gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -99,7 +99,7 @@
			$app->uses('getconf');
			$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
			if ($web_config['CA_path']!='' && !file_exists($web_config['CA_path'].'/openssl.cnf'))
			$app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.conf',LOGLEVEL_ERROR);
			$app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.cnf',LOGLEVEL_ERROR);

			//* Only vhosts can have a ssl cert
			if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain") return;
			@@ -120,8 +120,14 @@
			$this->ssl_certificate_changed = true;

			//* Rename files if they exist
			if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
			if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
			if(file_exists($key_file)){
			$app->system->rename($key_file,$key_file.'.bak');
			$app->system->chmod($key_file.'.bak',0400);
			}
			if(file_exists($key_file2)){
			$app->system->rename($key_file2,$key_file2.'.bak');
			$app->system->chmod($key_file2.'.bak',0400);
			}
			if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
			if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');

			@@ -164,11 +170,15 @@

			$rand_file = escapeshellcmd($rand_file);
			$key_file = escapeshellcmd($key_file);
			if(substr($domain, 0, 2) == '.' && strpos($key_file, '/ssl/\.') !== false) $key_file = str_replace('/ssl/\.', '/ssl/.', $key_file); // wildcard certificate
			$key_file2 = escapeshellcmd($key_file2);
			if(substr($domain, 0, 2) == '.' && strpos($key_file2, '/ssl/\.') !== false) $key_file2 = str_replace('/ssl/\.', '/ssl/.', $key_file2); // wildcard certificate
			$ssl_days = 3650;
			$csr_file = escapeshellcmd($csr_file);
			if(substr($domain, 0, 2) == '.' && strpos($csr_file, '/ssl/\.') !== false) $csr_file = str_replace('/ssl/\.', '/ssl/.', $csr_file); // wildcard certificate
			$config_file = escapeshellcmd($ssl_cnf_file);
			$crt_file = escapeshellcmd($crt_file);
			if(substr($domain, 0, 2) == '.' && strpos($crt_file, '/ssl/\.') !== false) $crt_file = str_replace('/ssl/\.', '/ssl/.', $crt_file); // wildcard certificate

			if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {

			@@ -189,6 +199,7 @@

			}

			$app->system->chmod($key_file,0400);
			$app->system->chmod($key_file2,0400);
			@$app->system->unlink($config_file);
			@$app->system->unlink($rand_file);
			@@ -215,8 +226,14 @@
			//$bundle_file = $ssl_dir.'/'.$domain.".bundle";

			//* Backup files
			if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
			if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
			if(file_exists($key_file)){
			$app->system->copy($key_file,$key_file.'~');
			$app->system->chmod($key_file.'~',0400);
			}
			if(file_exists($key_file2)){
			$app->system->copy($key_file2,$key_file2.'~');
			$app->system->chmod($key_file2.'~',0400);
			}
			if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
			if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
			//if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
			@@ -226,6 +243,7 @@
			if(trim($data["new"]["ssl_cert"]) != '') $app->system->file_put_contents($crt_file,$data["new"]["ssl_cert"]);
			//if(trim($data["new"]["ssl_bundle"]) != '') $app->system->file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
			if(trim($data["new"]["ssl_key"]) != '') $app->system->file_put_contents($key_file2,$data["new"]["ssl_key"]);
			$app->system->chmod($key_file2,0400);

			// for nginx, bundle files have to be appended to the certificate file
			if(trim($data["new"]["ssl_bundle"]) != ''){
			@@ -330,7 +348,7 @@
			}

			if($data['new']['document_root'] == '') {
			$app->log('document_root not set',LOGLEVEL_WARN);
			if($data['new']['type'] == 'vhost' \|\| $data['new']['type'] == 'vhostsubdomain') $app->log('document_root not set',LOGLEVEL_WARN);
			return 0;
			}
			if($data['new']['system_user'] == 'root' or $data['new']['system_group'] == 'root') {
			@@ -418,42 +436,51 @@
			}
			}

			//* Move the site data
			$tmp_docroot = explode('/',$data['new']['document_root']);
			unset($tmp_docroot[count($tmp_docroot)-1]);
			$new_dir = implode('/',$tmp_docroot);
			if($data["new"]["type"] != "vhostsubdomain") {
			//* Move the site data
			$tmp_docroot = explode('/',$data['new']['document_root']);
			unset($tmp_docroot[count($tmp_docroot)-1]);
			$new_dir = implode('/',$tmp_docroot);

