From 24f38b424a3d12c7f4fac1829c83725b200b1e97 Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Wed, 26 May 2010 05:42:11 -0400
Subject: [PATCH] Enhancement of the Website-List. The user can only select the server as filter, he has some sites at (and not ALL Servers of the server-farm)

---
 server/plugins-available/apache2_plugin.inc.php |   36 ++++++++++++++++++++++--------------
 1 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 5b69403..4445db3 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -106,7 +106,7 @@
 			$ssl_cnf = "        RANDFILE               = $rand_file
 
         [ req ]
-        default_bits           = 1024
+        default_bits           = 2048
         default_keyfile        = keyfile.pem
         distinguished_name     = req_distinguished_name
         attributes             = req_attributes
@@ -137,7 +137,7 @@
 			$crt_file = escapeshellcmd($crt_file);
 
         	if(is_file($ssl_cnf_file)){
-          		exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 1024 && openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file && openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file && openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");
+          		exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 2048 && openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file && openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file && openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");
 				$app->log("Creating SSL Cert for: $domain",LOGLEVEL_DEBUG);
         	}
 
@@ -157,7 +157,7 @@
 		//* Save a SSL certificate to disk
 		if($data["new"]["ssl_action"] == 'save') {
 			$ssl_dir = $data["new"]["document_root"]."/ssl";
-			$domain = $data["new"]["domain"];
+			$domain = $data["new"]["ssl_domain"];
   			$csr_file = $ssl_dir.'/'.$domain.".csr";
   			$crt_file = $ssl_dir.'/'.$domain.".crt";
 			$bundle_file = $ssl_dir.'/'.$domain.".bundle";
@@ -174,7 +174,7 @@
 		//* Delete a SSL certificate
 		if($data["new"]["ssl_action"] == 'del') {
 			$ssl_dir = $data["new"]["document_root"]."/ssl";
-			$domain = $data["new"]["domain"];
+			$domain = $data["new"]["ssl_domain"];
   			$csr_file = $ssl_dir.'/'.$domain.".csr";
   			$crt_file = $ssl_dir.'/'.$domain.".crt";
 			$bundle_file = $ssl_dir.'/'.$domain.".bundle";
@@ -555,10 +555,12 @@
 		$vhost_data["web_basedir"] = $web_config["website_basedir"];
 		$vhost_data["security_level"] = $web_config["security_level"];
 		$vhost_data["allow_override"] = ($data["new"]["allow_override"] == '')?'All':$data["new"]["allow_override"];
+		$vhost_data["php_open_basedir"] = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];
+		$vhost_data["ssl_domain"] = $data["new"]["ssl_domain"];
 		
 		// Check if a SSL cert exists
 		$ssl_dir = $data["new"]["document_root"]."/ssl";
-		$domain = $data["new"]["domain"];
+		$domain = $data["new"]["ssl_domain"];
   		$key_file = $ssl_dir.'/'.$domain.".key";
   		$crt_file = $ssl_dir.'/'.$domain.".crt";
 		$bundle_file = $ssl_dir.'/'.$domain.".bundle";
@@ -706,12 +708,15 @@
 			$fcgi_tpl = new tpl();
 			$fcgi_tpl->newTemplate("php-fcgi-starter.master");
 				
-			$fcgi_tpl->setVar('php_ini_path',$fastcgi_config["fastcgi_phpini_path"]);
-			$fcgi_tpl->setVar('document_root',$data["new"]["document_root"]);
-			$fcgi_tpl->setVar('php_fcgi_children',$fastcgi_config["fastcgi_children"]);
-			$fcgi_tpl->setVar('php_fcgi_max_requests',$fastcgi_config["fastcgi_max_requests"]);
-			$fcgi_tpl->setVar('php_fcgi_bin',$fastcgi_config["fastcgi_bin"]);
-			$fcgi_tpl->setVar('security_level',$web_config["security_level"]);
+			$fcgi_tpl->setVar('php_ini_path',escapeshellcmd($fastcgi_config["fastcgi_phpini_path"]));
+			$fcgi_tpl->setVar('document_root',escapeshellcmd($data["new"]["document_root"]));
+			$fcgi_tpl->setVar('php_fcgi_children',escapeshellcmd($fastcgi_config["fastcgi_children"]));
+			$fcgi_tpl->setVar('php_fcgi_max_requests',escapeshellcmd($fastcgi_config["fastcgi_max_requests"]));
+			$fcgi_tpl->setVar('php_fcgi_bin',escapeshellcmd($fastcgi_config["fastcgi_bin"]));
+			$fcgi_tpl->setVar('security_level',intval($web_config["security_level"]));
+			
+			$php_open_basedir = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];
+			$fcgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir));
 				
 			$fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config["fastcgi_starter_script"]);
 			file_put_contents($fcgi_starter_script,$fcgi_tpl->grab());
@@ -759,7 +764,10 @@
 			$cgi_tpl->newTemplate("php-cgi-starter.master");
 
 			// This works, because php "rewrites" a symlink to the physical path
-			$cgi_tpl->setVar('open_basedir', $data["new"]["document_root"]); 
+			$php_open_basedir = ($data["new"]["php_open_basedir"] == '')?$data["new"]["document_root"]:$data["new"]["php_open_basedir"];
+			$cgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir)); 
+			$cgi_tpl->setVar('document_root', escapeshellcmd($data["new"]["document_root"]));
+			
 			// This will NOT work!
 			//$cgi_tpl->setVar('open_basedir', "/var/www/" . $data["new"]["domain"]);
 			$cgi_tpl->setVar('php_cgi_bin',$cgi_config["cgi_bin"]);
@@ -813,7 +821,7 @@
 			if(!is_dir($data["new"]["document_root"].'/web/stats')) mkdir($data["new"]["document_root"].'/web/stats');
 			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data["new"]["document_root"]."/.htpasswd_stats\nrequire valid-user";
 			file_put_contents($data["new"]["document_root"].'/web/stats/.htaccess',$ht_file);
-			chmod($data["new"]["document_root"].'/web/stats/.htaccess',0664);
+			chmod($data["new"]["document_root"].'/web/stats/.htaccess',0755);
 			unset($ht_file);
 		}
 		
@@ -821,7 +829,7 @@
 			if(trim($data["new"]["stats_password"]) != '') {
 				$htp_file = 'admin:'.trim($data["new"]["stats_password"]);
 				file_put_contents($data["new"]["document_root"].'/.htpasswd_stats',$htp_file);
-				chmod($data["new"]["document_root"].'/.htpasswd_stats',0664);
+				chmod($data["new"]["document_root"].'/.htpasswd_stats',0755);
 				unset($htp_file);
 			}
 		}

--
Gitblit v1.9.1