diff --git a/interface/lib/classes/system.inc.php b/interface/lib/classes/system.inc.php index d4d9cccefef81b197cc2adccd1fb7ddafb13b556..ede53034d35da3fe9997b9d8766d309cc3abda1a 100644 --- a/interface/lib/classes/system.inc.php +++ b/interface/lib/classes/system.inc.php @@ -65,6 +65,10 @@ class system { public function exec_safe($cmd) { $arg_count = func_num_args(); + if($arg_count != substr_count($cmd, '?') + 1) { + trigger_error('Placeholder count not matching argument list.', E_USER_WARNING); + return false; + } if($arg_count > 1) { $args = func_get_args(); diff --git a/server/lib/classes/aps_installer.inc.php b/server/lib/classes/aps_installer.inc.php index 2995b01e0798db69e29f538c1271df1d2e59dc56..922f32e61288664e8b8dd464e4f3d3f2e8cb9d99 100644 --- a/server/lib/classes/aps_installer.inc.php +++ b/server/lib/classes/aps_installer.inc.php @@ -544,7 +544,6 @@ class ApsInstaller extends ApsBase chmod($this->local_installpath.'install_scripts/'.$cfgscript, 0755); // Change to the install folder (import for the exec() below!) - //exec('chown -R '.$this->file_owner_user.':'.$this->file_owner_group.' '.escapeshellarg($this->local_installpath)); chdir($this->local_installpath.'install_scripts/'); // Set the enviroment variables diff --git a/server/lib/classes/cron.d/150-webalizer.inc.php b/server/lib/classes/cron.d/150-webalizer.inc.php index 5d341cefe74704c8893b62b9d517faba6be166b1..42aa125e0f9b427883196bf2d511e25a3ad6d182 100644 --- a/server/lib/classes/cron.d/150-webalizer.inc.php +++ b/server/lib/classes/cron.d/150-webalizer.inc.php @@ -94,9 +94,9 @@ class cronjob_webalizer extends cronjob { $log_folder .= '/' . $subdomain_host; unset($tmp); } - $logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log'); + $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log'; if(!@is_file($logfile)) { - $logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz'); + $logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz'; if(!@is_file($logfile)) { continue; } diff --git a/server/lib/classes/cron.d/200-logfiles.inc.php b/server/lib/classes/cron.d/200-logfiles.inc.php index d1dbf942916ebd38cb7c7321012ff402607f6ff3..b229c76a8acd93f78bad8985dc583a1017ca0e99 100644 --- a/server/lib/classes/cron.d/200-logfiles.inc.php +++ b/server/lib/classes/cron.d/200-logfiles.inc.php @@ -147,7 +147,7 @@ class cronjob_logfiles extends cronjob { } // rotate and compress the error.log - $error_logfile = escapeshellcmd($rec['document_root'].'/' . $log_folder . '/error.log'); + $error_logfile = $rec['document_root'].'/' . $log_folder . '/error.log'; // rename older files (move up by one) $num = $log_retention; while($num >= 1) { @@ -187,7 +187,7 @@ class cronjob_logfiles extends cronjob { $ispconfig_logfiles = array('ispconfig.log', 'cron.log', 'auth.log'); foreach($ispconfig_logfiles as $ispconfig_logfile) { $num = $max_syslog; - $ispconfig_logfile = escapeshellcmd($conf['ispconfig_log_dir'].'/'.$ispconfig_logfile); + $ispconfig_logfile = $conf['ispconfig_log_dir'].'/'.$ispconfig_logfile; // rename older files (move up by one) while($num >= 1) { if(is_file($ispconfig_logfile . '.' . $num . '.gz')) rename($ispconfig_logfile . '.' . $num . '.gz', $ispconfig_logfile . '.' . ($num + 1) . '.gz'); diff --git a/server/lib/classes/cron.d/500-backup_mail.inc.php b/server/lib/classes/cron.d/500-backup_mail.inc.php index 6cd689edca3673cc1038244a6bab296e372e703b..234f02771db841d194e38f3e5050b4e6004e5868 100644 --- a/server/lib/classes/cron.d/500-backup_mail.inc.php +++ b/server/lib/classes/cron.d/500-backup_mail.inc.php @@ -69,9 +69,9 @@ class cronjob_backup_mail extends cronjob { $records = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE server_id = ? AND maildir != ''", intval($conf['server_id'])); if(is_array($records) && $run_backups) { if(!is_dir($backup_dir)) { - mkdir(escapeshellcmd($backup_dir), $backup_dir_permissions, true); + mkdir($backup_dir, $backup_dir_permissions, true); } else { - chmod(escapeshellcmd($backup_dir), $backup_dir_permissions); + chmod($backup_dir, $backup_dir_permissions); } system('which pigz > /dev/null', $ret); if($ret === 0) { @@ -122,7 +122,7 @@ class cronjob_backup_mail extends cronjob { if ($rec['maildir_format'] == 'mdbox') { if (empty($this->tmp_backup_dir)) $this->tmp_backup_dir = $rec['maildir']; // Create temporary backup-mailbox - exec("su -c ?", 'dsync backup -u "'.$rec["email"].'" mdbox:' . $this->tmp_backup_dir . '/backup'); + $app->system->exec_safe("su -c ?", 'dsync backup -u "'.$rec["email"].'" mdbox:' . $this->tmp_backup_dir . '/backup'); if($backup_mode == 'userzip') { $mail_backup_file.='.zip'; diff --git a/server/lib/classes/system.inc.php b/server/lib/classes/system.inc.php index 9f3e963eea701786d4ecc100268352547821f0ad..051f3554a6a827f2e0f2e5498265390efaec56d7 100644 --- a/server/lib/classes/system.inc.php +++ b/server/lib/classes/system.inc.php @@ -1601,22 +1601,20 @@ class system{ $mail_config = $app->getconf->get_server_config($conf["server_id"], 'mail'); if($subfolder != '') { - $dir = escapeshellcmd($maildir_path.'/.'.$subfolder); + $dir = $maildir_path.'/.'.$subfolder; } else { - $dir = escapeshellcmd($maildir_path); + $dir = $maildir_path; } if(!is_dir($dir)) mkdir($dir, 0700, true); if($user != '' && $user != 'root' && $this->is_user($user)) { - $user = escapeshellcmd($user); if(is_dir($dir)) $this->chown($dir, $user); $chown_mdsub = true; } if($group != '' && $group != 'root' && $this->is_group($group)) { - $group = escapeshellcmd($group); if(is_dir($dir)) $this->chgrp($dir, $group); $chgrp_mdsub = true; @@ -1638,7 +1636,7 @@ class system{ // Courier if($mail_config['pop3_imap_daemon'] == 'courier') { if(!is_file($maildir_path.'/courierimapsubscribed')) { - $tmp_file = escapeshellcmd($maildir_path.'/courierimapsubscribed'); + $tmp_file = $maildir_path.'/courierimapsubscribed'; touch($tmp_file); chmod($tmp_file, 0744); chown($tmp_file, 'vmail'); @@ -1650,7 +1648,7 @@ class system{ // Dovecot if($mail_config['pop3_imap_daemon'] == 'dovecot') { if(!is_file($maildir_path.'/subscriptions')) { - $tmp_file = escapeshellcmd($maildir_path.'/subscriptions'); + $tmp_file = $maildir_path.'/subscriptions'; touch($tmp_file); chmod($tmp_file, 0744); chown($tmp_file, 'vmail'); @@ -2059,6 +2057,10 @@ class system{ public function exec_safe($cmd) { $arg_count = func_num_args(); + if($arg_count != substr_count($cmd, '?') + 1) { + trigger_error('Placeholder count not matching argument list.', E_USER_WARNING); + return false; + } if($arg_count > 1) { $args = func_get_args(); diff --git a/server/mods-available/remoteaction_core_module.inc.php b/server/mods-available/remoteaction_core_module.inc.php index e0ce33a5e4a796a0e44b0f851a5124e6bdcdd2c5..3b6bb9fb497366c4e2d05d2324777a6eb0273620 100644 --- a/server/mods-available/remoteaction_core_module.inc.php +++ b/server/mods-available/remoteaction_core_module.inc.php @@ -150,7 +150,7 @@ class remoteaction_core_module { $parts = explode(':', $action['action_param']); $veid = intval($parts[0]); $template_cache_dir = '/vz/template/cache/'; - $template_name = escapeshellcmd($parts[1]); + $template_name = $parts[1]; if($veid > 0 && $template_name != '' && is_dir($template_cache_dir)) { $command = "vzdump --suspend --compress --stdexcludes --dumpdir ? ?"; $app->system->exec_safe($command, $template_cache_dir, $veid); diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php index 28a3c4d5d628d2a0c98b0a0231237b3b6d2ca238..2183e96eb4ff83379191733032c1a759fc9ad624 100644 --- a/server/plugins-available/apache2_plugin.inc.php +++ b/server/plugins-available/apache2_plugin.inc.php @@ -476,7 +476,7 @@ class apache2_plugin { if($data['new']['ssl_action'] == 'del') { if(file_exists($web_config['CA_path'].'/openssl.cnf') && !is_link($web_config['CA_path'].'/openssl.cnf')) { - exec("openssl ca -batch -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -revoke ".escapeshellcmd($crt_file)); + $app->system->exec_safe("openssl ca -batch -config ? -passin pass:? -revoke ?", $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $crt_file); $app->log("Revoking CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); }; $app->system->unlink($csr_file); @@ -594,31 +594,31 @@ class apache2_plugin { //* Check if a ispconfigend user and group exists and create them if(!$app->system->is_group('ispconfigend')) { - exec('groupadd --gid '.($connect_userid_to_webid_start + 10000).' ispconfigend'); + $app->system->exec_safe('groupadd --gid ? ispconfigend', $connect_userid_to_webid_start + 10000); } if(!$app->system->is_user('ispconfigend')) { - exec('useradd -g ispconfigend -d /usr/local/ispconfig --uid '.($connect_userid_to_webid_start + 10000).' ispconfigend'); + $app->system->exec_safe('useradd -g ispconfigend -d /usr/local/ispconfig --uid ? ispconfigend', $connect_userid_to_webid_start + 10000); } } else { $fixed_uid_param = ''; $fixed_gid_param = ''; } - $groupname = escapeshellcmd($data['new']['system_group']); + $groupname = $data['new']['system_group']; if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) { - exec('groupadd '.$fixed_gid_param.' '.$groupname); - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname); + $app->system->exec_safe('groupadd ? ?', $fixed_gid_param, $groupname); + if($apache_chrooted) $app->system->exec_safe('chroot ? groupadd ?', $web_config['website_basedir'], $groupname); $app->log('Adding the group: '.$groupname, LOGLEVEL_DEBUG); } - $username = escapeshellcmd($data['new']['system_user']); + $username = $data['new']['system_user']; if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) { if($web_config['add_web_users_to_sshusers_group'] == 'y') { - exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false"); - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false"); + $app->system->exec_safe('useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username); + if($apache_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username); } else { - exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false"); - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false"); + $app->system->exec_safe('useradd -d ? -g ? ? ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username); + if($apache_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username); } $app->log('Adding the user: '.$username, LOGLEVEL_DEBUG); } @@ -641,7 +641,7 @@ class apache2_plugin { if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // create the symlinks, if not exist if(is_link($tmp_symlink)) { - exec('rm -f '.escapeshellcmd($tmp_symlink)); + $app->system->exec_safe('rm -f ?', $tmp_symlink); $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG); } } @@ -668,13 +668,12 @@ class apache2_plugin { } //* Unmount the old log directory bfore we move the log dir - //exec('fuser -km '.escapeshellcmd($old_dir.'/log')); - exec('umount '.escapeshellcmd($data['old']['document_root'].'/log')); + $app->system->exec_safe('umount ?', $data['old']['document_root'].'/log'); //* Create new base directory, if it does not exist yet if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir); $app->system->web_folder_protection($data['old']['document_root'], false); - exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir)); + $app->system->exec_safe('mv ? ?', $data['old']['document_root'], $new_dir); //$app->system->rename($data['old']['document_root'],$new_dir); $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir, LOGLEVEL_DEBUG); @@ -682,17 +681,17 @@ class apache2_plugin { $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'], $data['new']['document_root'], $data['old']['php_open_basedir']); //* Change the owner of the website files to the new website owner - exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir); + $app->system->exec_safe('chown --recursive --from=?:? ?:? ?', $data['old']['system_user'], $data['old']['system_group'], $data['new']['system_user'], $data['new']['system_group'], $new_dir); //* Change the home directory and group of the website user - $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod'; - $command .= ' --home '.escapeshellcmd($data['new']['document_root']); - $command .= ' --gid '.escapeshellcmd($data['new']['system_group']); - $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null'; - exec($command); + $command = 'killall -u ? ; usermod'; + $command .= ' --home ?'; + $command .= ' --gid ?'; + $command .= ' ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['system_user'], $data['new']['document_root'], $data['new']['system_group'], $data['new']['system_user']); } - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + if($apache_chrooted) $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); //* Change the log mount /* @@ -714,7 +713,7 @@ class apache2_plugin { $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1); } - exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder)); + $app->system->exec_safe('mount --bind ? ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'], $data['new']['document_root'].'/'.$log_folder); } @@ -726,7 +725,6 @@ class apache2_plugin { if(!is_dir($data['new']['document_root'].'/' . $web_folder)) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder); if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/error') and $data['new']['errordocs']) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/error'); if($data['new']['stats_type'] != '' && !is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/stats'); - //if(!is_dir($data['new']['document_root'].'/'.$log_folder)) exec('mkdir -p '.$data['new']['document_root'].'/'.$log_folder); if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl'); if(!is_dir($data['new']['document_root'].'/cgi-bin')) $app->system->mkdirpath($data['new']['document_root'].'/cgi-bin'); if(!is_dir($data['new']['document_root'].'/tmp')) $app->system->mkdirpath($data['new']['document_root'].'/tmp'); @@ -750,7 +748,7 @@ class apache2_plugin { // Remove the symlink for the site, if site is renamed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']); + if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) $app->system->exec_safe('rm -rf ?', '/var/log/ispconfig/httpd/'.$data['old']['domain']); if(is_link($data['old']['document_root'].'/'.$old_log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$old_log_folder); //* remove old log mount @@ -758,19 +756,18 @@ class apache2_plugin { $app->system->removeLine('/etc/fstab', $fstab_line); //* Unmount log directory - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder)); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder)); + $app->system->exec_safe('umount ?', $data['old']['document_root'].'/'.$old_log_folder); } //* Create the log dir if nescessary and mount it if(!is_dir($data['new']['document_root'].'/'.$log_folder) || !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) || is_link($data['new']['document_root'].'/'.$log_folder)) { if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder); - if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']); + if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) $app->system->exec_safe('mkdir -p ?', '/var/log/ispconfig/httpd/'.$data['new']['domain']); $app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder); $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root'); $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, 'root'); $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755); - exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder)); + $app->system->exec_safe('mount --bind ? ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'], $data['new']['document_root'].'/'.$log_folder); //* add mountpoint to fstab $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait'; $fstab_line .= @($web_config['network_filesystem'] == 'y')?',_netdev 0 0':' 0 0'; @@ -795,7 +792,7 @@ class apache2_plugin { if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // remove the symlinks, if not exist if(is_link($tmp_symlink)) { - exec('rm -f '.escapeshellcmd($tmp_symlink)); + $app->system->exec_safe('rm -f ?', $tmp_symlink); $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG); } } @@ -816,11 +813,10 @@ class apache2_plugin { } // create the symlinks, if not exist if(!is_link($tmp_symlink)) { - // exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); if ($web_config["website_symlinks_rel"] == 'y') { - $app->system->create_relative_link(escapeshellcmd($data["new"]["document_root"]), escapeshellcmd($tmp_symlink)); + $app->system->create_relative_link($data["new"]["document_root"], $tmp_symlink); } else { - exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); + $app->system->exec_safe("ln -s ? ?", $data["new"]["document_root"]."/", $tmp_symlink); } $app->log('Creating symlink: ln -s '.$data['new']['document_root'].'/ '.$tmp_symlink, LOGLEVEL_DEBUG); @@ -840,69 +836,67 @@ class apache2_plugin { // Copy the error pages if($data['new']['errordocs']) { - $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/'; - if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/'; + if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) { + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } else { if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) { - exec('cp '. $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path); + $app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path); } else { - exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } } - exec('chmod -R a+r '.$error_page_path); + $app->system->exec_safe('chmod -R a+r ?', $error_page_path); } //* Copy the web skeleton files only when there is no index.ph or index.html file yet if(!file_exists($data['new']['document_root'].'/'.$web_folder.'/index.html') && !file_exists($data['new']['document_root'].'/'.$web_folder.'/index.php')) { - if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2))) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr($conf['language'], 0, 2))) { + if(!file_exists($data['new']['document_root'] . '/' . $web_folder . '/index.html')) { + $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/standard_index.html_' . substr($conf['language'], 0, 2), $data['new']['document_root'] . '/' . $web_folder . '/index.html'); + } if(is_file($conf['rootpath'] . '/conf-custom/index/favicon.ico')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/favicon.ico')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/favicon.ico', $data['new']['document_root'].'/' . $web_folder . '/'); } if(is_file($conf['rootpath'] . '/conf-custom/index/robots.txt')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/'); } - //if(is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) { - // exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); - //} } else { if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/standard_index.html', $data['new']['document_root'].'/' . $web_folder . '/index.html'); } else { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/standard_index.html_'.substr($conf['language'], 0, 2), $data['new']['document_root'].'/' . $web_folder . '/index.html'); if(is_file($conf['rootpath'] . '/conf/index/favicon.ico')){ - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/favicon.ico')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/favicon.ico', $data['new']['document_root'].'/' . $web_folder . '/'); } if(is_file($conf['rootpath'] . '/conf/index/robots.txt')){ - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/'); } - //if(is_file($conf['rootpath'] . '/conf/index/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); } } } - exec('chmod -R a+r '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + $app->system->exec_safe('chmod -R a+r ?', $data['new']['document_root'].'/' . $web_folder . '/'); //** Copy the error documents on update when the error document checkbox has been activated and was deactivated before } elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) { - $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/'; - if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/'; + if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) { + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } else { if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path); + $app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path); } else { - exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } } - exec('chmod -R a+r '.$error_page_path); - exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path); + $app->system->exec_safe('chmod -R a+r ?', $error_page_path); + $app->system->exec_safe('chown -R ?:? ?', $data['new']['system_user'], $data['new']['system_group'], $error_page_path); } // end copy error docs // Set the quota for the user, but only for vhosts, not vhostsubdomains or vhostalias @@ -917,39 +911,39 @@ class apache2_plugin { } // get the primitive folder for document_root and the filesystem, will need it later. - $df_output=explode(" ", exec("df -T " . escapeshellarg($data['new']['document_root']) . "|awk 'END{print \$2,\$NF}'")); + $df_output=explode(" ", $app->system->exec_safe("df -T ?