			$tmp_docroot = explode('/',$data['old']['document_root']);
			unset($tmp_docroot[count($tmp_docroot)-1]);
			$old_dir = implode('/',$tmp_docroot);
			$tmp_docroot = explode('/',$data['old']['document_root']);
			unset($tmp_docroot[count($tmp_docroot)-1]);
			$old_dir = implode('/',$tmp_docroot);

			//* Check if there is already some data in the new docroot and rename it as we need a clean path to move the existing site to the new path
			if(@is_dir($data['new']['document_root'])) {
			$app->system->rename($data['new']['document_root'],$data['new']['document_root'].'_bak_'.date('Y_m_d'));
			$app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d'),LOGLEVEL_DEBUG);
			}
			//* Check if there is already some data in the new docroot and rename it as we need a clean path to move the existing site to the new path
			if(@is_dir($data['new']['document_root'])) {
			$app->system->web_folder_protection($data['new']['document_root'],false);
			$app->system->rename($data['new']['document_root'],$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'));
			$app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'),LOGLEVEL_DEBUG);
			}

			//* Create new base directory, if it does not exist yet
			if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
			//exec('mv '.$data['old']['document_root'].' '.$new_dir);
			$app->system->rename($data['old']['document_root'],$new_dir);
			$app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir,LOGLEVEL_DEBUG);
			//* Create new base directory, if it does not exist yet
			if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
			$app->system->web_folder_protection($data['old']['document_root'],false);
			exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir));
			//$app->system->rename($data['old']['document_root'],$new_dir);
			$app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir,LOGLEVEL_DEBUG);

			// Handle the change in php_open_basedir
			$data['new']['php_open_basedir'] = str_replace($data['old']['document_root'],$data['new']['document_root'],$data['old']['php_open_basedir']);
			// Handle the change in php_open_basedir
			$data['new']['php_open_basedir'] = str_replace($data['old']['document_root'],$data['new']['document_root'],$data['old']['php_open_basedir']);

			//* Change the owner of the website files to the new website owner
			exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);
			//* Change the owner of the website files to the new website owner
			exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);

			//* Change the home directory and group of the website user
			$command = 'usermod';
			$command .= ' --home '.escapeshellcmd($data['new']['document_root']);
			$command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
			$command .= ' '.escapeshellcmd($data['new']['system_user']);
			exec($command);
			//* Change the home directory and group of the website user
			$command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod';
			$command .= ' --home '.escapeshellcmd($data['new']['document_root']);
			$command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
			$command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';
			exec($command);
			}

			if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);


			//* Change the log mount
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
			$app->system->removeLine('/etc/fstab',$fstab_line);
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait 0 0';
			$app->system->replaceLine('/etc/fstab',$fstab_line,$fstab_line,1,1);

			}

			@@ -483,19 +510,26 @@
			if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
			if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']);
			if(is_link($data['old']['document_root'].'/'.$log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$log_folder);

			//* remove old log mount
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
			$app->system->removeLine('/etc/fstab',$fstab_line);

			//* Unmount log directory
			exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
			}

			//* Create the log dir if nescessary and mount it
			if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']);
			if(!is_dir($data['new']['document_root'].'/'.$log_folder) \|\| is_link($data['new']['document_root'].'/'.$log_folder)) {
			if(!is_dir($data['new']['document_root'].'/'.$log_folder) \|\| !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) \|\| is_link($data['new']['document_root'].'/'.$log_folder)) {
			if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder);
			if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']);
			$app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder);
			$app->system->chown($data['new']['document_root'].'/'.$log_folder,'root');
			$app->system->chgrp($data['new']['document_root'].'/'.$log_folder,'root');
			$app->system->chmod($data['new']['document_root'].'/'.$log_folder,0755);
			exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
			//* add mountpoint to fstab
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind 0 0';
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait 0 0';
			$app->system->replaceLine('/etc/fstab',$fstab_line,$fstab_line,1,1);
			}

			@@ -622,8 +656,8 @@
			exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
			} // end copy error docs

			// Set the quota for the user
			if($username != '' && $app->system->is_user($username)) {
			// Set the quota for the user, but only for vhosts, not vhostsubdomains
			if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
			if($data['new']['hd_quota'] > 0) {
			$blocks_soft = $data['new']['hd_quota'] * 1024;
			$blocks_hard = $blocks_soft + 1024;
			@@ -645,6 +679,9 @@
			}
			}

			//* add the nginx user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update
			if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));

			//* If the security level is set to high
			if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {

			@@ -672,7 +709,7 @@
			if($web_config['add_web_users_to_sshusers_group'] == 'y') {
			$command = 'usermod';
			$command .= ' --groups sshusers';
			$command .= ' '.escapeshellcmd($data['new']['system_user']);
			$command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';
			$this->_exec($command);
			}

