install/lib/install.lib.php

@@ -98,6 +98,10 @@ function get_distname() {
 				$mainver = current($mainver).'.'.next($mainver);
 			}
 			switch ($mainver){
+			case "22.04":
+				$relname = "(Jammy Jellyfish)";
+				$distconfid = 'ubuntu2204';
+				break;
 			case "20.04":
 				$relname = "(Focal Fossa)";
 				$distconfid = 'ubuntu2004';
@@ -248,6 +252,13 @@ function get_distname() {
 			$distid = 'debian60';
 			$distbaseid = 'debian';
 			swriteln("Operating System: Debian 11.0 (Bullseye) or compatible\n");
+		} elseif(substr(trim(file_get_contents('/etc/debian_version')),0,2) == '12') {
+			$distname = 'Debian';
+			$distver = 'Bookworm';
+			$distconfid = 'debian120';
+			$distid = 'debian60';
+			$distbaseid = 'debian';
+			swriteln("Operating System: Debian 12.0 (Bookworm) or compatible\n");
 		} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '/sid')) {
 			$distname = 'Debian';
 			$distver = 'Testing';
@@ -295,88 +306,93 @@ function get_distname() {
 	}
 
 	//** RHEL (including compatible clones) & Fedora
-        elseif(file_exists('/etc/redhat-release') && file_exists('/etc/os-release')) {
-
-		$content = file_get_contents('/etc/os-release');
-
-		preg_match('/(?<=PRETTY_NAME=\").+?(?=\")/', $content, $prettyname);
-		preg_match('/(?<=NAME=\").+?(?=\")/', $content, $name);
-		preg_match('/(?<=VERSION=\").+?(?=\")/', $content, $version);
-		preg_match('/(?<=VERSION_ID=\").+?(?=\")/', $content, $versionid);
-
-                if(stristr($prettyname[0], 'Fedora 32 (Thirty Two)')) {
-                        $distname = 'Fedora';
-                        $distver = '32';
-                        $distid = 'fedora32';
-                        $distbaseid = 'fedora';
-                        swriteln("Operating System: Fedora 32 or compatible\n");
-                } elseif(stristr($prettyname[0], 'Fedora 33 (Thirty Three)')) {
-                        $distname = 'Fedora';
-                        $distver = '33';
-                        $distid = 'fedora33';
-                        $distbaseid = 'fedora';
-                        swriteln("Operating System: Fedora 33 or compatible\n");
-                //** RHEL 7 and compatible clones
-                } elseif(preg_match('/^(?:7|7\.[0-9]{1,2})$/', $versionid[0])) {
-                        preg_match_all('/([0-9]{1,2})\.?([0-9]{0,2})\.?([0-9]*)/', file_get_contents('/etc/redhat-release'), $centos7_version);
-                        $distname = $name[0];
-                        $distver = is_array($centos7_version)? implode('.', array_filter(array($centos7_version[1][0],$centos7_version[2][0],$centos7_version[3][0]),'strlen')) : $version[0];
-                        $distid = 'centos72';
-			$distbaseid = 'fedora';
-                        swriteln("Operating System: " . $distname . " " .  $distver . "\n");
-		//** RHEL 8 and compatible clones
-                } elseif(preg_match('/^(?:8|8\.[0-9]{1,2})$/', $versionid[0])) {
-                        $distname = $name[0];
-                        $distver = $version[0];
-                        $distid = 'centos80';
-                        $distbaseid = 'fedora';
-                        swriteln("Operating System: " . $prettyname[0] . "\n");
-		} else {
-                        $distname = 'Redhat';
-                        $distver = 'Unknown';
-                        $distid = 'fedora9';
-                        $distbaseid = 'fedora';
-                        swriteln("Operating System: Redhat or compatible\n");
-		}
+	elseif(file_exists('/etc/redhat-release') && file_exists('/etc/os-release')) {
+
+	$content = file_get_contents('/etc/os-release');
+
+	preg_match('/(?<=PRETTY_NAME=\").+?(?=\")/', $content, $prettyname);
+	preg_match('/(?<=NAME=\").+?(?=\")/', $content, $name);
+	preg_match('/(?<=VERSION=\").+?(?=\")/', $content, $version);
+	preg_match('/(?<=VERSION_ID=\").+?(?=\")/', $content, $versionid);
+
+	if(stristr($prettyname[0], 'Fedora 32 (Thirty Two)')) {
+		$distname = 'Fedora';
+		$distver = '32';
+		$distid = 'fedora32';
+		$distbaseid = 'fedora';
+		swriteln("Operating System: Fedora 32 or compatible\n");
+	} elseif(stristr($prettyname[0], 'Fedora 33 (Thirty Three)')) {
+		$distname = 'Fedora';
+		$distver = '33';
+		$distid = 'fedora33';
+		$distbaseid = 'fedora';
+		swriteln("Operating System: Fedora 33 or compatible\n");
+	//** RHEL 7 and compatible clones
+	} elseif(preg_match('/^(?:7|7\.[0-9]{1,2})$/', $versionid[0])) {
+		preg_match_all('/([0-9]{1,2})\.?([0-9]{0,2})\.?([0-9]*)/', file_get_contents('/etc/redhat-release'), $centos7_version);
+		$distname = $name[0];
+		$distver = is_array($centos7_version)? implode('.', array_filter(array($centos7_version[1][0],$centos7_version[2][0],$centos7_version[3][0]),'strlen')) : $version[0];
+		$distid = 'centos72';
+		$distbaseid = 'fedora';
+		swriteln("Operating System: " . $distname . " " .  $distver . "\n");
+	//** RHEL 8 and compatible clones
+	} elseif(preg_match('/^(?:8|8\.[0-9]{1,2})$/', $versionid[0])) {
+		$distname = $name[0];
+		$distver = $version[0];
+		$distid = 'centos80';
+		$distbaseid = 'fedora';
+		swriteln("Operating System: " . $prettyname[0] . "\n");
+	//** RHEL 9 and compatible clones
+	} elseif(preg_match('/^(?:9|9\.[0-9]{1,2})$/', $versionid[0])) {
+		$distname = $name[0];
+		$distver = $version[0];
+		$distid = 'centos90';
+		$distbaseid = 'fedora';
+		swriteln("Operating System: " . $prettyname[0] . "\n");
+	} else {
+		$distname = 'Redhat';
+		$distver = 'Unknown';
+		$distid = 'fedora9';
+		$distbaseid = 'fedora';
+		swriteln("Operating System: Redhat or compatible\n");
+	}
 	//** CentOS 6
-        } elseif(file_exists('/etc/redhat-release') && !file_exists('/etc/os-release') && !file_exists('/etc/els-release')) {
+	} elseif(file_exists('/etc/redhat-release') && !file_exists('/etc/os-release') && !file_exists('/etc/els-release')) {
 
-                $content = file_get_contents('/etc/redhat-release');
+		$content = file_get_contents('/etc/redhat-release');
 
-                if(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
-                        preg_match_all('/(6\.?([0-9]{0,2})\.?(\s)?([a-zA-Z()]+))$/', $content, $centos6_version);
-                        $distname = 'CentOS Linux';
+		if(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
+			preg_match_all('/(6\.?([0-9]{0,2})\.?(\s)?([a-zA-Z()]+))$/', $content, $centos6_version);
+			$distname = 'CentOS Linux';
 			$distver = $centos6_version[0][0] ? $centos6_version[0][0] : '6';
 			$distid = 'centos53';
 			$distbaseid = 'fedora';
-                        swriteln("Operating System: " . $distname . " " .  $distver . "\n");
-
-                } else {
-                        $distname = 'Redhat';
-                        $distver = 'Unknown';
-                        $distid = 'fedora9';
-                        $distbaseid = 'fedora';
-                }
+			swriteln("Operating System: " . $distname . " " .  $distver . "\n");
+        } else {
+			$distname = 'Redhat';
+			$distver = 'Unknown';
+			$distid = 'fedora9';
+			$distbaseid = 'fedora';
+		}
 	//** CentOS 6 Extended Lifecycle Support by CloudLinux
-        } elseif(file_exists('/etc/redhat-release') && file_exists('/etc/els-release') && !file_exists('/etc/os-release')) {
+	} elseif(file_exists('/etc/redhat-release') && file_exists('/etc/els-release') && !file_exists('/etc/os-release')) {
 
