diff --git a/install/sql/incremental/upd_dev_collection.sql b/install/sql/incremental/upd_dev_collection.sql index 83949a715434a5b9a4c61e35311c20438804b450..f86f6a93ac675b9c7e17fae3cec251b9b92ba02f 100644 --- a/install/sql/incremental/upd_dev_collection.sql +++ b/install/sql/incremental/upd_dev_collection.sql @@ -30,3 +30,8 @@ UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '999.00' WHERE id = 3; UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '8.00' WHERE id = 6; UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '20.00' WHERE id = 7; -- end of rspamd +ALTER TABLE `client` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL; +ALTER TABLE `ftp_user` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL; +ALTER TABLE `shell_user` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL; +ALTER TABLE `sys_user` CHANGE COLUMN `passwort` `passwort` VARCHAR(200) DEFAULT NULL; +ALTER TABLE `webdav_user` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL; diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql index 5337c2b77a8ec541907fbefa784a138629d06384..59fe668537d1ed0f7da68c27dc95479822b7b45a 100644 --- a/install/sql/ispconfig3.sql +++ b/install/sql/ispconfig3.sql @@ -243,7 +243,7 @@ CREATE TABLE `client` ( `limit_openvz_vm_template_id` int(11) NOT NULL DEFAULT '0', `parent_client_id` int(11) unsigned NOT NULL DEFAULT '0', `username` varchar(64) DEFAULT NULL, - `password` varchar(64) DEFAULT NULL, + `password` varchar(200) DEFAULT NULL, `language` char(2) NOT NULL DEFAULT 'en', `usertheme` varchar(32) NOT NULL DEFAULT 'default', `template_master` int(11) unsigned NOT NULL DEFAULT '0', @@ -705,7 +705,7 @@ CREATE TABLE `ftp_user` ( `parent_domain_id` int(11) unsigned NOT NULL default '0', `username` varchar(64) default NULL, `username_prefix` varchar(50) NOT NULL default '', - `password` varchar(64) default NULL, + `password` varchar(200) default NULL, `quota_size` bigint(20) NOT NULL default '-1', `active` enum('n','y') NOT NULL default 'y', `uid` varchar(64) default NULL, @@ -1440,7 +1440,7 @@ CREATE TABLE `shell_user` ( `parent_domain_id` int(11) unsigned NOT NULL default '0', `username` varchar(64) default NULL, `username_prefix` varchar(50) NOT NULL default '', - `password` varchar(64) default NULL, + `password` varchar(200) default NULL, `quota_size` bigint(20) NOT NULL default '-1', `active` enum('n','y') NOT NULL default 'y', `puser` varchar(255) default NULL, @@ -1869,7 +1869,7 @@ CREATE TABLE `sys_user` ( `sys_perm_group` varchar(5) NOT NULL default 'riud', `sys_perm_other` varchar(5) NOT NULL default '', `username` varchar(64) NOT NULL default '', - `passwort` varchar(64) NOT NULL default '', + `passwort` varchar(200) NOT NULL default '', `modules` varchar(255) NOT NULL default '', `startmodule` varchar(255) NOT NULL default '', `app_theme` varchar(32) NOT NULL default 'default', @@ -1904,7 +1904,7 @@ CREATE TABLE `webdav_user` ( `parent_domain_id` int(11) unsigned NOT NULL DEFAULT '0', `username` varchar(64) DEFAULT NULL, `username_prefix` varchar(50) NOT NULL default '', - `password` varchar(64) DEFAULT NULL, + `password` varchar(200) DEFAULT NULL, `active` enum('n','y') NOT NULL DEFAULT 'y', `dir` varchar(255) DEFAULT NULL, PRIMARY KEY (`webdav_user_id`) diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php index b02ae8526de4f3dcc657df3afe5943582aecb7c6..46f7213240bd452ca1472d0111fd77d80fcda990 100755 --- a/interface/lib/app.inc.php +++ b/interface/lib/app.inc.php @@ -78,7 +78,7 @@ class app { $this->uses($prop); if(property_exists($this, $prop)) return $this->{$prop}; - else return null; + else trigger_error('Undefined property ' . $name . ' of class app', E_USER_WARNING); } public function __destruct() { diff --git a/interface/lib/classes/auth.inc.php b/interface/lib/classes/auth.inc.php index 6658c4c116366177ca09aefb891885cf0ae7dfa2..afe50ac6925f8ea483cb02738be8819da70eb463 100644 --- a/interface/lib/classes/auth.inc.php +++ b/interface/lib/classes/auth.inc.php @@ -231,12 +231,27 @@ class auth { if($charset != 'UTF-8') { $cleartext_password = mb_convert_encoding($cleartext_password, $charset, 'UTF-8'); } - $salt="$1$"; - $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; - for ($n=0;$n<8;$n++) { - $salt.=$base64_alphabet[mt_rand(0, 63)]; + + if(defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) { + $salt = '$6$rounds=5000$'; + $salt_length = 16; + } elseif(defined('CRYPT_SHA256') && CRYPT_SHA256 == 1) { + $salt = '$5$rounds=5000$'; + $salt_length = 16; + } else { + $salt = '$1$'; + $salt_length = 12; + } + + if(function_exists('openssl_random_pseudo_bytes')) { + $salt .= substr(bin2hex(openssl_random_pseudo_bytes($salt_length)), 0, $salt_length); + } else { + $base64_alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./'; + for($n = 0; $n < $salt_length; $n++) { + $salt .= $base64_alphabet[mt_rand(0, 63)]; + } } - $salt.="$"; + $salt .= "$"; return crypt($cleartext_password, $salt); } diff --git a/interface/lib/classes/functions.inc.php b/interface/lib/classes/functions.inc.php index 28ab9ce384da1aad506f2bd7468caa40b0aec7d1..03e331f0f14c22db8632e191e9e6a5346401b693 100644 --- a/interface/lib/classes/functions.inc.php +++ b/interface/lib/classes/functions.inc.php @@ -451,9 +451,9 @@ class functions { if(file_exists($id_rsa_file)) unset($id_rsa_file); if(file_exists($id_rsa_pub_file)) unset($id_rsa_pub_file); if(!file_exists($id_rsa_file) && !file_exists($id_rsa_pub_file)) { - exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f '.$id_rsa_file.' -N ""'); + $app->system->exec_safe('ssh-keygen -t rsa -C ? -f ? -N ""', $username.'-rsa-key-'.time(), $id_rsa_file); $app->db->query("UPDATE client SET created_at = UNIX_TIMESTAMP(), id_rsa = ?, ssh_rsa = ? WHERE client_id = ?", @file_get_contents($id_rsa_file), @file_get_contents($id_rsa_pub_file), $client_id); - exec('rm -f '.$id_rsa_file.' '.$id_rsa_pub_file); + $app->system->exec_safe('rm -f ? ?', $id_rsa_file, $id_rsa_pub_file); } else { $app->log("Failed to create SSH keypair for ".$username, LOGLEVEL_WARN); } diff --git a/interface/lib/classes/remote.d/client.inc.php b/interface/lib/classes/remote.d/client.inc.php index b91909c9d3cf85aca4353217b293d09d4bebe65f..e07e227e60626c3dca9fdc4c4a078fee28db195c 100644 --- a/interface/lib/classes/remote.d/client.inc.php +++ b/interface/lib/classes/remote.d/client.inc.php @@ -604,11 +604,9 @@ class remoting_client extends remoting { if($user) { $saved_password = stripslashes($user['password']); - if(substr($saved_password, 0, 3) == '$1$') { - //* The password is crypt-md5 encrypted - $salt = '$1$'.substr($saved_password, 3, 8).'$'; - - if(crypt(stripslashes($password), $salt) != $saved_password) { + if(preg_match('/^\$[156]\$/', $saved_password)) { + //* The password is crypt encrypted + if(crypt(stripslashes($password), $saved_password) !== $saved_password) { $user = false; } } else { @@ -636,11 +634,9 @@ class remoting_client extends remoting { if($user) { $saved_password = stripslashes($user['passwort']); - if(substr($saved_password, 0, 3) == '$1$') { + if(preg_match('/^\$[156]\$/', $saved_password)) { //* The password is crypt-md5 encrypted - $salt = '$1$'.substr($saved_password, 3, 8).'$'; - - if(crypt(stripslashes($password), $salt) != $saved_password) { + if(crypt(stripslashes($password), $saved_password) != $saved_password) { $user = false; } } else { diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php index 6e551355a690536aa8e938395c110476914ceb3d..e1fc1ada863f1cdc02c89a68dafe6f703096dee9 100644 --- a/interface/lib/classes/remoting.inc.php +++ b/interface/lib/classes/remoting.inc.php @@ -99,28 +99,22 @@ class remoting { if($user) { $saved_password = stripslashes($user['passwort']); - if(substr($saved_password, 0, 3) == '$1$') { + if(preg_match('/^\$[156]\$/', $saved_password)) { //* The password is crypt-md5 encrypted - $salt = '$1$'.substr($saved_password, 3, 8).'$'; - - if(crypt(stripslashes($password), $salt) != $saved_password) { + if(crypt(stripslashes($password), $saved_password) != $saved_password) { throw new SoapFault('client_login_failed', 'The login failed. Username or password wrong.'); - return false; } } else { //* The password is md5 encrypted if(md5($password) != $saved_password) { throw new SoapFault('client_login_failed', 'The login failed. Username or password wrong.'); - return false; } } } else { throw new SoapFault('client_login_failed', 'The login failed. Username or password wrong.'); - return false; } if($user['active'] != 1) { throw new SoapFault('client_login_failed', 'The login failed. User is blocked.'); - return false; } // now we need the client data diff --git a/interface/lib/classes/system.inc.php b/interface/lib/classes/system.inc.php index cef9424a75d61203e57060fb8aee39eb85a14435..ede53034d35da3fe9997b9d8766d309cc3abda1a 100644 --- a/interface/lib/classes/system.inc.php +++ b/interface/lib/classes/system.inc.php @@ -31,6 +31,8 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. class system { var $client_service = null; + private $_last_exec_out = null; + private $_last_exec_retcode = null; public function has_service($userid, $service) { global $app; @@ -52,8 +54,47 @@ class system { return false; } } -} //* End Class - -?> + public function last_exec_out() { + return $this->_last_exec_out; + } + + public function last_exec_retcode() { + return $this->_last_exec_retcode; + } + + public function exec_safe($cmd) { + $arg_count = func_num_args(); + if($arg_count != substr_count($cmd, '?') + 1) { + trigger_error('Placeholder count not matching argument list.', E_USER_WARNING); + return false; + } + if($arg_count > 1) { + $args = func_get_args(); + $pos = 0; + $a = 0; + foreach($args as $value) { + $a++; + + $pos = strpos($cmd, '?', $pos); + if($pos === false) { + break; + } + $value = escapeshellarg($value); + $cmd = substr_replace($cmd, $value, $pos, 1); + $pos += strlen($value); + } + } + + $this->_last_exec_out = null; + $this->_last_exec_retcode = null; + return exec($cmd, $this->_last_exec_out, $this->_last_exec_retcode); + } + + public function system_safe($cmd) { + call_user_func_array(array($this, 'exec_safe'), func_get_args()); + return implode("\n", $this->_last_exec_out); + } + +} //* End Class diff --git a/interface/lib/classes/validate_dkim.inc.php b/interface/lib/classes/validate_dkim.inc.php index 443fe76d7ff7d2012c1c10db90198bfc1024a52e..3fbc28a0a1928809fab86c49b0cdb3117a1f81a4 100644 --- a/interface/lib/classes/validate_dkim.inc.php +++ b/interface/lib/classes/validate_dkim.inc.php @@ -49,10 +49,13 @@ class validate_dkim { * Validator function for private DKIM-Key */ function check_private_key($field_name, $field_value, $validator) { + global $app; + $dkim_enabled=$_POST['dkim']; if ($dkim_enabled == 'y') { if (empty($field_value)) return $this->get_error($validator['errmsg']); - exec('echo '.escapeshellarg($field_value).'|openssl rsa -check', $output, $result); + $app->system->exec_safe('echo ?|openssl rsa -check', $field_value); + $result = $app->system->last_exec_retcode(); if($result != 0) return $this->get_error($validator['errmsg']); } } diff --git a/interface/web/admin/users_edit.php b/interface/web/admin/users_edit.php index 4c5c97409f1dd107fd69786d6dddfa6c05bec71f..7f0c691c4243e3b48e7a261124bdfae2a40dbf98 100644 --- a/interface/web/admin/users_edit.php +++ b/interface/web/admin/users_edit.php @@ -104,6 +104,8 @@ class page_action extends tform_actions { function onAfterUpdate() { global $app, $conf; + $app->uses('auth'); + $client = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ?", $this->id); $client_id = $app->functions->intval($client['client_id']); $username = $this->dataRecord["username"]; @@ -121,13 +123,7 @@ class page_action extends tform_actions { // password changed if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["passwort"]) && $this->dataRecord["passwort"] != '') { $password = $this->dataRecord["passwort"]; - $salt="$1$"; - $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; - for ($n=0;$n<8;$n++) { - $salt.=$base64_alphabet[mt_rand(0, 63)]; - } - $salt.="$"; - $password = crypt(stripslashes($password), $salt); + $password = $app->auth->crypt_password($password); $sql = "UPDATE client SET password = ? WHERE client_id = ? AND username = ?"; $app->db->query($sql, $password, $client_id, $username); } diff --git a/interface/web/client/reseller_edit.php b/interface/web/client/reseller_edit.php index 59699ec163935236f6551864277dc962075c0edb..3078e01fbc47a8c71f1ec1734fa03f642c4b6baf 100644 --- a/interface/web/client/reseller_edit.php +++ b/interface/web/client/reseller_edit.php @@ -200,6 +200,9 @@ class page_action extends tform_actions { */ function onAfterInsert() { global $app, $conf; + + $app->uses('auth'); + // Create the group for the reseller $groupid = $app->db->datalogInsert('sys_group', array("name" => $this->dataRecord["username"], "description" => '', "client_id" => $this->id), 'groupid'); $groups = $groupid; @@ -213,14 +216,8 @@ class page_action extends tform_actions { $active = 1; $language = $this->dataRecord["language"]; - $salt="$1$"; - $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; - for ($n=0;$n<8;$n++) { - $salt.=$base64_alphabet[mt_rand(0, 63)]; - } - $salt.="$"; - $password = crypt(stripslashes($password), $salt); - + $password = $app->auth->crypt_password(stripslashes($password)); + // Create the controlpaneluser for the reseller $sql = "INSERT INTO sys_user (`username`,`passwort`,`modules`,`startmodule`,`app_theme`,`typ`, `active`,`language`,`groups`,`default_group`,`client_id`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; @@ -313,6 +310,8 @@ class page_action extends tform_actions { function onAfterUpdate() { global $app, $conf; + $app->uses('auth'); + // username changed if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) { $username = $this->dataRecord["username"]; @@ -329,13 +328,8 @@ class page_action extends tform_actions { if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') { $password = $this->dataRecord["password"]; $client_id = $this->id; - $salt="$1$"; - $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; - for ($n=0;$n<8;$n++) { - $salt.=$base64_alphabet[mt_rand(0, 63)]; - } - $salt.="$"; - $password = crypt(stripslashes($password), $salt); + + $password = $app->auth->crypt_password(stripslashes($password)); $sql = "UPDATE sys_user SET passwort = ? WHERE client_id = ?"; $app->db->query($sql, $password, $client_id); } diff --git a/interface/web/mail/ajax_get_json.php b/interface/web/mail/ajax_get_json.php index 17fd4cf45a72fdf56a8cdc2dcaf9ff070796fd03..69705ba6f79d80356ecccca62b08b6bbe21e559f 100644 --- a/interface/web/mail/ajax_get_json.php +++ b/interface/web/mail/ajax_get_json.php @@ -54,8 +54,8 @@ if($type == 'create_dkim' && $domain_id != ''){ if ($dkim_strength=='') $dkim_strength = 2048; $rnd_val = $dkim_strength * 10; - exec('openssl rand -out ../../temp/random-data.bin '.$rnd_val.' 2> /dev/null', $output, $result); - exec('openssl genrsa -rand ../../temp/random-data.bin '.$dkim_strength.' 2> /dev/null', $privkey, $result); + $app->system->exec_safe('openssl rand -out ../../temp/random-data.bin '.$rnd_val.' 2> /dev/null', $output, $result); + $app->system->exec_safe('openssl genrsa -rand ../../temp/random-data.bin '.$dkim_strength.' 2> /dev/null', $privkey, $result); unlink("../../temp/random-data.bin"); $dkim_private=''; foreach($privkey as $values) $dkim_private=$dkim_private.$values."\n"; @@ -79,12 +79,14 @@ if($type == 'create_dkim' && $domain_id != ''){ $selector = 'invalid domain or selector'; } unset($dkim_public); - exec('echo '.escapeshellarg($dkim_private).'|openssl rsa -pubout -outform PEM 2> /dev/null',$pubkey,$result); + $app->system->exec_safe('echo ?|openssl rsa -pubout -outform PEM 2> /dev/null', $dkim_private); + $pubkey = $app->system->last_exec_out(); foreach($pubkey as $values) $dkim_public=$dkim_public.$values."\n"; $selector = $dkim_selector; } else { unset($dkim_public); - exec('echo '.escapeshellarg($dkim_private).'|openssl rsa -pubout -outform PEM 2> /dev/null',$pubkey,$result); + $app->system->exec_safe('echo ?|openssl rsa -pubout -outform PEM 2> /dev/null', $dkim_private); + $pubkey = $app->system->last_exec_out(); foreach($pubkey as $values) $dkim_public=$dkim_public.$values."\n"; $selector = $dkim_selector; } diff --git a/interface/web/mail/mail_blacklist_del.php b/interface/web/mail/mail_blacklist_del.php index 3cb83a50a00dcc3859335bc5f7e3df4546c1994b..d3bbc5d5d581991078d44997aa583d1550243181 100644 --- a/interface/web/mail/mail_blacklist_del.php +++ b/interface/web/mail/mail_blacklist_del.php @@ -42,6 +42,9 @@ $tform_def_file = "form/mail_blacklist.tform.php"; require_once '../../lib/config.inc.php'; require_once '../../lib/app.inc.php'; + +if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin priveliges'); + //* Check permissions for module $app->auth->check_module_permissions('mail'); diff --git a/interface/web/mail/mail_blacklist_edit.php b/interface/web/mail/mail_blacklist_edit.php index f7e2d15e3f519c1c79690b5b0fd0a47ba0107eb9..e2f284a34ed84df3a0c397aee67107eeabb15468 100644 --- a/interface/web/mail/mail_blacklist_edit.php +++ b/interface/web/mail/mail_blacklist_edit.php @@ -53,16 +53,7 @@ class page_action extends tform_actions { function onShowNew() { global $app, $conf; - // we will check only users, not admins - if($_SESSION["s"]["user"]["typ"] == 'user') { - if(!$app->tform->checkClientLimit('limit_mailfilter')) { - $app->error($app->tform->wordbook["limit_mailfilter_txt"]); - } - if(!$app->tform->checkResellerLimit('limit_mailfilter')) { - $app->error('Reseller: '.$app->tform->wordbook["limit_mailfilter_txt"]); - } - } - + if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges'); parent::onShowNew(); } @@ -70,6 +61,8 @@ class page_action extends tform_actions { function onBeforeUpdate() { global $app, $conf; + if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges'); + //* Check if the server has been changed // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { @@ -86,24 +79,10 @@ class page_action extends tform_actions { function onSubmit() { global $app, $conf; + if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges'); + if(substr($this->dataRecord['source'], 0, 1) === '@') $this->dataRecord['source'] = substr($this->dataRecord['source'], 1); - // Check the client limits, if user is not the admin - if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin - // Get the limits of the client - $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); - $client = $app->db->queryOneRecord("SELECT limit_mailfilter FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?" , $client_group_id); - - // Check if the user may add another mailbox. - if($this->id == 0 && $client["limit_mailfilter"] >= 0) { - $tmp = $app->db->queryOneRecord("SELECT count(access_id) as number FROM mail_access WHERE sys_groupid = ?", $client_group_id); - if($tmp["number"] >= $client["limit_mailfilter"]) { - $app->tform->errorMessage .= $app->tform->wordbook["limit_mailfilter_txt"]."
"; - } - unset($tmp); - } - } // end if user is not admin - parent::onSubmit(); } diff --git a/interface/web/mail/mail_blacklist_list.php b/interface/web/mail/mail_blacklist_list.php index cf1e50ddaaf5a319cc605f1376ac47d0e6921a4a..2bdc1e93b8270148285eb4d705dfa7b47cadcfce 100644 --- a/interface/web/mail/mail_blacklist_list.php +++ b/interface/web/mail/mail_blacklist_list.php @@ -12,6 +12,8 @@ $list_def_file = "list/mail_blacklist.list.php"; * End Form configuration ******************************************/ +if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin priveliges'); + //* Check permissions for module $app->auth->check_module_permissions('mail'); diff --git a/interface/web/mail/mail_whitelist_del.php b/interface/web/mail/mail_whitelist_del.php index 94be228f67035481bbfc4dd24057b325ce8a8445..2294f4486806d41ffc7777d5bec207ae9c519c48 100644 --- a/interface/web/mail/mail_whitelist_del.php +++ b/interface/web/mail/mail_whitelist_del.php @@ -42,6 +42,8 @@ $tform_def_file = "form/mail_whitelist.tform.php"; require_once '../../lib/config.inc.php'; require_once '../../lib/app.inc.php'; +if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin priveliges'); + //* Check permissions for module $app->auth->check_module_permissions('mail'); diff --git a/interface/web/mail/mail_whitelist_edit.php b/interface/web/mail/mail_whitelist_edit.php index 9bb04fab7a21155e9197893106ce9801751ec6e3..2cf56b1ec451626491830f41acb54196341d6505 100644 --- a/interface/web/mail/mail_whitelist_edit.php +++ b/interface/web/mail/mail_whitelist_edit.php @@ -53,55 +53,33 @@ class page_action extends tform_actions { function onShowNew() { global $app, $conf; - // we will check only users, not admins - if($_SESSION["s"]["user"]["typ"] == 'user') { - if(!$app->tform->checkClientLimit('limit_mailfilter')) { - $app->error($app->tform->wordbook["limit_mailfilter_txt"]); - } - if(!$app->tform->checkResellerLimit('limit_mailfilter')) { - $app->error('Reseller: '.$app->tform->wordbook["limit_mailfilter_txt"]); - } - } - + if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges'); + parent::onShowNew(); } function onBeforeUpdate() { global $app, $conf; + if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges'); + //* Check if the server has been changed // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway - if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) { - $rec = $app->db->queryOneRecord("SELECT server_id from mail_access WHERE access_id = ?", $this->id); - if($rec['server_id'] != $this->dataRecord["server_id"]) { - //* Add a error message and switch back to old server - $app->tform->errorMessage .= $app->lng('The Server can not be changed.'); - $this->dataRecord["server_id"] = $rec['server_id']; - } - unset($rec); + $rec = $app->db->queryOneRecord("SELECT server_id from mail_access WHERE access_id = ?", $this->id); + if($rec['server_id'] != $this->dataRecord["server_id"]) { + //* Add a error message and switch back to old server + $app->tform->errorMessage .= $app->lng('The Server can not be changed.'); + $this->dataRecord["server_id"] = $rec['server_id']; } + unset($rec); } function onSubmit() { global $app, $conf; + if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges'); + if(substr($this->dataRecord['source'], 0, 1) === '@') $this->dataRecord['source'] = substr($this->dataRecord['source'], 1); - - // Check the client limits, if user is not the admin - if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin - // Get the limits of the client - $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); - $client = $app->db->queryOneRecord("SELECT limit_mailfilter FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id); - - // Check if the user may add another mailbox. - if($this->id == 0 && $client["limit_mailfilter"] >= 0) { - $tmp = $app->db->queryOneRecord("SELECT count(access_id) as number FROM mail_access WHERE sys_groupid = ?", $client_group_id); - if($tmp["number"] >= $client["limit_mailfilter"]) { - $app->tform->errorMessage .= $app->tform->wordbook["limit_mailfilter_txt"]."
"; - } - unset($tmp); - } - } // end if user is not admin parent::onSubmit(); } diff --git a/interface/web/mail/mail_whitelist_list.php b/interface/web/mail/mail_whitelist_list.php index 4fd33dd977b0259f46c83c2f2634ff787a9f7910..1a09b6b16578dd81455536a425d110597ed99168 100644 --- a/interface/web/mail/mail_whitelist_list.php +++ b/interface/web/mail/mail_whitelist_list.php @@ -12,6 +12,8 @@ $list_def_file = "list/mail_whitelist.list.php"; * End Form configuration ******************************************/ +if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin priveliges'); + //* Check permissions for module $app->auth->check_module_permissions('mail'); diff --git a/interface/web/sites/form/ftp_user.tform.php b/interface/web/sites/form/ftp_user.tform.php index 239bfdb8583a7ec0a6e52b699a7ed98164dcbcb9..5e77de4b5f3f1ec74d975fbd2c292dbf4c9f939c 100644 --- a/interface/web/sites/form/ftp_user.tform.php +++ b/interface/web/sites/form/ftp_user.tform.php @@ -276,7 +276,10 @@ if($app->auth->is_admin()) { 'formtype' => 'TEXT', 'validators' => array ( 0 => array ( 'type' => 'NOTEMPTY', 'errmsg'=> 'directory_error_empty'), - 1 => array ( 'type' => 'CUSTOM', + 1 => array ( 'type' => 'REGEX', + 'regex' => '/^\/[a-zA-Z0-9\ \.\-\_\/]{10,128}$/', + 'errmsg'=> 'directory_error_regex'), + 2 => array ( 'type' => 'CUSTOM', 'class' => 'validate_ftpuser', 'function' => 'ftp_dir', 'errmsg' => 'directory_error_notinweb'), diff --git a/server/lib/app.inc.php b/server/lib/app.inc.php index 86df2a86f6b43181d8ba137a326d8cbf3fd643de..146f2465c066813216796646c2dad553b1590062 100644 --- a/server/lib/app.inc.php +++ b/server/lib/app.inc.php @@ -69,6 +69,22 @@ class app { } + public function __get($name) { + $valid_names = array('functions', 'getconf', 'letsencrypt', 'modules', 'plugins', 'services', 'system'); + if(!in_array($name, $valid_names)) { + trigger_error('Undefined property ' . $name . ' of class app', E_USER_WARNING); + } + if(property_exists($this, $name)) { + return $this->{$name}; + } + $this->uses($name); + if(property_exists($this, $name)) { + return $this->{$name}; + } else { + trigger_error('Undefined property ' . $name . ' of class app', E_USER_WARNING); + } + } + function setCaller($caller) { $this->_calling_script = $caller; } diff --git a/server/lib/classes/aps_installer.inc.php b/server/lib/classes/aps_installer.inc.php index 9b601d90b341d5f7722da5468a55e74d1961da24..922f32e61288664e8b8dd464e4f3d3f2e8cb9d99 100644 --- a/server/lib/classes/aps_installer.inc.php +++ b/server/lib/classes/aps_installer.inc.php @@ -395,7 +395,7 @@ class ApsInstaller extends ApsBase mkdir($this->document_root, 0777, true); } } else { - exec("rm -Rf ".escapeshellarg($this->local_installpath).'*'); + $app->system->exec_safe("rm -Rf ?*", $this->local_installpath); } } else { mkdir($this->local_installpath, 0777, true); @@ -412,7 +412,7 @@ class ApsInstaller extends ApsBase || ($this->extractZip($this->packages_dir.'/'.$task['path'], 'scripts', $this->local_installpath.'install_scripts/') === false) ) { // Clean already extracted data - exec("rm -Rf ".escapeshellarg($this->local_installpath).'*'); + $app->system->exec_safe("rm -Rf ?*", $this->local_installpath); throw new Exception('Unable to extract the package '.$task['path']); } @@ -423,11 +423,11 @@ class ApsInstaller extends ApsBase $owner_res = $app->db->queryOneRecord("SELECT system_user, system_group FROM web_domain WHERE domain = ?", $main_domain['value']); $this->file_owner_user = $owner_res['system_user']; $this->file_owner_group = $owner_res['system_group']; - exec('chown -R '.$this->file_owner_user.':'.$this->file_owner_group.' '.escapeshellarg($this->local_installpath)); + $app->system->exec_safe('chown -R ?:? ?', $this->file_owner_user, $this->file_owner_group, $this->local_installpath); //* Chown stats directory back if(is_dir($this->local_installpath.'stats')) { - exec('chown -R root:root '.escapeshellarg($this->local_installpath.'stats')); + $app->system->exec_safe('chown -R root:root ?', $this->local_installpath.'stats'); } } } @@ -544,7 +544,6 @@ class ApsInstaller extends ApsBase chmod($this->local_installpath.'install_scripts/'.$cfgscript, 0755); // Change to the install folder (import for the exec() below!) - //exec('chown -R '.$this->file_owner_user.':'.$this->file_owner_group.' '.escapeshellarg($this->local_installpath)); chdir($this->local_installpath.'install_scripts/'); // Set the enviroment variables @@ -554,7 +553,9 @@ class ApsInstaller extends ApsBase $shell_retcode = true; $shell_ret = array(); - exec('php '.escapeshellarg($this->local_installpath.'install_scripts/'.$cfgscript).' install 2>&1', $shell_ret, $shell_retcode); + $app->system->exec_safe('php ? install 2>&1', $this->local_installpath.'install_scripts/'.$cfgscript); + $shell_ret = $app->system->last_exec_out(); + $shell_retcode = $app->system->last_exec_retcode(); $shell_ret = array_filter($shell_ret); $shell_ret_str = implode("\n", $shell_ret); @@ -566,11 +567,11 @@ class ApsInstaller extends ApsBase else { // The install succeeded, chown newly created files too - exec('chown -R '.$this->file_owner_user.':'.$this->file_owner_group.' '.escapeshellarg($this->local_installpath)); + $app->system->exec_safe('chown -R ?:? ?', $this->file_owner_user, $this->file_owner_group, $this->local_installpath); //* Chown stats directory back if(is_dir($this->local_installpath.'stats')) { - exec('chown -R root:root '.escapeshellarg($this->local_installpath.'stats')); + $app->system->exec_safe('chown -R root:root ?', $this->local_installpath.'stats'); } $app->dbmaster->query('UPDATE aps_instances SET instance_status = ? WHERE id = ?', INSTANCE_SUCCESS, $task['instance_id']); @@ -597,8 +598,9 @@ class ApsInstaller extends ApsBase */ private function cleanup($task, $sxe) { + global $app; chdir($this->local_installpath); - exec("rm -Rf ".escapeshellarg($this->local_installpath).'install_scripts'); + $app->system->exec_safe("rm -Rf ?", $this->local_installpath.'install_scripts'); } diff --git a/server/lib/classes/cron.d/100-monitor_email_quota.inc.php b/server/lib/classes/cron.d/100-monitor_email_quota.inc.php index 75014c347def49072f048b235c5afadaa976feb5..8adf7c7253f37a0ba03edc09065da8a38c1468fd 100644 --- a/server/lib/classes/cron.d/100-monitor_email_quota.inc.php +++ b/server/lib/classes/cron.d/100-monitor_email_quota.inc.php @@ -90,7 +90,7 @@ class cronjob_monitor_email_quota extends cronjob { $email_parts = explode('@', $mb['email']); $filename = $mb['maildir'].'