			@@ -683,13 +720,10 @@
			//* add the nginx user to the client group in the chroot environment
			$tmp_groupfile = $app->system->server_conf['group_datei'];
			$app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';
			$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
			$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));
			$app->system->server_conf['group_datei'] = $tmp_groupfile;
			unset($tmp_groupfile);
			}

			//* add the nginx user to the client group
			$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));

			//* Chown all default directories
			$app->system->chown($data['new']['document_root'],'root');
			@@ -798,7 +832,7 @@
			if(!is_dir($web_config['website_basedir'].'/conf')) mkdir($web_config['website_basedir'].'/conf');
			if(trim($data['new']['custom_php_ini']) != '') {
			$has_custom_php_ini = true;
			if(!is_dir($custom_php_ini_dir)) $app->system->mkdir($custom_php_ini_dir);
			if(!is_dir($custom_php_ini_dir)) $app->system->mkdirpath($custom_php_ini_dir);
			$php_ini_content = '';
			if($data['new']['php'] == 'mod') {
			$master_php_ini_path = $web_config['php_ini_path_apache'];
			@@ -905,6 +939,100 @@
			// backwards compatibility; since ISPConfig 3.0.5, the PHP mode for nginx is called 'php-fpm' instead of 'fast-cgi'. The following line makes sure that old web sites that have 'fast-cgi' in the database still get PHP-FPM support.
			if($vhost_data['php'] == 'fast-cgi') $vhost_data['php'] = 'php-fpm';

			// Custom rewrite rules
			/*
			$final_rewrite_rules = array();
			$custom_rewrite_rules = $data['new']['rewrite_rules'];
			// Make sure we only have Unix linebreaks
			$custom_rewrite_rules = str_replace("\r\n", "\n", $custom_rewrite_rules);
			$custom_rewrite_rules = str_replace("\r", "\n", $custom_rewrite_rules);
			$custom_rewrite_rule_lines = explode("\n", $custom_rewrite_rules);
			if(is_array($custom_rewrite_rule_lines) && !empty($custom_rewrite_rule_lines)){
			foreach($custom_rewrite_rule_lines as $custom_rewrite_rule_line){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			}
			}
			$tpl->setLoop('rewrite_rules', $final_rewrite_rules);
			*/

			// Custom rewrite rules
			$final_rewrite_rules = array();

			if(isset($data['new']['rewrite_rules']) && trim($data['new']['rewrite_rules']) != '') {
			$custom_rewrite_rules = trim($data['new']['rewrite_rules']);
			$custom_rewrites_are_valid = true;
			// use this counter to make sure all curly brackets are properly closed
			$if_level = 0;
			// Make sure we only have Unix linebreaks
			$custom_rewrite_rules = str_replace("\r\n", "\n", $custom_rewrite_rules);
			$custom_rewrite_rules = str_replace("\r", "\n", $custom_rewrite_rules);
			$custom_rewrite_rule_lines = explode("\n", $custom_rewrite_rules);
			if(is_array($custom_rewrite_rule_lines) && !empty($custom_rewrite_rule_lines)){
			foreach($custom_rewrite_rule_lines as $custom_rewrite_rule_line){
			// ignore comments
			if(substr(ltrim($custom_rewrite_rule_line),0,1) == '#'){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			continue;
			}
			// empty lines
			if(trim($custom_rewrite_rule_line) == ''){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			continue;
			}
			// rewrite
			if(preg_match('@^\srewrite\s+(^/)?\S+(\$)?\s+\S+(\s+(last\|break\|redirect\|permanent\|))?\s;\s*$@', $custom_rewrite_rule_line)){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			continue;
			}
			// if
			if(preg_match('@^\sif\s+$\s\$\S+(\s+(\!?(=\|~\|~\))\s+(\S+\|\".+\"))?\s$\s\{\s$@', $custom_rewrite_rule_line)){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			$if_level += 1;
			continue;
			}
			// if - check for files, directories, etc.
			if(preg_match('@^\sif\s+$\s\!?-(f\|d\|e\|x)\s+\S+\s$\s\{\s*$@', $custom_rewrite_rule_line)){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			$if_level += 1;
			continue;
			}
			// break
			if(preg_match('@^\sbreak\s;\s*$@', $custom_rewrite_rule_line)){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			continue;
			}
			// return code [ text ]
			if(preg_match('@^\sreturn\s+\d\d\d.;\s*$@', $custom_rewrite_rule_line)){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			continue;
			}
			// return code URL
			// return URL
			if(preg_match('@^\sreturn(\s+\d\d\d)?\s+(http\|https\|ftp)\://([a-zA-Z0-9\.\-]+(\:[a-zA-Z0-9\.&%\$\-]+)\@)((25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9])\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9]\|0)\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9]\|0)\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[0-9])\|localhost\|([a-zA-Z0-9\-]+\.)[a-zA-Z0-9\-]+\.(com\|edu\|gov\|int\|mil\|net\|org\|biz\|arpa\|info\|name\|pro\|aero\|coop\|museum\|[a-zA-Z]{2}))(\:[0-9]+)(/($\|[a-zA-Z0-9\.\,\?\'\\\+&%\$#\=~_\-]+))\s;\s$@', $custom_rewrite_rule_line)){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			continue;
			}
			// set
			if(preg_match('@^\sset\s+\$\S+\s+\S+\s;\s*$@', $custom_rewrite_rule_line)){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			continue;
			}
			// closing curly bracket
			if(trim($custom_rewrite_rule_line) == '}'){
			$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
			$if_level -= 1;
			continue;
			}
			$custom_rewrites_are_valid = false;
			break;
			}
			}
			if(!$custom_rewrites_are_valid \|\| $if_level != 0){
			$final_rewrite_rules = array();
			}
			}
			$tpl->setLoop('rewrite_rules', $final_rewrite_rules);

