Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
lolo888
ISPConfig 3
Commits
c8cf71f8
Commit
c8cf71f8
authored
Jan 22, 2010
by
tbrehm
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
made php open_basdir configurable per website.
Added a global default for the .htaccess allow_override setting.
parent
812f6e9a
Changes
12
Hide whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
95 additions
and
23 deletions
+95
-23
install/sql/ispconfig3.sql
install/sql/ispconfig3.sql
+2
-1
install/tpl/server.ini.master
install/tpl/server.ini.master
+2
-0
interface/web/admin/form/server_config.tform.php
interface/web/admin/form/server_config.tform.php
+22
-0
interface/web/admin/lib/lang/en_server_config.lng
interface/web/admin/lib/lang/en_server_config.lng
+4
-0
interface/web/admin/templates/server_config_web_edit.htm
interface/web/admin/templates/server_config_web_edit.htm
+9
-1
interface/web/sites/form/web_domain.tform.php
interface/web/sites/form/web_domain.tform.php
+12
-1
interface/web/sites/templates/web_domain_advanced.htm
interface/web/sites/templates/web_domain_advanced.htm
+5
-1
interface/web/sites/web_domain_edit.php
interface/web/sites/web_domain_edit.php
+20
-7
server/conf/php-cgi-starter.master
server/conf/php-cgi-starter.master
+2
-2
server/conf/php-fcgi-starter.master
server/conf/php-fcgi-starter.master
+1
-1
server/conf/vhost.conf.master
server/conf/vhost.conf.master
+2
-2
server/plugins-available/apache2_plugin.inc.php
server/plugins-available/apache2_plugin.inc.php
+14
-7
No files found.
install/sql/ispconfig3.sql
View file @
c8cf71f8
...
...
@@ -1057,8 +1057,9 @@ CREATE TABLE `web_domain` (
`ssl_bundle`
mediumtext
NULL
,
`ssl_action`
varchar
(
16
)
NULL
,
`stats_password`
varchar
(
255
)
default
NULL
,
`allow_override`
varchar
(
3
2
)
NOT
NULL
default
'All'
,
`allow_override`
varchar
(
2
55
)
NOT
NULL
default
'All'
,
`apache_directives`
text
,
`php_open_basedir`
text
,
`active`
enum
(
'n'
,
'y'
)
NOT
NULL
default
'y'
,
PRIMARY
KEY
(
`domain_id`
)
)
ENGINE
=
MyISAM
AUTO_INCREMENT
=
1
;
...
...
install/tpl/server.ini.master
View file @
c8cf71f8
...
...
@@ -44,6 +44,8 @@ group=www-data
apps_vhost_port=8081
apps_vhost_ip=_default_
apps_vhost_servername=
php_open_basedir=[website_path]/web:[website_path]/tmp:/usr/share/php5:/tmp:/usr/share/phpmyadmin
htaccess_allow_override=All
[dns]
bind_user=root
...
...
interface/web/admin/form/server_config.tform.php
View file @
c8cf71f8
...
...
@@ -387,6 +387,28 @@ $form["tabs"]['web'] = array (
'width'
=>
'40'
,
'maxlength'
=>
'255'
),
'php_open_basedir'
=>
array
(
'datatype'
=>
'VARCHAR'
,
'formtype'
=>
'TEXT'
,
'default'
=>
''
,
'validators'
=>
array
(
0
=>
array
(
'type'
=>
'NOTEMPTY'
,
'errmsg'
=>
'php_open_basedir_error_empty'
),
),
'value'
=>
''
,
'width'
=>
'40'
,
'maxlength'
=>
'255'
),
'htaccess_allow_override'
=>
array
(
'datatype'
=>
'VARCHAR'
,
'formtype'
=>
'TEXT'
,
'default'
=>
''
,
'validators'
=>
array
(
0
=>
array
(
'type'
=>
'NOTEMPTY'
,
'errmsg'
=>
'htaccess_allow_override_error_empty'
),
),
'value'
=>
''
,
'width'
=>
'40'
,
'maxlength'
=>
'255'
),
'apps_vhost_port'
=>
array
(
'datatype'
=>
'VARCHAR'
,
'formtype'
=>
'TEXT'
,
...