|awk 'END{print \$2,\$NF}'", $data['new']['document_root'])); $file_system = $df_output[0]; $primitive_root = $df_output[1]; if($file_system == 'xfs') { - exec("xfs_quota -x -c " . escapeshellarg("limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username) . " " . escapeshellarg($primitive_root)); + $app->system->exec_safe("xfs_quota -x -c ? ?", "limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username, $primitive_root); // xfs only supports timers globally, not per user. - exec("xfs_quota -x -c 'timer -bir -i 604800' " . escapeshellarg($primitive_root)); + $app->system->exec_safe("xfs_quota -x -c 'timer -bir -i 604800' ?", $primitive_root); unset($project_uid, $username_position, $xfs_projects); unset($primitive_root, $df_output, $mb_hard, $mb_soft); } else { if($app->system->is_installed('setquota')) { - exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null'); - exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null'); + $app->system->exec_safe('setquota -u ? ? ? 0 0 -a &> /dev/null', $username, $blocks_soft, $blocks_hard); + $app->system->exec_safe('setquota -T -u ? 604800 604800 -a &> /dev/null', $username); } } } if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) { // Chown and chmod the directories below the document root - $app->system->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder); // The document root itself has to be owned by root in normal level and by the web owner in security level 20 if($web_config['security_level'] == 20) { - $app->system->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder); } else { - $app->system->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown root:root ?', $data['new']['document_root'].'/' . $web_folder); } } //* add the Apache user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update - if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user'])); + if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, $web_config['user']); //* If the security level is set to high if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) { @@ -978,18 +972,18 @@ class apache2_plugin { if($web_config['add_web_users_to_sshusers_group'] == 'y') { $command = 'usermod'; $command .= ' --groups sshusers'; - $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null'; - $app->system->_exec($command); + $command .= ' ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['system_user']); } //* if we have a chrooted Apache environment if($apache_chrooted) { - $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); //* add the apache user to the client group in the chroot environment $tmp_groupfile = $app->system->server_conf['group_datei']; $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group'; - $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user'])); + $app->system->add_user_to_group($groupname, $web_config['user']); $app->system->server_conf['group_datei'] = $tmp_groupfile; unset($tmp_groupfile); } @@ -1092,7 +1086,9 @@ class apache2_plugin { if($data['new']['type'] == 'vhost') { // Change the ownership of the error log to the root user - if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) exec('touch '.escapeshellcmd('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')); + if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) { + $app->system->exec_safe('touch ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log'); + } $app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root'); $app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root'); } @@ -1165,7 +1161,7 @@ class apache2_plugin { $vhost_data['php_open_basedir'] = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; $vhost_data['ssl_domain'] = $data['new']['ssl_domain']; $vhost_data['has_custom_php_ini'] = $has_custom_php_ini; - $vhost_data['custom_php_ini_dir'] = escapeshellcmd($custom_php_ini_dir); + $vhost_data['custom_php_ini_dir'] = $custom_php_ini_dir; $vhost_data['logging'] = $web_config['logging']; // Custom Apache directives @@ -1455,13 +1451,10 @@ class apache2_plugin { if (!is_dir($fastcgi_starter_path)) { $app->system->mkdirpath($fastcgi_starter_path); - //exec('chown '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.escapeshellcmd($fastcgi_starter_path)); - $app->log('Creating fastcgi starter script directory: '.$fastcgi_starter_path, LOGLEVEL_DEBUG); } - //exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.escapeshellcmd($fastcgi_starter_path)); $app->system->chown($fastcgi_starter_path, $data['new']['system_user']); $app->system->chgrp($fastcgi_starter_path, $data['new']['system_group']); if($web_config['security_level'] == 10) { @@ -1483,29 +1476,29 @@ class apache2_plugin { } if($has_custom_php_ini) { - $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_php_ini_dir)); + $fcgi_tpl->setVar('php_ini_path', $custom_php_ini_dir); } else { if($default_fastcgi_php){ - $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($fastcgi_config['fastcgi_phpini_path'])); + $fcgi_tpl->setVar('php_ini_path', $fastcgi_config['fastcgi_phpini_path']); } else { - $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_fastcgi_php_ini_dir)); + $fcgi_tpl->setVar('php_ini_path', $custom_fastcgi_php_ini_dir); } } - $fcgi_tpl->setVar('document_root', escapeshellcmd($data['new']['document_root'])); - $fcgi_tpl->setVar('php_fcgi_children', escapeshellcmd($fastcgi_config['fastcgi_children'])); - $fcgi_tpl->setVar('php_fcgi_max_requests', escapeshellcmd($fastcgi_config['fastcgi_max_requests'])); + $fcgi_tpl->setVar('document_root', $data['new']['document_root']); + $fcgi_tpl->setVar('php_fcgi_children', $fastcgi_config['fastcgi_children']); + $fcgi_tpl->setVar('php_fcgi_max_requests', $fastcgi_config['fastcgi_max_requests']); if($default_fastcgi_php){ - $fcgi_tpl->setVar('php_fcgi_bin', escapeshellcmd($fastcgi_config['fastcgi_bin'])); + $fcgi_tpl->setVar('php_fcgi_bin', $fastcgi_config['fastcgi_bin']); } else { - $fcgi_tpl->setVar('php_fcgi_bin', escapeshellcmd($custom_fastcgi_php_executable)); + $fcgi_tpl->setVar('php_fcgi_bin', $custom_fastcgi_php_executable); } $fcgi_tpl->setVar('security_level', intval($web_config['security_level'])); - $fcgi_tpl->setVar('domain', escapeshellcmd($data['new']['domain'])); + $fcgi_tpl->setVar('domain', $data['new']['domain']); $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; - $fcgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir)); + $fcgi_tpl->setVar('open_basedir', $php_open_basedir); - $fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : '')); + $fcgi_starter_script = $fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''); $app->system->file_put_contents($fcgi_starter_script, $fcgi_tpl->grab()); unset($fcgi_tpl); @@ -1565,14 +1558,13 @@ class apache2_plugin { } if($default_php_fpm){ - $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']); - } else { + $pool_dir = $web_config['php_fpm_pool_dir']; $pool_dir = $custom_php_fpm_pool_dir; } $pool_dir = trim($pool_dir); if(substr($pool_dir, -1) != '/') $pool_dir .= '/'; $pool_name = 'web'.$data['new']['domain_id']; - $socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']); + $socket_dir = $web_config['php_fpm_socket_dir']; if(substr($socket_dir, -1) != '/') $socket_dir .= '/'; if($data['new']['php_fpm_use_socket'] == 'y'){ @@ -1625,8 +1617,8 @@ class apache2_plugin { // This works because PHP "rewrites" a symlink to the physical path $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; - $cgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir)); - $cgi_tpl->setVar('document_root', escapeshellcmd($data['new']['document_root'])); + $cgi_tpl->setVar('open_basedir', $php_open_basedir); + $cgi_tpl->setVar('document_root', $data['new']['document_root']); // This will NOT work! //$cgi_tpl->setVar('open_basedir', '/var/www/' . $data['new']['domain']); @@ -1635,12 +1627,12 @@ class apache2_plugin { $cgi_tpl->setVar('has_custom_php_ini', $has_custom_php_ini); if($has_custom_php_ini) { - $cgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_php_ini_dir)); + $cgi_tpl->setVar('php_ini_path', $custom_php_ini_dir); } else { - $cgi_tpl->setVar('php_ini_path', escapeshellcmd($fastcgi_config['fastcgi_phpini_path'])); + $cgi_tpl->setVar('php_ini_path', $fastcgi_config['fastcgi_phpini_path']); } - $cgi_starter_script = escapeshellcmd($cgi_starter_path.$cgi_config['cgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : '')); + $cgi_starter_script = $cgi_starter_path.$cgi_config['cgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''); $app->system->file_put_contents($cgi_starter_script, $cgi_tpl->grab()); unset($cgi_tpl); @@ -1660,7 +1652,7 @@ class apache2_plugin { } - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_file = $web_config['vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'; //* Make a backup copy of vhost file if(file_exists($vhost_file)) $app->system->copy($vhost_file, $vhost_file.'~'); @@ -1753,17 +1745,17 @@ class apache2_plugin { //* Set the symlink to enable the vhost //* First we check if there is a old type of symlink and remove it - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) $app->system->unlink($vhost_symlink); //* Remove old or changed symlinks if($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') { - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -1772,9 +1764,9 @@ class apache2_plugin { //* New symlink if($data['new']['subdomain'] == '*') { - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'; } else { - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'; } if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) { symlink($vhost_file, $vhost_symlink); @@ -1783,22 +1775,22 @@ class apache2_plugin { // remove old symlink and vhost file, if domain name of the site has changed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; $app->system->unlink($vhost_file); $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG); } @@ -2032,14 +2024,10 @@ class apache2_plugin { if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias'){ if(is_array($log_folders) && !empty($log_folders)){ foreach($log_folders as $log_folder){ - //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder)); - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); + $app->system->exec_safe('umount ? 2>/dev/null', $data['old']['document_root'].'/'.$log_folder); } } else { - //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder)); - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); + $app->system->exec_safe('umount ? 2>/dev/null', $data['old']['document_root'].'/'.$log_folder); } // remove letsencrypt if it exists (renew will always fail otherwise) @@ -2079,19 +2067,19 @@ class apache2_plugin { } else { //* This is a website // Deleting the vhost file, symlink and the data directory - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -2101,11 +2089,11 @@ class apache2_plugin { $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG); if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') { - $docroot = escapeshellcmd($data['old']['document_root']); + $docroot = $data['old']['document_root']; if($docroot != '' && !stristr($docroot, '..')) { if($data['old']['type'] == 'vhost') { // this is a vhost - we delete everything in here. - exec('rm -rf '.$docroot); + $app->system->exec_safe('rm -rf ?', $docroot); } elseif(!stristr($data['old']['web_folder'], '..')) { // this is a vhost subdomain // IMPORTANT: do some folder checks before we delete this! @@ -2155,7 +2143,7 @@ class apache2_plugin { unset($used_paths); } - if($do_delete === true && $delete_folder !== '') exec('rm -rf '.$docroot.'/'.$delete_folder); + if($do_delete === true && $delete_folder !== '') $app->system->exec_safe('rm -rf ?', $docroot.'/'.$delete_folder); unset($delete_folder); unset($path_elements); @@ -2167,12 +2155,12 @@ class apache2_plugin { $fastcgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $fastcgi_config['fastcgi_starter_path']); if($data['old']['type'] == 'vhost') { if (is_dir($fastcgi_starter_path)) { - exec('rm -rf '.$fastcgi_starter_path); + $app->system->exec_safe('rm -rf ?', $fastcgi_starter_path); } } else { $fcgi_starter_script = $fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].'_web'.$data['old']['domain_id']; if (file_exists($fcgi_starter_script)) { - exec('rm -f '.$fcgi_starter_script); + $app->system->exec_safe('rm -f ?', $fcgi_starter_script); } } } @@ -2192,12 +2180,12 @@ class apache2_plugin { $cgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['cgi_starter_path']); if($data['old']['type'] == 'vhost') { if (is_dir($cgi_starter_path)) { - exec('rm -rf '.$cgi_starter_path); + $app->system->exec_safe('rm -rf ?', $cgi_starter_path); } } else { $cgi_starter_script = $cgi_starter_path.'php-cgi-starter_web'.$data['old']['domain_id']; if (file_exists($cgi_starter_script)) { - exec('rm -f '.$cgi_starter_script); + $app->system->exec_safe('rm -f ?', $cgi_starter_script); } } } @@ -2226,16 +2214,15 @@ class apache2_plugin { } // Delete the log file directory - $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']); - if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir); + $vhost_logfile_dir = '/var/log/ispconfig/httpd/'.$data['old']['domain']; + if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) $app->system->exec_safe('rm -rf ?', $vhost_logfile_dir); $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG); if($data['old']['type'] == 'vhost') { //delete the web user - $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel'; - $command .= ' '.escapeshellcmd($data['old']['system_user']); - exec($command); - if($apache_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + $command = 'killall -u ? ; userdel ?'; + $app->system->exec_safe($command, $data['old']['system_user'], $data['old']['system_user']); + if($apache_chrooted) $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); } @@ -2267,7 +2254,7 @@ class apache2_plugin { if($mount_backup){ $web_backup_dir = $backup_dir.'/web'.$data_old['domain_id']; //** do not use rm -rf $web_backup_dir because database(s) may exits - exec(escapeshellcmd('rm -f '.$web_backup_dir.'/web'.$data_old['domain_id'].'_').'*'); + $app->system->exec_safe('rm -f ?*', $web_backup_dir.'/web'.$data_old['domain_id'].'_'); //* cleanup database $sql = "DELETE FROM web_backup WHERE server_id = ? AND parent_domain_id = ? AND filename LIKE ?"; $app->db->query($sql, $conf['server_id'], $data_old['domain_id'], "web".$data_old['domain_id']."_%"); @@ -2322,7 +2309,7 @@ class apache2_plugin { $tpl->setLoop('ip_adresses', $records_out); } - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/ispconfig.conf'); + $vhost_file = $web_config['vhost_conf_dir'].'/ispconfig.conf'; $app->system->file_put_contents($vhost_file, $tpl->grab()); $app->log('Writing the conf file: '.$vhost_file, LOGLEVEL_DEBUG); unset($tpl); @@ -2355,7 +2342,7 @@ class apache2_plugin { //* Get the folder path. if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1); if(substr($folder['path'], -1) == '/') $folder['path'] = substr($folder['path'], 0, -1); - $folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$folder['path']); + $folder_path = $website['document_root'].'/' . $web_folder . '/'.$folder['path']; if(substr($folder_path, -1) != '/') $folder_path .= '/'; //* Check if the resulting path is inside the docroot @@ -2501,7 +2488,7 @@ class apache2_plugin { if(substr($data['new']['path'], 0, 1) == '/') $data['new']['path'] = substr($data['new']['path'], 1); if(substr($data['new']['path'], -1) == '/') $data['new']['path'] = substr($data['new']['path'], 0, -1); - $new_folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$data['new']['path']); + $new_folder_path = $website['document_root'].'/' . $web_folder . '/'.$data['new']['path']; if(substr($new_folder_path, -1) != '/') $new_folder_path .= '/'; //* Check if the resulting path is inside the docroot @@ -2681,8 +2668,6 @@ class apache2_plugin { /* * The webdav - Root needs the group/user as owner and the apache as read and write */ - //$app->system->_exec('chown ' . $user . ':' . $group . ' ' . escapeshellcmd($documentRoot . '/webdav/')); - //$app->system->_exec('chmod 770 ' . escapeshellcmd($documentRoot . '/webdav/')); $app->system->chown($documentRoot . '/webdav', $user); $app->system->chgrp($documentRoot . '/webdav', $group); $app->system->chmod($documentRoot . '/webdav', 0770); @@ -2691,8 +2676,6 @@ class apache2_plugin { * The webdav folder (not the webdav-root!) needs the same (not in ONE step, because the * pwd-files are owned by root) */ - //$app->system->_exec('chown ' . $user . ':' . $group . ' ' . escapeshellcmd($webdav_user_dir.' -R')); - //$app->system->_exec('chmod 770 ' . escapeshellcmd($webdav_user_dir.' -R')); $app->system->chown($webdav_user_dir, $user); $app->system->chgrp($webdav_user_dir, $group); $app->system->chmod($webdav_user_dir, 0770); @@ -2712,7 +2695,7 @@ class apache2_plugin { /* * Next step, patch the vhost - file */ - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'] . '/' . $domain . '.vhost'); + $vhost_file = $web_config['vhost_conf_dir'] . '/' . $domain . '.vhost'; $this->_patchVhostWebdav($vhost_file, $documentRoot . '/webdav'); /* @@ -2744,7 +2727,7 @@ class apache2_plugin { /* * Next step, patch the vhost - file */ - $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'] . '/' . $domain . '.vhost'); + $vhost_file = $web_config['vhost_conf_dir'] . '/' . $domain . '.vhost'; $this->_patchVhostWebdav($vhost_file, $documentRoot . '/webdav'); /* @@ -3004,9 +2987,9 @@ class apache2_plugin { $content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $content); file_put_contents('/etc/init.d/hhvm_' . $data['new']['system_user'], $content); - exec('chmod +x /etc/init.d/hhvm_' . $data['new']['system_user'] . ' >/dev/null 2>&1'); - exec('/usr/sbin/update-rc.d hhvm_' . $data['new']['system_user'] . ' defaults >/dev/null 2>&1'); - exec('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' restart >/dev/null 2>&1'); + $app->system->exec_safe('chmod +x ? >/dev/null 2>&1', '/etc/init.d/hhvm_' . $data['new']['system_user']); + $app->system->exec_safe('/usr/sbin/update-rc.d ? defaults >/dev/null 2>&1', 'hhvm_' . $data['new']['system_user']); + $app->system->exec_safe('? restart >/dev/null 2>&1', '/etc/init.d/hhvm_' . $data['new']['system_user']); if(is_dir('/etc/monit/conf.d')){ $monit_content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $monit_content); @@ -3017,8 +3000,8 @@ class apache2_plugin { } elseif($data['new']['php'] != 'hhvm' && $data['old']['php'] == 'hhvm') { if($data['old']['system_user'] != ''){ - exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1'); - exec('/usr/sbin/update-rc.d hhvm_' . $data['old']['system_user'] . ' remove >/dev/null 2>&1'); + $app->system->exec_safe('? stop >/dev/null 2>&1', '/etc/init.d/hhvm_' . $data['old']['system_user']); + $app->system->exec_safe('/usr/sbin/update-rc.d ? remove >/dev/null 2>&1', 'hhvm_' . $data['old']['system_user']); unlink('/etc/init.d/hhvm_' . $data['old']['system_user']); if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini'); } @@ -3117,7 +3100,7 @@ class apache2_plugin { $tpl->setVar('document_root', $data['new']['document_root']); $tpl->setVar('security_level', $web_config['security_level']); $tpl->setVar('domain', $data['new']['domain']); - $php_open_basedir = ($data['new']['php_open_basedir'] == '')?escapeshellcmd($data['new']['document_root']):escapeshellcmd($data['new']['php_open_basedir']); + $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; $tpl->setVar('php_open_basedir', $php_open_basedir); if($php_open_basedir != ''){ $tpl->setVar('enable_php_open_basedir', ''); @@ -3204,7 +3187,7 @@ class apache2_plugin { unset($tpl); // delete pool in all other PHP versions - $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir'])); + $default_pool_dir = trim($web_config['php_fpm_pool_dir']); if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/'; if($default_pool_dir != $pool_dir){ if ( @is_file($default_pool_dir.$pool_name.'.conf') ) { @@ -3258,7 +3241,7 @@ class apache2_plugin { } if($default_php_fpm){ - $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']); + $pool_dir = $web_config['php_fpm_pool_dir']; } else { $pool_dir = $custom_php_fpm_pool_dir; } @@ -3275,7 +3258,7 @@ class apache2_plugin { } // delete pool in all other PHP versions - $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir'])); + $default_pool_dir = trim($web_config['php_fpm_pool_dir']); if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/'; if($default_pool_dir != $pool_dir){ if ( @is_file($default_pool_dir.$pool_name.'.conf') ) { @@ -3335,7 +3318,7 @@ class apache2_plugin { } if($app->system->is_group('client'.$client_id)){ - $app->system->_exec('groupdel client'.$client_id); + $app->system->exec_safe('groupdel ?', 'client'.$client_id); $app->log('Removed group client'.$client_id, LOGLEVEL_DEBUG); } } diff --git a/server/plugins-available/apps_vhost_plugin.inc.php b/server/plugins-available/apps_vhost_plugin.inc.php index 41e3cdd82cc6f8b330339b9349005ca3e94e89a9..ea2359d6026f06658d926d448993aa0a48c10940 100644 --- a/server/plugins-available/apps_vhost_plugin.inc.php +++ b/server/plugins-available/apps_vhost_plugin.inc.php @@ -121,7 +121,7 @@ class apps_vhost_plugin { $app->system->file_put_contents("$vhost_conf_dir/apps.vhost", $content); // enabled / disable apps-vhost - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/000-apps.