From 08cc7f673c377bf88897743e340097e93f1e95f4 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 16 Jan 2013 09:30:05 -0500
Subject: [PATCH] - Changed regex for redirect path (Web sites, subdomains, vhost subdomains, alias domains) and web folder (vhost subdomains) so that ".." is not allowed (in order to prevent path traversals). - nginx: don't allow folders for proxy redirects (subdomains and alias domains); URL is required. - nginx: modified rewriting.

---
 server/plugins-available/cron_plugin.inc.php |   14 +++++++-------
 1 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php
index 23dbc28..4ccbcb2 100644
--- a/server/plugins-available/cron_plugin.inc.php
+++ b/server/plugins-available/cron_plugin.inc.php
@@ -142,7 +142,7 @@
         }
 		
 		// make temp directory writable for the apache and website users
-		chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777);
+		$app->system->chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777);
 		
         /** TODO READ CRON MASTER **/
         
@@ -217,10 +217,10 @@
                 }
                 
                 if($job['type'] == 'chrooted') {
-                    $chr_cron_content .= $command . "\t#{$job['domain']}\n";
+                    $chr_cron_content .= $command . " #{$job['domain']}\n";
                     $chr_cmd_count++;
                 } else {
-                    $cron_content .= $command . "\t#{$job['domain']}\n";
+                    $cron_content .= $command . " #{$job['domain']}\n";
                     $cmd_count++;
                 }
             }
@@ -234,19 +234,19 @@
         }
         
         if($cmd_count > 0) {
-            file_put_contents($cron_file, $cron_content);
+            $app->system->file_put_contents($cron_file, $cron_content);
             $app->log("Wrote Cron file $cron_file with content:\n$cron_content",LOGLEVEL_DEBUG);
         } else {
-            @unlink($cron_file);
+            $app->system->unlink($cron_file);
             $app->log("Deleted Cron file $cron_file",LOGLEVEL_DEBUG);
         }
         
         $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_chrooted_'.$this->parent_domain["system_user"]);
         if($chr_cmd_count > 0) {
-            file_put_contents($cron_file, $chr_cron_content);
+            $app->system->file_put_contents($cron_file, $chr_cron_content);
             $app->log("Wrote Cron file $cron_file with content:\n$chr_cron_content",LOGLEVEL_DEBUG);
         } else {
-            @unlink($cron_file);
+            $app->system->unlink($cron_file);
             $app->log("Deleted Cron file $cron_file",LOGLEVEL_DEBUG);
         }
         

--
Gitblit v1.9.1