-                $content = file_get_contents('/etc/els-release');
+		$content = file_get_contents('/etc/els-release');
 
-                if(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
-                        preg_match_all('/(6)\.?([0-9]{0,2})?\.?\s([a-zA-Z(), ]+)?$/', $content, $centos6_version);
-                        $distname = 'CentOS Linux';
-                        $distver = $centos6_version[0][0] ? $centos6_version[0][0] : '6';
-                        $distid = 'centos53';
+		if(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
+			preg_match_all('/(6)\.?([0-9]{0,2})?\.?\s([a-zA-Z(), ]+)?$/', $content, $centos6_version);
+			$distname = 'CentOS Linux';
+			$distver = $centos6_version[0][0] ? $centos6_version[0][0] : '6';
+			$distid = 'centos53';
 			$distbaseid = 'fedora';
-                        swriteln("Operating System: " . $distname . " " .  $distver . "\n");
-                } else {
-                        $distname = 'Redhat';
-                        $distver = 'Unknown';
-                        $distid = 'fedora9';
-                        $distbaseid = 'fedora';
-                }
-        }
-
+			swriteln("Operating System: " . $distname . " " .  $distver . "\n");
+		} else {
+			$distname = 'Redhat';
+			$distver = 'Unknown';
+			$distid = 'fedora9';
+			$distbaseid = 'fedora';
+		}
+	}
 
 	//** Gentoo
 	elseif(file_exists('/etc/gentoo-release')) {
@@ -538,16 +554,15 @@ function remove_blank_lines($input, $file = 1){
 		$content = $input;
 	}
 	$lines = explode("\n", $content);
+	$new_lines = array();
 	if(!empty($lines)){
 		foreach($lines as $line){
 			if(trim($line) != '') $new_lines[] = $line;
 		}
 	}
-	if(is_array($new_lines)){
-		$content = implode("\n", $new_lines);
-	} else {
-		$content = '';
-	}
+
+	$content = implode("\n", $new_lines);
+
 	if($file){
 		wf($input, $content);
 	}else{

install/lib/mysql.lib.php

@@ -64,9 +64,11 @@ class db
 	public function __destruct() {
 		if($this->_iConnId) mysqli_close($this->_iConnId);
 	}
-	
+
 	private function do_connect() {
 		global $conf;
+
+		mysqli_report(MYSQLI_REPORT_OFF);
 		
 		if($this->_iConnId) return true;
 		$this->dbHost = $conf['mysql']['host'];
@@ -77,7 +79,7 @@ class db
 		$this->dbCharset = $conf["mysql"]["charset"];
 		$this->dbNewLink = false;
 		$this->dbClientFlags = null;
-		
+
 		$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
 		$try = 0;
 		while((!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5) {
@@ -92,19 +94,19 @@ class db
 			$this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!');
 			return false;
 		}
-		
+
 		if($this->dbName) $this->setDBName($this->dbName);
 
 		$this->_setCharset();
 	}
-	
+
 	public function setDBData($host, $user, $password, $port) {
 		$this->dbHost = $host;
 		$this->dbUser = $user;
 		$this->dbPass = $password;
 		$this->dbPort = $port;
 	}
-	
+
 	public function setDBName($name) {
 		$this->dbName = $name;
 		$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
@@ -114,7 +116,7 @@ class db
 			return false;
 		}
 	}
-	
+
 	public function close() {
 		if($this->_iConnId) mysqli_close($this->_iConnId);
 		$this->_iConnId = null;
@@ -192,7 +194,7 @@ class db
 	}
 
 	private function _query($sQuery = '') {
-		
+
 		$aArgs = func_get_args();
 		$this->do_connect();
 
@@ -284,7 +286,7 @@ class db
 	 * @return array result row or NULL if none found
 	 */
 	public function queryOneRecord($sQuery = '') {
-		
+
 		$aArgs = func_get_args();
 		if(!empty($aArgs)) {
 			$sQuery = array_shift($aArgs);
@@ -293,7 +295,7 @@ class db
 		}
 		array_unshift($aArgs, $sQuery);
 		}
-  
+
 		$oResult = call_user_func_array([&$this, 'query'], $aArgs);
 		if(!$oResult) return null;
 
@@ -534,7 +536,7 @@ class db
 			if($debug == 1) echo "mySQL Error Message: ".$this->errorMessage;
 		}
 	}
-	
+
 	/* TODO: rewrite SQL */
 	function update($tablename, $form, $bedingung, $debug = 0)
 	{
@@ -761,14 +763,14 @@ class db
 			break;
 		}
 	}
-	
+
 	/**
 	 * Get the database type (mariadb or mysql)
 	 *
 	 * @access public
 	 * @return string 'mariadb' or string 'mysql'
 	 */
-	
+
 	public function getDatabaseType() {
 		$tmp = $this->queryOneRecord('SELECT VERSION() as version');
 		if(stristr($tmp['version'],'mariadb')) {
@@ -777,7 +779,7 @@ class db
 			return 'mysql';
 		}
 	}
-	
+
 	/**
 	 * Get the database version
 	 *
@@ -785,7 +787,7 @@ class db
 	 * @param bool   $major_version_only = true will return the major version only, e.g. 8 for MySQL 8
 	 * @return string version number
 	 */
-	
+
 	public function getDatabaseVersion($major_version_only = false) {
 		$tmp = $this->queryOneRecord('SELECT VERSION() as version');
 		$version = explode('-', $tmp['version']);

install/sql/incremental/upd_0097.sql

+ALTER TABLE `sys_user` ADD `otp_type` SET('none', 'email') NOT NULL DEFAULT 'none' AFTER `lost_password_reqtime`, ADD `otp_data` VARCHAR(255) NULL AFTER `otp_type`, ADD `otp_recovery` VARCHAR(64) NULL AFTER `otp_data`, ADD `otp_attempts` TINYINT NOT NULL DEFAULT '0' AFTER `otp_recovery`;

install/sql/incremental/upd_0098.sql

+ALTER TABLE `mail_user` CHANGE `quota` `quota` BIGINT(20) NOT NULL DEFAULT '0';
+ALTER TABLE `server_php` ADD `sortprio` INT(20) NOT NULL DEFAULT '100' AFTER `active`;
+ALTER TABLE `mail_user` ADD COLUMN `imap_prefix` varchar(255) NULL default NULL AFTER `backup_copies`;
+-- #6456 comodoca.com needs to become sectigo.com
+UPDATE `dns_ssl_ca` SET `ca_issue` = 'sectigo.com' WHERE `ca_issue` = 'comodo.com';
+UPDATE `dns_ssl_ca` SET `ca_issue` = 'sectigo.com' WHERE `ca_issue` = 'comodoca.com';
+UPDATE `dns_ssl_ca` SET `ca_name` = 'Sectigo (formerly Comodo CA)' WHERE `ca_issue` = 'sectigo.com';
+-- not updating the dns_rr table to change all CAA records that have comodo.com / comodoca.com - we should not touch users records imo - TP
+-- #6445 Update the mailbox_soft_delete config option to it's new structure.
+-- UPDATE server SET config=REGEXP_REPLACE(config, 'mailbox_soft_delete=n', 'mailbox_soft_delete=0') WHERE config LIKE '%mailbox_soft_delete=n%'
+-- UPDATE server SET config=REGEXP_REPLACE(config, 'mailbox_soft_delete=y', 'mailbox_soft_delete=7') WHERE config LIKE '%mailbox_soft_delete=y%'
\ No newline at end of file

