35,
+    23,
+    345,
+    11,
+    221,
+    'further',
+    '...'
+];
+
+$array=['conf'=>['settings'=>['window' => 'open', 'door' => 'closed]]];
+```
+
+### Strings 
+
+Whenever possible use single quotes `'` instead of double qoutes `"`. Try not to embedd variables in string. Concatenate them instead.
+
+**Correct:**
+```php
+// simple text
+$var = 'This is a text';
+
+// array index
+$array['index'] = 'value';
+
+// text with variables
+$var = 'This is a text with ' . $value . ' values inside and at the end: ' . $sum_value;
+
+// dynamic array index
+$idx = 'index' . $key;
+$value = $array[$idx];
+```
+
+**Wrong:**
+```php
+// simple text
+$var = "This is a text";
+
+// array index
+$array["index"] = 'value';
+
+// text with variables
+$var = "This is a text with $value values inside and at the end: {$sum_value}";
+
+// dynamic array index
+$value = $array['index' . $key];
+$value = $array["index{$key}"];
+```
+
+# Where to store custom settings
+## Interface settings
+The recommended place to store global interface settings is the ini style global config system 
+(see system.ini.master file in install/tpl/ to set defaults). The settings file 
+gets stored inside the ispconfig database. Settings can be accessed with the function:
+
+```
+$app->uses('ini_parser,getconf');
+$interface_settings = $app->getconf->get_global_config('modulename');
+```
+
+where modulename corresponds to the config section in the system.ini.master file.
+To make the settings editable under System > interface config, add the new configuration
+fields to the file interface/web/admin/form/system_config.tform.php and the corresponding
+tempalte file in the templates subfolder of the admin module.
+
+## Server settings
+Server settings are stored in the ini style server config system (see server.ini.master template file)
+The settings file gets stored inside the ispconfig database in the server table. Settings can be 
+accessed with the function $app->getconf->get_server_config(....)
+
+Example to access the web configuration:
+
+```
+$app->uses('ini_parser,getconf');
+$web_config = $app->getconf->get_server_config($server_id,'web');
+```
+
+# Learn about the form validators
+There are form validators in interface/lib/classes/tform.inc.php to make validating forms easier.
+Read about: REGEX,UNIQUE,NOTEMPTY,ISEMAIL,ISINT,ISPOSITIVE,ISIPV4,ISIPV6,ISIP,CUSTOM

LICENSE

+Copyright (c) 2007-2020, Till Brehm, ISPConfig UG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

+# ISPConfig - Hosting Control Panel
+![ISPConfig logo](https://www.ispconfig.org/wp-content/themes/ispconfig/images/ispconfig_logo.png "") \
+Development branch: [![pipeline status](https://git.ispconfig.org/ispconfig/ispconfig3/badges/develop/pipeline.svg)](https://git.ispconfig.org/ispconfig/ispconfig3/commits/develop)
+
+## Functions
+- Manage multiple servers from one control panel
+- Single server, multiserver and mirrored clusters.
+- Webserver management
+- Mailserver management
+- DNS server management
+- Virtualization (OpenVZ)
+- Administrator, reseller, client and mailuser login
+- Open Source software ([BSD license](LICENSE))
+
+## Supported daemons
+- HTTP: Apache2 and NGINX
+- HTTP stats: Webalizer, GoAccess and AWStats
+- Let's Encrypt: Acme.sh and certbot
+- SMTP: Postfix
+- POP3/IMAP: Dovecot
+- Spamfilter: Rspamd and Amavis
+- FTP: PureFTPD
+- DNS: BIND9 and PowerDNS[^1]
+- Database: MariaDB and MySQL
+
+[^1]: not actively tested
+
+## Supported operating systems
+- Debian 9 - 12, and testing
+- Ubuntu 16.04 - 22.04
+- CentOS 7 and 8
+
+## Auto-install script
+You can install the "Perfect Server" with ISPConfig using [our official autoinstaller](https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/)
+
+## Migration tool
+The Migration Tool helps you to import data from other control panels (currently ISPConfig 2 and 3 – 3.2, Plesk 10 – 12.5, Plesk Onyx, CPanel[^2] and Confixx 3). For more information, see https://www.ispconfig.org/add-ons/ispconfig-migration-tool/
+
+[^2]: The Migration Toolkit now contains beta support for migrating CPanel to ISPConfig.
+
+## Documentation
+You can support ISPConfig development by buying the manual: https://www.ispconfig.org/documentation/
+
+## Contributing
+If you like to contribute to the ISPConfig development, please read the contributing guidelines: [CONTRIBUTING.MD](CONTRIBUTING.md)
+

TODO.txt

+Please see our GitLab issues for feature requests and bug reports.
 
