Commit 50ea5b3d authored by Marius Burkard's avatar Marius Burkard

Merge branch 'stable-3.1'

parents 76232bb6 a02ec6b0
--- amavisd-new.orig 2017-11-16 11:51:19.000000000 +0100
+++ amavisd-new 2018-05-25 16:53:45.623398108 +0200
@@ -22829,6 +22829,7 @@
}
# load policy banks from the 'client_ipaddr_policy' lookup
Amavis::load_policy_bank($_,$msginfo) for @bank_names_cl;
+ $msginfo->originating(c('originating'));
$msginfo->client_addr($cl_ip); # ADDR
$msginfo->client_port($cl_port); # PORT
@@ -34361,6 +34362,7 @@
$sig_ind++;
}
Amavis::load_policy_bank($_,$msginfo) for @bank_names;
+ $msginfo->originating(c('originating'));
$msginfo->dkim_signatures_valid(\@signatures_valid) if @signatures_valid;
# if (ll(5) && $sig_ind > 0) {
# # show which header fields are covered by which signature
......@@ -2371,9 +2371,9 @@ class installer_base {
$content = str_replace('{ssl_comment}', '#', $content);
// Fix socket path on PHP 7 systems
if(file_exists('/var/run/php/php7.0-fpm.sock')) {
$content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.0-fpm.sock', $content);
}
if(file_exists('/var/run/php/php7.0-fpm.sock')) $content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.0-fpm.sock', $content);
if(file_exists('/var/run/php/php7.1-fpm.sock')) $content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.1-fpm.sock', $content);
if(file_exists('/var/run/php/php7.2-fpm.sock')) $content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.2-fpm.sock', $content);
wf($vhost_conf_dir.'/apps.vhost', $content);
......
......@@ -103,6 +103,7 @@ php_fpm_ini_path=/etc/php5/fpm/php.ini
php_fpm_pool_dir=/etc/php5/fpm/pool.d
php_fpm_start_port=9010
php_fpm_socket_dir=/var/lib/php5-fpm
php_default_name=Default
set_folder_permissions_on_update=n
add_web_users_to_sshusers_group=y
connect_userid_to_webid=n
......
......@@ -513,6 +513,29 @@ class functions {
return $out;
}
// Function to check paths before we use it as include. Use with absolute paths only.
public function check_include_path($path) {
if(strpos($path,'//') !== false) die('Include path seems to be an URL: '.$this->htmlentities($path));
if(strpos($path,'..') !== false) die('Two dots are not allowed in include path: '.$this->htmlentities($path));
if(!preg_match("/^[a-zA-Z0-9_\/\.\-]+$/", $path)) die('Wrong chars in include path: '.$this->htmlentities($path));
$path = realpath($path);
if($path == '') die('Include path does not exist.');
if(substr($path,0,strlen(ISPC_ROOT_PATH)) != ISPC_ROOT_PATH) die('Path '.$this->htmlentities($path).' is outside of ISPConfig installation directory.');
return $path;
}
// Function to check language strings
public function check_language($language) {
global $app;
if(preg_match('/^[a-z]{2}$/',$language)) {
return $language;
} else {
$app->log('Wrong language string: '.$this->htmlentities($language),1);
return 'en';
}
}
}
?>
......@@ -60,7 +60,7 @@ class listform {
}
//* Set local Language File
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_'.$this->listDef['name'].'_list.lng';
$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_'.$this->listDef['name'].'_list.lng';
if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$this->listDef['name'].'_list.lng';
include $lng_file;
......
......@@ -249,7 +249,7 @@ class listform_actions {
global $app;
//* Set global Language File
$lng_file = ISPC_LIB_PATH.'/lang/'.$_SESSION['s']['language'].'.lng';
$lng_file = ISPC_LIB_PATH.'/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
if(!file_exists($lng_file))
$lng_file = ISPC_LIB_PATH.'/lang/en.lng';
include $lng_file;
......