/.quotausage'; if(!file_exists($filename) && $dovecot) { - exec('doveadm quota recalc -u '.$email); + $app->system->exec_safe('doveadm quota recalc -u ?', $email); } if(file_exists($filename) && !is_link($filename)) { $quotafile = file($filename); @@ -99,7 +99,8 @@ class cronjob_monitor_email_quota extends cronjob { $app->log("Mail storage $email: " . $storage_value[1], LOGLEVEL_DEBUG); unset($quotafile); } else { - exec('du -s '.escapeshellcmd($mb['maildir']), $out); + $app->system->exec_safe('du -s ?', $mb['maildir']); + $out = $app->system->last_exec_out(); $parts = explode(' ', $out[0]); $data[$email]['used'] = intval($parts[0])*1024; unset($out); diff --git a/server/lib/classes/cron.d/150-awstats.inc.php b/server/lib/classes/cron.d/150-awstats.inc.php index 2d281c7d39acdaee7c736522fc81792e2754de65..0b1cbd5a445f1318f57ddb8127e6337d37a50253 100644 --- a/server/lib/classes/cron.d/150-awstats.inc.php +++ b/server/lib/classes/cron.d/150-awstats.inc.php @@ -71,16 +71,16 @@ class cronjob_awstats extends cronjob { $log_folder .= '/' . $subdomain_host; unset($tmp); } - $logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log'); + $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log'; if(!@is_file($logfile)) { - $logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz'); + $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz'; if(!@is_file($logfile)) { continue; } } $web_folder = (($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') ? $rec['web_folder'] : 'web'); - $domain = escapeshellcmd($rec['domain']); - $statsdir = escapeshellcmd($rec['document_root'].'/'.$web_folder.'/stats'); + $domain = $rec['domain']; + $statsdir = $rec['document_root'].'/'.$web_folder.'/stats'; $awstats_pl = $web_config['awstats_pl']; $awstats_buildstaticpages_pl = $web_config['awstats_buildstaticpages_pl']; @@ -117,8 +117,8 @@ class cronjob_awstats extends cronjob { } if(!@is_dir($statsdir)) mkdir($statsdir); - $username = escapeshellcmd($rec['system_user']); - $groupname = escapeshellcmd($rec['system_group']); + $username = $rec['system_user']; + $groupname = $rec['system_group']; chown($statsdir, $username); chgrp($statsdir, $groupname); if(is_link('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log')) unlink('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log'); @@ -138,7 +138,7 @@ class cronjob_awstats extends cronjob { // awstats_buildstaticpages.pl -update -config=mydomain.com -lang=en -dir=/var/www/domain.com/'.$web_folder.'/stats -awstatsprog=/path/to/awstats.pl // $command = "$awstats_buildstaticpages_pl -update -config='$domain' -lang=".$conf['language']." -dir='$statsdir' -awstatsprog='$awstats_pl'"; - $command = "$awstats_buildstaticpages_pl -month='$awmonth' -year='$awyear' -update -config='$domain' -lang=".$conf['language']." -dir='$statsdir' -awstatsprog='$awstats_pl'"; + $command = escapeshellcmd($awstats_buildstaticpages_pl) . ' -month=' . escapeshellarg($awmonth) . ' -year=' . escapeshellarg($awyear) . ' -update -config=' . escapeshellarg($domain) . ' -lang=' . escapeshellarg($conf['language']) . ' -dir=' . escapeshellarg($statsdir) . ' -awstatsprog=' . escapeshellarg($awstats_pl); if (date("d") == 2) { $awmonth = date("m")-1; @@ -178,7 +178,7 @@ class cronjob_awstats extends cronjob { chgrp($rec['document_root']."/".$web_folder."/stats/index.php", $rec['system_group']); } - exec('chown -R '.$username.':'.$groupname.' '.$statsdir); + $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $statsdir); } diff --git a/server/lib/classes/cron.d/150-webalizer.inc.php b/server/lib/classes/cron.d/150-webalizer.inc.php index 0ae05dd6823e3d6762360957f9e7859244a92070..42aa125e0f9b427883196bf2d511e25a3ad6d182 100644 --- a/server/lib/classes/cron.d/150-webalizer.inc.php +++ b/server/lib/classes/cron.d/150-webalizer.inc.php @@ -94,19 +94,19 @@ class cronjob_webalizer extends cronjob { $log_folder .= '/' . $subdomain_host; unset($tmp); } - $logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log'); + $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log'; if(!@is_file($logfile)) { - $logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz'); + $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz'; if(!@is_file($logfile)) { continue; } } - $domain = escapeshellcmd($rec['domain']); - $statsdir = escapeshellcmd($rec['document_root'].'/'.(($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') ? $rec['web_folder'] : 'web').'/stats'); + $domain = $rec['domain']; + $statsdir = $rec['document_root'].'/'.(($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') ? $rec['web_folder'] : 'web').'/stats'; $webalizer = '/usr/bin/webalizer'; $webalizer_conf_main = '/etc/webalizer/webalizer.conf'; - $webalizer_conf = escapeshellcmd($rec['document_root'].'/log/webalizer.conf'); + $webalizer_conf = $rec['document_root'].'/log/webalizer.conf'; if(is_file($statsdir.'/index.php')) unlink($statsdir.'/index.php'); @@ -122,13 +122,13 @@ class cronjob_webalizer extends cronjob { if(!@is_dir($statsdir)) mkdir($statsdir); - $username = escapeshellcmd($rec['system_user']); - $groupname = escapeshellcmd($rec['system_group']); + $username = $rec['system_user']; + $groupname = $rec['system_group']; chown($statsdir, $username); chgrp($statsdir, $groupname); - exec("$webalizer -c $webalizer_conf -n $domain -s $domain -r $domain -q -T -p -o $statsdir $logfile"); + $app->system->exec_safe("$webalizer -c ? -n ? -s ? -r ? -q -T -p -o ? ?", $webalizer_conf, $domain, $domain, $domain, $statsdir, $logfile); - exec('chown -R '.$username.':'.$groupname.' '.$statsdir); + exec('chown -R ?:? ?', $username, $groupname, $statsdir); } diff --git a/server/lib/classes/cron.d/200-logfiles.inc.php b/server/lib/classes/cron.d/200-logfiles.inc.php index 6f38f0b403d66dee84f581dad70ed70e5bf21a5d..b229c76a8acd93f78bad8985dc583a1017ca0e99 100644 --- a/server/lib/classes/cron.d/200-logfiles.inc.php +++ b/server/lib/classes/cron.d/200-logfiles.inc.php @@ -54,7 +54,7 @@ class cronjob_logfiles extends cronjob { $server_config = $app->getconf->get_server_config($conf['server_id'], 'server'); if($server_config['log_retention'] > 0) { - $max_syslog = $server_config['log_retention']; + $max_syslog = $app->functions->intval($server_config['log_retention']); } else { $max_syslog = 10; } @@ -113,18 +113,18 @@ class cronjob_logfiles extends cronjob { } $yesterday2 = date('Ymd', time() - 86400*2); - $logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/'.$yesterday2.'-access.log'); + $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday2.'-access.log'; //* Compress logfile if(@is_file($logfile)) { // Compress yesterdays logfile - exec("gzip -c $logfile > $logfile.gz"); + $app->system->exec_safe("gzip -c ? > ?", $logfile, $logfile . '.gz'); unlink($logfile); } $cron_logfiles = array('cron.log', 'cron_error.log', 'cron_wget.log'); foreach($cron_logfiles as $cron_logfile) { - $cron_logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/' . $cron_logfile); + $cron_logfile = $rec['document_root'].'/' . $log_folder . '/' . $cron_logfile; // rename older files (move up by one) $num = $log_retention; @@ -135,8 +135,8 @@ class cronjob_logfiles extends cronjob { // compress current logfile if(is_file($cron_logfile)) { - exec("gzip -c $cron_logfile > $cron_logfile.1.gz"); - exec("cat /dev/null > $cron_logfile"); + $app->system->exec_safe("gzip -c ? > ?", $cron_logfile, $cron_logfile . '.1.gz'); + $app->system->exec_safe("cat /dev/null > ?", $cron_logfile); } // remove older logs $num = $log_retention; @@ -147,7 +147,7 @@ class cronjob_logfiles extends cronjob { } // rotate and compress the error.log - $error_logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/error.log'); + $error_logfile = $rec['document_root'].'/' . $log_folder . '/error.log'; // rename older files (move up by one) $num = $log_retention; while($num >= 1) { @@ -156,8 +156,8 @@ class cronjob_logfiles extends cronjob { } // compress current logfile if(is_file($error_logfile)) { - exec("gzip -c $error_logfile > $error_logfile.1.gz"); - exec("cat /dev/null > $error_logfile"); + $app->system->exec_safe("gzip -c ? > ?", $error_logfile, $error_logfile . '.1.gz'); + $app->system->exec_safe("cat /dev/null > ?", $error_logfile); } // delete logfiles after x days (default 10) @@ -175,7 +175,7 @@ class cronjob_logfiles extends cronjob { //* Delete old logfiles in /var/log/ispconfig/httpd/ that were created by vlogger for the hostname of the server exec('hostname -f', $tmp_hostname); if($tmp_hostname[0] != '' && is_dir('/var/log/ispconfig/httpd/'.$tmp_hostname[0])) { - exec('cd /var/log/ispconfig/httpd/'.$tmp_hostname[0]."; find . -mtime +$max_syslog -name '*.log' | xargs rm > /dev/null 2> /dev/null"); + $app->system->exec_safe("cd ?; find . -mtime +$max_syslog -name '*.log' | xargs rm > /dev/null 2> /dev/null", '/var/log/ispconfig/httpd/'.$tmp_hostname[0]); } unset($tmp_hostname); @@ -187,7 +187,7 @@ class cronjob_logfiles extends cronjob { $ispconfig_logfiles = array('ispconfig.log', 'cron.log', 'auth.log'); foreach($ispconfig_logfiles as $ispconfig_logfile) { $num = $max_syslog; - $ispconfig_logfile = escapeshellcmd($conf['ispconfig_log_dir'].'/'.$ispconfig_logfile); + $ispconfig_logfile = $conf['ispconfig_log_dir'].'/'.$ispconfig_logfile; // rename older files (move up by one) while($num >= 1) { if(is_file($ispconfig_logfile . '.' . $num . '.gz')) rename($ispconfig_logfile . '.' . $num . '.gz', $ispconfig_logfile . '.' . ($num + 1) . '.gz'); @@ -195,8 +195,8 @@ class cronjob_logfiles extends cronjob { } // compress current logfile if(is_file($ispconfig_logfile)) { - exec("gzip -c $ispconfig_logfile > $ispconfig_logfile.1.gz"); - exec("cat /dev/null > $ispconfig_logfile"); + $app->system->exec_safe("gzip -c ? > ?", $ispconfig_logfile, $ispconfig_logfile . '.1.gz'); + $app->system->exec_safe("cat /dev/null > ?", $ispconfig_logfile); } // remove older logs $num = $max_syslog; @@ -215,9 +215,9 @@ class cronjob_logfiles extends cronjob { $app->uses('system'); if(is_array($records)) { foreach($records as $rec){ - $tmp_path = realpath(escapeshellcmd($rec['document_root'].'/tmp')); + $tmp_path = realpath($rec['document_root'].'/tmp'); if($tmp_path != '' && strlen($tmp_path) > 10 && is_dir($tmp_path) && $app->system->is_user($rec['system_user'])){ - exec('cd '.$tmp_path."; find . -mtime +1 -name 'sess_*' | grep -v -w .no_delete | xargs rm > /dev/null 2> /dev/null"); + exec("cd ?; find . -mtime +1 -name 'sess_*' | grep -v -w .no_delete | xargs rm > /dev/null 2> /dev/null", $tmp_path); } } } diff --git a/server/lib/classes/cron.d/500-backup.inc.php b/server/lib/classes/cron.d/500-backup.inc.php index 77b355fe6eeb08a0754e6aaea912e49f9e054182..579e0174ba4a7a2c56dcf7c77bdd9d3d14c21399 100644 --- a/server/lib/classes/cron.d/500-backup.inc.php +++ b/server/lib/classes/cron.d/500-backup.inc.php @@ -69,9 +69,9 @@ class cronjob_backup extends cronjob { } if(!is_dir($backup_dir)) { - mkdir(escapeshellcmd($backup_dir), $backup_dir_permissions, true); + mkdir($backup_dir, $backup_dir_permissions, true); } else { - chmod(escapeshellcmd($backup_dir), $backup_dir_permissions); + chmod($backup_dir, $backup_dir_permissions); } $run_backups = true; //* mount backup directory, if necessary @@ -127,16 +127,20 @@ class cronjob_backup extends cronjob { if($backup_mode == 'userzip') { //* Create a .zip backup as web user and include also files owned by apache / nginx user $web_backup_file = 'web'.$web_id.'_'.date('Y-m-d_H-i').'.zip'; - exec('cd '.escapeshellarg($web_path).' && sudo -u '.escapeshellarg($web_user).' find . -group '.escapeshellarg($web_group).' -print 2> /dev/null | zip -b '.escapeshellarg($backup_tmp).' --exclude=./backup\*'.$backup_excludes.' --symlinks '.escapeshellarg($web_backup_dir.'/'.$web_backup_file).' -@', $tmp_output, $retval); - if($retval == 0 || $retval == 12) exec('cd '.escapeshellarg($web_path).' && sudo -u '.escapeshellarg($web_user).' find . -user '.escapeshellarg($http_server_user).' -print 2> /dev/null | zip -b '.escapeshellarg($backup_tmp).' --exclude=./backup\*'.$backup_excludes.' --update --symlinks '.escapeshellarg($web_backup_dir.'/'.$web_backup_file).' -@', $tmp_output, $retval); + $app->system->exec_safe('cd ? && sudo -u ? find . -group ? -print 2> /dev/null | zip -b ? --exclude=./backup\*'.$backup_excludes.' --symlinks ? -@', $web_path, $web_user, $web_group, $backup_tmp, $web_backup_dir.'/'.$web_backup_file); + $retval = $app->system->last_exec_retcode(); + if($retval == 0 || $retval == 12) $app->system->exec_safe('cd ? && sudo -u ? find . -user ? -print 2> /dev/null | zip -b ? --exclude=./backup\*'.$backup_excludes.' --update --symlinks ? -@', $web_path, $web_user, $http_server_user, $backup_tmp, $web_backup_dir.'/'.$web_backup_file); + $retval = $app->system->last_exec_retcode(); } else { //* Create a tar.gz backup as root user $web_backup_file = 'web'.$web_id.'_'.date('Y-m-d_H-i').'.tar.gz'; if ($use_pigz) { - exec('tar pcf - --directory '.escapeshellarg($web_path).' . --exclude=./backup\*'.$backup_excludes.' | pigz > '.escapeshellarg($web_backup_dir.'/'.$web_backup_file), $tmp_output, $retval); + $app->system->exec_safe('tar pcf - --directory ? . --exclude=./backup\*'.$backup_excludes.' | pigz > ?', $web_path, $web_backup_dir.'/'.$web_backup_file); + $retval = $app->system->last_exec_retcode(); } else { - exec('tar pczf '.escapeshellarg($web_backup_dir.'/'.$web_backup_file).' --exclude=./backup\*'.$backup_excludes.' --directory '.escapeshellarg($web_path).' .', $tmp_output, $retval); -} + $app->system->exec_safe('tar pczf ? --exclude=./backup\*'.$backup_excludes.' --directory ? .', $web_backup_dir.'/'.$web_backup_file, $web_path); + $retval = $app->system->last_exec_retcode(); + } } if($retval == 0 || ($backup_mode != 'userzip' && $retval == 1) || ($backup_mode == 'userzip' && $retval == 12)) { // tar can return 1, zip can return 12(due to harmless warings) and still create valid backups if(is_file($web_backup_dir.'/'.$web_backup_file)){ @@ -256,13 +260,16 @@ class cronjob_backup extends cronjob { $db_id = $rec['database_id']; $db_name = $rec['database_name']; $db_backup_file = 'db_'.$db_name.'_'.date('Y-m-d_H-i').'.sql'; - //$command = "mysqldump -h '".escapeshellcmd($clientdb_host)."' -u '".escapeshellcmd($clientdb_user)."' -p'".escapeshellcmd($clientdb_password)."' -c --add-drop-table --create-options --quick --result-file='".$db_backup_dir.'/'.$db_backup_file."' '".$db_name."'"; - $command = "mysqldump -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." -c --add-drop-table --create-options --quick --max_allowed_packet=512M ".$mysqldump_routines." --result-file='".$db_backup_dir.'/'.$db_backup_file."' '".$db_name."'"; - exec($command, $tmp_output, $retval); - + $command = "mysqldump -h ? -u ? -p? -c --add-drop-table --create-options --quick --max_allowed_packet=512M ".$mysqldump_routines." --result-file=? ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $db_backup_dir.'/'.$db_backup_file, $db_name); + $retval = $app->system->last_exec_retcode(); + //* Compress the backup with gzip / pigz - if($retval == 0) exec("$zip_cmd -c '".escapeshellcmd($db_backup_dir.'/'.$db_backup_file)."' > '".escapeshellcmd($db_backup_dir.'/'.$db_backup_file).".gz'", $tmp_output, $retval); - + if($retval == 0) { + $app->system->exec_safe("$zip_cmd -c ? > ?", $db_backup_dir.'/'.$db_backup_file, $db_backup_dir.'/'.$db_backup_file . '.gz'); + $retval = $app->system->last_exec_retcode(); + } + if($retval == 0){ if(is_file($db_backup_dir.'/'.$db_backup_file.'.gz')){ chmod($db_backup_dir.'/'.$db_backup_file.'.gz', 0750); diff --git a/server/lib/classes/cron.d/500-backup_mail.inc.php b/server/lib/classes/cron.d/500-backup_mail.inc.php index b05caf70d70af4fc6c86c9c1c3243bf834b2242c..234f02771db841d194e38f3e5050b4e6004e5868 100644 --- a/server/lib/classes/cron.d/500-backup_mail.inc.php +++ b/server/lib/classes/cron.d/500-backup_mail.inc.php @@ -69,9 +69,9 @@ class cronjob_backup_mail extends cronjob { $records = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE server_id = ? AND maildir != ''", intval($conf['server_id'])); if(is_array($records) && $run_backups) { if(!is_dir($backup_dir)) { - mkdir(escapeshellcmd($backup_dir), $backup_dir_permissions, true); + mkdir($backup_dir, $backup_dir_permissions, true); } else { - chmod(escapeshellcmd($backup_dir), $backup_dir_permissions); + chmod($backup_dir, $backup_dir_permissions); } system('which pigz > /dev/null', $ret); if($ret === 0) { @@ -122,24 +122,28 @@ class cronjob_backup_mail extends cronjob { if ($rec['maildir_format'] == 'mdbox') { if (empty($this->tmp_backup_dir)) $this->tmp_backup_dir = $rec['maildir']; // Create temporary backup-mailbox - exec("su -c 'dsync backup -u \"".$rec["email"]."\" mdbox:".$this->tmp_backup_dir."/backup'", $tmp_output, $retval); + $app->system->exec_safe("su -c ?", 'dsync backup -u "'.$rec["email"].'" mdbox:' . $this->tmp_backup_dir . '/backup'); if($backup_mode == 'userzip') { $mail_backup_file.='.zip'; - exec('cd '.$this->tmp_backup_dir.' && zip '.$mail_backup_dir.'/'.$mail_backup_file.' -b '.escapeshellarg($backup_tmp).' -r backup > /dev/null && rm -rf backup', $tmp_output, $retval); - } - else { + $app->system->exec_safe('cd ? && zip ? -b ? -r backup > /dev/null && rm -rf backup', $this->tmp_backup_dir, $mail_backup_dir.'/'.$mail_backup_file, $backup_tmp); + $retval = $app->system->last_exec_retcode(); + } else { $mail_backup_file.='.tar.gz'; if ($use_pigz) { - exec('tar pcf - --directory '.escapeshellarg($this->tmp_backup_dir).' backup | pigz > '.$mail_backup_dir.'/'.$mail_backup_file.' && rm -rf '.$this->tmp_backup_dir.'/backup', $tmp_output, $retval); + $app->system->exec_safe('tar pcf - --directory ? backup | pigz > ? && rm -rf ?', $this->tmp_backup_dir, $mail_backup_dir.'/'.$mail_backup_file, $this->tmp_backup_dir.'/backup'); + $retval = $app->system->last_exec_retcode(); } else { - exec(escapeshellcmd('tar pczf '.$mail_backup_dir.'/'.$mail_backup_file.' --directory '.$this->tmp_backup_dir.' backup && rm -rf '.$this->tmp_backup_dir.'/backup'), $tmp_output, $retval); + $app->system->exec_safe('tar pczf ? --directory ? backup && rm -rf ?', $mail_backup_dir.'/'.$mail_backup_file, $this->tmp_backup_dir, $this->tmp_backup_dir.'/backup'); + $retval = $app->system->last_exec_retcode(); } } if ($retval != 0) { // Cleanup - if (file_exists($this->tmp_backup_dir.'/backup')) exec('rm -rf '.$this->tmp_backup_dir.'/backup'); + if(file_exists($this->tmp_backup_dir . '/backup')) { + $app->system->exec_safe('rm -rf ?', $this->tmp_backup_dir . '/backup'); + } } } else { @@ -154,15 +158,17 @@ class cronjob_backup_mail extends cronjob { //* create archives if($backup_mode == 'userzip') { $mail_backup_file.='.zip'; - exec('cd '.$domain_dir.' && zip '.$mail_backup_dir.'/'.$mail_backup_file.' -b '.escapeshellarg($backup_tmp).' -r '.$source_dir.' > /dev/null', $tmp_output, $retval); + $app->system->exec_safe('cd ? && zip ? -b ? -r ? > /dev/null', $domain_dir, $mail_backup_dir.'/'.$mail_backup_file, $backup_tmp, $source_dir); + $retval = $app->system->last_exec_retcode(); } else { /* Create a tar.gz backup */ $mail_backup_file.='.tar.gz'; if ($use_pigz) { - exec('tar pcf - --directory '.escapeshellarg($domain_dir).' '.escapeshellarg($source_dir).' | pigz > '.$mail_backup_dir.'/'.$mail_backup_file, $tmp_output, $retval); + $app->system->exec_safe('tar pcf - --directory ? ? | pigz > ?', $domain_dir, $source_dir, $mail_backup_dir.'/'.$mail_backup_file); } else { - exec(escapeshellcmd('tar pczf '.$mail_backup_dir.'/'.$mail_backup_file.' --directory '.$domain_dir.' '.$source_dir), $tmp_output, $retval); + $app->system->exec_safe('tar pczf ? --directory ? ?', $mail_backup_dir.'/'.$mail_backup_file, $domain_dir, $source_dir); } + $retval = $app->system->last_exec_retcode(); } } @@ -181,7 +187,9 @@ class cronjob_backup_mail extends cronjob { if(is_file($mail_backup_dir.'/'.$mail_backup_file)) unlink($mail_backup_dir.'/'.$mail_backup_file); // And remove backup-mdbox if ($rec['maildir_format'] == 'mdbox') { - if(file_exists($rec['maildir'].'/backup')) exec("su -c 'rm -rf ".$rec['maildir']."/backup'"); + if(file_exists($rec['maildir'] . '/backup')) { + $app->system->exec_safe('rm -rf ?', $rec['maildir'] . '/backup'); + } } $app->log($mail_backup_file.' NOK:'.implode('',$tmp_output), LOGLEVEL_WARN); } diff --git a/server/lib/classes/cron.d/600-purge_mailboxes.inc.php b/server/lib/classes/cron.d/600-purge_mailboxes.inc.php index 59775fb7be2512c9b10fc2a3d74f7149b83a8a5f..451eb56642751e9ce25b025406855fa70513dcf9 100644 --- a/server/lib/classes/cron.d/600-purge_mailboxes.inc.php +++ b/server/lib/classes/cron.d/600-purge_mailboxes.inc.php @@ -58,7 +58,7 @@ class cronjob_purge_mailboxes extends cronjob { if(is_array($records)) { foreach($records as $rec){ - exec("su -c 'doveadm purge -u \"".$rec["email"]."\"'"); + $app->system->exec_safe("su -c ?", 'doveadm purge -u "' . $rec["email"] . '"'); } } diff --git a/server/lib/classes/cron.d/900-letsencrypt.inc.php b/server/lib/classes/cron.d/900-letsencrypt.inc.php index 30a23fe97352c858c2de3cdd107335b1ca41bda6..3e2c9190c6686a710b7eb26ae4c96d9dc68be4c5 100644 --- a/server/lib/classes/cron.d/900-letsencrypt.inc.php +++ b/server/lib/classes/cron.d/900-letsencrypt.inc.php @@ -66,7 +66,7 @@ class cronjob_letsencrypt extends cronjob { } else { $marker_file = '/usr/local/ispconfig/server/le.restart'; $cmd = "echo '1' > " . $marker_file; - exec($letsencrypt . ' -n renew --post-hook ' . escapeshellarg($cmd)); + $app->system->exec_safe($letsencrypt . ' -n renew --post-hook ?', $cmd); if(file_exists($marker_file) && trim(file_get_contents($marker_file)) == '1') { unlink($marker_file); $app->services->restartServiceDelayed('httpd', 'force-reload'); diff --git a/server/lib/classes/functions.inc.php b/server/lib/classes/functions.inc.php index e36ed5b04f5f4b8853a2f35bcec5358d7dc9f09e..1d9dd67569448a2cee200ec71281685fd568517a 100644 --- a/server/lib/classes/functions.inc.php +++ b/server/lib/classes/functions.inc.php @@ -425,9 +425,9 @@ class functions { if(file_exists($id_rsa_file)) unset($id_rsa_file); if(file_exists($id_rsa_pub_file)) unset($id_rsa_pub_file); if(!file_exists($id_rsa_file) && !file_exists($id_rsa_pub_file)) { - exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f '.$id_rsa_file.' -N ""'); + $app->system->exec_safe('ssh-keygen -t rsa -C ? -f ? -N ""', $username.'-rsa-key-'.time(), $id_rsa_file); $app->db->query("UPDATE client SET created_at = UNIX_TIMESTAMP(), id_rsa = ?, ssh_rsa = ? WHERE client_id = ?", $app->system->file_get_contents($id_rsa_file), $app->system->file_get_contents($id_rsa_pub_file), $client_id); - exec('rm -f '.$id_rsa_file.' '.$id_rsa_pub_file); + $app->system->exec_safe('rm -f ? ?', $id_rsa_file, $id_rsa_pub_file); } else { $app->log("Failed to create SSH keypair for ".$username, LOGLEVEL_WARN); } diff --git a/server/lib/classes/letsencrypt.inc.php b/server/lib/classes/letsencrypt.inc.php index 583e1c25bb8fc2bd465bf1c3d9003faa60bbfc10..62080e29b4cee38ecb5b84587280fde15795af6f 100644 --- a/server/lib/classes/letsencrypt.inc.php +++ b/server/lib/classes/letsencrypt.inc.php @@ -389,7 +389,7 @@ class letsencrypt { } if(@is_link($key_file)) $app->system->unlink($key_file); - if(@file_exists($key_tmp_file)) exec("ln -s ".escapeshellcmd($key_tmp_file)." ".escapeshellcmd($key_file)); + if(@file_exists($key_tmp_file)) $app->system->exec_safe("ln -s ? ?", $key_tmp_file, $key_file); if(is_file($crt_file)) { $app->system->copy($crt_file, $crt_file.'.old.'.$date); @@ -398,7 +398,7 @@ class letsencrypt { } if(@is_link($crt_file)) $app->system->unlink($crt_file); - if(@file_exists($crt_tmp_file))exec("ln -s ".escapeshellcmd($crt_tmp_file)." ".escapeshellcmd($crt_file)); + if(@file_exists($crt_tmp_file))$app->system->exec_safe("ln -s ? ?", $crt_tmp_file, $crt_file); if(is_file($bundle_file)) { $app->system->copy($bundle_file, $bundle_file.'.old.'.$date); @@ -407,7 +407,7 @@ class letsencrypt { } if(@is_link($bundle_file)) $app->system->unlink($bundle_file); - if(@file_exists($bundle_tmp_file)) exec("ln -s ".escapeshellcmd($bundle_tmp_file)." ".escapeshellcmd($bundle_file)); + if(@file_exists($bundle_tmp_file)) $app->system->exec_safe("ln -s ? ?", $bundle_tmp_file, $bundle_file); return true; } else { diff --git a/server/lib/classes/monitor_tools.inc.php b/server/lib/classes/monitor_tools.inc.php index 1d3dab290b318247be421678c774c1db04bb7e91..fefdbcd6813a1fb8e47c25c6138687932acf2bf1 100644 --- a/server/lib/classes/monitor_tools.inc.php +++ b/server/lib/classes/monitor_tools.inc.php @@ -593,13 +593,12 @@ class monitor_tools { // Getting the logfile content if ($logfile != '') { - $logfile = escapeshellcmd($logfile); if (stristr($logfile, ';') or substr($logfile, 0, 9) != '/var/log/' or stristr($logfile, '..')) { $log = 'Logfile path error.'; } else { $log = ''; if (is_readable($logfile)) { - $fd = popen('tail -n 100 ' . $logfile, 'r'); + $fd = popen('tail -n 100 ' . escapeshellarg($logfile), 'r'); if ($fd) { while (!feof($fd)) { $log .= fgets($fd, 4096); diff --git a/server/lib/classes/system.inc.php b/server/lib/classes/system.inc.php index 304701a5f21cce2d8f15ea72552486c3876a590b..26f9b2e0ce50a6cb5f971ba3d39b70723c66674b 100644 --- a/server/lib/classes/system.inc.php +++ b/server/lib/classes/system.inc.php @@ -37,6 +37,9 @@ class system{ var $min_uid = 500; var $min_gid = 500; + private $_last_exec_out = null; + private $_last_exec_retcode = null; + /** * Construct for this class * @@ -716,8 +719,10 @@ class system{ function posix_getgrnam($group) { if(!function_exists('posix_getgrnam')){ $group_datei = $this->server_conf['group_datei']; - $cmd = 'grep -m 1 "^'.$group.':" '.$group_datei; - exec($cmd, $output, $return_var); + $cmd = 'grep -m 1 ? ?'; + $this->exec_safe($cmd, '^'.$group.':', $group_datei); + $output = $this->last_exec_out(); + $return_var = $this->last_exec_retcode(); if($return_var != 0 || !$output[0]) return false; list($f1, $f2, $f3, $f4) = explode(':', $output[0]); $f2 = trim($f2); @@ -1073,10 +1078,10 @@ class system{ } else { // Linux if(substr($dist, 0, 4) == 'suse'){ if($action == 'on'){ - exec("chkconfig --add $service &> /dev/null"); + $this->exec_safe("chkconfig --add ? &> /dev/null", $service); } if($action == 'off'){ - exec("chkconfig --del $service &> /dev/null"); + $this->exec_safe("chkconfig --del ? &> /dev/null", $service); } } else { $runlevels = explode(',', $rl); @@ -1375,7 +1380,7 @@ class system{ if(!empty($ifconfig['IP'])){ foreach($ifconfig['IP'] as $key => $val){ if(!strstr($val, 'lo') && !strstr($val, 'lp') && strstr($val, $main_interface)){ - exec('ifconfig '.$val.' down &> /dev/null'); + $this->exec_safe('ifconfig ? down &> /dev/null', $val); unset($ifconfig['INTERFACE'][$val]); } } @@ -1391,7 +1396,7 @@ class system{ $i = -1; } } - exec('ifconfig '.$new_interface.' '.$to.' netmask '.$this->server_conf['server_netzmaske'].' up &> /dev/null'); + $this->exec_safe('ifconfig ? ? netmask ? up &> /dev/null', $new_interface, $to, $this->server_conf['server_netzmaske']); $ifconfig['INTERFACE'][$new_interface] = $to; } } @@ -1610,22 +1615,20 @@ class system{ $mail_config = $app->getconf->get_server_config($conf["server_id"], 'mail'); if($subfolder != '') { - $dir = escapeshellcmd($maildir_path.'/.'.$subfolder); + $dir = $maildir_path.'/.'.$subfolder; } else { - $dir = escapeshellcmd($maildir_path); + $dir = $maildir_path; } if(!is_dir($dir)) mkdir($dir, 0700, true); if($user != '' && $user != 'root' && $this->is_user($user)) { - $user = escapeshellcmd($user); if(is_dir($dir)) $this->chown($dir, $user); $chown_mdsub = true; } if($group != '' && $group != 'root' && $this->is_group($group)) { - $group = escapeshellcmd($group); if(is_dir($dir)) $this->chgrp($dir, $group); $chgrp_mdsub = true; @@ -1641,22 +1644,13 @@ class system{ chmod($dir, 0700); - /* - if($user != '' && $this->is_user($user) && $user != 'root') { - $user = escapeshellcmd($user); - // I assume that the name of the (vmail group) is the same as the name of the mail user in ISPConfig 3 - $group = $user; - exec("chown $user:$group $dir $dir_cur $dir_new $dir_tmp"); - } - */ - //* Add the subfolder to the subscriptions and courierimapsubscribed files if($subfolder != '') { // Courier if($mail_config['pop3_imap_daemon'] == 'courier') { if(!is_file($maildir_path.'/courierimapsubscribed')) { - $tmp_file = escapeshellcmd($maildir_path.'/courierimapsubscribed'); + $tmp_file = $maildir_path.'/courierimapsubscribed'; touch($tmp_file); chmod($tmp_file, 0744); chown($tmp_file, 'vmail'); @@ -1668,7 +1662,7 @@ class system{ // Dovecot if($mail_config['pop3_imap_daemon'] == 'dovecot') { if(!is_file($maildir_path.'