gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -827,10 +827,9 @@
			//* Create basic http auth for website statistics
			$tpl->setVar('stats_auth_passwd_file', $data['new']['document_root']."/.htpasswd_stats");

			// include file for basic http auth
			$basic_auth_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.auth');
			@touch($basic_auth_file);
			$tpl->setVar('include_basic_auth', 'include '.$basic_auth_file.';');
			// Create basic http auth for other directories
			$basic_auth_locations = $this->_create_web_folder_auth_configuration($data['new']);
			if(is_array($basic_auth_locations) && !empty($basic_auth_locations)) $tpl->setLoop('basic_auth_locations', $basic_auth_locations);

			$vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost');
			//* Make a backup copy of vhost file
			@@ -952,9 +951,9 @@

			//* Check if this is a chrooted setup
			if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
			$apache_chrooted = true;
			$nginx_chrooted = true;
			} else {
			$apache_chrooted = false;
			$nginx_chrooted = false;
			}

			if($data['old']['type'] != 'vhost' && $data['old']['parent_domain_id'] > 0) {
			@@ -969,26 +968,34 @@

			} else {
			//* This is a website
			// Deleting the vhost file, symlink and the data directory
			$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
			unlink($vhost_symlink);
			$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);

			// Deleting the vhost file, symlink and the data directory
			$vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');

			$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
			if(is_link($vhost_symlink)){
			unlink($vhost_symlink);
			$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
			}
			$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost');
			if(is_link($vhost_symlink)){
			unlink($vhost_symlink);
			$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
			}
			$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');
			if(is_link($vhost_symlink)){
			unlink($vhost_symlink);
			$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
			}

			unlink($vhost_file);
			$app->log('Removing vhost file: '.$vhost_file,LOGLEVEL_DEBUG);

			// delete file for basic http authentication
			$basic_auth_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.auth');
			unlink($basic_auth_file);
			$app->log('Removing auth file: '.$basic_auth_file,LOGLEVEL_DEBUG);

			$docroot = escapeshellcmd($data['old']['document_root']);
			if($docroot != '' && !stristr($docroot,'..')) exec('rm -rf '.$docroot);


			//remove the php fastgi starter script if available
			//remove the php fastgi starter script and PHP-FPM pool definition if available
			if ($data['old']['php'] == 'fast-cgi') {
			$this->php_fpm_pool_delete($data,$web_config);
			$fastcgi_starter_path = str_replace('[system_user]',$data['old']['system_user'],$web_config['fastcgi_starter_path']);
			if (is_dir($fastcgi_starter_path)) {
			exec('rm -rf '.$fastcgi_starter_path);
			@@ -1037,16 +1044,14 @@
			$command = 'userdel';
			$command .= ' '.$data['old']['system_user'];
			exec($command);
			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
			if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);

			//* Remove the awstats configuration file
			if($data['old']['stats_type'] == 'awstats') {
			$this->awstats_delete($data,$web_config);
			}

			if($data['old']['php'] == 'fast-cgi') {
			$this->php_fpm_pool_delete($data,$web_config);
			}
			$app->services->restartServiceDelayed('httpd','reload');

			}
			}
			@@ -1100,7 +1105,7 @@
			if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
			if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
			$folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
			if(substr($folder_path,-1 != '/')) $folder_path .= '/';
			if(substr($folder_path,-1) != '/') $folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(stristr($folder_path,'..') \|\| stristr($folder_path,'./') \|\| stristr($folder_path,'\\')) {
			@@ -1118,6 +1123,7 @@
			$app->log('Created file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
			}

			/*
			$auth_users = $app->db->queryAllRecords("SELECT * FROM web_folder_user WHERE active = 'y' AND web_folder_id = ".intval($folder_id));
			$htpasswd_content = '';
			if(is_array($auth_users) && !empty($auth_users)){
			@@ -1128,9 +1134,9 @@
			$htpasswd_content = trim($htpasswd_content);
			@file_put_contents($folder_path.'.htpasswd', $htpasswd_content);
			$app->log('Changed .htpasswd file: '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
			*/

			/*
			if($data['new']['username'] != $data['old']['username'] \|\| $data['new']['active'] == 'n') {
			if(($data['new']['username'] != $data['old']['username'] \|\| $data['new']['active'] == 'n') && $data['old']['username'] != '') {
			$app->system->removeLine($folder_path.'.htpasswd',$data['old']['username'].':');
			$app->log('Removed user: '.$data['old']['username'],LOGLEVEL_DEBUG);
			}
			@@ -1145,9 +1151,10 @@
			$app->log('Added or updated user: '.$data['new']['username'],LOGLEVEL_DEBUG);
			}
			}
			*/

			$this->_create_web_folder_auth_configuration($website);
			// write basic auth configuration to vhost file because nginx does not support .htaccess
			$webdata['new'] = $webdata['old'] = $website;
			$this->update('web_domain_update', $webdata);
			}