......@@ -153,10 +153,10 @@ class listform_tpl_generator {
}
function lng_add($lang, $listDef, $module = '') {
global $go_api, $go_info, $conf;
global $app, $conf;
if($module == '') {
$lng_file = "lib/lang/".$conf["language"]."_".$listDef['name']."_list.lng";
$lng_file = "lib/lang/".$app->functions->check_language($conf["language"])."_".$listDef['name']."_list.lng";
} else {
$lng_file = '../'.$module."/lib/lang/en_".$listDef['name']."_list.lng";
}
......
......@@ -45,7 +45,7 @@ class plugin_backuplist extends plugin_base {
$listTpl->newTemplate('templates/web_backup_list.htm');
//* Loading language file
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_web_backup_list.lng";
$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_web_backup_list.lng";
include $lng_file;
$listTpl->setVar($wb);
......
......@@ -46,7 +46,7 @@ class plugin_backuplist_mail extends plugin_base {
$listTpl->newTemplate('templates/mail_user_backup_list.htm');
//* Loading language file
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_mail_backup_list.lng";
$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_mail_backup_list.lng";
include($lng_file);
$listTpl->setVar($wb);
......
......@@ -18,7 +18,7 @@ class plugin_directive_snippets extends plugin_base
$listTpl->newTemplate('templates/web_directive_snippets.htm');
//* Loading language file
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_web_directive_snippets.lng";
$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_web_directive_snippets.lng";
include $lng_file;
$listTpl->setVar($wb);
......
......@@ -120,7 +120,7 @@ class plugin_listview extends plugin_base {
}
// Loading language field
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$app->listform->listDef['name']."_list.lng";
$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$app->listform->listDef['name']."_list.lng";
include $lng_file;
$listTpl->setVar($wb);
......
......@@ -156,6 +156,122 @@ class remoting_admin extends remoting {
return false;
}
}
// config_value_* functions ---------------------------------------------------------------------------------------
//* Get config_value details
public function config_value_get($session_id, $group, $name)
{
global $app;
if(!$this->checkPerm($session_id, 'config_value_get')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
// validate fields
if($group == '' || $name == '') {
throw new SoapFault('field_empty_error', 'Group and name parameter may not be empty.');
return false;
}
return $app->db->queryOneRecord('SELECT * FROM sys_config WHERE `group` = ? AND `name` = ?', $group, $name);
}
//* Add a config_value record
public function config_value_add($session_id, $group, $name, $value)
{
global $app;
if(!$this->checkPerm($session_id, 'config_value_add')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
// validate fields
if($group == '' || $name == '' || $value == '') {
throw new SoapFault('field_empty_error', 'Group, name, and value parameter may not be empty.');
return false;
}
if(is_array($app->db->queryOneRecord('SELECT * FROM sys_config WHERE `group` = ? AND `name` = ?', $group, $name))) {
throw new SoapFault('record_unique_error', 'Group plus name field combination is not unique.');
return false;
}
return $app->db->query('INSERT INTO sys_config (`group`,`name`,`value`) VALUES (?,?,?)',$group,$name,$value);
}
//* Update config_value record
public function config_value_update($session_id, $group, $name, $value)
{
global $app;
if(!$this->checkPerm($session_id, 'config_value_update')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
// validate fields
if($group == '' || $name == '' || $value == '') {
throw new SoapFault('field_empty_error', 'Group, name, and value parameter may not be empty.');
return false;
}
if(!is_array($app->db->queryOneRecord('SELECT * FROM sys_config WHERE `group` = ? AND `name` = ?', $group, $name))) {
throw new SoapFault('record_nonexist_error', 'There is no record with this group plus name field combination.');
return false;
}
return $app->db->query('UPDATE sys_config SET `value` = ? WHERE `group` = ? AND `name` = ?',$value,$group,$name);
}
//* Replace config_value record
public function config_value_replace($session_id, $group, $name, $value)
{
global $app;
if(!$this->checkPerm($session_id, 'config_value_replace')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
// validate fields
if($group == '' || $name == '' || $value == '') {
throw new SoapFault('field_empty_error', 'Group, name, and value parameter may not be empty.');
return false;
}
if(is_array($app->db->queryOneRecord('SELECT * FROM sys_config WHERE `group` = ? AND `name` = ?', $group, $name))) {
