ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2024-01-30T15:17:51Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5158Ugly validation errors adding databases and database users2024-01-30T15:17:51ZChris GrahamUgly validation errors adding databases and database usersThis is a trivial issue, but impacts on ISPConfig's polish. If you leave the fields blank and click add, you'll see repeated errors (or effectively repeated), and all under the same number '1'.
![Screen_Shot_2018-10-18_at_10.06.13_AM](/...This is a trivial issue, but impacts on ISPConfig's polish. If you leave the fields blank and click add, you'll see repeated errors (or effectively repeated), and all under the same number '1'.
![Screen_Shot_2018-10-18_at_10.06.13_AM](/uploads/d4e2ce4ebe750e561e836be53bf772b1/Screen_Shot_2018-10-18_at_10.06.13_AM.png)![Screen_Shot_2018-10-18_at_10.06.27_AM](/uploads/aef5907090d9030e55fb7fb6d5f0293c/Screen_Shot_2018-10-18_at_10.06.27_AM.png)3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6613DNS zone filters did not work2024-01-26T14:03:44ZMassimilianoDNS zone filters did not work## Summary
DNS Zones (records view) filters did not work, the page will refresh but the records are not filtered.
## Steps to reproduce
1. Go to DNS > Zones and select a zone
2. Filter a record by using the search function below the hea...## Summary
DNS Zones (records view) filters did not work, the page will refresh but the records are not filtered.
## Steps to reproduce
1. Go to DNS > Zones and select a zone
2. Filter a record by using the search function below the headers and click on the glass (or push enter) button
## Correct behaviour
Only filtered record will be shown.
## Environment
Server OS + version: Debian 12.2
ISPConfig version: 3.2.11p1
Software version of the related software:
```
**Apache**
Server version: Apache/2.4.57 (Debian)
Server built: 2023-04-13T03:26:51
**PHP**
PHP 8.2.7 (cli) (built: Jun 9 2023 19:37:27) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.7, Copyright (c) Zend Technologies
with Zend OPcache v8.2.7, Copyright (c), by Zend Technologies
```3.2.12ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6631E-Mail address with comma in recipient name2024-01-23T16:54:53Zteuto.netE-Mail address with comma in recipient name## Summary
<!-- What is happening and what is wrong with that? -->
## Steps to reproduce
1. Create a user with "," in there name
2. Try to send a email to that user, for example with "Password reset"
The E-Mail to header will split at ...## Summary
<!-- What is happening and what is wrong with that? -->
## Steps to reproduce
1. Create a user with "," in there name
2. Try to send a email to that user, for example with "Password reset"
The E-Mail to header will split at each comma. The email is submitted to the user but also many other addresses.
## Correct behaviour
<!-- What should happen instead? -->
Send an email to the user with correct recipient.
## Environment
Ubuntu 20.04 with postfix and a relay for email transmission.
## Proposed fix
I will create a merge request3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6629PHP warning in bind_plugin.inc.php on line 4052024-01-18T06:52:59ZHelmoPHP warning in bind_plugin.inc.php on line 405I noticed this one in the logs while updating a dns zone:
\`PHP Warning: Trying to access array offset on value of type null in /usr/local/ispconfig/server/plugins-available/bind_plugin.inc.php on line 405\`I noticed this one in the logs while updating a dns zone:
\`PHP Warning: Trying to access array offset on value of type null in /usr/local/ispconfig/server/plugins-available/bind_plugin.inc.php on line 405\`HelmoHelmohttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6595PHP Deprecated (with php 8.1) in letsencrypt.inc.php2023-12-03T20:49:53ZHannesPHP Deprecated (with php 8.1) in letsencrypt.inc.phpUbuntu 22.04/PHP 8.1.24 (cli)/ISPConfig 3.2.11
If certbot is used then server.php shows (php8.1)
```plaintext
PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /usr/local/ispconfig/serv...Ubuntu 22.04/PHP 8.1.24 (cli)/ISPConfig 3.2.11
If certbot is used then server.php shows (php8.1)
```plaintext
PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /usr/local/ispconfig/server/lib/classes/letsencrypt.inc.php on line 47
PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /usr/local/ispconfig/server/lib/classes/letsencrypt.inc.php on line 471
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6596Improve input value checks in language editor2023-12-03T19:05:00ZTill BrehmImprove input value checks in language editorA PHP code injection vulnerability has been found in the ISPConfig language editor by Egidio Romano from Karma(In)Security. Thanks a lot for reporting this issue! The vulnerability requires that the attacker is correctly logged in as the...A PHP code injection vulnerability has been found in the ISPConfig language editor by Egidio Romano from Karma(In)Security. Thanks a lot for reporting this issue! The vulnerability requires that the attacker is correctly logged in as the 'admin' user (the account with superadmin privilege) in ISPConfig, so an attacker must know the administrator password. Not affected are logins from Clients, Resellers, or Email users and also not logins from additionally created admin users.