			// Custom nginx directives
			$final_nginx_directives = array();
			$nginx_directives = $data['new']['nginx_directives'];
			@@ -953,6 +1081,7 @@
			// Rewrite rules
			$own_rewrite_rules = array();
			$rewrite_rules = array();
			$local_rewrite_rules = array();
			if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
			if(substr($data['new']['redirect_path'],-1) != '/') $data['new']['redirect_path'] .= '/';
			if(substr($data['new']['redirect_path'],0,8) == '[scheme]'){
			@@ -982,6 +1111,7 @@

			switch($data['new']['subdomain']) {
			case 'www':
			$exclude_own_hostname = '';
			if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
			if($data['new']['redirect_type'] == 'proxy'){
			$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
			@@ -1004,6 +1134,7 @@
			break;
			} else {
			$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '\|': '').'stats'.($vhost_data['errordocs'] == 1 ? '\|error' : '').')\b)/';
			$exclude_own_hostname = $tmp_redirect_path_parts['host'];
			}
			} else {
			// external URL
			@@ -1012,7 +1143,8 @@
			$vhost_data['use_proxy'] = 'y';
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}
			}
			unset($tmp_redirect_path);
			@@ -1023,11 +1155,13 @@
			'rewrite_target' => $data['new']['redirect_path'],
			'rewrite_exclude' => $rewrite_exclude,
			'rewrite_subdir' => $rewrite_subdir,
			'exclude_own_hostname' => $exclude_own_hostname,
			'proxy_directives' => $final_proxy_directives,
			'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
			'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
			break;
			case '*':
			$exclude_own_hostname = '';
			if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
			if($data['new']['redirect_type'] == 'proxy'){
			$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
			@@ -1052,6 +1186,7 @@
			break;
			} else {
			$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '\|': '').'stats'.($vhost_data['errordocs'] == 1 ? '\|error' : '').')\b)/';
			$exclude_own_hostname = $tmp_redirect_path_parts['host'];
			}
			} else {
			// external URL
			@@ -1060,7 +1195,8 @@
			$vhost_data['use_proxy'] = 'y';
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}
			}
			unset($tmp_redirect_path);
			@@ -1071,12 +1207,14 @@
			'rewrite_target' => $data['new']['redirect_path'],
			'rewrite_exclude' => $rewrite_exclude,
			'rewrite_subdir' => $rewrite_subdir,
			'exclude_own_hostname' => $exclude_own_hostname,
			'proxy_directives' => $final_proxy_directives,
			'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
			'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
			break;
			default:
			if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
			$exclude_own_hostname = '';
			if($data['new']['redirect_type'] == 'proxy'){
			$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
			$vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'],0,-1);
			@@ -1098,6 +1236,7 @@
			break;
			} else {
			$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '\|': '').'stats'.($vhost_data['errordocs'] == 1 ? '\|error' : '').')\b)/';
			$exclude_own_hostname = $tmp_redirect_path_parts['host'];
			}
			} else {
			// external URL
			@@ -1106,7 +1245,8 @@
			$vhost_data['use_proxy'] = 'y';
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}
			}
			unset($tmp_redirect_path);
			@@ -1117,6 +1257,7 @@
			'rewrite_target' => $data['new']['redirect_path'],
			'rewrite_exclude' => $rewrite_exclude,
			'rewrite_subdir' => $rewrite_subdir,
			'exclude_own_hostname' => $exclude_own_hostname,
			'proxy_directives' => $final_proxy_directives,
			'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
			'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
			@@ -1173,7 +1314,7 @@
			$final_proxy_directives = false;
			}