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/000-apps.vhost'; if(is_link($vhost_symlink) && $web_config['apps_vhost_enabled'] == 'n') { $app->system->unlink($vhost_symlink); } @@ -207,7 +207,7 @@ class apps_vhost_plugin { file_put_contents("$vhost_conf_dir/apps.vhost", $content); // enabled / disable apps-vhost - $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/000-apps.vhost'); + $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/000-apps.vhost'; if(is_link($vhost_symlink) && $web_config['apps_vhost_enabled'] == 'n') { $app->system->unlink($vhost_symlink); } diff --git a/server/plugins-available/backup_plugin.inc.php b/server/plugins-available/backup_plugin.inc.php index 6ce8c98939ae236f0246aecd574812d1a1c32673..3308289d41dfff03564450137cced34aaedb3d8e 100644 --- a/server/plugins-available/backup_plugin.inc.php +++ b/server/plugins-available/backup_plugin.inc.php @@ -104,13 +104,13 @@ class backup_plugin { // extract tar.gz archive $dump_directory = str_replace(".tar.gz", "", $backup['filename']); $extracted = "/usr/local/ispconfig/server/temp"; - exec("tar -xzvf ".escapeshellarg($backup_dir.'/'.$backup['filename'])." --directory=".escapeshellarg($extracted)); + $app->system->exec_safe("tar -xzvf ? --directory=?", $backup_dir.'/'.$backup['filename'], $extracted); $restore_directory = $extracted."/".$dump_directory."/".$db_name; // mongorestore -h 127.0.0.1 -u root -p 123456 --authenticationDatabase admin -d c1debug --drop ./toRestore - $command = "mongorestore -h 127.0.0.1 --port 27017 -u root -p 123456 --authenticationDatabase admin -d ".$db_name." --drop ".escapeshellarg($restore_directory); - exec($command); - exec("rm -rf ".escapeshellarg($extracted."/".$dump_directory)); + $command = "mongorestore -h 127.0.0.1 --port 27017 -u root -p 123456 --authenticationDatabase admin -d ? --drop ?"; + $app->system->exec_safe($command, $db_name, $restore_directory); + $app->system->exec_safe("rm -rf ?", $extracted."/".$dump_directory); } unset($clientdb_host); @@ -129,8 +129,8 @@ class backup_plugin { //$db_name = $parts[1]; preg_match('@^db_(.+)_\d{4}-\d{2}-\d{2}_\d{2}-\d{2}\.sql\.gz$@', $backup['filename'], $matches); $db_name = $matches[1]; - $command = "gunzip --stdout ".escapeshellarg($backup_dir.'/'.$backup['filename'])." | mysql -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".escapeshellarg($db_name); - exec($command); + $command = "gunzip --stdout ? | mysql -h ? -u ? -p? ?"; + $app->system->exec_safe($command, $backup_dir.'/'.$backup['filename'], $clientdb_host, $clientdb_user, $clientdb_password, $db_name); } unset($clientdb_host); unset($clientdb_user); @@ -147,8 +147,8 @@ class backup_plugin { copy($backup_dir.'/'.$backup['filename'], $web['document_root'].'/backup/'.$backup['filename']); chgrp($web['document_root'].'/backup/'.$backup['filename'], $web['system_group']); //chown($web['document_root'].'/backup/'.$backup['filename'],$web['system_user']); - $command = 'sudo -u '.escapeshellarg($web['system_user']).' unzip -qq -o '.escapeshellarg($web['document_root'].'/backup/'.$backup['filename']).' -d '.escapeshellarg($web['document_root']).' 2> /dev/null'; - exec($command); + $command = 'sudo -u ? unzip -qq -o ? -d ? 2> /dev/null'; + $app->system->exec_safe($command, $web['system_user'], $web['document_root'].'/backup/'.$backup['filename'], $web['document_root']); unlink($web['document_root'].'/backup/'.$backup['filename']); if(file_exists($web['document_root'].'/backup/'.$backup['filename'].'.bak')) rename($web['document_root'].'/backup/'.$backup['filename'].'.bak', $web['document_root'].'/backup/'.$backup['filename']); $app->log('Restored Web backup '.$backup_dir.'/'.$backup['filename'], LOGLEVEL_DEBUG); @@ -156,8 +156,8 @@ class backup_plugin { } if($backup['backup_mode'] == 'rootgz') { if(file_exists($backup_dir.'/'.$backup['filename']) && $web['document_root'] != '' && $web['document_root'] != '/' && !stristr($backup_dir.'/'.$backup['filename'], '..') && !stristr($backup_dir.'/'.$backup['filename'], 'etc')) { - $command = 'tar xzf '.escapeshellarg($backup_dir.'/'.$backup['filename']).' --directory '.escapeshellarg($web['document_root']); - exec($command); + $command = 'tar xzf ? --directory ?'; + $app->system->exec_safe($command, $backup_dir.'/'.$backup['filename'], $web['document_root']); $app->log('Restored Web backup '.$backup_dir.'/'.$backup['filename'], LOGLEVEL_DEBUG); } } @@ -237,22 +237,24 @@ class backup_plugin { if($mail_backup['backup_mode'] == 'userzip') { copy($mail_backup_file, $record['maildir'].'/'.$mail_backup['filename']); chgrp($record['maildir'].'/'.$mail_backup['filename'], $mail_config['mailuser_group']); - $command = 'sudo -u '.$mail_config['mailuser_name'].' unzip -qq -o '.escapeshellarg($record['maildir'].'/'.$mail_backup['filename']).' -d '.escapeshellarg($record['maildir']).' 2> /dev/null'; - exec($command,$tmp_output, $retval); + $command = 'sudo -u ? unzip -qq -o ? -d ? 2> /dev/null'; + $app->system->exec_safe($command, $mail_config['mailuser_name'], $record['maildir'].'/'.$mail_backup['filename'], $record['maildir']); + $retval = $app->system->last_exec_retcode(); unlink($record['maildir'].'/'.$mail_backup['filename']); - } - if($mail_backup['backup_mode'] == 'rootgz') { - $command='tar xfz '.escapeshellarg($mail_backup_file).' --directory '.escapeshellarg($record['maildir']); - exec($command,$tmp_output, $retval); + } elseif($mail_backup['backup_mode'] == 'rootgz') { + $command='tar xfz ? --directory ?'; + $app->system->exec_safe($command, $mail_backup_file, $record['maildir']); + $retval = $app->system->last_exec_retcode(); } if($retval == 0) { // Now import backup-mailbox into special backup-folder $backupname = "backup-".date("Y-m-d", $mail_backup['tstamp']); - exec("doveadm mailbox create -u \"".$record["email"]."\" $backupname"); - exec("doveadm import -u \"".$record["email"]."\" mdbox:".$record['maildir']."/backup $backupname all", $tmp_output, $retval); - exec("for f in `doveadm mailbox list -u \"".$record["email"]."\" $backupname*`; do doveadm mailbox subscribe -u \"".$record["email"]."\" \$f; done", $tmp_output, $retval); - exec('rm -rf '.$record['maildir'].'/backup'); + $app->system->exec_safe("doveadm mailbox create -u ? ?", $record["email"], $backupname); + $app->system->exec_safe("doveadm import -u ? mdbox:? ? all", $record["email"], $record['maildir']."/backup", $backupname); + $app->system->exec_safe("for f in `doveadm mailbox list -u ? ?*`; do doveadm mailbox subscribe -u ? \$f; done", $record["email"], $backupname, $record["email"]); + $retval = $app->system->last_exec_retcode(); + $app->system->exec_safe('rm -rf ?', $record['maildir'].'/backup'); } if($retval == 0){ @@ -260,7 +262,7 @@ class backup_plugin { } else { // cleanup if (file_exists($record['maildir'].'/'.$mail_backup['filename'])) unlink($record['maildir'].'/'.$mail_backup['filename']); - if (file_exists($record['maildir']."/backup")) exec('rm -rf '.$record['maildir']."/backup"); + if (file_exists($record['maildir']."/backup")) $app->system->exec_safe('rm -rf ?', $record['maildir']."/backup"); $app->log('Unable to restore Mail backup '.$mail_backup_file.' '.$tmp_output,LOGLEVEL_ERROR); } @@ -269,8 +271,10 @@ class backup_plugin { if($mail_backup['backup_mode'] == 'userzip') { copy($mail_backup_file, $domain_dir.'/'.$mail_backup['filename']); chgrp($domain_dir.'/'.$mail_backup['filename'], $mail_config['mailuser_group']); - $command = 'sudo -u '.$mail_config['mailuser_name'].' unzip -qq -o '.escapeshellarg($domain_dir.'/'.$mail_backup['filename']).' -d '.escapeshellarg($domain_dir).' 2> /dev/null'; - exec($command,$tmp_output, $retval); + $command = 'sudo -u ? unzip -qq -o ? -d ? 2> /dev/null'; + $app->system->exec_safe($command, $mail_config['mailuser_name'], $domain_dir.'/'.$mail_backup['filename'], $domain_dir); + $retval = $app->system->last_exec_retcode(); + $tmp_output = $app->system->last_exec_out(); unlink($domain_dir.'/'.$mail_backup['filename']); if($retval == 0){ $app->log('Restored Mail backup '.$mail_backup_file,LOGLEVEL_DEBUG); @@ -279,8 +283,10 @@ class backup_plugin { } } if($mail_backup['backup_mode'] == 'rootgz') { - $command='tar xfz '.escapeshellarg($mail_backup_file).' --directory '.escapeshellarg($domain_dir); - exec($command,$tmp_output, $retval); + $command='tar xfz ? --directory ?'; + $app->system->exec_safe($command, $mail_backup_file, $domain_dir); + $retval = $app->system->last_exec_retcode(); + $tmp_output = $app->system->last_exec_out(); if($retval == 0){ $app->log('Restored Mail backup '.$mail_backup_file,LOGLEVEL_DEBUG); } else { diff --git a/server/plugins-available/bind_plugin.inc.php b/server/plugins-available/bind_plugin.inc.php index edf7b93d9f1ea62f8b314a62b73c77f15e5ca678..29d841ef8a7b3aec77acb49aedd5ebd13500740a 100644 --- a/server/plugins-available/bind_plugin.inc.php +++ b/server/plugins-available/bind_plugin.inc.php @@ -114,9 +114,7 @@ class bind_plugin { } //Do some magic... - exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'. - 'dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE '.escapeshellcmd($domain).';'. - 'dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE '.escapeshellcmd($domain)); + $app->system->exec_safe('cd ?; dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE ?; dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE ?', $dns_config['bind_zonefiles_dir'], $domain, $domain); $this->soa_dnssec_sign($data); //Now sign the zone for the first time $data['new']['dnssec_initialized']='Y'; @@ -148,8 +146,7 @@ class bind_plugin { file_put_contents($dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain, $zonefile); //Sign the zone and set it valid for max. 16 days - exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'. - 'dnssec-signzone -A -e +1382400 -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o '.escapeshellcmd($domain).' -t '.$filespre.escapeshellcmd($domain)); + $app->system->exec_safe('cd ?; dnssec-signzone -A -e +1382400 -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N increment -o ? -t ?', $dns_config['bind_zonefiles_dir'], $domain, $filespre.$domain); //Write Data back ino DB $dnssecdata = "DS-Records:\n".file_get_contents($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.'); @@ -187,8 +184,8 @@ class bind_plugin { if (!$new && !file_exists($dns_config['bind_zonefiles_dir'].'/dsset-'.$domain.'.')) $this->soa_dnssec_create($data); $dbdata = $app->db->queryOneRecord('SELECT id,serial FROM dns_soa WHERE id=?', intval($data['new']['id'])); - exec('cd '.escapeshellcmd($dns_config['bind_zonefiles_dir']).';'. - 'named-checkzone '.escapeshellcmd($domain).' '.escapeshellcmd($dns_config['bind_zonefiles_dir']).'/'.$filespre.escapeshellcmd($domain).' | egrep -ho \'[0-9]{10}\'', $serial, $retState); + $app->system->exec_safe('cd ?; named-checkzone ? ? | egrep -ho \'[0-9]{10}\'', $dns_config['bind_zonefiles_dir'], $domain, $dns_config['bind_zonefiles_dir'].'/'.$filespre.$domain); + $retState = $app->system->last_exec_retcode(); if ($retState != 0) { $app->log('DNSSEC Error: Error in Zonefile for '.$domain, LOGLEVEL_ERR); return false; @@ -283,20 +280,22 @@ class bind_plugin { //TODO : change this when distribution information has been integrated into server record if (file_exists('/etc/gentoo-release')) { - $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($zone['origin'], 0, -1))); + $filename = $dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($zone['origin'], 0, -1)); } else { - $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1))); + $filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1)); } $old_zonefile = @file_get_contents($filename); file_put_contents($filename, $tpl->grab()); - chown($filename, escapeshellcmd($dns_config['bind_user'])); - chgrp($filename, escapeshellcmd($dns_config['bind_group'])); + chown($filename, $dns_config['bind_user']); + chgrp($filename, $dns_config['bind_group']); //* Check the zonefile if(is_file($filename.'.err')) unlink($filename.'.err'); - exec('named-checkzone '.escapeshellarg($zone['origin']).' '.escapeshellarg($filename), $out, $return_status); + $app->system->exec_safe('named-checkzone ? ?', $zone['origin'], $filename); + $out = $app->system->last_exec_out(); + $return_status = $app->system->last_exec_retcode(); if($return_status === 0) { $app->log("Writing BIND domain file: ".$filename, LOGLEVEL_DEBUG); } else { @@ -309,8 +308,8 @@ class bind_plugin { if ($old_zonefile != '') { rename($filename, $filename.'.err'); file_put_contents($filename, $old_zonefile); - chown($filename, escapeshellcmd($dns_config['bind_user'])); - chgrp($filename, escapeshellcmd($dns_config['bind_group'])); + chown($filename, $dns_config['bind_user']); + chgrp($filename, $dns_config['bind_group']); } else { rename($filename, $filename.'.err'); } @@ -392,7 +391,10 @@ class bind_plugin { $app->log("Deleting BIND domain file: ".$zone_file_name, LOGLEVEL_DEBUG); //* DNSSEC-Implementation - if ($data['old']['dnssec_initialized'] == 'Y') exec('/usr/local/ispconfig/server/scripts/dnssec-delete.sh '.$data['old']['origin']); //delete keys + if($data['old']['dnssec_initialized'] == 'Y') { + //delete keys + $app->system->exec_safe('/usr/local/ispconfig/server/scripts/dnssec-delete.sh ?', $data['old']['origin']); + } //* Reload bind nameserver $app->services->restartServiceDelayed('bind', 'reload'); @@ -582,11 +584,6 @@ class bind_plugin { 'zonefile_path' => $sec_zonefiles_path.str_replace("/", "_", substr($tmp['origin'], 0, -1)), 'options' => $options ); - - // $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/slave/sec.'.substr($tmp['origin'],0,-1)); - // $app->log("Writing BIND domain file: ".$filename,LOGLEVEL_DEBUG); - - } $tpl_sec = new tpl(); diff --git a/server/plugins-available/cron_jailkit_plugin.inc.php b/server/plugins-available/cron_jailkit_plugin.inc.php index c652f299ebc44dd87c5cc3f1c65f118cdbebb144..f8f6640444103b0c41e13960d912873f22c8e71a 100644 --- a/server/plugins-available/cron_jailkit_plugin.inc.php +++ b/server/plugins-available/cron_jailkit_plugin.inc.php @@ -103,20 +103,6 @@ class cron_jailkit_plugin { if ($data['new']['type'] == "chrooted") { // load the server configuration options - /* - $app->uses("getconf"); - $this->data = $data; - $this->app = $app; - $this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit'); - $this->parent_domain = $parent_domain; - - $this->_setup_jailkit_chroot(); - - //$command .= 'usermod -U '.escapeshellcmd($parent_domain['system_user']); - //exec($command); - - $this->_add_jailkit_user(); - */ $app->uses("getconf"); $this->data = $data; $this->app = $app; @@ -130,8 +116,8 @@ class cron_jailkit_plugin { $this->_add_jailkit_user(); - $command .= 'usermod -U '.escapeshellcmd($parent_domain["system_user"]).' 2>/dev/null'; - exec($command); + $command .= 'usermod -U ? 2>/dev/null'; + $app->system->exec_safe($command, $parent_domain["system_user"]); $this->_update_website_security_level(); @@ -231,14 +217,12 @@ class cron_jailkit_plugin { if (!is_dir($this->parent_domain['document_root'].'/etc/jailkit')) { $command = '/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh'; - $command .= ' '.escapeshellcmd($this->parent_domain['document_root']); - $command .= ' \''.$this->jailkit_config['jailkit_chroot_app_sections'].'\''; - exec($command.' 2>/dev/null'); + $command .= ' ?'; + $command .= ' ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->parent_domain['document_root'], $this->jailkit_config['jailkit_chroot_app_sections']); $this->app->log("Added jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); - //$this->_add_jailkit_programs(); // done later on - $this->app->load('tpl'); $tpl = new tpl(); @@ -248,7 +232,7 @@ class cron_jailkit_plugin { $tpl->setVar('domain', $this->parent_domain['domain']); $tpl->setVar('home_dir', $this->_get_home_dir("")); - $bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc'; + $bashrc = $this->parent_domain['document_root'].'/etc/bash.bashrc'; if(@is_file($bashrc) || @is_link($bashrc)) unlink($bashrc); $app->system->file_put_contents($bashrc, $tpl->grab()); @@ -261,7 +245,7 @@ class cron_jailkit_plugin { $tpl->setVar('domain', $this->parent_domain['domain']); - $motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd'; + $motd = $this->parent_domain['document_root'].'/var/run/motd'; if(@is_file($motd) || @is_link($motd)) unlink($motd); $app->system->file_put_contents($motd, $tpl->grab()); @@ -276,16 +260,16 @@ class cron_jailkit_plugin { //copy over further programs and its libraries $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh'; - $command .= ' '.escapeshellcmd($this->parent_domain['document_root']); - $command .= ' \''.$this->jailkit_config['jailkit_chroot_app_programs'].'\''; - exec($command.' 2>/dev/null'); + $command .= ' ?'; + $command .= ' ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->parent_domain['document_root'], $this->jailkit_config['jailkit_chroot_app_programs']); $this->app->log("Added programs to jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh'; - $command .= ' '.escapeshellcmd($this->parent_domain['document_root']); - $command .= ' \''.$this->jailkit_config['jailkit_chroot_cron_programs'].'\''; - exec($command.' 2>/dev/null'); + $command .= ' ?'; + $command .= ' ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->parent_domain['document_root'], $this->jailkit_config['jailkit_chroot_cron_programs']); $this->app->log("Added cron programs to jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); } @@ -298,30 +282,30 @@ class cron_jailkit_plugin { $jailkit_chroot_userhome = $this->_get_home_dir($this->parent_domain['system_user']); if(!is_dir($this->parent_domain['document_root'].'/etc')) mkdir($this->parent_domain['document_root'].'/etc'); - if(!is_file($this->parent_domain['document_root'].'/etc/passwd')) exec('touch '.$this->parent_domain['document_root'].'/etc/passwd'); + if(!is_file($this->parent_domain['document_root'].'/etc/passwd')) $app->system->exec_safe('touch ?', $this->parent_domain['document_root'].'/etc/passwd'); // IMPORTANT! // ALWAYS create the user. Even if the user was created before // if we check if the user exists, then a update (no shell -> jailkit) will not work // and the user has FULL ACCESS to the root of the server! $command = '/usr/local/ispconfig/server/scripts/create_jailkit_user.sh'; - $command .= ' '.escapeshellcmd($this->parent_domain['system_user']); - $command .= ' '.escapeshellcmd($this->parent_domain['document_root']); - $command .= ' '.$jailkit_chroot_userhome; - $command .= ' '.escapeshellcmd("/bin/bash"); - exec($command.' 2>/dev/null'); + $command .= ' ?'; + $command .= ' ?'; + $command .= ' ?'; + $command .= ' /bin/bash'; + $app->system->exec_safe($command.' 2>/dev/null', $this->parent_domain['system_user'], $this->parent_domain['document_root'], $jailkit_chroot_userhome); $this->app->log("Added jailkit user to chroot with command: ".$command, LOGLEVEL_DEBUG); - $app->system->mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true); - $app->system->chown(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_user'])); - $app->system->chgrp(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_group'])); + $app->system->mkdir($this->parent_domain['document_root'].$jailkit_chroot_userhome, 0755, true); + $app->system->chown($this->parent_domain['document_root'].$jailkit_chroot_userhome, $this->parent_domain['system_user']); + $app->system->chgrp($this->parent_domain['document_root'].$jailkit_chroot_userhome, $this->parent_domain['system_group']); } function _get_home_dir($username) { - return str_replace("[username]", escapeshellcmd($username), $this->jailkit_config["jailkit_chroot_home"]); + return str_replace("[username]", $username, $this->jailkit_config["jailkit_chroot_home"]); } //* Update the website root directory permissions depending on the security level @@ -345,15 +329,5 @@ class cron_jailkit_plugin { } } - //* Wrapper for exec function for easier debugging - private function _exec($command) { - global $app; - $app->log('exec: '.$command, LOGLEVEL_DEBUG); - exec($command); - } - - - } // end class -?> diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php index fb623b9213e436a916ab4c3ebc2ce59efe839417..af4e24d97429faf08e2acea80fb57eb21ab88583 100644 --- a/server/plugins-available/cron_plugin.inc.php +++ b/server/plugins-available/cron_plugin.inc.php @@ -112,15 +112,15 @@ class cron_plugin { // Create group and user, if not exist $app->uses("system"); - $groupname = escapeshellcmd($parent_domain["system_group"]); + $groupname = $parent_domain["system_group"]; if($parent_domain["system_group"] != '' && !$app->system->is_group($parent_domain["system_group"])) { - exec("groupadd $groupname"); + $app->system->exec_safe("groupadd ?", $groupname); $app->log("Adding the group: $groupname", LOGLEVEL_DEBUG); } - $username = escapeshellcmd($parent_domain["system_user"]); + $username = $parent_domain["system_user"]; if($parent_domain["system_user"] != '' && !