...
interface/web/admin/lib/lang/en_server_config.lng
View file @
c8cf71f8
...
...
@@ -61,4 +61,8 @@ $wb["named_conf_path_error_empty"] = 'BIND named.conf path is empty.';
$wb
[
"named_conf_local_path_error_empty"
]
=
'BIND named.conf.local path is empty.'
;
$wb
[
"mail_filter_syntax_txt"
]
=
'Mailfilter Syntax'
;
$wb
[
"pop3_imap_daemon_txt"
]
=
'POP3/IMAP Daemon'
;
$wb
[
"php_open_basedir_txt"
]
=
'PHP open_basedir'
;
$wb
[
"php_open_basedir_error_empty"
]
=
'PHP open_basedir is empty.'
;
$wb
[
"htaccess_allow_override_txt"
]
=
'.htaccess AllowOverride'
;
$wb
[
"htaccess_allow_override_error_empty"
]
=
'.htaccess AllowOverride is empty.'
;
?>
\ No newline at end of file
interface/web/admin/templates/server_config_web_edit.htm
View file @
c8cf71f8
...
...
@@ -16,7 +16,7 @@
<div
class=
"ctrlHolder"
>
<label
for=
"website_symlinks"
>
{tmpl_var name='website_symlinks_txt'}
</label>
<input
name=
"website_symlinks"
id=
"website_symlinks"
value=
"{tmpl_var name='website_symlinks'}"
size=
"40"
maxlength=
"255"
type=
"text"
class=
"textInput"
/>
</div>
</div>
<div
class=
"ctrlHolder"
>
<label
for=
"vhost_conf_dir"
>
{tmpl_var name='vhost_conf_dir_txt'}
</label>
<input
name=
"vhost_conf_dir"
id=
"vhost_conf_dir"
value=
"{tmpl_var name='vhost_conf_dir'}"
size=
"40"
maxlength=
"255"
type=
"text"
class=
"textInput"
/>
...
...
@@ -42,6 +42,14 @@
<input
name=
"group"
id=
"group"
value=
"{tmpl_var name='group'}"
size=
"40"
maxlength=
"255"
type=
"text"
class=
"textInput"
/>
</div>
<div
class=
"ctrlHolder"
>
<label
for=
"php_open_basedir"
>
{tmpl_var name='php_open_basedir_txt'}
</label>
<input
name=
"php_open_basedir"
id=
"php_open_basedir"
value=
"{tmpl_var name='php_open_basedir'}"
size=
"40"
maxlength=
"255"
type=
"text"
class=
"textInput"
/>
</div>
<div
class=
"ctrlHolder"
>
<label
for=
"htaccess_allow_override"
>
{tmpl_var name='htaccess_allow_override_txt'}
</label>
<input
name=
"htaccess_allow_override"
id=
"htaccess_allow_override"
value=
"{tmpl_var name='htaccess_allow_override'}"
size=
"40"
maxlength=
"255"
type=
"text"
class=
"textInput"
/>
</div>
<div
class=
"ctrlHolder"
>
<label
for=
"apps_vhost_port"
>
{tmpl_var name='apps_vhost_port_txt'}
</label>
<input
name=
"apps_vhost_port"
id=
"apps_vhost_port"
value=
"{tmpl_var name='apps_vhost_port'}"
size=
"40"
maxlength=
"255"
type=
"text"
class=
"textInput"
/>
</div>
...
...
interface/web/sites/form/web_domain.tform.php
View file @
c8cf71f8
...
...
@@ -403,7 +403,18 @@ $form["tabs"]['advanced'] = array (
'datatype'
=>
'VARCHAR'
,
'formtype'
=>
'TEXT'
,
'validators'
=>
array
(
0
=>
array
(
'type'
=>
'NOTEMPTY'
,
'errmsg'
=>
'documentroot_error_empty'
),
'errmsg'
=>
'allow_override_error_empty'
),
),
'default'
=>
'All'
,
'value'
=>
''
,
'width'
=>
'30'
,
'maxlength'
=>
'255'
),
'php_open_basedir'
=>
array
(
'datatype'
=>
'VARCHAR'
,
'formtype'
=>
'TEXT'
,
'validators'
=>
array
(
0
=>
array
(
'type'
=>
'NOTEMPTY'
,
'errmsg'
=>
'php_open_basedir_error_empty'
),
),
'default'
=>
'All'
,
'value'
=>
''
,
...
