From e7db797575d1fb770673de1a9bb1f906f9e2bf6e Mon Sep 17 00:00:00 2001 From: thom Date: Fri, 31 Jul 2020 12:42:04 +0200 Subject: [PATCH 01/12] Make client protection configurable (#4048) --- install/tpl/system.ini.master | 1 + interface/web/sites/web_vhost_domain_edit.php | 12 +++++++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master index d6dfa18f47..05fb917875 100644 --- a/install/tpl/system.ini.master +++ b/install/tpl/system.ini.master @@ -1,4 +1,5 @@ [global] +client_protection=y [admin] diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php index cc476a2276..f5a66340a0 100644 --- a/interface/web/sites/web_vhost_domain_edit.php +++ b/interface/web/sites/web_vhost_domain_edit.php @@ -1376,11 +1376,17 @@ class page_action extends tform_actions { function onAfterInsert() { global $app, $conf; - // make sure that the record belongs to the clinet group and not the admin group when admin inserts it + // make sure that the record belongs to the client group and not the admin group when admin inserts it // also make sure that the user can not delete domain created by a admin if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { - $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); - $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); + $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); + $app->uses('getconf'); + $global_config = $app->getconf->get_global_config('global'); + if($global_config['client_protection'] == 'y') { + $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); + else + $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); + } } if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); -- GitLab From 6f11f6d10cc9b09fcb50ffa829bb87d14820f040 Mon Sep 17 00:00:00 2001 From: thom Date: Fri, 31 Jul 2020 13:15:26 +0200 Subject: [PATCH 02/12] Make client protection configurable (#4048) --- .../sites_web_vhost_domain_plugin.inc.php | 20 ++++++++++++------- .../lib/plugins/vm_openvz_plugin.inc.php | 4 ++-- interface/web/client/domain_edit.php | 4 ++-- interface/web/mail/mail_mailinglist_edit.php | 4 ++-- interface/web/mail/xmpp_domain_edit.php | 2 +- interface/web/sites/web_vhost_domain_edit.php | 6 +++--- 6 files changed, 23 insertions(+), 17 deletions(-) diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php index 3f9b0db5b6..a887aa40b2 100644 --- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php +++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php @@ -46,12 +46,18 @@ class sites_web_vhost_domain_plugin { $vhostdomain_type = 'domain'; if($page_form->dataRecord['type'] == 'vhostalias') $vhostdomain_type = 'aliasdomain'; elseif($page_form->dataRecord['type'] == 'vhostsubdomain') $vhostdomain_type = 'subdomain'; - - // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it - // also make sure that the user can not delete domain created by a admin + + // make sure that the record belongs to the client group and not the admin group when a admin inserts it + // also make sure that the user can not delete domain created by a admin if client protection is enabled if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]); - $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $page_form->id); + $app->uses('getconf'); + $global_config = $app->getconf->get_global_config('sites'); + if($global_config['client_protection'] == 'y') { + $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); + } else { + $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); + } } if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]); @@ -62,7 +68,7 @@ class sites_web_vhost_domain_plugin { $web_config = $app->getconf->get_server_config($app->functions->intval($page_form->dataRecord['server_id']), 'web'); if(isset($app->tform) && is_object($app->tform)) $web_rec = $app->tform->getDataRecord($page_form->id); else $web_rec = $app->remoting_lib->getDataRecord($page_form->id); - + if($vhostdomain_type == 'domain') { $document_root = str_replace("[website_id]", $page_form->id, $web_config["website_path"]); $document_root = str_replace("[website_idhash_1]", $this->id_hash($page_form->id, 1), $document_root); @@ -97,7 +103,7 @@ class sites_web_vhost_domain_plugin { $document_root = str_replace("[client_idhash_2]", $this->id_hash($client_id, 2), $document_root); $document_root = str_replace("[client_idhash_3]", $this->id_hash($client_id, 3), $document_root); $document_root = str_replace("[client_idhash_4]", $this->id_hash($client_id, 4), $document_root); - + if($event_name == 'sites:web_vhost_domain:on_after_update') { if(($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) && isset($page_form->dataRecord["client_group_id"]) && $page_form->dataRecord["client_group_id"] != $page_form->oldDataRecord["sys_groupid"]) { @@ -280,7 +286,7 @@ class sites_web_vhost_domain_plugin { $php_open_basedir = str_replace("[website_path]", $document_root, $web_config["php_open_basedir"]); $php_open_basedir = str_replace("[website_domain]", $app->functions->idn_encode($page_form->dataRecord['domain']), $php_open_basedir); $htaccess_allow_override = $web_config["htaccess_allow_override"]; - + $sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ? WHERE domain_id = ?"; $app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $page_form->id); } diff --git a/interface/lib/plugins/vm_openvz_plugin.inc.php b/interface/lib/plugins/vm_openvz_plugin.inc.php index 281fae4a1f..3f378522bb 100644 --- a/interface/lib/plugins/vm_openvz_plugin.inc.php +++ b/interface/lib/plugins/vm_openvz_plugin.inc.php @@ -38,7 +38,7 @@ class vm_openvz_plugin { $this->oldDataRecord = $page_form->oldDataRecord; // make sure that the record belongs to the clinet group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin + // also make sure that the user can not delete domain created by a admin if client protection is enabled if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id); @@ -87,7 +87,7 @@ class vm_openvz_plugin { $this->oldDataRecord = $page_form->oldDataRecord; // make sure that the record belongs to the clinet group and not the admin group when a admin inserts it - // also make sure that the user can not delete domain created by a admin + // also make sure that the user can not delete domain created by a admin if client protection is enabled if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id); diff --git a/interface/web/client/domain_edit.php b/interface/web/client/domain_edit.php index 094e1899be..f1614f075f 100644 --- a/interface/web/client/domain_edit.php +++ b/interface/web/client/domain_edit.php @@ -197,7 +197,7 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the client group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin + // also make sure that the user can not delete domain created by a admin if client protection is enabled if(($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) || ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid']))) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); @@ -215,7 +215,7 @@ class page_action extends tform_actions { } // make sure that the record belongs to the client group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin + // also make sure that the user can not delete domain created by a admin if client protection is enabled if(isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); diff --git a/interface/web/mail/mail_mailinglist_edit.php b/interface/web/mail/mail_mailinglist_edit.php index 913611323d..6aba979d54 100644 --- a/interface/web/mail/mail_mailinglist_edit.php +++ b/interface/web/mail/mail_mailinglist_edit.php @@ -198,7 +198,7 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the client group and not the admin group when a dmin inserts it - // also make sure that the user can not delete domain created by a admin + // also make sure that the user can not delete domain created by a admin if client protection is enabled if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE mail_mailinglist SET sys_groupid = ?, sys_perm_group = 'ru' WHERE mailinglist_id = ?", $client_group_id, $this->id); @@ -235,7 +235,7 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the clinet group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin + // also make sure that the user can not delete domain created by a admin if client protection is enabled if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE mail_mailinglist SET sys_groupid = ?, sys_perm_group = 'ru' WHERE mailinglist_id = ?", $client_group_id, $this->id); diff --git a/interface/web/mail/xmpp_domain_edit.php b/interface/web/mail/xmpp_domain_edit.php index 500757c159..508400c74c 100644 --- a/interface/web/mail/xmpp_domain_edit.php +++ b/interface/web/mail/xmpp_domain_edit.php @@ -318,7 +318,7 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the client group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin + // also make sure that the user can not delete domain created by a admin if client protection is enabled if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE xmpp_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php index f5a66340a0..4d1124d802 100644 --- a/interface/web/sites/web_vhost_domain_edit.php +++ b/interface/web/sites/web_vhost_domain_edit.php @@ -1377,14 +1377,14 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the client group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin + // also make sure that the user can not delete domain created by a admin if client protection is enabled if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->uses('getconf'); - $global_config = $app->getconf->get_global_config('global'); + $global_config = $app->getconf->get_global_config('sites'); if($global_config['client_protection'] == 'y') { $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); - else + } else { $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); } } -- GitLab From a94ccb9d1585f0b6b241f5f1468a1c8ce16f0564 Mon Sep 17 00:00:00 2001 From: thom Date: Fri, 31 Jul 2020 13:31:16 +0200 Subject: [PATCH 03/12] Make client protection configurable (#4048) --- install/tpl/system.ini.master | 2 +- interface/lib/plugins/vm_openvz_plugin.inc.php | 4 ++-- interface/web/client/domain_edit.php | 8 ++++---- interface/web/mail/mail_mailinglist_edit.php | 4 ++-- interface/web/mail/xmpp_domain_edit.php | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master index 05fb917875..ec6573d7b1 100644 --- a/install/tpl/system.ini.master +++ b/install/tpl/system.ini.master @@ -1,5 +1,4 @@ [global] -client_protection=y [admin] @@ -37,6 +36,7 @@ backups_include_into_web_quota=n reseller_can_use_options=n web_php_options=no,fast-cgi,mod,php-fpm show_aps_menu=n +client_protection=y [tools] diff --git a/interface/lib/plugins/vm_openvz_plugin.inc.php b/interface/lib/plugins/vm_openvz_plugin.inc.php index 3f378522bb..281fae4a1f 100644 --- a/interface/lib/plugins/vm_openvz_plugin.inc.php +++ b/interface/lib/plugins/vm_openvz_plugin.inc.php @@ -38,7 +38,7 @@ class vm_openvz_plugin { $this->oldDataRecord = $page_form->oldDataRecord; // make sure that the record belongs to the clinet group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin if client protection is enabled + // also make sure that the user can not delete domain created by a admin if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id); @@ -87,7 +87,7 @@ class vm_openvz_plugin { $this->oldDataRecord = $page_form->oldDataRecord; // make sure that the record belongs to the clinet group and not the admin group when a admin inserts it - // also make sure that the user can not delete domain created by a admin if client protection is enabled + // also make sure that the user can not delete domain created by a admin if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id); diff --git a/interface/web/client/domain_edit.php b/interface/web/client/domain_edit.php index f1614f075f..af7b900b91 100644 --- a/interface/web/client/domain_edit.php +++ b/interface/web/client/domain_edit.php @@ -67,7 +67,7 @@ class page_action extends tform_actions { function onShowEnd() { global $app, $conf, $wb; - + if($_SESSION["s"]["user"]["typ"] != 'admin' && $this->id == 0) { if(!$app->tform->checkClientLimit('limit_domainmodule')) { $app->uses('ini_parser,getconf'); @@ -100,7 +100,7 @@ class page_action extends tform_actions { $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id); $client = $app->functions->htmlentities($client); - + // Fill the client select field $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name"; //die($sql); @@ -197,7 +197,7 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the client group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin if client protection is enabled + // also make sure that the user can not delete domain created by a admin if(($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) || ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid']))) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); @@ -215,7 +215,7 @@ class page_action extends tform_actions { } // make sure that the record belongs to the client group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin if client protection is enabled + // also make sure that the user can not delete domain created by a admin if(isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); diff --git a/interface/web/mail/mail_mailinglist_edit.php b/interface/web/mail/mail_mailinglist_edit.php index 6aba979d54..913611323d 100644 --- a/interface/web/mail/mail_mailinglist_edit.php +++ b/interface/web/mail/mail_mailinglist_edit.php @@ -198,7 +198,7 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the client group and not the admin group when a dmin inserts it - // also make sure that the user can not delete domain created by a admin if client protection is enabled + // also make sure that the user can not delete domain created by a admin if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE mail_mailinglist SET sys_groupid = ?, sys_perm_group = 'ru' WHERE mailinglist_id = ?", $client_group_id, $this->id); @@ -235,7 +235,7 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the clinet group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin if client protection is enabled + // also make sure that the user can not delete domain created by a admin if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE mail_mailinglist SET sys_groupid = ?, sys_perm_group = 'ru' WHERE mailinglist_id = ?", $client_group_id, $this->id); diff --git a/interface/web/mail/xmpp_domain_edit.php b/interface/web/mail/xmpp_domain_edit.php index 508400c74c..500757c159 100644 --- a/interface/web/mail/xmpp_domain_edit.php +++ b/interface/web/mail/xmpp_domain_edit.php @@ -318,7 +318,7 @@ class page_action extends tform_actions { global $app, $conf; // make sure that the record belongs to the client group and not the admin group when admin inserts it - // also make sure that the user can not delete domain created by a admin if client protection is enabled + // also make sure that the user can not delete domain created by a admin if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE xmpp_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); -- GitLab From 6a108683444b849bbe3abf4ebb086d77ef261910 Mon Sep 17 00:00:00 2001 From: thom Date: Fri, 31 Jul 2020 14:46:56 +0200 Subject: [PATCH 04/12] Make client protection configurable (#4048) --- .../plugins/sites_web_vhost_domain_plugin.inc.php | 4 ++-- interface/web/admin/form/system_config.tform.php | 7 ++++++- interface/web/admin/lib/lang/ar_system_config.lng | 1 + interface/web/admin/lib/lang/bg_system_config.lng | 1 + interface/web/admin/lib/lang/br_system_config.lng | 1 + interface/web/admin/lib/lang/ca_system_config.lng | 1 + interface/web/admin/lib/lang/cz_system_config.lng | 1 + interface/web/admin/lib/lang/de_system_config.lng | 1 + interface/web/admin/lib/lang/dk_system_config.lng | 1 + interface/web/admin/lib/lang/el_system_config.lng | 1 + interface/web/admin/lib/lang/en_system_config.lng | 1 + interface/web/admin/lib/lang/es_system_config.lng | 1 + interface/web/admin/lib/lang/fi_system_config.lng | 1 + interface/web/admin/lib/lang/fr_system_config.lng | 1 + interface/web/admin/lib/lang/hr_system_config.lng | 1 + interface/web/admin/lib/lang/hu_system_config.lng | 1 + interface/web/admin/lib/lang/id_system_config.lng | 1 + interface/web/admin/lib/lang/it_system_config.lng | 1 + interface/web/admin/lib/lang/ja_system_config.lng | 1 + interface/web/admin/lib/lang/nl_system_config.lng | 1 + interface/web/admin/lib/lang/pl_system_config.lng | 1 + interface/web/admin/lib/lang/pt_system_config.lng | 1 + interface/web/admin/lib/lang/ro_system_config.lng | 1 + interface/web/admin/lib/lang/ru_system_config.lng | 1 + interface/web/admin/lib/lang/se_system_config.lng | 1 + interface/web/admin/lib/lang/sk_system_config.lng | 1 + interface/web/admin/lib/lang/tr_system_config.lng | 1 + .../web/admin/templates/system_config_sites_edit.htm | 12 +++++++++--- 28 files changed, 42 insertions(+), 6 deletions(-) diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php index a887aa40b2..377cae3629 100644 --- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php +++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php @@ -54,9 +54,9 @@ class sites_web_vhost_domain_plugin { $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); if($global_config['client_protection'] == 'y') { - $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); + $app->db->query("UPDATE web_domain SET sys_clientid = ?, sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); } else { - $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); + $app->db->query("UPDATE web_domain SET sys_clientid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); } } if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) { diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php index 4dd069b613..0e29902c33 100644 --- a/interface/web/admin/form/system_config.tform.php +++ b/interface/web/admin/form/system_config.tform.php @@ -148,6 +148,12 @@ $form["tabs"]['sites'] = array ( 'width' => '30', 'maxlength' => '255' ), + 'client_protection' => array ( + 'datatype' => 'VARCHAR', + 'formtype' => 'CHECKBOX', + 'default' => 'y', + 'value' => array(0 => 'n', 1 => 'y') + ), 'vhost_subdomains' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'CHECKBOX', @@ -795,4 +801,3 @@ $form['tabs']['dns_ca'] = array ( ) ) ); - diff --git a/interface/web/admin/lib/lang/ar_system_config.lng b/interface/web/admin/lib/lang/ar_system_config.lng index b871fc930c..495da61225 100644 --- a/interface/web/admin/lib/lang/ar_system_config.lng +++ b/interface/web/admin/lib/lang/ar_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/bg_system_config.lng b/interface/web/admin/lib/lang/bg_system_config.lng index cf8e8c8273..25ad5d2cc5 100644 --- a/interface/web/admin/lib/lang/bg_system_config.lng +++ b/interface/web/admin/lib/lang/bg_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/br_system_config.lng b/interface/web/admin/lib/lang/br_system_config.lng index eccac5d178..a680265116 100644 --- a/interface/web/admin/lib/lang/br_system_config.lng +++ b/interface/web/admin/lib/lang/br_system_config.lng @@ -94,4 +94,5 @@ $wb['active_txt'] = 'Ativo'; $wb['btn_save_txt'] = 'Salvar'; $wb['btn_cancel_txt'] = 'Cancelar'; $wb['web_php_options_txt'] = 'Manipulador do php (Somente apache)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/ca_system_config.lng b/interface/web/admin/lib/lang/ca_system_config.lng index 17e4fd3db8..f40012120f 100644 --- a/interface/web/admin/lib/lang/ca_system_config.lng +++ b/interface/web/admin/lib/lang/ca_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/cz_system_config.lng b/interface/web/admin/lib/lang/cz_system_config.lng index fb9f4cf843..b7a7515403 100644 --- a/interface/web/admin/lib/lang/cz_system_config.lng +++ b/interface/web/admin/lib/lang/cz_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktivní'; $wb['btn_save_txt'] = 'Uložit'; $wb['btn_cancel_txt'] = 'Zrušit'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/de_system_config.lng b/interface/web/admin/lib/lang/de_system_config.lng index 7e88eccd00..58575617ad 100644 --- a/interface/web/admin/lib/lang/de_system_config.lng +++ b/interface/web/admin/lib/lang/de_system_config.lng @@ -99,4 +99,5 @@ $wb['active_txt'] = 'Aktiv'; $wb['btn_save_txt'] = 'Speichern'; $wb['btn_cancel_txt'] = 'Abbrechen'; $wb['web_php_options_txt'] = 'PHP Handler (Nur Apache)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/dk_system_config.lng b/interface/web/admin/lib/lang/dk_system_config.lng index 2be15ca1a0..6801b566c9 100644 --- a/interface/web/admin/lib/lang/dk_system_config.lng +++ b/interface/web/admin/lib/lang/dk_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/el_system_config.lng b/interface/web/admin/lib/lang/el_system_config.lng index 045e20d021..f324e335b3 100644 --- a/interface/web/admin/lib/lang/el_system_config.lng +++ b/interface/web/admin/lib/lang/el_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng index 27a5e58f28..882e6c21c3 100644 --- a/interface/web/admin/lib/lang/en_system_config.lng +++ b/interface/web/admin/lib/lang/en_system_config.lng @@ -102,4 +102,5 @@ $wb['active_txt'] = 'Active'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/es_system_config.lng b/interface/web/admin/lib/lang/es_system_config.lng index 96e1e4487a..4eeaa9abe9 100644 --- a/interface/web/admin/lib/lang/es_system_config.lng +++ b/interface/web/admin/lib/lang/es_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/fi_system_config.lng b/interface/web/admin/lib/lang/fi_system_config.lng index b6102f7f62..831eee9ff6 100644 --- a/interface/web/admin/lib/lang/fi_system_config.lng +++ b/interface/web/admin/lib/lang/fi_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/fr_system_config.lng b/interface/web/admin/lib/lang/fr_system_config.lng index 38e2573044..a5270b879f 100644 --- a/interface/web/admin/lib/lang/fr_system_config.lng +++ b/interface/web/admin/lib/lang/fr_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/hr_system_config.lng b/interface/web/admin/lib/lang/hr_system_config.lng index ab8756e956..220ca7e90c 100644 --- a/interface/web/admin/lib/lang/hr_system_config.lng +++ b/interface/web/admin/lib/lang/hr_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/hu_system_config.lng b/interface/web/admin/lib/lang/hu_system_config.lng index 4262b89209..0069f31c07 100644 --- a/interface/web/admin/lib/lang/hu_system_config.lng +++ b/interface/web/admin/lib/lang/hu_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/id_system_config.lng b/interface/web/admin/lib/lang/id_system_config.lng index fe545e7476..539699da88 100644 --- a/interface/web/admin/lib/lang/id_system_config.lng +++ b/interface/web/admin/lib/lang/id_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/it_system_config.lng b/interface/web/admin/lib/lang/it_system_config.lng index f261ba3e81..0c20959df2 100644 --- a/interface/web/admin/lib/lang/it_system_config.lng +++ b/interface/web/admin/lib/lang/it_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/ja_system_config.lng b/interface/web/admin/lib/lang/ja_system_config.lng index 96ce2d2ad6..f6b5c9e1a5 100644 --- a/interface/web/admin/lib/lang/ja_system_config.lng +++ b/interface/web/admin/lib/lang/ja_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/nl_system_config.lng b/interface/web/admin/lib/lang/nl_system_config.lng index f9f59896bf..19eae464a3 100644 --- a/interface/web/admin/lib/lang/nl_system_config.lng +++ b/interface/web/admin/lib/lang/nl_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/pl_system_config.lng b/interface/web/admin/lib/lang/pl_system_config.lng index 5f49133f56..f44853ccb2 100644 --- a/interface/web/admin/lib/lang/pl_system_config.lng +++ b/interface/web/admin/lib/lang/pl_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/pt_system_config.lng b/interface/web/admin/lib/lang/pt_system_config.lng index 10b87a40ae..bbfedbf3a4 100644 --- a/interface/web/admin/lib/lang/pt_system_config.lng +++ b/interface/web/admin/lib/lang/pt_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/ro_system_config.lng b/interface/web/admin/lib/lang/ro_system_config.lng index 56c7e40059..a7756c737d 100644 --- a/interface/web/admin/lib/lang/ro_system_config.lng +++ b/interface/web/admin/lib/lang/ro_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/ru_system_config.lng b/interface/web/admin/lib/lang/ru_system_config.lng index