$app->system->is_user($parent_domain["system_user"])) { - exec("useradd -d ".escapeshellcmd($parent_domain["document_root"])." -g $groupname $username -s /bin/false"); + $app->system->exec_safe("useradd -d ? -g ? ? -s /bin/false", $parent_domain["document_root"], $groupname, $username); $app->log("Adding the user: $username", LOGLEVEL_DEBUG); } @@ -136,19 +136,19 @@ class cron_plugin { } // get the primitive folder for document_root and the filesystem, will need it later. - $df_output=explode(" ", exec("df -T " . escapeshellarg($parent_domain["document_root"]) . "|awk 'END{print \$2,\$NF}'")); + $df_output=explode(" ", $app->system->exec_safe("df -T ?|awk 'END{print \$2,\$NF}'", $parent_domain["document_root"])); $file_system = $df_output[0]; $primitive_root = $df_output[1]; if ( in_array($file_system , array('ext2','ext3','ext4'),true) ) { - exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null'); - exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null'); + $app->system->exec_safe('setquota -u ? ? ? 0 0 -a &> /dev/null', $username, $blocks_soft, $blocks_hard); + $app->system->exec_safe('setquota -T -u ? 604800 604800 -a &> /dev/null', $username); } elseif ($file_system == 'xfs') { - exec("xfs_quota -x -c 'limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username' $primitive_root"); + $app->system->exec_safe("xfs_quota -x -c ? ?", "limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username", $primitive_root); // xfs only supports timers globally, not per user. - exec("xfs_quota -x -c 'timer -bir -i 604800' $primitive_root"); + $app->system->exec_safe("xfs_quota -x -c 'timer -bir -i 604800' ?", $primitive_root); unset($project_uid, $username_position, $xfs_projects); unset($primitive_root, $df_output, $mb_hard, $mb_soft); @@ -164,7 +164,7 @@ class cron_plugin { } // make temp directory writable for the apache and website users - $app->system->chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777); + $app->system->chmod($parent_domain["document_root"].'/tmp', 0777); /** TODO READ CRON MASTER **/ @@ -272,7 +272,7 @@ class cron_plugin { } } - $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_'.$this->parent_domain["system_user"]); + $cron_file = $cron_config["crontab_dir"].'/ispc_'.$this->parent_domain["system_user"]; //TODO : change this when distribution information has been integrated into server record //* Gentoo vixie-cron requires files to end with .cron in the cron.d directory if (file_exists('/etc/gentoo-release')) { @@ -287,7 +287,7 @@ class cron_plugin { $app->log("Deleted Cron file $cron_file", LOGLEVEL_DEBUG); } - $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_chrooted_'.$this->parent_domain["system_user"]); + $cron_file = $cron_config["crontab_dir"].'/ispc_chrooted_'.$this->parent_domain["system_user"]; if($chr_cmd_count > 0) { $app->system->file_put_contents($cron_file, $chr_cron_content); $app->log("Wrote Cron file $cron_file with content:\n$chr_cron_content", LOGLEVEL_DEBUG); diff --git a/server/plugins-available/firewall_plugin.inc.php b/server/plugins-available/firewall_plugin.inc.php index 67ed2379fbbe554b595efceef048c761cbff2667..b924f43a2620a35813aebee9a3bb5a082f99daab 100644 --- a/server/plugins-available/firewall_plugin.inc.php +++ b/server/plugins-available/firewall_plugin.inc.php @@ -145,7 +145,7 @@ class firewall_plugin { //* add tcp ports foreach($tcp_ports_new_array as $port) { if(!in_array($port, $tcp_ports_old_array) && $port > 0) { - exec('ufw allow '.$port.'/tcp'); + $app->system->exec_safe('ufw allow ?', $port.'/tcp'); $app->log('ufw allow '.$port.'/tcp', LOGLEVEL_DEBUG); sleep(1); } @@ -154,7 +154,7 @@ class firewall_plugin { //* remove tcp ports foreach($tcp_ports_old_array as $port) { if(!in_array($port, $tcp_ports_new_array) && $port > 0) { - exec('ufw delete allow '.$port.'/tcp'); + $app->system->exec_safe('ufw delete allow ?', $port.'/tcp'); $app->log('ufw delete allow '.$port.'/tcp', LOGLEVEL_DEBUG); sleep(1); } @@ -163,7 +163,7 @@ class firewall_plugin { //* add udp ports foreach($udp_ports_new_array as $port) { if(!in_array($port, $udp_ports_old_array) && $port > 0) { - exec('ufw allow '.$port.'/udp'); + $app->system->exec_safe('ufw allow ?', $port.'/udp'); $app->log('ufw allow '.$port.'/udp', LOGLEVEL_DEBUG); sleep(1); } @@ -172,32 +172,12 @@ class firewall_plugin { //* remove udp ports foreach($udp_ports_old_array as $port) { if(!in_array($port, $udp_ports_new_array) && $port > 0) { - exec('ufw delete allow '.$port.'/udp'); + $app->system->exec_safe('ufw delete allow ?', $port.'/udp'); $app->log('ufw delete allow '.$port.'/udp', LOGLEVEL_DEBUG); sleep(1); } } - /* - if($tcp_ports_new != $tcp_ports_old) { - exec('ufw allow to any proto tcp port '.$tcp_ports_new); - $app->log('ufw allow to any proto tcp port '.$tcp_ports_new,LOGLEVEL_DEBUG); - if($event_name == 'firewall_update') { - exec('ufw delete allow to any proto tcp port '.$tcp_ports_old); - $app->log('ufw delete allow to any proto tcp port '.$tcp_ports_old,LOGLEVEL_DEBUG); - } - } - - if($udp_ports_new != $udp_ports_old) { - exec('ufw allow to any proto udp port '.$udp_ports_new); - $app->log('ufw allow to any proto udp port '.$udp_ports_new,LOGLEVEL_DEBUG); - if($event_name == 'firewall_update') { - exec('ufw delete allow to any proto udp port '.$udp_ports_old); - $app->log('ufw delete allow to any proto udp port '.$udp_ports_old,LOGLEVEL_DEBUG); - } - } - */ - if($data['new']['active'] == 'y') { if($data['new']['active'] == $data['old']['active']) { exec('ufw reload'); diff --git a/server/plugins-available/getmail_plugin.inc.php b/server/plugins-available/getmail_plugin.inc.php index a4481037f7e4367b3d9e3c90bbb5a850109c7ebe..c3f4f7e1dcd48f210bcf935398f9960cb28fe80f 100644 --- a/server/plugins-available/getmail_plugin.inc.php +++ b/server/plugins-available/getmail_plugin.inc.php @@ -94,7 +94,7 @@ class getmail_plugin { $this->delete($event_name, $data); // Get the new config file path - $config_file_path = escapeshellcmd($this->getmail_config_dir.'/'.$this->_clean_path($data["new"]["source_server"]).'_'.$this->_clean_path($data["new"]["source_username"]).'.conf'); + $config_file_path = $this->getmail_config_dir.'/'.$this->_clean_path($data["new"]["source_server"]).'_'.$this->_clean_path($data["new"]["source_username"]).'.conf'; if(stristr($config_file_path, "..") or stristr($config_file_path, "|") or stristr($config_file_path, ";") or stristr($config_file_path, '$')) { $app->log("Possibly faked path for getmail config file: '$config_file_path'. File is not written.", LOGLEVEL_ERROR); return false; @@ -162,7 +162,7 @@ class getmail_plugin { $getmail_config = $app->getconf->get_server_config($conf["server_id"], 'getmail'); $this->getmail_config_dir = $getmail_config["getmail_config_dir"]; - $config_file_path = escapeshellcmd($this->getmail_config_dir.'/'.$this->_clean_path($data["old"]["source_server"]).'_'.$this->_clean_path($data["old"]["source_username"]).'.conf'); + $config_file_path = $this->getmail_config_dir.'/'.$this->_clean_path($data["old"]["source_server"]).'_'.$this->_clean_path($data["old"]["source_username"]).'.conf'; if(stristr($config_file_path, "..") || stristr($config_file_path, "|") || stristr($config_file_path, ";") || stristr($config_file_path, '$')) { $app->log("Possibly faked path for getmail config file: '$config_file_path'. File is not written.", LOGLEVEL_ERROR); return false; diff --git a/server/plugins-available/mail_plugin.inc.php b/server/plugins-available/mail_plugin.inc.php index 8275696620fbe1612aa78c816f9a9deaf1f11c7d..4d5ac826d3780f4d264f07c0060a9f0ffe13bd56 100644 --- a/server/plugins-available/mail_plugin.inc.php +++ b/server/plugins-available/mail_plugin.inc.php @@ -125,23 +125,22 @@ class mail_plugin { $group = $app->system->getgroup($data['new']['gid']); //* Create the mail domain directory, if it does not exist if(!empty($base_path) && !is_dir($base_path)) { - //exec("su -c 'mkdir -p ".escapeshellcmd($base_path)."' ".$mail_config['mailuser_name']); $app->system->mkdirpath($base_path, 0770, $mail_config['mailuser_name'], $mail_config['mailuser_group']); // needs group-access because users of subfolders may differ from vmail $app->log('Created Directory: '.$base_path, LOGLEVEL_DEBUG); } if ($data['new']['maildir_format'] == 'mdbox') { - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" INBOX'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Sent'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Trash'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Junk'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Drafts'"); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? INBOX'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Sent'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Trash'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Junk'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Drafts'", $data["new"]["email"]); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" INBOX'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Sent'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Trash'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Junk'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Drafts'"); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? INBOX'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Sent'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Trash'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Junk'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Drafts'", $data["new"]["email"]); } else { // Dovecot uses a different mail layout with a separate 'Maildir' subdirectory. @@ -154,53 +153,44 @@ class mail_plugin { //* When the mail user dir exists but it is not a valid maildir, move it to corrupted maildir folder if(!empty($maildomain_path) && is_dir($maildomain_path) && !is_dir($maildomain_path.'/new') && !is_dir($maildomain_path.'/cur')) { if(!is_dir($mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'])) $app->system->mkdirpath($mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'], 0700, $mail_config['mailuser_name'], $mail_config['mailuser_group']); - exec("su -c 'mv -f ".escapeshellcmd($data['new']['maildir'])." ".$mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id']."' vmail"); - $app->log('Moved invalid maildir to corrupted Maildirs folder: '.escapeshellcmd($data['new']['maildir']), LOGLEVEL_WARN); + $app->system->exec_safe("su -c ? vmail", "mv -f " . $data['new']['maildir']." ".$mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id']); + $app->log('Moved invalid maildir to corrupted Maildirs folder: '.$data['new']['maildir'], LOGLEVEL_WARN); } //* Create the maildir, if it doesn not exist, set permissions, set quota. if(!empty($maildomain_path) && !is_dir($maildomain_path)) { - //exec("su -c 'maildirmake ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); $app->system->maildirmake($maildomain_path, $user, '', $group); //* This is to fix the maildrop quota not being rebuilt after the quota is changed. if($mail_config['pop3_imap_daemon'] != 'dovecot') { - if(is_dir($maildomain_path)) exec("su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($maildomain_path)."' ".$user); // Avoid maildirmake quota bug, see debian bug #214911 - $app->log('Created Maildir: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($maildomain_path)."' ".$user, LOGLEVEL_DEBUG); + if(is_dir($maildomain_path)) $app->system->exec_safe("su -c ? ?", "maildirmake -q ".$data['new']['quota']."S ".$maildomain_path, $user); // Avoid maildirmake quota bug, see debian bug #214911 + $app->log('Created Maildir: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".$maildomain_path."' ".$user, LOGLEVEL_DEBUG); } } if(!is_dir($data['new']['maildir'].'/.Sent')) { - //exec("su -c 'maildirmake -f Sent ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Sent: '."su -c 'maildirmake -f Sent ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Sent', $group); } if(!is_dir($data['new']['maildir'].'/.Drafts')) { - //exec("su -c 'maildirmake -f Drafts ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Drafts: '."su -c 'maildirmake -f Drafts ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Drafts', $group); } if(!is_dir($data['new']['maildir'].'/.Trash')) { - //exec("su -c 'maildirmake -f Trash ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Trash: '."su -c 'maildirmake -f Trash ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Trash', $group); } if(!is_dir($data['new']['maildir'].'/.Junk')) { - //exec("su -c 'maildirmake -f Junk ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Junk: '."su -c 'maildirmake -f Junk ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Junk', $group); } // Set permissions now recursive - exec('chown -R '.$user.':'.$group.' '.escapeshellcmd($data['new']['maildir'])); - $app->log('Set ownership on '.escapeshellcmd($data['new']['maildir']), LOGLEVEL_DEBUG); + $app->system->exec_safe('chown -R ?:? ?', $user, $group, $data['new']['maildir']); + $app->log('Set ownership on '.$data['new']['maildir'], LOGLEVEL_DEBUG); //* Set the maildir quota if(is_dir($data['new']['maildir'].'/new') && $mail_config['pop3_imap_daemon'] != 'dovecot') { if($data['new']['quota'] > 0) { - if(is_dir($data['new']['maildir'])) exec("su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($data['new']['maildir'])."' ".$user); - $app->log('Set Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($data['new']['maildir'])."' ".$user, LOGLEVEL_DEBUG); + if(is_dir($data['new']['maildir'])) $app->system->exec_safe("su -c ? ? ", "maildirmake -q ".$data['new']['quota']."S ". $data['new']['maildir'], $user); + $app->log('Set Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".$data['new']['maildir']."' ".$user, LOGLEVEL_DEBUG); } } } @@ -269,19 +259,6 @@ class mail_plugin { $app->uses('getconf,system'); $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail'); - // convert to lower case - it could cause problems if some directory above has upper case name - // $data['new']['maildir'] = strtolower($data['new']['maildir']); - - // Create the maildir, if it does not exist - /* - if(!is_dir($data['new']['maildir'])) { - mkdir(escapeshellcmd($data['new']['maildir']), 0, true); - chown(escapeshellcmd($data['new']['maildir']), $mail_config['mailuser_name']); - chgrp(escapeshellcmd($data['new']['maildir']), $mail_config['mailuser_group']); - $app->log('Created Maildir: '.$data['new']['maildir'],LOGLEVEL_DEBUG); - } - */ - // Maildir-Format must not be changed on this way !! $data['new']['maildir_format'] = $data['old']['maildir_format']; @@ -324,7 +301,6 @@ class mail_plugin { //* Create the mail domain directory, if it does not exist if(!empty($base_path) && !is_dir($base_path)) { - //exec("su -c 'mkdir -p ".escapeshellcmd($base_path)."' ".$mail_config['mailuser_name']); $app->system->mkdirpath($base_path, 0770, $mail_config['mailuser_name'], $mail_config['mailuser_group']); // needs group-access because users of subfolders may differ from vmail $app->log('Created Directory: '.$base_path, LOGLEVEL_DEBUG); } @@ -333,29 +309,26 @@ class mail_plugin { // Move mailbox, if domain has changed and delete old mailbox if($data['new']['maildir'] != $data['old']['maildir'] && is_dir($data['old']['maildir'])) { if(is_dir($data['new']['maildir'])) { - exec("rm -fr ".escapeshellcmd($data['new']['maildir'])); + $app->system->exec_safe("rm -fr ?", $data['new']['maildir']); //rmdir($data['new']['maildir']); } - exec('mv -f '.escapeshellcmd($data['old']['maildir']).' '.escapeshellcmd($data['new']['maildir'])); - // exec('mv -f '.escapeshellcmd($data['old']['maildir']).'/* '.escapeshellcmd($data['new']['maildir'])); - // if(is_file($data['old']['maildir'].'.ispconfig_mailsize'))exec('mv -f '.escapeshellcmd($data['old']['maildir']).'.ispconfig_mailsize '.escapeshellcmd($data['new']['maildir'])); - // rmdir($data['old']['maildir']); + $app->system->exec_safe('mv -f ? ?'. $data['old']['maildir'], $data['new']['maildir']); $app->log('Moved Maildir from: '.$data['old']['maildir'].' to '.$data['new']['maildir'], LOGLEVEL_DEBUG); } //* Create the maildir, if it doesn not exist, set permissions, set quota. if(!is_dir($data['new']['maildir'].'/mdbox')) { - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" INBOX'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Sent'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Trash'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Junk'"); - exec("su -c 'doveadm mailbox create -u \"".$data["new"]["email"]."\" Drafts'"); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? INBOX'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Sent'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Trash'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Junk'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox create -u ? Drafts'", $data["new"]["email"]); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" INBOX'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Sent'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Trash'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Junk'"); - exec("su -c 'doveadm mailbox subscribe -u \"".$data["new"]["email"]."\" Drafts'"); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? INBOX'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Sent'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Trash'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Junk'", $data["new"]["email"]); + $app->system->exec_safe("su -c 'doveadm mailbox subscribe -u ? Drafts'", $data["new"]["email"]); } } else { @@ -369,21 +342,19 @@ class mail_plugin { //* When the mail user dir exists but it is not a valid maildir, move it to corrupted maildir folder if(!empty($maildomain_path) && is_dir($maildomain_path) && !is_dir($maildomain_path.'/new') && !is_dir($maildomain_path.'/cur')) { if(!is_dir($mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'])) $app->system->mkdirpath($mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'], 0700, $mail_config['mailuser_name'], $mail_config['mailuser_group']); - exec("su -c 'mv -f ".escapeshellcmd($data['new']['maildir'])." ".$mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id']."' vmail"); - $app->log('Moved invalid maildir to corrupted Maildirs folder: '.escapeshellcmd($data['new']['maildir']), LOGLEVEL_WARN); + $app->system->exec_safe("su -c ? ?", "mv -f ".$data['new']['maildir']." ".$mail_config['homedir_path'].'/corrupted/'.$data['new']['mailuser_id'], 'vmail'); + $app->log('Moved invalid maildir to corrupted Maildirs folder: '.$data['new']['maildir'], LOGLEVEL_WARN); } //* Create the maildir, if it doesn not exist, set permissions, set quota. if(!empty($maildomain_path) && !is_dir($maildomain_path.'/new')) { - //exec("su -c 'maildirmake ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log("Created Maildir "."su -c 'maildirmake ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, '', $group); //* This is to fix the maildrop quota not being rebuilt after the quota is changed. if($mail_config['pop3_imap_daemon'] != 'dovecot') { if($data['new']['quota'] > 0) { - if(is_dir($maildomain_path)) exec("su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($maildomain_path)."' ".$user); // Avoid maildirmake quota bug, see debian bug #214911 - $app->log('Updated Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($maildomain_path)."' ".$user, LOGLEVEL_DEBUG); + if(is_dir($maildomain_path)) $app->system->exec_safe("su -c ? ?", "maildirmake -q ".$data['new']['quota']."S ".$maildomain_path, $user); // Avoid maildirmake quota bug, see debian bug #214911 + $app->log('Updated Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".$maildomain_path."' ".$user, LOGLEVEL_DEBUG); } else { if(file_exists($data['new']['maildir'].'/maildirsize')) unlink($data['new']['maildir'].'/maildirsize'); $app->log('Set Maildir quota to unlimited.', LOGLEVEL_DEBUG); @@ -392,48 +363,36 @@ class mail_plugin { } if(!is_dir($data['new']['maildir'].'/.Sent')) { - //exec("su -c 'maildirmake -f Sent ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Sent: '."su -c 'maildirmake -f Sent ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Sent', $group); } if(!is_dir($data['new']['maildir'].'/.Drafts')) { - //exec("su -c 'maildirmake -f Drafts ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Drafts: '."su -c 'maildirmake -f Drafts ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Drafts', $group); } if(!is_dir($data['new']['maildir'].'/.Trash')) { - //exec("su -c 'maildirmake -f Trash ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Trash: '."su -c 'maildirmake -f Trash ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Trash', $group); } if(!is_dir($data['new']['maildir'].'/.Junk')) { - //exec("su -c 'maildirmake -f Junk ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name']); - //$app->log('Created submaildir Junk: '."su -c 'maildirmake -f Junk ".escapeshellcmd($maildomain_path)."' ".$mail_config['mailuser_name'],LOGLEVEL_DEBUG); $app->system->maildirmake($maildomain_path, $user, 'Junk', $group); } // Set permissions now recursive - exec('chown -R '.$user.':'.