return $app->db->query('UPDATE sys_config SET `value` = ? WHERE `group` = ? AND `name` = ?',$value,$group,$name);
} else {
return $app->db->query('INSERT INTO sys_config (`group`,`name`,`value`) VALUES (?,?,?)',$group,$name,$value);
}
}
//* Delete config_value record
public function config_value_delete($session_id, $group, $name)
{
global $app;
if(!$this->checkPerm($session_id, 'config_value_delete')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
// validate fields
if($group == '' || $name == '') {
throw new SoapFault('field_empty_error', 'Group and name parameter may not be empty.');
return false;
}
if(!is_array($app->db->queryOneRecord('SELECT * FROM sys_config WHERE `group` = ? AND `name` = ?', $group, $name))) {
throw new SoapFault('record_nonexist_error', 'There is no record with this group plus name field combination.');
return false;
}
return $app->db->query('DELETE FROM sys_config WHERE `group` = ? AND `name` = ?',$group,$name);
}
}
......
......@@ -333,7 +333,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_aaaa.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -384,7 +384,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_a.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -435,7 +435,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_alias.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -486,7 +486,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_cname.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -537,7 +537,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_hinfo.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -588,7 +588,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_mx.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -639,7 +639,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_ns.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -690,7 +690,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_ptr.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -741,7 +741,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_rp.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -792,7 +792,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_srv.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -843,7 +843,7 @@ class remoting_dns extends remoting {
return false;
}
$affected_rows = $this->deleteQuery('../dns/form/dns_txt.tform.php', $primary_id);
if($update_serial) $this->increase_serial($session_id, $client_id, $params);
if($update_serial) $this->increase_serial($session_id, $client_id, array('dns_rr_id' => $primary_id));
return $affected_rows;
}
......@@ -918,6 +918,12 @@ class remoting_dns extends remoting {
}
private function increase_serial($session_id, $client_id, $params) {
global $app;
if(!isset($params['zone']) && isset($params['dns_rr_id'])) {
$tmp = $app->db->queryOneRecord('SELECT zone FROM dns_rr WHERE id = ?',$params['dns_rr_id']);
$params['zone'] = $tmp['zone'];
unset($tmp);
}
$soa = $this->dns_zone_get($session_id, $params['zone']);
$serial=$soa['serial'];
$serial_date = intval(substr($serial, 0, 8));
......
......@@ -308,7 +308,9 @@ class remoting_lib extends tform_base {
global $app;
$username = $params["username"];
$clear_password = $params["password"];
$language = $params['language'];
$client_id = $app->functions->intval($client_id);
if(!isset($params['_ispconfig_pw_crypted']) || $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($clear_password));
else $password = $clear_password;
$params = array($username);
......@@ -318,8 +320,15 @@ class remoting_lib extends tform_base {
} else {
$pwstring ="" ;
}
$langstring = '';
if (!empty($language)) {
$langstring = ', language = ?';
$params[] = $language;
}
$params[] = $client_id;
$sql = "UPDATE sys_user set username = ? $pwstring WHERE client_id = ?";
$sql = "UPDATE sys_user set username = ? $pwstring $langstring WHERE client_id = ?";
$app->db->query($sql, true, $params);
}
......
......@@ -151,10 +151,10 @@ class searchform_actions {
global $app;
// Language File setzen
$lng_file = ISPC_WEB_PATH.'/lang/lib/lang/'.$_SESSION['s']['language'].'_list.lng';
$lng_file = ISPC_WEB_PATH.'/lang/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_list.lng';
if(!file_exists($lng_file)) $lng_file = ISPC_WEB_PATH.'/lang/lib/lang/en_'.'_list.lng';
include $lng_file;
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$app->searchform->listDef['name']."_search.lng";
$lng_file = "lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$app->searchform->listDef['name']."_search.lng";
if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$app->searchform->listDef['name']."_search.lng";
include $lng_file;
$app->tpl->setVar($wb);
......
