Skip to content
Show whitespace changes
Inline Side-by-side
install/tpl/opensuse_dovecot-sql.conf.master
View file @ 7d30386f
# This file is opened as root, so it should be owned by root and mode 0600.
#
# http://wiki.dovecot.org/AuthDatabase/SQL
#
# For the sql passdb module, you'll need a database with a table that
# contains fields for at least the username and password. If you want to
# use the user@domain syntax, you might want to have a separate domain
# field as well.
#
# If your users all have the same uig/gid, and have predictable home
# directories, you can use the static userdb module to generate the home
# dir based on the username and domain. In this case, you won't need fields
# for home, uid, or gid in the database.
#
# If you prefer to use the sql userdb module, you'll want to add fields
# for home, uid, and gid. Here is an example table:
#
# CREATE TABLE users (
# username VARCHAR(128) NOT NULL,
# domain VARCHAR(128) NOT NULL,
# password VARCHAR(64) NOT NULL,
# home VARCHAR(255) NOT NULL,
# uid INTEGER NOT NULL,
# gid INTEGER NOT NULL,
# active CHAR(1) DEFAULT 'Y' NOT NULL
# );
# Database driver: mysql, pgsql, sqlite
#driver =
# Database connection string. This is driver-specific setting.
#
# pgsql:
# For available options, see the PostgreSQL documention for the
# PQconnectdb function of libpq.
#
# mysql:
# Basic options emulate PostgreSQL option names:
# host, port, user, password, dbname
#
# But also adds some new settings:
# client_flags - See MySQL manual
# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
# ssl_cert, ssl_key - For sending client-side certificates to server
# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
# option_file - Read options from the given file instead of
# the default my.cnf location
# option_group - Read options from the given group (default: client)
#
# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
# Note that currently you can't use spaces in parameters.
#
# MySQL supports multiple host parameters for load balancing / HA.
#
# sqlite:
# The path to the database file.
#
# Examples:
# connect = host=192.168.1.1 dbname=users
# connect = host=sql.example.com dbname=virtual user=virtual password=blarg
# connect = /etc/dovecot/authdb.sqlite
#
#connect =
# Default password scheme.
#
# List of supported schemes is in
# http://wiki.dovecot.org/Authentication/PasswordSchemes
#
#default_pass_scheme = MD5
# passdb query to retrieve the password. It can return fields:
# password - The user's password. This field must be returned.
# user - user@domain from the database. Needed with case-insensitive lookups.
# username and domain - An alternative way to represent the "user" field.
#
# The "user" field is often necessary with case-insensitive lookups to avoid
# e.g. "name" and "nAme" logins creating two different mail directories. If
# your user and domain names are in separate fields, you can return "username"
# and "domain" fields instead of "user".
#
# The query can also return other fields which have a special meaning, see
# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
#
# Commonly used available substitutions (see http://wiki.dovecot.org/Variables
# for full list):
# %u = entire user@domain
# %n = user part of user@domain
# %d = domain part of user@domain
#
# Note that these can be used only as input to SQL query. If the query outputs
# any of these substitutions, they're not touched. Otherwise it would be
# difficult to have eg. usernames containing '%' characters.
#
# Example:
# password_query = SELECT userid AS user, pw AS password \
# FROM users WHERE userid = '%u' AND active = 'Y'
#
#password_query = \
# SELECT username, domain, password \
# FROM users WHERE username = '%n' AND domain = '%d'
# userdb query to retrieve the user information. It can return fields:
# uid - System UID (overrides mail_uid setting)
# gid - System GID (overrides mail_gid setting)
# home - Home directory
# mail - Mail location (overrides mail_location setting)
#
# None of these are strictly required. If you use a single UID and GID, and
# home or mail directory fits to a template string, you could use userdb static
# instead. For a list of all fields that can be returned, see
# http://wiki.dovecot.org/UserDatabase/ExtraFields
#
# Examples:
# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
#
#user_query = \
# SELECT home, uid, gid \
# FROM users WHERE username = '%n' AND domain = '%d'
# If you wish to avoid two SQL lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
# also have to return userdb fields in password_query prefixed with "userdb_"
# string. For example:
#password_query = \
# SELECT userid AS user, password, \
# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
# FROM users WHERE userid = '%u'
driver = mysql
connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port}
......@@ -140,4 +11,4 @@ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':',
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
# Do not enable it on Dovecot 1.x servers
# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}'
# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}'
install/tpl/opensuse_postfix.conf.master
View file @ 7d30386f
......@@ -57,3 +57,5 @@ smtp_sender_dependent_authentication = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous, noplaintext
smtp_sasl_tls_security_options = noanonymous
authorized_flush_users =
authorized_mailq_users = nagios, icinga
install/tpl/server.ini.master
View file @ 7d30386f
......@@ -56,9 +56,12 @@ relayhost_user=
relayhost_password=
mailbox_size_limit=0
message_size_limit=0
mailbox_soft_delete=n
mailbox_quota_stats=y
realtime_blackhole_list=zen.spamhaus.org
overquota_notify_threshold=90
overquota_notify_admin=y
overquota_notify_reseller=y
overquota_notify_client=y
overquota_notify_freq=7
overquota_notify_onok=n
......@@ -75,6 +78,7 @@ website_path=/var/www/clients/client[client_id]/web[website_id]
website_symlinks=/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/
website_symlinks_rel=n
network_filesystem=n
vhost_rewrite_v6=n
vhost_conf_dir=/etc/apache2/sites-available
vhost_conf_enabled_dir=/etc/apache2/sites-enabled
apache_init_script=
......@@ -102,6 +106,7 @@ enable_sni=y
skip_le_check=n
enable_ip_wildcard=y
overtraffic_notify_admin=y
overtraffic_notify_reseller=y
overtraffic_notify_client=y
nginx_cgi_socket=/var/run/fcgiwrap.socket
php_fpm_init_script=php5-fpm
......@@ -118,10 +123,14 @@ connect_userid_to_webid_start=10000
web_folder_protection=y
php_ini_check_minutes=1
overtraffic_disable_web=y
overquota_notify_threshold=90
overquota_notify_admin=y
overquota_notify_reseller=y
overquota_notify_client=y
overquota_notify_freq=7
overquota_db_notify_threshold=90
overquota_db_notify_admin=y
overquota_db_notify_reseller=y
overquota_db_notify_client=y
overquota_notify_onok=n
logging=yes
......@@ -132,6 +141,7 @@ php_fpm_default_chroot=n
bind_user=root
bind_group=bind
bind_zonefiles_dir=/etc/bind
bind_keyfiles_dir=/etc/bind
named_conf_path=/etc/bind/named.conf
named_conf_local_path=/etc/bind/named.conf.local
disable_bind_log=n
......