/subscriptions')) { - $tmp_file = escapeshellcmd($maildir_path.'/subscriptions'); + $tmp_file = $maildir_path.'/subscriptions'; touch($tmp_file); chmod($tmp_file, 0744); chown($tmp_file, 'vmail'); @@ -1712,7 +1706,9 @@ class system{ //* Check if a application is installed function is_installed($appname) { - exec('which '.escapeshellcmd($appname).' 2> /dev/null', $out, $returncode); + $this->exec_safe('which ? 2> /dev/null', $appname); + $out = $this->last_exec_out(); + $returncode = $this->last_exec_retcode(); if(isset($out[0]) && stristr($out[0], $appname) && $returncode == 0) { return true; } else { @@ -1734,10 +1730,10 @@ class system{ if($protect == true && $web_config['web_folder_protection'] == 'y') { //* Add protection - if($document_root != '' && $document_root != '/' && strlen($document_root) > 6 && !stristr($document_root, '..')) exec('chattr +i '.escapeshellcmd($document_root)); + if($document_root != '' && $document_root != '/' && strlen($document_root) > 6 && !stristr($document_root, '..')) $this->exec_safe('chattr +i ?', $document_root); } else { //* Remove protection - if($document_root != '' && $document_root != '/' && strlen($document_root) > 6 && !stristr($document_root, '..')) exec('chattr -i '.escapeshellcmd($document_root)); + if($document_root != '' && $document_root != '/' && strlen($document_root) > 6 && !stristr($document_root, '..')) $this->exec_safe('chattr -i ?', $document_root); } } @@ -1849,8 +1845,9 @@ class system{ function is_mounted($mountpoint){ //$cmd = 'df 2>/dev/null | grep " '.$mountpoint.'$"'; - $cmd = 'mount 2>/dev/null | grep " on '.$mountpoint.' type "'; - exec($cmd, $output, $return_var); + $cmd = 'mount 2>/dev/null | grep ?'; + exec($cmd, ' on '. $mountpoint . ' type '); + $return_var = $this->last_exec_retcode(); return $return_var == 0 ? true : false; } @@ -1922,7 +1919,8 @@ class system{ // systemd if(is_executable('/bin/systemd') || is_executable('/usr/bin/systemctl')){ if ($check_service) { - exec("systemctl is-enabled ".$servicename." 2>&1", $out, $ret_val); + $this->exec_safe("systemctl is-enabled ? 2>&1", $servicename); + $ret_val = $this->last_exec_retcode(); } if ($ret_val == 0 || !$check_service) { return 'systemctl '.$action.' '.$servicename.'.service'; @@ -2063,6 +2061,46 @@ class system{ return true; } + public function last_exec_out() { + return $this->_last_exec_out; + } + + public function last_exec_retcode() { + return $this->_last_exec_retcode; + } + + public function exec_safe($cmd) { + $arg_count = func_num_args(); + if($arg_count != substr_count($cmd, '?') + 1) { + trigger_error('Placeholder count not matching argument list.', E_USER_WARNING); + return false; + } + if($arg_count > 1) { + $args = func_get_args(); + + $pos = 0; + $a = 0; + foreach($args as $value) { + $a++; + + $pos = strpos($cmd, '?', $pos); + if($pos === false) { + break; + } + $value = escapeshellarg($value); + $cmd = substr_replace($cmd, $value, $pos, 1); + $pos += strlen($value); + } + } + + $this->_last_exec_out = null; + $this->_last_exec_retcode = null; + return exec($cmd, $this->_last_exec_out, $this->_last_exec_retcode); + } + + public function system_safe($cmd) { + call_user_func_array(array($this, 'exec_safe'), func_get_args()); + return implode("\n", $this->_last_exec_out); + } + } - -?> diff --git a/server/mods-available/remoteaction_core_module.inc.php b/server/mods-available/remoteaction_core_module.inc.php index 807de5060ab28bfbee5257760b812e60ba65a655..3b6bb9fb497366c4e2d05d2324777a6eb0273620 100644 --- a/server/mods-available/remoteaction_core_module.inc.php +++ b/server/mods-available/remoteaction_core_module.inc.php @@ -150,12 +150,12 @@ class remoteaction_core_module { $parts = explode(':', $action['action_param']); $veid = intval($parts[0]); $template_cache_dir = '/vz/template/cache/'; - $template_name = escapeshellcmd($parts[1]); + $template_name = $parts[1]; if($veid > 0 && $template_name != '' && is_dir($template_cache_dir)) { - $command = "vzdump --suspend --compress --stdexcludes --dumpdir $template_cache_dir $veid"; - exec($command); - exec("mv ".$template_cache_dir."vzdump-openvz-".$veid."*.tgz ".$template_cache_dir.$template_name.".tar.gz"); - exec("rm -f ".$template_cache_dir."vzdump-openvz-".$veid."*.log"); + $command = "vzdump --suspend --compress --stdexcludes --dumpdir ? ?"; + $app->system->exec_safe($command, $template_cache_dir, $veid); + $app->system->exec_safe("mv ?*.tgz ?", $template_cache_dir."vzdump-openvz-".$veid, $template_cache_dir.$template_name.".tar.gz"); + $app->system->exec_safe("rm -f ?*.log", $template_cache_dir."vzdump-openvz-".$veid); } $this->_actionDone($action['action_id'], 'ok'); /* this action takes so much time, @@ -191,7 +191,8 @@ class remoteaction_core_module { } private function _doIspCUpdate($action) { - + global $app; + // Ensure that this code is not executed twice as this would cause a loop in case of a failure $this->_actionDone($action['action_id'], 'ok'); @@ -210,14 +211,14 @@ class remoteaction_core_module { chdir("/tmp"); /* delete the old files (if there are any...) */ - exec("rm /tmp/ISPConfig-" . $new_version . ".tar.gz"); + $app->system->exec_safe("rm ?", "/tmp/ISPConfig-" . $new_version . ".tar.gz"); exec("rm /tmp/ispconfig3_install -R"); /* get the newest version */ - exec("wget http://www.ispconfig.org/downloads/ISPConfig-" . $new_version . ".tar.gz"); + $app->system->exec_safe("wget ?", "http://www.ispconfig.org/downloads/ISPConfig-" . $new_version . ".tar.gz"); /* extract the files */ - exec("tar xvfz ISPConfig-" . $new_version . ".tar.gz"); + $app->system->exec_safe("tar xvfz ?", "ISPConfig-" . $new_version . ".tar.gz"); /* * Initialize the automated update @@ -229,7 +230,7 @@ class remoteaction_core_module { /* * do some clean-up */ - exec("rm /tmp/ISPConfig-" . $new_version . ".tar.gz"); + $app->system->exec_safe("rm ?", "/tmp/ISPConfig-" . $new_version . ".tar.gz"); /* * go back to the "old path" diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php index 7ecbb76109110f0d85945626168ecbfa0cccb7b3..2183e96eb4ff83379191733032c1a759fc9ad624 100644 --- a/server/plugins-available/apache2_plugin.inc.php +++ b/server/plugins-available/apache2_plugin.inc.php @@ -332,36 +332,38 @@ class apache2_plugin { $ssl_cnf_file = $ssl_dir.'/openssl.conf'; $app->system->file_put_contents($ssl_cnf_file, $ssl_cnf); - $rand_file = escapeshellcmd($rand_file); - $key_file2 = escapeshellcmd($key_file2); + $rand_file = $rand_file; + $key_file2 = $key_file2; $openssl_cmd_key_file2 = $key_file2; if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') !== false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate - $key_file = escapeshellcmd($key_file); + $key_file = $key_file; $openssl_cmd_key_file = $key_file; if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') !== false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate $ssl_days = 3650; - $csr_file = escapeshellcmd($csr_file); + $csr_file = $csr_file; $openssl_cmd_csr_file = $csr_file; if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') !== false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate - $config_file = escapeshellcmd($ssl_cnf_file); - $crt_file = escapeshellcmd($crt_file); + $config_file = $ssl_cnf_file; + $crt_file = $crt_file; $openssl_cmd_crt_file = $crt_file; if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') !== false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) { - exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $openssl_cmd_key_file2 2048"); - exec("openssl req -new -sha256 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file2 -out $openssl_cmd_csr_file -days $ssl_days -config $config_file"); - exec("openssl rsa -passin pass:$ssl_password -in $openssl_cmd_key_file2 -out $openssl_cmd_key_file"); + $app->system->exec_safe("openssl genrsa -des3 -rand ? -passout pass:? -out ? 2048", $rand_file, $ssl_password, $openssl_cmd_key_file2); + $app->system->exec_safe("openssl req -new -sha256 -passin pass:? -passout pass:? -key ? -out ? -days ? -config ?", $ssl_password, $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_csr_file, $ssl_days, $config_file); + $app->system->exec_safe("openssl rsa -passin pass:? -in ? -out ?", $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_key_file); if(file_exists($web_config['CA_path'].'/openssl.cnf')) { - exec("openssl ca -batch -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file"); + $app->system->exec_safe("openssl ca -batch -out ? -config ? -passin pass:? -in ?", $openssl_cmd_crt_file, $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $openssl_cmd_csr_file); $app->log("Creating CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); - if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed. openssl ca -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file", LOGLEVEL_ERROR); + if(filesize($crt_file) == 0 || !file_exists($crt_file)) { + $app->log("CA-Certificate signing failed. openssl ca -out $openssl_cmd_crt_file -config " . $web_config['CA_path'] . "/openssl.cnf -passin pass:" . $web_config['CA_pass'] . " -in $openssl_cmd_csr_file", LOGLEVEL_ERROR); + } }; if (@filesize($crt_file)==0 || !file_exists($crt_file)){ - exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file2 -in $openssl_cmd_csr_file -out $openssl_cmd_crt_file -days $ssl_days -config $config_file "); + $app->system->exec_safe("openssl req -x509 -passin pass:? -passout pass:? -key ? -in ? -out ? -days ? -config ? ", $ssl_password, $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_csr_file, $openssl_cmd_crt_file, $ssl_days, $config_file); $app->log("Creating self-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); }; @@ -402,7 +404,8 @@ class apache2_plugin { if($data["new"]["ssl_action"] == 'save') { $tmp = array(); $crt_data = ''; - exec('openssl x509 -noout -text -in '.escapeshellarg($crt_file),$tmp); + $app->system->exec_safe('openssl x509 -noout -text -in ?', $crt_file); + $tmp = $app->system->last_exec_out(); $crt_data = implode("\n",$tmp); if(stristr($crt_data,'.acme.invalid')) { $data["new"]["ssl_action"] = ''; @@ -473,7 +476,7 @@ class apache2_plugin { if($data['new']['ssl_action'] == 'del') { if(file_exists($web_config['CA_path'].'/openssl.cnf') && !is_link($web_config['CA_path'].'/openssl.cnf')) { - exec("openssl ca -batch -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -revoke ".escapeshellcmd($crt_file)); + $app->system->exec_safe("openssl ca -batch -config ? -passin pass:? -revoke ?", $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $crt_file); $app->log("Revoking CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); }; $app->system->unlink($csr_file); @@ -591,31 +594,31 @@ class apache2_plugin { //* Check if a ispconfigend user and group exists and create them if(!$app->system->is_group('ispconfigend')) { - exec('groupadd --gid '.($connect_userid_to_webid_start + 10000).' ispconfigend'); + $app->system->exec_safe('groupadd --gid ? ispconfigend', $connect_userid_to_webid_start + 10000); } if(!$app->system->is_user('ispconfigend')) { - exec('useradd -g ispconfigend -d /usr/local/ispconfig --uid '.($connect_userid_to_webid_start + 10000).' ispconfigend'); + $app->system->exec_safe('useradd -g ispconfigend -d /usr/local/ispconfig --uid ? ispconfigend', $connect_userid_to_webid_start + 10000); } } else { $fixed_uid_param = ''; $fixed_gid_param = ''; } - $groupname = escapeshellcmd($data['new']['system_group']); + $groupname = $data['new']['system_group']; if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) { - exec('groupadd '.$fixed_gid_param.' '.$groupname); - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname); + $app->system->exec_safe('groupadd ? ?', $fixed_gid_param, $groupname); + if($apache_chrooted) $app->system->exec_safe('chroot ? groupadd ?', $web_config['website_basedir'], $groupname); $app->log('Adding the group: '.$groupname, LOGLEVEL_DEBUG); } - $username = escapeshellcmd($data['new']['system_user']); + $username = $data['new']['system_user']; if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) { if($web_config['add_web_users_to_sshusers_group'] == 'y') { - exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false"); - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false"); + $app->system->exec_safe('useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username); + if($apache_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username); } else { - exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false"); - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false"); + $app->system->exec_safe('useradd -d ? -g ? ? ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username); + if($apache_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username); } $app->log('Adding the user: '.$username, LOGLEVEL_DEBUG); } @@ -638,7 +641,7 @@ class apache2_plugin { if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // create the symlinks, if not exist if(is_link($tmp_symlink)) { - exec('rm -f '.escapeshellcmd($tmp_symlink)); + $app->system->exec_safe('rm -f ?', $tmp_symlink); $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG); } } @@ -665,13 +668,12 @@ class apache2_plugin { } //* Unmount the old log directory bfore we move the log dir - //exec('fuser -km '.escapeshellcmd($old_dir.'/log')); - exec('umount '.escapeshellcmd($data['old']['document_root'].'/log')); + $app->system->exec_safe('umount ?', $data['old']['document_root'].'/log'); //* Create new base directory, if it does not exist yet if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir); $app->system->web_folder_protection($data['old']['document_root'], false); - exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir)); + $app->system->exec_safe('mv ? ?', $data['old']['document_root'], $new_dir); //$app->system->rename($data['old']['document_root'],$new_dir); $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir, LOGLEVEL_DEBUG); @@ -679,17 +681,17 @@ class apache2_plugin { $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'], $data['new']['document_root'], $data['old']['php_open_basedir']); //* Change the owner of the website files to the new website owner - exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir); + $app->system->exec_safe('chown --recursive --from=?:? ?:? ?', $data['old']['system_user'], $data['old']['system_group'], $data['new']['system_user'], $data['new']['system_group'], $new_dir); //* Change the home directory and group of the website user - $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod'; - $command .= ' --home '.escapeshellcmd($data['new']['document_root']); - $command .= ' --gid '.escapeshellcmd($data['new']['system_group']); - $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null'; - exec($command); + $command = 'killall -u ? ; usermod'; + $command .= ' --home ?'; + $command .= ' --gid ?'; + $command .= ' ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['system_user'], $data['new']['document_root'], $data['new']['system_group'], $data['new']['system_user']); } - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + if($apache_chrooted) $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); //* Change the log mount /* @@ -711,7 +713,7 @@ class apache2_plugin { $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1); } - exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder)); + $app->system->exec_safe('mount --bind ? ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'], $data['new']['document_root'].'/'.$log_folder); } @@ -723,7 +725,6 @@ class apache2_plugin { if(!is_dir($data['new']['document_root'].'/' . $web_folder)) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder); if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/error') and $data['new']['errordocs']) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/error'); if($data['new']['stats_type'] != '' && !is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/stats'); - //if(!is_dir($data['new']['document_root'].'/'.$log_folder)) exec('mkdir -p '.$data['new']['document_root'].'/'.$log_folder); if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl'); if(!is_dir($data['new']['document_root'].'/cgi-bin')) $app->system->mkdirpath($data['new']['document_root'].'/cgi-bin'); if(!is_dir($data['new']['document_root'].'/tmp')) $app->system->mkdirpath($data['new']['document_root'].'/tmp'); @@ -747,7 +748,7 @@ class apache2_plugin { // Remove the symlink for the site, if site is renamed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']); + if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) $app->system->exec_safe('rm -rf ?', '/var/log/ispconfig/httpd/'.$data['old']['domain']); if(is_link($data['old']['document_root'].'/'.$old_log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$old_log_folder); //* remove old log mount @@ -755,19 +756,18 @@ class apache2_plugin { $app->system->removeLine('/etc/fstab', $fstab_line); //* Unmount log directory - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder)); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder)); + $app->system->exec_safe('umount ?', $data['old']['document_root'].'/'.$old_log_folder); } //* Create the log dir if nescessary and mount it if(!is_dir($data['new']['document_root'].'/'.$log_folder) || !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) || is_link($data['new']['document_root'].'/'.$log_folder)) { if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder); - if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']); + if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) $app->system->exec_safe('mkdir -p ?', '/var/log/ispconfig/httpd/'.$data['new']['domain']); $app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder); $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root'); $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, 'root'); $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755); - exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder)); + $app->system->exec_safe('mount --bind ? ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'], $data['new']['document_root'].'/'.$log_folder); //* add mountpoint to fstab $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait'; $fstab_line .= @($web_config['network_filesystem'] == 'y')?',_netdev 0 0':' 0 0'; @@ -792,7 +792,7 @@ class apache2_plugin { if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // remove the symlinks, if not exist if(is_link($tmp_symlink)) { - exec('rm -f '.escapeshellcmd($tmp_symlink)); + $app->system->exec_safe('rm -f ?', $tmp_symlink); $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG); } } @@ -813,11 +813,10 @@ class apache2_plugin { } // create the symlinks, if not exist if(!is_link($tmp_symlink)) { - // exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); if ($web_config["website_symlinks_rel"] == 'y') { - $app->system->create_relative_link(escapeshellcmd($data["new"]["document_root"]), escapeshellcmd($tmp_symlink)); + $app->system->create_relative_link($data["new"]["document_root"], $tmp_symlink); } else { - exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); + $app->system->exec_safe("ln -s ? ?", $data["new"]["document_root"]."/", $tmp_symlink); } $app->log('Creating symlink: ln -s '.$data['new']['document_root'].'/ '.$tmp_symlink, LOGLEVEL_DEBUG); @@ -837,69 +836,67 @@ class apache2_plugin { // Copy the error pages if($data['new']['errordocs']) { - $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/'; - if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/'; + if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) { + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } else { if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) { - exec('cp '. $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path); + $app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path); } else { - exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } } - exec('chmod -R a+r '.$error_page_path); + $app->system->exec_safe('chmod -R a+r ?', $error_page_path); } //* Copy the web skeleton files only when there is no index.ph or index.html file yet if(!file_exists($data['new']['document_root'].'/'.$web_folder.'/index.html') && !file_exists($data['new']['document_root'].'/'.$web_folder.'/index.php')) { - if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2))) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr($conf['language'], 0, 2))) { + if(!file_exists($data['new']['document_root'] . '/' . $web_folder . '/index.html')) { + $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/standard_index.html_' . substr($conf['language'], 0, 2), $data['new']['document_root'] . '/' . $web_folder . '/index.html'); + } if(is_file($conf['rootpath'] . '/conf-custom/index/favicon.ico')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/favicon.ico')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/favicon.ico', $data['new']['document_root'].'/' . $web_folder . '/'); } if(is_file($conf['rootpath'] . '/conf-custom/index/robots.txt')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/'); } - //if(is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) { - // exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); - //} } else { if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/standard_index.html', $data['new']['document_root'].'/' . $web_folder . '/index.html'); } else { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/standard_index.html_'.substr($conf['language'], 0, 2), $data['new']['document_root'].'/' . $web_folder . '/index.html'); if(is_file($conf['rootpath'] . '/conf/index/favicon.ico')){ - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/favicon.ico')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/favicon.ico', $data['new']['document_root'].'/' . $web_folder . '/'); } if(is_file($conf['rootpath'] . '/conf/index/robots.txt')){ - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/'); } - //if(is_file($conf['rootpath'] . '/conf/index/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); } } } - exec('chmod -R a+r '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + $app->system->exec_safe('chmod -R a+r ?', $data['new']['document_root'].'/' . $web_folder . '/'); //** Copy the error documents on update when the error document checkbox has been activated and was deactivated before } elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) { - $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/'; - if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/'; + if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) { + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } else { if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path); + $app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path); } else { - exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } } - exec('chmod -R a+r '.$error_page_path); - exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path); + $app->system->exec_safe('chmod -R a+r ?', $error_page_path); + $app->system->exec_safe('chown -R ?:? ?', $data['new']['system_user'], $data['new']['system_group'], $error_page_path); } // end copy error docs // Set the quota for the user, but only for vhosts, not vhostsubdomains or vhostalias @@ -914,39 +911,39 @@ class apache2_plugin { } // get the primitive folder for document_root and the filesystem, will need it later. - $df_output=explode(" ", exec("df -T " . escapeshellarg($data['new']['document_root']) . "|awk 'END{print \$2,\$NF}'")); + $df_output=explode(" ", $app->system->exec_safe("df -T ?|awk 'END{print \$2,\$NF}'", $data['new']['document_root'])); $file_system = $df_output[0]; $primitive_root = $df_output[1]; if($file_system == 'xfs') { - exec("xfs_quota -x -c " . escapeshellarg("limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username) . " " . escapeshellarg($primitive_root)); + $app->system->exec_safe("xfs_quota -x -c ? ?", "limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username, $primitive_root); // xfs only supports timers globally, not per user. - exec("xfs_quota -x -c 'timer -bir -i 604800' " . escapeshellarg($primitive_root)); + $app->system->exec_safe("xfs_quota -x -c 'timer -bir -i 604800' ?", $primitive_root); unset($project_uid, $username_position, $xfs_projects); unset($primitive_root, $df_output, $mb_hard, $mb_soft); } else { if($app->system->is_installed('setquota')) { - exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null'); - exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null'); + $app->system->exec_safe('setquota -u ? ? ? 0 0 -a &> /dev/null', $username, $blocks_soft, $blocks_hard); + $app->system->exec_safe('setquota -T -u ? 604800 604800 -a &> /dev/null', $username); } } } if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) { // Chown and chmod the directories below the document root - $app->system->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder); // The document root itself has to be owned by root in normal level and by the web owner in security level 20 if($web_config['security_level'] == 20) { - $app->system->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder); } else { - $app->system->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown root:root ?', $data['new']['document_root'].'/' . $web_folder); } } //* add the Apache user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update - if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user'])); + if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, $web_config['user']); //* If the security level is set to high if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) { @@ -975,18 +972,18 @@ class apache2_plugin { if($web_config['add_web_users_to_sshusers_group'] == 'y') { $command = 'usermod'; $command .= ' --groups sshusers'; - $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null'; - $app->system->_exec($command); + $command .= ' ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['system_user']); } //* if we have a chrooted Apache environment if($apache_chrooted) { - $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); //* add the apache user to the client group in the chroot environment $tmp_groupfile = $app->system->server_conf['group_datei']; $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group'; - $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user'])); + $app->system->add_user_to_group($groupname, $web_config['user']); $app->system->server_conf['group_datei'] = $tmp_groupfile; unset($tmp_groupfile); } @@ -1089,7 +1086,9 @@ class apache2_plugin { if($data['new']['type'] == 'vhost') { // Change the ownership of the error log to the root user - if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) exec('touch '.escapeshellcmd('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')); + if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) { + $app->system->exec_safe('touch ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log'); + } $app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root'); $app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root'); } @@ -1162,7 +1161,7 @@ class apache2_plugin { $vhost_data['php_open_basedir'] = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; $vhost_data['ssl_domain'] = $data['new']['ssl_domain']; $vhost_data['has_custom_php_ini'] = $has_custom_php_ini; - $vhost_data['custom_php_ini_dir'] = escapeshellcmd($custom_php_ini_dir); + $vhost_data['custom_php_ini_dir'] = $custom_php_ini_dir; $vhost_data['logging'] = $web_config['logging']; // Custom Apache directives @@ -1452,13 +1451,10 @@ class apache2_plugin { if (!is_dir($fastcgi_starter_path)) { $app->system->mkdirpath($fastcgi_starter_path); - //exec('chown '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.escapeshellcmd($fastcgi_starter_path)); - $app->log('Creating fastcgi starter script directory: '.