			if($alias['redirect_type'] == '' \|\| $alias['redirect_path'] == '') {
			if($alias['redirect_type'] == '' \|\| $alias['redirect_path'] == '' \|\| substr($alias['redirect_path'],0,1) == '/') {
			switch($alias['subdomain']) {
			case 'www':
			$server_alias[] = 'www.'.$alias['domain'].' '.$alias['domain'].' ';
			@@ -1196,8 +1337,44 @@
			}
			}

			// Rewriting
			if($alias['redirect_type'] != '' && $alias['redirect_path'] != '') {
			// Local Rewriting (inside vhost server {} container)
			if($alias['redirect_type'] != '' && substr($alias['redirect_path'],0,1) == '/' && $alias['redirect_type'] != 'proxy') { // proxy makes no sense with local path
			if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
			$rewrite_exclude = '(?!/\b('.substr($alias['redirect_path'],1,-1).(substr($alias['redirect_path'],1,-1) != ''? '\|': '').'stats'.($vhost_data['errordocs'] == 1 ? '\|error' : '').')\b)/';
			switch($alias['subdomain']) {
			case 'www':
			// example.com
			$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => $alias['domain'],
			'local_redirect_operator' => '=',
			'local_redirect_exclude' => $rewrite_exclude,
			'local_redirect_target' => $alias['redirect_path'],
			'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);

			// www.example.com
			$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => 'www.'.$alias['domain'],
			'local_redirect_operator' => '=',
			'local_redirect_exclude' => $rewrite_exclude,
			'local_redirect_target' => $alias['redirect_path'],
			'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
			break;
			case '*':
			$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => '^('.str_replace('.', '\.', $alias['domain']).'\|.+\.'.str_replace('.', '\.', $alias['domain']).')$',
			'local_redirect_operator' => '~*',
			'local_redirect_exclude' => $rewrite_exclude,
			'local_redirect_target' => $alias['redirect_path'],
			'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
			break;
			default:
			$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => $alias['domain'],
			'local_redirect_operator' => '=',
			'local_redirect_exclude' => $rewrite_exclude,
			'local_redirect_target' => $alias['redirect_path'],
			'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
			}
			}

			// External Rewriting (extra server {} containers)
			if($alias['redirect_type'] != '' && $alias['redirect_path'] != '' && substr($alias['redirect_path'],0,1) != '/') {
			if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
			if(substr($alias['redirect_path'],0,8) == '[scheme]'){
			if($alias['redirect_type'] != 'proxy'){
			@@ -1209,21 +1386,15 @@

			switch($alias['subdomain']) {
			case 'www':
			if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
			if($alias['redirect_type'] == 'proxy'){
			$rewrite_subdir = substr($alias['redirect_path'],1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			$alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
			} else {
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}

			if($alias['redirect_type'] != 'proxy'){
			if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
			}
			@@ -1243,26 +1414,7 @@
			'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
			'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
			'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));


			if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
			if($alias['redirect_type'] == 'proxy'){
			$rewrite_subdir = substr($alias['redirect_path'],1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			$alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
			} else {
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			}
			if($alias['redirect_type'] != 'proxy'){
			if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
			}

			// Add SEO redirects for alias domains
			$alias_seo_redirects2 = array();
			if($alias['seo_redirect'] != ''){
			@@ -1281,21 +1433,15 @@
			'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
			break;
			case '*':
			if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
			if($alias['redirect_type'] == 'proxy'){
			$rewrite_subdir = substr($alias['redirect_path'],1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			$alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
			} else {
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}

			if($alias['redirect_type'] != 'proxy'){
			if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
			}
			@@ -1317,21 +1463,15 @@
			'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
			break;
			default:
			if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
			if($alias['redirect_type'] == 'proxy'){
			$rewrite_subdir = substr($alias['redirect_path'],1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			$alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
			} else {
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}