......@@ -132,20 +132,25 @@ class tform extends tform_base {
function isReadonlyTab($tab, $primary_id) {
global $app, $conf;
if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true) {
// Add backticks for incomplete table names.
if(stristr($this->formDef['db_table'], '.')) {
$escape = '';
} else {
$escape = '`';
}
// Add backticks for incomplete table names.
if(stristr($this->formDef['db_table'], '.')) {
$escape = '';
} else {
$escape = '`';
}
$sql = "SELECT sys_userid FROM ?? WHERE ?? = ?";
$record = $app->db->queryOneRecord($sql, $this->formDef['db_table'], $this->formDef['db_table_idx'], $primary_id);
$sql = "SELECT sys_userid FROM ?? WHERE ?? = ?";
$record = $app->db->queryOneRecord($sql, $this->formDef['db_table'], $this->formDef['db_table_idx'], $primary_id);
// return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record.
if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true && $record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) {
return true;
// return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record.
if($record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) {
return true;
} else {
return false;
}
} else {
return false;
}
......
......@@ -134,7 +134,7 @@ class tform_base {
$this->module = $module;
$wb = array();
include_once ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng';
include_once ISPC_ROOT_PATH.'/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
if(is_array($wb)) $wb_global = $wb;
......@@ -143,7 +143,7 @@ class tform_base {
if(!file_exists($lng_file)) $lng_file = "lib/lang/en_".$this->formDef["name"].".lng";
include $lng_file;
} else {
$lng_file = "../$module/lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng";
$lng_file = "../$module/lib/lang/".$app->functions->check_language($_SESSION["s"]["language"])."_".$this->formDef["name"].".lng";
if(!file_exists($lng_file)) $lng_file = "../$module/lib/lang/en_".$this->formDef["name"].".lng";
include $lng_file;
}
......
......@@ -298,7 +298,7 @@ class tform_tpl_generator {
function lng_add($lang, $formDef) {
global $go_api, $go_info, $conf;
$lng_file = "lib/lang/".$conf["language"]."_".$formDef['name'].".lng";
$lng_file = "lib/lang/".$app->functions->check_language($conf["language"])."_".$formDef['name'].".lng";
if(is_file($lng_file)) {
include $lng_file;
} else {
......
......@@ -1128,6 +1128,24 @@ $form["tabs"]['web'] = array(
'width' => '40',
'maxlength' => '255'
),
'php_default_name' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'default' => 'Default',
'validators' => array( 0 => array('type' => 'NOTEMPTY',
'errmsg' => 'php_default_name_error_empty'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'TRIM'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
2 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'width' => '40',
'maxlength' => '255'
),
'php_fpm_init_script' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
......
......@@ -104,7 +104,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_add.lng';
$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_add.lng';
include $lng_file;
$app->tpl->setVar($wb);
......
......@@ -166,7 +166,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_complete.lng';
$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_complete.lng';
include $lng_file;
$app->tpl->setVar($wb);
......
......@@ -104,7 +104,7 @@ $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_edit.lng';
$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_edit.lng';
include $lng_file;
$app->tpl->setVar($wb);
......
......@@ -111,7 +111,7 @@ if(isset($_POST['lng_select']) && $error == '') {
$app->tpl->setVar('msg', $msg);
//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_export.lng';
$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_export.lng';
include $lng_file;
$app->tpl->setVar($wb);
......
......@@ -194,7 +194,7 @@ $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_import.lng';
$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_language_import.lng';
include $lng_file;
$app->tpl->setVar($wb);
......
......@@ -97,7 +97,7 @@ $app->tpl->setLoop('records', $language_files_list);
//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_list.lng';