install/sql/ispconfig3.sql

@@ -568,7 +568,7 @@ INSERT INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `s
 (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'certSIGN', 'certsign.ro', 'Y', '', 0),
 (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CFCA', 'cfca.com.cn', 'Y', '', 0),
 (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Chunghwa Telecom', 'cht.com.tw', 'Y', '', 0),
-(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Sectigo / Comodo CA', 'comodoca.com', 'Y', '', 0),
+(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Sectigo (formerly Comodo CA)', 'sectigo.com', 'Y', '', 0),
 (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'D-TRUST', 'd-trust.net', 'Y', '', 0),
 (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0),
 (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DocuSign', 'docusign.fr', 'Y', '', 0),
@@ -1070,7 +1070,7 @@ CREATE TABLE `mail_user` (
   `gid` int(11) NOT NULL default '5000',
   `maildir` varchar(255) NOT NULL default '',
   `maildir_format` varchar(255) NOT NULL default 'maildir',
-  `quota` bigint(20) NOT NULL default '-1',
+  `quota` bigint(20) NOT NULL default '0',
   `cc` text,
   `forward_in_lda` enum('n','y') NOT NULL default 'n',
   `sender_cc` varchar(255) NOT NULL default '',
@@ -1101,6 +1101,7 @@ CREATE TABLE `mail_user` (
   `last_quota_notification` date NULL default NULL,
   `backup_interval` VARCHAR( 255 ) NOT NULL default 'none',
   `backup_copies` INT NOT NULL DEFAULT '1',
+  `imap_prefix` varchar(255) NULL default NULL,
   PRIMARY KEY  (`mailuser_id`),
   KEY `server_id` (`server_id`,`email`),
   KEY `email_access` (`email`,`access`)
@@ -1460,6 +1461,7 @@ CREATE TABLE `server_php` (
   `php_fpm_pool_dir` varchar(255) DEFAULT NULL,
   `php_fpm_socket_dir` varchar(255) DEFAULT NULL,
   `active` enum('n','y') NOT NULL DEFAULT 'y',
+  `sortprio` int(20) NOT NULL DEFAULT 100,
   PRIMARY KEY (`server_php_id`)
 ) DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
 
@@ -1842,6 +1844,10 @@ CREATE TABLE `sys_user` (
   `lost_password_function` tinyint(1) NOT NULL default '1',
   `lost_password_hash` VARCHAR(50) NOT NULL default '',
   `lost_password_reqtime` DATETIME NULL default NULL,
+  `otp_type` set('none', 'email') NOT NULL DEFAULT 'none',
+  `otp_data` varchar(255) DEFAULT NULL,
+  `otp_recovery` varchar(64) DEFAULT NULL,
+  `otp_attempts` tinyint(4) NOT NULL DEFAULT 0,
   PRIMARY KEY  (`userid`)
 ) DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
 

install/tpl/apache_apps.vhost.master

-######################################################
-# This virtual host contains the configuration
-# for the ISPConfig apps vhost
-######################################################
-
-{tmpl_var name='vhost_port_listen'} Listen {tmpl_var name='apps_vhost_port'}
-# NameVirtualHost *:{tmpl_var name='apps_vhost_port'}
-
-<VirtualHost {tmpl_var name='apps_vhost_ip'}:{tmpl_var name='apps_vhost_port'}>
-  ServerAdmin webmaster@localhost
-  {tmpl_var name='apps_vhost_servername'}
-  
-  <Directory {tmpl_var name='apps_vhost_dir'}>
-    <FilesMatch "\.ph(p3?|tml)$">
-      SetHandler None
-    </FilesMatch>
-  </Directory>
-
-  # SSL Configuration
-  <tmpl_var name="ssl_comment">SSLEngine On
-  <tmpl_if name='apache_version' op='>=' value='2.3.16' format='version'>
-  <tmpl_var name="ssl_comment">SSLProtocol All -SSLv3 -TLSv1 -TLSv1.1
-  <tmpl_else>
-  <tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3
-  </tmpl_if>
-  <tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
-  <tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
-  <tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle
-
-  <tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
-  <tmpl_var name="ssl_comment">SSLHonorCipherOrder On
-  <tmpl_if name='apache_version' op='>=' value='2.4.3' format='version'>
-  <tmpl_var name="ssl_comment">SSLCompression Off
-  </tmpl_if>
-  <tmpl_if name='apache_version' op='>=' value='2.4.11' format='version'>
-  <tmpl_var name="ssl_comment">SSLSessionTickets Off
-  </tmpl_if>
-
-  <IfModule mod_headers.c>
-    # ISPConfig 3.1 currently requires unsafe-line for both scripts and styles, as well as unsafe-eval
-    Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'"
-    <tmpl_var name="ssl_comment">Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests"
-    Header set X-Content-Type-Options: nosniff
-    Header set X-Frame-Options: SAMEORIGIN
-    Header set X-XSS-Protection: "1; mode=block"
-    Header always edit Set-Cookie (.*) "$1; HTTPOnly"
-    <tmpl_var name="ssl_comment">Header always edit Set-Cookie (.*) "$1; Secure"
-    <IfVersion >= 2.4.7>
-        Header setifempty Strict-Transport-Security "max-age=15768000"
-    </IfVersion>
-    <IfVersion < 2.4.7>
-        Header set Strict-Transport-Security "max-age=15768000"
-    </IfVersion>
-    RequestHeader unset Proxy early
-  </IfModule>
-
-  <tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
-  <tmpl_var name="ssl_comment">SSLUseStapling On
-  <tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5
-  <tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors Off
-  </tmpl_if>
-
-  <IfModule mod_headers.c>
-	RequestHeader unset Proxy early
-  </IfModule>
-
-  <IfModule mod_php5.c>
-    DocumentRoot {tmpl_var name='apps_vhost_dir'}
-    AddType application/x-httpd-php .php
-    <Directory {tmpl_var name='apps_vhost_dir'}>
-		Options FollowSymLinks
-		AllowOverride None
-		<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
-		Require all granted
-		<tmpl_else>
-		Order allow,deny
-		Allow from all
-		</tmpl_if>
-    </Directory>
-  </IfModule>
-
-  <IfModule mod_php7.c>
-    DocumentRoot {tmpl_var name='apps_vhost_dir'}
-    AddType application/x-httpd-php .php
-    <Directory {tmpl_var name='apps_vhost_dir'}>
-		Options FollowSymLinks
-		AllowOverride None
-		<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
-		Require all granted
-		<tmpl_else>
-		Order allow,deny
-		Allow from all
-		</tmpl_if>
-    </Directory>
-  </IfModule>
-
-  <IfModule mod_fcgid.c>
-    DocumentRoot {tmpl_var name='apps_vhost_dir'}
-    SuexecUserGroup ispapps ispapps
-    <Directory {tmpl_var name='apps_vhost_dir'}>
-		Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
-		AllowOverride AuthConfig Indexes Limit Options FileInfo
-	    <FilesMatch "\.php$">
-		  SetHandler fcgid-script
-	    </FilesMatch>
-		FCGIWrapper {tmpl_var name='apps_vhost_basedir'}/php-fcgi-scripts/apps/.php-fcgi-starter .php
-		<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
-		Require all granted
-		<tmpl_else>
-		Order allow,deny
-		Allow from all
-		</tmpl_if>
-    </Directory>
-    IPCCommTimeout  7200
-    MaxRequestLen 15728640 
-  </IfModule>
-
-{tmpl_if name="use_rspamd"}
-  <Location /rspamd>
-        Order allow,deny
-        Allow from all
-  </Location>
-  RewriteEngine On
-  RewriteRule ^/rspamd$ /rspamd/ [R,L]
-  RewriteRule ^/rspamd/(.*) http://127.0.0.1:11334/$1 [P]
-{/tmpl_if}
-
-</VirtualHost>
-
-<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
-<IfModule mod_ssl.c>
-  <tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000)
-</IfModule>
-</tmpl_if>