install/tpl/system.ini.master
View file @ 7d30386f
......@@ -13,7 +13,7 @@ mailbox_show_autoresponder_tab=y
mailbox_show_mail_filter_tab=y
mailbox_show_custom_rules_tab=y
mailboxlist_webmail_link=y
webmail_url=/webmail
webmail_url=https://[SERVERNAME]:8081/webmail
dkim_path=/var/lib/amavis/dkim
smtp_enabled=y
smtp_host=localhost
......@@ -28,7 +28,7 @@ ftpuser_prefix=[CLIENTNAME]
shelluser_prefix=[CLIENTNAME]
webdavuser_prefix=[CLIENTNAME]
dblist_phpmyadmin_link=y
phpmyadmin_url=/phpmyadmin
phpmyadmin_url=https://[SERVERNAME]:8081/phpmyadmin
webftp_url=
vhost_subdomains=n
vhost_aliasdomains=n
......@@ -39,6 +39,7 @@ web_php_options=no,fast-cgi,mod,php-fpm
show_aps_menu=n
client_protection=y
ssh_authentication=
le_caa_autocreate_options=y
[tools]
......
install/uninstall.php
View file @ 7d30386f
......@@ -98,6 +98,7 @@ if($do_uninstall == 'yes') {
@exec('chattr -i /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
@unlink("/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter");
@unlink("/var/www/php-fcgi-scripts/ispconfig");
@unlink("/etc/ssl/private/pure-ftpd.pem");
echo "Backups in /var/backup/ and log files in /var/log/ispconfig are not deleted.";
echo "Finished uninstalling.\n";
......
install/update.php
View file @ 7d30386f
......@@ -216,6 +216,19 @@ if($do_backup == 'yes') {
exec("tar pcfz $backup_path/etc.tar.gz /etc 2> /dev/null", $out, $returnvar);
if($returnvar != 0) die("Backup failed. We stop here...\n");
if (is_dir('/root/.acme.sh')) {
swriteln('Creating backup of "/root/.acme.sh" directory...');
exec("tar pcfz $backup_path/acme.sh.tar.gz /root/.acme.sh 2> /dev/null", $out, $returnvar);
if($returnvar != 0) die("Backup failed. We stop here...\n");
}
if (is_dir('/etc/letsencrypt')) {
swriteln('Creating backup of "/etc/letsencrypt" directory...');
exec("tar pcfz $backup_path/certbot.tar.gz /etc/letsencrypt 2> /dev/null", $out, $returnvar);
if($returnvar != 0) die("Backup failed. We stop here...\n");
}
exec("chown root:root $backup_path/*.tar.gz");
exec("chmod 700 $backup_path/*.tar.gz");
}
......@@ -356,7 +369,7 @@ $conf['services']['db'] = check_service_config_state('db_server', true); /* Will
unset($current_svc_config);
//** Write new decisions into DB
$sql = "UPDATE ?? SET mail_server = '{$conf['services']['mail']}', web_server = '{$conf['services']['web']}', dns_server = '{$conf['services']['dns']}', file_server = '{$conf['services']['file']}', db_server = '{$conf['services']['db']}', vserver_server = '{$conf['services']['vserver']}', proxy_server = '{$conf['services']['proxy']}', firewall_server = '$firewall_server_enabled', xmpp_server = '$xmpp_server_enabled' WHERE server_id = ?";
$sql = "UPDATE ?? SET mail_server = '{$conf['services']['mail']}', web_server = '{$conf['services']['web']}', dns_server = '{$conf['services']['dns']}', file_server = '{$conf['services']['file']}', db_server = '{$conf['services']['db']}', vserver_server = '{$conf['services']['vserver']}', proxy_server = '{$conf['services']['proxy']}', firewall_server = '{$conf['services']['firewall']}', xmpp_server = '{$conf['services']['xmpp']}' WHERE server_id = ?";
$inst->db->query($sql, $conf['mysql']['database'].'.server', $conf['server_id']);
if($conf['mysql']['master_slave_setup'] == 'y') {
$inst->dbmaster->query($sql, $conf['mysql']['master_database'].'.server', $conf['server_id']);
......@@ -499,6 +512,12 @@ if($reconfigure_services_answer == 'yes' || $reconfigure_services_answer == 'sel
$inst->configure_xmpp('dont-create-certs');
}
// Configure AppArmor
if($conf['apparmor']['installed']){
swriteln('Configuring AppArmor');
$inst->configure_apparmor();
}
if($conf['services']['firewall'] && $inst->reconfigure_app('Firewall', $reconfigure_services_answer)) {
if($conf['ufw']['installed'] == true) {
//* Configure Ubuntu Firewall
......@@ -543,7 +562,7 @@ if($conf['apache']['installed'] == true) {
if ($inst->install_ispconfig_interface) {
//** Customise the port ISPConfig runs on
$ispconfig_port_number = get_ispconfig_port_number();
if($autoupdate['ispconfig_port'] == 'default') $autoupdate['ispconfig_port'] = $ispconfig_port_number;
if(isset($autoupdate['ispconfig_port']) && $autoupdate['ispconfig_port'] == 'default') $autoupdate['ispconfig_port'] = $ispconfig_port_number;
if($conf['webserver']['server_type'] == 'nginx'){
$conf['nginx']['vhost_port'] = $inst->free_query('ISPConfig Port', $ispconfig_port_number,'ispconfig_port');
} else {
......@@ -588,13 +607,13 @@ if($update_crontab_answer == 'yes') {
//** Restart services:
if($reconfigure_services_answer == 'yes') {
swriteln('Restarting services ...');
if($conf['mysql']['installed'] == true && $conf['mysql']['init_script'] != '') system($inst->getinitcommand($conf['mysql']['init_script'], 'restart').' >/dev/null 2>&1');
if($conf['mysql']['installed'] == true && isset($conf['mysql']['init_script']) && $conf['mysql']['init_script'] != '') system($inst->getinitcommand($conf['mysql']['init_script'], 'restart').' >/dev/null 2>&1');
if($conf['services']['mail']) {
if($conf['postfix']['installed'] == true && $conf['postfix']['init_script'] != '') system($inst->getinitcommand($conf['postfix']['init_script'], 'restart'));
if($conf['saslauthd']['installed'] == true && $conf['saslauthd']['init_script'] != '') system($inst->getinitcommand($conf['saslauthd']['init_script'], 'restart'));
if($conf['amavis']['installed'] == true && $conf['amavis']['init_script'] != '') system($inst->getinitcommand($conf['amavis']['init_script'], 'restart'));
if($conf['rspamd']['installed'] == true && $conf['rspamd']['init_script'] != '') system($inst->getinitcommand($conf['rspamd']['init_script'], 'restart'));
if($conf['clamav']['installed'] == true && $conf['clamav']['init_script'] != '' && $conf['amavis']['installed'] == true) system($inst->getinitcommand($conf['clamav']['init_script'], 'restart'));
if($conf['postfix']['installed'] == true && isset($conf['postfix']['init_script']) && $conf['postfix']['init_script'] != '') system($inst->getinitcommand($conf['postfix']['init_script'], 'restart'));
if($conf['saslauthd']['installed'] == true && isset($conf['saslauthd']['init_script']) && $conf['saslauthd']['init_script'] != '') system($inst->getinitcommand($conf['saslauthd']['init_script'], 'restart'));
if($conf['amavis']['installed'] == true && isset($conf['amavis']['init_script']) && $conf['amavis']['init_script'] != '') system($inst->getinitcommand($conf['amavis']['init_script'], 'restart'));
if($conf['rspamd']['installed'] == true && isset($conf['rspamd']['init_script']) && $conf['rspamd']['init_script'] != '') system($inst->getinitcommand($conf['rspamd']['init_script'], 'restart'));
