Commit afe87b04 authored by Dominik's avatar Dominik

Merge branch 'reject_sender_login_mismatch' into mdbox-format

parents f339ebf3 3299ad41
......@@ -5,8 +5,8 @@
//######################################################################################################
$sql = "SELECT domain_id, domain, document_root FROM web_domain WHERE server_id = ".$conf["server_id"];
$records = $app->db->queryAllRecords($sql);
$sql = "SELECT domain_id, domain, document_root FROM web_domain WHERE server_id = ?";
$records = $app->db->queryAllRecords($sql, $conf["server_id"]);
foreach($records as $rec) {
$domain = escapeshellcmd($rec["domain"]);
$logdir = escapeshellcmd($rec["document_root"].'/log');
......
......@@ -17,7 +17,7 @@ try{
// check for existing user
$dbmail = $db->real_escape_string($arg_email);
$result = $db->query("SELECT jid, password FROM xmpp_user WHERE jid LIKE '".$dbmail."' AND active='y' AND server_id='".$isp_server_id."'");
$result = $db->query("SELECT jid, password FROM xmpp_user WHERE jid LIKE ? AND active='y' AND server_id=?", $dbmail, $isp_server_id);
result_false($result->num_rows != 1);
$user = $result->fetch_object();
......
......@@ -15,7 +15,7 @@ try{
// check for existing user
$dbmail = $db->real_escape_string($arg_email);
$result = $db->query("SELECT jid, password FROM xmpp_user WHERE jid LIKE '".$dbmail."' AND active='y' AND server_id='".$isp_server_id."'");
$result = $db->query("SELECT jid, password FROM xmpp_user WHERE jid LIKE ? AND active='y' AND server_id=?", $dbmail, $isp_server_id);
result_false($result->num_rows != 1);
result_true();
......
......@@ -38,7 +38,7 @@ class installer extends installer_base {
// check if virtual_transport must be changed
if ($this->is_update) {
$tmp = $this->db->queryOneRecord("SELECT * FROM ".$conf["mysql"]["database"].".server WHERE server_id = ".$conf['server_id']);
$tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $conf['server_id']);
$ini_array = ini_to_array(stripslashes($tmp['config']));
// ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()
......@@ -154,10 +154,6 @@ class installer extends installer_base {
*/
}
public function configure_xmpp() {
parent::configure_xmpp();
}
}
?>
......@@ -185,7 +185,7 @@ class installer_dist extends installer_base {
if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* These postconf commands will be executed on installation and update
$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ?", $conf['server_id']);
$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
unset($server_ini_rec);
......@@ -404,7 +404,7 @@ class installer_dist extends installer_base {
// check if virtual_transport must be changed
if ($this->is_update) {
$tmp = $this->db->queryOneRecord("SELECT * FROM ".$conf["mysql"]["database"].".server WHERE server_id = ".$conf['server_id']);
$tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $conf['server_id']);
$ini_array = ini_to_array(stripslashes($tmp['config']));
// ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()
......@@ -713,7 +713,7 @@ class installer_dist extends installer_base {
$tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion());
$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array();
if(is_array($records) && count($records) > 0) {
......@@ -799,7 +799,7 @@ class installer_dist extends installer_base {
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_firewall()
public function configure_bastille_firewall()
{
global $conf;
......@@ -821,7 +821,7 @@ class installer_dist extends installer_base {
$tcp_public_services = '';
$udp_public_services = '';
$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
$row = $this->db->queryOneRecord('SELECT * FROM ?? WHERE server_id = ?', $conf["mysql"]["database"] . '.firewall', $conf['server_id']);
if(trim($row["tcp_port"]) != '' || trim($row["udp_port"]) != ''){
$tcp_public_services = trim(str_replace(',', ' ', $row["tcp_port"]));
......@@ -832,7 +832,7 @@ class installer_dist extends installer_base {
}
if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ? WHERE server_id = ?", ',' . intval($conf['apache']['vhost_port']), $conf['server_id']);
}
$content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content);
......@@ -1032,13 +1032,11 @@ class installer_dist extends installer_base {
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
$sql = "UPDATE `server` SET mail_server = ?, web_server = ?, dns_server = ?, file_server = ?, db_server = ?, vserver_server = ? WHERE server_id = ?";
$this->db->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
if($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
$this->dbmaster->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
}
// chown install dir to root and chmod 755
......