$group.' '.escapeshellcmd($data['new']['maildir'])); - $app->log('Set ownership on '.escapeshellcmd($data['new']['maildir']), LOGLEVEL_DEBUG); + $app->system->exec_safe('chown -R ?:? ?', $user, $group, $data['new']['maildir']); + $app->log('Set ownership on '.$data['new']['maildir'], LOGLEVEL_DEBUG); // Move mailbox, if domain has changed and delete old mailbox if($data['new']['maildir'] != $data['old']['maildir'] && is_dir($data['old']['maildir'])) { if(is_dir($data['new']['maildir'])) { - exec("rm -fr ".escapeshellcmd($data['new']['maildir'])); - //rmdir($data['new']['maildir']); + $app->system->exec_safe("rm -fr ?", $data['new']['maildir']); } - exec('mv -f '.escapeshellcmd($data['old']['maildir']).' '.escapeshellcmd($data['new']['maildir'])); - // exec('mv -f '.escapeshellcmd($data['old']['maildir']).'/* '.escapeshellcmd($data['new']['maildir'])); - // if(is_file($data['old']['maildir'].'.ispconfig_mailsize'))exec('mv -f '.escapeshellcmd($data['old']['maildir']).'.ispconfig_mailsize '.escapeshellcmd($data['new']['maildir'])); - // rmdir($data['old']['maildir']); + $app->system->exec_safe('mv -f ? ?', $data['old']['maildir'], $data['new']['maildir']); $app->log('Moved Maildir from: '.$data['old']['maildir'].' to '.$data['new']['maildir'], LOGLEVEL_DEBUG); } //This is to fix the maildrop quota not being rebuilt after the quota is changed. // Courier Layout if(is_dir($data['new']['maildir'].'/new') && $mail_config['pop3_imap_daemon'] != 'dovecot') { if($data['new']['quota'] > 0) { - if(is_dir($data['new']['maildir'])) exec("su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($data['new']['maildir'])."' ".$user); - $app->log('Updated Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".escapeshellcmd($data['new']['maildir'])."' ".$user, LOGLEVEL_DEBUG); + if(is_dir($data['new']['maildir'])) $app->system->exec_safe("su -c ? ?", "maildirmake -q ".$data['new']['quota']."S ".$data['new']['maildir'], $user); + $app->log('Updated Maildir quota: '."su -c 'maildirmake -q ".$data['new']['quota']."S ".$data['new']['maildir']."' ".$user, LOGLEVEL_DEBUG); } else { if(file_exists($data['new']['maildir'].'/maildirsize')) unlink($data['new']['maildir'].'/maildirsize'); $app->log('Set Maildir quota to unlimited.', LOGLEVEL_DEBUG); @@ -450,9 +409,9 @@ class mail_plugin { $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail'); $maildir_path_deleted = false; - $old_maildir_path = escapeshellcmd($data['old']['maildir']); + $old_maildir_path = $data['old']['maildir']; if($old_maildir_path != $mail_config['homedir_path'] && strlen($old_maildir_path) > strlen($mail_config['homedir_path']) && !stristr($old_maildir_path, '//') && !stristr($old_maildir_path, '..') && !stristr($old_maildir_path, '*') && strlen($old_maildir_path) >= 10) { - exec('rm -rf '.escapeshellcmd($old_maildir_path)); + $app->system->exec_safe('rm -rf ?', $old_maildir_path); $app->log('Deleted the Maildir: '.$data['old']['maildir'], LOGLEVEL_DEBUG); $maildir_path_deleted = true; } else { @@ -474,7 +433,7 @@ class mail_plugin { if (is_array($domain_rec)) { $mail_backup_dir = $backup_dir.'/mail'.$domain_rec['domain_id']; $mail_backup_files = 'mail'.$data['old']['mailuser_id']; - exec(escapeshellcmd('rm -f '.$mail_backup_dir.'/'.$mail_backup_files).'*'); + $app->system->exec_safe('rm -f ?*', $mail_backup_dir.'/'.$mail_backup_files); //* cleanup database $sql = "DELETE FROM mail_backup WHERE server_id = ? AND parent_domain_id = ? AND mailuser_id = ?"; $app->db->query($sql, $conf['server_id'], $domain_rec['domain_id'], $data['old']['mailuser_id']); @@ -494,9 +453,9 @@ class mail_plugin { $maildomain_path_deleted = false; //* Delete maildomain path - $old_maildomain_path = escapeshellcmd($mail_config['homedir_path'].'/'.$data['old']['domain']); + $old_maildomain_path = $mail_config['homedir_path'].'/'.$data['old']['domain']; if($old_maildomain_path != $mail_config['homedir_path'] && !stristr($old_maildomain_path, '//') && !stristr($old_maildomain_path, '..') && !stristr($old_maildomain_path, '*') && !stristr($old_maildomain_path, '&') && strlen($old_maildomain_path) >= 10 && !empty($data['old']['domain'])) { - exec('rm -rf '.escapeshellcmd($old_maildomain_path)); + $app->system->exec_safe('rm -rf ?', $old_maildomain_path); $app->log('Deleted the mail domain directory: '.$old_maildomain_path, LOGLEVEL_DEBUG); $maildomain_path_deleted = true; } else { @@ -504,9 +463,9 @@ class mail_plugin { } //* Delete mailfilter path - $old_maildomain_path = escapeshellcmd($mail_config['homedir_path'].'/mailfilters/'.$data['old']['domain']); + $old_maildomain_path = $mail_config['homedir_path'].'/mailfilters/'.$data['old']['domain']; if($old_maildomain_path != $mail_config['homedir_path'].'/mailfilters/' && !stristr($old_maildomain_path, '//') && !stristr($old_maildomain_path, '..') && !stristr($old_maildomain_path, '*') && !stristr($old_maildomain_path, '&') && strlen($old_maildomain_path) >= 10 && !empty($data['old']['domain'])) { - exec('rm -rf '.escapeshellcmd($old_maildomain_path)); + $app->system->exec_safe('rm -rf ?', $old_maildomain_path); $app->log('Deleted the mail domain mailfilter directory: '.$old_maildomain_path, LOGLEVEL_DEBUG); } else { $app->log('Possible security violation when deleting the mail domain mailfilter directory: '.$old_maildomain_path, LOGLEVEL_ERROR); @@ -521,7 +480,7 @@ class mail_plugin { if( $server_config['backup_dir_is_mount'] == 'y' && !$app->system->mount_backup_dir($backup_dir) ) $mount_backup = false; if($mount_backup){ $mail_backup_dir = $backup_dir.'/mail'.$data['old']['domain_id']; - exec(escapeshellcmd('rm -rf '.$mail_backup_dir)); + $app->system->exec_safe('rm -rf ?', $mail_backup_dir); //* cleanup database $sql = "DELETE FROM mail_backup WHERE server_id = ? AND parent_domain_id = ?"; $app->db->query($sql, $conf['server_id'], $data['old']['domain_id']); diff --git a/server/plugins-available/mail_plugin_dkim.inc.php b/server/plugins-available/mail_plugin_dkim.inc.php index 6f042e9070c0a53be51d99e7f7029a3558e5e332..b54f4f56c76312aba7572c41e099f5a31da0980a 100755 --- a/server/plugins-available/mail_plugin_dkim.inc.php +++ b/server/plugins-available/mail_plugin_dkim.inc.php @@ -192,7 +192,8 @@ class mail_plugin_dkim { $app->log('Saved DKIM Private-key to '.$key_file.'.private', LOGLEVEL_DEBUG); $success=true; /* now we get the DKIM Public-key */ - exec('cat '.escapeshellarg($key_file.'.private').'|openssl rsa -pubout 2> /dev/null', $pubkey, $result); + $app->system->exec_safe('cat ?|openssl rsa -pubout 2> /dev/null', $key_file.'.private'); + $pubkey = $app->system->last_exec_out(); $public_key=''; foreach($pubkey as $values) $public_key=$public_key.$values."\n"; /* save the DKIM Public-key in dkim-dir */ diff --git a/server/plugins-available/mailman_plugin.inc.php b/server/plugins-available/mailman_plugin.inc.php index 99ac9db7d23d8add4c1a0f5d94f447c265e282b9..e6251aedf10637a4891900f3ec2c9e13455660b9 100644 --- a/server/plugins-available/mailman_plugin.inc.php +++ b/server/plugins-available/mailman_plugin.inc.php @@ -73,7 +73,7 @@ class mailman_plugin { $this->update_config(); - $pid = exec("nohup /usr/lib/mailman/bin/newlist -u ".escapeshellcmd($data["new"]["domain"])." -e ".escapeshellcmd($data["new"]["domain"])." ".escapeshellcmd($data["new"]["listname"])." ".escapeshellcmd($data["new"]["email"])." ".escapeshellcmd($data["new"]["password"])." >/dev/null 2>&1 & echo $!;"); + $pid = $app->system->exec_safe("nohup /usr/lib/mailman/bin/newlist -u ? -e ? ? ? ? >/dev/null 2>&1 & echo $!;", $data["new"]["domain"], $data["new"]["domain"], $data["new"]["listname"], $data["new"]["email"], $data["new"]["password"]); // wait for /usr/lib/mailman/bin/newlist-call $running = true; do { @@ -91,7 +91,7 @@ class mailman_plugin { exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); // Fix list URL - exec('/usr/sbin/withlist -l -r fix_url '.escapeshellcmd($data["new"]["listname"])); + $app->system->exec_safe('/usr/sbin/withlist -l -r fix_url ?', $data["new"]["listname"]); $app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ?", $data["new"]['mailinglist_id']); @@ -104,7 +104,7 @@ class mailman_plugin { $this->update_config(); if($data["new"]["password"] != $data["old"]["password"] && $data["new"]["password"] != '') { - exec("nohup /usr/lib/mailman/bin/change_pw -l ".escapeshellcmd($data["new"]["listname"])." -p ".escapeshellcmd($data["new"]["password"])." >/dev/null 2>&1 &"); + $app->system->exec_safe("nohup /usr/lib/mailman/bin/change_pw -l ? -p ? >/dev/null 2>&1 &", $data["new"]["listname"], $data["new"]["password"]); exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); $app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ?", $data["new"]['mailinglist_id']); } @@ -118,7 +118,7 @@ class mailman_plugin { $this->update_config(); - exec("nohup /usr/lib/mailman/bin/rmlist -a ".escapeshellcmd($data["old"]["listname"])." >/dev/null 2>&1 &"); + $app->system->exec_safe("nohup /usr/lib/mailman/bin/rmlist -a ? >/dev/null 2>&1 &", $data["old"]["listname"]); exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &'); diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php index efe7142c8d68e953942839652b98cb90d5665a92..a26129eed96e1b8e9499c61efa7ecb831da5114d 100644 --- a/server/plugins-available/mysql_clientdb_plugin.inc.php +++ b/server/plugins-available/mysql_clientdb_plugin.inc.php @@ -344,15 +344,15 @@ class mysql_clientdb_plugin { $triggers_array[] = $row; } $app->log('Dumping triggers from '.$old_name, LOGLEVEL_DEBUG); - $command = "mysqldump -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".$old_name." -d -t -R -E > ".$timestamp.$old_name.'.triggers'; - exec($command, $out, $ret); + $command = "mysqldump -h ? -u ? -p? ? -d -t -R -E > ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $old_name, $timestamp.$old_name.'.triggers'); + $ret = $app->system->last_exec_retcode(); $app->system->chmod($timestamp.$old_name.'.triggers', 0600); if ($ret != 0) { unset($triggers_array); $app->system->unlink($timestamp.$old_name.'.triggers'); $app->log('Unable to dump triggers from '.$old_name, LOGLEVEL_ERROR); } - unset($out); } //* save views @@ -366,15 +366,15 @@ class mysql_clientdb_plugin { } $app->log('Dumping views from '.$old_name, LOGLEVEL_DEBUG); $temp_views = implode(' ', $temp); - $command = "mysqldump -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".$old_name." ".$temp_views." > ".$timestamp.$old_name.'.views'; - exec($command, $out, $ret); + $command = "mysqldump -h ? -u ? -p? ? ? > ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $old_name, $temp_views, $timestamp.$old_name.'.views'); + $ret = $app->system->last_exec_retcode(); $app->system->chmod($timestamp.$old_name.'.views', 0600); if ($ret != 0) { unset($views_array); $app->system->unlink($timestamp.$old_name.'.views'); $app->log('Unable to dump views from '.$old_name, LOGLEVEL_ERROR); } - unset($out); unset($temp); unset($temp_views); } @@ -405,8 +405,9 @@ class mysql_clientdb_plugin { unset($_trigger); } //* update triggers, routines and events - $command = "mysql -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".$new_name." < ".$timestamp.$old_name.'.triggers'; - exec($command, $out, $ret); + $command = "mysql -h ? -u ? -p? ? < ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $new_name, $timestamp.$old_name.'.triggers'); + $ret = $app->system->last_exec_retcode(); if ($ret != 0) { $app->log('Unable to import triggers for '.$new_name, LOGLEVEL_ERROR); } else { @@ -416,8 +417,9 @@ class mysql_clientdb_plugin { //* loading views if (@is_array($views_array)) { - $command = "mysql -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." ".$new_name." < ".$timestamp.$old_name.'.views'; - exec($command, $out, $ret); + $command = "mysql -h ? -u ? -p? ? < ?"; + $app->system->exec_safe($command, $clientdb_host, $clientdb_user, $clientdb_password, $new_name, $timestamp.$old_name.'.views'); + $ret = $app->system->last_exec_retcode(); if ($ret != 0) { $app->log('Unable to import views for '.$new_name, LOGLEVEL_ERROR); } else { diff --git a/server/plugins-available/network_settings_plugin.inc.php b/server/plugins-available/network_settings_plugin.inc.php index 5ce6f934b810c64148b997690f57fc4263b41f9c..1ed12f3a1c5a87bcc792f64274a332e6dd08b14f 100644 --- a/server/plugins-available/network_settings_plugin.inc.php +++ b/server/plugins-available/network_settings_plugin.inc.php @@ -280,8 +280,8 @@ class network_settings_plugin { //* Executing the postconf commands foreach($postconf_commands as $cmd) { - $command = "postconf -e '$cmd'"; - exec($command); + $command = "postconf -e ?"; + $app->system->exec_safe($command, $cmd); } $app->log('Changed changed myhostname and mydestination in postfix main.cf to '.$new_hostname, LOGLEVEL_DEBUG); diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php index 30f9501505a14f8cbce41c560cece97dbbdb6937..9913299aa57a00858bffcc946e905f6258e35131 100644 --- a/server/plugins-available/nginx_plugin.inc.php +++ b/server/plugins-available/nginx_plugin.inc.php @@ -105,7 +105,6 @@ class nginx_plugin { //* Only vhosts can have a ssl cert if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain" && $data["new"]["type"] != "vhostalias") return; - // if(!is_dir($data['new']['document_root'].'/ssl')) exec('mkdir -p '.$data['new']['document_root'].'/ssl'); if(!is_dir($data['new']['document_root'].'/ssl') && !is_dir($data['old']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl'); $ssl_dir = $data['new']['document_root'].'/ssl'; @@ -170,36 +169,36 @@ class nginx_plugin { $ssl_cnf_file = $ssl_dir.'/openssl.conf'; $app->system->file_put_contents($ssl_cnf_file, $ssl_cnf); - $rand_file = escapeshellcmd($rand_file); - $key_file2 = escapeshellcmd($key_file2); + $rand_file = $rand_file; + $key_file2 = $key_file2; $openssl_cmd_key_file2 = $key_file2; if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') !== false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate - $key_file = escapeshellcmd($key_file); + $key_file = $key_file; $openssl_cmd_key_file = $key_file; if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') !== false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate $ssl_days = 3650; - $csr_file = escapeshellcmd($csr_file); + $csr_file = $csr_file; $openssl_cmd_csr_file = $csr_file; if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') !== false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate - $config_file = escapeshellcmd($ssl_cnf_file); - $crt_file = escapeshellcmd($crt_file); + $config_file = $ssl_cnf_file; + $crt_file = $crt_file; $openssl_cmd_crt_file = $crt_file; if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') !== false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) { - exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $openssl_cmd_key_file2 2048"); - exec("openssl req -new -sha256 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file2 -out $openssl_cmd_csr_file -days $ssl_days -config $config_file"); - exec("openssl rsa -passin pass:$ssl_password -in $openssl_cmd_key_file2 -out $openssl_cmd_key_file"); + $app->system->exec_safe("openssl genrsa -des3 -rand ? -passout pass:? -out ? 2048", $rand_file, $ssl_password, $openssl_cmd_key_file2); + $app->system->exec_safe("openssl req -new -sha256 -passin pass:? -passout pass:? -key ? -out ? -days ? -config ?", $ssl_password, $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_csr_file, $ssl_days, $config_file); + $app->system->exec_safe("openssl rsa -passin pass:? -in ? -out ?", $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_key_file); if(file_exists($web_config['CA_path'].'/openssl.cnf')) { - exec("openssl ca -batch -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file"); + $app->system->exec_safe("openssl ca -batch -out ? -config ? -passin pass:? -in ?", $openssl_cmd_crt_file, $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $openssl_cmd_csr_file); $app->log("Creating CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed. openssl ca -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file", LOGLEVEL_ERROR); }; if (@filesize($crt_file)==0 || !file_exists($crt_file)){ - exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file2 -in $openssl_cmd_csr_file -out $openssl_cmd_crt_file -days $ssl_days -config $config_file "); + $app->system->exec_safe("openssl req -x509 -passin pass:? -passout pass:? -key ? -in ? -out ? -days ? -config ?", $ssl_password, $ssl_password, $openssl_cmd_key_file2, $openssl_cmd_csr_file, $openssl_cmd_crt_file, $ssl_days, $config_file); $app->log("Creating self-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); }; @@ -240,7 +239,8 @@ class nginx_plugin { if($data["new"]["ssl_action"] == 'save') { $tmp = array(); $crt_data = ''; - exec('openssl x509 -noout -text -in '.escapeshellarg($crt_file),$tmp); + $app->system->exec_safe('openssl x509 -noout -text -in ?', $crt_file); + $tmp = $app->system->last_exec_out(); $crt_data = implode("\n",$tmp); if(stristr($crt_data,'.acme.invalid')) { $data["new"]["ssl_action"] = ''; @@ -303,7 +303,7 @@ class nginx_plugin { if($data['new']['ssl_action'] == 'del') { if(file_exists($web_config['CA_path'].'/openssl.cnf') && !is_link($web_config['CA_path'].'/openssl.cnf')) { - exec("openssl ca -batch -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -revoke ".escapeshellcmd($crt_file)); + $app->system->exec_safe("openssl ca -batch -config ? -passin pass:? -revoke ?", $web_config['CA_path']."/openssl.cnf", $web_config['CA_pass'], $crt_file); $app->log("Revoking CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG); }; $app->system->unlink($csr_file); @@ -439,31 +439,31 @@ class nginx_plugin { //* Check if a ispconfigend user and group exists and create them if(!$app->system->is_group('ispconfigend')) { - exec('groupadd --gid '.($connect_userid_to_webid_start + 10000).' ispconfigend'); + $app->system->exec_safe('groupadd --gid ? ispconfigend', $connect_userid_to_webid_start + 10000); } if(!$app->system->is_user('ispconfigend')) { - exec('useradd -g ispconfigend -d /usr/local/ispconfig --uid '.($connect_userid_to_webid_start + 10000).' ispconfigend'); + $app->system->exec_safe('useradd -g ispconfigend -d /usr/local/ispconfig --uid ? ispconfigend', $connect_userid_to_webid_start + 10000); } } else { $fixed_uid_param = ''; $fixed_gid_param = ''; } - $groupname = escapeshellcmd($data['new']['system_group']); + $groupname = $data['new']['system_group']; if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) { - exec('groupadd '.$fixed_gid_param.' '.$groupname); - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname); + $app->system->exec_safe('groupadd ? ?', $fixed_gid_param, $groupname); + if($nginx_chrooted) $app->system->exec_safe('chroot ? groupadd ?', $web_config['website_basedir'], $groupname); $app->log('Adding the group: '.$groupname, LOGLEVEL_DEBUG); } - $username = escapeshellcmd($data['new']['system_user']); + $username = $data['new']['system_user']; if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) { if($web_config['add_web_users_to_sshusers_group'] == 'y') { - exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false"); - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false"); + $app->system->exec_safe('useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username); + if($nginx_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username); } else { - exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false"); - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false"); + $app->system->exec_safe('useradd -d ? -g ? ? ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username); + if($nginx_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username); } $app->log('Adding the user: '.$username, LOGLEVEL_DEBUG); } @@ -486,7 +486,7 @@ class nginx_plugin { if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // create the symlinks, if not exist if(is_link($tmp_symlink)) { - exec('rm -f '.escapeshellcmd($tmp_symlink)); + $app->system->exec_safe('rm -f ?', $tmp_symlink); $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG); } } @@ -510,12 +510,12 @@ class nginx_plugin { } //* Unmount the old log directory bfore we move the log dir - exec('umount '.escapeshellcmd($old_dir.'/log')); + $app->system->exec_safe('umount ?', $old_dir.'/log'); //* Create new base directory, if it does not exist yet if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir); $app->system->web_folder_protection($data['old']['document_root'], false); - exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir)); + $app->system->exec_safe('mv ? ?', $data['old']['document_root'], $new_dir); //$app->system->rename($data['old']['document_root'],$new_dir); $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir, LOGLEVEL_DEBUG); @@ -523,17 +523,17 @@ class nginx_plugin { $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'], $data['new']['document_root'], $data['old']['php_open_basedir']); //* Change the owner of the website files to the new website owner - exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir); + $app->system->exec_safe('chown --recursive --from=?:? ?:? ?', $data['old']['system_user'], $data['old']['system_group'], $data['new']['system_user'], $data['new']['system_group'], $new_dir); //* Change the home directory and group of the website user - $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod'; - $command .