From 24f38b424a3d12c7f4fac1829c83725b200b1e97 Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Wed, 26 May 2010 05:42:11 -0400
Subject: [PATCH] Enhancement of the Website-List. The user can only select the server as filter, he has some sites at (and not ALL Servers of the server-farm)

---
 server/plugins-available/apache2_plugin.inc.php |   52 ++++++++++++++++++++++++++++++++++------------------
 1 files changed, 34 insertions(+), 18 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index a07e77e..4445db3 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -83,7 +83,7 @@
 		
 		if(!is_dir($data["new"]["document_root"]."/ssl")) exec("mkdir -p ".$data["new"]["document_root"]."/ssl");
 		$ssl_dir = $data["new"]["document_root"]."/ssl";
-		$domain = $data["new"]["domain"];
+		$domain = $data["new"]["ssl_domain"];
 		$key_file = $ssl_dir.'/'.$domain.".key.org";
   		$key_file2 = $ssl_dir.'/'.$domain.".key";
   		$csr_file = $ssl_dir.'/'.$domain.".csr";
@@ -106,7 +106,7 @@
 			$ssl_cnf = "        RANDFILE               = $rand_file
 
         [ req ]
-        default_bits           = 1024
+        default_bits           = 2048
         default_keyfile        = keyfile.pem
         distinguished_name     = req_distinguished_name
         attributes             = req_attributes
@@ -137,15 +137,15 @@
 			$crt_file = escapeshellcmd($crt_file);
 
         	if(is_file($ssl_cnf_file)){
-          		exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 1024 && openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file && openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file && openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");
+          		exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 2048 && openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file && openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file && openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");
 				$app->log("Creating SSL Cert for: $domain",LOGLEVEL_DEBUG);
         	}
 
     		exec("chmod 400 $key_file2");
     		@unlink($config_file);
     		@unlink($rand_file);
-    		$ssl_request = file_get_contents($csr_file);
-    		$ssl_cert = file_get_contents($crt_file);
+    		$ssl_request = $app->db->quote(file_get_contents($csr_file));
+    		$ssl_cert = $app->db->quote(file_get_contents($crt_file));
 			/* Update the DB of the (local) Server */
     		$app->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data["new"]["domain"]."'");
 			$app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data["new"]["domain"]."'");
@@ -157,7 +157,7 @@
 		//* Save a SSL certificate to disk
 		if($data["new"]["ssl_action"] == 'save') {
 			$ssl_dir = $data["new"]["document_root"]."/ssl";
-			$domain = $data["new"]["domain"];
+			$domain = $data["new"]["ssl_domain"];
   			$csr_file = $ssl_dir.'/'.$domain.".csr";
   			$crt_file = $ssl_dir.'/'.$domain.".crt";
 			$bundle_file = $ssl_dir.'/'.$domain.".bundle";
@@ -174,7 +174,7 @@
 		//* Delete a SSL certificate
 		if($data["new"]["ssl_action"] == 'del') {
 			$ssl_dir = $data["new"]["document_root"]."/ssl";
-			$domain = $data["new"]["domain"];
+			$domain = $data["new"]["ssl_domain"];
   			$csr_file = $ssl_dir.'/'.$domain.".csr";
   			$crt_file = $ssl_dir.'/'.$domain.".crt";
 			$bundle_file = $ssl_dir.'/'.$domain.".bundle";
@@ -554,10 +554,13 @@
 		$vhost_data["web_document_root_www"] = $web_config["website_basedir"]."/".$data["new"]["domain"]."/web";
 		$vhost_data["web_basedir"] = $web_config["website_basedir"];
 		$vhost_data["security_level"] = $web_config["security_level"];
+		$vhost_data["allow_override"] = ($data["new"]["allow_override"] == '')?'All':$data["new"]["allow_override"];
+		$vhost_data["php_open_basedir"] = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];
+		$vhost_data["ssl_domain"] = $data["new"]["ssl_domain"];
 		
 		// Check if a SSL cert exists
 		$ssl_dir = $data["new"]["document_root"]."/ssl";
-		$domain = $data["new"]["domain"];
+		$domain = $data["new"]["ssl_domain"];
   		$key_file = $ssl_dir.'/'.$domain.".key";
   		$crt_file = $ssl_dir.'/'.$domain.".crt";
 		$bundle_file = $ssl_dir.'/'.$domain.".bundle";
@@ -579,6 +582,10 @@
 		$rewrite_rules = array();
 		if($data["new"]["redirect_type"] != '') {
 			if(substr($data["new"]["redirect_path"],-1) != '/') $data["new"]["redirect_path"] .= '/';
+			if($data["new"]["redirect_type"] == 'no' && substr($data["new"]["redirect_path"],0,4) != 'http') {
+				$data["new"]["redirect_path"] = $data["new"]["document_root"]."/web".realpath($data["new"]["redirect_path"]).'/';
+			}
+			
 			$rewrite_rules[] = array(	'rewrite_domain' 	=> $data["new"]["domain"],
 										'rewrite_type' 		=> ($data["new"]["redirect_type"] == 'no')?'':'['.$data["new"]["redirect_type"].']',
 										'rewrite_target' 	=> $data["new"]["redirect_path"]);
@@ -626,6 +633,9 @@
 				// Rewriting
 				if($alias["redirect_type"] != '') {
 					if(substr($data["new"]["redirect_path"],-1) != '/') $data["new"]["redirect_path"] .= '/';
+					if($data["new"]["redirect_type"] == 'no' && substr($data["new"]["redirect_path"],0,4) != 'http') {
+						$data["new"]["redirect_path"] = $data["new"]["document_root"]."/web".realpath($data["new"]["redirect_path"]).'/';
+					}
 					$rewrite_rules[] = array(	'rewrite_domain' 	=> $alias["domain"],
 												'rewrite_type' 		=> ($alias["redirect_type"] == 'no')?'':'['.$alias["redirect_type"].']',
 												'rewrite_target' 	=> $alias["redirect_path"]);
@@ -698,12 +708,15 @@
 			$fcgi_tpl = new tpl();
 			$fcgi_tpl->newTemplate("php-fcgi-starter.master");
 				
-			$fcgi_tpl->setVar('php_ini_path',$fastcgi_config["fastcgi_phpini_path"]);
-			$fcgi_tpl->setVar('document_root',$data["new"]["document_root"]);
-			$fcgi_tpl->setVar('php_fcgi_children',$fastcgi_config["fastcgi_children"]);
-			$fcgi_tpl->setVar('php_fcgi_max_requests',$fastcgi_config["fastcgi_max_requests"]);
-			$fcgi_tpl->setVar('php_fcgi_bin',$fastcgi_config["fastcgi_bin"]);
-			$fcgi_tpl->setVar('security_level',$web_config["security_level"]);
+			$fcgi_tpl->setVar('php_ini_path',escapeshellcmd($fastcgi_config["fastcgi_phpini_path"]));
+			$fcgi_tpl->setVar('document_root',escapeshellcmd($data["new"]["document_root"]));
+			$fcgi_tpl->setVar('php_fcgi_children',escapeshellcmd($fastcgi_config["fastcgi_children"]));
+			$fcgi_tpl->setVar('php_fcgi_max_requests',escapeshellcmd($fastcgi_config["fastcgi_max_requests"]));
+			$fcgi_tpl->setVar('php_fcgi_bin',escapeshellcmd($fastcgi_config["fastcgi_bin"]));
+			$fcgi_tpl->setVar('security_level',intval($web_config["security_level"]));
+			
+			$php_open_basedir = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];
+			$fcgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir));
 				
 			$fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config["fastcgi_starter_script"]);
 			file_put_contents($fcgi_starter_script,$fcgi_tpl->grab());
@@ -751,7 +764,10 @@
 			$cgi_tpl->newTemplate("php-cgi-starter.master");
 
 			// This works, because php "rewrites" a symlink to the physical path
-			$cgi_tpl->setVar('open_basedir', $data["new"]["document_root"]); 
+			$php_open_basedir = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];
+			$cgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir)); 
+			$cgi_tpl->setVar('document_root', escapeshellcmd($data["new"]["document_root"]));
+			
 			// This will NOT work!
 			//$cgi_tpl->setVar('open_basedir', "/var/www/" . $data["new"]["domain"]);
 			$cgi_tpl->setVar('php_cgi_bin',$cgi_config["cgi_bin"]);
@@ -803,9 +819,9 @@
 		//* Create .htaccess and .htpasswd file for website statistics
 		if(!is_file($data["new"]["document_root"].'/web/stats/.htaccess') or $data["old"]["document_root"] != $data["new"]["document_root"]) {
 			if(!is_dir($data["new"]["document_root"].'/web/stats')) mkdir($data["new"]["document_root"].'/web/stats');
-			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data["new"]["document_root"]."/.htpasswd_stats\n<limit GET PUT POST>\nrequire valid-user\n</limit>";
+			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data["new"]["document_root"]."/.htpasswd_stats\nrequire valid-user";
 			file_put_contents($data["new"]["document_root"].'/web/stats/.htaccess',$ht_file);
-			chmod($data["new"]["document_root"].'/web/stats/.htaccess',0664);
+			chmod($data["new"]["document_root"].'/web/stats/.htaccess',0755);
 			unset($ht_file);
 		}
 		
@@ -813,7 +829,7 @@
 			if(trim($data["new"]["stats_password"]) != '') {
 				$htp_file = 'admin:'.trim($data["new"]["stats_password"]);
 				file_put_contents($data["new"]["document_root"].'/.htpasswd_stats',$htp_file);
-				chmod($data["new"]["document_root"].'/.htpasswd_stats',0664);
+				chmod($data["new"]["document_root"].'/.htpasswd_stats',0755);
 				unset($htp_file);
 			}
 		}

--
Gitblit v1.9.1