From 07c3bd9b777e55d0b8fc988d6583e44861a3ee43 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sun, 15 Mar 2009 08:04:13 -0400
Subject: [PATCH] Improved password protection of website statistics.

---
 server/plugins-available/apache2_plugin.inc.php |   86 ++++++++++++++++++++++++++++++++++++++----
 1 files changed, 77 insertions(+), 9 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 7e1c3a4..630f54c 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -233,6 +233,53 @@
 			return 0;
 		}
 		
+		//* If the client of the site has been changed, we have a change of the document root
+		if($this->action == 'update' && $data["new"]["document_root"] != $data["old"]["document_root"]) {
+			
+			//* Get the old client ID
+			$old_client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"]));
+			$old_client_id = intval($old_client["client_id"]);
+			unset($old_client);
+			
+			//* Remove the old symlinks
+			$tmp_symlinks_array = explode(':',$web_config["website_symlinks"]);
+			if(is_array($tmp_symlinks_array)) {
+				foreach($tmp_symlinks_array as $tmp_symlink) {
+					$tmp_symlink = str_replace("[client_id]",$old_client_id,$tmp_symlink);
+					$tmp_symlink = str_replace("[website_domain]",$data["old"]["domain"],$tmp_symlink);
+					// Remove trailing slash
+					if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
+					// create the symlinks, if not exist
+					if(!is_link($tmp_symlink)) {
+						exec("rm -f ".escapeshellcmd($tmp_symlink));
+						$app->log("Removed Symlink: rm -f ".$tmp_symlink,LOGLEVEL_DEBUG);
+					}
+				}
+			}
+			
+			//* Move the site data
+			$tmp_docroot = explode('/',$data["new"]["document_root"]);
+			unset($tmp_docroot[count($tmp_docroot)-1]);
+			$new_dir = implode('/',$tmp_docroot);
+			
+			$tmp_docroot = explode('/',$data["old"]["document_root"]);
+			unset($tmp_docroot[count($tmp_docroot)-1]);
+			$old_dir = implode('/',$tmp_docroot);
+			
+			exec('rm -rf '.$data["new"]["document_root"]);
+			if(!is_dir($new_dir)) exec('mkdir -p '.$new_dir);
+			exec('mv '.$data["old"]["document_root"].' '.$new_dir);
+			$app->log("Moving site to new document root: ".'mv '.$data["old"]["document_root"].' '.$new_dir,LOGLEVEL_DEBUG);
+			
+			//* Change the home directory and group of the website user
+			$command = 'usermod';
+			$command .= ' --home '.escapeshellcmd($data["new"]["document_root"]);
+			$command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
+			$command .= ' '.escapeshellcmd($data["new"]["system_user"]);
+			exec($command);
+			
+		}
+		
 		//print_r($data);
 		
 		// Check if the directories are there and create them if nescessary.
@@ -285,8 +332,8 @@
 					$tmp_symlink = str_replace("[website_domain]",$data["old"]["domain"],$tmp_symlink);
 					// Remove trailing slash
 					if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
-					// create the symlinks, if not exist
-					if(!is_link($tmp_symlink)) {
+					// remove the symlinks, if not exist
+					if(is_link($tmp_symlink)) {
 						exec("rm -f ".escapeshellcmd($tmp_symlink));
 						$app->log("Removed Symlink: rm -f ".$tmp_symlink,LOGLEVEL_DEBUG);
 					}
@@ -399,7 +446,8 @@
 		
 		$vhost_data = $data["new"];
 		$vhost_data["web_document_root"] = $data["new"]["document_root"]."/web";
-		$vhost_data["web_document_root_www"] = "/var/www/".$data["new"]["domain"]."/web";
+		$vhost_data["web_document_root_www"] = $web_config["website_basedir"]."/".$data["new"]["domain"]."/web";
+		$vhost_data["web_basedir"] = $web_config["website_basedir"];
 		