install/tpl/apache_apps.vhost.master

+../../server/conf/apache_apps.vhost.master
\ No newline at end of file

install/tpl/config.inc.php.master

@@ -56,7 +56,7 @@ $revision = str_replace(array('Revision:','$',' '), '', $svn_revision);
 //** Application
 define('ISPC_APP_TITLE', 'ISPConfig');
 define('ISPC_APP_VERSION', '3.2dev');
-define('DEVSYSTEM', 0);
+define('DEVSYSTEM', false);
 
 
 //** Database
@@ -158,6 +158,7 @@ $conf['timezone'] = '{timezone}';
 
 //** Misc.
 $conf['interface_logout_url'] = ''; // example: http://www.domain.tld/
+$conf['interface_base_url'] = ''; // example: http://www.domain.tld (no trailing slash)
 
 
 //** Auto Load Modules

install/tpl/debian6_dovecot-sql.conf.master

 # http://wiki.dovecot.org/AuthDatabase/SQL
-#
-# CREATE TABLE users (
-#     userid VARCHAR(128) NOT NULL,
-#     password VARCHAR(64) NOT NULL,
-#     home VARCHAR(255) NOT NULL,
-#     uid INTEGER NOT NULL,
-#     gid INTEGER NOT NULL,
-#     active CHAR(1) DEFAULT 'Y' NOT NULL
-# );
 
 driver = mysql
 connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port}
 default_pass_scheme = CRYPT
 
 # password-query with prefetch
-password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND NOT EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'n' AND server_id = {server_id})
+password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve, NULLIF(imap_prefix, '') as "userdb_namespace/inbox/prefix" FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND NOT EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'n' AND server_id = {server_id})
 
-user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
+user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve, NULLIF(imap_prefix, '') as "namespace/inbox/prefix" FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
 
 # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
 # Do not enable it on Dovecot 1.x servers
-# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}'
+# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}'

install/tpl/debian_dovecot-sql.conf.master

-# This file is opened as root, so it should be owned by root and mode 0600.
-#
 # http://wiki.dovecot.org/AuthDatabase/SQL
-#
-# For the sql passdb module, you'll need a database with a table that
-# contains fields for at least the userid and password. If you want to
-# use the user@domain syntax, you might want to have a separate domain
-# field as well.
-#
-# If your users all have the same uig/gid, and have predictable home
-# directories, you can use the static userdb module to generate the home
-# dir based on the userid and domain. In this case, you won't need fields
-# for home, uid, or gid in the database.
-#
-# If you prefer to use the sql userdb module, you'll want to add fields
-# for home, uid, and gid. Here is an example table:
-#
-# CREATE TABLE users (
-#     userid VARCHAR(128) NOT NULL,
-#     password VARCHAR(64) NOT NULL,
-#     home VARCHAR(255) NOT NULL,
-#     uid INTEGER NOT NULL,
-#     gid INTEGER NOT NULL,
-#     active CHAR(1) DEFAULT 'Y' NOT NULL
-# );
-
-# Database driver: mysql, pgsql, sqlite
-#driver = 
-
-# Database connection string. This is driver-specific setting.
-#
-# pgsql:
-#   For available options, see the PostgreSQL documention for the
-#   PQconnectdb function of libpq.
-#
-# mysql:
-#   Basic options emulate PostgreSQL option names:
-#     host, port, user, password, dbname
-#
-#   But also adds some new settings:
-#     client_flags        - See MySQL manual
-#     ssl_ca, ssl_ca_path - Set either one or both to enable SSL
-#     ssl_cert, ssl_key   - For sending client-side certificates to server
-#     ssl_cipher          - Set minimum allowed cipher security (default: HIGH)
-# 
-#   You can connect to UNIX sockets by using host: host=/var/run/mysqld/mysqld.sock
-#   Note that currently you can't use spaces in parameters.
-#
-# sqlite:
-#   The path to the database file.
-#
-# Examples:
-#   connect = host=192.168.1.1 dbname=users
-#   connect = host=sql.example.com dbname=virtual user=virtual password=blarg
-#   connect = /etc/dovecot/authdb.sqlite
-#
-#connect = dbname=virtual user=virtual
-
-# Default password scheme.
-#
-# List of supported schemes is in
-# http://wiki.dovecot.org/Authentication/PasswordSchemes
-#
-#default_pass_scheme = PLAIN-MD5
-
-# Query to retrieve the password.
-#
-# This query must return only one row with "user" and "password" columns.
-# The query can also return other fields which have a special meaning, see
-# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
-#
-# The "user" column is needed to make sure the username gets used with exactly
-# the same casing as it's in the database. Note that if you store username and
-# domain in separate fields, you most likely want to return a combination of
-# them as the "user" column, otherwise the domain gets stripped.
-#
-# Commonly used available substitutions (see
-# http://wiki.dovecot.org/Variables for full list):
-#   %u = entire userid
-#   %n = user part of user@domain
-#   %d = domain part of user@domain
-# 
-# Note that these can be used only as input to SQL query. If the query outputs
-# any of these substitutions, they're not touched. Otherwise it would be
-# difficult to have eg. usernames containing '%' characters.
-#
-# Example:
-#   password_query = SELECT concat(userid, '@', domain) AS user, password FROM users WHERE userid = '%n' AND domain = '%d'
-#   password_query = SELECT pw AS password FROM users WHERE userid = '%u' AND active = 'Y'
-#
-#password_query = SELECT userid as user, password FROM users WHERE userid = '%u'
-
-# Query to retrieve the user information.
-#
-# The query must return only one row. Commonly returned columns are:
-#   uid - System UID
-#   gid - System GID
-#   home - Home directory
-#   mail - Mail location
-#
-# Either home or mail is required. uid and gid are required. If more than one
-# row is returned or there are missing fields, the login will fail. For a list
-# of all fields that can be returned, see 
-# http://wiki.dovecot.org/UserDatabase/ExtraFields
-#
-# Examples
-#   user_query = SELECT home, uid, gid FROM users WHERE userid = '%n' AND domain = '%d'
-#   user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
-#   user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
-#
-#user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
-
-# If you wish to avoid two SQL lookups (passdb + userdb), you can use
-# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
-# also have to return userdb fields in password_query prefixed with "userdb_"
-# string. For example:
-#password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
 
 driver = mysql
 connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port}
 default_pass_scheme = CRYPT
 
 # password-query with prefetch
-password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND NOT EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'n' AND server_id = {server_id})
+password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve, NULLIF(imap_prefix, '') as "userdb_namespace/inbox/prefix" FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND NOT EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'n' AND server_id = {server_id})
 
-user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
+user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve, NULLIF(imap_prefix, '') as "namespace/inbox/prefix" FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
 
 # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
 # Do not enable it on Dovecot 1.x servers
-# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}'
-
+# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}'

install/tpl/fedora_dovecot-sql.conf.master

-# This file is opened as root, so it should be owned by root and mode 0600.
-#
 # http://wiki.dovecot.org/AuthDatabase/SQL
-#
-# For the sql passdb module, you'll need a database with a table that
-# contains fields for at least the username and password. If you want to
-# use the user@domain syntax, you might want to have a separate domain
-# field as well.
-#
-# If your users all have the same uig/gid, and have predictable home
-# directories, you can use the static userdb module to generate the home
-# dir based on the username and domain. In this case, you won't need fields
-# for home, uid, or gid in the database.
-#
-# If you prefer to use the sql userdb module, you'll want to add fields
-# for home, uid, and gid. Here is an example table:
-#
-# CREATE TABLE users (
-#     username VARCHAR(128) NOT NULL,
-#     domain VARCHAR(128) NOT NULL,
-#     password VARCHAR(64) NOT NULL,
-#     home VARCHAR(255) NOT NULL,
-#     uid INTEGER NOT NULL,
-#     gid INTEGER NOT NULL,
-#     active CHAR(1) DEFAULT 'Y' NOT NULL
-# );
-
-# Database driver: mysql, pgsql, sqlite
-#driver = 
-
-# Database connection string. This is driver-specific setting.
-#
-# pgsql:
-#   For available options, see the PostgreSQL documention for the
-#   PQconnectdb function of libpq.
-#
-# mysql:
-#   Basic options emulate PostgreSQL option names:
-#     host, port, user, password, dbname
-#
-#   But also adds some new settings:
-#     client_flags        - See MySQL manual
-#     ssl_ca, ssl_ca_path - Set either one or both to enable SSL
-#     ssl_cert, ssl_key   - For sending client-side certificates to server
-#     ssl_cipher          - Set minimum allowed cipher security (default: HIGH)
-#     option_file         - Read options from the given file instead of
-#                           the default my.cnf location
-#     option_group        - Read options from the given group (default: client)
-# 
-#   You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
-#   Note that currently you can't use spaces in parameters.
-#
-#   MySQL supports multiple host parameters for load balancing / HA.
-#
-# sqlite:
-#   The path to the database file.
-#
-# Examples:
-#   connect = host=192.168.1.1 dbname=users
-#   connect = host=sql.example.com dbname=virtual user=virtual password=blarg
-#   connect = /etc/dovecot/authdb.sqlite
-#
-#connect =
-
-# Default password scheme.
-#
-# List of supported schemes is in
-# http://wiki.dovecot.org/Authentication/PasswordSchemes
-#
-#default_pass_scheme = MD5
-
-# passdb query to retrieve the password. It can return fields:
-#   password - The user's password. This field must be returned.
-#   user - user@domain from the database. Needed with case-insensitive lookups.
-#   username and domain - An alternative way to represent the "user" field.
-#
-# The "user" field is often necessary with case-insensitive lookups to avoid
-# e.g. "name" and "nAme" logins creating two different mail directories. If
-# your user and domain names are in separate fields, you can return "username"
-# and "domain" fields instead of "user".
-#
-# The query can also return other fields which have a special meaning, see
-# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
-#
-# Commonly used available substitutions (see http://wiki.dovecot.org/Variables
-# for full list):
-#   %u = entire user@domain
-#   %n = user part of user@domain
-#   %d = domain part of user@domain
-# 
-# Note that these can be used only as input to SQL query. If the query outputs
-# any of these substitutions, they're not touched. Otherwise it would be
-# difficult to have eg. usernames containing '%' characters.
-#
-# Example:
-#   password_query = SELECT userid AS user, pw AS password \
-#     FROM users WHERE userid = '%u' AND active = 'Y'
-#
-#password_query = \
-#  SELECT username, domain, password \
-#  FROM users WHERE username = '%n' AND domain = '%d'
-
-# userdb query to retrieve the user information. It can return fields:
-#   uid - System UID (overrides mail_uid setting)
-#   gid - System GID (overrides mail_gid setting)
-#   home - Home directory
-#   mail - Mail location (overrides mail_location setting)
-#
-# None of these are strictly required. If you use a single UID and GID, and
-# home or mail directory fits to a template string, you could use userdb static
-# instead. For a list of all fields that can be returned, see
-# http://wiki.dovecot.org/UserDatabase/ExtraFields
-#
-# Examples:
-#   user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
-#   user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
-#   user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
-#
-#user_query = \
-#  SELECT home, uid, gid \
-#  FROM users WHERE username = '%n' AND domain = '%d'
-
-# If you wish to avoid two SQL lookups (passdb + userdb), you can use
-# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
-# also have to return userdb fields in password_query prefixed with "userdb_"
-# string. For example:
-#password_query = \
-#  SELECT userid AS user, password, \
-#    home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
-#  FROM users WHERE userid = '%u'
 
 driver = mysql
 connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port}
 default_pass_scheme = CRYPT
 
 # password-query with prefetch
-password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND NOT EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'n' AND server_id = {server_id})
+password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve, NULLIF(imap_prefix, '') as "userdb_namespace/inbox/prefix" FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND NOT EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'n' AND server_id = {server_id})
 
-user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
+user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve, NULLIF(imap_prefix, '') as "namespace/inbox/prefix" FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
 
 # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
 # Do not enable it on Dovecot 1.x servers
-# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}'
+# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}'

install/tpl/gentoo_postfix.conf.master

+alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
+alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
 virtual_alias_domains = proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf
 virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_maps.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
 virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
@@ -5,6 +7,9 @@ virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
 virtual_mailbox_base = {vmail_mailbox_base}
 virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
 virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
+sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
+inet_protocols=all
+inet_interfaces = all
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
@@ -35,7 +40,7 @@ header_checks = regexp:{config_dir}/header_checks
 mime_header_checks = regexp:{config_dir}/mime_header_checks
 nested_header_checks = regexp:{config_dir}/nested_header_checks
 body_checks = regexp:{config_dir}/body_checks
-inet_interfaces = all
+owner_request_special = no
 smtp_tls_security_level = may
 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
 smtpd_tls_protocols = !SSLv2,!SSLv3

install/tpl/jk_init.ini.master

@@ -240,7 +240,7 @@ includesections = php_common
 
 [php8_2]
 comment = php version 8.2
-paths = /usr/bin/php8.2, /usr/lib/php/8.2/, /usr/lib/php/20210902/, /usr/share/php/8.2/, /etc/php/8.2/cli/, /etc/php/8.2/mods-available/
+paths = /usr/bin/php8.2, /usr/lib/php/8.2/, /usr/lib/php/20220829/, /usr/share/php/8.2/, /etc/php/8.2/cli/, /etc/php/8.2/mods-available/
 includesections = php_common
 