$fastcgi_starter_path, LOGLEVEL_DEBUG); } - //exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.escapeshellcmd($fastcgi_starter_path)); $app->system->chown($fastcgi_starter_path, $data['new']['system_user']); $app->system->chgrp($fastcgi_starter_path, $data['new']['system_group']); if($web_config['security_level'] == 10) { @@ -1480,29 +1476,29 @@ class apache2_plugin { } if($has_custom_php_ini) { - $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_php_ini_dir)); + $fcgi_tpl->setVar('php_ini_path', $custom_php_ini_dir); } else { if($default_fastcgi_php){ - $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($fastcgi_config['fastcgi_phpini_path'])); + $fcgi_tpl->setVar('php_ini_path', $fastcgi_config['fastcgi_phpini_path']); } else { - $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_fastcgi_php_ini_dir)); + $fcgi_tpl->setVar('php_ini_path', $custom_fastcgi_php_ini_dir); } } - $fcgi_tpl->setVar('document_root', escapeshellcmd($data['new']['document_root'])); - $fcgi_tpl->setVar('php_fcgi_children', escapeshellcmd($fastcgi_config['fastcgi_children'])); - $fcgi_tpl->setVar('php_fcgi_max_requests', escapeshellcmd($fastcgi_config['fastcgi_max_requests'])); + $fcgi_tpl->setVar('document_root', $data['new']['document_root']); + $fcgi_tpl->setVar('php_fcgi_children', $fastcgi_config['fastcgi_children']); + $fcgi_tpl->setVar('php_fcgi_max_requests', $fastcgi_config['fastcgi_max_requests']); if($default_fastcgi_php){ - $fcgi_tpl->setVar('php_fcgi_bin', escapeshellcmd($fastcgi_config['fastcgi_bin'])); + $fcgi_tpl->setVar('php_fcgi_bin', $fastcgi_config['fastcgi_bin']); } else { - $fcgi_tpl->setVar('php_fcgi_bin', escapeshellcmd($custom_fastcgi_php_executable)); + $fcgi_tpl->setVar('php_fcgi_bin', $custom_fastcgi_php_executable); } $fcgi_tpl->setVar('security_level', intval($web_config['security_level'])); - $fcgi_tpl->setVar('domain', escapeshellcmd($data['new']['domain'])); + $fcgi_tpl->setVar('domain', $data['new']['domain']); $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; - $fcgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir)); + $fcgi_tpl->setVar('open_basedir', $php_open_basedir); - $fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : '')); + $fcgi_starter_script = $fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''); $app->system->file_put_contents($fcgi_starter_script, $fcgi_tpl->grab()); unset($fcgi_tpl); @@ -1562,14 +1558,13 @@ class apache2_plugin { } if($default_php_fpm){ - $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']); - } else { + $pool_dir = $web_config['php_fpm_pool_dir']; $pool_dir = $custom_php_fpm_pool_dir; } $pool_dir = trim($pool_dir); if(substr($pool_dir, -1) != '/') $pool_dir .= '/'; $pool_name = 'web'.$data['new']['domain_id']; - $socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']); + $socket_dir = $web_config['php_fpm_socket_dir']; if(substr($socket_dir, -1) != '/') $socket_dir .= '/'; if($data['new']['php_fpm_use_socket'] == 'y'){ @@ -1622,8 +1617,8 @@ class apache2_plugin { // This works because PHP "rewrites" a symlink to the physical path $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; - $cgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir)); - $cgi_tpl->setVar('document_root', escapeshellcmd($data['new']['document_root'])); + $cgi_tpl->setVar('open_basedir', $php_open_basedir); + $cgi_tpl->setVar('document_root', $data['new']['document_root']); // This will NOT work! //$cgi_tpl->setVar('open_basedir', '/var/www/' . $data['new']['domain']); @@ -1632,12 +1627,12 @@ class apache2_plugin { $cgi_tpl->setVar('has_custom_php_ini', $has_custom_php_ini); if($has_custom_php_ini) { - $cgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_php_ini_dir)); + $cgi_tpl->setVar('php_ini_path', $custom_php_ini_dir); } else { - $cgi_tpl->setVar('php_ini_path', escapeshellcmd($fastcgi_config['fastcgi_phpini_path'])); + $cgi_tpl->setVar('php_ini_path', $fastcgi_config['fastcgi_phpini_path']); } - $cgi_starter_script = escapeshellcmd($cgi_starter_path.$cgi_config['cgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : '')); + $cgi_starter_script = $cgi_starter_path.$cgi_config['cgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''); $app->system->file_put_contents($cgi_starter_script, $cgi_tpl->grab()); unset($cgi_tpl); @@ -1657,7 +1652,7 @@ class apache2_plugin { } - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_file = $web_config['vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'; //* Make a backup copy of vhost file if(file_exists($vhost_file)) $app->system->copy($vhost_file, $vhost_file.'~'); @@ -1750,17 +1745,17 @@ class apache2_plugin { //* Set the symlink to enable the vhost //* First we check if there is a old type of symlink and remove it - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) $app->system->unlink($vhost_symlink); //* Remove old or changed symlinks if($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') { - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -1769,9 +1764,9 @@ class apache2_plugin { //* New symlink if($data['new']['subdomain'] == '*') { - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'; } else { - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'; } if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) { symlink($vhost_file, $vhost_symlink); @@ -1780,22 +1775,22 @@ class apache2_plugin { // remove old symlink and vhost file, if domain name of the site has changed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; $app->system->unlink($vhost_file); $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG); } @@ -2029,14 +2024,10 @@ class apache2_plugin { if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias'){ if(is_array($log_folders) && !empty($log_folders)){ foreach($log_folders as $log_folder){ - //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder)); - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); + $app->system->exec_safe('umount ? 2>/dev/null', $data['old']['document_root'].'/'.$log_folder); } } else { - //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder)); - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); + $app->system->exec_safe('umount ? 2>/dev/null', $data['old']['document_root'].'/'.$log_folder); } // remove letsencrypt if it exists (renew will always fail otherwise) @@ -2076,19 +2067,19 @@ class apache2_plugin { } else { //* This is a website // Deleting the vhost file, symlink and the data directory - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -2098,11 +2089,11 @@ class apache2_plugin { $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG); if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') { - $docroot = escapeshellcmd($data['old']['document_root']); + $docroot = $data['old']['document_root']; if($docroot != '' && !stristr($docroot, '..')) { if($data['old']['type'] == 'vhost') { // this is a vhost - we delete everything in here. - exec('rm -rf '.$docroot); + $app->system->exec_safe('rm -rf ?', $docroot); } elseif(!stristr($data['old']['web_folder'], '..')) { // this is a vhost subdomain // IMPORTANT: do some folder checks before we delete this! @@ -2152,7 +2143,7 @@ class apache2_plugin { unset($used_paths); } - if($do_delete === true && $delete_folder !== '') exec('rm -rf '.$docroot.'/'.$delete_folder); + if($do_delete === true && $delete_folder !== '') $app->system->exec_safe('rm -rf ?', $docroot.'/'.$delete_folder); unset($delete_folder); unset($path_elements); @@ -2164,12 +2155,12 @@ class apache2_plugin { $fastcgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $fastcgi_config['fastcgi_starter_path']); if($data['old']['type'] == 'vhost') { if (is_dir($fastcgi_starter_path)) { - exec('rm -rf '.$fastcgi_starter_path); + $app->system->exec_safe('rm -rf ?', $fastcgi_starter_path); } } else { $fcgi_starter_script = $fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].'_web'.$data['old']['domain_id']; if (file_exists($fcgi_starter_script)) { - exec('rm -f '.$fcgi_starter_script); + $app->system->exec_safe('rm -f ?', $fcgi_starter_script); } } } @@ -2189,12 +2180,12 @@ class apache2_plugin { $cgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['cgi_starter_path']); if($data['old']['type'] == 'vhost') { if (is_dir($cgi_starter_path)) { - exec('rm -rf '.$cgi_starter_path); + $app->system->exec_safe('rm -rf ?', $cgi_starter_path); } } else { $cgi_starter_script = $cgi_starter_path.'php-cgi-starter_web'.$data['old']['domain_id']; if (file_exists($cgi_starter_script)) { - exec('rm -f '.$cgi_starter_script); + $app->system->exec_safe('rm -f ?', $cgi_starter_script); } } } @@ -2223,16 +2214,15 @@ class apache2_plugin { } // Delete the log file directory - $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']); - if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir); + $vhost_logfile_dir = '/var/log/ispconfig/httpd/'.$data['old']['domain']; + if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) $app->system->exec_safe('rm -rf ?', $vhost_logfile_dir); $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG); if($data['old']['type'] == 'vhost') { //delete the web user - $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel'; - $command .= ' '.escapeshellcmd($data['old']['system_user']); - exec($command); - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + $command = 'killall -u ? ; userdel ?'; + $app->system->exec_safe($command, $data['old']['system_user'], $data['old']['system_user']); + if($apache_chrooted) $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); } @@ -2264,7 +2254,7 @@ class apache2_plugin { if($mount_backup){ $web_backup_dir = $backup_dir.'/web'.$data_old['domain_id']; //** do not use rm -rf $web_backup_dir because database(s) may exits - exec(escapeshellcmd('rm -f '.$web_backup_dir.'/web'.$data_old['domain_id'].'_').'*'); + $app->system->exec_safe('rm -f ?*', $web_backup_dir.'/web'.$data_old['domain_id'].'_'); //* cleanup database $sql = "DELETE FROM web_backup WHERE server_id = ? AND parent_domain_id = ? AND filename LIKE ?"; $app->db->query($sql, $conf['server_id'], $data_old['domain_id'], "web".$data_old['domain_id']."_%"); @@ -2319,7 +2309,7 @@ class apache2_plugin { $tpl->setLoop('ip_adresses', $records_out); } - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/ispconfig.conf'); + $vhost_file = $web_config['vhost_conf_dir'].'/ispconfig.conf'; $app->system->file_put_contents($vhost_file, $tpl->grab()); $app->log('Writing the conf file: '.$vhost_file, LOGLEVEL_DEBUG); unset($tpl); @@ -2352,7 +2342,7 @@ class apache2_plugin { //* Get the folder path. if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1); if(substr($folder['path'], -1) == '/') $folder['path'] = substr($folder['path'], 0, -1); - $folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$folder['path']); + $folder_path = $website['document_root'].'/' . $web_folder . '/'.$folder['path']; if(substr($folder_path, -1) != '/') $folder_path .= '/'; //* Check if the resulting path is inside the docroot @@ -2498,7 +2488,7 @@ class apache2_plugin { if(substr($data['new']['path'], 0, 1) == '/') $data['new']['path'] = substr($data['new']['path'], 1); if(substr($data['new']['path'], -1) == '/') $data['new']['path'] = substr($data['new']['path'], 0, -1); - $new_folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$data['new']['path']); + $new_folder_path = $website['document_root'].'/' . $web_folder . '/'.$data['new']['path']; if(substr($new_folder_path, -1) != '/') $new_folder_path .= '/'; //* Check if the resulting path is inside the docroot @@ -2678,8 +2668,6 @@ class apache2_plugin { /* * The webdav - Root needs the group/user as owner and the apache as read and write */ - //$app->system->_exec('chown ' . $user . ':' . $group . ' ' . escapeshellcmd($documentRoot . '/webdav/')); - //$app->system->_exec('chmod 770 ' . escapeshellcmd($documentRoot . '/webdav/')); $app->system->chown($documentRoot . '/webdav', $user); $app->system->chgrp($documentRoot . '/webdav', $group); $app->system->chmod($documentRoot . '/webdav', 0770); @@ -2688,8 +2676,6 @@ class apache2_plugin { * The webdav folder (not the webdav-root!) needs the same (not in ONE step, because the * pwd-files are owned by root) */ - //$app->system->_exec('chown ' . $user . ':' . $group . ' ' . escapeshellcmd($webdav_user_dir.' -R')); - //$app->system->_exec('chmod 770 ' . escapeshellcmd($webdav_user_dir.' -R')); $app->system->chown($webdav_user_dir, $user); $app->system->chgrp($webdav_user_dir, $group); $app->system->chmod($webdav_user_dir, 0770); @@ -2709,7 +2695,7 @@ class apache2_plugin { /* * Next step, patch the vhost - file */ - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'] . '/' . $domain . '.vhost'); + $vhost_file = $web_config['vhost_conf_dir'] . '/' . $domain . '.vhost'; $this->_patchVhostWebdav($vhost_file, $documentRoot . '/webdav'); /* @@ -2741,7 +2727,7 @@ class apache2_plugin { /* * Next step, patch the vhost - file */ - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'] . '/' . $domain . '.vhost'); + $vhost_file = $web_config['vhost_conf_dir'] . '/' . $domain . '.vhost'; $this->_patchVhostWebdav($vhost_file, $documentRoot . '/webdav'); /* @@ -3001,9 +2987,9 @@ class apache2_plugin { $content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $content); file_put_contents('/etc/init.d/hhvm_' . $data['new']['system_user'], $content); - exec('chmod +x /etc/init.d/hhvm_' . $data['new']['system_user'] . ' >/dev/null 2>&1'); - exec('/usr/sbin/update-rc.d hhvm_' . $data['new']['system_user'] . ' defaults >/dev/null 2>&1'); - exec('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' restart >/dev/null 2>&1'); + $app->system->exec_safe('chmod +x ? >/dev/null 2>&1', '/etc/init.d/hhvm_' . $data['new']['system_user']); + $app->system->exec_safe('/usr/sbin/update-rc.d ? defaults >/dev/null 2>&1', 'hhvm_' . $data['new']['system_user']); + $app->system->exec_safe('? restart >/dev/null 2>&1', '/etc/init.d/hhvm_' . $data['new']['system_user']); if(is_dir('/etc/monit/conf.d')){ $monit_content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $monit_content); @@ -3014,8 +3000,8 @@ class apache2_plugin { } elseif($data['new']['php'] != 'hhvm' && $data['old']['php'] == 'hhvm') { if($data['old']['system_user'] != ''){ - exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1'); - exec('/usr/sbin/update-rc.d hhvm_' . $data['old']['system_user'] . ' remove >/dev/null 2>&1'); + $app->system->exec_safe('? stop >/dev/null 2>&1', '/etc/init.d/hhvm_' . $data['old']['system_user']); + $app->system->exec_safe('/usr/sbin/update-rc.d ? remove >/dev/null 2>&1', 'hhvm_' . $data['old']['system_user']); unlink('/etc/init.d/hhvm_' . $data['old']['system_user']); if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini'); } @@ -3114,7 +3100,7 @@ class apache2_plugin { $tpl->setVar('document_root', $data['new']['document_root']); $tpl->setVar('security_level', $web_config['security_level']); $tpl->setVar('domain', $data['new']['domain']); - $php_open_basedir = ($data['new']['php_open_basedir'] == '')?escapeshellcmd($data['new']['document_root']):escapeshellcmd($data['new']['php_open_basedir']); + $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; $tpl->setVar('php_open_basedir', $php_open_basedir); if($php_open_basedir != ''){ $tpl->setVar('enable_php_open_basedir', ''); @@ -3201,7 +3187,7 @@ class apache2_plugin { unset($tpl); // delete pool in all other PHP versions - $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir'])); + $default_pool_dir = trim($web_config['php_fpm_pool_dir']); if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/'; if($default_pool_dir != $pool_dir){ if ( @is_file($default_pool_dir.$pool_name.'.conf') ) { @@ -3255,7 +3241,7 @@ class apache2_plugin { } if($default_php_fpm){ - $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']); + $pool_dir = $web_config['php_fpm_pool_dir']; } else { $pool_dir = $custom_php_fpm_pool_dir; } @@ -3272,7 +3258,7 @@ class apache2_plugin { } // delete pool in all other PHP versions - $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir'])); + $default_pool_dir = trim($web_config['php_fpm_pool_dir']); if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/'; if($default_pool_dir != $pool_dir){ if ( @is_file($default_pool_dir.$pool_name.'.conf') ) { @@ -3332,7 +3318,7 @@ class apache2_plugin { } if($app->system->is_group('client'.$client_id)){ - $app->system->_exec('groupdel client'.$client_id); + $app->system->exec_safe('groupdel ?', 'client'.$client_id); $app->log('Removed group client'.$client_id, LOGLEVEL_DEBUG); } } diff --git a/server/plugins-available/apps_vhost_plugin.inc.php b/server/plugins-available/apps_vhost_plugin.inc.php index 32a62174ffc15681633fcb9c39f30f1639f06d01..4d0866d1de9f283d25e23c857d6b652bf6975e15 100644 --- a/server/plugins-available/apps_vhost_plugin.inc.php +++ b/server/plugins-available/apps_vhost_plugin.inc.php @@ -131,7 +131,7 @@ class apps_vhost_plugin { $app->system->file_put_contents("$vhost_conf_dir/apps.vhost", $content); // enabled / disable apps-vhost - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/000-apps.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/000-apps.vhost'; if(is_link($vhost_symlink) && $web_config['apps_vhost_enabled'] == 'n') { $app->system->unlink($vhost_symlink); } @@ -166,11 +166,11 @@ class apps_vhost_plugin { $apps_vhost_ip = $web_config['apps_vhost_ip'].':'; } - $socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']); + $socket_dir = $web_config['php_fpm_socket_dir']; if(substr($socket_dir, -1) != '/') $socket_dir .= '/'; - if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir); + if(!is_dir($socket_dir)) $app->system->exec_safe('mkdir -p ?', $socket_dir); $fpm_socket = $socket_dir.'apps.sock'; - $cgi_socket = escapeshellcmd($web_config['nginx_cgi_socket']); + $cgi_socket = $web_config['nginx_cgi_socket']; $content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content); $content = str_replace('{apps_vhost_port}', $web_config['apps_vhost_port'], $content); @@ -225,7 +225,7 @@ class apps_vhost_plugin { file_put_contents("$vhost_conf_dir/apps.vhost", $content); // enabled / disable apps-vhost - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/000-apps.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/000-apps.vhost'; if(is_link($vhost_symlink) && $web_config['apps_vhost_enabled'] == 'n') { $app->system->unlink($vhost_symlink); } diff --git a/server/plugins-available/backup_plugin.inc.php b/server/plugins-available/backup_plugin.inc.php index 6ce8c98939ae236f0246aecd574812d1a1c32673..3308289d41dfff03564450137cced34aaedb3d8e 100644 --- a/server/plugins-available/backup_plugin.inc.php +++ b/server/plugins-available/backup_plugin.inc.php @@ -104,13 +104,13 @@ class backup_plugin { // extract tar.gz archive $dump_directory = str_replace(".tar.gz", "", $backup['filename']); $extracted = "/usr/local/ispconfig/server/temp"; - exec("tar -xzvf ".escapeshellarg($backup_dir.'/'.$backup['filename'])." --directory=".escapeshellarg($extracted)); + $app->system->exec_safe("tar -xzvf ? --directory=?", $backup_dir.'/'.$backup['filename'], $extracted); $restore_directory = $extracted."/".$dump_directory."/".$db_name; // mongorestore -h 127.0.0.1 -u root -p 123456 --authenticationDatabase admin -d c1debug --drop ./toRestore - $command = "mongorestore -h 127.0.0.1 --port 27017 -u root -p 123456 --authenticationDatabase admin -d ".$db_name." --drop ".escapeshellarg($restore_directory); - exec($command); - exec("rm -rf ".escapeshellarg($extracted."/".$dump_directory)); + $command = "mongorestore -h 127.0.0.1 --port 27017 -u root -p 123456 --authenticationDatabase admin -d ? --drop ?"; + $app->system->exec_safe($command, $db_name, $restore_directory); + $app->system->exec_safe("rm -rf ?", $extracted."/".$dump_directory); } unset($clientdb_host); @@ -129,8 +129,8 @@ class backup_plugin { //$db_name = $parts[1]; preg_match('@^db_(.+)_\d{4}-\d{2}-\d{2}_\d{2}-\d{2}\.sql\.gz$@', $backup['filename'], $matches); $db_name = $matches[1]; - $command = "gunzip --stdout ".escapeshellarg($backup_dir.'/'.$backup['filename'])." | mysql -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".escapeshellarg($db_name); - exec($command); + $command = "gunzip --stdout ? | mysql -h ? -u ? -p? ?"; + $app->system->exec_safe($command, $backup_dir.'/'.$backup['filename'], $clientdb_host, $clientdb_user, $clientdb_password, $db_name); } unset($clientdb_host); unset($clientdb_user); @@ -147,8 +147,8 @@ class backup_plugin { copy($backup_dir.'/'.$backup['filename'], $web['document_root'].'/backup/'.$backup['filename']); chgrp($web['document_root'].'/backup/'.$backup['filename'], $web['system_group']); //chown($web['document_root'].'/backup/'.$backup['filename'],$web['system_user']); - $command = 'sudo -u '.escapeshellarg($web['system_user']).' unzip -qq -o '.escapeshellarg($web['document_root'].'/backup/'.$backup['filename']).' -d '.escapeshellarg($web['document_root']).' 2> /dev/null'; - exec($command); + $command = 'sudo -u ? unzip -qq -o ? -d ? 2> /dev/null'; + $app->system->exec_safe($command, $web['system_user'], $web['document_root'].'/backup/'.$backup['filename'], $web['document_root']); unlink($web['document_root'].'/backup/'.$backup['filename']); if(file_exists($web['document_root'].'/backup/'.$backup['filename'].'.bak')) rename($web['document_root'].'/backup/'.$backup['filename'].'.bak', $web['document_root'].'/backup/'.$backup['filename']); $app->log('Restored Web backup '.$backup_dir.'/'.$backup['filename'], LOGLEVEL_DEBUG); @@ -156,8 +156,8 @@ class backup_plugin { } if($backup['backup_mode'] == 'rootgz') { if(file_exists($backup_dir.'/'.$backup['filename']) && $web['document_root'] != '' && $web['document_root'] != '/' && !stristr($backup_dir.'/'.$backup['filename'], '..') && !stristr($backup_dir.'/'.$backup['filename'], 'etc')) { - $command = 'tar xzf '.escapeshellarg($backup_dir.'/'.$backup['filename']).' --directory '.escapeshellarg($web['document_root']); - exec($command); + $command = 'tar xzf ? --directory ?'; + $app->system->exec_safe($command, $backup_dir.'/'.$backup['filename'], $web['document_root']); $app->log('Restored Web backup '.$backup_dir.'/'.$backup['filename'], LOGLEVEL_DEBUG); } } @@ -237,22 +237,24 @@ class backup_plugin { if($mail_backup['backup_mode'] == 'userzip') { copy($mail_backup_file, $record['maildir'].'/'.$mail_backup['filename']); chgrp($record['maildir'].'/'.$mail_backup['filename'], $mail_config['mailuser_group']); - $command = 'sudo -u '.$mail_config['mailuser_name'].' unzip -qq -o '.escapeshellarg($record['maildir'].'/'.$mail_backup['filename']).' -d '.escapeshellarg($record['maildir']).' 2> /dev/null'; - exec($command,$tmp_output, $retval); + $command = 'sudo -u ? unzip -qq -o ? -d ? 2> /dev/null'; + $app->system->exec_safe($command, $mail_config['mailuser_name'], $record['maildir'].'/'.$mail_backup['filename'], $record['maildir']); + $retval = $app->system->last_exec_retcode(); unlink($record['maildir'].'/'.$mail_backup['filename']); - } - if($mail_backup['backup_mode'] == 'rootgz') { - $command='tar xfz '.escapeshellarg($mail_backup_file).' --directory '.escapeshellarg($record['maildir']); - exec($command,$tmp_output, $retval); + } elseif($mail_backup['backup_mode'] == 'rootgz') { + $command='tar xfz ? --directory ?'; + $app->system->exec_safe($command, $mail_backup_file, $record['maildir']); + $retval = $app->system->last_exec_retcode(); } if($retval == 0) { // Now import backup-mailbox into special backup-folder $backupname = "backup-".date("Y-m-d", $mail_backup['tstamp']); - exec("doveadm mailbox create -u \"".$record["email"]."\" $backupname"); - exec("doveadm import -u \"".$record["email"]."\" mdbox:".$record['maildir']."/backup $backupname all", $tmp_output, $retval); - exec("for f in `doveadm mailbox list -u \"".$record["email"]."\" $backupname*`; do doveadm mailbox subscribe -u \"".$record["email"]."\" \$f; done", $tmp_output, $retval); - exec('rm -rf '.$record['maildir'].'/backup'); + $app->system->exec_safe("doveadm mailbox create -u ? ?", $record["email"], $backupname); + $app->system->exec_safe("doveadm import -u ? mdbox:? ? all", $record["email"], $record['maildir']."/backup", $backupname); + $app->system->exec_safe("for f in `doveadm mailbox list -u ? ?*`; do doveadm mailbox subscribe -u ? \$f; done", $record["email"], $backupname, $record["email"]); + $retval = $app->system->last_exec_retcode(); + $app->system->exec_safe('rm -rf ?', $record['maildir'].'/backup'); } if($retval == 0){ @@ -260,7 +262,7 @@ class backup_plugin { } else { // cleanup if (file_exists($record['maildir'].'/'.$mail_backup['filename'])) unlink($record['maildir'].'/'.$mail_backup['filename']); - if (file_exists($record['maildir']."/backup")) exec('rm -rf '.$record['maildir']."/backup"); + if (file_exists($record['maildir']."/backup")) $app->system->exec_safe('rm -rf ?', $record['maildir']."/backup"); $app->log('Unable to restore Mail backup '.$mail_backup_file.' '.$tmp_output,LOGLEVEL_ERROR); } @@ -269,8 +271,10 @@ class backup_plugin { if($mail_backup['backup_mode'] == 'userzip') { copy($mail_backup_file, $domain_dir.'/'.$mail_backup['filename']); chgrp($domain_dir.'/'.$mail_backup['filename'], $mail_config['mailuser_group']); - $command = 'sudo -u '.$mail_config['mailuser_name'].' unzip -qq -o '.escapeshellarg($domain_dir.'/'.$mail_backup['filename']).' -d '.escapeshellarg($domain_dir).' 2> /dev/null'; - exec($command,$tmp_output, $retval); + $command = 'sudo -u ? unzip -qq -o ? -d ? 2> /dev/null'; + $app->system->exec_safe($command, $mail_config['mailuser_name'], $domain_dir.'/'.$mail_backup['filename'], $domain_dir); + $retval = $app->system->last_exec_retcode(); + $tmp_output = $app->system->last_exec_out(); unlink($domain_dir.'/'.$mail_backup['filename']); if($retval == 0){ $app->log('Restored Mail backup '.$mail_backup_file,LOGLEVEL_DEBUG); @@ -279,8 +283,10 @@ class backup_plugin { } } if($mail_backup['backup_mode'] == 'rootgz') { - $command='tar xfz '.escapeshellarg($mail_backup_file).' --directory '.escapeshellarg($domain_dir); - exec($command,$tmp_output, $retval); + $command='tar xfz ? --directory ?'; + $app->system->exec_safe($command, $mail_backup_file, $domain_dir); + $retval = $app->system->last_exec_retcode(); + $tmp_output = $app->system->last_exec_out(); if($retval == 0){ $app->log('Restored Mail backup '.$mail_backup_file,LOGLEVEL_DEBUG); } else { diff --git a/server/plugins-available/bind_plugin.inc.php b/server/plugins-available/bind_plugin.inc.php index edf7b93d9f1ea62f8b314a62b73c77f15e5ca678..29d841ef8a7b3aec77acb49aedd5ebd13500740a 100644 --- a/server/plugins-available/bind_plugin.inc.php +++ b/server/plugins-available/bind_plugin.inc.php @@ -114,9 +114,7 @@ class bind_plugin { } //Do some magic... - exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'. - 'dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE '.escapeshellcmd($domain).';'. - 'dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE '.escapeshellcmd($domain)); + $app->system->exec_safe('cd ?; dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE ?; dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE ?', $dns_config['bind_zonefiles_dir'], $domain, $domain); $this->soa_dnssec_sign($data); //Now sign the zone for the first time $data['new']['dnssec_initialized']='Y'; @@ -148,8 +146,7 @@ class bind_plugin { file_put_contents($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain, $zonefile); //Sign the zone and set it valid for max. 16 days - exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'. - 'dnssec-signzone -A -e +1382400 -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o '.escapeshellcmd($domain).' -t '.$filespre.escapeshellcmd($domain)); + $app->system->exec_safe('cd ?; dnssec-signzone -A -e +1382400 -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o ? -t ?', $dns_config['bind_zonefiles_dir'], $domain, $filespre.$domain); //Write Data back ino DB $dnssecdata = "DS-Records:\n".file_get_contents($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.'); @@ -187,8 +184,8 @@ class bind_plugin { if (!$new && !file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) $this->soa_dnssec_create($data); $dbdata = $app->db->queryOneRecord('SELECT id,serial FROM dns_soa WHERE id=?', intval($data['new']['id'])); - exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'. - 'named-checkzone '.escapeshellcmd($domain).' '.escapeshellcmd($dns_config['bind_zonefiles_dir']).'/'.$filespre.escapeshellcmd($domain).' | egrep -ho \'[0-9]{10}\'', $serial, $retState); + $app->system->exec_safe('cd ?; named-checkzone ? ? | egrep -ho \'[0-9]{10}\'', $dns_config['bind_zonefiles_dir'], $domain, $dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain); + $retState = $app->system->last_exec_retcode(); if ($retState != 0) { $app->log('DNSSEC Error: Error in Zonefile for '.$domain, LOGLEVEL_ERR); return false; @@ -283,20 +280,22 @@ class bind_plugin { //TODO : change this when distribution information has been integrated into server record if (file_exists('/etc/gentoo-release')) { - $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($zone['origin'], 0, -1))); + $filename = $dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($zone['origin'], 0, -1)); } else { - $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1))); + $filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1)); } $old_zonefile = @file_get_contents($filename); file_put_contents($filename, $tpl->grab()); - chown($filename, escapeshellcmd($dns_config['bind_user'])); - chgrp($filename, escapeshellcmd($dns_config['bind_group'])); + chown($filename, $dns_config['bind_user']); + chgrp($filename, $dns_config['bind_group']); //* Check the zonefile if(is_file($filename.'.err')) unlink($filename.'.err'); - exec('named-checkzone '.escapeshellarg($zone['origin']).' '.escapeshellarg($filename), $out, $return_status); + $app->system->exec_safe('named-checkzone ? ?', $zone['origin'], $filename); + $out = $app->system->last_exec_out(); + $return_status = $app->system->last_exec_retcode(); if($return_status === 0) { $app->log("Writing BIND domain file: ".$filename, LOGLEVEL_DEBUG); } else { @@ -309,8 +308,8 @@ class bind_plugin { if ($old_zonefile != '') { rename($filename, $filename.'