...
interface/web/sites/templates/web_domain_advanced.htm
View file @
c8cf71f8
...
...
@@ -19,7 +19,11 @@
<div
class=
"ctrlHolder"
>
<label
for=
"allow_override"
>
{tmpl_var name='allow_override_txt'}
</label>
<input
name=
"allow_override"
id=
"allow_override"
value=
"{tmpl_var name='allow_override'}"
size=
"30"
maxlength=
"255"
type=
"text"
class=
"textInput"
/>
</div
</div>
<div
class=
"ctrlHolder"
>
<label
for=
"php_open_basedir"
>
{tmpl_var name='php_open_basedir_txt'}
</label>
<input
name=
"php_open_basedir"
id=
"php_open_basedir"
value=
"{tmpl_var name='php_open_basedir'}"
size=
"30"
maxlength=
"255"
type=
"text"
class=
"textInput"
/>
</div>
<div
class=
"ctrlHolder"
>
<label
for=
"apache_directives"
>
{tmpl_var name='apache_directives_txt'}
</label>
<textarea
name=
"apache_directives"
id=
"apache_directives"
rows=
'10'
cols=
'30'
>
{tmpl_var name='apache_directives'}
</textarea>
...
...
interface/web/sites/web_domain_edit.php
View file @
c8cf71f8
...
...
@@ -293,11 +293,13 @@ class page_action extends tform_actions {
}
// Set the values for document_root, system_user and system_group
$system_user
=
'web'
.
$this
->
id
;
$system_group
=
'client'
.
$client_id
;
$document_root
=
str_replace
(
"[client_id]"
,
$client_id
,
$document_root
);
$system_user
=
$app
->
db
->
quote
(
'web'
.
$this
->
id
);
$system_group
=
$app
->
db
->
quote
(
'client'
.
$client_id
);
$document_root
=
$app
->
db
->
quote
(
str_replace
(
"[client_id]"
,
$client_id
,
$document_root
));
$php_open_basedir
=
$app
->
db
->
quote
(
str_replace
(
"[website_path]"
,
$document_root
,
$web_config
[
"php_open_basedir"
]));
$htaccess_allow_override
=
$app
->
db
->
quote
(
$web_config
[
"htaccess_allow_override"
]);
$sql
=
"UPDATE web_domain SET system_user = '
$system_user
', system_group = '
$system_group
', document_root = '
$document_root
' WHERE domain_id = "
.
$this
->
id
;
$sql
=
"UPDATE web_domain SET system_user = '
$system_user
', system_group = '
$system_group
', document_root = '
$document_root
'
, allow_override = '
$htaccess_allow_override
', php_open_basedir = '
$php_open_basedir
'
WHERE domain_id = "
.
$this
->
id
;
$app
->
db
->
query
(
$sql
);
}
...
...
@@ -372,9 +374,9 @@ class page_action extends tform_actions {
if
((
$_SESSION
[
"s"
][
"user"
][
"typ"
]
==
'admin'
||
$app
->
auth
->
has_clients
(
$_SESSION
[
's'
][
'user'
][
'userid'
]))
&&
isset
(
$this
->
dataRecord
[
"client_group_id"
])
&&
$this
->
dataRecord
[
"client_group_id"
]
!=
$this
->
oldDataRecord
[
"client_group_id"
])
{
// Set the values for document_root, system_user and system_group
$system_user
=
'web'
.
$this
->
id
;
$system_group
=
'client'
.
$client_id
;
$document_root
=
str_replace
(
"[client_id]"
,
$client_id
,
$document_root
);
$system_user
=
$app
->
db
->
quote
(
'web'
.
$this
->
id
)
;
$system_group
=
$app
->
db
->
quote
(
'client'
.
$client_id
)
;
$document_root
=
$app
->
db
->
quote
(
str_replace
(
"[client_id]"
,
$client_id
,
$document_root
)
)
;
$sql
=
"UPDATE web_domain SET system_user = '
$system_user
', system_group = '
$system_group
', document_root = '
$document_root
' WHERE domain_id = "
.