----------------------------------------
-- ISPConfig 3 ToDo list
----------------------------------------
-
-Please feel free to edit this file, add new tasks,
-remove done tasks or assign yourself to a task.
-
-Form Validators
---------------------------------------
-
-Installer
---------------------------------------
-
-- Add a function to let a server join a existing installation.
-
-
-Server
---------------------------------------
-
-
-Mail module
---------------------------------------
-
-- Show mail statistics in the interface. The mail statistics are stored
-  in the database table mail_traffic and are collected by the file
-  server/cron_daily.php
--- For Courier this works but not Dovecot. Maybe the intention needs
-	reviewed as some clients think this should be the number of emails
-	and not the size of the emails.  (I agree that size is important)
-		lathama
-
-Administration module
---------------------------------------
-
-
-- Firewall Solution -- Andrew lathama Latham lathama@gmail.com
-	* Monitor existing IPTABLES rules is done and in the monitor page.
-	* Add IPTABLES rules
-		semi-functional and in development also functional in multiserver
-	* Delete IPTABLES rules
-		semi-functional and in development also functional in multiserver
-	* Merge IPTABLES rules made from the CLI with those made from ISPConfig3
-		Interesting topic about merging control with with the GUI and the CLI
-		interface for a systems adminitstrator who might add a rule during an
-		attack or for trouble shooting and forget to remove it.
-	* Fail2Ban
-		Add configuration for fail2ban on certian systems.  Imagine an admin
-		wishes to use fail2ban on one service but not others. Rare but an issue
-		when a large number of clients use a single NAT for all users and failed
-		logins and traffic looks like an attack.  Maybe a whitelist configuration
-		as an optional setting.
-	* Remoting
-		Enable remoting hooks for updating IPTABLES
-	* Service Checks
-		Adding saftey checks to make sure that the admin does not lock his/herself
-		out of the system by accident.  We all make mistakes.
-
--- Note: I'd love a pure iptables firewall as well. I've made such a script for
-   my work, which uses a simple config file to open/close ports and support for 
-   ip exclusions. I think we could use it as a base to start with, it's up on the dev forum
-   url: http://www.howtoforge.com/forums/showthread.php?p=261311 (Mark_NL)
-
-Clients module
---------------------------------------
-
-
-Sites (web) module
---------------------------------------
-
-
-BE-Designer module
---------------------------------------
-
-WARNING: Please do not use the BE Designer at the moment, the serializing
- function of the module editor may break some of the existing modules.
-
-
-Remoting framework
---------------------------------------
-- Add more connections to other data.  Remoting hooks for FS and Email Quota
-
-Interface
---------------------------------------
-- Enhance the paging in lists (e.g. like this: [1 2 3 4 ... 10])
-
-General tasks
---------------------------------------
-
-- Add, extend or modify comments in PEAR syntax so that they can be read with
-  phpdocumentor.
-
-- Doxygen might be a good idea (phpdocumentor looks nice but no active development)
--- http://drupal.org/node/1354 may have some good ideas.
--- http://engineeredweb.com/blog/10/9/4-reasons-consider-doxygen-over-phpdocumentor
+https://git.ispconfig.org/ispconfig/ispconfig3/issues

docs/INSTALL.txt

 
 The installation instructions for ISPConfig can be found here:
 
-http://www.ispconfig.org/page/en/documentation.html
+https://www.ispconfig.org/page/en/documentation.html
 
 

docs/Remote_API_docs.txt

 
 
-The remote API documentation is in the remote_client/API-docs subfolder.
\ No newline at end of file
+The remote API documentation is in the remoting_client/API-docs subfolder.