......@@ -258,7 +258,7 @@ class installer extends installer_base
// check if virtual_transport must be changed
if ($this->is_update) {
$tmp = $this->db->queryOneRecord("SELECT * FROM ".$conf["mysql"]["database"].".server WHERE server_id = ".$conf['server_id']);
$tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"].".server", $conf['server_id']);
$ini_array = ini_to_array(stripslashes($tmp['config']));
// ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()
......@@ -450,13 +450,13 @@ class installer extends installer_base
global $conf;
//* Create the database
if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
if(!$this->db->query('CREATE DATABASE IF NOT EXISTS ?? DEFAULT CHARACTER SET ?', $conf['powerdns']['database'], $conf['mysql']['charset'])) {
$this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
}
//* Create the ISPConfig database user in the local database
$query = 'GRANT ALL ON `'.$conf['powerdns']['database'].'` . * TO \''.$conf['mysql']['ispconfig_user'].'\'@\'localhost\';';
if(!$this->db->query($query)) {
$query = 'GRANT ALL ON ??.* TO ?@?';
if(!$this->db->query($query, $conf['powerdns']['database'], $conf['mysql']['ispconfig_user'], 'localhost')) {
$this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
}
......@@ -566,25 +566,10 @@ class installer extends installer_base
//* Copy the ISPConfig configuration include
/*
$content = $this->get_template_file('apache_ispconfig.conf', true);
$records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'");
if(is_array($records) && count($records) > 0)
{
foreach($records as $rec) {
$content .= "NameVirtualHost ".$rec["ip_address"].":80\n";
$content .= "NameVirtualHost ".$rec["ip_address"].":443\n";
}
}
$this->write_config_file($conf['apache']['vhost_conf_dir'].'/000-ispconfig.conf', $content);
*/
$tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion());
$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array();
if(is_array($records) && count($records) > 0) {
......@@ -933,13 +918,11 @@ class installer extends installer_base
$db_server_enabled = ($conf['services']['db'])?1:0;
$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
$sql = "UPDATE `server` SET mail_server = ?, web_server = ?, dns_server = ?, file_server = ?, db_server = ?, vserver_server = ? WHERE server_id = ?";
$this->db->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
if($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
$this->dbmaster->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
}
// chown install dir to root and chmod 755
......
......@@ -215,7 +215,7 @@ class installer_dist extends installer_base {
if($cf['vmail_mailbox_base'] != '' && strlen($cf['vmail_mailbox_base']) >= 10 && $this->is_update === false) exec('chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base']);
//* These postconf commands will be executed on installation and update
$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ?", $conf['server_id']);
$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
unset($server_ini_rec);
......@@ -459,7 +459,7 @@ class installer_dist extends installer_base {
// check if virtual_transport must be changed
if ($this->is_update) {
$tmp = $this->db->queryOneRecord("SELECT * FROM ".$conf["mysql"]["database"].".server WHERE server_id = ".$conf['server_id']);
$tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $conf['server_id']);
$ini_array = ini_to_array(stripslashes($tmp['config']));
// ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()
......@@ -745,7 +745,7 @@ class installer_dist extends installer_base {
$tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion());
$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array();
if(is_array($records) && count($records) > 0) {
......@@ -873,7 +873,7 @@ class installer_dist extends installer_base {
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_firewall()
public function configure_bastille_firewall()
{
global $conf;
......@@ -895,7 +895,7 @@ class installer_dist extends installer_base {
$tcp_public_services = '';
$udp_public_services = '';
$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
$row = $this->db->queryOneRecord('SELECT * FROM ?? WHERE server_id = ?', $conf["mysql"]["database"] . '.firewall', $conf['server_id']);
if(trim($row["tcp_port"]) != '' || trim($row["udp_port"]) != ''){
$tcp_public_services = trim(str_replace(',', ' ', $row["tcp_port"]));
......@@ -907,7 +907,7 @@ class installer_dist extends installer_base {
if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ? WHERE server_id = ?", ',' . intval($conf['apache']['vhost_port']), $conf['server_id']);
}
$content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content);
......@@ -1105,13 +1105,11 @@ class installer_dist extends installer_base {
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
$sql = "UPDATE `server` SET mail_server = ?, web_server = ?, dns_server = ?, file_server = ?, db_server = ?, vserver_server = ? WHERE server_id = ?";
$this->db->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
if($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
$this->dbmaster->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
}
// chown install dir to root and chmod 755
......