if($conf['clamav']['installed'] == true && isset($conf['clamav']['init_script']) && $conf['clamav']['init_script'] != '' && $conf['amavis']['installed'] == true) system($inst->getinitcommand($conf['clamav']['init_script'], 'restart'));
if($conf['courier']['installed'] == true){
if($conf['courier']['courier-authdaemon'] != '') system($inst->getinitcommand($conf['courier']['courier-authdaemon'], 'restart'));
if($conf['courier']['courier-imap'] != '') system($inst->getinitcommand($conf['courier']['courier-imap'], 'restart'));
......@@ -602,8 +621,8 @@ if($reconfigure_services_answer == 'yes') {
if($conf['courier']['courier-pop'] != '') system($inst->getinitcommand($conf['courier']['courier-pop'], 'restart'));
if($conf['courier']['courier-pop-ssl'] != '') system($inst->getinitcommand($conf['courier']['courier-pop-ssl'], 'restart'));
}
if($conf['dovecot']['installed'] == true && $conf['dovecot']['init_script'] != '') system($inst->getinitcommand($conf['dovecot']['init_script'], 'restart'));
if($conf['mailman']['installed'] == true && $conf['mailman']['init_script'] != '') system('nohup '.$inst->getinitcommand($conf['mailman']['init_script'], 'restart').' >/dev/null 2>&1 &');
if($conf['dovecot']['installed'] == true && isset($conf['dovecot']['init_script']) && $conf['dovecot']['init_script'] != '') system($inst->getinitcommand($conf['dovecot']['init_script'], 'restart'));
if($conf['mailman']['installed'] == true && isset($conf['mailman']['init_script']) && $conf['mailman']['init_script'] != '') system('nohup '.$inst->getinitcommand($conf['mailman']['init_script'], 'restart').' >/dev/null 2>&1 &');
}
if($conf['services']['web'] || $inst->install_ispconfig_interface) {
if($conf['webserver']['server_type'] == 'apache') {
......@@ -617,27 +636,27 @@ if($reconfigure_services_answer == 'yes') {
//* Reload is enough for nginx
if($conf['webserver']['server_type'] == 'nginx'){
if($conf['nginx']['php_fpm_init_script'] != '') system($inst->getinitcommand($conf['nginx']['php_fpm_init_script'], 'reload'));
if($conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'reload'));
if(isset($conf['nginx']['init_script']) && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'reload'));
}
if($conf['pureftpd']['installed'] == true && $conf['pureftpd']['init_script'] != '') system($inst->getinitcommand($conf['pureftpd']['init_script'], 'restart'));
if($conf['pureftpd']['installed'] == true && isset($conf['pureftpd']['init_script']) && $conf['pureftpd']['init_script'] != '') system($inst->getinitcommand($conf['pureftpd']['init_script'], 'restart'));
}
if($conf['services']['dns']) {
if($conf['mydns']['installed'] == true && $conf['mydns']['init_script'] != '') system($inst->getinitcommand($conf['mydns']['init_script'], 'restart').' &> /dev/null');
if($conf['powerdns']['installed'] == true && $conf['powerdns']['init_script'] != '') system($inst->getinitcommand($conf['powerdns']['init_script'], 'restart').' &> /dev/null');
if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '') system($inst->getinitcommand($conf['bind']['init_script'], 'restart').' &> /dev/null');
if($conf['mydns']['installed'] == true && isset($conf['mydns']['init_script']) && $conf['mydns']['init_script'] != '') system($inst->getinitcommand($conf['mydns']['init_script'], 'restart').' &> /dev/null');
if($conf['powerdns']['installed'] == true && isset($conf['powerdns']['init_script']) && $conf['powerdns']['init_script'] != '') system($inst->getinitcommand($conf['powerdns']['init_script'], 'restart').' &> /dev/null');
if($conf['bind']['installed'] == true && isset($conf['bind']['init_script']) && $conf['bind']['init_script'] != '') system($inst->getinitcommand($conf['bind']['init_script'], 'restart').' &> /dev/null');
}
if($conf['services']['xmpp']) {
if($conf['xmpp']['installed'] == true && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null');
if($conf['xmpp']['installed'] == true && isset($conf['xmpp']['init_script']) && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null');
}
if($conf['services']['proxy']) {
// if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null');
// if($conf['squid']['installed'] == true && isset($conf['squid']['init_script']) && $conf['squid']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
if($conf['nginx']['installed'] == true && isset($conf['nginx']['init_script']) && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null');
}
if($conf['services']['firewall']) {
if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['ufw']['init_script'])) system($conf['init_scripts'].'/'.$conf['ufw']['init_script'].' restart &> /dev/null');
if($conf['ufw']['installed'] == true && isset($conf['ufw']['init_script']) && $conf['ufw']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['ufw']['init_script'])) system($conf['init_scripts'].'/'.$conf['ufw']['init_script'].' restart &> /dev/null');
}
}
......@@ -651,6 +670,11 @@ $md5_filename = '/usr/local/ispconfig/security/data/file_checksums_'.date('Y-m-d
exec('find /usr/local/ispconfig -type f -print0 | xargs -0 md5sum > '.$md5_filename . ' 2>/dev/null');
chmod($md5_filename,0700);
// TODO: In a future update, stop the update script when running courier
if ($conf['courier']['installed'] == true) {
swriteln('WARNING: You are running Courier. We are removing support for Courier from ISPConfig. Migrate your system to Dovecot as soon as possible. See https://www.howtoforge.com/community/threads/migrate-from-courier-to-dovecot-on-your-ispconfig-managed-mailserver.88523/ for more information.');
}
echo "Update finished.\n";
?>
interface/lib/app.inc.php 100755 → 100644
View file @ 7d30386f
......@@ -28,6 +28,10 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
if(version_compare(phpversion(), '7.0', '<')) {
require_once 'compatibility.inc.php';
}
//* Enable gzip compression for the interface
ob_start('ob_gzhandler');
......@@ -35,8 +39,8 @@ ob_start('ob_gzhandler');
if(isset($conf['timezone']) && $conf['timezone'] != '') date_default_timezone_set($conf['timezone']);
//* Set error reporting level when we are not on a developer system
if(DEVSYSTEM == 0) {
@ini_set('error_reporting', E_ALL & ~E_NOTICE & ~E_DEPRECATED);
if(DEVSYSTEM !== true) {
@ini_set('error_reporting', E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_WARNING);
}
/*
......@@ -208,6 +212,12 @@ class app {
}
}
public function auth_log($msg) {
$authlog_handle = fopen($this->_conf['ispconfig_log_dir'].'/auth.log', 'a');
fwrite($authlog_handle, $msg . PHP_EOL);
fclose($authlog_handle);
}
/** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */
public function error($msg, $next_link = '', $stop = true, $priority = 1) {
//$this->uses("error");
......
interface/lib/classes/auth.inc.php
View file @ 7d30386f
......@@ -231,7 +231,7 @@ class auth {
public function get_random_password($minLength = 8, $special = false) {
if($minLength < 8) $minLength = 8;
$maxLength = $minLength + 5;
$length = mt_rand($minLength, $maxLength);
$length = random_int($minLength, $maxLength);
$alphachars = "abcdefghijklmnopqrstuvwxyz";
$upperchars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
......@@ -240,28 +240,28 @@ class auth {
$num_special = 0;
if($special == true) {
$num_special = intval(mt_rand(0, round($length / 4))) + 1;
$num_special = intval(random_int(0, round($length / 4))) + 1;
}
$numericlen = mt_rand(1, 2);
$numericlen = random_int(1, 2);
$alphalen = $length - $num_special - $numericlen;
$upperlen = intval($alphalen / 2);
$alphalen = $alphalen - $upperlen;
$password = '';
for($i = 0; $i < $alphalen; $i++) {
$password .= substr($alphachars, mt_rand(0, strlen($alphachars) - 1), 1);
$password .= substr($alphachars, random_int(0, strlen($alphachars) - 1), 1);
}
for($i = 0; $i < $upperlen; $i++) {
$password .= substr($upperchars, mt_rand(0, strlen($upperchars) - 1), 1);
$password .= substr($upperchars, random_int(0, strlen($upperchars) - 1), 1);
}
for($i = 0; $i < $num_special; $i++) {
$password .= substr($specialchars, mt_rand(0, strlen($specialchars) - 1), 1);
$password .= substr($specialchars, random_int(0, strlen($specialchars) - 1), 1);
}
for($i = 0; $i < $numericlen; $i++) {
$password .= substr($numchars, mt_rand(0, strlen($numchars) - 1), 1);
$password .= substr($numchars, random_int(0, strlen($numchars) - 1), 1);
}
return str_shuffle($password);
......@@ -298,8 +298,8 @@ class auth {
public function csrf_token_get($form_name) {
/* CSRF PROTECTION */
// generate csrf protection id and key
$_csrf_id = uniqid($form_name . '_'); // form id
$_csrf_key = sha1(uniqid(microtime(true), true)); // the key
$_csrf_id = $form_name . '_' . bin2hex(random_bytes(12)); // form id
$_csrf_key = sha1(random_bytes(20)); // the key
if(!isset($_SESSION['_csrf'])) $_SESSION['_csrf'] = array();
if(!isset($_SESSION['_csrf_timeout'])) $_SESSION['_csrf_timeout'] = array();
$_SESSION['_csrf'][$_csrf_id] = $_csrf_key;
......
interface/lib/classes/db_mysql.inc.php
View file @ 7d30386f
......@@ -82,6 +82,8 @@ class db
$this->dbClientFlags = ($flags !== NULL) ? $flags : $conf['db_client_flags'];
$this->_iConnId = mysqli_init();
mysqli_report(MYSQLI_REPORT_OFF);
mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags);
for($try=0;(!is_object($this->_iConnId) || mysqli_connect_errno()) && $try < 5;++$try) {
sleep($try);
......@@ -524,7 +526,7 @@ class db
$sString = '';
}
$cur_encoding = mb_detect_encoding($sString);
$cur_encoding = mb_detect_encoding($sString, "auto");
if($cur_encoding != "UTF-8") {
if($cur_encoding != 'ASCII') {
if(is_object($app) && method_exists($app, 'log')) $app->log('String ' . substr($sString, 0, 25) . '... is ' . $cur_encoding . '.', LOGLEVEL_DEBUG);
......
interface/lib/classes/functions.inc.php
View file @ 7d30386f
......@@ -28,6 +28,8 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once __DIR__.'/../compatibility.inc.php';
//* The purpose of this library is to provide some general functions.
//* This class is loaded automatically by the ispconfig framework.
......@@ -332,6 +334,14 @@ class functions {
$domain = substr($domain, strrpos($domain, '@') + 1);
}
// idn_to_* chokes on leading dots, but we need them for amavis, so remove it for later
if(substr($domain, 0, 1) === '.') {
$leading_dot = true;
$domain = substr($domain, 1);
} else {
$leading_dot = false;
}
if($encode == true) {
if(function_exists('idn_to_ascii')) {
if(defined('IDNA_NONTRANSITIONAL_TO_ASCII') && defined('INTL_IDNA_VARIANT_UTS46') && constant('IDNA_NONTRANSITIONAL_TO_ASCII')) {
......@@ -376,6 +386,10 @@ class functions {
}
}
if($leading_dot == true) {
$domain = '.' . $domain;
}
if($user_part !== false) return $user_part . '@' . $domain;
else return $domain;
}
......@@ -437,10 +451,10 @@ class functions {
$iteration = 0;
$password = "";
$maxLength = $minLength + 5;
$length = $this->getRandomInt($minLength, $maxLength);
$length = random_int($minLength, $maxLength);
while($iteration < $length){
$randomNumber = (floor(((mt_rand() / mt_getrandmax()) * 100)) % 94) + 33;
$randomNumber = random_int(33, 126);
if(!$special){
if (($randomNumber >=33) && ($randomNumber <=47)) { continue; }
if (($randomNumber >=58) && ($randomNumber <=64)) { continue; }
......@@ -455,10 +469,6 @@ class functions {
return $password;
}
public function getRandomInt($min, $max){
return floor((mt_rand() / mt_getrandmax()) * ($max - $min + 1)) + $min;
}
public function generate_customer_no(){
global $app;
// generate customer no.
......@@ -474,14 +484,17 @@ class functions {
global $app;
// generate the SSH key pair for the client
$id_rsa_file = '/tmp/'.uniqid('',true);
if (! $tmpdir = $app->system->exec_safe('mktemp -dt id_rsa.XXXXXXXX')) {
$app->log("mktemp failed, cannot create SSH keypair for ".$username, LOGLEVEL_WARN);
}
$id_rsa_file = $tmpdir . uniqid('',true);
$id_rsa_pub_file = $id_rsa_file.'.pub';
if(file_exists($id_rsa_file)) unset($id_rsa_file);
if(file_exists($id_rsa_pub_file)) unset($id_rsa_pub_file);
if(!file_exists($id_rsa_file) && !file_exists($id_rsa_pub_file)) {
$app->system->exec_safe('ssh-keygen -t rsa -C ? -f ? -N ""', $username.'-rsa-key-'.time(), $id_rsa_file);
$app->db->query("UPDATE client SET created_at = UNIX_TIMESTAMP(), id_rsa = ?, ssh_rsa = ? WHERE client_id = ?", @file_get_contents($id_rsa_file), @file_get_contents($id_rsa_pub_file), $client_id);
$app->system->exec_safe('rm -f ? ?', $id_rsa_file, $id_rsa_pub_file);
$app->system->rmdir($tmpdir, true);
} else {
$app->log("Failed to create SSH keypair for ".$username, LOGLEVEL_WARN);
}
......
interface/lib/classes/ids.inc.php
View file @ 7d30386f
......@@ -77,7 +77,7 @@ class ids {
$line = trim($line);
if(substr($line,0,1) != '#') {
list($user,$path,$varname) = explode(':',$line);
if($current_script_name == $path) {
if($current_script_name == $path || $path == '*') {
if($user = 'any'
|| ($user == 'user' && ($_SESSION['s']['user']['typ'] == 'user' || $_SESSION['s']['user']['typ'] == 'admin'))
|| ($user == 'admin' && $_SESSION['s']['user']['typ'] == 'admin')) {
......@@ -100,7 +100,7 @@ class ids {
$line = trim($line);
if(substr($line,0,1) != '#') {
list($user,$path,$varname) = explode(':',$line);
if($current_script_name == $path) {
if($current_script_name == $path || $path == '*') {
if($user = 'any'
|| ($user == 'user' && ($_SESSION['s']['user']['typ'] == 'user' || $_SESSION['s']['user']['typ'] == 'admin'))
|| ($user == 'admin' && $_SESSION['s']['user']['typ'] == 'admin')) {
......
interface/lib/classes/listform.inc.php
View file @ 7d30386f
......@@ -80,7 +80,7 @@ class listform {
private function getDatasourceData($field)
{
global $app;
global $app, $api;
$values = array();
if($field['datasource']['type'] == 'SQL') {
......@@ -97,7 +97,8 @@ class listform {
$querystring = str_replace("{AUTHSQL}", $app->tform->getAuthSQL('r'), $querystring);
$querystring = str_replace("{AUTHSQL-A}", $app->tform->getAuthSQL('r', 'a'), $querystring);
$querystring = str_replace("{AUTHSQL-B}", $app->tform->getAuthSQL('r', 'b'), $querystring);
$querystring = preg_replace_callback('@{AUTHSQL::(.+?)}@', create_function('$matches','global $app; $tmp = $app->tform->getAuthSQL("r", $matches[1]); return $tmp;'), $querystring);
//$querystring = preg_replace_callback('@{AUTHSQL::(.+?)}@', create_function('$matches','global $app; $tmp = $app->tform->getAuthSQL("r", $matches[1]); return $tmp;'), $querystring);
$querystring = preg_replace_callback('@{AUTHSQL::(.+?)}@', function($matches) {global $app; $tmp = $app->tform->getAuthSQL("r", $matches[1]); return $tmp;}, $querystring);
//* Getting the records
$tmp_records = $app->db->queryAllRecords($querystring);
......@@ -195,9 +196,9 @@ class listform {
if(@is_array($this->listDef['item'])) {
foreach($this->listDef['item'] as $i) {
$field = $i['field'];
$table = $i['table'];
$table = (isset($i['table']))?$i['table']:'';
$searchval = $_SESSION['search'][$list_name][$search_prefix.$field];
$searchval = (isset($_SESSION['search'][$list_name][$search_prefix.$field]))?$_SESSION['search'][$list_name][$search_prefix.$field]:'';
// IDN
if($searchval != ''){
if(is_array($i['filters'])) {
......@@ -325,7 +326,7 @@ class listform {
if($this->searchChanged == 1) $_SESSION['search'][$list_name]['page'] = 0;
$sql_von = $app->functions->intval($_SESSION['search'][$list_name]['page'] * $records_per_page);
$record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM ??".($app->listform->listDef['additional_tables'] != ''? ','.$app->listform->listDef['additional_tables'] : '')." WHERE $sql_where", $table);
$record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM ??".(isset($app->listform->listDef['additional_tables']) && $app->listform->listDef['additional_tables'] != ''? ','.$app->listform->listDef['additional_tables'] : '')." WHERE $sql_where", $table);
$pages = $app->functions->intval(($record_count['anzahl'] - 1) / $records_per_page);
......
interface/lib/classes/listform_actions.inc.php
View file @ 7d30386f
......@@ -135,7 +135,7 @@ class listform_actions {
}
}
if($_SESSION['search'][$_SESSION['s']['module']['name'].$app->listform->listDef["name"].$app->listform->listDef['table']]['order_in_php']) $php_sort = true;
if(@$_SESSION['search'][$_SESSION['s']['module']['name'].$app->listform->listDef["name"].$app->listform->listDef['table']]['order_in_php']) $php_sort = true;
// Getting Datasets from DB
$records = $app->db->queryAllRecords($this->getQueryString($php_sort));
......@@ -189,7 +189,7 @@ class listform_actions {
//* substitute value for select fields
if(is_array($app->listform->listDef['item']) && count($app->listform->listDef['item']) > 0) {
foreach($app->listform->listDef['item'] as $field) {
if($rec['active'] == 'n') $rec['warn_inactive'] = 'y';
if(isset($rec['active']) && $rec['active'] == 'n') $rec['warn_inactive'] = 'y';
$key = $field['field'];
if(isset($field['formtype']) && $field['formtype'] == 'SELECT') {
if(strtolower($rec[$key]) == 'y' or strtolower($rec[$key]) == 'n') {
......@@ -226,7 +226,7 @@ class listform_actions {
}
$sql_where = $app->listform->getSearchSQL($sql_where);
if($app->listform->listDef['join_sql']) $sql_where .= ' AND '.$app->listform->listDef['join_sql'];
if(isset($app->listform->listDef['join_sql'])) $sql_where .= ' AND '.$app->listform->listDef['join_sql'];
$app->tpl->setVar($app->listform->searchValues);
$order_by_sql = $this->SQLOrderBy;
......@@ -245,8 +245,9 @@ class listform_actions {
$table_selects = array();
$table_selects[] = trim($app->listform->listDef['table']).'.*';
if(isset($app->listform->listDef['additional_tables']) && trim($app->listform->listDef['additional_tables']) != ''){
$app->listform->listDef['additional_tables'] = trim($app->listform->listDef['additional_tables']);
if($app->listform->listDef['additional_tables'] != ''){
$additional_tables = explode(',', $app->listform->listDef['additional_tables']);
foreach($additional_tables as $additional_table){
$table_selects[] = trim($additional_table).'.*';
......@@ -254,7 +255,7 @@ class listform_actions {
}
$select = implode(', ', $table_selects);
$sql = 'SELECT '.$select.$extselect.' FROM '.$app->listform->listDef['table'].($app->listform->listDef['additional_tables'] != ''? ','.$app->listform->listDef['additional_tables'] : '')."$join WHERE $sql_where $order_by_sql";
$sql = 'SELECT '.$select.$extselect.' FROM '.$app->listform->listDef['table'].(isset($app->listform->listDef['additional_tables']) && $app->listform->listDef['additional_tables'] != ''? ','.$app->listform->listDef['additional_tables'] : '')."$join WHERE $sql_where $order_by_sql";
if($no_limit == false) $sql .= " $limit_sql";
//echo $sql;
return $sql;
......
interface/lib/classes/plugin_backuplist.inc.php
View file @ 7d30386f
......@@ -160,7 +160,7 @@ class plugin_backuplist extends plugin_base {
//* Get the data
$server_ids = array();
$web = $app->db->queryOneRecord("SELECT server_id FROM web_domain WHERE domain_id = ?", $this->form->id);
$web = $app->db->queryOneRecord("SELECT server_id, backup_format_web, backup_format_db, backup_password, backup_encrypt FROM web_domain WHERE domain_id = ?", $this->form->id);
$databases = $app->db->queryAllRecords("SELECT server_id FROM web_database WHERE parent_domain_id = ?", $this->form->id);
if($app->functions->intval($web['server_id']) > 0) $server_ids[] = $app->functions->intval($web['server_id']);
if(is_array($databases) && !empty($databases)){
......@@ -181,8 +181,33 @@ class plugin_backuplist extends plugin_base {
$rec["bgcolor"] = $bgcolor;
$rec['date'] = date($app->lng('conf_format_datetime'), $rec['tstamp']);
$backup_format = $rec['backup_format'];
if (empty($backup_format)) {
$backup_mode = $rec['backup_mode'];
if ($backup_mode === 'borg') {
// Get backup format from domain config
switch ($rec['backup_type']) {
case 'mysql':
$backup_format = $web['backup_format_db'];
if (empty($backup_format) || $backup_format == 'default') {
$backup_format = self::getDefaultBackupFormat('rootgz', 'mysql');
}
$rec['filename'] .= self::getBackupDbExtension($backup_format);
break;
case 'web':
$backup_format = $web['backup_format_web'];
if (empty($backup_format) || $backup_format == 'default') {
$backup_format = self::getDefaultBackupFormat($backup_mode, 'web');
}
$rec['filename'] .= self::getBackupWebExtension($backup_format);
break;
default:
$app->log('Unsupported backup type "' . $rec['backup_type'] . '" for backup id ' . $rec['backup_id'], LOGLEVEL_ERROR);
break;
}
$rec['backup_password'] = $web['backup_encrypt'] == 'y' ? trim($web['backup_password']) : '';
} elseif (empty($backup_format)) {
//We have a backup from old version of ISPConfig
switch ($rec['backup_type']) {
case 'mysql':
......@@ -210,7 +235,13 @@ class plugin_backuplist extends plugin_base {
if($rec['server_id'] != $web['server_id']) $rec['download_available'] = false;
if($rec['filesize'] > 0){
$rec['filesize'] = $app->functions->currency_format($rec['filesize']/(1024*1024), 'client').' MB';
$rec['filesize'] = $app->functions->currency_format($rec['filesize']/(1024*1024), 'client').'&nbsp;MB';
if($backup_mode === "borg") {
$rec['filesize'] = '<a href="javascript:void(0)" data-toggle="tooltip" title="'
. $wb['final_size_txt']
. '"><strong>*</strong></a>'
. $rec['filesize'];
}
}
$records_new[] = $rec;
......@@ -235,6 +266,73 @@ class plugin_backuplist extends plugin_base {
return $listTpl->grab();
}
/**
* Returns file extension for specified backup format
* @param string $format backup format
* @return string|null
* @author Ramil Valitov <ramilvalitov@gmail.com>
*/
protected static function getBackupDbExtension($format)
{
$prefix = '.sql';
switch ($format) {
case 'gzip':
return $prefix . '.gz';
case 'bzip2':
return $prefix . '.bz2';
case 'xz':
return $prefix . '.xz';
case 'zip':
case 'zip_bzip2':
return '.zip';
case 'rar':
return '.rar';
}
if (strpos($format, "7z_") === 0) {
return $prefix . '.7z';
}
return null;
}
/**
* Returns file extension for specified backup format
* @param string $format backup format
* @return string|null
* @author Ramil Valitov <ramilvalitov@gmail.com>
*/
protected static function getBackupWebExtension($format)
{
switch ($format) {
case 'tar_gzip':
return '.tar.gz';
case 'tar_bzip2':
return '.tar.bz2';
case 'tar_xz':
return '.tar.xz';
case 'zip':
case 'zip_bzip2':
return '.zip';
case 'rar':
return '.rar';
}
if (strpos($format, "tar_7z_") === 0) {
return '.tar.7z';
}
return null;
}
protected static function getDefaultBackupFormat($backup_mode, $backup_type)
{
//We have a backup from old version of ISPConfig
switch ($backup_type) {
case 'mysql':
return 'gzip';
case 'web':
return ($backup_mode == 'userzip') ? 'zip' : 'tar_gzip';
}
return "";
}
}
?>
interface/lib/classes/quota_lib.inc.php
View file @ 7d30386f
......@@ -326,7 +326,7 @@ class quota_lib {
if($used_ratio >= 0.8) $databases[$i]['display_colour'] = '#fd934f';
if($used_ratio >= 1) $databases[$i]['display_colour'] = '#cc0000';
if($databases[$i]['database_quota'] == 0){
if($databases[$i]['database_quota'] == -1) {
$databases[$i]['database_quota'] = $app->lng('unlimited_txt');
} else {
$databases[$i]['database_quota'] = $databases[$i]['database_quota'] . ' MB';
......
interface/lib/classes/remote.d/client.inc.php
View file @ 7d30386f
......@@ -397,6 +397,8 @@ class remoting_client extends remoting {
return false;
}
// DUPLICATE CODE IN interface/web/client/client_del.php
$client_id = $app->functions->intval($client_id);
if($client_id > 0) {
......@@ -413,7 +415,7 @@ class remoting_client extends remoting {
$app->db->query("DELETE FROM sys_user WHERE client_id = ?", $client_id);
//* Delete all records (sub-clients, mail, web, etc....) of this client.
$tables = 'cron,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic,domain,mail_mailinglist,client,spamfilter_wblist';
$tables = 'cron,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,mail_domain,support_message,web_database,web_database_user,web_domain,web_traffic,domain,mail_mailinglist,client,spamfilter_wblist';
$tables_array = explode(',', $tables);
$client_group_id = $app->functions->intval($client_group['groupid']);
if($client_group_id > 1) {
......
interface/lib/classes/remote.d/dns.inc.php
View file @ 7d30386f
......@@ -42,7 +42,7 @@ class remoting_dns extends remoting {
// DNS Function --------------------------------------------------------------------------------------------------
//* Create Zone with Template
public function dns_templatezone_add($session_id, $client_id, $template_id, $domain, $ip, $ns1, $ns2, $email) {
public function dns_templatezone_add($session_id, $client_id, $template_id, $domain, $ip, $ns1, $ns2, $email, $ipv6 = '') {
global $app, $conf;
if(!$this->checkPerm($session_id, 'dns_templatezone_add')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
......@@ -63,6 +63,7 @@ class remoting_dns extends remoting {
$tpl_content = $template_record['template'];
if($domain != '') $tpl_content = str_replace('{DOMAIN}', $domain, $tpl_content);
if($ip != '') $tpl_content = str_replace('{IP}', $ip, $tpl_content);
if($ipv6 != '') $tpl_content = str_replace('{IPV6}', $ipv6, $tpl_content);
if($ns1 != '') $tpl_content = str_replace('{NS1}', $ns1, $tpl_content);
if($ns2 != '') $tpl_content = str_replace('{NS2}', $ns2, $tpl_content);
if($email != '') $tpl_content = str_replace('{EMAIL}', $email, $tpl_content);
......@@ -604,6 +605,28 @@ class remoting_dns extends remoting {
// ----------------------------------------------------------------------------------------------------------------
//* Get record details
public function dns_ds_get($session_id, $primary_id) {
return $this->dns_rr_get($session_id, $primary_id, 'DS');
}
//* Add a record
public function dns_ds_add($session_id, $client_id, $params, $update_serial=false) {
return $this->dns_rr_add($session_id, $client_id, $params, $update_serial, 'DS');
}
//* Update a record
public function dns_ds_update($session_id, $client_id, $primary_id, $params, $update_serial=false) {
return $this->dns_rr_update($session_id, $client_id, $primary_id, $params, $update_serial, 'DS');
}
//* Delete a record
public function dns_ds_delete($session_id, $primary_id, $update_serial=false) {
return $this->dns_rr_delete($session_id, $primary_id, $update_serial, 'DS');
}
// ----------------------------------------------------------------------------------------------------------------
//* Get record details
public function dns_ptr_get($session_id, $primary_id) {
return $this->dns_rr_get($session_id, $primary_id, 'PTR');
......
interface/lib/classes/remote.d/mail.inc.php
View file @ 7d30386f
......@@ -60,7 +60,7 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$primary_id = $this->insertQuery('../mail/form/mail_domain.tform.php', $client_id, $params);
$primary_id = $this->insertQuery('../mail/form/mail_domain.tform.php', $client_id, $params, 'mail:mail_domain:on_after_insert');
return $primary_id;
}
......@@ -71,7 +71,7 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->updateQuery('../mail/form/mail_domain.tform.php', $client_id, $primary_id, $params);
$affected_rows = $this->updateQuery('../mail/form/mail_domain.tform.php', $client_id, $primary_id, $params, 'mail:mail_domain:on_after_update');
return $affected_rows;
}
......@@ -82,7 +82,7 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../mail/form/mail_domain.tform.php', $primary_id);
$affected_rows = $this->deleteQuery('../mail/form/mail_domain.tform.php', $primary_id, 'mail:mail_domain:on_after_delete');
return $affected_rows;
}
......@@ -196,6 +196,24 @@ class remoting_mail extends remoting {
return $app->remoting_lib->getDataRecord($primary_id);
}
//* Get mail user details for all account that belong to a client.