			if($alias['redirect_type'] != 'proxy'){
			if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
			}
			@@ -1382,6 +1522,9 @@
			}
			if(count($own_rewrite_rules) > 0) {
			$tpl->setLoop('own_redirects',$own_rewrite_rules);
			}
			if(count($local_rewrite_rules) > 0) {
			$tpl->setLoop('local_redirects',$local_rewrite_rules);
			}
			if(count($alias_seo_redirects) > 0) {
			$tpl->setLoop('alias_seo_redirects',$alias_seo_redirects);
			@@ -1475,19 +1618,33 @@
			if($web_config['check_apache_config'] == 'y') {
			//* Test if nginx starts with the new configuration file
			$nginx_online_status_before_restart = $this->_checkTcp('localhost',80);
			$app->log('nginx status is: '.$nginx_online_status_before_restart,LOGLEVEL_DEBUG);
			$app->log('nginx status is: '.($nginx_online_status_before_restart === true? 'running' : 'down'),LOGLEVEL_DEBUG);

			$app->services->restartService('httpd','restart');
			$retval = $app->services->restartService('httpd','restart'); // $retval['retval'] is 0 on success and > 0 on failure
			$app->log('nginx restart return value is: '.$retval['retval'],LOGLEVEL_DEBUG);

			// wait a few seconds, before we test the apache status again
			sleep(2);

			//* Check if nginx restarted successfully if it was online before
			$nginx_online_status_after_restart = $this->_checkTcp('localhost',80);
			$app->log('nginx online status after restart is: '.$nginx_online_status_after_restart,LOGLEVEL_DEBUG);
			if($nginx_online_status_before_restart && !$nginx_online_status_after_restart) {
			$app->log('nginx did not restart after the configuration change for website '.$data['new']['domain'].' Reverting the configuration. Saved non-working config as '.$vhost_file.'.err',LOGLEVEL_WARN);
			$app->log('nginx online status after restart is: '.($nginx_online_status_after_restart === true? 'running' : 'down'),LOGLEVEL_DEBUG);
			if($nginx_online_status_before_restart && !$nginx_online_status_after_restart \|\| $retval['retval'] > 0) {
			$app->log('nginx did not restart after the configuration change for website '.$data['new']['domain'].'. Reverting the configuration. Saved non-working config as '.$vhost_file.'.err',LOGLEVEL_WARN);
			if(is_array($retval['output']) && !empty($retval['output'])){
			$app->log('Reason for nginx restart failure: '.implode("\n", $retval['output']),LOGLEVEL_WARN);
			$app->dbmaster->datalogError(implode("\n", $retval['output']));
			} else {
			// if no output is given, check again
			exec('nginx -t 2>&1', $tmp_output, $tmp_retval);
			if($tmp_retval > 0 && is_array($tmp_output) && !empty($tmp_output)){
			$app->log('Reason for nginx restart failure: '.implode("\n", $tmp_output),LOGLEVEL_WARN);
			$app->dbmaster->datalogError(implode("\n", $tmp_output));
			}
			unset($tmp_output, $tmp_retval);
			}
			$app->system->copy($vhost_file,$vhost_file.'.err');

			if(is_file($vhost_file.'~')) {
			//* Copy back the last backup file
			$app->system->copy($vhost_file.'~',$vhost_file);
			@@ -1507,8 +1664,14 @@
			//$bundle_file = $ssl_dir.'/'.$domain.'.bundle';

			//* Backup the files that might have caused the error
			if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
			if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
			if(is_file($key_file)){
			$app->system->copy($key_file,$key_file.'.err');
			$app->system->chmod($key_file.'.err',0400);
			}
			if(is_file($key_file2)){
			$app->system->copy($key_file2,$key_file2.'.err');
			$app->system->chmod($key_file2.'.err',0400);
			}
			if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
			if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
			//if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');
			@@ -1527,12 +1690,7 @@
			}
			} else {
			//* We do not check the nginx config after changes (is faster)
			if($nginx_chrooted) {
			$app->services->restartServiceDelayed('httpd','reload');
			} else {
			// request a httpd reload when all records have been processed
			$app->services->restartServiceDelayed('httpd','reload');
			}
			$app->services->restartServiceDelayed('httpd','reload');
			}

			//* The vhost is written and apache has been restarted, so we
			@@ -1569,7 +1727,7 @@
			$app->uses('system');
			$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');

			$app->system->web_folder_protection($data['old']['document_root'],false);
			if($data['old']['type'] == 'vhost' \|\| $data['old']['type'] == 'vhostsubdomain') $app->system->web_folder_protection($data['old']['document_root'],false);