docs/autoinstall_samples/autoinstall.conf_sample.php

-<?php
-$autoinstall['language'] = 'en'; // de, en (default)
-$autoinstall['install_mode'] = 'standard'; // standard (default), expert
-
-$autoinstall['hostname'] = 'server1.example.com'; // default
-$autoinstall['mysql_hostname'] = 'localhost'; // default: localhost
-$autoinstall['mysql_root_user'] = 'root'; // default: root
-$autoinstall['mysql_root_password'] = 'howtoforge';
-$autoinstall['mysql_database'] = 'dbispconfig'; // default: dbispcongig
-$autoinstall['mysql_charset'] = 'utf8'; // default: utf8
-$autoinstall['http_server'] = 'nginx'; // apache (default), nginx
-$autoinstall['ispconfig_port'] = '8080'; // default: 8080
-$autoinstall['ispconfig_use_ssl'] = 'y'; // y (default), n
-
-/* SSL Settings */
-$autoinstall['ssl_cert_country'] = 'AU';
-$autoinstall['ssl_cert_state'] = 'Some-State';
-$autoinstall['ssl_cert_locality'] = 'Chicago';
-$autoinstall['ssl_cert_organisation'] = 'Internet Widgits Pty Ltd';
-$autoinstall['ssl_cert_organisation_unit'] = 'IT department';
-$autoinstall['ssl_cert_common_name'] = $autoinstall['hostname'];
-
-/* optional expert mode settings, needed only for expert mode */
-$autoinstall['mysql_ispconfig_user'] = 'ispconfig'; // default: ispconfig
-$autoinstall['mysql_ispconfig_password'] = md5(uniqid(rand()));
-$autoinstall['join_multiserver_setup'] = 'n'; // y, n (default)
-$autoinstall['mysql_master_hostname'] = 'master.example.com';
-$autoinstall['mysql_master_root_user'] = 'root';
-$autoinstall['mysql_master_root_password'] = 'howtoforge';
-$autoinstall['mysql_master_database'] = 'dbispconfig'; // default: dbispconfig
-$autoinstall['configure_mail'] = 'y'; // y (default), n
-$autoinstall['configure_jailkit'] = 'y'; // y (default), n
-$autoinstall['configure_ftp'] = 'y'; // y (default), n
-$autoinstall['configure_dns'] = 'y'; // y (default), n
-$autoinstall['configure_apache'] = 'y'; // y (default), n
-$autoinstall['configure_nginx'] = 'y'; // y (default), n
-$autoinstall['configure_firewall'] = 'y'; // y (default), n
-$autoinstall['install_ispconfig_web_interface'] = 'y'; // y (default), n
-
-/* optional update settings, needed only for updates */
-$autoupdate['do_backup'] = 'yes'; // yes (default), no
-$autoupdate['mysql_root_password'] = 'howtoforge';
-$autoupdate['mysql_master_hostname'] = 'master.example.com';
-$autoupdate['mysql_master_root_user'] = 'root';
-$autoupdate['mysql_master_root_password'] = 'howtoforge';
-$autoupdate['mysql_master_database'] = 'dbispconfig'; // default: dbispconfig
-$autoupdate['reconfigure_permissions_in_master_database'] = 'no'; // no (default), yes
-$autoupdate['reconfigure_services'] = 'yes'; // yes (default), no
-$autoupdate['ispconfig_port'] = '8080'; // default: 8080
-$autoupdate['create_new_ispconfig_ssl_cert'] = 'no'; // no (default), yes
-$autoupdate['reconfigure_crontab'] = 'yes'; // yes (default), no
-?>
\ No newline at end of file
+<?php
+$autoinstall['language'] = 'en'; // de, en (default)
+$autoinstall['install_mode'] = 'standard'; // standard (default), expert
+
+$autoinstall['hostname'] = 'server1.example.com'; // default
+$autoinstall['mysql_hostname'] = 'localhost'; // default: localhost
+$autoinstall['mysql_port'] = '3306'; // default: 3306
+$autoinstall['mysql_root_user'] = 'root'; // default: root
+$autoinstall['mysql_root_password'] = 'howtoforge';
+$autoinstall['mysql_database'] = 'dbispconfig'; // default: dbispcongig
+$autoinstall['mysql_charset'] = 'utf8'; // default: utf8
+$autoinstall['http_server'] = 'nginx'; // apache (default), nginx
+$autoinstall['ispconfig_port'] = '8080'; // default: 8080
+$autoinstall['ispconfig_use_ssl'] = 'y'; // y (default), n
+$autoinstall['ispconfig_admin_password'] = 'admin'; // default: admin
+$autoinstall['create_ssl_server_certs'] = 'y';
+$autoinstall['ignore_hostname_dns'] = 'n';
+$autoinstall['ispconfig_postfix_ssl_symlink'] = 'y';
+$autoinstall['ispconfig_pureftpd_ssl_symlink'] = 'y';
+
+/* SSL Settings */
+$autoinstall['ssl_cert_country'] = 'AU';
+$autoinstall['ssl_cert_state'] = 'Some-State';
+$autoinstall['ssl_cert_locality'] = 'Chicago';
+$autoinstall['ssl_cert_organisation'] = 'Internet Widgits Pty Ltd';
+$autoinstall['ssl_cert_organisation_unit'] = 'IT department';
+$autoinstall['ssl_cert_common_name'] = $autoinstall['hostname'];
+$autoinstall['ssl_cert_email'] = 'hostmaster@'.$autoinstall['hostname'];
+
+/* optional expert mode settings, needed only for expert mode */
+$autoinstall['mysql_ispconfig_user'] = 'ispconfig'; // default: ispconfig
+$autoinstall['mysql_ispconfig_password'] = bin2hex(random_bytes(20));
+$autoinstall['join_multiserver_setup'] = 'n'; // y, n (default)
+$autoinstall['mysql_master_hostname'] = 'master.example.com';
+$autoinstall['mysql_master_root_user'] = 'root';
+$autoinstall['mysql_master_root_password'] = 'howtoforge';
+$autoinstall['mysql_master_database'] = 'dbispconfig'; // default: dbispconfig
+$autoinstall['configure_mail'] = 'y'; // y (default), n
+$autoinstall['configure_jailkit'] = 'y'; // y (default), n
+$autoinstall['configure_ftp'] = 'y'; // y (default), n
+$autoinstall['configure_dns'] = 'y'; // y (default), n
+$autoinstall['configure_apache'] = 'y'; // y (default), n
+$autoinstall['configure_nginx'] = 'y'; // y (default), n
+$autoinstall['configure_firewall'] = 'y'; // y (default), n
+$autoinstall['install_ispconfig_web_interface'] = 'y'; // y (default), n
+
+/* optional update settings, needed only for updates */
+$autoupdate['do_backup'] = 'yes'; // yes (default), no
+$autoupdate['mysql_root_password'] = 'howtoforge';
+$autoupdate['mysql_master_hostname'] = 'master.example.com';
+$autoupdate['mysql_master_root_user'] = 'root';
+$autoupdate['mysql_master_root_password'] = 'howtoforge';
+$autoupdate['mysql_master_database'] = 'dbispconfig'; // default: dbispconfig
+$autoupdate['reconfigure_permissions_in_master_database'] = 'no'; // no (default), yes
+$autoupdate['reconfigure_services'] = 'yes'; // yes (default), no
+$autoupdate['ispconfig_port'] = '8080'; // default: 8080
+$autoupdate['create_new_ispconfig_ssl_cert'] = 'no'; // no (default), yes
+$autoupdate['reconfigure_crontab'] = 'yes'; // yes (default), no
+$autoupdate['create_ssl_server_certs'] = 'y';
+$autoupdate['ignore_hostname_dns'] = 'n';
+$autoupdate['ispconfig_postfix_ssl_symlink'] = 'y';
+$autoupdate['ispconfig_pureftpd_ssl_symlink'] = 'y';
+
+/* These are for service-detection (defaulting to old behaviour where all changes were automatically accepted) */
+$autoupdate['svc_detect_change_mail_server'] = 'yes'; // yes (default), no
+$autoupdate['svc_detect_change_web_server'] = 'yes'; // yes (default), no
+$autoupdate['svc_detect_change_dns_server'] = 'yes'; // yes (default), no
+$autoupdate['svc_detect_change_xmpp_server'] = 'yes'; // yes (default), no
+$autoupdate['svc_detect_change_firewall_server'] = 'yes'; // yes (default), no
+$autoupdate['svc_detect_change_vserver_server'] = 'yes'; // yes (default), no
+$autoupdate['svc_detect_change_db_server'] = 'yes'; // yes (default), no
+
+?>