Also not affected are systems where the language editor is disabled. The language editor can be disabled by setting:
```
admin_allow_langedit=no
```
in the file /usr/local/ispconfig/security/security_settings.ini.3.2.11p1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6599Issue in ajax_get_json.php when $dkim_strength = 02023-12-03T19:04:30ZTill BrehmIssue in ajax_get_json.php when $dkim_strength = 0Reported by M Roji:
I found some bug, that make my script not working properly.
The bug is the code in file /usr/local/ispconfig/interface/web/mail/ajax_get_json.php
```
$dkim_strength = $app->functions->intval($mail_config['dkim_stre...Reported by M Roji:
I found some bug, that make my script not working properly.
The bug is the code in file /usr/local/ispconfig/interface/web/mail/ajax_get_json.php
```
$dkim_strength = $app->functions->intval($mail_config['dkim_strength']);
if ($dkim_strength=='') $dkim_strength = 2048;
```
The right way is
```
$dkim_strength = $app->functions->intval($mail_config['dkim_strength']);
if ($dkim_strength==0) $dkim_strength = 2048;3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6584DNS - any not allowed in also_notify [bind restart fail]2023-12-03T19:00:50ZHannesDNS - any not allowed in also_notify [bind restart fail]## Summary
"any" not allowed in also_notify \[bind restart fail\]
## Steps to reproduce
1. type "any" into DNS-\>some Zone-\> Zone settings -\> Also Notify Field
2. try to restart bind (will fail) with
```plaintext
02-Oct-2023 09:...## Summary
"any" not allowed in also_notify \[bind restart fail\]
## Steps to reproduce
1. type "any" into DNS-\>some Zone-\> Zone settings -\> Also Notify Field
2. try to restart bind (will fail) with
```plaintext
02-Oct-2023 09:34:39.046 config: error: /etc/bind/named.conf.local:4: unable to find primaries list 'any'\
02-Oct-2023 09:34:39.046 general: error: reloading configuration failed: failure
```
## Correct behaviour
Disallow value "any" in field also-notify ("any" in xfer is ok)
## Environment
Ubuntu 22.04 - ISPConfig 2.3.11
```plaintext
Output of the command
```
## Proposed fix
optional, of course.\\
Maybe change the check or write other function for also_notify
```plaintext
Index: interface/lib/classes/validate_dns.inc.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/interface/lib/classes/validate_dns.inc.php b/interface/lib/classes/validate_dns.inc.php
--- a/interface/lib/classes/validate_dns.inc.php
+++ b/interface/lib/classes/validate_dns.inc.php (date 1696240257952)
@@ -292,7 +292,7 @@
if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
if($validator['allowempty'] == 'y' && $field_value == '') {
//* Do nothing
- } elseif ($field_value == 'any' && $field_name != ) {
+ } elseif ($field_value == 'any' && $field_name != "also_notify") {
//* Do nothing
} else {
//* Check if its a IPv4 or IPv6 address/range
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6606Wrong german translation in $wb['sender_cc_note_txt'] (de_mail_user.lng)2023-12-03T19:00:17ZHannesWrong german translation in $wb['sender_cc_note_txt'] (de_mail_user.lng)Englisch: $wb\['sender_cc_note_txt'\] = '(One email address only)';
Actual German: $wb\['sender_cc_note_txt'\] = '(Mehrere E-Mail-Adressen mit Kommas trennen)';
Correct German: $wb\['sender_cc_note_txt'\] = '(Nur eine E-Mail-Adresse)';Englisch: $wb\['sender_cc_note_txt'\] = '(One email address only)';