			//* Check if this is a chrooted setup
			if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
			@@ -1583,18 +1741,73 @@
			$web_folder = '';
			if($data['old']['type'] == 'vhostsubdomain') {
			$tmp = $app->db->queryOneRecord('SELECT `domain`,`document_root` FROM web_domain WHERE domain_id = '.intval($data['old']['parent_domain_id']));
			$subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
			if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
			$web_folder = $data['old']['web_folder'];
			$log_folder .= '/' . $subdomain_host;
			if($tmp['domain'] != ''){
			$subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
			} else {
			// get log folder from /etc/fstab
			/*
			$bind_mounts = $app->system->file_get_contents('/etc/fstab');
			$bind_mount_lines = explode("\n", $bind_mounts);
			if(is_array($bind_mount_lines) && !empty($bind_mount_lines)){
			foreach($bind_mount_lines as $bind_mount_line){
			$bind_mount_line = preg_replace('/\s+/', ' ', $bind_mount_line);
			$bind_mount_parts = explode(' ', $bind_mount_line);
			if(is_array($bind_mount_parts) && !empty($bind_mount_parts)){
			if($bind_mount_parts[0] == '/var/log/ispconfig/httpd/'.$data['old']['domain'] && $bind_mount_parts[2] == 'none' && strpos($bind_mount_parts[3], 'bind') !== false){
			$subdomain_host = str_replace($data['old']['document_root'].'/log/', '', $bind_mount_parts[1]);
			}
			}
			}
			}
			*/
			// we are deleting the parent domain, so we can delete everything in the log directory
			$subdomain_hosts = array();
			$files = array_diff(scandir($data['old']['document_root'].'/'.$log_folder), array('.','..'));
			if(is_array($files) && !empty($files)){
			foreach($files as $file){
			if(is_dir($data['old']['document_root'].'/'.$log_folder.'/'.$file)){
			$subdomain_hosts[] = $file;
			}
			}
			}
			}
			if(is_array($subdomain_hosts) && !empty($subdomain_hosts)){
			$log_folders = array();
			foreach($subdomain_hosts as $subdomain_host){
			$log_folders[] = $log_folder.'/'.$subdomain_host;
			}
			} else {
			if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
			$log_folder .= '/' . $subdomain_host;
			}
			$web_folder = $data['old']['web_folder'];
			unset($tmp);
			unset($subdomain_hosts);
			}

			exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
			if($data['old']['type'] == 'vhost' \|\| $data['old']['type'] == 'vhostsubdomain'){
			if(is_array($log_folders) && !empty($log_folders)){
			foreach($log_folders as $log_folder){
			//if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
			exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
			}
			} else {
			//if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
			exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
			}
			}

			//* remove mountpoint from fstab
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind 0 0';
			$app->system->removeLine('/etc/fstab',$fstab_line);
			if(is_array($log_folders) && !empty($log_folders)){
			foreach($log_folders as $log_folder){
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
			$app->system->removeLine('/etc/fstab',$fstab_line);
			}
			} else {
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
			$app->system->removeLine('/etc/fstab',$fstab_line);
			}
			unset($log_folders);

			if($data['old']['type'] != 'vhost' && $data['old']['type'] != 'vhostsubdomain' && $data['old']['parent_domain_id'] > 0) {
			//* This is a alias domain or subdomain, so we have to update the website instead
			@@ -1760,11 +1973,11 @@
			$vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']);
			if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir,'..')) exec('rm -rf '.$vhost_logfile_dir);
			$app->log('Removing website logfile directory: '.$vhost_logfile_dir,LOGLEVEL_DEBUG);


			if($data['old']['type'] == 'vhost') {
			//delete the web user
			$command = 'userdel';
			$command .= ' '.$data['old']['system_user'];
			$command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel';
			$command .= ' '.escapeshellcmd($data['old']['system_user']);
			exec($command);
			if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);

			@@ -2274,13 +2487,61 @@
			}
			}

			private function nginx_replace($matches){
			$location = 'location'.($matches[1] != '' ? ' '.$matches[1] : '').' '.$matches[2].' '.$matches[3];
			if($matches[4] == '##merge##' \|\| $matches[7] == '##merge##') $location .= ' ##merge##';
			if($matches[4] == '##delete##' \|\| $matches[7] == '##delete##') $location .= ' ##delete##';
			$location .= "\n";
			$location .= $matches[5]."\n";
			$location .= $matches[6];
			return $location;
			}

			private function nginx_merge_locations($vhost_conf){

			$lines = explode("\n", $vhost_conf);

			// if whole location block is in one line, split it up into multiple lines
			if(is_array($lines) && !empty($lines)){
			$linecount = sizeof($lines);
			for($h=0;$h<$linecount;$h++){
			// remove comments
			if(substr(trim($lines[$h]),0,1) == '#'){
			unset($lines[$h]);
			continue;
			}