......@@ -449,10 +449,8 @@ if($install_mode == 'standard') {
// initialize the connection to the master database
$inst->dbmaster = new db();
if($inst->dbmaster->linkId) $inst->dbmaster->closeConn();
$inst->dbmaster->dbHost = $conf['mysql']["master_host"];
$inst->dbmaster->dbName = $conf['mysql']["master_database"];
$inst->dbmaster->dbUser = $conf['mysql']["master_admin_user"];
$inst->dbmaster->dbPass = $conf['mysql']["master_admin_password"];
$inst->dbmaster->setDBData($conf['mysql']["master_host"], $conf['mysql']["master_admin_user"], $conf['mysql']["master_admin_password"]);
$inst->dbmaster->setDBName($conf['mysql']["master_database"]);
} else {
// the master DB is the same then the slave DB
......@@ -623,23 +621,17 @@ if($install_mode == 'standard') {
//** Configure Firewall
if(strtolower($inst->simple_query('Configure Firewall Server', array('y', 'n'), 'y','configure_firewall')) == 'y') {
//if($conf['bastille']['installed'] == true) {
//* Configure Bastille Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Bastille Firewall');
$inst->configure_firewall();
/*} elseif($conf['ufw']['installed'] == true) {
//* Configure Ubuntu Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Ubuntu Firewall');
$inst->configure_ufw_firewall();
} else {
//* Configure Bastille Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Bastille Firewall');
$inst->configure_bastille_firewall();
}
*/
if($conf['ufw']['installed'] == true) {
//* Configure Ubuntu Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Ubuntu Firewall');
$inst->configure_ufw_firewall();
} else {
//* Configure Bastille Firewall
$conf['services']['firewall'] = true;
swriteln('Configuring Bastille Firewall');
$inst->configure_bastille_firewall();
}
}
//** Configure Firewall
......@@ -713,6 +705,8 @@ if($install_mode == 'standard') {
} //* << $install_mode / 'Standard' or Genius
$inst->create_mount_script();
//* Create md5 filelist
$md5_filename = '/usr/local/ispconfig/security/data/file_checksums_'.date('Y-m-d_h-i').'.md5';
exec('find /usr/local/ispconfig -type f -print0 | xargs -0 md5sum > '.$md5_filename);
......
This diff is collapsed.
This diff is collapsed.