 		// Check if a SSL cert exists
 		$ssl_dir = $data["new"]["document_root"]."/ssl";
@@ -425,13 +473,13 @@
 		$rewrite_rules = array();
 		if($data["new"]["redirect_type"] != '') {
 			$rewrite_rules[] = array(	'rewrite_domain' 	=> $data["new"]["domain"],
-										'rewrite_type' 		=> $data["new"]["redirect_type"],
+										'rewrite_type' 		=> ($data["new"]["redirect_type"] == 'no')?'':'['.$data["new"]["redirect_type"].']',
 										'rewrite_target' 	=> $data["new"]["redirect_path"]);
             
             switch($data["new"]["subdomain"]) {
             case 'www':
     			$rewrite_rules[] = array(	'rewrite_domain' 	=> 'www.'.$data["new"]["domain"],
-    										'rewrite_type' 		=> $data["new"]["redirect_type"],
+    										'rewrite_type' 		=> ($data["new"]["redirect_type"] == 'no')?'':'['.$data["new"]["redirect_type"].']',
     										'rewrite_target' 	=> $data["new"]["redirect_path"]);
                 break;
             case '*':
@@ -470,12 +518,12 @@
 				// Rewriting
 				if($alias["redirect_type"] != '') {
 					$rewrite_rules[] = array(	'rewrite_domain' 	=> $alias["domain"],
-												'rewrite_type' 		=> $alias["redirect_type"],
+												'rewrite_type' 		=> ($alias["redirect_type"] == 'no')?'':'['.$alias["redirect_type"].']',
 												'rewrite_target' 	=> $alias["redirect_path"]);
                     switch($alias["subdomain"]) {
                     case 'www':
             			$rewrite_rules[] = array(	'rewrite_domain' 	=> 'www.'.$alias["domain"],
-            										'rewrite_type' 		=> $alias["redirect_type"],
+            										'rewrite_type' 		=> ($alias["redirect_type"] == 'no')?'':'['.$alias["redirect_type"].']',
             										'rewrite_target' 	=> $alias["redirect_path"]);
                         break;
                     case '*':
@@ -555,7 +603,7 @@
 		{
 			//$cgi_config = $app->getconf->get_server_config($conf["server_id"], 'cgi');
 
-			$cgi_config["cgi_starter_path"] = "/var/www/php-cgi-scripts/[system_user]/";
+			$cgi_config["cgi_starter_path"] = $web_config["website_basedir"]."/php-cgi-scripts/[system_user]/";
 			$cgi_config["cgi_starter_script"] = "php-cgi-starter";
 			$cgi_config["cgi_bin"] = "/usr/bin/php-cgi";
 
@@ -622,6 +670,26 @@
 			$app->log("Removing File $vhost_file",LOGLEVEL_DEBUG);
 		}
 		
+		//* Create .htaccess and .htpasswd file for website statistics
+		if(!is_file($data["new"]["document_root"].'/web/stats/.htaccess')) {
+			if(!is_dir($data["new"]["document_root"].'/web/stats')) mkdir($data["new"]["document_root"].'/web/stats');
+			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data["new"]["document_root"]."/.htpasswd_stats\n<limit GET PUT POST>\nrequire valid-user\n</limit>";
+			file_put_contents($data["new"]["document_root"].'/web/stats/.htaccess',$ht_file);
+			chmod($data["new"]["document_root"].'/web/stats/.htaccess',0664);
+			unset($ht_file);
+		}
+		
+		if(!is_file($data["new"]["document_root"].'/.htpasswd_stats') || $data["new"]["stats_password"] != $data["old"]["stats_password"]) {
+			if(trim($data["new"]["stats_password"]) != '') {
+				$htp_file = 'admin:'.trim($data["new"]["stats_password"]);
+				file_put_contents($data["new"]["document_root"].'/.htpasswd_stats',$htp_file);
+				chmod($data["new"]["document_root"].'/.htpasswd_stats',0664);
+				unset($htp_file);
+			}
+		}
+		
+		
+		
 		// request a httpd reload when all records have been processed
 		$app->services->restartServiceDelayed('httpd','reload');
 		
@@ -674,7 +742,7 @@
 			if ($data["old"]["php"] == "cgi")
 			{
 				// TODO: fetch the date from the server-settings
-				$web_config["cgi_starter_path"] = "/var/www/php-cgi-scripts/[system_user]/";
+				$web_config["cgi_starter_path"] = $web_config["website_basedir"]."/php-cgi-scripts/[system_user]/";
 
 				$cgi_starter_path = str_replace("[system_user]",$data["old"]["system_user"],$web_config["cgi_starter_path"]);
 				if (is_dir($cgi_starter_path))

--
Gitblit v1.9.1