docs/autoinstall_samples/autoinstall.ini.sample

-[install]
-language=en
-install_mode=standard
-hostname=server1.example.com
-mysql_hostname=localhost
-mysql_root_user=root
-mysql_root_password=ispconfig
-mysql_database=dbispconfig
-mysql_charset=utf8
-http_server=apache
-ispconfig_port=8080
-ispconfig_use_ssl=y
-
-[ssl_cert]
-ssl_cert_country=AU
-ssl_cert_state=Some-State
-ssl_cert_locality=Chicago
-ssl_cert_organisation=Internet Widgits Pty Ltd
-ssl_cert_organisation_unit=IT department
-ssl_cert_common_name=server1.example.com
-
-[expert]
-mysql_ispconfig_user=ispconfig
-mysql_ispconfig_password=afStEratXBsgatRtsa42CadwhQ
-join_multiserver_setup=n
-mysql_master_hostname=master.example.com
-mysql_master_root_user=root
-mysql_master_root_password=ispconfig
-mysql_master_database=dbispconfig
-configure_mail=y
-configure_jailkit=y
-configure_ftp=y
-configure_dns=y
-configure_apache=y
-configure_nginx=y
-configure_firewall=y
-install_ispconfig_web_interface=y
-
-[update]
-do_backup=yes
-mysql_root_password=ispconfig
-mysql_master_hostname=master.example.com
-mysql_master_root_user=root
-mysql_master_root_password=ispconfig
-mysql_master_database=dbispconfig
-reconfigure_permissions_in_master_database=no
-reconfigure_services=yes
-ispconfig_port=8080
-create_new_ispconfig_ssl_cert=no
-reconfigure_crontab=yes
\ No newline at end of file
+[install]
+language=en
+install_mode=standard
+hostname=server1.example.com
+mysql_hostname=localhost
+mysql_port=3306
+mysql_root_user=root
+mysql_root_password=ispconfig
+mysql_database=dbispconfig
+mysql_charset=utf8
+http_server=apache
+ispconfig_port=8080
+ispconfig_use_ssl=y
+ispconfig_admin_password=admin
+create_ssl_server_certs=y
+ignore_hostname_dns=n
+ispconfig_postfix_ssl_symlink=y
+ispconfig_pureftpd_ssl_symlink=y
+
+[ssl_cert]
+ssl_cert_country=AU
+ssl_cert_state=Some-State
+ssl_cert_locality=Chicago
+ssl_cert_organisation=Internet Widgits Pty Ltd
+ssl_cert_organisation_unit=IT department
+ssl_cert_common_name=server1.example.com
+ssl_cert_email=hostmaster@example.com
+
+[expert]
+mysql_ispconfig_user=ispconfig
+mysql_ispconfig_password=afStEratXBsgatRtsa42CadwhQ
+join_multiserver_setup=n
+mysql_master_hostname=master.example.com
+mysql_master_root_user=root
+mysql_master_root_password=ispconfig
+mysql_master_database=dbispconfig
+configure_mail=y
+configure_jailkit=y
+configure_ftp=y
+configure_dns=y
+configure_apache=y
+configure_nginx=y
+configure_firewall=y
+install_ispconfig_web_interface=y
+
+[update]
+do_backup=yes
+mysql_root_password=ispconfig
+mysql_master_hostname=master.example.com
+mysql_master_root_user=root
+mysql_master_root_password=ispconfig
+mysql_master_database=dbispconfig
+reconfigure_permissions_in_master_database=no
+reconfigure_services=yes
+ispconfig_port=8080
+create_new_ispconfig_ssl_cert=no
+reconfigure_crontab=yes
+create_ssl_server_certs=y
+ignore_hostname_dns=n
+ispconfig_postfix_ssl_symlink=y
+ispconfig_pureftpd_ssl_symlink=y
+
+; These are for service-detection (defaulting to old behaviour where all changes were automatically accepted)
+svc_detect_change_mail_server=yes
+svc_detect_change_web_server=yes
+svc_detect_change_dns_server=yes
+svc_detect_change_xmpp_server=yes
+svc_detect_change_firewall_server=yes
+svc_detect_change_vserver_server=yes
+svc_detect_change_db_server=yes