.err'); file_put_contents($filename, $old_zonefile); - chown($filename, escapeshellcmd($dns_config['bind_user'])); - chgrp($filename, escapeshellcmd($dns_config['bind_group'])); + chown($filename, $dns_config['bind_user']); + chgrp($filename, $dns_config['bind_group']); } else { rename($filename, $filename.'.err'); } @@ -392,7 +391,10 @@ class bind_plugin { $app->log("Deleting BIND domain file: ".$zone_file_name, LOGLEVEL_DEBUG); //* DNSSEC-Implementation - if ($data['old']['dnssec_initialized'] == 'Y') exec('/usr/local/ispconfig/server/scripts/dnssec-delete.sh '.$data['old']['origin']); //delete keys + if($data['old']['dnssec_initialized'] == 'Y') { + //delete keys + $app->system->exec_safe('/usr/local/ispconfig/server/scripts/dnssec-delete.sh ?', $data['old']['origin']); + } //* Reload bind nameserver $app->services->restartServiceDelayed('bind', 'reload'); @@ -582,11 +584,6 @@ class bind_plugin { 'zonefile_path' => $sec_zonefiles_path.str_replace("/", "_", substr($tmp['origin'], 0, -1)), 'options' => $options ); - - // $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/slave/sec.'.substr($tmp['origin'],0,-1)); - // $app->log("Writing BIND domain file: ".$filename,LOGLEVEL_DEBUG); - - } $tpl_sec = new tpl(); diff --git a/server/plugins-available/cron_jailkit_plugin.inc.php b/server/plugins-available/cron_jailkit_plugin.inc.php index c652f299ebc44dd87c5cc3f1c65f118cdbebb144..f8f6640444103b0c41e13960d912873f22c8e71a 100644 --- a/server/plugins-available/cron_jailkit_plugin.inc.php +++ b/server/plugins-available/cron_jailkit_plugin.inc.php @@ -103,20 +103,6 @@ class cron_jailkit_plugin { if ($data['new']['type'] == "chrooted") { // load the server configuration options - /* - $app->uses("getconf"); - $this->data = $data; - $this->app = $app; - $this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit'); - $this->parent_domain = $parent_domain; - - $this->_setup_jailkit_chroot(); - - //$command .= 'usermod -U '.escapeshellcmd($parent_domain['system_user']); - //exec($command); - - $this->_add_jailkit_user(); - */ $app->uses("getconf"); $this->data = $data; $this->app = $app; @@ -130,8 +116,8 @@ class cron_jailkit_plugin { $this->_add_jailkit_user(); - $command .= 'usermod -U '.escapeshellcmd($parent_domain["system_user"]).' 2>/dev/null'; - exec($command); + $command .= 'usermod -U ? 2>/dev/null'; + $app->system->exec_safe($command, $parent_domain["system_user"]); $this->_update_website_security_level(); @@ -231,14 +217,12 @@ class cron_jailkit_plugin { if (!is_dir($this->parent_domain['document_root'].'/etc/jailkit')) { $command = '/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh'; - $command .= ' '.escapeshellcmd($this->parent_domain['document_root']); - $command .= ' \''.$this->jailkit_config['jailkit_chroot_app_sections'].'\''; - exec($command.' 2>/dev/null'); + $command .= ' ?'; + $command .= ' ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->parent_domain['document_root'], $this->jailkit_config['jailkit_chroot_app_sections']); $this->app->log("Added jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); - //$this->_add_jailkit_programs(); // done later on - $this->app->load('tpl'); $tpl = new tpl(); @@ -248,7 +232,7 @@ class cron_jailkit_plugin { $tpl->setVar('domain', $this->parent_domain['domain']); $tpl->setVar('home_dir', $this->_get_home_dir("")); - $bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc'; + $bashrc = $this->parent_domain['document_root'].'/etc/bash.bashrc'; if(@is_file($bashrc) || @is_link($bashrc)) unlink($bashrc); $app->system->file_put_contents($bashrc, $tpl->grab()); @@ -261,7 +245,7 @@ class cron_jailkit_plugin { $tpl->setVar('domain', $this->parent_domain['domain']); - $motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd'; + $motd = $this->parent_domain['document_root'].'/var/run/motd'; if(@is_file($motd) || @is_link($motd)) unlink($motd); $app->system->file_put_contents($motd, $tpl->grab()); @@ -276,16 +260,16 @@ class cron_jailkit_plugin { //copy over further programs and its libraries $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh'; - $command .= ' '.escapeshellcmd($this->parent_domain['document_root']); - $command .= ' \''.$this->jailkit_config['jailkit_chroot_app_programs'].'\''; - exec($command.' 2>/dev/null'); + $command .= ' ?'; + $command .= ' ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->parent_domain['document_root'], $this->jailkit_config['jailkit_chroot_app_programs']); $this->app->log("Added programs to jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh'; - $command .= ' '.escapeshellcmd($this->parent_domain['document_root']); - $command .= ' \''.$this->jailkit_config['jailkit_chroot_cron_programs'].'\''; - exec($command.' 2>/dev/null'); + $command .= ' ?'; + $command .= ' ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->parent_domain['document_root'], $this->jailkit_config['jailkit_chroot_cron_programs']); $this->app->log("Added cron programs to jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); } @@ -298,30 +282,30 @@ class cron_jailkit_plugin { $jailkit_chroot_userhome = $this->_get_home_dir($this->parent_domain['system_user']); if(!is_dir($this->parent_domain['document_root'].'/etc')) mkdir($this->parent_domain['document_root'].'/etc'); - if(!is_file($this->parent_domain['document_root'].'/etc/passwd')) exec('touch '.$this->parent_domain['document_root'].'/etc/passwd'); + if(!is_file($this->parent_domain['document_root'].'/etc/passwd')) $app->system->exec_safe('touch ?', $this->parent_domain['document_root'].'/etc/passwd'); // IMPORTANT! // ALWAYS create the user. Even if the user was created before // if we check if the user exists, then a update (no shell -> jailkit) will not work // and the user has FULL ACCESS to the root of the server! $command = '/usr/local/ispconfig/server/scripts/create_jailkit_user.sh'; - $command .= ' '.escapeshellcmd($this->parent_domain['system_user']); - $command .= ' '.escapeshellcmd($this->parent_domain['document_root']); - $command .= ' '.$jailkit_chroot_userhome; - $command .= ' '.escapeshellcmd("/bin/bash"); - exec($command.' 2>/dev/null'); + $command .= ' ?'; + $command .= ' ?'; + $command .= ' ?'; + $command .= ' /bin/bash'; + $app->system->exec_safe($command.' 2>/dev/null', $this->parent_domain['system_user'], $this->parent_domain['document_root'], $jailkit_chroot_userhome); $this->app->log("Added jailkit user to chroot with command: ".$command, LOGLEVEL_DEBUG); - $app->system->mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true); - $app->system->chown(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_user'])); - $app->system->chgrp(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_group'])); + $app->system->mkdir($this->parent_domain['document_root'].$jailkit_chroot_userhome, 0755, true); + $app->system->chown($this->parent_domain['document_root'].$jailkit_chroot_userhome, $this->parent_domain['system_user']); + $app->system->chgrp($this->parent_domain['document_root'].$jailkit_chroot_userhome, $this->parent_domain['system_group']); } function _get_home_dir($username) { - return str_replace("[username]", escapeshellcmd($username), $this->jailkit_config["jailkit_chroot_home"]); + return str_replace("[username]", $username, $this->jailkit_config["jailkit_chroot_home"]); } //* Update the website root directory permissions depending on the security level @@ -345,15 +329,5 @@ class cron_jailkit_plugin { } } - //* Wrapper for exec function for easier debugging - private function _exec($command) { - global $app; - $app->log('exec: '.$command, LOGLEVEL_DEBUG); - exec($command); - } - - - } // end class -?> diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php index fb623b9213e436a916ab4c3ebc2ce59efe839417..af4e24d97429faf08e2acea80fb57eb21ab88583 100644 --- a/server/plugins-available/cron_plugin.inc.php +++ b/server/plugins-available/cron_plugin.inc.php @@ -112,15 +112,15 @@ class cron_plugin { // Create group and user, if not exist $app->uses("system"); - $groupname = escapeshellcmd($parent_domain["system_group"]); + $groupname = $parent_domain["system_group"]; if($parent_domain["system_group"] != '' && !$app->system->is_group($parent_domain["system_group"])) { - exec("groupadd $groupname"); + $app->system->exec_safe("groupadd ?", $groupname); $app->log("Adding the group: $groupname", LOGLEVEL_DEBUG); } - $username = escapeshellcmd($parent_domain["system_user"]); + $username = $parent_domain["system_user"]; if($parent_domain["system_user"] != '' && !$app->system->is_user($parent_domain["system_user"])) { - exec("useradd -d ".escapeshellcmd($parent_domain["document_root"])." -g $groupname $username -s /bin/false"); + $app->system->exec_safe("useradd -d ? -g ? ? -s /bin/false", $parent_domain["document_root"], $groupname, $username); $app->log("Adding the user: $username", LOGLEVEL_DEBUG); } @@ -136,19 +136,19 @@ class cron_plugin { } // get the primitive folder for document_root and the filesystem, will need it later. - $df_output=explode(" ", exec("df -T " . escapeshellarg($parent_domain["document_root"]) . "|awk 'END{print \$2,\$NF}'")); + $df_output=explode(" ", $app->system->exec_safe("df -T ?|awk 'END{print \$2,\$NF}'", $parent_domain["document_root"])); $file_system = $df_output[0]; $primitive_root = $df_output[1]; if ( in_array($file_system , array('ext2','ext3','ext4'),true) ) { - exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null'); - exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null'); + $app->system->exec_safe('setquota -u ? ? ? 0 0 -a &> /dev/null', $username, $blocks_soft, $blocks_hard); + $app->system->exec_safe('setquota -T -u ? 604800 604800 -a &> /dev/null', $username); } elseif ($file_system == 'xfs') { - exec("xfs_quota -x -c 'limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username' $primitive_root"); + $app->system->exec_safe("xfs_quota -x -c ? ?", "limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username", $primitive_root); // xfs only supports timers globally, not per user. - exec("xfs_quota -x -c 'timer -bir -i 604800' $primitive_root"); + $app->system->exec_safe("xfs_quota -x -c 'timer -bir -i 604800' ?", $primitive_root); unset($project_uid, $username_position, $xfs_projects); unset($primitive_root, $df_output, $mb_hard, $mb_soft); @@ -164,7 +164,7 @@ class cron_plugin { } // make temp directory writable for the apache and website users - $app->system->chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777); + $app->system->chmod($parent_domain["document_root"].'/tmp', 0777); /** TODO READ CRON MASTER **/ @@ -272,7 +272,7 @@ class cron_plugin { } } - $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_'.$this->parent_domain["system_user"]); + $cron_file = $cron_config["crontab_dir"].'/ispc_'.$this->parent_domain["system_user"]; //TODO : change this when distribution information has been integrated into server record //* Gentoo vixie-cron requires files to end with .cron in the cron.d directory if (file_exists('/etc/gentoo-release')) { @@ -287,7 +287,7 @@ class cron_plugin { $app->log("Deleted Cron file $cron_file", LOGLEVEL_DEBUG); } - $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_chrooted_'.$this->parent_domain["system_user"]); + $cron_file = $cron_config["crontab_dir"].'/ispc_chrooted_'.$this->parent_domain["system_user"]; if($chr_cmd_count > 0) { $app->system->file_put_contents($cron_file, $chr_cron_content); $app->log("Wrote Cron file $cron_file with content:\n$chr_cron_content", LOGLEVEL_DEBUG); diff --git a/server/plugins-available/firewall_plugin.inc.php b/server/plugins-available/firewall_plugin.inc.php index 67ed2379fbbe554b595efceef048c761cbff2667..b924f43a2620a35813aebee9a3bb5a082f99daab 100644 --- a/server/plugins-available/firewall_plugin.inc.php +++ b/server/plugins-available/firewall_plugin.inc.php @@ -145,7 +145,7 @@ class firewall_plugin { //* add tcp ports foreach($tcp_ports_new_array as $port) { if(!in_array($port, $tcp_ports_old_array) && $port > 0) { - exec('ufw allow '.$port.'/tcp'); + $app->system->exec_safe('ufw allow ?', $port.'/tcp'); $app->log('ufw allow '.$port.'/tcp', LOGLEVEL_DEBUG); sleep(1); } @@ -154,7 +154,7 @@ class firewall_plugin { //* remove tcp ports foreach($tcp_ports_old_array as $port) { if(!in_array($port, $tcp_ports_new_array) && $port > 0) { - exec('ufw delete allow '.$port.'/tcp'); + $app->system->exec_safe('ufw delete allow ?', $port.'/tcp'); $app->log('ufw delete allow '.$port.'/tcp', LOGLEVEL_DEBUG); sleep(1); } @@ -163,7 +163,7 @@ class firewall_plugin { //* add udp ports foreach($udp_ports_new_array as $port) { if(!in_array($port, $udp_ports_old_array) && $port > 0) { - exec('ufw allow '.$port.'/udp'); + $app->system->exec_safe('ufw allow ?', $port.'/udp'); $app->log('ufw allow '.$port.'/udp', LOGLEVEL_DEBUG); sleep(1); } @@ -172,32 +172,12 @@ class firewall_plugin { //* remove udp ports foreach($udp_ports_old_array as $port) { if(!in_array($port, $udp_ports_new_array) && $port > 0) { - exec('ufw delete allow '.$port.'/udp'); + $app->system->exec_safe('ufw delete allow ?', $port.'/udp'); $app->log('ufw delete allow '.$port.'/udp', LOGLEVEL_DEBUG); sleep(1); } } - /* - if($tcp_ports_new != $tcp_ports_old) { - exec('ufw allow to any proto tcp port '.$tcp_ports_new); - $app->log('ufw allow to any proto tcp port '.$tcp_ports_new,LOGLEVEL_DEBUG); - if($event_name == 'firewall_update') { - exec('ufw delete allow to any proto tcp port '.$tcp_ports_old); - $app->log('ufw delete allow to any proto tcp port '.$tcp_ports_old,LOGLEVEL_DEBUG); - } - } - - if($udp_ports_new != $udp_ports_old) { - exec('ufw allow to any proto udp port '.$udp_ports_new); - $app->log('ufw allow to any proto udp port '.$udp_ports_new,LOGLEVEL_DEBUG); - if($event_name == 'firewall_update') { - exec('ufw delete allow to any proto udp port '.$udp_ports_old); - $app->log('ufw delete allow to any proto udp port '.$udp_ports_old,LOGLEVEL_DEBUG); - } - } - */ - if($data['new']['active'] == 'y') { if($data['new']['active'] == $data['old']['active']) { exec('ufw reload'); diff --git a/server/plugins-available/ftpuser_base_plugin.inc.php b/server/plugins-available/ftpuser_base_plugin.inc.php index af5870a4bae04662b065666b4aad77ae99db4479..c34371a18121a3b2502036213a28d7810a38140b 100644 --- a/server/plugins-available/ftpuser_base_plugin.inc.php +++ b/server/plugins-available/ftpuser_base_plugin.inc.php @@ -83,8 +83,7 @@ class ftpuser_base_plugin { } $app->system->web_folder_protection($web['document_root'], false); - exec('mkdir -p '.escapeshellcmd($data['new']['dir'])); - exec('chown '.escapeshellcmd($web["system_user"]).':'.escapeshellcmd($web['system_group']).' '.$data['new']['dir']); + $app->system->mkdirpath($data['new']['dir'], 0755, $web["system_user"], $web["system_group"]); $app->system->web_folder_protection($web['document_root'], true); $app->log("Added ftpuser_dir: ".$data['new']['dir'], LOGLEVEL_DEBUG); @@ -109,8 +108,7 @@ class ftpuser_base_plugin { } $app->system->web_folder_protection($web['document_root'], false); - exec('mkdir -p '.escapeshellcmd($data['new']['dir'])); - exec('chown '.escapeshellcmd($web["system_user"]).':'.escapeshellcmd($web['system_group']).' '.$data['new']['dir']); + $app->system->mkdirpath($data['new']['dir'], 0755, $web["system_user"], $web["system_group"]); $app->system->web_folder_protection($web['document_root'], true); diff --git a/server/plugins-available/getmail_plugin.inc.php b/server/plugins-available/getmail_plugin.inc.php index a4481037f7e4367b3d9e3c90bbb5a850109c7ebe..c3f4f7e1dcd48f210bcf935398f9960cb28fe80f 100644 --- a/server/plugins-available/getmail_plugin.inc.php +++ b/server/plugins-available/getmail_plugin.inc.php @@ -94,7 +94,7 @@ class getmail_plugin { $this->delete($event_name, $data); // Get the new config file path - $config_file_path = escapeshellcmd($this->getmail_config_dir.'/'.$this->_clean_path($data["new"]["source_server"]).'_'.$this->_clean_path($data["new"]["source_username"]).'.conf'); + $config_file_path = $this->getmail_config_dir.'/'.$this->_clean_path($data["new"]["source_server"]).'_'.$this->_clean_path($data["new"]["source_username"]).'.conf'; if(stristr($config_file_path, "..") or stristr($config_file_path, "|") or stristr($config_file_path, ";") or stristr($config_file_path, '$')) { $app->log("Possibly faked path for getmail config file: '$config_file_path'. File is not written.", LOGLEVEL_ERROR); return false; @@ -162,7 +162,7 @@ class getmail_plugin { $getmail_config = $app->getconf->get_server_config($conf["server_id"], 'getmail'); $this->getmail_config_dir = $getmail_config["getmail_config_dir"]; - $config_file_path = escapeshellcmd($this->getmail_config_dir.'/'.$this->_clean_path($data["old"]["source_server"]).'_'.$this->_clean_path($data["old"]["source_username"]).'.conf'); + $config_file_path = $this->getmail_config_dir.'/'.$this->_clean_path($data["old"]["source_server"]).'_'.$this->_clean_path($data["old"]["source_username"]).'.conf'; if(stristr($config_file_path, "..") || stristr($config_file_path, "|") || stristr($config_file_path, ";") || stristr($config_file_path, '$')) { $app->log("Possibly faked path for getmail config file: '$config_file_path'. File is not written.", LOGLEVEL_ERROR); return false; diff --git a/server/plugins-available/mail_plugin.inc.php b/server/plugins-available/mail_plugin.inc.php index 8275696620fbe1612aa78c816f9a9deaf1f11c7d..4d5ac826d3780f4d264f07c0060a9f0ffe13bd56 100644 --- a/server/plugins-available/mail_plugin.inc.php +++ b/server/plugins-available/mail_plugin.inc.php @@ -125,23 +125,22 @@ class mail_plugin { $group = $app->system->getgroup($data['new']['gid']); //* Create the mail domain directory, if it does not exist if(!empty($base_path) && !is_dir($base_path)) { - //exec("su -c 'mkdir -p ".escapeshellcmd($base_path)."' ".$mail_config['mailuser_name']); $app->system->mkdirpath($base_path, 0770, $mail_config['mailuser_name'], $mail_config['mailuser_group']); // needs group-access because users of subfolders may differ from vmail $app->log('Created Directory: '.$base_path, LOGLEVEL_DEBUG); } if ($data['new']['maildir_format'] == 'mdbox') { - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" INBOX'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Sent'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Trash'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Junk'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Drafts'"); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? INBOX'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Sent'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Trash'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Junk'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Drafts'", $data["new"]["email"]); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" INBOX'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Sent'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Trash'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Junk'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Drafts'"); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? INBOX'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Sent'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Trash'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Junk'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Drafts'", $data["new"]["email"]); } else { // Dovecot uses a different mail layout with a separate 'Maildir' subdirectory. @@ -154,53 +153,44 @@ class mail_plugin { //* When the mail user dir exists but it is not a valid maildir, move it to corrupted maildir folder if(!empty($maildomain_path) && is_dir($maildomain_path) && !is_dir($maildomain_path.'/new') && !is_dir($maildomain_path.'/cur')) { if(!is_dir($mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'])) $app->system->mkdirpath($mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'], 0700, $mail_config['mailuser_name'], $mail_config['mailuser_group']); - exec("su -c 'mv -f ".escapeshellcmd($data['new']['maildir'])." ".$mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id']."' vmail"); - $app->log('Moved invalid maildir to corrupted Maildirs folder: '.escapeshellcmd($data['new']['maildir']), LOGLEVEL_WARN); + $app->system->exec_safe("su -c ? vmail", "mv -f " . $data['new']['maildir']." ".$mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id']); + $app->log('Moved invalid maildir to corrupted Maildirs folder: '.$data['new']['maildir'], LOGLEVEL_WARN); } //* Create the maildir, if it doesn not exist, set permissions, set quota. if(!empty($maildomain_path) && !is_dir($maildomain_path)) { - //exec("su -c 'maildirmake ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); $app->system->maildirmake($maildomain_path, $user, '', $group); //* This is to fix the maildrop quota not being rebuilt after the quota is changed. if($mail_config['pop3_imap_daemon'] != 'dovecot') { - if(is_dir($maildomain_path)) exec("su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($maildomain_path)."' ".$user); // Avoid maildirmake quota bug, see debian bug #214911 - $app->log('Created Maildir: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($maildomain_path)."' ".$user, LOGLEVEL_DEBUG); + if(is_dir($maildomain_path)) $app->system->exec_safe("su -c ? ?", "maildirmake -q ".$data['new']['quota']."S ".$maildomain_path, $user); // Avoid maildirmake quota bug, see debian bug #214911 + $app->log('Created Maildir: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".$maildomain_path."' ".$user, LOGLEVEL_DEBUG); } } if(!is_dir($data['new']['maildir'].'/.Sent')) { - //exec("su -c 'maildirmake -f Sent ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Sent: '."su -c 'maildirmake -f Sent ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Sent', $group); } if(!is_dir($data['new']['maildir'].'/.Drafts')) { - //exec("su -c 'maildirmake -f Drafts ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Drafts: '."su -c 'maildirmake -f Drafts ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Drafts', $group); } if(!is_dir($data['new']['maildir'].'/.Trash')) { - //exec("su -c 'maildirmake -f Trash ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Trash: '."su -c 'maildirmake -f Trash ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Trash', $group); } if(!is_dir($data['new']['maildir'].'/.Junk')) { - //exec("su -c 'maildirmake -f Junk ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Junk: '."su -c 'maildirmake -f Junk ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Junk', $group); } // Set permissions now recursive - exec('chown -R '.$user.':'.$group.' '.escapeshellcmd($data['new']['maildir'])); - $app->log('Set ownership on '.escapeshellcmd($data['new']['maildir']), LOGLEVEL_DEBUG); + $app->system->exec_safe('chown -R ?:? ?', $user, $group, $data['new']['maildir']); + $app->log('Set ownership on '.$data['new']['maildir'], LOGLEVEL_DEBUG); //* Set the maildir quota if(is_dir($data['new']['maildir'].'/new') && $mail_config['pop3_imap_daemon'] != 'dovecot') { if($data['new']['quota'] > 0) { - if(is_dir($data['new']['maildir'])) exec("su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($data['new']['maildir'])."' ".$user); - $app->log('Set Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($data['new']['maildir'])."' ".$user, LOGLEVEL_DEBUG); + if(is_dir($data['new']['maildir'])) $app->system->exec_safe("su -c ? ? ", "maildirmake -q ".$data['new']['quota']."S ". $data['new']['maildir'], $user); + $app->log('Set Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".$data['new']['maildir']."' ".$user, LOGLEVEL_DEBUG); } } } @@ -269,19 +259,6 @@ class mail_plugin { $app->uses('getconf,system'); $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail'); - // convert to lower case - it could cause problems if some directory above has upper case name - // $data['new']['maildir'] = strtolower($data['new']['maildir']); - - // Create the maildir, if it does not exist - /* - if(!is_dir($data['new']['maildir'])) { - mkdir(escapeshellcmd($data['new']['maildir']), 0, true); - chown(escapeshellcmd($data['new']['maildir']), $mail_config['mailuser_name']); - chgrp(escapeshellcmd($data['new']['maildir']), $mail_config['mailuser_group']); - $app->log('Created Maildir: '.$data['new']['maildir'],LOGLEVEL_DEBUG); - } - */ - // Maildir-Format must not be changed on this way !! $data['new']['maildir_format'] = $data['old']['maildir_format']; @@ -324,7 +301,6 @@ class mail_plugin { //* Create the mail domain directory, if it does not exist if(!empty($base_path) && !is_dir($base_path)) { - //exec("su -c 'mkdir -p ".escapeshellcmd($base_path)."' ".$mail_config['mailuser_name']); $app->system->mkdirpath($base_path, 0770, $mail_config['mailuser_name'], $mail_config['mailuser_group']); // needs group-access because users of subfolders may differ from vmail $app->log('Created Directory: '.$base_path, LOGLEVEL_DEBUG); } @@ -333,29 +309,26 @@ class mail_plugin { // Move mailbox, if domain has changed and delete old mailbox if($data['new']['maildir'] != $data['old']['maildir'] && is_dir($data['old']['maildir'])) { if(is_dir($data['new']['maildir'])) { - exec("rm -fr ".escapeshellcmd($data['new']['maildir'])); + $app->system->exec_safe("rm -fr ?", $data['new']['maildir']); //rmdir($data['new']['maildir']); } - exec('mv -f '.escapeshellcmd($data['old']['maildir']).' '.escapeshellcmd($data['new']['maildir'])); - // exec('mv -f '.escapeshellcmd($data['old']['maildir']).'/* '.escapeshellcmd($data['new']['maildir'])); - // if(is_file($data['old']['maildir'].'.ispconfig_mailsize'))exec('mv -f '.escapeshellcmd($data['old']['maildir']).'.ispconfig_mailsize '.escapeshellcmd($data['new']['maildir'])); - // rmdir($data['old']['maildir']); + $app->system->exec_safe('mv -f ? ?'. $data['old']['maildir'], $data['new']['maildir']); $app->log('Moved Maildir from: '.$data['old']['maildir'].' to '.$data['new']['maildir'], LOGLEVEL_DEBUG); } //* Create the maildir, if it doesn not exist, set permissions, set quota. if(!is_dir($data['new']['maildir'].'/mdbox')) { - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" INBOX'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Sent'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Trash'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Junk'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Drafts'"); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? INBOX'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Sent'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Trash'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Junk'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Drafts'", $data["new"]["email"]); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" INBOX'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Sent'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Trash'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Junk'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Drafts'"); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? INBOX'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Sent'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Trash'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Junk'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Drafts'", $data["new"]["email"]); } } else { @@ -369,21 +342,19 @@ class mail_plugin { //* When the mail user dir exists but it is not a valid maildir, move it to corrupted maildir folder if(!empty($maildomain_path) && is_dir($maildomain_path) && !is_dir($maildomain_path.'/new') && !is_dir($maildomain_path.'/cur')) { if(!is_dir($mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'])) $app->system->mkdirpath($mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'], 0700, $mail_config['mailuser_name'], $mail_config['mailuser_group']); - exec("su -c 'mv -f ".escapeshellcmd($data['new']['maildir'])." ".$mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id']."' vmail"); - $app->log('Moved invalid maildir to corrupted Maildirs folder: '.escapeshellcmd($data['new']['maildir']), LOGLEVEL_WARN); + $app->system->exec_safe("su -c ? ?", "mv -f ".$data['new']['maildir']." ".$mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'], 'vmail'); + $app->log('Moved invalid maildir to corrupted Maildirs folder: '.$data['new']['maildir'], LOGLEVEL_WARN); } //* Create the maildir, if it doesn not exist, set permissions, set quota. if(!empty($maildomain_path) && !is_dir($maildomain_path.'/new')) { - //exec("su -c 'maildirmake ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log("Created Maildir "."su -c 'maildirmake ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, '', $group); //* This is to fix the maildrop quota not being rebuilt after the quota is changed. if($mail_config['pop3_imap_daemon'] != 'dovecot') { if($data['new']['quota'] > 0) { - if(is_dir($maildomain_path)) exec("su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($maildomain_path)."' ".$user); // Avoid maildirmake quota bug, see debian bug #214911 - $app->log('Updated Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($maildomain_path)."' ".$user, LOGLEVEL_DEBUG); + if(is_dir($maildomain_path)) $app->system->exec_safe("su -c ? ?", "maildirmake -q ".