......@@ -124,7 +124,7 @@ function updateDbAndIni() {
global $inst, $conf;
//* Update $conf array with values from the server.ini that shall be preserved
$tmp = $inst->db->queryOneRecord("SELECT * FROM ".$conf["mysql"]["database"].".server WHERE server_id = ".$conf['server_id']);
$tmp = $inst->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
$ini_array = ini_to_array(stripslashes($tmp['config']));
$current_db_version = (isset($tmp['dbversion']))?intval($tmp['dbversion']):0;
......@@ -218,8 +218,8 @@ function updateDbAndIni() {
}
//* update the database version in server table
$inst->db->query("UPDATE ".$conf["mysql"]["database"].".server SET dbversion = '".$current_db_version."' WHERE server_id = ".$conf['server_id']);
if($inst->db->dbHost != $inst->dbmaster->dbHost) $inst->dbmaster->query("UPDATE ".$conf["mysql"]["master_database"].".server SET dbversion = '".$current_db_version."' WHERE server_id = ".$conf['server_id']);
$inst->db->query("UPDATE ?? SET dbversion = ? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $current_db_version, $conf['server_id']);
if($inst->db->dbHost != $inst->dbmaster->dbHost) $inst->dbmaster->query("UPDATE ?? SET dbversion = ? WHERE server_id = ?", $conf["mysql"]["master_database"] . ".server", $current_db_version, $conf['server_id']);
//* If ISPConfig Version < 3.0.3, we will do a full db update
......@@ -228,7 +228,7 @@ function updateDbAndIni() {
swriteln($inst->lng('Starting full database update.'));
//** Delete the old database
if( !$inst->db->query('DROP DATABASE IF EXISTS '.$conf['mysql']['database']) ) {
if( !$inst->db->query('DROP DATABASE IF EXISTS ??', $conf['mysql']['database']) ) {
$inst->error('Unable to drop MySQL database: '.$conf['mysql']['database'].'.');
}
......@@ -239,7 +239,7 @@ function updateDbAndIni() {
$db_tables = $inst->db->getTables();
foreach($db_tables as $table) {
$inst->db->query("TRUNCATE $table");
$inst->db->query("TRUNCATE ??", $table);
}
//** load old data back into database
......@@ -262,15 +262,15 @@ function updateDbAndIni() {
}
//* update the database version in server table
$inst->db->query("UPDATE ".$conf["mysql"]["database"].".server SET dbversion = '".$current_db_version."' WHERE server_id = ".$conf['server_id']);
if($inst->db->dbHost != $inst->dbmaster->dbHost) $inst->dbmaster->query("UPDATE ".$conf["mysql"]["master_database"].".server SET dbversion = '".$current_db_version."' WHERE server_id = ".$conf['server_id']);
$inst->db->query("UPDATE ?? SET dbversion = ? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $current_db_version, $conf['server_id']);
if($inst->db->dbHost != $inst->dbmaster->dbHost) $inst->dbmaster->query("UPDATE ?? SET dbversion = ? WHERE server_id = ?", $conf["mysql"]["master_database"] . ".server", $current_db_version, $conf['server_id']);
if ($conf['powerdns']['installed']) {
swriteln($inst->lng('Starting full PowerDNS database update.'));
//** Delete the old PowerDNS database
if( !$inst->db->query('DROP DATABASE IF EXISTS '.$conf['powerdns']['database']) ) {
if( !$inst->db->query('DROP DATABASE IF EXISTS ??', $conf['powerdns']['database']) ) {
$inst->error('Unable to drop MySQL database: '.$conf['powerdns']['database'].'.');
}
......@@ -288,7 +288,7 @@ function updateDbAndIni() {
//** Update server ini
$tmp_server_rec = $inst->db->queryOneRecord("SELECT config FROM ".$conf["mysql"]["database"].".server WHERE server_id = ".$conf['server_id']);
$tmp_server_rec = $inst->db->queryOneRecord("SELECT config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $conf['server_id']);
$old_ini_array = ini_to_array(stripslashes($tmp_server_rec['config']));
unset($tmp_server_rec);
$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));
......@@ -344,12 +344,12 @@ function updateDbAndIni() {
}
$new_ini = array_to_ini($tpl_ini_array);
$sql = "UPDATE ".$conf["mysql"]["database"].".server SET config = '".mysql_real_escape_string($new_ini)."' WHERE server_id = ".$conf['server_id'];
$inst->db->query($sql);
$sql = "UPDATE ?? SET config = ? WHERE server_id = ?";
$inst->db->query($sql, $conf["mysql"]["database"] . ".server", $new_ini, $conf['server_id']);
if($inst->db->dbHost != $inst->dbmaster->dbHost) {
$sql = "UPDATE ".$conf["mysql"]["master_database"].".server SET config = '".mysql_real_escape_string($new_ini)."' WHERE server_id = ".$conf['server_id'];
$inst->dbmaster->query($sql);
$sql = "UPDATE ?? SET config = ? WHERE server_id = ?";
$inst->dbmaster->query($sql, $conf["mysql"]["master_database"].".server", $new_ini, $conf['server_id']);