= ' --home '.escapeshellcmd($data['new']['document_root']); - $command .= ' --gid '.escapeshellcmd($data['new']['system_group']); - $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null'; - exec($command); + $command = 'killall -u ? ; usermod'; + $command .= ' --home ?'; + $command .= ' --gid ?'; + $command .= ' ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['system_user'], $data['new']['document_root'], $data['new']['system_group'], $data['new']['system_user']); } - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + if($nginx_chrooted) $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); //* Change the log mount /* @@ -555,7 +555,7 @@ class nginx_plugin { $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1); } - exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder)); + $app->system->exec_safe('mount --bind ? ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'], $data['new']['document_root'].'/'.$log_folder); } @@ -567,11 +567,9 @@ class nginx_plugin { if(!is_dir($data['new']['document_root'].'/' . $web_folder)) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder); if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/error') and $data['new']['errordocs']) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/error'); if($data['new']['stats_type'] != '' && !is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/stats'); - //if(!is_dir($data['new']['document_root'].'/'.$log_folder)) exec('mkdir -p '.$data['new']['document_root'].'/'.$log_folder); if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl'); if(!is_dir($data['new']['document_root'].'/cgi-bin')) $app->system->mkdirpath($data['new']['document_root'].'/cgi-bin'); if(!is_dir($data['new']['document_root'].'/tmp')) $app->system->mkdirpath($data['new']['document_root'].'/tmp'); - //if(!is_dir($data['new']['document_root'].'/webdav')) $app->system->mkdirpath($data['new']['document_root'].'/webdav'); if(!is_dir($data['new']['document_root'].'/.ssh')) { $app->system->mkdirpath($data['new']['document_root'].'/.ssh'); @@ -591,7 +589,7 @@ class nginx_plugin { // Remove the symlink for the site, if site is renamed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']); + if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) $app->system->exec_safe('rm -rf ?', '/var/log/ispconfig/httpd/'.$data['old']['domain']); if(is_link($data['old']['document_root'].'/'.$old_log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$old_log_folder); //* remove old log mount @@ -599,19 +597,18 @@ class nginx_plugin { $app->system->removeLine('/etc/fstab', $fstab_line); //* Unmount log directory - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder)); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder)); + $app->system->exec_safe('umount ?', $data['old']['document_root'].'/'.$old_log_folder); } //* Create the log dir if nescessary and mount it if(!is_dir($data['new']['document_root'].'/'.$log_folder) || !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) || is_link($data['new']['document_root'].'/'.$log_folder)) { if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder); - if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']); + if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) $app->system->exec_safe('mkdir -p ?', '/var/log/ispconfig/httpd/'.$data['new']['domain']); $app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder); $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root'); $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, 'root'); $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755); - exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder)); + $app->system->exec_safe('mount --bind ? ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'], $data['new']['document_root'].'/'.$log_folder); //* add mountpoint to fstab $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait'; $fstab_line .= @($web_config['network_filesystem'] == 'y')?',_netdev 0 0':' 0 0'; @@ -636,7 +633,7 @@ class nginx_plugin { if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // remove the symlinks, if not exist if(is_link($tmp_symlink)) { - exec('rm -f '.escapeshellcmd($tmp_symlink)); + $app->system->exec_safe('rm -f ?', $tmp_symlink); $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG); } } @@ -657,11 +654,10 @@ class nginx_plugin { } // create the symlinks, if not exist if(!is_link($tmp_symlink)) { - // exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); if ($web_config["website_symlinks_rel"] == 'y') { - $app->system->create_relative_link(escapeshellcmd($data["new"]["document_root"]), escapeshellcmd($tmp_symlink)); + $app->system->create_relative_link($data["new"]["document_root"], $tmp_symlink); } else { - exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); + $app->system->exec_safe("ln -s ? ?", $data["new"]["document_root"]."/", $tmp_symlink); } $app->log('Creating symlink: ln -s '.$data['new']['document_root'].'/ '.$tmp_symlink, LOGLEVEL_DEBUG); @@ -681,69 +677,65 @@ class nginx_plugin { // Copy the error pages if($data['new']['errordocs']) { - $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/'; - if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/'; + if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) { + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } else { if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) { - exec('cp '. $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path); + $app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path); } else { - exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } } - exec('chmod -R a+r '.$error_page_path); + $app->system->exec_safe('chmod -R a+r ?', $error_page_path); } //* Copy the web skeleton files only when there is no index.ph or index.html file yet if(!file_exists($data['new']['document_root'].'/'.$web_folder.'/index.html') && !file_exists($data['new']['document_root'].'/'.$web_folder.'/index.php')) { - if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2))) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr($conf['language']), 0, 2)) { + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr($conf['language'], 0, 2), $data['new']['document_root'].'/' . $web_folder . '/index.html'); if(is_file($conf['rootpath'] . '/conf-custom/index/favicon.ico')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/favicon.ico')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/favicon.ico', $data['new']['document_root'].'/' . $web_folder . '/'); } if(is_file($conf['rootpath'] . '/conf-custom/index/robots.txt')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/'); } - //if(is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) { - // exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); - //} } else { if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html')) { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf-custom/index/standard_index.html', $data['new']['document_root'].'/' . $web_folder . '/index.html'); } else { - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/index.html')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/standard_index.html_'.substr($conf['language'], 0, 2), $data['new']['document_root'].'/' . $web_folder . '/index.html'); if(is_file($conf['rootpath'] . '/conf/index/favicon.ico')){ - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/favicon.ico')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/favicon.ico', $data['new']['document_root'].'/' . $web_folder . '/'); } if(is_file($conf['rootpath'] . '/conf/index/robots.txt')){ - if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/'); } - //if(is_file($conf['rootpath'] . '/conf/index/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); } } } - exec('chmod -R a+r '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/'); + $app->system->exec_safe('chmod -R a+r ?', $data['new']['document_root'].'/' . $web_folder . '/'); //** Copy the error documents on update when the error document checkbox has been activated and was deactivated before } elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) { - $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/'; - if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/'; + if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) { + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } else { if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) { - exec('cp ' . $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path); + $app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path); } else { - exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path); + $app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path); } } - exec('chmod -R a+r '.$error_page_path); - exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path); + $app->system->exec_safe('chmod -R a+r ?', $error_page_path); + $app->system->exec_safe('chown -R ?:? ?', $data['new']['system_user'], $data['new']['system_group'], $error_page_path); } // end copy error docs // Set the quota for the user, but only for vhosts, not vhostsubdomains or vhostalias @@ -758,39 +750,39 @@ class nginx_plugin { } // get the primitive folder for document_root and the filesystem, will need it later. - $df_output=explode(" ", exec("df -T " . escapeshellarg($data['new']['document_root']) . "|awk 'END{print \$2,\$NF}'")); + $df_output=explode(" ", $app->system->exec_safe("df -T ?|awk 'END{print \$2,\$NF}'", $data['new']['document_root'])); $file_system = $df_output[0]; $primitive_root = $df_output[1]; if($file_system == 'xfs') { - exec("xfs_quota -x -c " . escapeshellarg("limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username) . " " . escapeshellarg($primitive_root)); + $app->system->exec_safe("xfs_quota -x -c ? ?", "limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username, $primitive_root); // xfs only supports timers globally, not per user. - exec("xfs_quota -x -c 'timer -bir -i 604800' " . escapeshellarg($primitive_root)); + $app->system->exec_safe("xfs_quota -x -c 'timer -bir -i 604800' ?", $primitive_root); unset($project_uid, $username_position, $xfs_projects); unset($primitive_root, $df_output, $mb_hard, $mb_soft); } else { if($app->system->is_installed('setquota')) { - exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null'); - exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null'); + $app->system->exec_safe('setquota -u ? ? ? 0 0 -a &> /dev/null', $username, $blocks_soft, $blocks_hard); + $app->system->exec_safe('setquota -T -u ? 604800 604800 -a &> /dev/null', $username); } } } if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) { // Chown and chmod the directories below the document root - $app->system->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder); // The document root itself has to be owned by root in normal level and by the web owner in security level 20 if($web_config['security_level'] == 20) { - $app->system->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder); } else { - $app->system->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder); + $app->system->exec_safe('chown root:root ?', $data['new']['document_root'].'/' . $web_folder); } } //* add the nginx user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update - if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user'])); + if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, $web_config['nginx_user']); //* If the security level is set to high if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost') or ($web_folder != $old_web_folder && $data['new']['type'] == 'vhost')) { @@ -820,18 +812,18 @@ class nginx_plugin { if($web_config['add_web_users_to_sshusers_group'] == 'y') { $command = 'usermod'; $command .= ' --groups sshusers'; - $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null'; - $app->system->_exec($command); + $command .= ' ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['system_user']); } //* if we have a chrooted nginx environment if($nginx_chrooted) { - $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); //* add the nginx user to the client group in the chroot environment $tmp_groupfile = $app->system->server_conf['group_datei']; $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group'; - $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user'])); + $app->system->add_user_to_group($groupname, $web_config['nginx_user']); $app->system->server_conf['group_datei'] = $tmp_groupfile; unset($tmp_groupfile); } @@ -945,7 +937,7 @@ class nginx_plugin { if($data['new']['type'] == 'vhost') { // Change the ownership of the error log to the root user - if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) exec('touch '.escapeshellcmd('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')); + if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) $app->system->exec_safe('touch ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log'); $app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root'); $app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root'); } @@ -1023,14 +1015,14 @@ class nginx_plugin { } if($default_php_fpm){ - $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']); + $pool_dir = $web_config['php_fpm_pool_dir']; } else { $pool_dir = $custom_php_fpm_pool_dir; } $pool_dir = trim($pool_dir); if(substr($pool_dir, -1) != '/') $pool_dir .= '/'; $pool_name = 'web'.$data['new']['domain_id']; - $socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']); + $socket_dir = $web_config['php_fpm_socket_dir']; if(substr($socket_dir, -1) != '/') $socket_dir .= '/'; if($data['new']['php_fpm_use_socket'] == 'y'){ @@ -1814,7 +1806,7 @@ class nginx_plugin { $basic_auth_locations = $this->_create_web_folder_auth_configuration($data['new']); if(is_array($basic_auth_locations) && !empty($basic_auth_locations)) $tpl->setLoop('basic_auth_locations', $basic_auth_locations); - $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_file = $web_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'; //* Make a backup copy of vhost file if(file_exists($vhost_file)) copy($vhost_file, $vhost_file.'~'); @@ -1825,17 +1817,17 @@ class nginx_plugin { //* Set the symlink to enable the vhost //* First we check if there is a old type of symlink and remove it - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) $app->system->unlink($vhost_symlink); //* Remove old or changed symlinks if($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') { - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -1844,9 +1836,9 @@ class nginx_plugin { //* New symlink if($data['new']['subdomain'] == '*') { - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost'; } else { - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost'; } if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) { symlink($vhost_file, $vhost_symlink); @@ -1855,22 +1847,22 @@ class nginx_plugin { // remove old symlink and vhost file, if domain name of the site has changed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)) { $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; $app->system->unlink($vhost_file); $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG); } @@ -2062,14 +2054,10 @@ class nginx_plugin { if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias'){ if(is_array($log_folders) && !empty($log_folders)){ foreach($log_folders as $log_folder){ - //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder)); - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); + $app->system->exec_safe('umount ? 2>/dev/null', $data['old']['document_root'].'/'.$log_folder); } } else { - //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder)); - //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); - exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null'); + $app->system->exec_safe('umount ? 2>/dev/null', $data['old']['document_root'].'/'.$log_folder); } // remove letsencrypt if it exists (renew will always fail otherwise) @@ -2109,19 +2097,19 @@ class nginx_plugin { } else { //* This is a website // Deleting the vhost file, symlink and the data directory - $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost'; if(is_link($vhost_symlink)){ $app->system->unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -2131,11 +2119,11 @@ class nginx_plugin { $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG); if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') { - $docroot = escapeshellcmd($data['old']['document_root']); + $docroot = $data['old']['document_root']; if($docroot != '' && !stristr($docroot, '..')) { if($data['old']['type'] == 'vhost') { // this is a vhost - we delete everything in here. - exec('rm -rf '.$docroot); + $app->system->exec_safe('rm -rf ?', $docroot); } elseif(!stristr($data['old']['web_folder'], '..')) { // this is a vhost subdomain // IMPORTANT: do some folder checks before we delete this! @@ -2185,7 +2173,7 @@ class nginx_plugin { unset($used_paths); } - if($do_delete === true && $delete_folder !== '') exec('rm -rf '.$docroot.'/'.$delete_folder); + if($do_delete === true && $delete_folder !== '') $app->system->exec_safe('rm -rf ?', $docroot.'/'.$delete_folder); unset($delete_folder); unset($path_elements); @@ -2198,12 +2186,12 @@ class nginx_plugin { $fastcgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['fastcgi_starter_path']); if($data['old']['type'] == 'vhost') { if (is_dir($fastcgi_starter_path)) { - exec('rm -rf '.$fastcgi_starter_path); + $app->system->exec_safe('rm -rf ?', $fastcgi_starter_path); } } else { $fcgi_starter_script = $fastcgi_starter_path.$web_config['fastcgi_starter_script'].'_web'.$data['old']['domain_id']; if (file_exists($fcgi_starter_script)) { - exec('rm -f '.$fcgi_starter_script); + $app->system->exec_safe('rm -f ?', $fcgi_starter_script); } } } @@ -2224,12 +2212,12 @@ class nginx_plugin { $cgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['cgi_starter_path']); if($data['old']['type'] == 'vhost') { if (is_dir($cgi_starter_path)) { - exec('rm -rf '.$cgi_starter_path); + $app->system->exec_safe('rm -rf ?', $cgi_starter_path); } } else { $cgi_starter_script = $cgi_starter_path.'php-cgi-starter_web'.$data['old']['domain_id']; if (file_exists($cgi_starter_script)) { - exec('rm -f '.$cgi_starter_script); + $app->system->exec_safe('rm -f ?', $cgi_starter_script); } } } @@ -2258,16 +2246,16 @@ class nginx_plugin { } // Delete the log file directory - $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']); - if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir); + $vhost_logfile_dir = '/var/log/ispconfig/httpd/'.$data['old']['domain']; + if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) $app->system->exec_safe('rm -rf ?', $vhost_logfile_dir); $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG); if($data['old']['type'] == 'vhost') { //delete the web user - $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel'; - $command .= ' '.escapeshellcmd($data['old']['system_user']); - exec($command); - if($nginx_chrooted) $app->system->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command); + $command = 'killall -u ? ; userdel'; + $command .= ' ?'; + $app->system->exec_safe($command, $data['old']['system_user'], $data['old']['system_user']); + if($nginx_chrooted) $app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command); } @@ -2288,7 +2276,7 @@ class nginx_plugin { if($mount_backup){ $web_backup_dir = $backup_dir.'/web'.$data_old['domain_id']; //** do not use rm -rf $web_backup_dir because database(s) may exits - exec(escapeshellcmd('rm -f '.$web_backup_dir.'/web'.$data_old['domain_id'].'_').'*'); + $app->system->exec_safe('rm -f ?*', $web_backup_dir.'/web'.$data_old['domain_id'].'_'); //* cleanup database $sql = "DELETE FROM web_backup WHERE server_id = ? AND parent_domain_id = ? AND filename LIKE ?"; $app->db->query($sql, $conf['server_id'], $data_old['domain_id'], "web".$data_old['domain_id']."_%"); @@ -2338,7 +2326,7 @@ class nginx_plugin { //* Get the folder path. if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1); if(substr($folder['path'], -1) == '/') $folder['path'] = substr($folder['path'], 0, -1); - $folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$folder['path']); + $folder_path = $website['document_root'].'/' . $web_folder . '/'.$folder['path']; if(substr($folder_path, -1) != '/') $folder_path .= '/'; //* Check if the resulting path is inside the docroot @@ -2444,7 +2432,7 @@ class nginx_plugin { if(substr($data['new']['path'], 0, 1) == '/') $data['new']['path'] = substr($data['new']['path'], 1); if(substr($data['new']['path'], -1) == '/') $data['new']['path'] = substr($data['new']['path'], 0, -1); - $new_folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$data['new']['path']); + $new_folder_path = $website['document_root'].'/' . $web_folder . '/'.$data['new']['path']; if(substr($new_folder_path, -1) != '/') $new_folder_path .= '/'; //* Check if the resulting path is inside the docroot @@ -2491,7 +2479,7 @@ class nginx_plugin { //* Create the domain.auth file which is included in the vhost configuration file $app->uses('getconf'); $web_config = $app->getconf->get_server_config($conf['server_id'], 'web'); - $basic_auth_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$website['domain'].'.auth'); + $basic_auth_file = $web_config['nginx_vhost_conf_dir'].'/'.$website['domain'].'.auth'; //$app->load('tpl'); //$tpl = new tpl(); //$tpl->newTemplate('nginx_http_authentication.auth.master'); @@ -2616,9 +2604,9 @@ class nginx_plugin { $content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $content); file_put_contents('/etc/init.d/hhvm_' . $data['new']['system_user'], $content); - exec('chmod +x /etc/init.d/hhvm_' . $data['new']['system_user'] . ' >/dev/null 2>&1'); - exec('/usr/sbin/update-rc.d hhvm_' . $data['new']['system_user'] . ' defaults >/dev/null 2>&1'); - exec('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' restart >/dev/null 2>&1'); + $app->system->exec_safe('chmod +x ? >/dev/null 2>&1', '/etc/init.d/hhvm_' . $data['new']['system_user']); + $app->system->exec_safe('/usr/sbin/update-rc.d ? defaults >/dev/null 2>&1', 'hhvm_' . $data['new']['system_user']); + $app->system->exec_safe('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' restart >/dev/null 2>&1'); if(is_dir('/etc/monit/conf.d')){ $monit_content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $monit_content); @@ -2630,7 +2618,7 @@ class nginx_plugin { } elseif($data['new']['php'] != 'hhvm' && $data['old']['php'] == 'hhvm') { if($data['old']['system_user'] != ''){ exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1'); - exec('/usr/sbin/update-rc.d hhvm_' . $data['old']['system_user'] . ' remove >/dev/null 2>&1'); + $app->system->exec_safe('/usr/sbin/update-rc.d remove >/dev/null 2>&1', 'hhvm_' . $data['old']['system_user']); unlink('/etc/init.d/hhvm_' . $data['old']['system_user']); if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini'); } @@ -2743,7 +2731,7 @@ class nginx_plugin { $tpl->setVar('document_root', $data['new']['document_root']); $tpl->setVar('security_level', $web_config['security_level']); $tpl->setVar('domain', $data['new']['domain']); - $php_open_basedir = ($data['new']['php_open_basedir'] == '')?escapeshellcmd($data['new']['document_root']):escapeshellcmd($data['new']['php_open_basedir']); + $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir']; $tpl->setVar('php_open_basedir', $php_open_basedir); if($php_open_basedir != ''){ $tpl->setVar('enable_php_open_basedir', ''); @@ -2830,7 +2818,7 @@ class nginx_plugin { unset($tpl); // delete pool in all other PHP versions - $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir'])); + $default_pool_dir = trim($web_config['php_fpm_pool_dir']); if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/'; if($default_pool_dir != $pool_dir){ if ( @is_file($default_pool_dir.$pool_name.'.conf') ) { @@ -2875,7 +2863,7 @@ class nginx_plugin { } if($default_php_fpm){ - $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']); + $pool_dir = $web_config['php_fpm_pool_dir']; } else { $pool_dir = $custom_php_fpm_pool_dir; } @@ -2890,7 +2878,7 @@ class nginx_plugin { } // delete pool in all other PHP versions - $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir'])); + $default_pool_dir = trim($web_config['php_fpm_pool_dir']); if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/'; if($default_pool_dir != $pool_dir){ if ( @is_file($default_pool_dir.$pool_name.'.conf') ) { @@ -3093,7 +3081,7 @@ class nginx_plugin { } if($app->system->is_group('client'.$client_id)){ - $app->system->_exec('groupdel client'.$client_id); + $app->system->exec_safe('groupdel ?', 'client'.$client_id); $app->log('Removed group client'.$client_id, LOGLEVEL_DEBUG); } } diff --git a/server/plugins-available/nginx_reverseproxy_plugin.inc.php b/server/plugins-available/nginx_reverseproxy_plugin.inc.php index b5881dbf240886b5cc6127847a84f1e2dfa954de..1013042254ba2a2c63980394e6dc964021beb1f8 100644 --- a/server/plugins-available/nginx_reverseproxy_plugin.inc.php +++ b/server/plugins-available/nginx_reverseproxy_plugin.inc.php @@ -176,7 +176,7 @@ class nginx_reverseproxy_plugin { } - $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'; //* Make a backup copy of vhost file copy($vhost_file, $vhost_file.'~'); @@ -187,7 +187,7 @@ class nginx_reverseproxy_plugin { // Set the symlink to enable the vhost - $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'); + $vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'; if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) { symlink($vhost_file, $vhost_symlink); $app->log('Creating symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); @@ -199,18 +199,18 @@ class nginx_reverseproxy_plugin { $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } - if(!is_dir('/var/log/ispconfig/nginx/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/nginx/'.$data['new']['domain']); + if(!is_dir('/var/log/ispconfig/nginx/'.$data['new']['domain'])) $app->system->exec_safe('mkdir -p ?', '/var/log/ispconfig/nginx/'.$data['new']['domain']); // remove old symlink and vhost file, if domain name of the site has changed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { - $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); - $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; unlink($vhost_file); $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG); - if(is_dir('/var/log/ispconfig/nginx/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/nginx/'.$data['old']['domain']); + if(is_dir('/var/log/ispconfig/nginx/'.$data['old']['domain'])) $app->system->exec_safe('rm -rf ?', '/var/log/ispconfig/nginx/'.$data['old']['domain']); } // request a httpd reload when all records have been processed @@ -232,7 +232,7 @@ class nginx_reverseproxy_plugin { function ssl($event_name, $data) { global $app, $conf; - if(!is_dir($conf['nginx']['config_dir'].'/ssl')) exec('mkdir -p '.$conf['nginx']['config_dir'].'/ssl'); + if(!is_dir($conf['nginx']['config_dir'].'/ssl')) $app->system->exec_safe('mkdir -p ?', $conf['nginx']['config_dir'].'/ssl'); $ssl_dir = $conf['nginx']['config_dir'].'/ssl'; $domain = $data['new']['ssl_domain']; $key_file = $ssl_dir.'/'.$domain.'.key.org'; @@ -250,7 +250,7 @@ class nginx_reverseproxy_plugin { //$csr_file = $ssl_dir.'/'.$domain.".csr"; //$crt_file = $ssl_dir.'/'.$domain.".crt"; //$bundle_file = $ssl_dir.'/'.$domain.".bundle"; - $this->_exec('rsync -v -e ssh root@'.$web['ip_address'].':~/$src_ssl_dir '.$ssl_dir); + $app->system->exec_safe('rsync -v -e ssh root@?:? ?', $web['ip_address'], '~/'.$src_ssl_dir, $ssl_dir); $app->log('Syncing SSL Cert for: '.$domain, LOGLEVEL_DEBUG); } @@ -284,31 +284,24 @@ class nginx_reverseproxy_plugin { //* This is a website // Deleting the vhost file, symlink and the data directory - $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'; unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); - $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); + $vhost_file = $nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'; unlink($vhost_file); $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG); // Delete the log file directory - $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/nginx/'.$data['old']['domain']); - if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir); + $vhost_logfile_dir = '/var/log/ispconfig/nginx/'.$data['old']['domain']; + if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) $app->system->exec_safe('rm -rf ?', $vhost_logfile_dir); $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG); } } - //* Wrapper for exec function for easier debugging - private function _exec($command) { - global $app; - $app->log('exec: '.$command, LOGLEVEL_DEBUG); - exec($command); - } - function rewrite_insert($event_name, $data) { global $app, $conf; @@ -329,7 +322,7 @@ class nginx_reverseproxy_plugin { $tpl->newTemplate("nginx_reverseproxy_rewrites.conf.master"); if (!empty($rules))$tpl->setLoop('nginx_rewrite_rules', $rules); - $rewrites_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/default.rewrites.conf'); + $rewrites_file = $nginx_config['nginx_vhost_conf_dir'].'/default.rewrites.conf'; //* Make a backup copy of vhost file copy($rewrites_file, $rewrites_file.'~'); @@ -340,7 +333,7 @@ class nginx_reverseproxy_plugin { // Set the symlink to enable the vhost - $rewrite_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/default.rewrites.conf'); + $rewrite_symlink = $nginx_config['nginx_vhost_conf_enabled_dir'].'/default.rewrites.conf'; if(!is_link($rewrite_symlink)) { symlink($rewrites_file, $rewrite_symlink); diff --git a/server/plugins-available/openvz_plugin.inc.php b/server/plugins-available/openvz_plugin.inc.php index 5cc4bf6522aaf1a64ab8d375b96ed8b6f89de18a..f17edb7b8c1882844b26eb6afb147eba9416075f 100644 --- a/server/plugins-available/openvz_plugin.inc.php +++ b/server/plugins-available/openvz_plugin.inc.php @@ -86,11 +86,11 @@ class openvz_plugin { } $tmp = $app->db->queryOneRecord("SELECT template_file FROM openvz_ostemplate WHERE ostemplate_id = ?", $data['new']['ostemplate_id']); - $ostemplate = escapeshellcmd($tmp['template_file']); + $ostemplate = $tmp['template_file']; unset($tmp); //* Create the virtual machine - exec("vzctl create $veid --ostemplate $ostemplate"); + $app->system->exec_safe("vzctl create ? --ostemplate ?", $veid, $ostemplate); $app->log("Create OpenVZ VM: vzctl create $veid --ostemplate $ostemplate", LOGLEVEL_DEBUG); //* Write the configuration of the VM @@ -103,7 +103,7 @@ class openvz_plugin { } //* Set the root password in the virtual machine - exec("vzctl set $veid --userpasswd root:".escapeshellcmd($data['new']['vm_password'])); + $app->system->exec_safe("vzctl set ? --userpasswd root:?", $veid, $data['new']['vm_password']); } @@ -123,7 +123,7 @@ class openvz_plugin { //* new diskspace for ploop-containers requieres "vzctl set" if($data['new']['diskspace'] != $data['old']['diskspace']) { - exec("vzctl set ".$veid." --diskspace ".$data['new']['diskspace']."G --save"); + escapeshell("vzctl set ? --diskspace ? --save", $veid, $data['new']['diskspace']."G"); } //* Apply config changes to the VM @@ -140,7 +140,7 @@ class openvz_plugin { //* Set the root password in the virtual machine if($data['new']['vm_password'] != $data['old']['vm_password']) { - exec("vzctl set $veid --userpasswd root:".escapeshellcmd($data['new']['vm_password'])); + $app->system->exec_safe("vzctl set ? --userpasswd root:?", $veid, $data['new']['vm_password']); } @@ -193,12 +193,12 @@ class openvz_plugin { $parts = explode(':', $data); $veid = intval($parts[0]); $template_cache_dir = '/vz/template/cache/'; - $template_name = escapeshellcmd($parts[1]); + $template_name = $parts[1]; if($veid > 0 && $template_name != '' && is_dir($template_cache_dir)) { - $command = "vzdump --suspend --compress --stdexcludes --dumpdir $template_cache_dir $veid"; - exec($command); - exec("mv ".$template_cache_dir."vzdump-openvz-".$veid."*.tgz ".$template_cache_dir.$template_name.".tar.gz"); - exec("rm -f ".$template_cache_dir."vzdump-openvz-".$veid."*.log"); + $command = "vzdump --suspend --compress --stdexcludes --dumpdir ? ?"; + $app->system->exec_safe($command, $template_cache_dir, $veid); + $app->system->exec_safe("mv ?*.tgz ?", $template_cache_dir."vzdump-openvz-".$veid, $template_cache_dir.$template_name.".tar.gz"); + $app->system->exec_safe("rm -f ?*.log", $template_cache_dir."vzdump-openvz-".$veid); } $app->log("Created OpenVZ OStemplate $template_name from VM $veid", LOGLEVEL_DEBUG); return 'ok'; diff --git a/server/plugins-available/postfix_server_plugin.inc.php b/server/plugins-available/postfix_server_plugin.inc.php index 2b0b1ba67b584f9e640e6a5a26e22e2aeee1adf8..569959b84f59c5b495912179789624487eaa5147 100644 --- a/server/plugins-available/postfix_server_plugin.inc.php +++ b/server/plugins-available/postfix_server_plugin.inc.php @@ -99,7 +99,7 @@ class postfix_server_plugin { exec("postconf -e 'smtp_sasl_auth_enable = no'"); } - exec("postconf -e 'relayhost = ".$mail_config['relayhost']."'"); + $app->system->exec_safe("postconf -e ?", 'relayhost = '.$mail_config['relayhost']); file_put_contents('/etc/postfix/sasl_passwd', $content); chmod('/etc/postfix/sasl_passwd', 0600); chown('/etc/postfix/sasl_passwd', 'root'); @@ -138,7 +138,7 @@ class postfix_server_plugin { if($value != '') $new_options[] = "reject_rbl_client ".$value; } } - exec("postconf -e 'smtpd_recipient_restrictions = ".implode(", ", $new_options)."'"); + $app->system->exec_safe("postconf -e ?", 'smtpd_recipient_restrictions = '.implode(", ", $new_options)); exec('postfix reload'); } @@ -157,7 +157,7 @@ class postfix_server_plugin { while (isset($new_options[$i]) && substr($new_options[$i], 0, 19) == 'check_sender_access') ++$i; array_splice($new_options, $i, 0, array('reject_authenticated_sender_login_mismatch')); } - exec("postconf -e 'smtpd_sender_restrictions = ".implode(", ", $new_options)."'"); + $app->system->exec_safe("postconf -e ?", 'smtpd_sender_restrictions = '.implode(", ", $new_options)); exec('postfix reload'); } @@ -182,9 +182,9 @@ class postfix_server_plugin { } } - exec("postconf -e 'mailbox_size_limit = ".intval($mail_config['mailbox_size_limit']*1024*1024)."'"); //TODO : no reload? - exec("postconf -e 'message_size_limit = ".intval($mail_config['message_size_limit']*1024*1024)."'"); //TODO : no reload? - + exec("postconf -e 'mailbox_size_limit = ".intval($mail_config['mailbox_size_limit']*1024*1024)."'"); + exec("postconf -e 'message_size_limit = ".intval($mail_config['message_size_limit']*1024*1024)."'"); + exec('postfix reload'); } diff --git a/server/plugins-available/powerdns_plugin.inc.php b/server/plugins-available/powerdns_plugin.inc.php index 1ecdfaf50174825e6817631434b8c6c287cda9de..2e44e014d5c518247c32d16a677d8abf7fdb735a 100644 --- a/server/plugins-available/powerdns_plugin.inc.php +++ b/server/plugins-available/powerdns_plugin.inc.php @@ -448,16 +448,20 @@ class powerdns_plugin { } function notifySlave($data) { + global $app; + $pdns_control = $this->find_pdns_control(); if ( $pdns_control != false ) { - exec($pdns_control . ' notify ' . rtrim($data["new"]["origin"],".")); + $app->system->exec_safe($pdns_control . ' notify ?', rtrim($data["new"]["origin"],".")); } } function fetchFromMaster($data) { + global $app; + $pdns_control = $this->find_pdns_control(); if ( $pdns_control != false ) { - exec($pdns_control . ' retrieve ' . rtrim($data["new"]["origin"],".")); + $app->system->exec_safe($pdns_control . ' retrieve ?', rtrim($data["new"]["origin"],".")); } } @@ -693,11 +697,11 @@ class powerdns_plugin { if ( $pdns_pdnssec != false ) { if (isset($data["new"]["origin"])) { //* data has origin field only for SOA recordtypes - exec($pdns_pdnssec . ' rectify-zone ' . rtrim($data["new"]["origin"],".")); + $app->system->exec_safe($pdns_pdnssec . ' rectify-zone ?', rtrim($data["new"]["origin"],".")); } else { // get origin from DB for all other recordtypes $zn = $app->db->queryOneRecord("SELECT d.name AS name FROM powerdns.domains d, powerdns.records r WHERE r.ispconfig_id=? AND r.domain_id = d.id", $data["new"]["id"]); - exec($pdns_pdnssec . ' rectify-zone ' . trim($zn["name"])); + $app->system->exec_safe($pdns_pdnssec . ' rectify-zone ?', trim($zn["name"])); } } } diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php index 9c4568901deef3e73b8051929ca94247070e6fd2..90e3293ad7e1838358a62229278c5aa684fa50fc 100755 --- a/server/plugins-available/shelluser_base_plugin.inc.php +++ b/server/plugins-available/shelluser_base_plugin.inc.php @@ -115,34 +115,28 @@ class shelluser_base_plugin { // Create home base directory if it does not exist if(!is_dir($data['new']['dir'].'/home')){ - $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0755'); + $app->file->mkdirs($data['new']['dir'].'/home', '0755'); } // Change ownership of home base dir to root user - $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),'root'); - $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),'root'); - $app->system->chmod(escapeshellcmd($data['new']['dir'].'/home'),0755); + $app->system->chown($data['new']['dir'].'/home','root'); + $app->system->chgrp($data['new']['dir'].'/home','root'); + $app->system->chmod($data['new']['dir'].'/home',0755); if(!is_dir($homedir)){ - $app->file->mkdirs(escapeshellcmd($homedir), '0750'); - $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']),false); - $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']),false); + $app->file->mkdirs($homedir, '0750'); + $app->system->chown($homedir,$data['new']['puser'],false); + $app->system->chgrp($homedir,$data['new']['pgroup'],false); } - $command = 'useradd'; - $command .= ' -d '.escapeshellcmd($homedir); - $command .= ' -g '.escapeshellcmd($data['new']['pgroup']); - $command .= ' -o '; // non unique - if($data['new']['password'] != '') $command .= ' -p '.escapeshellcmd($data['new']['password']); - $command .= ' -s '.escapeshellcmd($data['new']['shell']); - $command .= ' -u '.escapeshellcmd($uid); - $command .= ' '.escapeshellcmd($data['new']['username']); - - exec($command); + $command = 'useradd -d ? -g ? -o ?'; // non unique + if($data['new']['password'] != '') $command .= ' -p ?'; + $command .= ' -s ? -u ? ?'; + $app->system->exec_safe($command, $homedir, $data['new']['pgroup'], $data['new']['password'], $data['new']['shell'], $uid, $data['new']['username']); $app->log("Executed command: ".$command, LOGLEVEL_DEBUG); $app->log("Added shelluser: ".$data['new']['username'], LOGLEVEL_DEBUG); - $app->system->chown(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['username']),false); - $app->system->chgrp(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['pgroup']),false); + $app->system->chown($data['new']['dir'],$data['new']['username'],false); + $app->system->chgrp($data['new']['dir'],$data['new']['pgroup'],false); // call the ssh-rsa update function @@ -152,21 +146,21 @@ class shelluser_base_plugin { $this->_setup_ssh_rsa(); //* Create .bash_history file - $app->system->touch(escapeshellcmd($homedir).'/.bash_history'); - $app->system->chmod(escapeshellcmd($homedir).'/.bash_history', 0750); - $app->system->chown(escapeshellcmd($homedir).'/.bash_history', $data['new']['username']); - $app->system->chgrp(escapeshellcmd($homedir).'/.bash_history', $data['new']['pgroup']); + $app->system->touch($homedir.'/.bash_history'); + $app->system->chmod($homedir.'/.bash_history', 0750); + $app->system->chown($homedir.'/.bash_history', $data['new']['username']); + $app->system->chgrp($homedir.'/.bash_history', $data['new']['pgroup']); //* Create .profile file - $app->system->touch(escapeshellcmd($homedir).'/.profile'); - $app->system->chmod(escapeshellcmd($homedir).'/.profile', 0644); - $app->system->chown(escapeshellcmd($homedir).'/.profile', $data['new']['username']); - $app->system->chgrp(escapeshellcmd($homedir).'/.profile', $data['new']['pgroup']); + $app->system->touch($homedir.'/.profile'); + $app->system->chmod($homedir.'/.profile', 0644); + $app->system->chown($homedir.'/.profile', $data['new']['username']); + $app->system->chgrp($homedir.'/.profile', $data['new']['pgroup']); //* Disable shell user temporarily if we use jailkit if($data['new']['chroot'] == 'jailkit') { - $command = 'usermod -s /bin/false -L '.escapeshellcmd($data['new']['username']).' 2>/dev/null'; - exec($command); + $command = 'usermod -s /bin/false -L ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['username']); $app->log("Disabling shelluser temporarily: ".$command, LOGLEVEL_DEBUG); } @@ -233,55 +227,32 @@ class shelluser_base_plugin { if($app->system->is_user($data['old']['username'])) { //* Remove webfolder protection $app->system->web_folder_protection($web['document_root'], false); - - /* - $command = 'usermod'; - $command .= ' --home '.escapeshellcmd($data['new']['dir']); - $command .= ' --gid '.escapeshellcmd($data['new']['pgroup']); - // $command .= ' --non-unique '; - $command .= ' --password '.escapeshellcmd($data['new']['password']); - if($data['new']['chroot'] != 'jailkit') $command .= ' --shell '.escapeshellcmd($data['new']['shell']); - // $command .= ' --uid '.escapeshellcmd($uid); - $command .= ' --login '.escapeshellcmd($data['new']['username']); - $command .= ' '.escapeshellcmd($data['old']['username']); - - exec($command); - $app->log("Executed command: $command ",LOGLEVEL_DEBUG); - */ - //$groupinfo = $app->system->posix_getgrnam($data['new']['pgroup']); + if($homedir != $homedir_old){ $app->system->web_folder_protection($web['document_root'], false); // Rename dir, in case the new directory exists already. if(is_dir($homedir)) { $app->log("New Homedir exists, renaming it to ".$homedir.'_bak', LOGLEVEL_DEBUG); - $app->system->rename(escapeshellcmd($homedir),escapeshellcmd($homedir.'_bak')); + $app->system->rename($homedir,$homedir.'_bak'); } - /*if(!is_dir($data['new']['dir'].'/home')){ - $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750'); - $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser'])); - $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup'])); - } - $app->file->mkdirs(escapeshellcmd($homedir), '0755'); - $app->system->chown(escapeshellcmd($homedir),'root'); - $app->system->chgrp(escapeshellcmd($homedir),'root');*/ // Move old directory to new path - $app->system->rename(escapeshellcmd($homedir_old),escapeshellcmd($homedir)); - $app->file->mkdirs(escapeshellcmd($homedir), '0750'); - $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser'])); - $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup'])); + $app->system->rename($homedir_old,$homedir); + $app->file->mkdirs($homedir, '0750'); + $app->system->chown($homedir,$data['new']['puser']); + $app->system->chgrp($homedir,$data['new']['pgroup']); $app->system->web_folder_protection($web['document_root'], true); } else { if(!is_dir($homedir)){ $app->system->web_folder_protection($web['document_root'], false); if(!is_dir($data['new']['dir'].'/home')){ - $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0755'); - $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),'root'); - $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),'root'); + $app->file->mkdirs($data['new']['dir'].'/home', '0755'); + $app->system->chown($data['new']['dir'].'/home','root'); + $app->system->chgrp($data['new']['dir'].'/home','root'); } - $app->file->mkdirs(escapeshellcmd($homedir), '0750'); - $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser'])); - $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup'])); + $app->file->mkdirs($homedir, '0750'); + $app->system->chown($homedir,$data['new']['puser']); + $app->system->chgrp($homedir,$data['new']['pgroup']); $app->system->web_folder_protection($web['document_root'], true); } } @@ -296,18 +267,18 @@ class shelluser_base_plugin { //* Create .bash_history file if(!is_file($data['new']['dir']).'/.bash_history') { - $app->system->touch(escapeshellcmd($homedir).'/.bash_history'); - $app->system->chmod(escapeshellcmd($homedir).'/.bash_history', 0750); - $app->system->chown(escapeshellcmd($homedir).'/.bash_history', escapeshellcmd($data['new']['username'])); - $app->system->chgrp(escapeshellcmd($homedir).'/.bash_history', escapeshellcmd($data['new']['pgroup'])); + $app->system->touch($homedir.'/.bash_history'); + $app->system->chmod($homedir.'/.bash_history', 0750); + $app->system->chown($homedir.'/.bash_history', $data['new']['username']); + $app->system->chgrp($homedir.'/.bash_history', $data['new']['pgroup']); } //* Create .profile file if(!is_file($data['new']['dir']).'/.profile') { - $app->system->touch(escapeshellcmd($homedir).'/.profile'); - $app->system->chmod(escapeshellcmd($homedir).'/.profile', 0644); - $app->system->chown(escapeshellcmd($homedir).'/.profile', escapeshellcmd($data['new']['username'])); - $app->system->chgrp(escapeshellcmd($homedir).'/.profile', escapeshellcmd($data['new']['pgroup'])); + $app->system->touch($homedir.'/.profile'); + $app->system->chmod($homedir.'/.profile', 0644); + $app->system->chown($homedir.'/.profile', $data['new']['username']); + $app->system->chgrp($homedir.'/.profile', $data['new']['pgroup']); } //* Add webfolder protection again @@ -362,7 +333,7 @@ class shelluser_base_plugin { if(is_file($homedir . $delfile) && fileowner($homedir . $delfile) == $userid) unlink($homedir . $delfile); } foreach($dirs as $deldir) { - if(is_dir($homedir . $deldir) && fileowner($homedir . $deldir) == $userid) exec('rm -rf ' . escapeshellarg($homedir . $deldir)); + if(is_dir($homedir . $deldir) && fileowner($homedir . $deldir) == $userid) $app->system->exec_safe('rm -rf ?', $homedir . $deldir); } $empty = true; $dirres = opendir($homedir); @@ -401,9 +372,8 @@ class shelluser_base_plugin { $app->services->restartService('php-fpm', 'stop:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']); } } - $command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; userdel -f'; - $command .= ' '.escapeshellcmd($data['old']['username']).' &> /dev/null'; - exec($command); + $command = 'killall -u ? ; userdel -f ? &> /dev/null'; + $app->system->exec_safe($command, $data['old']['username'], $data['old']['username']); $app->log("Deleted shelluser: ".$data['old']['username'], LOGLEVEL_DEBUG); // start PHP-FPM again if($web['php'] == 'php-fpm'){ @@ -447,12 +417,10 @@ class shelluser_base_plugin { } } $sshrsa = trim($sshrsa); - $usrdir = escapeshellcmd($this->data['new']['dir']); + $usrdir = $this->data['new']['dir']; //* Home directory of the new shell user - if($this->data['new']['chroot'] == 'jailkit') { - $usrdir = escapeshellcmd($this->data['new']['dir']); - } else { - $usrdir = escapeshellcmd($this->data['new']['dir'].'/home/'.$this->data['new']['username']); + if($this->data['new']['chroot'] != 'jailkit') { + $usrdir = $this->data['new']['dir'].'/home/'.$this->data['new']['username']; } $sshdir = $usrdir.'/.ssh'; $sshkeys= $usrdir.'/.ssh/authorized_keys'; @@ -528,8 +496,8 @@ class shelluser_base_plugin { $this->app->log("ssh-rsa key updated in ".$sshkeys, LOGLEVEL_DEBUG); // set proper file permissions - exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$sshdir); - exec("chmod 600 '$sshkeys'"); + $app->system->exec_safe("chown -R ?:? ?", $this->data['new']['puser'], $this->data['new']['pgroup'], $sshdir); + $app->system->exec_safe("chmod 600 ?", $sshkeys); } diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php index c7112c497a1b2355d4d13fd298383a3b899630e9..1f3a08facee5f408488ae1ac7f74f1edfaa276c5 100755 --- a/server/plugins-available/shelluser_jailkit_plugin.inc.php +++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php @@ -121,13 +121,11 @@ class shelluser_jailkit_plugin { //* call the ssh-rsa update function $this->_setup_ssh_rsa(); - //$command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']); - //exec($command); $app->system->usermod($data['new']['username'], 0, 0, '', '/usr/sbin/jk_chrootsh', '', ''); //* Unlock user - $command = 'usermod -U '.escapeshellcmd($data['new']['username']).' 2>/dev/null'; - exec($command); + $command = 'usermod -U ? 2>/dev/null'; + $app->system->exec_safe($command, $data['new']['username']); $this->_update_website_security_level(); $app->system->web_folder_protection($web['document_root'], true); @@ -242,15 +240,12 @@ class shelluser_jailkit_plugin { $jailkit_chroot_userhome = $this->_get_home_dir($data['old']['username']); - //commented out proved to be dangerous on config errors - //exec('rm -rf '.$data['old']['dir'].$jailkit_chroot_userhome); - $app->system->web_folder_protection($web['document_root'], false); $userid = intval($app->system->getuid($data['old']['username'])); - $command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; '; - $command .= 'userdel -f '.escapeshellcmd($data['old']['username']).' &> /dev/null'; - exec($command); + $command = 'killall -u ? ; '; + $command .= 'userdel -f ? &> /dev/null'; + $app->system->exec_safe($command, $data['old']['username'], $data['old']['username']); // Remove the jailed user from passwd and shadow file inside the jail $app->system->removeLine($data['old']['dir'].'/etc/passwd', $data['old']['username']); @@ -278,10 +273,8 @@ class shelluser_jailkit_plugin { //check if the chroot environment is created yet if not create it with a list of program sections from the config if (!is_dir($this->data['new']['dir'].'/etc/jailkit')) { - $command = '/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh'; - $command .= ' '.escapeshellcmd($this->data['new']['dir']); - $command .= ' \''.$this->jailkit_config['jailkit_chroot_app_sections'].'\''; - exec($command.' 2>/dev/null'); + $command = '/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh ? ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->data['new']['dir'], $this->jailkit_config['jailkit_chroot_app_sections']); $this->app->log("Added jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); @@ -300,7 +293,7 @@ class shelluser_jailkit_plugin { $tpl->setVar('domain', $web['domain']); $tpl->setVar('home_dir', $this->_get_home_dir("")); - $bashrc = escapeshellcmd($this->data['new']['dir']).'/etc/bash.bashrc'; + $bashrc = $this->data['new']['dir'].'/etc/bash.bashrc'; if(@is_file($bashrc) || @is_link($bashrc)) unlink($bashrc); file_put_contents($bashrc, $tpl->grab()); @@ -313,7 +306,7 @@ class shelluser_jailkit_plugin { $tpl->setVar('domain', $web['domain']); - $motd = escapeshellcmd($this->data['new']['dir']).'/var/run/motd'; + $motd = $this->data['new']['dir'].'/var/run/motd'; if(@is_file($motd) || @is_link($motd)) unlink($motd); $app->system->file_put_contents($motd, $tpl->grab()); @@ -323,16 +316,15 @@ class shelluser_jailkit_plugin { function _add_jailkit_programs() { + global $app; $jailkit_chroot_app_programs = preg_split("/[\s,]+/", $this->jailkit_config['jailkit_chroot_app_programs']); if(is_array($jailkit_chroot_app_programs) && !empty($jailkit_chroot_app_programs)){ foreach($jailkit_chroot_app_programs as $jailkit_chroot_app_program){ $jailkit_chroot_app_program = trim($jailkit_chroot_app_program); if(is_file($jailkit_chroot_app_program) || is_dir($jailkit_chroot_app_program)){ //copy over further programs and its libraries - $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh'; - $command .= ' '.escapeshellcmd($this->data['new']['dir']); - $command .= ' '.$jailkit_chroot_app_program; - exec($command.' 2>/dev/null'); + $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh ? ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->data['new']['dir'], $jailkit_chroot_app_program); $this->app->log("Added programs to jailkit chroot with command: ".$command, LOGLEVEL_DEBUG); } @@ -342,7 +334,7 @@ class shelluser_jailkit_plugin { function _get_home_dir($username) { - return str_replace("[username]", escapeshellcmd($username), $this->jailkit_config['jailkit_chroot_home']); + return str_replace("[username]", $username, $this->jailkit_config['jailkit_chroot_home']); } function _add_jailkit_user() @@ -365,36 +357,8 @@ class shelluser_jailkit_plugin { // ALWAYS create the user. Even if the user was created before // if we check if the user exists, then a update (no shell -> jailkit) will not work // and the user has FULL ACCESS to the root of the server! - $command = '/usr/local/ispconfig/server/scripts/create_jailkit_user.sh'; - $command .= ' '.escapeshellcmd($this->data['new']['username']); - $command .= ' '.escapeshellcmd($this->data['new']['dir']); - $command .= ' '.$jailkit_chroot_userhome; - $command .= ' '.escapeshellcmd($this->data['new']['shell']); - $command .= ' '.$this->data['new']['puser']; - $command .= ' '.$jailkit_chroot_puserhome; - exec($command.' 2>/dev/null'); - - //* Change the homedir of the shell user and parent user - //* We have to do this manually as the usermod command fails - //* when the user is logged in or a command is running under that user - /* - $passwd_file_array = file('/etc/passwd'); - $passwd_out = ''; - if(is_array($passwd_file_array)) { - foreach($passwd_file_array as $line) { - $line = trim($line); - $parts = explode(':',$line); - if($parts[0] == $this->data['new']['username']) { - $parts[5] = escapeshellcmd($this->data['new']['dir'].'/.'.$jailkit_chroot_userhome); - $parts[6] = escapeshellcmd('/usr/sbin/jk_chrootsh'); - $new_line = implode(':',$parts); - copy('/etc/passwd','/etc/passwd~'); - chmod('/etc/passwd~',0600); - $app->uses('system'); - $app->system->replaceLine('/etc/passwd',$line,$new_line,1,0); - } - } - }*/ + $command = '/usr/local/ispconfig/server/scripts/create_jailkit_user.sh ? ? ? ? ? ?'; + $app->system->exec_safe($command.' 2>/dev/null', $this->data['new']['username'], $this->data['new']['dir'], $jailkit_chroot_userhome, $this->data['new']['shell'], $this->data['new']['puser'], $jailkit_chroot_puserhome); $shell = '/usr/sbin/jk_chrootsh'; if($this->data['new']['active'] != 'y') $shell = '/bin/false'; @@ -406,19 +370,19 @@ class shelluser_jailkit_plugin { if(!is_dir($this->data['new']['dir'].$jailkit_chroot_userhome)) { if(is_dir($this->data['old']['dir'].$jailkit_chroot_userhome_old)) { - $app->system->rename(escapeshellcmd($this->data['old']['dir'].$jailkit_chroot_userhome_old),escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome)); + $app->system->rename($this->data['old']['dir'].$jailkit_chroot_userhome_old,$this->data['new']['dir'].$jailkit_chroot_userhome); } else { - mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), 0750, true); + mkdir($this->data['new']['dir'].$jailkit_chroot_userhome, 0750, true); } } - $app->system->chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['username']); - $app->system->chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['pgroup']); + $app->system->chown($this->data['new']['dir'].$jailkit_chroot_userhome, $this->data['new']['username']); + $app->system->chgrp($this->data['new']['dir'].$jailkit_chroot_userhome, $this->data['new']['pgroup']); $this->app->log("Added created jailkit user home in : ".$this->data['new']['dir'].$jailkit_chroot_userhome, LOGLEVEL_DEBUG); - if(!is_dir($this->data['new']['dir'].$jailkit_chroot_puserhome)) mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), 0750, true); - $app->system->chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['puser']); - $app->system->chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['pgroup']); + if(!is_dir($this->data['new']['dir'].$jailkit_chroot_puserhome)) mkdir($this->data['new']['dir'].$jailkit_chroot_puserhome, 0750, true); + $app->system->chown($this->data['new']['dir'].$jailkit_chroot_puserhome, $this->data['new']['puser']); + $app->system->chgrp($this->data['new']['dir'].$jailkit_chroot_puserhome, $this->data['new']['pgroup']); $this->app->log("Added jailkit parent user home in : ".$this->data['new']['dir'].$jailkit_chroot_puserhome, LOGLEVEL_DEBUG); @@ -447,13 +411,6 @@ class shelluser_jailkit_plugin { } - //* Wrapper for exec function for easier debugging - private function _exec($command) { - global $app; - $app->log('exec: '.$command, LOGLEVEL_DEBUG); - exec($command); - } - private function _setup_ssh_rsa() { global $app; $this->app->log("ssh-rsa setup shelluser_jailkit", LOGLEVEL_DEBUG); @@ -469,7 +426,7 @@ class shelluser_jailkit_plugin { // ssh-rsa authentication variables $sshrsa = $this->data['new']['ssh_rsa']; - $usrdir = escapeshellcmd($this->data['new']['dir']).'/'.$this->_get_home_dir($this->data['new']['username']); + $usrdir = $this->data['new']['dir'].'/'.$this->_get_home_dir($this->data['new']['username']); $sshdir = $usrdir.'/.ssh'; $sshkeys= $usrdir.'/.ssh/authorized_keys'; @@ -545,9 +502,9 @@ class shelluser_jailkit_plugin { $this->app->log("ssh-rsa key updated in ".$sshkeys, LOGLEVEL_DEBUG); // set proper file permissions - exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$sshdir); - exec("chmod 700 ".$sshdir); - exec("chmod 600 '$sshkeys'"); + $app->system->exec_safe("chown -R ?:? ?", $this->data['new']['puser'], $this->data['new']['pgroup'], $sshdir); + $app->system->exec_safe("chmod 700 ?", $sshdir); + $app->system->exec_safe("chmod 600 ?", $sshkeys); } @@ -569,7 +526,7 @@ class shelluser_jailkit_plugin { if(is_file($homedir . $delfile) && fileowner($homedir . $delfile) == $userid) unlink($homedir . $delfile); } foreach($dirs as $deldir) { - if(is_dir($homedir . $deldir) && fileowner($homedir . $deldir) == $userid) exec('rm -rf ' . escapeshellarg($homedir . $deldir)); + if(is_dir($homedir . $deldir) && fileowner($homedir . $deldir) == $userid) $app->system->exec_safe('rm -rf ?', $homedir . $deldir); } $empty = true; $dirres = opendir($homedir); diff --git a/server/plugins-available/software_update_plugin.inc.php b/server/plugins-available/software_update_plugin.inc.php index 587bd4f09a610c3ec496e1fa1edffe1e17e76b94..2626d1e75695bcefb79605ed7ae77e211a1755dd 100644 --- a/server/plugins-available/software_update_plugin.inc.php +++ b/server/plugins-available/software_update_plugin.inc.php @@ -111,11 +111,12 @@ class software_update_plugin { $software_update["update_url"] = str_replace('{key}', $software_package['package_key'], $software_update["update_url"]); //* Download the update package - $cmd = "cd $temp_dir && wget ".$software_update["update_url"]; if($installuser == '') { - exec($cmd); + $cmd = "cd ? && wget ?"; + $app->system->exec_safe($cmd, $temp_dir, $software_update["update_url"]); } else { - exec("su -c ".escapeshellarg($cmd)." $installuser"); + $cmd = "cd $temp_dir && wget ".$software_update["update_url"]; + $app->system->exec_safe("su -c ? ?", $cmd, $installuser); } $app->log("Downloading the update file from: ".$software_update["update_url"], LOGLEVEL_DEBUG); @@ -135,7 +136,7 @@ class software_update_plugin { if($update_filename == '') { $app->log("No package file found. Download failed? Installation aborted.", LOGLEVEL_WARN); - exec("rm -rf $temp_dir"); + $app->system->exec_safe("rm -rf ?", $temp_dir); $app->log("Deleting the temp directory $temp_dir", LOGLEVEL_DEBUG); $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); return false; @@ -148,7 +149,7 @@ class software_update_plugin { //* Checking the md5sum if(md5_file($temp_dir.'/'.$update_filename) != $software_update["update_md5"]) { $app->log("The md5 sum of the downloaded file is incorrect. Update aborted.", LOGLEVEL_WARN); - exec("rm -rf $temp_dir"); + $app->system->exec_safe("rm -rf ", $temp_dir); $app->log("Deleting the temp directory $temp_dir", LOGLEVEL_DEBUG); $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); return false; @@ -158,11 +159,13 @@ class software_update_plugin { //* unpacking the update - $cmd = "cd $temp_dir && unzip $update_filename"; + if($installuser == '') { - exec($cmd); + $cmd = "cd ? && unzip ?"; + $app->system->exec_safe($cmd, $temp_dir, $update_filename); } else { - exec("su -c ".escapeshellarg($cmd)." $installuser"); + $cmd = "cd $temp_dir && unzip $update_filename"; + $app->system->exec_safe("su -c ? ?", $cmd, $installuser); } //* Create a database, if the package requires one @@ -181,7 +184,7 @@ class software_update_plugin { $db_config['database_password'] != '' && $db_config['database_name'] != '' && $db_config['database_host'] != '') { - system("mysql --default-character-set=utf8 --force -h '".$db_config['database_host']."' -u '".$db_config['database_user']."' ".$db_config['database_name']." < ".escapeshellcmd($temp_dir.'/setup.sql')); + $app->system->exec_safe("mysql --default-character-set=utf8 --force -h ? -u ? ? < ?", $db_config['database_host'], $db_config['database_user'], $db_config['database_name'], $temp_dir.'/setup.sql'); $app->log("Loading setup.sql dump into the app db.", LOGLEVEL_DEBUG); } } @@ -196,13 +199,15 @@ class software_update_plugin { if(is_file($temp_dir.'/setup.sh')) { // Execute the setup script - exec('chmod +x '.$temp_dir.'/setup.sh'); + $app->system->exec_safe('chmod +x ?', $temp_dir.'/setup.sh'); $app->log("Executing setup.sh file in directory $temp_dir", LOGLEVEL_DEBUG); - $cmd = 'cd '.$temp_dir.' && ./setup.sh > package_install.log'; + if($installuser == '') { - exec($cmd); + $cmd = 'cd ? && ./setup.sh > package_install.log'; + $app->system->exec_safe($cmd, $temp_dir); } else { - exec("su -c ".escapeshellarg($cmd)." $installuser"); + $cmd = 'cd '.$temp_dir.' && ./setup.sh > package_install.log'; + $app->system->exec_safe("su -c ? ?", $cmd, $installuser); } $log_data = @file_get_contents("{$temp_dir}/package_install.log"); @@ -223,7 +228,7 @@ class software_update_plugin { $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); } - if($temp_dir != '' && $temp_dir != '/') exec("rm -rf $temp_dir"); + if($temp_dir != '' && $temp_dir != '/') $app->system->exec_safe("rm -rf ?", $temp_dir); $app->log("Deleting the temp directory $temp_dir", LOGLEVEL_DEBUG); } diff --git a/server/plugins-available/xmpp_plugin.inc.php b/server/plugins-available/xmpp_plugin.inc.php index 128a88ebb47e76d9ce51dc1b05f578fc15a9ab2b..c680e62f0ed5e51f5ccf7b634b8321984942d808 100644 --- a/server/plugins-available/xmpp_plugin.inc.php +++ b/server/plugins-available/xmpp_plugin.inc.php @@ -240,8 +240,8 @@ class xmpp_plugin { $app->system->unlink("/etc/metronome/certs/$domain.csr"); // Remove all stored data var_dump('rm -rf /var/lib/metronome/'.$folder); - exec('rm -rf /var/lib/metronome/'.$folder); - exec('rm -rf /var/lib/metronome/*%2e'.$folder); + $app->system->exec_safe('rm -rf ?', '/var/lib/metronome/'.$folder); + $app->system->exec_safe('rm -rf ?*?', '/var/lib/metronome/', '%2e'.$folder); $app->services->restartServiceDelayed('metronome', 'reload'); } @@ -264,7 +264,7 @@ class xmpp_plugin { // Don't allow manual user deletion for mailaccount controlled domains // Remove account from metronome - exec('metronomectl deluser '.$data['old']['jid']); + $app->system->exec_safe('metronomectl deluser ?', $data['old']['jid']); } // Handle the creation of SSL certificates @@ -311,9 +311,9 @@ class xmpp_plugin { $app->system->file_put_contents($cnf_file, $tpl->grab()); // Generate new key, csr and cert - exec("(cd /etc/metronome/certs && make $domain.key)"); - exec("(cd /etc/metronome/certs && make $domain.csr)"); - exec("(cd /etc/metronome/certs && make $domain.cert)"); + $app->system->exec_safe("(cd /etc/metronome/certs && make ?)", "$domain.key"); + $app->system->exec_safe("(cd /etc/metronome/certs && make ?)", "$domain.csr"); + $app->system->exec_safe("(cd /etc/metronome/certs && make ?)", "$domain.cert"); $ssl_key = $app->system->file_get_contents($key_file); $app->system->chmod($key_file, 0400);