$data['new']['quota']."S ".$maildomain_path, $user); // Avoid maildirmake quota bug, see debian bug #214911 + $app->log('Updated Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".$maildomain_path."' ".$user, LOGLEVEL_DEBUG); } else { if(file_exists($data['new']['maildir'].'/maildirsize')) unlink($data['new']['maildir'].'/maildirsize'); $app->log('Set Maildir quota to unlimited.', LOGLEVEL_DEBUG); @@ -392,48 +363,36 @@ class mail_plugin { } if(!is_dir($data['new']['maildir'].'/.Sent')) { - //exec("su -c 'maildirmake -f Sent ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Sent: '."su -c 'maildirmake -f Sent ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Sent', $group); } if(!is_dir($data['new']['maildir'].'/.Drafts')) { - //exec("su -c 'maildirmake -f Drafts ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Drafts: '."su -c 'maildirmake -f Drafts ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Drafts', $group); } if(!is_dir($data['new']['maildir'].'/.Trash')) { - //exec("su -c 'maildirmake -f Trash ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Trash: '."su -c 'maildirmake -f Trash ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Trash', $group); } if(!is_dir($data['new']['maildir'].'/.Junk')) { - //exec("su -c 'maildirmake -f Junk ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Junk: '."su -c 'maildirmake -f Junk ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Junk', $group); } // Set permissions now recursive - exec('chown -R '.$user.':'.$group.' '.escapeshellcmd($data['new']['maildir'])); - $app->log('Set ownership on '.escapeshellcmd($data['new']['maildir']), LOGLEVEL_DEBUG); + $app->system->exec_safe('chown -R ?:? ?', $user, $group, $data['new']['maildir']); + $app->log('Set ownership on '.$data['new']['maildir'], LOGLEVEL_DEBUG); // Move mailbox, if domain has changed and delete old mailbox if($data['new']['maildir'] != $data['old']['maildir'] && is_dir($data['old']['maildir'])) { if(is_dir($data['new']['maildir'])) { - exec("rm -fr ".escapeshellcmd($data['new']['maildir'])); - //rmdir($data['new']['maildir']); + $app->system->exec_safe("rm -fr ?", $data['new']['maildir']); } - exec('mv -f '.escapeshellcmd($data['old']['maildir']).' '.escapeshellcmd($data['new']['maildir'])); - // exec('mv -f '.escapeshellcmd($data['old']['maildir']).'/* '.escapeshellcmd($data['new']['maildir'])); - // if(is_file($data['old']['maildir'].'.ispconfig_mailsize'))exec('mv -f '.escapeshellcmd($data['old']['maildir']).'.ispconfig_mailsize '.escapeshellcmd($data['new']['maildir'])); - // rmdir($data['old']['maildir']); + $app->system->exec_safe('mv -f ? ?', $data['old']['maildir'], $data['new']['maildir']); $app->log('Moved Maildir from: '.$data['old']['maildir'].' to '.$data['new']['maildir'], LOGLEVEL_DEBUG); } //This is to fix the maildrop quota not being rebuilt after the quota is changed. // Courier Layout if(is_dir($data['new']['maildir'].'/new') && $mail_config['pop3_imap_daemon'] != 'dovecot') { if($data['new']['quota'] > 0) { - if(is_dir($data['new']['maildir'])) exec("su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($data['new']['maildir'])."' ".$user); - $app->log('Updated Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($data['new']['maildir'])."' ".$user, LOGLEVEL_DEBUG); + if(is_dir($data['new']['maildir'])) $app->system->exec_safe("su -c ? ?", "maildirmake -q ".$data['new']['quota']."S ".$data['new']['maildir'], $user); + $app->log('Updated Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".$data['new']['maildir']."' ".$user, LOGLEVEL_DEBUG); } else { if(file_exists($data['new']['maildir'].'/maildirsize')) unlink($data['new']['maildir'].'/maildirsize'); $app->log('Set Maildir quota to unlimited.', LOGLEVEL_DEBUG); @@ -450,9 +409,9 @@ class mail_plugin { $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail'); $maildir_path_deleted = false; - $old_maildir_path = escapeshellcmd($data['old']['maildir']); + $old_maildir_path = $data['old']['maildir']; if($old_maildir_path != $mail_config['homedir_path'] && strlen($old_maildir_path) > strlen($mail_config['homedir_path']) && !stristr($old_maildir_path, '//') && !stristr($old_maildir_path, '..') && !stristr($old_maildir_path, '*') && strlen($old_maildir_path) >= 10) { - exec('rm -rf '.escapeshellcmd($old_maildir_path)); + $app->system->exec_safe('rm -rf ?', $old_maildir_path); $app->log('Deleted the Maildir: '.$data['old']['maildir'], LOGLEVEL_DEBUG); $maildir_path_deleted = true; } else { @@ -474,7 +433,7 @@ class mail_plugin { if (is_array($domain_rec)) { $mail_backup_dir = $backup_dir.'/mail'.$domain_rec['domain_id']; $mail_backup_files = 'mail'.$data['old']['mailuser_id']; - exec(escapeshellcmd('rm -f '.$mail_backup_dir.'/'.$mail_backup_files).'*'); + $app->system->exec_safe('rm -f ?*', $mail_backup_dir.'/'.$mail_backup_files); //* cleanup database $sql = "DELETE FROM mail_backup WHERE server_id = ? AND parent_domain_id = ? AND mailuser_id = ?"; $app->db->query($sql, $conf['server_id'], $domain_rec['domain_id'], $data['old']['mailuser_id']); @@ -494,9 +453,9 @@ class mail_plugin { $maildomain_path_deleted = false; //* Delete maildomain path - $old_maildomain_path = escapeshellcmd($mail_config['homedir_path'].'/'.$data['old']['domain']); + $old_maildomain_path = $mail_config['homedir_path'].'/'.$data['old']['domain']; if($old_maildomain_path != $mail_config['homedir_path'] && !stristr($old_maildomain_path, '//') && !stristr($old_maildomain_path, '..') && !stristr($old_maildomain_path, '*') && !stristr($old_maildomain_path, '&') && strlen($old_maildomain_path) >= 10 && !empty($data['old']['domain'])) { - exec('rm -rf '.escapeshellcmd($old_maildomain_path)); + $app->system->exec_safe('rm -rf ?', $old_maildomain_path); $app->log('Deleted the mail domain directory: '.$old_maildomain_path, LOGLEVEL_DEBUG); $maildomain_path_deleted = true; } else { @@ -504,9 +463,9 @@ class mail_plugin { } //* Delete mailfilter path - $old_maildomain_path = escapeshellcmd($mail_config['homedir_path'].'/mailfilters/'.$data['old']['domain']); + $old_maildomain_path = $mail_config['homedir_path'].'/mailfilters/'.$data['old']['domain']; if($old_maildomain_path != $mail_config['homedir_path'].'/mailfilters/' && !stristr($old_maildomain_path, '//') && !stristr($old_maildomain_path, '..') && !stristr($old_maildomain_path, '*') && !stristr($old_maildomain_path, '&') && strlen($old_maildomain_path) >= 10 && !empty($data['old']['domain'])) { - exec('rm -rf '.escapeshellcmd($old_maildomain_path)); + $app->system->exec_safe('rm -rf ?', $old_maildomain_path); $app->log('Deleted the mail domain mailfilter directory: '.$old_maildomain_path, LOGLEVEL_DEBUG); } else { $app->log('Possible security violation when deleting the mail domain mailfilter directory: '.$old_maildomain_path, LOGLEVEL_ERROR); @@ -521,7 +480,7 @@ class mail_plugin { if( $server_config['backup_dir_is_mount'] == 'y' && !$app->system->mount_backup_dir($backup_dir) ) $mount_backup = false; if($mount_backup){ $mail_backup_dir = $backup_dir.'/mail'.$data['old']['domain_id']; - exec(escapeshellcmd('rm -rf '.$mail_backup_dir)); + $app->system->exec_safe('rm -rf ?', $mail_backup_dir); //* cleanup database $sql = "DELETE FROM mail_backup WHERE server_id = ? AND parent_domain_id = ?"; $app->db->query($sql, $conf['server_id'], $data['old']['domain_id']); diff --git a/server/plugins-available/mail_plugin_dkim.inc.php b/server/plugins-available/mail_plugin_dkim.inc.php index ebfd6c0ac7a9679c1ea001702af4cf33f9392044..b937f82275192fbcef06f19e2e9f14eebb79a240 100755 --- a/server/plugins-available/mail_plugin_dkim.inc.php +++ b/server/plugins-available/mail_plugin_dkim.inc.php @@ -215,7 +215,8 @@ class mail_plugin_dkim { $pubkey = null; $result = 0; /* now we get the DKIM Public-key */ - exec('cat '.escapeshellarg($key_file.'.private').'|openssl rsa -pubout 2> /dev/null', $pubkey, $result); + $app->system->exec_safe('cat ?|openssl rsa -pubout 2> /dev/null', $key_file.'.private'); + $pubkey = $app->system->last_exec_out(); $public_key=''; foreach($pubkey as $values) { $public_key = $public_key . $values . "\n"; diff --git a/server/plugins-available/mailman_plugin.inc.php b/server/plugins-available/mailman_plugin.inc.php index 99ac9db7d23d8add4c1a0f5d94f447c265e282b9..e6251aedf10637a4891900f3ec2c9e13455660b9 100644 --- a/server/plugins-available/mailman_plugin.inc.php +++ b/server/plugins-available/mailman_plugin.inc.php @@ -73,7 +73,7 @@ class mailman_plugin { $this->update_config(); - $pid = exec("nohup /usr/lib/mailman/bin/newlist -u ".escapeshellcmd($data["new"]["domain"])." -e ".escapeshellcmd($data["new"]["domain"])." ".escapeshellcmd($data["new"]["listname"])." ".escapeshellcmd($data["new"]["email"])." ".escapeshellcmd($data["new"]["password"])." >/dev/null 2>&1 & echo $!;"); + $pid = $app->system->exec_safe("nohup /usr/lib/mailman/bin/newlist -u ? -e ? ? ? ? >/dev/null 2>&1 & echo $!;", $data["new"]["domain"], $data["new"]["domain"], $data["new"]["listname"], $data["new"]["email"], $data["new"]["password"]); // wait for /usr/lib/mailman/bin/newlist-call $running = true; do { @@ -91,7 +91,7 @@ class mailman_plugin { exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); // Fix list URL - exec('/usr/sbin/withlist -l -r fix_url '.escapeshellcmd($data["new"]["listname"])); + $app->system->exec_safe('/usr/sbin/withlist -l -r fix_url ?', $data["new"]["listname"]); $app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ?", $data["new"]['mailinglist_id']); @@ -104,7 +104,7 @@ class mailman_plugin { $this->update_config(); if($data["new"]["password"] != $data["old"]["password"] && $data["new"]["password"] != '') { - exec("nohup /usr/lib/mailman/bin/change_pw -l ".escapeshellcmd($data["new"]["listname"])." -p ".escapeshellcmd($data["new"]["password"])." >/dev/null 2>&1 &"); + $app->system->exec_safe("nohup /usr/lib/mailman/bin/change_pw -l ? -p ? >/dev/null 2>&1 &", $data["new"]["listname"], $data["new"]["password"]); exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); $app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ?", $data["new"]['mailinglist_id']); } @@ -118,7 +118,7 @@ class mailman_plugin { $this->update_config(); - exec("nohup /usr/lib/mailman/bin/rmlist -a ".escapeshellcmd($data["old"]["listname"])." >/dev/null 2>&1 &"); + $app->system->exec_safe("nohup /usr/lib/mailman/bin/rmlist -a ? >/dev/null 2>&1 &", $data["old"]["listname"]); exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php index efe7142c8d68e953942839652b98cb90d5665a92..a26129eed96e1b8e9499c61efa7ecb831da5114d 100644 --- a/server/plugins-available/mysql_clientdb_plugin.inc.php +++ b/server/plugins-available/mysql_clientdb_plugin.inc.php @@ -344,15 +344,15 @@ class mysql_clientdb_plugin { $triggers_array[] = $row; } $app->log('Dumping triggers from '.$old_name, LOGLEVEL_DEBUG); - $command = "mysqldump -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".$old_name." -d -t -R -E > ".$timestamp.$old_name.'.triggers'; - exec($command, $out, $ret); + $command = "mysqldump -h ? -u ? -p? ? -d -t -R -E > ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $old_name, $timestamp.$old_name.'.triggers'); + $ret = $app->system->last_exec_retcode(); $app->system->chmod($timestamp.$old_name.'.triggers', 0600); if ($ret != 0) { unset($triggers_array); $app->system->unlink($timestamp.$old_name.'.triggers'); $app->log('Unable to dump triggers from '.$old_name, LOGLEVEL_ERROR); } - unset($out); } //* save views @@ -366,15 +366,15 @@ class mysql_clientdb_plugin { } $app->log('Dumping views from '.$old_name, LOGLEVEL_DEBUG); $temp_views = implode(' ', $temp); - $command = "mysqldump -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".$old_name." ".$temp_views." > ".$timestamp.$old_name.'.views'; - exec($command, $out, $ret); + $command = "mysqldump -h ? -u ? -p? ? ? > ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $old_name, $temp_views, $timestamp.$old_name.'.views'); + $ret = $app->system->last_exec_retcode(); $app->system->chmod($timestamp.$old_name.'.views', 0600); if ($ret != 0) { unset($views_array); $app->system->unlink($timestamp.$old_name.'.views'); $app->log('Unable to dump views from '.$old_name, LOGLEVEL_ERROR); } - unset($out); unset($temp); unset($temp_views); } @@ -405,8 +405,9 @@ class mysql_clientdb_plugin { unset($_trigger); } //* update triggers, routines and events - $command = "mysql -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".$new_name." < ".$timestamp.$old_name.'.triggers'; - exec($command, $out, $ret); + $command = "mysql -h ? -u ? -p? ? < ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $new_name, $timestamp.$old_name.'.triggers'); + $ret = $app->system->last_exec_retcode(); if ($ret != 0) { $app->log('Unable to import triggers for '.$new_name, LOGLEVEL_ERROR); } else { @@ -416,8 +417,9 @@ class mysql_clientdb_plugin { //* loading views if (@is_array($views_array)) { - $command = "mysql -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".$new_name." < ".$timestamp.$old_name.'.views'; - exec($command, $out, $ret); + $command = "mysql -h ? -u ? -p? ? < ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $new_name, $timestamp.$old_name.'.views'); + $ret = $app->system->last_exec_retcode(); if ($ret != 0) { $app->log('Unable to import views for '.$new_name, LOGLEVEL_ERROR); } else { diff --git a/server/plugins-available/network_settings_plugin.inc.php b/server/plugins-available/network_settings_plugin.inc.php index 5ce6f934b810c64148b997690f57fc4263b41f9c..1ed12f3a1c5a87bcc792f64274a332e6dd08b14f 100644 --- a/server/plugins-available/network_settings_plugin.inc.php +++ b/server/plugins-available/network_settings_plugin.inc.php @@ -280,8 +280,8 @@ class network_settings_plugin { //* Executing the postconf commands foreach($postconf_commands as $cmd) { - $command = "postconf -e '$cmd'"; - exec($command); + $command = "postconf -e ?"; + $app->system->exec_safe($command, $cmd); } $app->log('Changed changed myhostname and mydestination in postfix main.cf to '.$new_hostname, LOGLEVEL_DEBUG); diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php index 30f9501505a14f8cbce41c560cece97dbbdb6937..9913299aa57a00858bffcc946e905f6258e35131 100644 --- a/server/plugins-available/nginx_plugin.inc.php +++ b/server/plugins-available/nginx_plugin.inc.php @@ -105,7 +105,6 @@ class nginx_plugin { //* Only vhosts can have a ssl cert if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain" && $data["new"]["type"] != "vhostalias") return; - // if(!is_dir($data['new']['document_root'].'/ssl')) exec('mkdir -p '.$data['new']['document_root'].'/ssl'); if(!is_dir($data['new']['document_root'].'/ssl') && !is_dir($data['old']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl'); $ssl_dir = $data['new']['document_root'].'/ssl'; @@ -170,36 +169,36 @@ class nginx_plugin { $ssl_cnf_file = $ssl_dir.'/openssl.conf'; $app->system->file_put_contents($ssl_cnf_file, $ssl_cnf); - $rand_file = escapeshellcmd($rand_file); - $key_file2 = escapeshellcmd($key_file2); + $rand_file = $rand_file; + $key_file2 = $key_file2; $openssl_cmd_key_file2 = $key_file2; if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') !== false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate - $key_file = escapeshellcmd($key_file); + $key_file = $key_file; $openssl_cmd_key_file = $key_file; if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') !== false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate $ssl_days = 3650; - $csr_file = escapeshellcmd($csr_file); + $csr_file = $csr_file; $openssl_cmd_csr_file = $csr_file; if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') !== false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate - $config_file = escapeshellcmd($ssl_cnf_file); - $crt_file = escapeshellcmd($crt_file); + $config_file = $ssl_cnf_file; + $crt_file = $crt_file; $openssl_cmd_crt_file = $crt_file; if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') !== false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) { - exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $openssl_cmd_key_file2 2048"); - exec("openssl req -new -sha256 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file2 -out $openssl_cmd_csr_file -days $ssl_days -config $config_file"); - exec("openssl rsa -passin pass:$ssl_password -in $openssl_cmd_key_file2 -out $openssl_cmd_key_file"); + $app->system->exec_safe("openssl genrsa -des3 -rand ? -passout pass:? -out ? 2048", $rand_file, $ssl_password, $openssl_cmd_key_file2); + $app->system->exec_safe("openssl req -new -sha256 -passin pass:? -passout pass:? -key ? -out ? -days ? -config ?", $ssl_password, $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_csr_file, $ssl_days, $config_file); + $app->system->exec_safe("openssl rsa -passin pass:? -in ? -out ?", $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_key_file); if(file_exists($web_config['CA_path'].'/openssl.cnf')) { - exec("openssl ca -batch -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file"); + $app->system->exec_safe("openssl ca -batch -out ? -config ? -passin pass:? -in ?", $openssl_cmd_crt_file, $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $openssl_cmd_csr_file); $app->log("Creating CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed. openssl ca -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file", LOGLEVEL_ERROR); }; if (@filesize($crt_file)==0 || !file_exists($crt_file)){ - exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file2 -in $openssl_cmd_csr_file -out $openssl_cmd_crt_file -days $ssl_days -config $config_file "); + $app->system->exec_safe("openssl req -x509 -passin pass:? -passout pass:? -key ? -in ? -out ? -days ? -config ?", $ssl_password, $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_csr_file, $openssl_cmd_crt_file, $ssl_days, $config_file); $app->log("Creating self-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); }; @@ -240,7 +239,8 @@ class nginx_plugin { if($data["new"]["ssl_action"] == 'save') { $tmp = array(); $crt_data = ''; - exec('openssl x509 -noout -text -in '.escapeshellarg($crt_file),$tmp); + $app->system->exec_safe('openssl x509 -noout -text -in ?', $crt_file); + $tmp = $app->system->last_exec_out(); $crt_data = implode("\n",$tmp); if(stristr($crt_data,'.acme.invalid')) { $data["new"]["ssl_action"] = ''; @@ -303,7 +303,7 @@ class nginx_plugin { if($data['new']['ssl_action'] == 'del') { if(file_exists($web_config['CA_path'].'/openssl.cnf') && !is_link($web_config['CA_path'].'/openssl.cnf')) { - exec("openssl ca -batch -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -revoke ".escapeshellcmd($crt_file)); + $app->system->exec_safe("openssl ca -batch -config ? -passin pass:? -revoke ?", $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $crt_file); $app->log("Revoking CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); }; $app->system->unlink($csr_file); @@ -439,31 +439,31 @@ class nginx_plugin { //* Check if a ispconfigend user and group exists and create them if(!$app->system->is_group('ispconfigend')) { - exec('groupadd --gid '.($connect_userid_to_webid_start + 10000).' ispconfigend'); + $app->system->exec_safe('groupadd --gid ? ispconfigend', $connect_userid_to_webid_start + 10000); } if(!$app->system->is_user('ispconfigend')) { - exec('useradd -g ispconfigend -d /usr/local/ispconfig --uid '.($connect_userid_to_webid_start + 10000).' ispconfigend'); + $app->system->exec_safe('useradd -g ispconfigend -d /usr/local/ispconfig --uid ? ispconfigend', $connect_userid_to_webid_start + 10000); } } else { $fixed_uid_param = ''; $fixed_gid_param = ''; } - $groupname = escapeshellcmd($data['new']['system_group']); + $groupname = $data['new']['system_group']; if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) { - exec('groupadd '.$fixed_gid_param.' '.$groupname); - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname); + $app->system->exec_safe('groupadd ? ?', $fixed_gid_param, $groupname); + if($nginx_chrooted) $app->system->exec_safe('chroot ? groupadd ?', $web_config['website_basedir'], $groupname); $app->log('Adding the group: '.$groupname, LOGLEVEL_DEBUG); } - $username = escapeshellcmd($data['new']['system_user']); + $username = $data['new']['system_user']; if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) { if($web_config['add_web_users_to_sshusers_group'] == 'y') { - exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false"); - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false"); + $app->system->exec_safe('useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username); + if($nginx_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username); } else { - exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false"); - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false"); + $app->system->exec_safe('useradd -d ? -g ? ? ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username); + if($nginx_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username); } $app->log('Adding the user: '.$username, LOGLEVEL_DEBUG); } @@ -486,7 +486,7 @@ class nginx_plugin { if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // create the symlinks, if not exist if(is_link($tmp_symlink)) { - exec('rm -f '.escapeshellcmd($tmp_symlink)); + $app->system->exec_safe('rm -f ?', $tmp_symlink); $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG); } } @@ -510,12 +510,12 @@ class nginx_plugin { } //* Unmount the old log directory bfore we move the log dir - exec('umount '.escapeshellcmd($old_dir.'/log')); + $app->system->exec_safe('umount ?', $old_dir.'/log'); //* Create new base directory, if it does not exist yet if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir); $app->system->web_folder_protection($data['old']['document_root'], false); - exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir)); + $app->system->exec_safe('mv ? ?', $data['old']['document_root'], $new_dir); //$app->system->rename($data['old']['document_root'],$new_dir); $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir, LOGLEVEL_DEBUG); @@ -523,17 +523,17 @@ class nginx_plugin { $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'], $data['new']['document_root'], $data['old']['php_open_basedir']); //* Change the owner of the website files to the new website owner - exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir); + $app->system->exec_safe('chown --recursive --from=?:? ?:? ?', $data['old']['system_user'], $data['old']['system_group'], $data['new']['system_user'], $data['new']['system_group'], $new_dir); //* Change the home directory and group of the website user - $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod'; - $command .= ' --home '.escapeshellcmd($data['new']['document_root']); - $command .= ' --gid '.escapeshellcmd($data['new']['system_group']); - $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null'; - exec($command); + $command = 'killall -u ? ; usermod'; + $command .= ' --home ?'; + $command .= ' --gid ?'; + $command .= ' ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['system_user'], $data['new']['document_root'], $data['new']['system_group'], $data['new']['system_user']); } - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + if($nginx_chrooted) $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); //* Change the log mount /* @@ -555,7 +555,7 @@ class nginx_plugin { $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1); } - exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder)); + $app->system->exec_safe('mount --bind ? ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'], $data['new']['document_root'].'/'.$log_folder); } @@ -567,11 +567,9 @@ class nginx_plugin { if(!is_dir($data['new']['document_root'].'/' . $web_folder)) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder); if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/error') and $data['new']['errordocs']) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/error'); if($data['new']['stats_type'] != '' && !is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/stats'); - //if(!is_dir($data['new']['document_root'].'/'.$log_folder)) exec('mkdir -p '.$data['new']['document_root'].'/'.$log_folder); if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl'); if(!is_dir($data['new']['document_root'].'/cgi-bin')) $app->system->mkdirpath($data['new']['document_root'].'/cgi-bin'); if(!is_dir($data['new']['document_root'].'/tmp')) $app->system->mkdirpath($data['new']['document_root'].'/tmp'); - //if(!is_dir($data['new']['document_root'].'/webdav')) $app->system->mkdirpath($data['new']['document_root'].'/webdav'); if(!is_dir($data['new']['document_root'].'/.ssh')) { $app->system->mkdirpath($data['new']['document_root'].'/.ssh'); @@ -591,7 +589,7 @@ class nginx_plugin { // Remove the symlink for the site, if site is renamed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']); + if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) $app->system->exec_safe('rm -rf ?', '/var/log/ispconfig/httpd/'.$data['old']['domain']); if(is_link($data['old']['document_root'].'/'.$old_log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$old_log_folder); //* remove old log mount @@ -599,19 +597,18 @@ class nginx_plugin { $app->system->removeLine('/etc/fstab', $fstab_line); //* Unmount log directory - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder)); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder)); + $app->system->exec_safe('umount ?', $data['old']['document_root'].'/'.$old_log_folder); } //* Create the log dir if nescessary and mount it if(!is_dir($data['new']['document_root'].'/'.$log_folder) || !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) || is_link($data['new']['document_root'].'/'.$log_folder)) { if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder); - if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']); + if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) $app->system->exec_safe('mkdir -p ?', '/var/log/ispconfig/httpd/'.$data['new']['domain']); $app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder); $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root'); $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, 'root'); $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755); - exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder)); + $app->system->exec_safe('mount --bind ? ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'], $data['new']['document_root'].'/'.$log_folder); //* add mountpoint to fstab $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait'; $fstab_line .= @($web_config['network_filesystem'] == 'y')?',_netdev 0 0':' 0 0'; @@ -636,7 +633,7 @@ class nginx_plugin { if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // remove the symlinks, if not exist if(is_link($tmp_symlink)) { - exec('rm -f '.escapeshellcmd($tmp_symlink)); + $app->system->exec_safe('rm -f ?', $tmp_symlink); $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG); } } @@ -657,11 +654,10 @@ class nginx_plugin { } // create the symlinks, if not exist if(!is_link($tmp_symlink)) { - // exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); if ($web_config["website_symlinks_rel"] == 'y') { - $app->system->create_relative_link(escapeshellcmd($data["new"]["document_root"]), escapeshellcmd($tmp_symlink)); + $app->system->create_relative_link($data["new"]["document_root"], $tmp_symlink); } else { - exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); + $app->system->exec_safe("ln -s ? ?", $data["new"]["document_root"]."/", $tmp_symlink); } $app->log('Creating symlink: ln -s '.$data['new']['document_root'].'/ '.$tmp_symlink, LOGLEVEL_DEBUG); @@ -681,69 +677,65 @@ class nginx_plugin { // Copy the error pages if($data['new']['errordocs']) { - $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/'; - if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/'; + if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) { + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } else { if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) { - exec('cp '. $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path); + $app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path); } else { - exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } } - exec('chmod -R a+r '.$error_page_path); + $app->system->exec_safe('chmod -R a+r ?', $error_page_path); } //* Copy the web skeleton files only when there is no index.ph or index.html file yet if(!file_exists($data['new']['document_root'].'/'.$web_folder.'/index.html') && !file_exists($data['new']['document_root'].'/'.$web_folder.'/index.php')) { - if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2))) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr($conf['language']), 0, 2)) { + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr($conf['language'], 0, 2), $data['new']['document_root'].'/' . $web_folder . '/index.html'); if(is_file($conf['rootpath'] . '/conf-custom/index/favicon.ico')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/favicon.ico')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/favicon.ico', $data['new']['document_root'].'/' . $web_folder . '/'); } if(is_file($conf['rootpath'] . '/conf-custom/index/robots.txt')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/'); } - //if(is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) { - // exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); - //} } else { if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/standard_index.html', $data['new']['document_root'].'/' . $web_folder . '/index.html'); } else { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/standard_index.html_'.substr($conf['language'], 0, 2), $data['new']['document_root'].'/' . $web_folder . '/index.html'); if(is_file($conf['rootpath'] . '/conf/index/favicon.ico')){ - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/favicon.ico')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/favicon.ico', $data['new']['document_root'].'/' . $web_folder . '/'); } if(is_file($conf['rootpath'] . '/conf/index/robots.txt')){ - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/'); } - //if(is_file($conf['rootpath'] . '/conf/index/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); } } } - exec('chmod -R a+r '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + $app->system->exec_safe('chmod -R a+r ?', $data['new']['document_root'].'/' . $web_folder . '/'); //** Copy the error documents on update when the error document checkbox has been activated and was deactivated before } elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) { - $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/'; - if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/'; + if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) { + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } else { if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path); + $app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path); } else { - exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } } - exec('chmod -R a+r '.$error_page_path); - exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path); + $app->system->exec_safe('chmod -R a+r ?', $error_page_path); + $app->system->exec_safe('chown -R ?:? ?', $data['new']['system_user'], $data['new']['system_group'], $error_page_path); } // end copy error docs // Set the quota for the user, but only for vhosts, not vhostsubdomains or vhostalias @@ -758,39 +750,39 @@ class nginx_plugin { } // get the primitive folder for document_root and the filesystem, will need it later. - $df_output=explode(" ", exec("df -T " . escapeshellarg($data['new']['document_root']) . "|awk 'END{print \$2,\$NF}'")); + $df_output=explode(" ", $app->system->exec_safe("df -T ?|awk 'END{print \$2,\$NF}'", $data['new']['document_root'])); $file_system = $df_output[0]; $primitive_root = $df_output[1]; if($file_system == 'xfs') { - exec("xfs_quota -x -c " . escapeshellarg("limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username) . " " . escapeshellarg($primitive_root)); + $app->system->exec_safe("xfs_quota -x -c ? ?", "limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username, $primitive_root); // xfs only supports timers globally, not per user. - exec("xfs_quota -x -c 'timer -bir -i 604800' " . escapeshellarg($primitive_root)); + $app->system->exec_safe("xfs_quota -x -c 'timer -bir -i 604800' ?", $primitive_root); unset($project_uid, $username_position, $xfs_projects); unset($primitive_root, $df_output, $mb_hard, $mb_soft); } else { if($app->system->is_installed('setquota')) { - exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null'); - exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null'); + $app->system->exec_safe('setquota -u ? ? ? 0 0 -a &> /dev/null', $username, $blocks_soft, $blocks_hard); + $app->system->exec_safe('setquota -T -u ? 604800 604800 -a &> /dev/null', $username); } } } if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) { // Chown and chmod the directories below the document root - $app->system->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder); // The document root itself has to be owned by root in normal level and by the web owner in security level 20 if($web_config['security_level'] == 20) { - $app->system->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder); } else { - $app->system->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown root:root ?', $data['new']['document_root'].'/' . $web_folder); } } //* add the nginx user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update - if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user'])); + if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, $web_config['nginx_user']); //* If the security level is set to high if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost') or ($web_folder != $old_web_folder && $data['new']['type'] == 'vhost')) { @@ -820,18 +812,18 @@ class nginx_plugin { if($web_config['add_web_users_to_sshusers_group'] == 'y') { $command = 'usermod'; $command .= ' --groups sshusers'; - $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null'; - $app->system->_exec($command); + $command .= ' ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['system_user']); } //* if we have a chrooted nginx environment if($nginx_chrooted) { - $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); //* add the nginx user to the client group in the chroot environment $tmp_groupfile = $app->system->server_conf['group_datei']; $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group'; - $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user'])); + $app->system->add_user_to_group($groupname, $web_config['nginx_user']); $app->system->server_conf['group_datei'] = $tmp_groupfile; unset($tmp_groupfile); } @@ -945,7 +937,7 @@ class nginx_plugin { if($data['new']['type'] == 'vhost') { // Change the ownership of the error log to the root user - if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) exec('touch '.escapeshellcmd('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')); + if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) $app->system->exec_safe('touch ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log'); $app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root'); $app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root'); } @@ -1023,14 +1015,14 @@ class nginx_plugin { } if($default_php_fpm){ - $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']); + $pool_dir = $web_config['php_fpm_pool_dir']; } else { $pool_dir = $custom_php_fpm_pool_dir; } $pool_dir = trim($pool_dir); if(substr($pool_dir, -1) != '/') $pool_dir .= '/'; $pool_name = 'web'.$data['new']['domain_id']; - $socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']); + $socket_dir = $web_config['php_fpm_socket_dir']; if(substr($socket_dir, -1) != '/') $socket_dir .= '/'; if($data['new']['php_fpm_use_socket'] == 'y'){ @@ -1814,7 +1806,7 @@ class nginx_plugin { $basic_auth_locations = $this->_create_web_folder_auth_configuration($data['new']); if(is_array($basic_auth_locations) && !empty($basic_auth_locations)) $tpl->setLoop('basic_auth_locations', $basic_auth_locations); - $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_file = $web_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'; //* Make a backup copy of vhost file if(file_exists($vhost_file)) copy($vhost_file, $vhost_file.'~'); @@ -1825,17 +1817,17 @@ class nginx_plugin { //* Set the symlink to enable the vhost //* First we check if there is a old type of symlink and remove it - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) $app->system->unlink($vhost_symlink); //* Remove old or changed symlinks if($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') { - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -1844,9 +1836,9 @@ class nginx_plugin { //* New symlink if($data['new']['subdomain'] == '*') { - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'; } else { - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'; } if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) { symlink($vhost_file, $vhost_symlink); @@ -1855,22 +1847,22 @@ class nginx_plugin { // remove old symlink and vhost file, if domain name of the site has changed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; $app->system->unlink($vhost_file); $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG); } @@ -2062,14 +2054,10 @@ class nginx_plugin { if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias'){ if(is_array($log_folders) && !empty($log_folders)){ foreach($log_folders as $log_folder){ - //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder)); - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); + $app->system->exec_safe('umount ? 2>/dev/null', $data['old']['document_root'].'/'.$log_folder); } } else { - //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder)); - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); + $app->system->exec_safe('umount ? 2>/dev/null', $data['old']['document_root'].'/'.$log_folder); } // remove letsencrypt if it exists (renew will always fail otherwise) @@ -2109,19 +2097,19 @@ class nginx_plugin { } else { //* This is a website // Deleting the vhost file, symlink and the data directory - $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -2131,11 +2119,11 @@ class nginx_plugin { $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG); if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') { - $docroot = escapeshellcmd($data['old']['document_root']); + $docroot = $data['old']['document_root']; if($docroot != '' && !stristr($docroot, '..')) { if($data['old']['type'] == 'vhost') { // this is a vhost - we delete everything in here. - exec('rm -rf '.$docroot); + $app->system->exec_safe('rm -rf ?', $docroot); } elseif(!stristr($data['old']['web_folder'], '..')) { // this is a vhost subdomain // IMPORTANT: do some folder checks before we delete this! @@ -2185,7 +2173,7 @@ class nginx_plugin { unset($used_paths); } - if($do_delete === true && $delete_folder !== '') exec('rm -rf '.$docroot.'/'.$delete_folder); + if($do_delete === true && $delete_folder !== '') $app->system->exec_safe('rm -rf ?', $docroot.'/'.$delete_folder); unset($delete_folder); unset($path_elements); @@ -2198,12 +2186,12 @@ class nginx_plugin { $fastcgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['fastcgi_starter_path']); if($data['old']['type'] == 'vhost') { if (is_dir($fastcgi_starter_path)) { - exec('rm -rf '.$fastcgi_starter_path); + $app->system->exec_safe('rm -rf ?', $fastcgi_starter_path); } } else { $fcgi_starter_script = $fastcgi_starter_path.$web_config['fastcgi_starter_script'].'_web'.$data['old']['domain_id']; if (file_exists($fcgi_starter_script)) { - exec('rm -f '.$fcgi_starter_script); + $app->system->exec_safe('rm -f ?', $fcgi_starter_script); } } } @@ -2224,12 +2212,12 @@ class nginx_plugin { $cgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['cgi_starter_path']); if($data['old']['type'] == 'vhost') { if (is_dir($cgi_starter_path)) { - exec('rm -rf '.$cgi_starter_path); + $app->system->exec_safe('rm -rf ?', $cgi_starter_path); } } else { $cgi_starter_script = $cgi_starter_path.'php-cgi-starter_web'.$data['old']['domain_id']; if (file_exists($cgi_starter_script)) { - exec('rm -f '.$cgi_starter_script); + $app->system->exec_safe('rm -f ?', $cgi_starter_script); } } } @@ -2258,16 +2246,16 @@ class nginx_plugin { } // Delete the log file directory - $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']); - if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir); + $vhost_logfile_dir = '/var/log/ispconfig/httpd/'.$data['old']['domain']; + if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) $app->system->exec_safe('rm -rf ?', $vhost_logfile_dir); $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG); if($data['old']['type'] == 'vhost') { //delete the web user - $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel'; - $command .= ' '.escapeshellcmd($data['old']['system_user']); - exec($command); - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + $command = 'killall -u ? ; userdel'; + $command .= ' ?'; + $app->system->exec_safe($command, $data['old']['system_user'], $data['old']['system_user']); + if($nginx_chrooted) $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); } @@ -2288,7 +2276,7 @@ class nginx_plugin { if($mount_backup){ $web_backup_dir = $backup_dir.'/web'.$data_old['domain_id']; //** do not use rm -rf $web_backup_dir because database(s) may exits - exec(escapeshellcmd('rm -f '.$web_backup_dir.'/web'.$data_old['domain_id'].'_').'*'); + $app->system->exec_safe('rm -f ?*', $web_backup_dir.'/web'.$data_old['domain_id'].'_'); //* cleanup database $sql = "DELETE FROM web_backup WHERE server_id = ? AND parent_domain_id = ? AND filename LIKE ?"; $app->db->query($sql, $conf['server_id'], $data_old['domain_id'], "web".$data_old['domain_id']."_%"); @@ -2338,7 +2326,7 @@ class nginx_plugin { //* Get the folder path. if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1); if(substr($folder['path'], -1) == '/') $folder['path'] = substr($folder['path'], 0, -1); - $folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$folder['path']); + $folder_path = $website['document_root'].'/' . $web_folder . '/'.$folder['path']; if(substr($folder_path, -1) != '/') $folder_path .= '/'; //* Check if the resulting path is inside the docroot @@ -2444,7 +2432,7 @@ class nginx_plugin { if(substr($data['new']['path'], 0, 1) == '/') $data['new']['path'] = substr($data['new']['path'], 1); if(substr($data['new']['path'], -1) == '/') $data['new']['path'] = substr($data['new']['path'], 0, -1); - $new_folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$data['new']['path']); + $new_folder_path = $website['document_root'].'/' . $web_folder . '/'.$data['new']['path']; if(substr($new_folder_path, -1) != '/') $new_folder_path .= '/'; //* Check if the resulting path is inside the docroot @@ -2491,7 +2479,7 @@ class nginx_plugin { //* Create the domain.auth file which is included in the vhost configuration file $app->uses('getconf'); $web_config = $app->getconf->get_server_config($conf['server_id'], 'web'); - $basic_auth_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$website['domain'].'.auth'); + $basic_auth_file = $web_config['nginx_vhost_conf_dir'].'/'.$website['domain'].'.auth'; //$app->load('tpl'); //$tpl = new tpl(); //$tpl->newTemplate('nginx_http_authentication.auth.master'); @@ -2616,9 +2604,9 @@ class nginx_plugin { $content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $content); file_put_contents('/etc/init.d/hhvm_' . $data['new']['system_user'], $content); - exec('chmod +x /etc/init.d/hhvm_' . $data['new']['system_user'] . ' >/dev/null 2>&1'); - exec('/usr/sbin/update-rc.d hhvm_' . $data['new']['system_user'] . ' defaults >/dev/null 2>&1'); - exec('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' restart >/dev/null 2>&1'); + $app->system->exec_safe('chmod +x ? >/dev/null 2>&1', '/etc/init.d/hhvm_' . $data['new']['system_user']); + $app->system->exec_safe('/usr/sbin/update-rc.d ? defaults >/dev/null 2>&1', 'hhvm_' . $data['new']['system_user']); + $app->system->exec_safe('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' restart >/dev/null 2>&1'); if(is_dir('/etc/monit/conf.d')){ $monit_content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $monit_content); @@ -2630,7 +2618,7 @@ class nginx_plugin { } elseif($data['new']['php'] != 'hhvm' && $data['old']['php'] == 'hhvm') { if($data['old']['system_user'] != ''){ exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1'); - exec('/usr/sbin/update-rc.d hhvm_' . $data['old']['system_user'] . ' remove >/dev/null 2>&1'); + $app->system->exec_safe('/usr/sbin/update-rc.d remove >/dev/null 2>&1', 'hhvm_' . $data['old']['system_user']); unlink('/etc/init.d/hhvm_' . $data['old']['system_user']); if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini'); } @@ -2743,7 +2731,7 @@ class nginx_plugin { $tpl->setVar('document_root', $data['new']['document_root']); $tpl->setVar('security_level', $web_config['security_level']); $tpl->setVar('domain', $data['new']['domain']); - $php_open_basedir = ($data['new']['php_open_basedir'] == '')?escapeshellcmd($data['new']['document_root']):escapeshellcmd($data['new']['php_open_basedir']); + $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; $tpl->setVar('php_open_basedir', $php_open_basedir); if($php_open_basedir != ''){ $tpl->setVar('enable_php_open_basedir', ''); @@ -2830,7 +2818,7 @@ class nginx_plugin { unset($tpl); // delete pool in all other PHP versions - $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir'])); + $default_pool_dir = trim($web_config['php_fpm_pool_dir']); if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/'; if($default_pool_dir != $pool_dir){ if ( @is_file($default_pool_dir.$pool_name.'.conf') ) { @@ -2875,7 +2863,7 @@ class nginx_plugin { } if($default_php_fpm){ - $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']); + $pool_dir = $web_config['php_fpm_pool_dir']; } else { $pool_dir = $custom_php_fpm_pool_dir; } @@ -2890,7 +2878,7 @@ class nginx_plugin { } // delete pool in all other PHP versions - $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir'])); + $default_pool_dir = trim($web_config['php_fpm_pool_dir']); if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/'; if($default_pool_dir != $pool_dir){ if ( @is_file($default_pool_dir.$pool_name.'.conf') ) { @@ -3093,7 +3081,7 @@ class nginx_plugin { } if($app->system->is_group('client'.$client_id)){ - $app->system->_exec('groupdel client'.$client_id); + $app->system->exec_safe('groupdel ?', 'client'.$client_id); $app->log('Removed group client'.$client_id, LOGLEVEL_DEBUG); } } diff --git a/server/plugins-available/nginx_reverseproxy_plugin.inc.php b/server/plugins-available/nginx_reverseproxy_plugin.inc.php index b5881dbf240886b5cc6127847a84f1e2dfa954de..1013042254ba2a2c63980394e6dc964021beb1f8 100644 --- a/server/plugins-available/nginx_reverseproxy_plugin.inc.php +++ b/server/plugins-available/nginx_reverseproxy_plugin.inc.php @@ -176,7 +176,7 @@ class nginx_reverseproxy_plugin { } - $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'; //* Make a backup copy of vhost file copy($vhost_file, $vhost_file.'~'); @@ -187,7 +187,7 @@ class nginx_reverseproxy_plugin { // Set the symlink to enable the vhost - $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'; if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) { symlink($vhost_file, $vhost_symlink); $app->log('Creating symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -199,18 +199,18 @@ class nginx_reverseproxy_plugin { $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - if(!is_dir('/var/log/ispconfig/nginx/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/nginx/'.$data['new']['domain']); + if(!is_dir('/var/log/ispconfig/nginx/'.$data['new']['domain'])) $app->system->exec_safe('mkdir -p ?', '/var/log/ispconfig/nginx/'.$data['new']['domain']); // remove old symlink and vhost file, if domain name of the site has changed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); - $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; unlink($vhost_file); $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG); - if(is_dir('/var/log/ispconfig/nginx/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/nginx/'.$data['old']['domain']); + if(is_dir('/var/log/ispconfig/nginx/'.$data['old']['domain'])) $app->system->exec_safe('rm -rf ?', '/var/log/ispconfig/nginx/'.$data['old']['domain']); } // request a httpd reload when all records have been processed @@ -232,7 +232,7 @@ class nginx_reverseproxy_plugin { function ssl($event_name, $data) { global $app, $conf; - if(!is_dir($conf['nginx']['config_dir'].'/ssl')) exec('mkdir -p '.$conf['nginx']['config_dir'].'/ssl'); + if(!is_dir($conf['nginx']['config_dir'].'/ssl')) $app->system->exec_safe('mkdir -p ?', $conf['nginx']['config_dir'].'/ssl'); $ssl_dir = $conf['nginx']['config_dir'].'/ssl'; $domain = $data['new']['ssl_domain']; $key_file = $ssl_dir.'/'.$domain.'.key.org'; @@ -250,7 +250,7 @@ class nginx_reverseproxy_plugin { //$csr_file = $ssl_dir.'/'.$domain.".csr"; //$crt_file = $ssl_dir.'/'.$domain.".crt"; //$bundle_file = $ssl_dir.'/'.$domain.".bundle"; - $this->_exec('rsync -v -e ssh root@'.$web['ip_address'].':~/$src_ssl_dir '.$ssl_dir); + $app->system->exec_safe('rsync -v -e ssh root@?:? ?', $web['ip_address'], '~/'.$src_ssl_dir, $ssl_dir); $app->log('Syncing SSL Cert for: '.$domain, LOGLEVEL_DEBUG); } @@ -284,31 +284,24 @@ class nginx_reverseproxy_plugin { //* This is a website // Deleting the vhost file, symlink and the data directory - $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); - $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; unlink($vhost_file); $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG); // Delete the log file directory - $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/nginx/'.$data['old']['domain']); - if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir); + $vhost_logfile_dir = '/var/log/ispconfig/nginx/'.$data['old']['domain']; + if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) $app->system->exec_safe('rm -rf ?', $vhost_logfile_dir); $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG); } } - //* Wrapper for exec function for easier debugging - private function _exec($command) { - global $app; - $app->log('exec: '.$command, LOGLEVEL_DEBUG); - exec($command); - } - function rewrite_insert($event_name, $data) { global $app, $conf; @@ -329,7 +322,7 @@ class nginx_reverseproxy_plugin { $tpl->newTemplate("nginx_reverseproxy_rewrites.conf.master"); if (!empty($rules))$tpl->setLoop('nginx_rewrite_rules', $rules); - $rewrites_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/default.rewrites.conf'); + $rewrites_file = $nginx_config['nginx_vhost_conf_dir'].'/default.rewrites.conf'; //* Make a backup copy of vhost file copy($rewrites_file, $rewrites_file.'~'); @@ -340,7 +333,7 @@ class nginx_reverseproxy_plugin { // Set the symlink to enable the vhost - $rewrite_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/default.rewrites.conf'); + $rewrite_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/default.rewrites.conf'; if(!is_link($rewrite_symlink)) { symlink($rewrites_file, $rewrite_symlink); diff --git a/server/plugins-available/openvz_plugin.inc.php b/server/plugins-available/openvz_plugin.inc.php index 5cc4bf6522aaf1a64ab8d375b96ed8b6f89de18a..f17edb7b8c1882844b26eb6afb147eba9416075f 100644 --- a/server/plugins-available/openvz_plugin.inc.php +++ b/server/plugins-available/openvz_plugin.inc.php @@ -86,11 +86,11 @@ class openvz_plugin { } $tmp = $app->db->queryOneRecord("SELECT template_file FROM openvz_ostemplate WHERE ostemplate_id = ?", $data['new']['ostemplate_id']); - $ostemplate = escapeshellcmd($tmp['template_file']); + $ostemplate = $tmp['template_file']; unset($tmp); //* Create the virtual machine - exec("vzctl create $veid --ostemplate $ostemplate"); + $app->system->exec_safe("vzctl create ? --ostemplate ?", $veid, $ostemplate); $app->log("Create OpenVZ VM: vzctl create $veid --ostemplate $ostemplate", LOGLEVEL_DEBUG); //* Write the configuration of the VM @@ -103,7 +103,7 @@ class openvz_plugin { } //* Set the root password in the virtual machine - exec("vzctl set $veid --userpasswd root:".escapeshellcmd($data['new']['vm_password'])); + $app->system->exec_safe("vzctl set ? --userpasswd root:?", $veid, $data['new']['vm_password']); } @@ -123,7 +123,7 @@ class openvz_plugin { //* new diskspace for ploop-containers requieres "vzctl set" if($data['new']['diskspace'] != $data['old']['diskspace']) { - exec("vzctl set ".$veid." --diskspace ".$data['new']['diskspace']."G --save"); + escapeshell("vzctl set ? --diskspace ? --save", $veid, $data['new']['diskspace']."G"); } //* Apply config changes to the VM @@ -140,7 +140,7 @@ class openvz_plugin { //* Set the root password in the virtual machine if($data['new']['vm_password'] != $data['old']['vm_password']) { - exec("vzctl set $veid --userpasswd root:".escapeshellcmd($data['new']['vm_password'])); + $app->system->exec_safe("vzctl set ? --userpasswd root:?", $veid, $data['new']['vm_password']); } @@ -193,12 +193,12 @@ class openvz_plugin { $parts = explode(':', $data); $veid = intval($parts[0]); $template_cache_dir = '/vz/template/cache/'; - $template_name = escapeshellcmd($parts[1]); + $template_name = $parts[1]; if($veid > 0 && $template_name != '' && is_dir($template_cache_dir)) { - $command = "vzdump --suspend --compress --stdexcludes --dumpdir $template_cache_dir $veid"; - exec($command); - exec("mv ".$template_cache_dir."vzdump-openvz-".$veid."*.tgz ".$template_cache_dir.$template_name.".tar.gz"); - exec("rm -f ".$template_cache_dir."vzdump-openvz-".$veid."*.log"); + $command = "vzdump --suspend --compress --stdexcludes --dumpdir ? ?"; + $app->system->exec_safe($command, $template_cache_dir, $veid); + $app->system->exec_safe("mv ?*.tgz ?", $template_cache_dir."vzdump-openvz-".$veid, $template_cache_dir.$template_name.".tar.gz"); + $app->system->exec_safe("rm -f ?*.log", $template_cache_dir."vzdump-openvz-".$veid); } $app->log("Created OpenVZ OStemplate $template_name from VM $veid", LOGLEVEL_DEBUG); return 'ok'; diff --git a/server/plugins-available/postfix_server_plugin.inc.php b/server/plugins-available/postfix_server_plugin.inc.php index f66fc40d428cada8e1cba3bb721163cd4950ef94..bec1c5498d786d6abf60eef2b990dc18448991af 100644 --- a/server/plugins-available/postfix_server_plugin.inc.php +++ b/server/plugins-available/postfix_server_plugin.inc.php @@ -95,7 +95,7 @@ class postfix_server_plugin { exec("postconf -e 'smtp_sasl_auth_enable = no'"); } - exec("postconf -e 'relayhost = ".$mail_config['relayhost']."'"); + $app->system->exec_safe("postconf -e ?", 'relayhost = '.$mail_config['relayhost']); file_put_contents('/etc/postfix/sasl_passwd', $content); chmod('/etc/postfix/sasl_passwd', 0600); chown('/etc/postfix/sasl_passwd', 'root'); @@ -134,7 +134,7 @@ class postfix_server_plugin { if($value != '') $new_options[] = "reject_rbl_client ".$value; } } - exec("postconf -e 'smtpd_recipient_restrictions = ".implode(", ", $new_options)."'"); + $app->system->exec_safe("postconf -e ?", 'smtpd_recipient_restrictions = '.implode(", ", $new_options)); exec('postfix reload'); } @@ -153,7 +153,7 @@ class postfix_server_plugin { while (isset($new_options[$i]) && substr($new_options[$i], 0, 19) == 'check_sender_access') ++$i; array_splice($new_options, $i, 0, array('reject_authenticated_sender_login_mismatch')); } - exec("postconf -e 'smtpd_sender_restrictions = ".implode(", ", $new_options)."'"); + $app->system->exec_safe("postconf -e ?", 'smtpd_sender_restrictions = '.implode(", ", $new_options)); exec('postfix reload'); } diff --git a/server/plugins-available/powerdns_plugin.inc.php b/server/plugins-available/powerdns_plugin.inc.php index 1ecdfaf50174825e6817631434b8c6c287cda9de..2e44e014d5c518247c32d16a677d8abf7fdb735a 100644 --- a/server/plugins-available/powerdns_plugin.inc.php +++ b/server/plugins-available/powerdns_plugin.inc.php @@ -448,16 +448,20 @@ class powerdns_plugin { } function notifySlave($data) { + global $app; + $pdns_control = $this->find_pdns_control(); if ( $pdns_control != false ) { - exec($pdns_control . ' notify ' . rtrim($data["new"]["origin"],".")); + $app->system->exec_safe($pdns_control . ' notify ?', rtrim($data["new"]["origin"],".")); } } function fetchFromMaster($data) { + global $app; + $pdns_control = $this->find_pdns_control(); if ( $pdns_control != false ) { - exec($pdns_control . ' retrieve ' . rtrim($data["new"]["origin"],".")); + $app->system->exec_safe($pdns_control . ' retrieve ?', rtrim($data["new"]["origin"],".")); } } @@ -693,11 +697,11 @@ class powerdns_plugin { if ( $pdns_pdnssec != false ) { if (isset($data["new"]["origin"])) { //* data has origin field only for SOA recordtypes - exec($pdns_pdnssec . ' rectify-zone ' . rtrim($data["new"]["origin"],".")); + $app->system->exec_safe($pdns_pdnssec . ' rectify-zone ?', rtrim($data["new"]["origin"],".")); } else { // get origin from DB for all other recordtypes $zn = $app->db->queryOneRecord("SELECT d.name AS name FROM powerdns.domains d, powerdns.records r WHERE r.ispconfig_id=? AND r.domain_id = d.id", $data["new"]["id"]); - exec($pdns_pdnssec . ' rectify-zone ' . trim($zn["name"])); + $app->system->exec_safe($pdns_pdnssec . ' rectify-zone ?', trim($zn["name"])); } } } diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php index 9c4568901deef3e73b8051929ca94247070e6fd2..90e3293ad7e1838358a62229278c5aa684fa50fc 100755 --- a/server/plugins-available/shelluser_base_plugin.inc.php +++ b/server/plugins-available/shelluser_base_plugin.inc.php @@ -115,34 +115,28 @@ class shelluser_base_plugin { // Create home base directory if it does not exist if(!is_dir($data['new']['dir'].'/home')){ - $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0755'); + $app->file->mkdirs($data['new']['dir'].'/home', '0755'); } // Change ownership of home base dir to root user - $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),'root'); - $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),'root'); - $app->system->chmod(escapeshellcmd($data['new']['dir'].'