Actual German: $wb\['sender_cc_note_txt'\] = '(Mehrere E-Mail-Adressen mit Kommas trennen)';
Correct German: $wb\['sender_cc_note_txt'\] = '(Nur eine E-Mail-Adresse)';3.2.12HannesHanneshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6607Can't use autoinstall.ini update feature if conf-custom files used.2023-11-20T07:06:05ZDorian LWSCan't use autoinstall.ini update feature if conf-custom files used.Hello,
The auto update feature works well but i've edited some files in server/conf-custom directory and the now, the updater ask me this :
Do you want to rename these conf-custom templates now so the default templates are used? (yes,n...Hello,
The auto update feature works well but i've edited some files in server/conf-custom directory and the now, the updater ask me this :
Do you want to rename these conf-custom templates now so the default templates are used? (yes,no) [no]
I notice that there is no options to auto answer to that question. Do you have a workaround solution please ?3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6597Typo in tform_base.inc.php2023-10-28T15:35:49ZThomTypo in tform_base.inc.phpIn the file interface/lib/classes/tform_base.inc.php there is a bug at line 1190, the ip_address index of the $sql_v6 table is not surrounded by quotes, it therefore passes for a non-existent variable and causes a warning as well as an i...In the file interface/lib/classes/tform_base.inc.php there is a bug at line 1190, the ip_address index of the $sql_v6 table is not surrounded by quotes, it therefore passes for a non-existent variable and causes a warning as well as an incomplete display of the error.
https://forum.howtoforge.com/threads/bug-in-interface-lib-classes-tform_base-inc-php.91338/3.2.12ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6330Rescue core module for apache seems to be broken2023-10-21T15:52:19ZTill BrehmRescue core module for apache seems to be brokenDebug information:
```
root@server1:~# /usr/local/ispconfig/server/server.sh
08.04.2022-09:20 - WARNING - httpd is down! Try rescue httpd (try:1)...
08.04.2022-09:20 - WARNING - Invalid init command action stop
sh: -c: line 0: syntax er...Debug information:
```
root@server1:~# /usr/local/ispconfig/server/server.sh
08.04.2022-09:20 - WARNING - httpd is down! Try rescue httpd (try:1)...
08.04.2022-09:20 - WARNING - Invalid init command action stop
sh: -c: line 0: syntax error near unexpected token `&&'
sh: -c: line 0: ` && (sleep 3; kill $!; sleep 2; kill -9 $!) &> /dev/null'
08.04.2022-09:20 - WARNING - Invalid init command action start
PHP Warning: exec(): Cannot execute a blank command in /usr/local/ispconfig/server/mods-available/rescue_core_module.inc.php on line 478
08.04.2022-09:20 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
08.04.2022-09:20 - DEBUG [server:217] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished server.php.
```
This seems to happen only when no other actions were processed by server.sh.3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6590Add start and stop options to _getinitcommand function2023-10-21T09:29:22ZTill BrehmAdd start and stop options to _getinitcommand functionAdd start and stop options to _getinitcommand function.
https://forum.howtoforge.com/threads/rescue-mode-not-work.88787/#post-450662Add start and stop options to _getinitcommand function.