c0da3d894a..37d9c263ab 100644 --- a/interface/web/admin/lib/lang/ru_system_config.lng +++ b/interface/web/admin/lib/lang/ru_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/se_system_config.lng b/interface/web/admin/lib/lang/se_system_config.lng index bf24b9852b..6768bc4118 100644 --- a/interface/web/admin/lib/lang/se_system_config.lng +++ b/interface/web/admin/lib/lang/se_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/sk_system_config.lng b/interface/web/admin/lib/lang/sk_system_config.lng index 2fdce03e69..85a96bf5bf 100644 --- a/interface/web/admin/lib/lang/sk_system_config.lng +++ b/interface/web/admin/lib/lang/sk_system_config.lng @@ -95,4 +95,5 @@ $wb['active_txt'] = 'Aktive'; $wb['btn_save_txt'] = 'Save'; $wb['btn_cancel_txt'] = 'Cancel'; $wb['web_php_options_txt'] = 'PHP Handler (Apache only)'; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/lib/lang/tr_system_config.lng b/interface/web/admin/lib/lang/tr_system_config.lng index afc8a9239f..b4cb7c8d11 100644 --- a/interface/web/admin/lib/lang/tr_system_config.lng +++ b/interface/web/admin/lib/lang/tr_system_config.lng @@ -89,4 +89,5 @@ $wb['custom_login_link_txt'] = 'Oturum Açma Sayfası Bağlantısı'; $wb['login_link_error_regex'] = 'Oturum Açma Bağlantısı Geçersiz'; $wb["default_remote_dbserver_txt"] = "Default DB Remote servers"; $wb["disable_client_remote_dbserver_txt"] = "Disable DB Remote sections for Clients"; +$wb['client_protection_txt'] = 'Client protection'; ?> diff --git a/interface/web/admin/templates/system_config_sites_edit.htm b/interface/web/admin/templates/system_config_sites_edit.htm index 82576d5e53..c84b50e6b8 100644 --- a/interface/web/admin/templates/system_config_sites_edit.htm +++ b/interface/web/admin/templates/system_config_sites_edit.htm @@ -26,6 +26,12 @@
+
+ +
+ {tmpl_var name='client_protection'} +
+
@@ -84,10 +90,10 @@
- - + + - +
-- GitLab From 0bd188f1eba6b25983319c37bfb7bc5ca83902c4 Mon Sep 17 00:00:00 2001 From: thom Date: Fri, 31 Jul 2020 15:13:30 +0200 Subject: [PATCH 05/12] Make client protection configurable (#4048) --- interface/web/admin/system_config_edit.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php index 04db6717b0..ac3a1dcb6a 100644 --- a/interface/web/admin/system_config_edit.php +++ b/interface/web/admin/system_config_edit.php @@ -96,7 +96,7 @@ class page_action extends tform_actions { if($available_dashlets_txt == '') $available_dashlets_txt = '------'; $app->tpl->setVar("available_dashlets_txt", $available_dashlets_txt); - + // Logo $sys_ini = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = ?", $this->id); if($sys_ini['custom_logo'] != ''){ @@ -156,6 +156,11 @@ class page_action extends tform_actions { */ $new_config = $app->tform->encode($this->dataRecord, $section); + if($section == 'sites' && $new_config['client_protection'] != 'y' && $server_config_array['sites']['client_protection'] == 'y') { + $app->db->query("UPDATE web_domain sys_perm_group = 'riud' WHERE added_by = admin"); + } elseif($section == 'sites' && $new_config['client_protection'] != 'n' && $server_config_array['sites']['client_protection'] == 'n') { + $app->db->query("UPDATE web_domain sys_perm_group = 'ru' WHERE added_by = admin"); + } if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['sites']['vhost_subdomains'] == 'y') { // check for existing vhost subdomains, if found the mode cannot be disabled $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_domain` WHERE `type` = 'vhostsubdomain'"); @@ -198,13 +203,13 @@ class page_action extends tform_actions { "FROM dns_soa"; $app->db->query($sql); } - + //die(print_r($_FILES)); // Logo /* if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name'])){ //print_r($_FILES); - + $path= $_FILES['file']['tmp_name']; $type = pathinfo($path, PATHINFO_EXTENSION); $data = file_get_contents($path); -- GitLab From 213d96ee451d505a23e14fbcb9907c38598af5ef Mon Sep 17 00:00:00 2001 From: thom Date: Fri, 31 Jul 2020 15:33:44 +0200 Subject: [PATCH 06/12] Make client protection configurable (#4048) --- interface/web/admin/system_config_edit.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php index ac3a1dcb6a..fa5cf6a155 100644 --- a/interface/web/admin/system_config_edit.php +++ b/interface/web/admin/system_config_edit.php @@ -157,9 +157,9 @@ class page_action extends tform_actions { $new_config = $app->tform->encode($this->dataRecord, $section); if($section == 'sites' && $new_config['client_protection'] != 'y' && $server_config_array['sites']['client_protection'] == 'y') { - $app->db->query("UPDATE web_domain sys_perm_group = 'riud' WHERE added_by = admin"); + $app->db->query("UPDATE `web_domain` SET `sys_perm_group` = 'riud' WHERE `added_by` = 'admin'"); } elseif($section == 'sites' && $new_config['client_protection'] != 'n' && $server_config_array['sites']['client_protection'] == 'n') { - $app->db->query("UPDATE web_domain sys_perm_group = 'ru' WHERE added_by = admin"); + $app->db->query("UPDATE `web_domain` SET `sys_perm_group` = 'ru' WHERE `added_by` = 'admin'"); } if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['sites']['vhost_subdomains'] == 'y') { // check for existing vhost subdomains, if found the mode cannot be disabled -- GitLab From f9c8e9eefd49972dcbeb1b591b92cf324401bbb6 Mon Sep 17 00:00:00 2001 From: thom Date: Fri, 31 Jul 2020 17:04:32 +0200 Subject: [PATCH 07/12] Remove / add protection on config change (#4048) --- interface/web/admin/system_config_edit.