docs/examples/blacklist_helo.master

+# blacklist_helo - after permit_sasl, used to stop common spammers/misconfigurations
+#
+# This file can be used to block hostnames used in smtp HELO command which are known bad.
+# Occasionally you will run into legitimate mail servers which are misconfigured and end
+# up blocked here, so this is not enabled by default, but it is useful if you are prepared
+# to address those cases.  .local is particularly problematic, and commented out by default.
+#
+# Note that any server hitting this check is misconfigured, all of the names below are bogus
+# and not allowed per RFC 2821.
+#
+# If your own users are blocked by this, they are not authenticating to your server when
+# sending (this check is after permit_sasl, which permits authenticated senders).
+#
+# Instructions:
+#
+# Copy this file to /usr/local/ispconfig/server/conf-custom/install/blacklist_helo.master,
+# as well as /etc/postfix/blacklist_helo, so your changes are not overwritten with ispconfig
+# updates.
+
+# probably just put REJECT lines in here,
+# as OK lines will bypass a lot of other checks you may want done
+# (use DUNNO instead of OK)
+#
+
+# common for spammers (check https://data.iana.org/TLD/tlds-alpha-by-domain.txt and remove valid tld's occasionally)
+/.*\.administrator$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.admin$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.adsl$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.arpa$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.bac$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.coma$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.dhcp$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.dlink$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.dns$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.domain$/   REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.dynamic$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.dyndns\.org$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.dyn$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.firewall$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.gateway$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.home$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.internal$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.intern$/   REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.janak$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.kornet$/   REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.lab$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.lan$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.localdomain$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.localhost$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+
+# .local is used by spammers a lot, but too many otherwise legit servers hit it
+# (instead of REJECT, should send to greylisting)
+#/.*\.local$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+
+/.*\.loc$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.lokal$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.mail$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.nat$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.netzwerk$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.pc$/   REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.privat$/   REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.private$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.router$/   REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.setup$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+
+/.*\.119$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.beeline$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.cici$/ REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.gt_3g$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.gt-3g$/    REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.hananet$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.skbroadband$/  REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+/.*\.tbroad$/   REJECT HELO hostname is using a top level domain that does not exist.  See RFC 2821 section 3.6.
+

server/plugins-available/bind_dlz_plugin.inc.php → docs/old_server_plugins/bind_dlz_plugin.inc.php

@@ -34,7 +34,7 @@ TABLE STRUCTURE of the "named" database:
 CREATE TABLE IF NOT EXISTS `records` (
   `id` int(10) unsigned NOT NULL auto_increment,
   `zone` varchar(255) NOT NULL,
-  `ttl` int(11) NOT NULL default '86400',
+  `ttl` int(11) NOT NULL default '3600',
   `type` varchar(255) NOT NULL,
   `host` varchar(255) NOT NULL default '@',
   `mx_priority` int(11) default NULL,
@@ -121,7 +121,7 @@ class bind_dlz_plugin {
 
 		$origin = substr($data["new"]["origin"], 0, -1);
 		$ispconfig_id = $data["new"]["id"];
-		$serial = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ".$ispconfig_id);
+		$serial = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $ispconfig_id);
 
 		$ttl = $data["new"]["ttl"];
 
@@ -129,8 +129,7 @@ class bind_dlz_plugin {
 		//$_db->dbName = 'named';
 
 		$app->db->query("INSERT INTO named.records (zone, ttl, type, primary_ns, resp_contact, serial, refresh, retry, expire, minimum, ispconfig_id) VALUES ".
-			"('$origin', $ttl, 'SOA', '{$data["new"]["ns"]}', '{$data["new"]["mbox"]}', '{$serial["serial"]}', '{$serial["refresh"]}'," .
-			"'{$serial["retry"]}', '{$serial["expire"]}', '{$serial["minimum"]}', $ispconfig_id)");
+			"(?, ?, 'SOA', ?, ?, ?, ?, ?, ?, ?, ?)", $origin, $ttl, $data["new"]["ns"], $data["new"]["mbox"], $serial["serial"], $serial["refresh"], $serial["retry"], $serial["expire"], $serial["minimum"], $ispconfig_id);
 		//unset($_db);
 	}
 
@@ -149,16 +148,14 @@ class bind_dlz_plugin {
 			{
 				$origin = substr($data["new"]["origin"], 0, -1);
 				$ispconfig_id = $data["new"]["id"];
-				$serial = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ".$ispconfig_id);
+				$serial = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $ispconfig_id);
 
 				$ttl = $data["new"]["ttl"];
 
 				//$_db = clone $app->db;
 				//$_db->dbName = 'named';
 
-				$app->db->query("UPDATE named.records SET zone = '$origin', ttl = $ttl, primary_ns = '{$data["new"]["ns"]}', resp_contact = '{$data["new"]["mbox"]}', ".
-					"serial = '{$serial["serial"]}', refresh = '{$serial["refresh"]}', retry = '{$serial["retry"]}', expire = '{$serial["expire"]}', ".
-					"minimum = '{$serial["minimum"]}' WHERE ispconfig_id = ".$data["new"]["id"]." AND type = 'SOA'");
+				$app->db->query("UPDATE named.records SET zone = ?, ttl = ?, primary_ns = ?, resp_contact = ?, serial = ?, refresh = ?, retry = ?, expire = ?, minimum = ? WHERE ispconfig_id = ? AND type = 'SOA'", $origin, $ttl, $data["new"]["ns"], $data["new"]["mbox"], $serial["serial"], $serial["refresh"], $serial["retry"], $serial["expire"], $serial["minimum"], $data["new"]["id"]);
 				//unset($_db);
 			}
 			else
@@ -166,7 +163,7 @@ class bind_dlz_plugin {
 				$this->soa_insert($event_name, $data);
 				$ispconfig_id = $data["new"]["id"];
 
-				if ($records = $app->db->queryAllRecords("SELECT * FROM dns_rr WHERE zone = $ispconfig_id AND active = 'Y'"))
+				if ($records = $app->db->queryAllRecords("SELECT * FROM dns_rr WHERE zone = ? AND active = 'Y'", $ispconfig_id))
 				{
 					foreach($records as $record)
 					{
@@ -188,7 +185,7 @@ class bind_dlz_plugin {
 		//$_db = clone $app->db;
 		//$_db->dbName = 'named';
 
-		$app->db->query("DELETE FROM named.records WHERE ispconfig_id = {$data["old"]["id"]}");
+		$app->db->query( "DELETE FROM named.dns_records WHERE zone = ?", substr($data['old']['origin'], 0, -1));
 		//unset($_db);
 	}
 
@@ -197,7 +194,7 @@ class bind_dlz_plugin {
 		global $app, $conf;
 		if($data["new"]["active"] != 'Y') return;
 
-		$zone = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ".$data["new"]["zone"]);
+		$zone = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $data["new"]["zone"]);
 		$origin = substr($zone["origin"], 0, -1);
 		$ispconfig_id = $data["new"]["id"];
 
@@ -251,10 +248,13 @@ class bind_dlz_plugin {
 
 		if ($type == 'MX') {
 			$app->db->query("INSERT INTO named.records (zone, ttl, type, host, mx_priority, data, ispconfig_id)".
-				" VALUES ('$origin', $ttl, '$type', '$name', {$data["new"]["aux"]}, '$content', $ispconfig_id)");
+				" VALUES (?, ?, ?, ?, ?, ?, ?)", $origin, $ttl, $type, $name, $data["new"]["aux"], $content, $ispconfig_id);
+		} elseif ($type == 'SRV') {
+			$app->db->query("INSERT INTO named.records (zone, ttl, type, data, ispconfig_id)".
+				" VALUES (?, ?, ?, ?, ?)", $origin, $ttl, $type, $data["new"]["aux"] . ' ' . $content, $ispconfig_id);
 		} else {
 			$app->db->query("INSERT INTO named.records (zone, ttl, type, host, data, ispconfig_id)".
-				" VALUES ('$origin', $ttl, '$type', '$name', '$content', $ispconfig_id)");
+				" VALUES (?, ?, ?, ?, ?, ?)", $origin, $ttl, $type, $name, $content, $ispconfig_id);
 		}
 
 		//unset($_db);
@@ -273,7 +273,7 @@ class bind_dlz_plugin {
 		{
 			if ($data["old"]["active"] == 'Y')
 			{
-				$zone = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ".$data["new"]["zone"]);
+				$zone = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ?", $data["new"]["zone"]);
 				$origin = substr($zone["origin"], 0, -1);
 				$ispconfig_id = $data["new"]["id"];
 
@@ -325,11 +325,11 @@ class bind_dlz_plugin {
 				//$_db->dbName = 'named';
 
 				if ($type == 'MX') {
-					$app->db->query("UPDATE named.records SET zone = '$origin', ttl = $ttl, type = '$type', host = '$name', mx_priority = $prio, ".
-						"data = '$content' WHERE ispconfig_id = $ispconfig_id AND type != 'SOA'");
+					$app->db->query("UPDATE named.records SET zone = ?, ttl = ?, type = ?, host = ?, mx_priority = ?, data = ? WHERE ispconfig_id = ? AND type != 'SOA'", $origin, $ttl, $type, $name, $prio, $content, $ispconfig_id);
+				} elseif ($type == 'SRV') {
+					$app->db->query("UPDATE named.records SET zone = ?, ttl = ?, type = ?, data = ? WHERE ispconfig_id = ? AND type != 'SOA'", $origin, $ttl, $type, $prio . ' ' . $content, $ispconfig_id);
 				} else {
-					$app->db->query("UPDATE named.records SET zone = '$origin', ttl = $ttl, type = '$type', host = '$name', ".
-						"data = '$content' WHERE ispconfig_id = $ispconfig_id AND type != 'SOA'");
+					$app->db->query("UPDATE named.records SET zone = ?, ttl = ?, type = ?, host = ?, data = ? WHERE ispconfig_id = ? AND type != 'SOA'", $origin, $ttl, $type, $name, $content, $ispconfig_id);
 				}
 