			$lines[$h] = rtrim($lines[$h]);
			/*
			if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], ';') !== false){
			$lines[$h] = str_replace("{", "{\n", $lines[$h]);
			$lines[$h] = str_replace(";", ";\n", $lines[$h]);
			if(strpos($lines[$h], '##merge##') !== false){
			$lines[$h] = str_replace('##merge##', '', $lines[$h]);
			$lines[$h] = substr($lines[$h],0,strpos($lines[$h], '{')).' ##merge##'.substr($lines[$h],strpos($lines[$h], '{')+1);
			}
			}
			if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], '}') !== false && strpos($lines[$h], ';') === false){
			$lines[$h] = str_replace("{", "{\n", $lines[$h]);
			if(strpos($lines[$h], '##merge##') !== false){
			$lines[$h] = str_replace('##merge##', '', $lines[$h]);
			$lines[$h] = substr($lines[$h],0,strpos($lines[$h], '{')).' ##merge##'.substr($lines[$h],strpos($lines[$h], '{')+1);
			}
			}
			*/
			$pattern = '/^[^\S\n]location[^\S\n]+(?:(.+)[^\S\n]+)?(.+)[^\S\n](\{)[^\S\n](##merge##\|##delete##)?[^\S\n](.+)[^\S\n](\})[^\S\n](##merge##\|##delete##)?[^\S\n]*$/';
			$lines[$h] = preg_replace_callback($pattern, array($this, 'nginx_replace') ,$lines[$h]);
			}
			}
			$vhost_conf = implode("\n", $lines);
			unset($lines);
			unset($linecount);

			$lines = explode("\n", $vhost_conf);

			if(is_array($lines) && !empty($lines)){
			$locations = array();
			$locations_to_delete = array();
			$islocation = false;
			$linecount = sizeof($lines);
			$server_count = 0;
			@@ -2307,12 +2568,12 @@
			unset($loc_parts);

			if(!isset($locations[$location]['action'])) $locations[$location]['action'] = 'replace';
			if(substr($l, -9) == '##merge##'){
			$locations[$location]['action'] = 'merge';
			}
			if(substr($l, -9) == '##merge##') $locations[$location]['action'] = 'merge';
			if(substr($l, -10) == '##delete##') $locations[$location]['action'] = 'delete';

			if(!isset($locations[$location]['open_tag'])) $locations[$location]['open_tag'] = ' location '.$location.' {';
			if(!isset($locations[$location]['location']) \|\| $locations[$location]['action'] == 'replace') $locations[$location]['location'] = '';
			if($locations[$location]['action'] == 'delete') $locations_to_delete[] = $location;
			if(!isset($locations[$location]['end_tag'])) $locations[$location]['end_tag'] = ' }';
			if(!isset($locations[$location]['start_line'])) $locations[$location]['start_line'] = $i;

			@@ -2339,6 +2600,12 @@
			}

			if(is_array($locations) && !empty($locations)){
			if(is_array($locations_to_delete) && !empty($locations_to_delete)){
			foreach($locations_to_delete as $location_to_delete){
			if(isset($locations[$location_to_delete])) unset($locations[$location_to_delete]);
			}
			}

			foreach($locations as $key => $val){
			$new_location = $val['open_tag']."\n".$val['location'].$val['end_tag'];
			$lines[$val['start_line']] = $new_location;
			@@ -2348,7 +2615,7 @@
			$vhost_conf = implode("\n", $lines);
			}

			return $vhost_conf;
			return trim($vhost_conf);
			}

			function client_delete($event_name,$data) {
			@@ -2362,12 +2629,25 @@

			$client_dir = $web_config['website_basedir'].'/clients/client'.$client_id;
			if(is_dir($client_dir) && !stristr($client_dir,'..')) {
			// remove symlinks from $client_dir
			$files = array_diff(scandir($client_dir), array('.','..'));
			if(is_array($files) && !empty($files)){
			foreach($files as $file){
			if(is_link($client_dir.'/'.$file)){
			unlink($client_dir.'/'.$file);
			$app->log('Removed symlink: '.$client_dir.'/'.$file,LOGLEVEL_DEBUG);
			}
			}
			}

			@rmdir($client_dir);
			$app->log('Removed client directory: '.$client_dir,LOGLEVEL_DEBUG);
			}

			$this->_exec('groupdel client'.$client_id);
			$app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);
			if($app->system->is_group('client'.$client_id)){
			$this->_exec('groupdel client'.$client_id);
			$app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);
			}
			}

			}