$this
->
id
;
//$sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group' WHERE domain_id = ".$this->id;
...
...
@@ -393,6 +395,17 @@ class page_action extends tform_actions {
unset
(
$subdomain
);
}
//* Set allow_override and php_open_basedir if empty
if
(
$web_rec
[
'allow_override'
]
==
''
)
{
$sql
=
"UPDATE web_domain SET allow_override = '"
.
$app
->
db
->
quote
(
$web_config
[
"htaccess_allow_override"
])
.
"' WHERE domain_id = "
.
$this
->
id
;
$app
->
db
->
query
(
$sql
);
}
if
(
$web_rec
[
'php_open_basedir'
]
==
''
)
{
$php_open_basedir
=
$app
->
db
->
quote
(
str_replace
(
"[website_path]"
,
$document_root
,
$web_config
[
"php_open_basedir"
]));
$sql
=
"UPDATE web_domain SET php_open_basedir = '
$php_open_basedir
' WHERE domain_id = "
.
$this
->
id
;
$app
->
db
->
query
(
$sql
);
}
}
function
onAfterDelete
()
{
...
...
server/conf/php-cgi-starter.master
View file @
c8cf71f8
...
...
@@ -2,6 +2,6 @@
exec
<tmpl_var
name
=
'php_cgi_bin'
>
\
-d
open_basedir
=
<tmpl_var
name
=
'open_basedir'
>
\
-d
upload_tmp_dir
=
<tmpl_var
name
=
'
open_basedir
'
>
/tmp
\
-d
session.save_path
=
<tmpl_var
name
=
'
open_basedir
'
>
/tmp
-d
upload_tmp_dir
=
<tmpl_var
name
=
'
document_root
'
>
/tmp
\
-d
session.save_path
=
<tmpl_var
name
=
'
document_root
'
>
/tmp
# -d safe_mode=${SAFE_MODE}
\ No newline at end of file
server/conf/php-fcgi-starter.master
View file @
c8cf71f8
...
...
@@ -10,7 +10,7 @@ export PHP_DOCUMENT_ROOT
PHP_FCGI_MAX_REQUESTS
=
<tmpl_var
name
=
'php_fcgi_max_requests'
>
export
PHP_FCGI_MAX_REQUESTS
exec
<tmpl_var
name
=
'php_fcgi_bin'
>
\
<tmpl_if
name
=
"security_level"
op
=
"=="
value
=
"20"
>
-d
open_basedir
=
"<tmpl_var name='
document_root'>:/usr/share/php5:/tmp:/usr/share/phpmyadmin
"
\
<tmpl_if
name
=
"security_level"
op
=
"=="
value
=
"20"
>
-d
open_basedir
=
"<tmpl_var name='
open_basedir'>
"
\
-d
upload_tmp_dir
=
<tmpl_var
name
=
'document_root'
>
/tmp
\
-d
session.save_path
=
<tmpl_var
name
=
'document_root'
>
/tmp
\
</tmpl_if>
$1
\ No newline at end of file
server/conf/vhost.conf.master
View file @
c8cf71f8
...
...
@@ -96,7 +96,7 @@
php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
<tmpl_if name='security_level' op='==' value='20'>
php_admin_value open_basedir <tmpl_var name='
document_root'>/web:<tmpl_var name='document_root'>/tmp:/usr/share/php5:/tmp:/usr/share/phpmyadmin
php_admin_value open_basedir <tmpl_var name='
php_open_basedir'>
</tmpl_if>
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
...
...
@@ -257,7 +257,7 @@
php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
<tmpl_if name='security_level' op='==' value='20'>
php_admin_value open_basedir <tmpl_var name='
document_root'>/web:<tmpl_var name='document_root'>/tmp:/usr/share/php5:/tmp:/usr/share/phpmyadmin
php_admin_value open_basedir <tmpl_var name='
php_open_basedir'>
</tmpl_if>
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
...
...
server/plugins-available/apache2_plugin.inc.php
View file @
c8cf71f8
...
...
@@ -555,6 +555,7 @@ class apache2_plugin {
$vhost_data
[
"web_basedir"
]
=
$web_config
[
"website_basedir"
];
$vhost_data
[
"security_level"
]
=
$web_config
[
"security_level"
];
$vhost_data
[
"allow_override"
]
=
(
$data
[
"new"
][
"allow_override"
]
==
''
)
?
