ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
tbrehm
2011-12-15 e589cc1dbb43111f7b7ecf21c99820baa8b7f45c 
 server/plugins-available/apache2_plugin.inc.php


@@ -167,7 +167,7 @@


               $app->log("Creating CA-signed SSL Cert for: $domain",LOGLEVEL_DEBUG);


               if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed.  openssl ca -out $crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $csr_file",LOGLEVEL_ERROR);


            };


            if (filesize($crt_file)==0 || !file_exists($crt_file)){


            if (@filesize($crt_file)==0 || !file_exists($crt_file)){


               exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file ");


               $app->log("Creating self-signed SSL Cert for: $domain",LOGLEVEL_DEBUG);


            };


@@ -190,7 +190,7 @@


      //* Save a SSL certificate to disk


      if($data["new"]["ssl_action"] == 'save') {


         $ssl_dir = $data["new"]["document_root"]."/ssl";


         $domain = $data["new"]["ssl_domain"];


         $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];


         $csr_file = $ssl_dir.'/'.$domain.".csr";


         $crt_file = $ssl_dir.'/'.$domain.".crt";


         $bundle_file = $ssl_dir.'/'.$domain.".bundle";


@@ -207,7 +207,7 @@


      //* Delete a SSL certificate


      if($data['new']['ssl_action'] == 'del') {


         $ssl_dir = $data['new']['document_root'].'/ssl';


         $domain = $data['new']['ssl_domain'];


         $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];


         $csr_file = $ssl_dir.'/'.$domain.'.csr';


         $crt_file = $ssl_dir.'/'.$domain.'.crt';


         $bundle_file = $ssl_dir.'/'.$domain.'.bundle';


@@ -227,7 +227,6 @@


         $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");


         $app->log('Deleting SSL Cert for: '.$domain,LOGLEVEL_DEBUG);


      }






   }




@@ -288,6 +287,23 @@


      if($data['new']['system_user'] == 'root' or $data['new']['system_group'] == 'root') {


         $app->log('Websites cannot be owned by the root user or group.',LOGLEVEL_WARN);


         return 0;


      }


		


      // Create group and user, if not exist


      $app->uses('system');




      $groupname = escapeshellcmd($data['new']['system_group']);


      if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {


         exec('groupadd '.$groupname);


         if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);


         $app->log('Adding the group: '.$groupname,LOGLEVEL_DEBUG);


      }




      $username = escapeshellcmd($data['new']['system_user']);


      if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {


         exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");


         if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");


         $app->log('Adding the user: '.$username,LOGLEVEL_DEBUG);


      }




      //* If the client of the site has been changed, we have a change of the document root


@@ -511,23 +527,6 @@


         exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);


      }  // end copy error docs




      // Create group and user, if not exist


      $app->uses('system');




      $groupname = escapeshellcmd($data['new']['system_group']);


      if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {


         exec('groupadd '.$groupname);


         if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);


         $app->log('Adding the group: '.$groupname,LOGLEVEL_DEBUG);


      }




      $username = escapeshellcmd($data['new']['system_user']);


      if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {


         exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");


         if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");


         $app->log('Adding the user: '.$username,LOGLEVEL_DEBUG);


      }




      // Set the quota for the user


      if($username != '' && $app->system->is_user($username)) {


         if($data['new']['hd_quota'] > 0) {


@@ -542,74 +541,76 @@




      if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) {


         // Chown and chmod the directories below the document root


         $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));


         $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/web');


         // The document root itself has to be owned by root in normal level and by the web owner in security level 20


         if($web_config['security_level'] == 20) {


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/web');


         } else {


            $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));


            $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/web');


         }


      }








      //* If the security level is set to high


      if($web_config['security_level'] == 20) {


      if($this->action == 'insert' && $data['new']['type'] == 'vhost') {


         if($web_config['security_level'] == 20) {




         $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));


         $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']).'/*');


         $this->_exec('chmod 710 '.escapeshellcmd($data['new']['document_root'].'/web'));


            $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));


            $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']).'/*');


            $this->_exec('chmod 710 '.escapeshellcmd($data['new']['document_root'].'/web'));




         // make tmp directory writable for Apache and the website users


         $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));


            // make tmp directory writable for Apache and the website users


            $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));


         


         // Set Log symlink to 755 to make the logs accessible by the FTP user


         $this->_exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"])."/log");


            // Set Log symlink to 755 to make the logs accessible by the FTP user


            $this->_exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"])."/log");




         $command = 'usermod';


         $command .= ' --groups sshusers';


         $command .= ' '.escapeshellcmd($data['new']['system_user']);


         $this->_exec($command);


            $command = 'usermod';


            $command .= ' --groups sshusers';


            $command .= ' '.escapeshellcmd($data['new']['system_user']);


            $this->_exec($command);




         //* if we have a chrooted Apache environment


         if($apache_chrooted) {


            $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);


            //* if we have a chrooted Apache environment


            if($apache_chrooted) {


               $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);




            //* add the apache user to the client group in the chroot environment


            $tmp_groupfile = $app->system->server_conf['group_datei'];


            $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';


               //* add the apache user to the client group in the chroot environment


               $tmp_groupfile = $app->system->server_conf['group_datei'];


               $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';


               $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));


               $app->system->server_conf['group_datei'] = $tmp_groupfile;


               unset($tmp_groupfile);


            }




            //* add the Apache user to the client group


            $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));


            $app->system->server_conf['group_datei'] = $tmp_groupfile;


            unset($tmp_groupfile);


         }




         //* add the Apache user to the client group


         $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));




         $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));


            /*


            * Workaround for jailkit: If jailkit is enabled for the site, the 


            * website root has to be owned by the root user and we have to chmod it to 755 then


            */




         /*


         * Workaround for jailkit: If jailkit is enabled for the site, the 


         * website root has to be owned by the root user and we have to chmod it to 755 then


         */


            //* Check if there is a jailkit user for this site


            $tmp = $app->db->queryOneRecord('SELECT count(shell_user_id) as number FROM shell_user WHERE parent_domain_id = '.$data['new']['domain_id']." AND chroot = 'jailkit'");


            if($tmp['number'] > 0) {


               $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root']));


               $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));


            }


            unset($tmp);




         //* Check if there is a jailkit user for this site


         $tmp = $app->db->queryOneRecord('SELECT count(shell_user_id) as number FROM shell_user WHERE parent_domain_id = '.$data['new']['domain_id']." AND chroot = 'jailkit'");


         if($tmp['number'] > 0) {


            // If the security Level is set to medium


         } else {




            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root']));


            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/*'));


            $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));




            // make temp directory writable for Apache and the website users


            $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));


         }


         unset($tmp);




         // If the security Level is set to medium


      } else {




         $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root']));


         $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/*'));


         $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));




         // make temp directory writable for Apache and the website users


         $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));


      }




      // Change the ownership of the error log to the owner of the website


@@ -636,7 +637,7 @@


         if($master_php_ini_path != '' && substr($master_php_ini_path,-7) == 'php.ini' && is_file($master_php_ini_path)) {


            $php_ini_content .= file_get_contents($master_php_ini_path)."\n";


         }


         $php_ini_content .= trim($data['new']['custom_php_ini']);


         $php_ini_content .= str_replace("\r",'',trim($data['new']['custom_php_ini']));


         file_put_contents($custom_php_ini_dir.'/php.ini',$php_ini_content);


      } else {


         $has_custom_php_ini = false;


@@ -651,6 +652,7 @@


      $tpl->newTemplate('vhost.conf.master');




      $vhost_data = $data['new'];


      //unset($vhost_data['ip_address']);


      $vhost_data['web_document_root'] = $data['new']['document_root'].'/web';


      $vhost_data['web_document_root_www'] = $web_config['website_basedir'].'/'.$data['new']['domain'].'/web';


      $vhost_data['web_basedir'] = $web_config['website_basedir'];


@@ -668,6 +670,7 @@


      $crt_file = $ssl_dir.'/'.$domain.'.crt';


      $bundle_file = $ssl_dir.'/'.$domain.'.bundle';




      /*


      if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {


         $vhost_data['ssl_enabled'] = 1;


         $app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);


@@ -675,6 +678,7 @@


         $vhost_data['ssl_enabled'] = 0;


         $app->log('SSL Disabled. '.$domain,LOGLEVEL_DEBUG);


      }


      */




      if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;




@@ -824,12 +828,13 @@


         $tpl->setVar('alias','');


      }




      if(count($rewrite_rules) > 0) {


      if(count($rewrite_rules) > 0 || $vhost_data['seo_redirect_enabled'] > 0) {


         $tpl->setVar('rewrite_enabled',1);


      } else {


         $tpl->setVar('rewrite_enabled',0);


      }


      $tpl->setLoop('redirects',$rewrite_rules);




      //$tpl->setLoop('redirects',$rewrite_rules);




      /**


       * install fast-cgi starter script and add script aliasd config


@@ -951,6 +956,49 @@


      //* Make a backup copy of vhost file


      if(file_exists($vhost_file)) copy($vhost_file,$vhost_file.'~');


      


      //* create empty vhost array


      $vhosts = array();


		


      //* Add vhost for ipv4 IP	


      if(count($rewrite_rules) > 0){


         $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80, 'redirects' => $rewrite_rules);


      } else {


         $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80);


      }


		


      //* Add vhost for ipv4 IP with SSL


      if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {


         if(count($rewrite_rules) > 0){


            $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443', 'redirects' => $rewrite_rules);


         } else {


            $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443');


         }


         $app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);


      }


		


      //* Add vhost for IPv6 IP


      if($data['new']['ipv6_address'] != '') {


         if(count($rewrite_rules) > 0){


            $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80, 'redirects' => $rewrite_rules);


         } else {


            $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80);


         }


		


         //* Add vhost for ipv6 IP with SSL


         if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {


				


            if(count($rewrite_rules) > 0){


               $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443', 'redirects' => $rewrite_rules);


            } else {


               $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443');


            }


            $app->log('Enable SSL for IPv6: '.$domain,LOGLEVEL_DEBUG);


         }


      }


		


      //* Set the vhost loop


      $tpl->setLoop('vhosts',$vhosts);


		


      //* Write vhost file


      file_put_contents($vhost_file,$tpl->grab());


      $app->log('Writing the vhost file: '.$vhost_file,LOGLEVEL_DEBUG);


@@ -999,6 +1047,11 @@


            $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);


         }


         $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');


         if(is_link($vhost_symlink)) {


            unlink($vhost_symlink);


            $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);


         }


         $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');


         if(is_link($vhost_symlink)) {


            unlink($vhost_symlink);


            $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);


@@ -1096,11 +1149,24 @@


      } else {


         //* This is a website


         // Deleting the vhost file, symlink and the data directory


         $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');


         unlink($vhost_symlink);


         $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);




         $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');


			


         $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');


         if(is_link($vhost_symlink)){


            unlink($vhost_symlink);


            $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);


         }


         $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost');


         if(is_link($vhost_symlink)){


            unlink($vhost_symlink);


            $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);


         }


         $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');


         if(is_link($vhost_symlink)){


            unlink($vhost_symlink);


            $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);


         }


			


         unlink($vhost_file);


         $app->log('Removing vhost file: '.$vhost_file,LOGLEVEL_DEBUG);




@@ -1163,6 +1229,13 @@


         //* Remove the awstats configuration file


         if($data['old']['stats_type'] == 'awstats') {


            $this->awstats_delete($data,$web_config);


         }


			


         if($apache_chrooted) {


            $app->services->restartServiceDelayed('httpd','restart');


         } else {


            // request a httpd reload when all records have been processed


            $app->services->restartServiceDelayed('httpd','reload');


         }




      }


@@ -1238,7 +1311,7 @@


      if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);


      if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);


      $folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);


      if(substr($folder_path,-1 != '/')) $folder_path .= '/';


      if(substr($folder_path,-1) != '/') $folder_path .= '/';


      


      //* Check if the resulting path is inside the docroot


      if(stristr($folder_path,'..') || stristr($folder_path,'./') || stristr($folder_path,'\\')) {


@@ -1253,10 +1326,23 @@


      if(!is_file($folder_path.'.htpasswd')) {


         touch($folder_path.'.htpasswd');


         chmod($folder_path.'.htpasswd',0755);


         $app->log('Created file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);


         $app->log('Created file '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);


      }


      


      if($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') {


      /*


      $auth_users = $app->db->queryAllRecords("SELECT * FROM web_folder_user WHERE active = 'y' AND web_folder_id = ".intval($folder_id));


      $htpasswd_content = '';


      if(is_array($auth_users) && !empty($auth_users)){


         foreach($auth_users as $auth_user){


            $htpasswd_content .= $auth_user['username'].':'.$auth_user['password']."\n";


         }


      }


      $htpasswd_content = trim($htpasswd_content);


      @file_put_contents($folder_path.'.htpasswd', $htpasswd_content);


      $app->log('Changed .htpasswd file: '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);


      */


		


      if(($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') && $data['old']['username'] != '') {


         $app->system->removeLine($folder_path.'.htpasswd',$data['old']['username'].':');