public function mail_user_get_all_by_client($session_id, $client_id)
{
global $app;
if(!$this->checkPerm($session_id, 'mail_user_get_all_by_client')) {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$app->uses('remoting_lib');
$sql = "SELECT u.* FROM `mail_user` u
LEFT JOIN `sys_group` g ON (u.sys_groupid=g.groupid)
WHERE g.client_id=?";
$params[] = $client_id;
$result = $app->db->queryAllRecords($sql, true, $params);
return $result;
}
//* Add mail domain
public function mail_user_add($session_id, $client_id, $params){
......@@ -222,7 +240,7 @@ class remoting_mail extends remoting {
if (!isset($params['gid'])) $params['gid'] = -1;
if (!isset($params['maildir_format'])) $params['maildir_format'] = 'maildir';
$mailuser_id = $this->insertQuery('../mail/form/mail_user.tform.php', $client_id, $params);
$mailuser_id = $this->insertQuery('../mail/form/mail_user.tform.php', $client_id, $params, 'mail:mail_user:on_after_insert');
return $mailuser_id;
}
......@@ -245,7 +263,7 @@ class remoting_mail extends remoting {
return false;
}
$affected_rows = $this->updateQuery('../mail/form/mail_user.tform.php', $client_id, $primary_id, $params);
$affected_rows = $this->updateQuery('../mail/form/mail_user.tform.php', $client_id, $primary_id, $params, 'mail:mail_user:on_after_update');
return $affected_rows;
}
......@@ -258,7 +276,7 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../mail/form/mail_user.tform.php', $primary_id);
$affected_rows = $this->deleteQuery('../mail/form/mail_user.tform.php', $primary_id, 'mail:mail_user:on_after_delete');
return $affected_rows;
}
......@@ -413,7 +431,7 @@ class remoting_mail extends remoting {
}
unset($tmp);
$affected_rows = $this->insertQuery('../mail/form/mail_alias.tform.php', $client_id, $params);
$affected_rows = $this->insertQuery('../mail/form/mail_alias.tform.php', $client_id, $params, 'mail:mail_alias:on_after_insert');
return $affected_rows;
}
......@@ -435,7 +453,7 @@ class remoting_mail extends remoting {
}
unset($tmp);
$affected_rows = $this->updateQuery('../mail/form/mail_alias.tform.php', $client_id, $primary_id, $params);
$affected_rows = $this->updateQuery('../mail/form/mail_alias.tform.php', $client_id, $primary_id, $params, 'mail:mail_alias:on_after_update');
return $affected_rows;
}
......@@ -446,7 +464,7 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../mail/form/mail_alias.tform.php', $primary_id);
$affected_rows = $this->deleteQuery('../mail/form/mail_alias.tform.php', $primary_id, 'mail:mail_alias:on_after_delete');
return $affected_rows;
}
......@@ -472,7 +490,7 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->insertQuery('../mail/form/mail_forward.tform.php', $client_id, $params);
$affected_rows = $this->insertQuery('../mail/form/mail_forward.tform.php', $client_id, $params, 'mail:mail_forward:on_after_insert');
return $affected_rows;
}
......@@ -484,7 +502,7 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->updateQuery('../mail/form/mail_forward.tform.php', $client_id, $primary_id, $params);
$affected_rows = $this->updateQuery('../mail/form/mail_forward.tform.php', $client_id, $primary_id, $params, 'mail:mail_forward:on_after_update');
return $affected_rows;
}
......@@ -496,7 +514,7 @@ class remoting_mail extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../mail/form/mail_forward.tform.php', $primary_id);
$affected_rows = $this->deleteQuery('../mail/form/mail_forward.tform.php', $primary_id, 'mail:mail_forward:on_after_delete');
return $affected_rows;
}
......@@ -649,6 +667,54 @@ class remoting_mail extends remoting {
return $affected_rows;
}
//* add relay domain
public function mail_relay_domain_add($session_id, $client_id, $params)
{
if(!$this->checkPerm($session_id, 'mail_relay_add'))
{
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->insertQuery('../mail/form/mail_relay_domain.tform.php', $client_id, $params);
return $affected_rows;
}
public function mail_relay_domain_delete($session_id, $primary_id)
{
if(!$this->checkPerm($session_id, 'mail_relay_delete'))
{
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->deleteQuery('../mail/form/mail_relay_domain.tform.php', $primary_id);
return $affected_rows;
}
public function mail_relay_domain_get($session_id, $primary_id)
{
global $app;
if(!$this->checkPerm($session_id, 'mail_relay_get'))
{
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$app->uses('remoting_lib');
$app->remoting_lib->loadFormDef('../mail/form/mail_relay_domain.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
public function mail_relay_domain_update($session_id, $client_id, $primary_id, $params)
{
if(!$this->checkPerm($session_id, 'mail_relay_update'))
{
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
$affected_rows = $this->updateQuery('../mail/form/mail_relay_domain.tform.php', $client_id, $primary_id, $params);
return $affected_rows;
}
//* Get spamfilter whitelist details
public function mail_spamfilter_whitelist_get($session_id, $primary_id)
{
......
interface/lib/classes/remoting.inc.php
View file @ 7d30386f
......@@ -138,8 +138,8 @@ class remoting {
}
//* Create a remote user session
//srand ((double)microtime()*1000000);
$remote_session = substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'),0,1).sha1(mt_rand().uniqid('ispco',true));
// session id must begin with a char, not digit, to avoid mysql type confusion abuse
$remote_session = substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'),0,1).bin2hex(random_bytes(20));
$remote_userid = $user['userid'];
$remote_functions = '';
$tstamp = time() + $this->session_timeout;
......@@ -210,8 +210,8 @@ class remoting {
return false;
}
//* Create a remote user session
//srand ((double)microtime()*1000000);
$remote_session = substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'),0,1).sha1(mt_rand().uniqid('ispco',true));
// session id must begin with a char, not digit, to avoid mysql type confusion abuse
$remote_session = substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'),0,1).bin2hex(random_bytes(20));
$remote_userid = $remote_user['remote_userid'];
$remote_functions = $remote_user['remote_functions'];
$tstamp = time() + $this->session_timeout;
......
interface/lib/classes/simplepie.inc.php
View file @ 7d30386f
......@@ -13186,8 +13186,8 @@ class SimplePie_Parse_Date
*/
function __construct()
{
$this->day_pcre = '(' . implode(array_keys($this->day), '|') . ')';
$this->month_pcre = '(' . implode(array_keys($this->month), '|') . ')';
$this->day_pcre = '(' . implode('|', array_keys($this->day)) . ')';
$this->month_pcre = '(' . implode('|', array_keys($this->month)) . ')';
static $cache;
if (!isset($cache[get_class($this)]))
......@@ -13338,9 +13338,9 @@ class SimplePie_Parse_Date
}
// Convert the number of seconds to an integer, taking decimals into account
$second = @round($match[6] + $match[7] / @pow(10, strlen($match[7])));
$second = @round((int)$match[6] + (int)$match[7] / @pow(10, strlen($match[7])));
return gmmktime($match[4], $match[5], $second, $match[2], $match[3], $match[1]) - $timezone;
return gmmktime((int)$match[4], (int)$match[5], (int)$second, (int)$match[2], (int)$match[3], (int)$match[1]) - $timezone;
}
else
{
......