https://forum.howtoforge.com/threads/rescue-mode-not-work.88787/#post-450662https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6589CAA record for subdomain 'none' is added when auto subdomain is set to none2023-10-14T10:19:58ZTill BrehmCAA record for subdomain 'none' is added when auto subdomain is set to noneCAA record for subdomain 'none' is added when auto subdomain option of the website is set to none.CAA record for subdomain 'none' is added when auto subdomain option of the website is set to none.3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6585PHP Warning: Undefined array key "ip" in /tmp/update_runner.sh.MQXkxglcyo/in...2023-10-03T12:07:45ZTill BrehmPHP Warning: Undefined array key "ip" in /tmp/update_runner.sh.MQXkxglcyo/install/lib/installer_base.lib.php on line 2995PHP Warning: Undefined array key "ip" in /tmp/update_runner.sh.MQXkxglcyo/install/lib/installer_base.lib.php on line 2995PHP Warning: Undefined array key "ip" in /tmp/update_runner.sh.MQXkxglcyo/install/lib/installer_base.lib.php on line 29953.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1813Reseller's Mail Quota Limit ignored when creating customers2023-10-03T12:07:45ZMarkus PetzschReseller's Mail Quota Limit ignored when creating customersWhen the admin user creates a reseller with a fixed Mail Quota limit and that reseller creates a client he can assign a mail quota of -1 giving that client the possibility to bypass the mail quota limit for the reseller.
Expected beha...When the admin user creates a reseller with a fixed Mail Quota limit and that reseller creates a client he can assign a mail quota of -1 giving that client the possibility to bypass the mail quota limit for the reseller.
Expected behaivior: When creating a customer, check (max_allowed_quota = reseller_allowed_quota - reseller_mailboxes_allocated_quota - reseller_allocated_existing_client_quota)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6581PHP-FPM reload mode "restart" ignored when using Nginx webserver2023-09-28T19:18:18ZManoa RatefiarisonPHP-FPM reload mode "restart" ignored when using Nginx webserver## Summary
When using Nginx as webserver, the PHP-FPM reload mode is totally ignored. No matters you put reload or restart, ISPConfig always reload PHP-FPM.
## Steps to reproduce
1. Install ISPConfig with Nginx
2. Install additional PHP...## Summary
When using Nginx as webserver, the PHP-FPM reload mode is totally ignored. No matters you put reload or restart, ISPConfig always reload PHP-FPM.
## Steps to reproduce
1. Install ISPConfig with Nginx
2. Install additional PHP version
3. Enable debug mode and set PHP-FPM reload mode to "restart"
4. Create/edit site with PHP-FPM enabled and choose a version
5. Look at logs
## Correct behaviour
ISPConfig should restart PHP-FPM instead of reload if this is specified like this in the configuration.
## Environment
Server OS + version: Debian 11.1
ISPConfig version: 3.2.11
Software version of the related software:
```
root@server:~# nginx -v
nginx version: nginx/1.18.0
root@server:~# php8.1 -v
PHP 8.1.0 (cli) (built: Nov 25 2021 20:48:52) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.0, Copyright (c) Zend Technologies
with Zend OPcache v8.1.0, Copyright (c), by Zend Technologies
```
(This is the PHP 8.1 from deb.sury.org repository)
## Proposed fix
The problem is on `nginx_plugin.inc.php` line 3054, the reload mode is hardcoded to "reload":
```
$app->services->restartService('php-fpm', 'reload:'.$php_version['php_fpm_init_script']);
```
Instead of hardcoding like this, we can reuse the code on `apache2_plugin.inc.php` to get the reload mode and use it properly:
```
$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
$php_fpm_reload_mode = ($web_config['php_fpm_reload_mode'] == 'reload')?'reload':'restart';
$app->services->restartService('php-fpm', $php_fpm_reload_mode.':'.$web_config['php_fpm_init_script']);
```
## Related log entries
```
26.09.2023-08:26 - DEBUG [nginx plugin.inc:3032] - Writing the PHP-FPM config file: /etc/php/8.1/fpm/pool.d/web5.conf
26.09.2023-08:26 - DEBUG [services.inc:56] - Calling function 'restartPHP_FPM' from module 'web_module'.
26.09.2023-08:26 - DEBUG [system.inc:2083] - Trying to use Systemd to restart service
26.09.2023-08:26 - DEBUG [system.inc:2431] - safe_exec cmd: systemctl is-enabled 'php8.1-fpm' 2>&1 - return code: 0
26.09.2023-08:26 - DEBUG [system.inc:2098] - ######################################reload php8.1-fpm
26.09.2023-08:26 - DEBUG [web module.inc:316] - Restarting php-fpm: systemctl reload php8.1-fpm.service
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6417Database quota dashlet shows -1 MB instead of unlimited2023-09-17T18:12:52ZHelmoDatabase quota dashlet shows -1 MB instead of unlimitedSomehow the code for the [database](https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop/interface/web/dashboard/dashlets/templates/databasequota.htm#L17) and [email](https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop...Somehow the code for the [database](https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop/interface/web/dashboard/dashlets/templates/databasequota.htm#L17) and [email](https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop/interface/web/dashboard/dashlets/templates/databasequota.htm#L17) quota dashlets looks for `0` while the [diskquota](https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop/interface/web/dashboard/dashlets/templates/quota.htm#L19) instead looks for `-1` to mean unlimited.
As the default [limit_database_quota](https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop/interface/web/client/form/client.tform.php#L1450) and [limit_mailquota](https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop/interface/web/client/form/client.tform.php#L891) is `-1` it renders strange as '-1 MB' and with an unused progresbar.
![image](/uploads/ff8ce64688d3cbc75dd3f8fa9c93273c/image.png)
After my patch:
![image](/uploads/7e763a622a6dd79176f52bed30c689c0/image.png)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6575Validation bug in DNS DMARC2023-09-14T21:28:18ZPyte CValidation bug in DNS DMARC## Summary
<!-- What is happening and what is wrong with that? -->
When trying to create a DMARC record for a domain where the DKIM is configured via a CNAME record ISPConfig errors with `dmarc_no_dkim_txt`.
As this is a valid setup (see...## Summary
<!-- What is happening and what is wrong with that? -->
When trying to create a DMARC record for a domain where the DKIM is configured via a CNAME record ISPConfig errors with `dmarc_no_dkim_txt`.
As this is a valid setup (see O365 docs for example) the validation function needs to be corrected.
Reference thread in the forums: https://forum.howtoforge.com/threads/configuring-dkim-and-dmarc-with-office-365.91120/#post-449340
## Steps to reproduce
1. Create a CNAME that point to the DKIM Record
2. Trying adding a DMARC Record
3. Result: Error dmarc_no_dkim_txt
## Correct behaviour
The validation should not check, as it is possible that the record is not configured in the same zone.
## Proposed fix
The file in question is interface/web/dns/dns_dmarc_edit.php lines 229-236:
```
// DMARC requieres at least one active dkim-record...
$sql = "SELECT * FROM dns_rr
LEFT JOIN dns_soa ON (dns_rr.zone=dns_soa.id)
WHERE dns_soa.origin = ? AND dns_rr.name LIKE ? AND type='TXT' AND data like 'v=DKIM1;%' AND dns_rr.active='Y'";
$temp = $app->db->queryAllRecords($sql, $soa['origin'], '%._domainkey%');
if (empty($temp)) {
if (isset($app->tform->errorMessage )) $app->tform->errorMessage = '<br/>' . $app->tform->errorMessage;
$app->tform->errorMessage .= $app->tform->wordbook['dmarc_no_dkim_txt'].$email;
}
```3.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6572[installer] Undefined variable $issued_successfully2023-09-09T05:38:56ZDr. Yves Kreis[installer] Undefined variable $issued_successfullyOutput from the installer:
```
Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:
Checking / creating certificate for _hostname_
Using certificate path /etc/letsencrypt/live/_hostname_
Server's public ip(s...Output from the installer:
```
Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:
Checking / creating certificate for _hostname_
Using certificate path /etc/letsencrypt/live/_hostname_
Server's public ip(s) (_IP_) not found in A/AAAA records for _hostname_: _IP_
Ignore DNS check and continue to request certificate? (y,n) [n]:
PHP Warning: Undefined variable $issued_successfully in /tmp/ispconfig3_install/install/lib/installer_base.lib.php on line 3319
Could not issue letsencrypt certificate, falling back to self-signed.
```3.2.12