 				//unset($_db);
@@ -345,7 +345,7 @@ class bind_dlz_plugin {
 		//$_db = clone $app->db;
 		//$_db->dbName = 'named';
 
-		$app->db->query("DELETE FROM named.records WHERE ispconfig_id = {$data["old"]["id"]} AND type != 'SOA'");
+		$app->db->query( "DELETE FROM named.dns_records WHERE type != 'SOA' AND zone = ?", substr($data['old']['origin'], 0, -1));
 		//unset($_db);
 	}
 

server/plugins-available/nginx_reverseproxy_plugin.inc.php → docs/old_server_plugins/nginx_reverseproxy_plugin.inc.php

@@ -63,14 +63,14 @@ class nginx_reverseproxy_plugin {
 
 		if($this->action != 'insert') $this->action = 'update';
 
-		if($data['new']['type'] != 'vhost' && $data['new']['type'] != 'vhostsubdomain' && $data['new']['parent_domain_id'] > 0) {
+		if($data['new']['type'] != 'vhost' && $data['new']['type'] != 'vhostsubdomain' && $data['new']['type'] != 'vhostalias' && $data['new']['parent_domain_id'] > 0) {
 
 			$old_parent_domain_id = intval($data['old']['parent_domain_id']);
 			$new_parent_domain_id = intval($data['new']['parent_domain_id']);
 
 			// If the parent_domain_id has been chenged, we will have to update the old site as well.
 			if($this->action == 'update' && $data['new']['parent_domain_id'] != $data['old']['parent_domain_id']) {
-				$tmp = $app->dbmaster->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$old_parent_domain_id." AND active = 'y'");
+				$tmp = $app->dbmaster->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ? AND active = 'y'", $old_parent_domain_id);
 				$data['new'] = $tmp;
 				$data['old'] = $tmp;
 				$this->action = 'update';
@@ -78,7 +78,7 @@ class nginx_reverseproxy_plugin {
 			}
 
 			// This is not a vhost, so we need to update the parent record instead.
-			$tmp = $app->dbmaster->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$new_parent_domain_id." AND active = 'y'");
+			$tmp = $app->dbmaster->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ? AND active = 'y'", $new_parent_domain_id);
 			$data['new'] = $tmp;
 			$data['old'] = $tmp;
 			$this->action = 'update';
@@ -111,7 +111,9 @@ class nginx_reverseproxy_plugin {
 		$crt_file = $ssl_dir.'/'.$domain.'.crt';
 		$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
 
-		$vhost_data['nginx_directives'] = preg_replace("/\[IP\]/", $vhost_data['ip_address'], $vhost_data['nginx_directives']);
+		if($vhost_data['nginx_directives']) {
+			$vhost_data['nginx_directives'] = preg_replace("/\[IP\]/", $vhost_data['ip_address'], $vhost_data['nginx_directives']);
+		}
 
 
 		if($data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file)) {
@@ -130,7 +132,7 @@ class nginx_reverseproxy_plugin {
 
 
 		// get alias domains (co-domains and subdomains)
-		$aliases = $app->dbmaster->queryAllRecords('SELECT * FROM web_domain WHERE parent_domain_id = '.$data['new']['domain_id']." AND type != 'vhostsubdomain' AND active = 'y'");
+		$aliases = $app->dbmaster->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ? AND (type != 'vhostsubdomain' OR type != 'vhostalias') AND active = 'y'", $data['new']['domain_id']);
 		$server_alias = array();
 		switch($data['new']['subdomain']) {
 		case 'www':
@@ -176,7 +178,7 @@ class nginx_reverseproxy_plugin {
 		}
 
 
-		$vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost');
+		$vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost';
 		//* Make a backup copy of vhost file
 		copy($vhost_file, $vhost_file.'~');
 
@@ -187,7 +189,7 @@ class nginx_reverseproxy_plugin {
 
 
 		// Set the symlink to enable the vhost
-		$vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost');
+		$vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost';
 		if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) {
 			symlink($vhost_file, $vhost_symlink);
 			$app->log('Creating symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
@@ -199,18 +201,18 @@ class nginx_reverseproxy_plugin {
 			$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
 		}
 
-		if(!is_dir('/var/log/ispconfig/nginx/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/nginx/'.$data['new']['domain']);
+		if(!is_dir('/var/log/ispconfig/nginx/'.$data['new']['domain'])) $app->system->exec_safe('mkdir -p ?', '/var/log/ispconfig/nginx/'.$data['new']['domain']);
 