			//* Remove .htpasswd file, when folder protection is removed
			@@ -1156,7 +1163,7 @@

			$folder_id = $data['old']['web_folder_id'];

			$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
			$folder = $data['old'];
			$website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));

			if(!is_array($folder) or !is_array($website)) {
			@@ -1168,7 +1175,7 @@
			if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
			if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
			$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
			if(substr($folder_path,-1 != '/')) $folder_path .= '/';
			if(substr($folder_path,-1) != '/') $folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
			@@ -1182,7 +1189,9 @@
			$app->log('Removed file '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
			}

			$this->_create_web_folder_auth_configuration($website);
			// write basic auth configuration to vhost file because nginx does not support .htaccess
			$webdata['new'] = $webdata['old'] = $website;
			$this->update('web_domain_update', $webdata);
			}

			//* Update folder protection, when path has been changed
			@@ -1199,13 +1208,13 @@
			//* Get the folder path.
			if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);
			if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);
			$old_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['old']['path']);
			if(substr($old_folder_path,-1 != '/')) $old_folder_path .= '/';
			$old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
			if(substr($old_folder_path,-1) != '/') $old_folder_path .= '/';

			if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);
			if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);
			$new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
			if(substr($new_folder_path,-1 != '/')) $new_folder_path .= '/';
			if(substr($new_folder_path,-1) != '/') $new_folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(stristr($new_folder_path,'..') \|\| stristr($new_folder_path,'./') \|\| stristr($new_folder_path,'\\')) {
			@@ -1236,12 +1245,14 @@
			//* move .htpasswd file
			if(is_file($old_folder_path.'.htpasswd')) {
			rename($old_folder_path.'.htpasswd',$new_folder_path.'.htpasswd');
			$app->log('Moved file '.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);
			$app->log('Moved file '.$old_folder_path.'.htpasswd to '.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);
			}

			}

			$this->_create_web_folder_auth_configuration($website);
			// write basic auth configuration to vhost file because nginx does not support .htaccess
			$webdata['new'] = $webdata['old'] = $website;
			$this->update('web_domain_update', $webdata);
			}

			function _create_web_folder_auth_configuration($website){
			@@ -1250,24 +1261,28 @@
			$app->uses('getconf');
			$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
			$basic_auth_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$website['domain'].'.auth');
			$app->load('tpl');
			$tpl = new tpl();
			$tpl->newTemplate('nginx_http_authentication.auth.master');
			//$app->load('tpl');
			//$tpl = new tpl();
			//$tpl->newTemplate('nginx_http_authentication.auth.master');
			$website_auth_locations = $app->db->queryAllRecords("SELECT * FROM web_folder WHERE active = 'y' AND parent_domain_id = ".intval($website['domain_id']));
			$basic_auth_locations = array();
			if(is_array($website_auth_locations) && !empty($website_auth_locations)){
			foreach($website_auth_locations as $website_auth_location){
			if(substr($website_auth_location['path'],0,1) == '/') $website_auth_location['path'] = substr($website_auth_location['path'],1);
			if(substr($website_auth_location['path'],-1) == '/') $website_auth_location['path'] = substr($website_auth_location['path'],0,-1);
			$basic_auth_locations[] = array('htpasswd_location' => $website_auth_location['path'],
			if($website_auth_location['path'] != ''){
			$website_auth_location['path'] .= '/';
			}
			$basic_auth_locations[] = array('htpasswd_location' => '/'.$website_auth_location['path'],
			'htpasswd_path' => $website['document_root'].'/web/'.$website_auth_location['path']);
			}
			}
			$tpl->setLoop('basic_auth_locations', $basic_auth_locations);
			file_put_contents($basic_auth_file,$tpl->grab());
			$app->log('Writing the http basic authentication file: '.$basic_auth_file,LOGLEVEL_DEBUG);
			unset($tpl);
			$app->services->restartServiceDelayed('httpd','reload');
			return $basic_auth_locations;
			//$tpl->setLoop('basic_auth_locations', $basic_auth_locations);
			//file_put_contents($basic_auth_file,$tpl->grab());
			//$app->log('Writing the http basic authentication file: '.$basic_auth_file,LOGLEVEL_DEBUG);
			//unset($tpl);
			//$app->services->restartServiceDelayed('httpd','reload');
			}

			//* Update the awstats configuration file
			@@ -1408,7 +1423,7 @@

			$pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
			if(substr($pool_dir,-1) != '/') $pool_dir .= '/';
			$pool_name = 'web'.$data['new']['domain_id'];
			$pool_name = 'web'.$data['old']['domain_id'];

			if ( @is_file($pool_dir.$pool_name.'.conf') ) {
			unlink($pool_dir.$pool_name.'.conf');