'All'
:
$data
[
"new"
][
"allow_override"
];
$vhost_data
[
"php_open_basedir"
]
=
(
$data
[
"new"
][
"php_open_basedir"
]
==
''
)
?
$data
[
"new"
][
"document_root"
]
:
$data
[
"new"
][
"php_open_basedir"
];
// Check if a SSL cert exists
$ssl_dir
=
$data
[
"new"
][
"document_root"
]
.
"/ssl"
;
...
...
@@ -706,12 +707,15 @@ class apache2_plugin {
$fcgi_tpl
=
new
tpl
();
$fcgi_tpl
->
newTemplate
(
"php-fcgi-starter.master"
);
$fcgi_tpl
->
setVar
(
'php_ini_path'
,
$fastcgi_config
[
"fastcgi_phpini_path"
]);
$fcgi_tpl
->
setVar
(
'document_root'
,
$data
[
"new"
][
"document_root"
]);
$fcgi_tpl
->
setVar
(
'php_fcgi_children'
,
$fastcgi_config
[
"fastcgi_children"
]);
$fcgi_tpl
->
setVar
(
'php_fcgi_max_requests'
,
$fastcgi_config
[
"fastcgi_max_requests"
]);
$fcgi_tpl
->
setVar
(
'php_fcgi_bin'
,
$fastcgi_config
[
"fastcgi_bin"
]);
$fcgi_tpl
->
setVar
(
'security_level'
,
$web_config
[
"security_level"
]);
$fcgi_tpl
->
setVar
(
'php_ini_path'
,
escapeshellcmd
(
$fastcgi_config
[
"fastcgi_phpini_path"
]));
$fcgi_tpl
->
setVar
(
'document_root'
,
escapeshellcmd
(
$data
[
"new"
][
"document_root"
]));
$fcgi_tpl
->
setVar
(
'php_fcgi_children'
,
escapeshellcmd
(
$fastcgi_config
[
"fastcgi_children"
]));
$fcgi_tpl
->
setVar
(
'php_fcgi_max_requests'
,
escapeshellcmd
(
$fastcgi_config
[
"fastcgi_max_requests"
]));
$fcgi_tpl
->
setVar
(
'php_fcgi_bin'
,
escapeshellcmd
(
$fastcgi_config
[
"fastcgi_bin"
]));
$fcgi_tpl
->
setVar
(
'security_level'
,
intval
(
$web_config
[
"security_level"
]));
$php_open_basedir
=
(
$data
[
"new"
][
"php_open_basedir"
]
==
''
)
?
$data
[
"new"
][
"document_root"
]
:
$data
[
"new"
][
"php_open_basedir"
];
$cgi_tpl
->
setVar
(
'open_basedir'
,
escapeshellcmd
(
$php_open_basedir
));
$fcgi_starter_script
=
escapeshellcmd
(
$fastcgi_starter_path
.
$fastcgi_config
[
"fastcgi_starter_script"
]);
file_put_contents
(
$fcgi_starter_script
,
$fcgi_tpl
->
grab
());
...
...
@@ -759,7 +763,10 @@ class apache2_plugin {
$cgi_tpl
->
newTemplate
(
"php-cgi-starter.master"
);
// This works, because php "rewrites" a symlink to the physical path
$cgi_tpl
->
setVar
(
'open_basedir'
,
$data
[
"new"
][
"document_root"
]);
$php_open_basedir
=
(
$data
[
"new"
][
"php_open_basedir"
]
==
''
)
?
$data
[
"new"
][
"document_root"
]
:
$data
[
"new"
][
"php_open_basedir"
];
$cgi_tpl
->
setVar
(
'open_basedir'
,
escapeshellcmd
(
$php_open_basedir
));
$cgi_tpl
->
setVar
(
'document_root'
,
escapeshellcmd
(
$data
[
"new"
][
"document_root"
]));
// This will NOT work!
//$cgi_tpl->setVar('open_basedir', "/var/www/" . $data["new"]["domain"]);
$cgi_tpl
->
setVar
(
'php_cgi_bin'
,
$cgi_config
[
"cgi_bin"
]);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment