From 07c3bd9b777e55d0b8fc988d6583e44861a3ee43 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sun, 15 Mar 2009 08:04:13 -0400
Subject: [PATCH] Improved password protection of website statistics.

---
 server/plugins-available/apache2_plugin.inc.php |   20 ++++++++++++++++++++
 1 files changed, 20 insertions(+), 0 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 97bcee0..630f54c 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -670,6 +670,26 @@
 			$app->log("Removing File $vhost_file",LOGLEVEL_DEBUG);
 		}
 		
+		//* Create .htaccess and .htpasswd file for website statistics
+		if(!is_file($data["new"]["document_root"].'/web/stats/.htaccess')) {
+			if(!is_dir($data["new"]["document_root"].'/web/stats')) mkdir($data["new"]["document_root"].'/web/stats');
+			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data["new"]["document_root"]."/.htpasswd_stats\n<limit GET PUT POST>\nrequire valid-user\n</limit>";
+			file_put_contents($data["new"]["document_root"].'/web/stats/.htaccess',$ht_file);
+			chmod($data["new"]["document_root"].'/web/stats/.htaccess',0664);
+			unset($ht_file);
+		}
+		
+		if(!is_file($data["new"]["document_root"].'/.htpasswd_stats') || $data["new"]["stats_password"] != $data["old"]["stats_password"]) {
+			if(trim($data["new"]["stats_password"]) != '') {
+				$htp_file = 'admin:'.trim($data["new"]["stats_password"]);
+				file_put_contents($data["new"]["document_root"].'/.htpasswd_stats',$htp_file);
+				chmod($data["new"]["document_root"].'/.htpasswd_stats',0664);
+				unset($htp_file);
+			}
+		}
+		
+		
+		
 		// request a httpd reload when all records have been processed
 		$app->services->restartServiceDelayed('httpd','reload');
 		

--
Gitblit v1.9.1