Fixed: redirect_paths can contain colons like http://www.mydomain.com/cms/a...

mcramer

2012-10-19 e56995b9f8ebbac6de8f858f8996b254f8b2d59d

 server/plugins-available/shelluser_jailkit_plugin.inc.php

@@ -71,7 +71,7 @@
      global $app, $conf;
      
      $app->uses('system');
      $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$this->data['new']['parent_domain_id']);
      $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['new']['parent_domain_id']);
      
      if($app->system->is_user($data['new']['username'])) {
      
@@ -80,7 +80,7 @@
          */
         if ($data['new']['chroot'] == "jailkit")
         {
            $app->system->web_folder_protection($web['document_root'],false);
				
            
            // load the server configuration options
            $app->uses("getconf");
@@ -89,6 +89,8 @@
            $this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
            
            $this->_update_website_security_level();
				
            $app->system->web_folder_protection($web['document_root'],false);
         
            $this->_setup_jailkit_chroot();
            
@@ -97,7 +99,12 @@
            //* call the ssh-rsa update function
            $this->_setup_ssh_rsa();
            
            $command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']);
            //$command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']);
            //exec($command);
            $app->system->usermod($data['new']['username'], 0, 0, '', '/usr/sbin/jk_chrootsh', '', '');
				
            //* Unlock user
            $command = 'usermod -U '.escapeshellcmd($data['new']['username']);
            exec($command);
            
            $this->_update_website_security_level();
@@ -117,7 +124,7 @@
      global $app, $conf;
      
      $app->uses('system');
      $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$this->data['new']['parent_domain_id']);
      $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['new']['parent_domain_id']);
      
      if($app->system->is_user($data['new']['username'])) {
      
@@ -126,7 +133,6 @@
          */
         if ($data['new']['chroot'] == "jailkit")
         {
            $app->system->web_folder_protection($web['document_root'],false);
            
            // load the server configuration options
            $app->uses("getconf");
@@ -135,6 +141,8 @@
            $this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
            
            $this->_update_website_security_level();
				
            $app->system->web_folder_protection($web['document_root'],false);
         
            $this->_setup_jailkit_chroot();
            $this->_add_jailkit_user();
@@ -164,7 +172,7 @@
      
      $app->uses('system');
      
      $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$this->data['old']['parent_domain_id']);
      $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['old']['parent_domain_id']);
      
      if ($data['old']['chroot'] == "jailkit")
      {
@@ -222,12 +230,12 @@
            $tpl->setVar('home_dir',$this->_get_home_dir(""));
            
            $bashrc = escapeshellcmd($this->data['new']['dir']).'/etc/bash.bashrc';
            if(@is_file($bashrc)) unlink($bashrc);
            if(@is_file($bashrc) || @is_link($bashrc)) unlink($bashrc);
            
            file_put_contents($bashrc,$tpl->grab());
            unset($tpl);
            
            $this->app->log("Added bashrc scrpt : ".$bashrc,LOGLEVEL_DEBUG);
            $this->app->log("Added bashrc script : ".$bashrc,LOGLEVEL_DEBUG);
            
            $tpl = new tpl();
            $tpl->newTemplate("motd.master");
@@ -235,7 +243,7 @@
            $tpl->setVar('domain',$web['domain']);
            
            $motd = escapeshellcmd($this->data['new']['dir']).'/var/run/motd';
            if(@is_file($motd)) unlink($motd);
            if(@is_file($motd) || @is_link($motd)) unlink($motd);
            
            file_put_contents($motd,$tpl->grab());
            
@@ -285,6 +293,7 @@
         //* Change the homedir of the shell user and parent user
         //* We have to do this manually as the usermod command fails 
         //* when the user is logged in or a command is running under that user
         /*
         $passwd_file_array = file('/etc/passwd');
         $passwd_out = '';
         if(is_array($passwd_file_array)) {
@@ -301,8 +310,10 @@
                  $app->system->replaceLine('/etc/passwd',$line,$new_line,1,0);
               }
            }
         }
         }*/
         
         $app->system->usermod($this->data['new']['username'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, '/usr/sbin/jk_chrootsh');
         $app->system->usermod($this->data['new']['puser'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, '/usr/sbin/jk_chrootsh');
            
         $this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);
                  
@@ -333,9 +344,12 @@
      $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$this->data['new']['parent_domain_id']);
      
      //* If the security level is set to high
      if($web_config['security_level'] == 20) {
         $this->_exec('chmod 755 '.escapeshellcmd($web["document_root"]));
         $this->_exec('chown root:root '.escapeshellcmd($web["document_root"]));
      if($web_config['security_level'] == 20 && is_array($web)) {
         $app->system->web_folder_protection($web["document_root"],false);
         $app->system->chmod($web["document_root"],0755);
         $app->system->chown($web["document_root"],'root');
         $app->system->chgrp($web["document_root"],'root');
         $app->system->web_folder_protection($web["document_root"],true);
      }
      
   }