 		// remove old symlink and vhost file, if domain name of the site has changed
 		if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
-			$vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
+			$vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost';
 			unlink($vhost_symlink);
 			$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
-			$vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
+			$vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost';
 			unlink($vhost_file);
 			$app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG);
 
-			if(is_dir('/var/log/ispconfig/nginx/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/nginx/'.$data['old']['domain']);
+			if(is_dir('/var/log/ispconfig/nginx/'.$data['old']['domain'])) $app->system->exec_safe('rm -rf ?', '/var/log/ispconfig/nginx/'.$data['old']['domain']);
 		}
 
 		// request a httpd reload when all records have been processed
@@ -232,7 +234,7 @@ class nginx_reverseproxy_plugin {
 	function ssl($event_name, $data) {
 		global $app, $conf;
 
-		if(!is_dir($conf['nginx']['config_dir'].'/ssl')) exec('mkdir -p '.$conf['nginx']['config_dir'].'/ssl');
+		if(!is_dir($conf['nginx']['config_dir'].'/ssl')) $app->system->exec_safe('mkdir -p ?', $conf['nginx']['config_dir'].'/ssl');
 		$ssl_dir = $conf['nginx']['config_dir'].'/ssl';
 		$domain = $data['new']['ssl_domain'];
 		$key_file = $ssl_dir.'/'.$domain.'.key.org';
@@ -243,14 +245,14 @@ class nginx_reverseproxy_plugin {
 
 		//* Save a SSL certificate to disk
 		if($data["new"]["ssl_action"] == 'save') {
-			$web = $app->masterdb->queryOneRecord("select wd.document_root, sp.ip_address from web_domain wd INNER JOIN server_ip sp USING(server_id) WHERE domain = '".$data['new']['domain']."'");
+			$web = $app->masterdb->queryOneRecord("select wd.document_root, sp.ip_address from web_domain wd INNER JOIN server_ip sp USING(server_id) WHERE domain = ?", $data['new']['domain']);
 
 			$src_ssl_dir = $web["document_root"]."/ssl";
 			//$domain = $data["new"]["ssl_domain"];
 			//$csr_file = $ssl_dir.'/'.$domain.".csr";
 			//$crt_file = $ssl_dir.'/'.$domain.".crt";
 			//$bundle_file = $ssl_dir.'/'.$domain.".bundle";
-			$this->_exec('rsync -v -e ssh root@'.$web['ip_address'].':~/$src_ssl_dir '.$ssl_dir);
+			$app->system->exec_safe('rsync -v -e ssh root@?:? ?', $web['ip_address'], '~/'.$src_ssl_dir, $ssl_dir);
 
 			$app->log('Syncing SSL Cert for: '.$domain, LOGLEVEL_DEBUG);
 		}
@@ -280,35 +282,28 @@ class nginx_reverseproxy_plugin {
 		$nginx_config = $app->getconf->get_server_config($conf['server_id'], 'web');
 
 
-		if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain') {
+		if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') {
 
 			//* This is a website
 			// Deleting the vhost file, symlink and the data directory
-			$vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
+			$vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost';
 			unlink($vhost_symlink);
 			$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
 
-			$vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
+			$vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost';
 			unlink($vhost_file);
 			$app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG);
 
 
 
 			// Delete the log file directory
-			$vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/nginx/'.$data['old']['domain']);
-			if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir);
+			$vhost_logfile_dir = '/var/log/ispconfig/nginx/'.$data['old']['domain'];
+			if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) $app->system->exec_safe('rm -rf ?', $vhost_logfile_dir);
 			$app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG);
 
 		}
 	}
 
-	//* Wrapper for exec function for easier debugging
-	private function _exec($command) {
-		global $app;
-		$app->log('exec: '.$command, LOGLEVEL_DEBUG);
-		exec($command);
-	}
-
 	function rewrite_insert($event_name, $data) {
 		global $app, $conf;
 
@@ -329,7 +324,7 @@ class nginx_reverseproxy_plugin {
 		$tpl->newTemplate("nginx_reverseproxy_rewrites.conf.master");
 		if (!empty($rules))$tpl->setLoop('nginx_rewrite_rules', $rules);
 
-		$rewrites_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/default.rewrites.conf');
+		$rewrites_file = $nginx_config['nginx_vhost_conf_dir'].'/default.rewrites.conf';
 		//* Make a backup copy of vhost file
 		copy($rewrites_file, $rewrites_file.'~');
 
@@ -340,7 +335,7 @@ class nginx_reverseproxy_plugin {
 
 
 		// Set the symlink to enable the vhost
-		$rewrite_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/default.rewrites.conf');
+		$rewrite_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/default.rewrites.conf';
 
 		if(!is_link($rewrite_symlink)) {
 			symlink($rewrites_file, $rewrite_symlink);

docs/under_development/DEV_CHROOTED_DEBIAN_5.0.txt

@@ -96,7 +96,7 @@ echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf
 # Install ISPConfig
 
 cd /tmp
-wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz
+wget https://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz
 tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz
 cd ispconfig3_install/install/
 php -q install.php