/home'),0755); + $app->system->chown($data['new']['dir'].'/home','root'); + $app->system->chgrp($data['new']['dir'].'/home','root'); + $app->system->chmod($data['new']['dir'].'/home',0755); if(!is_dir($homedir)){ - $app->file->mkdirs(escapeshellcmd($homedir), '0750'); - $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']),false); - $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']),false); + $app->file->mkdirs($homedir, '0750'); + $app->system->chown($homedir,$data['new']['puser'],false); + $app->system->chgrp($homedir,$data['new']['pgroup'],false); } - $command = 'useradd'; - $command .= ' -d '.escapeshellcmd($homedir); - $command .= ' -g '.escapeshellcmd($data['new']['pgroup']); - $command .= ' -o '; // non unique - if($data['new']['password'] != '') $command .= ' -p '.escapeshellcmd($data['new']['password']); - $command .= ' -s '.escapeshellcmd($data['new']['shell']); - $command .= ' -u '.escapeshellcmd($uid); - $command .= ' '.escapeshellcmd($data['new']['username']); - - exec($command); + $command = 'useradd -d ? -g ? -o ?'; // non unique + if($data['new']['password'] != '') $command .= ' -p ?'; + $command .= ' -s ? -u ? ?'; + $app->system->exec_safe($command, $homedir, $data['new']['pgroup'], $data['new']['password'], $data['new']['shell'], $uid, $data['new']['username']); $app->log("Executed command: ".$command, LOGLEVEL_DEBUG); $app->log("Added shelluser: ".$data['new']['username'], LOGLEVEL_DEBUG); - $app->system->chown(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['username']),false); - $app->system->chgrp(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['pgroup']),false); + $app->system->chown($data['new']['dir'],$data['new']['username'],false); + $app->system->chgrp($data['new']['dir'],$data['new']['pgroup'],false); // call the ssh-rsa update function @@ -152,21 +146,21 @@ class shelluser_base_plugin { $this->_setup_ssh_rsa(); //* Create .bash_history file - $app->system->touch(escapeshellcmd($homedir).'/.bash_history'); - $app->system->chmod(escapeshellcmd($homedir).'/.bash_history', 0750); - $app->system->chown(escapeshellcmd($homedir).'/.bash_history', $data['new']['username']); - $app->system->chgrp(escapeshellcmd($homedir).'/.bash_history', $data['new']['pgroup']); + $app->system->touch($homedir.'/.bash_history'); + $app->system->chmod($homedir.'/.bash_history', 0750); + $app->system->chown($homedir.'/.bash_history', $data['new']['username']); + $app->system->chgrp($homedir.'/.bash_history', $data['new']['pgroup']); //* Create .profile file - $app->system->touch(escapeshellcmd($homedir).'/.profile'); - $app->system->chmod(escapeshellcmd($homedir).'/.profile', 0644); - $app->system->chown(escapeshellcmd($homedir).'/.profile', $data['new']['username']); - $app->system->chgrp(escapeshellcmd($homedir).'/.profile', $data['new']['pgroup']); + $app->system->touch($homedir.'/.profile'); + $app->system->chmod($homedir.'/.profile', 0644); + $app->system->chown($homedir.'/.profile', $data['new']['username']); + $app->system->chgrp($homedir.'/.profile', $data['new']['pgroup']); //* Disable shell user temporarily if we use jailkit if($data['new']['chroot'] == 'jailkit') { - $command = 'usermod -s /bin/false -L '.escapeshellcmd($data['new']['username']).' 2>/dev/null'; - exec($command); + $command = 'usermod -s /bin/false -L ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['username']); $app->log("Disabling shelluser temporarily: ".$command, LOGLEVEL_DEBUG); } @@ -233,55 +227,32 @@ class shelluser_base_plugin { if($app->system->is_user($data['old']['username'])) { //* Remove webfolder protection $app->system->web_folder_protection($web['document_root'], false); - - /* - $command = 'usermod'; - $command .= ' --home '.escapeshellcmd($data['new']['dir']); - $command .= ' --gid '.escapeshellcmd($data['new']['pgroup']); - // $command .= ' --non-unique '; - $command .= ' --password '.escapeshellcmd($data['new']['password']); - if($data['new']['chroot'] != 'jailkit') $command .= ' --shell '.escapeshellcmd($data['new']['shell']); - // $command .= ' --uid '.escapeshellcmd($uid); - $command .= ' --login '.escapeshellcmd($data['new']['username']); - $command .= ' '.escapeshellcmd($data['old']['username']); - - exec($command); - $app->log("Executed command: $command ",LOGLEVEL_DEBUG); - */ - //$groupinfo = $app->system->posix_getgrnam($data['new']['pgroup']); + if($homedir != $homedir_old){ $app->system->web_folder_protection($web['document_root'], false); // Rename dir, in case the new directory exists already. if(is_dir($homedir)) { $app->log("New Homedir exists, renaming it to ".$homedir.'_bak', LOGLEVEL_DEBUG); - $app->system->rename(escapeshellcmd($homedir),escapeshellcmd($homedir.'_bak')); + $app->system->rename($homedir,$homedir.'_bak'); } - /*if(!is_dir($data['new']['dir'].'/home')){ - $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750'); - $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser'])); - $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup'])); - } - $app->file->mkdirs(escapeshellcmd($homedir), '0755'); - $app->system->chown(escapeshellcmd($homedir),'root'); - $app->system->chgrp(escapeshellcmd($homedir),'root');*/ // Move old directory to new path - $app->system->rename(escapeshellcmd($homedir_old),escapeshellcmd($homedir)); - $app->file->mkdirs(escapeshellcmd($homedir), '0750'); - $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser'])); - $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup'])); + $app->system->rename($homedir_old,$homedir); + $app->file->mkdirs($homedir, '0750'); + $app->system->chown($homedir,$data['new']['puser']); + $app->system->chgrp($homedir,$data['new']['pgroup']); $app->system->web_folder_protection($web['document_root'], true); } else { if(!is_dir($homedir)){ $app->system->web_folder_protection($web['document_root'], false); if(!is_dir($data['new']['dir'].'/home')){ - $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0755'); - $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),'root'); - $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),'root'); + $app->file->mkdirs($data['new']['dir'].'/home', '0755'); + $app->system->chown($data['new']['dir'].'/home','root'); + $app->system->chgrp($data['new']['dir'].'/home','root'); } - $app->file->mkdirs(escapeshellcmd($homedir), '0750'); - $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser'])); - $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup'])); + $app->file->mkdirs($homedir, '0750'); + $app->system->chown($homedir,$data['new']['puser']); + $app->system->chgrp($homedir,$data['new']['pgroup']); $app->system->web_folder_protection($web['document_root'], true); } } @@ -296,18 +267,18 @@ class shelluser_base_plugin { //* Create .bash_history file if(!is_file($data['new']['dir']).'/.bash_history') { - $app->system->touch(escapeshellcmd($homedir).'/.bash_history'); - $app->system->chmod(escapeshellcmd($homedir).'/.bash_history', 0750); - $app->system->chown(escapeshellcmd($homedir).'/.bash_history', escapeshellcmd($data['new']['username'])); - $app->system->chgrp(escapeshellcmd($homedir).'/.bash_history', escapeshellcmd($data['new']['pgroup'])); + $app->system->touch($homedir.'/.bash_history'); + $app->system->chmod($homedir.'/.bash_history', 0750); + $app->system->chown($homedir.'/.bash_history', $data['new']['username']); + $app->system->chgrp($homedir.'/.bash_history', $data['new']['pgroup']); } //* Create .profile file if(!is_file($data['new']['dir']).'/.profile') { - $app->system->touch(escapeshellcmd($homedir).'/.profile'); - $app->system->chmod(escapeshellcmd($homedir).'/.profile', 0644); - $app->system->chown(escapeshellcmd($homedir).'/.profile', escapeshellcmd($data['new']['username'])); - $app->system->chgrp(escapeshellcmd($homedir).'/.profile', escapeshellcmd($data['new']['pgroup'])); + $app->system->touch($homedir.'/.profile'); + $app->system->chmod($homedir.'/.profile', 0644); + $app->system->chown($homedir.'/.profile', $data['new']['username']); + $app->system->chgrp($homedir.'/.profile', $data['new']['pgroup']); } //* Add webfolder protection again @@ -362,7 +333,7 @@ class shelluser_base_plugin { if(is_file($homedir . $delfile) && fileowner($homedir . $delfile) == $userid) unlink($homedir . $delfile); } foreach($dirs as $deldir) { - if(is_dir($homedir . $deldir) && fileowner($homedir . $deldir) == $userid) exec('rm -rf ' . escapeshellarg($homedir . $deldir)); + if(is_dir($homedir . $deldir) && fileowner($homedir . $deldir) == $userid) $app->system->exec_safe('rm -rf ?', $homedir . $deldir); } $empty = true; $dirres = opendir($homedir); @@ -401,9 +372,8 @@ class shelluser_base_plugin { $app->services->restartService('php-fpm', 'stop:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']); } } - $command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; userdel -f'; - $command .= ' '.escapeshellcmd($data['old']['username']).' &> /dev/null'; - exec($command); + $command = 'killall -u ? ; userdel -f ? &> /dev/null'; + $app->system->exec_safe($command, $data['old']['username'], $data['old']['username']); $app->log("Deleted shelluser: ".$data['old']['username'], LOGLEVEL_DEBUG); // start PHP-FPM again if($web['php'] == 'php-fpm'){ @@ -447,12 +417,10 @@ class shelluser_base_plugin { } } $sshrsa = trim($sshrsa); - $usrdir = escapeshellcmd($this->data['new']['dir']); + $usrdir = $this->data['new']['dir']; //* Home directory of the new shell user - if($this->data['new']['chroot'] == 'jailkit') { - $usrdir = escapeshellcmd($this->data['new']['dir']); - } else { - $usrdir = escapeshellcmd($this->data['new']['dir'].'/home/'.$this->data['new']['username']); + if($this->data['new']['chroot'] != 'jailkit') { + $usrdir = $this->data['new']['dir'].'/home/'.$this->data['new']['username']; } $sshdir = $usrdir.'/.ssh'; $sshkeys= $usrdir.'/.ssh/authorized_keys'; @@ -528,8 +496,8 @@ class shelluser_base_plugin { $this->app->log("ssh-rsa key updated in ".$sshkeys, LOGLEVEL_DEBUG); // set proper file permissions - exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$sshdir); - exec("chmod 600 '$sshkeys'"); + $app->system->exec_safe("chown -R ?:? ?", $this->data['new']['puser'], $this->data['new']['pgroup'], $sshdir); + $app->system->exec_safe("chmod 600 ?", $sshkeys); } diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php index c7112c497a1b2355d4d13fd298383a3b899630e9..1f3a08facee5f408488ae1ac7f74f1edfaa276c5 100755 --- a/server/plugins-available/shelluser_jailkit_plugin.inc.php +++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php @@ -121,13 +121,11 @@ class shelluser_jailkit_plugin { //* call the ssh-rsa update function $this->_setup_ssh_rsa(); - //$command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']); - //exec($command); $app->system->usermod($data['new']['username'], 0, 0, '', '/usr/sbin/jk_chrootsh', '', ''); //* Unlock user - $command = 'usermod -U '.escapeshellcmd($data['new']['username']).' 2>/dev/null'; - exec($command); + $command = 'usermod -U ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['username']); $this->_update_website_security_level(); $app->system->web_folder_protection($web['document_root'], true); @@ -242,15 +240,12 @@ class shelluser_jailkit_plugin { $jailkit_chroot_userhome = $this->_get_home_dir($data['old']['username']); - //commented out proved to be dangerous on config errors - //exec('rm -rf '.$data['old']['dir'].$jailkit_chroot_userhome); - $app->system->web_folder_protection($web['document_root'], false); $userid = intval($app->system->getuid($data['old']['username'])); - $command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; '; - $command .= 'userdel -f '.escapeshellcmd($data['old']['username']).' &> /dev/null'; - exec($command); + $command = 'killall -u ? ; '; + $command .= 'userdel -f ? &> /dev/null'; + $app->system->exec_safe($command, $data['old']['username'], $data['old']['username']); // Remove the jailed user from passwd and shadow file inside the jail $app->system->removeLine($data['old']['dir'].'/etc/passwd', $data['old']['username']); @@ -278,10 +273,8 @@ class shelluser_jailkit_plugin { //check if the chroot environment is created yet if not create it with a list of program sections from the config if (!is_dir($this->data['new']['dir'].'/etc/jailkit')) { - $command = '/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh'; - $command .= ' '.escapeshellcmd($this->data['new']['dir']); - $command .= ' \''.$this->jailkit_config['jailkit_chroot_app_sections'].'\''; - exec($command.' 2>/dev/null'); + $command = '/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh ? ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->data['new']['dir'], $this->jailkit_config['jailkit_chroot_app_sections']); $this->app->log("Added jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); @@ -300,7 +293,7 @@ class shelluser_jailkit_plugin { $tpl->setVar('domain', $web['domain']); $tpl->setVar('home_dir', $this->_get_home_dir("")); - $bashrc = escapeshellcmd($this->data['new']['dir']).'/etc/bash.bashrc'; + $bashrc = $this->data['new']['dir'].'/etc/bash.bashrc'; if(@is_file($bashrc) || @is_link($bashrc)) unlink($bashrc); file_put_contents($bashrc, $tpl->grab()); @@ -313,7 +306,7 @@ class shelluser_jailkit_plugin { $tpl->setVar('domain', $web['domain']); - $motd = escapeshellcmd($this->data['new']['dir']).'/var/run/motd'; + $motd = $this->data['new']['dir'].'/var/run/motd'; if(@is_file($motd) || @is_link($motd)) unlink($motd); $app->system->file_put_contents($motd, $tpl->grab()); @@ -323,16 +316,15 @@ class shelluser_jailkit_plugin { function _add_jailkit_programs() { + global $app; $jailkit_chroot_app_programs = preg_split("/[\s,]+/", $this->jailkit_config['jailkit_chroot_app_programs']); if(is_array($jailkit_chroot_app_programs) && !empty($jailkit_chroot_app_programs)){ foreach($jailkit_chroot_app_programs as $jailkit_chroot_app_program){ $jailkit_chroot_app_program = trim($jailkit_chroot_app_program); if(is_file($jailkit_chroot_app_program) || is_dir($jailkit_chroot_app_program)){ //copy over further programs and its libraries - $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh'; - $command .= ' '.escapeshellcmd($this->data['new']['dir']); - $command .= ' '.$jailkit_chroot_app_program; - exec($command.' 2>/dev/null'); + $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh ? ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->data['new']['dir'], $jailkit_chroot_app_program); $this->app->log("Added programs to jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); } @@ -342,7 +334,7 @@ class shelluser_jailkit_plugin { function _get_home_dir($username) { - return str_replace("[username]", escapeshellcmd($username), $this->jailkit_config['jailkit_chroot_home']); + return str_replace("[username]", $username, $this->jailkit_config['jailkit_chroot_home']); } function _add_jailkit_user() @@ -365,36 +357,8 @@ class shelluser_jailkit_plugin { // ALWAYS create the user. Even if the user was created before // if we check if the user exists, then a update (no shell -> jailkit) will not work // and the user has FULL ACCESS to the root of the server! - $command = '/usr/local/ispconfig/server/scripts/create_jailkit_user.sh'; - $command .= ' '.escapeshellcmd($this->data['new']['username']); - $command .= ' '.escapeshellcmd($this->data['new']['dir']); - $command .= ' '.$jailkit_chroot_userhome; - $command .= ' '.escapeshellcmd($this->data['new']['shell']); - $command .= ' '.$this->data['new']['puser']; - $command .= ' '.$jailkit_chroot_puserhome; - exec($command.' 2>/dev/null'); - - //* Change the homedir of the shell user and parent user - //* We have to do this manually as the usermod command fails - //* when the user is logged in or a command is running under that user - /* - $passwd_file_array = file('/etc/passwd'); - $passwd_out = ''; - if(is_array($passwd_file_array)) { - foreach($passwd_file_array as $line) { - $line = trim($line); - $parts = explode(':',$line); - if($parts[0] == $this->data['new']['username']) { - $parts[5] = escapeshellcmd($this->data['new']['dir'].'/.'.$jailkit_chroot_userhome); - $parts[6] = escapeshellcmd('/usr/sbin/jk_chrootsh'); - $new_line = implode(':',$parts); - copy('/etc/passwd','/etc/passwd~'); - chmod('/etc/passwd~',0600); - $app->uses('system'); - $app->system->replaceLine('/etc/passwd',$line,$new_line,1,0); - } - } - }*/ + $command = '/usr/local/ispconfig/server/scripts/create_jailkit_user.sh ? ? ? ? ? ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->data['new']['username'], $this->data['new']['dir'], $jailkit_chroot_userhome, $this->data['new']['shell'], $this->data['new']['puser'], $jailkit_chroot_puserhome); $shell = '/usr/sbin/jk_chrootsh'; if($this->data['new']['active'] != 'y') $shell = '/bin/false'; @@ -406,19 +370,19 @@ class shelluser_jailkit_plugin { if(!is_dir($this->data['new']['dir'].$jailkit_chroot_userhome)) { if(is_dir($this->data['old']['dir'].$jailkit_chroot_userhome_old)) { - $app->system->rename(escapeshellcmd($this->data['old']['dir'].$jailkit_chroot_userhome_old),escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome)); + $app->system->rename($this->data['old']['dir'].$jailkit_chroot_userhome_old,$this->data['new']['dir'].$jailkit_chroot_userhome); } else { - mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), 0750, true); + mkdir($this->data['new']['dir'].$jailkit_chroot_userhome, 0750, true); } } - $app->system->chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['username']); - $app->system->chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['pgroup']); + $app->system->chown($this->data['new']['dir'].$jailkit_chroot_userhome, $this->data['new']['username']); + $app->system->chgrp($this->data['new']['dir'].$jailkit_chroot_userhome, $this->data['new']['pgroup']); $this->app->log("Added created jailkit user home in : ".$this->data['new']['dir'].$jailkit_chroot_userhome, LOGLEVEL_DEBUG); - if(!is_dir($this->data['new']['dir'].$jailkit_chroot_puserhome)) mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), 0750, true); - $app->system->chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['puser']); - $app->system->chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['pgroup']); + if(!is_dir($this->data['new']['dir'].$jailkit_chroot_puserhome)) mkdir($this->data['new']['dir'].$jailkit_chroot_puserhome, 0750, true); + $app->system->chown($this->data['new']['dir'].$jailkit_chroot_puserhome, $this->data['new']['puser']); + $app->system->chgrp($this->data['new']['dir'].$jailkit_chroot_puserhome, $this->data['new']['pgroup']); $this->app->log("Added jailkit parent user home in : ".$this->data['new']['dir'].$jailkit_chroot_puserhome, LOGLEVEL_DEBUG); @@ -447,13 +411,6 @@ class shelluser_jailkit_plugin { } - //* Wrapper for exec function for easier debugging - private function _exec($command) { - global $app; - $app->log('exec: '.$command, LOGLEVEL_DEBUG); - exec($command); - } - private function _setup_ssh_rsa() { global $app; $this->app->log("ssh-rsa setup shelluser_jailkit", LOGLEVEL_DEBUG); @@ -469,7 +426,7 @@ class shelluser_jailkit_plugin { // ssh-rsa authentication variables $sshrsa = $this->data['new']['ssh_rsa']; - $usrdir = escapeshellcmd($this->data['new']['dir']).'/'.$this->_get_home_dir($this->data['new']['username']); + $usrdir = $this->data['new']['dir'].'/'.$this->_get_home_dir($this->data['new']['username']); $sshdir = $usrdir.'/.ssh'; $sshkeys= $usrdir.'/.ssh/authorized_keys'; @@ -545,9 +502,9 @@ class shelluser_jailkit_plugin { $this->app->log("ssh-rsa key updated in ".$sshkeys, LOGLEVEL_DEBUG); // set proper file permissions - exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$sshdir); - exec("chmod 700 ".$sshdir); - exec("chmod 600 '$sshkeys'"); + $app->system->exec_safe("chown -R ?:? ?", $this->data['new']['puser'], $this->data['new']['pgroup'], $sshdir); + $app->system->exec_safe("chmod 700 ?", $sshdir); + $app->system->exec_safe("chmod 600 ?", $sshkeys); } @@ -569,7 +526,7 @@ class shelluser_jailkit_plugin { if(is_file($homedir . $delfile) && fileowner($homedir . $delfile) == $userid) unlink($homedir . $delfile); } foreach($dirs as $deldir) { - if(is_dir($homedir . $deldir) && fileowner($homedir . $deldir) == $userid) exec('rm -rf ' . escapeshellarg($homedir . $deldir)); + if(is_dir($homedir . $deldir) && fileowner($homedir . $deldir) == $userid) $app->system->exec_safe('rm -rf ?', $homedir . $deldir); } $empty = true; $dirres = opendir($homedir); diff --git a/server/plugins-available/software_update_plugin.inc.php b/server/plugins-available/software_update_plugin.inc.php index 587bd4f09a610c3ec496e1fa1edffe1e17e76b94..2626d1e75695bcefb79605ed7ae77e211a1755dd 100644 --- a/server/plugins-available/software_update_plugin.inc.php +++ b/server/plugins-available/software_update_plugin.inc.php @@ -111,11 +111,12 @@ class software_update_plugin { $software_update["update_url"] = str_replace('{key}', $software_package['package_key'], $software_update["update_url"]); //* Download the update package - $cmd = "cd $temp_dir && wget ".$software_update["update_url"]; if($installuser == '') { - exec($cmd); + $cmd = "cd ? && wget ?"; + $app->system->exec_safe($cmd, $temp_dir, $software_update["update_url"]); } else { - exec("su -c ".escapeshellarg($cmd)." $installuser"); + $cmd = "cd $temp_dir && wget ".$software_update["update_url"]; + $app->system->exec_safe("su -c ? ?", $cmd, $installuser); } $app->log("Downloading the update file from: ".$software_update["update_url"], LOGLEVEL_DEBUG); @@ -135,7 +136,7 @@ class software_update_plugin { if($update_filename == '') { $app->log("No package file found. Download failed? Installation aborted.", LOGLEVEL_WARN); - exec("rm -rf $temp_dir"); + $app->system->exec_safe("rm -rf ?", $temp_dir); $app->log("Deleting the temp directory $temp_dir", LOGLEVEL_DEBUG); $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); return false; @@ -148,7 +149,7 @@ class software_update_plugin { //* Checking the md5sum if(md5_file($temp_dir.'/'.$update_filename) != $software_update["update_md5"]) { $app->log("The md5 sum of the downloaded file is incorrect. Update aborted.", LOGLEVEL_WARN); - exec("rm -rf $temp_dir"); + $app->system->exec_safe("rm -rf ", $temp_dir); $app->log("Deleting the temp directory $temp_dir", LOGLEVEL_DEBUG); $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); return false; @@ -158,11 +159,13 @@ class software_update_plugin { //* unpacking the update - $cmd = "cd $temp_dir && unzip $update_filename"; + if($installuser == '') { - exec($cmd); + $cmd = "cd ? && unzip ?"; + $app->system->exec_safe($cmd, $temp_dir, $update_filename); } else { - exec("su -c ".escapeshellarg($cmd)." $installuser"); + $cmd = "cd $temp_dir && unzip $update_filename"; + $app->system->exec_safe("su -c ? ?", $cmd, $installuser); } //* Create a database, if the package requires one @@ -181,7 +184,7 @@ class software_update_plugin { $db_config['database_password'] != '' && $db_config['database_name'] != '' && $db_config['database_host'] != '') { - system("mysql --default-character-set=utf8 --force -h '".$db_config['database_host']."' -u '".$db_config['database_user']."' ".$db_config['database_name']." < ".escapeshellcmd($temp_dir.'/setup.sql')); + $app->system->exec_safe("mysql --default-character-set=utf8 --force -h ? -u ? ? < ?", $db_config['database_host'], $db_config['database_user'], $db_config['database_name'], $temp_dir.'/setup.sql'); $app->log("Loading setup.sql dump into the app db.", LOGLEVEL_DEBUG); } } @@ -196,13 +199,15 @@ class software_update_plugin { if(is_file($temp_dir.'/setup.sh')) { // Execute the setup script - exec('chmod +x '.$temp_dir.'/setup.sh'); + $app->system->exec_safe('chmod +x ?', $temp_dir.'/setup.sh'); $app->log("Executing setup.sh file in directory $temp_dir", LOGLEVEL_DEBUG); - $cmd = 'cd '.$temp_dir.' && ./setup.sh > package_install.log'; + if($installuser == '') { - exec($cmd); + $cmd = 'cd ? && ./setup.sh > package_install.log'; + $app->system->exec_safe($cmd, $temp_dir); } else { - exec("su -c ".escapeshellarg($cmd)." $installuser"); + $cmd = 'cd '.$temp_dir.' && ./setup.sh > package_install.log'; + $app->system->exec_safe("su -c ? ?", $cmd, $installuser); } $log_data = @file_get_contents("{$temp_dir}/package_install.log"); @@ -223,7 +228,7 @@ class software_update_plugin { $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); } - if($temp_dir != '' && $temp_dir != '/') exec("rm -rf $temp_dir"); + if($temp_dir != '' && $temp_dir != '/') $app->system->exec_safe("rm -rf ?", $temp_dir); $app->log("Deleting the temp directory $temp_dir", LOGLEVEL_DEBUG); } diff --git a/server/plugins-available/xmpp_plugin.inc.php b/server/plugins-available/xmpp_plugin.inc.php index 128a88ebb47e76d9ce51dc1b05f578fc15a9ab2b..c680e62f0ed5e51f5ccf7b634b8321984942d808 100644 --- a/server/plugins-available/xmpp_plugin.inc.php +++ b/server/plugins-available/xmpp_plugin.inc.php @@ -240,8 +240,8 @@ class xmpp_plugin { $app->system->unlink("/etc/metronome/certs/$domain.csr"); // Remove all stored data var_dump('rm -rf /var/lib/metronome/'.$folder); - exec('rm -rf /var/lib/metronome/'.$folder); - exec('rm -rf /var/lib/metronome/*%2e'.$folder); + $app->system->exec_safe('rm -rf ?', '/var/lib/metronome/'.$folder); + $app->system->exec_safe('rm -rf ?*?', '/var/lib/metronome/', '%2e'.$folder); $app->services->restartServiceDelayed('metronome', 'reload'); } @@ -264,7 +264,7 @@ class xmpp_plugin { // Don't allow manual user deletion for mailaccount controlled domains // Remove account from metronome - exec('metronomectl deluser '.$data['old']['jid']); + $app->system->exec_safe('metronomectl deluser ?', $data['old']['jid']); } // Handle the creation of SSL certificates @@ -311,9 +311,9 @@ class xmpp_plugin { $app->system->file_put_contents($cnf_file, $tpl->grab()); // Generate new key, csr and cert - exec("(cd /etc/metronome/certs && make $domain.key)"); - exec("(cd /etc/metronome/certs && make $domain.csr)"); - exec("(cd /etc/metronome/certs && make $domain.cert)"); + $app->system->exec_safe("(cd /etc/metronome/certs && make ?)", "$domain.key"); + $app->system->exec_safe("(cd /etc/metronome/certs && make ?)", "$domain.csr"); + $app->system->exec_safe("(cd /etc/metronome/certs && make ?)", "$domain.cert"); $ssl_key = $app->system->file_get_contents($key_file); $app->system->chmod($key_file, 0400); diff --git a/server/scripts/ispconfig_patch b/server/scripts/ispconfig_patch index 6ed2a3f5aebb078e787f726d95c1e10565025416..4470552c137e7c5fc5c0ee62178c8492a2a463a4 100644 --- a/server/scripts/ispconfig_patch +++ b/server/scripts/ispconfig_patch @@ -79,7 +79,9 @@ function simple_query($query, $answers, $default) } function is_installed($appname) { - exec('which '.escapeshellcmd($appname).' 2> /dev/null',$out,$returncode); + $out = array(); + $returncode = null; + exec('which '.escapeshellarg($appname).' 2> /dev/null',$out,$returncode); if(isset($out[0]) && stristr($out[0],$appname) && $returncode == 0) { return true; } else { @@ -87,6 +89,13 @@ function is_installed($appname) { } } +$cmd_opt = getopt('', array('patch_id::')); +$auto = false; +if(isset($cmd_opt['patch_id'])) { + $patch_id = $cmd_opt['patch_id']; + $auto = true; +} + echo "\n\n".str_repeat('-',80)."\n"; echo " _____ ___________ _____ __ _ |_ _/ ___| ___ \ / __ \ / _(_) @@ -98,14 +107,18 @@ echo " _____ ___________ _____ __ _ |___/ "; echo "\n".str_repeat('-',80)."\n"; echo "\n\n>> Patch tool \n\n"; -echo "Please enter the patch id that you want to be applied to your ISPConfig installation.\nPlease be aware that we take NO responsibility that this will work for you.\nOnly use patches if you know what you are doing.\n\n"; +if(!$auto) { + echo "Please enter the patch id that you want to be applied to your ISPConfig installation.\nPlease be aware that we take NO responsibility that this will work for you.\nOnly use patches if you know what you are doing.\n\n"; +} if(!is_installed('patch')) { swriteln("The program 'patch' is missing on your server. Please install it and try again."); exit; } -$patch_id = simple_query('Enter patch id', false, ''); +if(!$auto) { + $patch_id = simple_query('Enter patch id', false, ''); +} if($patch_id == '') { swriteln("Patch terminated by user.\n"); die(); @@ -122,8 +135,12 @@ if(!$patch_data) { $patch_text = @file_get_contents('http://ispconfig.org/downloads/patches/' . $patch_id . '.txt'); if($patch_text) { - $ok = simple_query("Patch description:\n".str_repeat("-", 80)."\n".$patch_text."\n".str_repeat("-", 80)."\nDo you really want to apply this patch now?", array('y','n'), 'y'); - if($ok != 'y') { + if($auto) { + $ok = 'y'; + } else { + $ok = simple_query("Patch description:\n" . str_repeat("-", 80) . "\n" . $patch_text . "\n" . str_repeat("-", 80) . "\nDo you really want to apply this patch now?", array('y', 'n'), 'y'); + } + if($ok != 'y') { swriteln("Patch terminated by user.\n"); die(); } @@ -139,5 +156,3 @@ passthru('patch -p0 < ' . escapeshellarg($temp_file)); unlink($temp_file); exit; - -?> \ No newline at end of file