         $app->log('Removed user: '.$data['old']['username'],LOGLEVEL_DEBUG);


      }


@@ -1272,13 +1358,14 @@


         }


      }


      


		


      //* Create the .htaccess file


      if(!is_file($folder_path.'.htaccess')) {


      //if(!is_file($folder_path.'.htaccess')) {


         $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";


         file_put_contents($folder_path.'.htaccess',$ht_file);


         chmod($folder_path.'.htpasswd',0755);


         $app->log('Created file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);


      }


         $app->log('Created file '.$folder_path.'.htaccess',LOGLEVEL_DEBUG);


      //}


      


   }


   


@@ -1288,7 +1375,7 @@


      


      $folder_id = $data['old']['web_folder_id'];


      


      $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));


      $folder = $data['old'];


      $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));


      


      if(!is_array($folder) or !is_array($website)) {


@@ -1297,8 +1384,10 @@


      }


      


      //* Get the folder path.


      if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);


      if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);


      $folder_path = realpath($website['document_root'].'/web/'.$folder['path']);


      if(substr($folder_path,-1 != '/')) $folder_path .= '/';


      if(substr($folder_path,-1) != '/') $folder_path .= '/';


      


      //* Check if the resulting path is inside the docroot


      if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {


@@ -1309,13 +1398,13 @@


      //* Remove .htpasswd file


      if(is_file($folder_path.'.htpasswd')) {


         unlink($folder_path.'.htpasswd');


         $app->log('Removed file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);


         $app->log('Removed file '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);


      }


      


      //* Remove .htaccess file


      if(is_file($folder_path.'.htaccess')) {


         unlink($folder_path.'.htaccess');


         $app->log('Removed file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);


         $app->log('Removed file '.$folder_path.'.htaccess',LOGLEVEL_DEBUG);


      }


   }


   


@@ -1331,11 +1420,15 @@


      }


      


      //* Get the folder path.


      if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);


      if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);


      $old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);


      if(substr($old_folder_path,-1 != '/')) $old_folder_path .= '/';


      if(substr($old_folder_path,-1) != '/') $old_folder_path .= '/';


         


      if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);


      if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);


      $new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);


      if(substr($new_folder_path,-1 != '/')) $new_folder_path .= '/';


      if(substr($new_folder_path,-1) != '/') $new_folder_path .= '/';


      


      //* Check if the resulting path is inside the docroot


      if(stristr($new_folder_path,'..') || stristr($new_folder_path,'./') || stristr($new_folder_path,'\\')) {


@@ -1366,29 +1459,29 @@


         //* move .htpasswd file


         if(is_file($old_folder_path.'.htpasswd')) {


            rename($old_folder_path.'.htpasswd',$new_folder_path.'.htpasswd');


            $app->log('Moved file'.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);


            $app->log('Moved file '.$old_folder_path.'.htpasswd to '.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);


         }


         


         //* move .htpasswd file


         //* delete old .htaccess file


         if(is_file($old_folder_path.'.htaccess')) {


            rename($old_folder_path.'.htaccess',$new_folder_path.'.htaccess');


            $app->log('Moved file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);


            unlink($old_folder_path.'.htaccess');


            $app->log('Deleted file '.$old_folder_path.'.htaccess',LOGLEVEL_DEBUG);


         }


      


      }


      


      //* Create the .htaccess file


      if($data['new']['active'] == 'y' && !is_file($new_folder_path.'.htaccess')) {


         $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";


      if($data['new']['active'] == 'y') {


         $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$new_folder_path.".htpasswd\nrequire valid-user";


         file_put_contents($new_folder_path.'.htaccess',$ht_file);


         chmod($new_folder_path.'.htpasswd',0755);


         $app->log('Created file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);


         $app->log('Created file '.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);


      }


      


      //* Remove .htaccess file


      if($data['new']['active'] == 'n' && is_file($new_folder_path.'.htaccess')) {


         unlink($new_folder_path.'.htaccess');


         $app->log('Removed file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);


         $app->log('Removed file '.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);


      }


      


      


@@ -1669,6 +1762,9 @@


         file_put_contents($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf',$content);


         $app->log('Created AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf',LOGLEVEL_DEBUG);


      }


		


      if(is_file($data['new']['document_root']."/web/stats/index.html")) unlink($data['new']['document_root']."/web/stats/index.html");


      copy("/usr/local/ispconfig/server/conf/awstats_index.php.master",$data['new']['document_root']."/web/stats/index.php");


   }


   


   //* Delete the awstats configuration file