 [imagemagick]

install/tpl/opensuse_dovecot-sql.conf.master

-# This file is opened as root, so it should be owned by root and mode 0600.
-#
 # http://wiki.dovecot.org/AuthDatabase/SQL
-#
-# For the sql passdb module, you'll need a database with a table that
-# contains fields for at least the username and password. If you want to
-# use the user@domain syntax, you might want to have a separate domain
-# field as well.
-#
-# If your users all have the same uig/gid, and have predictable home
-# directories, you can use the static userdb module to generate the home
-# dir based on the username and domain. In this case, you won't need fields
-# for home, uid, or gid in the database.
-#
-# If you prefer to use the sql userdb module, you'll want to add fields
-# for home, uid, and gid. Here is an example table:
-#
-# CREATE TABLE users (
-#     username VARCHAR(128) NOT NULL,
-#     domain VARCHAR(128) NOT NULL,
-#     password VARCHAR(64) NOT NULL,
-#     home VARCHAR(255) NOT NULL,
-#     uid INTEGER NOT NULL,
-#     gid INTEGER NOT NULL,
-#     active CHAR(1) DEFAULT 'Y' NOT NULL
-# );
-
-# Database driver: mysql, pgsql, sqlite
-#driver = 
-
-# Database connection string. This is driver-specific setting.
-#
-# pgsql:
-#   For available options, see the PostgreSQL documention for the
-#   PQconnectdb function of libpq.
-#
-# mysql:
-#   Basic options emulate PostgreSQL option names:
-#     host, port, user, password, dbname
-#
-#   But also adds some new settings:
-#     client_flags        - See MySQL manual
-#     ssl_ca, ssl_ca_path - Set either one or both to enable SSL
-#     ssl_cert, ssl_key   - For sending client-side certificates to server
-#     ssl_cipher          - Set minimum allowed cipher security (default: HIGH)
-#     option_file         - Read options from the given file instead of
-#                           the default my.cnf location
-#     option_group        - Read options from the given group (default: client)
-# 
-#   You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
-#   Note that currently you can't use spaces in parameters.
-#
-#   MySQL supports multiple host parameters for load balancing / HA.
-#
-# sqlite:
-#   The path to the database file.
-#
-# Examples:
-#   connect = host=192.168.1.1 dbname=users
-#   connect = host=sql.example.com dbname=virtual user=virtual password=blarg
-#   connect = /etc/dovecot/authdb.sqlite
-#
-#connect =
-
-# Default password scheme.
-#
-# List of supported schemes is in
-# http://wiki.dovecot.org/Authentication/PasswordSchemes
-#
-#default_pass_scheme = MD5
-
-# passdb query to retrieve the password. It can return fields:
-#   password - The user's password. This field must be returned.
-#   user - user@domain from the database. Needed with case-insensitive lookups.
-#   username and domain - An alternative way to represent the "user" field.
-#
-# The "user" field is often necessary with case-insensitive lookups to avoid
-# e.g. "name" and "nAme" logins creating two different mail directories. If
-# your user and domain names are in separate fields, you can return "username"
-# and "domain" fields instead of "user".
-#
-# The query can also return other fields which have a special meaning, see
-# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
-#
-# Commonly used available substitutions (see http://wiki.dovecot.org/Variables
-# for full list):
-#   %u = entire user@domain
-#   %n = user part of user@domain
-#   %d = domain part of user@domain
-# 
-# Note that these can be used only as input to SQL query. If the query outputs
-# any of these substitutions, they're not touched. Otherwise it would be
-# difficult to have eg. usernames containing '%' characters.
-#
-# Example:
-#   password_query = SELECT userid AS user, pw AS password \
-#     FROM users WHERE userid = '%u' AND active = 'Y'
-#
-#password_query = \
-#  SELECT username, domain, password \
-#  FROM users WHERE username = '%n' AND domain = '%d'
-
-# userdb query to retrieve the user information. It can return fields:
-#   uid - System UID (overrides mail_uid setting)
-#   gid - System GID (overrides mail_gid setting)
-#   home - Home directory
-#   mail - Mail location (overrides mail_location setting)
-#
-# None of these are strictly required. If you use a single UID and GID, and
-# home or mail directory fits to a template string, you could use userdb static
-# instead. For a list of all fields that can be returned, see
-# http://wiki.dovecot.org/UserDatabase/ExtraFields
-#
-# Examples:
-#   user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
-#   user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
-#   user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
-#
-#user_query = \
-#  SELECT home, uid, gid \
-#  FROM users WHERE username = '%n' AND domain = '%d'
-
-# If you wish to avoid two SQL lookups (passdb + userdb), you can use
-# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
-# also have to return userdb fields in password_query prefixed with "userdb_"
-# string. For example:
-#password_query = \
-#  SELECT userid AS user, password, \
-#    home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
-#  FROM users WHERE userid = '%u'
 
 driver = mysql
 connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port}
 default_pass_scheme = CRYPT
 
 # password-query with prefetch
-password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND NOT EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'n' AND server_id = {server_id})
+password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve, NULLIF(imap_prefix, '') as "userdb_namespace/inbox/prefix" FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND NOT EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'n' AND server_id = {server_id})
 
-user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
+user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve, NULLIF(imap_prefix, '') as "namespace/inbox/prefix" FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
 
 # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
 # Do not enable it on Dovecot 1.x servers
-# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}'
+# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}'

install/tpl/postfix_3-0.conf.master

@@ -14,3 +14,6 @@
 # validate DANE
 smtp_dns_support_level = dnssec
 smtp_tls_security_level = dane
+
+# Disable SMTPUTF8 (until Dovecot supports it: https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6428)
+smtputf8_enable = no
\ No newline at end of file

install/tpl/server.ini.master

@@ -56,10 +56,12 @@ relayhost_user=
 relayhost_password=
 mailbox_size_limit=0
 message_size_limit=0
+mailbox_soft_delete=0
 mailbox_quota_stats=y
-realtime_blackhole_list=zen.spamhaus.org
+realtime_blackhole_list=
 overquota_notify_threshold=90
 overquota_notify_admin=y
+overquota_notify_reseller=y
 overquota_notify_client=y
 overquota_notify_freq=7
 overquota_notify_onok=n
@@ -76,6 +78,7 @@ website_path=/var/www/clients/client[client_id]/web[website_id]
 website_symlinks=/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/
 website_symlinks_rel=n
 network_filesystem=n
+vhost_rewrite_v6=n
 vhost_conf_dir=/etc/apache2/sites-available
 vhost_conf_enabled_dir=/etc/apache2/sites-enabled
 apache_init_script=
@@ -103,6 +106,7 @@ enable_sni=y
 skip_le_check=n
 enable_ip_wildcard=y
 overtraffic_notify_admin=y
+overtraffic_notify_reseller=y
 overtraffic_notify_client=y
 nginx_cgi_socket=/var/run/fcgiwrap.socket
 php_fpm_init_script=php5-fpm
@@ -121,20 +125,29 @@ php_ini_check_minutes=1
 overtraffic_disable_web=y
 overquota_notify_threshold=90
 overquota_notify_admin=y
+overquota_notify_reseller=y
 overquota_notify_client=y
 overquota_notify_freq=7
 overquota_db_notify_threshold=90
 overquota_db_notify_admin=y
+overquota_db_notify_reseller=y
 overquota_db_notify_client=y
 overquota_notify_onok=n
 logging=yes
 php_fpm_reload_mode=reload
 php_fpm_default_chroot=n
+vhost_proxy_protocol_enabled=n
+vhost_proxy_protocol_protocols=ipv4
+vhost_proxy_protocol_http_port=880
+vhost_proxy_protocol_https_port=8443
 
 [dns]
 bind_user=root
 bind_group=bind
 bind_zonefiles_dir=/etc/bind
+bind_keyfiles_dir=/etc/bind
+bind_zonefiles_masterprefix=pri.
+bind_zonefiles_slaveprefix=slave/sec.
 named_conf_path=/etc/bind/named.conf
 named_conf_local_path=/etc/bind/named.conf.local
 disable_bind_log=n

install/tpl/system.ini.master

@@ -13,7 +13,7 @@ mailbox_show_autoresponder_tab=y
 mailbox_show_mail_filter_tab=y
 mailbox_show_custom_rules_tab=y
 mailboxlist_webmail_link=y
-webmail_url=/webmail
+webmail_url=https://[SERVERNAME]:8081/webmail
 dkim_path=/var/lib/amavis/dkim
 smtp_enabled=y
 smtp_host=localhost
@@ -28,17 +28,18 @@ ftpuser_prefix=[CLIENTNAME]
 shelluser_prefix=[CLIENTNAME]
 webdavuser_prefix=[CLIENTNAME]
 dblist_phpmyadmin_link=y
-phpmyadmin_url=/phpmyadmin
+phpmyadmin_url=https://[SERVERNAME]:8081/phpmyadmin
 webftp_url=
 vhost_subdomains=n
 vhost_aliasdomains=n
 client_username_web_check_disabled=n
 backups_include_into_web_quota=n
 reseller_can_use_options=n
-web_php_options=no,fast-cgi,mod,php-fpm
+web_php_options=no,fast-cgi,php-fpm
 show_aps_menu=n
 client_protection=y
 ssh_authentication=
+le_caa_autocreate_options=y
 
 
 [tools]

install/uninstall.php

@@ -98,6 +98,7 @@ if($do_uninstall == 'yes') {
 	@exec('chattr -i /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
 	@unlink("/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter");
 	@unlink("/var/www/php-fcgi-scripts/ispconfig");
+	@unlink("/etc/ssl/private/pure-ftpd.pem");
 
 	echo "Backups in /var/backup/ and log files in /var/log/ispconfig are not deleted.";
 	echo "Finished uninstalling.\n";

install/update.php

@@ -274,6 +274,9 @@ $inst->db = new db();
 $inst->db->setDBData($conf['mysql']["host"], $conf['mysql']["ispconfig_user"], $conf['mysql']["ispconfig_password"], $conf['mysql']["port"]);
 $inst->db->setDBName($conf['mysql']['database']);
 
+//* Check MySQL version
+$inst->check_mysql_version();
+
 //* initialize the master DB, if we have a multiserver setup
 if($conf['mysql']['master_slave_setup'] == 'y') {
 	//** Get MySQL root credentials
@@ -359,17 +362,49 @@ $inst->find_installed_apps();
 //** Check for current service config state and compare to our results
 if ($conf['mysql']['master_slave_setup'] == 'y') $current_svc_config = $inst->dbmaster->queryOneRecord("SELECT mail_server,web_server,dns_server,xmpp_server,firewall_server,vserver_server,db_server FROM ?? WHERE server_id=?", $conf['mysql']['master_database'] . '.server', $conf['server_id']);
 else $current_svc_config = $inst->db->queryOneRecord("SELECT mail_server,web_server,dns_server,xmpp_server,firewall_server,vserver_server,db_server FROM ?? WHERE server_id=?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
-$conf['services']['mail'] = check_service_config_state('mail_server', $conf['postfix']['installed']);
-$conf['services']['dns'] = check_service_config_state('dns_server', ($conf['powerdns']['installed'] || $conf['bind']['installed'] || $conf['mydns']['installed']));
-$conf['services']['web'] = check_service_config_state('web_server', ($conf['apache']['installed'] || $conf['nginx']['installed']));
-$conf['services']['xmpp'] = check_service_config_state('xmpp_server', $conf['xmpp']['installed']);
-$conf['services']['firewall'] = check_service_config_state('firewall_server', ($conf['ufw']['installed'] || $conf['firewall']['installed']));
-$conf['services']['vserver'] = check_service_config_state('vserver_server', $conf['services']['vserver']);
+
+if(isset($conf['postfix']['installed']) && $conf['postfix']['installed'] == true) {
+	$conf['services']['mail'] = check_service_config_state('mail_server', true);
+} else {
+	$conf['services']['mail'] = check_service_config_state('mail_server', false);
+}
+
+if(isset($conf['powerdns']['installed']) && $conf['powerdns']['installed'] == true || isset($conf['bind']['installed']) && $conf['bind']['installed'] == true || isset($conf['mydns']['installed']) && $conf['mydns']['installed'] == true) {
+	$conf['services']['dns'] = check_service_config_state('dns_server', true);
+} else {
+	$conf['services']['dns'] = check_service_config_state('dns_server', false);
+}
+
+if(isset($conf['apache']['installed']) && $conf['apache']['installed'] == true || isset($conf['nginx']['installed']) && $conf['nginx']['installed'] == true) {
+	$conf['services']['web'] = check_service_config_state('web_server', true);
+} else { 
+	$conf['services']['web'] = check_service_config_state('web_server', false);
+}
+
+if(isset($conf['xmpp']['installed']) && $conf['xmpp']['installed'] == true) {
+	$conf['services']['xmpp'] = check_service_config_state('xmpp_server', true);
+} else { 
+	$conf['services']['xmpp'] = check_service_config_state('xmpp_server', false);
+}
+
+if(isset($conf['ufw']['installed']) && $conf['ufw']['installed'] == true || isset($conf['firewall']['installed']) && $conf['firewall']['installed'] == true) {
+	$conf['services']['firewall'] = check_service_config_state('firewall_server', true);
+} else { 
+	$conf['services']['firewall'] = check_service_config_state('firewall_server', false);
+}
+
+if(isset($conf['vserver']['installed']) && $conf['vserver']['installed'] == true) {
+	$conf['services']['vserver'] = check_service_config_state('vserver_server', true);
+} else { 
+	$conf['services']['vserver'] = check_service_config_state('vserver_server', false);
+}
+
 $conf['services']['db'] = check_service_config_state('db_server', true); /* Will always offer as MySQL is of course installed on this host as it's a requirement for ISPC to work... */
 unset($current_svc_config);
 
+
 //** Write new decisions into DB
-$sql = "UPDATE ?? SET mail_server = '{$conf['services']['mail']}', web_server = '{$conf['services']['web']}', dns_server = '{$conf['services']['dns']}', file_server = '{$conf['services']['file']}', db_server = '{$conf['services']['db']}', vserver_server = '{$conf['services']['vserver']}', proxy_server = '{$conf['services']['proxy']}', firewall_server = '$firewall_server_enabled', xmpp_server = '$xmpp_server_enabled' WHERE server_id = ?";
+$sql = "UPDATE ?? SET mail_server = '{$conf['services']['mail']}', web_server = '{$conf['services']['web']}', dns_server = '{$conf['services']['dns']}', file_server = '{$conf['services']['file']}', db_server = '{$conf['services']['db']}', vserver_server = '{$conf['services']['vserver']}', proxy_server = '{$conf['services']['proxy']}', firewall_server = '{$conf['services']['firewall']}', xmpp_server = '{$conf['services']['xmpp']}' WHERE server_id = ?";
 $inst->db->query($sql, $conf['mysql']['database'].'.server', $conf['server_id']);
 if($conf['mysql']['master_slave_setup'] == 'y') {
 	$inst->dbmaster->query($sql, $conf['mysql']['master_database'].'.server', $conf['server_id']);
@@ -562,7 +597,7 @@ if($conf['apache']['installed'] == true) {
 if ($inst->install_ispconfig_interface) {
 	//** Customise the port ISPConfig runs on
 	$ispconfig_port_number = get_ispconfig_port_number();
-	if($autoupdate['ispconfig_port'] == 'default') $autoupdate['ispconfig_port'] = $ispconfig_port_number;
+	if(isset($autoupdate['ispconfig_port']) && $autoupdate['ispconfig_port'] == 'default') $autoupdate['ispconfig_port'] = $ispconfig_port_number;
 	if($conf['webserver']['server_type'] == 'nginx'){
 		$conf['nginx']['vhost_port'] = $inst->free_query('ISPConfig Port', $ispconfig_port_number,'ispconfig_port');
 	} else {
@@ -607,13 +642,13 @@ if($update_crontab_answer == 'yes') {
 //** Restart services:
 if($reconfigure_services_answer == 'yes') {
 	swriteln('Restarting services ...');
-	if($conf['mysql']['installed'] == true && $conf['mysql']['init_script'] != '') system($inst->getinitcommand($conf['mysql']['init_script'], 'restart').' >/dev/null 2>&1');
+	if($conf['mysql']['installed'] == true && isset($conf['mysql']['init_script']) && $conf['mysql']['init_script'] != '') system($inst->getinitcommand($conf['mysql']['init_script'], 'restart').' >/dev/null 2>&1');
 	if($conf['services']['mail']) {
-		if($conf['postfix']['installed'] == true && $conf['postfix']['init_script'] != '') system($inst->getinitcommand($conf['postfix']['init_script'], 'restart'));
-		if($conf['saslauthd']['installed'] == true && $conf['saslauthd']['init_script'] != '') system($inst->getinitcommand($conf['saslauthd']['init_script'], 'restart'));
-		if($conf['amavis']['installed'] == true && $conf['amavis']['init_script'] != '') system($inst->getinitcommand($conf['amavis']['init_script'], 'restart'));
-		if($conf['rspamd']['installed'] == true && $conf['rspamd']['init_script'] != '') system($inst->getinitcommand($conf['rspamd']['init_script'], 'restart'));
-		if($conf['clamav']['installed'] == true && $conf['clamav']['init_script'] != '' && $conf['amavis']['installed'] == true) system($inst->getinitcommand($conf['clamav']['init_script'], 'restart'));
+		if($conf['postfix']['installed'] == true && isset($conf['postfix']['init_script']) && $conf['postfix']['init_script'] != '') system($inst->getinitcommand($conf['postfix']['init_script'], 'restart'));
+		if($conf['saslauthd']['installed'] == true && isset($conf['saslauthd']['init_script']) && $conf['saslauthd']['init_script'] != '') system($inst->getinitcommand($conf['saslauthd']['init_script'], 'restart'));
+		if($conf['amavis']['installed'] == true && isset($conf['amavis']['init_script']) && $conf['amavis']['init_script'] != '') system($inst->getinitcommand($conf['amavis']['init_script'], 'restart'));
+		if($conf['rspamd']['installed'] == true && isset($conf['rspamd']['init_script']) && $conf['rspamd']['init_script'] != '') system($inst->getinitcommand($conf['rspamd']['init_script'], 'restart'));
+		if($conf['clamav']['installed'] == true && isset($conf['clamav']['init_script']) && $conf['clamav']['init_script'] != '' && $conf['amavis']['installed'] == true) system($inst->getinitcommand($conf['clamav']['init_script'], 'restart'));
 		if($conf['courier']['installed'] == true){
 			if($conf['courier']['courier-authdaemon'] != '') system($inst->getinitcommand($conf['courier']['courier-authdaemon'], 'restart'));
 			if($conf['courier']['courier-imap'] != '') system($inst->getinitcommand($conf['courier']['courier-imap'], 'restart'));
@@ -621,8 +656,8 @@ if($reconfigure_services_answer == 'yes') {
 			if($conf['courier']['courier-pop'] != '') system($inst->getinitcommand($conf['courier']['courier-pop'], 'restart'));
 			if($conf['courier']['courier-pop-ssl'] != '') system($inst->getinitcommand($conf['courier']['courier-pop-ssl'], 'restart'));
 		}
-		if($conf['dovecot']['installed'] == true && $conf['dovecot']['init_script'] != '') system($inst->getinitcommand($conf['dovecot']['init_script'], 'restart'));
-		if($conf['mailman']['installed'] == true && $conf['mailman']['init_script'] != '') system('nohup '.$inst->getinitcommand($conf['mailman']['init_script'], 'restart').' >/dev/null 2>&1 &');
+		if($conf['dovecot']['installed'] == true && isset($conf['dovecot']['init_script']) && $conf['dovecot']['init_script'] != '') system($inst->getinitcommand($conf['dovecot']['init_script'], 'restart'));
+		if($conf['mailman']['installed'] == true && isset($conf['mailman']['init_script']) && $conf['mailman']['init_script'] != '') system('nohup '.$inst->getinitcommand($conf['mailman']['init_script'], 'restart').' >/dev/null 2>&1 &');
 	}
 	if($conf['services']['web'] || $inst->install_ispconfig_interface) {
 		if($conf['webserver']['server_type'] == 'apache') {
@@ -636,27 +671,27 @@ if($reconfigure_services_answer == 'yes') {
 		//* Reload is enough for nginx
 		if($conf['webserver']['server_type'] == 'nginx'){
 			if($conf['nginx']['php_fpm_init_script'] != '') system($inst->getinitcommand($conf['nginx']['php_fpm_init_script'], 'reload'));
-			if($conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'reload'));
+			if(isset($conf['nginx']['init_script']) && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'reload'));
 		}
-		if($conf['pureftpd']['installed'] == true && $conf['pureftpd']['init_script'] != '') system($inst->getinitcommand($conf['pureftpd']['init_script'], 'restart'));
+		if($conf['pureftpd']['installed'] == true && isset($conf['pureftpd']['init_script']) && $conf['pureftpd']['init_script'] != '') system($inst->getinitcommand($conf['pureftpd']['init_script'], 'restart'));
 	}
 	if($conf['services']['dns']) {
-		if($conf['mydns']['installed'] == true && $conf['mydns']['init_script'] != '') system($inst->getinitcommand($conf['mydns']['init_script'], 'restart').' &> /dev/null');
-		if($conf['powerdns']['installed'] == true && $conf['powerdns']['init_script'] != '') system($inst->getinitcommand($conf['powerdns']['init_script'], 'restart').' &> /dev/null');
-		if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '') system($inst->getinitcommand($conf['bind']['init_script'], 'restart').' &> /dev/null');
+		if($conf['mydns']['installed'] == true && isset($conf['mydns']['init_script']) && $conf['mydns']['init_script'] != '') system($inst->getinitcommand($conf['mydns']['init_script'], 'restart').' &> /dev/null');
+		if($conf['powerdns']['installed'] == true && isset($conf['powerdns']['init_script']) && $conf['powerdns']['init_script'] != '') system($inst->getinitcommand($conf['powerdns']['init_script'], 'restart').' &> /dev/null');
+		if($conf['bind']['installed'] == true && isset($conf['bind']['init_script']) && $conf['bind']['init_script'] != '') system($inst->getinitcommand($conf['bind']['init_script'], 'restart').' &> /dev/null');
 	}
 
     if($conf['services']['xmpp']) {
-        if($conf['xmpp']['installed'] == true && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null');
+        if($conf['xmpp']['installed'] == true && isset($conf['xmpp']['init_script']) && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null');
     }
 
 	if($conf['services']['proxy']) {
-		// if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['squid']['init_script']))     system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
-		if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null');
+		// if($conf['squid']['installed'] == true && isset($conf['squid']['init_script']) && $conf['squid']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['squid']['init_script']))     system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
+		if($conf['nginx']['installed'] == true && isset($conf['nginx']['init_script']) && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null');
 	}
 
 	if($conf['services']['firewall']) {
-		if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['ufw']['init_script']))     system($conf['init_scripts'].'/'.$conf['ufw']['init_script'].' restart &> /dev/null');
+		if($conf['ufw']['installed'] == true && isset($conf['ufw']['init_script']) && $conf['ufw']['init_script'] != '' && is_executable($conf['init_scripts'].'/'.$conf['ufw']['init_script']))     system($conf['init_scripts'].'/'.$conf['ufw']['init_script'].' restart &> /dev/null');
 	}
 }