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php index fa5cf6a155..671b71032f 100644 --- a/interface/web/admin/system_config_edit.php +++ b/interface/web/admin/system_config_edit.php @@ -157,9 +157,9 @@ class page_action extends tform_actions { $new_config = $app->tform->encode($this->dataRecord, $section); if($section == 'sites' && $new_config['client_protection'] != 'y' && $server_config_array['sites']['client_protection'] == 'y') { - $app->db->query("UPDATE `web_domain` SET `sys_perm_group` = 'riud' WHERE `added_by` = 'admin'"); + $app->db->query("UPDATE `web_domain` SET `sys_userid` = (select `userid` FROM `sys_user` WHERE `default_group` = `web_domain`.`sys_groupid`), `sys_perm_group` = 'riud' WHERE `added_by` = 'admin'"); } elseif($section == 'sites' && $new_config['client_protection'] != 'n' && $server_config_array['sites']['client_protection'] == 'n') { - $app->db->query("UPDATE `web_domain` SET `sys_perm_group` = 'ru' WHERE `added_by` = 'admin'"); + $app->db->query("UPDATE `web_domain` SET `sys_userid` = 1, `sys_perm_group` = 'ru' WHERE `added_by` = 'admin'"); } if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['sites']['vhost_subdomains'] == 'y') { // check for existing vhost subdomains, if found the mode cannot be disabled -- GitLab From b15fb89e5eceb60216f36da5e532fc7551311b49 Mon Sep 17 00:00:00 2001 From: thom Date: Fri, 31 Jul 2020 22:31:23 +0200 Subject: [PATCH 08/12] Remove incorrect code --- interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php index 377cae3629..a887aa40b2 100644 --- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php +++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php @@ -54,9 +54,9 @@ class sites_web_vhost_domain_plugin { $app->uses('getconf'); $global_config = $app->getconf->get_global_config('sites'); if($global_config['client_protection'] == 'y') { - $app->db->query("UPDATE web_domain SET sys_clientid = ?, sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); + $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); } else { - $app->db->query("UPDATE web_domain SET sys_clientid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); + $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); } } if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) { -- GitLab From 787e27d41a1f87d8de4c06d077ec49ad96d85d76 Mon Sep 17 00:00:00 2001 From: Till Brehm Date: Tue, 11 Aug 2020 19:58:13 +0200 Subject: [PATCH 09/12] Set client protection mode based on global setting. --- interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php index a887aa40b2..e84505ebbe 100644 --- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php +++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php @@ -56,7 +56,8 @@ class sites_web_vhost_domain_plugin { if($global_config['client_protection'] == 'y') { $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); } else { - $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); + $sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id); + $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser['userid'],$client_group_id, $this->id); } } if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) { -- GitLab From be667fd6af6aa38ca311110da7f33d102c937727 Mon Sep 17 00:00:00 2001 From: Till Brehm Date: Tue, 11 Aug 2020 20:26:55 +0200 Subject: [PATCH 10/12] Fixed issues with userid setting for client protection feature. --- interface/web/admin/system_config_edit.php | 4 +++- interface/web/sites/web_vhost_domain_edit.php | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php index 671b71032f..9b3102e60e 100644 --- a/interface/web/admin/system_config_edit.php +++ b/interface/web/admin/system_config_edit.php @@ -156,11 +156,13 @@ class page_action extends tform_actions { */ $new_config = $app->tform->encode($this->dataRecord, $section); + if($section == 'sites' && $new_config['client_protection'] != 'y' && $server_config_array['sites']['client_protection'] == 'y') { - $app->db->query("UPDATE `web_domain` SET `sys_userid` = (select `userid` FROM `sys_user` WHERE `default_group` = `web_domain`.`sys_groupid`), `sys_perm_group` = 'riud' WHERE `added_by` = 'admin'"); + $app->db->query("UPDATE `web_domain` SET `sys_userid` = (select `userid` FROM `sys_user` WHERE `default_group` = `web_domain`.