gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -72,6 +72,13 @@

			$app->uses('system');

			//* Check if the resulting path is inside the docroot
			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($data['new']['parent_domain_id']));
			if(substr(realpath($data['new']['dir']),0,strlen($web['document_root'])) != $web['document_root']) {
			$app->log('Directory of the shell user is outside of website docroot.',LOGLEVEL_WARN);
			return false;
			}

			if($app->system->is_user($data['new']['puser'])) {
			// Get the UID of the parent user
			$uid = intval($app->system->getuid($data['new']['puser']));
			@@ -121,6 +128,13 @@

			$app->uses('system');

			//* Check if the resulting path is inside the docroot
			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($data['new']['parent_domain_id']));
			if(substr(realpath($data['new']['dir']),0,strlen($web['document_root'])) != $web['document_root']) {
			$app->log('Directory of the shell user is outside of website docroot.',LOGLEVEL_WARN);
			return false;
			}

			if($app->system->is_user($data['new']['puser'])) {
			// Get the UID of the parent user
			$uid = intval($app->system->getuid($data['new']['puser']));