`sys_groupid`), `sys_perm_group` = 'riud' WHERE `added_by` = 'admin' and sys_groupid > 0"); } elseif($section == 'sites' && $new_config['client_protection'] != 'n' && $server_config_array['sites']['client_protection'] == 'n') { $app->db->query("UPDATE `web_domain` SET `sys_userid` = 1, `sys_perm_group` = 'ru' WHERE `added_by` = 'admin'"); } + if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['sites']['vhost_subdomains'] == 'y') { // check for existing vhost subdomains, if found the mode cannot be disabled $check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_domain` WHERE `type` = 'vhostsubdomain'"); diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php index 4d1124d802..6121e413d5 100644 --- a/interface/web/sites/web_vhost_domain_edit.php +++ b/interface/web/sites/web_vhost_domain_edit.php @@ -1385,7 +1385,8 @@ class page_action extends tform_actions { if($global_config['client_protection'] == 'y') { $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); } else { - $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id); + $sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id); + $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser['userid'],$client_group_id, $this->id); } } if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) { -- GitLab From 826fd85e0e6043598add89263f549b48f07db2ff Mon Sep 17 00:00:00 2001 From: Till Brehm Date: Fri, 14 Aug 2020 13:44:30 +0200 Subject: [PATCH 11/12] Fixed Column 'sys_userid' cannot be null error when adding website as admin without choosing a client. --- interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php | 3 ++- interface/web/sites/web_vhost_domain_edit.php | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php index e84505ebbe..b29ff53ad9 100644 --- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php +++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php @@ -57,7 +57,8 @@ class sites_web_vhost_domain_plugin { $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); } else { $sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id); - $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser['userid'],$client_group_id, $this->id); + $sysuser_id = (is_array($sysuser) && isset($sysuser['userid']) && $sysuser['userid'] > 0)?$sysuser['userid'],1; + $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser_id, $client_group_id, $this->id); } } if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) { diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php index 6121e413d5..df8726fabc 100644 --- a/interface/web/sites/web_vhost_domain_edit.php +++ b/interface/web/sites/web_vhost_domain_edit.php @@ -1386,7 +1386,8 @@ class page_action extends tform_actions { $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); } else { $sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id); - $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser['userid'],$client_group_id, $this->id); + $sysuser_id = (is_array($sysuser) && isset($sysuser['userid']) && $sysuser['userid'] > 0)?$sysuser['userid'],1; + $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser_id, $client_group_id, $this->id); } } if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) { -- GitLab From 9097813c3b418e6669825239496c0702fab4af6e Mon Sep 17 00:00:00 2001 From: Till Brehm Date: Fri, 14 Aug 2020 13:50:35 +0200 Subject: [PATCH 12/12] Fixed Typo --- interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php | 2 +- interface/web/sites/web_vhost_domain_edit.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php index b29ff53ad9..0099b2002b 100644 --- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php +++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php @@ -57,7 +57,7 @@ class sites_web_vhost_domain_plugin { $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); } else { $sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id); - $sysuser_id = (is_array($sysuser) && isset($sysuser['userid']) && $sysuser['userid'] > 0)?$sysuser['userid'],1; + $sysuser_id = (is_array($sysuser) && isset($sysuser['userid']) && $sysuser['userid'] > 0)?$sysuser['userid']:1; $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser_id, $client_group_id, $this->id); } } diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php index df8726fabc..9f39721e45 100644 --- a/interface/web/sites/web_vhost_domain_edit.php +++ b/interface/web/sites/web_vhost_domain_edit.php @@ -1386,7 +1386,7 @@ class page_action extends tform_actions { $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id); } else { $sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id); - $sysuser_id = (is_array($sysuser) && isset($sysuser['userid']) && $sysuser['userid'] > 0)?$sysuser['userid'],1; + $sysuser_id = (is_array($sysuser) && isset($sysuser['userid']) && $sysuser['userid'] > 0)?$sysuser['userid']:1; $app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser_id, $client_group_id, $this->id); } } -- GitLab